Solved

Firewall Configuration

Posted on 2001-06-14
6
1,222 Views
Last Modified: 2012-08-14
Hello,
i am trying to configure a Web Application that use Oracle 8i DB, the application must run under a Firewall config, i open the port 1521 but when i try to test one ODBC Connection from the application server (Windows NT) to the Oracle Server (Windows NT / Oracle 8i) using the NET8 Assistant and the ODBC Test it doesnt open the connection and i see in the firewall log and the connection try to open a range from port 1000 to port 5000 random, there is any way to use only the 1521 port?? or just a specific range of ports?? which ports??
thanks
Alfonso Ordonez
alfonsoordonez@hotmail.com
0
Comment
Question by:Intercom
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
6 Comments
 
LVL 8

Accepted Solution

by:
tomcatkev earned 100 total points
ID: 6194227
For NT platform, go into regedit, under HKEY_LOCAL_MACHINE:Software:Oracle
add key
  USE_SHARED_SOCKET = TRUE
Restart Oracle and the listener for the parameter to take effect. Then outbound as well as inbound use same port 1521.  Reading between the lines, it sounds like this may have limits in terms of the number of users that can connect all on the same port number.

Oradummies don't seem to have enabled a similar option for UNIX platforms, they seem to think that setting up your firewall with no filtering of outbound ports is a good idea.  But in these days of DOS attacks, we want to consider filters on both inbound and outbound traffic and don't seem to have a method available for Oracle on the UNIX platforms.
0
 
LVL 2

Expert Comment

by:starous
ID: 6195755

Some firewall are able to go through SQLNet connection and dynamicaly change rules for your packets. Check if your firewall is able to use option of that style.

I think that limitation of number of connection could by cope with more listeners listeting on more ports.

Or to use Connection managger. It could work as proxy and I think it could be combined with firewall to obtain desired result.

Starous
0
 
LVL 2

Expert Comment

by:sefa
ID: 6199753
Is the db server configured as MTS ?

0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 3

Expert Comment

by:graf27
ID: 6205134
put your application server also behind the firewall.

our configuration:

internet --- firewall ---  application-server --- Database  (thats easy and secure)

other ways:

internet --- application-server --- firewall --- Database ( so your application-server must connect to the Database through the firewall (odbc/jdbc i.e. port 1521) or with connection-manager or any way. thats more difficult).
0
 
LVL 1

Expert Comment

by:Moondancer
ID: 7033792
Please update and finalize this old, open question. Please:

1) Award points ... if you need Moderator assistance to split points, comment here with details please or advise us in Community Support with a zero point question and this question link.
2) Ask us to delete it if it has no value to you or others
3) Ask for a refund so that we can move it to our PAQ at zero points if it did not help you but may help others.

EXPERT INPUT WITH CLOSING RECOMMENDATIONS IS APPRECIATED IF ASKER DOES NOT RESPOND.

Thanks to all,
Moondancer - EE Moderator

P.S.  Click your Member Profile, choose View Question History to go through all your open and locked questions to update them.
0
 
LVL 6

Expert Comment

by:Mindphaser
ID: 7045998
Force accepted

** Mindphaser - Community Support Moderator **
0

Featured Post

Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I remember the day when someone asked me to create a user for an application developement. The user should be able to create views and materialized views and, so, I used the following syntax: (CODE) This way, I guessed, I would ensure that use…
Shell script to create broker configuration file using current broker Configuration, solely for purpose of backup on Linux. Script may need to be modified depending on OS-installation. Please deploy and verify the script in a test environment.
Video by: Steve
Using examples as well as descriptions, step through each of the common simple join types, explaining differences in syntax, differences in expected outputs and showing how the queries run along with the actual outputs based upon a simple set of dem…
This video explains what a user managed backup is and shows how to take one, providing a couple of simple example scripts.

688 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question