Re: Interesting issue connecting to Sql server through a firewall..

From: Sue Hoegemeier (Sue_H_at_nomail.please)
Date: 03/31/04 

Date: Tue, 30 Mar 2004 18:47:29 -0700

Connecting with an IP address doesn't necessarily mean that
the clients will use TCP/IP for the network library. Try to
force the clients to connect through TCP/IP by specifying
the network library to use, e.g.
Network Library=DBMSSOCN
I don't know about the issue with specifying libraries with
the JDBC driver but you can also set this up on the client
by configuring an alias and the network library with the
Client Network Utility.

-Sue

On Tue, 30 Mar 2004 16:22:15 -0600, "Bill B"
<fakexxbbaulingyy@unitedcenter.com> wrote:

>We have an app in development. The front end of the app is web-based running
>tomcat.
>This app sits in our DMZ.
>This app communicates to a sql 2000 server on our corporate network. The
>connection is via microsofts jdbc 2000 connector.
>
>We have allowed the server hosting the app to initiate connections to the
>internal sql server on port 1433 only. The sql server can communicat any/any
>back to the dmz.
>
>I am seeing some interesting behavior - The front end initiates a connection
>to the DB server on 1433 which is successful, but then also tries to
>initiate a connection on 137 (named pipes/nbname), of course the firewall
>blocks this and it eventually times out. and the opens addtional pool
>connection on 1433. This causes the app to load very slowly as the pages
>are data driven. If we open up 137 then the app runs at a normal speed.
>
>I dont understant why the front end is trying to communicate to the server
>on anything other than 1433. The server is configured for tcp/ip only. The
>JDBC driver and app on the front end is doing everything by IP address.
>
>I've thought of trying a host file on the front end resolving the back end.
>and vice versa, but this shouldnt matter as everything is IP and not name.
>
>I am now trying to figure out if this is an issue with the microsoft jdbc
>driver config - though it looks like you dont have the ability to specify
>protocols in it, an issue witht he sql server - perhaps the response to the
>initial connection is telling the client to talk named pipes, or if its
>just an OS issue.
>
>Leaving 137 open from the dmz app to the internal sql server is not an
>option.
>
>Thanks in advance.
>
>Bill
>
>
>
>
>

Relevant Pages

  • Re: .Net Scalability problem
    ... LoadRunner will peak out a server with a few virtual users. ... To get an idea of load, ... Fire off the test client and watch the number of ... > So I think that the MTC generate concurrent connection and per ...
    (microsoft.public.dotnet.framework.adonet)
  • Re: Connection lost at same time every hour (sometimes)
    ... After making the two following alterations on the server the problem seems ... After analyze your ipconfig on SBS and client, ... Then, other connection is good, ...
    (microsoft.public.windows.server.sbs)
  • Re: server disconnection - very often
    ... Reason of permanent popups is VMware server aplication on clients. ... Run CEICW to configure the network of SBS: ... Two network adapters - manual router connection to broadband ... Uninstall VMware on client. ...
    (microsoft.public.windows.server.sbs)
  • Re: Lan setup 2 nic
    ... The external nic only has TCP/IP enabled. ... Ipconfig of the server is looking good, but the client is still missing the ... > connection so we have a 2 nic with router setup now. ...
    (microsoft.public.windows.server.sbs)
  • Re: Regular disconnections from remote web workplace
    ... I can connect to office server and all office clients from home at all times ... be physically working right up until the connection is lost. ... If I enter http://companyip from a client I receive the login screen for the ... Click Services tab and select Hide All Microsoft Services and Disable ...
    (microsoft.public.windows.server.sbs)