[SOLVED] No Zimbra Talk pop up/window

Working with Zimbra Talk? This is your Forum, drop here your questions with the Installation, Configuration, etc.
Post Reply
vfara
Posts: 6
Joined: Fri Aug 12, 2016 10:46 am

[SOLVED] No Zimbra Talk pop up/window

Post by vfara »

Hello, I am having some troubles with Zimbra Talk in a multiserver, split DNS environment.

After my colleagues installed Zimbra 8.7 (commercial version, we are planning to sell Zimbra as a service) and made some preliminary tests, they asked me to do some more testing on the mail part and
then integrate the Talk part.

All my tests were just fine until I tried Zimbra Talk integration.

Differently from what I read in other threads, I have the Zimbra Talk tab, I can see my contacts by clicking "Manage IM Contacts", but I have no talk window/pop up in the
right low corner.

As I told, the Zimbra installation is splitted on four servers:

ldap01.mydomain.tld (LDAP, 10.1.1.20
mta01.mydomain.tld (MTA and proxy, 10.1.1.40)
mbox01.mydomain.tld (Mailstore, 10.1.1.60)
web01.mydomain.tld (Web UI, 10.1.1.80)

All of the above are CentOS 7.2

I added then a fifth server, Ubuntu 14.04, and installed Zimbra Talk following the guide on your wiki
talk01.mydomain.tld (Talk server, 10.1.1.90)

At the moment I have a single public IP with the requested port forwardings for the proxy and the talk servers.
dnsmasq on ldap01 resolves names for all the Zimbra machines, I have then an authoritative server for
mydomain.tld for the public part.

All the above names (ldap01, mta01, mbox01, web01, talk01) have an A record pointing to the only
public IP address I am using at the moment; my colleagues previously configured a CNAME too, mail.mydomain.tld
pointing to mta01.mydomain.tld

Moreover, I have a wildcard certificate for *.mydomain.tld so SSL isn't a problem.

What I have found by using Chrome developer tools is that if I call my Zimbra web interface using mail.mydomain.tld I have
the following problems:

XMLHttpRequest cannot load https://talk01.mydomain.tld/checkauth/global. Response to preflight request doesn't pass access control check: A wildcard '*' cannot be used in the 'Access-Control-Allow-Origin' header when the credentials flag is true. Origin 'https://mail.mydomain.tld' is therefore not allowed access. The credentials mode of an XMLHttpRequest is controlled by the withCredentials attribute.
mail.postway.it/:2260 ------------------------------------- Loading package: ZimletApp

and then, after several seconds, I see this:

https://10.1.1.90/mini/stylesheets/mini.css Failed to load resource: net::ERR_CONNECTION_TIMED_OUT (i am accessing the web interface from a public network)

To bypass the cross-origin issue I did two different tests, first disabling cross domain checks on the browser and then
using talk01.mydomain.tld instead of mail.mydomain.tld in the address bar.

In both cases I had the same following problems:


https://talk01.mydomain.tld/checkauth/global Failed to load resource: the server responded with a status of 404 (Not Found)

and again

https://10.1.1.90/mini/stylesheets/mini.css Failed to load resource: net::ERR_CONNECTION_TIMED_OUT

It's clear to me that I have some name-related and reversing proxying problems, but after having tried to debug on my own, I decided
to ask to avoid messing up the environment.

Thanks for any help or hint you can give me.
Kind regards.
vfara
Posts: 6
Joined: Fri Aug 12, 2016 10:46 am

Re: No Zimbra Talk pop up/window

Post by vfara »

As a side note, I quickly tested the Talk part itself with an external XMPP client (Pidgin) and it works like a charm.
pkaiser
Posts: 3
Joined: Wed Apr 27, 2016 2:56 pm

Re: No Zimbra Talk pop up/window

Post by pkaiser »

Hi vfara,

It looks like you have used ip address instead of fqdn in talk configuration. Could you please provide us a screenshot of your configuration?
You can also reach us on irc in channel #zimbra

About the cross-origin issue: this looks weird. Which browser version are you using?

Greetz,
Patrick
pkaiser
Posts: 3
Joined: Wed Apr 27, 2016 2:56 pm

Re: No Zimbra Talk pop up/window

Post by pkaiser »

Hi vfara,

it looks like you have entered the ip address and not the domain name in zimlet configuration. To be sure, could you please provide us a screenshot or something of your
zimlet configuration page?

The problem with cross-origin seems to be weird. Which browser version are you using?

Btw: You can ping us als on IRC in channel #zimbra (FreeNode)


Greetz,
Patrick
vfara
Posts: 6
Joined: Fri Aug 12, 2016 10:46 am

Re: No Zimbra Talk pop up/window

Post by vfara »

Hi pkaiser, thank you for answering.
No, I didn't input a literal IP while configuring zimlet, what I put what exactly what Zimbra Talk installer told me, here's a screenshot:

Image

My browser is Chrome, details below:

Google Chrome 53.0.2785.46 (Build ufficiale) beta (a 64 bit)
Revisione 93ef067a219dd32ef8d0b213381363fda37e84ac-refs/branch-heads/2785@{#489}
Sistema operativo Linux
Blink 537.36 (@93ef067a219dd32ef8d0b213381363fda37e84ac)
JavaScript V8 5.3.332.26
Flash 22.0.0.209
User-agent Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2785.46 Safari/537.36

Kind regards.
pkaiser
Posts: 3
Joined: Wed Apr 27, 2016 2:56 pm

Re: No Zimbra Talk pop up/window

Post by pkaiser »

Hi vfara,

sorry for late reply. I am wondering about
https://talk01.mydomain.tld/checkauth/global Failed to load resource: the server responded with a status of 404 (Not Found)

when i open https://talk01.postway.it/checkauth/global i will get a 404 message from zimbra server, but the talk server should respond here...
so it seems a problem with your dns config.

could you make sure, that the a-record for talk01 is pointing to the talkserver and NOT to the zimbraserver?

thanks
vfara
Posts: 6
Joined: Fri Aug 12, 2016 10:46 am

Re: No Zimbra Talk pop up/window

Post by vfara »

pkaiser, thanks for answering, your considerations really helped me, actually.

I made up my mind and realized, by looking with attention at the installation procedure, that a single public IP with port forwardings is not enough, at least not
with the standard configurations, so I added a public IP to my design, made a 1:1 nat towards the talk01 server private IP, changed the public A record pointer for talk01, pointing it to the new public IP and, after reconfiguring the talk server with the new setting and restarting the services, everything started working.

So thanks again for your hints. ;)

P.S.
Maybe I would just insert a small note in ZImbra Talk installation guide pointing out that the talk server must have a dedicated public IP, in case of split DNS scenarios, unless the one installing doesn't want to change default talk ports.
Post Reply