How to check the port blocking problem caused by the server firewall?

Sometimes some services cannot work due to firewalls.
The main phenomenon is that telnet on a certain port on the server is normal, but telnet on the port outside the server is unavailable. Under normal circumstances, it can be judged as a firewall problem.
So how do we judge it? Let me introduce you to the dns software. It can be judged by testing it on the server through nslookup and separately testing it outside the server.
If the test results on the server come out and there is no response outside the server, it is usually a firewall problem.
The firewall is divided into the firewall of the server itself and the hardware firewall of the computer room.
1. The firewall of the server itself generally needs to be checked in three places:
1. On the control panel, click on the firewall that comes with windows to see if it is enabled, whether the port is open, and whether the IP link is restricted
2. Management Tools -> Local Security Policy -> The IP security policy is on the local computer to see if a security policy is set. If there is a "policy already assigned", you can temporarily test it without assigning it.
3. Check the IP filter setting in the local link. To see if it has been set, note that the IP filter setting will take effect only after restarting the server. The local firewall has been checked and confirmed that the port is not restricted. Generally, the hardware firewall of the computer room is restricted, and the computer room needs to be notified for processing. 2. If you further confirm that it must be the problem of the firewall in the computer room: If the customer has two machines in the same computer room, you can telnet the relevant port of the machine on another machine, or use nslookup to test the udp port. If it is connected to another machine in the computer room, you can confirm that it is not caused by the firewall of the server itself, but must be caused by the firewall of the computer room. 3. There are some hardware firewalls in the computer room, which will cause the telnet-related ports outside the server to be connected. But related services are not available. This situation can be judged in two ways.
1. In the server and outside the server, after telnet the relevant ports, you can enter the enter key or other keys to observe the response of the cmd window. If it is separated by a hard guard in the computer room, the response of the general window will be different.
2. Telnet any port of that server, if it is separated by hard defense, sometimes any port of telnet can be connected, regardless of whether there is a program on the server actually working on that port.