Re: Oracle 12.1.0.2 and firewalls

I'm then going to assume that when the connection is "handed off" to another port for the actual connection the firewall understands that the user will be knocking on this other port, on which the user process is now listening.

Do you know of a MOS note other than the 2 I listed that explains this.

G

On Wed, Apr 15, 2015 at 11:05 AM, Freek D'Hooge <freek.dhooge_at_gmail.com> wrote:

> George,
>
> Normally the firewall "understands" sql*net traffic and it is possible to
> mark the original port (the one on which the listener is listening, eg
> 1521) as sql*net.
> This way, the firewall guys only need to open port 1521 and mark it as
> sql*net and no other ports need to be opened nor do you need to switch to
> CMAN or MTS.
>
>
> Kind regards,
>
>
>
>
> On wo, 2015-04-15 at 10:54 +0200, George wrote:
>
> Hi all
>
>
>
> Client is going to be running the above version on Linux.
>
>
>
> Firewall guys are refusing to open any ports other than 22 for ssh and
> then 1521, 1523 and 1527.
>
>
>
> I seem to remember a port redirection use to happen, on a random port,
> for the incoming connection after the initial hand shake, of course this
> will fail now.
>
>
>
> Allot of notes are out there how to use shared_ on NT. not applicable.
>
>
>
> I've found the following 2 notes: Doc ID 361284.1 and 125021.1
>
>
>
> My options seem to be CMAN or MTS.
>
>
>
> comments and advise appreciated.
>
>
>
> G
>
> --
>
> You have the obligation to inform one honestly of the risk, and as a
> person
> you are committed to educate yourself to the total risk in any activity!
>
> Once informed & totally aware of the risk,
> every fool has the right to kill or injure themselves as they see fit!
>
>

-- 
You have the obligation to inform one honestly of the risk, and as a person
you are committed to educate yourself to the total risk in any activity!

Once informed & totally aware of the risk,
every fool has the right to kill or injure themselves as they see fit!

--
http://www.freelists.org/webpage/oracle-l