Problem :
Installation running smoothly but I can't opening Web Admin Console on Port 7071 and also web mail. I think there are miss configuration. Please help me out.
VM Instance specification :
13 GB of RAM
20 GB of SSD
4 Core CPU Intel Kabylake 2.8 GHZ
Zimbra Version :
Release 8.8.10_GA_3039.RHEL7_64_20180928094617 RHEL7_64 FOSS edition, Patch 8.8.10_P8.
Centos Version :
CentOS Linux release 7.6.1810 (Core)
Network Architecture (as is) :
There are two server running on GCP.
First Server act as Web Server with domain example.com (have 2 IPs, private and public)
Second Server act as Mail Server with domain mail.example.com (have 2 IPs)
Cloudflare
as CDN for DNS and Proxy.
Domain
from Namecheap but had transfer to Cloudflare.
GSuite
MX Record for example.com to GSuite
Network Architecture (to be) :
To access web app use domain example.com
To access web mail use domain mail.example.com
Email with example.com still using GSuite
Email with foundry.example.com using Zimbra and redirect to second server
Cloudflare DNS Configuration :
Type | Name | Value | TTL
A | mail | 35.239.186.33 | 2 Mins
MX | foundry | 10 mail.example.com | 2 Mins
Server IP :
IP private : 10.128.0.3
IP public : 35.239.186.33
Condition :
1. SELinux Already disabled.
Code: Select all
getenforce
Disabled
Code: Select all
firewall-cmd --list-ports
25/tcp 80/tcp 110/tcp 143/tcp 443/tcp 465/tcp 587/tcp 993/tcp 995/tcp 5222/tcp 5223/tcp 9071/tcp 7071/tcp
3. Because the instance have private ip (behind google firewall) and public IP so I'm working on Split DNS Solution using Bind9 as recommendation from https://wiki.zimbra.com/wiki/Split_DNS
Bind9 configuration
Code: Select all
options {
listen-on port 53 { 127.0.0.1; any; };
listen-on-v6 port 53 { ::1; any; };
directory "/var/named";
dump-file "/var/named/data/cache_dump.db";
statistics-file "/var/named/data/named_stats.txt";
memstatistics-file "/var/named/data/named_mem_stats.txt";
recursing-file "/var/named/data/named.recursing";
secroots-file "/var/named/data/named.secroots";
allow-query { localhost; any; };
zone "foundry.example.com" IN {
type master;
file "db.foundry.example.com";
};
$TTL 1D
@ IN SOA ns1.foundry.example.com. root.foundry.example.com. (
0 ; serial
1D ; refresh
1H ; retry
1W ; expire
3H ) ; minimum
@ IN NS ns1.foundry.example.com.
@ IN MX 0 mail.example.com.
ns1 IN A 10.128.0.3
mail IN A 10.128.0.3
hostname :
mail.example.com
What diagnostic I've done :
1. zmmailbox -z -m account@example.com gaf is working
Id View Unread Msg Count Path
1 unkn 0 0 /
16 docu 0 0 /Briefcase
10 appo 0 0 /Calendar
14 mess 0 0 /Chats
7 cont 0 0 /Contacts
6 mess 0 0 /Drafts
13 cont 0 0 /Emailed Contacts
2 mess 53 53 /Inbox
4 mess 0 0 /Junk
5 mess 0 0 /Sent
15 task 0 0 /Tasks
3 unkn 0 0 /Trash
2. zmprov fc all >> No Output
3. curl -v http://localhost:80
Rebuilt URL to: http://localhost:80/
Trying 127.0.0.1...
connect to 127.0.0.1 port 80 failed: Connection refused
Failed to connect to localhost port 80: Connection refused
Closing connection 0
curl: (7) Failed to connect to localhost port 80: Connection refused
Zimbra Status :
zmcontrol status
Host mail.example.com
amavis Running
antispam Running
antivirus Running
dnscache Running
imapd Running
ldap Running
logger Running
mailbox Running
memcached Running
mta Running
opendkim Running
proxy Running
service webapp Running
snmp Running
spell Running
stats Running
zimbra webapp Running
zimbraAdmin webapp Running
zimlet webapp Running
zmconfigd Running
all service are running.
Telnet to port 7071 connected
telnet 127.0.0.1 7071
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
Netstat :
netstat -tulnp | grep -E '7071|443|80'
tcp 0 0 127.0.0.1:8080 0.0.0.0:* LISTEN 7159/java
tcp 0 0 0.0.0.0:443 0.0.0.0:* LISTEN 7373/nginx: master
tcp 0 0 0.0.0.0:8443 0.0.0.0:* LISTEN 7159/java
tcp 0 0 0.0.0.0:7071 0.0.0.0:* LISTEN 7159/java
tcp6 0 0 :::7780 :::* LISTEN 8501/httpd
/etc/hosts :
Code: Select all
127.0.0.1 localhost localhost.localdomain localhost4 localhost4.localdomain4
::1 localhost localhost.localdomain localhost6 localhost6.localdomain6
10.128.0.3 mail.example.com mail # Added by Google
169.254.169.254 metadata.google.internal # Added by Google
Code: Select all
mail
Code: Select all
search mail.example.com foundry.example.com example.com
nameserver 127.0.0.1
If I using dig mx for foundry.example.com
Code: Select all
dig foundry.example.com mx
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> foundry.example.com mx
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 55642
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;foundry.example.com. IN MX
;; ANSWER SECTION:
foundry.example.com. 119 IN MX 1 mail.example.com.
;; Query time: 53 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 19 08:24:31 UTC 2019
;; MSG SIZE rcvd: 69
Code: Select all
dig mail.example.com a
; <<>> DiG 9.9.4-RedHat-9.9.4-74.el7_6.1 <<>> mail.example.com a
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13471
;; flags: qr rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;mail.example.com. IN A
;; ANSWER SECTION:
mail.example.com. 119 IN A 35.239.186.33
;; Query time: 16 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Wed Jun 19 08:23:54 UTC 2019
;; MSG SIZE rcvd: 61
What I missed here? I'm can't open web mail and admin web console.
If you need something about configuration and any others ask me on comment bellow. Thanks in advance
[1]: viewtopic.php?f=15&t=57099&start=20
[2]: https://wiki.zimbra.com/wiki/ZmSetServerName
[3]: https://wiki.zimbra.com/wiki/Split_DNS
[4]: https://www.linuxquestions.org/question ... or-910827/
[5]: https://stackoverflow.com/a/26486477/1533670
[6]: https://cloudcone.com/docs/article/how- ... il-server/
[7]: https://www.linuxtechi.com/install-open ... -centos-7/
[8]: https://www.tecmint.com/install-zimbra- ... ntos-rhel/