Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Firewall and SQLNet


   I am an Oracle consultant and new to Cisco firewall. I consulted my network team with a problem between firewall and Oracle sqlnet and they couldn't figure it out.

1. How can I check the below settings in the CISCO firewall.

- SQLNet fixup protocol (for CISCO)

- Inspect Feature in CISCO

- Deep Packet Inspection (for DPI)

- SQLNet packet inspection

- SQL Fixup

   Our databases run on Red Hat Linux Servers version 5.4. The Primary database is in Boston and Standby Database is in Chicago.

   When the primary database transports archive files from Boston to Chicago to the standby database, sporadically the network gets disconnected in the night. The Oracle database throws the below errors:

RFS network connection lost at host 'standbydb'

Error 3135 writing standby archive log file at host 'standbydb'

ORA-03135: connection lost contact

RFS network connection lost at host 'standbydb'
Error 3135 writing standby archive log file at host 'standbydb'
ORA-03135: connection lost contact

Upon consulting the Oracle support they suggested to check the above Firewall settings. they think that Firewall is intercepting the SQLNET connection between Boston and Chicago. My network team confirmed that we only have external firewall and not internal firewall.

Is it possible that the external firewall is intercepting the Network connection between Boston and Chicago?

Any suggestions will be much appreciated.

Thanks in advance.

Cisco Employee

Firewall and SQLNet


ASAs will not intercept traffic unless it's routed or switched towards them.

Regarding inspection/fixup, you can see configured inspection engines in "show service-policy" and "show run policy-map".


New Member

Firewall and SQLNet

Hi Brij,

If there is no firewall in the path, you may wish to check with your network engineers if there is a WAN accelleration device in the path such as Cisco WAAS or Riverbed Steelheads.  If so, you may be able to request a pass-through rule between the two devices (so traffic is not optimized) and see if that makes a difference.


New Member

Dear Andrew-kearton,I am

Dear Andrew-kearton,

I am facing same problem and we have also Cisco WAAS which is configured as a Inline mode.


What will I do Now....pls help