Join the Conversation

To sign in, use your existing MySonicWall account. To create a free MySonicWall account click "Register".

udp port

mrshahinmrshahin Newbie ✭
edited September 28 in Mid Range Firewalls

Hi,

I have a question regarding outgoing udp port.

From what I can see traffic on all outgoing ports on our NSA 3650 are allowed. We have an event for a customer and they want to know for sure the some TCP ports and an single udp port is allowed from our LAN. I can use the portlistener on a server outside of our network to check the outgoing traffic on those TCP ports and I can telnet them all from our LAN but when try to use portquery to check the upd port 2088 portquery returen 0x0002 error port blocked. It is possible that our ISP block this upd port.

My question is, how can we show to the customer that our Sonicwall does not block this udp port?

Thanks

Category: Mid Range Firewalls
Reply

Best Answer

Answers

  • mrshahinmrshahin Newbie ✭

    Hi,

    Thanks for your reply,

    I did run the packet capture on the NSA and try to telnet the one of the tcp ports to see if I can see it in the logs, but I can not see any telnet from the IP of my PC to that IP address. in the logs I can see that I have RDP connection to the same externel IP but not the telnet command or Portquery for udp 2088.


    Any suggestion?

  • Hello @mrshahin,

    Logs usually show up when something is being blocked. Please look at the packet capture status itself, that should show how the firewall is processing that packet. Can you share a screenshot of the packet capture?
    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • mrshahinmrshahin Newbie ✭

    Thanks for your reply,

    This is the location,I run the start capture and then telnet the external port or run the portquery, the telnet sessions aresuccessful and portquery for udp is not. after that I export export the logs to the text file and I run a seurch for IP of my PC, but I cannot see the port that I telnet or run portquery for. Or Iam looking at the wrong location?


  • @mrshahin,

    Use the following filter on the packet monitor by clicking on configure on that page.

    You can mention the other TCP ports as well on the destination port field. Also, please make sure there are no display filters applied.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • mrshahinmrshahin Newbie ✭

    I did set the filter as you mentioned and then run portquery for both tcp and utp for port 2088 but nothing is showing?


  • mrshahinmrshahin Newbie ✭

    Ok, I think it is working now, I can see this, is this means that our FW allow the outgoing UDP port 2088, right?


  • @mrshahin,

    Absolutely correct. The firewall is forwarding the packets out.

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

  • mrshahinmrshahin Newbie ✭

    Just one more question, the portquery shows status code:  return code 0x00000002.

    I use the portlistner for  simulation of the udp 2088 on a machine on internet and on that machine when run telnet localhost 2088 get answer Hello!

    Why then portquery failed? Is this means that an device somewhere down the line or our ISP block the port 2088?

  • Hello @mrshahin,

    I apologize for the delayed response.

    I checked a little bit about the port query tool and looks like it is the correct response for UDP traffic.

    • 0 (0x00000000) – the connection has been established successfully and the port is available;
    • (0x00000001) – the specified port is unavailable or filtered;
    • 2 (0x00000002 – a normal return code when checking the availability of a UDP connection, since ACK response is not returned.

    So, it actually means that the port is open as we are sending UDP traffic as we usually do not expect an acknowledgement as we do for TCP.

    I hope that helps!

    Thanks!

    Shipra Sahu

    Technical Support Advisor, Premier Services

Sign In or Register to comment.