Solved

need port 443 open for a server

Posted on 2013-11-18
5
705 Views
Last Modified: 2013-11-19
Hi,
one of the apps we use needs port 443 open to work so was wondering if i have to do this on the firewall or is it possible to open a port on the actual server?  This is on a 2003 server.  Thanks.
0
Comment
Question by:dankyle67
  • 3
  • 2
5 Comments
 
LVL 27

Expert Comment

by:davorin
ID: 39657998
It depends. If you want access to if from internet, then you need to open port 443 from firewall appliance between internet and your LAN AND it should be open also on firewall on your server. Plus you need to forward that port to server's IP address.
If you want to use that app only from your LAN, then you need to open it only on your server.
0
 

Author Comment

by:dankyle67
ID: 39658012
Ok i found where to do that on our netscreen 5gt and i tested it using canyouseemee and it said connection refused which is ok since nothing is running on that port right now but at least it can get thru the firewall.  Lets say the app we use needs access to a website and it needs port 443 open to access that site for some reason then how would i open that port on the server itself?  Or can i also put a policy to allow 443 traffic from that server out to the internet using the netscreen policy from trust to untrust?
0
 
LVL 27

Expert Comment

by:davorin
ID: 39660043
port 443 is used for HTTPS.
On the windows firewall you add an exception for TCP 443 port using scope any computer, so also from internet it will be unblocked.
Just to get a feeling you can check the begining of this article:
http://www.msexchange.org/articles-tutorials/exchange-server-2003/security-message-hygiene/Protecting-Exchange-2003-Windows-Firewall.html
In this case the author is opening RDP port TCP 3389.

Opening outgoing traffic for port 443 will make no difference in your case. Anyway, probably you already have open that port toward the internet. In different case you would not be able to surf secure web pages.
0
 

Author Comment

by:dankyle67
ID: 39660061
Ok thanks, i am just confused by what the techs who support the app that needs access to 443 is telling me since like you said, if 443 was closed for outgoing traffic then the users on our network would not be able to access https sites and they all can so this is not necessary for me to do anything with this part.  I have used netstat before to see what ports are currently connected on the server but is there any other command line that would identify or confirm that port 443 is open?  I guess if we bring up the software and run the netstat then we should see that 443 connection is active correct?
0
 
LVL 27

Accepted Solution

by:
davorin earned 500 total points
ID: 39661088
Yes, that is correct.
netstat and external port scanners are normal tools to test open ports.
Maybe you are a little bit confused because source and destination ports are not the same.
When you will have app running you will see connections from random ports between 0 and 65000 (and something) to 443 port on your server. The same happens when you are accessing external secure web page. The connection is established from random port to port 443.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Network traffic routing plays key role in your network, if you have single site with heavy browsing or multiple sites, replicating important application data from your Primary Default Gateway ,you have to route your other network traffic from your p…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now