I was happily using mysql command line in my mac to connect Azure Database for MySql. But all of sudden it started throwing an error saying:
ERROR 2003 (HY000): Can't connect to MySQL server on 'XXXXXXXX.mysql.database.azure.com' (61)
I can see the the database instances is running alright, as I'm able to use the database from an application that is running in Azure.
Has anyone else experienced this?
This problem occurred because the particular network i was connected to not allowing any such connections. Later when i tried from my usual network ( home / office )it got connected. I haven't made any changes in my Azure Db for MySql nor in my local machine, this proves that problem was with that particular network.
It sounds like firewall rules were not setup for that specific network. Can you confirm by looking at this doc?
https://learn.microsoft.com/en-us/azure/mysql/concepts-firewall-rules
Basically, you can click "Add my IP" which would add your current network's Client IP. However, if the network you are on SNAT's out with multiple IP's, you would need to add the entire range from your networking team.
Thanks.
James
Related
I can't connect to my Azure SQL Database that I have hosted on MS Azure.I have tried with Visual Studio and MSSM with no luck.
I can't seem to work out how I could possibly be going wrong. I allowed access to the server on all IPs.
I am using the correct login info.
I dont seem to be even able to ping the server, despite it showing no issues in the Azure interface.
The server is located at: kkbpeyaf0t.database.windows.net
I tried to connect to the URL you provided using SSMS and it gave me a login failed (which I expected), so that tells me that the database is running and that you did indeed open up the IP ranges to allow anything (which isn't a best practice, but I'm assuming you did this as part of your troubleshooting). IF the Azure SQL DB firewall was still in the way it would block immediately indicating so.
I would think that if you have the correct username and password combination it should connect. Make sure that your outbound port 1433 isn't being blocked by your own firewall (machine, work, ISP, etc.).
Azure SQL Database won't respond to pings.
Docs can be found on MSDN.
I have been trying to run debugging within SQl server management studio and for some reason the debugger has just stopped working.
This is the message I get:
Unable to start the Transact-SQL debugger, could not connect to the
database engine instance 'server-sql'. Make sure you have enabled the
debugging firewall exceptions and are using a login that is a member
of the sysadmin fixed server role. The RPC server is unavailable.
Before this I get two messages, one requesting firewall permissions and the next says 'usage' with some text that makes little sense.
I have looked at the other similar answers on there for the same message which suggest adding the login as a sysadmin but that is already set. I also tried adding sysadmin to another account but that also didn't work.
In the end I was able to start it by right clicking and selecting run as administrator.
I encountered this issue while connected to SQL using a SQL Server Authenticated user. Once I tried using a Windows Authenticated user I was able to debug without issue. That user must also be assigned the sysadmin role.
This happened to me and I could not find the resolution anywhere. My firewall is disabled so I knew that couldn't be the issue.
According to Microsoft: Configure firewall rules before running the TSQL Debugger:
The server needs to communicate back to the client via RPC. The
account under which SQL Server service is running should have
authenticate permissions to the client.
We had a group policy that was preventing this:
Deny access to this computer from the network (Local account, Guests)
In order to resolve the issue, I had to add the SQL Server service account to the local group "Remote Desktop Users" on my desktop. Hope this helps someone else resolve this frustrating issue.
I try with the following steps, but it did not work (maybe because I'm on a PC in a office and I don't have control of the firewall). But you can try the following.
Check the users role:
IF IS_SRVROLEMEMBER ('sysadmin') = 1
print 'Current user''s login is a member of the sysadmin role'
Follow these instructions:
configure the transact-SQL Debugger
Run SQL Server Management Standard Edition 64 bits (with SQL Server Account)
In my case, I received this error message:
Unable to start the Transact-SQL debugger, could not connect to the computer "local".
I end up close the existing connection, then reconnect to my local SQL server using IP 127.0.0.1 and it works.
What helped me, was from here:
SQL Server Management Studio must be running under a Windows account that is a member of the sysadmin fixed server roll.
The Database Engine Query Editor window must be connected by using
either a Windows Authentication or SQL Server Authentication login
that is a member of the sysadmin fixed server role.
So, I've added sysadmin role to my windows account and run ssms as administrator. Debugger started working normally.
In addition to above works, what make our 2 computers remote debug able, was running: (right click on Window's Start button)
System--> Advanced System Properties-->Computer Name-->Click on Network ID... button
and running that wizard to join workgroup on both computers.
I found this solution by looking at my Windows' Event Viewer and looking for a solution to errors with NetBT Source, that is related to workgroup and computer Name.
Update: after some days, it stop working again.
I had the same problem and double checked al recommended settings. At some point I disabled the firewall on the database server and it worked like a charm. By enabling and checking the Firewall log I noticed this entry:
2019-10-31 16:07:50 DROP TCP 192.168.xxx.xxx 192.168.xxx.xxx 65231 61214 52 S 56576751 0 8192 - - - RECEIVE
When I allowed TCP port 61214 (Inbound rule) and switched the firewall back on, it worked. I don't know why this port is needed, maybe some here on SO?
Anyway, maybe the firewall log can be of help too.
Struggled through many hours and got the answer
You can do the configuration through this doc
https://learn.microsoft.com/en-us/sql/ssms/scripting/configure-firewall-rules-before-running-the-tsql-debugger?view=sql-server-ver15
(1) 2 settings need to done on the remote server where Sql server is installed
(2) 1 setting at client computer (i.e) our computer
A client of mine gave me a server name which is fully qualified [servername].somedomain.net
to try to connect to their SQL Server instance over VPN.
So I tried, using the username and password they gave me. No luck. I can ping it but cannot connect, I get the error that the username and password is incorrect.
So I log onto the actual server, verify that my login is in security and has rights and it appears there. Workgroup\mylogin and it appears that workgroup\ actually is the same as somedomain.net\mylogin. Because when I try to add somedomain.net\mylogin, it resorts to saying that it's already added which is workgroup\mylogin.
Not sure what else to check here. I gave myself sysadmin role in SQL Server. I can ping the server's IP.
I looked at how they are authenticating me and they have my user in SQL Server set up to use Windows Auth. Well, the error I get is that it cannot trust cross domain when trying to use windows auth when I try to connect locally here in my management studio. I'm connected tot their VPN so what could be the problem?
They're not available right now to try to troubleshoot it and I'm just curious what else I might try to try and resolve this on my own if I can.
Basically, when you failed to connect to your SQL Server, the issue could be:
Network issue,
SQL Server configuration issue.
Firewall issue
Client driver issue
Application configuration issue.
Authentication and logon issue.
Step 1: Network issue
You might be able to make local connection without a working network, but that's a special case. For remote connection, a stable network is required. The first thing to trouble shoot SQL connectivity issues is to make sure the network we rely on is workable and stable. Please run the following commands:
ping -a (use -4 and -6 for IPv4 and IPv6 specifically)
ping -a
nslookup (type your local and remote machine name and IP address multiple times)
Be careful to see any mismatch on the returned results. If you are not able to ping your target machine, it has high chance that either the network is broken or the target machine is not running. It's possible the target machine is behind a firewall and the firewall blocks the packets sent by ping, though. Windows firewall does not block ping (ECHO) packet by default. The correctness of DNS configuration on the network is vital to SQL connection. Wrong DNS entry could cause of all sorts of connectivity issue later. See this link for example, "Cannot Generate SSPI Context" error message, Poisoned DNS.
Step 2: SQL Server configuration issue
You need to make sure the target SQL Server is running and is listening on appropriate protocols. You can use SQL Server Configuration Manager (SCM) to enable protocols on the server machine. SQL Server supports Shared Memory, Named Pipes, and TCP protocols (and VIA which needs special hardware and is rarely used). For remote connection, NP and/or TCP protocols must be enabled. Once you enabled protocols in SCM, please make sure restart the SQL Server.
You can open errorlog file to see if the server is successfully listening on any of the protocol. The location of errorlog file is usually under:
%ProgramFile%Microsoft SQL Server/MSSQLxx.xxx/MSSQL/Log
If the target SQL instance is a named instance, you also need to make sure SQL Browser is running on the target machine. If you are not able to access the remote SQL Server, please ask your admin to make sure all these happen.
Step 3: Firewall issue
A firewall on the SQL Server machine (or anywhere between client and server) could block SQL connection request. An easy way to isolate if this is a firewall issue is to turn off firewall for a short time if you can. Long term solution is to put exception for SQL Server and SQL Browser.
For NP protocol, please make sure file sharing is in firewall exception list. Both file sharing and NP use SMB protocol underneath.
For TCP protocol, you need put the TCP port on which the SQL Server listens on into exception.
For SQL Browser, please put UDP port 1434 into exception.
Meanwhile, you can put sqlservr.exe and sqlbrowser.exe into exception as well, but this is not recommended. IPSec between machines that we are not trusted could also block some packets. Note that firewall should never be an issue for local connections.
Step 4: Client driver issue
At this stage, you can test your connection using some tools. The tests need to be done on client machine for sure.
First try:
telnet
You should be able to telnet to the SQL server TCP port if TCP is enabled. Otherwise, go back to check steps 1-3. Then, use OSQL, SQLCMD, and SQL Management Studio to test sql connections. If you don't have those tools, please download SQL Express from Microsoft and you can get those tools for free.
OSQL (the one shipped with SQL Server 2000) uses MDAC.
OSQL (the one shipped with SQL Server 2005 & 2008) uses SNAC ODBC.
SQLCMD (shipped with SQL Server 2005 & 2008) uses SNAC OLEDB.
SQL Management Studio (shipped with SQL Server 2005 & 2008) uses SQLClient.
Possilbe command use be:
osql -E -SYour_target_machine\Your_instance for Windows Auth
osql -Uyour_user -SYour_target_machine\Your_instance for SQL Auth
SQLCMD also applies here. In addition, you can use “-Stcp:Your_target_machine, Tcp_port” for TCP, “-Snp:Your_target_machine\Your_instance” for NP, and “-Slpc:Your_target_machine\Your_instance” for Shared Memory. You would know if it fails for all protocols or just some specific procotols.
At this stage, you should not see general error message such as error 26 and error 40 anymore. If you are using NP and you still see error 40 (Named Pipes Provider: Could not open a connection to SQL Server), please try the following steps:
a) Open a file share on your server machine.
b) Run “net view \your_target_machine” and “net use \your_target_machine\your_share” (You can try Map Network Drive from Windows Explorer as well)
If you get failure in b), it's very likely you have OS/Network configuration issue, which is not SQL Server specific. Please search on internet to resolve this issue first.
You can try connection using both Windows Authentication and SQL Authentication. If the tests with all tools failed, there is a good chance that steps 1-3 were not set correctly, unless the failure is logon-related then you can look at step 6.
If you succeeds with some of the tools, but fails with other tools, it's probably a driver issue. You can post a question on our forum and give us the details.
You can also use “\windows\system32\odbcad32.exe” (which ships with Windows) to test connection by adding new DSN for various drivers, but that's for ODBC only.
Step 5: Application issue
If you succeed with steps 1-4 but still see failure in your application, it's likely a configuration issue in your application. Think about couple of possible issues here.
a) Is your application running under the same account with the account you did tests in step 4? If not, you might want to try testing in step 4 under that account or change to a workable service account for your application if possible.
b) Which SQL driver does your app use?
c) What's your connection string? Is the connection string compatible to your driver? Please check http://www.connectionstrings.com/ for reference.
Step 6: Authentication and logon issue
This is probably the most difficult part for sql connectivity issues. It's often related to the configuration on your network, your OS and your SQL Server database. There is no simple solution for this, and we have to solve it case by case. There are already several blogs in sql_protocols talking about some special cases and you can check them see if any of them applies to your case. Apart from that, things to keep in mind:
a) If you use SQL auth, mixed authentication must be enabled. Check this page for reference http://msdn.microsoft.com/en-us/library/ms188670.aspx
b) Make sure your login account has access permission on the database you used during login ("Initial Catalog" in OLEDB).
c) Check the eventlog on your system see if there is more information
Reference: http://blogs.msdn.com/b/sql_protocols/archive/2008/04/30/steps-to-troubleshoot-connectivity-issues.aspx
Sorry for this wall of text, i hope that something from here can help you solve your issue!
Regards.
If you want to access that server you are going to need a domain account from that domain or use SQL authentication. I would recommend just using SQL authentication - it's a lot more straight forward - if they allow it.
I had the same problem, other machines could connect to sql server but one computer was not connecting and displaying the error "a network related or instance specific error...", the problem was solved when I changed the network protocol in the login window of SSMS, in advanced options from TCP/IP to Named Pipes. Please see the below screenshots.
Please note that you should be on the same domain, and your credentials should be valid on the server.
I've got a small Windows network with 3 machines. One of them has SQL 2005 installed. As of last week, the other two machines have had no problems connecting to the SQL instance.
Today, one machine - running Vista, if that matters - all of a sudden cannot connect. I get the generic message saying "A network-related or instance-specific error occurred while establishing a connection to SQL Server. The server was not found or was not accessible. Verify that the instance name is correct and that SQL Server is configured to allow remote connections."
I'm pretty sure everything is set up correctly on the SQL 2005 box, because the third computer on the network still connects with no problem.
Vista computer has no firewalls set up, nothing has changed with the exception that I created a connection to a VPN a few days ago. When connected to the VPN, local network connectivity is hosed, but I've double checked many times that I am NOT connected to the VPN when trying to access SQL Server. I mention this only because it's the only thing I can think of that's changed.
I've rebooted all computers many times. No change.
I'm connecting via SQL Integrated Security. The login works fine from the third machine.
One other weird thing on the Vista box. Occasionally - maybe 5% of the time - it'll connect, but then when trying to access a table (like, just right clicking and choosing "open") it pauses then gives an "unspecified error."
Any ideas? I'm totally perplexed. This has been working for about 18 months without any errors, and I can't think of anything that's changed other than the VPN connection mentioned above. And just to reiterate - I am definitely NOT connected to the VPN when I'm getting this error.
Check the protocols used to connect ot SQL Server; I'm wondering whether it's trying to communicate over Named Pipes rather than TCP/IP (speaking from recent experience -- I had an issue with Named Pipes that went away when I disabled Named Pipes and enabled TCP/IP).
You can check this on the server with the SQL Server Configuration Tool, and see which protocols are enabled (under the Network Configuration branch in the navigation tree) for the SQL Server instance.
First off, we know that there is no client server communication here. So, based on the error, it isn't permissions or authentication (you have to connect before you can be denied access).
Try the following:
1) Ping - can you get to the server? Run this command in command prompt:
ping servername
If this works, then at least the name is resolving and the client can communicate.
If this fails, try the same thing with the server's IP.
2) Telnet - Assuming you don't have a non-standard port (explicitly changed or named instance of SQL Server), run this in command prompt:
telnet servername 1433
If this opens an empty screen, then the client can get to the port.
If this fails, try the same command with the IP. If that still fails, you don't have a path to the SQL Server from that machine. You will either need to verify an external firewall or other network connectivity issues.
I guess someone tries to logon to our sql server and error log is getting bigger. I am running out of space on hdd. What should be the solution?
Cleaning up error log regularly? Howto?
Disabling access to SQL server? For attacker IPs? For local use only? Howto?
Any other?
Regards,
Burak
we had a similar problem here, constant attempts to guess the systems password filled up the log to epic proportions.
you could disable external access via the windows firewall (if you're using windows SBS 2003) its fairly trivial but the end solution we opted for (because we still required external access ourselfs to the database server) was to change the default access port to SQL server; it seemed to stop alot of problems.
although if possible, I would also considering changing the architecture of your network slightly (sometimes this isn't possible if you have purchased some virtual machine from a service provider); moving your database server and disconnecting it from your hub/switch and plugging it into the back of your web server (if this is the ultimate use for your databases) so the web server acts as a type of proxy, prevent all external internet access.
Are you sure logins are the cause of the error-log growth? If so, you could disable remote logins:
Goto START --> Microsoft SQL server 2005 --> Configuration Tools --> SQL server surface area configuration
Select Surface area con figuration for services..
Select Databas engine --> Remote connections and choose 'local only'
Note, this will disable all remote connections to the database, so only change this if your application connects locally!
For emergency you execute sp_cycle_errorlog to start a new one, so you can delete the old one w/o restarting the server.
But the million dollar question is, of course, what is filling up the errorlog? What message shows up again and again? If you tell us that, perhaps we can help you fix the problem and eliminate the errorlog growth.