Q

How to modify sqlnet.ora file to restrict database access?

I am currently trying to restrict access to my database through listing the IP addresses with permission. I read that I should modify my sqlnet.ora file. The problem is I do not have this file.

I am currently trying to restrict access to my database through listing the IP addresses with permission. I read that I should modify my sqlnet.ora file. The problem is I do not have this file. When I create it and specify the parameters, the listener gets whacked out and stops working after I try to stop and start it. I also read something about protocol.ora. Which file should I use? Is the sqlnet.ora file created on Oracle install?
The correct file to modify is the sqlnet.ora configuration file. This file is commonly found in the ORACLE_HOME/network/admin directory. If this file is not found there, look to see if you have a TNS_ADMIN environment variable pointing to a different directory. The sqlnet.ora configuration file is not created on install. It is created when the Network Configuration Assistant (netca) is run. The sqlnet.ora config file is not required as many of Oracle's networking products can run with the default options.

To configure Oracle for a specific set of IP addresses, you can add the TCP.EXCLUDED_NODES and/or TCP.INCLUDED_NODES parameters to your sqlnet.ora config file. For example, to exclude all IP address 1.2.3.4, add the following entry:

TCP.EXCLUDED_NODES=(1.2.3.4)

To include specific IP addresses, use the TCP.INCLUDED_NODES parameter. The list of included nodes takes precendence over the list of excluded nodes. For more information, please refer to the Oracle documentation.

After you have configured your excluded/included nodes, you also need to add the following:

TCP.VALIDNODE_CHECKING=yes

If this stops the listener from working, then the most likely cause is that the above values were not entered correctly.

This was first published in November 2006

Dig deeper on Oracle database design and architecture

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

-ADS BY GOOGLE

SearchDataManagement

SearchBusinessAnalytics

SearchSAP

SearchSQLServer

TheServerSide

SearchDataCenter

SearchContentManagement

SearchFinancialApplications

Close