janand
January 25, 2022, 3:28pm
1
Problem description
I have 1 Windows 11 PC and 3 Windows 10 PCs connected to a local router.
Powershell remote PC
PS C:\> $Env:COMPUTERNAME
PRO4
PS C:\> $Env:USERDOMAIN
PRO4
PS C:\> $Env:USERName
Janan
Get-NetConnectionProfile
Name : WiFimodem-D011
InterfaceAlias : Ethernet
InterfaceIndex : 18
NetworkCategory : Private
IPv4Connectivity : Internet
IPv6Connectivity : NoTraffic
PS C:\> Get-NetIPAddress -InterfaceAlias "Wi-Fi"
IPAddress : fe80::c9a3:8bfb:a8eb:a059%18
InterfaceIndex : 18
InterfaceAlias : Wi-Fi
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : WellKnown
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : 192.168.0.141
InterfaceIndex : 18
InterfaceAlias : Wi-Fi
AddressFamily : IPv4
Type : Unicast
PrefixLength : 24
PrefixOrigin : Dhcp
SuffixOrigin : Dhcp
AddressState : Preferred
ValidLifetime : 23:42:19
PreferredLifetime : 23:42:19
SkipAsSource : False
PolicyStore : ActiveStore
PS C:\> Test-WSMan
wsmid : http://schemas.dmtf.org/wbem/wsman
/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman
/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0
PS C:\> Get-Item WSMan:\localhost\Client\TrustedHosts
WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client
Type Name SourceOfValue Value
System.String TrustedHosts *
PS C:\> Restart-Service WinRM
WARNING: Waiting for service 'Windows Remote Management (WS-Management) (WinRM)' to stop...
PS C:\> Test-WsMan
wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0
PS C:\> test-NetConnection PRO4 -Port 5985
ComputerName : PRO4
RemoteAddress : fe80::c9a3:8bfb:a8eb:a059%18
RemotePort : 5985
InterfaceAlias : Wi-Fi
SourceAddress : fe80::c9a3:8bfb:a8eb:a059%18
TcpTestSucceeded : True
PS C:\> test-NetConnection 127.0.0.1 -Port 5985
ComputerName : 127.0.0.1
RemoteAddress : 127.0.0.1
RemotePort : 5985
InterfaceAlias : Loopback Pseudo-Interface 1
SourceAddress : 127.0.0.1
TcpTestSucceeded : True
PS C:\> Remove-WSManInstance winrm/config/Listener -SelectorSet @{Address="*";Transport="http"}
PS C:\> New-WSManInstance winrm/config/Listener -SelectorSet @{Address="*";Transport="http"}
PS C:\> New-WSManInstance winrm/config/Listener -SelectorSet @{Address="IP:192.168.0.135";Transport="http"}
PS C:\> winrm enumerate winrm/config/listener
Listener
Address = *
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 127.0.0.1, 169.254.21.36, 169.254.94.36, 169.254.222.68, 192.168.0.141, ::1, fe80::3dfd:371c:50a:de44%7, fe80::754b:3476:8015:1524%10, fe80::b1b5:5e78:9035:5e24%16, fe80::c9a3:8bfb:a8eb:a059%18
Listener
Address = IP:192.168.0.135
Transport = HTTP
Port = 5985
Hostname
Enabled = true
URLPrefix = wsman
CertificateThumbprint
ListeningOn = 192.168.0.135
type or paste code here
what’s the error you’re getting?
Can you ping them?
Have you tried using the Ip vs the computer name?
Is the account you are using a local admin?
Can you remote inot the 3 that are on the wifi from a computer that’s on the wifi?
Need more details
janand
January 25, 2022, 6:27pm
3
Read part 2. Ping is working. TCP connect fails.
tonyd
January 26, 2022, 12:32am
4
I too am having trouble figuring out the issue from what you posted. I dont see any “fails” … am I missing something?
janand
January 25, 2022, 3:30pm
5
PowerShell Host:
PS C:\> $Env:COMPUTERNAME
PREDATOR
PS C:\> $Env:USERDOMAIN
PREDATOR
PS C:\> $Env:USERNAME
janan
PS C:\> Get-NetConnectionProfile
Name : WiFimodem-D011
InterfaceAlias : Ethernet
InterfaceIndex : 17
NetworkCategory : Private
IPv4Connectivity : Internet
IPv6Connectivity : NoTraffic
PS C:\> Get-NetIPAddress -InterfaceAlias "Ethernet"
IPAddress : fe80::39bc:f0ee:2316:9992%17
InterfaceIndex : 17
InterfaceAlias : Ethernet
AddressFamily : IPv6
Type : Unicast
PrefixLength : 64
PrefixOrigin : WellKnown
SuffixOrigin : Link
AddressState : Preferred
ValidLifetime : Infinite ([TimeSpan]::MaxValue)
PreferredLifetime : Infinite ([TimeSpan]::MaxValue)
SkipAsSource : False
PolicyStore : ActiveStore
IPAddress : 192.168.0.135
InterfaceIndex : 17
InterfaceAlias : Ethernet
AddressFamily : IPv4
Type : Unicast
PrefixLength : 24
PrefixOrigin : Dhcp
SuffixOrigin : Dhcp
AddressState : Preferred
ValidLifetime : 15:33:43
PreferredLifetime : 15:33:43
SkipAsSource : False
PolicyStore : ActiveStore
PS C:\> Set-Item wsman:\localhost\client\trustedhosts *
WinRM Security Configuration.
This command modifies the TrustedHosts list for the WinRM client. The computers in the TrustedHosts list might not be
authenticated. The client might send credential information to these computers. Are you sure that you want to modify
this list?
[Y] Yes [N] No [S] Suspend [?] Help (default is "Y"): y
PS C:\> Get-Item WSMan:\localhost\Client\TrustedHosts
WSManConfig: Microsoft.WSMan.Management\WSMan::localhost\Client
Type Name SourceOfValue Value
System.String TrustedHosts *
Restart-Service WinRM
PS C:\> Test-WsMan
wsmid : http://schemas.dmtf.org/wbem/wsman/identity/1/wsmanidentity.xsd
ProtocolVersion : http://schemas.dmtf.org/wbem/wsman/1/wsman.xsd
ProductVendor : Microsoft Corporation
ProductVersion : OS: 0.0.0 SP: 0.0 Stack: 3.0
Testing from PREDATOR to PRO4
PS C:\> ping PRO4
Pinging Pro4.local [192.168.0.141] with 32 bytes of data:
Reply from 192.168.0.141: bytes=32 time=8ms TTL=128
Reply from 192.168.0.141: bytes=32 time=78ms TTL=128
Reply from 192.168.0.141: bytes=32 time=92ms TTL=128
Reply from 192.168.0.141: bytes=32 time=108ms TTL=128
PS C:\> get-NetNeighbor -State Stale
ifIndex IPAddress LinkLayerAddress State PolicyStore
17 fe80::211:32ff:fef3:de4b 00-11-32-F3-DE-4B Stale ActiveStore
17 192.168.0.150 C8-DB-26-09-EB-55 Stale ActiveStore
17 192.168.0.146 00-11-32-F3-DE-4B Stale ActiveStore
17 192.168.0.141 98-5F-D3-31-FE-B9 Stale ActiveStore
17 192.168.0.137 96-62-87-33-8A-8B Stale ActiveStore
PS C:\> test-NetConnection PRO4
ComputerName : PRO4
RemoteAddress : 192.168.0.141
InterfaceAlias : Ethernet
SourceAddress : 192.168.0.135
PingSucceeded : True
PingReplyDetails (RTT) : 8 ms
PS C:\> test-NetConnection PRO4 -Port 5985
WARNING: TCP connect to (192.168.0.141 : 5985) failed
WARNING: TCP connect to (fe80::c9a3:8bfb:a8eb:a059%17 : 5985) failed
ComputerName : PRO4
RemoteAddress : 192.168.0.141
RemotePort : 5985
InterfaceAlias : Ethernet
SourceAddress : 192.168.0.135
PingSucceeded : True
PingReplyDetails (RTT) : 8 ms
TcpTestSucceeded : False
Above Part 2 was posted as separate thread, merging it here.
tonyd
January 26, 2022, 3:04pm
8
Have you tried turning off the firewall just to rule that out?
1 Like
janand
January 26, 2022, 6:46pm
9
When I disabled the Windows Defender Firewall on PRO4 it worked.
tonyd
January 26, 2022, 7:00pm
10
I have seen and read the same as you. But I have also run into issues as you have. Dont have a good answer for you.
A couple of other items I check for Remote Powershell:
Can you get to C$ on the remote system?
Is the Remote Registry service enabled on the remote system?
I wish I had a better answer for you but sometimes, Remote Powershell takes some work.
I’ve seen things like network profiles changing affect this as well as policies. I understand this is a lab scenario. For real world scenarios this is typically handled by policy which individually sets the service, firewall, etc and not Enable-PsRemoting.