SQL denied wiht SMB ports not 1433

  • I am running SQL 2000 Standard SP3 on two Windows 2003 servers. I am having issues connecting these servers thru a paticular Firewall. The server that is being accessed behind the firewall (Server B) is set up with TCP client 1434 and server 1433 (Same with Server A which is  outside).  I have both of these ports open in TCP and UDP on the firewall but when I watch the deny logs on the Firewall I get SMB ports that are denied (445,137,139) not 1434 (or 1433). I can however successfully connect the other way around ( Server B to Server A - In to Out). An idea on what I am missing???? I have read about needing Service Pack 4 Beta http://support.microsoft.com/kb/290211 but I am not sure I want to implement a Beta release. Also I don't understand why SMB ports are being referenced and not 1434 or 1433. Thanks in advanced.

  • This was removed by the editor as SPAM

  • Hi,

    Are you connecting over named pipes? Read here about your ports:

    http://www.petri.co.il/what_is_port_445_in_w2kxp.htm

    ".....The SMB (Server Message Block) protocol is used among other things for file sharing in Windows NT/2000/XP. In Windows NT it ran on top of NetBT (NetBIOS over TCP/IP), which used the famous ports 137, 138 (UDP) and 139 (TCP). In Windows 2000/XP/2003, Microsoft added the possibility to run SMB directly over TCP/IP, without the extra layer of NetBT. For this they use TCP port 445..."

    Please, let us know if you are sure that your client is using TCP/IP not Named Pipes. Your SQL Client need to use TCP/IP to use your firewall ports. You may verify it in Client Network Utility or your connection string where you can set it explicitly.

    Are any shares involved  in the app or anything else using NetBios name?

    Yelena

     

    Regards,Yelena Varsha

  • I read that and some other things on those ports. I have NamedPipes and TCP/IP set up for this server. According to the firewall logs it appears to be conecting via NamedPipes (ports 137-139 etc) and it gets denied although those ports are not blocked. Why does it default to named pipes and not TCP/IP ?? I have for the client network utility TCP/IP port 1434 and for the Server Network Utility-  NamedPipes and TCP/IP Port 1433.  Not sure why it won't connect to 1434/1433. Thanks for the help. 

  • If it could be of any help:

    I found the following about which protocol is used and how it could be changed without you having a clue. Try the following:

    Start creating a new ODBC source on Computer1 to the database on Server2 or edit existing Data Source. Click "Client Configuration" button. Change protocol to Named Pipes. OK. Then CANCEL out of Data Source creation/editing. You would think that everything you did was canceled. Not exactly. An entry now exists in Client Network Utility with the alias of Server2 with the Named Pipes protocol. And any app trying to connect to Server2 will do it using Named Pipes. This is more true if you save your data source, not cancel. Means, one app with one configured connection on computer1 will force all other apps to use a certain protocol.

    You can monitor your aliases in Client Network Utility or if SQL Client tools are not installed on your computer, this utility is invoked by Start->Run->cliconfg. Do create and use TCP/IP configured one.

    Yelena

    Regards,Yelena Varsha

Viewing 5 posts - 1 through 4 (of 4 total)

You must be logged in to reply to this topic. Login to reply