https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832582#M958134 <HTML><HEAD></HEAD><BODY><P>do you have this in your config:</P><P></P><P>nat (inside) 1 0 0</P><P>global (outside) 1 interface</P><P>access-list test permit ip any any log</P><P>access-group test in interface inside</P><P></P><P></P><P>As a test, try the following:</P><P></P><P>nat (inside) 1 0 0</P><P>global (outside) 1 interface</P><P>access-list test permit ip any any log</P><P>access-group test in interface inside</P><P>access-group test in interface outside</P><P></P><P>CCIE Security</P></BODY></HTML> Fri, 28 Dec 2007 14:48:30 GMT cisco24x7 2007-12-28T14:48:30Z https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832579#M958129 <P>Hi,</P><P></P><P>I have a problem with a SQL Connection which is going out of the network to a server hosting the service on the internet.</P><P></P><P>I have a setup an incoming rule on the inside interface. Details below:</P><P></P><P>Client Private IP &gt; Public IP SQL Server port 1433.</P><P></P><P>The connection though is not sucessful.</P><P></P><P>Anyone come across this on an ASA.</P><P></P><P>Thanks</P><P></P><P>Kev </P> Wed, 13 Mar 2019 00:54:03 GMT https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832579#M958129 kevinhobson2000 2019-03-13T00:54:03Z https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832580#M958131 <HTML><HEAD></HEAD><BODY><P>I would try doing some basic troubleshooting like pinging the server, and trying to establish a manual connectino on that port (telnet x.x.x.x 1433).</P><P></P><P>Also enable debug level logging on your ASA and look for the syslogs. Make note of the connection being created and torn down, and make sure there are no XLate or ACL errors.</P><P></P><P>Lastly, you can set up a capture on the outside interface to verify that your packets are being sent out that interface and you can see what, if any packets are being returned from the end host.</P><P></P><P>Good luck!</P></BODY></HTML> Fri, 21 Dec 2007 20:49:09 GMT https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832580#M958131 davemit 2007-12-21T20:49:09Z https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832581#M958132 <HTML><HEAD></HEAD><BODY><P>Hi,</P><P></P><P>I did a packet trace from the GUI and it said it was allowed through can it be relied on?</P><P></P><P>Cbeers</P><P></P><P>Kev</P></BODY></HTML> Fri, 28 Dec 2007 09:08:58 GMT https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832581#M958132 kevinhobson2000 2007-12-28T09:08:58Z https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832582#M958134 <HTML><HEAD></HEAD><BODY><P>do you have this in your config:</P><P></P><P>nat (inside) 1 0 0</P><P>global (outside) 1 interface</P><P>access-list test permit ip any any log</P><P>access-group test in interface inside</P><P></P><P></P><P>As a test, try the following:</P><P></P><P>nat (inside) 1 0 0</P><P>global (outside) 1 interface</P><P>access-list test permit ip any any log</P><P>access-group test in interface inside</P><P>access-group test in interface outside</P><P></P><P>CCIE Security</P></BODY></HTML> Fri, 28 Dec 2007 14:48:30 GMT https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832582#M958134 cisco24x7 2007-12-28T14:48:30Z https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832583#M958136 <HTML><HEAD></HEAD><BODY><P>does the remote end filter by IP source for TCP 1433? is the remote SQL server listening on a non-standard SQL port?</P></BODY></HTML> Fri, 28 Dec 2007 16:54:33 GMT https://community.cisco.com/t5/network-security/problem-with-sql-connection-through-an-asa/m-p/832583#M958136 palomoj 2007-12-28T16:54:33Z