windows 7 firewall blocks connection to named sql instance - sql-server-2008

I want to connect to a named instance of sql server wich runs on a cluster. When I disable the firewall on my windows 7 client machine, I can connect. However, when I activate the firewall, the named instance cannot be found. A named instance of a different server, not on a cluster, can be connected with the client firewall on.
How can I setup my client firewall so I can connect to the named instance that runs on a cluster with my firewall enabled?
Note: What I can do is to disable firewall, connect to the named instance and re-enable the firewall again. After that the connection to the named instance works fine.

This answer is based on you having Windows 2008 R2 on your SQL Server
Open SQL Server Configuration Manager
SQL Server Network Configuration
Protocols for *named_instance*
IP Addresses
Delete 0 from TCP Dynamic Ports else it won't work (you might as well switch the firewall off) and put an unused port number in TCP Port, eg 7200
Repeat the above line all down your list of IPs until you reach the bottom.
Click OK
Add some rules:
Open firewall from Control Panel --> Advance Settings
Inbound rules --> New Rule
Name: Native SQL Server (TCP 1433)
Protocol: TCP
Port: 1433
Name: My Instance SQL Server (TCP 7200)
Protocol: TCP
Port: 7200
Name: SQL Server (UDP 1434)
Protocol: UDP
Port: 1434
REBOOT!!! (or restart the sql services)
Management Studio on your PC should now be able to access the new instance of the database on the server (assuming you don't have firewall restrictions on your own machine)

Try to open ports 445 and if you also need TCP/UDP connections to Sql Server - 1433, 1434

I had exactly the same problem.
I checked the Windows Firewall Log under %systemroot%\system32\logfiles\firewall\pfirewall.log and saw that UDP port 1434 was blocked:
2014-05-14 10:44:44 DROP UDP 12.121.12.121 13.131.131.131 1434 62370 168 - - - - - - - RECEIVE
To connect to a named instance that runs on a cluster you need to open the UDP port 1434 in your local windows firewall.
Open "Windows Firewall with Advanced Security". ("Run as administrator" could help)
Go To "Inbound Rules".
On the actions menu on the right click "New Rule".
Select "Custom", click next until you are on step "Protocol and Ports".
On "Protocol type" select "UDP".
On "Remote port" select "Specific ports" and write 1434.
Click next until you reach step "Profile". I choose just "Domain" so that this rule only applies in the intranet of the company I worked for.
Click next and give it a meaningful name
Click finish and you are done.

Related

Setting up MySQL database behind a VPN address

I have a regular MySQL server running with XAMPP at port 3306 and accessible by my internet ip aswell my local ip (127.0.0.1), the ports are forwarded in my router. An account set up to be accessed from any IP, Everything works fine.
I'm trying to make this same server be accessible by AirVPN DNS address. So I've followed AirVPN instructions to remove the forwarded ports in my router and forward a new port at their VPN with a random number (lets go with 1111) with local port as 3306 and DNS named as xxx.airdns.org
So I open MySQL with XAMPP under port 3306, nothing changed in config file. I run the AirVPN port checker over 1111 and it signals as open. I also try at other sites that checks ports and signals open at xxx.airdns.org:1111
Though when I try to make a connection as usual it returns error (10060): Can't connect to MySQL server on 'xxx.airdns.org' (10060)
Resolutions I've tried:
Switch port values in MySQL config files matching with the ports open in AirVPN
bound address to VPN adapter bind-address="10.6.114.48"
repeated the options above in all different kind of port combinations and addresses
Disabled Firewall on Ethernet adapter of VPN as described here
I couldn't achieve success in this task. I'm looking for some enlightment so I can understand the process.
EDIT:
The connection is set only to TCP protocol. A port check done through airVPN and is registered at XAMPP & FIREWALL logs as accepted connections. Though trying to connect from a client I got no log from Xampp or Firewall, it gets timed out.
Sorry for "answer" type not just comment, but i dont have enough reputation here :)
Maybe the protocol ( TCP/UDP ) is your issue.
If you use UDP on your airVPN better check forwarding on your router - most of them
by default sets TCP only. Otherwise maybe change to TCP on your airVPN.
ISP provider often filter this protocol.
Issue: Consider that you can't connect to a service running "behind" some VPN server from a machine that's connected to that very same VPN service.
Solution: Connect from another machine to test your service properly.

Unable to rdp into Amazon EC2 instance

I have spun up a micro instance of windows 2008 r2 server with sql server and iis installed.
My security group has three inbound rules:
rdp tcp: 3389 0.0.0.0/0
mssql tcp:1433 0.0.0.0/0
http tcp:80 0.0.0.0/0
outbound is all traffic 0.0.0.0/0
I can rdp into other instances which are on a private cloud which is openstack in my college.
I followed the instructions, de-crypt the password after downloading the pem file. I get an error saying i cannot connect. I used this website: http://www.mynetworktest.com/ports.php to check if the 3389 port was open on my ec2 instance; it says it is not. I tried changing security groups but does not make a difference. The only discrepancy i could determine is when i set up the instance. I have to set 'Auto Assign Public IP' to enable in order to get a public ip address; something which the amazon docs does not clarify.
Am out of ideas, Any help appreciated
It happened to me and this is how I resolved it.
It is likely your windows firewall is restricting incoming RDP traffic. First disable windows firewall totally. If you are able to connect after disabling the firewall, then firewall rules are the issue. Enable firewall and edit firewall rules to allow incoming RDP traffic.
for windows and linux servers check for 2 things to make the remote or ssh working
check for the firewall/iptables
check for the security groups or ports open to what destination.
check for the services and user groups open for communication
check the service.

SQL can't log in

Hello my name is Ozan Bayrak
I have SQL on my pc and I have made a C# application.
I published the C# and installed another SQL server into this computer so I have 2 SQL
and now I can't Log in into my SQL cuz I get a error it says like this
"You can't run this Sql on 2005 and 2008"
who can help me please I really need to know this.
Everytime I want to log in it gives me a error.
when I go to services the SQLEXPRESS is offline too.
Thanks for the help
Ozan Bayrak
There's many possible issues here, including all or one of the below
Test Open Port The network on your LAN, can you ping SQL Server remotely on the default port 1433 on the specific IP Address (you can use PuTTY or Telnet to check this)
SQL Configuration Manager Check SQL Configuration Manager and see if the Network Protocol for SQL is enabled for TCP/IP, Named Pipes or Shared Memory
Firewall and Default Port Check the Windows Firewall make sure its allowing 1433. Since you are testing, best thing to do is to disable the Firewall in Windows Services to confirm whether its a firewall issue or not.
SQL Server Browser SQL Server Instances (instances have the form SERVER\SQLEXPRESS or SERVERNAME\SQL1 for example). Check in services and makes sure the "SQL Server Browser" is running. Also, you must allow a Firewall rule for port 1434, which is the default port of the "SQL Server Browser". This is necessary because the SQL Server maps and forwards the traffic based on the Instance Name, so this is the service that resolves the instance name.
SQL Server Instance Port Varies SQL Server Instances does not necessarily run on port 1433, in this case you will have to have the SQL Browser Running which maps the name to the port and directs traffic to the correct instance. In your firewall, instead of allowing port 1433, you will have to allow sqlservr.exe Executeable Program. The port also can be determined by looking at the SQL Server log File in the MSSQL\LOG folder in Program Files. There will be an entry for "Server is listening on port ..."
My recommendation for you is to install SQL Server Express Management Studio (SSMS) which is the GUI interface to manage the SQL Server Express instance. The link is below for both SQL Express and SQL Management Studio. And see if you can connect to the servers that way first. Another suggestion is for you to install both on a Local Computer and simply familarize yourself with SQL Server first before exposing it on the Network.
http://www.microsoft.com/en-us/download/details.aspx?id=29062
Since you have both, its possible that ports are conflicting thereby the SQLEXPRESS instance for MSSQL 2005 isnt starting up. Change the port number with the following steps
In SQL Configuration Manager, in the left side window under SQL Server Network Configuration select Protocols for SQLEXPRESS.
On the right side window, Right Click on TCP/IP and select Properties. In protocol tab, change Enabled to Yes
Under IP Address tab, search among IP1, IP2, IP3 and IP4 which has Enabled as Yes(if neither is enabled, just enabled one)
Which ever has Enabled as Yes, make sure TCP Dynamic Ports is blank and change the TCP port to anything other than 1433.
Also under IPAll, make TCP Dynamic Ports blank and for TCP port enter the same value that you entered above.
Click Apply and close the TCP/IP Properties window.
Now go back to SQL Configuration Manager, under SQL Server Services, right click on SQL Server(SQLEXPRESS) and click Start.
Try the following:
Turn on the SQLEXPRESS service and try to reconnect.
If the above fails, then read this article.
In a nutshell, you will do the following:
Enable remote connections on the instance of SQL Server that you
want to connect to from a remote computer.
Turn on the SQL Server
Browser service.
Configure the firewall to allow network traffic
that is related to SQL Server and to the SQL Server Browser service.

SQL Server 2008 Express on Windows 7 - Firewall issue

I'm totally stuck I hope someone can help.
I have a fresh copy of SQL Server 2008 Express installed on a Windows 7 pro machine with 2 instances created: Dev and Test.
I can connect to an instance via SQL Server Management Studio (SSMS) from the remote client only when the SQL Server Windows firewall is turned off, client firewall on.
I checked to make sure sql server firewall and client firewall have the same rules.
I've setup rules to allow TCP and UDP on local ports 1433 and 1434, remote ports-any, for inbound and outbound, on server and client pc.
I got so fed up that I enabled and allowed everything that was disabled. But still no worky.
I really have no idea what it could be so any help would be really appreciated.
Many thanks
Ian
Finally found a solution..
1. Open SQL Server Configuration Manager
2. Select SQL Server Network Configuration
3. Select Protocols for [named instance]
4. Select IP Addresses tab
5. For each IP in the list, delete 0 from TCP Dynamic Ports and enter 7201 in TCP Port field below
6. One IP entry will have an IP address for the SQL Server - set this to Enabled and Active
7. Click Ok
8. Repeat steps 3 to 7 for another instance using port 7202
9. Open Firewall from Windows Control Panel
10. Advanced Settings
11. Add Inbound Rules based on Port:
> Name 'My Instance SQL Server', TCP, port 7201
> Name 'My Other Instance SQL Server', TCP, port
> 'Native SQL Server', TCP, port 1433
> 'SQL Server', UDP, port 1434
12. Restart services
13. Ensure SQL Server Browser service is started

SQL Server 2008 Remote Access

I've studied other topics, tried various solutions, but cannot gain access to my SQL Server remotely from my PC.
I have not problems with accessing the Server its running on, I'm able to Remote Desktop fine.
Here are the steps I have taken :-
Enabled Remote access to SQL Server
Created a SQL Authentication User Account (which Ii can log in with whilst on the server).
Enabled Shared Memory & TCP/IP Protocols for the SQL Server Instance.
Created a Firewall Rule for TCP Port 1433
Created a Firewall Rule for UDP Port 1434
Created a Firewall Rule for SQLBrowwer.exe
Created a Firewall Rule for SQLservr.exe
Ensured SQL Browser & SQL Server are running processes.
SQL Management Studio cant even detect the instance of the SQL Server in listed Database Engines.
I'm at a loss as to what the problem could be?
** UPDATE **
Ive tried turning off my Firewall, the SQL Server in now found in SSMS, but i still cant connect to it?
All your steps are right, I'd do the same. I'm sure everything is fine with your SQL Server.
I guess it's firewall, try to turn it off or run this from command prompt:
netsh firewall set portopening protocol = TCP port = 1433 name = SQLPort mode = ENABLE scope = SUBNET profile = CURRENT
Also, check if you have antivirus software or something similar and turn it off (on both sides).