How to test if a firewall port is open – Powershell

Microsoft Powershell can be uses to a lot of amazing stuff. I have been using powershell for years now, but I am still learning cool stuff.

Powershell contains a lot of cmdlets making it easy to complete all kinds of network tasks. In this post I will demonstrate  some of them for you.

Ping made smarter

You might already know the ping command to check if a computer(host) is alive. Powershell has a command for that as well. In powershell the command is named Test-Connection. It can of cause do the same as a normal ping command:

PS C:\> Test-Connection google.com
Source                  Destination     IPV4Address      IPV6Address               Bytes    Time(ms)
WINDOWS10     google.com      172.217.17.142                                            32       19
WINDOWS10     google.com      172.217.17.142                                            32       23
WINDOWS10     google.com      172.217.17.142                                            32       19
WINDOWS10     google.com      172.217.17.142                                            32       19

You can also ping multiple host in one command like this:

PS C:\> Test-Connection google.com, localhost, WINDOWS10 -Count 2
Source                  Destination     IPV4Address      IPV6Address                              Bytes    Time(ms)WINDOWS10     google.com      172.217.17.46                                             32       23
WINDOWS10     google.com      172.217.17.46                                             32       19
WINDOWS10     localhost       127.0.0.1        ::1                                      32       0
WINDOWS10     localhost       127.0.0.1        ::1                                      32       0
WINDOWS10     WINDOWS10       192.168.1.78     fe80::dd74:b80f:5c2c:21cc%12             32       0
WINDOWS10     WINDOWS10       192.168.1.78     fe80::dd74:b80f:5c2c:21cc%12             32       0

 

Test of a firewall port is open at a remote host

Another useful Powershell cmdlets is the Test-NetConnetion. This command can be useful testing if a specific port is open at a remote host.

Let us try and see if port 3389 (RDP) is open on my RDS server named WIN2012-RDS01:

PS C:\> Test-NetConnection WIN2012-RDS01 -Port 3389
ComputerName     : WIN2012-RDS01
RemoteAddress    : fe80::2c5f:6662:d4a9:8286%12
RemotePort       : 3389
InterfaceAlias   : vEthernet (vSwitch1) 2
SourceAddress    : fe80::dd74:b80f:5c2c:21cc%12
TcpTestSucceeded : True

As you can see the command returns TcpTestSucceeded which means that the port is open.
Now let us test of telnet port 21 is also open:

PS C:\> Test-NetConnection WIN2012-RDS01 -Port 21
WARNING: TCP connect to (fe80::2c5f:6662:d4a9:8286%12 : 21) failed
WARNING: TCP connect to (192.168.1.100 : 21) failedComputerName           : WIN2012-RDS01
RemoteAddress          : fe80::2c5f:6662:d4a9:8286%12
RemotePort             : 21
InterfaceAlias         : vEthernet (vSwitch1) 2
SourceAddress          : fe80::dd74:b80f:5c2c:21cc%12
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : False

As you can see in this case the TcpTestSucceeded returns False means that there is nothing answering on port 21 on my server.

I hope you found the above as interesting as I do and that you fell inspired to use Powershell the next time you want to perform simple network tasks. If you want to dig deeper, there is many more great powershell commands working with network.

Thomas
About the author:
I am an IT Professional that has this blog as a hobby project in my spare time. I have been in the IT business since 1996 and want to share some of the thing I have picked up over the years with people who visit this blog...

>>Subscribe to my Newsletter<<

Leave a Reply

Your email address will not be published. Required fields are marked *