trace·warrior
  • Tools
  • Monitoring
  • Pricing
  • Resources
  • About
Sign inGet started
trace·warrior

Network diagnostics for IT professionals. Built for speed, accuracy, and the long tail of the Friday afternoon outage.

ALL SYSTEMS NOMINAL
Tools
  • DNS Lookup
  • Ping Test
  • Port Checker
  • WHOIS
  • See all
Product
  • Monitors
  • Pricing
  • How-to guides
  • Compare
Resources
  • Blog
  • API docs
  • Tool index
  • Contact
Company
  • About
  • Privacy
  • Terms
  • Cookie policy
© 2026 Trace Warrior · made for engineers, by engineersnetwork forensics, quietly
/
/
tools/network/port-checker
Network

Port Checker

Free port checker tool. Tests whether TCP or UDP ports are open on any host from our London probe server, with a real external source IP, distinguishing open, closed (connection refused), and filtered (timeout) states. Scan single ports, comma lists, or ranges, grab service banners, and use the common-port presets. Useful for port forwarding verification, firewall rule debugging, and confirming a service is reachable from the outside.

Open, closed, and filtered

A port check tells you whether a service is reachable from outside your network. This tool probes TCP and UDP ports from a London probe server with a real external source IP, so it sees your host the way the public internet does. A TCP port that completes the handshake is open. A port that answers with a connection refused is closed: nothing is listening, but the host is reachable. A port that never answers is filtered, meaning a firewall is dropping the packets silently.

What to test and why it matters

You can check a single port, a comma-separated list, or a range, and use the common-port presets for services like 22 (SSH), 80 and 443 (web), or 3306 (MySQL). Where a service sends a greeting, the tool can grab the banner so you can confirm what is actually listening. Because the probe is external, it is the right way to verify port forwarding on a home router, confirm a cloud security group is letting traffic in, or prove that a firewall rule is doing its job.

A common gotcha: a port that looks filtered from outside can be wide open on the local machine. If a service works on localhost but shows filtered here, the block is almost always a firewall, NAT rule, or security group between the probe and the host, not the service itself.

Frequently asked questions

What is the difference between a closed and a filtered port?

A closed port actively refuses the connection, so the host is reachable but nothing is listening on that port. A filtered port gives no response at all because a firewall is dropping the packets, so you cannot tell whether a service is behind it.

How do I check if my port forwarding is working?

Enter your public IP and the forwarded port here. Because the probe connects from outside your network, an open result confirms the forwarding rule is passing external traffic to your device.

Why does a port show open locally but filtered from this tool?

The service is listening, but something between the probe and your host is blocking access, typically a firewall, a router NAT rule, or a cloud security group. Adjust that rule to allow inbound traffic on the port.

Can I scan a range of ports at once?

Yes. You can enter a single port, a comma-separated list, or a range, and the tool reports the open, closed, or filtered state of each one along with any service banner it can read.

Related tools

  • Ping Test →
  • Traceroute →
  • SSL Checker →
  • HTTP Headers →
Measured from a Trace Warrior probe server in London, UK, not from your browser. Latency is from London to the target.
Enter a host and ports
Try example.com on 443,80