Running oracle 8i behind a firewall
I have a small home lan with a single IP address through a hardware gateway. I need to share an Oracle 8i database with others via the Internet. I have been able to open port 1521 through the gateway and a tnsping to the database works, but so far I haven't been able to figure out how they can connect through an application. Anyone with any ideas??
Hi
you can do it
1521 is listener's port, when you request connection listener spawns new port for your connection.
You can see that in the trace file on the server side.
More details - read docs.
It means - you must use dedicated IP for Oracle server.
Sorry for my grammar.
Similar Messages
-
Connect Oracle 10g client to the Oracle 10g database behind a firewall
I need to connect an Oracle 10g client to the Oracle 10g database (windows server 2003 box) behind a firewall. I ran into this problem: Port redirection. Port redirection requires the Oracle client to connect to the database using a different port (usually a randomly selected TCP port) than the default or originally configured one. If there is no firewall between the server and the client, port redirection will not affect the actual connection. However, if port redirection does occur with the server behind a firewall, the client will be likely to suffer from a connectivity failure. The reason is simple: the newly assigned port based on port redirection is often blocked by the firewall. Such failures are not uncommon on Windows platforms.
I don't know how to stablished an unique TCP port.
I Enabled USE_SHARED_SOCKET on the Oracle database server, windows registry. Acording to what I read,that will force the server machine to share its port 1521 and thus all clients will stay on that port when connecting to the database. Noticeably, port redirection will not occur with USE_SHARED_SOCKET enabled, but that's true in oracle 8 or oracle 9. In oracle 10g this solution doesn't work.
I will apreciate any help about this. Please!
Thanks in advanced.Three solutions in order of preference
1 Use Connection Manager on the server (only installed using a Custom Install). This will tunnel all traffic through a single port. It will also allow you to configure allowable nodes
2 Set up shared server to use a fixed port. Disadvantage: shared server has overhead and the number of connections is limited
3 Use shared_sockets. Disadvantage: when you stop the listener everyone is disconnected.
Sybrand Bakker
Senior Oracle DBA -
Oracle server and Checkpoint firewall
When setting block Findricset SQL Injection
on Checkpoint firewall and try to login by sqlplus
to the db server (8.1.7) behind that firewall
the following error messages occur:
ORA-24323: value not allowed
ERROR:
ORA-03114: not connected to ORACLE
Error accessing PRODUCT_USER_PROFILE
Warning: Product user profile information not loaded!
You may need to run PUPBLD.SQL as SYSTEM
ORA-24323: value not allowed
ORA-24323: value not allowed
Error accessing package DBMS_APPLICATION_INFO
ERROR:
ORA-03114: not connected to ORACLE
SP2-0575: Use of Oracle SQL feature not in SQL92 Entry Level
ORA-24323: value not allowed
Can anyone tell me where's the problem?It appears that the firewall is blocking the connection to the database. Since this appears to be something more than a basic firewall product (i.e. it is doing more than allowing and denying requests on particular ports for particular IP addresses), you would need to talk to your firewall vendor to determine why it thinks a SQL*Plus connection is a SQL injection risk and how to get around the problem.
Of course, you could set up something like Oracle Connection Manager to proxy the connection through the firewall, but that may well defeat the point of an active firewall product.
Justin -
Hi,
My concurrent request failed due to
Program was terminated by signal 6
Concurrent Manager encountered an error while running Oracle*Report
stat_low = 6
stat_high = 0
emsg:was terminated by signal 6
Error occurred during initialization of VM
Could not reserve enough space for object heap
# A fatal error has been detected by the Java Runtime Environment:
# SIGSEGV (0xb) at pc=0xf7176d3e, pid=17695, tid=4096898752
# JRE version: 6.0_32-b05
# Java VM: Java HotSpot(TM) Server VM (20.7-b02 mixed mode linux-x86 )
# Problematic frame:
# V [libjvm.so+0x5f5d3e] ParallelScavengeHeap::tlab_capacity(Thread*) const+0xe
# An error report file with more information is saved as:
# /oracle/tst3/inst/apps/tst3_ora-web2/logs/appl/conc/log/hs_err_pid17695.log
# If you would like to submit a bug report, please visit:
# http://java.sun.com/webapps/bugreport/crash.jsp
what could be the reason behind this error.
If any one knows this Please help me..
Thank YouHi,
Please provide your environment details.
Is this a custom program? was this report working fine? If yes, what changes were made lately?
Thanks &
Best Regards, -
Web Service client running on Tomcat behind Apache-ModJk
Hi all.
I've realized a web service, which have been deployed on a Tomcat 5.5 instance running behind a firewall.
The Web Service is published through an Apache 2.0 Web Server, which is in the DMZ and which is connected to Tomcat via modjk.
Everything is working fine (as apache forwards to tomcat clients' calls), except from one thing: one of the web-methods needs to connect to a remote server to validate some data... that is, this web-method implements a "web service client" piece of code, by which a remote validating method must be called.
So, the problem is that this remote method must be accessed from something running behind the firewall...
One way could be to open a hole in the firewall, allowing only calls to that remote address, but I'd rather avoid this.
Do someone have other suggestions?
Is there perhaps any way to use mod_jk also for "exiting" and not only for "entering"?
Any help will be very appreciated!!Could you not use a proxy server. The web service client would go through the proxy server to the internet
-
How can I put my program behind a firewall or make it more secure?
I have a client server program and I was reading through my notes. I had jotted down a recommendation to put it behind a firewall. However, I do not know how to do this in Java at all or even where to begin. How do I even create a firewall in Java?
I'm also not sure if this is the security I need.
This program is already running inside a network limited only to certain users. However, this particular program is limited only to two users. Also, the client runs on Unix and Windows machines accesible by many users in our project. I would not know how to create a firewall for just this program and just these two users.
Right now my program is sorta like the basic client/server program examples given in the Java tutorials. It verifies the IP address of the client but like I said before anyone can be logged into that IP but only two users should be allowed to run the commands.
Would a firewall even work in this case?However, I do not know
how to do this in Java at all or even where to begin.
How do I even create a firewall in Java? You don't.
I'm also not sure if this is the security I need.I don't think so.
I would not know how to create a firewall for just this
program and just these two users.A firewall is not for restricting access to particular users of a network. It's for keeping unauthorized people out of the network entirely. What you should do is secure the server (how to do this depends on probably many factors), and use a username and password in the client app to control access. The client contacts the server, passing the credentials, and the server either grants or denies access. It's possible you would want to hash and salt the password, depending on how secure it needs to be. -
Oracle Standby setup for firewall
Hi,
Recently one of my client separated their primary and standby databases with Juniper firewall. After the activity, some primary database servers were unable to ship the archives whereas some of the primary databases were shipping the archives but the archives at standby site getting corrupted.
telnet from both the sides are happening properly.
telnet <ip_address> <listener_port>-----------------------> works fine
My question is:
Is there any recommended setting for Juniper Network firewall, which can be used for Oracle databases?
What are ports which needs to opened for a standby to work? (Apart from opening ports, Is there any other setting which can hinder physical-standby setup)
Regards,Hello;
Make sure SQL ALG is enabled.
"set alg sql ena" to enable it.
Connect Oracle Behind a Firewall
http://forums.juniper.net/t5/ScreenOS-Firewalls-NOT-SRX/oracle-behind-firewall/td-p/23096
Might also be of interest
http://forums.juniper.net/t5/SRX-Services-Gateway/sqlnet-protocol-and-Oracle-10-problems/td-p/34684
Best Regards
mseberg
Edited by: mseberg on May 7, 2012 12:17 PM -
ACE problem - bridge mode - behind a firewall
Hello
We are having problems with one of you ACE context, this implementation was done by a supplier and I am trying to troubleshoot it.
The clients and the servers are on different subnets, there is a Nokia firewall in the middle. The firewalls are setup on a cluster.
Connecting to port 7072 is taking at least 30 seconds. If I move the server into the VLAN in front of the ACE, the connection is instant. So it does indicate a problem on the ACE.
The client IP is .99.11.
The VIP is .100.62 and the server node is .100.12.
Running the capture command I can see the following behavior:
1. The client initiates the connection to the ACE Vip
2. At the same time it looks like a second connection is initiated from the client to the server node
Please see attachment.
Is this a normal situation where the connection is duplicated?
Does this interface setup look correct?
Is the bridge mode the correct setup in this scenario?
interface vlan 10
bridge-group 2
no normalization
mac-sticky enable
access-group input PERMITALL
service-policy input VLAN10-INTER-MMPM
no shutdown
interface vlan 15
bridge-group 2
no normalization
access-group input PERMITALL
no shutdown
interface bvi 2
ip address 192.168.100.7 255.255.255.192
alias 192.168.100.6 255.255.255.192
peer ip address 192.168.100.8 255.255.255.192
no shutdown
ip route 0.0.0.0 0.0.0.0 192.168.100.1
Many thanks,
DamianThanks for replying James,
I am sure I configured the capture only for VLAN10 which is in the VIP side.
But you are right, it looks like is showing both VLAN10 and VLAN15. So that is one of my theories out of the window! :)
This is a new installation, still on the testing stage. So it would be good time to make changes.
Do you normally implement a routed setup behind a firewall? Rather than a bridgedâ¦.
It is quite a small setup:
⢠Traffic is coming from a separate local subnet
⢠Traffic is not coming from the internet so it does not required a NAT
⢠We need 1 VIP listening on two ports
⢠The backend servers are four Linux boxes
Thanks again,
Damian -
RPC-XML and JMXBeans works behind a firewall?
Hi,
i�m studing Java and have a question, RPC-XML and JMXBeans is possible to run this tecnologies in Internet??
for example, if i have a J2EE server or a RPC-XML server and it is public for Internet, somebody can access to my services from his officce or house?
JMXBeans i think that have some types of communications, as rmi, jndi or ldap but i dont know thar it works fine behind a firewall
Sorry for my poor English, i�m studing it tooBehrang Saeedzadeh <[email protected]> writes:
If you are going through a firewall then you are best off using http
tunneling for you client communication assuming the performance is
acceptable. If you do this then you should have no problems. For an
authenticating firewall with tunneled t3 you may need to provide
credentials to get through. If you are using wlclient.jar then you may
need to raise a support call since we don't currently support proxy
auth with tunneling.
andy
Hi all
I'm developing a Swing application that connects to an application server and uses EJBs for communicating with the server.
My application works fine, now that it's not behind a firewall. Can my application also connect to the server when the client is behind a firewall? What if the client is behind a firewall that requires authentication?
If the answer to the above questions is no, could someone please tell me what do I have to do in order to guarantee that my application also works behind a firewall (or an authenticating firewall.)
Best Wishes,
Behrang S.-- -
JMXBeans and RPC-XML works behind a firewall???
Hi,
i�m studing Java and have a question, RPC-XML and JMXBeans is possible to run this tecnologies in Internet??
for example, if i have a J2EE server or a RPC-XML server and it is public for Internet, somebody can access to my services from his officce or house?
JMXBeans i think that have some types of communications, as rmi, jndi or ldap but i dont know thar it works fine behind a firewall
Sorry for my poor English, i�m studing it tooBehrang Saeedzadeh <[email protected]> writes:
If you are going through a firewall then you are best off using http
tunneling for you client communication assuming the performance is
acceptable. If you do this then you should have no problems. For an
authenticating firewall with tunneled t3 you may need to provide
credentials to get through. If you are using wlclient.jar then you may
need to raise a support call since we don't currently support proxy
auth with tunneling.
andy
Hi all
I'm developing a Swing application that connects to an application server and uses EJBs for communicating with the server.
My application works fine, now that it's not behind a firewall. Can my application also connect to the server when the client is behind a firewall? What if the client is behind a firewall that requires authentication?
If the answer to the above questions is no, could someone please tell me what do I have to do in order to guarantee that my application also works behind a firewall (or an authenticating firewall.)
Best Wishes,
Behrang S.-- -
Confussion: DNS/FQDN behind SOHO Firewall/Router
Hi Everyone,
I'm a little confused as to the setup of DNS behind a Firewall/Router.
I have previous had an OS X 10.6 server with DNS setup directly to a Global IP.
In my new setup, I will have a SOHO Firewall/Router setup at the "edge" with server & clients on the Local LAN. I will need the server to be able to serve up DNS / Open Directory master / Web Services / etc. both publically and privately. The SOHO device will serve up DHCP.
Port Forwarding on the SOHO router is not an issue, so covered there.
I am a bit confused on what to do on the DNS side as it is now sitting on private lan but needs to serve out publically as well.
Is it as simple has having something like the following in the DNS tables?
Note: dns1.mycompany.com. would have static IP: 192.168.1.10
dns1.mycompany.com. IN A 123.123.123.123
dns1.mycompany.com. IN A 192.168.1.10
10.1.168.192.in-addr.arpa. IN PTR dns1.mycompany.com.
123.123.123.123.in-addr.arpa. IN PRT dns1.mycompany.com.
That way there is a machine record and reverse lookup for both internally and externally?
Message was edited by: Jin597I am not saying the following is the only way to do it, but typically you would run your own DNS server internally and may have for example www.yourcompany.com resolve to a local private IP address, and externally you would have your ISP run a DNS server for the same domain but it would resolve to your public IP address.
The outside world would only see and use the ISPs version and would therefore always use the (correct) public IP address, and your users on the LAN would use your internal DNS server and hence the private IP address.
It would be possible to do the same all yourself by having two separate DNS servers internally but keeping one for use by your LAN, and the other for use (only) by external users. I don't believe the standard Apple Server Manager utility makes it possible to properly do both on one server. -
Download site points to behind-the-firewall site
On page http://www.oracle.com/technology/software/products/ias/htdocs/wls_main.html we find at least one link (displaying "see this document") which points to a site behind the firewall (http://fmwdocs.us.oracle.com/)
Amusingly, that protected link is the one that tells us what to do when we get the software.
QA reigns supreme!Thanks Hans - it will be updated to point to:
http://download.oracle.com/docs/cd/E14571_01/doc.1111/e14142/guimode.htm#BABHJJEG -
Issues with accessing forms applications behind a firewall & caching proxy
We have web enabled an forms application and has the following set-up at server end.
Machine no 1. Oracle Forms Server 6i with patch level 1 listening on HTTP/Port 80 on a windows NT box.
Machine no 2. Apache Webserver. listening on HTTP/Port 80
Both the machines are behind a firewall which allows only HTTP on port 80.
At clients end we have
1. a firewall which allows only HTTP on port 80.
2. a caching proxy server
The client machine connects through the caching proxy server.
When the client connects the applet gets downloaded and initialised, the form server log shows the following
-Forms Server Log-----
[09/27/00 15:01:09 India Standard Time]::LISTN: Connection Request [ConnId=13, Addr=194.120.163.251:16278]
[09/27/00 15:01:09 India Standard Time]::RUNFORM Client Connected [ConnId=13, PID=188]
at the same time at the client side we get a FRM-92050 error: Failed to connect to server fs.formserver.com:80
Please help
Thanks
nullThanks Henrique.
This is not very promising but it confirms there is a potential issue
How did you manage to solve the problem, allowing the NW server/application to perform direct accesses?
Adalbert -
Running oracle database xe (express edition) on windows server 2008 r2
Is it supported to run Oracle Database XE on Windows Server 2008 R2?
Database XE is only supported as 32-bit. Current builds of Windows Server 2008 only come in x64 configurations.
Here are the Database XE system requirements for windows:
[http://docs.oracle.com/cd/E17781_01/install.112/e18803/toc.htm]
The docs say that 32-bit windows is required, yet they also say that windows server 2008 is supported.
Windows Server 2008 R2 came out in 2009, and in R2 they eliminated 32-bit OS (though there is the WOW64 subsystem to run 32-bit programs within the 64-bit OS).
See:
- [Wikipedia page about windows server 2008 with info on R2|http://en.wikipedia.org/wiki/Windows_Server_2008#Windows_Server_2008_R2]
- [Wikipedia page on "windows 32-bit on windows 64-bit"|http://en.wikipedia.org/wiki/WOW64]
Thanks,
MattHello Matt,
Is it supported to run Oracle Database XE on Windows Server 2008 R2?No.
The docs say that 32-bit windows is required, yet they also say that windows server 2008 is supported.So this means that only 32bit versions of 2008 will be supported.
Windows Server 2008 R2 came out in 2009, and in R2 they eliminated 32-bit OS (though there is the WOW64 subsystem to run 32-bit programs within the 64-bit OS).Which is probably why 2008 R2 is not supported.
You can either take the VM approach and install a 32 bit Windows or 64 bit Linux host, or you can queue in the list of persons waiting for a 64 bit Windows release. See the following thread for details (and the queue) for the latter: {thread:id=2277728}
-Udo -
Problem running Oracle Portal to Go (Oracle9i 1.0.2.0.0)
I have installed Oracle9i Application Server WE 1.0.2.0.0 Standard Edition on Windows2000 Professional Edition. I am getting problems regarding running Portal to Go.
The installer said that installation was successful. Moreover I have done the configuration tasks mentioned Oracle9i installation guide under post installation steps for Oracle9i.
But Oracle Portal to Go is not running and returning error message. Are there some other tasks still to perform to configure the Oracle Portal to Go Standard Edition?
Here it is a brief Description of what I have done with the installations process
System: Pentium II 500 MHZ with 256 MB RAM and 15 GB Hard Disk so enough space available for installations.
Windows 2000 professional was freshly installed
All pre installation tasks are done like paging file size is 896MB
Important Installation steps and points are as under (Standard Edition of Oracle 9i Application Server 1.0.2.0.0):
I followed all the steps given in Oracle 9i AS installation guide
On Windows 2000 Installer never asks for reboot before actually installing the Oracle 9i application server (Chapter 4 of installation guide: preparing system for installation: step5: page 5 of 25). So I manually reboot the system
During installation when I reached Database Access Descriptor (DAD) for Oracle Portal. In TNS connect string field for Apache listener Configuration I entered the same name (abc) (chapter 4 of installation guide: installing oracle 9i Application server: step2, 3: page 10,11 of 25) as I was going to use for my Global database name later at database Identification steps (chapter 4 of installation guide: installing oracle 9i Application server: step 4: page 12 of 25)
Note: In an other installation I left the same fields (TNS connect string) blank but of no use.
(Please let me know if I have made any mistake here)
When installation of Oracle9i AS reaches 100% installer opens a command prompt and displays
ORA: 12541 TNS: No Listener
Enter user name:
When I enter SYSTEM as a user name it displays
Password:
I entered manager as password and then it displays
ORA 12560: TNSProtocol adaptor error
And once again it asks for user name and password
I once again enter system as a user and manager as password.
(Please let me know if I have made any mistake here)
After 100% completion of the installation the configuration tools screen appears
(Chapter 4 of installation guide: installing oracle 9i Application server: step 10: page 17 of 25) and the following tasks are performed
Net8 configuration Assistant succeeds
Oracle database configuration assistant succeeds
When The Oracle portal 3.0 configuration Assistant Starts
I hold the installation steps for oracle portal for a while and do some database configuration tasks that are necessary (may be some are not) for installation of portal.
(Please let me know if I have made any mistake here)
For example
Increase the table space size of Users (400 MB), and Temp (100MB) table spaces.
Validated invalid PL/SQL Modules with ULTRP.SQL script
(Please let me know if I have made any mistake here)
Installed dbms_job.sql package as it was mentioned in another guide (Oracle portal-to-Go installation Guide- Release1.0.2: Page 1: last line)
(Please let me know if I have made any mistake here)
Stopped the database and listener
And did some changes as was asked in Oracle portal-to-Go installation Guide- Release1.0.2
Edited the init<SID>.ora file and set the following fields
aq_tm_processes = 1
job_queue_processes = 4 (2 were recommended in guide but I left the already set values)
job_queue_interval = 30
(Please let me know if I have made any mistake here)
Also I did the following too (though these are recommended for Internet file system)
opern_cursors = 300 (in installation guide it is asked 255 but I kept the already set value)
shared_pool_size = 52438800 (50M was suggested and this is more than that)
processes = 200
(Please let me know if I have made any mistake here)
I started the database and listener
Proceeded the installation of Oracle Portal as is described in installation guide for Oracle 9i Application guide 1.0.2.0.0
And successfully completed the installation of Oracle Portal
There were no errors reported on the installer however when I read the installation log some errors were mentioned at the end of the file
Please see the attached log file.
I also completed all the post installation tasks at the end of chapter 4 of Oracle9i Application Server installation guide 1.0.2.0.0 except the configuration of Oracle Internet file system (is it necessary for running Oracle Portal to Go)
When I run the oracle portal to go the following situation is encountered
Working: http://localhost/pls/portal30/admin_/dadentries.htm
Error at: http://localhost/pls/portal30/portal30.home
Error: The preference path does not exist: Oracle.Portal.Page (WWC-51000)
(And this is the main source of confusion)
Working: http://localhost/pls/portal30/admin_/gateway.htm?schema=portal30
Working: http://et-wks-08:5555/invoke/wm.server.admin/adminPage
Are there any other guides and post installation steps still to follow to successfully run this Portal to Go or it is sufficient?
I can also send the installation logs of both Oracle 9i application server (installActions.log and installActions2001-05-28_03-50-56-PM.log) and Oracle portal to Go (install.log).
If you ask, I can send you the installation guides that I have followed and the screen shoots of the error messages for a detail review.
Moreover can anyone please tell me if this version of Oracle 9i Application server is ok or I must try some other version?
Also advise any other if any successful configuration and installation options.
Is it possible to run this portal to go with any other installation options/arrangements/configurations etc?
Any help from anyone will be highly appreciated.
Regards,
Muhammad Usman,
Software Engineer
EssTec Lahore, Pakistan.Hi,
If you use portal 30 instead of OAS, The installation gives you the Apache ready.
Pablo
<BLOCKQUOTE><font size="1" face="Verdana, Arial">quote:</font><HR>Originally posted by Tarun Singhal ([email protected]):
Hi,
I am trying to implement Portal-to-go application .
For installing Oracle Portal-To-Go 1.0.2 ,I followed oracle
documectation.Now I want to install Portal-To-Go 1.0.2
application using
a) winnt ver. 4.0 (SP3)
b) Oracle 8i
c) Oracle Application server release 4.0.8.1
d) servlet patch set
e) pl/sql cartridges.
(Oracle 8i and OAS 4.0.8.1 are installed with different oracle home directories.)
I have installed winnt , OAS rel.4.0.8.1. both are working fine
.now I want to install servlet Patch set and
pl/sql cartridges.I am unable to locate the information and software for this on oracle site.
can any body tell me why servlet patch set and pl/sql cartridges
required for this application and
from where should i download the servlet patch set software and PL/SQL cartriges
for this version.
Are the above specified softwares are compatible with each other or something extra
required for this installation. Is service pack 3 (winnt 4.0) compatible
with portal-to-go 1.0.2
Can anybody help me please ?
Regards
Preeti Madhukar
([email protected])<HR></BLOCKQUOTE>
null
Maybe you are looking for
-
after upgrading to Mountain Lion my Mac Book pro takes 1min 15 to load
-
I am trying to play songs from iTunes Match on my phone everything is enabled. The songs and playlists show up but when I select one it won't download or play. The download status icon next to the song name flashes on and off but nothing happens. Whe
-
HT201250 Mac OS 10.6 - How to restore OS and Data from Time Machine Backup
my exisitng iMac have a defective hard drive that i need to be replace. how do i restore the OS and data to the new hard disk? i have Time Machine backup from the previous hard disk. (note: the OS is 10.6, and i do not have the install disk)
-
How to create a floating layout using adf
Hi , I am using Jdeveloper 11g to develop an application. I am coming across problems when i am trying to build the look and feel. Basically i want to develop as per the following link. http://webfusion.kcmo.org/coldfusionapps/ActionCenterRequest/get
-
HT4743 recovering purchased items in itunes store?
Hi !I recently lost all my movies and tv shows du to a crash of one of my back-up hard disks. So I tried to recover them: When I click on quick link, purchased, I get three ikons: Musik, apps, books. Movies and tv shows ikons are missing. What can I