| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Mailing Lists -> Oracle-L -> Re: OEM tunneling through ssh
Pete,
This is a little bit tricky. When client requests a connection, it sends
requests to the listener port 1521. The listener creates new server process
or redirect to existing one and this newly created server process bind
another port. (not 1521!). The listener then redirects the client to another
port.
As you can see SSH tunneling is not straightforward here - tunneling for
port 1521 doesn't help. The workaround is to use CMAN (Connection Manager).
It will serve as a proxy to your clients. With CMAN you are able to make SSH
tunnel for one port (default 1610 or 1600 if I remeber right) used by CMAN.
CMAN relays requests and data between server and client.
hth
Alexandre
----- Original Message -----
To: "Multiple recipients of list ORACLE-L" <ORACLE-L_at_fatcity.com>
Sent: Tuesday, August 06, 2002 10:58 PM
> I am attempting to connect to an Oracle database by
> tunneling through an F-Secure ssh client on a Win2K
> desk top to an AIX server. The basic ssh connection
> works. When OEM is fired up it times out trying to
> connect to the database, giving a TNS-12535. Tnsnames
> uses the standard port 1521, the listener on the
> server also uses 1521. However, the listener.log does
> not show any connection attempts.
>
> My suspicion is that we have a firewall rule problem,
> but the insecurity folks are not being very helpful.
>
> Anyone have any ideas about where to point them, other
> than off of a cliff, or me to get started resolving
> this??
>
> This all seems to work in the Unix world, it's Windoze
> where it is falling apart.
>
>
>
>
>
>
>
> =====
> Pete Barnett
> Lead Database Administrator
> The Regence Group
> pnbarne_at_regence.com
>
> __________________________________________________
> Do You Yahoo!?
> Yahoo! Health - Feel better, live better
> http://health.yahoo.com
> --
> Please see the official ORACLE-L FAQ: http://www.orafaq.com
> --
> Author: Peter Barnett
> INET: regdba_at_yahoo.com
>
> Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051
> San Diego, California -- Public Internet access / Mailing Lists
> --------------------------------------------------------------------
> To REMOVE yourself from this mailing list, send an E-Mail message
> to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
> the message BODY, include a line containing: UNSUB ORACLE-L
> (or the name of mailing list you want to be removed from). You may
> also send the HELP command for other information (like subscribing).
>
-- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Alexandre Gorbatchev INET: alexandre.gorbatchev_at_avermann.de Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).Received on Wed Aug 07 2002 - 03:28:28 CDT
 |
 |