As you may already know if you have been confronted with this problem, the JMX RMI connector opens two ports....This however can prove to be troublesome if your application is behind a firewall that block access to random ports. The default JVM agent will not let you specify that second port number, and you're stuck. Fortunately, there's a work around around this, which makes use of the JDK dynamic agent loading feature. Instead of starting the default JVM agent, we will start our own custom agent, without modifying the server application.
Read the complete post: http://blogs.sun.com/jmxetc/entry/connecting_through_firewall_using_jmx