If you are running Windows Firewall on the same computer as the SQL Server, remote connections to the SQL Server will be blocked unless the SQL Server and SQL Browser service can communicate through the firewall. You have to add an exception in Windows Firewall for these services to make a connection from the nShift On-premises client to the nShift On-premises Server.
This guide will explain how to:
- Configure Windows Firewall for Consignor service
- Configure Windows Firewall for SQL Server using dynamic ports
- Configure Windows Firewall for SQL Server using static ports
If in doubt whether your SQL Server uses dynamic or static ports, then open SQL Server Configuration Manager and click the SQL Server Network Configuration > Protocols for NSHIFT. Right-click on TCP/IP and choose Properties. Inside the IP Addresses tab, you can see if a dynamic or static port is specified. In the example below, the SQL Server uses static ports.
Configure Windows Firewall for Consignor service
You need to open the ports used by On-premises clients to communicate with the On-premises Server.
- Open Windows Defender Firewall and choose Advanced settings from the left side menu.
- Select Inbound Rules and click New Rule.
- Follow the New Inbound Rule Wizard by choosing the Port radio button in the first step and clicking Next.
- Select TCP and enter the port and site port to nShift. The default ports are 52345 and 52346, but if you have changed the server.ini file to use another port and site port, you must use these instead.
- Choose the radio button Allow the connection and click Next.
- Select the appropriate profile and click Next. Usually, it will be a Domain profile if you are connected to a corporate network. (You may check your network information by choosing Control Panel > Network and Sharing Center if you're in doubt about your profile).
- In the last step, you may add an optional name and description. Click Finish.
Configure Windows Firewall for SQL Server using dynamic ports
To connect a client to a Consignor server running on a SQL with dynamic ports follow these steps:
- Open Windows Defender Firewall and choose Advanced settings from the left side menu.
- Select Inbound Rules and click New Rule.
- Follow the New Inbound Rule Wizard by choosing the Program radio button in the first step and clicking Next.
- Click the Browse... button and find the path C:\Program Files\Microsoft SQL Server\MSSQL11.CONSIGNOR\MSSQL\Binn\sqlservr.exe Click Open and Next. (Note that the path may vary depending on where the SQL server is installed).
- Choose the radio button Allow the connection and click Next
- Select the appropriate profile and click Next. Usually, it will be a Domain profile if you are connected to a corporate network. (You may check your network information by choosing Control Panel > Network and Sharing Center if you're in doubt about your profile).
- In the last step, you may add an optional name and description. Click Finish.
- Click New Rule again to create another Inbound rule.
- Select Port and click Next.
- Select UDP and enter the specific port 1434.
- Choose the radio button Allow the connection and click Next.
- Select the appropriate profile and click Next.
- In the last step, you may add an optional name and description. Click Finish.
- Your On-premises Client should now be able to make a connection to your On-premises Server.
Configure Windows Firewall for SQL Server using static ports
To connect a client to an On-premises server running on an SQL with static ports follow these steps:
- Open Windows Defender Firewall and choose Advanced settings from the left side menu.
- Select Inbound Rules and click New Rule.
- Follow the New Inbound Rule Wizard by choosing the Port radio button in the first step and clicking Next.
- Select TCP and enter the specific port 1433. Click Next.
- Choose the radio button Allow the connection and click Next
- Select the appropriate profile and click Next. Usually, it will be a Domain profile if you are connected to a corporate network. (You may check your network information by choosing Control Panel > Network and Sharing Center if you're in doubt about your profile).
- In the last step, you may add an optional name and description. Click Finish.
- Click New Rule again to create another Inbound rule.
- Select Port and click Next.
- Select UDP and enter the specific port 1434. Click Next.
- Choose the radio button Allow the connection and click Next
- Select the appropriate profile and click Next.
- In the last step, you may add an optional name and description. Click Finish.
- Your On-premises Client should now be able to make a connection to your On-premises Server.
Please see our article Update of nShift On-premises client fails if you have problems in the connection between server and client.