Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Connecting to server using SQLPlus through a gateway

Re: Connecting to server using SQLPlus through a gateway

From: Daniel Morgan <dmorgan_at_exesolutions.com>
Date: Mon, 07 Oct 2002 23:03:58 GMT
Message-ID: <3DA212BF.1FF24E8E@exesolutions.com> 





Karsten Farell wrote:



> Joe Sanderson wrote:

> > I have an Oracle 8i server set up at my house.  I only have one IP

> > address so I am using a hardware gateway to share Internet with my

> > laptop and server.  I have configured the gateway to open a port to

> > the ftp services on the server and that is working without a problem.

> > My problem is that when I try to open port 1521 for Oracle

> > communication it isn't working.  People from the outside world can

> > tnsping my database, but not connect in SQL Plus.  Does anyone know of

> > any way I can make this happen?

> >

> > The error users get when they try to connect is tns operation timed

> > out.  I have made some changes and set use_shared_sockets=true and

> > then the error changes to tns connection closed.  I'm not sure if one

> > is worse than the other, but they both have the end result of not

> > allowing anyone to connnect.  There isn't any problem with

> > authentication because I can connect to the server with my lan.

> >

> > Any insight here is greatly appreciated.

>

> I think you bumped into the OraNet firewall problem. The reason 'ftp'

> and 'tnsping' work is because they only use one port for their

> communication (ok, ftp uses a second one, but it's still a well-known

> port). Unfortunately, OraNet doesn't have a second, well-known port.

> Instead it uses a randomly-selected port to communicate between client

> and database. You can find out more on MetaLink (metalink.oracle.com) -

> just search for 'firewall' - for example, Note 125021.1 "Oracle

> Connectivity with Firewalls."

>

> When you say people outside your network can tnsping, that implies that

> port 1521 is in fact responding. The problem is that when they use

> sqlplus, they go thru this scenario:

>

> 1. Client contacts Listener on port 1521 (this is all tnsping does),

> causing Listener to awaken

> 2. Listener spawns a Dispatcher thread

> 3. Dispatcher requests to open a random port for the communication ...

> but your gateway refuses to let traffic flow in/out

> 4. Your Client eventually times out




Alternatively look at iSQLPlus if using 9i.



Daniel Morgan
Received on Mon Oct 07 2002 - 18:03:58 CDT












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US