Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Connecting to server using SQLPlus through a gateway

Re: Connecting to server using SQLPlus through a gateway

From: Karsten Farell <kfarrell_at_medimpact.com>
Date: Mon, 07 Oct 2002 21:32:33 GMT
Message-ID: <R3no9.1399$oj4.86893887@newssvr14.news.prodigy.com>


Joe Sanderson wrote:
> I have an Oracle 8i server set up at my house. I only have one IP
> address so I am using a hardware gateway to share Internet with my
> laptop and server. I have configured the gateway to open a port to
> the ftp services on the server and that is working without a problem.
> My problem is that when I try to open port 1521 for Oracle
> communication it isn't working. People from the outside world can
> tnsping my database, but not connect in SQL Plus. Does anyone know of
> any way I can make this happen?
>
> The error users get when they try to connect is tns operation timed
> out. I have made some changes and set use_shared_sockets=true and
> then the error changes to tns connection closed. I'm not sure if one
> is worse than the other, but they both have the end result of not
> allowing anyone to connnect. There isn't any problem with
> authentication because I can connect to the server with my lan.
>
> Any insight here is greatly appreciated.

I think you bumped into the OraNet firewall problem. The reason 'ftp' and 'tnsping' work is because they only use one port for their communication (ok, ftp uses a second one, but it's still a well-known port). Unfortunately, OraNet doesn't have a second, well-known port. Instead it uses a randomly-selected port to communicate between client and database. You can find out more on MetaLink (metalink.oracle.com) - just search for 'firewall' - for example, Note 125021.1 "Oracle Connectivity with Firewalls."

When you say people outside your network can tnsping, that implies that port 1521 is in fact responding. The problem is that when they use sqlplus, they go thru this scenario:

  1. Client contacts Listener on port 1521 (this is all tnsping does), causing Listener to awaken
  2. Listener spawns a Dispatcher thread
  3. Dispatcher requests to open a random port for the communication ... but your gateway refuses to let traffic flow in/out
  4. Your Client eventually times out
Received on Mon Oct 07 2002 - 16:32:33 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US