Re: VPN access to 9ias instance behind firewall

Hi!

I've used openSSH daemon for several clients for 3 years now. Almos everything I need goes through it: sqlnet, telnet, ssh&scp themselves, VNC, even X11. And OpenSSH is open-source & freeware. I use putty for ssh terminal, I really like it. And it's freeware too. It didn't support certificate based authentication a year ago, that's why I occasionally use a commercial SSH client as well. But now it might be ok. The nice thing is that, that one of my customer was offered to buy two $10000 boxes for doing VPN between their offices, but we recommended to delay the purchase a bit and see our solution. We spent about 1,5 hours (had openssh compiling problems on Tru64), and set up a fully functional system for remote operations support with less than $200 bucks :) Also, ssh tunnels solution to only needed locations is safer than "open" VPN, because it eliminates most of spreading opportunities for viruses/worms which might get loose in one office. (at least as long you aren't doing any tunnels to M$ software ;)

Tanel.

• Original Message ----- From: Jared.Still_at_radisys.com To: Multiple recipients of list ORACLE-L Sent: Friday, August 29, 2003 12:04 AM Subject: RE: VPN access to 9ias instance behind firewall

  Here it is: http://www.dbspecialists.com/presentations/net8_security.html

  Tested it out once, worked great.

  Jared

       Paula_Stankus_at_doh.state.fl.us 
        Sent by: ml-errors_at_fatcity.com 
         08/28/2003 08:14 AM 
         Please respond to ORACLE-L 

               
                To:        Multiple recipients of list ORACLE-L <ORACLE-L_at_fatcity.com> 
                cc:         
                Subject:        RE: VPN access to 9ias instance behind firewall 

  Mladen/Jared - please send. I would be really grateful.     

  Thanks,
  Paula
-----Original Message-----

  From: Mladen Gogala [mailto:mladen_at_wangtrading.com]   Sent: Wednesday, August 27, 2003 5:45 PM   To: Multiple recipients of list ORACLE-L   Subject: RE: VPN access to 9ias instance behind firewall

  Yes, there is a way of doing that through a SSH tunnel. I have the bookmark at home, I'll send it   to you as soon as I get there (~7 P.M. EST, it is 4:41 EST now). Jared also has it, so he may be   so nice to send it to you.          

--

  Mladen Gogala
  Oracle DBA
-----Original Message-----

  From: ml-errors_at_fatcity.com [mailto:ml-errors_at_fatcity.com] On Behalf Of Paula_Stankus_at_doh.state.fl.us   Sent: Wednesday, August 27, 2003 5:34 PM   To: Multiple recipients of list ORACLE-L   Subject: RE: VPN access to 9ias instance behind firewall

  Any suggestions?
-----Original Message-----

  From: Dong, Ping - Raleigh, NC [mailto:ping.dong_at_usps.gov]   Sent: Wednesday, August 27, 2003 4:54 PM   To: Multiple recipients of list ORACLE-L   Subject: RE: VPN access to 9ias instance behind firewall     

-----Original Message-----

  From: Paula_Stankus_at_doh.state.fl.us [mailto:Paula_Stankus_at_doh.state.fl.us]   Sent: Wednesday, August 27, 2003 4:30 PM   To: Multiple recipients of list ORACLE-L   Subject: RE: VPN access to 9ias instance behind firewall

  Guys,

  When user trys to run our application through a VPN behind the firewall in a url they get an error. They can use ssh to get to host where I installed the application server but not run the application through their browser. Anyone deal with this issue before?

  Thanks,
  Paula    

  Note:
  This message is for the named person's use only. It may contain confidential, proprietary or legally privileged information. No confidentiality or privilege is waived or lost by any mistransmission. If you receive this message in error, please immediately delete it and all copies of it from your system, destroy any hard copies of it and notify the sender. You must not, directly or indirectly, use, disclose, distribute, print, or copy any part of this message if you are not the intended recipient. Wang Trading LLC and any of its subsidiaries each reserve the right to monitor all e-mail communications through its networks. Any views expressed in this message are those of the individual sender, except where the message states otherwise and the sender is authorized to state them to be the views of any such entity.          

-- 
Please see the official ORACLE-L FAQ: http://www.orafaq.net
-- 
Author: Tanel Poder
  INET: tanel.poder.003_at_mail.ee

Fat City Network Services    -- 858-538-5051 http://www.fatcity.com
San Diego, California        -- Mailing list and web hosting services
---------------------------------------------------------------------
To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).