Trying to block SQL access with an NSG.

Question

question

ByronViljoen-5856 asked · Feb 25 at 08:02 PM

Trying to block SQL access with an NSG.

Hi there,

I am trying to block my WebServer from accessing a SQL instance hosted on my DBServer.

I have included a topology of my network to possibly make troubleshooting easier.

I have added an incoming rule to my NSG that is associated with my DBServers network interface

I have even tried creating an NSG on the DBServer subnet to block all SQL access to the entire subnet on port 1433.

For some reason, i can still access my SQL server through SQL management studio on my webserver.

I can easily block access from the Windows firewall, but thats not really the point.

Really not sure what i am doing wrong?

azure-virtual-machines

1.png (39.2 KiB)

2.png (16.9 KiB)

1

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

msrini-MSFT · Feb 27 at 05:55 AM

Hi,

Is your subnet has service endpoints enabled ?
Also can you ping the db FQDN from the web server and check if it is resolving to the same DB which you are referring to ?

0 · ·

Answer 1 · 2020-03-02T00:16:14.257Z

JonelMRienton-3402 answered · Mar 02 at 12:16 AM

If you go to your SQL Server -> Security -> Firewalls and virtual networks, do you have the Allow Azure services and resources to access this server set to On?

Share

10 |1000 characters needed characters left characters exceeded

Attachments: Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

question