SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Massimo
Comes here often

SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Hello,

i have this configuration on Meraki MX84:

-DATA SUBNET 10.134.160.0/22   (VLAN1)  Sql server is located in this subnet

-WIFI SUBNET 10.134.167.0/24 (VLAN80)  Client wifi

 

The clients are located on VLAN80 and everythink working fine (file sharing,printers, sql connection using native driver)

The OLEDB connection in this VLAN doesn't works; it seems SQL close the connection or the packet don't find the way to return to the client; Note that MSSMS from VLAN80 to SQL server works , just OLEDB connections and Crystal report (that use OLEDC or ODBC connections) doesn't works.

 

I hope someone can address me to the correct way

8 REPLIES 8
BrandonS
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

I'm not familiar with the specific database services you are referring to, but is OLEDB a different server/VM/IP address than MSSMS?  I ask because if they were two different servers and one did not have the default gateway back to the VLAN IP on the MX it could explain what you describe.  

 

If that is not the case then do you want to share what your firewall rules look like between these VLANs?  And are they being routed by the MX or somewhere else?

 

 

Inderdeep
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

@Massimo : I am more specifically looking for the firewall rules, Check the use cases here 

https://documentation.meraki.com/General_Administration/Cross-Platform_Content/Using_Layer_3_Firewal...

 

Regards
Inderdeep Singh
www.thenetworkdna.com ( Awarded by Cisco IT Blogs award 2020)
CptnCrnch
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Another possibility:

Is your DB connection up and running and being torn down after a while? Even more so after having been idle? If so, this would be typical firewall behaviour: long running idle TCP sessions are typically held for an hour. At least, thanks is something I‘ve seen a lot regarding databases connections.

 

Fix for that: implement TCP keepalives on your DB server.

PhilipDAth
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Can you ping the SQL server from the client?

 

Are you running Windows Firewall on the SQL server (or any other software firewall) and it is configured to allow traffic from remote subnets?

 

If you turn off AMP and IPS in the Meraki dashboard for a test, does it start working?

Massimo
Comes here often

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Ping works from both side : Client to SQL and SQL to Client

On SQL Server the firewall is disabled.

If i update an OLAP cube (MSSAS) it works fine.

The issue happens  only with OLEDB provider:

- if i try to make a new connection it cant discover the sql server but if a fill the server name i can create the connection

-if i execute a simple query like select * from tablename it works

-if i execute a long query i receive [ODBC SQL Server Driver][TCP/IP Socket]ConnectionRead(recv()) error

 

if i use the same client connect on SQL subnet all working fine

Very strange and complex to fix

 

Thanks for you support 

CptnCrnch
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Have you configured IPS on your MX? Could you please show us Security & SD-WAN > Configure > Threat protection > Intrusion detection and prevention

Massimo
Comes here often

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

Yes, it is enabled with the below config

ips.JPG

CptnCrnch
Kind of a big deal

Re: SQL OLEDB DOESN'T WORKS ACCROSS DIFFERENT SUBNET

OK, I guess that something is blocking these. Are you getting error messages in the Security Center?

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.