Opening ports for SQL
-
Given the senerio of having a hosted SQL server (i.e. sitting in a datacenter somewhere)what it is the standard practice for allowing development and SSMS access? Port 1433 must be opened for this correct? I'm facing a situation where the hosting provider has refused to open port 1433. Are we asking too much?
only two letters away from being an asset
SSH tunneling could provide a good intermediary ... oh wait, it's Windows! Back in the day when I actually dealt with systems over the real Internet most businesses and companies refused all ports other than the standard few. However, if you own the box and it is not a virtual host scenario I would imagine the world should be your oyster with respect to this request.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed. -
SSH tunneling could provide a good intermediary ... oh wait, it's Windows! Back in the day when I actually dealt with systems over the real Internet most businesses and companies refused all ports other than the standard few. However, if you own the box and it is not a virtual host scenario I would imagine the world should be your oyster with respect to this request.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed.And we all know that oysters are good for gaining access to ports. :~
-
Given the senerio of having a hosted SQL server (i.e. sitting in a datacenter somewhere)what it is the standard practice for allowing development and SSMS access? Port 1433 must be opened for this correct? I'm facing a situation where the hosting provider has refused to open port 1433. Are we asking too much?
only two letters away from being an asset
We've used host-it.co.uk for database hosting, they open the relevant ports and you can access the db from ssms (Although on occasion the database disappears, and you have to hand write queries to access the db!) Neil.
-
And we all know that oysters are good for gaining access to ports. :~
I didn't get that at first so I sat contemplating it and about to sip the coffee when BAM. I am so glad it didn't take me half a second longer.
Need custom software developed? I do C# development and consulting all over the United States.
If you don't ask questions the answers won't stand in your way.
Doing a job is like selecting a mule, you can't choose just the front half xor the back half so when you ask me to do a job don't expect me to do it half-assed. -
Given the senerio of having a hosted SQL server (i.e. sitting in a datacenter somewhere)what it is the standard practice for allowing development and SSMS access? Port 1433 must be opened for this correct? I'm facing a situation where the hosting provider has refused to open port 1433. Are we asking too much?
only two letters away from being an asset
It looks like, your hosting company has disabled the SQL Browser Service. Otherwise (I think) if the port 1433 is closed,then you will not able to even connect to that server from .net application.
-
It looks like, your hosting company has disabled the SQL Browser Service. Otherwise (I think) if the port 1433 is closed,then you will not able to even connect to that server from .net application.
Yes, that's the problem we are facing. The host has asked that we give them an explicit to open the ports and acknowledgment that we accept all risks for doing so. A bit much if you ask me, I've never run into this before.
only two letters away from being an asset
-
And we all know that oysters are good for gaining access to ports. :~
Dirty boy!
Henry Minute Do not read medical books! You could die of a misprint. - Mark Twain Girl: (staring) "Why do you need an icy cucumber?" “I want to report a fraud. The government is lying to us all.”
-
Yes, that's the problem we are facing. The host has asked that we give them an explicit to open the ports and acknowledgment that we accept all risks for doing so. A bit much if you ask me, I've never run into this before.
only two letters away from being an asset
Yes its pain. Hosting company is always defensive. It also looks like your hosting provider is installing sql server just for you, otherwise this problem never occurs. If your company is spending enough money in this, then I will recommend you a managed hosting instead of shared hosting. It will be nice investment, in-case if you want to use web service , msmq etc (which required full trust level in IIS). I remeber when I want them to install AJAX on the web server, they were just not ready. even they told me that, they will first cross-check that www.asp.net is a microsoft owned website. so its safe to install the ajax framework on the server(at that time it was a new thing).
-
Yes its pain. Hosting company is always defensive. It also looks like your hosting provider is installing sql server just for you, otherwise this problem never occurs. If your company is spending enough money in this, then I will recommend you a managed hosting instead of shared hosting. It will be nice investment, in-case if you want to use web service , msmq etc (which required full trust level in IIS). I remeber when I want them to install AJAX on the web server, they were just not ready. even they told me that, they will first cross-check that www.asp.net is a microsoft owned website. so its safe to install the ajax framework on the server(at that time it was a new thing).
Rutvik Dave wrote:
It also looks like your hosting provider is installing sql server just for you, otherwise this problem never occurs.
No SQL Sever isn't just for us. This is a big name provider who shall remain nameless. The only option they give us is to open the ports and have no support or backups from them or buy a VPN device from them($1400+). We also found out that another box we were running on doesn't even have a firewall in front of it.
only two letters away from being an asset
-
Given the senerio of having a hosted SQL server (i.e. sitting in a datacenter somewhere)what it is the standard practice for allowing development and SSMS access? Port 1433 must be opened for this correct? I'm facing a situation where the hosting provider has refused to open port 1433. Are we asking too much?
only two letters away from being an asset
Put SQL on a different port and open that (requires a little bit of reconfig, but not hard). Make sure the firewall only allows certain external IPs through (assuming you are connecting on a static IP). You should be able to connect reasonably securely on that. Can't see why they would have a problem setting that up for you.
-
Yes, that's the problem we are facing. The host has asked that we give them an explicit to open the ports and acknowledgment that we accept all risks for doing so. A bit much if you ask me, I've never run into this before.
only two letters away from being an asset
On shared hosting, I'd be suprised if they let you change standard config much. But on managed this is common practice. It's also common that they ask you for written consent - it removes them from being liable for security issues.
-
Given the senerio of having a hosted SQL server (i.e. sitting in a datacenter somewhere)what it is the standard practice for allowing development and SSMS access? Port 1433 must be opened for this correct? I'm facing a situation where the hosting provider has refused to open port 1433. Are we asking too much?
only two letters away from being an asset
Well, Port 1433 is hosed by many viruses out there that attacked SQL Server in the past, so most hosting companies will not touch that port. I have an dedecated server at Server Beach and that port is closed. IIRC, they do not even allow access through thier system to that port. Some will use another port and possibly VPN, but since I have acess to the tools on the server, I do not need to access SQL Server directly from remote. If you do change the port for remote access, I would only enable the port while access is needed and shut the port off the rest of the time. More hassle, but safer.
Rocky <>< Recent Blog Post: Visual Studio 2008 Express – Standard – Pro – What’s the diff? Thinking about Silverlight? www.SilverlightCity.com