Server Configuration

What Firewall Port does the DAC require

Now that you know how to enable the DAC and how to use it, you might want to know what firewall port the DAC listens on and how to set it. With your SQL Server instances, you can easily set which firewall port you want it to listen on in SQL Server Configuration Manager. Unfortunately Microsoft haven’t made it so easy for setting the firewall port for the DAC.

The DAC port is assigned as TCP port 1434 if it’s available, otherwise another TCP port is dynamically assigned. If you want a different TCP port, then you will have to set it in the registry instead. No nice fancy UI for this task. Some examples of when you might want a different port are if your company’s policy is to set non-default SQL Server ports, or maybe you have multiple instances running on the same server (they can’t both use 1434).

If you just want to find out which port it’s listening on, go check out the SQL Server error log, it conveniently lists it for us when the instance starts up. It’ll be a message like:

Dedicated admin connection support was established for listening remotely on port 1434.

In this case it says it’s listening on port 1434. That was easy. Then to test that out we can connect directly to the port in a SSMS query window like so:

Here is how to set the DAC TCP port…

  1. Open the registry using the shortcut in the start menu regedit.exe.
  2. Browse to the registry key below, replacing <SQLBuildVersion> with the major build number, e.g. SQL Server 2019 is 15, and replacing <InstanceName> with the name of the instance. If the instance is using the default name, this will be MSSQLSERVER.
    HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL<SQLBuildVersion>.<InstanceName>\MSSQLServer\SuperSocketNetLib\AdminConnection\Tcp
    e.g. HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Microsoft SQL Server\MSSQL15.SQL2019\MSSQLServer\SuperSocketNetLib\AdminConnection\Tcp
  3. Here you will see again what the port is set to. If you’re in the right place, it’ll be the same port as what you saw in the SQL error log.
  4. Set the value to whatever port you like. I am going to change the port on my instance to 10000
  5. Restart the SQL Server instance
  6. Go check in the SQL Server error log again to confirm it’s listening on the newly set port
  7. Go check that you can connect to it in an SSMS query window (not Object Explorer)

New Firewall Rule

There is a good chance that you aren’t able to connect to the DAC remotely because the firewall is blocking the connection. You’ll have to create the new firewall rule to allow the TCP port that you just set the DAC to listen on. Or if you aren’t allowed in your company, ask your friendly networking team to do it for you 🙂

1 thought on “What Firewall Port does the DAC require”

Leave a Reply

Fill in your details below or click an icon to log in: Logo

You are commenting using your account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s