Solved

FIREWALLPORTS for SQL 2008 cluster on windows 2008 R2

Posted on 2012-03-15
3
516 Views
Last Modified: 2012-03-27
HI, building a sharepoint farm, on 2008 R2, with SQL 2008 and SHarepoint 2010

The desihn insisist on the windows firewall being left on,  but I cant seem to get the right ports.

Do you know of any resources that could helo me with this please.

what ports to open. would be a good start
thank you
0
Comment
Question by:mhamer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
3 Comments
 

Expert Comment

by:shan2support
ID: 37725128
Hi mhamer

 Please run below command. or chek the link please


netsh firewall set portopening protocol = TCP port = 1433 name = SQLPort mode = ENABLE scope = SUBNET profile = CURRENT

A similar example using the Windows Firewall for Advanced Security helper:

netsh advfirewall firewall add rule name = SQLPort dir = in protocol = tcp action = allow localport = 1433 remoteip = localsubnet profile = DOMAIN



http://technet.microsoft.com/en-us/library/cc646023.aspx
0
 
LVL 11

Accepted Solution

by:
b_levitt earned 500 total points
ID: 37729244
Port 1433 is only the case if the sql server is the default instance. in the case of a named instance (SQLSERVER/InstanceName), the client first attepts to connect via udp to port 1434 to get the proper port number and then connects to that port.  If you are using a firewall then you can set a fixed port for the named instance and then open both that port (tcp) and the udp 1434 port.  You can also add an exclusion for sqlserver.exe  I believe this article describes it well:
http://www.mssqltips.com/sqlservertip/1929/configure-windows-firewall-to-work-with-sql-server/

However, your cluster complicates things with a known issue.  When the client connects to the cluster ip on udp 1434, the server replies with a packet having the dedicated ip as the source address, causing the client firewall to drop the response as an unsolicited packet.  There are three workarounds that I know of:  
One, configure the client firewall to allow all inbound udp.  This allows the client to correctly receive the port number to connect to for the named instance.

Or Two, configure the clients to connect to the host/port combination rather than the host/named instance.  This eliminates the need for the udp lookup for the instance port.

Or three, give the server an additional IP and put the instance on that ip with port 1433 (using the sql server configuration manager as shown in the above article).  Then you would need to configure clients to connect to this new ip rather than the old ip/instance combination.  This also eliminates the need for the udp lookup for the instance port.

This blog post documents the issue:
http://blogs.technet.com/b/nettracer/archive/2010/10/05/sql-browser-may-not-be-reachable-through-firewalls-when-it-runs-on-a-cluster.aspx
0
 

Author Closing Comment

by:mhamer
ID: 37771706
the link to blog post had lots of good information
0

Featured Post

On Demand Webinar: Networking for the Cloud Era

Ready to improve network connectivity? Watch this webinar to learn how SD-WANs and a one-click instant connect tool can boost provisions, deployment, and management of your cloud connection.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Ever needed a SQL 2008 Database replicated/mirrored/log shipped on another server but you can't take the downtime inflicted by initial snapshot or disconnect while T-logs are restored or mirror applied? You can use SQL Server Initialize from Backup…
Ever wondered why sometimes your SQL Server is slow or unresponsive with connections spiking up but by the time you go in, all is well? The following article will show you how to install and configure a SQL job that will send you email alerts includ…
Via a live example, show how to setup several different housekeeping processes for a SQL Server.
Viewers will learn how to use the INSERT statement to insert data into their tables. It will also introduce the NULL statement, to show them what happens when no value is giving for any given column.

624 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question