November 15, 2010 at 8:11 pm
data base engine at a server should only be accessed from one or two ip addresses.
it should not be accessed from any other ip addresses except the selected one.
could it be possible using windows firewall settings and ipsec in windows server 2008.
please anyone provide me with the solution it's urgent.
November 16, 2010 at 9:10 am
You can set the IPs in the SQL Server Configuration Manager that SQL Server listens on. In the network protocol section.
November 16, 2010 at 11:26 am
Steve Jones - SSC Editor (11/16/2010)
You can set the IPs in the SQL Server Configuration Manager that SQL Server listens on. In the network protocol section.
I *think* the OP is asking how to prevent anyone from connecting unless they come from a select list of IP addresses;
I'm sure you can do it witht eh firewall better, so it ignores all traffic except certain IP's but that could have to be done with a logon trigger also, right?
something like this?:(untested...don't lock yourself out copying and pasting this code)
CREATE TRIGGER trigLogon_CheckForIPAddress
ON ALL SERVER
FOR LOGON
AS
BEGIN
IF NOT EXISTS (
SELECT
client_net_address AS ipaddress
FROM sys.dm_exec_connections
WHERE session_id = @@spid
AND session_id IN('<localhost>','192.168.0.1','192.168.0.2','192.168.0.40') )
BEGIN
RAISERROR('Unauthorized use of login from inpermissible machine IP.', 16, 1)
--prevent connection
ROLLBACK
END
END;
GO
ENABLE TRIGGER trigLogon_CheckForIPAddress ON ALL SERVER
Lowell
November 17, 2010 at 12:19 am
could it be possible through windows firewall settings in windows server 2008
Viewing 4 posts - 1 through 4 (of 4 total)
You must be logged in to reply to this topic. Login to reply