Options
Finding out if a port is closed
I need to open a few ports for our new IT security software. Ports 17472, 17486, 636.
But my question is, how do I know if I even need to open these ports on WatchGuard?
I understand If I can't login to a website on a specific port, I can assume that port is blocked, but is there like a list of closed and open ports that I can look at?
0
Sign In to comment.
Comments
By default, all incoming & outgoing ports are closed in Fireware.
Policies open ports.
The default Outgoing policy allows out all TCP & UDP ports except for those in the Blocked Ports list.
Thanks, so I can check 'blocked ports list'? Where would I find that?
You can check it, but it will not tell you about ports which are not open.
The Blocked ports list is a short default list provided by WG, to which one can add or remove entries.
It is in Default Packet Handling.
You can search for things such as this in the online docs.
https://www.watchguard.com/wgrd-help/documentation/xtm
Select Fireware Help, and search for whatever you want.
In WSM Policy Manager and in the Web UI, you can sort on the firewall policy destination port column, to see what policies allow a specific port or port range.
In WSM Policy Manager -> Edit -> Find, you can look for a specific port number, and see all policies which allow that port.
There are various probe tools which can send out packets on specific ports, and if successful, it will show you that the port is open.
For example, one can use Putty to send a specific TCP port packet to an IP addr.
And there is the widely used NMAP as another example
https://nmap.org/
When running a probe tool, you can look in Traffic Monitor to see if the packet is denied. If not then it must be being allowed
Thank you