I'm looking for some insight on this because I'm at a loss.
I have everything setup to allow the connection via port 1433. I can see the traffic hitting my ePO SQL server, but its not allowing them to authenticate. It is not showing up in the SQL logs at all nor the windows logs. I do see the established 1433 connection in netstat. Its as if they don't see a SQL instance at all once they are in.
Open the Database Configuration page for ePO using a web connection: https://<servername>:8443/core/config Click Test Connection (bottom-right corner) to verify the connection to the database is successful.
Also, under ePO Configuration Registered Servers/Authentication type is the same on the SQL side.
Under Sql Server Management Studio, right click DB (not the instance), select properties, then select security: server authentication
SQL Port Confirmation:
1) SQL Server Configuration Manager
2) SQL Server Network Configuration > Protocols for <Instance Name>
3) Right Click on TCP/IP and select Properties
4) In TCP/IP Properties dialog box, go to IP Addresses tab and scroll down to IPAll group.
So I checked the areas you suggested but they were already filled in with the correct info already.
Here's everything I've done:
Allowed bi-directional traffic through the firewall.
Allowed remote connections on SQL.
Running netstat I can see the established connection.
No logs get generated from them trying to access nor any error logs from failed attempts in SQL Studio or Windows.
Running tcpdumps on all interfaces I can see their traffic coming all the way through to the server and stays up through keep-alives. However it seems it doesnt know where to go after its in the server. They run a database connection and it fails.
I've tried having them use the default instance as well as what we thought might be a different name.
"....I can see the traffic hitting my ePO SQL server, but its not allowing them to authenticate....." "THEM" are they trying to logon to the ePO console? If so, are they using AD or ePO local created accounts? If using AD; make sure to add your LDAP server under Configuration / Registered Servers.
They are using SQL accounts that we created directly on the instance. We have double checked the permission are correct as well. The account is connecting over port 1433. They are using an extension installed in ePO to do the connection. The goal is to try and perform rollup to an external ePO.
"...They are using an extension installed in ePO to do the connection...." So, sounds like they are able to login to ePO, yet unable to initiate SQL connection through the extension. Wondering, on the ePO w/the SQL extension, has the SQLDB been added to Registered Server?
That's exactly what they are trying to do, they are trying to add us as a registered server so that they can pull our event logs out of the database. They are using that extension to connect. Encryption has been ruled out on both ends.