Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle Firewall issue - PLEASE HELP

Re: Oracle Firewall issue - PLEASE HELP

From: Dusan Bolek <pagesflames_at_usa.net>
Date: 2 Aug 2001 23:08:12 -0700
Message-ID: <1e8276d6.0108022208.4f61e92e@posting.google.com> 






"Sybrand Bakker" <postbus_at_sybrandb.demon.nl> wrote in message news:<996777719.13375.0.pluto.d4ee154e_at_news.demon.nl>...


> "Chad" <chadscc_at_hotmail.com> wrote in message

> news:87feb722.0108020759.76a293de_at_posting.google.com...

> > I am pulling my hair out here...I have Oracle 8.1.7 running on a

> > Windows 2000 Server...we are using port forwarding technology through

> > a service provider...this essentially acts as a firewall.  Port 1521

> > is open to a specific IP Address...but net8 acces was not possible

> > because of the way the db  redirects the port.  I have done Oracle's

> > fix - which is to add "USE+SHARED_SOCKET = TRUE" to the registry.

> >

> > Now I cannot even connect locally, I get - ORA-12537: TNS:connection

> > closed when I try to connect locally or when some tries to connect

> > using SQL+ from outside our domain.  I'm getting this in the listener

> > log:

 


> (CONNECT_DATA=(SERVICE_NAME=internal.cima.com)(CID=(PROGRAM=C:\oracle\ora81\

> bin\SQLPLUSW.EXE)(HOST=GATTACA)(USER=Administrator)))

> > * (ADDRESS=(PROTOCOL=tcp)(HOST=10.1.3.230)(PORT=2319)) * establish *

> > internal.cima.com * 0




--deleted--



> 2 you are using Milnet /fake IP-addresses, they are not supposed to work

> outside your domain

> 3 I guess internal is still a reserved word, and creating a database

> 'internal' looks like just askign for trouble.




There is no problem with internal IP adresses, because Chad said that
he is using forwarding through firewall. So he has an external valid
IP adress visible from world, but firewall translates this adress to
internal IP adress. Because Oracle server is beyond the firewall, you
can see in listener log only internal adress. That's just my
asumption, but I think that I'm right, because this is pretty common
Net configuration.


Maybe Chad problem is with other higher ports needed for NET8
communication. I think that the safest way to avoid problem is to use
Connection manager, but troubles can be with Chad's service provider.
I do not think that is a good idea to have a firewall at ISP, but I do
not know relationship between Chad's company and their ISP.
I fully agree with your last remmark, "INTERNAL" is really stupid SID
for database, maybe something like "INTDB" is better.


--
_________________________________________

Dusan Bolek, Ing.
Oracle team leader


Received on Fri Aug 03 2001 - 01:08:12 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US