I ran into an issue the other day where I could not remote control a users machine, via SCCM, if they were connected to the VPN. Looking into the issue I found out that port 2701, which is required for remote control, was being blocked. Port listings for SCCM can be found here.
The Details
The following script will perform a port check on a destination of your choosing. This script utlizes Microsoft's PortQryUI utility.
For a first time run, the script will download and set up the required components necessary for exectution. The components will be saved in the directory that the script is executed from.
Once the necessary components are in place, you will be prompted to enter the following.
IP or FQDN - Examples Shown Below
Port(s) - Single and Muliple Ports Allowed
Transport Protocol - TCP, UDP or BOTH
When all of the variables are provided you will receive an output of the results shown below. The script can be rerun for additional ports in necessary.
PowerShell Code
# Port Query Part 1 - Checking for PortQryUI.exe $portqrypt1 = Test-Path .\PortQryUI.exe If ($portqrypt1 -ne $true) { Invoke-WebRequest -Uri "https://download.microsoft.com/download/3/f/4/3f4c6a54-65f0-4164-bdec-a3411ba24d3a/PortQryUI.exe" -OutFile ".\PortQryUI.exe" Write-Host "PortQryUI.exe has been downloaded succesfully" -ForegroundColor Yellow } Else { Write-Host "PortQryUI.exe already exist" -ForegroundColor Yellow } # Create Folder to Store Self Extracting ZIP $temptest = Test-Path .\Temp If ($temptest -ne $true) { New-Item -Path . -Name "Temp" -ItemType directory -Force | Out-Null Write-Host "Temp folder has been generated" -ForegroundColor Yellow } Else { Write-Host "Temp folder already exist" -ForegroundColor Yellow } # Port Query Part 2 - Perform Process to Generate Self Extracting ZIP $portqrypt2 = Test-Path .\Temp\PORTQR~1.EXE $currentdir = Get-Location If ($portqrypt2 -ne $true) { Start-Process .\PortQryUI.exe "/C /Q /T:$currentdir\Temp" -Wait Write-Host "PORTQR~1.EXE has been generated" -ForegroundColor Yellow } Else { Write-Host "PORTQR~1.EXE already exist" -ForegroundColor Yellow } # Port Query Part 3 - Unzip Files $portqrypt3 = Test-Path .\PortQry.exe If ($portqrypt3 -ne $true) { & .\Temp\PORTQR~1.EXE '/auto' $currentdir Write-Host "PortQry.exe has been generated" -ForegroundColor Yellow # Wait for Unzip to Complete Start-Sleep -s 5 # Process Stays Open, Force Closing Stop-Process -Name PORTQR~1 } Else { Write-Host "PortQry.exe already exist" -ForegroundColor Yellow } ############################################################################################### $choices = [System.Management.Automation.Host.ChoiceDescription[]] @("&Yes", "&No") while ($true) { # IP/FQDN of the Server $destination = Read-Host "Enter destination IP or FQDN to query" # Specify Port or Ports $ports = Read-Host "Please Enter Port(s) (ex. 80 or 80,443)" # Specify Protocol Do { $protocol = Read-Host "Please Enter a Transport Protocol" If ($protocol -eq 'TCP' -or $protocol -eq 'UDP' -or $protocol -eq 'BOTH') { } Else { Write-Host "Invalid Protocol: Please Enter UDP, TCP or BOTH" -ForegroundColor Red } } Until ($protocol -eq 'TCP' -or $protocol -eq 'UDP' -or $protocol -eq 'BOTH') Write-Host "`n" # File Used to Store Results $results = ".\logfile.txt" # Remove Current File to Avoid Duplication If (Test-Path $results) { Remove-Item $results } # Port Query (.\PortQry.exe '-n' $destination '-e' $ports '-p' $protocol | Out-String) -replace "`n" | Out-File $results -Append # Results of Queries Performed $output = Get-Content $results | Where-Object { $_ -like '*TCP*port*' -or $_ -like '*UDP*port*' } # Color Coding the Results # Provided by Jeff Hicks at https://www.petri.com/color-coding-with-powershell foreach ($line in $output) { $params = @{ Object = $line } switch -Regex ($line) { "NOT LISTENING" { $params.BackgroundColor = "Red" } "LISTENING OR FILTERED" { $params.BackgroundColor = "DarkCyan" } } Write-Host @params } $choice = $Host.UI.PromptForChoice("Check another port?", "", $choices, 0) If ($choice -ne 0) { break } }
0 Comments