Microsoft KB Archive/248809

From BetaArchive Wiki
Knowledge Base

PRB: DCOM Does Not Work over Network Address Translation-Based Firewall

Article ID: 248809

Article Last Modified on 11/17/2003


  • Microsoft COM+ 2.0 Standard Edition, when used with:
    • Microsoft Windows 2000 Standard Edition
    • Microsoft Windows NT 4.0

This article was previously published under Q248809


When you try to make Distributed Component Object Model (DCOM) calls over a Network Address Translation (NAT)-based Firewall, you receive the error 0x800706BA (RPC_S_SERVER_UNAVAILABLE).


For DCOM to work, the client must be able to reach the server by its actual IP address. If you use firewalls that translate network addresses, the client cannot use the actual IP address to reach the server.

COM inserts the IP address of the server computer into the interface marshaling packets that are returned to the client. Instead of using the translated IP/header, Remote Procedure Call (RPC, or DCOM) uses the actual IP address to reach the server. Because the firewall prevents the client from directly accessing the server, the client receives the above-mentioned error message.


For more information on using DCOM with firewalls, see the following Microsoft Web site:

For additional information, click the article numbers below to view the articles in the Microsoft Knowledge Base:

154596 HOWTO: Configure RPC Dynamic Port Allocation to Work with Firewall

193230 PRB: Server.CreateObject Fails When Object Is Behind Firewall

249726 HOWTO: Search for COM and DCOM Knowledge Base Articles

Keywords: kbclient kbclientserver kbdcom kbprb kbserver KB248809