MSSQL blocked

HS08 · ‎08-19-2024

Hello,

Some our user can't connect to the Azure SQL Server with error

I try to disable my App Control and the user is able to access to Azure SQL.

Here my App Control setting

Then i try to disable 'Block applications detected on non-default ports' on the app control, enable this app control on the firewall policy and the user is able to access to Azure SQL

So anyone can help me to make more understand why the 'Block applications detected on non-default ports' should be disabled?

HS08 · ‎08-20-2024

Hello,

The issue was resolved, our azure sql server use redirect mode and with this mode we need other port to able to access the SQL.

View solution in original post

Jackie_T · ‎08-19-2024

Hi,

You may check out below KB to understand more on the feature:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Port-enforcement-check/ta-p/196078

"a port enforcement check is done at the application profile level, and any detected application signatures running on the non-standard TCP/IP port are blocked. This means that each application allowed by the app control sensor is only run on its default port."

For example, if you allow SSH application, the traffics only allowed when it run on standard port 22 for SSH. If it use another port then it will get block.

Regards,

Jackie Tai

HS08 · ‎08-20-2024

Hello,

The issue was resolved, our azure sql server use redirect mode and with this mode we need other port to able to access the SQL.

MSSQL blocked

Nominate a Forum Post for Knowledge Article Creation