I'm fairly new to networking and am trying to figure our network out, as I was recently assigned to be network administrator where I work. I was trying to get utorrent to work but am not having success in figuring out what's blocking my ports. As of now, I'm getting connected from a mikrotik wireless AP, a mikrotik wireless bridge connection over several miles apart (2 devices), a st. bernard iprism filtering hardware, a watchguard firebox, and a windows 2003 server.
Is there any way to determine which local ip is blocking a certain port so I could narrow it down? I've tried everything I could to forward ports on everything, but still no luck.
With no meaning to be offensive or rude, but :"I was recently assigned to be network administrator where I work" - the network admins I know have at least two certifications and many years of studying, practicing, etc. Being a netadmin is a bit different from being sysadmin or a programmer, so my point is that this reassignment doesn't speak good for your employer. But since you're in the jam already, let's try to help you.
You say that you can't get utorrent to work, usually torrent clients require some ports opened for P2P communication. There are lot of devices mentioned in your post - do you have access to all of them, for example to check any ACLs, firewalls ? Start with a simple telnet session probe to the destination IP, as in :
telnet 10.101.3.5 2054
check the response and let us know, certainly, replace the respective IP address and port number. For port scanning, you can consider using nmap.
Haha, no offense taken, you're absolutely right... it doesn't speak well of them. I say I was assigned to do it, because I'm not getting paid anything extra for it. I'm a teacher at a small private school that needed a networking guy so they asked me and I said I'd do what I can.
So I tried telnet and get "could not open connection to the host on port..." I know that these ports are being blocked by something we have here, but I've tried port forwarding on all of the firewalls and routers that I could, and I still get blocked. I've set up utorrent to use port 40000. Is there any program (nmap included) that will determine exactly which local ip address is blocking a certain port? This way, I could narrow it down to what piece of hardware is doing the blocking and work from there.
Sorry for the late response, I was out of the civilized world. Back on the question - unfortunately I'm not able to help with a definitive answer - most likely, it's the device which is responsible for blocking ports - the firewall or the router itself. My suggestion is to log into each suspicious machine and look for patterns like iptables, ACLs, etc.
I'm out of ideas how to check the IP that blocks certain packets to go at the destination.
It could be your provider that is blocking this at the request of the school. A lot of schools have the provider block things that are not school related. This way the students cannot craft a work around. If this is legit then you should be able to ask whom ever is in charge why or what would be blocking it.
No, I checked with the provider and they said they're not blocking anything. Thanks for the suggestion though. I guess I'll keep checking with all of the devices, but I think I've checked everything I could.
Is it possible to have the server block ports with active directory?
I hope it's not too late, certainly, the idea of traceroute is good, you also might want to consider "tcptraceroute" to help youy debug further - see the wiki example.
At the command line on the Windows server, try "tracert -d <host>". If the traceroute completes, then either you need linux or a fancier traceroute tool that works on Windows and which can send traces via a specific UDP port.
That doesn't bode well, does it? I mean windows 2003 has a firewall enabled, and then you have two firewalls in between your Wireless AP and the net, right? See if you can get the configuration of the iprisim and the firebox and post them here. Before posting, X-out any IP addresses to make sure your students don't get any ideas on playing Wargames.
Definitely your Active Directory computer configurations should be checked. If the group policy prevents or any other systems such as ISA server is placed or any software firewall have been placed , you won't be able to connect to the internet. Start from the gateway and the DNS servers...And especially the internet server or the internet perimeter. May b a router...May be the gateway...Start from the internet gateway. And for campuses there has to be policy for internet usage...Try to scan a web site using nmap and check whether their is a block . It will do tracert too.Scan services also. Use latest version. Start from the smallest thing. The servers always have unique and dedicated IP s. So it will b easy when you have found the ip address assignment. I think otheus sounds right.
I think otheus sounds right.