?
Solved

need port 443 open for a server

Posted on 2013-11-18
5
Medium Priority
?
713 Views
Last Modified: 2013-11-19
Hi,
one of the apps we use needs port 443 open to work so was wondering if i have to do this on the firewall or is it possible to open a port on the actual server?  This is on a 2003 server.  Thanks.
0
Comment
Question by:dankyle67
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
5 Comments
 
LVL 27

Expert Comment

by:davorin
ID: 39657998
It depends. If you want access to if from internet, then you need to open port 443 from firewall appliance between internet and your LAN AND it should be open also on firewall on your server. Plus you need to forward that port to server's IP address.
If you want to use that app only from your LAN, then you need to open it only on your server.
0
 

Author Comment

by:dankyle67
ID: 39658012
Ok i found where to do that on our netscreen 5gt and i tested it using canyouseemee and it said connection refused which is ok since nothing is running on that port right now but at least it can get thru the firewall.  Lets say the app we use needs access to a website and it needs port 443 open to access that site for some reason then how would i open that port on the server itself?  Or can i also put a policy to allow 443 traffic from that server out to the internet using the netscreen policy from trust to untrust?
0
 
LVL 27

Expert Comment

by:davorin
ID: 39660043
port 443 is used for HTTPS.
On the windows firewall you add an exception for TCP 443 port using scope any computer, so also from internet it will be unblocked.
Just to get a feeling you can check the begining of this article:
http://www.msexchange.org/articles-tutorials/exchange-server-2003/security-message-hygiene/Protecting-Exchange-2003-Windows-Firewall.html
In this case the author is opening RDP port TCP 3389.

Opening outgoing traffic for port 443 will make no difference in your case. Anyway, probably you already have open that port toward the internet. In different case you would not be able to surf secure web pages.
0
 

Author Comment

by:dankyle67
ID: 39660061
Ok thanks, i am just confused by what the techs who support the app that needs access to 443 is telling me since like you said, if 443 was closed for outgoing traffic then the users on our network would not be able to access https sites and they all can so this is not necessary for me to do anything with this part.  I have used netstat before to see what ports are currently connected on the server but is there any other command line that would identify or confirm that port 443 is open?  I guess if we bring up the software and run the netstat then we should see that 443 connection is active correct?
0
 
LVL 27

Accepted Solution

by:
davorin earned 2000 total points
ID: 39661088
Yes, that is correct.
netstat and external port scanners are normal tools to test open ports.
Maybe you are a little bit confused because source and destination ports are not the same.
When you will have app running you will see connections from random ports between 0 and 65000 (and something) to 443 port on your server. The same happens when you are accessing external secure web page. The connection is established from random port to port 443.
0

Featured Post

Are You Ready for GDPR?

With the GDPR deadline set for May 25, 2018, many organizations are ill-prepared due to uncertainty about the criteria for compliance. According to a recent WatchGuard survey, a staggering 37% of respondents don't even know if their organization needs to comply with GDPR. Do you?

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I've always wanted to allow a user to have a printer no matter where they login. The steps below will show you how to achieve just that. In this Article I'll show how to deploy printers automatically with group policy and then using security fil…
While rebooting windows server 2003 server , it's showing "active directory rebuilding indices please wait" at startup. It took a little while for this process to complete and once we logged on not all the services were started so another reboot is …
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
This is my first video review of Microsoft Bookings, I will be doing a part two with a bit more information, but wanted to get this out to you folks.
Suggested Courses

718 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question