Firewall Blocked Ports

jtjbt20xf
jtjbt20xf Member Posts: 4
First Comment First Anniversary Photogenic
Over the last few weeks, my Fingbox had the following outbound ports blocked by a firewall:  32847, 32917, 33007, 33033, 33289, 33311, 33349, 33437, 35591, 33777, 34385, 34397, 34421, 34585, 34591, 34701, 35061, 35483, 35655, 35659, 35891, 35895, 36081, 36851, 37107, 37309, 37621, 37923, 38319, 38535, 38737, 38991, 39315, 39433, 39511, 39605, 39917, 40133, 40153, 40203, 40209, 40283, 40429, 40575, 40857, 40965, 41145, 41247, 41389, 41683, 41719, 41763, 41849, 42053, 42151, 42271, 42281, 42299, 42513, 42627, 42641, 42828, 42859, 43019, 43101, 43235, 43245, 43313, 43621, 43633, 43899, 44211, 44213, 45073, 45101, 45527, 45617, 45663, 45997, 46145, 46313, 46509, 46591.

My periodic speedtest always fails.

What are these ports used for?  What firewall port(s) need to be open?

Best Answer

  • Chris_MLAB
    Chris_MLAB Member Posts: 5
    Name Dropper Photogenic First Answer First Comment
    #2 Accepted Answer
    Hi Robin & @jtjbt20xf - Thanks for tagging me to help answer this question.

    We're in the middle of a larger update to our site, and the details about NDT's required ports were moved from our FAQ to our support self-service site recently. This article gives complete details.

    In short, Fing has implemented the ndt5 protocol test, which requires the ports mentioned. The newer ndt7 protocol is now available and runs on standard ports 80 and 443. M-Lab would be happy to consult with the Fing team to discuss an upgrade path. Reach out to me directly or through [email protected]

    Thanks, Chris @ M-Lab Support
    jtjbt20xfRobin_from_Fing

Answers

  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,746
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    Hi,

    You need to have ports 80, 443, 4443, 5671 open so the Fingbox can connect to the Fing Software servers. 

    (If you are going to run a speed test, please also have ports 3001, 3002, and 3003 enabled also) 

     

    • 80 (Internet Speed Test) 

    • 443 (Fing Service and Software Updates) 

    • 3001, 3002, 3003 (Internet Speed Test) 

    • 4443 (Fing Service) 

    • 5671 (Fing Diagnostics) 

     

    Fingbox makes use of these protocols and ports. 

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • jtjbt20xf
    jtjbt20xf Member Posts: 4
    First Comment First Anniversary Photogenic
    edited August 3, 2021 #4
    I've had all those ports (Fing and speedtest) open and speedtest didn't work.  My question was also asking about all those other ports that need to be open for speedtest to work.  Each time I run a speedtest, random ports between 32000 and 47000 are used.  What's the story on these ports? I've opened them and speedtest works but I need to know why and also why 3001/2/3 aren't used.
  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,746
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    @jtjbt20xf
    The other ports you mentioned are not required by Fing app or Fingbox at all. I mentioned all the required ports, You may try to close those ports and then check if the speed test finishes or not. Are you running any vulnerability scan on Fing app when those ports were open?
    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • jtjbt20xf
    jtjbt20xf Member Posts: 4
    First Comment First Anniversary Photogenic

    Hi,

    when those ports in the 30000-45000 range are closed, speedtest doesn’t work. I already had the other ports open and looked in my firewall logs to see why speedtest didn’t work and that’s when I found all those ports that needed to be open.

    When I opened the range of ports in the original post speedtest started working. I checked on the mlabs website and couldn’t find anything other than the 300x ports need to be open.

    I’m not running vulnerable scanning.


    thanks,

    brian

  • Robin_from_Fing
    Robin_from_Fing Administrator, Fing Team Posts: 4,746
    250 Answers 2500 Comments 500 Likes 100 Awesomes
    admin
    @jtjbt20xf
    I am not sure why other ports are needed. I am tagging @Chris_MLAB and maybe he can advice for the same.

    Robin (Admin at Fing)
    Getting Started? Please refer to Community guidelines & Community User Guides. HAPPY POSTING!!!
  • Chris_MLAB
    Chris_MLAB Member Posts: 5
    Name Dropper Photogenic First Answer First Comment
    Hi Robin & @jtjbt20xf - Thanks for tagging me to help answer this question.

    We're in the middle of a larger update to our site, and the details about NDT's required ports were moved from our FAQ to our support self-service site recently. This article gives complete details.

    In short, Fing has implemented the ndt5 protocol test, which requires the ports mentioned. The newer ndt7 protocol is now available and runs on standard ports 80 and 443. M-Lab would be happy to consult with the Fing team to discuss an upgrade path. Reach out to me directly or through [email protected]

    Thanks, Chris @ M-Lab Support