Connecting to servers between domains

  • Hi Folks,

    I need to connect to another instance of SQL server from one of machines that are in DMZ. I have an instance MSDE installed on a box in a DMZ, now I want to register connect it to an instance located within the domain. I have tried to register the other boxes in Enterprise Manager but without success.

    Can anyone tell me what ports need to be open(I have 1433 and 1434 open); on each of the machines do I need to have the same client libraries installed or should they be the same for server/client?

    Basically I need to setup replication between the domains and am having difficulty implementing it. Can anyone help me out with this or alternatively give me another method of implementing replication?

    Thanks in advance,

    M

     

  • I think you've done what you need for ports as far as I can remember...  The tricky thing will be your choice of Windows/SQL authentication - you may well find that the default Windows Auth won't work through the firewall, so you'll need to enable mixed-mode authentication on your servers, create a sql login for replication and configure your replication to use it rather than windows auth.

  • You will need to register the sql server using IP address, not DNS name.  Verify the port in which sql server is running.  This port will be needed (if it's not 1433) when registering the sql server.

    As previously mentioned you will need to used mixed mode authentication because the domain accounts won't be recognized.

    What type of replication will you be setting up?  Pull or Push.  I found it's easier to Push the subscription from the Inside to the Outside as there are less firewall restrictions.  Let the inside be the publisher.

  • Try this port list (I had to work through a 'deny-all' firewall once) ...

    1433, TCP

    1434,UDP

    3389,TCP --> for RDP Client Access

    445,TCP

    445,UDP

    135,TCP

    135,UDP

    137,UDP

    138,UDP

    139,UDP

    5000-5250,TCP --> registry hack needed as well for the range of ports (I believe it was for RPC calls that SQL makes to return data. If you don't do this SQL uses randm ones.)

    Also, the port access must be bi-directional. Hope that this helps ...

    RegardsRudy KomacsarSenior Database Administrator"Ave Caesar! - Morituri te salutamus."

Viewing 4 posts - 1 through 3 (of 3 total)

You must be logged in to reply to this topic. Login to reply