When diagnosing network connectivity issues, one of the most fundamental steps is to determine if a specific TCP port is open and listening on a remote host. A closed, blocked, or unresponsive port is often the root cause of application failures, and knowing how to test it is a critical skill for any IT professional.

This guide provides a comprehensive overview of the most common and reliable methods to test port connectivity on Windows, from modern PowerShell cmdlets to classic command-line tools.

1. PowerShell Methods

PowerShell offers the most powerful and flexible built-in tools for testing network ports on modern Windows systems.

Method 1: Test-NetConnection (The Best Way)

The Test-NetConnection cmdlet is the recommended method for testing port connectivity. It is built-in on Windows 8.1/Server 2012 R2 and newer and provides clear, detailed output.

# Replace server2 with your target hostname or IP
Test-NetConnection -ComputerName server2 -Port 1420

Example Output (Port OPEN): 

ComputerName     : server2
RemoteAddress    : 192.168.10.50
RemotePort       : 1420
InterfaceAlias   : Ethernet
SourceAddress    : 192.168.10.51
TcpTestSucceeded : True
The TcpTestSucceeded: True result is a definitive confirmation that the port is open and reachable.

Example Output (Port CLOSED or BLOCKED): If the port is closed or blocked by a firewall, the output will show TcpTestSucceeded: False.

Method 2: Pure PowerShell Script (Using .NET)

For older systems without Test-NetConnection or for more granular control, you can use the .NET TcpClient class directly in PowerShell.

$socket = New-Object System.Net.Sockets.TcpClient
try {
    # Set a timeout (e.g., 1 second) to avoid long waits
    $result = $socket.BeginConnect("server2", 1420, $null, $null)
    $success = $result.AsyncWaitHandle.WaitOne(1000, $true)
    if ($success) {
        Write-Host "Port 1420 is OPEN" -ForegroundColor Green
        $socket.EndConnect($result)
    } else {
        throw "Timeout"
    }
} catch {
    Write-Host "Port 1420 is CLOSED or blocked: $($_.Exception.Message)" -ForegroundColor Red
} finally {
    $socket.Close()
}

2. Classic Command-Line Tools

These tools have been around for a long time and are still useful, especially in environments where PowerShell is not available.

Method 1: telnet

Telnet is a simple way to check if a port is open. If the connection is successful, you will see a blank screen with a cursor, indicating that the port is open.

telnet server2 1420
  • Black screen with cursor: Port is OPEN.
  • “Could not open connection”: Port is CLOSED or BLOCKED.

If telnet is not installed, you can enable it with: 

Enable-WindowsOptionalFeature -Online -FeatureName TelnetClient

Method 2: PortQry.exe (Microsoft Tool)

PortQry is a more advanced command-line tool from Microsoft that provides more detailed information than telnet.

  1. Download PortQryV2 from the Microsoft Download Center.
  2. Run the command: 
    portqry -n server2 -e 1420

Example Output (Port OPEN): 

TCP port 1420 (unknown service): LISTENING

3. Advanced Troubleshooting: When the Port Test Fails

If Test-NetConnection returns TcpTestSucceeded: False, it means the TCP handshake failed. This could be for several reasons. Here’s how to diagnose the problem.

Step 1: Check if the Service is Listening on the Remote Host

First, confirm that the application is actually running and listening on the expected port on the remote server (server2).

Run this command on server2: 

netstat -an | findstr "1420"
# or, for more structured output:
Get-NetTCPConnection -LocalPort 1420 -State Listen

Good Output (Listening on all interfaces): 

TCP    0.0.0.0:1420           0.0.0.0:0              LISTENING
If you see this, the service is running correctly.

Problem: No Output If the command returns no output, the application isn’t running or isn’t listening on port 1420. Fix: Start the service.

Problem: Bound to localhost only If you see this, the service is only accepting connections from the server itself, not from the network. 

TCP    127.0.0.1:1420         0.0.0.0:0              LISTENING
Fix: Configure your application to listen on 0.0.0.0 (all interfaces).

Step 2: Check for Firewalls

If the service is listening correctly, the issue is likely a firewall.

  • Windows Firewall on the server: Check for inbound rules blocking port 1420.
  • Network Firewall: A hardware firewall, router ACL, or cloud security group (like an AWS Security Group or Azure NSG) between the client and server could be blocking the port.

You can check for other open ports (like RDP on 3389 or SSH on 22) to see if the issue is specific to port 1420. 

Test-NetConnection server2 -Port 3389

Step 3: Verify DNS and IP Address

Ensure that the hostname resolves to the correct IP address. 

Resolve-DnsName server2
If in doubt, try testing the port using the IP address directly.

4. Which Method Should You Choose?

Method Best For Pros Cons
Test-NetConnection Most modern Windows environments Built-in, detailed output, reliable Not available on older Windows versions
Pure PowerShell (TcpClient) Scripting and automation, older systems Highly customizable, no external tools More complex syntax
telnet Quick and simple checks Universally understood, simple Not installed by default, minimal output
PortQry.exe Detailed diagnostics Provides more info than telnet Requires a separate download

🏁 Conclusion

Testing for open ports is a fundamental skill for network troubleshooting.

  • For modern Windows systems, Test-NetConnection is the best and most reliable tool.
  • If a port test fails, systematically check if the service is listening, if it’s bound to the correct network interface, and if a firewall is blocking the connection.

By following these steps, you can quickly and accurately diagnose and resolve most port connectivity issues.