Results 1 to 4 of 4
  1. #1
    Join Date
    Dec 2003
    Location
    Belgium
    Posts
    48

    Unanswered: Oracle 9i & Linux & firewall

    Hello,

    I've an Oracle 9i database on Linux Redhat, around the server is a 'firewall', this does not support Oracle net acces. But how can I arrange that incoming connection etc come all through one port (for example 1526).

    I know how to do it on a windows, but what are the possible solutions on a LInux redhat box?

    thanks.

  2. #2
    Join Date
    Jun 2003
    Location
    West Palm Beach, FL
    Posts
    2,713

    Cool


    The same as in any other server, you open the ports!

    The person who says it can't be done should not interrupt the person doing it. -- Chinese proverb

  3. #3
    Join Date
    Dec 2003
    Location
    Belgium
    Posts
    48
    Quote Originally Posted by LKBrwn_DBA

    The same as in any other server, you open the ports!

    only one port may be open, for example 1521, but if my listener runs on 1521, demand for a connection is allowed, but listener always send back to another port, for example 17675. How can I manage it that everything goes through that 1521? That's my question ;-)

  4. #4
    Join Date
    Jun 2003
    Location
    West Palm Beach, FL
    Posts
    2,713

    Question


    You can't, initial connection is through 1521 but spawned process will use other port.
    Also, You have several choices:

    (1) Question the existence of the firewall:

    Do you really need it? Have you considered using the SQLNET.VALIDNODE_CHECKING? It most caes you can solve your access issues via this.

    (2) Use Connection Manager:

    CM uses fixed ports and can handle node address translation. This can also be used a firewall feature, albeit only for Net8 connections.

    (3) Use MTS:

    MTS, or Shared Server model, as in Oracle 9i+, can be used where the dispatechers asre assigned fixed port numbers, which can be opened up by the firewall.

    (4) Use specialized firewalls:

    Certain firewalls enable transparent proxying, i.e. allow the communication to flow through the same port that the orriginal oconnection came in.

    (5) Use SSH Forwarding:

    Using this you can setup SSH (secured shell) in such a way that the incoming request is forwarded to a specific port on the destination machine.


    Last edited by LKBrwn_DBA; 08-29-06 at 12:30.
    The person who says it can't be done should not interrupt the person doing it. -- Chinese proverb

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •