Report this message as spam fails to connect to EFA

Questions and answers about how to do stuff
Post Reply
CPoole
Posts: 5
Joined: 02 Apr 2015 11:10

Report this message as spam fails to connect to EFA

Post by CPoole » 02 Apr 2015 11:23

Hi all,

New user to EFA. I had no issues installing and configuring the VM and have email flowing smoothly. But I have 1 issue that I just can't resolve.

The VM contains 2 NICS, one is for a .local internal domain and the second is a .net external domain. The link in the email tag line below does not connect. DNS is accurate, there is no external firewall, by all indications it should work as Apache is listening on all IP's to port 80.

Click here to report this message as spam fails to connect when the URL is
http://hostname.externaldomain.net/cgi- ... 5e705add44

If I edit the URL manually to be

http://hostname.internaldomain.local/cg ... 5e705add44

The message is correctly marked as spam.

Why isn't the external IP responding?

User avatar
pdwalker
Posts: 1260
Joined: 18 Mar 2015 09:16

Re: Report this message as spam fails to connect to EFA

Post by pdwalker » 02 Apr 2015 12:00

can you access http://hostname.externaldomain.net/ from an external address/location? do you see the same page as when you access http://hostname.internaldomain.local/ ?

CPoole
Posts: 5
Joined: 02 Apr 2015 11:10

Re: Report this message as spam fails to connect to EFA

Post by CPoole » 02 Apr 2015 13:49

No, the internal url goes immediately to MailWatch Login page..

The external url returns "This Page can't be displayed."

It acts as if a firewall exists...

User avatar
pdwalker
Posts: 1260
Joined: 18 Mar 2015 09:16

Re: Report this message as spam fails to connect to EFA

Post by pdwalker » 02 Apr 2015 14:22

No, that's not it.

You'll probably have to define ServerName and ServerAlias in your /etc/httpd/conf/httpd.conf to allow apache to accept multiple host names. That'll mean setting up an Apache Virtual host to accept the second domain name.

http://httpd.apache.org/docs/2.2/mod/co ... erveralias

EFA assumes that you'll only ever use a single domain name to access the server web ui.

User avatar
darky83
Site Admin
Posts: 537
Joined: 30 Sep 2012 11:03
Location: eFa
Contact:

Re: Report this message as spam fails to connect to EFA

Post by darky83 » 02 Apr 2015 16:23

Not really pdwalker :)

The default setup does not look at what hostname is used, you can access the gui on any name as long as it points to the IP of the EFA box. :whistle:

If you get an 'this page can't be displayed' then there is something wrong with your network setup, are you able to ping the outside IP of the EFA box?
Version eFa 4.x now available!

User avatar
pdwalker
Posts: 1260
Joined: 18 Mar 2015 09:16

Re: Report this message as spam fails to connect to EFA

Post by pdwalker » 02 Apr 2015 18:44

eh, I was tired and perhaps not thinking clearly.

Maybe apache has only bound to the ip of one of the network cards?

Cpoole, what does "sudo netstat -plutn" show you?

CPoole
Posts: 5
Joined: 02 Apr 2015 11:10

Re: Report this message as spam fails to connect to EFA

Post by CPoole » 03 Apr 2015 10:38

[admin@rsefa ~]$ sudo netstat -plutn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 1561/clamd
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1931/perl
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1528/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1543/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1813/master
tcp 0 0 127.0.0.1:11553 0.0.0.0:* LISTEN 28171/MailWatch SQL
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1699/mysqld
tcp 0 0 :::80 :::* LISTEN 1888/httpd
tcp 0 0 :::22 :::* LISTEN 1543/sshd
udp 0 0 70.91.144.88:123 0.0.0.0:* 1552/ntpd
udp 0 0 192.168.100.90:123 0.0.0.0:* 1552/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1931/perl
udp 0 0 127.0.0.1:53 0.0.0.0:* 1528/dnsmasq
udp 0 0 fe80::20c:29ff:fead:acc7:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 fe80::20c:29ff:fead:acbd:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 :::123 :::* 1552/ntpd
udp 0 0 :::36142 :::* 1515/dccifd

NSLookup works for both FQDN's


But ping to the external hostname times out..

mail is however flowing in on port 25 so that is not blocked..

It still looks like an internal firewall to me..

CPoole
Posts: 5
Joined: 02 Apr 2015 11:10

Re: Report this message as spam fails to connect to EFA

Post by CPoole » 03 Apr 2015 12:40

I tried something stupid that resulted in a fix...

I cloned the VM and started the clone (original is shutdown).

Same issues exist.

I deleted the internal NIC from VM settings and now the external responds to web requests. I made no other changes..

User avatar
shawniverson
Posts: 3089
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Report this message as spam fails to connect to EFA

Post by shawniverson » 03 Apr 2015 16:24

Did you have two nics going to EFA?
Version eFa 4.0.2 now available!

CPoole
Posts: 5
Joined: 02 Apr 2015 11:10

Re: Report this message as spam fails to connect to EFA

Post by CPoole » 03 Apr 2015 18:17

yes, one for internal domain and IP range and one for external domain and ip range..

User avatar
shawniverson
Posts: 3089
Joined: 13 Jan 2014 23:30
Location: Indianapolis, Indiana USA
Contact:

Re: Report this message as spam fails to connect to EFA

Post by shawniverson » 03 Apr 2015 20:12

EFA wasn't designed to do that...

EFA is designed to sit behind a firewall typically in a DMZ...
Version eFa 4.0.2 now available!

Post Reply