Forum Stats

  • 3,733,308 Users
  • 2,246,743 Discussions
  • 7,856,654 Comments

Discussions

Allow connections to ORACLE Database only from specific hosts in non secure channel (TCP)

ChAdBaRbA
ChAdBaRbA Member Posts: 1 Blue Ribbon

Hello, I would like to know if there any way to allow or deny connections to an ORACLE database specifying which hosts are allowed to establish the connection when the communication channel is the TCP Port.

We know the capability of the sqlnet.ora with TCP.VALIDNODE_CHECKING, TCP.INVITED_NODES, for specify which hosts can establish connection to the database.

But right now, we have an Oracle Grid Infrastructure by combining authentication methods TLS 1.2 and Non TLS, however, we want to filter the connections of the Non TLS channel to certain hosts.

If I'm not wrong when using TCP.VALIDNODE_CHECKING, TCP.INVITED_NODES will filter TLS and non TLS connections.

There is a way to specify which connections will be accepted to the database in the TCP port and don't apply this restriction to TCPS connections?

I will appreciate any suggestion or clarification about this concern.


Thanks to all!,

Answers

  • Emad Al-Mousa
    Emad Al-Mousa Member Posts: 716 Bronze Trophy

    Hi,

    your question is not entirely clear to me....TCP.VALIDNODE_CHECKING will whitelist only servers that are allowed to connect to your database regardless of your network encryption configuration TCP or TCPS using TLS certificate.

    so basically you are implementing two different/sperate security features whitelisting through TCP.VALIDNODE_CHECKING , and the way you are performing network encryption (native encryption or TCPS). the keyword TCP in valid node checking is more of a naming convention.


    your question is interesting so if you open a case with ORACLE it will be great and then update this question thread.


    Regards,

    Emad

Sign In or Register to comment.