Sqlnet inspection is there because of the way sqlnet allocates ports. Basically clients connect to the SQL server on port 1521. The server then starts up another sqlnet service for that client on a random port. The server informs the client of the random port and the client then initiates the connection to the new port.
Obviously without sqlnet you would have to open up all dynamic ports on the firewall to allow the new connection through. Sqlnet inspection on the firewall "reads" the random port sent by the server and dynamically opens up that port for the client connection.
Having said all that a lot of more recent Oracle Sqlnet implementations don't actually do this random port thing anymore and indeed if it is often a configurable option within the Oracle app.
I have personally experienced issues with sqlnet and have had cause to turn it off before to enable Oracle to work correctly.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...