Sql-server – Error connecting to sql server database when running IIS from DMZ

asp.net-mvcdmziissql serverwindows-server-2012

I've been working on this for a few days now.

One of our clients has a 3 tier server plan – an IIS server, an application server (where the Asp.Net MVC3 application is located) and the db server. All servers are Windows Server 2012 R2. Application Server and DB server are on their own domain, IIS server is on another domain.

The IIS server is on the DMZ, with a firewall separating this from the application server and SQL server.

I can connect to the SQL server DB instance from ODBC on the application server with my desired credentials.

IIS connects to the application via a UNC share. The application pool runs using a local account. On the Application server is another local account, with the same username and password.

The SQL Server database is connected to via a SQL Server Authentication.

When I connect to the website, I get my login screen. When I attempt to log in (when it needs to use the DB) I get the following error:

Win32Exception:

A connection attempt failed because the connected party did not
properly respond after a period of time, or established connection
failed because the connected host has failed to respond.

SqlException:

A network-related or instance-specific error occurred while
establishing a connection to SQL server. The server was not found or
was not accessible. Verify that the instance name is correct and that
SQL Server is configured to allow remote connections.

Apologies, I am working off VMWare and can't copy/pase directly off the servers.

What I think is happening, is that the IIS server is running the application locally, and because of the DMZ and different domain, is not able to see the DB server.

I need IIS to run the application such that the application can talk to the DB. How can I best accomplish this? Can I configure IIS such that it runs the application on the application server? If so, what configuration settings do I need?

If you need more information, just ask and I will provide.

I am prepared for as many downvotes as needed in order to get this done.

EDIT:

Could I configure IIS to forward requests to the internal server?

Best Answer

I dealt with this by setting up a reverse proxy from the web server to the application server using Application Request Routing and URL Rewrite. The below URL has the instructions I followed.

http://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis

Simple enough solution to something which had me stuck for too long - I don't have much experience with servers, but when you're in a startup you do what you have to.

Related Topic