Come for the products,
stay for the community

The Atlassian Community can help you and your team get more value out of Atlassian products and practices.

Atlassian Community about banner
Community Members
Community Events
Community Groups

Crowd firewall configuration RHEL 7.4


I would like to know more about firewall configuration for crowd in RHEL 7.4. 

I have added the 8095 with firewall-cmd and semanage commands, but still can't access to crowd through web browser.

What could be wrong? How to check if crowd is running? 


1 answer

1 accepted

2 votes
Answer accepted

Hi @Bob B

You should run a simple netstat to check whether port 8095 is actually listening

$ netstat -an | grep 8095

You should also check what you've got in <>/apache-tomcat/logs/catalina.out. When Crowd has successfully started, you should get the following INFO log message:

2018-02-26 09:46:40,077 localhost-startStop-1 INFO [com.atlassian.crowd.startup] Starting Crowd Server, Version: 3.1.2 (Build:#891 - 2018-01-19)

* You can now use the Crowd server by visiting http://localhost:8095/crowd

Did you reload the firewall service after you added the new rule?

$ sudo firewall-cmd --reload


netstat -an | grep 8095
tcp6 0 0 :::8095 :::* LISTEN

the log says x.x.x.8095/opeidserver

does it mean i've installed wrong server?


and x.x.x.8095/opeidserver still refused to connect ... Ihave Jira core server  installed on same computer and Jira core is working fine...

The OpenID server is bundled in the default Crowd installation package. The first server to be started is Crowd Server then OpenID server. So, it's just fine that you see that the OpenID server is started, it does not mean that the Crowd server is not. Check the catalina.out file, a few lines before the log about the OpenID server you should see the same info about the Crowd server.

On your Crowd server, do you get 8095/tcp in the results of the following command? 

$ sudo firewall-cmd --list-ports

On a remote Linux machine, what do you get with a simple TCP connection to your Crowd server?

$ nc -vz <CROWD_SERVER_IP> 8095 

BTW I've noticed that the output of your netstat command is "tcp6" which means IPv6. Are you really trying to connect to an IPv6 address? If your Crowd server FQDN was bound to an IPv4 address I think you would see "tcp" or "tcp46" as a result of the netstat command.

If you want to force Crowd to use IPv4, add the option in apache-tomcat/bin/

JAVA_OPTS="-Xms128m -Xmx512m -Dfile.encoding=UTF-8 $JAVA_OPTS"

Thank you @Bruno Vincent. Turns out the port was disabled in network level... I had to change the default port to 80 (since i don't have network admin access) to make it run...

Suggest an answer

Log in or Sign up to answer
Community showcase
Posted in Jira Service Management

Jira Service Management Documentation Opportunities

Hello everyone, Hope everyone is safe! A few months ago we posted an article sharing all the new articles and documentation that we, the AMER Jira Service Management team created. As mentioned ...

320 views 0 10
Join discussion

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you