Re: Not able to connect to Oracle database through VPN
Date: Fri, 08 Feb 2008 20:13:43 +0100
Charles Hooper wrote:
> I firewall my VPN:
> (Oracle Server)-(Firewall)-(VPN Server)-(Firewall)-(Internet)
> Why? So that I can control the type of traffic flowing through the
> VPN based on port and protocol and the requesting client. Such a
> setup helps control the damage a remote system can do to the corporate
> network, as well as control what the computers on the corporate
> network can do to damage the remote system.
> Charles Hooper
> IT Manager/Oracle DBA
> K&M Machine-Fabricating, Inc.
Not in my book - you just run VPN server in the DMZ, and have a classic, triangular firewall setup. My understanding of your description does not match the picture.
What I was wondering about would be depicted as:
(Oracle)-(fw)-([VPN+fw])-(fw)-(VPN client)-(oracle client)
Your description of your setup, I would depict as
(Oracle)-([VPN+fw])-(VPN client)-(oracle client)
whereas you depict
That would be equivalent to
intranet-(fw)-(DMZ)-fw-internet, a classic setup.
Your firewall would be open to specific VPN port and protocol combinations (UDP:500, proto 50 and 51) - correct?
-- Regards, Frank van Bortel Top-posting in UseNet newsgroups is one way to shut me upReceived on Fri Feb 08 2008 - 13:13:43 CST