Issues with firewall and RMI
I'm having some trouble executing a client app that utilizes RMI through a firewall. Here are the specifics:
RMI registry is running and is listening on the default port of 1099.
The RMI server has been bound correctly using rmi://localhost:1099/x
Any client running on the private (internal) side of the firewall has no problem accessing the RMI server. The IP used for the lookup is the same as the internal IP of the server.
All this is as expected and appears to work the way it is expected until......a client attempts to run from the public (external) side of the firewall.
The server has been assigned an external IP address that is different from the internal. The client software on the public side of the firewall uses the external IP address of the server. This IP is translated at the firewall to the internal IP (at least that is what I'm told).
The client no longer connects to the RMI server. I've done some debugging and have looked through the nested Exceptions. The last exception in the chain indicates that the connection was refused at host and provides the internal IP, the one used during the bind.
I'm assuming the problem is with the IP addresses not being the same (one internal one external). This would cause the exception because of a name mismatch. At least that is my thinking as of now.
I can't bind under both IP addresses because the server does not know about the external presence (no NIC) because the firewall handles the IP translation.
I'm in need of some advice as to what to do. Do I need to create a dedicated machine that has only an external presence and bind only to that IP? Is there another way I can do the lookup? Do I need a securityManager? Has anyone attempted this before and how what were the results.
Thanks.
