dynamic ACL's needed

Unanswered Question


I have two aplications that need to be accessed fist to sqlnet port 1521 and then it gives the client a port over 1024.

The thing is that it doesn't work if I try to do this access dinamically because I have a rule that accept >1024 and not only the 1521 port.

It's like the FTP dynamic port, it doesn't work.

How I do it to work in a ASA 5520?

Thanks. Regards

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 3.5 (2 ratings)
irisrios Fri, 10/26/2007 - 06:21

Make sure the source and destination ports are correctly applied to the interface in the specific direction.

Rafiki-TLK Sun, 10/28/2007 - 03:52

All you need to do is open port 1521 and inspect sqlnet.

Please see details for the inspect sqlnet command.

This will make ASA/PIX track the changes in the connection starting at port 1521 and changing to what ever port Oracle DB chooses.

Regards Rafiki-TLK


This Discussion