在默认实例上，SQL Server 默认侦听 TCP/1433.这是可以改变的.在命名实例上，除非配置不同，否则 SQL Server 将侦听动态 TCP 端口.这意味着如果 SQL Server 发现该端口正在使用中，它将选择另一个 TCP 端口.在命名实例的情况下，客户端通常如何通过与 SQL Server 侦听器服务/SQL 浏览器交谈来找到正确的端口.监听 UDP/1434 并且无法更改.如果你有一个命名实例，你可以配置一个静态端口，如果你需要使用 Kerberos 身份验证/委托，你应该.

On a default instance, SQL Server listens on TCP/1433 by default. This can be changed. On a named instance, unless configured differently, SQL Server listens on a dynamic TCP port. What that means is should SQL Server discover that the port is in use, it will pick another TCP port. How clients usually find the right port in the case of a named instance is by talking to the SQL Server Listener Service/SQL Browser. That listens on UDP/1434 and cannot be changed. If you have a named instance, you can configure a static port and if you have a need to use Kerberos authentication/delegation, you should.

您需要确定的是您的 SQL Server 正在侦听的端口.然后，您需要与您的网络/安全人员联系，以确定他们是否允许通过 VPN 与该端口进行通信.如果它们是，如所示，请检查您的防火墙设置.有些系统有多个防火墙(我的笔记本电脑就是一个例子).如果是这样，您需要检查系统上的所有防火墙.

What you'll need to determine is what port your SQL Server is listening on. Then you'll need to get with your networking/security folks to determine if they allow communication to that port via VPN. If they are, as indicated, check your firewall settings. Some systems have multiple firewalls (my laptop is an example). If so, you'll need to check all the firewalls on your system.

如果所有这些都正确，请验证服务器没有限制通过 IP 地址访问 SQL Server 端口的 IPSEC 策略.这也可能导致您被屏蔽.

If all of those are correct, verify the server doesn't have an IPSEC policy that restricts access to the SQL Server port via IP address. That also could result in you being blocked.