First, a note on terminology. DMZ is the network where you have servers that are accessible from the Internet. This is the network that GTA calls the PSN (Private Service Network).
The PRO (Protected Network) is the network that is not accessible from the Internet. >From your description (and the WARNING message) it looks like you have the Oracle server on a PRO network, and are trying to access it from a PSN network. You need to create a tunnel from the GNAT Box PSN interface (or a GNAT Box alias on the PSN network) to the Oracle server for TCP port 1521 (the Oracle database port, which I picked up from the warning message). Once you've done that, you can either put a check mark in the "Automatic Accept All" filter (to allow ALL hosts on the PSN to access the Oracle database), or you can create a remote access filter that allows specific hosts on the PSN to access the Oracle database. The destination address of the filter will be the origin of the tunnel (NOT the IP address of the Oracle database server). Mike Burden Lynk Systems http://www.lynk.com (616)532-4985 [EMAIL PROTECTED] > -----Original Message----- > From: Tarun Kumar Singh [mailto:[EMAIL PROTECTED]] > Sent: Tuesday, October 01, 2002 11:30 PM > To: [EMAIL PROTECTED] > Subject: [gb-users] How to host database server in DMZ ? > > > Hi, > > > I am installed Oracle database sever in DMZ and when ever my > application > server (From PSN) is trying to acess database sever I am > gating bellow error > msg. > > <132>Oct 2 11:30:46 192.168.2.100 NAT: WARNING: Attempt by > PSN to access a > protected network. TCP > [192.168.4.5:61909]->[192.168.3.100:0]->[192.168.3.4:1521] > > > My remote access rule : > > 25 #Test rules for database server in dmz > Accept emergency "DMZ" TCP > from 192.168.4.5 > to 192.168.3.4 1521 > > > > Please help me . > > Thanks, > > --Tarun > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > To subscribe to the digest version first unsubscribe, then > e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Archive of the last 1000 messages: > http://www.mail-archive.com/[email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] To subscribe to the digest version first unsubscribe, then e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] Archive of the last 1000 messages: http://www.mail-archive.com/[email protected]
