> My question is since .net generates html on the server and returns
> it to the client, does SQL Server have to have permission to
> access the internet?
No.

> Can someone explain the answer to me? Is there an article that
> would tell me what ports I need open on the firewall for SQL Server?
You don't want to leave SQL Server directly accessible through the internet. If you do, sooner or later somebody will hack into it.

SQL Server (by default) listens on port 1433, you can change it to listen on another port, but this does not reduces your changes of being hacked. Hackers scan ranges of ports looking for a variety of listeners. If SQL Server is listening on port 2455 they'll find it.

What you want is your app (via IIS) listen to requests on port 80 (or anyother port.) You application in turn will talk directly to SQL Server (on port 1433 by default.) You can block SQL Server port on your firewall so no outside calls get to SQL Server, only the ones coming from your app (or any other app running on your LAN.)