RMI | Firewall issue revisited
Hi all,
I have searched through these forums for a suitable answer to my problem, but have not gotten any.
My RMI client-server app was working perfectly well on a Windows 2000 Advanced Server (with its firewall restrictions), until my company decided to buy another firewall appliance. My RMI server used to run on the Advanced server machine with a static IP and I ran my server with the following command :
java -Djava.security.policy=server.polocy -Djava.rmi.server.hostname=209.XXX.XXX.XXX Server
(209.XXX.XXX.XXX being the static IP used by the advanced server)
Now, with the addition of the firewall appliance and after having opened up 2 ports for RMI communication and forwarding them to the Host machine, my application had stopped functioning across the internet.
The host machine has an internal IP address of say 129.128.***.***
When an external client tries to establish contact with the my RMI server using 209.XXX.XXX.XXX (the external IP), I get a
"Connection refused: Unable to connect with 129.128.***.***"
This makes me believe that even though the client is able to initially establish connection with the RMI server, the RMI server sends back a reply to the client, asking it to find the server at the INTERNAL ip address.
Is there a way to avoid this ? Where am I going wrong ? How can I resolve this issue ?
The error is happening because the client is finding and connecting to the RMI registry OK, it is getting the Remote reference OK but when it tries to send a message to the Remote reference it is sending to your internal IP address and hence getting the unable to connect error.
The IP address in the Remote reference returned by the RMI registry is the one that the server object is bound to. No amount of port forwarding will change that.
You have two options in my experience:
1. You can try to force your server to believe it is 209.x.x.x when you bind the Remote instance. You can do this on Linux, but I have no idea how to do it on W2K.
2. The server.rmi.hostname works for fully qualified domain names, not IP addresses. If you only have one RMI server running, or if you use different ports for different RMI servers, you should be fine by setting the hostname value to your fully qualified domain name and then use NAT to forward to the Internal IP address. If you have more than one server running on the same port number, you'll need to register different FQDN's for each. Then all you need to do is update your internal DNS to point to the internal IP address and the external clients will use their existing DNS in the normal manner.
Similar Messages
-
RMI firewall issue - opening port 1099 is not enough
Hello,
We have a distributed java desktop app that uses RMI with callbacks to communicate amongst the clients. It all works really well at our dev site and at 2 trial sites.
We are about to deploy out to more customer sites - so I have been doing more testing with firewalls etc and discovered some issues. Our customers are small businesses and typically have between 1 and 10 desktop clients that connect to the server via RMI. These customers are "very NOT technical", so we need to give them set-and-forget firewalls etc.
This is all on a LAN, with RMI using port 1099. On the firewalls (of the various PCs) we open ports 1099 (RMI) and 5432 (for the Postgres DB).
Also, I was using "CurrPorts" and "SmartSniff" to monitor the traffic at each PC - so I had a reasonable view of proceedings.
Basically, opening port 1099 on the server is necessary, but it is NOT ENOUGH. The RMI moves off to ports other than 1099, and the server firewall does not allow the connection.
Procedure ...
(1) start the "server" app - which starts the RMI registry - the "localhost" desktop app also starts and it works well to both the database and the RMI.
(2) start another client - it connects to the DB Server, but NOT the RMI server.
(3) open the server firewall to all traffic for a few seconds - then the client connects successfully.
From CurrPort logging I could watch the RMI comms progress over those first few minutes ...
Initially the comms do include port 1099 on the initial call to the server, but there after there are always 2 or 3 "channels" open, but not to 1099.
I notice that the Postgres DB keeps using port 5432 for all of its active channels - so it does not have the same firewall issue.
After we have opened the firewall for a few seconds - to enable the link - then we can turn the client on and off and the client re-connects without issue - so it would seem to be only an issue with the initial connection.
I am sure that this is all completely standard and correct RMI behavior.
QUESTIONS:
1. Can RMI be "forced" to always use port 1099 for connections, and not move to other ports? (like the database uses 5432)
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?
Other comments ...
The firewall lets me open individual ports (say 1099) - BUT I can not justify opening ALL ports.
The firewall lets me open all ports to an application, say "C:\Program Files\Java\jre6\bin\java.exe", but that app will occasionally change at a customer's site as they will update their java version and suddenly our app will stop working.
Any guidance is appreciated.
Many Thanks,
-Damian1. Can RMI be "forced" to always use port 1099 for connectionsYes. Export all your servers on the same port. See UnicastRemoteObject constructor that takes an int, or UnicastRemoteObject.exportObject(int). If the RMI Registry is a separate process you can't re-use 1099 for this purpose, but see below.
2. Are there any suggestions for getting around this seemingly standard RMI behaviour?Yes. Start the RMI Registry in the same JVM as the code, then you only need to use 1099 for everything.
If you are using server socket factories, make sure they have an equals() method, or use the same instance for all remote objects. -
"Hello,
From reading of these newsgroups I've seen many different manifestations
of what seems to be the same root cause with connection pools and
connections which are refreshed/replaced when found broken. In our
case weblogic server hangs.
Kit: 2xWeblogic 5.1.0 sp11 (not clusterd), Solaris 8,
java 1.3.1_01, 1xoracle 8.1.6, latest JDBC 2.0 drivers from oracle. Each weblogic instance and oracle have their own machines.
We do indeed have a firewall employed to run our subnets, and hence
our weblogic servers and oracle databses are in different DMZ's, but are
allowed to communicate to each other via rules set up on the firewall and
inspection of the logs show no such connections being dropped.
As far as the db is concerned, lookups (no writes) never take more than a few
hundred milliseconds and are then closed and given back to the connection pool
immediately from within the 'finally' block of code, hence hard to see when,if ever, the db is
is closing them due to excessive idle time.
weblogic.jdbc.connectionPool.RecipeDBPool=\
url=jdbc:oracle:thin:@foo:1521:BAA,\
driver=oracle.jdbc.driver.OracleDriver,\
loginDelaySecs=1,\
initialCapacity=30,\
maxCapacity=50,\
capacityIncrement=1,\Alkesh wrote:
Hi Joe,
The fix you suggested has been implemented and has been running fine
now for the past 3 days. I'm delighted with the result,Great. Glad to help.
but am concerned as to why this problem wasnt highlighted during our
load-testing phases...It's a possibility that your load-testing didn't present the same sort
of load that your actual runtime does.
Thanks for your time on this.Well sure. We want you successful.
Joe
Alkesh
At 01:52 PM 2/22/2002 +0000, you wrote:
Hi Joe,
Thanks for your reply
Please find attached a copy of the jvm thread dump we got from thelast time
that weblogic blocked upon trying to refresh a broken connection.
We have turned off JIT with the environment settingJAVA_COMPILER=NONE.
FYI hotspot is enabled with '-hotspot', these settings can be foundin the
attached 'startWeblogic.sh'.Hi. I found a serious problem by reading the thread dump:
"ExecuteThread-11" daemon prio=5 tid=0x179d40 nid=0x19 waiting for
monitor entry
[0xeee80000..0xeee819e0]
at java.sql.DriverManager.getConnection(DriverManager.java:144)
- waiting to lock <f8e77ad0> (a java.lang.Class)
at com.akqa.sainsburys.jv_recipe.ejb.session.RecipeBean.getConnection(Re
cipeBean.java:759)
It is important to never call DriverManager methods in a multithreaded
application
such as Weblogic, because these JVM methods are alloverly synchronized
at
the class level. One such method, DriverManager.println(), is called
continuously
by all JDBC drivers as well as the SQLException constructor. If one
server thread
makes a long-lasting or hanging call to DriverManager.getConnection(),
it can halt
all JDBC in the whole JVM including work on other open driver
connections.
Please show me the code for RecipeBean.java, and I will send you an
altered version
that should solve this problem. In fact, I can infer from the thread
dump what is needed.
Change the one method getConnection() to this:
// Make once and re-use a driver instance directly, avoiding
DriverManager
Driver d = (Driver)class.forName("weblogic.jdbc.jts.Driver").newInstance();
public Connection getConnection()
return d.connect("jdbc:weblogic:jts:yourPoolNameHere", null );
Also, change your pool definition. I assume you have
testConnsOnReserve set to true.
(You should). Also, you should change your refresh minutes to
something huge, like
9999999. The refresh is interfering with your online performance and
is unnecessary
if you have testConnsOnReserve set. I recommend:
weblogic.jdbc.connectionPool.RecipeDBPool=\
url=jdbc:oracle:thin:@foo:1521:BAA,\
driver=oracle.jdbc.driver.OracleDriver,\
loginDelaySecs=1,\
initialCapacity=50,\ <------ note that this should be the
same as max, so all cons are made at startup
maxCapacity=50,\
testTable=dual,\
testConnsOnReserve=true,\
refreshTestMinutes=9999999,\
etc.
Joe
I've also attached some firewall logs around the time of weblogicblocking
(12.09). I could only get screen dumps for you, this may or maynot be
useful.
For the firewall logs use the following legend :-
195.110.64.205 - DNS
172.16.160.195 - host webserver 1 (i.e. what our licenses are boundto)
172.16.160.196 - host webserver 2
172.16.160.220 - website 1
172.16.160.230 - website 2
Thanks
Alkesh
-----Original Message-----
From: Joe [mailto:[email protected]]
Sent: 20 February 2002 22:09
To: [email protected]
Subject: Re: 5.1.0 sp11 Connection pool refresh issue,
revisited....again...!!!
At 02:47 PM 2/20/2002 +0000, you wrote:
Hi Joe,
Please find attached a copy of our thread dumps for the most recentoccasion
that weblogic server has stopped.
Apologies for any misunderstandings with my previous post, it appears to
have been cropped. Full posting below (yes we do have testConnOnReserve and
testTable properties set).
Thanks for your time.sure, but first let's get you running OK. These dumps seem to be
very cryptic, as if you're running a highly optimized JVM that
loses almost all of the Java class references I'd normally see.
Can you run again with a more basic JVM? I am beginning to suspect
the JIT JVM...
Joe
Alkesh
Joseph Weinstein wrote:
Hello,
From reading of these newsgroups I've seen many
different manifestations of what seems to be the sameroot cause with connection pools and connections
which are refreshed/replaced when found broken. In our
case weblogic server hangs.
Kit: Weblogic 5.1.0 sp11 (not clusterd),
Solaris 8, java 1.3.1_01, oracle 8.1.6,
latest JDBC 2.0 drivers from oracle.
We do indeed have a firewall employed to run our subnets,
and hence our weblogic servers and oracle databses are
in different DMZ's, but are allowed to communicate to each
other via rules set up on the firewall and inspection of
the logs show no such connections being dropped.
As far as the db is concerned, lookups (no writes) never
take more than a few hundred milliseconds and are then
closed and given back to the connection pool immediately
from within the 'finally' block of code, hence hard to
see when,if ever, the db is is closing them due to excessive idle time.
weblogic.jdbc.connectionPool.RecipeDBPool=\
url=jdbc:oracle:thin:@foo:1521:BAA,\
driver=oracle.jdbc.driver.OracleDriver,\
loginDelaySecs=1,\
initialCapacity=30,\
maxCapacity=50,\
capacityIncrement=1,\
allowShrinking=false,\
testTable=dual,\
testConnsOnReserve=true,\
shrinkPeriodMins=1,\
refreshTestMinutes=10,\ // has been 1 and 5 but 10 'more' stable.
Fequently however, connections are found to be broken
(either by periodical refresh - refreshTestMinutes or
testing connection before granting it to the
application - testConnsOnReserve=true), this has been
confirmed by viewing JDBC.log .
When this is so, weblogic attempts to replace these
broken connections with new ones and then proceeds
to grant it to the application. Once in a while however
(and by no means 'x' refreshes later), weblogic will not
come back.
One of 2 errors occur in our deployment which cuase weblogic
to refresh a connection.
<JDBC Pool RecipeDBPool> java.sql.SQLException: No more data to read fromsocket
and
<JDBC Pool RecipeDBPool> java.sql.SQLException: Io exception: Broken pipe
I believe these settings to all be correct, JDBC drivers
in the correct point BEFORE weblogic.aux in classpath, yet
still have the issue of broken connections.
Any ideas ? I've been reading a lot into this probelm
on various postings now, and i'm completely stumped.
Thanks for your time.
Alkesh -
Hello all.
I subscribed successfully and easily to CC on my home PC (iMac) and downloaded a few apps. All is fine.
I wanted to download those same few apps on a remove machine I use several times a week (Win 7).
After many many attempts of trying to download CC and getting a generic error message, I learned it could be a firewall issue here at this work/office. I found this in Adobe's forums:
Many organizations use a hardware firewall and proxy server that can prevent software from accessing an FTP server. A hardware solution applies to all computers within the corporate network. Most home networks do not use hardware firewall or proxy technology.
Contact your company's IT department to obtain firewall or proxy information.
Configure your browser with proxy or firewall information.
Configure your corporate firewall to by-pass the servers. The following servers are accessed:
ccmdl.adobe.com:80
swupmf.adobe.com:80
swupdl.adobe.com:80
Having nothing to loose, I put in a request and had these addresses/ports opened up in our firewall. That seems to partially fix the problem.
Now the problem is the speed and traffic is so terribly slow with CC that nothing installs with out failing and giving error. For example, I am trying to install PhotoShop CC and it will take a couple of HOURS to even get to 10% and then it fails. Usually, it doesn't get that far. CC just gives me the generic message:
"Installation Failed - Learn More."
Download error. Press Retry to try again or contact customer support.(-7).
Our network admins swear that there is nothing wrong with the ports/firewall and yet all this works fine at my home. Can anyone offer any suggestions or advice? My internet connection here is fine. All other sites load and work fine. I simply cannot download any of the CC aps here with any reasonable speed.
Help!
PS - The URLs and ports ping just fine.Hi RedBirdOBX1,
I'd recommend checking out the two pdf documents in the
Adobe Creative Cloud Service Access Documentation for IT section on this page:
http://www.adobe.com/devnet/creativesuite/enterprisedeployment.html
Adobe Creative Cloud Network Endpoints
Adobe Creative Cloud Controlling Service Access
and if you're still struggling this might be another alternative:
http://prodesigntools.com/adobe-cc-direct-download-links.html
Hope that helps,
-Dave -
Can't scan from Lexmark multifunction printer - firewall issue?
Hi there!
I got a Lexmark printer/scanner combo which used to work fine on my arch install. However, its mobo died, so now I'm back at another install which refuses to scan. Scanning is done through the browser via a java applet residing on the printer's webserver. The applet does start (so it's not a java issue), but refuses to receive data from the scanner. Within the printer's web interface, it reads
If using Windows XP, the Windows XP personal firewall must be disabled before using Scan to PC profiles.
, so I'm assuming it might be a firewall issue. Lexmark's website provides the following advice:
The following two command lines will open the port 5353 for incoming and outgoing connections:
iptables -I INPUT -p udp -m udp --sport 5353 -j ACCEPT
iptables -I OUTPUT -p udp -m udp --dport 5353 -j ACCEPT
NOTE: These steps will work on most distributions configured with IPTABLES. There is no common command to make these rules persistent.
As I don't know anything about IP tables, I've simply copied these commands (as root, obviously). Still, I can't scan.
So, my questions are:
1. Has anybody else ever come across an issue like this?
2. I don't even know for sure, whether this is a firewall issue - What iptabled magic would I need to temporarily disable the firewall to check?
3. I tried checking my rules by "iptables -L". How can I tell "iptables -L" to specify the ports it is working on (as I did in the commands copied from lexmark's website)?
Best wishes,
RufusHi Bob
I believe so. We put the install disc into this mac back when we bought it to set up the printer. I'm assuming the scanning drivers were there as well since it's a multifunctional printer/scanner/fax wireless printer.
We've tried it both ways. If I press the button scan on the printer, it reads can't find computer (or something like that). When we go thru the HP icon on my computer screen and choose scan to computer, it does nothing.
We don't scan that often. So the few times when we ran into this problem, we just did something else (like take a pic from our iPhone and email the pic...kinda stupid but did the trick.
But I want to have the function of the scanner available. So that's why I'm here asking...thought others had this issue and had a solution. -
Windows Firewall issue, Inbound rule opend all, still not the same as turning off
This is Windows Firewall issue on Windows 8.1 Pro.
Backup Exec server cannot expand a computer node in selection list. I drill down to Microsoft Windows Network/Domain/Computers, then when I tried to expand a Windows 8.1 Pro computer node, it hangs out.
I narrowed this problem to Windows firewall related issue on Windows 8.1 Pro computer.
When I turn off Windows Firewall on Domain profile, Backup Exec Selection expands the computer node of the Windows 8.1 Pro computer. So, I created an inbound rule opening all to BAckup Exec server as following, but it's still not the same as turning off
Windows firewall specifically on Windows 8.1 Pro computer;
Any Local IP address, Any Remote IP address, Any port, Any protocol, All Interface, All Programs and Services, All profiles(Domain, Private, Public)
And there are no rules blocking any which may override the above rule.
Ethernet on Windows 8.1 Pro computer shows profile is linked with Domain, but just to make it work, I selected all profiles.
Even though I opened all available in inbound rule, it's still not the same as turning off windows firewall. Why am I missing?It looks as something related to RPC(UDP 135), but even when inbound rule is all open, why it matters? RPC seems working fine only when firewall is turned off on domain profile.
Protocol 17 is UDP
Port: 135
===============================
Event ID 5152
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Outbound
Source Address:
192.168.1.120
Source Port:
0
Destination Address:
192.168.1.11
Destination Port:
0
Protocol:
1
Filter Information:
Filter Run-Time ID:
245836
Layer Name:
ICMP Error
Layer Run-Time ID:
32
The Windows Filtering Platform has blocked a packet.
Application Information:
Process ID:
0
Application Name:
Network Information:
Direction:
Inbound
Source Address:
192.168.1.11
Source Port:
35341
Destination Address:
192.168.1.120
Destination Port:
135
Protocol:
17
Filter Information:
Filter Run-Time ID:
245834
Layer Name:
Transport
Layer Run-Time ID:
13 -
I have Internet access, but don't have an ability to watch videos on our new iPad2. We are in a hotel, could it be their service or firewall issue?
If you are unable to view content that has already been downloaded then you problem is within you device. First shut it down all the way by holiding the sleep button at the top until the power off slide appears at the top of your screen. Then slide that and wait while it powers off. Give it a good 30 seconds to do this. then power it back up. if that doesn't work, you may need to call the apple care folks. One other option is to restore it to factory settings and reload it with the updates first and then sink your media to it. You should already have it backed up to iCloud, but if not, do that first then do the restore.
-
Unsolvable OS X firewall issues
Since switching from TWC to Verizon High Speed Internet, I've been unable to download Netflix, play Yahoo Backgammon, send email via Network Solutions server, send or receive email from mobile me account, and connect to a JSTOR server for downloading articles on my iMac, OS X 10.6.6. I suspect that it's a firewall issue, but haven't been able to confirm that with Verizon customer service.
The first time I called about the email, after verifying that we had an internet connection, Verizon said that it must be Network Solutions. I called Network Solutions and found that everything was in order there. I phoned Apple, and found that everthing was in order on my machine and software. Navigating the Automated Call Distrbution and hold times at each of these places took about 3 hours, which included about 40 minutes of trouble shooting - most of it by Apple. I had to go to work.
On my next day off I called verizon and asked to have my call escalated to a higher tier mac support technician, but they said that they didn't have higher tier technicians. We went through a laborious troubleshooting process, and the tech couldn't find the problem within 50 minutes, and I had to leave for an appointment. I couldn't call back that week. Verizon phoned a day or two later and left a message on my answering machine that invited me to call a toll free number if my issue had not been resolved. I called before leaving for work a few days later, got through to a Verizon mac OS tech, and went through the same laborious trouble shooting process to no avail. I asked to be transferred to a higher level tech, and the tech just put me back in the hold queue. The new service tech wanted to go through the same protocals that I had already been through, which I found unacceptable. As this was my forth attempt to correct this problem, I asked him to read the notes from previous service techs. The only note he could find said "Unable to connect to the internet."
I believe I'm beyond my 30 day trial, but I desperately want out of my contract with Verizon. Does anyone have any suggestions?Log into the modem using the following Usernames/Passwords at http://192.168.1.1/
admin/password
admin/password1
admin/admin
admin/admin1
Yout Verizon Username and Password
Set the Firewall to Disabled and see if your applications begin working. The Wireless key can be gotten from the Wireles Settings section.
========
The first to bring me 1Gbps Fiber for $30/m wins! -
I've installed jboss on a non-global zone and verified the installation using lynx from within the non-global zone.
I can't see jboss from the global xone, another non-global zone, or a different machine. I can ping back and forth between all zones and other machines as well as ssh into the non-global jboss zone to admin it.
I tried issuing 'svcadm disable ipfilter' on both the global zone and non-global zone. It worked on the global zone but not the jboss zone (got 'pattern doesn't match any instances' error).
I tried rebooting the jboss-zone after disabling ipfilter on the global zone and still can't get anything.
Any ideas?OK, just to test I started apache and it works as expected.
This must be a firewall issue. Does anyone know how to configure / diable it? -
Images on our forms do not load. We believe this may be a content-filter/firewall issue, but do not know where form images are served from. Is there a list of domains and/or IP's that should be allowed through our content-filter and firewall for Formscentral to work properly?
Hi,
If you are a personal user and have not setup desktop redirector than you should be setup as BIS.
This line in your post is what took me in that direction:
"Here's the message: The application mobireader has attempted to open a
connection to a location inside the firewall and outside the firewall which is which is not allowed by your IT policy"
IT policies are used in the server based networks to restrict functions of the BB.
Was your phone new when purchased? I'm trying to see if you have an IT policy on the phone.
Make sense?
Thanks,
Bifocals
Click Accept as Solution for posts that have solved your issue(s)!
Be sure to click Like! for those who have helped you.
Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure. -
OD firewall issue? maybe
I have 10.4.11 on my Xserve, things seems to be working, but I have never be able to add a client's computer to Open Directory. I get this:
Unable to add server.
An unexpected error of type -14102 (eDSAuthNoAuthServerFound) occorred.
Could that be a firewall issue? or Kerberos issue?
thanksHi
Sorry by Directory Service I meant Open Directory. Tellingly the overview pane says Kerberos is Stopped. Kerberos is the authentication method that the LDAP service will use to authenticate principals. So if its stopped then there is no KDC and no edu.mit.Kerberos file.
This more than likely could explain the problem you see.
Kerberos not starting is generally down to a poorly configured DNS Service. It could also be an obscure network issue or even an LDAP database problem. Occasionally there is a need to stop Kerberos starting on an Open Directory Master. This would typically be the case if you were integrating Open Directory into Active Directory. Usually - but not always - in that environment there would be no need to configure DNS Services on OSX Server. You would use the Active Directory’s DNS Service.
For Open Directory Services to function correctly the Server needs to have a reverse pointer (PTR) record created. On the server launch terminal and issue this command:
sudo changeip -checkhostname
Post the results, Tony -
Cannot create ODBC connection to Azure - is this a firewall issue?
I am setting up a Access front-end, Azure back-end database. I am setting up the odbc on one of the clients machines and get sql state 28000, error 18456, sql state 01000, error 40608. I am using SQL Native client 10.0. I have not has issues with this before.
I opened all IPs. Is this a firewall issue on their computer?
Any ideas welcome.
Thanks,
MarcyHello Marcy,
Are you getting this error while doing test connection from ODBC datasource (DSN) ?
Please share the actual error message that you are getting so that I can guide you.
On the basis of the error 18456 please check following .
password must be correct.
check if port 1433 is blocked by windows firewall or any firewall on the client machine.
Pass the user name as username@<azure servername>
if you are using just username try to use sql native client 11.0
check if TCP/IP protocol in sql server configuration manager is enabled.
In case you tried all the above option then please share the error message that your client is getting.
Hope this help.
Mukesh
SQL Azure and Business Intelligence -
We are having problems sending RMI calls across the network when going through a VPN connection.
I suspect that the VPNs have embedded firewalls that are blocking the RMI calls.
(Note that If these same calls go through the local network instead of the VPN, or if run with client on server on the same machine then there are no problems at all)
When an RMI call is attempted, the following exception is thrown:
public class NoRouteToHostException
extends SocketException
Exception description: Signals that an error occurred while attempting to connect a socket to a remote address and port.
Typically, the remote host cannot be reached because of an intervening firewall, or if an intermediate router is down.
The VM making the RMI call is a deployed server running on weblogic on a HP Unix server.
JVM version 1.5_016 windows
The VM receiving the call is a thick client code running on a windows PC.
JVM version 1.5_014 unix
We are using the spring RMI libraries to provide the RMI functionality.
I also suspect the blocking is happening at the PC end and not the server,
because whether the call is blocked or not depends on the PC rather than the server environment.
I have found a couple of sources on the web below which I am going through, however it may take a while to try and test things and we need to fix this problem asap, so if anyone has experience or expertise in this area and can advise it would
be really, really helpful.
http://java.sun.com/j2se/1.4.2/docs/guide/rmi/faq.html
http://java.sun.com/developer/onlineTraining/rmi/RMI.html
Many thanks for your help
PaulSee item A.1 in the Javadoc/Guide to Features/Remote Method Invocation/RMI FAQ. You need to find an IP address for the server that you can ping from the client. Then you need to set java.rmi.server.hostname to that address at the server before it exports any remote objects.
If you can't find such an IP address you are hosed. But that'w not an RMI issue, it's a network connectivity issue. -
Remote app, firewall issue?
I can't connect my iphone with my computer using the Remote app. I've tried all the help I can find, and it is not working. Here is my issue.
When I go to connect the "remote" app with my computer, it says that it can't connect due to either my wifi network or my firewall. I can tell you know that it is my firewall. I'm using the same wifi network for both the computer and the iphone, I have also check the IP addresses, they are the same. And it is strickly my computer, both me and my girlfriend have laptops, and it will work on her computer, and not mine (they are both connected on the same wifi network). So next would be to check my firewall settings...In firewall settings the "don't allow exceptions" box is NOT checked. Under the "exceptions" tab, the following boxes are checked: "Bonjour", "iTunes", "Remote Assistance", "File and printer sharing", Network diagonstics for windows XP", and "windows messenger".
I'm not understanding what the issue is. My iphone will show up under devices and allow me to enter the 4-digit code to connect each other, but after that it says that it is my firewall or network. Hope you can help, thanks.Out of curiosity, I did some logging of my network to see what communication took place between my iPhone and iTunes:
When I turned on my iPhone, there were a 2 of packets on port 5353 (Bonjour) sent by iPhone, sent to 224.0.0.251 (mDNS).
When I fired up the Remote app, there were a 14 more packets on port 5353 sent by iPhone to 224.0.0.251, with a little more info in it. At this point, iTunes on my PC recognized the iPhone and prompted me for the PIN.
When I entered in the PIN, it looks like iTunes opens connection to iPhone in order to validate the PIN number, originating the conversation from a port number of its choosing, and using a destination port number that the iPhone advertised in it's last Bonjour packet. There were a dozen packets involved in this little handshake, originated by the PC.
Finally, the iPhone initiates a communication to iTunes on the PC, opening a connection to port 3689 on the computer. It looks like this is where the bulk of the "remote" app functions.
All this tells me that if you saw the screen to enter the PIN, then your PC successfully noticed the Bonjour advertisement the iPhone broadcasted on UDP port 5353. But the fact that it ceased to communicate after the PIN was entered tells me that most likely there is a problem with the PC accepting communications on TCP port 3689 (iTunes sharing). I guess it's possible that the firewall is preventing the computer from confirming the PIN with the iPhone, but that's a communication originated by iTunes, and usually firewalls are fairly permissive about what ports apps open going out, just really strict about what ports it accepts communications into. -
XE and Symantec Client Firewall issue
I noticed that there is an issue when the SYmantec Client Firewall is enabled on a clients machine. I was trying to access XE and the connection was tiiming out. Has anyone else had this issue and how do you rectify the problem.
Thank you in advancedYou must set your firewall settings so that allow access to XE.
The default values for the port numbers are:
1521: Oracle database listener
2030: Oracle Services for Microsoft Transaction Server
8080: HTTP port for the XE graphical user interface (APEX)
HTH
Maybe you are looking for
-
How do I change the default save folder for screenshots in Mountain Lion
I would like screen shots to save to a specific folder in Pictures (~/Pictures/Screenshots) There is a way to do this in previous versions of OS-X. Is there another way to do this in Lion, or is the Terminal method the simplest way to do this? Thank
-
Integrating with external access control system
Hi, I am new at the network but have read a lot recently about the above subject as much as I could. However, I am a bit mixed up at something. I understand in order to update SAP HR module with employees time and attendance logs I need to interface
-
Plsql - set a timeout on utl_tcp connection
hi, I have a utl_tcp connection and I want to define the timeout parameter before each read. How? thanks...
-
Create Customer Master from Vendor Master
Is there a program that allows for batch creation of customers from vendors so that you don't have to rekey all the information? Thanks, CM
-
anyone has an idea? will it be updated automatically to non-beta plugin? or will i have uninstal it and instal previous version?