Solved

required open internet port for client transactions

Posted on 2009-04-14
8
173 Views
Last Modified: 2013-12-14
i have a client that has just switched from a T1 dial up line to Comcast cable
everything is working fine

a claims service just emailed them about them changing their servicefrom port 8001 to port 443
the claims service said that port 443 must remain open

how do i go about doing this?
i have not done anything with open ports, would i do this by entering the comcast modem
and changing some setting in there or is this done on the server?

thanks

0
Comment
Question by:webdott
  • 4
  • 4
8 Comments
 
LVL 28

Accepted Solution

by:
jhyiesla earned 500 total points
Comment Utility
You probably don't have to do anything.  Port 443 is just HTTPS (secure http).  Most systems, routers, etc, allow 443 to be open by default.  If this is an outgoing connection, you can test this by attempting to go to an HTTPS site like https://eopen.microsoft.com. If you get to the site, then 443 is working.  If it's an incoming connection, I'd have the claims service test it with your client.
0
 

Author Comment

by:webdott
Comment Utility
how do you see which ports are open?
how would i open it if it is not open?
the https://eopen.microsoft.com/EN/default.asp opened just fine and i will have
the claims service test the clients port from incoming.
 
thanks
0
 
LVL 28

Expert Comment

by:jhyiesla
Comment Utility
The modem itself probably has no blocking going on... cable modems are pretty much dumb devices without much administration. Blocking or opening ports would happen on infrastructure  devices further in such as a router or firewall.
0
 

Author Comment

by:webdott
Comment Utility
ok, so this is what i have:
server + workstations + modem : connected to a switch
so the firewall [ software not hardware ] would be the port structure since everything connects directly to the modem.
this would mean that i would have to go into the software like Norton Internet Security to control the port opening right?
or would i still need to go to a windows xp pro configuration to set the port?
 
0
Threat Intelligence Starter Resources

Integrating threat intelligence can be challenging, and not all companies are ready. These resources can help you build awareness and prepare for defense.

 
LVL 28

Expert Comment

by:jhyiesla
Comment Utility
Assuming an outgoing connection... I think you're probably fine for port 443.

You're set up is interesting.  Do each of your workstations and the server have a public IP or do you get private internal IP's?  Typically the cable account will provide one dynamic public IP that is associated with a single internal device like a router or a PC.  It's possible to buy service where the cable company can provide you with extra IP's, but that's not typical. In the first scenario you would either have a cable router instead of a modem or an internal router behind the modem providing internal private IP's for the internal networked devices. If the device that everything hooks to is a switch (not a router) and the cable device really is a modem (not a router) all of your devices would have to have public IP addresses which I would find doubtful.  Can you confirm that there is no router in the mix?

Assuming that one of these devices really is a router, the router would be the controller of incoming port redirection.
0
 

Author Comment

by:webdott
Comment Utility
there is one dynamic ip address working from the modem.
the other IP addresses are assigned thru the DNS server with DHCP.
so the workstations do get to the internet thru the server i am assuming.
0
 
LVL 28

Assisted Solution

by:jhyiesla
jhyiesla earned 500 total points
Comment Utility
"so the workstations do get to the internet thru the server i am assuming." ... that's possible depending on what services the server is running.

Typically on an incoming transmission, all the outside entity can see is your public IP address and he has to talk to that. So something on the inside has to be able to port map or redirect the incoming traffic to a specific inside IP address and port.  You can do that a lot of ways.

For example, at home, I have a cable modem and next to that is a router which provides my internal network with IP addresses and a way to the Internet. It also provides some routing capability and if I need to direct a certain port into a certain machine on my network it also provides that capability.

At my work we used to run a MS ISA server as my firewall and proxy.  So it provided a bunch of services to us including the ability to block or allow ports and to redirect incoming transmissions of a certain type and/or from a certain source to a particular server or servers.   Now we are using a hardware-based firewall that does much of this; some by itself and some by working with the ISA server.

The best next step is to determine whether the 443 traffic with the vendor is incoming or outgoing and test.  If it works, you're done.  If it doesn't then we need to see what capabilities that the switch or the server has and where best set up the port redirection.
0
 

Author Closing Comment

by:webdott
Comment Utility
thanks for explaining everything.

you have helped out a lot on this issue and helped me
understand it better.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Suggested Solutions

I recently had to create a utility which aim is to update McAfee's Virusscan and that had to be launched from a command line. I thought I’d share my experience with you. Why is it useful to be able to update an Antivirus from the command line?…
Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Sending a Secure fax is easy with eFax Corporate (http://www.enterprise.efax.com). First, Just open a new email message.  In the To field, type your recipient's fax number @efaxsend.com. You can even send a secure international fax — just include t…
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.

762 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

12 Experts available now in Live!

Get 1:1 Help Now