We updated our MECM environment to 2111 last year. There seems to be some kind of change to the client that I'm unable to locate. This issue has started to pop up now, because it takes time for the maximum number of ephemeral ports to be reached. After a period of time, our managed clients are running into the maximum number of ephemeral ports which is preventing the clients from communicating with MECM, AD, etc. The machines require a restart to purge the open sessions (or what is described in the next paragraph).
The processes that are keeping the ports open are WMIPrvSE.exe and svchost.exe. Restarting the IPSec Policy Agent service clears the ports; however, the clients still cannot connect establish new connections. You must also restart the Windows Management Instrumentation service. The MECM Client is doing some type of WMI queries and keeping the sessions open. The IPSec Policy Agent service did not start automatically on our client machines until we upgraded to v.2111.
Running netstat shows multiple connections on the system to itself (see image).
To verify if it's MECM causing the issue, a test machine experiencing the symptoms had the client removed. It's been up for a few days and total number of ephemeral ports open has not increased.
Any thoughts on what could be causing this would be greatly appreciated!
The processes that are keeping the ports open are WMIPrvSE.exe and svchost.exe. Restarting the IPSec Policy Agent service clears the ports; however, the clients still cannot connect establish new connections. You must also restart the Windows Management Instrumentation service. The MECM Client is doing some type of WMI queries and keeping the sessions open. The IPSec Policy Agent service did not start automatically on our client machines until we upgraded to v.2111.
Running netstat shows multiple connections on the system to itself (see image).
To verify if it's MECM causing the issue, a test machine experiencing the symptoms had the client removed. It's been up for a few days and total number of ephemeral ports open has not increased.
Any thoughts on what could be causing this would be greatly appreciated!
Attachments
Last edited:
