Results 1 to 10 of 10

Thread: Zimbra Admin Interface issue

Hybrid View

  1. #1
    Join Date
    May 2011
    Posts
    6
    Rep Power
    4

    Post Zimbra Admin Interface issue

    Hi Friends/Admins


    I am new to zimbra , have a query here it goes.

    #I installed zimbra version
    (Release 7.1.0_GA_3140.RHEL5_64_20110329150833 CentOS5_64 FOSS edition)

    on machine
    2.6.18-128.1.10.el5.xs5.5.0.51xen x86_64 GNU/Linux


    Installation went superfine
    even i can send mails out

    # zmcontrol status
    Host bizom
    antispam Running
    antivirus Running
    ldap Running
    logger Running
    mailbox Running
    mta Running
    snmp Running
    spell Running
    stats Running
    zmconfigd Running


    #the normal user interface is working fine on
    HTTP://XX.XX.XX.XX

    #Issue is
    the admin interface is NOT working on
    HTTPS://XX.XX.XX.XX:7071

    #nmap localhost gives output like
    PORT STATE SERVICE
    22/tcp open ssh
    25/tcp open smtp
    80/tcp open http
    110/tcp open pop3
    111/tcp open rpcbind
    143/tcp open imap
    465/tcp open smtps
    587/tcp open submission
    631/tcp open ipp
    838/tcp open unknown
    993/tcp open imaps
    995/tcp open pop3s

    ****Missing is 443 HTTPS*****

    #My machine haves a inet6 interface with a ipv4 configured
    and i have google it and found that ZIMBRA does not suppot ipv6?
    Please correct me If i am wrong, SHow some light on this
    Here is Bug Report on the same-->
    Reffer
    Bug 13161 – IPv6 support

    ############################
    Services Listening on IPV4
    ##############################

    portmap 1479 rpc 3u IPv4 3213 UDP *:sunrpc
    portmap 1479 rpc 4u IPv4 3214 TCP *:sunrpc

    (LISTEN)
    rpc.statd 1504 root 3u IPv4 3317 UDP *:835
    rpc.statd 1504 root 6u IPv4 3303 UDP *:832
    rpc.statd 1504 root 7u IPv4 3335 TCP *:838

    (LISTEN)
    hpiod 1852 root 0u IPv4 3902 TCP

    localhost.localdomain:2208 (LISTEN)
    python 1857 root 4u IPv4 3920 TCP

    localhost.localdomain:2207 (LISTEN)
    cupsd 1916 root 4u IPv4 4043 TCP

    localhost.localdomain:ipp (LISTEN)
    cupsd 1916 root 6u IPv4 4046 UDP *:ipp
    avahi-dae 2058 avahi 13u IPv4 4308 UDP *:mdns
    avahi-dae 2058 avahi 15u IPv4 4310 UDP *:33520
    slapd 2222 zimbra 7u IPv4 5035 TCP

    bizcom:ldap (LISTEN)
    zmlogger 3307 zimbra 3u IPv4 6108 TCP

    localhost.localdomain:10663 (LISTEN)
    mysqld 3362 zimbra 12u IPv4 6155 TCP

    localhost.localdomain:7306 (LISTEN)
    mysqld 3362 zimbra 30u IPv4 6388 TCP

    localhost.localdomain:7306->localhost.localdomain:55382 (ESTABLISHED)
    mysqld 3362 zimbra 52u IPv4 20583 TCP

    localhost.localdomain:7306->localhost.localdomain:55702 (ESTABLISHED)
    amavisd 3528 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3633 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3634 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3635 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3636 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3637 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3638 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3639 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3640 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3641 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    amavisd 3642 zimbra 5u IPv4 6329 TCP

    localhost.localdomain:10024 (LISTEN)
    clamd 3687 zimbra 5u IPv4 6477 TCP

    localhost.localdomain:dyna-access (LISTEN)
    master 3905 root 12u IPv4 6823 TCP *:smtp

    (LISTEN)
    master 3905 root 16u IPv4 6827 TCP *:smtps

    (LISTEN)
    master 3905 root 19u IPv4 6830 TCP

    *:submission (LISTEN)
    master 3905 root 109u IPv4 6948 TCP

    localhost.localdomain:10025 (LISTEN)



    ###########################
    Services listening on IPV6
    ###########################
    sshd 1903 root 3u IPv6 3987 TCP *:ssh

    (LISTEN)
    avahi-dae 2058 avahi 14u IPv6 4309 UDP *:mdns
    avahi-dae 2058 avahi 16u IPv6 4311 UDP *:56438
    java 2401 zimbra 72u IPv6 5190 UDP *:50951
    java 2401 zimbra 73u IPv6 5830 TCP

    localhost.localdomain:7171 (LISTEN)
    java 3416 zimbra 57u IPv6 6313 TCP *op3

    (LISTEN)
    java 3416 zimbra 64u IPv6 6317 TCP *op3s

    (LISTEN)
    java 3416 zimbra 65u IPv6 6318 TCP *:imap

    (LISTEN)
    java 3416 zimbra 66u IPv6 6319 TCP *:imaps

    (LISTEN)
    java 3416 zimbra 67u IPv6 6320 TCP *:vmsvc-2

    (LISTEN)
    java 3416 zimbra 69u IPv6 6321 TCP *:http

    (LISTEN)
    java 3416 zimbra 70u IPv6 6322 TCP *:7071

    (LISTEN)
    java 3416 zimbra 71u IPv6 6323 TCP *:7072

    (LISTEN)
    java 3416 zimbra 93u IPv6 6461 UDP *:53444
    java 3416 zimbra 97u IPv6 6387 TCP

    localhost.localdomain:55382->localhost.localdomain:7306 (ESTABLISHED)
    java 3416 zimbra 108u IPv6 6438 TCP *:5223

    (LISTEN)
    java 3416 zimbra 109u IPv6 6434 TCP *:7335

    (LISTEN)
    java 3416 zimbra 110u IPv6 6435 TCP *:cbt

    (LISTEN)
    java 3416 zimbra 121u IPv6 6453 TCP

    *:xmpp-server (LISTEN)
    java 3416 zimbra 122u IPv6 6454 TCP *:10015

    (LISTEN)
    java 3416 zimbra 123u IPv6 6455 TCP

    *:xmpp-client (LISTEN)
    java 3416 zimbra 153u IPv6 20582 TCP

    localhost.localdomain:55702->localhost.localdomain:7306 (ESTABLISHED)
    httpd 3710 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    httpd 3747 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    httpd 3749 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    httpd 3751 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    httpd 3752 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    httpd 3754 zimbra 3u IPv6 6511 TCP *:7780

    (LISTEN)
    sshd 5409 root 3u IPv6 8575 TCP

    brgerg.com:ssh->202.71.129.69:36532 (ESTABLISHED)


    NUTSHELL
    ################################################## ################
    Zimbra Apache is not listening on IPv4 , user interface is working
    Admin interface HTTPS:7071 is not working
    Nmap localhost missing https 443

    What if i configure my machine with an ipv6 address
    will zimbra admin panel work for me >



    Awaiting a prompt reply

    Regards
    Jack



    ################################################## ###################

  2. #2
    Join Date
    Nov 2009
    Location
    Ljubljana, Slovenia
    Posts
    268
    Rep Power
    6

    Default

    By quickly reading your post I noticed that port 7071 is missing, not just 443. Correct me if I am wrong, but when connecting to https://x.x.x.x:7071 connection is made from random client port to port 7071 on destination side, and NOT to port 443! Port 443 is just default SSL port if it is not specified in URL address, just like port 80 is default for HTTP if not specified in URL, but Zimbra Admin uses SSL (which is requested by URL type https://) via port 7071 (which is specified in URL after:7071), so port 7071 must be opened and NAT-ed properly. You do not need port 443 for standard Zimbra setup!

    Question:
    where are you trying to connect to https://x.x.x.x:7071 FROM? Is it from local Zimbra machine, or from inside your LAN, or from outside WAN? Things to check are not the same for all connections:

    - connect from inside Zimbra: Check, if connectiong to local IP or FQDN makes any difference. Zimbra web server might not be configured to answer on local domain name, OR the problem might be with DNS resolution, if you try to connect from inside server. You must setup Split DNS, so local DNS resolution will be different to public DNS resolution for the same domain name.

    - connection from LAN: Check same as above. Ping and dig and nslookup your Zimbra server's name from another computer. If your LAN computer client is set to use PUBLIC DNS, it will never get the proper LAN IP!

    - connect from outside WAN: check firewall, router, NAT translation - open ports. Port 7071 should be DNAT to your Zimbra server's LAN IP.

  3. #3
    Join Date
    May 2011
    Posts
    6
    Rep Power
    4

    Default

    Hi Labsy
    Please bear with me being n00b in networks issues
    Firstly
    Port 7071 is not missing

    (LISTEN)
    java 3416 zimbra 70u IPv6 6322 TCP *:7071

    Secondarily
    when i do a nmap localhost 443 https service is not running.
    It should if admin interface use https ,showing http 80 but not https 443correct me if i am wrong.
    >/etc/hosts file contains proper enteries for the hostname and the localhost
    >The host name of the zimbra server is not dns resolveable yet.
    But i think if you are directly using the ip address

    and
    I am able browsing the normal zimbra user interface from wan without any hitch from link http://XX.XX.XX.XX
    question is then why not i am able to browse https://XX.XX.XX.XX:7071

    I have opened all the necessary ports on firewall for zimbra server

    is there any network connectivity issue i am missing on somewhere >
    Last edited by Jack_Redington; 05-05-2011 at 12:37 PM. Reason: typo error

  4. #4
    Join Date
    May 2011
    Posts
    6
    Rep Power
    4

    Default

    @ Labsy

    I have an inet6 interface with IPV4 configured
    lsof shows httpd listening for IPV6
    a friend topped that httpd not listening for IPV4 is an issue not letting you browse admin interface over https

    Is this an real issue ?
    if yes
    then how come i am able to browse user interface when httpd is listening over IPV6

    Show some light on this friends

  5. #5
    Join Date
    Sep 2006
    Location
    477 Congress Street | Portland, ME 04101
    Posts
    1,374
    Rep Power
    11

    Default

    So there are two problems here if I understand this correctly:

    First, you can't get to the Admin Console.

    Second, you can't use Zimbra as a regular user over https.

    If so, as regards the Admin Console, please run as root on the Zimbra server "telnet localhost 7071" and let us know if you get a response back.

    If you get a response, then the Admin Console is available. If you don't get a response, the Admin Console may still be available but iptables, SELinux, AppArmor or some such could be getting in the way.

    As regards Zimbra over https, you may need only to run the zmtlsctl command (as the zimbra user) and restart zimbra to "fix" this "problem". We like to set up systems to use the "redirect" option, but that's up to you. The Administrator's manual has a good explanation of what the various options do.

    Hope that helps,
    Mark

  6. #6
    Join Date
    May 2011
    Posts
    6
    Rep Power
    4

    Default

    HI
    The solution to the problem was residing in the firewall
    Ports blocked for wan but accessible on lan was the issue.
    Thanks

    Labsy ,L. Mark Stone for providing a direction.
    Have a fully functional zimbra now.

    Regards
    Jack

  7. #7
    Join Date
    Nov 2009
    Location
    Ljubljana, Slovenia
    Posts
    268
    Rep Power
    6

    Default

    I am glad that the last sentence of my first answer was the resolution, despite you missed it when reading

  8. #8
    Join Date
    May 2011
    Posts
    6
    Rep Power
    4

    Default

    Thanks Labsy

  9. #9
    Join Date
    Oct 2011
    Posts
    5
    Rep Power
    4

    Default

    Hi every body,
    I faced recently a very strange prolem with my zimbra.
    Every thing is working very well and all things is accessable inside our university (our LAN and WAN) but its 443 (https://xxx.xxx.xxx ) is not a accessible from outside of our province (our IP provide is located just inside the province). but I can telnet to our main router on 443 from outside of province ...
    Just now I dont use any firewall or any access list to block a port in my router.
    May some body help me ?
    Last edited by hhemof; 08-03-2012 at 03:22 AM.

Similar Threads

  1. Issues after upgrading from 6.0.10 to 7
    By rhorist in forum Administrators
    Replies: 8
    Last Post: 02-25-2011, 08:38 AM
  2. Did I miss something? (Zimbra GA 6.0.8 on Ubuntu 10.04)
    By vpetersson in forum Installation
    Replies: 2
    Last Post: 10-26-2010, 07:29 AM
  3. admin consol blank after 5.0.3 upgarde
    By maumar in forum Administrators
    Replies: 6
    Last Post: 03-21-2008, 06:16 AM
  4. huge log size
    By rmvg in forum Administrators
    Replies: 5
    Last Post: 01-02-2007, 10:39 AM
  5. Unable to start tomcat
    By chanck in forum Administrators
    Replies: 11
    Last Post: 06-11-2006, 01:58 AM

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •