I am throwing some questions out into the wind on this one before we tap the paid experts...
We’re migrating away from Cisco ASA towards PAN... the ruleset is migrated closely to like for like, aka, we’re not allowing Apps, but rather service ports.
TCP/1521 has become an obstacle. This is an oracle database connection. Everything has worked except this.
We can ping the server, the full TCP handshake occurs, yet there’s a late failure in higher level transactions that results in a server side reset...
We actually see several higher level communications back and forth.
Flowing across the ASA this does not occur - everything is happy.
I am unfortunately ignorant of the specifics of Oracle/TNS - and Wireshark doesn’t provide much guidance either...
Unfortunately at the end of the day the connection works across the ASA, but does not across the PAN - even though we see no drops against the PAN...
We have a PAN engineer already engaged.
I am just wondering if others have had issues with Oracle DB across PAN firewalls so we can steer the conversation.
No comments:
Post a Comment