Skip to content
Advertisement

Can’t connect to Tomcat9 outside

I can’t connect to tomcat9 from outside (by ip)

i disabled tcp6 (add to /etc/sysctl.conf) following

net.ipv6.conf.all.disable_ipv6 = 1
net.ipv6.conf.default.disable_ipv6 = 1
net.ipv6.conf.lo.disable_ipv6 = 1
net.ipv6.conf.eth0.disable_ipv6 = 1

netstat -nlp output:

tcp 0 0 127.0.0.1:8005 0.0.0.0:* LISTEN 7460/java       
tcp 0 0 0.0.0.0:8009 0.0.0.0:* LISTEN 7460/java       
tcp 0 0 0.0.0.0:8080 0.0.0.0:* LISTEN 7460/java       
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 1118/nginx

server.xml Connector block: 

<Connector port="8080" protocol="HTTP/1.1"
      connectionTimeout="20000"
      redirectPort="8443"
      address="0.0.0.0" />

I also tried to add useIPVHosts=”true” to <Connector> and resolveHosts=”true” to <Valve> block in server.xml, but still nothing.

I’ll be thankful for all of your answers)

Advertisement

Answer

From what you have provided, your Tomcat server is running on a laptop in your home network. Your friend is trying to access this over the internet but is not able to. Assuming your configuration for Tomcat is correct we can narrow it down to a couple areas.

Your server is not accessible via the internet:

You cannot just provide a public IP to your laptop and expect it to work on the internet. Home networks are setup in a way to preserve public IP addresses which are paid for by big companies (Comcast, Verizon, etc.). Your router will be assigned a public IP address accessible from the internet and all of your internal nodes (phone, computer, laptop etc.) will have an internal (192.168.x.x) address assigned to them available via NAT handled by the router itself. In order to access your internal nodes via the internet you will have to login to your router and enable some port forwarding. You should also enable dynamic DNS which routers should allow you to use (http://yourserver.something.something instead of router IP). For port forwarding in your router, you should have an option to set (for example) port 50001 –> IPofTomcat port 8080. Your friend would then access your webpage via your routerIP/50001/jspname.jsp

You could potentially get a static IP from your ISP but then you are looking at monthly fee’s (go with port forwarding and dynamicDNS). Your router should be able to handle reserved IP’s as well.

Firewall issues:

Ensure that there are no inbound/outbound rules that can affect traffic on your server/router. I doubt your router would have these by default (not really a good thing 😉 ), but this is something to consider if you know port forwarding is setup and working correctly.

Additional comments:

I am going to say this just for general knowledge if other people go to this post. Ensure these steps are accomplished prior to hosting an at-home web-server.

  • Change default passwords for everything! That includes Apache, router, local accounts. Harden every password in your network especially if you are opening up communication to host a web-server.
  • Apply any and all software updates/patches to your tomcat server.
  • Good idea to change default ports if this will only be used by a few friends)
  • Ensure your directory is locked down (jspname.jsp resides in)
  • Make a backup prior to going live.
  • Monitor access logs on router/server regularly.
User contributions licensed under: CC BY-SA
3 People found this is helpful
Advertisement