Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations SkipVought on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Is there a command to check if there's a port open? 7

Status
Not open for further replies.
danielh68

danielh68

Technical User
Jul 31, 2001
431
0
0
US
Hi,

I'm attempting to install a ftp server at work (bulletproof ftp)and it works great locally, however (despite giving them my NIC IP) no one can connect from the outside. Is there a command that I can send to our server to see if port 21 is closed? I'm dying to know if that is the hang up or not.

I would ask the IT guy, but he walked out a couple of weeks ago and has yet to be replaced.

Thanks for your expertise.
Dan
 
Sort by date Sort by votes
If it works great locally, then port 21 is open. Most likely there's a firewall or NAT device blocking port 21 from the outside.
 
Upvote 0 Downvote

Try 'telnet hostname 21'

Cheers Henrik Morsing
Certified AIX 4.3 Systems Administration
& p690 Technical Support
 
Upvote 0 Downvote
What Morsing said is the right way to check , go to command promt and type the command 'telnet hostname 21'
 
Upvote 0 Downvote
Hi everyone.

Thanks for your advice. Despite it working within our company, the 'telnet hostname 21' command stated that it could not make a connection with the hostname. So, this means that port 21 is closed then...right?

In addition, just to make sure, when I want someone to connect, I give them my nic address and not the private ip that is used internally...correct?

Lastly, if I do need to open port 21, where do I do this? In IIS?

Thanks again for all your input.

--Dan

 
Upvote 0 Downvote
If they are connecting locally it means the port is open.

You have to give everyone you IP Address to use. You can find this by running

C:\>ipconfig /all

Youll get a detailed list of your internet settings. Look for the line...

IP Address. . . . . . . . . . . . : XXX.XXX.X.XX

That would be the address you give the outside world. You can also check to see what ports are open by running...

C:\>netstat -a

That will show you active connections. It sounds like your behind a firewall or something that is blocking outside access to your port 21 though. Ask a sysadmin to allow connections to that port.
 
Upvote 0 Downvote
Thanks for the great info. Lastly, is there a way to test my outside ip from the inside? Currently, I email a friend to test it. Just curious. Thanks -- Dan
 
Upvote 0 Downvote
You could try ftp://xxx.xxx.xxx.xxx - with your internet IP address. This may or may not give you an 'outside' test depending on the hardware which you haven't specified.
 
Upvote 0 Downvote
Please tell us which ip you have set olacly and which one you got on the outside. also important could be how you are connected to the internet.
 
Upvote 0 Downvote
Well, I'm kind of in a delimma. We're a small graphics company and our IT guy walked out a couple of weeks ago. I've looked on the server for any firewall software and have found none. We have a router, but I don't know to configure it. In any case, we have clients that send us large files. It would be nice they could ftp to us instead of buying this service through a provider. So I download Bulletproof FTP and it works great via localhost; however, no one can connect using the outside IP which is 209.234.130.41

Any advice is appreciated.

Thanks,
Dan
 
Upvote 0 Downvote
Another thing to look for is how your ISP is setup. Depending on your agreement, they may be blocking any ports lower than 1024.

Some ISP's will give you a cheap internet connection but not allow you to run an FTP, WWW, or email server.

Just another thought.
 
Upvote 0 Downvote
It works locally, so FTP is running fine. You stated you are behind a router and your public IP is 209.234.130.41. Your router is most likely using NAT to translate all of your internal private IP addresses to the single public IP address. This works great for outgoing traffic. However, to allow someone to connect coming 'in' to your network, you have to tell the router where to send the FTP traffic.

Find your private IP using ipconfig like mentioned above. Then tell the router to forward all requests for port 20 and 21 to your private IP address. If your network is configured like I think it is, then that should allow outside FTP connections.
 
Upvote 0 Downvote
I think NMAP is going to be the best tool for detecting open, closed or firewalled ports on any machine.

Its normally a *nix tool but a windows version is now available.


for more information. John D. Saucier
jsauce@magicguild.com
Certified Technician
Network Administrator
 
Upvote 0 Downvote
Looking thru all the threads I do not see what router you have on your network. What type of internet access do you have, (dsl, T1, ISDN etc etc).

lets say you have a dsl router ( zyzel 642r) this router requires that port 21 and 22 be open and pointed to your internal ip address. This is probably off base however, it should give you a starting point. “Reserve your right to think, for even to think wrongly is better than not to think at all”

Fisher CCNA, Network+
[americanflag]
 
Upvote 0 Downvote
Hello,

I had the same problem with accessing my FTP server. It turns out that all I had to do was ask my IPS to map a public IP to the esternal NIC on my server.

Now I can access FTP via windows or DOS.

Hope this helps.

jono
A good fortune may forbode a bad luck, which may in turn disguise a good fortune.
 
Upvote 0 Downvote
Hi Dan,

Recap/additional notes:

1) Verify you don't have firewall/filtering software locally installed on your server.
2) Verify the OUTSIDE IP address to use. (This is the one you give to your customers).
3) Setup NAT to redirect FTP (port 21 -- sorry jeter small correction, port 22 is ssh) to your internal/private IP address.
4) Setup rules/filters on your router/fw to allow inbound FTP to your server. Method depends on the type of router/fw you have.
5) Let us know what kind of router/fw you have (or if you have a fw at all). Make and model please, this way one of us can help you configure it.

Good luck! (I'm assuming you're the default IT guy since yours walked out...)

-Flo
 
Upvote 0 Downvote

Guys: May be the problem is fixed now. I did a port scan of the IP and following is the results.

IP: 209.234.130.41
Ping: 50 ms
Hostname: 209-234-130-41.gen.twtelecom.net
Open ports: 21,22,23,25,38,43,53,70,79,80
 
Upvote 0 Downvote
Hi everyone.

Sorry for the really late response. Anyhow, I downloaded a port scanner and discovered our company network has port 21 blocked. As mentioned above, our IT guy skipped town a couple months ago and didn't leave the password to access the router. Since then, I found some documentation on how to manually reset the password on the router. Once I get this accomplished, I should be able to open port 21.

With that said, I find it strange that KcBell was able to ascertain that the port is open. I guess I will have to investigate that further. First, though, I need to manually reset the switches on the router and see if that works.

Thanks a million for your help.

-Dan
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Zebad
  • Locked
  • Question
TFTP interference from another host (Windows Server , VxWorks Client)
Replies
0
Views
153
Zebad
Zebad
robocat
  • Locked
  • Question
Yet another TCP RST flag problem
Replies
0
Views
129
robocat
robocat
Vedant Gonnade
  • Locked
  • Question
How to send a string (generated by camera) to computer
Replies
0
Views
123
Vedant Gonnade
Vedant Gonnade
Caps007
  • Locked
  • Question
Port Mirroring
Replies
1
Views
149
ADB100
ADB100
jmarkus
  • Locked
  • Question
Can I have a different private IP address which isn't on my router's subnet?
Replies
6
Views
154
sbcsu
sbcsu

Part and Inventory Search

Sponsor

Back
Top