Unable to use PowerShell Enter-PSSession to connect to remote server

2
votes

I am having problems connecting to a remote server using PowerShell where the remote machine uses a non-default port number. The setup is as follows: I have a virtual host server with several virtual machines. All of these virtual machines have the same IP address but are accessed with a different port, for example:

a.b.c.d:3000
a.b.c.d:3001
etc

So, the PowerShell script I have so far is:

$password = ConvertTo-SecureString "<MyPassword>" -AsPlainText -Force
$cred= New-Object System.Management.Automation.PSCredential ("<Domain\UserName>", $password)
Enter-PSSession -ComputerName <IPAddress> -Port <PortNumber> -Credential $cred

The bits inside the "<>" are specific to the individual machines. When running this script I get the following error:

Enter-PSSession : Connecting to remote server failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS- Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command o n the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting H elp topic. At C:\PowerShell\Test7.ps1:25 char:16 + Enter-PSSession <<<< -ComputerName -Port -Credential $cred + CategoryInfo : InvalidArgument: (:String) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

Another variant I tried is as follows:

$password = ConvertTo-SecureString "<MyPassword>" -AsPlainText -Force
$cred= New-Object System.Management.Automation.PSCredential ("<Domain\UserName>", $password)
$powershell_uri = "http://<IPAddress>:<PortNumber>"
Enter-PSSession -ConnectionUri $powershell_uri -Credential $cred

but this gave the following error:

Enter-PSSession : Connecting to remote server failed with the following error message : The client cannot connect to the destination specified in the request. Verify that the service on the destination is running and is accepting requests. Consult the logs and documentation for the WS- Management service running on the destination, most commonly IIS or WinRM. If the destination is the WinRM service, run the following command o n the destination to analyze and configure the WinRM service: "winrm quickconfig". For more information, see the about_Remote_Troubleshooting H elp topic. At C:\PowerShell\Test7.ps1:21 char:16 + Enter-PSSession <<<< -ConnectionUri $powershell_uri -Credential $cred # -ComputerName -Port -Credential $cred + CategoryInfo : InvalidArgument: (http://:/:Uri) [Enter-PSSession], PSRemotingTransportException + FullyQualifiedErrorId : CreateRemoteRunspaceFailed

I have set the TrustedHosts on my local machine (winrm set winrm/config/client @{TrustedHosts=""}) and on the remote machine I have run the "winrm quickconfig" command. On the remote machine I have also run the "winrm create winrm/config/listener?Address=*+Transport=HTTP @{Port=""}" command.

Any assistance on how I can establish a connection within PowerShell to these machines would be greatly appreciated.

1
powershellremote-management
it's not default port, you may need to add firewall exception manuallyJackie
I've added firewall exceptions for the specific port (and also tried with the firewall off). I still get the errors above.TimCross
make sure the winrm service is running: get-service winrm on server side, and use test-winrm in client side to try againJackie
I've just found out my understanding of the setup is slightly different. All the machines have different IP addresses but all have the same port number. They all have port forwarding to the default port 5985. If I try to connect as above but using port 5985, I get a firewall error (I guess I hadn't managed to turn it off properly for my earlier attempt). Anyway, I have a support ticket with the IT guys to open the firewall port(s). I'll update here once that's been done and I've had a chance to retry. Thanks so far Jackie.TimCross
Thanks for your help. Yes it appears that the firewall had indeed been locked down more tightly that I initially thought. I can now connect to the remote servers.TimCross

1 Answers

4
votes

On the remote computer:

  1. In: Control Panel\Network and Internet\Network and Sharing Center
    Make sure the remote computer is not in the public location, but set it to work or private

  2. Start PowerShell in administrator mode and enter the command:
    Enable-PSRemoting
    exit

  3. Goto Control Panel -> System and Security ->Windows Firewall and click advanced Settings
    Add the ip-range of your managing computer to windows remote management(http-In) both in the private and in the domain inbound rules.

On the managing computer:

  1. Start PowerShell in administrator mode and enter the command:

    Set-Item WSMan:\localhost\Client\TrustedHosts -Concatenate remotecomputer.domain.suffix -Force

    using your complete remote computer's network path. This adds the remote computer network name to your trusted hosts.

That should do the trick.