Tomcat Access – Fix Access Issues to Tomcat on Remote Linux Server

I have a remote linux server at 192.168.168.1 (subnet mask /24) which has tomcat installed and running. I know it's running because when I SSH to it and do "wget localhost:8080" I get:

Resolving localhost (localhost)... ::1, 127.0.0.1
Connecting to localhost (localhost)|::1|:8080... connected.
HTTP request sent, awaiting response... 200
Length: unspecified [text/html]
Saving to: ‘index.html.1’

    [ <=>                                   ] 11,230      --.-K/s   in 0s

2018-07-05 15:37:21 (184 MB/s) - ‘index.html.1’ saved [11230]

My local windows machine is on the same network with an ip address of 192.168.168.2, and when I open up a browser and enter "192.168.168.1:8080" in the url bar, it tells me after a while that the connection timed out.

I can ping the linux server from my windows machine with no problems.

I also edited my iptables to allow incoming connections from port 8080; here is the result of "sudo iptables -L -v":

Chain INPUT (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             tcp dpt:webcache
    0     0 ACCEPT     udp  --  virbr0 any     anywhere             anywhere             udp dpt:domain
    0     0 ACCEPT     tcp  --  virbr0 any     anywhere             anywhere             tcp dpt:domain
    0     0 ACCEPT     udp  --  virbr0 any     anywhere             anywhere             udp dpt:bootps
    0     0 ACCEPT     tcp  --  virbr0 any     anywhere             anywhere             tcp dpt:bootps
17974   11M ACCEPT     all  --  any    any     anywhere             anywhere             ctstate RELATED,ESTABLISHED
   14   863 ACCEPT     all  --  lo     any     anywhere             anywhere    
 288K   30M INPUT_direct  all  --  any    any     anywhere             anywhere 
 288K   30M INPUT_ZONES_SOURCE  all  --  any    any     anywhere             anywhere
 288K   30M INPUT_ZONES  all  --  any    any     anywhere             anywhere  
    0     0 DROP       all  --  any    any     anywhere             anywhere             ctstate INVALID
 288K   30M REJECT     all  --  any    any     anywhere             anywhere             reject-with icmp-host-prohibited
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:webcache
    0     0 ACCEPT     tcp  --  any    any     anywhere             anywhere             state NEW tcp dpt:http

Chain FORWARD (policy ACCEPT 0 packets, 0 bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     all  --  any    virbr0  anywhere             192.168.122.0/24     ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  virbr0 any     192.168.122.0/24     anywhere    
    0     0 ACCEPT     all  --  virbr0 virbr0  anywhere             anywhere    
    0     0 REJECT     all  --  any    virbr0  anywhere             anywhere             reject-with icmp-port-unreachable
    0     0 REJECT     all  --  virbr0 any     anywhere             anywhere             reject-with icmp-port-unreachable
    0     0 ACCEPT     all  --  any    any     anywhere             anywhere             ctstate RELATED,ESTABLISHED
    0     0 ACCEPT     all  --  lo     any     anywhere             anywhere    
    0     0 FORWARD_direct  all  --  any    any     anywhere             anywhere
    0     0 FORWARD_IN_ZONES_SOURCE  all  --  any    any     anywhere             anywhere
    0     0 FORWARD_IN_ZONES  all  --  any    any     anywhere             anywhere
    0     0 FORWARD_OUT_ZONES_SOURCE  all  --  any    any     anywhere             anywhere
    0     0 FORWARD_OUT_ZONES  all  --  any    any     anywhere             anywhere
    0     0 DROP       all  --  any    any     anywhere             anywhere             ctstate INVALID
    0     0 REJECT     all  --  any    any     anywhere             anywhere             reject-with icmp-host-prohibited

Chain OUTPUT (policy ACCEPT 73 packets, 7176 bytes)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 ACCEPT     udp  --  any    virbr0  anywhere             anywhere             udp dpt:bootpc
12493 1460K OUTPUT_direct  all  --  any    any     anywhere             anywhere

Chain FORWARD_IN_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 FWDI_public  all  --  ens32  any     anywhere             anywhere            [goto]
    0     0 FWDI_public  all  --  +      any     anywhere             anywhere            [goto]

Chain FORWARD_IN_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FORWARD_OUT_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 FWDO_public  all  --  any    ens32   anywhere             anywhere            [goto]
    0     0 FWDO_public  all  --  any    +       anywhere             anywhere            [goto]

Chain FORWARD_OUT_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FORWARD_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDI_public (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 FWDI_public_log  all  --  any    any     anywhere             anywhere
    0     0 FWDI_public_deny  all  --  any    any     anywhere             anywhere
    0     0 FWDI_public_allow  all  --  any    any     anywhere             anywhere
    0     0 ACCEPT     icmp --  any    any     anywhere             anywhere    

Chain FWDI_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDI_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDI_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDO_public (2 references)
 pkts bytes target     prot opt in     out     source               destination 
    0     0 FWDO_public_log  all  --  any    any     anywhere             anywhere
    0     0 FWDO_public_deny  all  --  any    any     anywhere             anywhere
    0     0 FWDO_public_allow  all  --  any    any     anywhere             anywhere

Chain FWDO_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDO_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain FWDO_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain INPUT_ZONES (1 references)
 pkts bytes target     prot opt in     out     source               destination 
 288K   30M IN_public  all  --  ens32  any     anywhere             anywhere            [goto]
    9  1863 IN_public  all  --  +      any     anywhere             anywhere            [goto]

Chain INPUT_ZONES_SOURCE (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain INPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain IN_public (2 references)
 pkts bytes target     prot opt in     out     source               destination 
 288K   30M IN_public_log  all  --  any    any     anywhere             anywhere
 288K   30M IN_public_deny  all  --  any    any     anywhere             anywhere
 288K   30M IN_public_allow  all  --  any    any     anywhere             anywhere
    9   504 ACCEPT     icmp --  any    any     anywhere             anywhere    

Chain IN_public_allow (1 references)
 pkts bytes target     prot opt in     out     source               destination 
    6   312 ACCEPT     tcp  --  any    any     anywhere             anywhere             tcp dpt:ssh ctstate NEW

Chain IN_public_deny (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain IN_public_log (1 references)
 pkts bytes target     prot opt in     out     source               destination 

Chain OUTPUT_direct (1 references)
 pkts bytes target     prot opt in     out     source               destination

Is there something I need to configure with respect to tomcat/the linux server in order for me to be able to call tomcat from my local machine?

Best Answer

Maybe tomcat is listening only for connections from a certain ip, most likely localhost. You can run netstat -lntu and you will get something like this in the 5th column:

        *:22
127.0.0.1:80

The first one indicates that it's listening for connections from any IP and the second one only from the local machine (the server itself). If tomcat is listening only on localhost you have to configure the IP in the tomcat/conf/server.xml file to 0.0.0.0. Like this:

<Connector 
  port="8080"
  address="0.0.0.0"
  ...
/>

Sorry for posting an answer to something that may not be the solution. I would comment if I could.

Best Answer

Related Solutions

How to Allow Traffic on One Port from One IP Address with Iptables

Tomcat – Can’t auto deploy war in tomcat

Related Topic