Connection From OUTSIDE Problem
-
Hi everybody,
The following is an introduction describing my small workgroup network
setup. After that will come description of the problem.
I have 3 machines. Machine 1 is installed with windows 2000 server
and ms sql 2000 enterprise edition. Machine 2 and 3 are installed
with windows 2000 and XP, resepectively. All the machines are
connected to one another to the through workgorup setup into a router,
ehich in turn, is connected to the cable modem of ISP optimum online.
All the connections seem to work fine and each computer cab access one
another as well as the internet. I run from machine 2 the following
snippte of code :
sub TestWithinWorkGroup()
Dim sqlconn As New ADODB.Connection
Dim rs As ADODB.Recordset
ConnectionString = "Driver={SQL Server};" & _
"Server=192.168.0.2;" & _
"Address=192.168.0.2,1433;" & _
"Network=DBMSSOCN;" & _
"Database=pubs;" & _
"User ID=sa;" & _
"Pwd=******"
sqlconn.Open ConnectionString
Set rs = sqlconn.Execute("select * from authors")
Debug.Print rs("au_fname")
End sub
That code is a test performed SUCCESSFULLY inside the workgroup.
Without getting into the details of the code, I would mention that
Machine 1, where the database is, has a private network ID of
192.168.0.2, which used in the VB code,s connection string, along with
the port number, port 1433. Machine 2, from which the code was
executes has a private network ID of 192.168.0.3. I guess the IP
address(i.e., 192.168.0.2) and the port number(1433) are the only two
so-called arguments that are relevant to the problem at hand, which
can be summarized by the following question : what do I have to do in
order to make this test work when running that snippet of code from a
machine OUTSIDE the workgroup (e.g., some machine on the internet)?
One thing I know for sure is that I need to replace any IP address
occurence of 192.168.0.2 (where the database is) with the IP address
known of the that workgroup as it's lookup upon from the internet. A
small check tells me that my DYNAMIC IP address is 24.191.235.110.
Anything that needs to be done or configured in addition to the
aforementioned replacement is another good guess at best, a question
mark at worst. Since I have tried many things already and nothing
yielded any good result, I can be sure only about the requirement to
replace (inside the vb code snippet) the IP of the private network
related to machine 1 with the public Ip address of the small
workgroup, and foregive me for my bad terminologi if indeed that is
the case.
It is important to note that even though the IP I mentioned above
(e.g., 24.191.235.110) is DYNAMIC, the intended test from a remote
machine can be successful as long as the IP does not change by the ISP
system, which is possible if the cable modem power is not turned off.
But even if it worked only once, I will be happy, since I'm only
testing. And when the test is successful, I'll know excatly what I'am
required to do with respect to the entire WORKGROUP configuration, or
maybe just the configuration of the router or Machine 1.
Let's review all of the above: We know that the internal setup is a
workgroup, connected to the internet with a router. We know that a
successful test worked in the context of a workgroup.
My goal is to perform tha test from a remote machine in which the vb
snippet above, with small adaptation, will be executed in order to
connect and run a query with respect to the database in Machine 1.
If there is anyone out there in this discussion group that can help me
bring about a remote successful test for once and for all, then I will
be greatly appreciative. If you can provode me a step by step
instructions to follow, then it will be all the better.
Thank you in advance
Avi
-
Chances are that Port 1433 is BLOCKED at the router. If you're using a small router/switch like an SMC, dLink, Siemens, etc., ports are blocked by default from inbound traffic. You need to change a virtual server setting in the router to open that port from the internet. Check the docs on the router, but the typical operation is to set the port active and point it to a specific machine on the inside, i.e., your server.
Hope this helps.
Butch -
hi ButchH,
thank you for reading the problem I experiencing and making an effort to help in that matter. Your line of thinking makes much sense to. Im fact, I suspected that there is somethin on my machine that prevents coonection form outside, namely, ports theat don't listen. What you are suggesting is, I believe, what many routers provide nowadays -- Port Forwarding. If that's what you meant, then I tried it. Actually, I tried to think of the problem in hand as aconnection problem, not an SQL problem. I stipulated that a successful connection to tmy personal website will probably men a successful connection to the ms sql server. So I tried to connect from the IE adrress bar into the default web site of the machine where windows server 2000 is and where the personal web site is. Again, I can do it internall from whithin the network, but not from OUTSIDE. Coming back to the issue of port forwarding, I loged into the administration page of the router and configured the HTTP service to be directed to the windows server 2000 on a given port. I made sore the port I chose is the one the personal web site is configured to listen through. I repeatewd that test a few times with respect to various ports( e.g., 8008, 12345), but it did not work -- i keep getting a page not displayed error message by the IE. What I would think-- and I'm pretty sure that you'll know better than me whether it's possible -- is that port forwarding is notr suffucient. Maybe I need to configure windows server 2000 such that the ports used need to be opened. I will be happy to hear from you what you have to say about this problem as far as port listening are concerned, or if you have any idea what is going on in my machine in light of the additional info I provided in thsi post.
Once gain, thank you very bery much
Avy
-
Avy,
It appears to me that there is no problem with ports being open. The fact that you can connect to 1433 on your SQL box from your LAN shows that it's listening ok. I have similarly configured a small router to port forward SQL requests to the SQL box, and it's worked fine (although, for slightly increased security, I use a port other than 1433). No additional SQL2000 configuration was required.
It looks to be a problem with the router's port forwarding.
One of the ways that I check listening ports to to go to the very handy web security service "Shields Up!" (https://grc.com/x/ne.dll?bh0bkyd2) and get it to "probe my ports". It firstly detects my IP address, being the WAN address of my router (which will be 24.191.235.110 in your case). You can do a default scan (scan common ports) or specify a custom probe where you can include 1433.
If the port is listening, closed or in stealth mode, then Shields Up will say so. It also gives a description of what those 3 statuses mean.
Cheers,
- Mark -
I would also like to point out that long-term, you will probably have a problem with a dynamic ip address as your ISP can change this at any point. If you wish to access this server long term, you should probably invest the extra money and get a static ip address.
BTW, I agree with Mark. It is probably a problem with the router rather than the server.
Regards,
Joe Johnson
NETDIO,LLC. -
Hi,
Thank you all for your replies and for the direction you have provided me. With the help of the website Mark has included in his post I made a port forwading to port 40000 in the router and at the same time I made sql listen to that port (server network utility). The website utility 'shields up' indeed verified that the port is open. When I made the test it was unsuccessful. I also tried to connect to my personal web site, applyng similar steps: port forwarding to port 40001 to the windows server 2000 machine, and making sure thet the website listens throught that port. Upin trying to connect from outside thrught typing the public ID in the address bar, I got a 'page can not be displayed message', even though the website for checking ports showed an open port.
What do I do wrong?
Once again, thanj you all.
Avi
-
Avy,
Whatever you've done since your last post has apparently fixed the problem. Your IP is listening for SQL on port 40000 and HTTP on 40001. I confirmed that they are listening with:
telnet 24.191.235.110 40000
and
telnet 24.191.235.110 40001
and I then did, from cmd line:
osql -S"24.191.235.110,40000" -Q"select @@servername" -Uguest -Px
which returned: Login failed for user 'guest'.
and, from browser:
http://24.191.235.110:40001/
which returned a Hebrew Text page.
Cheers,
- Mark -
hi Mark,
I have no words to tell you how appreciative I am of the help you have provided me. It's a big step for me to know that the remote access is functional. However, would you have any idea why when I try, for instance, to connect to the Hebrew text page from my own machine, through IE 6.0, typing http://24.191.235.110:40001/ , I get a ' page can not be displayed error'? Is there something that I need to make sure it's configured right?. Obviously it's only internal.
Once again, very big thank you for you -- you have no idea how many hours of work I have put into this problem, probably more than 100 hours on that problem ! and I don't exaggerate, and it could have been even more than that without your direction, because obviously even if it worked, my testing tools don't function well internally (i.e., i can not view the personal website or the database by going outside and then coming inside)
Thank you
Avi
-
Avi,
From within my LAN I also cannot get access to my own LAN resources using the WAN address. From inside I have to use the private address (eg. 192.168.0.2,40000).
Currently, to test that all works ok from outside, I use (from my LAN workstation) a short term dial-up ISP connection.
(ps. a pleasure to help. Your original post was one of the most detailed and complete I've seen in this forum. Very helpful)
Cheers,
- Mark -
Hi Mark,
Again, I want to thank you. I was very lucky that my my message was read by you. I did not know that a machine from a private LAN can not go outside and then return to the Private LAN. You have benn very helpful, and I wish you would have known about the problem I experienced earlier.
Keep being the good person that you are...
Avi
-
G'd Afternoon to All,
Well, first of all i want to apoligize if i'm being nossy, and thank all of you for the richful information.
I may say that what is happening to me is almost the same Avi was facing, with some little differences. For incredible it may seems to be, I do can have access to my server from my own pc.... with this dns file:
DRIVER=SQL Server
ADDRESS= 81.193.38.224,1433
NETWORK= Workgroup
SERVER=81.193.38.224
Regional=Yes
USER ID = xxx
PWD = "xxxxxxxx"
DATABASE= mybd
WSID=myservername
With this file i can link tables from my server to any MS Access mdb. With this test and those that Mark showed before i'm sure my server is listening in that port (and i don't know why also in the port 1434
)My problem is when i test from "outside" with Telnet, i always get this message
"Could no open connection to the host, on port 1433. Connect failed"
Please if some one can help me ot overcome this frustrating problem i'll be deeply thank you
Regards
Estuardo
Manifest plainness,Embrace simplicity,Reduce selfishness,Have few desires.
Lao-t'ze. -
Estuardo,
Do you have a router (with port forwarding) connnected to the Internet, or is your SQL Server (81.193.38.224) connected directly to the net?
Cheers,
- Mark -
Mark:
First of all thank you very much for your attention. Following your question, let me tell you that i have no router, neither any other communication software/hardware, but a switch (hub), ADSL modem and a dynamic IP, running on XP home edtion. That's why i have to connect my server directly to the internet, since we have no IIS.
Do you think that is possible to do what i need to do without a router?
for any advice thanks in advance
regards
Estuardo
Manifest plainness,Embrace simplicity,Reduce selfishness,Have few desires.
Lao-t'ze. -
Estuardo,
You should be able to do what you want to do without a router, but it's not something I would recommend.... either a router (with most ports close or in stealth mode) or personal firewall software is a must nowadays.
It's strange that Shields Up! reported port 1433 open yet you cannot telnet to it from outside. As a matter of fact, neither can I.
A couple of hours ago I pinged (or is it pung? :blink
your IP address successfully but cannot do so anymore.
Cheers,
- Mark -
Mark:
Thanks for your advice, and let me tell you that we do have a firewall, but due to this "tests" i have it off. I also have tryied pinging the remote pc and i reach it, but when i try telenet things doesn't work. I really don't know/understand what is happening. Please if you have any other idea or know about any documentation i can read i'm truly interested.
If is not an abuse, and you have some minutes free, here is my today's IP 81.193.2.253.
Thanks for all your precious help.
best regards
Estuardo
Manifest plainness,Embrace simplicity,Reduce selfishness,Have few desires.
Lao-t'ze.
Viewing 15 posts - 1 through 15 (of 18 total)
You must be logged in to reply to this topic. Login to reply