Cann't connect from another server to oralce

I can connect locally like normal :

sqlplus sys as sysdba

Open in new window

I can also connect

sqlplus sys/pass@hostname:1521/servicename as sysdba

Open in new window

the service I get from when I do lsrnctl status but when I try to connect this from other system where oracle is running I get following error:

ORA-12543: TNS: Destination host unreadable the command I used is

sqlplus sys/pass@hostname:1521/servicename as sysdba

Open in new window

which with the same I can connect locally but not from remove server... I try to check

telnet 192.1368.0.15 1521

given me bellow error

telnet: connect to address hostname: no route to host:

Open in new window


I try to disable the iptables from the target host where oracle is installed no luck ... what is wrong with this ? everything works locally i can coonect and even ping the TNS..

one thing I notice my SID is orcl but the service instance that shows in lsnrctl status it shows as orclXDB

it's fresh installation of oracle in linux centos 6.6
LVL 1
hi4pplAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Zephyr ICTCloud ArchitectCommented:
Did you also try flushing the iptables? So not only stop the service but really flush them... like "iptables -F"

Or it's SELinux related and you have to allow the port with something like:
semanage port -a -t orcl_port -p tcp 1521

Open in new window


Or test by temporarely disabling it with "setenforce 0"
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
hi4pplAuthor Commented:
HI Thanks I didn't do iptables -F before now that I did it works fine.... but can you tell me how can I enable the iptable and add rule  to allow that connection ... I don't want to disable iptable for all
0
Alexander Eßer [Alex140181]Software DeveloperCommented:
Have you tried adding the following rule?!
sudo iptables -I INPUT -p tcp --dport 1521 -j ACCEPT

Open in new window


Don't forget to save it:
sudo service iptables save

Open in new window

or
sudo /etc/init.d/iptables save

Open in new window

0
Ultimate Tool Kit for Technology Solution Provider

Broken down into practical pointers and step-by-step instructions, the IT Service Excellence Tool Kit delivers expert advice for technology solution providers. Get your free copy now.

Zephyr ICTCloud ArchitectCommented:
Yes, of course, you can add the port to the iptables:

iptables -I INPUT -p tcp --dport 1521 -j ACCEPT

Open in new window


Or to make it more secure you can add the ip-address range of your LAN (for instance) like this:

iptables -I INPUT -s 10.10.1.0/16 -p tcp --dport 1521 -j ACCEPT

Open in new window


Replace the ip 10,10.1.0/16 with your own range.

And save the iptables naturally.

"service iptables" save or "/etc/init.d/iptables save"
0
johnsoneSenior Oracle DBACommented:
I'm not that familiar with iptables, but be aware that port 1521 is not the only port used.  That port is only used to make initial contact to the Oracle listener.  The connection is actually established on a different port.

There is a utility called Connection Manager that will allow all communication through one port.  It just masks the port changes.  There may be another way, but it is the only way I am aware of.
0
Alexander Eßer [Alex140181]Software DeveloperCommented:
but be aware that port 1521 is not the only port used.  That port is only used to make initial contact to the Oracle listener.  The connection is actually established on a different port.
What other port(s) ?!

Btw: port 1521 is just the default listener port. It could be 1522 or whatever you changed it to...
0
johnsoneSenior Oracle DBACommented:
The ports are not fixed.  It is essentially any unused port (typically very high numbered).  They are from dynamic unused ranges and typically vary by operating system.  I did a quick search of the documentation and I couldn't find it.  If I remember correctly, the UNIX variant range is somewhere around 65000.

The listener port is only used to establish the connection.  The actual connection traffic is over a different port so the listener port isn't overwhelmed.

netstat should show you the ports being used for oracle connections.

Again, if you need to have a firewall and use only one port, then Connection Manager is the way to set that up.  Essentially, it acts as a forwarding mechanism -> http://docs.oracle.com/cd/E11882_01/network.112/e41945/cman.htm#NETAG011
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Oracle Database

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.