Watch Remote Firewall Ports And Rules
Commandline Tricks To Do The Job Faster

My case the time was not in sync with other machines. So I ran w32tm to set the NTP server and sync with the domain controller.

I got an error like: NTP: error ERROR_TIMEOUT - no response from server in 1000ms

So I thought this machine was in a special Vlan. This was not the case so I ran:

psexec \\machine netsh firewall show state

This way I could see that the port 123 was not open and the firewall was enabled:

Firewall status:


Profile = Standard
Operational mode = Enable
Exception mode = Enable
Multicast/broadcast response mode = Enable
Notification mode = Enable
Group policy version = None
Remote admin mode = Disable

Ports currently open on all network interfaces:
Port Protocol Version Program


137 UDP IPv4 (null)
139 TCP IPv4 (null)
138 UDP IPv4 (null)
3389 TCP IPv4 (null)
445 TCP IPv4 (null)
60005 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60004 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60007 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60006 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60009 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60008 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60011 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60010 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60013 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60012 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60015 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60014 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60017 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60016 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60019 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60018 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60020 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
60032 TCP IPv4 C:\UNICORN\Bin\P950_drv.exe
9876 UDP IPv4 C:\Program Files\Common Files\Acronis\Agent\agent.exe
9876 TCP IPv4 C:\Program Files\Common Files\Acronis\Agent\agent.exe
2869 TCP IPv4 (null)
7003 TCP IPv4 C:\Program Files\Network Associates\Common Framework\F
rameworkService.exe
7003 UDP IPv4 C:\Program Files\Network Associates\Common Framework\F
rameworkService.exe
7004 UDP IPv4 C:\Program Files\Network Associates\Common Framework\F
rameworkService.exe
1900 UDP IPv4 C:\WINDOWS\system32\svchost.exe
6129 TCP IPv4 (null)

To remotely open firewall ports with netsh and psexec try the following:

D:\tools\SysinternalsSuite\PsExec.exe \\computername.domain.com netsh advfirewall firewall add rule name="Open TCP Server Port 50426" dir=in action=Allow Protocol=TCP localport=50426

Commandline Tricks To Do The Job Faster
Unless otherwise stated, the content of this page is licensed under Creative Commons Attribution-ShareAlike 3.0 License