This is from one of previous postings: > Oracle has a registry setting that will force all traffic for a session > through the same port that the listener connection was made on (e.g. 1521). > Place the USE_SHARED_SOCKET parameter in the registry under > HKEY_LOCAL_MACHINE:Software:Oracle with a value of TRUE, and restart Oracle > and the listener for it to take effect. It also doesn't hurt to set this > parameter as a system environment variable as well.
And yes, Connection Manager is another option. Also, there are firewalls that are Net8 aware. Igor Neyman, OCP DBA [EMAIL PROTECTED] ----- Original Message ----- To: "Multiple recipients of list ORACLE-L" <[EMAIL PROTECTED]> Sent: Wednesday, February 12, 2003 7:13 AM > Hi everybody > > Since I'm a networking dummy, here's a question that might be easy to > answer: > > I have to setup client access (Oracle Net) to an Oracle Database through a > firewall. So far, I only know that the listener listens on a dedicated port > (like 1521). After a client requested a connection, a dedicated server > process is started (this is not an MTS environment) and the listener is > informed about the port the server process wants to use to communicate with > the client. The listener sends this information to the client and from > thereon, the client can communicate with the server through this port. > Now, I'm wondering about what ports do I have to keep open on the firewall > between client and Oracle server ? 1521 is probably not enough, since this > let's the client only reach the listener itself. What happens then ? Can I > restrict Oracle Net to a range of ports for the server processes to be used > (didn't find that in the fine manual) ? If so, how is this done ? Or do I > have to go with Oracle connection manager ? > > Regards, > > Stefan Jahnke > Consultant > BOV Aktiengesellschaft > Voice: +49 201 - 4513-298 > Fax: +49 201 - 4513-149 > mailto: [EMAIL PROTECTED] > Please remove nospam to contact me via email. > > visit our website: http://www.bov.de > subscribe to our newsletter: http://www.bov.de/presse/newsletter.asp > > Sicherheitsluecken mit IT-Security-Konzepten von BOV effizient schliessen! > Weitere Informationen unter +49 201/45 13-240 oder E-Mail an > mailto:[EMAIL PROTECTED]. > > Wie Sie wissen, koennen ueber das Internet versandte E-Mails leicht unter > fremden Namen erstellt oder manipuliert werden. Aus diesem Grunde bitten > wir um Verstaendnis dafuer, dass wir zu Ihrem und unserem Schutz die > rechtliche Verbindlichkeit der vorstehenden Erklaerungen und Aeusserungen > ausschliessen. > > As you are probably aware, e-mails sent via the Internet can easily be > copied or manipulated by third parties. For this reason we would ask for > your understanding that, for your own protection and ours, we must decline > all legal responsibility for the validity of the statements and comments > given above. > > > > > -- > Please see the official ORACLE-L FAQ: http://www.orafaq.net > -- > Author: Stefan Jahnke > INET: [EMAIL PROTECTED] > > Fat City Network Services -- 858-538-5051 http://www.fatcity.com > San Diego, California -- Mailing list and web hosting services > --------------------------------------------------------------------- > To REMOVE yourself from this mailing list, send an E-Mail message > to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in > the message BODY, include a line containing: UNSUB ORACLE-L > (or the name of mailing list you want to be removed from). You may > also send the HELP command for other information (like subscribing). > > -- Please see the official ORACLE-L FAQ: http://www.orafaq.net -- Author: Igor Neyman INET: [EMAIL PROTECTED] Fat City Network Services -- 858-538-5051 http://www.fatcity.com San Diego, California -- Mailing list and web hosting services --------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
