As mentioned in an earlier message (I forget by who at the moment), only the initial SQL*Plus connection goes through port 1521 (or whichever port your listener is listening on). Once the initial connection is made, a different port number is dynamically assigned to the session. There is a way to force all traffic to go through a single port, but I had problems when I tried to set it up in version 8. Check the Netowking documentation. Carol Bristow DPRA Inc. 1300 N 17th St Suite 950 Rosslyn, VA 22209 Work: 703-841-8025 Fax: 703-524-9415 -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Matthew Zito Sent: Thursday, December 16, 2004 9:43 AM To: Oracle-L (E-mail) Subject: Re: [Q] sqlplus through VPN not work, but tnsping work Tnsping and sqlplus both use port 1521, so if tnsping works, sqlplus=20 should work. The fact that it isn't working suggests an MTU issue. =20 Look at your ping documentation for your OS for how to increase packet=20 size (on Linux its -s) and try sending some larger ping packets (like=20 500 bytes, 800 bytes, 1200 bytes) and see if they get through. If they=20 don't, and normal pings do, you need to get your network administrator=20 involved. Thanks, Matt -- Matthew Zito GridApp Systems Email: mzito@xxxxxxxxxxx Cell: 646-220-3551 Phone: 212-358-8211 x 359 http://www.gridapp.com On Dec 16, 2004, at 7:39 AM, Branimir Petrovic wrote: > >> I tried to access our ORACLE server through VPN. The >> problem I have is "sqlplus" not work, but tnsping >> work. Network engineer told me he did open port 1521 >> for me. >> > > This sounds like there might be a firewall involved somewhere > between VPN server you connect to and your internal network? > If that truly is the case, opening port on internal firewall > (between VPN server and internal network) for port 1521 ain't > gonna cut it as only initial connection is established via this > port and random dynamic port is used for each and every session > (and opening firewall on port 1521 before VPN server would be > inconsequential/wrong thing to do). > > Without firewall between VPN "edge-box" and your LAN, SQL*Plus > should (must) "goe through" just fine... > > Lots of ifs so far, nevertheless I'll throw one more: > if your Oracle server is Windows box, and if interfering > firewall is not "SQLnet aware" (can not be configured to > gracefully treat dynamic port feature of SQL net protocol), > you might want to look for Metalink note 124140.1 > > Branimir > -- > //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l