wso2 emm - unable to connect via external IP

1
votes

I have EMM 1.1.0 installed on server with internal IP 10.100.0.1:9443. Port forwarded by router to external IP 90.90.0.1:23333

Im able to log in locally to https://localhost:9443/emm without a problem.

Cases:

1) After modifying all localhosts in sso-idp-config.xml to internal 10.100.0.1:9443

From internal LAN to //10.100.0.1:9443/emm - able to log in

From external to //90.90.0.1:23333/emm redirected to //10.100.0.1:9443/samlsso - failed

2) After modifying all localhosts in sso-idp-config.xml to external 90.90.0.1:23333

From internal LAN to //10.100.0.1:9443/emm after log in redirected to //90.90.0.1:23333/emm/acs - failed

From external to //90.90.0.1:23333/emm login?null redirected to //10.100.0.1:9443/samlsso - failed

What is strange is that iam able to reach //90.90.0.1:23333/carbon from external side in both cases.

1
wso2externalconnectivity
Please say precisely what you mean by "redirect" and "port forwarded by router to external". A screenshot of the router configuration would help to see what you are doing.Daniel S.
You are now being redirected to SSO Provider. If the redirection fails, please click on the button below. 10.100.0.1:9443/samlsso and server is unreachable. Unable to get router config right now. Network team provided me with few ports to be able to connect to the server externally.Lukas Müller
Is this programming or server management? It looks to me like the latter. Please remember that StackOverflow is not a generic make-computers-do-things Q&A site; it's specifically for programing.Nic
It is indeed from server management point of view. I bumped into several related Questions, looks like there is common issue with connectivity to emm behind router/firewall. Looks like unaswered for eternity. Thank you guys for comments..Lukas Müller

1 Answers

3
votes

We had the same issue with a public IP, but we have figured it out. It is a configuration issue; we changed the following files and now everything works just fine.

Note that you can also directly change these files at the target directory.

  1. modules/distribution/src/repository/conf/api-manager.xml change the following ${carbon.local.ip} with your public IP

<ServerURL>https://${carbon.local.ip}:${mgt.transport.https.port}/services/</ServerURL>

<GatewayEndpoint>http://${carbon.local.ip}:${http.nio.port},https://${carbon.local.ip}:${https.nio.port}</GatewayEndpoint>

  1. /modules/distribution/src/repository/conf/axis2/axis2.xml add the following parameter.

    <parameter name="bind-address" locked="false">YOUR_PUBLIC_IP</parameter>

  2. /modules/distribution/src/repository/conf/carbon.xml change the following definitions with your public IP.

    HostName and MgtHostName

  3. /modules/distribution/src/repository/conf/identity.xml and /modules/distribution/src/repository/conf/sso-idp-config.xml replace the localhost with the public IP.