Re: SQL*Net Problem - Passing through a firewall
Date: 1995/10/20
Message-ID: <46821p$o97_at_usenet.hydro.on.ca>#1/1
Darryl Smith <dsmith_at_continental.com> wrote:
>I am trying to connect SQL*Net V2 request from an rs6000 through a sun
>firewall to an SGI web server. The port defined is 1521 which passes
>through the firewall and is passed to the web server through port 1521.
>The problem is the return trip is sending through a random port in the
>6000 range. Is there any way to define which port it will actually be
>sent through. The gateway is defined to allow only the rs6000 server to
>the SGI server to communicate through port 1521. We can not allow a
>random port as we need to limit our exposure into our database.
>
>
>Any Ideas?
>
We are having the same problem between Suns with a Sun firewall. I think that
after establishing the connection, SQLnet looks for the lowest available
non-privledged port and sends data across it. One solution is for ORACLE or a
firewall company to release a SQLnet proxy, like the telnet/ftp/http/etc.
proxies that come standard with all firewalls.
BTW, I posted the problem to this group and some colleagues posted to various ORACLE & firewall groups. We haven't found a solution yet. I only hope that ORACLE will do something about this since this problem will effect more people as more firewalls go in. If you put your companies personel databases behind a firewall; employees outside won't be able to connect unless you open up all ports.
I guess you could set up a web server and use CGI and such to connect to the database; but that is a lot of work and maintenance effort.
-- Rob Allan | rob.e.allan_at_hydro.on.ca Ontario Hydro | Tel. (416) 592 4195 Toronto, Ontario, Canada | Fax (416) 592 4966Received on Fri Oct 20 1995 - 00:00:00 CET