Ad Widget

**tcilmo** · 17-04-2018, 15:49

active 10051; passive 10050

**RonaldMcDonaldTrump** · 17-04-2018, 22:28

Ok, thanks very much.

I have one more question for you.

I opened port 10051 to zabbix server ip on firewall (pfSense).

On zabbix_proxy.conf I set
Server=[private ip zabbix server]
Hostname=[zabbix server's hostname]

I installed zabbix agent on zabbix-proxy
Server=[private ip zabbix-proxy]
ServerActive=[private ip zabbix-proxy]
Hostname=[zabbix-proxy's hostname]

I'm not able to contact the server

Actually I don't have any access to these machines, but I'm going to get it in a few hours then I'll post the logs (agent and proxy).

I think I have to change all [private ip zabbix-server] with [public ip zabbix-server], isn't that?

**tcilmo** · 17-04-2018, 23:16

You have some config issues...

Zabbix_proxy.conf:

Server=[IP of zabbix server] - IP address (or hostname) of primary Zabbix server.
Hostname=[hostname of the proxy] - should be identical to the object in zabbix itself.

Zabbix Agent Conf On Proxy:

Server=[IP of zabbix server]
ServerActive=[IP of zabbix proxy or zabbix server or borh] - put in the IP of the server or servers that you want to process active checks.
Hostname=[zabbix-proxy's hostname] - for this one instance only, you would not put the proxy host name of every host the agent is on.

Hope this helps.

**RonaldMcDonaldTrump** · 17-04-2018, 23:33

Originally posted by tcilmo

You have some config issues...

Zabbix_proxy.conf:

Server=[IP of zabbix server] - IP address (or hostname) of primary Zabbix server.
Hostname=[hostname of the proxy] - should be identical to the object in zabbix itself.

Zabbix Agent Conf On Proxy:

Server=[IP of zabbix server]
ServerActive=[IP of zabbix proxy or zabbix server or borh] - put in the IP of the server or servers that you want to process active checks.
Hostname=[zabbix-proxy's hostname] - for this one instance only, you would not put the proxy host name of every host the agent is on.

Hope this helps.

Yes, It does help.

Until now I intend to start monitoring just the proxy, then all the other stuff when It will be working.

Do I have to use public or private IP address to point zabbix-server?

**tcilmo** · 17-04-2018, 23:39

Originally posted by RonaldMcDonaldTrump

Yes, It does help.

Until now I intend to start monitoring just the proxy, then all the other stuff when It will be working.

Do I have to use public or private IP address to point zabbix-server?

Not following the question. Zabbix can function on 10.x.x.x or 192.168.x.x space or public space.

**RonaldMcDonaldTrump** · 18-04-2018, 00:17

I opened the port 10051 on firewall to let zabbix-server to be queried by proxy.
But I can't still reach zabbix-server by proxy.

I think the problem is that I set in zabbix_proxy.conf the field Server as 192.168.0.6 which is zabbix-server private address.

These 2 networks are divided by a wan, and maybe the field Server should be the public ip which identifies the server not the private one.

Next morning I'll tell you if it works.

This question may sound obvious, but I'm a beginner.

**RonaldMcDonaldTrump** · 18-04-2018, 09:47

Works halfaway,
I can reach zabbix-server, but I got this error on the frontend.

I opened port 10050 on firewall.

In the image above is reported the zabbix-proxy item.

I understand I can reach zabbix-server by zabbix-proxy but not vicecarsa.

**tcilmo** · 18-04-2018, 15:33

Originally posted by RonaldMcDonaldTrump

Works halfaway,
I can reach zabbix-server, but I got this error on the frontend.

I opened port 10050 on firewall.

In the image above is reported the zabbix-proxy item.

I understand I can reach zabbix-server by zabbix-proxy but not vicecarsa.

What this is saying is that the Zabbix Server or Proxy (depends on how you have the host configured) can not talk to the host "srv-lmn-zpr-01" on port 10050. Could be network or host firewall rules, or network routing. If you don't have routing rules in place (not my area of expertise) your server on public space will not reach the server on the 192.168 network. For simplicity, put both on the public network.

**RonaldMcDonaldTrump** · 18-04-2018, 23:59

zabbix-server's firewall is listening on 10051 and is natted with public ip.
zabbix-proxy's firewall is listening on 10050 and is natted with public ip.

I can ping proxy by server, therefore routing works.

I just got a vision about a feasible solution.

Both proxy and server are natted as masquerade.

I think I should apply a nat rule on firewall to translate 172.22.1.145 into public ip of the other firewall.

**javadannur** · 03-05-2018, 11:50

Hi RonaldMcDonald. I am working on the same project as yours. Can you please explain if you managed to sort the issue out. I am using zabbix proxy installed on pfsense for the proxy side. Something like below

ZABBIX SERVER |FIREWALL | -------- | FIREWALL /ZABBIX PROXY | ZABBIX AGENT

**Ngk** · 17-08-2022, 10:47

Hi,
The agent is not communicating with Server even though the ports 10050 and 10051 are opened.

We have tested with OS: ubuntu 20.04 and Centos 7 it was working fine. but few of the agents with firewall are not working.

Get value from agent failed: cannot connect to [[XX.XX.XX.XX]:10050]: [4] Interrupted system call

Please help in resolving the issue.

Ad Widget

Which port I have to open on firewall?

Which port I have to open on firewall?

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment