It's not the same without you

Join the community to find out what other Atlassian users are discussing, debating and creating.

Atlassian Community Hero Image Collage

Configuration of JIRA / Bamboo application links behind a firewall and proxy server with external users

Don Mackert Nov 09, 2012

Problem: JIRA cannot communicate with the Bamboo server (application link is configured using internal IP and port; display address is shows externally facing URL) and Bamboo cannot resolve the JIRA ticket information (same application and URL configuration). Note: Applications work and are authenticated. Note: Bamboo in JIRA plug-in does not currently work since it cannot contact the Bamboo server with the display URL.

End State: JIRA and Bamboo users outside the firewall are able to see the JIRA information in Bamboo and the Bamboo information in JIRA.


JIRA is on its own system on an internal IP on the default port with the URL context of jira

Bamboo is on its own system on an internal IP on the default port with the URL context of bamboo

External users ( there are no internal users) access the JIRA and Bamboo through a reverse proxy via an externally facing URL. IE:


JIRA and Bamboo are currently configured using the internal IP’s and ports in the application links. IE:

JIRA and Bamboo have the display URLS as or


I want the JIRA and Bamboo transactions to occur within the boundary of the firewall and not exit the DMZ to access the external (display URLS)

I want the users to be able tro see the JIRA information in Bamboo and vice versa.

I have gone through a number of the articles and have seen numerous references to this configuration but not a definitive answer.



2 answers

1 accepted

1 vote
Answer accepted
Don Mackert Nov 21, 2012

I was able to solve the problem in the following manner.

Using the existing reverse proxy that is configured to proxy our externally facing URL’s to the internal servers; I was able to do the same from inside the firewall. I was able to ensure that the intra-server traffic remained within the firewall.

Note: I am not running an internal DNS.

I set the external URL in the local host file of the Bamboo, JIRA, Stash, and Confluence servers to point to the proxy server. IE to (proxy server). After verifying that the externally facing URLs correctly resolved in the web browser of each application I then deleted and recreated the application links as follows.

For example: Bamboo to JIRA was to

After recreating the application link using basic authentication and adding the following IPs to the incoming authentication of each application: proxy server (, source application IP (jira, bambbo, etc of, and the externally facing IP of the site (

Once each application link was recreated for each application pair; I tested each of the applications integration and they all worked as expected.

All of the Atlassian systems are on Linux servers.

Here are some notes that helped me troubleshoot the issues:

Log examination: tail –f <log file name>

Very useful in seeing the errors and then using the Atlassian site to correct the errors

Time – I had one server drift 7 minutes out (despite a ntp cron job) and this caused authentication problems between the applications.

Atlassian documentation, answers, and FAQs were very useful once the specific issue was noted

Steffen Opel Feb 07, 2013

Thanks much for the detailed summary, very helpful :) - I think it's worth noting that the main topic indeed seems to be a DNS configuration resolving to internal addresses when queried from within your network as James Dumay suggested, insofar you effectively implemented this by means of explicitly providing the internal address resolution in each servers hosts file.

We are running our Atlassian Suite on Amazon EC2, and unfortunately this is not readily available in Amazon Route 53 yet, despite being a feature of Public IP Addresses and External DNS Hostnames in EC2 indeed:

We provide each instance that has a public IP address with an external DNS hostname. We resolve an external DNS hostname to the public IP address of the instance outside the network of the instance, and to the private IP address of the instance from within the network of the instance.

1 vote

Hi Donald,

I think you could do this by changing your DNS server configuration so that the Bamboo and JIRA servers resolve at the internal addresses within your network instead of the external ones.

Let me know how you go!

Suggest an answer

Log in or Sign up to answer
This widget could not be displayed.
This widget could not be displayed.
Community showcase
Published in Jira

Try Jira Cloud for Outlook: Organize your work without leaving your inbox

Hi Atlassian community, My name is Max and I work on the product integration team at Atlassian. I am pleased to announce the early access program for the Jira Cloud add-in for Outlook. This add-in...

833 views 0 12
Read article

Community Events

Connect with like-minded Atlassian users at free events near you!

Find an event

Connect with like-minded Atlassian users at free events near you!

Unfortunately there are no Community Events near you at the moment.

Host an event

You're one step closer to meeting fellow Atlassian users at your local event. Learn more about Community Events

Events near you