Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

SQL Publishing Problem

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> SQL Publishing Problem Page: [1]
Login
Message << Older Topic   Newer Topic >>
SQL Publishing Problem - 1.Sep.2005 10:42:00 AM   
CrazyProf

 

Posts: 1
Joined: 1.Sep.2005
Status: offline 		All of the configurations are below
Please do not take care of the topology for security because we are on the starting point and doing test phase.

ADSL Modem (Connected to Internet "[Smile]" )
WAN IP...........................: 444.444.444.444
LAN IP...........................: 192.168.1.254
Port 1433 is forwarded to IP 192.168.1.1 (ISA 2004 Machine)

ISA Server 2004 (2 NICS):

Ethernet Adapter 1:
IP Address. . . . . . . . . . . . : 192.168.1.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.1.254
DNS Servers . . . . . . . . . . . : 192.168.1.254
212.58.3.2

Ethernet Adapter 2:
IP Address. . . . . . . . . . . . : 10.0.0.1
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . :

SQL Server Configuration:
IP Address. . . . . . . . . . . . : 10.0.0.100
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.0.0.1
ISA Firewall Client Installed
MS SQL Server Running and using default Port 1433

Also I have some computers out of control of ISA 2004 as in the 192.168.1.X Network. These computers are using 192.168.1.254 as default gateway.

Also there is only three rules for Firewall Policy

Last / Default Rule / Deny / (Bla bla)
2 / Internet / Allow / All Outbound Traffic / All Networks / All Networks / All Users
3 / SQL Publish / Allow / Microsoft SQL Server / All Networks / 10.0.0.100

So even if a request comes from outside from port 1433 ADSL modem forwards it to ISA server. There is no problem.

Also any computer on 192.168.1.X can request on port 1433 to the ISA Server

But then ISA server uses in both case 2nd Internet Rule instead of SQL Server Publishing.

As I monitor with a query the process this is the result.

Log Time: Time
Destination IP: 192.168.1.1
Destination Port: 1433
Protocol: Microsoft SQL (TCP)
Action: Initiated Connection
Rule: Internet "[Confused]" "[Confused]" "[Confused]"
Client IP: 192.168.1.200 (from my 192.168.1.Y Network)
Client Username:
Source Network: Internal
Destination Network: Local Host

Log Time: Time
Destination IP: 192.168.1.1
Destination Port: 1433
Protocol: Microsoft SQL (TCP)
Action: Closed Connection
Rule: Internet "[Confused]" "[Confused]" "[Confused]"
Client IP: 192.168.1.200 (from my 192.168.1.Y Network)
Client Username:
Source Network: Internal
Destination Network: Local Host

I can not found where the problem is. I am expecting if any request comes to ISA 2004 on port 1433 it forwards this req. to my SQL Server and establishes a communication between the client and server. But it decides to use Internet Rule instead of SQL Server Publishing Rule. (I create SQL Server Publishing Rule by the Server Publishing Wizard)

So if anyone help me I would be thankful.

Best Regards
Ahmet Usta
Post #: 1
RE: SQL Publishing Problem - 2.Sep.2005 4:29:00 AM   
isawader

 

Posts: 420
Joined: 27.Apr.2005
Status: offline 		What's the IP range you included in the Internal Network definition?

You should only have 10.0.0.0 - 10.0.0.255 in it.

-Remove the firewall client from the SQL server.

[ September 02, 2005, 04:32 AM: Message edited by: ISAwader ]

(in reply to CrazyProf)
Post #: 2
RE: SQL Publishing Problem - 2.Sep.2005 9:03:00 AM   
iraq it

 

Posts: 297
Joined: 1.Jul.2005
From: Iraq
Status: offline 		When you publish SQL Server in ISA so who can access the server from outside?

Is publishing SQL server other solution for VPN?

Thanks,

(in reply to CrazyProf)
Post #: 3
RE: SQL Publishing Problem - 2.Sep.2005 10:22:00 AM   
isawader

 

Posts: 420
Joined: 27.Apr.2005
Status: offline 		Al-Taee,

If I understand you correctly, I think you like to know how to safely publish your SQL server to the internet, right?

I would highly recommend that you don't publish your SQL server. If you have to, use VPN.

(in reply to CrazyProf)
Post #: 4
RE: SQL Publishing Problem - 3.Sep.2005 2:59:00 AM   
iraq it

 

Posts: 297
Joined: 1.Jul.2005
From: Iraq
Status: offline 		Hi ISAWader,

Iam workig on:
http://www.microsoft.com/technet/prodtechnol/sql/2000/maintain/proxy.mspx

and hope there is not security risk with it.

Thanks,

(in reply to CrazyProf)
Post #: 5

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> Server Publishing >> SQL Publishing Problem Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts