We help IT Professionals succeed at work.
Get Started

Securing direct SQL server connections from the internet

Last Modified: 2015-02-26
We have an Office plugin which requires a direct connection to a SQL Server.

We want this plugin to work from outside of the SQL Server's LAN.

We cannot use Microsoft Direct Access or other VPN technology.

Suggestions please on how we could allow a laptop running this plug-in to talk to the internal SQL Server from the internet.

We want the connection to be seamless, operate from any internet connection and preferably use domain issued certificates for authentication (i.e. so that only domain members can access the resource remotely, all other connections are rejected).

Options I've considered:

1) Punch a hole in the firewall on the specific ports and use certificate based IPSec policies to restrict inbound connections to those with domain issued certificates.
2) Utilise some sort of reverse-proxy that authenticates using domain issued certificates.

Comments on either of those suggestions welcome, or new suggestions.

Watch Question
IT Consultant
This problem has been solved!
Unlock 2 Answers and 3 Comments.
See Answers
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE