10-22-2008 06:23 AM - edited 03-11-2019 07:01 AM
after upgrading from version 7.2 to 8.0(4), clients couldn't connect to the database through the firewall using Toad software but they can connect using SQL.
I checked the firewall and found some dropped packets in inspect sqlnet.
I disabled sqlnet inspection and the clients can connect.
The next day some clients reported that the database applications isn't working, I checked the firewall and found some denied connections on ports other than 1521
What is the problem, Please help
10-22-2008 09:35 AM
There are known issues with SQLNET traffic traversing through the firewall on 8.0.4, one of the known issue CSCsu44598
Upgrade to 8.0.4.8
10-23-2008 02:07 AM
Please send me more details about these issues as I think 8.0(4)3 is the latest version
10-25-2008 11:27 PM
Nobody answered me
How do I know the latest versoin and where can I find information about this bug??
Thanks
10-26-2008 09:30 AM
Here is details, if you have cco access to download software see interim releases to get the codes , if not there you probably need to open a TAC case to get codes not shown in interim area. However, you have coupled of workaround seen down bellow , the quickest workaround is to disable sql inspection in your global policy to atleast get you up and running with sql.
CSCsu44598 Bug Details
SQLNet inspection closes flow
Symptom:
Issue with SQLNet access
Conditions:
Issue is seen with ASA 8.0(4) with SQLNet inspection enabled. Inspection
denies CLOB data field size of greater than 4KB. The following log messages
are seen on the ASA:
%ASA-6-302014: Teardown TCP connection...Flow closed by inspection
When enabling 'debug sqlnet 255 ', you may also see the following debug message:
SQLNet: multiple TNS frames in one packet!
Workarounds:
1) Disable SQLNet inspection
2) Downgrade to a version prior to 8.0.3.33
Further Problem Description:
This bug was introduced due to the integration of CSCsr27940 in version
8.0.3.33 and 7.2.4.15. Versions prior to these release should not be affected.
Status
Fixed
(Resolved)
Severity
3 - moderate
Product
Cisco ASA 5500 Series Adaptive Security Appliances
Technology
1st Found-In
8.0(4)
Fixed-In
8.1(2.1)
8.2(0.161)
8.0(4.7)
7.2(4.17)
8.1(2.2)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide