Tip T202 -Sql Server 2000 And Firewalls; Possible Scenarios; Using Windows Firewall For Single Instance; Using Windows Firewall For Multiple Instances - Cisco TMS SQL DATABASE Configuration Manual

TIP T202 –SQL Server 2000 and Firewalls
Cisco TMS Versions
Cisco TMS 9.0 through
11.9.1
SQL Server 2000 requires one TCP port per named instance. The first instance will run on TCP Port
1433. Secondary named instances will run on a dynamically assigned port. SQL Server will listen on
UDP 1434 to assist clients trying to connect to a secondary instance. Fixed ports can be assigned to
each instance to simplify firewall connectivity. Dynamic ports in SQL 2000 requires additional client
configuration that is beyond the scope of this Tip.

Possible Scenarios

Only using one instance? Open TCP Port 1433 in your firewall
Only using one instance and only Windows Firewall - no external firewalls between SQL and client?
Use Windows Firewall steps below
Using multiple instances on same server with local firewall? Must configure fixed ports for each
instance and configure firewall rules for those ports.
Using external firewalls between client and server? Must configure fixed ports for each instance
and configure firewall rules for those ports. SQL Server Browser is optional

Using Windows Firewall for single instance

These steps allow a single instance to run on dynamic ports with Windows Firewall Enabled on the SQL
Server
1. Open the Control Panel, open Network Connections, right-click the active connection, and then click
Properties
2. Click the Advanced tab, and then click Windows Firewall Settings
3. Click the Exceptions tab
4. Click Add Port. Enter SQL Server in the Name text field, type 1433 in the Port Number text field,
select UDP, and then click OK.
5. Click OK twice to close the Windows firewall program.

Using Windows Firewall for multiple instances

Each SQL instance must be configured to run on a fixed port. See the Microsoft article at the end of this
Tip for instructions on configuring fixed ports. Use the steps below to configure the Windows Firewall
1. Open the Control Panel, open Network Connections, right-click the active connection, and then click
Properties
2. Click the Advanced tab, and then click Windows Firewall Settings
3. Click the Exceptions tab
4. Click Add Port. Enter the name of the instance in the Name text field, type the port number assigned
to the instance in the Port Number text field, select TCP, and then click OK.
5. Repeat Step 4 for each instance the server will use
6. If connecting by name is to be used, UDP Port 1434 must also be enabled. Click Add Port. Enter
SQL Server Browser in the Name text field, type 1434 in the Port Number text field, select UDP, and
then click OK.
7. Click OK to close the Windows firewall program.

To find the port a SQL Server instance is currently using:

1. On the server that is running SQL Server 2000, start the Server Network Utility
2. Click the General tab, and then select the instance that you want from the Instances list
3. Click TCP/IP, and then click Properties. The TCP/IP port number for this instance is shown
Cisco TMS Database Knowledge Tips
SQL Server Versions
SQL 2000 – All Versions
MSDE 2000 – All Versions
Tips category – Networking
Page 20 of 35