Winrm configuration

Hi All ,

I am trying to establish a secure powershell remoting (https) in my environment . everything is up and working .

Now i got a requirement that the winrm listeners on the servers should only accept secure connection from a Management server .

PS C:\Users\z6ynd> Get-WSManInstance winrm/config/Listener -SelectorSet @{Address=‘*’;Transport=“HTTPS”}

Output :

cfg : http://schemas.microsoft.com/wbem/wsman/1/config/listener
xsi : http://www.w3.org/2001/XMLSchema-instance
lang : en-US
Address : *
Transport : HTTPS
Port : 5986
Hostname : XXXSMSCO0001.hpovservices2.local
Enabled : true
URLPrefix : wsman
CertificateThumbprint : 8A0EC8DC3BA5A5D898BE1CC022D8B75EC6323199
ListeningOn : {84.XX.XXX.77, 127.0.0.1, ::1, 2002:54ff:7e4d::54ff:7e4d…}

Changing Address to : instead of “*” will help me on this regard ? In that case is there any way to accomplish that ?

Thank you,
Nithun

Hey Nithun,

I’d suggest taking a look at the free e-book Secrets of PowerShell Remoting, which you can access from this site via Resources, Free Ebooks, which will point you in the right direction.

WInRM doesn’t provide incoming address filtering. You’d need to configure that in a local firewall. The Address setting controls which local IPs are listened to.

@Don

Thank you so much don for the input . I am all set

@Tim

Thank you for directing me to a wonderful lesson about PS remoting.