Database Software

Our Dataguard replication stopped after installing new firewalls from Fortinet. I've posted before about this problem with replication and the forum members have been incredibly helpful. Thanks to all. Now the Fortinet support folks have sent me the following KB article. There are 3 options listed at the end of the article. Has anyone ever experienced this problem and how do I go about telling ORACLE 10gR2 not to issue REDIRECT commands (Option 1) or using a pre-defined REDIRECT port (option 2)?

Thanks, Mike

Fortinet KB
Premature Oracle session timeouts
Article

Description
Oracle sessions timeout after a few minutes even after increasing the session_ttl value on the TCP port 1521 to 3600 seconds.

Components
All FortiGate units

Steps or Commands

TCP port 1521 is Oracle’s TNS listener port, which a client establishes an initial session to the server. The server may then issue a REDIRECT command to the client, telling it to reconnect to another dynamically selected TCP port. The new TCP port will be dynamically opened by the Fortigate due to the pre-configured "session helper".

The session_ttl value applied to this new port is based on the default session_ttl value (which can be lower than 3600 seconds). The timeout of this newly established session, causes the client-server session to stop.

You have a number of options to correct this issue:

Configure the Oracle server to not issue the REDIRECT command. This will effectively keep sessions on port 1521.
Configure the Oracle server to use a pre-defined REDIRECT port(s). You can configure the predefined ports manually on the FortiGate unit with longer session_ttl values.
Increase the default session_ttl value of the Fortigate, so that any dynamically opened ports will use this value.