Re: Connecting Oracle DB through firewall

Hi Sybrand,

I didn't actually make the firewall changes, so I'll describe in as much detail as possible what we did.

We have a Java app sitting in the DMZ connecting to an 8.1.6 database behind the back-end firewall.

We couldn't get a connection to the database, so we talked with a network consultant whose specialty is firewalls and he suggested that we have the network admins open the SQL*Net port (apparently, this is a check box in the FW1 configuration). This didn't work, so we also had them open the SQL*Netv2 port (same deal, checkbox config). This seemed to work.

I just went to CheckPoint's web site and found the following re: SQL*Netv2

" sqlnet_port_tab = {1521,1525};sqlnet_prologue "

This appears to be the setting, wherever it is stored (again, I'm not a network admin and I don't work with FW1).

So, it a nutshell, this is what worked for us. Essentially, if I understood the network consultant, any connection coming in through the defined ports results in return traffic on dynamically assigned ports.

Good luck.

Joel

Sybrand Bakker wrote:

>On Fri, 12 Apr 2002 21:04:30 -0400, Cathy Racicot
><racicot_at_sympatico.ca> wrote:
>
>>There is a SQL*Net and a SQL*Net2 parameter that can be set in a
>>Checkpoint firewall. We had this problem and had to set one or the
>>other. This did work and allowed dynamic port allocation, which is your
>>issue.
>>
>>Good luck.
>>
>>Joel
>>
>
>
>Care to share *which* sqlnet parameter?
>If you are referring to use_shared_sockets that doesn't work in
>8.1.7.0.0 for NT, and the sw needs to be upgraded to at least
>8.1.7.1.2
>Other solutions are configuring MTS or using Connection Manager
>
>--
>Regards
>
>
>Sybrand Bakker, Senior Oracle DBA
>
>To reply remove -verwijderdit from my e-mail address
>
Received on Mon Apr 15 2002 - 06:57:33 CDT