Page 2 of 4

Re: when pressing "Access NagiosXI" button I get an error

Posted: Mon May 07, 2018 7:13 am
by jankogaga
Hi,

netstat command returns correct output, ping resolves internal IP address.
I also get a 502 message in a browser from public access.

I tried with tcpdump tool and when accessing to nagiosxi from my PC on nagiosxi server I saved dump1.txt.
On my PC I got dump2.txt (Please apply ip.addr == 138.201.124.219 filter). Both files are attached as txt files, please change to pcap extension.

Thanks,
Dragan

Re: when pressing "Access NagiosXI" button I get an error

Posted: Mon May 07, 2018 4:26 pm
by cdienger
What are the IP addresses of the XI and Ubuntu machines?

dump1 is really small and if it is accurate I would say there's likely a problem with forwarding the traffic from the Ubuntu machine to the XI machine. What does the Ubuntu machine resolve the hostname to? It may be creating a loop if it isn't resolving or routing things correctly.

dump1 also shows an attempt by 192.168.10.1 to connect to 192.168.10.174 on port 8459. These are probably unrelated to the issue, but I'd like to know if either the addresses or port sound familiar to you?

Re: when pressing "Access NagiosXI" button I get an error

Posted: Wed May 09, 2018 8:16 am
by jankogaga
IP address of the XINagios is 192.168.10.174 and Ubuntu is 138.201.124.219 (a public one).
Ubuntu machine resolves the XINagios hostname to 192.168.10.174.
upstream nagiosxi-ssl {
server 192.168.10.174:8459;
}

is a definition within /etc/nginx/conf.d/upstream.conf
and nagiosxi-ssl is defined as:
proxy_pass https://nagiosxi-ssl;
within /etc/nginx/sites-available/nagiosxi.abz-testing.de.conf

Thank you for your effort!
Dragan

Re: when pressing "Access NagiosXI" button I get an error

Posted: Wed May 09, 2018 2:38 pm
by cdienger
I think we're on to something here : )

You'll need to edit /etc/httpd/conf.d/ssl.conf and change the listener port from 443 to 8459. Search the entire file for other instances of 443 and change as needed. You'll then need to restart apache with "service httpd restart" and verify 8459 is up and listening with "netstat -na | grep 8459". If it is, add a rule to iptables to allow connections to it:

iptables -I INPUT 1 -p tcp --dport 8459 -j ACCEPT

Re: when pressing "Access NagiosXI" button I get an error

Posted: Thu May 10, 2018 6:05 am
by jankogaga
Appearance of 443 has been changed to 8459 in /etc/httpd/conf.d/ssl.conf
[root@nagiosxi ~]# netstat -na | grep 8459
tcp6 0 0 :::8459 :::* LISTEN

8459 port is enabled in ufw:
/etc/ufw/user6.rules:-A ufw6-user-input -p tcp --dport 8459 -j ACCEPT
/etc/ufw/user6.rules:-A ufw6-user-input -p udp --dport 8459 -j ACCEPT
/etc/ufw/user.rules:-A ufw-user-input -p tcp --dport 8459 -j ACCEPT
/etc/ufw/user.rules:-A ufw-user-input -p udp --dport 8459 -j ACCEPT

502 Bad gateway still persists.

Thanks,
Dragan

Re: when pressing "Access NagiosXI" button I get an error

Posted: Thu May 10, 2018 8:40 am
by rkennedy
Are you able to curl 127.0.0.1 on 80/443/8459 locally, and get a result?

It looks although this error may lie more in your reverse proxy / load balancer.

Re: when pressing "Access NagiosXI" button I get an error

Posted: Thu May 10, 2018 10:30 am
by cdienger
Another tcpdump now that correct port is now up would also be good. I suspect there may be a problem routing back to the client that made the request.

Re: when pressing "Access NagiosXI" button I get an error

Posted: Fri May 11, 2018 2:41 am
by jankogaga
Here are curl results:

Code: Select all

[root@nagiosxi ~]# curl 127.0.0.1:443
curl: (7) Failed connect to 127.0.0.1:443; Connection refused
Other results are attached for curl 127.0.0.1:80 and curl 127.0.0.1:8459.

I have also tried

Code: Select all

tcpdump -s 0 -i any -w output.pcap
on NagiosXI server when accessing https://nagiosxi.abz-testing.de/nagiosxi/ on my PC.
The result is attached.

Thanks,
Dragan

Re: when pressing "Access NagiosXI" button I get an error

Posted: Fri May 11, 2018 3:24 pm
by cdienger
The new tcpdump still shows the XI machine explicitly blocking requests on the new port. Double-check the firewall rules as it seems like they're still not configured to allow the connection.

Re: when pressing "Access NagiosXI" button I get an error

Posted: Mon May 14, 2018 3:54 am
by jankogaga
I posted already the firewall rules on host server (where Nagios XI resides as KVM):
Please note 8459 is the destination port defined in /etc/httpd/conf.d/ssl.conf

Code: Select all

root@atropos ~ # grep -r 8459 /etc/ufw
/etc/ufw/user6.rules:-A ufw6-user-input -p tcp --dport 8459 -j ACCEPT
/etc/ufw/user6.rules:-A ufw6-user-input -p udp --dport 8459 -j ACCEPT
/etc/ufw/user.rules:-A ufw-user-input -p tcp --dport 8459 -j ACCEPT
/etc/ufw/user.rules:-A ufw-user-input -p udp --dport 8459 -j ACCEPT
Do I need to enable more things (port, IP addres)?