Hey Zimbra gurus
On our multi server installation there are 2 mailbox stores, 1 proxy, 1 mta and one 1 ldap.
Everything is working fine, but once i try to connect through web interface for a user the proxy redirects the connection to port 443 which is not correct and should be 7443 where actual web interface is running.
Can you advice which server (proxy ot mailstore) should be looked further, and even better can you suggest which option should i change.
ps. i've tested the proxy server with every option that i have - redirect, both and mixed in order to access mailstores
Need clarification on Multi Server proxy configuration
-
- Ambassador
- Posts: 2762
- Joined: Mon Dec 16, 2013 11:35 am
- Location: France - Drôme
- ZCS/ZD Version: All of them
- Contact:
Need clarification on Multi Server proxy configuration
Are zimbrapublicservicehostname, zimbrapublicserviceprotocol and zimbrapublicserviceport correctly setup for the domain?
- pup_seba
- Outstanding Member
- Posts: 687
- Joined: Sat Sep 13, 2014 2:43 am
- Location: Tarragona - Spain
- Contact:
Need clarification on Multi Server proxy configuration
[quote user="ymarinov"]Hey Zimbra gurus
On our multi server installation there are 2 mailbox stores, 1 proxy, 1 mta and one 1 ldap.
Everything is working fine, but once i try to connect through web interface for a user the proxy redirects the connection to port 443 which is not correct and should be 7443 where actual web interface is running.
Can you advice which server (proxy ot mailstore) should be looked further, and even better can you suggest which option should i change.
ps. i've tested the proxy server with every option that i have - redirect, both and mixed in order to access mailstores[/QUOTE]
Hi there!
It looks to me a that there's a missconfiguration. Could you check that your mailstore is configured as a proxy target. For instance with this:
zmprov gs `zmhostname` |grep -i proxylookup
Also, the only valid modes for your mailstore to work with a reverse proxy are "http" or "both", so make sure you are using one of them. For isntance with this:
zmprov gs `zmhostname` |grep -i zimbramailmode
I also can't remember that port 7443 is used as a default port. Did you change it no purpose? If I remember well, I think that is port 8443 the one that should be listening in your SSL requests. Actually, you should see in your mailbox that "mailSSLPort" is the one that your proxy uses to comunicate with your mailstore (8443) and that SSLProxyPort is 443. Check that with:
zmprov gs `zmhostname` |grep -i mailssl
Make sure which ports are being used with "netstat -venputa" and in which interfaces in case you have more than one nic.
After you got the results, let's take it from there.
I don't have a similar conf like yours to tell the exact output but "zimbraMailReferMode" should read something like "reverse-proxy"...try to check that with:
zmprov gs `zmhostname` |grep -i mailrefermode
With these commands you are not changing anything...just getting the information in order to find where is the missconfiguration.
Regards,
Sebas
On our multi server installation there are 2 mailbox stores, 1 proxy, 1 mta and one 1 ldap.
Everything is working fine, but once i try to connect through web interface for a user the proxy redirects the connection to port 443 which is not correct and should be 7443 where actual web interface is running.
Can you advice which server (proxy ot mailstore) should be looked further, and even better can you suggest which option should i change.
ps. i've tested the proxy server with every option that i have - redirect, both and mixed in order to access mailstores[/QUOTE]
Hi there!
It looks to me a that there's a missconfiguration. Could you check that your mailstore is configured as a proxy target. For instance with this:
zmprov gs `zmhostname` |grep -i proxylookup
Also, the only valid modes for your mailstore to work with a reverse proxy are "http" or "both", so make sure you are using one of them. For isntance with this:
zmprov gs `zmhostname` |grep -i zimbramailmode
I also can't remember that port 7443 is used as a default port. Did you change it no purpose? If I remember well, I think that is port 8443 the one that should be listening in your SSL requests. Actually, you should see in your mailbox that "mailSSLPort" is the one that your proxy uses to comunicate with your mailstore (8443) and that SSLProxyPort is 443. Check that with:
zmprov gs `zmhostname` |grep -i mailssl
Make sure which ports are being used with "netstat -venputa" and in which interfaces in case you have more than one nic.
After you got the results, let's take it from there.
I don't have a similar conf like yours to tell the exact output but "zimbraMailReferMode" should read something like "reverse-proxy"...try to check that with:
zmprov gs `zmhostname` |grep -i mailrefermode
With these commands you are not changing anything...just getting the information in order to find where is the missconfiguration.
Regards,
Sebas