November 6, 2001 at 2:01 am
Hi I'm new.
I've been working with SQL server 7 with a VB6 App. I don't understand most of the things in these forums but I'll give it a go anyway.
Can you tell me the best way to connect from an asp page on a web server to an SQL database on a private network to update records or view customers details from the web. Do I use replication or TCP/IP connection directly to the LAN somehow? My connection string works well when using the local server but when I access it from outside (a remote site) it cannot be accessed because the web IP is different from the LAN IP.
Any thoughts on this topic would be appreciated.
Bruce
November 6, 2001 at 5:12 am
Bruce, thanks for the question. We welcome readers of all levels! Read for a while, ask a question when you have one, pretty soon you'll understand a lot more than you used to:-)
Assuming your network admin will let the traffic through, it should just be a matter of changing the IP address you're trying to connect to. You'll need at least port 1433 open (and others Steve?).
Andy
November 6, 2001 at 10:55 am
The default for SQL Server is only potr 1433 (TCP). Enterprise manager is another story, it uses 445 (I think).
If your ASP page needs access, then whoever controls the firewall wants to let 1433 through, but only from your IP. Otherwise, anyone can connect to sql server using ASP/ a client tool, etc and keep guessing passwords.
Another thing, most private LANs use private networking, so you may need to have a NAT or PAT mapping to get the routing working.
Post if you have more questions.
Steve Jones
November 6, 2001 at 3:35 pm
Is it as simple as this:
the private network gives access to the webserver IP through port 1433. The webserver connects to '192.168.?.???:1433'
or am I missing something?
The asp page accesses a .dll on the webserver with the connection string and functions using stored procedures, I'm hoping that's enough security.
I appreciate the help, thank you.
Bruce
November 7, 2001 at 10:16 am
Bruce,
192.168.x.x addresses are private addresses. As such, they are non-routable across the Internet.
What usually happens is the router or firewall performs a process called NAT (or PAT) which translates the public IP to the private IP. This may be wholesale (all ports) or only for specific ports.
For example (not real numbers):
My company has a public IP for the website of 64.78.233.234, which is where you go when you type http://www.iqdestination.com. Our firewall translates any port 80 requests (http) to an internal 192.168.8.100 ip. The web server actually runs as ip 192.168.8.100. When the web server replies, the firewall then translates the return address (or sending address) to 64.78.233.234, even though the web server replied from 192.168.8.100. I could (though I haven't) setup my SQL Server as 192.168.8.101 and have the firewall map port 1433 to this ip. Then I could still connect with Query Analyzer (or an external ASP page) to 64.78.233.234 on port 1433 and the request would be sent to the SQL Server, not the web server.
Hope this makes sense. What you really need is the router/firewall/network guy to map an external IP to the SQL box. I would limit access through this map to your source IP, rather than allowing anyone to connect to the SQL Server.
If you need help, please have your network guy read this post and ask questions as well.
Steve
Steve Jones
November 8, 2001 at 2:52 am
Thanks Steve, you've given me plenty to work with I'm starting testing tomorrow. One more query though; would replication be more secure i.e. a copy of the data is kept on the clients ISP server, if this is how Replication works. Again my limited knowledge is probably more dangerous than useful.
Bruce
Viewing 6 posts - 1 through 5 (of 5 total)
You must be logged in to reply to this topic. Login to reply