Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Microsoft SQL Server traffic through a Cisco PIX firewall

Anyone know the most secure way of getting Microsoft SQL Server traffic through a Cisco PIX firewall when clients behind the firewall are initiating the conversation with a MS SQL Server outside the firewall.

3 REPLIES
Silver

Re: Microsoft SQL Server traffic through a Cisco PIX firewall

Is there a reason the sql server is outside of the firewall? So long as clients can make connections to tcp 1433, I would expect things to work, but NAT/PAT might break that.

New Member

Re: Microsoft SQL Server traffic through a Cisco PIX firewall

I too need to do the same thing. Our M$ SQL 2000 server is on the LAN side (soon to be behind a Linux firewall to protect it from the LAN). Our web servers in the DMZ have to connect to the SQL server on the LAN.

Just also wondering what needs to be done to allow this to happen.

-ee99ee (cmiller)

New Member

Re: Microsoft SQL Server traffic through a Cisco PIX firewall

Open port 1433 between the dmz and lan only to the SQL server IP. Configure translation to ignore the web server for the SQL server IP only. That should do it. The best way to acheive the results is to have a 4 port pix. ie outside (sec0), inside (sec100), dmz(webservers) (sec40) and dmz2(sqlservers) (sec80). Then you dont need a Linux firewall at all or the additional routing required for it.

Cheers,

Richard

731
Views
0
Helpful
3
Replies
CreatePlease to create content