Firewall Configuration

Hello,
i am trying to configure a Web Application that use Oracle 8i DB, the application must run under a Firewall config, i open the port 1521 but when i try to test one ODBC Connection from the application server (Windows NT) to the Oracle Server (Windows NT / Oracle 8i) using the NET8 Assistant and the ODBC Test it doesnt open the connection and i see in the firewall log and the connection try to open a range from port 1000 to port 5000 random, there is any way to use only the 1521 port?? or just a specific range of ports?? which ports??
thanks
Alfonso Ordonez
alfonsoordonez@hotmail.com
IntercomAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
tomcatkevConnect With a Mentor Commented:
For NT platform, go into regedit, under HKEY_LOCAL_MACHINE:Software:Oracle
add key
  USE_SHARED_SOCKET = TRUE
Restart Oracle and the listener for the parameter to take effect. Then outbound as well as inbound use same port 1521.  Reading between the lines, it sounds like this may have limits in terms of the number of users that can connect all on the same port number.

Oradummies don't seem to have enabled a similar option for UNIX platforms, they seem to think that setting up your firewall with no filtering of outbound ports is a good idea.  But in these days of DOS attacks, we want to consider filters on both inbound and outbound traffic and don't seem to have a method available for Oracle on the UNIX platforms.
0
 
starousCommented:

Some firewall are able to go through SQLNet connection and dynamicaly change rules for your packets. Check if your firewall is able to use option of that style.

I think that limitation of number of connection could by cope with more listeners listeting on more ports.

Or to use Connection managger. It could work as proxy and I think it could be combined with firewall to obtain desired result.

Starous
0
 
sefaCommented:
Is the db server configured as MTS ?

0
Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

 
graf27Commented:
put your application server also behind the firewall.

our configuration:

internet --- firewall ---  application-server --- Database  (thats easy and secure)

other ways:

internet --- application-server --- firewall --- Database ( so your application-server must connect to the Database through the firewall (odbc/jdbc i.e. port 1521) or with connection-manager or any way. thats more difficult).
0
 
MoondancerCommented:
Please update and finalize this old, open question. Please:

1) Award points ... if you need Moderator assistance to split points, comment here with details please or advise us in Community Support with a zero point question and this question link.
2) Ask us to delete it if it has no value to you or others
3) Ask for a refund so that we can move it to our PAQ at zero points if it did not help you but may help others.

EXPERT INPUT WITH CLOSING RECOMMENDATIONS IS APPRECIATED IF ASKER DOES NOT RESPOND.

Thanks to all,
Moondancer - EE Moderator

P.S.  Click your Member Profile, choose View Question History to go through all your open and locked questions to update them.
0
 
MindphaserCommented:
Force accepted

** Mindphaser - Community Support Moderator **
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.