nmap is a useful tool to verify a server is up and the applications are listening for connections. Here are some common troubleshooting scenarios.
From an outside workstation, scan your server's IP address
nmap. These are useful command switches:
-Pn : Treat all hosts as online and skip host discovery.
-p : List of ports to scan.
--reason : Display the reason a port is in a particular state.
Example: To scan ports 22, 53, 80, and 443 on IP address 192.0.2.2:
$ nmap -Pn -p 22,53,80,443 --reason 192.0.2.2 PORT STATE SERVICE REASON 22/tcp open ssh syn-ack 53/tcp filtered domain no-response 80/tcp filtered http no-response 443/tcp filtered https no-response Nmap done: 1 IP address (1 host up) scanned in 12.64 seconds
This example shows ssh is available on port 22, while dns (53), http (80), and https (443) are not responding. If
nmap reports the application port is open, it is not a firewall problem. If you have errors connecting, this could indicate a problem at a higher level in the application.