I got the following setup:
- Openfire 3.8.2 installed within my development VM
- Forwarding tcp at port 5222 on my routers NAT here at home (where the host of the VM is running) and at the VMs NAT, so openfire is reachable from outside my LAN.
- Subdomain registered at dyndns.org pointing to my routers IP
- Openfire setup to use that domain
And the following problem with it:
Locally connecting to Openfire isn’t much of a problem, neither from the VM host nor the VM guest running Openfire (to be exact: It works like a blaze), but any connection attempt from the outside, using the dyndns.org domain I registered, fails with a timeout. Using Wireshark to monitor the traffic from and to openfire I could figure out that the timeout does not occur at the transport layer (the TCP connection is established and shut down perfectly and without any glitches, so port forwarding is confirmed to be working), but the server just never responds to the opening
<stream:stream to="suchtbauerei.dyndns.org" xmlns="jabber:client" xmlns:stream="http://etherx.jabber.org/streams" version="1.0">
message my client outside the local LAN sends. Thus the timeout message my client fails with a missing/timed-out response to that initiation message from the server at the application layer, as also my Wireshark traffic log indicates.
Nevertheless, Openfire doesn’t produce any errors according to log that could help me starting to debug, leaving me here without any clue on how to procede. Also the same clients used for testing work perfectly when used inside the LAN to connect to my local openfire installation, and work perfectly when connecting to other XMPP servers outside my LAN.
From this, I conclude that the problem seems to be server and/or server configuration related, but I’m not experienced enough with XMPP and Openfire in particular to find or guess that configuration issue without debug output. Nevertheless I’m pretty sure that I just missed a more or less simple and common step in the process of setting up my server.
I’m looking for either a suggestion on how to produce more debug output I can use to find a solution or a complete documentation on how to setup openfire within a LAN behind a NAT box using dyndns.org or a similar free provider for dynamic DNS services.