RE: Oracle Client
- From: "Chris Leonard" <chris@xxxxxxxxxxxxxxx>
- To: "[ISAserver.org Discussion List]" <isalist@xxxxxxxxxxxxx>
- Date: Thu, 30 May 2002 10:59:20 -0500
<<< I am reposting this because it was bounced back to me - ??? - Chris >>>
Hi Luiz,
You cannot publish Oracle with a simple protocol rule. The problem is that
1521 is the listening port for the *listener* process only - you never know
what port the listener will redirect the client to.
To solve this problem, you can install Oracle's Connection Manager and use
it to pass people through the firewall. For example, I run Connection
Manager behind ISA, and I use server publishing to let people access the
Connection Manager. The Connection Manager configuration file (CMAN.INI) is
then configured to allow connection requests to certain listeners on my
internal network.
More background: The reason Connection Manager works through a firewall is
that its port is predictable, and the client stays connected to it when
using a "routed" connection. On the other hand, although the port a client
uses to connect to the listener is predictable, the final port used to
connect to Oracle is not. Because of this (and because, to state the
obvious, the listener and Oracle are two *different* processes), you can't
succeed by simply publishing the listener's port (1521 in your case). The
initial connection to the listener may succeed, but the redirected
connection to Oracle will fail.
To learn more about Connection Manager, check the Net8 Administrators Guide
(for Oracle 8i) or the Oracle9i Net Services Administrator's Guide.
Hope this helps!
Chris
______________________________
Chris Leonard
MCSE, MCDBA, MCT, OCP, CIW
The Database Guy at PPI
http://www.propoint.com
Brainbench MVP for Oracle Admin
http://www.brainbench.com
> Subject: Oracle Client
> From: "Luiz C Zanoni" <lczanoni@xxxxxxxxxxxx>
> Date: Wed, 29 May 2002 17:45:57 -0300
> X-Message-Number: 25
>
> Hi,
>
> I'm having trouble to publish an oracle server, so an external oracle
client
> can access the server behind ISA Server. Is Just create a protocol rule, (
> TCP- 1521 - Inbound ) and publish the server ???
> It doesn't work !
>
> Does anyone experienced this problem ??
>
> Thanks
>
> Luiz
Other related posts:
