Here's an excerpt from the link below that should answer your query concerning the ports used by SQL client/server...
When the client establishes a TCP/IP connection, a three-way handshake is done. The client opens a source port and sends traffic to a destination port, which by default is 1433. The client source port in use is random, but is greater than 1024. By default, when an application requests a socket from the system for an outbound call, a port between the values of 1024 and 5000 is supplied.
As you can see, the client always uses a source port in the range of 1024 to 5000 if you want to be more granular in the traffic allowed from host 192.168.1.100 you can configure the access-list as follows;
"host 192.168.1.100 eq 1433" This portion in your first access-list defines the source IP, and source port from where connection will initiate. Now .. as the way TCP works, if a host initiates a connection, it the source port used to initiate the connection is always greated than 1024, because all ports lower than that are ports registered for specific services. This is the reason your connection never worked.
In the next ACL, following portion defines the source IP and source port-
"host 192.168.1.100 gt 1024", this is exactly as per the norms, hence the connection works !!
the reason is needs the ports above 1024 is that SQL used dynamically allocated ports above 1024 for communication between a SQL Server and client. I belive you can change this to use predetermined prots and there are some KB articiles on the MS site that detail this.
When a client which in your case is the web server talks to a server, the SQL server, the destination port is the service port on the server ie 1433 in this case which is SQL. However the client port is very rarely the same port number as this is not the way tcp/udp works.
The client generates a dynamic port number above 1024 to use for the communication. This is pretty much how all client/server communication takes place. So another example
server is running telnet service ie TCP/port 23.
On your client you typew "telnet 172.16.10.1". Your client genrates a random port number eg 5541 and sends a TCP SYN packet to the server, so
Login to the FXOS chassis manager.
Direct your browser to https://hostname/, and log-in using the user-name and password.
Go to Help > About and check the current version:
Check the current version availa...
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...