SQL being blocked through VPN

Hey Guys, I just replaced all of the Sonicwall’s from my 3 locations and replaced them with UDM Pro’s. Got all the firewall rules in place (or so I thought) but remote users are unable to access our Practice CS (this is a CPA firm) SQL server remotely

Our structure is as follows

Site 1 - Main Site with the Physical SQL server, users can get into it without issue.

Site 2 - Setup with Site Magic to Site 1 and Site 3 Users cannot access the SQL Server getting the following Error “A Connection was successfully established with the server, but then an error occurred during the login process (provider: SSL Provider, error:0 - The semaphore timeout period has expired” (Attached is a picture of the error)

Site 3 - Accesses the SQL through RDPing into a terminal server as there are only two users at this location.

I don’t remember seeing anything in the old Sonicwall for this but we did not have the error with the sonicwalls.

Any leads would be very helpful. I have reached out to Thompson Reauters support and they are not help what so ever. Except to say we need to unblock from the Windows firewall TCP port 1433 and UPD port 1434 (Which I believe I have done).

417×218 5.64 KB

***EDIT****

I found what was causing it. Looks like I needed to allow the server IP in the Security Detection Allow List. Once I added the IP i’m able to log in.

Thank you to everyone who gave me input it was very helpful, this community rocks

Hello! Thanks for posting on r/Ubiquiti!

This subreddit is here to provide unofficial technical support to people who use or want to dive into the world of Ubiquiti products. If you haven’t already been descriptive in your post, please take the time to edit it and add as many useful details as you can.

Please read and understand the rules in the sidebar, as posts and comments that violate them will be removed. Please put all off topic posts in the weekly off topic thread that is stickied to the top of the subreddit.

If you see people spreading misinformation, trying to mislead others, or other inappropriate behavior, please report it!

I am a bot, and this action was performed automatically. Please contact the moderators of this subreddit if you have any questions or concerns.

I found what was causing it. Looks like I needed to allow the server IP in the Security Detection Allow List. Once I added the IP i’m able to log in.

Thank you to everyone who gave me input it was very helpful, this community rocks

If you do not get a good answer here, ask in the r/sqlserver subreddit. This is definitely a networking issue and while I’m a SQL Server guy, I’m definitely not well-versed on the networking side, but others there are.

I forgot to add, yes we can ping the server and RDP into it from Site 2 and Site 3 (plus I can RDP into it from home, and Ping it)

SSL inspection with IPS/IDS?

Oh goodness. Practice CS. The most god awful software ever made. Well, ultratax is 100% worse. I still have nightmares about ultratax.

SSL should be port 443 and might be the next thing I check

Dude thanks a lot, I’m at a loss, like I said I didn’t see anything in the sonicwalls that would lead me to believe that something was allowing the traffic through, and I’m almost 99% sure that it’s at Site 1 since I’m have VPN’ed into that network and it’s blocking me (I’m using L2TP) I haven’t tried openvpn or wire guard yet but I doubt there would be any difference.

I’m not seeing anything that’s the first place I checked

I took over IT back in November, and Practice CS doesn’t have issues (knock on wood) and this is the first time I’ve had an issue but so far everything seems to be working now that I whitelisted the servers IP

SQL is usually TCP 1433. First thing I’d check if ACLs

Hopefully they don’t run ultratax there.

Nope just practice, QuickBooks and Lacerte, and a few other misc programs