Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: HEEELP! TNS 12541 (no listener): Oracle, Hardware Firewalls & company!

Re: HEEELP! TNS 12541 (no listener): Oracle, Hardware Firewalls & company!

From: <fitzjarrell_at_cox.net>
Date: 7 Jun 2005 12:05:06 -0700
Message-ID: <1118171106.435757.153990@g14g2000cwa.googlegroups.com>

RedEagle wrote:
> Hi Guys!
> A big hello to all readers here! I have been searching all the way
> into this newsgroup to find a solution to my problem, but it seems
> that no one has ever had it! Let's make it simple.
>
> I have my server on a webfarm LAN, its ip address is: 192.168.0.1
>
> My server is connected to a firewall. The ip address of the firewall
> is X.Y.Z.K and it's an internet address (a T3 connection).
>
> I opened some ports on the firewall, so that (for instance) the port
> 1521, 5500, and 3389 are redirected to 192.168.0.1
>
> I installed the Oracle 10g on our server (Windows 2000 Server), and
> the web oracle enterprise manager works fine (i can reach it at
> "http://X.Y.Z.K:5500/em").
>
> I have another computer, my computer, veeery far away from the server.
> My computer is on another lan (not the webfarm LAN of course), and its
> ip address is 192.168.10.1
>
> I have a DSL connection, NAT-tted, so NO ports are redirected to my
> computer, okay?
>
> I installed on my pc the Oracle Enterprise Manager, client version,
> because I decided that I don't want to use the web oracle enterprise
> manager. I want to access my Oracle server directly.
>
> When I try to connect to my server I get the 12541 error!!! I don't
> understand why!!! Isn't it enough to open the port 1521? This is the
> client "tnsnames.ora" file:
>
> # tnsnames.ora Network Configuration File:
> D:\oracle\product\10.1.0\Db_1\network\admin\tnsnames.ora
> # Generated by Oracle configuration tools.
>
> ORCL =
> (DESCRIPTION =
> (ADDRESS = (PROTOCOL = TCP)(HOST = X.Y.Z.K)(PORT = 1521))
> (CONNECT_DATA =
> (SERVICE_NAME = orcl)
> )
> )
>
> EXTPROC_CONNECTION_DATA =
> (DESCRIPTION =
> (ADDRESS_LIST =
> (ADDRESS = (PROTOCOL = IPC)(KEY = EXTPROC))
> )
> (CONNECT_DATA =
> (SID = PLSExtProc)
> (PRESENTATION = RO)
> )
> )
>
> If I ping my server it works.
> If I try "tnsping" I get this message:
>
> Attempting to contact
> (DESCRIPTION=(CONNECT_DATA=(SERVICE_NAME=vortiko))(ADDRESS
> =(PROTOCOL=TCP)(HOST=X.Y.Z.K)(PORT=1521)))
> OK (230 msec)
>
> So the listener is alive and kicking!!!
>
> A friend of mine read a message where they say I can't contact my
> oracle server if the ip destination address doesn't match with the
> machine address. This might be my case because the real ip address is
> 192.168.0.1, the internet address is X.Y.Z.K
>
> But I don't wanna believe that I have to put my server on the internet
> without any kind of protection, nor I have to use another kind of
> firewall method. Come on! What I am doing wrong?
>
> I hope you have been able to survive this message and surely your help
> will be VEEEERY much appreciated!
>
>
> Best regards,
> Red Eagle

Your first act upon seeing such an error should have been to enable support-level tracing of the client in your sqlnet.ora file:

TRACE_LEVEL_CLIENT=SUPPORT This will generate a rather verbose trace file for your attempted connection, showing you what is actually happening between your 'guaranteed no port-forwarding' PC and the server. And it's NOT on your PC where the port forwarding causes problems, it's on the SERVER, the one behind the firewall, as the original request on port 1521 gets redirected to another port, say 1733, on the server and can't get through the firewall to return anything to you because port 1733 is not open.

Certainly tnsping works as it only polls the connection and determines it's valid. No actual connection is made to the database server through tnsping.

Generate a trace file and examine it. If you need any help email me offline.

David Fitzjarrell Received on Tue Jun 07 2005 - 14:05:06 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US