3

We are deploying web applications in java using tomcat on client machines across the country.

Once they are installed, we want to allow a remote access to these web applications through a central server, but we do not want our clients to have to open ports on their routers.

Is there a way to tunnel the http traffic so that people connected to the central server can access the web applications that are behind a firewall ?

The central server has a static ip address and we have full control over it. Right now, it is a windows box but it could be changed to a linux box if necessary.

Our clients are running windows xp and up.

We don't need to access the filesystem, we only want to access the web application through a browser.

We have looked at reverse ssh tunneling but it shows scaling problem since every packet would have to pass through the central server.

pbreault
  • 131
  • 2

2 Answers2

4

sounds like you need to run a vpn access server. A vpn should allow strong authentication, encryption and scalability if you choose the right hardware.

The Unix Janitor
  • 2,458
  • 15
  • 13
1

Setup Site-to-Site IPSec (or OpenVPN) VPN tunnels to each client's firewall/router in a hub-spoke design from your server. This will require some work on their end though (and will require them/you to make configuration changes on their firewall), but this is definitely the most robust and secure method you could do.

gravyface
  • 13,957
  • 19
  • 68
  • 100