While installing TFS 2013 in a Windows Server 2012, I was having issues getting the TFS Application Tier to connect to WMI on the Reporting Server. Being that I’ve installed Team Foundation Server 2010 and 2012 countless times, I was sure that all of my settings were correct. Therefore, I predicted that this must be a firewall issue…and I was correct.

To confirm, I first, disabled all firewalls on the reporting server and the app tier was able to connect without any problems.  Next, I re-enabled the firewall and I followed the instructions from MSDN, but this did not correct the connection restriction. So, I created a firewall rule opening all ports between 2000 and 65535 (the highest port number). This allowed the app tier to connect.  I modified the rule to reduced the scope to 3000 and 6000, respectively.  Again, no issues.  I continued this process until I was finally able to determine the firewall rule that I needed to enable.

There’s a rule “Virtual Machine Monitoring (RPC)” that needed to be enabled.  I wasn’t able to find any reference on the Internet for what this rule allows exactly.  However, due to the name and protocol (and similar references in other OS’es), I suspect it allows a host to manage the guest partition using remote procedure calls.  According to TechNet, WMI does depend on this service to function properly.


After enabling this rule, the Team Foundation Server 2012 app tier was able to connect to the reporting server correctly.