Our current access list on our Firewall looks something like this access-list inbound-dmz04 permit tcp any host 999.999.999.999 eq 1521 access-list inbound-dmz04 permit tcp any host 888.888.888.888 eq 1521 Permits any TCP traffic from "Any host" to the specific DATABASE SERVER on port 1521. Make sure what port you are using in your listener... default is 1521. -----Original Message----- From: Jeffrey Beckstrom [mailto:JBECKSTROM@xxxxxxxxx] Sent: Tuesday, January 25, 2005 2:31 PM To: oracle-l@xxxxxxxxxxxxx; oracle-db-l@xxxxxxxxxxxxxxxxxxxx; ORACLE-L@xxxxxxxxxxxxx; oracledba@xxxxxxxxxxx; oracle-rdbms@xxxxxxxxxxxxxxx Cc: Chris Orlando Subject: Cisco PIX firewall We are using a Cisco PIX firewall version 6.2. Database is running Oracle 9i with multithreaded server. If we move the web server inside the firewall, then sqlplus connects to the database server. If we put the web server outside of the firewall then sql*plus gives an ora-12571 error. Our network people tried opening all ports on the web server for IP traffic but we still get the same error. We know it is something with the firewall since depending on if the web server is inside or outside of the dmz you can connect. We just can't figure out what is wrong with the firewall. Any suggestions would be appreciated. Jeffrey Beckstrom Database Administrator Greater Cleveland Regional Transit Authority 1240 W. 6th Street Cleveland, Ohio 44113 -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l