The following situation:
MS SQL Server 2000 running (on hosting service)
IIS Web Server on same PC (on hosting service)
Clients that need to access the SQL Server that are NOT local (via Internet public IP).
I have anonymous users that go to IIS Web Server which in turn accesses the SQL Server.
Information flows from anonymous users to the SQL Server and then down to the client (Access Database).
The clients can also generate data (from the Access Database) that will go to the SQL Server.
The MS SQL Server is behind a firewall using Virtual IPs. I'm unable to communicate to the SQL Server (using the virutal IPs) from a client PC because port 1433 is closed on the SQL Server's firewall. Is it possible to open port 1433 without it being a security risk to the SQL Server (which has been updated to SP3a)?
Are their any alternate security approaches I can use and still retain the requirement for client public IP PC's to retain access to the SQL Server?
I thought about setting up the firewall to only allow certain public IPs access to port 1433, but the problem with that is that these client PC's don't always have a static IP (some are dynamic) -- so I ruled out this idea due to managability issues.