Ad Widget

Collapse

Zabbix Servers behind nat

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • rebidebi
    Junior Member
    • May 2023
    • 11
    #1

    Zabbix Servers behind nat

    I have a problem with some remote branches..

    some branches have 2-3 servers but only 1 public ip address so i have to use different ports using nat, but it doesnt work

    1. I set the ServerActive as my zabbix external ip
    2. on server 1, the listening port is 10050. on server 2 the listening port is 10052. I NAT the connection accordingly, but still the connection fails.



    is there a way to get around that? i dont want to change the listening port of the zabbix server.. if thats the solution. I hope im just missing something.
    Last edited by rebidebi; 19-06-2023, 15:00.
    Tags: None
    • PeterZielony
      Senior Member
      • Nov 2022
      • 146
      #2
      Maybe reverse proxy like traefik or nginx?

      Or.. setup proxy on remote sites and set to active and connect proxy to zabbix server all via one port (zabbix side: listening port forwarded).

      Or on remote site setup proxy in passive mode and expose listening port so zabbix server can connect to it

      2-3 you can easly setup proxy with 1gb ram and 1x cpu and 5gb of storage and that's already too much for 2-3. Then connect proxy out to server(whicheveroption you choose) and replace hosts config to talk with proxy only(and server as a backup).

      More about proxies here
      https://www.zabbix.com/documentation...concepts/proxy

      And here
      1 Proxies
      https://www.zabbix.com/documentation/current/en/manual/distributed_monitoring/proxies
      Last edited by PeterZielony; 19-06-2023, 22:24.
      Hiring in the UK? Drop a message

        Comment

        • rebidebi
          Junior Member
          • May 2023
          • 11
          #3
          Originally posted by PeterZielony
          Maybe reverse proxy like traefik or nginx?

          Or.. setup proxy on remote sites and set to active and connect proxy to zabbix server all via one port (zabbix side: listening port forwarded).

          Or on remote site setup proxy in passive mode and expose listening port so zabbix server can connect to it

          2-3 you can easly setup proxy with 1gb ram and 1x cpu and 5gb of storage and that's already too much for 2-3. Then connect proxy out to server(whicheveroption you choose) and replace hosts config to talk with proxy only(and server as a backup).

          More about proxies here
          https://www.zabbix.com/documentation...concepts/proxy

          And here
          https://www.zabbix.com/documentation...toring/proxies




          i dont have much experience with the proxy, but just to understand...


          the proxy takes the data from the machines on remote branch (the proxy is installed on remote branch) and forwards to frontend
          does that mean i only have 1 port for communication, and won't have to create firewall rules for each machine?

            Comment

            • PeterZielony
              Senior Member
              • Nov 2022
              • 146
              #4
              Originally posted by rebidebi





              i dont have much experience with the proxy, but just to understand...


              the proxy takes the data from the machines on remote branch (the proxy is installed on remote branch) and forwards to frontend
              does that mean i only have 1 port for communication, and won't have to create firewall rules for each machine?
              Correct. And this is why is advisable to use proxy, also used to offload zabbix server. Advantages are also in case if connection is not very stable and proxy is used as a buffor so you dont lose data.

              and depends on situation same as agents - can be passive or active.

              And side note (same for agents) communication over internet make sure you configure tls/ssl
              Last edited by PeterZielony; 21-06-2023, 09:43.
              Hiring in the UK? Drop a message

                Comment

                Previous template Next
                Working...