diff --git a/src/serviceconnector-passwordless/HISTORY.rst b/src/serviceconnector-passwordless/HISTORY.rst
index 3a4f3fbd7ea..769e3f27a8b 100644
--- a/src/serviceconnector-passwordless/HISTORY.rst
+++ b/src/serviceconnector-passwordless/HISTORY.rst
@@ -2,6 +2,10 @@
 
 Release History
 ===============
+0.2.1
+++++++
+* Use the client ip in SQL connection output to update firewall rule.
+
 0.2.0
 ++++++
 * Remove firewall rule to avoid security issue. Prompt confirmation before open all IPs. Add param `--yes` to skip the confirmation. 
diff --git a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
index ff114560b00..ae742201c8b 100644
--- a/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
+++ b/src/serviceconnector-passwordless/azext_serviceconnector_passwordless/_credential_free.py
@@ -372,7 +372,7 @@ def create_aad_user(self):
             logger.warning(e)
             # allow local access
             from requests import get
-            ip_address = get(IP_ADDRESS_CHECKER).text
+            ip_address = self.ip or get(IP_ADDRESS_CHECKER).text
             self.set_target_firewall(True, ip_name, ip_address, ip_address)
             try:
                 # create again
@@ -448,6 +448,11 @@ def create_aad_user_in_sql(self, connection_args, query_list):
                             logger.warning(e)
                         conn.commit()
         except pyodbc.Error as e:
+            import re
+            search_ip = re.search(
+                "Client with IP address '(.*?)' is not allowed to access the server", str(e))
+            if search_ip is not None:
+                self.ip = search_ip.group(1)
             raise AzureConnectionError("Fail to connect sql." + str(e)) from e
 
     def get_connection_string(self):
diff --git a/src/serviceconnector-passwordless/setup.py b/src/serviceconnector-passwordless/setup.py
index a588becedf4..a0932f13b2f 100644
--- a/src/serviceconnector-passwordless/setup.py
+++ b/src/serviceconnector-passwordless/setup.py
@@ -16,7 +16,7 @@
 
 # TODO: Confirm this is the right version number you want and it matches your
 # HISTORY.rst entry.
-VERSION = '0.2.0'
+VERSION = '0.2.1'
 
 # The full list of classifiers is available at
 # https://pypi.python.org/pypi?%3Aaction=list_classifiers