Config to allow SQL Server to be connected through CloudFlare?

by

I have already known the risk of exposing SQL Server database on the Internet, but please look at my situation: I have two instances of SQL Server: production (default instance SQLEXPRESS) and dev (SQLEXPRESSDEV). I have disabled both Administrator account of Windows and sa accounts of SQL Server. The server also has some running websites. EDIT: The server is running MS Windows 2008 R2 and both instances are SQL Server 2014 Express.

The production instance is kept private and can only be logged in with Windows Authentication. Now I want to expose the Dev instance, but I do not want to expose the IP Address. Therefore, I was using Cloudflare service for the websites, and is intend to create DNS record for sql.mydomain.com for accessing SQL Server.

However, I cannot figure out how. According to CloudFlare, there are those ports that can be forwarded, and I am intending to use port 2086, knowing I will never need that port. I have tried to set the TCP/IP port in both SQL Native Client Configuration and SQL Server Network Configuration to 2086, adding that port to both Inbound and Outbound of Firewall rule. In my own computer, I tried to connect using sql.domain.com,2086, but I receive this message:

TITLE: Connect to Server

Cannot connect to sql.domain.com,2086\SQLEXPRESSDEV.

—————————— ADDITIONAL INFORMATION:

A connection was successfully established with the server, but then an
error occurred during the pre-login handshake. (provider: TCP
Provider, error: 0 – An existing connection was forcibly closed by the
remote host.) (Microsoft SQL Server, Error: 10054)

For help, click:
http://go.microsoft.com/fwlink?ProdName=Microsoft%20SQL%20Server&EvtSrc=MSSQLServer&EvtID=10054&LinkId=20476

An existing connection was forcibly closed by the remote host

Is it because the CloudFlare proxy? Is there anyway I can achieve this (hiding IP and exposing only one instace)? I left the TCP/IP settings on the production instance Disabled.

Answer

That page specifies the protocols that work on each port, HTTP and HTTPS only. I don’t think you can access a database through CloudFlare’s proxy.

Attribution
Source : Link , Question Author : Luke Vo , Answer Author : Tim

Leave a Comment