Hi all Looking for best practice for allowing Oracle Network (functionality) thru a firewall. Scenario Client wants to allow external clients to access information in the internal network as well as internal client having access to databases in the DMZ. Trusted Clients | DMZ v External ---> FW (ext) >-------->FW (Int)------>Internal dbs DMZ FW (ext) ----dbs<---FW (Int)<----- Int Users basically client wants to access database in the DMZ and allow clients to access some information in the internal corporate database. Other than explicitly allowing port say 1521 across the Internal FW to specific internal/DMZ servers, what other options are there? 1. Oracle Connection Manager? 2. Proxy servers (like 3rd party ODBC server)? Basically, what I am looking at is to stop someone from directly accessing the listeners at the servers. (Yes the listeners have been hardened) Any bright ideas or suggestions? Your help is much appreciated. ta tony --------------------------------- On Yahoo!7 Messenger: Make free PC-to-PC calls to your friends overseas.