It is very similar to the fact that some host in the zabbix trapper data element in the "allowed hosts" field uses the dns name. And this name cannot be converted to an ip address

I have tried via IP or DNS and both ends at the Zabbix server or client. Wandering if its becuase I have used the Zabbix Agent MSI installer? Usually do my clients through the cmd prompt installation - unless something wrong with the MSI packages?!

I can telnet into the ports both ways - from the server to client and client to server. After having a play around still get the following....the 192.168.0.1 (is the gateway at the client). and rejected hosts is my zabbix server IP on the WAN.
failed to accept an incoming connection: connection from "192.168.0.1" rejected, allowed hosts: "

Show config of agent with the problem and write address your zabbix servers

CONF FILE FOR AGENT:

# This is a configuration file for Zabbix agent service (Windows)

# To get more information about Zabbix, visit http://www.zabbix.com




############ GENERAL PARAMETERS #################




### Option: LogType

# Specifies where log messages are written to:

# system - Windows event log

# file - file specified with LogFile parameter

# console - standard output

#

# Mandatory: no

# Default:

# LogType=file







### Option: LogFile

# Log file name for LogType 'file' parameter.

#

# Mandatory: no

# Default:

# LogFile=




LogFile=C:\Program Files\Zabbix Agent\zabbix_agentd.log




### Option: LogFileSize

# Maximum size of log file in MB.

# 0 - disable automatic log rotation.

#

# Mandatory: no

# Range: 0-1024

# Default:

# LogFileSize=1




### Option: DebugLevel

# Specifies debug level:

# 0 - basic information about starting and stopping of Zabbix processes

# 1 - critical information

# 2 - error information

# 3 - warnings

# 4 - for debugging (produces lots of information)

# 5 - extended debugging (produces even more information)

#

# Mandatory: no

# Range: 0-5

# Default:

# DebugLevel=3




### Option: SourceIP

# Source IP address for outgoing connections.

#

# Mandatory: no

# Default:

# SourceIP=




### Option: EnableRemoteCommands

# Whether remote commands from Zabbix server are allowed.

# 0 - not allowed

# 1 - allowed

#

# Mandatory: no

# Default:

# EnableRemoteCommands=0







### Option: LogRemoteCommands

# Enable logging of executed shell commands as warnings.

# 0 - disabled

# 1 - enabled

#

# Mandatory: no

# Default:

# LogRemoteCommands=0




##### Passive checks related




### Option: Server

# List of comma delimited IP addresses, optionally in CIDR notation, or DNS names of Zabbix servers and Zabbix proxies.

# Incoming connections will be accepted only from the hosts listed here.

# If IPv6 support is enabled then '127.0.0.1', '::127.0.0.1', '::ffff:127.0.0.1' are treated equally and '::/0' will allow any IPv4 or IPv6 address.

# '0.0.0.0/0' can be used to allow any IPv4 address.

# Example: Server=127.0.0.1,192.168.1.0/24,::1,2001:db8::/32,zabbix.domain

#

# Mandatory: yes, if StartAgents is not explicitly set to 0

# Default:

# Server=




Server=zabbix.coastalit.com.au




### Option: ListenPort

# Agent will listen on this port for connections from the server.

#

# Mandatory: no

# Range: 1024-32767

# Default:

ListenPort=10050







### Option: ListenIP

# List of comma delimited IP addresses that the agent should listen on.

# First IP address is sent to Zabbix server if connecting to it to retrieve list of active checks.

#

# Mandatory: no

# Default:

# ListenIP=0.0.0.0




### Option: StartAgents

# Number of pre-forked instances of zabbix_agentd that process passive checks.

# If set to 0, disables passive checks and the agent will not listen on any TCP port.

#

# Mandatory: no

# Range: 0-100

# Default:

# StartAgents=3




##### Active checks related




### Option: ServerActive

# List of comma delimited IPort (or DNS nameort) pairs of Zabbix servers and Zabbix proxies for active checks.

# If port is not specified, default port is used.

# IPv6 addresses must be enclosed in square brackets if port for that host is specified.

# If port is not specified, square brackets for IPv6 addresses are optional.

# If this parameter is not specified, active checks are disabled.

# Example: ServerActive=127.0.0.1:20051,zabbix.domain,[::1]:30051,::1,[12fc::1]

#

# Mandatory: no

# Default:

# ServerActive=




ServerActive=127.0.0.1




### Option: Hostname

# Unique, case sensitive hostname.

# Required for active checks and must match hostname as configured on the server.

# Value is acquired from HostnameItem if undefined.

#

# Mandatory: no

# Default:

# Hostname=




Hostname=SERVER




### Option: HostnameItem

# Item used for generating Hostname if it is undefined. Ignored if Hostname is defined.

# Does not support UserParameters or aliases.

#

# Mandatory: no

# Default:

# HostnameItem=system.hostname




### Option: HostMetadata

# Optional parameter that defines host metadata.

# Host metadata is used at host auto-registration process.

# An agent will issue an error and not start if the value is over limit of 255 characters.

# If not defined, value will be acquired from HostMetadataItem.

#

# Mandatory: no

# Range: 0-255 characters

# Default:

# HostMetadata=




### Option: HostMetadataItem

# Optional parameter that defines an item used for getting host metadata.

# Host metadata is used at host auto-registration process.

# During an auto-registration request an agent will log a warning message if

# the value returned by specified item is over limit of 255 characters.

# This option is only used when HostMetadata is not defined.

#

# Mandatory: no

# Default:

# HostMetadataItem=




### Option: RefreshActiveChecks

# How often list of active checks is refreshed, in seconds.

#

# Mandatory: no

# Range: 60-3600

# Default:

# RefreshActiveChecks=120




### Option: BufferSend

# Do not keep data longer than N seconds in buffer.

#

# Mandatory: no

# Range: 1-3600

# Default:

# BufferSend=5




### Option: BufferSize

# Maximum number of values in a memory buffer. The agent will send

# all collected data to Zabbix server or Proxy if the buffer is full.

#

# Mandatory: no

# Range: 2-65535

# Default:

# BufferSize=100




### Option: MaxLinesPerSecond

# Maximum number of new lines the agent will send per second to Zabbix Server

# or Proxy processing 'log', 'logrt' and 'eventlog' active checks.

# The provided value will be overridden by the parameter 'maxlines',

# provided in 'log', 'logrt' or 'eventlog' item keys.

#

# Mandatory: no

# Range: 1-1000

# Default:

# MaxLinesPerSecond=20




############ ADVANCED PARAMETERS #################




### Option: Alias

# Sets an alias for an item key. It can be used to substitute long and complex item key with a smaller and simpler one.

# Multiple Alias parameters may be present. Multiple parameters with the same Alias key are not allowed.

# Different Alias keys may reference the same item key.

# For example, to retrieve paging file usage in percents from the server:

# Alias=pg_usageerf_counter[\Paging File(_Total)\% Usage]

# Now shorthand key pg_usage may be used to retrieve data.

# Aliases can be used in HostMetadataItem but not in HostnameItem or PerfCounter parameters.

#

# Mandatory: no

# Range:

# Default:




### Option: Timeout

# Spend no more than Timeout seconds on processing.

#

# Mandatory: no

# Range: 1-30

# Default:

# Timeout=3







### Option: PerfCounter

# Syntax: <parameter_name>,"<perf_counter_path>",<period>

# Defines new parameter <parameter_name> which is an average value for system performance counter <perf_counter_path> for the specified time period <period> (in seconds).

# For example, if you wish to receive average number of processor interrupts per second for last minute, you can define new parameter "interrupts" as following:

# PerfCounter = interrupts,"\Processor(0)\Interrupts/sec",60

# Please note double quotes around performance counter path.

# Samples for calculating average value will be taken every second.

# You may run "typeperf -qx" to get list of all performance counters available in Windows.

#

# Mandatory: no

# Range:

# Default:




### Option: Include

# You may include individual files in the configuration file.

#

# Mandatory: no

# Default:

# Include=




# Include=c:\zabbix\zabbix_agentd.userparams.conf

# Include=c:\zabbix\zabbix_agentd.conf.d\

# Include=c:\zabbix\zabbix_agentd.conf.d\*.conf




Include=C:\Program Files\Zabbix Agent\zabbix_agentd.conf.d\




####### USER-DEFINED MONITORED PARAMETERS #######




### Option: UnsafeUserParameters

# Allow all characters to be passed in arguments to user-defined parameters.

# The following characters are not allowed:

# \ ' " ` * ? [ ] { } ~ $ ! & ; ( ) < > | # @

# Additionally, newline characters are not allowed.

# 0 - do not allow

# 1 - allow

#

# Mandatory: no

# Range: 0-1

# Default:

# UnsafeUserParameters=0




### Option: UserParameter

# User-defined parameter to monitor. There can be several user-defined parameters.

# Format: UserParameter=<key>,<shell command>

#

# Mandatory: no

# Default:

# UserParameter=




####### TLS-RELATED PARAMETERS #######




### Option: TLSConnect

# How the agent should connect to server or proxy. Used for active checks.

# Only one value can be specified:

# unencrypted - connect without encryption

# psk - connect using TLS and a pre-shared key

# cert - connect using TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSConnect=unencrypted







### Option: TLSAccept

# What incoming connections to accept.

# Multiple values can be specified, separated by comma:

# unencrypted - accept connections without encryption

# psk - accept connections secured with TLS and a pre-shared key

# cert - accept connections secured with TLS and a certificate

#

# Mandatory: yes, if TLS certificate or PSK parameters are defined (even for 'unencrypted' connection)

# Default:

# TLSAccept=unencrypted







### Option: TLSCAFile

# Full pathname of a file containing the top-level CA(s) certificates for

# peer certificate verification.

#

# Mandatory: no

# Default:

# TLSCAFile=







### Option: TLSCRLFile

# Full pathname of a file containing revoked certificates.

#

# Mandatory: no

# Default:

# TLSCRLFile=







### Option: TLSServerCertIssuer

# Allowed server certificate issuer.

#

# Mandatory: no

# Default:

# TLSServerCertIssuer=







### Option: TLSServerCertSubject

# Allowed server certificate subject.

#

# Mandatory: no

# Default:

# TLSServerCertSubject=







### Option: TLSCertFile

# Full pathname of a file containing the agent certificate or certificate chain.

#

# Mandatory: no

# Default:

# TLSCertFile=







### Option: TLSKeyFile

# Full pathname of a file containing the agent private key.

#

# Mandatory: no

# Default:

# TLSKeyFile=







### Option: TLSPSKIdentity

# Unique, case sensitive string used to identify the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKIdentity=







### Option: TLSPSKFile

# Full pathname of a file containing the pre-shared key.

#

# Mandatory: no

# Default:

# TLSPSKFile=

I think the problem is that the agent waits for connection from address "zabbix.coastalit.com.au" but gets from 192.168.0.1. And can not establish a relationship with one another (DNS? hosts?).
P.S. for the future - it is not necessary to show insignificant comments in the configuration file

@Replace DNS name with IP and check or provide both DNS and IP (It's working for me ) like below

Server=test.unixt.anz,10.102.209.111

Hello Guys!

I have exactly the same problem and I'm afraid it might be a bug. I currently use Zabbix to monitor my Kubernetes clusters. Everything works properly. Now I need to monitor my Docker servers. Following the instructions found on the official website, I installed zabbix-agent2, and that's when my problems started. I've never experienced this before. I've used versions 4 and 5 in the past and never had this kind of issue.

I installed the agent 2 via apt on my ARM machine. Yes, I used the correct repository for the processor and installed it without any problem.

I only configured the values below in the configuration file:

/etc/zabbix/zabbix_agent2.conf

Server=10.7.1.109
ServerActive=10.7.1.109:10051
Hostname=Docker-Builder

The Hostname must match the name of the host created in the Zabbix server frontend. In my case, it's configured accordingly.

Note: If I use DNS names instead of IPs, or if I ignore the Hostname value or configure another value, the result is the same.

Firewalls completely disabled on both sides, ping and telnet working perfectly.

Detail: The agent process only starts on the first initialization. If for any reason I restart the agent with systemctl, it doesn't start anymore.

tail -f /var/log/zabbix/zabbix_agent2.log

2024/04/02 15:15:45.658158 failed to accept an incoming connection: connection from "10.7.1.109" rejected, allowed hosts: "127.0.0.1" 2024/04/02 15:16:45.707597 failed to accept an incoming connection: connection from "10.7.1.109" rejected, allowed hosts: "127.0.0.1" 2024/04/02 15:17:45.762240 failed to accept an incoming connection: connection from "10.7.1.109" rejected, allowed hosts: "127.0.0.1"

The million-dollar question, worth a huge tks is:

Where is the value 127.0.0.1 coming from? It doesn't exist anywhere in the configuration file.

I would really appreciate some help to understand this symptom.

In my file, both passive and active, I'm informing my Zabbix server. General packet entry is allowed on both ends. I can't understand why the symptom and furthermore, I see that Hostname is set as Zabbix server, but I changed it to Docker-Builder.

I could only imagine that there was some other misconfigured configuration file (I saw this here in the forum with other users) but I don't have a zabbix_agend.conf.

I only have the zabbix_agent2.conf.

In the folder /etc/zabbix/zabbix_agent2.d/plugins.d there's the docker.conf file. I just uncommented the settings for it to get metrics from the Docker containers on this host.

In other words, there's clearly some problem with agent2... It doesn't obey the configurations in any installation method.

Help me, this is the only place...

Thank you very much!