|
I would certainly hope not - I could be
wrong...
The first thing I'd try is maybe install the
client tools on the webserver and see if you can get to your sql server with
enterprise manager or query analyser from the webserver, any error message
these give might be more useful (it might be something to do with the "named
pipes" or SMB mentioned in the article etc. rather than the
firewall per se)... then start looking at the firewall logs as Ryan
suggested.
Another hint may be to run 'netstat
-na' on the database server to see what ports it's listening on - though I'd
hope you wouldn't have to resort to forwarding these 1 by 1 to find out which
one makes it tick then turn them off one by one - that's just a last resort that
springs to mind.
Good luck, sounds very
interesting!
- James
Thanks James and for pointing me to the link. It's quite useful. We are
using 'sa' account and port 1433 but this just for the testing. Their cases
are for ASP.NET. Does it apply to ColdFusion server as well? Would CF use
other secret ports for db connection?
George
>>> [EMAIL PROTECTED] 2/07/04
17:15:05 >>>
George,
I believe you just need 1433 and
that's it however you have to be sure that on your coldfusion server
you're using the PUBLIC IP of the firewall and that this port is
forwarded. Also if you're using Windows authentication this uses other
ports (RPC???) that you don't want to be opening up at all...
Oh and whilst I'm going paranoia mode;
make sure your firewall only forwards 1433 from the webserver not ANYTHING to
port 1433 - remember some of those fun worms that got around - and no default
'sa' passwords either!!! (I'm sure you weren't thinking of doing that but
nonetheless...)
Regards,
James
-----Original
Message-----
From: George Lu
[mailto:[EMAIL PROTECTED]
Sent: Friday, 2 July 2004 4:43
PM
To: CFAussie Mailing List
Subject: [cfaussie] RE: [OT]
DMZ
Thanks. That's what we are doing now. What I want to know is what ports
need to be open.
George
>>> [EMAIL PROTECTED] 2/07/04
16:37:13 >>>
Hi George,
I'm tempted to guess that your DMZ has
public IPs, whilst your LAN has got private ones, in which case you will
need to forward the database ports of your LAN gateway to the private IP
database server? This kind of set up could be quite complicated,
especially if you've never messed with firewalls and such
before.
Regards,
J
Hi All,
We're going to set up an extranet environment. One option is to place
our ColdFusion server under DMZ (DeMilitarize Zone) and the database
server on the LAN. We try to test the connection between the CF server and
the db server without open UDP and most of TCP/IP ports. However, the
connection always fail no matter how many tcp/ip ports open. I've tried to
put 1839 or 1433 in the Data Source setting. Does anyone have similar
situation? Could someone give me an idea what's happening?
Here was the error message when I tried to verified the data
source:
Connection
verification failed for data source: Intranet
[]java.sql.SQLException:
[Macromedia][SQLServer JDBC Driver]The requested instance is either
invalid or not running.
The root cause was that: java.sql.SQLException:
[Macromedia][SQLServer JDBC Driver]The requested instance is either
invalid or not running.
Thank you in advanced.
George
George Lu
Web
Developer/Engineer
Information Systems and Technology
Adult
Multicultural Education Services
4/255 William Street
Melbourne, Vic
3000
------------------------------------------
Direct: 03 9926
4706
Fax: 03 9926 4695
Email: [EMAIL PROTECTED]
Web: www.ames.net.au
------------------------------------------ ---
You
are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/
AMES (Adult Multicultural Education
Services)
www.ames.net.au
Disclaimer
**********************************************************************
This
email and any attachments may be confidential.
If received in error,
please contact us and delete all copies.
Before opening or using
attachments you should check them for viruses
or defects.
Regardless of any loss, damage or consequence, whether caused by the
negligence of the sender or not, resulting directly or indirectly from
the use of any attached files our liability is limited to resupplying
any affected attachments.
Any representations or opinions
expressed are those of the individual
sender, and not necessarily
those of Adult Multicultural Education
Services (AMES).
**********************************************************************
---
You
are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/ --- You are currently subscribed
to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/ ---
You are currently subscribed to
cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a
blank email to [EMAIL PROTECTED] Aussie Macromedia
Developers: http://lists.daemon.com.au/
AMES (Adult Multicultural
Education
Services)
www.ames.net.au
Disclaimer
**********************************************************************
This
email and any attachments may be confidential.
If received in error,
please contact us and delete all copies.
Before opening or using
attachments you should check them for viruses
or defects.
Regardless
of any loss, damage or consequence, whether caused by the
negligence of
the sender or not, resulting directly or indirectly from
the use of any
attached files our liability is limited to resupplying
any affected
attachments.
Any representations or opinions expressed are those of the
individual
sender, and not necessarily those of Adult Multicultural
Education
Services (AMES).
**********************************************************************
---
You
are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/ --- You are currently subscribed
to cfaussie as: [EMAIL PROTECTED] To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/ ---
You are currently subscribed to
cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank
email to [EMAIL PROTECTED] Aussie Macromedia
Developers: http://lists.daemon.com.au/
AMES (Adult Multicultural
Education
Services)
www.ames.net.au
Disclaimer
**********************************************************************
This
email and any attachments may be confidential.
If received in error,
please contact us and delete all copies.
Before opening or using
attachments you should check them for viruses
or defects.
Regardless
of any loss, damage or consequence, whether caused by the
negligence of
the sender or not, resulting directly or indirectly from
the use of any
attached files our liability is limited to resupplying
any affected
attachments.
Any representations or opinions expressed are those of the
individual
sender, and not necessarily those of Adult Multicultural
Education
Services (AMES).
**********************************************************************
---
You
are currently subscribed to cfaussie as:
[EMAIL PROTECTED]
To unsubscribe send a blank email to
[EMAIL PROTECTED] Aussie Macromedia Developers:
http://lists.daemon.com.au/
---
You are currently subscribed to cfaussie as: [EMAIL PROTECTED]
To unsubscribe send a blank email to [EMAIL PROTECTED]
Aussie Macromedia Developers: http://lists.daemon.com.au/
|
