Why doesnt this 2008 firewall rule work?

Soldato
Joined
4 Mar 2008
Posts
2,608
Any ideas why the below doesnt work? When enabled, it blocks the local network as well.

sql.jpg
sql2.jpg
 
Associate
Joined
29 Dec 2010
Posts
75
Enable logging.

Presumably you have other rules that allow LAN access to this SQL service? Is it confirmed that SQL is definitely listening for connections?
 
Soldato
OP
Joined
4 Mar 2008
Posts
2,608
Enable logging.

Presumably you have other rules that allow LAN access to this SQL service? Is it confirmed that SQL is definitely listening for connections?

If I set 'Any IP address' in both local and remote it works fine and I can connect to the SQL app on the local network and also over the internet.

I think I may be misunderstanding the Remote section. Upon further reading, I think remote means another address on the local network and not what I took it to mean which is a remote address on the internet.
 
Soldato
OP
Joined
4 Mar 2008
Posts
2,608
Surely that external address will be nat'ed to a local address on your firewall, so the server never actually see's the real external address hence the rule not working.

The router is Natting to the server address and that works fine.

What I'm trying to achieve is to restrict inbound internet access to the remote IP range listed.

As soon as I enter that remote range, both local and internet access goes off.

I think that remote in this instance applies to restricting outbound traffic to certain IP addresses, not inbound which is what I'm trying to do.
 
Associate
Joined
28 May 2003
Posts
1,847
What I'm trying to achieve is to restrict inbound internet access to the remote IP range listed.

Why aren't you doing this at your perimeter firewall then, as opposed to on the server itself? Unless I'm missing something...?
 
Soldato
Joined
19 Apr 2009
Posts
3,159
Looks like abit of a mess to be honest.

I take it you are specifying a range, is this correct? (I havnt got time to work it out)
Is it in the right group (Outbound or inbound rule)?
 
Soldato
OP
Joined
4 Mar 2008
Posts
2,608
Looks like abit of a mess to be honest.

I take it you are specifying a range, is this correct? (I havnt got time to work it out)
Is it in the right group (Outbound or inbound rule)?

How is it a mess? I'm simply trying to restrict an inbound service to a range using the tools ive got, a nat'd router and windows firewall

Yes, it is in the inbound section of windows firewall.
 
Last edited:
Back
Top Bottom