Windows Firewall with Advanced Security uses Inbound Rules and Outbound Rules to help secure incoming and outgoing network traffic. Because Windows Firewall blocks all incoming unsolicited network traffic by default, you do not have to explicitly block the default SQL Server listening ports. For more information, see Windows Firewall with Advanced Security and Configuring the Windows Firewall to Allow SQL Server Access.

SQL Server provides the ability to reassign the ports that are used by the default instance and any named instances. In SQL Server 2008 R2, and SQL Server 2012, you reassign the TCP port by using SQL Server Configuration Manager. When you change the default ports, you make the environment more secure against hackers who know default assignments and use them to exploit your SharePoint environment.

To configure a SQL Server instance to listen on a non-default port

1. Verify that the user account that is performing this procedure is a member of either the sysadmin or the serveradmin fixed server role.

2. On the computer that is running SQL Server, open SQL Server Configuration Manager.

3. In the navigation pane, expand SQL Server Network Configuration.

4. Click the corresponding entry for the instance that you are configuring.

The default instance is listed as Protocols for MSSQLSERVER. Named instances will appear as Protocols for named_instance.

1. In the main window in the Protocol Name column, right-click TCP/IP, and then click Properties.

For every IP address that is assigned to the computer that is running SQL Server, there is a corresponding entry on this tab. By default, SQL Server listens on all IP addresses that are assigned to the computer.

1. To globally change the port that the default instance is listening on, follow these steps:

 For each IP address except IPAll, clear all values for both TCP dynamic ports and TCP Port.

 For IPAll, clear the value for TCP dynamic ports. In the TCP Port field, enter the port that you want the instance of SQL Server to listen on. For example, enter 40000.

1. To globally change the port that a named instance is listening on, follow these steps:

 For each IP address including IPAll, clear all values for TCP dynamic ports. A value of 0 for this field indicates that SQL Server uses a dynamic TCP port for the IP address. A blank entry for this value means that SQL Server will not use a dynamic TCP port for the IP address.

 For each IP address except IPAll, clear all values for TCP Port.

 For IPAll, clear the value for TCP dynamic ports. In the TCP Port field, enter the port that you want the instance of SQL Server to listen on. For example, enter 40000.

1. Click OK.

A message indicates that that the change will not take effect until the SQL Server service is restarted. Click OK.

1. Close SQL Server Configuration Manager.

You can confirm this by looking in the Event Viewer log after you restart the SQL Server service. Look for an information event similar to the following event:

Event Type:Information

Event Source:MSSQL$MSSQLSERVER

Event Category:(2)

Event ID:26022

Date:3/6/2008

Time:1:46:11 PM

User:N/A

Computer:computer_name

Description:

Server is listening on [ ‘any’ <ipv4>50000]

1. Verification: Optionally, include steps that users should perform to verify that the operation was successful.