Monday, October 24, 2016

Weblogic Admin Server Console Inaccessibility Issue Causes and Solutions

In this blog I am explaining few technical reasons I have faced while accessing the Weblogic Admin server console and their resolution. 

You might have seen sometime Adminserver.out file shows Adminserver is running, even if you check netstat command the Adminserver port shows listening. However, when you try to access the Webogic Adminserver console using URL e.g. http://wlsadminserverhostname:7777/console it does not open. Problem could be related to below few reasons but not limited to these reasons only. I may update this blog time to time to include more finding with similar behavior.


The very first and foremost reason Weblogic Administrator should be checking weather Operating system firewall is running or not? which possibly can lead this behavior. It’s very common now days, that once you create a virtual server of linux or solaris etc, most probably OS firewall will be up and running which will block port 7777 incoming connection.  So please check the OS firewall status using below command and switch it off or add rule to allow port 7777, so that Admin console traffic can pass through.

Check iptables status /sbin/service iptables status

Stop iptables /sbin/service iptables stop

Please Note: above command for Linux kernel, if you using different OS then find out equivalent command for that particular OS.

Reason 2: 


If Weblogic server been set to use frontend host, then it will not honor default URL http://<Serverhostname>:<port>/console.  In that case whatever frontend host name value been configured, Weblogic Administrator has to use that hostname only to access the Weblogic Admin console. 

Frontend host can be set by navigating to AdminServer >> Protocol >> Http >> set Frontend Host

This change can also be witnessed inside config.xml

Also, not that even if <frontend-host> element exist inside config.xml without a value, see below snap e.g.
Then also Weblogic admin server will not be accessible, admin need to delete these lines from config.xml and restart the admin server.

Reason 3: 

Check whether port 7777 or whatever port Admin has configured for Weblogic Adminserver console are open at your network firewall. This is small test and telnet utility can be used to test the same. If telnet to particular hostname:port works means, network allows from user system to Weblogic admin server connectivity, else there is some firewall issue. Use below simply command to do that –

telnet <hostname>:<portnumber>
e.g. telnet

If telnet utility is not installed on local system then navigate to Control Panel >> Program and Features >> Turn Windows feature on or off >> select "Telnet Client" from the list of Window feature and install the same.

Reason 4: 

The browser what Administrator using to access the Weblogic console, if that browser having configuration of proxy server to access the internet then make sure the Weblogic Admin Server console host name must need to bypass the local address.

Reason 5: 

If F5 device been configured, where virtual server been created to route traffic to Weblogic admin server via pool members, then check whether that configuration properly been done or not. F5 has capability to check the pool members responding or not, also F5 offer good diagnostic capability which helps to troubleshoot traffic routing issue. 

Also, please make sure Weblogic configuration been made to honor F5 header, please go through the below blog link and implement all the changes as mentioned in blog, if you want ssl-offloading at F5 and redirect https traffic to Weblogic Admin Console.

No comments:

Post a Comment