Tomcat 404 errors accessing Linux Access Gateway protected resources

  • 3528453
  • 21-May-2007
  • 26-Apr-2012


Novell Access Management 3 Linux Access Gateway
Novell Access Management 3 Linux Novell Identity Server
Clustering of Linux Access Gateway Servers and Identity Servers behind an L4 switch


Customer had a cluster of Identity (IDP) servers and Linux Access Gateway (LAG) servers running behind an L4 switch. The base URL for the identity server was running over HTTPS on TCP port 8443. iptables was then used to redirect these requests to TCP port 443 using the following syntax (defined in the documentation):

iptables -t nat -A PREROUTING -i eth0 -p tcp --dport 443 -j DNAT --to (where was the IP address of the IDP server)

When the users tried to access the LAG protected resources, they would immediately get a Tomcat 404 error reported back from the LAG eSP.


Do NOT run the iptables command to redirect the TCP ports on the LAG - it is ONLY required on the IDP server. Removing the iptables command from the LAG allowed the protected resource pages to be displayed without any errors.