Hi All DCOM/COM+ Gurus,

we have a COM+ component that runs on a Win2K3 Server. This components is being called from a web server (Win2K3). there is a firewall in between web server and app server. When the web server sends a request to instantiate the COM+ component, the communication happens pretty fast via the firewall on port 135 and object get instantiated. But when object reference is sent back to the web server, it reaches the firewall and gets denied on the same port (135). Some times we get the response back to webserver, but takes around 3-4 minutes of time which is not acceptable.

We have exactly the same firewall ruleset which is working on Win NT environment and web server receives the response  back from App Server in not more than 20 sec.

Does DCOM/COM+ communication uses different port range in Win2k3 environment

Has anyone faced this sort of a problem and how was this fixed. We need to sort this out at the earliest. will highly appreciate any help/directions in this regard.

Thanks in advance.

Amit

Our futher investigation....

1. Compared Prod (Win NT) and UAT (Win2k3) Firewall policies and rule sets - determined that they are identical.

2. Completed network traces/snoops of firewalls and network ports for UAT environment - We discovered that the UAT Application server was initiating call back session on port TCP135 which were being dropped by the firewall as this port has a policy to block all such requests.

3. Completed a second round of network traces/snoops of the Firewalls and Network ports on the UAT and Prod environments - We confirmed that the the Production server wasn't initiating any sessions, where as the UAT application server was.

Any clues.......