Discussion:
Oracle*Net and Firewall
Mladen Gogala
2018-10-16 01:00:02 UTC
Permalink
Hi!

I have a Data Guard configuration which goes through a firewall.
Oracle*Net is on a proprietary port 5533 which is open from both sides,
but for some reason, the standby DB every now and then attempts to use a
strange port 55501 which is not open. Needles to say, connection fails
and there is an alert. Does anyone know how to restrict the ports used
by Oracle*Net? The platform is Oracle Linux 7.5, Oracle RDBMS 12.1.0.2.

Regards
--
Mladen Gogala
Database Consultant
Tel: (347) 321-1217
--
http://www.freelists.org/webpage/oracle-l
Andrew Kerber
2018-10-16 01:15:08 UTC
Permalink
They need to open the high ports on the firewall. also called ephemeral ports. The handshake is made on 5533, but then the connection is handed off to the higher port. I have only seen this on highly aggressive firewalls, but the only fix is to make sure the high ports are not blocked.

Sent from my iPhone
Hi!
I have a Data Guard configuration which goes through a firewall. Oracle*Net is on a proprietary port 5533 which is open from both sides, but for some reason, the standby DB every now and then attempts to use a strange port 55501 which is not open. Needles to say, connection fails and there is an alert. Does anyone know how to restrict the ports used by Oracle*Net? The platform is Oracle Linux 7.5, Oracle RDBMS 12.1.0.2.
Regards
--
Mladen Gogala
Database Consultant
Tel: (347) 321-1217
--
http://www.freelists.org/webpage/oracle-l
--
http://www.freelists.org/webpage/oracle-l

Loading...