Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> RE: Cisco PIX firewall

RE: Cisco PIX firewall

From: Kevin Lange <klange_at_ppoone.com>
Date: Tue, 25 Jan 2005 14:47:20 -0600
Message-ID: <ED1256BD4F253C44B1627B2D365A334F08766362@ppoone1.ppoone.com>


Our current access list on our Firewall looks something like this

access-list inbound-dmz04 permit tcp any host 999.999.999.999 eq 1521 access-list inbound-dmz04 permit tcp any host 888.888.888.888 eq 1521

Permits any TCP traffic from "Any host" to the specific DATABASE SERVER on port 1521.

Make sure what port you are using in your listener... default is 1521.

-----Original Message-----

From: Jeffrey Beckstrom [mailto:JBECKSTROM_at_gcrta.org] Sent: Tuesday, January 25, 2005 2:31 PM
To: oracle-l_at_freelists.org; oracle-db-l_at_groups.ittoolbox.com; ORACLE-L_at_IC.SUNYSB.EDU; oracledba_at_LazyDBA.com; oracle-rdbms_at_yahoogroups.com
Cc: Chris Orlando
Subject: Cisco PIX firewall

We are using a Cisco PIX firewall version 6.2. Database is running Oracle 9i with multithreaded server.  

If we move the web server inside the firewall, then sqlplus connects to the database server. If we put the web server outside of the firewall then sql*plus gives an ora-12571 error. Our network people tried opening all ports on the web server for IP traffic but we still get the same error.  

We know it is something with the firewall since depending on if the web server is inside or outside of the dmz you can connect. We just can't figure out what is wrong with the firewall. Any suggestions would be appreciated.          

Jeffrey Beckstrom
Database Administrator
Greater Cleveland Regional Transit Authority 1240 W. 6th Street
Cleveland, Ohio 44113

--

http://www.freelists.org/webpage/oracle-l
--

http://www.freelists.org/webpage/oracle-l Received on Tue Jan 25 2005 - 15:49:53 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US