Quick Windows Server 2008 R2 – SQL Server Firewall setup

Setting up SQL Server 2012 I received the same warning I have always received when setting up a SQL instance on a new Windows server:

SQL Setup Support Rules – Firewall Warning

So I executed my handy Windows Server Firewall batch file for SQL to set up the default ports on the Firewall, which executed successfully, but I noticed the following warning during execution:

Warning – netsh firewall is deprecated

After a quick check I updated the file with the new correct script options (I have left the original script lines in, just commented them out for reference:

@echo =========  SSRS Ports  ===================
@echo Enabling SQLServer default instance port 1433
REM Deprecated: netsh firewall set portopening TCP 1433 "SQLServer" 
netsh advfirewall firewall add rule name="SQLServer" dir=in action=allow protocol=TCP localport=1433

@echo Enabling Dedicated Admin Connection port 1434
REM Deprecated: netsh firewall set portopening TCP 1434 "SQL Admin Connection" 
netsh advfirewall firewall add rule name="SQL Admin Connection" dir=in action=allow protocol=TCP localport=1434

@echo Enabling conventional SQL Server Service Broker port 4022  
REM Deprecated: netsh firewall set portopening TCP 4022 "SQL Service Broker" 
netsh advfirewall firewall add rule name="SQL Service Broker" dir=in action=allow protocol=TCP localport=4022

@echo Enabling Transact-SQL Debugger/RPC port 135 
REM Deprecated: netsh firewall set portopening TCP 135 "SQL Debugger/RPC" 
netsh advfirewall firewall add rule name="SQL Debugger/RPC" dir=in action=allow protocol=TCP localport=135

@echo =========  SSAS Ports  ==============
@echo Enabling SSAS Default Instance port 2383
REM Deprecated: netsh firewall set portopening TCP 2383 "Analysis Services" 
netsh advfirewall firewall add rule name="Analysis Services" dir=in action=allow protocol=TCP localport=2383

@echo Enabling SQL Server Browser Service port 2382
REM Deprecated: netsh firewall set portopening TCP 2382 "SQL Browser" 
netsh advfirewall firewall add rule name="SQL Browser" dir=in action=allow protocol=TCP localport=2382

@echo =========  Misc Applications  ==============
@echo Enabling HTTP port 80 
REM Deprecated: netsh firewall set portopening TCP 80 "HTTP" 
netsh advfirewall firewall add rule name="HTTP" dir=in action=allow protocol=TCP localport=80

@echo Enabling SSL port 443
REM Deprecated: netsh firewall set portopening TCP 443 "SSL" 
netsh advfirewall firewall add rule name="SSL" dir=in action=allow protocol=TCP localport=443

@echo Enabling port for SQL Server Browser Service 'Browse' Button
REM Deprecated: netsh firewall set portopening UDP 1434 "SQL Browser" 
netsh advfirewall firewall add rule name="SQL Browse" dir=in action=allow protocol=TCP localport=1434

@echo Allowing multicast broadcast response on UDP (Browser Service Enumerations OK)
REM Deprecated:netsh firewall set multicastbroadcastresponse ENABLE
netsh advfirewall set currentprofile settings unicastresponsetomulticast enable

@echo Complete, Check your results.
pause

 

You can download this as a Windows batch file here: [download id=”5″]

Hope it make your future installs easier.

Tested on:

  • Windows Server 2008 R2 Sp1 while installing SQL Server 2012
  • Windows Server 2008 R2 while installing SQL Server 2008 R2

Sources:

http://technet.microsoft.com/en-us/library/cc771046(v=ws.10).aspx

http://support.microsoft.com/kb/947709

http://support.microsoft.com/kb/949543

 

Note: This script is provided “as is” without any representations or warranties, express or implied – use of this script is at your own risk.