Home/Toolchest

PowerShell server connectivity quick check

A concise read-only connectivity triage script that separates DNS, ICMP reachability, and expected TCP-port failures before escalation.

Good For

  • server outage triage
  • VPN path checks
  • RDP failures
  • WinRM reachability
  • application port testing

How to Use It

  1. Record the affected client network, VPN state, target hostname, and expected service ports before testing.
  2. Resolve each target name and compare the returned address with the expected internal address or load balancer endpoint.
  3. If DNS fails but the target works by IP, keep the problem in the DNS, suffix, split-tunnel, or conditional-forwarder lane.
  4. If DNS works but ping fails, compare firewall policy, ICMP filtering, and gateway reachability before treating the server as down.
  5. If ping works but a service port fails, focus on the listener, host firewall, service state, or network ACL for that port.
  6. Export or copy the object output into ticket notes so escalation has evidence instead of a generic unreachable report.

Execution Modes

  • local
  • remote-host-list

Inputs and Outputs

Inputs

  • target hostnames
  • CSV or TXT host list
  • expected service ports
  • known-good comparison host
  • client network path

Outputs

  • verbose-console
  • csv

Command Starter

Example pattern only. Adjust for your environment before running.

# ---------------------------------------------------------------------
# Operator inputs
# ---------------------------------------------------------------------
# Replace with a small scoped target list, or load from a TXT file later.
$Targets = @('server01.contoso.com')

# Test only ports relevant to the incident. Avoid giant port lists.
$Ports = @(3389, 5985, 443)

# Local evidence file for repeated checks or ticket attachments.
$OutputPath = '.\connectivity-quick-check.csv'

# ---------------------------------------------------------------------
# Collect one row per target/port pair
# ---------------------------------------------------------------------
$Results = foreach ($Target in $Targets) {
    $Dns = Resolve-DnsName -Name $Target -ErrorAction SilentlyContinue
    $ResolvedAddress = ($Dns.IPAddress | Sort-Object -Unique) -join ', '

    # ICMP failure does not always mean the host is down, but it is still useful evidence.
    $Ping = Test-Connection -ComputerName $Target -Count 2 -Quiet -ErrorAction SilentlyContinue

    foreach ($Port in $Ports) {
        # This tests TCP reachability only. It does not validate application health.
        $TcpOpen = Test-NetConnection -ComputerName $Target -Port $Port -InformationLevel Quiet -WarningAction SilentlyContinue

        [pscustomobject]@{
            Target          = $Target
            ResolvedAddress = $ResolvedAddress
            PingReachable   = [bool]$Ping
            Port            = $Port
            TcpOpen         = [bool]$TcpOpen
        }
    }
}

# Preserve reusable evidence for incidents involving more than one target.
$Results | Export-Csv -Path $OutputPath -NoTypeInformation -Encoding UTF8
$Results | Format-Table -AutoSize

Validation

  • Each target has a documented DNS result, ping result, and TCP result for every tested port.
  • The suspected failure domain is narrowed to name resolution, network path, service listener, firewall, or application layer.
  • A known-good target on the same path produces expected successful results for comparison.

Reporting

  • Paste the result table into the ticket timeline for single incidents.
  • Attach the CSV when several targets or ports were checked.
  • Promote recurring use into an HTML connectivity report pack with grouped DNS, ping, and TCP findings.

Safety Notes

  • This check only tests reachability and does not open firewall ports or restart services.
  • Avoid large port lists against production systems; test only the expected service ports for the incident.