Windows Firewall - rules presedence - problems connecting to SQL server on local network

Moshe Yalovsky 5 Reputation points
2023-07-18T15:54:02.6633333+00:00

I was trying to allow SQL server traffic through the firewall of a Windows 10 computer. I ran the following in PS:

New-NetFirewallRule -DisplayName "SQLServer default instance" -Direction Inbound -LocalPort 1433 -Protocol TCP -Action Allow

The results showed in the detailed list of rules in the Firewall app.

The settings of the Firewall for the "public" local network were

Firewall state: On inbound connections: Block outbound connections: Allow (default). My understanding is that specific rules take precedence over the general rules.

With these settings, I could not connect to the SQL server on this computer from another computer on the network. To troubleshoot, I ran nmap on the client computer and it showed that port 1433 is filtered. The only way I was able to make the connection is to change the firewall setting to: Inbound Connections - allow.

Question: Is this the correct and only way to let inbound traffic to SQL server on a Windows 10 computer?

Thanks in advance

SQL Server
SQL Server
A family of Microsoft relational database management and analysis systems for e-commerce, line-of-business, and data warehousing solutions.
14,433 questions
Windows Network
Windows Network
Windows: A family of Microsoft operating systems that run across personal computers, tablets, laptops, phones, internet of things devices, self-contained mixed reality headsets, large collaboration screens, and other devices.Network: A group of devices that communicate either wirelessly or via a physical connection.
813 questions
Windows 11
Windows 11
A Microsoft operating system designed for productivity, creativity, and ease of use.
10,666 questions
{count} votes

2 answers

Sort by: Most helpful
  1. Hania Lian 21,181 Reputation points Microsoft Vendor
    2023-07-19T06:58:00.45+00:00

    Hi @Moshe Yalovsky

    Based on the information you provided, the problem seems to be related to the firewall settings. You mentioned that changing the firewall setting to "Inbound Connection - Allow" solved the problem. This indicates that a firewall is blocking incoming traffic on port 1433.

    There are other ways to allow inbound traffic into SQL Server on a Windows 10 computer, such as using a third-party firewall or a virtual private network (VPN). However, enabling inbound connections in Windows Firewall is the most common and straightforward method.
    Hope the information is helpful.

    Best Regards,

    Hania Lian

    ============================================
    If the Answer is helpful, please click "Accept Answer" and upvote it.

    0 comments No comments

  2. AniyaTang-MSFT 12,446 Reputation points Microsoft Vendor
    2023-07-19T08:20:56.2133333+00:00

    Hi @Moshe Yalovsky

    For the rule priority of Windows Firewall inbound rules, you can check this link: https://learn.microsoft.com/en-us/windows/security/operating-system-security/network-security/windows-firewall/best-practices-configuring#understand-rule-precedence-for-inbound-rules.

    For configuring Windows Firewall to allow SQL Server access, you can check this link: https://learn.microsoft.com/en-us/sql/sql-server/install/configure-the-windows-firewall-to-allow-sql-server-access?view=sql-server-ver16#programs-to-configure-the-firewall.

    If the answer is helpful, please click Accept Answer and Up-Vote for the same. If you have any questions, please feel free to let me know.

    Best regards,

    Aniya


Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.