Windows Remote Target Connector uses SMB (Server Message Block) and WMI (Windows Management Instrumentation) protocol to accomplish discovery task. Windows Remote Connector requires these ports to be open in the firewall:

SMB: port 445
WMI: port 135 and port range from 49152 to 65535 or 1024 through 4999.

If you can verify password but discovery failed then it is due to WMI ports, specifically the port range from 49152 to 65535 was blocked by Firewall. What you can do is to run Wireshark on the target Windows server and reproduce the problem. On the top filter field set the following filter
       tcp.dstport >= 49152 && ip.dst == <target Windows Server's IP>
Note: replace <target Windows Server's IP> with the actual IP address of the target Windows server.

If you don't get any packets in the Wireshark after applying above filter then you can tell that Firewall has blocked the port range.

You may configure limited range or even a static port instead of default 49152 to 65535 port range. However, this is Windows configuration and you should consult Microsoft for a suitable setting in your environment. Please refer the following available article on Microsoft websites.

How to configure RPC dynamic port allocation to work with firewalls

Setting Up a Fixed Port for WMI