Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3132
Views
5
Helpful
5
Replies

Inspect sqlnet ASA Release 8.0.3.19

simonstrecker
Level 1
Level 1

‎07-09-2008 01:53 AM - edited ‎03-11-2019 06:11 AM

Hi, since we updated our ASA 5550 to 8.0.3.19 we're having problems with our SQLNET (port 1521 with Oracle SQL servers) connections to our DMZ Servers. The connections drops often. On Some servers we cannot connect at all. But nothing at all in the logs, no drops.

After we disabled "inspect sqlnet" it works fine. But that's may not the way it should be.

Has anybody else problems with sqlnet and Release 8.0.3.19? With Release 8.0.2.x it worked fine.

Labels:
0 Helpful
5 Replies 5

smahbub
Level 6
Level 6

‎07-15-2008 06:06 AM

To enable Oracle SQL*Net application inspection, use the inspect sqlnet command in class configuration mode. Class configuration mode is accessible from policy map configuration mode. To remove the configuration, use the no form of this command.

msdesai11
Level 1
Level 1

‎08-13-2008 01:10 PM

Hi

Yes, there is bug related the SQL inspect and ASA (failover mode):

Please look at bug details:

CSCsr06900 Bug Details

watchdog failure in sqlnet inspection engine

Symptom:

A PIX or ASA firewall running 8.0.x code may crash and reload citing the Dispatch Unit thread as the crashing thread.

Conditions:

This occurs on versions of ASA and PIX firewall code prior to 8.0.3.25.

Workaround:

None at this time Status

Fixed

Severity

1 - catastrophic

Last Modified

In Last 3 Days

Product

Cisco ASA 5500 Series Adaptive Security Appliances

Technology

1st Found-In

8.0(3.25)

Fixed-In

8.1(1.8)

8.0(3.29)

8.2(0.136)

8.1(101.3)

8.1(101.4)

8.2(0.140)

Related Bug Information

Crash in 8.0.3.20 with SQLNET Inspection and Failover enabled

Symptom: Crash causing a reload on the active unit in a failover pair. Conditions: Enabling failover with 8.0.3.20 and SQLNET inspection enabled. Workaround: Downgrade to 8.0.3.18 or lower.

HTH

MD

0 Helpful

francois.beaunoyer
Level 1
Level 1
In response to msdesai11

‎09-26-2008 10:29 AM

Hi Guys,

We are running 8.0.4 and we are also experiencing problems with the SQLNET inspection. My firewalls are in context mode and failover are active/active. We are able to connect to a DB and open a his table through SQL Net Client but if we used ODBC Connector, it's not working. We can connect to the DB but are unable to open tables. The result his a status message, ORA-03123, from Oracle. If i disabled SQLNet inspection everything his working fine.

If u have any clue, let me know.

Thanks

0 Helpful

harvidsson
Level 1
Level 1
In response to francois.beaunoyer

‎09-29-2008 02:47 AM

Hi Francois,

I guessed you runed into this bug CSCsu44598. I will open an TAC request and ask, when and in what release there will be an fix for this issue.

Thanks

Henric

msdesai
Level 1
Level 1
In response to harvidsson

‎10-05-2008 04:38 PM

According to TAC, this will be fix in 8.0.4.6

HTH

MD

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card