Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Problems connecting to SQL2000 Server, through our pix firewall

Status
Not open for further replies.

DarrenBolton

Technical User
Nov 17, 2003
12
GB
Im having a problem with communicating with a SQL 2000 server through a firewall.

This is the setup.

In the DMZ we have 2 servers setup running Windows 2003 Enterprise Server both of them have ISA2000 installed in webcache mode only they are in a NLB Cluster. Then on the internal network we have a Cluster setup with a virtual running our SQL instance.

On the ISA server we need to install surf control which will then log to the SQL server on the internal lan, we have opened up port 1433 on the firewall for both TCP and UDP but are still unable to connect with the SQL server.

We have even tried allowing all traffic between the 2 ip's through the firewall to no avail.

The SQL server is working because on the internal lan we can connect to the SQL instance without a problem.

This is starting to really get me frustrated and would love if someone else could chuck some ideas into the frying pan for me.

For you info the firewall is a pix

Cheers
 
What errors are you getting (check the SQL Server Error Logs and the Windows Event Logs)?

What TCP port is SQL Server listening on (default is 1433, but it might be set for something else, especially if it isn't the default instance).

I usually suggest this as a first test:

Have you tried to PING the SQL Server from the computer on the other side of the firewall? Can you PING it by servername or only by IP?

Then another thing to check is:
Is the SQL Server set for Windows Authentication only? If so, are the computers on different networks? Are the user's logins/passwords the same on both the client side and SQL Server?

-SQLBill
 
Ive just found out that if I create a local odbc resource on one of the proxy's and tell it to use named pipes it then allows the surf control installer to see the SQL instance, but as soon as i change the odbc to use TCP/IP it stops seeing it again.
 
Have you tried PING to the SQL Server yet? One thing PING will tell you is whether you can use the name or have to use the IP address.

If you can't/don't want to try PING, in the ODBC connection put the IP address of the SQL Server instead of the name and see if that works.

-SQLBill
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top