Page 1 of 1

SQL Server Connection-

Posted: August 13th, 2019, 11:01 am
by ramses2010

I am stuck with the firewall rules. I've spent hours on your Wiki's and still can't get it to work. I am wondering if anyone can share a few pointers. I am trying to pass through an SQL Server connection but unfortunately it appears my IPFire firewall keeps dropping the connection. Tried many combinations on the firewall rules, so far doesn't work.

This is what I need to do.
1. Pass through a connection from a specific IP and port from the external/internet Red NIC to a server in my domain with a specific IP and port in the green side of my firewall.

By going through wikis and playing around the firewall rules, I think I was able to get to "Incoming Connections" but the bottom says policy "BLOCKED" so I don't know if that makes that whatever I specify there is blocked. I certainly do not want it blocked.

Any Ideas on how to go about making this work? I have the latest build of IPFire.

Mahalo Nui Loa

Re: SQL Server Connection-

Posted: August 13th, 2019, 12:47 pm
by gpatel-fr

first begin with a simple case such as a web server before going to difficult stuff like Sql Server. Once you have seen how it works, then pass to more complex cases.
The tutorial that has worked for me is here: ... forwarding

Sql server is special you have no hope to make it work if you can't change engine configuration since it use dynamic ports by default: ... erver-2017

Re: SQL Server Connection-

Posted: September 11th, 2019, 8:59 pm
by ramses2010

Thank you for the message. I successfully made the connection to the SQL server behind the firewall; unfortunately and oddly enough only a specific IP can communicate to my sql server in the green area of my firewall. Other ips it appears to be blocked.

Its really interesting because I just made a copy of the rule from the rule that was working... but clearly an additional rule with similar parameters but with different IP does not work.

Any idea why it only lets one specific IP through? when Ive added three more with the same settings as the one that works? Should be forwarded to port 1433.

Thank You!

Re: SQL Server Connection-

Posted: September 13th, 2019, 10:04 pm
by gpatel-fr
ramses2010 wrote:
September 11th, 2019, 8:59 pm

Any idea why it only lets one specific IP through?
Not really. In your place I'd try to first check that it is not the first connection that is succeeding, that is, if you deconnect from your working address then it could work from another. It's just a thought, but there are so many strange things with computers.
Then if it's well and truly only one address that succeed, I'd try to check the packets with tshark (or tcpdump but I have mixed results with tcpdump on ipfire) on red0 and green0 to see where the data is blocked.

Anyway, I should maybe have pointed the obvious, that is, using a direct connection to a Sql server on the internet is not recommanded. A VPN would be better for security and privacy.