This section discusses how to connect the ODBC driver to SQL Azure through an HTTP tunnel. If you need to connect to SQL Azure in conditions of restricted connectivity, e.g. when a database server is hidden behind a firewall, or you need to transmit private network data through a public network, you can set up an HTTP tunnel to create a direct network link between two locations. The tunnel is created by an intermediary called a proxy server.
When SQL Azure server is hidden behind a firewall, the client is not able to connect to the server directly on a specified port. If the firewall allows HTTP connections, you can use the ODBC driver with a properly configured web server to connect to the database server. The driver supports HTTP tunneling based on the PHP script.
A possible scenario of using HTTP tunneling: the client needs to access the database of a website from a remote machine, but access to the designated port of the database server is forbidden — only connections on the HTTP port 80 are allowed. To establish a connection in this situation, you must deploy the tunnel.php
script, which is distributed with the driver, on the web server. It enables access to the database server through an HTTP tunnel. The script must be accessible through HTTP. You can verify the script accessibility using any web browser. The script file is located in the "C:\Program Files (x86)\Devart\ODBC\SQL Azure\http\tunnel.php" folder. The web server must support PHP 5 or later.
To set up an HTTP tunnel, specify the connection parameters on the HTTP and HTTPS Options
tab under Security Settings
.
Option | Description |
---|---|
|
Enables HTTP tunneling. |
|
The URL of the PHP script for HTTP tunneling. |
|
The username for the password-protected directory that contains the HTTP tunneling script. |
|
The password for the password-protected directory that contains the HTTP tunneling script. |
|
Specifies whether to verify the server certificate during an SSL handshake. When |
DRIVER=Devart ODBC Driver for SQL Azure;Data Source=TCP:myHost;Initial Catalog=myDataBase;Port=myPort;User ID=myLogin;Password=myPassword;MultipleConnections=True;Use Http=True;Url=https://host/folder/tunnel.php;Http User Name=myHttpUsername;Http Password=myHttpPassword |
The HTTP tunneling server may be not be directly accessible from the client machine. In this case, you need to additionally provide connection information for the proxy server.
Option | Description |
---|---|
Proxy Host Name |
The proxy hostname or IP address. |
Proxy Port |
The proxy port. |
Proxy User Name |
The proxy username. |
Proxy Password |
The proxy password. |
DRIVER=Devart ODBC Driver for SQL Azure;Data Source=TCP:myHost;Initial Catalog=myDataBase;Port=myPort;User ID=myLogin;Password=myPassword;MultipleConnections=True;Use Http=True;Url=https://host/folder/tunnel.php;Http User Name=myHttpUsername;Http Password=myHttpPassword;Proxy Host Name=myProxyHost;Proxy Port=myProxyPort;Proxy User Name=myProxyUsername;Proxy Password=myProxyPassword |
There is one more way to tunnel network traffic. The Secure Shell forwarding, or SSH, can be used for data forwarding. However, SSH is designed to encrypt traffic rather than traverse firewalls. The Connecting via SSH document describes how to set up an SSH connection in the ODBC Driver for SQL Azure.
Note that traffic tunneling or encryption increases the CPU and bandwidth usage. It is recommended that you use direct connection whenever possible.