Configure an Azure SQL Database server-level firewall rule using the Azure Portal
Azure SQL server uses firewall rules to allow connections to your servers and databases. You can define server-level and database-level firewall settings for the master or a user database in your Azure SQL server logical server to selectively allow access to the database. This topic discusses server-level firewall rules.
To allow applications from Azure to connect to your Azure SQL server, Azure connections must be enabled. To understand how the firewall rules work, see How to configure an Azure SQL server firewall - overview. If you are making connections inside the Azure cloud boundary, you may have to open some additional TCP ports. For more information, see the V12 of SQL Database: Outside vs inside section of Ports beyond 1433 for ADO.NET 4.5 and SQL Database V12
Recommendation: Use server-level firewall rules for administrators and when you have many databases that have the same access requirements, and you don't want to spend time configuring each database individually. Microsoft recommends using database-level firewall rules whenever possible, to enhance security and to make your database more portable.
Use the following steps in the Azure portal to create a server-level firewall rule that allows connections from an individual IP address (your client computer) or an entire IP address range to a SQL Database logical server.
- If you're not currently connected, connect to the Azure portal.
On the default blade, click SQL servers.
On the SQL servers blade, click the server on which to create the firewall rule.
Review the properties of your server.
On the Settings blade, click Firewall.
Click Add client IP to have Azure create a rule for your client IP address.
Optionally, to allow access to a range of IP addresses, click the IP address that was added to edit the firewall address.
Click Save to create the server-level firewall rule.
Repeat the steps to manage the server-level firewall rules.
- To add the current computer, click Add client IP.
- To add additional IP addresses, type in the Rule Name, Start IP Address, and End IP Address.
- To modify an existing rule, click any of the fields in the rule and modify.
- To delete an existing rule, hover over the rule until the X appears at the end of the row. Click X to remove the rule.
Click Save to save the changes.
For a how to article on how to use Transact-SQL to create server-level and database-level firewall rules, see Configure Azure SQL Database server-level and database-level firewall rules using T-SQL.
For how to articles on creating server-level firewall rules using other methods, see:
- Configure Azure SQL Database server-level firewall rules using PowerShell
- Configure Azure SQL Database server-level firewall rules using the REST API
For a tutorial on creating a database, see Create a SQL database in minutes using the Azure portal. For help in connecting to an Azure SQL database from open source or third-party applications, see Client quick-start code samples to SQL Database. To understand how to navigate to databases, see Manage database access and login security.