Internet using Enterprise Manager. The machine running SS is behind a NAT
router. According to BOL I should be able to connect if I forward the TCP
port that SS is using (1061 in my case) and UDP port 1434 to the SS
machine. However, I cannot get this to work.
When I attempt to register the server in Enterprise Manager I use the WAN
IP address of the router as the server name. However, registration fails
with the message "SQL Server does not exist or access denied."
I cannot believe that I am the only person trying to do this. Can someone
tell me what I am missing?
Bill Todd
Bill Todd wrote:
> I am attempting to connect to a named instance of SS 2000 across the
> Internet using Enterprise Manager. The machine running SS is behind a
> NAT router. According to BOL I should be able to connect if I forward
> the TCP port that SS is using (1061 in my case) and UDP port 1434 to
> the SS machine. However, I cannot get this to work.
> When I attempt to register the server in Enterprise Manager I use the
> WAN IP address of the router as the server name. However,
> registration fails with the message "SQL Server does not exist or
> access denied."
> I cannot believe that I am the only person trying to do this. Can
> someone tell me what I am missing?
Do you have the Windows Filewall or another software firewall running on
the PC? If so, you may have to open up those ports on the PC.
David Gugick
Imceda Software
www.imceda.com
|||Thanks for replying. SQL Server is running a a Win2k Server machine with
no software firewall. The only firewall is the NAT router.
Bill Todd
David Gugick wrote:
> Do you have the Windows Filewall or another software firewall running on
the PC? If so, you may have to open up those ports on the PC.
|||I should also mention that I have no problem connecting to SQL server
across the LAN that the server machine is on.
Bill Todd
|||On 2005-01-11, Bill Todd <no@.no.com> wrote:
> I should also mention that I have no problem connecting to SQL server
> across the LAN that the server machine is on.
>
If I got you right, you have a situation similair to this:
You have an SQL server in your local network, uses local IP adress pool
(192.168.x.x, or 10.x.x.x or similair), and if that machine wants to go out,
it uses default gateway set up on your network. I'm presuming that NAT is
running on that gateway. So, if you're connecting to host outside your
network, from any of the machines inside your network, the outside host will
'see' the gateway IP address (public one, not the private one). So, there is
no way you'd be able to connect to the inside host.
You can do what BOL suggests, do a port forwarding on your gateway. You
don't need UDP ports, TCP only matters. So, for a default instalation, where
SQL server 'listens' on port 1433, you'd have to choose a port on the
gateway, and forward all incomming connections from that port to the 1433
port on the machine where the SQL server is.
Or, you could use ssh, if you have access to the 'outside' ssh server to
establish ssh tunnels, and then set up port forwarding directly from your
machine to the SQL server in your network. I'd go with SSH, because of the
security level it offers. You'd be having all communication between your SQL
server and you as a client - encrtypted.
I'm using SSH to connect to my work network from any dialup location in the
world. And it works excellent.
Mike
"I can do it quick. I can do it cheap. I can do it well. Pick any two."
Mario Splivalo
msplival@.jagor.srce.hr
|||Your understanding is exactly right except that the gateway on the network
is a simple Linksys cable/DSL router. The other difference is that I am
trying to connect to a named SS 2000 installation which, according to
Enterprise Manager, uses port 1061.
I have, I think, done exactly what you suggest. I have forwarded TCP port
1061 on the Internet side of the router to port 1061 on the machine
running SQL server. It does not work.
I have no idea how to implement SSH and security is not an issue in this
case since the remote adminstration will be temporary and the only data
exposed will be test data.
Clearly I am missing something. Is there anything else you can think of
that I should check or set? This should be easy.
Bill Todd
Mario Splivalo wrote:
> On 2005-01-11, Bill Todd <no@.no.com> wrote:
> If I got you right, you have a situation similair to this:
> You have an SQL server in your local network, uses local IP adress pool
> (192.168.x.x, or 10.x.x.x or similair), and if that machine wants to go
out,
> it uses default gateway set up on your network. I'm presuming that NAT is
> running on that gateway. So, if you're connecting to host outside your
> network, from any of the machines inside your network, the outside host
will
> 'see' the gateway IP address (public one, not the private one). So,
there is
> no way you'd be able to connect to the inside host.
> You can do what BOL suggests, do a port forwarding on your gateway. You
> don't need UDP ports, TCP only matters. So, for a default instalation,
where
> SQL server 'listens' on port 1433, you'd have to choose a port on the
> gateway, and forward all incomming connections from that port to the 1433
> port on the machine where the SQL server is.
> Or, you could use ssh, if you have access to the 'outside' ssh server to
> establish ssh tunnels, and then set up port forwarding directly from your
> machine to the SQL server in your network. I'd go with SSH, because of
the
> security level it offers. You'd be having all communication between your
SQL
> server and you as a client - encrtypted.
> I'm using SSH to connect to my work network from any dialup location in
the
> world. And it works excellent.
> Mike
|||More information. The problem is connecting to a named instance. SS 2000
is installed as a named instance because the server is also running SS 7.
I _can_ connect through the NAT router to SQL Server 7 using the steps you
described. So, the question is, what do I have to do differently to
connect to the named instance of SS 2000 that is litening on port 1061.
Port 1061 is forwarded exactly like 1433.
I suspect that I need to change some setting on the client machine to get
Enterprise Manager to connect on port 1061 instead of 1433. Any
suggestions?
Bill Todd
|||Bill Todd wrote:
> More information. The problem is connecting to a named instance. SS
> 2000 is installed as a named instance because the server is also
> running SS 7. I _can_ connect through the NAT router to SQL Server 7
> using the steps you described. So, the question is, what do I have to
> do differently to connect to the named instance of SS 2000 that is
> litening on port 1061. Port 1061 is forwarded exactly like 1433.
> I suspect that I need to change some setting on the client machine to
> get Enterprise Manager to connect on port 1061 instead of 1433. Any
> suggestions?
Go into the SQL Server Server Network Utility on the server and assign
the named instance a hard-coded port. With named instances, SQL Server
pulls from a pool and there is no guarantee you'll get the same port
every time the instance is started. You also need to specify the port
when connecting by specifying the SERVER,PORT (e.g. MyServer,1434). You
could also assign an alias from the remote PC to the server to avoid
having to type the server\instance long name and port # by assigning the
instance a simple name, TCP-IP as the protocol, and put in the port
number. Then you use the alias from the remote PC when connecting.
Just make sure you have port forwarding turned on for the assigned TCP
port number on the router.
David Gugick
Imceda Software
www.imceda.com
|||The problem was the comma between the server IP address and the port
number. I found an article on MSN that showed a space between the server
and port. I also tried a colon.
The devil truly is in the details.
Thanks.Bill Todd
No comments:
Post a Comment