Opening ports for Windows Azure Virtual Machine - sql-server

I have a Sql Server instance installed on my Azure Virtual Machine. I've changed the port for Sql Server to...let's say 4849. I opened this port in Windows Firewall and established the endpoint for both TCP and UDP. I check to see if the port is open via http://www.yougetsignal.com/tools/open-ports/ and it's still closed. What am I missing here?
I'm utilizing SQL Server 2012 SP1 on Windows Server 2012.
Thanks in advance!

Not sure how this service checks for opened ports, but if it doing so by sending "ping" command then it may not work. You would need to do additional stuff for that to work. Please check this blog post for more details: http://blogs.biztalk360.com/windows-azure-virtual-machines-virtual-network-may-not-ping-automatically/.

Does this need to be accessible to the outside world? If so, you will need to open it on your firewall and have the firewall forward traffic on that port to your VM.
Also, you might need to check the config of your VM network adapter, if it's using NAT to share the hosts IP address, you might encounter problems, depending on what host you're using, I find that bridged mode works best so that the VM can use it's own IP address on the network.

I think you can also try this one to enable PING command for Azure virtual machine: http://blogs.biztalk360.com/windows-azure-virtual-machines-virtual-network-may-not-ping-automatically/

Related

How to Enable TCP/IP for mssql instance in ubuntu 16.04?

I'm not able to connect SQL Server hosted in Ubuntu 16.04 using my program, I believe its because the TCP/IP is disabled for the instance I try to connect (Protocols for SQLEXPRESS under SQL Server network configuration).
How I'm sure because I tried to connect my program to SQL Server that hosted in Windows and it able to connect.
Example my instance name is SQLEXPRESS, so I'm trying to connect through SSMS by using IP Adress\SQLEXPRESS and it fails. But I am able to connect to the SQL if I use IP address only as the server name.
I tried to search about sqlcmd for enable the tcp/ip but all of them just show the guide to change the ports.
So, how can I enable tcp/ip connection for ip\SQLEXPRESS instance in Ubuntu 16.04?
picture below just an example on enabling tcp/ip for the sql instance in windows
I believe the reason why this doesn't work on linux is because it doesn't have a SQL Server Browser application that Windows has available. This application redirects the requests to 1433 to whatever random port it's listening to currently -- this is why it will only connect when the port is specified. In my case this stinks because I'm having to work around an ancient application that we don't have the source code for. I'm thinking about writing a little application that will redirect the default traffic to the correct port for linux msssql.

SQL Server TCP/IP times out

I have to connect to a fresh SQL Server Express 2017 on a machine not part of my domain. I have configured
Mixed Mode Installation with sa with password
SSMS -> Server -> Properties -> Connections -> Allow remote connections
SQL Configuration Manager -> Instance "EXPRESS2017" -> TCP/IP: Enable and Active and Port 1438
Restarted the "SQL Server (EXPRESS2017)" service.
I now tried to access from a remote computer, and got a timeout. I then tried to connect from the local SSMS, which works without special settings, but when under options, forced "Protocol: TCP/IP" is set, with the same credentials as before, I also got a timeout.
So am I right that I can rule out the firewall or problems finding the instance, and everything points towards a configuration issue in TCP/IP protocol, or did I overlook some setting?
EDIT: I have disabled Windows firewall, and no other firewall is installed on the computer. I have restarted the computer. I also found this article about PortQry and had a check - locally:
C:\Users\Administrator\Downloads>PortQry.exe -n 172.17.41.124 -p UDP -e 1434
Querying target system called:
172.17.41.124
Attempting to resolve IP address to a name...
IP address resolved to WIN-AECL8CJVS7E.test.local
querying...
UDP port 1434 (ms-sql-m service): NOT LISTENING
EDIT: I have run NETSTAT and it seems no port in the 14xx range is open at all, although the SQL Server Browser service is running. I must be missing something there...
You did not show your connection string, but I suppose you use your instance name here.
In order to connect to SQL Server the network library has to know 2 things: IP address and a port. Your instance is named and uses non-default port 1438.
So your connection string should use 172.17.41.124,1438 as server name, or, alternatively, you can use instance name like this: 172.17.41.124\EXPRESS2017 but SQL Server Browser should run.

Accessing SQL Server over an SSH tunnel

In my development shop, we deploy code on virtual servers that sit on a remote network.
We access the machines on that network by first opening an SSH connection to a gateway server, and then SSH-tunneling RDP over a local port.
I would very much like to be able to locally access SQL Server instances running on these servers in the same way.
I've set up a local port (3398) to redirect to the SQL Server port on the remote instance (L3398 -> remote.machine.com:1433).
I can then actually test the connection by telnetting to localhost 3398, and I get a connection: the screen clears and I can type characters to some listening process.
But when I try to connect SSMS to localhost:3398, it times out and then claims that there is no SQL Server listening on that port:
Cannot connect to localhost:3398
Additional information:
A network-related or instance-specific error occurred while establishing a connection
to SQL Server. The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow remote
connections. (...)
I am sure that the server accepts remote connections, because I have connected to it remotely while logged in via RDP to a different machine within the remote network.
I have Googled around to know that this is possible; does anyone have some idea why this isn't working, or what I might do to diagnose and hopefully fix the problem?
Thanks!
Instead of connecting to localhost:3398
Use 127.0.0.1,3398
For Authentication type Azure Active Directory - Universal with MFA (Mutli-Factor Authentication), in addition to specifying the port correctly (127.0.0.1,3398), I also had to point the host to localhost.
On Windows, I had to edit my hosts file to include the server host:
127.0.0.1 server.example.com
Then, in SSMS, I could connect to server.example.com,3398, which would perform the MFA correctly.
I could have performed this redirection at a higher DNS level as well.
The issue is probably that SSMS is trying to access the SQL Server Browser Service, which is UDP port 1434. Take a look at http://technet.microsoft.com/en-us/library/cc646023.aspx for an overview of the additional ports you may need to forward to get this to work.
I'm pretty sure I figured out the answer to this, actually.
On the remote network (which we don't control), for security purposes, it appears that the database servers are set up to ignore database requests coming from the gateway machine. So I guess there's just no good solution short of convincing them to give us full VPN access. Thanks everyone for your help.

Connecting to a SQL Server on the Web

My company had a machine running SQL Server hosted by a company specializing in such. We have an .NET application that connects to it.
Recently the decision was made to bring the machine in house.
If we use the internal IP of the machine to connect, it works. When we go to an outside network and use the machine's external IP, it fails. The machine answers pings, and all of the ports in the following article have been opened.
http://support.microsoft.com/kb/287932
Any ideas?
are you sure that the server is configured to accept tcp connections? open teh "SQL Server Configuration Manager". "Protocols for MSSQLSERVER" (in the tree) be sure that TCP/IP i set to enabled.
You might need to go to 'SQL Surface Area Configuration', click on 'Remote Connections' in the treeview, then check the 'Local and Remote Connections' radiobutton.
Firewalls
I assume you have enabled TCP/IP, and also the SQL Browser Service.
Also I assume if behind a router/NAT, you have done the required Port triggering/Port forwarding.
The final thing would be make sure all firewalls allow SQL Server through.

connect sql server 2005/2008 over internet

How do I connect to SQL Server 2005/2008 using Management Studio or other desktop application over the internet?
Check out WCF Data Services:
http://msdn.microsoft.com/en-us/data/bb931106.aspx
That way, you don't have to totally expose your database server out to the internet, but you get fine grained control over what gets exposed and who (which type of user) can see or modify what.
Marc
I finally solved this by:
Changing default SQL Port to 8080 from 1433 (our ISP was blocking)
Turning off Windows Firewall on the server. I know this is not a long term solution, but at least I was able to pinpoint the problem. I had set two inbound firewall rules to allow port 8080 and SSMS program, on the server. I created an outbound firewall rule on the client for SSMS (but don't think this mad a difference).
I had to change all apps to use the new port instead of the default port. I had to configure our router to handle the new port 8080 and forward to the database server.
I will modify the Windows Firewall settings to see what was blocking SSMS.
DB Server: Windows 7 Pro 64bit 24 GB RAM
If you put 'your' SQL server (any brand, I'm not bashing) on the internet ... it won't be yours for long, unless you add some rather effective security measures ...
I suggest you look into VPN.
To be able to access your database over the internet, you will need to make sure that the server that hosts the database is accessible over the internet and the port that the database instance uses is open on that machine. You will also need to allow remote connections using the SQL Server Configuration Tool.
For Management Studio access I would recommend rather than opening the server to the outside to use a VPN solution that allows you to create a secure connection to the server and from there you can use the server name or IP to connect as if your machine is part of that network.
For the desktop application I would recommend looking into having the data be consumed through a web service or WCF rather than needing to have a direct connection to the database over the internet.
Hope this helps.
Firstly, if we put security consideration on the side, you have to configure SQL server (sql surface area configuration) to accept traffic, then you have to open proper ports on you server and allow inbound traffic thru to your router to the SQL server.
When you open sql server management studio in connect to server window and at the server name type the IP of your server and enter your username and password.
correct format : IP\InstanceName
you should have a user on target database.

Resources