I am trying to get through the Windows Firewall (securely) to an SQL Server named instance that resides on a different server from SharePoint 2013 Enterprise. Here are the points that I have configured and tried to get the connection between the two to work and have thus far not been able to:
- Configured the IPALL setting of the SharePoint SQL instance that is just for SharePoint to a non-standard static port (40000)
- Configured the SQL Server Native Client on the SharePoint server with the alias with the following settings
Alias Name: <Instance Name>
Protocol: TCP/IP
Port: 40000 - Issued certificates to both of the server from a PKI that we have pre-existing in the organization and is trusted by all machines since its root is the ADCS server for the network
- Since I want all SQL traffic to run over a secured subnet for the server, I have statically configured the IP address for the server that is hosting SQL statically in the hosts file and verified that it is correct
- Configured Windows Firewall to allow only connections to the port 40000 to come from the server hosting SharePoint and to only be handled on the Domain scope of networks
This did not allow me to connect to the SQL Server instance, and so I made a couple modifications to the configuration to see if I could get a connection:
- Configured the Windows Firewall policy to accept connections from any computer that is the domain network scope
- Configured and inbound rule for the service that runs on 1434 and allowed all connections from Domain networks
This still did not allow me to connect to the SQL server instance, however when I turn Windows Firewall for the Domain scope the connection goes through correctly. Thus, I am thinking that it is an issue with Windows Firewall and needed to get some ideas on what to look at next to resolve this issue. Anyone have any thoughts?
As a side, I am going to want to enable encryption on the connection between the SQL server and the Native Client installed on the server, and so anyone that could give me an idea on how to do this with both the authentication by the Windows Firewall and so that SQL Encryption will work correctly when I have that setup