How can I prove (with logging) where a port block is occurring?
I've set up an FTP site on IIS (windows 7 home) and set up a rule in the Windows Firewall allowing access. The ftp site is accessible via my local browser to my static IP (ftp.example.com, where DNS is godaddy, so its resolving to my static IP and the ftp directory is being served).
I've also set up a rule in my uVerse router firewall allowing FTP Server access to this machine.
However, my customer cannot reach my FTP site, and when I test using mxtoolbox.com ..
1 open ports:
80 http Success 78 ms
These ports were closed:
21 ftp Timeout 0 ms
Furthermore, I can add other open ports, such as IMAP and POP3, and they show as open once I edit the router firewall. No matter how many times I delete and add FTP Server, port 21 never shows as open on mxtoolbox.com, and of course the customer cannot reach the FTP site. He can successfully reach my locally-hosted webpage.
Best Answer
From the remote site, you can use
tracerouteto work out where in the path the port is blocked. Note that this has to be a *nix traceroute, eg linux, as Windows does not support traceroute over arbitrary ports.Compare
to
These have to be run as root as it requires elevated privileges.
Note that it is the IP after the last successful hop that tells you where the block is - ie, the hop that does not respond. So look for the next hop in the port 80 traceroute after the last successful one in the port 21 traceroute.