My company had a machine running SQL Server hosted by a company specializing in such. We have an .NET application that connects to it.
Recently the decision was made to bring the machine in house.
If we use the internal IP of the machine to connect, it works. When we go to an outside network and use the machine's external IP, it fails. The machine answers pings, and all of the ports in the following article have been opened.
http://support.microsoft.com/kb/287932
Any ideas?
are you sure that the server is configured to accept tcp connections? open teh "SQL Server Configuration Manager". "Protocols for MSSQLSERVER" (in the tree) be sure that TCP/IP i set to enabled.
You might need to go to 'SQL Surface Area Configuration', click on 'Remote Connections' in the treeview, then check the 'Local and Remote Connections' radiobutton.
Firewalls
I assume you have enabled TCP/IP, and also the SQL Browser Service.
Also I assume if behind a router/NAT, you have done the required Port triggering/Port forwarding.
The final thing would be make sure all firewalls allow SQL Server through.
Related
I recently installed SQL Server Express 2014 on a series of machines running Windows Server 2012. Seven machines in total.
All but 1 of them live in the same local domain company.local.
A single rogue machine lives in a different public domain public.company.org.
The installation process on this machine on a separate domain was carried out by someone who was not paying much attention to the process and pretty much selected all defaults (a.k.a. a click-click-click installation.) As such, certain features such as SQL Server authentication and remote connectivity were not enabled by default.
We want to connect remotely, via SQL Server Authentication, using SSMS, from development machines in the same local domain company.local. This we were able to easily turn on.
As for allowing remote connections, we found ourselves in more difficulties.
We ensured that firewall rules have are defined to allow inbound connection on ports 1433 for TCP and 1434 for UDP. We verified that that is the case.
We have set this rule to apply to all profiles: Domain, Public, Private.
We ensured that all protocols for SQLEXPRESS are allowed in the SQL Server Configuration Manager, specifically TCP/IP.
We have enabled SQL Server Browser.
We have restarted all services multiple times after our configuration changes.
We have even restarted the machine.
We have also kicked the box.
We are still not able to the SQLEXPRESS instance using either:
machine-name.public.company.com\SQLEXPRESS
machine-name.public.company.com\SQLEXPRESS,1434
<ip-address>\SQLEXPRESS
<ip-address>\SQLEXPRESS,1434
Using SSMS or SQLCMD
Using SQL Server Authentication, with regular logins or sa.
Using windows authentication, with credentials on the remote machine.
Pinging the server shows it is responsive. And we have verified that the ports are indeed open.
As far as we are aware of, we've revised, compared and match all configuration/environment settings from the 6 local machines to the one on the different domain.
When disabling firewall all together at all levels, we are able to connect.
Of course we don't want to leave the door open, so we added a inbound rule to the firewall to allow all sorts of connections to the SQL Server (SQLEXPRESS) service.
QUESTION
So the QUESTION is if what we did is the correct approach?
How come adding this firewall exception for the SQL Server process itself is not required in the other local machines???
I've checked your post twice, but I can't find anything about whether you've allowed remote connections to that SQL Express instance. You've allowed all protocols, sure, but that's not enough.
By default, all remote connections to Express instances are disabled (that includes DAC, too). To check this setting, restart the machine (or SQL instance) and look into SQL Server logs. Specifically, you will be interested in entries started with "SQL Server is listening on ..." - there, you'll find all protocols, ports and addresses the instance is listening on.
If the only IP you're see there is 127.0.0.1, then instance rejects all remote connections, regardless of firewall or anything else.
I don't have 2014 Express to check it, but in 2012 this setting is configured via Configuration Manager, in the "SQL Server Network Configuration" section.
I have Windows 7 with SQL Server 2008 and SQL Express 2012 on it. I have also installed win xp on two vmware machines. I am trying my best to connect to sql server on host machine from the vm machines using management studio, but no luck. I had problem even pinging the host machine and visa versa. When I turned off the firewall, I was able to ping the host machine. I tried to add the vm machine's IP to allow access to host machine, but even that didnt work.
I have added a custom rule from here
http://www.rackspace.com/knowledge_center/article/creating-an-inbound-custom-allow-rule-for-windows-firewall-windows-2008
I was running hotspot shield which i turned off, but still no luck. I have allowed remote connection on my sql server. but still not working. Can someone help here.
This is the error I get.
Here is the setting for vm machine.
When the firewall is on, cant ping, but can ping when its off.
Regards
Parminder
You need to configure SQL Server to listen on the TCP protocol. To do this, click Start | All Programs | Microsoft SQL Server 2012 | Configuration Tools and open SQL Server Configuration Manager.
In SQL Server Configuration Manager, expand SQL Server Network
Configuration in the console pane.
Click Protocols for instance name. (The default instance is
Protocols for MSSQLSERVER).
In the details pane, right-click TCP, it should be Enabled for the
gallery images by default. For your custom images, click Enable (if
its status is Disabled.)
Right-click on TCP/IP and select Properties.
Verify that, under IP2, the IP Address is set to the computer's IP
address on the local subnet.
Make sure that TCP Dynamic Ports is blank.
Make sure that TCP Port is set to 1433.
In the details pane, right-click SQL Server (instance name) (the
default instance is SQL Server (MSSQLSERVER), and then click
Restart, to stop and restart the instance of SQL Server.
Then, you need to open TCP ports in the Windows firewall for the default instance of the Database Engine. To do this, click Start | All Programs | Administrative Tools, and open Windows Firewall with Advanced Security.
In the Windows Firewall with Advanced Security, in the left pane,
right-click Inbound Rules, and then click New Rule in the action
pane.
In the Rule Type dialog box, select Port, and then click Next
In the Protocol and Ports dialog box, select TCP. Select Specific
local ports, and then type the port number of the instance of the
Database Engine (1433 for the default instance). Click Next.
In the Action dialog box, select Allow the connection, and then
click Next.
In the Profile dialog box, select Domain, Private, Public, and then
click Next.
In the Name page, set the Inbound Rule's Name to SQLServerPort and
click Finish. Close Windows Firewall with Advanced Security window.
Hope this help.
Best Regards
This comes straight from MSDN blog in regards to network error 26. Details here
1) Make sure your server name is correct, e.g., no typo on the name.
2) Make sure your instance name is correct and there is actually such an instance on your target machine. [Update: Some application converts \\ to \ If you are not sure about your application, please try both Server\Instance and Server\\Instance in your connection string]
3) Make sure the server machine is reachable, e.g, DNS can be resolve correctly, you are able to ping the server (not always true).
4) Make sure SQL Browser service is running on the server.
5) If firewall is enabled on the server, you need to put sqlbrowser.exe and/or UDP port 1434 into exception.
If that still fails you might want to run PortQry.
You can download PortQry from here details on application here, run "portqry.exe -n yourservername -p UDP -e 1434". If this command returns information and it contains your target instance, then you can rule out possiblity 4) and 5) above, meaning you do have a SQL Browser running and your firewall does not block SQL Browser UDP packet. In this case, you can check other issue, e.g. wrong connection string.
Note if you're running SQLExpress it still might not work after applying the steps from octavioccl's comment.
What fixed it for me was replacing my SQLExpress 2019 with SQL Server Developer 2019, applying the mentioned SQL Network config and Firewall settings and then I was finally able to connect to the Host's SQL server just by using the hostname, no IPs and ports.
I’m trying to access the SQL Server instance on my VPS from SQL Server Management Studio on my local machine. It’s not working (the error I’m getting is:
A network-related or instance-specific error occurred while
establishing a connection to SQL Server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections.
I think this is because I need to configure the database engine to allow remote connections (correct me if I’m wrong!). So I’ve found this step-by-step guide to help me do that: http://www.linglom.com/2009/03/28/enable-remote-connection-on-sql-server-2008-express/ I’ve got to point 10 in the guide and I am now stuck! I don’t have SQL Server Management Studio installed on my VPS. Anyway, this has left me with two options:
Install SSMS
Find another way to do point 10 onwards in the guide without having SSMS installed
I tried installing SSMS on my VPS using the Web Platform Installer but it keeps failing. I don’t know why it’s failing because it doesn’t seem to give a reason why. Does anyone know how I could allow remote connections a different way?
The version of SQL Server installed on my VPS is SQL Server 2008 R2 Express.
Update:
I have tried to disable the firewall on both my laptop and VPS to see if it is a firewall issue. This made no difference to the error message.
Another Update:
Having now been able to install SSMS (I installed directly from the website rather than using the WPI), I have been able to check that the server is configured to allow remote connections (I went to SSMS, connected to the SQL Server instance, right-clicked on the connection, clicked Properties, went to the Connections tab. "Allow remote connections to this server" is already ticked).
SOLUTION
Thanks to everyone for helping me get to this solution! I've finally managed to get it to work! I followed Filip De Vos's advice and opened the ports in the Firewall on my VPS and then I received a different error message. This led me to investigate further and I found that I was using the wrong credentials to login! So I've set a password for the sa user and I've managed to login using that! Thanks again!
To enable mixed authentication you can change the following registry key:
HKLM\Software\Microsoft\Microsoft SQL Server\MSSQL.1\MSSQLServer\LoginMode
Update the value to 2 and restart the Sql Server service to allow mixed authentication. Note that MSSQL.1 might need to be updated to reflect the number of the SQL Server Instance you are attempting to change.
A reason for connection errors can be a virus scanner installed on the server which blocks sqlserver.exe.
Another reason can be that the SQL Server Browser service is not running. When this service is not running you cannot connect on named instances (when they are using dynamic ports).
It is also possible that Sql Server is not setup to listen to TCP connections and only allows named pipes.
In the Start Menu, open Programs > Microsoft SQL Server 2008 >
Configuration Tools > SQL Server Surface Area Configuration
In the Surface Area Configuration utility, click the link "SQL Server
Configuration Manager"
Expand "SQL Server Network Configuration" and
select Protocols.
Enable TCP/IP. If you need Named Pipes, then you can
enable them here as well.
Last but not least, the Windows firewall needs to allow connections to SQL Server
Add an exception for sqlserver.exe when you use the "Dynamic Port" system.
Otherwise you can put exceptions for the SQL Server ports (default port 1433)
Also add an exception for the SQL Server Browser. (udp port 1434)
More information:
How to: Configure a Windows Firewall for Database Engine Access
Server Connectivity How-to Topics (Database Engine)
As a last note, SqlLocalDB only supports named pipes, so you can not connect to it over the network.
In addition to configuring the SQL Server Browser service in Services.msc to Automatic, and starting the service, I had to enable TCP/IP in: SQL Server Configuration Manager | SQL Server Network Configuration | Protocols for [INSTANCE NAME] | TCP/IP
Launch SQL Server Configuration Manager on your VPS.
Take a look at the SQL Server Network Configuration. Make sure that TCP/IP is enabled.
Next look at SQL Server Services. Make sure that SQL Server Browser is running.
Restart the service for your instance of SQL Server.
Open the SQL Server Configuration Manager....
2.Check wheather TCP and UDP are running or not....
3.If not running , Please enable them and also check the SQL Server Browser is running or not.If not running turn it on.....
Next you have to check which ports TCP and UDP is using. You have to open those ports from your windows firewall.....
5.Click here to see the steps to open a specific port in windows firewall....
Now SQL Server is ready to access over LAN.......
If you wan to access it remotely (over internet) , you have to do another job that is 'Port Forwarding'. You have open the ports TCP and UDP is using in SQL Server on your router. Now the configuration of routers are different. If you give me the details of your router (i. e name of the company and version ) , I can show you the steps how to forward a specific port.
I had the same issue where my firewall was configured properly, TCP/IP was enabled in SQL Server Configuration Manager but I still could not access my SQL database from outside the computer hosting it. I found the solution was SQL Server Browser was disabled by default in Services (and no option was available to enable it in SQL Server Configuration Manager).
I enabled it by Control Panel > Administrative Tools > Services then double click on SQL Server Browser. In the General tab set the startup type to Automatic using the drop down list. Then go back into SQL Server Configuration Manager and check that the SQL Server Browser is enabled. Hope this helps.
Disable the firewall and try to connect.
If that works, then enable the firewall and
Windows Defender Firewall -> Advanced Settings -> Inbound Rules(Right Click) -> New Rules -> Port -> Allow Port 1433 (Public and Private) -> Add
Do the same for Outbound Rules.
Then Try again.
I recently upgraded from SQL 2008 R2 to SQL 2012 and had a similar issue. The problem was the firewall, but more specifically the firewall rule for SQL SERVER. The custom rule was pointed to the prior version of SQL Server. Try this, open Windows Firewall>Advanced setting. Find the SQL Server Rule (it may have a custom name). Right-Click and go to properties, then Programs and Services Tab. If Programs-This program is selected, you should browse for the proper version of sqlserver.exe.
If you have more than one Instances... Then make sure the PORT Numbers of all Instances are Unique and no one's PORT Number is 1433 except Default One...
Open SQL Server Configuration Manager.
Click SQL Server Services, on the right side choose the server you've created during installation (by default its state is stopped), click once on it and a play button should appear on the toolbar. Click on this play button, wait til its state turns to "Running". Now you're good.
Open SQL Server Management Studio; switch the "Server Type" to "Database Engine" and "Authentication" to "SQL Server Authentication". The default login is "sa", and the password is the password that you chose on creating the server. Now you're good to work.
In my case the problem was caused by the inconsistency between computer names. In system settings my computer was named with some long name, but apparently the name used for some certain communications was trimmed.
I changed the name in the settings to a shorter one and it worked.
I had built both a console app and a UWP app and my console connected fine, but not my UWP. After hours of banging my head against the desk - if it's a intranet server hosting the SQL database you must enable "Private Networks (Client & Server)". It's under Package.appxmanifest and the Capabilities tab.Screenshot
Before download the last version and update your sql server to fix errors of TLS 1.2 on Sql Server 2012. For more information, check here.
I don't know how to do this. I opened my SQL Server and connected using Windows Authentication at 10am. Until now, it does not go to the "Explorer".
I checked the services. The SQL Server Browser is running as well as the SQL Server Service. I restarted the service, but this did not solve the problem.
What should I do?
Below is the screen shot of the error.
(note the Server name has bee removed intentionally, I am actually using a server name)
Here's regarding the services I mentioned earlier
Do you mean that you can't see any databases listed in the Object Explorer? If so, click 'Connect' and choose to connect to a Database Engine. This should then list the server in that list.
Or if it is there, maybe it just needs to be expanded?
I assume that connection was working earlier? Maybe you could try to access server using dedicated administrator connection? Here is a brief description:
http://msdn.microsoft.com/en-us/library/ms178068.aspx
Another thing worth checking are protocols used for communication with server (shared mem, named pipes, tcp/ip, via) - check whether they haven't been disabled.
Maybe there is something also with your domain? If you use domain credentials, then maybe SQL Server has problems communicating with it.
If connection was not working before, then check whether you have approved windows authentication access.
In the SQL server configuration manager, there is an item called SQL server network configuration, under protocols, I selected the properties of the TCP/IP protocol. There is a tab "IP Addresses" there, and at the bottom of the list is an entry called IPAll. In my case the TCP port was empty. I entered the SQL standard port 1433 in there and I was able to connect.
This should work!!!
Regards
Mohammed
The server name should be PCNAME\SQLEXPRESS or PCNAME\MSSQLSERVER
How do I connect to SQL Server 2005/2008 using Management Studio or other desktop application over the internet?
Check out WCF Data Services:
http://msdn.microsoft.com/en-us/data/bb931106.aspx
That way, you don't have to totally expose your database server out to the internet, but you get fine grained control over what gets exposed and who (which type of user) can see or modify what.
Marc
I finally solved this by:
Changing default SQL Port to 8080 from 1433 (our ISP was blocking)
Turning off Windows Firewall on the server. I know this is not a long term solution, but at least I was able to pinpoint the problem. I had set two inbound firewall rules to allow port 8080 and SSMS program, on the server. I created an outbound firewall rule on the client for SSMS (but don't think this mad a difference).
I had to change all apps to use the new port instead of the default port. I had to configure our router to handle the new port 8080 and forward to the database server.
I will modify the Windows Firewall settings to see what was blocking SSMS.
DB Server: Windows 7 Pro 64bit 24 GB RAM
If you put 'your' SQL server (any brand, I'm not bashing) on the internet ... it won't be yours for long, unless you add some rather effective security measures ...
I suggest you look into VPN.
To be able to access your database over the internet, you will need to make sure that the server that hosts the database is accessible over the internet and the port that the database instance uses is open on that machine. You will also need to allow remote connections using the SQL Server Configuration Tool.
For Management Studio access I would recommend rather than opening the server to the outside to use a VPN solution that allows you to create a secure connection to the server and from there you can use the server name or IP to connect as if your machine is part of that network.
For the desktop application I would recommend looking into having the data be consumed through a web service or WCF rather than needing to have a direct connection to the database over the internet.
Hope this helps.
Firstly, if we put security consideration on the side, you have to configure SQL server (sql surface area configuration) to accept traffic, then you have to open proper ports on you server and allow inbound traffic thru to your router to the SQL server.
When you open sql server management studio in connect to server window and at the server name type the IP of your server and enter your username and password.
correct format : IP\InstanceName
you should have a user on target database.