asked on Amazon EC2 webserver connection to external MSSQL DB.
Hi,
As you can see in this error message from our intranet I'm having problems connecting from our EC2 web server to an external MS SQL database hosted elsewhere.
I have tryed: "telnet ip.address 1433" on the web server.
And get the following message: Could not open connection to the host, on port 1433: Connection failed.
Therefor I'm guessing the problem is related to the Amazon security groups or the host of the MS SQL servers firewall.
The host should have opened port 1433 for our web servers ip-address regarding to them.
If thats so I'm guessing that leaves it to our own Amazon security group settings, I have tried opening TCP port 0 - 65535 but nothing changed.
I have minimal configuration experience on firewalls.
Any help on what to do or check to bug find this problem?
As you can see in this error message from our intranet I'm having problems connecting from our EC2 web server to an external MS SQL database hosted elsewhere.
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: Named Pipes Provider, error: 40 - Could not open a connection to SQL Server)
I have tryed: "telnet ip.address 1433" on the web server.
And get the following message: Could not open connection to the host, on port 1433: Connection failed.
Therefor I'm guessing the problem is related to the Amazon security groups or the host of the MS SQL servers firewall.
The host should have opened port 1433 for our web servers ip-address regarding to them.
If thats so I'm guessing that leaves it to our own Amazon security group settings, I have tried opening TCP port 0 - 65535 but nothing changed.
I have minimal configuration experience on firewalls.
Any help on what to do or check to bug find this problem?
Software FirewallsMicrosoft SQL ServerWeb ServersAWSAzure
Last Comment
Madsing
ASKER
The SQL server is located at a local host in Denmark.
As I see its only VPC there have the ingress/egress separation.
At "EC2 > Security Groups" theres only two tabs. 1. Details, 2. Inbound.
As I see its only VPC there have the ingress/egress separation.
At "EC2 > Security Groups" theres only two tabs. 1. Details, 2. Inbound.
I think by default sql server uses dynamic ports. With that setup you don't know what ports to open. What I did was first configure SQL server to use port 1433. Then you open up port 1433 on the firewall of the server. Then you open port 1433 in the EC2 security group. And then you open up port 1433 on your company firewall. You can check each step before you move on to the next.
Start with setting up port 1433 on SQL server like this:
http://support.microsoft.com/kb/823938
Then check if this works by connecting to sql server from the server itself like this:
server: (local)\SQLExpress,1433
(Change SQLExpress to your instance name of course.) If this works you know SQL Server is using port 1433.
Next step is to open up port 1433 on the firewall (Just Google for the instructions for this one). To test this you could start up another EC2 machine in the same security group and open port 1433 for the security group. You should be able to connect to the SQL Server from this machine. When this is working you should be able to connect to the SQL Server from any machine that has it's ip listed in the EC2 security group (with port 1433). If it's not working from some machines that's probably because that machine is behind a firewall that doesn't allow port 1433.
I'm accessing a EC2 SQL Server over the Internet for more than a year now, so we are going to get this working. If necessary I'll start up a new EC2 and explain all the steps needed in detail (but of course I hope I don't have to :-) ). What version of Windows and SQL server are you using in EC2.
Start with setting up port 1433 on SQL server like this:
http://support.microsoft.com/kb/823938
Then check if this works by connecting to sql server from the server itself like this:
server: (local)\SQLExpress,1433
(Change SQLExpress to your instance name of course.) If this works you know SQL Server is using port 1433.
Next step is to open up port 1433 on the firewall (Just Google for the instructions for this one). To test this you could start up another EC2 machine in the same security group and open port 1433 for the security group. You should be able to connect to the SQL Server from this machine. When this is working you should be able to connect to the SQL Server from any machine that has it's ip listed in the EC2 security group (with port 1433). If it's not working from some machines that's probably because that machine is behind a firewall that doesn't allow port 1433.
I'm accessing a EC2 SQL Server over the Internet for more than a year now, so we are going to get this working. If necessary I'll start up a new EC2 and explain all the steps needed in detail (but of course I hope I don't have to :-) ). What version of Windows and SQL server are you using in EC2.
ASKER
Hi again,
The following is our setup.
![Server setup]()
I have no problem communicating from "my desktop" to "SQL Server", but the Amazon cloud cant access the MS SQL Server.
Thats why I'm pretty sure it's the Amazon servers firewall or the amazon security group theres blocking the communication. The ip of the Amazon server is opened for at the MS SQL server the same way as my desktop ip is added.
The following is our setup.
I have no problem communicating from "my desktop" to "SQL Server", but the Amazon cloud cant access the MS SQL Server.
Thats why I'm pretty sure it's the Amazon servers firewall or the amazon security group theres blocking the communication. The ip of the Amazon server is opened for at the MS SQL server the same way as my desktop ip is added.
ASKER CERTIFIED SOLUTION
THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
ASKER
Thanks for taking the time answering my question.
In the EC2 security group, you have Ingress (incoming) and Egress (outgoing) ports.
To connect to an external SQL outside AWS you need to allow all Egress ports.