ORA-12170: TNS: Connection timeout error reported in TNS test configuration on the client

After successfully installing ORACLE 10g on Red Hat Enterprise Linux Server Releae 5.5, After configuring TNS on the client, test whether you can connect to the data block Server with the error: ORA-12170: TNS: Connection timeout

1: First, check whether the network can be pinged. As shown below, the network is smooth.

2: Check the TNS configuration (TNS configuration is normal)
GSP =
(DESCRIPTION =
(ADDRESS = (PROTOCOL = TCP) (HOST = 172.20.36.79) (PORT = 1521 ))
(CONNECT_DATA =
(SERVER = DEDICATED)
(SERVICE_NAME = gsp)
)
)

3: Check whether the server listening service is enabled
[Oracle @ wgods ~] $ Lsnrctl status
LSNRCTL for Linux: Version 10.2.0.1.0-Production on 14-DEC-2012 15:51:13
Copyright (c) 1991,200 5, Oracle. All rights reserved.
Connecting to (DESCRIPTION = (ADDRESS = (PROTOCOL = IPC) (KEY = EXTPROC1 )))
STATUS of the LISTENER
------------------------
Alias LISTENER
Version TNSLSNR for Linux: Version 10.2.0.1.0-Production
Start Date 14-DEC-2012 13:15:28
Uptime 0 days 2 hr. 35 min. 45 sec
Trace Level off
Security ON: Local OS Authentication
SNMP OFF
Listener Parameter File/database/oracle/product/dbhome/network/admin/listener. ora
Listener Log File/database/oracle/product/dbhome/network/log/listener. log
Listening Endpoints Summary...
(DESCRIPTION = (ADDRESS = (PROTOCOL = ipc) (KEY = EXTPROC1 )))
(DESCRIPTION = (ADDRESS = (PROTOCOL = tcp) (HOST = wgods) (PORT = 1521 )))
Services Summary...
Service "PLSExtProc" has 1 instance (s ).
Instance "PLSExtProc", status UNKNOWN, has 1 handler (s) for this service...
Service "gsp" has 2 instance (s ).
Instance "gsp", status UNKNOWN, has 1 handler (s) for this service...
Instance "gsp", status READY, has 1 handler (s) for this service...
Service "gspXDB" has 1 instance (s ).
Instance "gsp", status READY, has 1 handler (s) for this service...
Service "gsp_XPT" has 1 instance (s ).
Instance "gsp", status READY, has 1 handler (s) for this service...
The command completed successfully

4: Use tnsping command Check, reported TNS-12535: TNS: Operation timeout, then we can certainly be a firewall Problem
C: \ Users \ kerry> tnsping 172.20.32.79
TNS Ping Utility for 32-bit Windows: Version 11.2.0.1.0-Production on-2012 15:47:15
Copyright (c) 1997,201 0, Oracle. All rights reserved.
Used parameter files:
E: \ app \ kerry \ product \ 11.2.0 \ dbhome_1 \ network \ admin \ sqlnet. ora
Alias resolved using EZCONNECT Adapter
Try to connect (DESCRIPTION = (CONNECT_DATA = (SERVICE_NAME =) (ADDRESS = (PROTOCOL = TCP) (HOST = 172.20.32.79) (PORT = 1521 )))
TNS-12535: TNS: Operation timeout
There are two solutions for firewall problems.:
1: Disable the firewall (this solution is not very good. disabling the firewall will bring many security risks)
[Root @ wgods ~] # Service iptables stop
Flushing firewall rules: [OK]
Setting chains to policy ACCEPT: filter [OK]
Unloading iptables modules: [OK]

2: Modify iptables, open port 1521, and allow port 1521 to be connected
2.1 edit the iptables file and add the-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 1521-j ACCEPT record.
[Root @ wgods sysconfig] # vi iptables
# Generated by iptables-save v1.3.5 on Fri Dec 14 17:03:58 2012
* Filter
: Input accept [0: 0]
: Forward accept [0: 0]
: Output accept [1749: 243629]
: RH-Firewall-1-INPUT-[0: 0]
-A input-j RH-Firewall-1-INPUT
-A forward-j RH-Firewall-1-INPUT
-A RH-Firewall-1-INPUT-I lo-j ACCEPT
-A RH-Firewall-1-INPUT-p icmp-m icmp -- icmp-type any-j ACCEPT
-A RH-Firewall-1-INPUT-p esp-j ACCEPT
-A RH-Firewall-1-INPUT-p ah-j ACCEPT
-A RH-Firewall-1-INPUT-d 224.0.0.20.- p udp-m udp -- dport 5353-j ACCEPT
-A RH-Firewall-1-INPUT-p udp-m udp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m tcp -- dport 631-j ACCEPT
-A RH-Firewall-1-INPUT-m state -- state RELATED, ESTABLISHED-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 21-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 25-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 22-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 23-j ACCEPT
-A RH-Firewall-1-INPUT-p tcp-m state -- state NEW-m tcp -- dport 1521-j ACCEPT
-A RH-Firewall-1-INPUT-j REJECT -- reject-with icmp-host-prohibited
COMMIT
# Completed on Fri Dec 14 17:03:58 2012
~
~
~
~
~
"Iptables" 24L, 1212C written

2.2 restart the iptables service
[Root @ wgods sysconfig] # service iptables restart
Flushing firewall rules: [OK]
Setting chains to policy ACCEPT: filter [OK]
Unloading iptables modules: [OK]
Applying iptables firewall rules: [OK]
Loading additional iptables modules: ip_conntrack_netbios_ns ip_conntrack_ftp [OK]
2.3 Save the new rule to prevent the configuration rule from being invalid after the machine is restarted next time.
[Root @ wgods sysconfig] # service iptables save
Saving firewall rules to/etc/sysconfig/iptables: [OK]
2.4 check whether port 1521 is open and allow connections (see the red part)
[Root @ wgods sysconfig] # iptables-L-n
Chain INPUT (policy ACCEPT)
Target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain FORWARD (policy ACCEPT)
Target prot opt source destination
RH-Firewall-1-INPUT all -- 0.0.0.0/0 0.0.0.0/0
Chain OUTPUT (policy ACCEPT)
Target prot opt source destination
Chain RH-Firewall-1-INPUT (2 references)
Target prot opt source destination
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0
ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 icmp type 255
ACCEPT esp -- 0.0.0.0/0 0.0.0.0/0
ACCEPT ah -- 0.0.0.0/0 0.0.0.0/0
ACCEPT udp -- 0.0.0.0/0 224.0.0.20.udp dpt: 5353
ACCEPT udp -- 0.0.0.0/0 0.0.0.0/0 uddpt: 631
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 tcp dpt: 631
ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED, ESTABLISHED
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 21
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 25
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 22
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 23
ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt: 1521
REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited
[Root @ wgods sysconfig] #
Use PL/SQL Developer to connect to the database from the client. The problem is solved.