Firewall Testing for Lync Server

I had a recent fun time arguing with the firewall guys that they were not properly opening the ports that I had requested and that I really needed it done right.

Finally, I decided that I just needed to do the scans myself and give them a quick report of what was responding properly and what was not.

  1. Download the portqry.exe and copy it to each server.
  2. Put together a list of the Lync servers in a file named LyncServers.txt that contains the server names.
  3. Put together a list of the ports and protocols for the ports in a file named LyncServerPortNumbers.txt.
  4. Write a quick script to run on each server.

After that, it is just a matter of running the script on each server and collecting the data. Of course, the best feeling was sending the list of results with a From ServerX test for each server to the firewall team so they could see what they missed.

Here is a link to the files: Test-LyncPorts.zip.

About these ads
This entry was posted in Lync. Bookmark the permalink.

2 Responses to Firewall Testing for Lync Server

  1. Your idea is really great and it helps a lot in troubleshooting tasks, but i detect a little mistake in the script:

    When the command .\PortQry.exe scan a port like DNS ( 53, udp ) the output is:

    PS C:\Users\jgonzalez\Desktop\LyncPortsScan> .\PortQry.exe -n 192.168.10.63 -e 53 -p udp
    Querying target system called:
    192.168.10.63
    Attempting to resolve IP address to a name…
    IP address resolved to lyncfe01.banet.local
    querying…
    UDP port 53 (domain service): LISTENING or FILTERED
    Sending DNS query to UDP port 53…

    As you can see, the word LISTENING appears hear as in open ports, so the regex in the script fail and shows DNS port always open.

    A fix to this little mistake is:

    $L = $K -Match “FILTER?”
    If($L -ne $null){
    Write-Host `t $p.port $p.protocol Closed
    }Else{
    Write-Host `t $p.port $p.protocol Open
    }

    Bye!

  2. Pingback: Lync MVP Article Roundup: April 2013 - NextHop - Site Home - TechNet Blogs

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s