Logo 
Search:

Sharepoint 2010 Articles

Submit Article
Home » Articles » Sharepoint 2010 » GeneralRSS Feeds

How to configure SharePoint and SQL Server to Communicate over Non-Standard Ports

Posted By: Destin Joy     Category: Sharepoint 2010     Views: 100672

Although SQL Server uses a standard port to communicate with other servers in a SharePoint 2013 farm, it is a best security practice to block the standard port assigned to the default instance. To protect against malicious users who will be aware of the default port used, you should instead reassign the default instance to a non-standard port. A good example of this was the  Slammer worm virus, which targeted buffer overrun and denial-of-service attacks on the SQL Server Resolution Service, which is well-known to run on UDP port 1434. Whereas the default instance is assigned a static, well-known port number by default, named instances are assigned random port numbers

 

Configuring a SQL Server instance to listen on a non-standard port

 

You configure a SQL Server instance to listen on a non-standard port by using the SQL Server

Configuration Manager console on the computer running SQL Server.

Perform the following steps to configure the SQL Server default instance to listen on a non-default port:

1. Open SQL Server Configuration Manager.

2. Expand SQL Server Network Configuration.

3. Select the default instance,Protocols for MSSQLSERVER.

4. Open the properties for the TCP/IP protocol.

5. On the IP Addresses tab:

a. For each IP address except IPAll, clear all values for both TCP Dynamic Ports and TCP Port.

b. Forn IPAll, clear the value for TCP Dynamic Ports, and for TCP Port, set another port number

value, for example 40000, that you want the default instance of SQL Server to listen on.

6. Restart the SQL Server service.

 

Blocking the standard SQL Server ports

If you are using Windows Firewall with Advanced Security at the time you install SharePoint 2013,

predefined inbound and outbound rules are automatically created to configure and open the appropriate

ports on the firewall for the installed services and applications. This is done to help secure the incoming

and outgoing network traffic. Because these rules are predefined and unsolicited traffic is blocked by

default, you do not need to explicitly block the standard SQL Server listening ports.

Configuring SQL Server client aliases

If you have blocked UDP port 1434 or TCP port 1433 as discussed earlier, you need to create an alias for

SQL Server clients so that they can successfully connect to the SQL Server. In a server farm, all web servers

and application servers are SQL Server client computers. When you create the alias, you specify the port

that the SQL Server instance in listening on.

You need to first install some SQL Server client components on the client computers so that they can

connect to the SQL Server instance.

To install the SQL Server client com ponents:

1. On each client computer, run Setup for SQL Server and select only the following client components

to install:a. Connectivity Components

b. Management Tools (includes SQL Server Configuration Manager)

You configure client aliases by using the SQL Server Configuration Manager console on the client

computers.

Perform the following steps to configure a SQL Server client alias:

1. On each client computer, open SQL Server Configuration Manager.

2. Select SQL Native Client Configuration.

3. In the Items window, right-click

 

Aliases, and then click New Alias.

Securing a SharePoint 2013 Deployment

4. Enter a name for the alias, and enter the port number for the database instance.

5. Ensure that the protocol is set to

 

TCP/IP.

6. In the  Server field, enter the name of the computer that is running SQL Server.

Share: 



Destin Joy
Destin Joy author of How to configure SharePoint and SQL Server to Communicate over Non-Standard Ports is from Pathanamthitta, India. Destin Joy says

 Hello Everyone,

I am Destin Joy from India I have MCPD in SharePoint 2010, MCTS SharePoint 2010 application development and MCTS in SharePoint 2007. I am mostly working in  core part of SharePoint (2010-2007) and passionate about new Microsoft technologies. Born and brought up in Kerala You can reach me  @ Destin.Joy@hotmail.com

 

 
View All Articles

 
Please enter your Comment

  • Comment should be atleast 30 Characters.
  • Please put code inside [Code] your code [/Code].

 
No Comment Found, Be the First to post comment!