Re: SQL*Net and firewalls

Harold Lockhart wrote:
>
> Enrico Badella wrote:
> >
> > I have been told that there are problems getting SQL*Net thru firewalls
> > but no reason was given.
> >
> > Since next week I'll be working onto permitting access to my network to
> > client/server apps based on SQL*Net I'm looking for suggestions. Or
> > should I just consider this info a rumors and do usual packet filtering?
>
> First of all, I suggest you post this to comp.security.firewalls. You
> may hear from someone with direct experience.
>
> Firewall designs (and policies) vary enormously. If you are just doing
> packet filtering, and SQL*Net uses a fixed port or ports, you will
> probably have no problem.
> If you are using address remapping proxies, life will be more
> interesting.
>

        SQLNET does use fixed ports, 1526 (V1), 1526 (V2), 1527 (NAMES). The traffic on these port(s) is separate from wanting to secure the login session. For this, you can go all the way from clear text, to whatver encryption is supported natively by Oracle, to third party security (ala SecurID/ Kerberos) supported by Oracle SQLNET V2. Received on Thu Jan 30 1997 - 00:00:00 CST