RMI hostname and port mapping
Introduction
The censhare Server always starts up with a specific RMI URL, for example:
RMI binding check ok: rmi://censhare.local:1099/corpus.RMIServer
This is not only the hostname and port to which the server binds itself. It also tells the client after it connected to connect to this URL. If you do NAT on the hostname or on the port, the client still gets this URL and tries to connect to it, which will fail in the case of NAT.
Mapping
You can map both, the hostname and/or the port to a different one, where the server is not directly listening. For example:
local hostname: censhare.local
local port: 1099/30543-30548
external hostname: firewall.customer.com
external port: 433
The NAT policy redirects firewall.customer.com to censhare.local and the ports 443 to (we need a new port) 20546 for an SSL connection. At services/rmiconnection/config.xml you can add a new connection via censhare-Admin or edit the config.xml in the custom area:
<connection
type="ssl"
bindname="corpus.RMIServerExtSSL"
rmiport="20546"
client-map-host-from="censhare.local"
client-map-host-to="firewall.customer.com"
client-map-port-from="20546"
client-map-port-to="443"
server-port-range-from="20546"
server-port-range-to="20546"
server-bind-addr=""
send-buffer-size="0"
receive-buffer-size="0"
socket-connect-timeout="15000"
socket-read-timeout="130000"
socket-accept-timeout="0"
/>
type="ssl"
Then you need a new RMI bind name:
bindname="corpus.RMIServerExtSSL"
The port where the censhareServer is listening to the connection:
rmiport="20546"
A hostname you want to map for a client:
client-map-host-from="censhare.local"
To which hostname you want to map to for a client:
client-map-host-to="firewall.customer.com"
A port you want to map for a client:
client-map-port-from="20546"
To which port you want to map to for a client:
client-map-port-to="443"
The port range for the one port we are listening to:
server-port-range-from="20546" server-port-range-to="20546"
The client Host URL for the Server would then look like this:
rmis://firewall.customer.com:443/corpus.RMIServerExtSSL