First published on MSDN on Jan 23, 2019
Hello,
Today I worked in a service request when our customer tries to connect using
SSH to the 1433 port from a Linux environment
using a JumpBox in Azure to perform the connection.
In this situation, we need to know that in Azure, depending on where is the connection coming, the Gateway that Azure SQL Database has to validate the connection, has different behaviour, based on the IP source.
-
If the source IP is located outside Azure:
All the connection is stablished against the Gateway using the port 1433.
-
If the source IP is located inside Azure:
-
The first connection will be to the Gateway using the port 1433.
-
This gateway will validate the connection and provide to the client another
Database Server IP and another port (11000-14000)
to connect. This process is called
redirection
.
In this scenario,
using SSH and changing the external IP to private IP/VNET range our customer
was not able to connect because our Gateway understand that the connection is stablished inside Azure and perform the redirection.
-
The gateway receives
the connection using the port 1433
.
-
The gateway replies
with the re-direction policy.
-
As the
connection has been stablished using only 1433
when the client application tries to connect to the Database Server IP and port is not possible and is not able to connect.
-
To change the behaviour from redirect or default to proxy (use only the port 1433)
please, follow the steps mentioned in this
URL.
In our
YouTube channel
you could find more information about it.
Enjoy!