SQL SERVER – Setting Firewall Settings With Azure SQL Server VMs

Recently I had a session around using SQL Server on Azure and during this session one of the questions was to access the SQL Server in a Hybrid Setup. This is a typical scenario wherein the developer was requesting to connect to the SQL Server running on a VM from his application that was sitting inside his environment. Though there were specific steps that needed to be taken, he was getting some error. Let us learn about how to setup firewall with Azure SQL Server VMs.

After a moment of debugging, I realized it was a problem of Firewall. Though the initial test was by disabling the Firewall I was able to get the connectivity working. I enabled it immediately and then started to get into configuring the Firewall for exception for SQL Server traffic. This blog is more of a tutorial on how I was configuring the same.

Steps to enable the SQL Server traffic

To enable connection to the SQL Server from on-premises applications, you must open port 1433 on the SQL Server VM. Though this is an example, you need to see if you can change and use some other port for SQL Server connection. But this is reserved for some other time. The following steps will lead you through this:

  1. Login to SQL Server VM and Open firewall settings
  2. Create an inbound rule for the TCP port 1433 to allow connections
    SQL SERVER - Setting Firewall Settings With Azure SQL Server VMs SQL-Azure-VM-Firewall-Settings-01
    SQL SERVER - Setting Firewall Settings With Azure SQL Server VMs SQL-Azure-VM-Firewall-Settings-02
  1. Follow the default values on the wizard for the next steps and name the rule ‘SQL TCP’ and click OK.
    SQL SERVER - Setting Firewall Settings With Azure SQL Server VMs SQL-Azure-VM-Firewall-Settings-03

Alternatively, you can use execute this PowerShell cmdlet to configure inbound firewall rule:

netsh advfirewall firewall add rule name='SQL Server (TCP-In)' program='C:\Program Files\Microsoft SQL Server\MSSQL11.MSSQLSERVER\MSSQL\Binn\sqlservr.exe' dir=in action=allow protocol=TCP 

This is an important step one needs to configure when working with VMs on Azure to access SQL Server. Though I have started to explore some of the core capabilities that come when working with Azure, I still see there are nuances that are quite different when compared to how an on-premise SQL Server would be. I am sure DBA’s and administrators are struggling to understand these use-cases that need to be configured because they have been used to connecting to SQL Server directly when working on their data centers.

Having said that, I felt this was something common and people are aware. But since I have done in my consulting couple of times in the past month that I get to write them down too.

Reference: Pinal Dave (https://blog.sqlauthority.com)

, ,
Previous Post
SQL SERVER – Unable to Create Listener for AlwaysOn Availability Group in Azure via Template Deployment
Next Post
SQL Complete – Smart Code Completion and SQL Formatting

Related Posts

Leave a Reply

Menu