This guide describes it in full detail everything you need to configure in Windows firewall for SQL Server and Message Service. It really should be made into a tutorial as it’s the best guide for this on the forum IMHO.
I use this PowerShell script (further down on the same topic) to configure the firewall on all setups, it saves a bit of time.
I have modified it a little to use the common port 9000 for message service that everyone uses now, and also I set the network profile to “ANY” - this is not the best from a security perspective, but it saves a lot of hassle on support when something changes (i.e. they connect to new wifi network, they change router or their router does a firmware update without their knowledge), it means the firewall settings will work in both the Private and Public network configurations under Windows. Feel free to change it back if you want a more secure setup.
Here is my amended script, same setup instructions as described in the link above:
function getRule {
param(
[string] $name
)
$fw = Get-NetFirewallRule -DisplayName "$name" -ErrorAction:SilentlyContinue
if ($fw) {
return [bool]$true
} else {
return [bool]$false
}
}
function setRule {
param(
[string] $name,
[string] $port,
[string] $protocol,
[string] $profile
)
Set-NetFirewallRule -DisplayName "$name" -Action "Allow" -Direction "Inbound" -Enabled "True" -LocalPort "$port" -Profile "$profile" -Protocol "$protocol" -Verbose
}
function addRule {
param(
[string] $group,
[string] $name,
[string] $port,
[string] $protocol,
[string] $profile
)
$fw = getRule("$name")
if ($fw) {
Write-Host -ForegroundColor:Black -BackgroundColor:Magenta "`r`n*** Rule already exists, Modifying Rule: '$name' ..."
setRule -name:"$name" -port:"$port" -profile:"$profile" -protocol:"$protocol" -Action "Allow" -Direction "Inbound" -Enabled "True"
} else {
Write-Host -ForegroundColor:Black -BackgroundColor:Green "`r`n****** Adding Rule: '$name' ..."
New-NetFirewallRule -Group "$group" -DisplayName "$name" -Action "Allow" -Direction "Inbound" -Enabled "True" -LocalPort "$port" -Profile "$profile" -Protocol "$protocol"
}
}
addRule -profile:"Any" -protocol:"TCP" -port:1433 -group:"Custom Rule - SambaPOS Multi-terminal" -name:"SambaPOS SQL Traffic"
addRule -profile:"Any" -protocol:"UDP" -port:1434 -group:"Custom Rule - SambaPOS Multi-terminal" -name:"SambaPOS SQL Browser Traffic"
addRule -profile:"Any" -protocol:"TCP" -port:9000 -group:"Custom Rule - SambaPOS Multi-terminal" -name:"SambaPOS Messaging Server"