Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Usenet -> c.d.o.server -> Re: Listener configuration

Re: Listener configuration

From: tomunio <tomunio_at_wp.pl>
Date: 17 Aug 2006 12:12:26 -0700
Message-ID: <1155841946.858390.231510@m79g2000cwm.googlegroups.com>


Thanks for your advice
I think that i'll use VPN connection to do it in a secure way ;)

Charles Hooper wrote:
> tomunio wrote:
> > Hi
> > I've two oracle 9i databases (prod and test) on two separate hosts -
> > host1 (192.168.1.6), host2 (192.168.1.4 and external_IP).
> > One of them (host2) has got an access to the Internet. How should I
> > configure the listener on host2 so that I could connect from the
> > Internet to the database on host1 (it has no access to the Internet).
> > Thx in advance
> >
> > [oracle_at_host2 admin]$ cat listener.ora
> > # LISTENER.ORA Network Configuration File:
> > [oracle_at_host2 admin]$ cat tnsnames.ora
> > ####################################
> > # TNSNAMES.ORA Configuration
> > File:/opt/ora9/product/9.2/network/admin/tnsnames.ora
> > # Generated by Oracle Enterprise Manager V2
> > # Date..........: Thu Aug 19 14:06:35 CEST 2004
> > ####################################
> >
> > PROD.domain =
> > (DESCRIPTION =
> > (ADDRESS_LIST =
> > (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.6)(PORT = 1521))
> > )
> > (CONNECT_DATA = (SID = US2)(SERVER = DEDICATED))
> > )
> >
> > TEST.domain =
> > (DESCRIPTION =
> > (ADDRESS_LIST =
> > (ADDRESS = (PROTOCOL = TCP)(HOST = 192.168.1.4)(PORT = 1521))
> > (ADDRESS = (PROTOCOL = TCP)(HOST = external_IP)(PORT = 1521))
> > )
> > (CONNECT_DATA = (SID = US2)(SERVER = DEDICATED))
> > )

>

> Configure the listener so that the _internal_ clients can access the
> database.
>

> Your Oracle server appears to be running on Unix or Linux. If host2 is
> running Linux, you can perform an iptables DNAT to forward specific
> ports, such as 1521, from the Internet to the Oracle database server.
> host2 needs to be configured to route the packets between its external
> network card and the internal network card using iptables MASQUERADE.
> There may be something similar for Unix.
>

> With this set up, tnsnames on the remote client needs to point at the
> external IP address of host2. Strongly consider not directly exposing
> the Oracle database to the Internet.
>

> We do something a bit more complicated than the above, using 2 Linux
> routing hosts and a VPN server sitting in between.
>

> Charles Hooper
> PC Support Specialist
> K&M Machine-Fabricating, Inc.
Received on Thu Aug 17 2006 - 14:12:26 CDT

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US