cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1356
Views
0
Helpful
1
Replies

Outside client unable to connect to inside SQL Server.

rdutcher
Level 1
Level 1

I'm creating a post on this because I haven't necessarily found an answer that works. We have a remote web server that has to talk to our SQL server (on out internal network). Currently our external web server is on a different ISP, and is able to talk with the SQL server through our router. I figured transferring the NAT/PAT rules, and ACLs over to the ASA 5516-X would suffice (we are replacing the router with the ASA). I've tried many different NAT rules, and with each one, the packet trace on ASDM shows that the connection is allowed. The way it is set up, the firewall should be translating our public IP:portNumber and forwarding it to our SQL server. I'm not sure what else to check, all the windows firewall rules are correct (since it is currently talking thru the router), but replacing it with the firewall (which has similar configs in this regards) it won't authenticate, and establish a connection. Please see the attached configuration and let me know what I could be doing wrong.

1 Reply 1

rdutcher
Level 1
Level 1

we've tried NATing 

(inside,outside) SQLServer to 'outside int ip'

(outside,inside) 'outside interface' to SQLServer

(inside,outside) SQLServer to Lastrock

(outside,inside) Lastrock to SQLServer

(inside,outside) 'outside interface' to SQLServer

 

The exact error we are getting on Lastrock's logs in "unable to authenticate communication to xxxx on TCP port 1433 (xxxx is our ASA's outside facing IP address), however as mentioned earlier the packet trace allows the connection to go all the way thru.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: