SQL Server is a complex application that can be difficult to allow access to through a firewall. The subsystems and features that Microsoft has added—and continues to add—to SQL Server have significantly increased the network connections that the platform uses. Sometime it’s difficult to figure out which firewall ports to open for each SQL Server feature. To help you, here’s a rundown of commonly used SQL Server network ports as reported by this article by Michael Otey:
- TCP 1433 – TCP port 1433 is the default port for SQL Server. This port is also the official Internet Assigned Number Authority (IANA) socket number for SQL Server. Client systems use TCP 1433 to connect to the database engine; SQL Server Management Studio (SSMS) uses the port to manage SQL Server instances across the network. You can reconfigure SQL Server to listen on a different port, but 1433 is by far the most common implementation.
- TCP 1434 – TCP port 1434 is the default port for the Dedicated Admin Connection. You can start the Dedicated Admin Connection through sqlcmd or by typing ADMIN: followed by the server name in the SSMS Connect to Database Engine dialog box.
- UDP 1434 – UDP port 1434 is used for SQL Server named instances. The SQL Server Browser service listens on this port for incoming connections to a named instance. The service then responds to the client with the TCP port number for the requested named instance.
- TCP 2383 – TCP port 2383 is the default port for SQL Server Analysis Services.
- TCP 2382 – TCP port 2382 is used for connection requests to a named instance of Analysis Services. Much like the SQL Server Browser service does for the relational database engine on UDP 1434, the SQL Server Browser listens on TCP 2382 for requests for Analysis Services named instances. Analysis Services then redirects the request to the appropriate port for the named instance.
- TCP 135 – TCP port 135 has several uses. The Transact-SQL debugger uses the port. TCP 135 is also used to start, stop, and control SQL Server Integration Services, although it is required only if you connect to a remote instance of the service from SSMS.
- TCP 80 and 443 – TCP ports 80 and 443 are most typically used for report server access. However, they also support URL requests to SQL Server and Analysis Services. TCP 80 is the standard port for HTTP connections that use a URL. TCP 443 is used for HTTPS connections that use secure sockets layer (SSL).
- For Power Pivot for SharePoint, do not open ports in Windows Firewall. As an add-in to SharePoint, the service uses ports configured for SharePoint and makes only local connections to the Analysis Services instance that loads and queries Power Pivot data models.
- For Analysis Services instances running on Azure Virtual Machines, use alternate instructions for configuring server access.
This summary should cover your port needs, but you can find more detailed information about the TCP and UDP ports that SQL Server uses in the Microsoft article “Configure the Windows Firewall to Allow SQL Server Access.”