Client unable to establish connection due to prelogin failure.


Hope you are doing good.  Today will talk about that if your get request which can be achievable in just short period of the time but due to some of other backlog you are not able to complete task.  Like it !!

Let talk about issue that while configuring secondary site it’s not getting install even pre request check has been pass.

Issue: Client unable to establish connection due to prelogin failure.

Now we have problem let talk about solutions.

Make sure below are the pre request: 

Roles / Role Services Required for Secondary Site:

  • Web Server (IIS)
    • Application Development:
      • ISAPI Extensions
    • Security:
      • Windows Authentication
    • IIS 6 Management Compatibility

      • IIS 6 Metabase Compatibility
      • IIS 6 WMI Compatibility

Features Required for Secondary Site:

  • Remote Differential Compression
  • BITS
  • .NET Framework 3.5
  • .NET Framework 4

The following ports will need to be opened between the site server and remote secondary site server

  • 135 (RPC/WMI), 445 (SMB), TCP: 4022 (SQL), 1433 (SQL),

We should aware about what are the logs we have to read while configuring secondary site and Flow of the details logs.

Let talk about details Logs Flow


The Prerequisite log can be found on the Primary Site Server at the root of the drive:


Once the Prerequisites have been complete and passed, you see view the Sender.log on the Primary site server. 

Note: Approx. package site will get transfer from primary to secondary installation drive around 1.37GB


Once the installation binaries have been copied from the Primary Site to the Root drive installation drive of the Secondary Site Server ConfigMgrSetup.log will start updating.

At Last installation status

Verify the Install was Successful! You can see in console site status is active

Let talk about reported issue and details solutions

Client unable to establish connection due to prelogin failure.

Based on error code, we have look details logs  in SQL Level

Note: Log will be located in 'C:\Program Files\Microsoft SQL Server\MSSQL13.CONFIGMGRSEC\MSSQL\Log\


·         Server TCP provider failed to listen on [ 'any' <ipv6> 1433]. Tcp port is already in use.

·         TDSSNIClient initialization failed with error 0x271d, status code 0xa. Reason: Unable to initialize the

·         TCP/IP listener. An attempt was made to access a socket in a way forbidden by its access permissions.

By seeing above error taken below action to validate which process is using 1433 port connection

Open command prompt with elevated privileges

Type Below query by seeing query result found instead of SQL Other Services are using 1433

 netstat -aon | find /I "1433" or netstat -a -n -b



To view details Process ID execute command tasklist 

Now we have problem as well root cause that as per process 1433 port being used by SQL server but using other process so to get dedicated port to SQL we have to bind by below process

We can define by SQL Server Network Configurations >> SQL SERVER NETWOR CONFIGURATION you will see your instance name configmgrsec Protocols for Your Server and go to TCP/IP and right click over it.

Refer this Configure a Server to Listen on a Specific TCP Port

Once We have above setting getting other error in configmgrsetup.log

Failed to read public key from site Exchange certificate 87d20002

To fix refer my previous log how to generate Certificate and import  

Once we have done above all the setting Secondary site configuration went smooth as normal. 

Keep watching space with many experts are here to share solutions

Many Problem, One Place solutions.

Thanks & Regards

Haresh Hirani



Follow me:


    No Comments

Leave a Comment