Cisco ASA - Disable SQLnet inspection or increase buffer size?
We have a request from a customer who wants us to either turn off SQLnet inspection or increase the reassembly buffer size of 8K as per below. They have a Oracle database behind the firewall and are seeing connection drops.
"As per my understanding CISCO firewall has an SQLnet inspection feature which uses this buffer.
However, the packet reassembly buffer has a limit of 8 kbytes. I feel that many of the SQL queries might be bigger than this, and they would be
blocked and we would face the connection drop issue. Is there a way they can increase this reassembly buffer(not sure how big we would need) or make
it unlimited? If this is not possible can they disable this sqlnet inspection feature and we can check if connectivity issue happens? "
Could someone please point me to any document where I can turn off SQLnet Inspection on a source-to-destinaton flow (I don't want to turn if off globally). Alternatively, is there a way to increase the buffer size on the Cisco ASA. I haven't been able to find anything on google
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...