Firewall Port Open Help

Discussion in 'Cisco' started by Ste, Sep 18, 2004.

  1. Ste

    Ste Guest

    Hello,

    I would like to get some help with firewall configuration, even though it is
    not involved with PIX:

    It is the WatchGuard Firebox firewall that I plan to put Oracle database in
    behind, so that client can access it from outside. I have reached the
    point of seeing packet coming through firewall but the port of regular 1521
    is changing to other ports at random. Then the final connection is
    dropped. The vendor support is not helpful, and I hope some PIX expert
    could bring some light about the similar network configuration.

    The problem is we cannot open all ports that is violate the firewall
    principle. Then what can we do other than proxy service to get around?

    Very appreciated.

    Ste
     
    Ste, Sep 18, 2004
    #1
    1. Advertising

  2. Ste

    PES Guest

    "Ste" <> wrote in message
    news:...
    > Hello,
    >
    > I would like to get some help with firewall configuration, even though it
    > is
    > not involved with PIX:
    >
    > It is the WatchGuard Firebox firewall that I plan to put Oracle database
    > in
    > behind, so that client can access it from outside. I have reached the
    > point of seeing packet coming through firewall but the port of regular
    > 1521
    > is changing to other ports at random. Then the final connection is
    > dropped. The vendor support is not helpful, and I hope some PIX expert
    > could bring some light about the similar network configuration.
    >
    > The problem is we cannot open all ports that is violate the firewall
    > principle. Then what can we do other than proxy service to get around?
    >
    > Very appreciated.
    >
    > Ste
    >


    Are you talking about the incoming source, incoming dest, outgoing src or
    outgoing dest. If the connection is inbound, it is likely that incoming
    source and outgoing destination are dynamic. The incoming destination and
    outgoing source should be constant and equal. Incoming source and outgoing
    destination should be equal, but may only be constant per connection. In
    any case, the client application is going to have to know where to contact
    the server, so this should be doable unless the server or client triggers
    secondary connections and communicates the paramaters for the connection
    through the primary.
     
    PES, Sep 18, 2004
    #2
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Phil
    Replies:
    1
    Views:
    2,106
    Walter Roberson
    Dec 11, 2004
  2. z400d3
    Replies:
    0
    Views:
    562
    z400d3
    Feb 7, 2005
  3. Replies:
    1
    Views:
    545
    Walter Roberson
    Jun 14, 2005
  4. Neil Armstrong
    Replies:
    3
    Views:
    18,063
    Bill Sanderson
    Sep 18, 2003
  5. Replies:
    8
    Views:
    19,147
    keshav
    Jun 25, 2006
Loading...

Share This Page