Tunneled Microsoft SQL Connections
This document explains how to connect to a Microsoft SQL database through an encrypted TCP tunnel. We use the sqlcmd
command line utility, but the same tunnel can be used by GUI tools.
tip
This example assumes you've already created a TCP route for this service.
Basic Connection
Create a TCP tunnel, using either
pomerium-cli
or the Pomerium Desktop client:- pomerium-cli
- Pomerium Desktop
pomerium-cli tcp mssql.corp.example.com:1433 --listen :1433
--listen
The
--listen
flag is optional. It lets you define what port the tunnel listens on locally. If not specified, the client will choose a random available port.Local Address
The Local Address field is optional. Using it defines what port the tunnel listens on locally. If not specified, Pomerium Desktop will choose a random available port.
Initiate your $SERVICE connection, pointing to
localhost
:/opt/mssql-tools/bin/sqlcmd -S localhost -U SA -P "YOURSTRONGPASSWORD"