cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2850
Views
0
Helpful
3
Replies

Firewall and SQLNet

brijsriv44
Level 1
Level 1

Hello,

   I am an Oracle consultant and new to Cisco firewall. I consulted my network team with a problem between firewall and Oracle sqlnet and they couldn't figure it out.

1. How can I check the below settings in the CISCO firewall.

- SQLNet fixup protocol (for CISCO)

- Inspect Feature in CISCO

- Deep Packet Inspection (for DPI)

- SQLNet packet inspection

- SQL Fixup

   Our databases run on Red Hat Linux Servers version 5.4. The Primary database is in Boston and Standby Database is in Chicago.

   When the primary database transports archive files from Boston to Chicago to the standby database, sporadically the network gets disconnected in the night. The Oracle database throws the below errors:

RFS network connection lost at host 'standbydb'

Error 3135 writing standby archive log file at host 'standbydb'

ORA-03135: connection lost contact

RFS network connection lost at host 'standbydb'
Error 3135 writing standby archive log file at host 'standbydb'
ORA-03135: connection lost contact

Upon consulting the Oracle support they suggested to check the above Firewall settings. they think that Firewall is intercepting the SQLNET connection between Boston and Chicago. My network team confirmed that we only have external firewall and not internal firewall.

Is it possible that the external firewall is intercepting the Network connection between Boston and Chicago?

Any suggestions will be much appreciated.

Thanks in advance.

3 Replies 3

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Brij,

ASAs will not intercept traffic unless it's routed or switched towards them.

Regarding inspection/fixup, you can see configured inspection engines in "show service-policy" and "show run policy-map".

M.

andrew-kearton
Level 1
Level 1

Hi Brij,

If there is no firewall in the path, you may wish to check with your network engineers if there is a WAN accelleration device in the path such as Cisco WAAS or Riverbed Steelheads.  If so, you may be able to request a pass-through rule between the two devices (so traffic is not optimized) and see if that makes a difference.

Andy

Dear Andrew-kearton,

I am facing same problem and we have also Cisco WAAS which is configured as a Inline mode.

 

What will I do Now....pls help

 

Shihan

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: