Results 1 to 3 of 3

Thread: Login page from outside firewall.

  1. #1
    Join Date
    Jan 2011
    Posts
    12
    Rep Power
    4

    Default Login page from outside firewall.

    Hi there

    This is my first forum posting here so hope this all makes sense.

    I have recently migrated from Desknow to Zimbra Network Edition (6.10) running on an Ubuntu 10.04 LTS server (64bit edition).

    We are running a single domain on a single server which has multiple IP addresses on our internal LAN (4 NIC's in the server). The issue we are having is that we can not access the web interface externally. However it does appear to load a completely white page, there are do DNS or browser errors. This has been tried in both IE 6 & 7 & firefox 3.6

    Internally from the LAN everything works fine.

    I have put as much of our config in as I think is relevant below:

    The firewall and external DNS (with our ISP) are configured so that webmail.xxxx.xxx.uk points to an external IP 82.69.xxx.xxx

    The firewall is configured to permit traffic on that IP for ports 80 & 7071 and forward them to the internal address of our zimbra server (both http & https, I have also tried opening all firewall ports for an hour and trying but without any success).

    The firewall logs show a connection being made and it appears to pass through.

    I have looked at both the /var/log/zimbra.log and /opt/zimbra/jetty/log/access_log.date and can not see any reference to an external IP address.

    Under the MTA settings I have both the hostname and FQDN as options for managing mail. I have also added the public service host address as the externally configured address (which is the same as the FQDN).

    DNS is setup using the existing internal DNS servers, the hosts file is configured as follows:

    127.0.0.1 localhost webmail.xxxx.xxx.uk webmail
    172.xxx.xxx.xxx webmail.xxxx.xxx.uk webmail


    The resolve.conf is configured as follows:

    Search domainname
    nameserver 172.xxx.xxx.xxx
    nameserver 8.8.8.8

    The domain is setup to receive and forward mail via our internal anti spam system and the MX records are configured accordingly.

    We are able to send and receive email both internally and externally so that appears to be working ok.

    I'm not sure if there are any other logs I can look at which may indicate if traffic is being rejected either by the OS or by Zimbra or if there is an item of config I am missing.

    Any help would be appreciated.

    Many Thanks

    Tony

  2. #2
    Join Date
    Jul 2008
    Location
    UK
    Posts
    171
    Rep Power
    7

    Default

    Welcome to the Zimbra community.

    First comment: EEEK! You're using HTTP on the public network side?
    Second comment: EEEEK!! You're exposing your admin console to the Internet?

    Sounds like you just need to close 80 and open 443 (that's how mine's setup). Even if you've got zmtlscontrol set to redirect, I wouldn't recommend having un-encrypted access at all.

    Hope that helps.

  3. #3
    phoenix is offline Zimbra Consultant & Moderator
    Join Date
    Sep 2005
    Location
    Vannes, France
    Posts
    23,587
    Rep Power
    58

    Default

    In addition to the above comments (you really should rethink your security for external connections to the server) your hosts file is incorrect and will cause you problems. Go to the Split DNS article and then read the 'Verify...' section for the format of your hosts file.
    Regards


    Bill


    Acompli: A new adventure for Co-Founder KevinH.

Similar Threads

  1. better mobile login page
    By crevier in forum Zimbra Mobile
    Replies: 0
    Last Post: 10-29-2010, 10:48 AM
  2. Login Page Skins
    By mryan in forum Installation
    Replies: 8
    Last Post: 05-13-2008, 01:08 AM
  3. Login form for remote page?
    By xtremetoonz in forum Administrators
    Replies: 2
    Last Post: 04-10-2008, 07:48 AM
  4. How to extend login page ?
    By yattamax in forum Administrators
    Replies: 0
    Last Post: 11-14-2007, 02:44 AM
  5. Zimbra login page won't load
    By andreturpin in forum Administrators
    Replies: 1
    Last Post: 06-15-2006, 08:56 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •