Tools You Can Trust
Resolving ISA Server TCP/IP connectivity issues with free tools.
I am having some issues with our Exchange 2003 Server which runs behind an ISA Server 2004 firewall. I am looking for a simple method to resolve some TCP/IP connectivity issues. Are there any free tools that you can recommend?
— Name withheld
Answer: Depending on your preference — command-line versus GUI — there are lots of tools that you can use to troubleshoot TCP/IP connectivity problems. A lot of people use Telnet to test connectivity with POP3, SMTP, or IMAP service. However, if you are dealing with Exchange and Active Directory and want to test UDP ports, such as RPC or LDAP, then Telnet won’t help.
Microsoft offers PortQryv2.exe, a command-line tool that runs on Windows 2000/XP/2003. I personally prefer the GUI version, called PortQueryUI, as shown in the figure. The GUI tool is very simple to use and it gives me a lot of details about the connections.
|PortQueryUI is the GUI counterpart to the command-line-flavored PortQrvy2.exe, which you can use to resolve connectivity problems. [Click image to view larger version.]
You can query the following predefined services: Domain and Trusts, IPSec, Networking, SQL Service, Web Service, Exchange Server, NetMeeting, and Miscellaneous. The manual query gives you more control over querying specific ports. The results can be saved in a text-based log file.
Tech Help—Just An
Got a Windows, Exchange or virtualization question
or need troubleshooting help? Or maybe you want a better
explanation than provided in the manuals? Describe
your dilemma in an e-mail to the MCPmag.com editors
the best questions get answered in this column; MCPmag.com
baseball caps go to the published submitter.
When you send your questions, please include your
full first and last name, location, certifications (if
any) with your message. (If you prefer to remain anonymous,
specify this in your message but submit the requested
information for verification purposes.)
Both of these tools report the status of the ports by providing you with information on whether the port is listening, not listening, or filtered:
- “Listening” means that the port is open and responding to queries.
- “Not Listening” means that the port didn’t respond to the query and is not reachable.
- “Filtered” means that the port didn’t respond to the query but a process may or may not be listening on the port. By default, TCP ports are reported to be filtered after the port is queried three times while the UDP ports are reported filtered after the port is queried just once.
This is an excellent tool that gives you lots of useful information. You can download the command-line version of Port Query here. The GUI version is available here. Check out Microsoft Knowledge Base article Q310099, "Description of the Portqry.exe command-line utility," for more information. You can look at complete samples of query result logs and images at http://www.techgalaxy.net/mcpmag.
I would like to know what other free tools you use to troubleshoot TCP/IP connectivity problems on your network. I am looking for tools that will query both TCP and UDP ports. You can contact me at here.
Zubair Alexander, MCSE, MCT, MCSA and Microsoft MVP is the founder of SeattlePro Enterprises, an IT training and consulting business. His experience covers a wide range of spectrum: trainer, consultant, systems administrator, security architect, network engineer, author, technical editor, college instructor and public speaker. Zubair holds more than 25 technical certifications and Bachelor of Science degrees in Aeronautics & Astronautics Engineering, Mathematics and Computer Information Systems. His Web site, www.techgalaxy.net, is dedicated to technical resources for IT professionals. Zubair may be reached at firstname.lastname@example.org.