Configure SQL Server to listen on a specific TCP port
Applies to: SQL Server
This article describes how to configure an instance of the SQL Server Database Engine to listen on a specific fixed port by using SQL Server Configuration Manager. If enabled, the default instance of the SQL Server Database Engine listens on TCP port 1433. Named instances of the Database Engine and SQL Server Compact are configured for dynamic ports. This means they select an available port when the SQL Server service is started. When you connect to a named instance through a firewall, configure the Database Engine to listen on a specific port, so that the appropriate port can be opened in the firewall.
Because port 1433 is the known standard for SQL Server, some organizations specify that the SQL Server port number should be changed to enhance security. This might be helpful in some environments. However, the TCP/IP architecture permits a port scanner to query for open ports, so changing the port number isn't considered a robust security measure.
For more information about the default Windows firewall settings, and a description of the TCP ports that affect the Database Engine, Analysis Services, Reporting Services, and Integration Services, see Configure the Windows Firewall to Allow SQL Server Access.
When selecting a port number, consult https://www.iana.org/assignments/port-numbers for a list of port numbers that are assigned to specific applications. Select an unassigned port number. For more information, see The default dynamic port range for TCP/IP has changed in Windows Vista and in Windows Server 2008.
The Database Engine begins listening on a new port when restarted. However the SQL Server Browser service monitors the registry and reports the new port number as soon as the configuration is changed, even though the Database Engine might not be using it. Restart the Database Engine to ensure consistency and avoid connection failures.
Use SQL Server Configuration Manager
Assign a TCP/IP port number to the SQL Server Database Engine
In SQL Server Configuration Manager, in the console pane, expand SQL Server Network Configuration, select Protocols for <instance name>, and then in the right pane double-click TCP/IP.
If you are having trouble opening SQL Server Configuration Manager, see SQL Server Configuration Manager.
In the TCP/IP Properties dialog box, on the IP Addresses tab, several IP addresses appear in the format IP1, IP2, up to IPAll. One of these is for the IP address of the loopback adapter, 127.0.0.1. Additional IP addresses appear for each IP address on the computer. (You may see both IP version 4 and IP version 6 addresses.) Right-click each address, and then select Properties to identify the IP address that you want to configure.
If the TCP Dynamic Ports dialog box contains 0, indicating the Database Engine is listening on dynamic ports, delete the 0.
In the IPn Properties area box, in the TCP Port box, type the port number you want this IP address to listen on, and then select OK. Multiple ports may be specified by separating them with a comma. Select OK.
If the Listen All setting on the Protocol tab is set to "Yes", then only TCP Port and TCP Dynamic Port values under the IPAll section will be used and individual IPn sections will be ignored in their entirety. If the Listen All setting is set to "No", then the TCP Port and TCP Dynamic Port settings under the IPAll section will be ignored and the TCP Port, TCP Dynamic Port, and Enabled settings on the individual IPn sections will be used instead.
Each IPn section has an Enabled setting with a default value of "No" which causes SQL Server to ignore this IP address even if it has a port defined.
In the console pane, select SQL Server Services.
In the details pane, right-click SQL Server (<instance name>) and then select Restart, to stop and restart SQL Server.
After you configure SQL Server to listen on a specific port, there are three ways to connect to a specific port with a client application:
- Run the SQL Server Browser service on the server to connect to the Database Engine instance by name.
- Create an alias on the client, specifying the port number.
- Program the client to connect using a custom connection string.