Cannot connect to Openfire behind firewall

Hi, I’ve got Openfire to work correctly inside the office but now I wanted to allow remote connections to log into the work messenger system and I can’t.

My setup is this: I have Openfire running on Windows 2003, the users are in the AD. On the internal network everything works fine so I guess this is a problem with which ports to open. The gateway to the internet is an Ubuntu server that redirects outside connections to the respective servers inside, depending on the port. Connections to http, smtp and others work fine but if I attempt to telnet it’s external ip on port 5222, it times out. Spark fails with an unknown server error.

Am I missing something? Is this all I have to do in theory?

I’m having this exact same issue as well- any assistance would be much appreciated.

After all this time I’m still facing the same issue.

Is there anyone out there in a similar scenario that is working with client requests from the internet?

Yeah I think you definitely have a firewall issue.

You’re sure port 5222 on the outside interface of your Ubuntu box is forwarded to your windows 2003 server running openfire?

Does your firewall on the 2003 box restrict port 5222 in any way (like only local subnets allowed)?

Does iptables (I presume you’re using that on Ubuntu for your firewall) have the correct definitions for forwarding 5222 tcp?

What does the log say?

You could try to make a connection to the chat service via the outside and then on ubuntu as root try “tail -100 /var/log/messages|grep 5222”

This is assuming the lines in your iptables rules are set to LOG_ACCEPT or LOG_DENY instead of just ACCEPT or DENY…