?
Solved

How do I open port on Terminal server not running Windows firewall

Posted on 2010-08-17
16
Medium Priority
?
655 Views
Last Modified: 2012-05-10
I have Windows 2003 server acting as a terminal server. I need to open up TCP and UDP ports to my LAN for ports 1433 and 1434. I already know it is rejecting these ports from my other server. I don't have Windows Firewall running but it does say something called ipnat.sys is.
What is this and is this where I need to open ports? I need some step by step help on this one.
Thanks.
0
Comment
Question by:TcAnthony
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
16 Comments
 
LVL 14

Expert Comment

by:top_rung
ID: 33459509
Maybe TCP/IP filtering...
http://support.microsoft.com/kb/816792

0
 

Author Comment

by:TcAnthony
ID: 33459525
I tried that. Thank you.
0
 
LVL 14

Expert Comment

by:top_rung
ID: 33459561
Since this is likely SQL, are you sure it is listening on the ports?  

Netstat -a

Is the server listening?

Also, portqry from the target on both ports to see if it is being filtered.  Then investigate any devices (e.g. hardware firewalls) in between the two hosts.
0
Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

 
LVL 11

Expert Comment

by:Coast-IT
ID: 33459572
Are you sure that Windows firewall is disabled on all servers?  This is a windows firewall error.

what server do you want to open these ports to?  Can you telnet to them internally on the LAN?  

Try and telnet from a command prompt
start>run>cmd   -  

telnet myinternalip.local 1433
telnet myinternalip.local 1434

If they go to a black screen then the ports are opened.

Then try it from outside, if you can get to it, then it is down to the fact that something is blocking it from outside.  Check port forwarding rules on the router.

We need a better explanation of what your expected end result is, eg ;

Connect to terminal server from outside or inside
open ports required on another server for access from the terminal server
ports opened up on terminal server for application



0
 
LVL 1

Expert Comment

by:Jannie van der Walt
ID: 33459612
perhaps check you c:\WINDOWS\system32\drivers\etc\services file for entries:

ms-sql-s         1433/tcp                           #Microsoft-SQL-Server
ms-sql-s         1433/udp                           #Microsoft-SQL-Server
ms-sql-m         1434/tcp                           #Microsoft-SQL-Monitor
ms-sql-m         1434/udp                           #Microsoft-SQL-Monitor
0
 

Author Comment

by:TcAnthony
ID: 33459694
I have a program that uses these ports to talk to its clients. I tried the telnet from the inside and it doesn't connect. I have tried disabling the firewall service on the server which doesn't help either.
0
 

Author Comment

by:TcAnthony
ID: 33459704
JannieinSA,
Am I to do this on the client or the server?
0
 

Author Comment

by:TcAnthony
ID: 33459729
JannieinSA,
Those entries are in the client file.
0
 
LVL 14

Expert Comment

by:top_rung
ID: 33459804
Does Netstat -a show "listening" on the server on that port?

0
 

Author Comment

by:TcAnthony
ID: 33459988
Good call. No it doesn't. Should that be a service of the server program I installed on the server first?
0
 
LVL 14

Expert Comment

by:top_rung
ID: 33460028
"I have a program that uses these ports to talk to its clients"

This program in on the server right?  If so, it must be configured to listen on the ports and obviously the program should be running.

0
 

Author Comment

by:TcAnthony
ID: 33460542
They are telling me that if the server is blocking those ports because of it's firewall, it won't show up as listening. Is that correct? Again, I don't have a firewall running.
0
 
LVL 14

Expert Comment

by:top_rung
ID: 33461727
"if the server is blocking those ports because of it's firewall, it won't show up as listening"

I don't believe that to be true.  Netstat will give you a list of processes/programs that are using a specific port regardless of a firewall.   That is, it doesn't care if there is a firewall blocking it or not, it is merely showing you what is being used by what.  Even this MS article uses Netstat and Tasklist to identify ports if you believe the Firewall might be blocking it and you want to add an exception..

http://support.microsoft.com/kb/875357

I can't test this at the moment, so maybe someone else can chime in with a definitive answer.


So to clarify, you are saying that you see NOTHING for port 1433 when running netstat?

Try this to filter things a bit...

netstat -ano | findstr :1433


Also, you are sure there is no firewall running?  What services did you stop?   Also, when you say "it does say something called ipnat.sys is", what is "It"?  What says that ipnat.sys is running?
 

Sorry to ask some simple questions, but if you need more help, then we need to make sure we are on the same page.


0
 
LVL 14

Accepted Solution

by:
top_rung earned 2000 total points
ID: 33461757
Also, use portqry from another machine and test it.  Download portqry.exe on a remote computer, go to a command prompt and change to the directory where portqry.exe is.  Run the following command....

portqry -n ServersIPAddress -e 1433

If you get a result that says "FILTERED", it is a firewall/blocking issue.

If you get a result that says NOT LISTENING, then their is no program on the server listening on the port.

http://www.microsoft.com/downloads/details.aspx?familyid=89811747-c74b-4638-a2d5-ac828bdc6983&displaylang=en





0
 

Author Comment

by:TcAnthony
ID: 33463610
Thank you. You are correct. Using the portqry program I am getting a response of NOT LISTENING.
You have been extrememly helpful and very quick to respond. I am grateful for your assistance.
0
 
LVL 14

Expert Comment

by:top_rung
ID: 33466530
Anytime.  Good luck and contribute back whenever possible!

good luck....
0

Featured Post

Complete VMware vSphere® ESX(i) & Hyper-V Backup

Capture your entire system, including the host, with patented disk imaging integrated with VMware VADP / Microsoft VSS and RCT. RTOs is as low as 15 seconds with Acronis Active Restore™. You can enjoy unlimited P2V/V2V migrations from any source (even from a different hypervisor)

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
This article provides a convenient collection of links to Microsoft provided Security Patches for operating systems that have reached their End of Life support cycle. Included operating systems covered by this article are Windows XP,  Windows Server…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
This tutorial will teach you the special effect of super speed similar to the fictional character Wally West aka "The Flash" After Shake : http://www.videocopilot.net/presets/after_shake/ All lightning effects with instructions : http://www.mediaf…
Suggested Courses

764 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question