1、Firewall Exceptions for Oracle Database
For basic database operation and connectivity from remote clients, such as SQL*Plus, Oracle Call Interface (OCI), Open Database Connectivity (ODBC), Object Linking and Embedding database (OLE DB) applications, and so on, the following
executables must be added to the Windows Firewall exception list:
Oracle_homebinoracle.exe -
Oracle Database executable
Oracle_homebintnslsnr.exe -
Oracle Listener
If you use remote monitoring capabilities for your database, the following executables must be added to the Windows Firewall exception list:
Oracle_homebinemagent.exe -
Oracle Database Control
Oracle_homejdkbinjava.exe -
Java Virtual Machine (JVM) for Enterprise Manager Database Control
2、Firewall Exceptions for Oracle Database Examples (or the Companion CD)
After installing the Oracle Database Companion CD, the following executables must be added to the Windows Firewall exception list:
Oracle_homeopmnbinopmn.exe -
Oracle Process Manager
Oracle_homejdkbinjava.exe -
JVM
3、 Firewall Exceptions for Oracle Gateways
If your Oracle database interacts with non-Oracle software through a gateway, then you must add the gateway executable to the Windows Firewall exception list. Table
5-1table lists the gateway executables used to access non-Oracle software.
Table 5-1 Oracle Executables Used to Access Non-Oracle Software
Executable Name
Description
omtsreco.exe
Oracle Services for Microsoft Transaction Server
dg4sybs.exe
Oracle Database Gateway for Sybase
dg4tera.exe
Oracle Database Gateway for Teradata
dg4msql.exe
Oracle Database Gateway for SQL Server
dg4db2.exe
Oracle Database Gateway for Distributed Relational Database Architecture (DRDA)
pg4arv.exe
Oracle Database Gateway for Advanced Program to Program Communication (APPC)
pg4t4ic.exe
Oracle Database Gateway for APPC
dg4mqs.exe
Oracle Database Gateway for WebSphere MQ
dg4mqc.exe
Oracle Database Gateway for WebSphere MQ
dg4odbc.exe
Oracle Database Gateway for ODBC
4、 Firewall Exceptions for Oracle Clusterware and Oracle ASM
If you installed the Oracle Grid Infrastructure software on the nodes in your cluster, then you can enable the Windows Firewall only after adding the following
executables and ports to the Firewall exception list. The Firewall Exception list must be updated on each node.
Grid_homebingpnpd.exe - Grid Plug
and Play daemon
Grid_homebinoracle.exe - Oracle Automatic
Storage Management (Oracle ASM) executable (if using Oracle ASM for storage)
Grid_homebinracgvip.exe - Virtual
Internet Protocol Configuration Assistant
Grid_homebinevmd.exe - OracleEVMService
Grid_homebincrsd.exe - OracleCRService
Grid_homebinocssd.exe - OracleCSService
Grid_homebinoctssd.exe - Cluster Time
Synchronization Service daemon
Grid_homebinmDNSResponder.exe - multicast-domain
name system (DNS) Responder Daemon
Grid_homebingipcd.exe - Grid inter-process
communication (IPC) daemon
Grid_homebingnsd.exe - Grid Naming
Service (GNS) daemon
Grid_homebinohasd.exe - OracleOHService
Grid_homebinTNSLSNR.EXE - single client
access name (SCAN) listener and local listener for Oracle RAC database and Oracle ASM
Grid_homeopmnbinons.exe - Oracle
Notification Service (ONS)
Grid_homejdkjrebinjava.exe - JVM
5 、Firewall Exceptions for Oracle RAC Database
For the Oracle RAC database, the executables that require exceptions are:
Oracle_homebinoracle.exe -
Oracle RAC database instance
Oracle_homebinemagent.exe -
Oracle Enterprise Manager agent
Oracle_homejdkbinjava.exe -
For the Oracle Enterprise Manager Database Console
In addition, the following ports should be added to the Windows Firewall exception list:
Microsoft file sharing system management bus (SMB)
User Datagram Protocol (UDP) ports from 135 through 139
TCP ports from 135 through 139
Direct-hosted SMB traffic without a network basic I/O system (NetBIOS)
port 445 (TCP and UPD)
6、 Firewall Exceptions for Oracle Cluster File System for Windows
If you use Oracle Cluster File System for Windows (OCFS for Windows) to store the Oracle Clusterware files, or Oracle RAC database files, then you must add the following exceptions to the Windows Firewall:
Grid_homecfsOcfsfindvol.exe - OCFS
for Windows Volume Service
%WINDOWS_HOME%system32driversOcfs.sys - System file for OCFS (if using OCFS for Windows for Oracle Clusterware storage)
7 、Firewall Exceptions for Other Oracle Products
In addition to all the previously listed exceptions, if you use any of the Oracle software listed in, then you must create an exception for Windows Firewall for the associated executable.
Table 5-2 Other Oracle Software Products Requiring Windows Firewall Exceptions
Oracle Software Product
Executable Name
Data Guard Manager
dgmgrl.exe
Oracle Internet Directory lightweight directory access protocol (LDAP) Server
oidldapd.exe
External Procedural Calls
extproc.exe