cpgtechsupport
asked on
How can I get Windows Server 2008 Web Edition to open up additional ports?
Hi all,
I've got a dedicated server with 1&1 that currently runs Windows Server 2008 Web Edition. I'm having trouble getting the system to open up any ports outside of RDP, FTP, and HTTP. I've disabled the firewall on the server itself and added firewall rules allowing SSH traffic inbound on the 1&1 admin panel. After allowing all of that to apply, however, an nmap scan of the server doesn't show that port 22 is open and I'm not able to SSH into the server from an outside location. I can, however, SSH in from the server console itself.
Here's the netstat:
Proto Local Address Foreign Address State Offload Sta
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:4207 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49179 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49181 0.0.0.0:0 LISTENING InHost
And here's the nmap scan:
nmap -sV MYHOST
Starting Nmap 5.00 ( http://nmap.org ) at 2009-12-22 07:58 EST
Interesting ports on MYHOST:
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp FileZilla ftpd 0.9.31 beta
80/tcp open http Microsoft IIS webserver 7.0
3389/tcp open microsoft-rdp Microsoft Terminal Service
Service Info: OS: Windows
Additionally, I can't seem to get anything other than Active FTP sessions to work; passive doesn't seem to work properly using IIS7 FTP or Filezilla FTP Server. I'm currently attempting to use FreeSSHd daemon for the SFTP/SSH access but not able to connect to it.
Is there some other place that a firewall or filtering function may be occurring on this OS?
I've got a dedicated server with 1&1 that currently runs Windows Server 2008 Web Edition. I'm having trouble getting the system to open up any ports outside of RDP, FTP, and HTTP. I've disabled the firewall on the server itself and added firewall rules allowing SSH traffic inbound on the 1&1 admin panel. After allowing all of that to apply, however, an nmap scan of the server doesn't show that port 22 is open and I'm not able to SSH into the server from an outside location. I can, however, SSH in from the server console itself.
Here's the netstat:
Proto Local Address Foreign Address State Offload Sta
TCP 0.0.0.0:21 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:22 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:80 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:135 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:445 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:4207 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:5357 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49152 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49153 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49154 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49155 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49156 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49179 0.0.0.0:0 LISTENING InHost
TCP 0.0.0.0:49181 0.0.0.0:0 LISTENING InHost
And here's the nmap scan:
nmap -sV MYHOST
Starting Nmap 5.00 ( http://nmap.org ) at 2009-12-22 07:58 EST
Interesting ports on MYHOST:
Not shown: 997 filtered ports
PORT STATE SERVICE VERSION
21/tcp open ftp FileZilla ftpd 0.9.31 beta
80/tcp open http Microsoft IIS webserver 7.0
3389/tcp open microsoft-rdp Microsoft Terminal Service
Service Info: OS: Windows
Additionally, I can't seem to get anything other than Active FTP sessions to work; passive doesn't seem to work properly using IIS7 FTP or Filezilla FTP Server. I'm currently attempting to use FreeSSHd daemon for the SFTP/SSH access but not able to connect to it.
Is there some other place that a firewall or filtering function may be occurring on this OS?
I have you tried using the Windows Firewall with Advanced Security snap-in?
or
netsh -c firewall
set portopening tcp <port #>
or
netsh -c firewall
set portopening tcp <port #>
ASKER
Hi there,
Thank you for your response. I went into the Advanced Firewall configuration and set the default policy on all the profiles to be Allow. I've also enabled stateful packet filtering for the FTP ports and allowed FTP access through the Advanced Firewall snap-in. I also disabled the firewall using the Windows Control Panel but I've had the same issues.
I have used that command line option as well.
Thanks,
Ryan
Thank you for your response. I went into the Advanced Firewall configuration and set the default policy on all the profiles to be Allow. I've also enabled stateful packet filtering for the FTP ports and allowed FTP access through the Advanced Firewall snap-in. I also disabled the firewall using the Windows Control Panel but I've had the same issues.
I have used that command line option as well.
Thanks,
Ryan
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
Thank you!
That appears to have fixed it!
That appears to have fixed it!
ASKER