Laura, The service management app is trying to connect to CAS via the loopback interface, which doesn't use the PREROUTING chain in the NAT table. It's effectively bypassing your prerouting. You'll need to add another rule in the OUTPUT chain specifically for loopback traffic:
iptables -t nat -I OUTPUT -p tcp -d 127.0.0.1 --dport 443 -j REDIRECT --to-ports 8080 Or you could avoid NAT'ting altogether and use Apache with mod_proxy_ajp. Best regards, -- Carlos. -----Original Message----- From: Laura McCord [mailto:[email protected]] Sent: Wednesday, 17 October, 2012 13:39 To: [email protected] Subject: [cas-user] Service Management not working Hi Everyone, We are using iptables to preroute 80/443 to 8080/8443 and we are running tomcat on the higher ports, we are able to authenticate but the services doesn't work. This is the error message we are receiving: 2012-10-17 10:28:05,389 ERROR http-8443-1 [org.jasig.cas.client.util.CommonUtils] - Connection refused java.net.ConnectException: Connection refused at java.net.PlainSocketImpl.socketConnect(Native Method) at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:351) at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:213) at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:200) at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366) at java.net.Socket.connect(Socket.java:529) at com.sun.net.ssl.internal.ssl.SSLSocketImpl.connect(SSLSocketImpl.java:570) at com.sun.net.ssl.internal.ssl.BaseSSLSocketImpl.connect(BaseSSLSocketImpl.j ava:141) at sun.net.NetworkClient.doConnect(NetworkClient.java:163) at sun.net.www.http.HttpClient.openServer(HttpClient.java:388) at sun.net.www.http.HttpClient.openServer(HttpClient.java:523) at sun.net.www.protocol.https.HttpsClient.<init>(HttpsClient.java:272) at sun.net.www.protocol.https.HttpsClient.New(HttpsClient.java:329) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.getNewHttpCl ient(AbstractDelegateHttpsURLConnection.java:172) at sun.net.www.protocol.http.HttpURLConnection.plainConnect(HttpURLConnection .java:911) at sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect(Abst ractDelegateHttpsURLConnection.java:158) at sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLConnecti on.java:1172) at sun.net.www.protocol.https.HttpsURLConnectionImpl.getInput........ Anyone have any suggestions? Thanks, Laura -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user -- You are currently subscribed to [email protected] as: [email protected] To unsubscribe, change settings or access archives, see http://www.ja-sig.org/wiki/display/JSG/cas-user
