When you're managing Windows servers, being able to quickly check network connections is essential. This helps in troubleshooting issues like applications not connecting, or services not communicating. We'll look at some straightforward commands to help you diagnose these problems.
TESTING SPECIFIC CONNECTIONS (PowerShell)
The Test-NetConnection
command is a powerful tool in PowerShell for checking connectivity to a specific IP address and port.
How to use it:
test-netconnection IPAddress -port XXXXX
Replace
IPAddress
with the actual IP address of the server you're trying to reach.Replace
XXXXX
with the specific port number that the service (like a license server) is listening on.
This command will tell you if a connection can be established, making it great for verifying if a service is reachable on a particular port.
USING TELNET FOR BASIC CONNECTIVITY
Telnet is a simple command-line tool that can test connectivity to a port. It's often used to see if a port is open and listening.
ENABLING TELNET CLIENT
By default, the Telnet Client might not be installed on Windows Server. You need to enable it first.
dism /online /Enable-Feature /FeatureName:TelnetClient
This command uses DISM (Deployment Image Servicing and Management) to add the Telnet Client feature.
TESTING WITH TELNET
Once enabled, you can use Telnet to test a connection.
telnet -a IPAddress XXXXX
Again, replace IPAddress with the target server's IP and XXXXX with the port. If you see a blank screen or a connection successful message, it usually means the port is open. If it fails quickly, the port might be blocked or the service isn't running.
VIEWING ACTIVE NETWORK CONNECTIONS (NETSTAT)
netstat
is a command-line utility that displays active network connections, routing tables, and a number of network interface statistics. It's great for seeing what your server is connected to, and what ports it's listening on.
SHOW ALL CONNECTIONS AND LISTENING PORTS
netstat -a
This command will list all active TCP connections and the TCP and UDP ports on which the computer is listening.
SHOW NUMERICAL ADDRESSES AND PORT NUMBERS
netstat -n
This variation shows addresses and port numbers in their numerical form, which can be quicker and avoid DNS lookups.
MANAGING WINDOWS FIREWALL (NETSH ADVFIREWALL)
The Windows Firewall can often be the reason why connections aren't working. The netsh advfirewall
command allows you to view and manage firewall settings.
SHOW ALL FIREWALL PROFILES
netsh advfirewall show allprofiles
This command displays the settings for all firewall profiles (Domain, Private, and Public).
CHECK SPECIFIC FIREWALL PROFILES
You can check the status of individual profiles:
netsh advfirewall show domainprofile
netsh advfirewall show privateprofile
netsh advfirewall show publicprofile
These commands show the specific settings for the domain, private, or public network profiles respectively.
CHANGE FIREWALL PROFILE STATE
You can enable or disable firewall profiles if needed, though this should be done with caution.
netsh advfirewall set allprofiles state [on/off]
Replace [on/off] with on to enable or off to disable all profiles.