DataStage: Designer client, Manager client, and Director clients cannot connect to DataStage server when the server

is behind a firewall
Technote (troubleshooting) Problem(Abstract) The IBM InfoSphere DataStage client applications cannot connect to the InfoSphere DataStage server when the TCP/IP ports are not available through firewalls for the application server. Symptom An error message similar to the following message is displayed:

Failed to authenticate the current user against the selected Domain A communication failure occurred while attempting to obtain an initial context with the provider URL: "iiop://s6lpar50:2825". Make sure that any bootstrap address information in the URL is correct and that the target name server is running. A bootstrap address with no port specification defaults to port 2809. Possible causes other than an incorrect bootstrap address or unavailable name server include the network environment and workstation network configuration. javax.security.auth.login.LoginException: A communication failure occurred while attempting to obtain an initial context with the provider URL: "iiop://s6lpar50:2825".
Resolving the problem Before you install IBM InfoSphere Information Server, assess and configure your network to ensure that the IBM InfoSphere DataStage client applications can connect to the InfoSphere DataStage server when the WebSphere Application Server is behind a firewall. To configure the application server ports: 1. 2. 3. 4. In the WebSphere Application Server administrative console, expand the application server list in the Servers > Application servers, and then select server1. In the Communications section, select Ports. Open the ports for the firewall configuration. Use the following list to identify the ports that are required for your network configuration.

To access the application server behind a firewall, open the following ports:

WC_defaulthost BOOTSTRAP_ADDRESS ORB_LISTENER_ADDRESS SAS_SSL_SERVERAUTH_LISTENER_ADDRESS CSIV2_SSL_MUTUALAUTH_LISTENER_ADDRESS CSIV2_SSL_SERVERAUTH_LISTENER_ADDRESS

To use HTTPS to access Web clients, open the following port:

WC_defaulthost_secure

To access the WebSphere Application Server administrative console, open the following port:

WC_adminhost

To use HTTPS to access the WebSphere Application Server administrative console, open the following ports:

WC_adminhost_secure

To publishing services using a JMS binding, open the following ports:

SIB_ENDPOINT_ADDRESS SIB_ENDPOINT_SECURE_ADDRESS SIB_MQ_ENDPOINT_ADDRESS SIB_MQ_ENDPOINT_SECURE_ADDRESS