Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Westi on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

SQL Server ODBC Port Filtering on a DMZ

Status
Not open for further replies.
ReddogCA

ReddogCA

IS-IT--Management
Jan 26, 2007
9
US
I have a problem with my MS Server 2003 on the DMZ network requesting an ODBC connection to another MS Server 2003 on my trusted network with SQL Server 2000.
The DMZ server has its ODBC configured to use port 1433 which is the standard port for MS_SQL_Server.
I made a rule on the Firewall to allow port 1433 in order for incoming and outgoing traffic from the DMZ to reach the SQL Server on the trusted network.
But it does not work because the DMZ Server makes the ODBC connection request with a dynamic port number (it changes port numbers every time).
The good news is that the MS Server 2003 on my trusted network with SQL Server 2000 listens with port 1433, as configured.
I verified this with the "netstat" command.
The ODBC connection only works when I allow "Any" ports from the DMZ to the trusted network.
But, by doing this it will disavow the use of the firewall.
My question is...how can I force the MS Server 2003 on the DMZ to make the request with a static port number instead of a dynamic port number?
 
Sort by date Sort by votes
Is the SQL Server instance a named instance?

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

My Blog
 
Upvote 0 Downvote
Hi Denny...Thanks for the reply.
There is no named instance. Only, the default install.
Here is what is happening:
Proto Local Address Foreign Address State
TCP 192.168.xxx.xxx:2767 192.168.zzz.zzz:1433 TIME_WAIT

As you can see, the DMZ Server's ODBC requestor port is 2742, and the Trusted SQL Server ODBC listening port is 1433. I need them both to be 1433 in order to go back and forth between the DMZ. Hope this helps.
 
Upvote 0 Downvote
The local port number can be any port number. Only the servers port number is static. This is normal behavior of all server based communications.

Denny
MCSA (2003) / MCDBA (SQL 2000)
MCTS (SQL 2005 / Microsoft Windows SharePoint Services 3.0: Configuration / Microsoft Office SharePoint Server 2007: Configuration)
MCITP Database Administrator (SQL 2005) / Database Developer (SQL 2005)

My Blog
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

MaioMaio
  • Locked
  • Question
Server Remote Desktop License
Replies
0
Views
423
MaioMaio
MaioMaio
Aquiles Vidal
  • Locked
  • Question
Web Browsers in Windows Server or Terminal Server
Replies
0
Views
514
Aquiles Vidal
Aquiles Vidal
rzammit82
  • Locked
  • Question
Windows Server 2016 - DNS/AD problem
Replies
1
Views
676
suncit
suncit
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
564
DrB0b
DrB0b
antonio_dsanchez
  • Locked
  • Question
post-installation WSUS windows server 2016
Replies
0
Views
427
antonio_dsanchez
antonio_dsanchez

Part and Inventory Search

Sponsor

Back
Top