Test-NetConnection – a ready-to-use cmdlet to check network connection has appeared in PowerShell 4.0 (Windows 2012 R2, Windows 8.1 and newer). You can use this cmdlet to check the response and availability of a remote server or network service on it, TCP ports blocked by firewalls, check ICMP availability and routing. In fact, the Test-NetConnection cmdlet can replace several standard network admin tools at once: ping, traceroute, TCP port scanner, etc.
telnet command. For example, to make sure the SMTP service responds on the email server (by default, it responds on TCP Port 25) it is enough to run telnet ny-msg01.woshub.com 25 command. But starting from Windows 7, the telnet client has become a feature to be installed separately. Let’s see how to check for open/closed TCP ports using PowerShell. The main benefit of the Test-NetConnection cmdlet is that it is already a part of all modern versions of Windows and you don’t need to install it separately. The cmdlet is a part of the NetTCPIP module (starting with PoSh v4.0).
$PSVersionTable.PSVersion
Value 4 in the Major column means that PowerShell 4.0 is installed on your computer.
Testing for Open/Closed Server TCP Ports with Test-NetConnection
Let’s check if TCP Port 25 (SMTP protocol) is open (available) on the remote email server using Test-NetConnection:
Test-NetConnection -ComputerName ny-msg01 -Port 25
The shortened version of the same command looks like this: TNC ny-msg01 -Port 25
Let’s consider the result of the command:
ComputerName : ny-msg01 RemoteAddress : 10.20.1.7 RemotePort : 25 InterfaceAlias : CORP SourceAddress : 10.20.1.79 PingSucceeded : True PingReplyDetails (RTT) : 0 ms TcpTestSucceeded : True
As you can see, the cmdlet resolves the server name to IP address, checks the ICMP response (similar to ping) and the availability of the TCP port. The specified server responds via ICMP (PingSucceeded = True) and the TCP Port 25 is open (RemotePort=25, TcpTestSucceeded= True).
The cmdlet has a special parameter –CommonTCPPort, which allows you to specify the name of a known network protocol (HTTP, RDP, SMB, WINRM).
For example, to check the availability of an HTTP web server, you can use the command:
Test-NetConnection -ComputerName woshub.com -CommonTCPPort HTTP
Or RDP port (3389) availability:
Test-NetConnection ny-rds1 –CommonTCPPort RDP
You can list all the parameters that the Test-NetConnection cmdlet returns:
Test-NetConnection ny-man01 -port 445|Format-List *
If you only need to see if the port is available, it can be checked more quickly:
TNC ny-msg1 -Port 25 -InformationLevel Quiet
The cmdlet returned True, which means the remote port is accessible.
(New-Object System.Net.Sockets.TcpClient).Connect(‘ny-msg01’, 25)
In Windows 10 / Windows Server 2016, you can use the Test-NetConnection cmdlet to trace the route to a remote server using the –TraceRoute parameter (analogous to tracert command in Windows). Using the –Hops parameter, you can limit the maximum number of hopes during route check.
Test-NetConnection ny-man01 –TraceRoute
The cmdlet returned the network summary delay when accessing the server in milliseconds (PingReplyDetails (RTT): 41 ms) and all the IP addresses of the routers on the way to the target server.
Test-NetConnection in PowerShell Monitoring Scripts
The following command allows you to check the availability of a specific port on a number of servers, the list of which is stored in a plain text file list_servers.txt. We need the servers where the specified service doesn’t respond:
Get-Content c:\PS\list_servers.txt | where { -NOT (Test-Netconnection $_ -Port 25 -InformationLevel Quiet)}| Format-Table -AutoSize
Similarly, you can create a simple monitoring script that checks the availability of servers and displays a notification if one of the servers is unavailable.
For example, you can check the availability of basic services on all domain controllers (a DC list can be obtained with the Get-ADDomainController cmdlet). Let’s check the following services on DC (the PortQry tool has a similar “Domain and trusts” rule):
- RPC – TCP/135
- LDAP – TCP/389
- LDAP – TCP/3268
- DNS – TCP/53
- Kerberos – TCP/88
- SMB – TCP/445
$Ports = "135","389","636","3268","53","88","445","3269", "80", "443"
$AllDCs = Get-ADDomainController -Filter * | Select-Object Hostname,Ipv4address,isGlobalCatalog,Site,Forest,OperatingSystem
ForEach($DC in $AllDCs)
{
Foreach ($P in $Ports){
$check=Test-NetConnection $DC -Port $P -WarningAction SilentlyContinue
If ($check.tcpTestSucceeded -eq $true)
{Write-Host $DC.name $P -ForegroundColor Green -Separator " => "}
else
{Write-Host $DC.name $P -Separator " => " -ForegroundColor Red}
}
The script will check the specified TCP ports on the domain controllers, and if one of the ports is unavailable, it will highlight it in red (you can run this PowerShell script as a Windows service).
Simple IP Network / Port Scanner with PowerShell
You can also implement a simple port and IP subnet network scanner to scan remote servers or subnets for open/closed TCP ports.
Scan the range of IP addresses on open port 3389:
foreach ($ip in 100..150) {Test-NetConnection -Port 3389 -InformationLevel "Detailed" 192.168.1.$ip}
Scan the range of TCP ports from 1 to 1024 on the specified remote server:
foreach ($port in 1..1024) {If (($a=Test-NetConnection srvfs01 -Port $port -WarningAction SilentlyContinue).tcpTestSucceeded -eq $true){ "TCP port $port is open!"}}
2 comments
blurred hostname in imagery, kept in it write-up… :
Of course, hostnames are replaced with arbitrary values in the text.