hello! I'm looking for some azure help. I am trying to use the azure bastion host and using it as a tunnel to connect to a vm. I want use this tunnel to connect to the sql managed instance. I can ssh into the vm. I can connect to the sql db from the vm. I cant connect to sql using dbeaver or tableplus on my laptop using the vm as an ssh tunnel. the network security groups for bastion, vm, and sql are wide open for incoming and outgoing.
The problem seems to be that when going over 1433 port sql gives back another port for the connection, here's and example of the error:
The TCP/IP connection to the host 127.0.0.1, port 21329 has failed. Error: "The driver received an unexpected pre-login response. Verify the connection properties and check that an instance of SQL Server is running on the host and accepting TCP/IP connections at the port. This driver can be used only with SQL Server 2005 or later."
so I have a few questions.
How do you connect to the azure sql from outside the vnet?
Has anyone seen this before and know a solution?
Is there a way to bind ports on SQL managed instance?
things i've tried:
public endpoint on sql (works, just don't want to use it for security reasons)
site-to-site vpn using another vm as bastion
ssh tunnel 1433 on my laptop to the vm that i have an ssh tunnel connected to
sshuttle on my laptop and foward all traffic to the vm on ssh tunnel
multiple sql managements, tableplus, azure data studio, dbeaver
sql-cli (works on vm, not mine)
opened all traffic and ports for incoming and outgoing on network security groups
private endpoint connected to sql and the vm subnet
Proxy and redirect sql connection
Created a SQL server instead of an managed instance
in all instances i have used username and username@Testta for username
Created MSSQL on AWS with similar setup (works)
things i haven't tried yet:
point to site VPN
Things I can't try:
Give the vm a public ip. I have a security policy in place to deny public IPs on network interfaces