Windows XP SP2's new firewall features really improve the built-in firewall for Windows.  However, I was caught off guard when dealing with my remote Oracle installs.  The XP SP2 firewall agressively has blocked nearly all the ports.  This is generally a good thing.  So I opened up 1521 for Oracle expecting this to open up access to Oracle.

Instead, I kept getting timeout errors.  After some trial and error (and using the logging built into the firewall), I determined that Oracle uses many ports that seem to be changing.  I was unaware of this.  That makes it really hard to figure out which port to open up.

I found a solution though that seems to work very well.  You can not only add ports to the firewall exception list, you can add applications.  I added both Oracle.exe and Tnslsnr.exe to the exception list.  This got connectivity back up and running again.

Opening access directly to applications should also help when you don't know the port that your server is using or you want to be able to change it and have the firewall dynamically handle it.