I am an Oracle consultant and new to Cisco firewall. I consulted my network team with a problem between firewall and Oracle sqlnet and they couldn't figure it out.
1. How can I check the below settings in the CISCO firewall.
- SQLNet fixup protocol (for CISCO)
- Inspect Feature in CISCO
- Deep Packet Inspection (for DPI)
- SQLNet packet inspection
- SQL Fixup
Our databases run on Red Hat Linux Servers version 5.4. The Primary database is in Boston and Standby Database is in Chicago.
When the primary database transports archive files from Boston to Chicago to the standby database, sporadically the network gets disconnected in the night. The Oracle database throws the below errors:
RFS network connection lost at host 'standbydb'
Error 3135 writing standby archive log file at host 'standbydb'
ORA-03135: connection lost contact
RFS network connection lost at host 'standbydb' Error 3135 writing standby archive log file at host 'standbydb' ORA-03135: connection lost contact
Upon consulting the Oracle support they suggested to check the above Firewall settings. they think that Firewall is intercepting the SQLNET connection between Boston and Chicago. My network team confirmed that we only have external firewall and not internal firewall.
Is it possible that the external firewall is intercepting the Network connection between Boston and Chicago?
If there is no firewall in the path, you may wish to check with your network engineers if there is a WAN accelleration device in the path such as Cisco WAAS or Riverbed Steelheads. If so, you may be able to request a pass-through rule between the two devices (so traffic is not optimized) and see if that makes a difference.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...