Can ping & resolve, but can't telnet

Posted on 2009-04-09
Last Modified: 2015-01-05

Very weird one so bear with me;

ISP replaced Firewalls last week, but only copied config from old to new, claim no changes made.
Since then server outside the environment cannot set up smtp connection;
Can ping the server name
Can ping & resolve the domain okay
Can telnet from anywhere else on the network inside or outside the environment
It is just this one server in a seperate environment, which can ping & resolve but can't telnet on port 25

Very weird, driving us all nuts here as we cannot find why this is happening, ISP deny anything to do with Firewalls, but cannot see any other way round this?
Question by:ukgeeknumber1

Expert Comment

ID: 24105899
Have you actually tested the port inbound and outbound or are you just taking your isp's word?   Many times ...especially Verizon..... will havee certain ports blocked, and tell the customer different, I think just to avoid having to deal with the situation, and hope the customer just gives up instead of trying to make i work

Author Comment

ID: 24106040
We have run loads of test, including them monitoring the inbound traffic while we ping from the problem server.  They are still argueing its a configuration issue at our end?
LVL 16

Expert Comment

ID: 24106253
Have the isp monitor traffic while attempting to telnet to the "suspect" server.  Ping only tests through layer 3 and this sounds like a layer 4 issue.  The isp should be able to tell you where the disconnect is - or at least verify that the firewall is not the issue.

Can you get local access to the outside server?  This way you can see if you can connect via telnet locally which will eliminate the firewall.

Author Comment

ID: 24106306
hi, thanks for the responses, will need to check monitoring during a telnet session, if they will do this for us, they are getting hacked off too!

We can get access to the outside server and we can telnet using the FQDN, IP address etc, but just not when we use the  25 for example
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.


Author Comment

ID: 24106651
just as a note, if we run a tracert it runs from the outside servers internal network, across the global network all the way to the ISP's public IP, then fails, then makes one connection to the internal server, then fails again!
LVL 16

Expert Comment

ID: 24109236
". . . It is just this one server in a seperate environment . . . "

What does this mean? Are you saying that this is the only server that cannot telnet to port 25? And that this server cannot open an SMTP connection from the outside to the inside? But you can open an SMTP port from the outside to the inside on a different server and presumably a different subnetwork?

One of the earlier posters said this as well, this seems to be a port blocking issue and all the pinging and tracerouting and DNS resolving in the world won't reveal the issue. From your description it sounds as though port 25 is not open globally, but only open to specific source/destinations.

But perhaps I have not clearly understood your issue.

Good luck,


Accepted Solution

ukgeeknumber1 earned 0 total points
ID: 24115058
Hi stevej,

You're correct, its just one server that can't telnet or make an smtp connection, other PC's and servers on the same subnet can though!

Which would make me think it's something on that server, BUT it resolves okay, and trace routes across the global network, just fails at the ISP's datacenter public IP.  Which make me convinced it's a port/firewall blocking issue, but ISP deny it.
LVL 16

Expert Comment

ID: 24115665
Hmm . . . other PCs on the same subnet as the one that fails *CAN* send SMTP traffic through?

If that's the case, I'd (if it's possible) change the IP address on the *non working* server to an IP address that's being used on a server that works and then try a connection. If that fails, it could be some other form of blocking . . . like limiting the number of devices from that subnet  . . .  Maybe the ISP isn't actually blocking BUT they may have a different subnet mask being appliled and so the *non working* PC appears to them to be on a different subnet . . . which is actually firewalled.

Good luck,

Featured Post

New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Some time ago I was asked to set up a web portal PC to put at our entrance. When customers arrive, they could see a webpage 'promoting' our company. So I tried to set up a windows 7 PC as a kiosk PC.......... I will spare you all the annoyances I…
PRTG Network Monitor lets you monitor your bandwidth usage, so you know who is using up your bandwidth, and what they're using it for.
Internet Business Fax to Email Made Easy - With  eFax Corporate (, you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor ( offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now