|
TCP port 1521 is Oracle’s TNS listener port, which is a client establishes an initial session to the server.
The server may then issue a REDIRECT command to the client, telling it to reconnect to another dynamically selected TCP port.
The new TCP port will be dynamically opened by the FortiGate due to the pre-configured 'session helper'.
The session_ttl value applied to this new port is based on the default session_ttl value (which can be lower than 3600 seconds).
The timeout of this newly established session, causes the client-server session to stop.
There is a number of options to correct this issue:
- Configure the Oracle server to not issue the REDIRECT command.
This will effectively keep sessions on port 1521.
- Configure the Oracle server to use a pre-defined REDIRECT port(s).
It is possible to configure the predefined ports manually on the FortiGate with longer session_ttl values.
- Increase the default session_ttl value of the FortiGate, so that any dynamically opened ports will use this value.
|
