Changing the Default Communication Ports
Pervasive PSQL communicates through three ports. Your firewall(s) and routers need to allow access to the following ports for remote access with the Server database engine:
3351 for the transactional interface
1583 for the relational interface
139 for named pipes (see note)
Typically, you do not need to modify the ports unless you have a conflict with them.
*Note: The Windows operating system uses port 139 for authentication to the operating system. An alternative to allowing access to port 139 through a firewall is to enable security on the Pervasive PSQL database. Once security is enabled, users such as “Master” are authenticated to the database through the database’s own security features. See To turn on security using Pervasive PSQL Explorer and To create a new user using Pervasive PSQL Explorer, both in Advanced Operations Guide.
For the relational interface, port assignment 1583 is configurable on the server through the Pervasive PSQL utilities. This port is manually configurable for clients. See TCP/IP Port in Advanced Operations Guide.
It is recommended that port assignment 3351 not be changed. If you must change it, contact Pervasive Support.
Ensure that the port configurations match on both the server machine and all clients.
After changing your server listening port, you must stop and restart your Pervasive PSQL engine for the port assignment changes to take effect. See the chapter Using Pervasive PSQL in Pervasive PSQL User's Guide.
Services File
The services file is a text file used by the operating system for network communications. In the services files, you can manually assign the ports used by Pervasive PSQL Server and its clients. Be sure that the applicable ports listed in the services file are in agreement with the ports set by Pervasive PSQL in the utilities and with the associated Windows Firewall rules.
After changing port assignments in the services file, you must stop then start the Pervasive PSQL database engine for the changes to take effect.See Starting and Stopping the Database Engine in Pervasive PSQL User's Guide.
Windows FireWalls
The installation of Pervasive PSQL Server and Pervasive PSQL Workstation performs certain actions pertaining to firewalls depending on the Windows operating system.
Windows Vista and Later
Windows Vista and later operating systems include Windows Firewall with Advanced Security, which provides firewall profiles (a group of security settings). These operating system enable the firewall by default. The following table summarizes the Pervasive PSQL installation actions pertaining to the active profile(s).
Table 7
Installation Actions for Vista or Later Operating Systems
Active Firewall Profile1
Rules Added for Pervasive PSQL Services
State of Rules After Installation2
Multiple, such as
Domain
Private
Public
 
Domain—Yes
Private—Yes
Public—Yes
 
Domain—Enabled
Private—Enabled
Public—Disabled
Public only
Yes
Enabled
1 “Active” means that the profile is monitoring network connections.
2 An “enabled” rule means that inbound TCP and UDP traffic can communicate with the Pervasive PSQL service on all ports for any network connection managed by that firewall profile.
As the table shows, if the Public profile is active with one or more other active profiles, the Pervasive PSQL rules are added for the Public profile but disabled. Neither the interactive nor the silent installation of Pervasive PSQL Server or Workgroup can be modified to change this behavior. If you want to enable the rules for the Public profile, you must do so manually. See To enable Pervasive PSQL rules for the Public profile.
To enable Pervasive PSQL rules for the Public profile
1
Open the console for Windows Firewall with Advanced Security.
2
Click Inbound Rules in the left pane.
3
Locate the desired Pervasive PSQL rule in the list in the center pane.
Note that the rules are listed twice. The enabled rules (indicated by a check mark on a green circle) apply to profiles other than Public. The disabled rules apply to the Public profile.
4
Right-click on the disabled rule you want then click Properties.
5
Click the Advanced tab. Ensure that the Public profile is selected. If not, select it.
6
Click the General tab, then click the Enabled option.
7
Click OK.
8
Exit the console for Windows Firewall with Advanced Security.
Profile Changes After Installation
If you change a network profile after installation of Pervasive PSQL, Pervasive PSQL may no longer be able to accept communications. For example, assume that only the Private network profile was active during installation. At some point after installation, the active profile is changed to Domain (assume its settings are very different from those of Private). The database engine will no longer be able to communicate across the network.
If you change profiles or firewall rules in a way that prevents Pervasive PSQL communications, refer to the steps in To enable Pervasive PSQL rules for the Public profile. Use the steps as a general guideline for how to enable the Pervasive PSQL rules for the active profile(s). This will allow the database engine to communicate again across the network.
Notes About Policies
A corporate policy may prevent a local administrator from modifying the firewall profiles on a particular machine (that is, the profile is “locked”). If so, the Pervasive PSQL installation cannot add or enable the firewall rules required for the database engine to communicate across a network connection monitored by a locked profile. For such a situation, you should contact a corporate systems administrator and request that the firewall policy be modified to allow inbound TCP and UDP traffic on all ports to communicate with all installed Pervasive PSQL services.
Also be aware that a Group Policy only prevents the installation from adding and enabling rules on firewall profiles controlled by the Group Policy when the target system is joined to the domain. If the user installing Pervasive PSQL is logged into the target system as a local user instead of as a domain user, the installation does add and enable the rules on the firewall profiles. However, the rules are disabled if the target system is later joined to the domain controlling the Group Policy.
Windows Operating Systems Prior to Vista
Windows Server 2003 and Windows XP do not include firewall profiles. On these operating system, the installation of Pervasive PSQL Server and Pervasive PSQL Workstation adds each Pervasive PSQL service to the Windows Firewall Exception List. If the operating system security prompts you to unblock or allow communication with a Pervasive PSQL component, select OK (yes).
Installation of Pervasive PSQL results in the addition of one or more firewall rules that allow inbound TCP and UDP traffic to communicate with the Pervasive PSQL services on all ports through the Windows Firewall. All ports are used in case you need to change the default ports used by Pervasive PSQL.
If you encounter problems with your client/server applications not working correctly after installation, check the firewall access list or the ports. You may need to adjust some of the security settings to enable client/server applications. You can add Pervasive PSQL executable files to the access list or open ports. You do not need to do both. Note that opening a port opens it for all access, not just for Pervasive PSQL.
If you want to add Pervasive PSQL components to the firewall access list, add the following:
For Pervasive PSQL 32-bit Server, ntdbsmgr.exe.
For Pervasive PSQL Workgroup, w3dbsmgr.exe.
For Pervasive PSQL 64-bit Server, ntdbsmgr.exe and ntdbsmgr64.exe.