Nagios Support Forum

I suspect there are other rules in /etc/ufw that are doing the blocking since the ICMP message is happening at a very low level. A look over "iptables -L" may shed some more light on this.

Here is an attached output of iptables -L

Thanks

The reject-with icmp-port-unreachable lines could be the culprit. Someone much more familiar with your firewall policy would need to review this though and see if there can be any logging enabled to determine which one is blocking it the request.

Iptable rules look fine to me.
Please note that in my first post in this thread, I had the different case (unfortunately I don't have a screenshot)
...
Then at URL:
https://nagiosxi.abz-testing.de/

when pressing "Access NagiosXI" button I get an error:
"This site can’t be reached"
...
So, Nagiosxi had a broadcasting to the public address, but just a button doesn't work.
Later, I tried an installation from the scratch and a broadcasting didn't work.
I guess, something in configuration is wrong on Nagios server.

The button will attempt to access https://xihost/nagiosxi/ where xihost is the IP or hostname used to access https://host/.

The issue now is that you cannot reach https://xihost/nagiosxi/ where xihost is the public hostname or IP of the xi machine, correct? In this case, it is being blocked at a much lower level than XI operates with a message that suggests the firewall is blocking it. As a test I would try the following:

iptables -I INPUT 1 -p tcp --dport 8459 -j ACCEPT

When I accessed https://xihost/nagiosxi/ the firewall rules were the same (in the first installation).
I already provided my iptables -L output and you can see the following rule:

There is something occurring to the system outside the scope of the Nagios solution. I would test on a clean install and see if you have the same issues.

Let me once explain what I tried in brief.
Two times I tried clean installation on KVM.
The first time, I got to the configuration page of Nagiosxi on my PC (so I had a broadcasting from KVM to the public address).
The second time, I didn't manage to get Nagiosxi to the public address, but I configured the Nagiosxi inside KVM.
The strange thing, I did both times the same installations steps.
I doubt that the third clean installation would bring better outcome since KVM is the same as well as the installation code.
So, something needs to be changed in KVM network settings or in the Nagiosxi settings.

To help determine where the problem lies, run the following on the server prior to installing XI:

yum -y install netcat
nc -k -l 8459

This will open a port on the server that listens on port 8459. From another machine then run:

nc nagiosxi.abz-testing.de 8459

This should establish a connection between the client and server and anything typed on the client side should appear on the server side.

Something fails:
When trying on the nagiosxi server: On the host server (for nagiosxi) returns nothing