Welcome to the Ranch, Jeff!
This looks more like a general Linux networking issue than
Tomcat. I'll see if I can link over there.
If I'm reading this correctly, you have 2 LAN segments, one for the server and one for the desktops. The server is on the 172 segment, and the desktops are on the 192.168 segment.
Where I get confused is the "firewall". I'm guessing that it's supposed to link the 172 and 192.168 subnets. Meaning that it's actually a router machine, since all well-configured machines have their own firewalls these days.
To link the 2 LAN segments properly, a couple of things have to be done:
1. You have to have IPV4 forwarding turned on on the routing machine.
2. You have to have a NIC configured for each connected subnet on the routing machine.
3. The NICs do have to have appropriate firewall configurations (iptables or firewalld) settings.
and last, but not least:
4. The IP routing has to be set up so that the 192.168 subnet can route to the 172 subnet and
vice versa. That's done by the
ip route command, but is normally stored as a permanent system setting in a format and location determined by which flavor of whatever OS the router machine is running.