Re: Client connection to Server behind Firewall

From: Sybrand Bakker <postbus_at_sybrandb.demon.nl>
Date: Fri, 30 Nov 2001 11:59:10 +0100
Message-ID: <u0eq0c9jbv8ae1_at_corp.supernews.com>

"Alex So" <alexso_at_mail.com> wrote in message news:9u7lmc$q3t$1_at_hfc.pacific.net.hk...
> Hi, all.
>
> I have a question regarding Oracle client connection to Oracle Server
behind
> firewall. The senario is deppicted as followed.
>
> 1521 1521 ????
> [S]-----------------[Switch]-----------------[Firewall]---------------[C]
> Oracle CkeckPoint
Oracle
> Server

Client
>
> Oracle Listener is using port 1521. Oracle client (SQL*Net/Net8) connects
to
> the server via a random port. With the above configuration, no clients are
> able to connect because the firewall has port 1521 opened only. I have
heard
> that
>
> (i) Configuration can be done on the firewall to allow SQL*Net version 1
or
> version 2 to operate. However, it seems that no configuration for such is
> available on the firewall hardware.
>
> (ii) Oracle Connection Manager can be set up in between the firewall and
the
> clients, such that client connection is made between the Connection
Manager
> and the Oracle Client via any random port. And, connection between
> connection manager and Oracle server is made via port 1521. Unfortunately,
> the I am not able to locate Oracle Connection Manager in the Oracle
Product
> CD. Any hint?
>
> Can someone give me some hints with (i) and (ii)?
>
> Thanks and regards,
>
> Alex
>
>

(1) is dependent from the firewall vendor (2) Oracle Connection Manager comes with 8i, both standard and enterprise edition. There are two services managing Oracle Connection Manager, Ora81cm and ora81cmadm. The sw in itself is included in sqlnet, I believe You should use an extra port, the default is 1630 Then you should add
address=(protocol=tcp)(host=<Oracle connection manager host>)(port=1630)) to the address_list block of the affected instance in tnsnames.ora and you should add
(source_route=yes) below the (connect_data) block. Also you should add
use_cman = true
in sqlnet.ora

Just implemented this yesterday at a site and it works.

Hth

--
Sybrand Bakker
Senior Oracle DBA

to reply remove '-verwijderdit' from my e-mail address

Received on Fri Nov 30 2001 - 11:59:10 CET

This message: [ Message body ]
Next message: Angus Gother: "Re: Problems installing Oracle Forms 4.5 and 5.0 on NT"
Previous message: Johannes Wilhelm: "Re: developer 6.0"
In reply to Alex So: "Client connection to Server behind Firewall"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message