I need to know how to open up the proper ports on my PIX 515 v6.2(1) to work with my Microsoft SQL server which is hosted from my DMZ.
I imagine it is a port opening problem and I have opened port 1433 but it does not work.
I have already created the static and conduit rules mapping the private to public IP addresses and have made the proper DNS entries for the SQL server but when I try to create a system DSN I keep getting an error.
Re: Microsoft SQL and Ports for Outside Access to DMZ
I believe that you are on the right track. In order to find out what ports are used, even though 1433 should be enough, do this from a DMZ if possible,but it can be done from the outside, as it only takes a minute, just do not forget to pacth the hole.....
1) Change your conduit to accept *all* IP traffic
2) Use a PC which is located on the outside (or DMZ) and connect to the SQL server
3) As we now accept all IP trafic this should work, if not...., there is something else wrong.
4) At the same time you access the SQL server from the outside have a telnet session to the pix ready and issue the following command :
show conn local xxx.xxx.xxx.xxx
where xxx.xxx.xxx.xxx is the "real" ip address of your sql server. This command wil show you what ports are used in this communication.
5) Adjust your conduit according to your findings in step 4 so that it does *ONLY* allow the needed ports.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...