Ad Widget

Collapse

zabbix agent in DMZ

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • janr
    Junior Member
    • Apr 2014
    • 3
    #1

    zabbix agent in DMZ

    Hello Everyone,

    I've recently moved a (windows) server monitored by zabbix to the dmz.
    I've opened ports 10050 & 10051 in both directions (just to be sure).
    However, the zabbix agent can't reach the server.
    My zabbix server can ping the agent, and I've checked with telnet if ports 10050 & 10051 are open.

    Did I do something wrong or did I missed something?

    Regards,

    Janr
    Tags: None
    • aib
      Senior Member
      • Jan 2014
      • 1615
      #2
      Did you try to use "Zabbix agent(active)" type of checks?

      In that case your agent will be an initiator of connection with zabbix server.
      Sincerely yours,
      Aleksey

        Comment

        • janr
          Junior Member
          • Apr 2014
          • 3
          #3
          Thank you for the reply aib.
          I've tried that already.
          I've moved the servers again to the internal network and they popped up on the zabbix server immedately, but I still can't get any connection when they are in the DMZ

            Comment

            • wasabi
              Member
              • Mar 2014
              • 30
              #4
              Nat/pat?

              Hi janr,

              * do you nat/pat between LAN and DMZ? In this case you would have to do a nat exempt for this communication or define an entry in the "hosts" file reflecting the nat address.

              * do you use a hostname for the server and lack communication with a DNS server? -> Here an entry in your hosts file is helpful, too

              best regards,
              Claudio

                Comment

                • Speedfight
                  Member
                  • May 2007
                  • 67
                  #5
                  also check if your default gateway is set the right way

                    Comment

                    • janr
                      Junior Member
                      • Apr 2014
                      • 3
                      #6
                      Thanks for the replies. However, I still haven't been able to solve this.

                      I do not use nat/pat

                      I'm using an IP address to connect to.
                      I can open a telnet session from the clients to the zabbix server using port 10050 & 10051 and from the zabbix server to the clients using port 10050.
                      Which is what zabbix requires according to the documentation I could find.

                      I have now the same problem with a WAN link.
                      I can telnet to & from the client & server. The agent gets auto registered, but after that communication stops.

                        Comment

                        • gleepwurp
                          Senior Member
                          • Mar 2014
                          • 119
                          #7
                          Hi Janr,

                          have you tried setting up the Zabbix Agent log level to debug and see what gets logged?

                          Also, like aib said, can you try with both Zabbix Agent (active) items and the normal, passive Zabbix Agent Items and see if either one works?

                          Gleepwurp.

                            Comment

                            • alex1602
                              Junior Member
                              • Jun 2014
                              • 4
                              #8
                              Are the routes present to you private ip range (if necessary) instead of to the internet? This is only important when your DMZ has a other subnet than your backend servers.

                              (depending on where your zabbix is)

                                Comment

                                Previous template Next
                                Working...