Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
Home -> Community -> Usenet -> c.d.o.server -> Re: Oracle Firewall issue - PLEASE HELP
"Sybrand Bakker" <postbus_at_sybrandb.demon.nl> wrote in message news:<996777719.13375.0.pluto.d4ee154e_at_news.demon.nl>...
> "Chad" <chadscc_at_hotmail.com> wrote in message
> news:87feb722.0108020759.76a293de_at_posting.google.com...
> > I am pulling my hair out here...I have Oracle 8.1.7 running on a
> > Windows 2000 Server...we are using port forwarding technology through
> > a service provider...this essentially acts as a firewall. Port 1521
> > is open to a specific IP Address...but net8 acces was not possible
> > because of the way the db redirects the port. I have done Oracle's
> > fix - which is to add "USE+SHARED_SOCKET = TRUE" to the registry.
> >
> > Now I cannot even connect locally, I get - ORA-12537: TNS:connection
> > closed when I try to connect locally or when some tries to connect
> > using SQL+ from outside our domain. I'm getting this in the listener
> > log:
> (CONNECT_DATA=(SERVICE_NAME=internal.cima.com)(CID=(PROGRAM=C:\oracle\ora81\
> bin\SQLPLUSW.EXE)(HOST=GATTACA)(USER=Administrator)))
> > * (ADDRESS=(PROTOCOL=tcp)(HOST=10.1.3.230)(PORT=2319)) * establish *
> > internal.cima.com * 0
--deleted--
> 2 you are using Milnet /fake IP-addresses, they are not supposed to work
> outside your domain
> 3 I guess internal is still a reserved word, and creating a database
> 'internal' looks like just askign for trouble.
There is no problem with internal IP adresses, because Chad said that
he is using forwarding through firewall. So he has an external valid
IP adress visible from world, but firewall translates this adress to
internal IP adress. Because Oracle server is beyond the firewall, you
can see in listener log only internal adress. That's just my
asumption, but I think that I'm right, because this is pretty common
Net configuration.
Maybe Chad problem is with other higher ports needed for NET8
communication. I think that the safest way to avoid problem is to use
Connection manager, but troubles can be with Chad's service provider.
I do not think that is a good idea to have a firewall at ISP, but I do
not know relationship between Chad's company and their ISP.
I fully agree with your last remmark, "INTERNAL" is really stupid SID
for database, maybe something like "INTDB" is better.
-- _________________________________________ Dusan Bolek, Ing. Oracle team leaderReceived on Fri Aug 03 2001 - 01:08:12 CDT