This content has been marked as final. Show 4 replies
Did you mean from Client can connect to DB or not, Right ?
Client can connect to DB !
I tested !
I’m trying to configure a Standalone Database Firewall in-line between the clients and the protected database so it can block some statements. I’ve followed the Installation Guide and the Administration Guide, but can’t get it working. I’ve configured one Enforcement Point with one Protected Database.
I’ve configured Database Firewall with three Ethernet cards:
eth0 is used for Management (IP. 192.168.1.81)
eth1 and eth2 are associated with Bridged interface br0
The protected database is listening in 172.16.40.3:1521.
The clients are in subnet 192.168.1.x.
I’ve configured the Traffic Source br0 with the IP 172.16.40.2 and is enabled as the Traffic Source in the Enforcement Point.
In the configuration file appliance.conf corresponding to the Enforcement Point, I’ve seen the parameter PROXYPORT=1534, so I understand the clients should connect to this port in Database Firewall in order to access the protected database. Is this assumption correct? Is the configuration I’ve done correct? Are there any additional configuration steps that should be made? Is there any documentation about this configuration files?
Some statements can block, because depending on the setting of policy
you can create new policy and upload it
try to do
but client cannot access the database server and i have configured this environment on physical machines in two different vlans not on vm .