Hi all,
New user to EFA. I had no issues installing and configuring the VM and have email flowing smoothly. But I have 1 issue that I just can't resolve.
The VM contains 2 NICS, one is for a .local internal domain and the second is a .net external domain. The link in the email tag line below does not connect. DNS is accurate, there is no external firewall, by all indications it should work as Apache is listening on all IP's to port 80.
Click here to report this message as spam fails to connect when the URL is
http://hostname.externaldomain.net/cgi- ... 5e705add44
If I edit the URL manually to be
http://hostname.internaldomain.local/cg ... 5e705add44
The message is correctly marked as spam.
Why isn't the external IP responding?
Report this message as spam fails to connect to EFA
Re: Report this message as spam fails to connect to EFA
can you access http://hostname.externaldomain.net/ from an external address/location? do you see the same page as when you access http://hostname.internaldomain.local/ ?
Re: Report this message as spam fails to connect to EFA
No, the internal url goes immediately to MailWatch Login page..
The external url returns "This Page can't be displayed."
It acts as if a firewall exists...
The external url returns "This Page can't be displayed."
It acts as if a firewall exists...
Re: Report this message as spam fails to connect to EFA
No, that's not it.
You'll probably have to define ServerName and ServerAlias in your /etc/httpd/conf/httpd.conf to allow apache to accept multiple host names. That'll mean setting up an Apache Virtual host to accept the second domain name.
http://httpd.apache.org/docs/2.2/mod/co ... erveralias
EFA assumes that you'll only ever use a single domain name to access the server web ui.
You'll probably have to define ServerName and ServerAlias in your /etc/httpd/conf/httpd.conf to allow apache to accept multiple host names. That'll mean setting up an Apache Virtual host to accept the second domain name.
http://httpd.apache.org/docs/2.2/mod/co ... erveralias
EFA assumes that you'll only ever use a single domain name to access the server web ui.
Re: Report this message as spam fails to connect to EFA
Not really pdwalker
The default setup does not look at what hostname is used, you can access the gui on any name as long as it points to the IP of the EFA box.
If you get an 'this page can't be displayed' then there is something wrong with your network setup, are you able to ping the outside IP of the EFA box?
The default setup does not look at what hostname is used, you can access the gui on any name as long as it points to the IP of the EFA box.
If you get an 'this page can't be displayed' then there is something wrong with your network setup, are you able to ping the outside IP of the EFA box?
Version eFa 4.x now available!
Re: Report this message as spam fails to connect to EFA
eh, I was tired and perhaps not thinking clearly.
Maybe apache has only bound to the ip of one of the network cards?
Cpoole, what does "sudo netstat -plutn" show you?
Maybe apache has only bound to the ip of one of the network cards?
Cpoole, what does "sudo netstat -plutn" show you?
Re: Report this message as spam fails to connect to EFA
[admin@rsefa ~]$ sudo netstat -plutn
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 1561/clamd
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1931/perl
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1528/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1543/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1813/master
tcp 0 0 127.0.0.1:11553 0.0.0.0:* LISTEN 28171/MailWatch SQL
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1699/mysqld
tcp 0 0 :::80 :::* LISTEN 1888/httpd
tcp 0 0 :::22 :::* LISTEN 1543/sshd
udp 0 0 70.91.144.88:123 0.0.0.0:* 1552/ntpd
udp 0 0 192.168.100.90:123 0.0.0.0:* 1552/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1931/perl
udp 0 0 127.0.0.1:53 0.0.0.0:* 1528/dnsmasq
udp 0 0 fe80::20c:29ff:fead:acc7:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 fe80::20c:29ff:fead:acbd:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 :::123 :::* 1552/ntpd
udp 0 0 :::36142 :::* 1515/dccifd
NSLookup works for both FQDN's
But ping to the external hostname times out..
mail is however flowing in on port 25 so that is not blocked..
It still looks like an internal firewall to me..
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 127.0.0.1:3310 0.0.0.0:* LISTEN 1561/clamd
tcp 0 0 0.0.0.0:10000 0.0.0.0:* LISTEN 1931/perl
tcp 0 0 127.0.0.1:53 0.0.0.0:* LISTEN 1528/dnsmasq
tcp 0 0 0.0.0.0:22 0.0.0.0:* LISTEN 1543/sshd
tcp 0 0 0.0.0.0:25 0.0.0.0:* LISTEN 1813/master
tcp 0 0 127.0.0.1:11553 0.0.0.0:* LISTEN 28171/MailWatch SQL
tcp 0 0 0.0.0.0:3306 0.0.0.0:* LISTEN 1699/mysqld
tcp 0 0 :::80 :::* LISTEN 1888/httpd
tcp 0 0 :::22 :::* LISTEN 1543/sshd
udp 0 0 70.91.144.88:123 0.0.0.0:* 1552/ntpd
udp 0 0 192.168.100.90:123 0.0.0.0:* 1552/ntpd
udp 0 0 127.0.0.1:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:123 0.0.0.0:* 1552/ntpd
udp 0 0 0.0.0.0:10000 0.0.0.0:* 1931/perl
udp 0 0 127.0.0.1:53 0.0.0.0:* 1528/dnsmasq
udp 0 0 fe80::20c:29ff:fead:acc7:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 fe80::20c:29ff:fead:acbd:123 :::* 1552/ntpd
udp 0 0 2601:e:9780:8800:20c:29f:123 :::* 1552/ntpd
udp 0 0 :::123 :::* 1552/ntpd
udp 0 0 :::36142 :::* 1515/dccifd
NSLookup works for both FQDN's
But ping to the external hostname times out..
mail is however flowing in on port 25 so that is not blocked..
It still looks like an internal firewall to me..
Re: Report this message as spam fails to connect to EFA
I tried something stupid that resulted in a fix...
I cloned the VM and started the clone (original is shutdown).
Same issues exist.
I deleted the internal NIC from VM settings and now the external responds to web requests. I made no other changes..
I cloned the VM and started the clone (original is shutdown).
Same issues exist.
I deleted the internal NIC from VM settings and now the external responds to web requests. I made no other changes..
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Report this message as spam fails to connect to EFA
Did you have two nics going to EFA?
Re: Report this message as spam fails to connect to EFA
yes, one for internal domain and IP range and one for external domain and ip range..
- shawniverson
- Posts: 3649
- Joined: 13 Jan 2014 23:30
- Location: Indianapolis, Indiana USA
- Contact:
Re: Report this message as spam fails to connect to EFA
EFA wasn't designed to do that...
EFA is designed to sit behind a firewall typically in a DMZ...
EFA is designed to sit behind a firewall typically in a DMZ...