Changing Azure database port

Question

Is it possible to change the port that the azure server uses? I currently only see the ability to add IP addresses that can be used to access the server. Or is it required that firewalls allow port 1433 outbound traffic?

Answer 1

Assuming you're referring to SQL Database Service and its associated firewall, no: You may only add IP addresses to the firewall, for access.

There is no ability to change the port that the service listens on. You'll need to allow for outbound traffic on port 1433, if you want to access the database remotely.

Also, just FYI - port 1433 is the standard SQL Server port.

Note: The inability to change the listening port is strictly for the SQL Database service. This restriction doesn't exist for SQL Server running in a VM, since you have total control of inbound ports and related port-mapping via network security groups.

Answer 2

A year+ later a lot has changed with Azure. There are a ton of offerings to help "bypass" internal firewalls for port 1433 and integrating with the services in Azure.

Azure is attempting to help developers with Synchronous Hybrid Connectivity to on premise datasources or visa versa. My personal opinion would be for you to use On-Premises Data Gateway. Here are a few options to help with the port 1433 constants:

WCF Relay

Service Bus offered relays almost from the beginning of Azure Built on the WCF capability. Security was originally ACS, but now SAS can be consumed by lots of different tech, eg biztalk, soap, rest, crm online and is very reusable

Hybrid Connections

Built on Web Sockets so not confined to Windows. API accessible for other scenarios.

Azure Virtual Network

Point-to-site virtual private network (VPN):

Established between a single PC connected to your network and the VNet. Uses the SSTP protocol to provide encrypted communication over the Internet between the PC and the VNet. The latency for a point-to-site VPN is less predictable, since the traffic traverses the Internet.

Site-to-site VPN:

Established between your VPN device and an Azure VPN Gateway. Connection is an IPSec/IKE VPN that provides encrypted communication over the Internet between your on-premises device and the Azure VPN gateway. The latency for a site-to-site connection is less predictable, since the traffic traverses the Internet.

Azure ExpressRoute:

Established between your network and Azure, through an ExpressRoute partner. This connection is private. Traffic does not traverse the Internet.

On-Premises Data Gateway

Acts as a bridge between Azure PaaS and on-prem resources. Works with connectors for Logic Apps, Power Apps, Flow & Power BI: