Re: SQL*Net Problem - Passing through a firewall

Darryl Smith <dsmith_at_continental.com> wrote:
>I am trying to connect SQL*Net V2 request from an rs6000 through a sun
>firewall to an SGI web server. The port defined is 1521 which passes
>through the firewall and is passed to the web server through port 1521.
>The problem is the return trip is sending through a random port in the
>6000 range. Is there any way to define which port it will actually be
>sent through. The gateway is defined to allow only the rs6000 server to
>the SGI server to communicate through port 1521. We can not allow a
>random port as we need to limit our exposure into our database.
>
>
>Any Ideas?
>
We are having the same problem between Suns with a Sun firewall. I think that after establishing the connection, SQLnet looks for the lowest available non-privledged port and sends data across it. One solution is for ORACLE or a firewall company to release a SQLnet proxy, like the telnet/ftp/http/etc. proxies that come standard with all firewalls.

BTW, I posted the problem to this group and some colleagues posted to various ORACLE & firewall groups. We haven't found a solution yet. I only hope that ORACLE will do something about this since this problem will effect more people as more firewalls go in. If you put your companies personel databases behind a firewall; employees outside won't be able to connect unless you open up all ports.

I guess you could set up a web server and use CGI and such to connect to the database; but that is a lot of work and maintenance effort.

-- 
Rob Allan                       |  rob.e.allan_at_hydro.on.ca
Ontario Hydro                   |  Tel. (416) 592 4195
Toronto, Ontario, Canada        |  Fax  (416) 592 4966