04-10-2003 04:35 AM - edited 02-20-2020 10:40 PM
Anyone know the most secure way of getting Microsoft SQL Server traffic through a Cisco PIX firewall when clients behind the firewall are initiating the conversation with a MS SQL Server outside the firewall.
04-10-2003 06:24 AM
Is there a reason the sql server is outside of the firewall? So long as clients can make connections to tcp 1433, I would expect things to work, but NAT/PAT might break that.
04-16-2003 06:39 AM
I too need to do the same thing. Our M$ SQL 2000 server is on the LAN side (soon to be behind a Linux firewall to protect it from the LAN). Our web servers in the DMZ have to connect to the SQL server on the LAN.
Just also wondering what needs to be done to allow this to happen.
-ee99ee (cmiller)
04-17-2003 03:25 AM
Open port 1433 between the dmz and lan only to the SQL server IP. Configure translation to ignore the web server for the SQL server IP only. That should do it. The best way to acheive the results is to have a 4 port pix. ie outside (sec0), inside (sec100), dmz(webservers) (sec40) and dmz2(sqlservers) (sec80). Then you dont need a Linux firewall at all or the additional routing required for it.
Cheers,
Richard
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide