• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

MySQL Protocol

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> Access Policies >> MySQL Protocol Page: [1]
Login
Message << Older Topic   Newer Topic >>
MySQL Protocol - 15.Dec.2010 2:24:01 PM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
Trying to connect to a MySQL server behind an ISA 2006 Firewall. A publishing ules has already been provisioned to allow TCP Protocol 3306 listening on All Protected Networks ported to MySQL Server. I am still unable to connect to the server mentioned and upon checking the logs recieve a - 12/15/2010 9:06:19 PM 192.168.0.3 3306 MySQL Server Closed Connection Publish MySQL Server 10.8.111.8 rb-ha-1.za.mtnns.net Internal 0xc0040038 FWX_E_TCP_NO_SERVER_REPLY 52254

Any assistance would be greatly appreciated.
Post #: 1
RE: MySQL Protocol - 16.Dec.2010 9:05:55 AM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

do not use All Protected Networks to publish your server, choose only the interface reacheable to this server.

FWX_E_TCP_NO_SERVER_REPLY means that ISA firewall did not get a server response. Check if the MySQL server gateway is pointing to ISA IP on that NIC. Example, if it is the internal interface, it should point (or reach somehow) the ISA internal interface IP.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 2
RE: MySQL Protocol - 17.Dec.2010 11:46:38 AM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
Please advise that i am still unable to port traffic from our remote source to the internal MySQL Server. Please advise on an access or publishing rule to create in order to port protocol 3306 to an internal MySQL Server. Error Log: 12/17/2010 6:49:01 PM 192.168.0.3 3306 MySQL Server Initiated Connection Publish MySQL Server 10.8.111.8  rb-ha-1.za.mtnns.net Internal - - 0x0 ERROR_SUCCESS

(in reply to paulo.oliveira)
Post #: 3
RE: MySQL Protocol - 17.Dec.2010 12:04:37 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

create an Inbound protocol on TCP port 3306. Use non-web server publishing wizard, choose the Network that will listen to requests (External Network, I guess) and put the internal IP address of your MySQL server.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 4
RE: MySQL Protocol - 17.Dec.2010 12:20:15 PM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
After creating the publish rule the following error is encountered - 12/17/2010 7:22:57 PM 192.168.0.3 3306 MySQL Server Initiated Connection Publish MySQL Server 10.8.111.8  rb-ha-1.za.mtnns.net Internal - - 0x0 ERROR_SUCCESS

Please advise.

(in reply to paulo.oliveira)
Post #: 5
RE: MySQL Protocol - 17.Dec.2010 2:04:33 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

it means no error. Means you´ve successfully initiated connection to the server.

What makes you think it is not working?

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 6
RE: MySQL Protocol - 17.Dec.2010 2:14:37 PM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
When initiating a conenction through MySQl Browser from the Remote Host the following error is recieved: Could not conenct to the specified instance. MySQL Error Number 2003. Can't connect to the MySQL server on "IPADDRESS' (10060).

(in reply to paulo.oliveira)
Post #: 7
RE: MySQL Protocol - 17.Dec.2010 3:03:33 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

make sure your ISA NICs are properly configured: http://blog.msfirewall.org.uk/2008/06/isa-servers-recommeded-network-card.html

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 8
RE: MySQL Protocol - 17.Dec.2010 3:23:34 PM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
Thanks for all the help so far.
I have confirmed that the NICs are confirgured correctly, but the MySQL Server and that the MySQL Service is listening on PORT 3306 but the connection is still being dropped. Any other suggestions would be greatly appreciated. 

12/17/2010 10:21:22 PM 192.168.0.3 3306 MySQL Server Initiated Connection Publish MySQL Server 10.8.111.8  rb-ha-1.za.mtnns.net Internal - - 0x0 ERROR_SUCCESS

(in reply to paulo.oliveira)
Post #: 9
RE: MySQL Protocol - 17.Dec.2010 3:35:46 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

can you provide details of your publishing rule?

Can you also provide network diagram of the relevant part of your network?

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 10
RE: MySQL Protocol - 18.Dec.2010 2:13:08 PM   
Eminem

 

Posts: 7
Joined: 23.Sep.2010
Status: offline
Publishing Rule
Publish MySQL Server
Protocol 3306 TCP Inbound
Listen Remote APN
Destination 192.168.0.3
All Users

Network Diagram
Private Lan<--Microsoft ISA<--Remote APN

< Message edited by Eminem -- 18.Dec.2010 2:15:09 PM >

(in reply to Eminem)
Post #: 11
RE: MySQL Protocol - 18.Dec.2010 6:01:17 PM   
paulo.oliveira

 

Posts: 3472
Joined: 3.Jan.2008
From: Amazon, Brazil
Status: offline
Hi,

if you do a telnet to MySQL server from internal and external network, you get the same result?

Also, use a network sniffer to see if you get different responses.

Regards,
Paulo Oliveira.

_____________________________

Microsoft Premier Field Engineer (PFE)
Blog: http://poliveirasilva.wordpress.com/
Twitter: https://twitter.com/poliveirasilva

(in reply to Eminem)
Post #: 12

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> Access Policies >> MySQL Protocol Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts