Skip to main content

IIOP behind NAT on glassfish v3

12 replies [Last post]
gonzaloferreyra
Offline
Joined: 2008-07-07

Hello, we are facing a big trouble trying to connect from a swing application to EJB application deployed in a glassfish v3 server. The swing application its connecting to the server via internet (in other words, through a couple of NATs). It can establish a connection to the port 3700 at the server, but then it open a new connection to the private server IP. We were solved this on glassfish v2 following this link:

http://forums.java.net/jive/message.jspa?messageID=217837#217837

But in glassfish v3 this is not possible; when we configure the IIOP listener from listen to 0.0.0.0 to listen to the public server IP the server can't start.

Could anybody solve this situation? We need to migrate a working app from glassfish v2 to glassfish v3, but this problem is blocking us.

Thanks in advance

Gonzalo Ferreyra.

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
skgaju
Offline
Joined: 2006-02-05

connect to Servlet and let the Servlet do the look up of EJB. that way NAT problem will not be faced.

Xavier Callejas

My advice is to connect the client and server by a VPN connection, this way
you could use the private IP address and your connection is secured.

Regards.
Xavier.

---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@glassfish.dev.java.net
For additional commands, e-mail: users-help@glassfish.dev.java.net

pablopina
Offline
Joined: 2008-07-13

You are right Gonzalo,

I've just tried it myself and It doesn't work.

It works in 2.1 :(

gonzaloferreyra
Offline
Joined: 2008-07-07

Hello Pablo we are now trying with an alternative of this option; to put a line in the /etc/hosts file with the public name of the server mapped to 0.0.0.0 (the server OS is debian stable). Now we can connect via telnet to the IIOP listener, and we are making some tests to verify the client's work..

I will let you know the result of it.

Gonzalo

pablopina
Offline
Joined: 2008-07-13

Gonzalo,

I managed to get it running....

In domain.xml, replace 0.0.0.0 for a domain name like anahata.com

and then in your hosts file map anahata.com to the actual ip address of the network card. If you try mapping it to 127.0.0.1 then it wont work.

Our app-client launches over the internet now (takes a little while though)

If you need any more help you can write to me: pablo at anahatait.com

gonzaloferreyra
Offline
Joined: 2008-07-07

Pablo that's the same solution we decide to implement, but we should have to add the entry to the hosts file (0.0.0.0 with public DNS) that I was talking before; Yesterday we did the tests on the client and all it's working fine. Thanks for your advices.

Gonzalo

bgbw
Offline
Joined: 2011-07-29

Hello. We are having the same problem: Glassfish v3.1 installed behind a firewal and NAT, and impossible to make it work with a client trying to invoke a remote EJB. Any suggestions? Apparently it is due to the fact that the wrong IP address is returned by Glassfish. Thanks in advance.

gonzaloferreyra
Offline
Joined: 2008-07-07

Hello, we are having the same problems with GF 3.1; the steps we used to make it work in GF 3.0, they are not working now with GF 3.1,

At this time we are just making some tests with this version (3.1), in the case we could get a solution, I'll let you know here if you are interested.

Lucky with it.

Gonzalo

pablopina
Offline
Joined: 2008-07-13

Hey,

How about this

http://download.oracle.com/docs/cd/E19226-01/820-7695/6niugesud/index.html

Then scroll to

Connecting to a Remote EJB Module Through a Firewall

bgbw
Offline
Joined: 2011-07-29

It doesn't work for me!

pablopina
Offline
Joined: 2008-07-13

I've just tried it myself too from an app client and it doesn't work either

pablopina
Offline
Joined: 2008-07-13

Gonzalo,

try this:

Give your public ip a domain name.

copy domain.xml to domain.xml.bak

replace every occurance of 0.0.0.0 for the domain name (not the IP address)
on the server, add an enttry to hosts file that maps your domain name to 127.0.0.1 or the ip of your server. (maybe you have to try both)

If using JMS, also replace 'localhost' in the JMS broker adress in domain.xml for the domain name.

When launching the app clients, use always the domain name.

Good luck.