PRB: DCOM Does Not Work over Network Address Translation-Based Firewall


When you try to make Distributed Component Object Model (DCOM) calls over a Network Address Translation (NAT)-based Firewall, you receive the error 0x800706BA (RPC_S_SERVER_UNAVAILABLE).


For DCOM to work, the client must be able to reach the server by its actual IP address. If you use firewalls that translate network addresses, the client cannot use the actual IP address to reach the server.

COM inserts the IP address of the server computer into the interface marshaling packets that are returned to the client. Instead of using the translated IP/header, Remote Procedure Call (RPC, or DCOM) uses the actual IP address to reach the server. Because the firewall prevents the client from directly accessing the server, the client receives the above-mentioned error message.


For more information on using DCOM with firewalls, see the following Microsoft Web site:
For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

154596 HOWTO: Configure RPC Dynamic Port Allocation to Work with Firewall
193230 PRB: Server.CreateObject Fails When Object Is Behind Firewall
249726 HOWTO: Search for COM and DCOM Knowledge Base Articles