When using IPsec on Windows Server 2008 R2 to limit access to port 1433 (i.e. SQL Server 2008 R2) to specific IP addresses. Having blocked access from any address to the server's IP Address on port 1433 via a filter, and then only allowed specific IP addresses access via a filter, it appears to not then be possible to allow access to port 1433 from the server itself via a DNS alias. If the server is accessed via its name rather than the alias this appears to work (probably using shared memory protocol).
I have tried adding a filter to allow access from the server's ip address to itself but this does not work.
Any ideas how access via DNS alias on the server itself to itself can be made to work please? It does not appear that this can use shared memory access.
Name pipes and via protocols are disabled to port 1433, but shared memory and tcp/ip are enabled in SQL Server configuration manager.
I need to be able to use DNS Alias so that an application that does not support specification of a mirror in a connection string can be directed to the correct SQL server which currently has the principle and port 1433 is protected via IPSec.
Regards Ivan Piacun MNZCS Senior Developer and Database Administrator AgResearch Limited