How to configure ISA Server, Microsoft Forefront Threat Management Gateway, Medium Business Edition, or Windows Essential Business Server 2008

To administer a computer that is running SQL Server 2000 or SQL Server 7.0 through an ISA server or Microsoft Forefront Threat Management Gateway, Medium Business Editionateway, you must configure both the ISA server and the client computer that has Enterprise Manager installed.

Steps to configure the ISA server or Microsoft Forefront Threat Management Gateway, Medium Business Edition and Windows Essential Business Server 2008

  1. Create a protocol definition for port 1433. Port 1433 is the default SQL port. To do so, follow these steps:
    1. Click Start, point to Programs, point to Microsoft ISA Server or Microsoft Forefront Threat Management Gateway, Medium Business Edition, and then click ISA Server Management or Microsoft Forefront Threat Management Gateway, Medium Business Edition Management.
    2. In the left pane, click Firewall Policy.
    3. In the right pane, click the Toolbox tab, and then click Protocols.
    4. Click New, and then click Protocol.
    5. In the Protocol definition name box, type a name for the protocol definition, and then click Next.
    6. In the Primary Connection Information dialog box, click New.
    7. In the Protocol type list, click TCP, in the Direction list, click Outbound, in thePort Range section, type 1433 in the From box, type 1433 in the To box, and then click OK.
    8. Click Next.
    9. When you are prompted if you want to use secondary connections, click No, and then click Next.
    10. Click Finish.
  2. Create an access rule that is based on the protocol definition. To do so, follow these steps:
    1. In ISA Server Management, click Firewall Policy in the left pane.
    2. In the right pane, click the Tasks tab, and then click Create New Access Rule.
    3. In the Access rule name box, type a name for the access rule, and then clickNext.
    4. In the Rule Action dialog box, click Allow, and then click Next.
    5. In the This rule applies to list, click Selected protocols.
    6. Click Add, expand User-Defined, click the protocol definition that you created in step 1, click Add, click Close, and then click Next.
    7. In the Access Rule Sources dialog box, click Add.
    8. Locate and then click the network entity that you want to add, and then click Add.
    9. To add more than one network entity, repeat step h for each network entity that you want to add. When you are finished, click Close, and then click Next.
    10. In the Access Rules Destinations dialog box, click Add.
    11. Locate and then click the network entity that you want to add, and then click Add.
    12. To add more than one network entity, repeat step k for each network entity that you want to add. When you are finished, click Close, and then click Next.
    13. In the User Sets dialog box, click Add.
    14. Locate and then click the user set that you want to add, and then click Add.
    15. To add more than one user set, repeat step n for each user set that you want to add. When you are finished, click Close, and then click Next.

      Note If you do not want the rule to apply to all users, under This rule applies to requests from the following user sets, click All Users, and then clickRemove.

    16. Click Finish.

Steps to configure the client computer

Change the default network library to TCP/IP in the Client Network Utility. To do so, follow these steps:

  1. To start the Client Network Utility, click Start, point to Programs, point to Microsoft SQL Server 7.0 or to Microsoft SQL Server if you are running Microsoft SQL Server 2000, and then click Client Network Utility.

    Note You can also start the Client Network Utility if you click Start, click Run, typecliconfg in the Open box, and then click OK.

  2. If you are running SQL Server 7.0 and the corresponding Enterprise Manager, follow these steps:
    1. On the General tab, click TCP/IP in the Default network library list.
    2. To configure an alias, click Add.
    3. In the Server alias box, type the SQL server name, in the Network librariessection, click TCP/IP, and then click OK two times.

      Note Type the IP address in the Computer name box if you cannot resolve the server name.

    If you are running SQL Server 2000 and the corresponding Enterprise Manager, follow these steps:

    1. On the General tab, make sure that TCP/IP appears first in the Enabled protocols by order box. If it does not, click TCP/IP, and then click the arrow until TCP/IP appears first in the list.

      If TCP/IP is not enabled, click TCP/IP in the Disabled protocols box, and then click Enable.

    2. To configure an alias, click the Alias tab, and then click Add.
    3. In the Server alias box, type the SQL server name, and then in the Network libraries section, click TCP/IP

      Note Type the IP address in the Server name box if you cannot resolve the server name.

    4. Click to clear the Dynamically determine port check box so that the Port number is set to 1433, and then click OK two times.

Note If you cannot resolve the SQL server name through Domain Name System (DNS), Windows Internet Naming Service (WINS), the Hosts file, the Lmhosts file, or broadcast, you must add an alias configuration in the Client Network Utility. In this case, when you add an alias, you must type the IP address as the computer name. You can also change the port that you are using. If you do so, configure the ISA server and SQL server accordingly. 

When you add a server in Enterprise Manager, you must specify a name that can be resolved to an IP address. If you type an IP address instead of a name, Enterprise Manager tries to resolve the IP address to a name. To resolve the IP address, you can either configure the name resolution correctly or you can use an alias.

Leave a comment