I'm trying to connect Azure's SQL database via SQL Server 2008 R2 SP2. I'm using Azure with free trial subscription. I already search everywhere and tried these things:
Allow inbounds and outbounds rule in windows firewall for port 1433
Check that TCP connections in SQL Server Configuration Manager is available and running on port 1433
Create server and database on azure portal and configure its ip allowance
I connect with these settings
Server Type: Database Engine
Server Name: tcp:aaa.database.windows.net,1433 / aaa.database.windows.net
Login: bbb#aaa
Password: xxx
And the error is
"A network-related or instance-specific error occurred while
establishing a connection to SQL Server.
The server was not found or was not accessible. Verify that the
instance name is correct and that SQL Server is configured to allow
remote connections.
(provider: TCP Provider, error: 0 - A connection attempt failed
because the connected party did not properly respond after a period of
time, or established connection failed because connected host has
failed to respond) (Microsoft SQL Server, Error: 10060)"
P.S. I also can't ping xxx.database.windows.net and can't telnet xxx.database.windows.net 1433
Your question is confusing, as you're talking about both SQL Server and SQL Database. But, given the connection strings you mentioned (xxx.database.windows.net) you are definitely talking about SQL Database service, not SQL Server in a VM.
That said: You must allow certain IP addresses to connect to it (this is a built-in part of the service itself). Look at the SQL Database server's Firewall setting:
You'll need to add the IP address of your computer (or IP range), to access SQL Database through your local tools.
Related
I am trying to retrieve data from a table located in a postgresql database hosted on azure VM. I would like to inject this data into an Azure SQL Database. I set up the self hosted integration runtime. Since the Vm hosting my DB is a linux VM, i have setup self-hosted IR on windows VM and using that I am able to connect to DB and copy the data to ABS location without any problem but when I try to copy the same data to SQL database, I am getting following error:
ErrorCode=SqlFailedToConnect,'Type=Microsoft.DataTransfer.Common.Shared.HybridDeliveryException,Message=Cannot connect to SQL Database: 'XXX', Database: 'XXX', User: 'XXX'. Check the linked service configuration is correct, and make sure the SQL Database firewall allows the integration runtime to access.,Source=Microsoft.DataTransfer.ClientLibrary,''Type=System.Data.SqlClient.SqlException,Message=A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - A connection attempt failed because the connected party did not properly respond after a period of time, or established connection failed because connected host has failed to respond.),
Source=.Net SqlClient Data Provider,SqlErrorNumber=10060,Class=20,ErrorCode=-2146232060,State=0,Errors=[{Class=20,Number=10060,State=0,Message=A network-related or instance-specific error occurred while establishing a connection to SQL Server. ...
After searching about I opened the inbound and outbound traffic for port 1433 on machine which is hosting IR and and outbound traffic for port 1433 on machine which is hosting the database but I am still getting the same error.
Any idea what am I missing here?
I managed to solve the problem. As per azure documentation here, if we are trying to connect to SQL database from within Azure cloud then we need to open communication to port range 11000-11999. We need to put this port range in network security list for outbound connections.
I have my data migrated to managed instance and configured fail over group. But not able to connect to my database using SSMS .I have also tried connecting by giving database name in options
Error:
A network-related or instance-specific error occurred while
establishing a connection to SQL Server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections. (provider: TCP
Provider, error: 0 - A connection attempt failed because the connected
party did not properly respond after a period of time, or established
connection failed because connected host has failed to respond.)
(Microsoft SQL Server, Error: 10060)
A connection attempt failed because the connected party did not
properly respond after a period of time, or established connection
failed because connected host has failed to respond
Failover group listener endpoint is basically a DNS record pointing to the private IP address of the current primary of failover group. The error message indicates that there is no network path between the client machine running SSMS and managed instance injected into your VNet within your private IP address space.
Given this error message I would expect that you cannot connect from the same client machine even using fully-qualified name of the instance itself.
Do you have P2S, S2S or Express Route established between the two locations?
I am trying to connect to a SQL server running on an Azure VM using the below sample code (having defined the SQL user name and password):
$SqlCredential = Get-AutomationPSCredential -Name $SqlCredentialAsset
# Get the username and password from the SQL Credential
$SqlUsername = $SqlCredential.UserName
$SqlPass = $SqlCredential.GetNetworkCredential().Password
# Define the connection to the SQL Database
$Conn = New-Object System.Data.SqlClient.SqlConnection("Server=tcp:$SqlServer,$SqlServerPort;Database=$Database;User ID=$SqlUsername;Password=$SqlPass;Trusted_Connection=False;Encrypt=True;")
this code works when I am connecting to Azure SQL Database , but not when connecting to SQL running off Azure VM.
the error thrown is:
Error occured: Exception calling "Open" with "0" argument(s):
"A network-related or instance-specific error occurred while establishing a
connection to SQL Server. The server was not found or was not accessible.
Verify that the instance name is correct and that SQL Server is configured to allow remote connections.
(provider: TCP Provider, error: 0 - No such host is known.)"
I have verified on the VM SQL remote connections are enabled and including TCP port 1433 defined.
Probably it's a network related issue. If you have verified on the VM SQL remote connections are enabled and including TCP port 1433 defined. Also, the port 1433 was opened in the inbound port rule of NSG attached to the VM and windows firewall inside the VM. You could use telnet verify this port locally.
Moreover, you could specific $SqlServer= "sqlvmlabel.eastus.cloudapp.azure.com"which is a public DNS name of Azure VM. Here is an example of a connection string for using SQL Authentication.
Server=sqlvmlabel.eastus.cloudapp.azure.com;Integrated Security=false;User ID=<login_name>;Password=<your_password>
Read more information: connect to a SQL Server Virtual Machine on Azure
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App. The status is successfully connected: ServerB:1010 is defined
On My On Premise machine (ServerA) I can connect to a HTTP Service which is running on ServerB:1010 but I can't install the Hybrid Connection Manager on ServerB because of other restrictions.
If I Use WebClient.UploadData('ServerB:1010', data[]) in my Azure Web App I receive following error.
Unable to connect to the remote server ---> System.Net.Sockets.SocketException: An attempt was made to access a socket in a way forbidden by its access permissions.
If I connect to a database server MySql or Oracle which are also accessible from this server I don't have any problems
I have created successfully a Hybrid Connection (ServerA) and linked it to my Azure Web App.
Remove it and add a Hybrid Connection to Server B instead. Install the Hybrid Connection Manager on Server A. The HCM will act as a reverse proxy.
Hybrid Connections do not care which server has the HCM installation as long as that server can reach the DNS name you specify in the New > Hybrid Connection Portal blade.
Example traffic flow for WebClient.UploadData('ServerB:1010', data[]):
Web App ---> Hybrid Connection ---> HCM on Server A ---> 1010/TCP on Server B.
<--- <--- <---
There's an easier way to test. Open the Kudu console and do
tcpping ServerB:1010
CORRECTION: The tcpping test is very misleading since you're handshaking the Azure-end of the Hybrid Connection, not the on-prem application's TCP endpoint. And that may happily reply to you even though the on-prem stuff is not connected. Here's what i mean:
Always test at application layer (e.g. with curl.exe http://webservice.corp.local from the Kudu Console)
You must use names instead of IP addresses. Use the full FQDN to reference ServerA and ServerB both in the Portal setup and in your code. Hybrid Connections work by intercepting DNS calls at OS level and resolving them to the magic 127.0.0.x which is then routed over the Hybrid Connection to on-prem.
TL;DR version:
Instead of
10.10.10.2:1010
use
ServerB.domain.local:1010
both in the Portal setup and when referencing the on-prem host in your code.
Here's what happens if you use an IP Address instead of name:
In Kudu's DebugConsole:
D:\home>nameresolver 192.168.0.4
Server: Default
Non-authoritative answer:
Name: 192.168.0.4
Addresses: 127.0.0.3
D:\home>tcpping 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Connection attempt failed: An attempt was made to access a socket in a way forbidden by its access permissions 192.168.0.4:80
Complete: 0/4 successfull attempts (0%). Average success time: 0ms
D:\home>curl -s 192.168.0.4
This is iisstart.htm from IIS 8.5 on Windows Server 2012 R2, on-prem.
So depending on what APIs you call (APIs that take 192.168.0.4 as FQDN vs IP Address) it kinda works.
You can't use tcpping with Hybrid Connections. It doesn't really tell you anything. All that tells you is that you hit the local socket that will catch your TCP traffic headed to your HC endpoint. It doesn't actually go through the connection.
As far as using an IPv4 address with Hybrid Connections, it can work and yet sometimes it won't. The reason for that is that the feature functions by catching the DNS request. If you are using a client library in your application code that doesn't do a DNS lookup on IP addresses then it won't go over the Hybrid Connection.
The DNS name must resolve to the correct IP address from the host(s) where you have the Hybrid Connection Manager running.
Going to the original question, you need a Hybrid Connection defined for your endpoint of ServerB port 1010. The DNS name used for ServerB must resolve from the host(s) running the HCM. Your HCM needs network access to ServerB port 1010 and to Azure. Your status says Connected which means that your web app can talk to your Hybrid Connection Manager for that endpoint. So, test connectivity from the host running the HCM to your desired host:port endpoint. Use a DNS name if you can. I hope this unblocks you.
I've deployed my version in windows azure.
After that I've added sql database. When I trying to connect, it doesn't allow from local. So I've clicked on "Set up Windows Azure firewall rules for this IP address" and added ip address. Now working fine when I run from local.
But When I tried to access from the iis8, I got an isssue is,
A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections. (provider: TCP Provider, error: 0 - No such host is known.)
.Net SqlClient Data Provider.
In local, the same functionality is working fine.
Your server running IIS8 needs to be added to the firewall just like you did with your local machine, you can do this either using the Management Portal or you can connect to your SQL Azure instance from your local machine and run:
exec sp_set_firewall_rule N'IIS8 Webserver','X.Y.Z.0','X.Y.Z.0';
Where the first arguments is name of this firewall rule and X.Y.Z.0 is the public ip of your IIS8 Webserver.
The reason its specified two times is that you can specify a range of IP's.
More info here