Cant TELNET my MSSQL SERVER After 1:1 NAT From Internet Side

  • Hi,

    My requirement is to create a HyperV Windows 10 VM with MS Sql Server which will be accessed by an certain application from both Intranet and Internet.

    PfSense FW - LAN IP - / WAN IP -
    I have 5 public ips from - is the WAN gateway

    I have two virtual Servers

    • One web server which I have 1:1 NAT from >>>> through port 80 which is working fine.

    • Windows 10 VM with MS SQL Server which I'm trying to NAT from >>>> through port 1433 which is not working.

    • I can ping from both WAN and from LAN.

    • I can telnet port 1433 from LAN side to the

    • But i cant telnet from WAN

    • I even tried by making the destination port any in the firewall rule.
      Because of this my application can't access the database from WAN side. It is only working from LAN side. I do not want to make the DB server facing internet directly.

    Really appreciate if you can advice me on this regard. (Screen shots are below)


    NAT 1-1 Entry.PNG

    FW rule for 1-1 NAT.PNG

  • LAYER 8

    i can't ping but
    x.x.219.157:1433 port is open
    maybe check windows firewall

    your ip is on the cmd screenshot, you forgot to hide it

    check pfsense firewall log, you enabled packets log, you should see something there if it's passing or not
    also diagnostic / packet capture or wireshark could be useful

  • Thanks. Ill try

  • Hi,

    Just to be sure :

    You know that a vanilla "MySQL" server setup (should I say : MariaDB ?) only listens to "localhost", which was in the old days, ::1 today.
    So check your MySQL server config, so it accepts connections from a server's (host) IP - probably some RFC1918.
    You are even accepting connedction form the outside world : that means you have to "accept" - probably by editing the mysql.ini file.
    Even MySQL users, used to login, have to have the right to access the server from "any" IP.

    @kiokoman said in Cant TELNET my MSSQL SERVER After 1:1 NAT From Internet Side:

    x.x.219.157:1433 port is open

    Wait !!!!
    I'll give it a try using a mysal client, using the default phpmyadmin user/password, see if it works (and work my way up from there ⛑ )

  • @kiokoman

    I think i missed something. It looks like i can telnet from a Internet connection other than than the one used in my LAN. Sorry for troubling u guys. I forgot to to do that earlier. Thanks again for your advice's.

  • LAYER 8

    nice 👍

Log in to reply