External Websites making MSSQL Queries

  • Hi

    Can somebody please help me figure out a firewall rule that will allow an external website to make calls to my MS SQL Server that is running behind the pfsense 2.0-RELEASE (i386).

    I already create a rule that allow all sources to my MSSQL server running on port 3471 (TCP port), however all queries to the database server are very slow. Any suggestions please? I use a web interface to create the my firewall rules and aliases.


  • Did you create nat rules or only firewall rules?

  • I would never open MSSQL to the Internet. At a minimum, make sure you're restricting the source IP, and preferably use a VPN.

    With that said, if it's working at all, your firewall setup is good. Unless maybe you didn't open something else it's expecting and that's causing some kind of timeout, check the firewall logs for blocked traffic from the source IP of the SQL client.

  • standard MS SQL port is tcp 1433. not allowing that might be causing the timeout.

  • Queries can be slow for a variety of reasons.  You'll want to make sure you are using indexes where ever possible and minimize the amount of data transferred back and forth.  If you are actually connecting through a linked server then things get a lot more complicated as queries that used to run using indexes may not do so anymore (hint: you can't use PART of the primary key in a query and get it to use the clustered index).

Log in to reply