First, a note on terminology.   DMZ is the network where you
have servers that are accessible from the Internet.  This is
the network that GTA calls the PSN (Private Service Network).

The PRO (Protected Network) is the network that is not
accessible from the Internet.

>From your description (and the WARNING message) it looks like
you have the Oracle server on a PRO network, and are trying
to access it from a PSN network.

You need to create a tunnel from the GNAT Box PSN interface
(or a GNAT Box alias on the PSN network) to the Oracle server
for TCP port 1521 (the Oracle database port, which I picked
up from the warning message).

Once you've done that, you can either put a check mark in the
"Automatic Accept All" filter (to allow ALL hosts on the PSN
to access the Oracle database), or you can create a remote
access filter that allows specific hosts on the PSN to access
the Oracle database.   The destination address of the filter
will be the origin of the tunnel (NOT the IP address of the
Oracle database server).

Mike Burden
Lynk Systems
http://www.lynk.com
(616)532-4985
[EMAIL PROTECTED]


> -----Original Message-----
> From: Tarun Kumar Singh [mailto:[EMAIL PROTECTED]]
> Sent: Tuesday, October 01, 2002 11:30 PM
> To: [EMAIL PROTECTED]
> Subject: [gb-users] How to host database server in DMZ ?
>
>
> Hi,
>
>
> I am  installed Oracle database sever in DMZ and when ever my
> application
> server (From PSN)  is trying to acess database sever I am
> gating bellow error
> msg.
>
> <132>Oct  2 11:30:46 192.168.2.100 NAT: WARNING: Attempt by
> PSN to access a
> protected network. TCP
> [192.168.4.5:61909]->[192.168.3.100:0]->[192.168.3.4:1521]
>
>
> My remote access rule :
>
> 25 #Test rules for database server in dmz
>        Accept emergency "DMZ" TCP
>           from 192.168.4.5
>             to 192.168.3.4 1521
>
>
>
> Please help me .
>
> Thanks,
>
> --Tarun
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> To subscribe to the digest version first unsubscribe, then
>  e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
> Archive of the last 1000 messages:
>  http://www.mail-archive.com/[email protected]

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
To subscribe to the digest version first unsubscribe, then
 e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
Archive of the last 1000 messages:
 http://www.mail-archive.com/[email protected]

Reply via email to