Introduction
Connectivity problems between the Vyopta data collection agent and infrastructure or endpoints are one of the most common issues that face the local Vyopta administrator. Such issue are often diagnosed using the web browser, telnet or PuTTY.
Whist these tools are well understood they also have significant limitations:
- The web browser may default to using a proxy, and connect when a direct connection will fail
- telnet and PuTTY are only able to verify TCP connections
- telnet does not 'understand' SSH
PortQrtUI
In earlier versions of Windows Server a network debugging program entitled PortQry was included - this program is no longer shipped with Windows Server editions, but is still available for download. A second version, including a GUI, is available as PortQryUI. It is PortQryUI that will be discussed here, although the command line version is included and may be used if preferred.
Download
PortQryUI may be downloaded from https://www.microsoft.com/en-gb/download/details.aspx?id=24009
Installation
PortQryUI is distributed as a self-extracting zip archive(PortQryUI.exe), and requires no installation other than unzipping. Executing PortQryUI.exe will open a window that requires the licensing terms to be accepted before continuing
Once accepted, the destination for the files to be unzipped may be specified (the default is C:\PortQryUI)
Setting the path and clicking 'Unzip' completes the extraction of the files.
Using PortQryUI
To use PortQryUI, navigate to the destination specified for the extraction of the files, and execute the program portqueryui.exe. Note that the command line version, PortQry.exe, is also present in the same directory
Once running, the tool is easy to understand:-
In most cases, the pre-defined service options are unlikely to provide the data required, so select 'Manually input query ports' and enter the port information that you need, enter the IP address or hostname of the system to be checked, select TCP or UDP from the drop-down and click Query
For instance, to check connectivity to a CUCMs API, assuming the CUCM is present at 192.168.2.20, specify the IP address and give a port of 8443. Pressing query will give output similar to the following
The output may be interpreted as follows:-
The IP address was successfully resolved by reverse DNS
The port 8443 could not be reached (FILTERED).
Microsoft provide the following guidance on the status provided by PortQry:
-
Listening
A process is listening on the port on the computer that you selected. Portqry.exe received a response from the port.
-
Not Listening
No process is listening on the target port on the target system. Portqry.exe received an Internet Control Message Protocol (ICMP) Destination Unreachable - Port Unreachable message back from the target UDP port. Or if the target port is a TCP port, Portqry received a TCP acknowledgment packet with the Reset flag set.
-
Filtered
The port on the computer that you selected is being filtered. Portqry.exe did not receive a response from the port. A process may or may not be listening on the port. By default, TCP ports are queried three times, and UDP ports are queried one time before a report indicates that the port is filtered.
A similar query may be conducted for SNMP connectivity by specifying 161 as the port and selecting UDP as the protocol. A successful connection would provide output similar to
=============================================
Starting portqry.exe -n 192.168.2.20 -e 161 -p UDP ...
Querying target system called:
192.168.2.20
Attempting to resolve IP address to a name...
IP address resolved to ip-192-168-2-20.ec2.internal
querying...
UDP port 161 (snmp service): LISTENING or FILTERED
community name for query:
public
Sending SNMP query to UDP port 161...
UDP port 161 is LISTENING
portqry.exe -n 192.168.2.20 -e 161 -p UDP exits with return code 0x00000000.
Advanced Use
Defining services to use with the Query predefined service option.
If there are queries that are often used these may be specified in the config.xml file that is present in the same folder as the executables. For more information, see the config.xml and PortQueryUI.doc files.
Fine-grained Control Using the Command Line Tool
If it is necessary to change the default behaviour, for instance to set a custom SNMP community string, the PortQry executable may be run in a command window. When running in this manner, there is a convenient interactive mode that gives the fullest control over the tool - this may be used by running PortQry -i
PS C:\PortQryUI> ./portqry -i
PortQry Interactive Mode
Type 'help' for a list of commands
Default Node: 127.0.0.1
Current option values:
end port= 80
protocol= TCP
source port= 0 (ephemeral)
Entering a ? will provide helpful informationPS C:\PortQryUI> ./portqry -i
PortQry Interactive Mode
Type 'help' for a list of commands
Default Node: 127.0.0.1
Current option values:
end port= 80
protocol= TCP
source port= 0 (ephemeral)
> ?
Valid Commands:
===============
help or ? - display info on common commands
phelp or ?p - display list of frequently used ports
node NAME - set default node to query, NAME or IP address
query or q - send query to default node
set OPTION=value
Options:
all - display current option values
port=n - set port number to query
- set port= or set e=
sport=n - set source port number, 0=ephemeral
- set sport= or set sp=
protocol=p - set protocol used for query, TCP, UDP, or BOTH
- set protocol= or set p=
cn=string - set SNMP community name
- default is set to public
nr - toggles reverse name lookups
- enables/disables resolving node IP address to name
sl - toggles slow link delay for UDP queries
- doubles timeout period waiting for UDP responses
query shortcut - sends queries associated with shortcut
Shortcuts:
DNS - queries TCP & UDP port 53
FTP - queries TCP port 21
IMAP - queries TCP port 143
IPSEC - queries UDP port 500
ISA - queries TCP & UDP port 1745
LDAP - queries TCP & UDP port 389
L2TP - queries UDP port 1701
MAIL - queries TCP ports 25,110,143
POP3 - queries TCP port 110
RPC - queries TCP & UDP port 135
SMTP - queries TCP port 25
SNMP - queries UDP port 161
SQL - queries TCP port 1433 & UDP port 1434
TFTP - queries UDP port 69
example: q mail
Therefore, to query SNMP on a system using a different community string, do the following:
PS C:\PortQryUI> ./portqry -i
PortQry Interactive Mode
Type 'help' for a list of commands
Default Node: 127.0.0.1
Current option values:
end port= 80
protocol= TCP
source port= 0 (ephemeral)
> node 192.168.2.20
Default Node: 192.168.2.20
>
> set cn=myCommunityString
SNMP community name set to:
myCommunityString
Reminder: community names are case sensitive
> q snmp
resolving service name using local services file...
UDP port resolved to the 'snmp' service
IP address resolved to ip-192-168-2-20.ec2.internal
querying...
UDP port 161 (snmp service): LISTENING or FILTERED
In order to get a response from the SNMP service, the
community name in the query must match a community
name that the SNMP service is configured to accept
By default PortQry uses the community name: public
Use the 'set cn' command to specify a different name if needed
community name for query:
myCommunityString
Sending SNMP query to UDP port 161...
UDP port 161 (snmp service): FILTERED
Removing PortQryUI
To remove, simply delete the folder containing the tool. PortQry and PortQryUI were simply extracted and not installed.
Comments
Please sign in to leave a comment.