Re: PIX ans SQLServer database

Discussion in 'Cisco' started by kwgchoy@hotmail.com, Mar 1, 2005.

  1. Guest

    I have a similiar problem,

    I have a SQL server behind the PIX501 firewall using static NAT. And I
    used

    access-list acl_out permit tcp any host 64.26.134.163 eq 1433
    access-list acl_out permit udp any host 64.26.134.163 eq 1434
    access-group acl_out in interface outside

    but I cannot connect to the SQL server from outside using Enterprise
    manager. All other posts I opened are working fine. And when I look at
    the syslog. PIX501 teardown the connection. What should I do?

    Thank
    Gi
    , Mar 1, 2005
    #1
    1. Advertising

  2. Leythos Guest

    On Tue, 01 Mar 2005 10:26:42 -0800, kwgchoy wrote:

    > I have a similiar problem,
    >
    > I have a SQL server behind the PIX501 firewall using static NAT. And I
    > used
    >
    > access-list acl_out permit tcp any host 64.26.134.163 eq 1433
    > access-list acl_out permit udp any host 64.26.134.163 eq 1434
    > access-group acl_out in interface outside
    >
    > but I cannot connect to the SQL server from outside using Enterprise
    > manager. All other posts I opened are working fine. And when I look at
    > the syslog. PIX501 teardown the connection. What should I do?


    First, you should NOT allow public connections to your SQL server except
    through a dedicated IP to IP connection or through some form of VPN.

    I can't help with your pix config, but I wanted you to be aware that
    you're making a serious security mistake if you allow the world to
    connect/contact your SQL server directly.


    --

    remove 999 in order to email me
    Leythos, Mar 1, 2005
    #2
    1. Advertising

  3. On 1 Mar 2005 10:26:42 -0800, wrote:


    >but I cannot connect to the SQL server from outside using Enterprise
    >manager. All other posts I opened are working fine. And when I look at
    >the syslog. PIX501 teardown the connection. What should I do?


    May I suggest shooting yourself in the head, it would make far less of a
    mess.

    You should *NOT* expose your database server to the internet in this
    manner.

    I suggest configuring up the pix with a VPN and utilise that to access it
    instead.




    greg

    --
    Yeah - straight from the top of my dome
    As I rock, rock, rock, rock, rock the microphone
    Greg Hennessy, Mar 1, 2005
    #3
  4. Guest

    Sorry, I am very careless, I removed the post, would you mind help me
    remove the post. Thank you!

    Gi
    , Mar 1, 2005
    #4
  5. Leythos Guest

    On Tue, 01 Mar 2005 11:40:32 -0800, kwgchoy wrote:

    > Sorry, I am very careless, I removed the post, would you mind help me
    > remove the post. Thank you!


    You can't actually remove the post in many instances.

    While you can issue a cancel request, there is nothing that says any
    Usenet server has to honor it. Your post is going to be seen many places.

    Please don't expose your SQL Server to the net.


    --

    remove 999 in order to email me
    Leythos, Mar 1, 2005
    #5
  6. Guest

    Yes, I reallise the important. Thank in advance.

    Gi
    , Mar 1, 2005
    #6
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Michael G

    Dynamic updating a SqlServer db to a MY Sql DB

    Michael G, Sep 10, 2003, in forum: Computer Support
    Replies:
    0
    Views:
    384
    Michael G
    Sep 10, 2003
  2. Peter

    SQLServer

    Peter, Jul 24, 2004, in forum: Computer Support
    Replies:
    1
    Views:
    2,810
    Duane Arnold
    Jul 24, 2004
  3. kent42c
    Replies:
    4
    Views:
    314
    kent42c
    Nov 21, 2005
  4. DataBase DataBase DataBase DataBase

    , Sep 26, 2012, in forum: Computer Information
    Replies:
    0
    Views:
    950
  5. Database Database Database Database

    , Sep 27, 2012, in forum: Computer Information
    Replies:
    0
    Views:
    809
Loading...

Share This Page