We are going to access a server running WL6.1 from a java VM in the DMZ. The
access methods are JMS and RMI.
The IT staff say that we only need to specify what ip's, ports and protocols
to use, and they will drill a hole. Given that the WL server listens on a
specific port - do we need to tell them anything else to get JMS access to
I think that's enough, just you have to provide ip address and the port.
That may not be enough.
Am I right in assuming you're using the T3 protocol? RMI in itself is not relevant. It's the transport protocol we're interested in here. If it's straight JRMP then the one port isn't enough. If it's T3 then the rules are a little different.
There ought to be a section in the WL manual about tunnelling JMS, or at least setting it up through a firewall. There always was, did you check it?
Anyway, the odds are you need more ports than that, or at the least you need to be very relaxed about the originating port (The port on the server in the DMZ from which the request originates.) Both these strategies make IT Security people a little nervous. :)