Results 1 to 5 of 5
  1. #1
    Join Date
    Apr 2009
    Posts
    3

    Question Unanswered: Connection manager config over VPN

    Hy,
    here's the network configuration I need to realize

    ..........Network1 // DMZ
    Client <-- VPN --> "proxy" machine --- Oracle Server
    ........................// Network 2

    So the client and a machine (inside the DMZ) are connected via VPN and in the VPN connection they belong both to anetwork, let's say 192.160.1.XXX
    The machine inside the DMZ and the Oracle server belong to a second network, 192.168.1.XXX
    nb: the "proxy" machine is not a proxy, I called it proxy because I would like it to route the incoming sql connections through the VPN, to the DB

    I tried to install the Connection Manager in the "proxy" machine but no way to find the proper solution despite the fact that on a single network (client, "proxy" and DBMS belonging to the same network) we make it work.
    All the example I found about cmon.ora configurations assume that incoming connection to the proxy machine are from the same network the DB belong too...
    So my question is ... am I doing the right way? Is Cman the right tool?

    Of course I cannot change the networks config ... so how would you face this configuration? Is this feasible?

  2. #2
    Join Date
    Aug 2003
    Location
    Where the Surf Meets the Turf @Del Mar, CA
    Posts
    7,776
    Provided Answers: 1
    > I cannot change the networks config
    What can you change?
    What Operating System names & versions?
    What version of Oracle (to 4 decimal places)?
    What version of Connection Manager?
    Which & where are any firewalls between client & database?
    You can lead some folks to knowledge, but you can not make them think.
    The average person thinks he's above average!
    For most folks, they don't know, what they don't know.
    Good judgement comes from experience. Experience comes from bad judgement.

  3. #3
    Join Date
    Apr 2009
    Posts
    3
    OS: Serveur 2003 standard edition, SP2
    Firewall: At the entry of DMZ so firewall between the client and the "proxy" machine, access allowded only via VPN
    Oracle version : 9i entreprise Ed. 9.2.05.0 (32 bit)
    Cman : 10.2.0.1.0

    I am quite confident that except the O.S infos, the other infos are not mandatory to solve the problem.

    I have the impression that cman cannot handle this kind of situation:
    he needs to listen to one network and connect to the DB on one another

    So I would have in cman.ora :

    (ADDRESS=(PROTOCOL=tcp)(HOST=vpn_based_ip_adress)( PORT=1610))
    AND
    (RULE = (SRC=*)
    (DST=DMZ_based_IP)
    (SRV=DBMS_service)
    (ACT=ACC)
    )
    ATTENTION: I just realized that in the example IP given in the first post, the two networks are just SUB_networks ...this is not the case!
    let's say that the situation is mor the following:
    vpn_based_ip_adress= 12.12.12.12
    and
    DMZ_based_IP = 192.168.100.10

  4. #4
    Join Date
    Jun 2003
    Location
    Toronto, Canada
    Posts
    5,516
    Provided Answers: 1
    I suspect the problem has to do with the network configuration rather than with Oracle. Do you have two physical network interfaces on your "proxy"? Can you tnsping the database server from the proxy _when the VPN connection is active_?
    ---
    "It does not work" is not a valid problem statement.

  5. #5
    Join Date
    Apr 2009
    Posts
    3
    yes I can ping the 2 machines ...
    I tried even to just connect from the proxy machine to the Oracle server forcing the proxy machine to use the cman connection ...
    no way!
    Could someone post a step by step guide .. maybe I missed smthing ...

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •