Can't access jboss remotely despite of proper binding of IP address in standalone.xml file
Do the following tests to find out what your problem is and how to solve it :
- For public interface, you should use your server IP Address. I recommend you use the tag
<any-address/>
instead of an IP Address.
So your standalone.xml
should look like below :
<interfaces>
<interface name="management">
<inet-address value="127.0.0.1"/>
</interface>
<interface name="public">
<any-address/>
</interface>
</interfaces>
-
The above solution should probably solve your problem. But if didn't so, use
grep 127.0.0.1
in your configuration files to see if there is anything you've missed to change to0.0.0.0
- e.g.grep -R 127.0.0.1 /opt/wildfly/*
. -
If everything is fine and yet you have no idea what is causing the issue, check if packets/requests are received, you can use
tcpdump
to check it.
The last possible reason may be that your VPS provider is blocking any non-world-widely used ports, so you will be in need of contacting them. To make sure if you should contact your provider, just do the following test :
- Since you mentioned in comments that you can access your Apache index page, please stop your JBoss service, change your apache port from 80 to 8050, restart your web-server and check if you can still see your apache index page on 8050 or not. - and since you mentioned in comments that you couldn't access your index page whilst apache is not using default 80 port, we can conclude as the following ↴
Conclusion [ According to the Chat Session ]
According to the test we did in chat session, the OP can access Apache index page whilst Apache is set on port 80, but cannot access it with any other port apart from 80. So we can conclude that the provider is filtering and blocking ports other than 80, 22, and etc. So the OP should contact the VPS provider and ask them to allow ports that he is in need of. And the occurrence of the problem was owing to VPS provider's firewall, not any configuration or setting that the OP would have made.
Related videos on Youtube
Sudip Bhandari
Senior Software Engineer at Cleartrip Loves programming Loves music and not much \m/
Updated on December 01, 2022Comments
-
Sudip Bhandari over 1 year
I am using JBOSS EAP 7. I start it using the command
sh standalone.sh -b 0.0.0.0
Following is my IP config when not binding explicitly from command line.
<interfaces> <interface name="management"> <inet-address value="${jboss.bind.address.management:127.0.0.1}"/> </interface> <interface name="public"> <inet-address value="${jboss.bind.address:0.0.0.0}"/> </interface> </interfaces>
Apart from this, I also changed binding IP in standalone.xml file. When I start it it doesn't show any error. I am not using fail2ban or any other sort of firewall on my server and I am using port 8050.
To confirm whether my server is listening at that port, I ran the following command
sudo netstat -tlnp
with the output:
tcp 0 0 0.0.0.0:8050 0.0.0.0:* LISTEN 4670/java
To confirm that this is the jboss, I ran
pgrep -f jboss
and get the same pid i.e. 4670 in this example.
I checked server.log and everything is normal there too. Thus my conclusion is JBOSS is running fine in the mentioned port with proper binding (I gave 0.0.0.0 IP to be able to remotely access from anywhere). But still I am not able to access it from browser or DHC Client. What could possibly have gone wrong?
-
Admin about 7 years@Khaled telnet: Unable to connect to remote host: Connection timed out is what I get when i do telnet server_ip port
-
Admin about 7 years@SudipBhandari: It seems there is connectivity issue like firewall blocking or ..
-
Admin about 7 years@khaled I have apache installed on that same server and I can access it. Currently i don't have any firewall setup on either side
-
Admin about 7 years@SudipBhandari What are you using for
standalone.xml
inside the interfaces tag? Connection timed out is not caused by firewall or anything blocking your access, so first of all, update your question withstandalone.xml
.
-
-
Admin about 7 yearsI got configuration error for <any-ipv4-address/> and issue still remains with other methods too.
-
Admin about 7 years@SudipBhandari Have you tried to check if it works locally? Try cURL, e.g.
curl -I 127.0.0.1:8050
, and then from another machine in the same network try the same, e.g.curl -I privateIPaddress
, and if it works so, from another machine in another network area, usecurl -I publicIPaddressBehindTheNAT
and let us know in which step you will face with error. -
Admin about 7 yearscurl or telnet from within the server works fine. I don't have another server in the same network as of now to do the other tests.
-
Admin about 7 yearsOK, so I guess we're getting closer to the point. Before going any further, let me ask you a question, are your requests received when you use tcpdump?? Any thing in server.log??? The reason I'm asking this question is because If you're using VPS, your provider - GoDaddy, OVH or etc. - may be blocking using specific ports, so you should contact your provider and ask them to allow those ports. If you're not using a VPS, let us know about the result of
tcpdump
, andserver.log
. -
Admin about 7 yearsI can see the requests in tcpdump. server.log in jboss doesn't have anything apart from the logs it shows while starting up.
-
Admin about 7 years@SudipBhandari You said you can see apache index page, yes? So let's do something to make sure that your provider's firewall is not redirecting or changing any request containing specific ports. Stop your JBoss service, change your apache port from 80 to 8050, restart your web-server and check if you can still see your apache index page on 8050 or not. Let me know about the result, and we will try to find out - hopefully - what is causing your problem by following some other steps.
-
Admin about 7 yearsLet us continue this discussion in chat.
-
Admin about 7 yearsThere is no firewall running on my server and yet I can't start apache in any other port apart from 80. Although when I use other port it shows as 'listening' when inspected using netstat.
-
Admin about 7 years@SudipBhandari OK, so your provider is blocking other ports apart from 80. You should contact your provider and ask them to allow port numbers that you are in need of. ;)
-
Admin about 7 yearsYes that's a logical conclusion. One thing that I just tried was stopping apache (port 80) and running jboss on default port (8080). Still it won't be accessible