Re: Not able to connect to Oracle database through VPN

From: Frank van Bortel <frank.van.bortel@xxxxxxxxx>
Date: Fri, 08 Feb 2008 20:13:43 +0100

Charles Hooper wrote:

I firewall my VPN:
(Oracle Server)-(Firewall)-(VPN Server)-(Firewall)-(Internet)

Why? So that I can control the type of traffic flowing through the
VPN based on port and protocol and the requesting client. Such a
setup helps control the damage a remote system can do to the corporate
network, as well as control what the computers on the corporate
network can do to damage the remote system.

Charles Hooper
IT Manager/Oracle DBA
K&M Machine-Fabricating, Inc.

Not in my book - you just run VPN server in the DMZ, and have a
classic, triangular firewall setup. My understanding of
your description does not match the picture.

What I was wondering about would be depicted as:

(Oracle)-(fw)-([VPN+fw])-(fw)-(VPN client)-(oracle client)

Your description of your setup, I would depict as

(Oracle)-([VPN+fw])-(VPN client)-(oracle client)
whereas you depict
(Oracle)-(fw)-(VPN)-(fw)-

That would be equivalent to
intranet-(fw)-(DMZ)-fw-internet, a classic setup.

Your firewall would be open to specific VPN port and protocol
combinations (UDP:500, proto 50 and 51) - correct?
--

Regards,
Frank van Bortel

Top-posting in UseNet newsgroups is one way to shut me up
.

Follow-Ups:
- Re: Not able to connect to Oracle database through VPN
  - From: Charles Hooper

References:
- Not able to connect to Oracle database through VPN
  - From: Ravi
- Re: Not able to connect to Oracle database through VPN
  - From: Frank van Bortel
- Re: Not able to connect to Oracle database through VPN
  - From: Charles Hooper

Prev by Date: Re: A big favor to ask of any C+OCI programmer to show a DBMS bug...
Next by Date: Re: Software Testing
Previous by thread: Re: Not able to connect to Oracle database through VPN
Next by thread: Re: Not able to connect to Oracle database through VPN
Index(es):
- Date
- Thread

Relevant Pages

Re: Now that Ive got my router configured properly I cant connect!
... >VPN or via RPC over HTTP. ... I haven't found any way of looking at logs from the firewall, ... have total control of what was allowed through. ... command line interface (look for 'CLI reference guide' for your version ...
(microsoft.public.windows.server.sbs)
Re: Now that Ive got my router configured properly I cant connect!
... > I'm pretty sure I've turned the firewall off at the client end and am ... where I could see logs and have ... >> control of what was allowed through. ... >> what you need to do to get VPN working. ...
(microsoft.public.windows.server.sbs)
RE: ISA2004 - which protocol for Business Contact Manager BCM ?
... you may use Customized protocol definitions to ... You have a high level of control over ... what packets are allowed inbound and outbound through the firewall. ... Microsoft Global Technical Support Center ...
(microsoft.public.isa)
Re: Now that Ive got my router configured properly I cant connect!
... >>VPN (it stalls at the verifying password stage) or via RPC over HTTP. ... > I haven't found any way of looking at logs from the firewall, ... > control of what was allowed through. ...
(microsoft.public.windows.server.sbs)
Re: VPN and Ports
... I'm using L2TP/IPSEC VPN and not PPTP VPN. ... Therefore ports 500,4500,1701,and protocol 50. ... My firewall and ports: ...
(microsoft.public.windows.server.networking)