Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Open port 4022 for SQL broker service.. 1
- Thread starter shazzam1
- Start date
-
1
- #2
if you have access to the router
I strongly recommend you consider tunneling from outside using ssh protocol instead of opening sql server to the outside world.
QatQat
If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!
Code:
iptables -A INPUT -i your_external_interface -p tcp --dport 4022 -j ACCEPT
iptables -t nat -A PREROUTING -i your_external_interface -p tcp --dport 4022 -j DNAT --to-destination your_sql_server_machineI strongly recommend you consider tunneling from outside using ssh protocol instead of opening sql server to the outside world.
QatQat
If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!
- Thread starter
- #3
well you start from making sure that ssh server is installed, configured and running on the linux gateway.
The name sshd may differ according to your distribution
If it replies positively you must then open ssh port to the outside world. Just iussue a
iptables -L
and verify that port 22/ssh is already open otherwise
I am not going into creating certificates, and configuring ssh server as there is plenty literature on the web. An easy tutorial is here
Proceed to download putty.exe from the following address
Run putty on the sql remote client and create a new ssh2 connection to your linux gateway's public address. Then, from the left menu select and expand ssh, then select tunnels.
In the tunnels screen go to the section
"Add new forwarded ports" and register
Source Port: 4022
Destination: sql_server_addr:4022
Where sqlserver_addr is the private address that your sql server machine has on the network.
Save all new settings by going to the "Session" screen (top left) and connect putty to your linux server.
Now you must change your SQL client to connect to Localhost, after establishing connection with putty.
Putty will infact tunnel your LOCAL port 4022 to the remote host port 4022 encrypting all traffic tunneling it into the ssh connection.
Note that some services may use more ports to communicate. In the specific I cannot guarantee that sql broker only uses 4022 as my windoz knowledge is a bit outdated. I believe that a more elegant way to intercept broker's messages is to use web services nowadays.
Anyway, as far as tunneling is concerned, you may also repeat the same steps to formward different ports, i.e. remote desktop (port 3389).
Just remember that when forwarding remote desktop you cannot use local:3389 as that is the port used by your client's desktop (so you would see youw own desktop and not the remote one).
You may want to try something like
Local: 3391
Destination: Sql_server_addr:3389
Then from the client you must open a remote desktop session using Localhost:3391.
Enjoy
QaTQat
If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!
Code:
/etc/init.d/sshd statusThe name sshd may differ according to your distribution
If it replies positively you must then open ssh port to the outside world. Just iussue a
iptables -L
and verify that port 22/ssh is already open otherwise
Code:
iptables -A INPUT -i your_external_interface -p tcp --dport 22 -j ACCEPTI am not going into creating certificates, and configuring ssh server as there is plenty literature on the web. An easy tutorial is here
Proceed to download putty.exe from the following address
Run putty on the sql remote client and create a new ssh2 connection to your linux gateway's public address. Then, from the left menu select and expand ssh, then select tunnels.
In the tunnels screen go to the section
"Add new forwarded ports" and register
Source Port: 4022
Destination: sql_server_addr:4022
Where sqlserver_addr is the private address that your sql server machine has on the network.
Save all new settings by going to the "Session" screen (top left) and connect putty to your linux server.
Now you must change your SQL client to connect to Localhost, after establishing connection with putty.
Putty will infact tunnel your LOCAL port 4022 to the remote host port 4022 encrypting all traffic tunneling it into the ssh connection.
Note that some services may use more ports to communicate. In the specific I cannot guarantee that sql broker only uses 4022 as my windoz knowledge is a bit outdated. I believe that a more elegant way to intercept broker's messages is to use web services nowadays.
Anyway, as far as tunneling is concerned, you may also repeat the same steps to formward different ports, i.e. remote desktop (port 3389).
Just remember that when forwarding remote desktop you cannot use local:3389 as that is the port used by your client's desktop (so you would see youw own desktop and not the remote one).
You may want to try something like
Local: 3391
Destination: Sql_server_addr:3389
Then from the client you must open a remote desktop session using Localhost:3391.
Enjoy
QaTQat
If I could have sex each time I reboot my server, I would definitely prefer Windoz over Linux!
- Thread starter
- #5
- Thread starter
- #6
- Status
Similar threads
