[OpenVPN home] [Date Prev] [Date Index] [Date Next]
[OpenVPN mailing lists] [Thread Prev] [Thread Index] [Thread Next]
Google
 
Web openvpn.net

Re: [Openvpn-users] Openvpn client and SQL


  • Subject: Re: [Openvpn-users] Openvpn client and SQL
  • From: Ilyas <just_ilyas@xxxxxxxxx>
  • Date: Tue, 19 Jun 2007 06:44:29 -0700 (PDT)

Hi,

> On Wednesday 04 October 2006 05:56, Ing. Rogelio Sevilla Fernandez wrote:
>> I want connect to a client with SQL using openvpn 2.x. The problem Is:
>> if the SQL is started before the openvpn, the SQL cant bind on the
>> Client's VPN IP.

Yes, but you can use tricky way :)

It is not nessesary because you can connect to your sql server by the ip you gain by OpenVPN. Just try on that box where is SQL server and OpenVPN running:

telnet vpn_ip 1433

you will see that you can connect.

Solution for:  a client connection to an SQL server through the VPN tunnel
------------------------------------------------
I have Windows2003 Server with standard firewall, SQL 2005 and OpenVPN 2 as a client to FreeBSD 6.1 with OpenVP server.

I have to securely access my data from sql which is located at co-location outside of my company. I use my own application which connects to sql server for data.

Steps:

1- OpenVPN running on windows2003 server(no problems with installation). I has 10.111.101.7 ip address
2- Activate Firewall
3- In Exception add 1433 sql port WITH Change scope and select custom list.   Add your vpn tunnel network or just ip:
    Port: 1433 TCP
   Custom list: 10.111.101.0/255.255.255.0,bla bla
(Becase of security)
4- In Exception add C:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe  WITH Change scope and select custom list.
   Add your vpn tunnel network or just ip:
    Port: 1433 TCP
   Custom list: 10.111.101.0/255.255.255.0,bla bla
(Becase of security)
5- In  Advanced tab of firewall  add  tcp port 1433 for your vpn interface(tun-tap device, mine VPN-Office)
6- In SQL Server Managent Studio, Database Engine, properties in remote connections check to allow remote connections
7- Block everything else.


Use:

I'm in my company(192.168.102.0/24) so i can freely use vpn ip address of sql server (10.111.101.7).You can use this ip as connection string in your apps

To test, you can use tcpdump -i tun4 to see traffic flow

So, I think this will be helpful to some who desire to use sql connection through secured tunnel


Now that's room service! Choose from over 150,000 hotels
in 45,000 destinations on Yahoo! Travel
to find your fit.