L
Liam
Cross-posted to two groups, ASPNET.security and SQLSERVER.security.
We have a managed dedicated webserver offsite, and our SQL 2K Server is
on our LAN, at headquarters, behind our firewall. The webserver is also
behind a firewall.
Currently a VPN is established between the webserver firewall and our
headquarters firewall, connecting webserver to the SQL server on our LAN
at 192.168.1.100. We are using the DBMSSOCN library:
<add key="ConnectionString"
value="server=192.168.1.100,1433;
Network Library=DBMSSOCN;
Initial Catalog=BOGUS;
UserId=bogususer;
Password=bogusepword;
Pooling=yes"/>
This works like a charm but has some logistical drawbacks for us:
switching to another SQLServer box requires us to send a support ticket
in to the 3rd party managed webserver group and to coordinate also with
our 3rd-party network support, to change the VPN configuration on both
firewalls. As the application developer and de facto SQL manager in our
small organization, I would like the ability to change the back-end
database box simply by editing the ASP.NET web.config file and entering
a the IP address of the new SQLServer box, leaving the firewall rules
intact.
Is it possible to establish the VPN between the external webserver and
our internal LAN *DomainController* instead? Would the SQL traffic
coming in over the VPN know how to "hop" from the DomainController (e.g.
at 192.168.1.22) over to our SQL box (at 192.168.1.100 or wherever)
because of the DBMSSOCN library instruction and the SQL Server IP
address embedded in the connection string in the web.config? Is this
redirection of SQL traffic possible and automatic?
Thanks
Liam
We have a managed dedicated webserver offsite, and our SQL 2K Server is
on our LAN, at headquarters, behind our firewall. The webserver is also
behind a firewall.
Currently a VPN is established between the webserver firewall and our
headquarters firewall, connecting webserver to the SQL server on our LAN
at 192.168.1.100. We are using the DBMSSOCN library:
<add key="ConnectionString"
value="server=192.168.1.100,1433;
Network Library=DBMSSOCN;
Initial Catalog=BOGUS;
UserId=bogususer;
Password=bogusepword;
Pooling=yes"/>
This works like a charm but has some logistical drawbacks for us:
switching to another SQLServer box requires us to send a support ticket
in to the 3rd party managed webserver group and to coordinate also with
our 3rd-party network support, to change the VPN configuration on both
firewalls. As the application developer and de facto SQL manager in our
small organization, I would like the ability to change the back-end
database box simply by editing the ASP.NET web.config file and entering
a the IP address of the new SQLServer box, leaving the firewall rules
intact.
Is it possible to establish the VPN between the external webserver and
our internal LAN *DomainController* instead? Would the SQL traffic
coming in over the VPN know how to "hop" from the DomainController (e.g.
at 192.168.1.22) over to our SQL box (at 192.168.1.100 or wherever)
because of the DBMSSOCN library instruction and the SQL Server IP
address embedded in the connection string in the web.config? Is this
redirection of SQL traffic possible and automatic?
Thanks
Liam