• Category Archives Amazon Web Services
  • Database » Amazon Web Services
  • Connecting Win-XP Oracle Client to Linux Oracle Server

    This is a good tool for check port accessibility with respect to firewall issue or blocked ports, and to check what port it is getting check when you try to connect to the server.

    You can also check for connectivity on port using telnet even if a ping command succeeds:

    C:Documents and Settingsezpowell>telnet nnn.nnn.nnn.nnn:1521
    Connecting To nnn.nnn.nnn.nnn:1521...Could not open connection to the host, on port
    23: Connect failed
    

    The above is a firewall issue between the two servers likely source and or target are blocking port 1521. And restarting SELinix in permissive mode should not present any issues either.

    Note that AWS has ping disabled.

    Completely disabling SELinux on the Linux server makes no difference. Disabling the firewall altogether on the Linux server goes from this:

    > tnsping sil
    
    Used TNSNAMES adapter to resolve the alias
    Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = nnn.nnn.
    nnn.nnn)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = sil)))
    TNS-12543: TNS:destination host unreachable
    

    To this:

    > tnsping sil
    Used TNSNAMES adapter to resolve the alias
    Attempting to contact (DESCRIPTION = (ADDRESS = (PROTOCOL = TCP)(HOST = nnn.nnn.
    nnn.nnn)(PORT = 1521)) (CONNECT_DATA = (SERVER = DEDICATED) (SERVICE_NAME = sil)))
    TNS-12541: TNS:no listener
    

    Obviously I restarted the Linux server to re-instantiate SELinux and Oracle Database and Listener are not configured to auto-restart by default, and so the tnsping won’t work. Again I restart the firewall on Linux and the tnsping is blocked again so I can add the port 1521 to the list of Other ports in the Security Level Configuration on my Linux server, which punches a hole through the firewall on my Linux server. I can also add the OEM ports 1158, 3938 and 8080 but I’ll leave those for now.

    And don’t switch SELinux back into enforced mode as you won’t be able to even start the listener. Also remember to start the listener first and then start the database (after Linux restart and not automated), to allow the listener to automatically register with the database.