Ask the Expert

How to modify sqlnet.ora file to restrict database access?

I am currently trying to restrict access to my database through listing the IP addresses with permission. I read that I should modify my sqlnet.ora file. The problem is I do not have this file. When I create it and specify the parameters, the listener gets whacked out and stops working after I try to stop and start it. I also read something about protocol.ora. Which file should I use? Is the sqlnet.ora file created on Oracle install?

    Requires Free Membership to View

The correct file to modify is the sqlnet.ora configuration file. This file is commonly found in the ORACLE_HOME/network/admin directory. If this file is not found there, look to see if you have a TNS_ADMIN environment variable pointing to a different directory. The sqlnet.ora configuration file is not created on install. It is created when the Network Configuration Assistant (netca) is run. The sqlnet.ora config file is not required as many of Oracle's networking products can run with the default options.

To configure Oracle for a specific set of IP addresses, you can add the TCP.EXCLUDED_NODES and/or TCP.INCLUDED_NODES parameters to your sqlnet.ora config file. For example, to exclude all IP address 1.2.3.4, add the following entry:

TCP.EXCLUDED_NODES=(1.2.3.4)

To include specific IP addresses, use the TCP.INCLUDED_NODES parameter. The list of included nodes takes precendence over the list of excluded nodes. For more information, please refer to the Oracle documentation.

After you have configured your excluded/included nodes, you also need to add the following:

TCP.VALIDNODE_CHECKING=yes

If this stops the listener from working, then the most likely cause is that the above values were not entered correctly.

This was first published in November 2006

There are Comments. Add yours.

 
TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: