08-21-2008 01:23 AM
Hi,
I configured remote access VPN to access Oracle DB server (I have two group ADMIN and CLIENT, this access for Client group only).A client application has be installed on VPN client's laptop and I have allowed port 1521 (sqlnet) on the firewall. But though users were able to connect VPN they cant access this oracle form and DB in it.
However when I open all the ports on the same server (IP level) it was able to access the applicaiton.
Here is please find attached configuraiton.
Are there any other ports to be open other than sqlnet (port 1521)?.
08-21-2008 02:35 AM
Is there a specific reason why you are limiting remote VPN access to only SQL? I suggest you re-write the ACL to allow any any, and log the acl. Then run the app from the client side and see what traffic - tcp/udp ports are actually used by the app.
HTH>
08-21-2008 06:12 AM
Hi Andrew,
Many thanks for your reply. the clients wants to open only sqnet port.since it didnt work I allowed all the ports then it worked. However as you suggested I will capture the packets for this vpn client & find out what are the ports it required to access and update you soon.
tks
08-22-2008 03:18 AM
Hi Andrew,
Could you please confirm that the following command syntax (using capture ACL) will OK to get TCP/UDP port details used by Oracle application.
access-list capturethis permit ip host 10.10.10.1(VPN client subnet) host 172.16.20.218 (Oracle Appli.server)
access-list capturethis permit ip host 172.16.20.218 host 10.10.10.1
capture cap1 access-list capturethis interface outside
show capture cap1
thanks
08-22-2008 03:21 AM
yep - syntax is correct, and should provide the info you need.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide