On 21 Aug 2008, at 09:25, Mark Thomas wrote: >Add some logging to your firewall configuration to see what is being >dropped.
Dominic Mitchell wrote: >That should help, but it's likely to be a different port in use each >time. Because JMX uses RMI by default, and RMI uses two ports: a fixed >port to initiate the connection and then a secondary (random) port for >data transfer. This is a real pain to get working. Mark Thomas wrote: >There are tricks you can play with iptables to allow that. The down-side >is that it isn't as secure. Thanks everyone. Is this random port opened by the server side (Tomcat) or the client side (jconsole) or is there some other program running in there to make my life difficult? Is there a way to configure Tomcat or jconsole, as applicable, to use the same specified second port every time? What are the tricks that can be played with iptables? I'm guessing they involve opening up a range of ports? I'll still be limiting it to one or at most 2-3 IP addresses. Once I get SSL and authentication going, that may be secure enough. BTW, I'm not real good at iptables and this is the first time I've tried to play with JMX. --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
