+ Reply to Thread
Results 1 to 3 of 3

How do I restrict or allow a few client machines to connect to Server ?

  1. How do I restrict or allow a few client machines to connect to Server ?

    In my setup I want to restrict the use of oracle Database based on ip address.
    My DB and OS detalis :
    Database Version : 10.2.0.1.0
    OS : Linux

    Into the sqlnet.ora file,below These parameters enable to configure access control to the database,

    TCP.EXCLUDED_NODES=(finance.us.acme.com, mktg.us.acme.com, 144.25.5.25)
    TCP.INVITED_NODES=(sales.us.acme.com, hr.us.acme.com, 144.185.5.73)
    TCP.VALIDNODE_CHECKING=yes|no

    hence this solution is not working at my end...Database is accessed easily by excluded_node.
    Can anyone suggest me what so reason behind that...

    Thanks....

  2. Re: How do I restrict or allow a few client machines to connect to Server ?

    please check rights, owner, group of your sqlnet.ora file. It should have the same as those of the listener.ora file. Then restart the tnslsnr process.

  3. Re: How do I restrict or allow a few client machines to connect to Server ?

    You can use IPsec or the Windows Firewall to do this.

    The version of Windows will determine how you do this. More recent versions - eg. Windows Server 2008 and 2008 R2 expose this ability through the Windows Firewall in the control panel.

    You'd want to make sure SQL Server is listening on a fixed port number, and then control access to that port by configuring a firewall rule to just allow a specific IP address (or subnet) to connect.

    I did a similar thing for a SQL 2000 cluster running on Windows Server 2003. In that case we scripted a whole bunch of IPsec rules to allow only specific machine to be able to connect to the SQL port.

+ Reply to Thread