IP Restriction for Oracle EBS

1. Oracle TNS Listener Security

ENABLE VALID NODE CHECKING

Valid Node Checking allows or denies access from specified IP addresses to Oracle services. To enable Valid Node Checking, set the following parameters in $TNS_ADMIN/sqlnet.ora

tcp.validnode_checking = YES

tcp.invited_nodes = (X.X.X.X, hostname,)

tcp.excluded_nodes = (hostname, X.X.X.X …)

The first parameter turns on Valid Node Checking. The latter two parameters respectively specify the IP

Addresses or hostnames that are permitted to make or are denied from making network connections to Oracle services. Replace X.X.X.X with the middle-tiers’ IP addresses. Middle-tier applications include web servers, forms servers, reports servers, concurrent managers, discoverer, terminal servers, central administrator machines and any remote monitoring tool that uses SQLNet. Note, to use SQLNet clients such as sqlplus, toad, ADI from windows desktop, that desktop cannot use DHCP. Use a static IP address.

Leave a Reply

Your email address will not be published. Required fields are marked *