Forum Discussion

Najm's avatar
Najm
Icon for Cirrus rankCirrus
Jan 07, 2024

Enable telnet on SSH

please advice how enable telnet on BIG-IP system in order check some ports open or no. 
  • mihaic's avatar
    mihaic
    Jan 08, 2024

    telnet example:

    If you have multiple routing domains make sure you are in the right one.

    If you only have the default one. Then it is ok.

    Have you tried to ping it? ping <node_ip>

    You can also check the node to see on what ports it is listening on, with : netstat

    You can also check to see what ports are open from any other machine that can reach that node , using: telnet, nc , Nmap, etc

    Also make sure that if you have a firewall in between, it allows this traffic on port 443.

  • Najm's avatar
    Najm
    Jan 08, 2024

    once get the massage (Trying 10.220.3.70..... connected to 10.220.3.70 that means ports open through F5 please see attched. 

  • mihaic's avatar
    Jan 08, 2024

    yes, if it says connected then it means the port is opened.

  • PhatANhappy's avatar
    PhatANhappy
    Jan 08, 2024

    Ping  - uses the ICMP protocol to verify if the remote IP,  the source (f5 in this case) issues an  echo request and the destination (backend server? ) - responds with an   echo reply.    port ports need to be open via firewalls and acls for this function to work.

    Although we cant see your full reply in the window, i would assume you are getting replys - or troubleshooting why you are not ...

    On the telnet command  - its no a  "Sweep" of all ports opened its a very specific test to a specfic port, if you do not include a port-  telnet will assume port 23

    test to see if the default telnet is open:

    telnet 10.223.3.70     OR  telnet 10.223.3.70   23

    Test to see if port 80 is open

    telnet 10.223.3.70   80 

    telnet 10.223.3.70   443     <-tests for port 443

  • PhatANhappy's avatar
    PhatANhappy
    Jan 08, 2024

    on the backend server from the command prompt you can search for active open port with netstat - or a dozen other utilites.   For me i prefer to use netstat  - with the    -an  switches and then filter to "LISTEN" for all the active ports or to the specific ports i am looking for.  i.e  

    netstat -an |grep LISTEN        (for linux)
    netstat -an |find "LISTEN"        (for window, depending on version or if powershell use  findstr )
    netstat -an |grep 443
    netstat -an |findstr "443"