Is My Firewall Software Getting In The Way?

Personal Firewalls can potentially block most or all of the remote communication to and from a computer. As a result, the Spiceworks Desktop may not be able to contact various devices (or any device), for that matter. There are two levels that might be causing problems. The first, is that the firewall installed locally on the machine where Spiceworks is installed is locked down and not allowing remote communication. The second, is that a remote computer you are trying to scan/discover from the Spiceworks Desktop is locked down; resulting in either it being missing or lacking data within the Spiceworks Desktop. There are a couple of basic things that need to be enabled for Spiceworks to work properly.
 

Ability to ping a Computer/Device Ability to access WMI on a Computer

Ping
There are a number of types of ping commands that can be permitted or blocked by various Firewalls. Generally, you will want to permit (commands 0, 3 8 and 11). Some Firewalls don't distinguish between these, so you will need to just check the settings on your specific firewall. Many firewalls will already be configured for (0,3,8), so you will need to make sure the (command 11 (echo)) is allowed through the firewall.

WMI Access
WMI is the Microsoft Windows Management Instrumentation subsystem. For more information on WMI, see Microsoft WMI. WMI comes installed with XP, SP2 but requires that (EPMAP) port 135 be open. This port is used by the Windows Endpoint Mapper and is required for WMI to work properly. Many firewalls have this port blocked by default. You will want to verify that this port is allowed through your firewall. If you believe the firewall is allowing WMI access, but are not sure if WMI is configured properly on the machine in question, try the following (from Microsoft): Microsoft WMI Diagnostic & Repair Utility.

Additional Port Information
We have found the following ports will need to be open in order for Spiceworks to gather useful information from your remote systems.
   

ICMPv4 Inbound/Outbound - for Spiceworks Discovery TCP Ports 135 and 445 Inbound - for WMI UDP Port 137 Inbound - for Registry Information TCP 1024 - 2000 Inbound - Dynamic Ports for WMI

Firewall Settings The following Spiceworks executable files need to be added to the list of programs that are allowed through the firewall.x. this should prevent the AntiVirus software from slowing down or stopping Spiceworks from running. .  Spiceworks Computer AntiVirus Settings The following exceptions need to be setup in the AntiVirus program so that Spiceworks can run unrestricted. The following executable files may also need to be excluded.x. or both. or Spiceworks inventory lacking sufficient data.The x.exe C:\Program Files\Spiceworks\pkg\gems\spiceworks_common-x.xxxxx\nbtscan\nbtscan.exe Note: .xxxxx above is the Spiceworks version number which can be found at the bottom of any Spiceworks page.AntiVirus And Firewall Settings In A Domain AntiVirus and Personal Firewalls can block most or all of the communication to and from a computer.exe C:\Program Files\Spiceworks\bin\spiceworks-finder.exe C:\Program Files\Spiceworks\bin\spiceworks. We will address the two AntiVirus and Personal Firewall scenarios that could cause problems. As a result. The following ports and protocols will need to be opened so that Spiceworks can communicate with your remote computers. The second scenario: the remote computers you are trying to scan or discover from Spiceworks have the firewall locked down. or the firewall is locked down and preventing communication with the remote computers.  Add the C:\Program Files\Spiceworks directory and all subdirectories to the AntiVirus' exclusions list for real time scanning. resulting in either missing computers.      C:\Program Files\Spiceworks\httpd\bin\spiceworks-httpd.exe C:\Program Files\Spiceworks\bin\spicetray. Spiceworks may not be able to communicate with your devices.  The first scenario: the AntiVirus software on the Spiceworks computer is preventing Spiceworks from running correctly.

so you will need to check the settings on your specific firewall.8).This is needed so that Spiceworks can discover the devices on your network. UDP Port 137 Inbound . . Some firewalls don't distinguish between these.This allows Spiceworks to communicate with your networking hardware to backup/restore configurations via TFTP. you will want to permit (commands 0.     ICMPv4 Inbound and Outbound .Dynamic Ports for Windows Management Instrumentation (WMI). so you will need to make sure the (command 11 (echo)) is allowed through the firewall. There are a number of types of ping commands that can be permitted or blocked by various firewalls. so you will need to check the settings on your specific firewall. 3 8 and 11). Generally. it is more commenly known as the PING command. you will want to permit (commands 0. Remote Computers Firewall Settings The following ports and protocols will need to be opened before Spiceworks can collect information from your remote computers. TCP 1024 . TCP Ports 135 and 445 Inbound .This is needed so that Spiceworks can discover the devices on your network.8). UDP Port 137 Inbound . TCP Ports 135 and 445 Inbound . it is more commonly known as the PING command.This is needed so that Spiceworks can gather information in the Windows Registry.     ICMPv4 Inbound and Outbound .Dynamic Ports for Windows Management Instrumentation (WMI).3. Generally. There are a number of types of ping commands that can be permitted or blocked by various firewalls. UDP Port 69 Inbound . Some firewalls don't distinguish between these. so you will need to make sure the (command 11 (echo)) is allowed through the firewall.This is needed for Windows Management Instrumentation (WMI) which Spiceworks uses to get detailed information about Windows computers.2000 Inbound . Many firewalls will already be configured for (0.This is needed so that Spiceworks can gather information in the Windows Registry. TCP 1024 . Many firewalls will already be configured for (0. 3 8 and 11).This is needed for Windows Management Instrumentation (WMI) which Spiceworks uses to get detailed information about Windows computers.3.2000 Inbound .