Welcome to ISAserver.org

SQL Server 2000 Inbound and Outbound Access

Users viewing this topic: none

Logged in as: Guest

Printable Version

All Forums >> [ISA Server 2000 Firewall] >> SecureNAT Client >> SQL Server 2000 Inbound and Outbound Access

Page: [1]

Message

<< Older Topic Newer Topic >>

SQL Server 2000 Inbound and Outbound Access - 19.Nov.2002 1:32:00 AM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

I have SQL Server 2000 installed on a SecureNat client, with ISA Server on another machine connected to the Internet. I want to use Enterprise Manager to connect with a remote SQL Server, something I managed to set up in a previous similar configuration but I have forgotten how I did it (must write things down!). Anybody know how I did it, or how it should be done, please?

Post #: 1

Featured Links*

RE: SQL Server 2000 Inbound and Outbound Access - 19.Nov.2002 4:14:00 PM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi unclehughie,

Make sure you're using TCP/IP and that name resolution is working correctly.

HTH,
Tom

(in reply to unclehughie)

Post #: 2

RE: SQL Server 2000 Inbound and Outbound Access - 19.Nov.2002 5:06:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Thanks, Tom.
I am, and it is (that is, I can connect to the Internet from the internal server - which is a domain controller, is that important? - and I can send mail from the SMTP Server on that same machine - thanks for your excellent instructions on how to set that up).
Anything else you can think of, please?

(in reply to unclehughie)

Post #: 3

RE: SQL Server 2000 Inbound and Outbound Access - 20.Nov.2002 5:01:00 PM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Unk,

That's all I can think of in terms of common problems. I don't know much with SQL 2000, other than it has something to do with databases or tables or something like [Razz]

HTH,
Tom

(in reply to unclehughie)

Post #: 4

RE: SQL Server 2000 Inbound and Outbound Access - 20.Nov.2002 5:15:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Well, Tom, I like a man who admits he doesn't know much about something. If I find out the problem, I'll fill you in.

(in reply to unclehughie)

Post #: 5

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 5:09:00 PM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Unk,

That would be great. SQL problems appear here quite a bit, so any tips and tricks you discover on how to get it to work with ISA Server, please let us know about 'em and I'll save the post for next time.

Thanks!
Tom

(in reply to unclehughie)

Post #: 6

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 5:19:00 PM

MCain

Posts: 85
Joined: 5.Sep.2002
From: New Jersey, USA
Status: offline

Hi unclehughie,

I've been known to poke about with SQL from time-to-time. Where exactly are you stuck? I'm not really sure from the thread what you are trying to do. Are you connecting through a VPN or ???

[Confused]

-Matt

(in reply to unclehughie)

Post #: 7

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 6:41:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Thanks for the offer to help. I am running SQLServer 2000 on my domain controller (Win2kServer), which is a securenat client of the ISAServer machine connected to the Internet. I also have a SQLServer2000 database on the remote server that hosts my web site. I use Enterprise Manager to communicate with the remote db.
I installed another instance of SQLServer 2000 on the ISAServer machine and succeeded in connecting with the remote db by creating a packet filter. It uses a custom filter - TCP, dynamic local port and 1433 fixed remote port. This works but is unsatisfactory for security, I think, and I would much prefer to keep my local SQL db on internal domain controller.
Any thoughts you have would be welcome.

(in reply to unclehughie)

Post #: 8

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 7:00:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Further to my last message, I forgot to mention that I have a protocol rule to allow SQLServer, using the Microsoft SQL Server protocolin the list of available protocols.

(in reply to unclehughie)

Post #: 9

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 7:22:00 PM

MCain

Posts: 85
Joined: 5.Sep.2002
From: New Jersey, USA
Status: offline

Hi unclehughie,

Have you read this article in the Microsoft knowledgebase?

HOWTO: Configure ISA Server 2000 and Enterprise Manager to Connect Through ISA to a SQL Server

I agree that you should remove the SQL installation from the ISA Server. If the above doesn't answer your question, is your remote server on the DMZ, the LAN, or at an external host?

HTH,

-Matt

(in reply to unclehughie)

Post #: 10

RE: SQL Server 2000 Inbound and Outbound Access - 21.Nov.2002 8:28:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Excellent suggestion. The Microsoft KB article did the trick. Here's the key to the mystery. The SQLServer protocol definition built into ISA Server allows only inbound traffic. To allow outbound traffic, you have to create a new protocol definition as per the KB.
Thanks a lot.

- A related question to Tom: I configured my internal SMTP Server following your excellent instructions and it's working fine. But I had a moment's qualm when a port scanner I have access to reported that the SMTP port is open. This probably isn't a problem because access is restricted to one IP address on the internal server, and is also protected against relaying by my Windows user account password, isn't it? A little reassurance would be welcome, though.

(in reply to unclehughie)

Post #: 11

RE: SQL Server 2000 Inbound and Outbound Access - 22.Nov.2002 6:51:00 PM

tshinder

Posts: 47490
Joined: 10.Jan.2001
From: Texas
Status: offline

Hi Unk,

That's normal and OK. If the port is open, scanners will show that its open, there's nothing that can be done about it. If you enable the SMTP application filter, you'll be protected against a lot of buffer overflow issues. Its important that you protect against relay, which you've done.

Thanks!
Tom

(in reply to unclehughie)

Post #: 12

RE: SQL Server 2000 Inbound and Outbound Access - 22.Nov.2002 6:58:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Thanks, Tom. I see you have an article on setting up the message screener, but not on configuring it, I believe. Is that one coming soon?
One other issue: I'm having trouble setting up Email notification of ISA Server alerts. I've tried using my internal SMTP server, and I've tried using my ISP's mail server which I use for regular mail. But neither works. My internal SMTP server seems OK because I can send mail while using it. Any ideas, please?

(in reply to unclehughie)

Post #: 13

RE: SQL Server 2000 Inbound and Outbound Access - 22.Nov.2002 7:22:00 PM

unclehughie

Posts: 70
Joined: 31.Dec.2001
From: Montreal, Canada
Status: offline

Tom, further to the SMTP Application Filter and the message screener, I've worked may way through the configuration screens. But can you suggest a maximum length in bytes for a buffer overflow filter rule, please?

(in reply to unclehughie)

Post #: 14

RE: SQL Server 2000 Inbound and Outbound Access - 28.Nov.2002 12:17:00 AM