Discussions

General J2EE: How to get JMS through a firewall from a protected zone to DMZ?

  1. Hi,

    We are going to access a server running WL6.1 from a java VM in the DMZ. The
    access methods are JMS and RMI.

    The IT staff say that we only need to specify what ip's, ports and protocols
    to use, and they will drill a hole. Given that the WL server listens on a
    specific port - do we need to tell them anything else to get JMS access to
    it?

    /Simen Sommerfeldt
  2. I think that's enough, just you have to provide ip address and the port.
  3. That may not be enough.

    Am I right in assuming you're using the T3 protocol? RMI in itself is not relevant. It's the transport protocol we're interested in here. If it's straight JRMP then the one port isn't enough. If it's T3 then the rules are a little different.

    There ought to be a section in the WL manual about tunnelling JMS, or at least setting it up through a firewall. There always was, did you check it?

    Anyway, the odds are you need more ports than that, or at the least you need to be very relaxed about the originating port (The port on the server in the DMZ from which the request originates.) Both these strategies make IT Security people a little nervous. :)

    HTH

    Chz

    TOny