Accessing SQL Server over an SSH tunnel - sql-server

In my development shop, we deploy code on virtual servers that sit on a remote network.
We access the machines on that network by first opening an SSH connection to a gateway server, and then SSH-tunneling RDP over a local port.
I would very much like to be able to locally access SQL Server instances running on these servers in the same way.
I've set up a local port (3398) to redirect to the SQL Server port on the remote instance (L3398 -> remote.machine.com:1433).
I can then actually test the connection by telnetting to localhost 3398, and I get a connection: the screen clears and I can type characters to some listening process.
But when I try to connect SSMS to localhost:3398, it times out and then claims that there is no SQL Server listening on that port:
Cannot connect to localhost:3398
Additional information:
A network-related or instance-specific error occurred while establishing a connection
to SQL Server. The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow remote
connections. (...)
I am sure that the server accepts remote connections, because I have connected to it remotely while logged in via RDP to a different machine within the remote network.
I have Googled around to know that this is possible; does anyone have some idea why this isn't working, or what I might do to diagnose and hopefully fix the problem?
Thanks!

Instead of connecting to localhost:3398
Use 127.0.0.1,3398

For Authentication type Azure Active Directory - Universal with MFA (Mutli-Factor Authentication), in addition to specifying the port correctly (127.0.0.1,3398), I also had to point the host to localhost.
On Windows, I had to edit my hosts file to include the server host:
127.0.0.1 server.example.com
Then, in SSMS, I could connect to server.example.com,3398, which would perform the MFA correctly.
I could have performed this redirection at a higher DNS level as well.

The issue is probably that SSMS is trying to access the SQL Server Browser Service, which is UDP port 1434. Take a look at http://technet.microsoft.com/en-us/library/cc646023.aspx for an overview of the additional ports you may need to forward to get this to work.

I'm pretty sure I figured out the answer to this, actually.
On the remote network (which we don't control), for security purposes, it appears that the database servers are set up to ignore database requests coming from the gateway machine. So I guess there's just no good solution short of convincing them to give us full VPN access. Thanks everyone for your help.

Related

Cannot connect to SQL Server, error: 0 - No Connection could be made because the target machine actively refused it

I'm new to SQL related matters so please bare with my lack of knowledge and asking a question which has been asked countless times before.
I have to connect to a SQL database server which is located at a remote location at xxx.xx.xxx.xx:3306, but every time I try to connect I get the same error:
"A network-related or instance-specific error occurred while establishing a connection to SQL server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No connection could be made because the target machine actively refused it.)"
I get this same error whether I try to connect using SQL Server Management Studio or in a C# program via:
SqlConnection myConnection = new SqlConnection(...)
myConnection.Open();
I've tried it on two different computers, both on the same home network. I've had a look at the SQL server configuration manager on the computer which I installed SQL Server on, enabling TCP/IP and fiddling with the port values settings, but I'm guessing this is just for configuring an SQL server on my computer and irrelevant to connecting to a remote one. I shouldn't even need to install SQL server to do queries on a remote server anyway, right?
I've turned off my Windows firewall and my router firewall, though ShieldsUP still says
Port: 3306
Status: Stealth
Your system has achieved a perfect "TruStealth" rating. Not a single packet — solicited or otherwise — was received from your system as a result of our security probing tests. Your system ignored and refused to reply to repeated Pings (ICMP Echo Requests). From the standpoint of the passing probes of any hacker, this machine does not exist on the Internet. Some questionable personal security systems expose their users by attempting to "counter-probe the prober", thus revealing themselves. But your system wisely remained silent in every way. Very nice.
I read that this is irrelevant as well, since I'm not the one hosting the server, but when I was given the address, I was given the port as well, so I must have to do something with it. I'm just not sure what. My understanding of ports really is quite shaky.
I've been trying this for over a day now, and I can't think of anything more I can do.
EDIT: I fixed the problem. I had to use MySQL, not MSSQL. Doh. Sorry guys.
If you are sure the remote SQL Server is running on port 3306 (otherwise I'm not sure why you talked in the question about that port specifically), try the following connection string:
user id=username; password=password;
data source=123.45.678.90,3306;
initial catalog=dbname;
Network Library=dbmssocn;
I think without the port you'll have trouble if the other end has disabled the SQL Browser service. You should also make sure it isn't a named instance, in which case you may need:
user id=username; password=password;
data source=123.45.678.90\InstaneName,3306;
initial catalog=dbname;
Network Library=dbmssocn;
First of all the database is local or distant ?
The you have to ensure that your connection string is well written.
Here's an example of a valid connection string :
Data Source=myServerAddress;Initial Catalog=myDataBase;User Id=myUsername;Password=myPassword;
More about connection strings :
Connection Strings
Now if everything is set up correctly you have to enable remote connections to SQL Server on the host. To do so please refer to this article :
Enable SQL Server Remote Connections
Just go to ypur serveices and check whether your SQL Server (MSSQLSERVER) is running.Most of the time this error happens when SQL Server (MSSQLSERVER) is stopped.
Then select it right click and click start.problem solved !!!

SQL Server connect from another computer to my database

Hi all I installed SQL Server and from the localhost it works in my project however when I tried to access database from another computer It gives 0x80131904 exception. I couldn't find the reason what might be the solution?
Have you tried connecting by specifying the port number as well? Something like,
YourServerName,1433
YourServerName\YourInstanceName,1433
I have assumed it is on the default port. If not change 1433 with appropriate port number and try it.
Make sure your server is enabled for tcp/ip connections and that your computer does not block the SQL server port. Also make sure that you enable the proper authentication methods, ie SQL server auth, integrated, etc.

To Remotely connect a SQL Database through Internet

I want to connect to a remote computer though internet to connect a SQL Server database. I tried using Teamviewer successfully. Is there any other free tool which can be used in lieu of Teamviewer ?
There are are a few options.
1) Setup up VNC (there are a lot of free VNC implementations). If you set it up, I would recommend setting it up using SSH or some form of encryption so you are secure.
2) Set up a remote vpn connection. If the remote router supports something like DDWRT you can install that and set up you can vpn in to the remote network and access the machine as if you were there locally.
3) Set up port forwarding on the remote router so that when you connect to a specific port (default for SQL server is 1433) it forwards your request to the remote machine and then you just connect to the external IP of the remote router.
4) Set up port forwarding for Windows remote desktop. Basically the same as #3 except a different port and you'd use RDP to connect to the machine first instead of SQL server.
You can use MySQL Workbench tool for this purpose .. it's really simple ...
Just configure a new connection with the tool and you get to access the database remotely...
Just connect directly using SQL Server authentication
Update: or use trusted connection through VPN (IPSec).
If this question involves connection to SQL Server through internet. If not, then it is not development question and does not belong to SO.

SQL Server 2008 remote connection only works once

When I connect to the SQL Server 2008 remotely it only works once, after that the server hangs. The service cannot be stopped or restarted and when trying to connect again it gives a 'Timeout' error.
The server has TCP/IP connections enabled. The default port is set to 1433 and I cleared the 0 from the dynamic ports. I enabled the 127.0.0.1 IP and the public IP and set the 1433 IP to them. Named pipes and the other protocol (Shared Memory or something) are disabled.
I am connecting from the remote machine using the 'sa' user and a strong password. The server is set to accept both authentication modes.
Connecting for the first time from the remote machine works perfect. Queries work and data can be retrieved from the databases. After disconnecting and trying to connect again it gives a timeout error. This error is generated because the SQL Server is hanged somewhere.
At this point it is impossible to Stop or Restart the SQL Server service from the service machine. The only solution is to restart the computer. However, connecting to the server locally from SQL Management Studio still works.
I think it has something to do with going into an infinite loop somewhere, or it doesn't drop the connection on the 1433 port after disconnecting from the remote machine and it still waits for input from it.
have you ruled out anything at the network layer such as software or hardware firewalls, NAT'ing, proxies ect?
Are you running SQL Server as a default or named instance?
if you do a netstat while things are working & then when you get a time out, what do you see?
Try running network monitor or wireshark on the server to see if the request is getting through & if so is the server responding?
EDIT:
It's a bit of a concern that you can connect to the server on port 1433 when sql server isn't running you should be getting a connection refused (no firewall) or a timeout (with a firewall)
Run profiler on the server & audit logins/logouts you should be able to see the client connect? it may help you troubleshoot the issue?
Try a blunt instrument like re-installing the sql server connectivity driver eg. mdac, sql native on the client.

How to make SQL Server running in Virtual PC accessible to host OS?

I'm running SQL Server 2008 Express on Windows XP on a VirtualPC instance inside a Windows XP host. I want to be able to connect to databases on the guest instance using SSMS on the host. When I go to connect from SSMS on the host, and browse for servers, I see the instance of SQL Server on the guest. Yet when I try to connect, using a SQL authentication login, I get the following connection error:
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: SQL Network Interfaces, error: 28 - Server doesn't support requested protocol) (Microsoft SQL Server, Error: -1)
I have:
* tried connecting with both Name Pipes and TCP/IP
* ensured that the SQL Browser service is up
* ensured that the firewall on the guest is open
* the server is configured to allow remote connections (according to the database engine properties within SSMS on the guest)
What am I missing?
EDIT: I figured this out. My resolution is below.
SELF-ACCEPTED ANSWER
Thanks for the ideas. After much fiddling I got things working. It turned out that I had not gone into the Sql Server Configuration Manager and enabled TCP/IP and Named Pipes as network protocols. So even though SSMS said remote connections were enabled, there was no protocol to allow for them other than shared memory. After I did this I restarted the SQL Server service, but things still didn't seem to work properly. Yet once I had rebooted both the guest and host, everything was working as expected.
How are your IP settings? Are you sharing the same IP address between the two machines? If so, then perhaps when your clients attempt to connect to 10.1.1.10, it is hitting the IP of the machine hosting the VPC instance, and that machine is not running the SQL Server instance. If possible, have VPC get its own IP and try that.
Mostly double check what you have already said,
turn off the guest firewall to make sure it isn't that.
Make sure your virtual machine networking is set to bridged and not NAT.
Try connecting to the IP address of the guest instead of its name.
Make sure the remote connections are allowed by SQL server and that both client and server are using tcp/ip (or named pipes if you prefer).
I don't know if enabling remote connections requires a restart of SQL server.
Try using SQL authentication to eliminate an authentication issue. Are you running on a domain?
To add some steps that are not explicitly called out above, what worked in my experience was to set up the Virtual PC's Networking to my physical network adapter.
Then disabled Windows Firewall for the Public Profile.
Hopefully could actually lock that down to port 1433.
Also, on the guest OS, if SQL Server is installed with only Windows Auth, you later add SQL auth, note that by default 'sa' is disabled for login access. Either 'enable' Login for 'sa' or (better idea) create Logins with appropriate permissions as needed.

Resources