Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: advice on getting data through firewall with oracle 8i and 8.0.6

Re: advice on getting data through firewall with oracle 8i and 8.0.6

From: Niall Litchfield <n-litchfield_at_audit-commission.gov.uk>
Date: Mon, 12 Feb 2001 11:53:58 -0000
Message-ID: <968isn$lu$1@soap.pipex.net> 






We have now gotten past the proof of concept stage in our environment. The
following works with the Cisco secure firewall and Oracle STD 8.1.6.1 on
Windows NT4 sp6a.



    
  
  1.   Configure firewall to allow sqlnet traffic through (in our case on port
1521 we also tried a random port number and this worked as well), for the
database server.

  
  2.   Point tnsnames on the external machine at the transalted ip address of
the internal database server.

  
  3.   Set the NT environment variable USE_SHARED_SOCKET=TRUE on the database
server
reboot and restart databse and listener. You can also enter this as a
registry setting per the metalink artiocle on oracle and firewalls.






Once this has been setup the following 'technical magic' happens.



    
  
  1.   The firewall interrogates and alters sqlnet packets to ensure the correct
ip address is included thus allowing sqlnet packets through between the two
servers.

  
  2.   Oracle takes advantage of a winsock2 feature allowing shared use of TCP
socket 1521.






This means that the above setup will only work for a windows NT database
server. It almost certainly requires an oracle aware firewall as well.



If you have standard edition, I believe that this is the only option
available to you. If you have enterprise edition then you will need to look
at connection manager (which as far as i know is not OS specific).


--
Niall Litchfield
Oracle DBA
Audit Commission UK


"oskar" <pheonix1t_at_home.com> wrote in message
news:xqGh6.255576$w35.42960894_at_news1.rdc1.nj.home.com...


> hello people,

> I'm going to have to start dealing with a problem soon at work concerning

> getting data through a firewall from two databases.  One is an 8i on a

 winNT


> machine, the other is an 8.0.6 on an HP-UX.....in spring that database

 will


> be upgraded to an 8i as well.

> So, the problem is getting through the firewall!!!

> I've seen some posts previously stating that the oracle database has a

> setting that you can adjust so that the database uses only one port (1521

> for example).  This makes it easier to extract data from that database and

> get that data through the firewall.

> I'm just wondering what experiences anyone else has had with this

 situation


> and if you care to share that :)

> This week I start this project.....so far we've set up a cold fusion

 server


> to connect to both database to extract the data.  Then, we have to start

> getting to the firewall issue...

>

> thank you for any opinions or advice!!

>

> Oskar

>

>



Received on Mon Feb 12 2001 - 05:53:58 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US