|
| Problem | Several ports are required to be opened on the firewall when attempting to use the remote admin client through a firewall. | | | | Solution | Environment:
WebSphere Application Server (WAS) 3.0.2.x AE & SE, 3.5.x AE & SE, 4.0.x AEDescription:When connecting a remote Java based admin console through a firewall to a WAS admin server process, the remote admin console listens on one port and the WAS admin server listens on three (five if WAS security is enabled). These ports have to be opened through the firewall.If the firewall filters traffic going from the WAS server box to the WAS admin console box, you will need to fix the admin console's listener port to a static value to open through the firewall since, by default, it is randomly set everytime the admin console is started. To do this, add the following property to the java command line in the <WAS root>/bin/adminclient(.bat or .sh):-Dcom.ibm.CORBA.ListenerPort=aaaawhere xxxx is an unused port greater than 1023 on the admin console box. The java command line is the line that usually starts with "%JAVA_HOME%\bin\java" or "@start %JAVA_HOME%\bin\javaw". Properties are added after this part with a -D designating properties separated by spaces. It is best to add new properties right after the java or javaw keyword so that it won't be accidentially placed in wrong part of the java command line.If the firewall filters traffic going from the WAS admin console box to the WAS server box, you will need to open several ports through the firewall. You will need to open the listener port, bootstrap port and LSD port through the firewall. The listener port is randomly set by default and must be set to a static value which is to be opened through the firewall. To set the listener port for the admin server, add the following line to the <WAS root>/bin/admin.config file:com.ibm.CORBA.ListenerPort=bbbbThe admin server's bootstrap port is 900 by default, and the admin server's LSD port is 9000 by default.If WAS security is enabled, the WAS box listens on additional ports which must be opened through the firewall. The admin server listens to the SSL and LSD SSL ports. All of these are set randomly by default and must be set to static values to be opened through the firewall. To set the SSL and LSD SSL ports for the admin server, add the following lines to the <WAS root>/bin/admin.config file:com.ibm.CORBA.SSLPort=cccc
com.ibm.CORBA.LSDSSLPort=ddddMake sure ports bbbb, cccc, dddd are all unique unused ports greater than 1023 on the WAS box. | |
| |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, Servlet Engine/Web Container Operating system(s): AIX, NT, Solaris Software version: 3.0.2.2, 3.0.2.3, 3.0.2.4, 3.5, 4.0 Software edition: Advanced, Enterprise Reference #: 1000281 IBM Group: Software Group Modified date: 2003-01-14
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|