none
Access WMI to nated machine

    Question

  • Hi,
        I try test access WMI to a nated machine with the utility wbemtest and give me this error: error number "0x80070776", The object exporter specified was not found.
        I make the same test, with out the nat, and work fine. Anyone knows why this I cant access the WMI via a nated IP ?

    Thanks
    Tuesday, October 04, 2005 6:23 PM

Answers

  • The behavior you're seeing is inherently caused by the way DCOM is architected.    (And WMI is built on top of DCOM, so...).    When the client machine connects to the server machine via NAT in order to create the WMI DCOM object, the DCOM return packet contains a list of network addresses for the server machine.    The client machine will then try to ping the server machine via all of those addresses (IP addresses, DNS name, etc), and will use the first address that successfully responds.

    In short, DCOM does not work through a NAT unless at least one of the NAT'd server machine's network addresses is visible from the client machine.    The best way to get this to work, is to somehow see that the DNS name of the server is resolvable from the client machine via the NAT machine.

    Inability to translate network addresses within opaque network payloads is a well-known limitation of NAT and it shows up in other application protocols besides DCOM.

    hth,
    Jay Simmons

    Wednesday, November 02, 2005 2:49 PM

All replies

  • Is this problem only related to WMI?
    Have you tried to access a share?
    Run the MMC services snap-in and connect to the natted remote machine?
    Monday, October 24, 2005 5:18 PM
  • The behavior you're seeing is inherently caused by the way DCOM is architected.    (And WMI is built on top of DCOM, so...).    When the client machine connects to the server machine via NAT in order to create the WMI DCOM object, the DCOM return packet contains a list of network addresses for the server machine.    The client machine will then try to ping the server machine via all of those addresses (IP addresses, DNS name, etc), and will use the first address that successfully responds.

    In short, DCOM does not work through a NAT unless at least one of the NAT'd server machine's network addresses is visible from the client machine.    The best way to get this to work, is to somehow see that the DNS name of the server is resolvable from the client machine via the NAT machine.

    Inability to translate network addresses within opaque network payloads is a well-known limitation of NAT and it shows up in other application protocols besides DCOM.

    hth,
    Jay Simmons

    Wednesday, November 02, 2005 2:49 PM
  • If you want to access a remote server using DCOM you can add the server's name and public ip address to your local host file and then connect using just the host name. 

    For example if the remote server is named db1 and has a public ip address of 123.123.123.123 then you need to add the following to your local hosts file located at C:\WINDOWS\system32\drivers\etc 
    123.123.123.123     233013-db2

    Then when you go to connect simply use the remote computer name such as:

    \\db1\root\cimv2

    This should allow you to connect to a remote server using DCOM even if it is behind NAT, so long as the DCOM 135 port on the remote server public IP is accessable and forwarded to the private IP address.

    Thursday, June 25, 2009 10:02 PM
  • Greg,

    Is it really possible to access DCOM via NAT?  Your example is confusing, it referrences "233013-db2" in your example but no explaination as to what that is and it dosen't match the rest of your example.   Can you provide a straight forward example please?

    Tuesday, March 01, 2011 9:02 PM
  • Hi Bbatchman77,

    What Greg Explain is right.

    We have to do a entry of the server in the host file of our system, so that it can access the information of the requested server.

    You have to do the simple steps:

    1: Open the host file in the path : C:\WINDOWS\system32\drivers\etc

    2: Add your server's ip address and its name (eg. a.b.c.d  xxxx)

    3: Save the file

    4: Run the code again.

    Greg,

    Your opinion works actually, I too have faced the same error but i forgot about that host file. Thanks for the post. it works !! :)

    Tuesday, July 23, 2013 11:43 AM