Thursday, May 6, 2010

Enabling SQL Ports on 2008R2

Quick Description: "netsh firewall" is deprecated on 2008 R2. A command line with the old syntax will work but will generate a warning that it has been deprecated.


Solution:
The new syntax is "netsh advfirewall firewall add rule name = dir = action = protocol= localport = "

This Microsoft article has a good comparison of the old syntax vs new syntax

Below are some of the handy command lines for adding port enabling to a sql2008R2 autoinstall (now with added sysprep goodness)

REM Core SQL Services

REM Default Instance
netsh advfirewall firewall add rule name="SQLServer" dir=in action=allow protocol=TCP localport=1433

REM Dedicated Admin Connection
netsh advfirewall firewall add rule name="SQL DAC" dir=in action=allow protocol=TCP localport=1434

REM Browser Service
netsh advfirewall firewall add rule name="SQL Browser" dir=in action=allow protocol=UDP localport=1434
 


REM Non Core Components
REM Dedicated Admin Connection
netsh advfirewall firewall add rule name="SQL DAC" dir=in action=allow protocol=TCP localport=1434

REM Mirroring EndPoint
netsh advfirewall firewall add rule name="Mirroring EndPoint" dir=in action=allow protocol=TCP localport=5022

REM Service Broker
netsh advfirewall firewall add rule name="SQL Service Broker" dir=in action=allow protocol=TCP localport=4022

REM Enable TSQL Debugger -- note, this is the same port as RPC
netsh advfirewall firewall add rule name="T-SQL Debugger" dir=in action=allow protocol=TCP localport=135

REM Browser service for Analysis Services
netsh advfirewall firewall add rule name="SQL Browser for Analysis Services" dir=in action=allow protocol=TCP localport=2382

REM Analysis services Default Instance
netsh advfirewall firewall add rule name="Analysis Services" dir=in action=allow protocol=TCP localport=2383

REM HTTP/HTTPS for reporting services
netsh advfirewall firewall add rule name="HTTP Reporting Services" dir=in action=allow protocol=TCP localport=80
netsh advfirewall firewall add rule name="HTTPS Reporting Services" dir=in action=allow protocol=TCP localport=443

No comments:

Post a Comment