Note the errors :when put firewall between the proxy and cluster On weblogic cluster architecture

when we put a firewall (who do the IP translation) between the proxy and cluster(a few managered server),we will meet this error :


The client initiates contact with the WebLogic Server cluster by requesting a connection to the first server at 205.20.xxx.100:7001. The firewall translates this address and connects the client to the internal IP address of 205.20.yyy.100:7001.

The client performs a JNDI lookup of a pinned Object C that resides on the third WebLogic Server instance in the cluster. The stub for Object C contains the internal IP address of the server hosting the object, 205.20.yyy.300:7001.

When the client attempts to instantiate Object C, it requests a connection to the server hosting the object using IP address 205.20.yyy.300:7001. The firewall denies this connection, because the client has requested a restricted, internal IP address, rather than the publicly-available address of the server.

the solution is setting the externalDNSName .See Server—>Configuration—>General in Administration Console

ref link :
http://edocs.bea.com/wls/docs70/cluster/planning.html

in this page , see the Avoiding Problems ->Firewall Considerations