| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: firewall sqlnet woes
Hi,
I don't if this is right, I only heard the network guys talking about this problem.
They say:
That Oracle 7.xx is listening an the 1521 port for connecting clients. Then doing some handshake and transmitting a NEW port address to the client where the thread is waiting who would like to service th connecting client. The client then reconnects on the new port.
In oracle 8 this mechanism is changed an everything works fine when opening port 1521 in the firewall.
I dont know if this helps or is true but maybe you can get some information out if it.
On 23 Apr 1999 04:54:45 GMT, Dan Bikle <dbikle_at_rahul.net> wrote:
>I am having a problem with Oracle 7.3.4 for NT that may be related to
>our firewalls but I'm not sure. Out listener is setup to listen on
>port 1521 and we can do a SQL Net loopback without any problems from
>the actual host itself(HOST5) and from another host in the same
>subnet(HOST7). We know that Oracle is up and we know that SQL Net is
>functional.
>
>What we did then, from outside the firewall, we tested to see if we
>could get to Host5 using TELNET HOST5 1521 and got through no problem.
>So then we tested our client executable(SQL*Plus) by pointing it at a
>database on the client side of the firewall and it was able to
>connect.
>
>Here's a description of what's between our client and the Oracle
>Server(HOST5) we want to access. The client is on a subnet(call it
>subnet A) which has a firewall protecting it and then we have HOST5 on
>another subnet protected by its own firewall. Both firewalls were
>configured to allow communication between the two subnets on port
>1521. And we did verify this with telnet and by checking each
>firewall's log entries.
>
>Here's what our TNSNAMES.ORA file looks like on the client:
>
>orcl.world =
> (DESCRIPTION =
> (ADDRESS_LIST =
> (ADDRESS =
> (COMMUNITY = tcp.world)
> (PROTOCOL = TCP)
> (Host = host5)
> (Port = 1521)
> )
> )
> (CONNECT_DATA = (SID = ORCL)
> )
> )
>
>
>Here's what our listener.ora file looks like on Host5:
>
>################
># Filename......: listener.ora
># Node..........: local.world
># Date..........: 24-MAY-94 13:23:20
>################
>LISTENER =
> (ADDRESS_LIST =
> (ADDRESS=
> (PROTOCOL= IPC)
> (KEY= oracle.world)
> )
> (ADDRESS=
> (PROTOCOL= IPC)
> (KEY= ORCL)
> )
> (ADDRESS=
> (COMMUNITY= NMP.world)
> (PROTOCOL= NMP)
> (SERVER= HOST5)
> (PIPE= ORAPIPE)
> )
> (ADDRESS=
> (COMMUNITY= TCP.world)
> (Host = host5)
> (PROTOCOL= TCP)
> (Port= 1521)
> )
> (ADDRESS=
> (COMMUNITY= TCP.world)
> (Host = 127.0.0.1)
> (PROTOCOL= TCP)
> (Port= 1521)
> )
> (ADDRESS=
> (COMMUNITY= TCP.world)
> (Host = host5)
> (PROTOCOL= TCP)
> (Port= 1526)
> )
> )
>STARTUP_WAIT_TIME_LISTENER = 0
>CONNECT_TIMEOUT_LISTENER = 10
>TRACE_LEVEL_LISTENER = OFF
>SID_LIST_LISTENER =
> (SID_LIST =
> (SID_DESC =
> (SID_NAME = ORCL)
> )
> )
>PASSWORDS_LISTENER = (oracle)
>
>
>The error that we receive while trying to connect using SQL*Plus on the client is:
>
>ERROR: ORA-12203: TNS:unable to connect to destination
>
>If you have had similar problems getting sqlnet packets through a dual firewall
>configuration...
>
>Please send clues
>
>thanks,
>-Dan
>---------------------------------------------------------------------
>Daniel B. Bikle/Independent Oracle Consultant
>bikle_at_bikle.com | 650/941-6276 | P.O. BOX AG LOS ALTOS CA 94023
>http://www.bikle.com
>---------------------------------------------------------------------
>
>
Received on Sat Apr 24 1999 - 04:00:58 CDT
 |
 |