What things need to be considered if I want to run my network application from behind a firewall?
Created May 7, 2012
Finlay McWalter One of the biggest issues that you will face is that most firewall configurations prevent inbound connections (i.e. from the public internet into your network) to arbitrary machines (and on arbitrary ports).
In practice, this will often mean that no-one from the "outside" will be able to connect to your application (in java terms, your java.net.ServerSocket instance will never see any connections).
Possible fixes for this include:
- run your application only outside the firewall, or in your network's DMZ
- run a small relay proxy in the DMZ. Your main application connects to it, and it relays the contents of incoming streams over to your main application.
- reconfigure your firewall to permit access to your application from outside the firewall - generally this will consist of telling it "allow connections to machine X on port Y"