Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: database in firewall

Re: database in firewall

From: Eberhard Niendorf <eberhard.niendorf_at_epost.de>
Date: Sun, 19 Sep 2004 09:13:27 +0200
Message-ID: <cijb31$nu7$07$1@news.t-online.com>


adamenos <adamenos_at_yahoo.com> wrote:

> Take a look at the Oracle Net configuration guide (online at
> www.oracle.com). In order to connect to a database you need to be
> able to connect to the listener for that database. Sometimes, due to
> the way the system administrator has the server configured, the
> listener is unable to work using the default configuration. The
> default configuration of the listener uses port redirection. If the
> listener is listening on port 3152 for database connection requests
> and a request is received then the listener will dynamically assign a
> new port number for that session to communicate on. If the ports have
> been locked down by the sys admin then the listener will be unable to
> assign the session a port number and the connection will not be made.
>
> We had a similar issue at work where we had to allow a range of ports
> to be available for the listener to use.
>

Port redirection takes place not at all, it depends on the platform. On Unix it takes place only for shared server (MTS) or access per SSL. If the server runs on a Unix platform and no MTS, no SSL, then there are no port redirection and the firewall have to pass only the configured destination port. On Windows NT/2000 there are a registry entry USE_SHARED_SOCKET to not taking place port direction, but I've no experience on Windows. I recommend the use of the Connection manager (CMAN), but with configuration (cman.ora) to limit the access to the wished Oracle-Instance. Then you need only one port (default 1630) through the firewall. Look at metalink 125021.1

Eberhard Received on Sun Sep 19 2004 - 02:13:27 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US