question

AhmedDeban-2266 avatar image
0 Votes"
AhmedDeban-2266 asked AlexZhu-MSFT answered

How to open 8420, 8421, 8422, 8423

Dears,

Please, I need support if anyone give me some idea about this ports [8420, 8421, 8422, 8423 ]. As I tried to open through the windows firewall rules but i can't telnet as well I make the firewall OFF but also I can telnet the mention ports, please if anyone have idea how to open it ?

I appreciate you support ..


Thanks

msc-virtual-machine-managerazure-firewallwindows-sysinternals-general
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AlexZhu-MSFT avatar image
0 Votes"
AlexZhu-MSFT answered

Hi,

Thank you very much for the reply. To double confirm that we can reach the application/progrom (listening on a specific port) through the windows firewall, we can do the following:

1) let a program to listen on this port (we take terminal server as an example since it's easy to change the port via registry, and you may test with any program you like)
2) create a rule to allow the connection (the steps mentioned above)
3) from another computer, run some test tool (for example, telnet client, Test-NetConnection PS cmdlet, scanport tool, etc.) to test the connection for double confirmation.

Here's the detailed steps for the example
1) change terminal server port (default value is 3389) to the port we desired, for example, 1000, via registry, reboot the computer to make the changes to take effect
Registry:
HKEY_LOCAL_MACHINE\System\CurrentControlSet\Control\Terminal Server\WinStations\RDP-Tcp\PortNumber
PortNumber: 0x00000d3d (3389) to 0x000003e8 (1000)
147552-terminal-server-port.png

2) we can run netstat -abn command to ensure the program is listening on this port
147572-terminal-server-enabled-2.png

If not found, we may need to enable remote desktop first
147573-terminal-server-enabled.png

3) from another compouter, test the connection with any tool you like

test-netconnection -computer 172.17.12.59 -port 1000 -informationlevel "detailed"
147513-test-net-connection-02.png

Hope the above informaiton helps.

Alex
If the response is helpful, please click "Accept Answer" and upvote it.



5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AlexZhu-MSFT avatar image
0 Votes"
AlexZhu-MSFT answered

Hi,

Here's the step to open ports in windows firewall.
Note: we cannot telnet the opened ports until there is a program/service which is listening on these ports.

1) make sure windows defender firewall service is running
147156-services-001.png

2) open network and sharing center, windows defender firewall, advanced settings.
147078-services-002.png
147079-services-003.png

3) create a new inbound rule
147231-services-004.png

3-1) choose protocol and ports
147221-services-005.png

3-2) allow the connection


3-3) select the profile


Hope the above informaiton helps.

Alex
If the response is helpful, please click "Accept Answer" and upvote it.






services-001.png (232.8 KiB)
services-002.png (50.9 KiB)
services-003.png (65.9 KiB)
services-004.png (196.7 KiB)
services-005.png (69.9 KiB)
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

AhmedDeban-2266 avatar image
0 Votes"
AhmedDeban-2266 answered

@AlexZhu-MSFT

Hi ,

Thanks to you for useful information : " Note: we cannot telnet the opened ports until there is a program/service which is listening on these ports." ,I like this informative information .

for the firewall rule I did as your explanation , But how to test trial a program/service to verify and proven this port is open ?

5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.