Hi,
We are going to access a server running WL6.1 from a java VM in the DMZ. The
access methods are JMS and RMI.
The IT staff say that we only need to specify what ip's, ports and protocols
to use, and they will drill a hole. Given that the WL server listens on a
specific port - do we need to tell them anything else to get JMS access to
it?
/Simen Sommerfeldt
-
How to get JMS through a firewall from a protected zone to DMZ? (2 messages)
- Posted by: Simen Sommerfeldt
- Posted on: November 28 2002 15:14 EST
Threaded Messages (2)
- How to get JMS through a firewall from a protected zone to DMZ? by arun kumar on November 29 2002 00:41 EST
- How to get JMS through a firewall from a protected zone to DMZ? by Tony Brookes on November 29 2002 18:56 EST
-
How to get JMS through a firewall from a protected zone to DMZ?[ Go to top ]
- Posted by: arun kumar
- Posted on: November 29 2002 00:41 EST
- in response to Simen Sommerfeldt
I think that's enough, just you have to provide ip address and the port. -
How to get JMS through a firewall from a protected zone to DMZ?[ Go to top ]
- Posted by: Tony Brookes
- Posted on: November 29 2002 18:56 EST
- in response to Simen Sommerfeldt
That may not be enough.
Am I right in assuming you're using the T3 protocol? RMI in itself is not relevant. It's the transport protocol we're interested in here. If it's straight JRMP then the one port isn't enough. If it's T3 then the rules are a little different.
There ought to be a section in the WL manual about tunnelling JMS, or at least setting it up through a firewall. There always was, did you check it?
Anyway, the odds are you need more ports than that, or at the least you need to be very relaxed about the originating port (The port on the server in the DMZ from which the request originates.) Both these strategies make IT Security people a little nervous. :)
HTH
Chz
TOny