Welcome to the Ranch, Jeff!
This looks more like a general Linux networking issue than
Tomcat. I'll see if I can link over there.
If I'm reading this correctly, you have 2 LAN segments, one for the server and one for the desktops. The server is on the 172 segment, and the desktops are on the 192.168 segment.
Where I get confused is the "firewall". I'm guessing that it's supposed to link the 172 and 192.168 subnets. Meaning that it's actually a router machine, since all well-configured machines have their own firewalls these days.
To link the 2 LAN segments properly, a couple of things have to be done:
1. You have to have IPV4 forwarding turned on on the routing machine.
2. You have to have a NIC configured for each connected subnet on the routing machine.
3. The NICs do have to have appropriate firewall configurations (iptables or firewalld) settings.
and last, but not least:
4. The IP routing has to be set up so that the 192.168 subnet can route to the 172 subnet and
vice versa. That's done by the
ip route command, but is normally stored as a permanent system setting in a format and location determined by which flavor of whatever OS the router machine is running.
Some people, when well-known sources tell them that fire will burn them, don't put their hands in the fire.
Some people, being skeptical, will put their hands in the fire, get burned, and learn not to put their hands in the fire.
And some people, believing that they know better than well-known sources, will claim it's a lie, put their hands in the fire, and continue to scream it's a lie even as their hands burn down to charred stumps.