You’re offline. This is a read only version of the page.
313
I have an instance of SQL Server installed on an Azure VM which is accessed by multiple Power Apps, Automate and BI applications using the On-Premises Data Gateway, which is installed on the same VM.
The SQL Server instance is exposed to the internet on Port 1433, which I know is a security risk. (It was originally set up this way using an 'AllowAnyMS_SQLInbound' Network Security Group rule by a long-departed consultant.) But if I deny this exposure by deleting the rule, I lose access for my Power applications.
Is there a way to configure the gateway so that it communicates securely with SQL Server without having to open the port to the wider internet?
I've looked at the Network settings in the gateway itself but find these very confusing - they seem to be about how the gateway connects with the rest of the world, rather than with the server it is protecting.
I'm a real novice on networking. All my attempts to resolve this by normal searches just end in a minefield of acronyms I just don't understand. But I know my security is compromised and I need help to sort it.
If you are connecting via On-Premise Gateway to your Azure Tenant chances are you need to open a Firewall to allow access to the AZ resources for example On-premise BI Power Platform <=> AZ SQL DB.
Generally connections from a secured corporate domain require special network requests to justify your requirements. Typically the networkers are confused - help clarify the requirements with links like this (sounds like the old consultant found a work around and enabled it because of typical network access is blocked by default).
Share
Report
All responses (
Answers (
