Understanding proxy layout (?)
Hi, everyone,
I've got a little problem with a server->proxy->agent configuration. I think I'm not understanding the layout or correct setup...
Let me explain what I've done: I've installed zabbix server (2.0.1) in a machine, and setup some local servers checkings. Everything gone well, fast and easy. I really like the way it works :-). Then, I decided to add some remote servers checking, running behind a firewall. As I understand it, one way to do this is to install a zabbix proxy (on the firewall or on another server accesible through a port forward), and then add zabbix agents to the servers, and configure them to report to the proxy, and then the proxy reports the status information to my already installed server. Am I right?
I've read on the forum that many people tends to get confused about the hostname of the server (DNS name) and the host name used in the zabbix configuration files... so I decided to use the same matching names everywhere. If a server's hostname (FQDN) is "srv1.example.com", I use that exact name in the host name configuration of the zabbix agents and server. All my hosts have matching hostnames on the DNS, and I use split horizon to use matching hostnames on private networks (I use it to allow people with notebooks and mobile phones to use the same configuration on their email programs no matter if they are connected outside or inside the network where the servers are running).
So, I have my zabbix server, installed a zabbix proxy (Active mode) on a remote firewall (allowing only traffic from my zabbix server's port to the proxy's port and viceversa) and now I want to monitor some server (with internal private IP) on the network behind that firewall. I've installed zabbix agents on those servers and once running, I've tried to add that hosts to my zabbix server using the web front-end. And that's pretty much what I'm trying to do...
Well, it didn't work... I've installed a local agent in the firewall and it went Ok in about 2 minutes after I've loaded the host in the zabbix server. This agent was configured with the IP address of the proxy as server, and it was loaded with the local private IP address from the LAN interface. I did the same with one of the servers, but it never goes "ok", just grey icon on the "Z", and error notification: "Zabbix agent on srv1.example.com is unreachable for 5 minutes".
So here I am, asking for some clarifications.
1) I have to ask...: Is this the correct way to achieve this?
2) Do I have to install the web front-end in the proxy and use it to configure the hosts or I can configure the hosts in the server only and that's enough to tell the proxy about the new host (looks like it is correct, but still needs to confirm)?
3) When I configure the host in the zabbix server, do I have to give the private IP address of that host or the public IP of the firewall where the proxy runs (originally, I've used the private IP, but as it didn't work with the servers, I've tried the public too, but to no avail)? This only works with the firewall, but I think it might work with the servers too.
I've read the logs, but the explanations given there are not very "enlightening"... I can add some lines from the logs to this thread so you can read them, but from what I googled, most problems are related to different host names in the agents and the server.
I think I've got some concept issues here... so I would like to get some feedback from you gurus. Thank you for your help in advance, and sorry for the long message... :-)
Cheers,
Gustavo
I've got a little problem with a server->proxy->agent configuration. I think I'm not understanding the layout or correct setup...
Let me explain what I've done: I've installed zabbix server (2.0.1) in a machine, and setup some local servers checkings. Everything gone well, fast and easy. I really like the way it works :-). Then, I decided to add some remote servers checking, running behind a firewall. As I understand it, one way to do this is to install a zabbix proxy (on the firewall or on another server accesible through a port forward), and then add zabbix agents to the servers, and configure them to report to the proxy, and then the proxy reports the status information to my already installed server. Am I right?
I've read on the forum that many people tends to get confused about the hostname of the server (DNS name) and the host name used in the zabbix configuration files... so I decided to use the same matching names everywhere. If a server's hostname (FQDN) is "srv1.example.com", I use that exact name in the host name configuration of the zabbix agents and server. All my hosts have matching hostnames on the DNS, and I use split horizon to use matching hostnames on private networks (I use it to allow people with notebooks and mobile phones to use the same configuration on their email programs no matter if they are connected outside or inside the network where the servers are running).
So, I have my zabbix server, installed a zabbix proxy (Active mode) on a remote firewall (allowing only traffic from my zabbix server's port to the proxy's port and viceversa) and now I want to monitor some server (with internal private IP) on the network behind that firewall. I've installed zabbix agents on those servers and once running, I've tried to add that hosts to my zabbix server using the web front-end. And that's pretty much what I'm trying to do...
Well, it didn't work... I've installed a local agent in the firewall and it went Ok in about 2 minutes after I've loaded the host in the zabbix server. This agent was configured with the IP address of the proxy as server, and it was loaded with the local private IP address from the LAN interface. I did the same with one of the servers, but it never goes "ok", just grey icon on the "Z", and error notification: "Zabbix agent on srv1.example.com is unreachable for 5 minutes".
So here I am, asking for some clarifications.
1) I have to ask...: Is this the correct way to achieve this?
2) Do I have to install the web front-end in the proxy and use it to configure the hosts or I can configure the hosts in the server only and that's enough to tell the proxy about the new host (looks like it is correct, but still needs to confirm)?
3) When I configure the host in the zabbix server, do I have to give the private IP address of that host or the public IP of the firewall where the proxy runs (originally, I've used the private IP, but as it didn't work with the servers, I've tried the public too, but to no avail)? This only works with the firewall, but I think it might work with the servers too.
I've read the logs, but the explanations given there are not very "enlightening"... I can add some lines from the logs to this thread so you can read them, but from what I googled, most problems are related to different host names in the agents and the server.
I think I've got some concept issues here... so I would like to get some feedback from you gurus. Thank you for your help in advance, and sorry for the long message... :-)
Cheers,
Gustavo
Comment