locked
Azure SQL Database - Set Firewall Settings RRS feed

  • Question

  • Hello,

    We will use Azure SQL Databases as our System database which means users will connect to our Azure SQL Database from the different region with the different device with different ISP.

    Question, 
    1) What is the rule of thumb or recommendation for the "Firewall settings" for our scenario, Dynamic IP? (Asking our ISP for the IP address range assigned or get static IP for our client might not work here as some customer may access our System from overseas)
    2) What is the potential risk if we neglect the incoming IP with "Start IP: 0.0.0.0 End IP: 255.255.255.255" setting and rely only on Azure SQL Server Access control (IAM)?

    Thanks,
    Pierre
    Tuesday, January 22, 2019 2:30 PM

All replies

  • Did you read below article, are the questions you searching not mentioned in the article

    https://docs.microsoft.com/en-us/azure/sql-database/sql-database-firewall-configure


    Cheers,

    Shashank

    Please mark this reply as answer if it solved your issue or vote as helpful if it helped so that other forum members can benefit from it

    My TechNet Wiki Articles

    MVP

    Tuesday, January 22, 2019 3:13 PM
  • Shashank, I did but it is not really helping.

    Troubleshooting the database firewall

    Dynamic IP address:
    -If you have an Internet connection with dynamic IP addressing and you are having trouble getting through the firewall, you could try one of the following solutions:
    -Ask your Internet Service Provider (ISP) for the IP address range assigned to your client computers that access the Azure SQL Database server, and then add the IP address range as a firewall rule.
    Get static IP addressing instead for your client computers, and then add the IP addresses as firewall rules.

    Wednesday, January 23, 2019 4:25 AM
  • Hi pierrekok,

     

    According to your description, this problem is more related to Azure SQL Database. I suggest you open a thread in Azure SQL Database forum. They will help you better. https://social.technet.microsoft.com/Forums/azure/en-US/home?forum=ssdsgetstarted

     

     

    >>What is the potential risk if we neglect the incoming IP with "Start IP: 0.0.0.0 End IP: 255.255.255.255" setting and rely only on Azure SQL Server Access control (IAM)?

     

    Setting up a firewall rule using 0.0.0.0 as the starting IP address range and using 255.255.255.255 as the ending IP address range will open the server to all IP addresses and greatly reduce the level of defense.

     

    Best regards,

    Dedmon Dai


    MSDN Community Support
    Please remember to click "Mark as Answer" the responses that resolved your issue, and to click "Unmark as Answer" if not. This can be beneficial to other community members reading this thread. If you have any compliments or complaints to MSDN Support, feel free to contact MSDNFSF@microsoft.com

    Wednesday, January 23, 2019 5:38 AM