Windows Firewall on Windows Server 2008 helps prevent unauthorized access to computer resources. However, if the firewall is configured incorrectly, attempts to connect to an instance of Microsoft SQL Server may be blocked. To access an instance of SQL Server that is behind the firewall, you must configure the firewall on the computer that is running SQL Server.
This article helps you open the firewall ports for SQL Server on Windows Server 2008.
To have us fix this problem for you, go to the "Fix it for me
" section. If you prefer to fix this problem yourself, go to the "Let me fix it myself
To fix this problem automatically, click the Fix this problem
link. Click Run
in the File Download
dialog box, and then follow the steps in this wizard.
This wizard may be in English only, but the automatic fix also works for other language versions of Windows.Note
If you are not on the computer that has the problem, save the Fix it solution to a flash drive or a CD and then run it on the computer that has the problem.
Next, go to the "Did this fix the problem?
The script that is discussed in this section opens the firewall ports for SQL Server.
To create the script, follow these steps:
- Start Notepad.
Copy and paste the following code into Notepad:
netsh advfirewall firewall add rule name="Open Port 80" dir=in action=allow protocol=TCP localport=80
@echo ========= SQL Server Ports ===================
@echo Enabling SQLServer default instance port 1433
netsh advfirewall firewall add rule name="SQL Server" dir=in action=allow protocol=TCP localport=1433
@echo Enabling Dedicated Admin Connection port 1434
netsh advfirewall firewall add rule name="SQL Admin Connection" dir=in action=allow protocol=TCP localport=1434
@echo Enabling Conventional SQL Server Service Broker port 4022
netsh advfirewall firewall add rule name="SQL Service Broker" dir=in action=allow protocol=TCP localport=4022
@echo Enabling Transact SQL/RPC port 135
netsh advfirewall firewall add rule name="SQL Debugger/RPC" dir=in action=allow protocol=TCP localport=135
@echo ========= Analysis Services Ports ==============
@echo Enabling SSAS Default Instance port 2383
netsh advfirewall firewall add rule name="Analysis Services" dir=in action=allow protocol=TCP localport=2383
@echo Enabling SQL Server Browser Service port 2382
netsh advfirewall firewall add rule name="SQL Browser" dir=in action=allow protocol=TCP localport=2382
@echo ========= Misc Applications ==============
@echo Enabling HTTP port 80
netsh advfirewall firewall add rule name="HTTP" dir=in action=allow protocol=TCP localport=80
@echo Enabling SSL port 443
netsh advfirewall firewall add rule name="SSL" dir=in action=allow protocol=TCP localport=443
@echo Enabling port for SQL Server Browser Service's 'Browse' Button
netsh advfirewall firewall add rule name="SQL Browser" dir=in action=allow protocol=UDP localport=1434
@echo Allowing multicast broadcast response on UDP (Browser Service Enumerations OK)
netsh firewall set multicastbroadcastresponse ENABLE
- Save the file as a .txt file by using the following name: OpenSqlServerPort.txt
- Rename the OpenSqlServerPort.txt file to the following: OpenSqlServerPort.bat
Before you run the OpenSqlServerPort.bat script, you must copy the script to the computer that has the firewall and then run the script on that computer. To run the script, follow these steps:
- Click Start, click Run, type cmd, and then click OK.
At the command prompt, use the cd command to move to the folder in which you saved the OpenSqlServerPort.bat file.
- To run the OpenSqlServerPort.bat script, type OpenSqlServerPort.bat at the command prompt, and then press Enter.
Check whether the problem is fixed by trying to access the instance of SQL Server from another computer. If the problem is fixed, you are finished with this article. If the problem is not fixed, you can contact support