|
| Problem | Several ports are required to be opened on the firewall when attempting to use an EJB client through a firewall. | | | | Solution | Environment:
WebSphere Application Server 3.0.2.x AE, 3.5.x AE, 4.0.x AE & AEsDescription:When connecting an EJB (Java) client through a firewall to an EJB running in WebSphere Application Server, the EJB client needs to communicate with both the admin server Java process as well as the application server Java process running the EJB.If the firewall filters traffic going from the WebSphere Application Server box to the EJB client box, you need to set the listener port on the EJB client to a fixed value and open it in the firewall. This port is set randomly by default which makes it necessary to fix it to a static value. To do this, add the following property to the java commandline which invokes the EJB client:-Dcom.ibm.CORBA.ListenerPort=aaaawhere xxxx is an unused port greater than 1023 on the EJB client boxIf the firewall filters traffic going from the EJB client box to the WebSphere Application Server box, you need to open several ports through the firewall. You will need to open the listener port, bootstrap port and LSD port for the admin server. You will need to open the listener port for the application server. The listener ports are randomly set by default and must be set to static values which are to be opened through the firewall. To set the listener port for the admin server, add the following line to the <WSAS root>/bin/admin.config file:com.ibm.CORBA.ListenerPort=bbbbTo set the listener port for the application server, find the Java command line parameter for the application server in the admin console (different location depending on the WebSphere Application Server version) and add the following property:-Dcom.ibm.CORBA.ListenerPort=ccccThe admin server's bootstrap port is 900 by default, and the admin server's LSD port is 9000 by default.If WebSphere Application Server security is enabled, the WebSphere Application Server box listens on additional ports which must be opened through the firewall. The admin server listens to the SSL and LSD SSL ports, and the application server listens to its own SSL port. All of these are set randomly by default and must be set to static values to be opened through the firewall. To set the SSL and LSD SSL ports for the admin server, add the following lines to the <WSAS root>/bin/admin.config file:com.ibm.CORBA.SSLPort=dddd
com.ibm.CORBA.LSDSSLPort=eeeeTo set the SSL port for the application server, find the Java command line parameter for the application server in the admin console (different location depending on the WebSphere Application Server version) and add the following property:-Dcom.ibm.CORBA.SSLPort=ffffMake sure ports bbbb, cccc, dddd, eeee are all unique unused ports greater than 1023 on the WebSphere Application Server box. | |
| |
| |
|
Product categories: Software, Application Servers, Distributed Application & Web Servers, WebSphere Application Server, EJB Container Operating system(s): Multi-Platform Software version: 3.0.2, 3.0.2.1, 3.0.2.2, 3.0.2.3, 3.0.2.4, 3.5, 4.0 Software edition: Advanced, Single Server Reference #: 1008407 IBM Group: Software Group Modified date: 2003-12-12
(C) Copyright IBM Corporation 2000, 2004. All Rights Reserved.
|