By default, WMI uses 135 and 445 along with wide range of dynamic random ports TCP 49152-65535 (RPC dynamic ports – above Win2008 and Vista) -or- TCP 1024-65535 (RPC dynamic ports – NT4, Win2000, Win2003, WinXP). WMI initially use135 port for connection to target end points and subsequently it uses random ports shared by target end points for further communication.
To make this firewall friendly, we can either limit the dynamic random ports or make WMI to use fixed static port. This setting has to be applied on target end points and not on the SapphireIMS server.
To specify smaller range of dynamic ports, please refer below link -
To use fixed port, please refer below link -
https://msdn.microsoft.com/en-us/library/bb219447(VS.85).aspx