Ad Widget

Collapse

Zabbix Applicant 5.2.1 CentOS8 is not accessible by public IP

Collapse
X
Collapse
 
  • Page of 1
  • Time
  • Show
Clear All
new posts
Previous template Next
  • sheldonh
    Junior Member
    • Nov 2020
    • 4
    #1

    Zabbix Applicant 5.2.1 CentOS8 is not accessible by public IP

    Hi,

    I've downloaded and started up the Appliance release 5.2.1. Everything works on the local network, no problems.

    I've configured a public IP address on our firewall with routing to the local Zabbix IP address. I can telnet into port 80 via the Public IP address, but I cannot open HTTP via any web browser. I've tried stopping iptables to see if there's routing rules stopping incoming traffic, but that does not help.

    Any ideas?

    Thanks
    Tags: None
    • tim.mooney
      Senior Member
      • Dec 2012
      • 1427
      #2
      I haven't looked at the appliance so I don't know for certain, but RHEL 8.x and CentOS 8.x have moved away from 'iptables/ip6tables' and now use 'nftables', generally with 'firewalld' as an "abstraction layer' in front of the backend nftables implementation.

        Comment

        • sheldonh
          Junior Member
          • Nov 2020
          • 4
          #3
          Originally posted by tim.mooney
          I haven't looked at the appliance so I don't know for certain, but RHEL 8.x and CentOS 8.x have moved away from 'iptables/ip6tables' and now use 'nftables', generally with 'firewalld' as an "abstraction layer' in front of the backend nftables implementation.
          Hi Tim,

          Thanks for the feedback.

          Unfortunately, the appliance I downloaded using CentOS8 does not have firewalld or nftables running. It also does not run on Apache, it runs on Nginx. I only see iptables as options for me to configure. If stopped iptables service, I still get the same behaviour. I've also tried to modify the Nginx conf files to see if I can get something right. I'm sharing here for reference:

          Click image for larger version Name: iptables.PNG Views: 397 Size: 4.5 KB ID: 414356

          Here is the iptables file itself

          Click image for larger version Name: iptables1.PNG Views: 418 Size: 13.1 KB ID: 414357
          Click image for larger version Name: iptables2.PNG Views: 414 Size: 14.7 KB ID: 414358

          This is the zabbix.conf file under /etc/nginx/conf.d/zabbix.conf

          Click image for larger version Name: zabbix1.PNG Views: 417 Size: 10.9 KB ID: 414359
          Click image for larger version Name: zabbix2.PNG Views: 403 Size: 10.3 KB ID: 414360

          Maybe with your knowledge you can spot something wrong?

            Comment

            • sheldonh
              Junior Member
              • Nov 2020
              • 4
              #4
              bumping up

                Comment

                • LenR
                  Senior Member
                  • Sep 2009
                  • 1005
                  #5
                  Start tcpdump on the web server watching for your inbound traffic. Then test with a browser. That will tell us if the traffic is getting there or not. You might also check the nginx logs. I haven;t used nginx much, but when I have, it just worked, so I don't have any debugging experience :-)

                    Comment

                    • sheldonh
                      Junior Member
                      • Nov 2020
                      • 4
                      #6
                      Originally posted by LenR
                      Start tcpdump on the web server watching for your inbound traffic. Then test with a browser. That will tell us if the traffic is getting there or not. You might also check the nginx logs. I haven;t used nginx much, but when I have, it just worked, so I don't have any debugging experience :-)
                      Thanks LenR, I've been able to confirm that I can receive inbound traffic over internet by monitoring over tcpdump. What seems to happen is that there is no response to the inbound requests. It's like the server blocks and responses or something. So SYN packets received, no ACK packets sent back.

                        Comment

                        Previous template Next
                        Working...