Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
232
Views
0
Helpful
1
Replies

MSSQL database backend, IIS frontend

admin_2
Level 3
Level 3

‎04-23-2004 12:55 AM - edited ‎03-09-2019 07:09 AM

Hi,

We have an IIS which is outside the Pix firewall and a SQLserver, which is inside. The problem is to give access from the IIS to the MSSQL exclusivly.

How can I configere this?

Labels:
0 Helpful
1 Reply 1

ehirsel
Level 6
Level 6

‎04-23-2004 05:44 AM

You would need a static (in, out) mssql-out mssql-in netmask 255.255.255.255 to allow the mssql server to be seen by the iis. The -out is the ip of mssql as seen by iis, the -in is the actual/real address of the mssql. The -out and the -in values can be the same.

You then need to configure an access-list and apply it to the outside interface to allow the iis to connect to the mssql server. By default mssql runs on tcp port 1433, but the newer versions have virtual hosting that requires a udp connection to 1434 I believe. I don't know how you setup mssql, but to get the acl to work you need to know what protocols and ports iis is using.

0 Helpful
Customers Also Viewed These Support Documents