How to test if a firewall port is open – Powershell

Thomas
Tweet
Share
Pin20

Microsoft PowerShell can be uses to a lot of amazing stuff. I have been using PowerShell for years now, but I am still learning new cool stuff it can do.

PowerShell contains a lot of cmdlets making it easy to complete all kinds of network tasks. In this post I will demonstrate some of them for you.

Ping, just smarter

You might already know the ping command to check if a computer(host) is “alive”. Powershell has a command for that as well. In powershell the command is named Test-Connection. It can of cause do the same as a normal ping command:

PS C:\> Test-Connection google.com
Source                  Destination     IPV4Address      IPV6Address               Bytes    Time(ms)
WINDOWS10     google.com      172.217.17.142                                            32       19
WINDOWS10     google.com      172.217.17.142                                            32       23
WINDOWS10     google.com      172.217.17.142                                            32       19
WINDOWS10     google.com      172.217.17.142                                            32       19

You can also ping multiple host in one command like this:

PS C:\> Test-Connection google.com, localhost, WINDOWS10 -Count 2
Source                  Destination     IPV4Address      IPV6Address                              Bytes    Time(ms)WINDOWS10     google.com      172.217.17.46                                             32       23
WINDOWS10     google.com      172.217.17.46                                             32       19
WINDOWS10     localhost       127.0.0.1        ::1                                      32       0
WINDOWS10     localhost       127.0.0.1        ::1                                      32       0
WINDOWS10     WINDOWS10       192.168.1.78     fe80::dd74:b80f:5c2c:21cc%12             32       0
WINDOWS10     WINDOWS10       192.168.1.78     fe80::dd74:b80f:5c2c:21cc%12             32       0

 

Test if a firewall port is open at a remote host

Another useful Powershell cmdlets is the Test-NetConnetion. This command can be useful testing if a specific port is open at a remote host.

Let us try and see if port 3389 (RDP) is open on my RDS server named WIN2012-RDS01:

PS C:\> Test-NetConnection WIN2012-RDS01 -Port 3389
ComputerName     : WIN2012-RDS01
RemoteAddress    : fe80::2c5f:6662:d4a9:8286%12
RemotePort       : 3389
InterfaceAlias   : vEthernet (vSwitch1) 2
SourceAddress    : fe80::dd74:b80f:5c2c:21cc%12
TcpTestSucceeded : True

As you can see the command returns TcpTestSucceeded which means that the port is open.
Now let us test of telnet port 21 is also open:

PS C:\> Test-NetConnection WIN2012-RDS01 -Port 21
WARNING: TCP connect to (fe80::2c5f:6662:d4a9:8286%12 : 21) failed
WARNING: TCP connect to (192.168.1.100 : 21) failedComputerName           : WIN2012-RDS01
RemoteAddress          : fe80::2c5f:6662:d4a9:8286%12
RemotePort             : 21
InterfaceAlias         : vEthernet (vSwitch1) 2
SourceAddress          : fe80::dd74:b80f:5c2c:21cc%12
PingSucceeded          : True
PingReplyDetails (RTT) : 0 ms
TcpTestSucceeded       : False

As you can see in this case the TcpTestSucceeded returns False means that there is nothing answering on port 21 on my server.

Questions or Comments below

I hope you found the above as interesting as I do and that you fell inspired to use Powershell the next time you want to perform simple network tasks. If you want to dig deeper, there is many more great powershell commands working with network. If you have questions or comments, please use the comment formular below.

Tweet
Share
Pin20

Related posts

2 Thoughts to “How to test if a firewall port is open – Powershell”

  1. R Hartes
    May 14, 2020 at 10:15

    This is only for TCP ports, How to test a UDP port? E.G NetTime uses UDP port 123

    Reply
    1. Thomas
      May 14, 2020 at 16:02

      It is difficult to test UDP ports because there is no response in UDP communication.

      Reply

Leave a Comment