Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Question
Tuesday, February 5, 2013 8:37 PM
I need to test if communication is open on port 8444 between two servers.
I installed telnet client on a Server 2008 R2 server and telnet server on a Server 2008 SP2 server. I also manually started the Telnet service that was set to disabled on the SP2 server. I disabled the Windows firewall on both servers. They are both on the same subnet so they don't need to go through any routers and I can ping successfully.
When I try to telnet to the remote server by typing telnet "ip address" 8444, I get an error that says "Could not open connection to host, on port 8444: Connection failed.
I tried other ports like port 80 and got the same error.
What else is needed to get this to work?
All replies (15)
Wednesday, February 6, 2013 4:14 AM ✅Answered | 1 vote
What service or is running on port 8444?
IIS uses port 80. Some apps and web based ervices use 80.
The point is is that if no service or app is listening on those ports, then there's nothing to connect to.
Default telnet port is TCP 23.
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
This post is provided AS-IS with no warranties or guarantees and confers no rights.
Thursday, February 7, 2013 1:03 AM ✅Answered | 1 vote
VMs have nothing to do with it, as long as there's network communication between the servers.
As I said, there must be a service or application listening on that port for it to respond. For example, try this:
C:\ telnet
When the telnet prompt opens, type in:
open mail.messaging.microsoft.com 25
If it works, you should see this:
220 CH1EHSMHS035.bigfish.com Microsoft ESMTP MAIL Service ready at Thu, 7 Feb 2013 00:57:33 +0000
That means that Microsoft's mail servers are LISTENING on port 25 and it responded. And note, telnetting to port 25 is a non-default telnet port, because port 23 is the default telnet port. When you type in a space and then a port number, you're telling the telnet client to use that port.
That is the SAME THING if some sort of application or service is listening on port 8444 on that other server you're trying to telnet to. If there is no app or service listening, it will just time out.
And no, installing the TELNET service on that sercver will NOT answer to any port other than 23. The telnet service by default, uses TCP 23, unless you specify otherwise.
.
So once again, what service or app on that server is supposed to be listening on 8444?
.
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
This post is provided AS-IS with no warranties or guarantees and confers no rights.
Thursday, February 7, 2013 3:38 PM ✅Answered
Did you get connection refuse or blank screen? If connection refused then either the protocol is UDP (in which case Telnet will not connect) or there is nothing listening on that port. Either way, you are going to have to call the s/w vendor. Either the software has the port misconfigured or the service is not running or the protocol is using UPD.
Contact the vendor, tell them you cannot connect to THEIR software from the actual server using loopback, this way they cannot blame the firewall or network.
Miguel Fra | Falcon IT Services, Miami, FL
www.falconitservices.com | www.falconits.com | Blog
Wednesday, February 6, 2013 4:45 AM
It is common for AntiVirus apps to block telnet EXE's from running (IE McAfee)
Also, like Ace mentioned, you have to set your telnet server to use port 8444 otherwise it would use the default of 23.
Try to get one to work (IE the client), then work on the other.
For example:
- Can you telnet from a known client?
- Use that to Telnet to a/your mail server, or maybe another managed device like a switch or UPS:
Telnet MyMail.com 25 or
Telnet MySwitchIP
If that works, try telneting to the same device from your Server 2008 client. At least this way you know if the problem is on the client or server side.
Drew
Wednesday, February 6, 2013 5:50 AM | 1 vote
Hello,
It could be that you have an AV firewall blocking those ports or that there is nothing listening on those ports (As mentioned by Ace). Also, it could be that the services are using UDP which will not respond to telnet.
Do a netstat -a and make sure the services are listening and using TCP
Miguel Fra | Falcon IT Services, Miami, FL
www.falconitservices.com | www.falconits.com | Blog
Wednesday, February 6, 2013 5:58 AM
I forgot to mention I also disabled the McAfee AV and it still didn't work.
There is a McAfee Rogue Detection sensor installed on the server that is supposed to be using that port to communicate and the telnet test was to verify that there is nothing blocking the port since the sensor was not working properly. McAfee tech support said that since I can't connect to the server on that port via Telnet, that indicates something is blocking it and I need to fix that issue is before they can troubleshoot any further.
That port needs to work between that specific server and the McAfee ePO server.
Wednesday, February 6, 2013 6:27 AM
If the rogue detection service is not listening on that port or it's using UDP, that would explain why telnet does not connect. So it's a catch-22. Sounds like McAfee should help you out here.
Also, from the server itself, telnet 127.0.0.1 8444 and see if it responds. This way you can determine if the issue is a LAN or firewall problem.
Miguel Fra | Falcon IT Services, Miami, FL
www.falconitservices.com | www.falconits.com | Blog
Wednesday, February 6, 2013 6:36 AM
I understand the telnet client software in Server 2008 is outgoing and telnet server is receiving, so to test telnet to itself, does that mean you need to install both telnet client and telnet server on the same computer?
Wednesday, February 6, 2013 12:07 PM
If you're testing telnet against an existing service, then that service is the telnet service so to speak, so no, you do not need the Telnet Service installed.
As suggested, try the loop back test on the server itself. If that works, then it's a block between the client and server. Is there a switch VLAN, firewall, proxy, etc between them?
Ace Fekay
MVP, MCT, MCITP/EA, MCTS Windows 2008/R2 & Exchange 2007, Exchange 2010 EA, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Technical Blogs & Videos: http://www.delawarecountycomputerconsulting.com/
This post is provided AS-IS with no warranties or guarantees and confers no rights.
Wednesday, February 6, 2013 4:39 PM
Both servers are VMs. Could this be the issue? They are both on the same hyper-v host.
Thursday, February 7, 2013 3:18 AM
Can you please telnet using the loopback address as I requested prior and post back the result: you are either going to get a blank screen or a connection refused. Post which one.
Miguel Fra | Falcon IT Services, Miami, FL
www.falconitservices.com | www.falconits.com | Blog
Thursday, February 7, 2013 3:32 PM
It cannot connect to that port locally either.
Thursday, May 15, 2014 3:57 AM
Hello Ace,
I am experiencing a similar problem. I cannot telnet on port 5725 where FIM Service is set to run. How can I resolve this so that I can remotely be able to telnet to the FIM Service server on port 5725. The port is open and is listening, but I cannot connect through it.
With thanks.
Thursday, May 15, 2014 5:34 PM
Hello Ace,
I am experiencing a similar problem. I cannot telnet on port 5725 where FIM Service is set to run. How can I resolve this so that I can remotely be able to telnet to the FIM Service server on port 5725. The port is open and is listening, but I cannot connect through it.
With thanks.
TCP or UDP 5725? UDP won't work.
DIsable AV, firewalls, etc, on both hosts, and any firewalls in between.
Ace Fekay
MVP, MCT, MCSE 2012, MCITP EA & MCTS Windows 2008/R2, Exchange 2013, 2010 EA & 2007, MCSE & MCSA 2003/2000, MCSA Messaging 2003
Microsoft Certified Trainer
Microsoft MVP - Directory Services
Complete List of Technical Blogs: http://www.delawarecountycomputerconsulting.com/technicalblogs.php
This posting is provided AS-IS with no warranties or guarantees and confers no rights.
Tuesday, August 1, 2017 5:22 AM
Hello,
You need to add inbound firewall rule to destination server.
Cheers !