• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

VPN access to SQL server fails

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA 2006 Firewall] >> VPN >> VPN access to SQL server fails Page: [1]
Login
Message << Older Topic   Newer Topic >>
VPN access to SQL server fails - 3.Oct.2012 7:02:54 AM   
micjo01

 

Posts: 47
Joined: 25.Mar.2003
From: Brussels
Status: offline
Hello,

A long time ago I've setup my ISA2006 as a VPN server and since then my clients could connect to the internal network from home.
After rebooting one of my MS SQL Servers my clients can no longer access this server via Microsoft SQL Server Management Studio.

The strange part is that there are some other SQL Servers that work just fine. I've noticed that the SQL Servers that are facing the access problem runs multiple SQL instances that listen on ports different from the default 1433 port.

However this shouldn't be a problem since there is a VPN client inboud access rule that permits all traffic.

Logging shows that a connection is initiated to the SQL server on port 1434 (=this is the port that SQL Server listens to by default and tells the client on which port the instance is listening) by using the Microsoft SQL (UDP) protocol and the VPN client access rule. Next it closes the connection with result code 0x80074e20 FWX_E_GRACEFULL_SHUTDOWN.

How can I troubelshoot this problem ?

Thanks for your help.

Regards,


Joeri Michiels
Post #: 1
RE: VPN access to SQL server fails - 3.Oct.2012 1:25:23 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
The best way to debug such problems is to take a network monitor trace on the ISA internal interface.

HTH,
Stefaan

(in reply to micjo01)
Post #: 2
RE: VPN access to SQL server fails - 23.Oct.2012 4:49:14 AM   
micjo01

 

Posts: 47
Joined: 25.Mar.2003
From: Brussels
Status: offline
Hello Stefaan,

Sorry for the late reply but I had to finish another project first.
Unfortunately running a network trace (wireshark) on the internal interface of the isa server doesn't help me find the solution. A screenshot of what I see is on https://vandijk.sharefile.com/d/s46a514324414cd69.

The vpn client (ip 172.27.1.7) is first establishing a connection with the cluster (ip 172.27.4.46) via port 56230. Next it establishes a connection with the individual server (ip 172.27.4.38) via the same port. Then I see the same thing happening again but this time on port 56231, 56232, 56233, 56234, and so on.

It looks like the first connection attempt on port 56230 didn't work and its trying on those other ports now, apparently in increasing order.

However the network trace doesn't some any errors or messages that could help me troubleshoot this problem.

Microsoft SQL Management Studio times out after a few moments with the following message :
Cannot connect to sqlserver\sqlinstance
A network related or instance specific error occured while establishing a connection to SQL Server.


I'm still not sure what the cause of this problem can be.

Thanks for helping me out.

Regards,


Joeri Michiels

(in reply to spouseele)
Post #: 3

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA 2006 Firewall] >> VPN >> VPN access to SQL server fails Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts