Zimbra authentication error

[billy_oconnell]

Hello,
I have setup zimbra on an internal server, and it is workiing fine. It uses our local ldap server to authenticate the users. However, I want to be able to access the server from the external world. I have a firewall protecting the network.
Zimbra is running on fc4.
I have a server running apache in the dmz that forwards the webmail requests through the fw via port 18880. When I am outside my network and go to http://webmail... The zimbra login page comes up. However, when I go to login, I get an error message:

An unknown application error has occurred. Please correct any errors and retry.
I can see the traffic using tcpdump on the zimbra server, and it appears to be fine. I cannot find any error messages in the log files as to why the authentication might be failing.
My external apache configuration is:



ServerName webmail.x.com

RedirectPermanent / http://webmail.x.com/

ProxyPass / http://x.x.x.x:18880">http://x.x.x.x:18880/

ProxyPassReverse / http://x.x.x.x:18880">http://x.x.x.x:18880/

ProxyVia Off


Is there perhaps a proxy config problem perhaps?
I have tried a number of different apache configs, but I see to get the same result each time.
Any help would be appreciated, and any additional information I can provide.
Thanks,

Billy

[billy_oconnell]

I am still looking at this issue, but after some research and some help from paros, it looks like I have narrowed down where the issue is.
Here is the request made by my external browser:

http://www.w3.org/2003/05/soap-envelope"> xmlns="urn:zimbra">usera@x.comxxxxx
This is the response:

soap:Receiversystem">http://www.w3.org/2003/05/soap-envelope ... iversystem failure: Request not allowed on port 18880service.FAILUREcom.zimbra.cs.service.ServiceException: system failure: Request not allowed on port 18880

at com.zimbra.cs.service.ServiceException.FAILURE(ServiceException.java:131)

at com.zimbra.cs.servlet.ZimbraServlet.service(ZimbraServlet.java:142)

at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)

at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)

at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)

at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)

at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)

at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)

at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)

at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:541)

at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)

at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)

at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:667)

at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)

at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)

at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)

at java.lang.Thread.run(Thread.java:595)





Hopefully this provides more insight into my problem. I am not very familiar with SOAP.
Here is a quick rundown on what happens from a network standpoint:
Request --->

External server receives request, apache uses virtual host and forwards to port 18880 -->

fw takes request on port 18880 and forwards to internal zimbra on port 80 -->

internal zimbra receives request on port 80.

Thanks again,

Billy

[dkarp]

This was fixed in 4.0. We were using the port the client was connecting to rather than the port the server was fielding the request on in a few places in the code.

[billy_oconnell]

Thank you. The upgrade to 4 did it.
Billy