Advanced SQL Server Configuration

1. Network Settings in LoMag Warehouse Software

To open the network settings for the SQL database; click on the settings icon in LoMag. This will display a new window, and then move the mouse to the ''networking'' tab. You can change the port on which the program can operate in the network. For this purpose, enter its number as we use the example of port number 1433 in the following instructions.

2. Advanced Firewall Configuration for Windows

Windows 10 enabled the firewall function by default. The task of this software is to filter outgoing and incoming data to a computer via a network or the internet. There may be a situation that the program will block connections for the device with the android application. The basic configuration of the firewall for Windows and how to start it is described in this guide. In case you want to configure your firewall in more detail, please read the following instructions. There are several ways to run firewall settings in Windows 10, this instruction will show you an advanced method in which you should use the search engine for Windows, which is located in the menu bar, and then entering the phrase 'firewall' in the search option.

Open the "firewall and network protection" option from the start menu. By clicking on this application, a new window will open with the possibility of configuring the security system for Windows 10.

Find the advanced settings option and launch it.

With a standard installation of LoMag, the Windows 10 firewall usually does not create rules for the SQL database to accept external connections. To do this, set a new one by clicking the icon for the inbound rules in the Windows Defender window.

In the new rule wizard select the program option and then press the next button.

The default installation of LoMag and its SQL database allows you to enter a value in the program having a following path % ProgramFiles% (x86) \ Microsoft SQL Server \ MSSQL11.SQLEXPRESS \ MSSQL \ Binn \ sqlservr.exe. If the user installed the SQL database in another location, then he can use the browse button and find the location from the computer's hard drive. To go to the next step, click next.

In order to connect android applications to the computer, they must be allowed to connect by selecting the first option and confirming the decision with the Next button in the next window.

In the next window, select all applications for the rule (set by default) and go to the next configuration step with the next button. The last step is to enter the name and possible description. By clicking save, our filter will be added to the inbound rules for the Windows 10 firewall.

In this way, the position we configured for the program with a specific location path was added to the list of incoming rules

To go to advanced settings for a given rule, select it with the left mouse button, and then select the properties options on the right. Performing this operation will display properties for the rule.

In order to connect SQL database through specific ports we use the protocols and ports tab. By choosing the type of TCP protocol and specifying the local port to be 1433, the firewall will only allow connections to the program on the above specified port number. It will not be possible to change the LoMag software for working in a network on another port (e.g. 1600) because the Windows firewall will only allow connections for the given program for the value of 1433. For the connection on port 1600 to be supported, the Windows firewall must be properly configured first.

We also have the ability to configure which computers can connect to our SQL database. To do this, select the scope tab. The local IP address applies to computers on the same internal network (e.g. company), while the remote IP address applies to computers outside our company. Selecting any IP address option will allow you to connect to our SQL database of any computer, trying to get a connection. You can limit addresses by using these IP addresses option and clicking the add button. Then you can enter a specific IP address or its subnet - this is illustrated by the examples in the screenshots below. It is possible to enter IPv4 and IPv6 addresses. To enter the IP ranges, select the desired option and enter the appropriate values, e.g. from 192.168.1.1 to 192.168.1.185

In the same way, add a second rule for the program with the path % ProgramFiles% (x86) \ Microsoft SQL Server \ 90 \ Shared \ sqlbrowser.exe by setting only a different final rule name. Adding these two rules will allow the LoMag Android application to connect to the server while the firewall is still active for other malware.

3. Change the Port for SQL Server

By default, SQL server is installed on port 1433, this is the known port for this application, which can be checked by entering only the port number in Google. Searching for a string of these digits will show us the results for SQL Server. Unfortunately, using the default port often exposes users to attacks, which is why most professional companies change this port to a different one. To change the port number on the Windows 7 operating system, look for SQL Server Configuration Manager in the start panel. In the version of Windows 10, you can't run it from the start panel. Find the file in the C: \ Windows \ SysWOW64 \ folder and run the appropriate file with the .msc extension (names may vary depending on the software version).

  • SQL Server 2017 C: \ Windows \ SysWOW64 \ SQLServerManager14.msc
  • SQL Server 2016 C: \ Windows \ SysWOW64 \ SQLServerManager13.msc
  • SQL Server 2014 (12.x) C: \ Windows \ SysWOW64 \ SQLServerManager12.msc
  • SQL Server 2012 (11.x) C: \ Windows \ SysWOW64 \ SQLServerManager11.msc
  • After running the file, we will be presented with a configuration panel for SQL server.

    In the newly opened window, expand the menu for SQL Server Network Configuration, and select Protocols for SQLEXPRESS. For the software to work properly, you need to make sure that all protocols are enabled. Double-clicking the left mouse button on the TCP / IP protocol will open a window with its properties.

    Switching the tab to IP Addresses, slide the slider to the very bottom of the window and set the port on which SQL Server should operate. In the screenshot below, the value 1433 has been replaced with port 123456. By pressing the OK button, we will see a notification window that the service must be reset for the changes to take effect.

    In order to reset the settings, click on the SQL Server services item in the configurator window, then find the SQL Server (SQLEXPRESS) option and select it with the left mouse button. An icon responsible for resetting the application and settings will appear in the main menu of the window. Resetting your computer will also change the settings you have made for the new port.

    It is also possible to configure SQL Server on a dynamic (random) port. To do this, enter 0 for the TCP Dynamic Ports value. This will change the functioning of the SQL port each time the service is restarted.

    ATTENTION!!! Changing the operation of the SQL server port involves the need to set the appropriate port for the firewall. If you change the port from 1433 to another port, enter the appropriate value for the second point of this manual. If you choose dynamic (random) port allocation, you must allow connection for the program on all possible ports.

    Changes in the database functioning settings require the appropriate configuration of LoMag software. Open the settings window and switch to the networking tab, and then change the default port 1433 to 123456, save the changes by pressing the OK button.

    4. Checking the Connection to the Database Server

    In order to check whether our computer has a connection with the server or not where we have located the SQL database, we use the command line. In the Windows 10 operating system we will open it by using the search icon that appears on the taskbar. Then enter the phrase cmd, which will search for an application called command prompt, open this cmd window. The same command applies to Vista, Windows XP and Windows 7.

    In the console window, type ping -t IP address (your computer public address) and press enter. Adding the -t parameter to the command will cause the connection and checking function will be performed until the user interrupts it by using CTRL+C command (by default, the ping command will only send four signals to check the connection). The following example shows both commands that check two different addresses. The first is our own computer address, so the response time is less than 2 milliseconds. The second example is checking the connection to onet.pl, where the response time was from 207 to 262 milliseconds.

    However, If there is no connection to a given server then corresponding information will appear in the command line.

    5. Checking Open Ports

    To check if a given port on a remote server on the Internet or in an internal network is open, the easiest way is to use a telnet client. There are many software, websites for scanning ports on the desired IP addresses, but this requires the installation of additional software, and when using application with pages to scan ports, it is not possible to check the connection in the company's internal network.

    5.1 Telnet Configuration

    Telnet is a simple communication protocol; it works on the client-server principle. It is used to remotely connect to another computer or device and manage it from the command line. The telnet client is ultimately built-in to Windows, but you may find that the user has this software turned off. There are several ways to enable this functionality: 1. Click on the start menu and enter "features" in the search window, this will result in displaying found results from which you should select the option "Turn Windows Features on or off". Performing this operation will open a new window in which you must find the Telnet Client item, select it and then confirm the changes by pressing the OK button.

    2. The second way to enable the telnet client function in Windows is to execute the command (Win + R key) pkgmgr / iu: "TelnetClient".

    5.2 Testing the Connection

    Telnet allows you to connect to any port, just enter it after the space and the IP address (or domain) of the desired device. For example, telnet server_name 1433 (port). To open the command prompt, use Windows search by typing 'cmd' and then launch the application.

    If we get "Connecting to server01 ... Unable to connect to host on port 3389: Connection failed" message in cmd window, then this means that a connection is not possible. The port is closed and the service is disabled on the port, the firewall is blocking communications, or other reasons are preventing communication.

    However, if the flashing cursor ''_'' appears after executing the command, it means that the given port is open and communication is possible between our host and the indicated server on the given port.