powered by Jive Software

External Client Access Issues

I am running Openfire 3.7.1 on a new install with LDAP running on server 2008 R2 x64. I have everything running nicely execept for external clients connecting over the internet or VPN. The openfire server is behind a NSA 2400 Sonicwall. The windows firewall on the server is off. We have about 7 VPN’s to external locations using sonicwalls. All the correct ports are being forwarded and I am seeing traffic. Any external client (internet or VPN) is getting a login error in spark (Can’t connect to server: invalid name or server not reachable). I set the domain in the inital openfire setup to our “ourdomain.com”. External A record is pointing to the WAN IP using Chat.ourdomain.com.

I can access the web admin page externally through port 9090 without any issues. The problem is port 5222 from outside the network.

I know that the VPN connections can be tricky using Sonicwalls, so I am most worried about the external internet connections.

Besides the inital setup, are there any other places to set listening bindings for openfire? It seems like the connections are getting to the server then timing out. I see the traffic going through my firewall, but I don’t see any responses.

I can connect internally using our windows FQDN and by local IP. We don’t have loopback on so the external FQDN would not work anyways, nor the WAN IP.

Any help is greatly appreciated.

Here are some other things I have tried and still not working.

Logged in using simple user and user@domain. Neither are working outside our network.

I’ve setup a new install on a test server and put it completely on the DMZ. I am unable to connect from outside the network.

Is Openfire broken?

I think I was experiencing the same thing you were.

Not sure if you ever figured it out, but the problem for me was that I needed to add the IP subnet for the VPN to the Restrict Login section under “Registration Settings”

This only will be an issue if you have put any IP in there previously. If you didn’t have anything in there, then it shouldn’t have messed with the external connections.