For example, if the web server on port 80 (HTTP) is no longer available, or is basically unavailable, it is probably due to one of the following:
a) The service has crashed.
b) The service is incorrectly configured.
c) The system or external firewall is not/incorrectly configured.
You can use the following questions as a guide for troubleshooting:
Is the service on the port eavesdropping?
Before you go deeper into error analysis, you should check whether the service is actually running and, if so, on which port it is listening. If necessary, it may be sufficient to restart the service. Or, if that doesn't help to restart the server.
You can use the netstat command to check whether a service is listening on a specific port.
Application examples for netstat:
Example 1: To check if the Remote Desktop service listens on port 3389 on Windows systems, enter the following command:
C:\>netstat -an | find ":3389" TCP 0.0.0.0:3389 0.0.0.0:0 LISTENING TCP $IP:3389 $IP:42900 ESTABLISHED TCP [::]:3389 [::]:0 LISTENING UDP 0.0.0.0:3389 *:* UDP [::]:3389 *:*
In this example $IP (in line 3) stands for the public server IP address.
- Example 2: To check on Linux systems if sshd listens on port 22, enter the following command:
[root@localhost ~]# netstat -tlnp | grep :22 tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1531/sshd tcp 0 0 :::22 :::* LISTEN 1531/sshd
If necessary, it may also be necessary to reinstall the service - or the corresponding software package.
Has a firewall been activated on the server?
If a firewall is active on the server itself - for example the Windows firewall - you should make sure that the respective port is open for incoming connections.
Has the correct firewall policy been assigned in the cloud panel?
The server may not be assigned the desired firewall policy in the external hardware firewall (to be configured via the cloud panel). You can check this by clicking on the server under Infrastructure > Server and check the function overview.
To view the rules defined for a policy, click Network > Firewall Policies on the menu, and then click the appropriate policy.
The nmap tool is suitable for testing the accessibility of a port from outside.
Sample output for a Windows server on which remote desktop connections (port 3389 /TCP) are allowed:
C:\>nmap -p 3389 -T4 -Pn $IP –– Nmap scan report for $IP Host is up (0.00s latency). PORT STATE SERVICE 3389/tcp open ms-wbt-server
Sample output for a Linux server without assigned rule for SSH (port 22/TCP):
[root@localhost ~]# nmap -p 22 -T4 -Pn $IP Nmap scan report for $IP Host is up. PORT STATE SERVICE 22/tcp filtered ssh
Replace $IP with the IP address of the server.