Ad Widget

Collapse

No access from server with zabbix-agent to zabbix-server on port 10051

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • RockerMan
    Junior Member
    • Feb 2019
    • 8
    #1

    No access from server with zabbix-agent to zabbix-server on port 10051

    Hi all

    No access from host with zabbix-agent to zabbix-server on port 10051.
    Closes the firewalld. Please, tell me how to set up a firewalld on the host with zabbix-agent so that can access to port 10051/tcp on the zabbix-server?

    IP zabbix-agent 10.193.200.31, zabbix-server 10.193.200.32, if ens160
    OS Centos 7

    thx
    Tags: None
    • Hernandes Martins
      Senior Member
      Zabbix Certified SpecialistZabbix Certified Professional
      • Apr 2011
      • 900
      #2
      Hi,

      Look this reference:
      How To Open A Port In CentOS 7 With Firewalld
      https://www.rootusers.com/how-to-open-a-port-in-centos-7-with-firewalld/
      Learn how to open a port in firewalld, the default network firewall in CentOS 7 Linux.
      __

      Att.
      Hernandes Martins - Zabbix Trainer

      Zabbix Brazil Partner - www.luniobr.com

      Zabbix Brazil Community - www.zabbixbrasil.org

      Blog: hernandesmartins.blogspot.com.br

      Skype: hernandss
      Telegram: @MrHernandes

      Español
      Facebook: facebook.com/groups/zabbixlatam
      Telegram: https://t.me/ZabbixEspañol

      Português
      Facebook: facebook.com/groups/zabbixbrasil/
      Telegram: https://t.me/ZabbixBrasil

        Comment

        • RockerMan
          Junior Member
          • Feb 2019
          • 8
          #3
          This is all I know ...
          Sorry to incorrectly ask my question ...
          The firewalld on the zabbix-server is disabled, so you don’t need to open anything on it.
          Code:
          zabbix]# systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; disabled; vendor preset: enabled)
   Active: [I][B]inactive[/B][/I] (dead)
          The firewalld does not access to out on the zabbix-agent side. I can't disable it, other services are working.
          Code:
          # systemctl status firewalld
● firewalld.service - firewalld - dynamic firewall daemon
   Loaded: loaded (/usr/lib/systemd/system/firewalld.service; enabled; vendor preset: enabled)
   Active: [I][B]active[/B][/I] (running) since Tue 2018-10-02 09:22:28 MSK; 4 months 19 days ago
          Ports 10050/tcp, 10051/tcp open on zabbix-agent side, but this does not help
          Code:
          # firewall-cmd --permanent --list-ports
10050/tcp 10051/tcp
          on zabbix-agent side, zabbix-server IP address is added to sources in trusted, but it does not help
          Code:
          # firewall-cmd --get-active-zones
public
  interfaces: ens160
trusted
  sources: ...10.193.200.32
          as we see, there are requests for port 10051 to zabbix-server
          Code:
          zabbix-agent
# tcpdump -nn -i ens160 host 10.193.200.32 and port 10051
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens160, link-type EN10MB (Ethernet), capture size 262144 bytes
08:32:16.409440 IP 10.193.200.31.54746 > 10.193.200.32.10051: Flags [S], seq 1185984239, win 29200, options [mss 1460,sackOK,TS val 4017951967 ecr 0,nop,wscale 7], length 0
08:32:17.411501 IP 10.193.200.31.54746 > 10.193.200.32.10051: Flags [S], seq 1185984239, win 29200, options [mss 1460,sackOK,TS val 4017952970 ecr 0,nop,wscale 7], length 0
08:33:19.416233 IP 10.193.200.31.55488 > 10.193.200.32.10051: Flags [S], seq 2675422390, win 29200, options [mss 1460,sackOK,TS val 4018014974 ecr 0,nop,wscale 7], length 0
...
          but they do not reach him, something on zabbix-agent side does not allow these requests, but what exactly can not I find...
          Code:
          zabbix-server
# tcpdump -nn -i ens160 host 10.193.200.31 and port 10051
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on ens160, link-type EN10MB (Ethernet), capture size 262144 bytes
          zabbix-agent.log
          Code:
          9645:20190220:103524.703 active check configuration update from [10.193.200.32:10051] started to fail (cannot connect to [[10.193.200.32]:10051]: [4] Interrupted system call)
          Sorry, I am a newbie in firewalld/Linux, switched from ipfw/FreeBSD, so I don’t know this firewall
          Last edited by RockerMan; 20-02-2019, 09:39.

            Comment

            Previous template Next
            Working...