Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win


required open internet port for client transactions

Posted on 2009-04-14
Medium Priority
Last Modified: 2013-12-14
i have a client that has just switched from a T1 dial up line to Comcast cable
everything is working fine

a claims service just emailed them about them changing their servicefrom port 8001 to port 443
the claims service said that port 443 must remain open

how do i go about doing this?
i have not done anything with open ports, would i do this by entering the comcast modem
and changing some setting in there or is this done on the server?


Question by:webdott
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
LVL 28

Accepted Solution

jhyiesla earned 2000 total points
ID: 24137234
You probably don't have to do anything.  Port 443 is just HTTPS (secure http).  Most systems, routers, etc, allow 443 to be open by default.  If this is an outgoing connection, you can test this by attempting to go to an HTTPS site like https://eopen.microsoft.com. If you get to the site, then 443 is working.  If it's an incoming connection, I'd have the claims service test it with your client.

Author Comment

ID: 24137404
how do you see which ports are open?
how would i open it if it is not open?
the https://eopen.microsoft.com/EN/default.asp opened just fine and i will have
the claims service test the clients port from incoming.
LVL 28

Expert Comment

ID: 24139303
The modem itself probably has no blocking going on... cable modems are pretty much dumb devices without much administration. Blocking or opening ports would happen on infrastructure  devices further in such as a router or firewall.
Threat Trends for MSPs to Watch

See the findings.
Despite its humble beginnings, phishing has come a long way since those first crudely constructed emails. Today, phishing sites can appear and disappear in the length of a coffee break, and it takes more than a little know-how to keep your clients secure.


Author Comment

ID: 24139593
ok, so this is what i have:
server + workstations + modem : connected to a switch
so the firewall [ software not hardware ] would be the port structure since everything connects directly to the modem.
this would mean that i would have to go into the software like Norton Internet Security to control the port opening right?
or would i still need to go to a windows xp pro configuration to set the port?
LVL 28

Expert Comment

ID: 24139684
Assuming an outgoing connection... I think you're probably fine for port 443.

You're set up is interesting.  Do each of your workstations and the server have a public IP or do you get private internal IP's?  Typically the cable account will provide one dynamic public IP that is associated with a single internal device like a router or a PC.  It's possible to buy service where the cable company can provide you with extra IP's, but that's not typical. In the first scenario you would either have a cable router instead of a modem or an internal router behind the modem providing internal private IP's for the internal networked devices. If the device that everything hooks to is a switch (not a router) and the cable device really is a modem (not a router) all of your devices would have to have public IP addresses which I would find doubtful.  Can you confirm that there is no router in the mix?

Assuming that one of these devices really is a router, the router would be the controller of incoming port redirection.

Author Comment

ID: 24147949
there is one dynamic ip address working from the modem.
the other IP addresses are assigned thru the DNS server with DHCP.
so the workstations do get to the internet thru the server i am assuming.
LVL 28

Assisted Solution

jhyiesla earned 2000 total points
ID: 24148242
"so the workstations do get to the internet thru the server i am assuming." ... that's possible depending on what services the server is running.

Typically on an incoming transmission, all the outside entity can see is your public IP address and he has to talk to that. So something on the inside has to be able to port map or redirect the incoming traffic to a specific inside IP address and port.  You can do that a lot of ways.

For example, at home, I have a cable modem and next to that is a router which provides my internal network with IP addresses and a way to the Internet. It also provides some routing capability and if I need to direct a certain port into a certain machine on my network it also provides that capability.

At my work we used to run a MS ISA server as my firewall and proxy.  So it provided a bunch of services to us including the ability to block or allow ports and to redirect incoming transmissions of a certain type and/or from a certain source to a particular server or servers.   Now we are using a hardware-based firewall that does much of this; some by itself and some by working with the ISA server.

The best next step is to determine whether the 443 traffic with the vendor is incoming or outgoing and test.  If it works, you're done.  If it doesn't then we need to see what capabilities that the switch or the server has and where best set up the port redirection.

Author Closing Comment

ID: 31569843
thanks for explaining everything.

you have helped out a lot on this issue and helped me
understand it better.

Featured Post

Cyber Threats to Small Businesses (Part 2)

The evolving cybersecurity landscape presents SMBs with a host of new threats to their clients, their data, and their bottom line. In part 2 of this blog series, learn three quick processes Webroot’s CISO, Gary Hayslip, recommends to help small businesses beat modern threats.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

HOW TO REMOTELY CLEAN MEROND.O WITH ESET SILENTLY PROBLEM       If you have the fortunate luck to contract the Merond.O virus on your network, it can be quite troublesome to remove as it propagates to network shares on your network. In my case, the …
Sometimes you have to pull out old tricks to get a new firewall to work… While we were installing a new Sonicwall at a customers site we found that sites they were able to visit before were not working.  It seemed random and we could not understa…
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question