NAT firewall
Alex Moen
alexm at ndtel.com
Mon Mar 25 14:42:00 CET 2013
Hi all,
Newb trying to set up Kolab for the first time, to possibly replace a
Mirapoint installation...
I have searched through the docs and the list for the answer to this
question, but it is possible that I missed it. If it is in the docs, I
would accept an "RTFM" with a link to the proper section. :)
So, I have a brand-new Kolab install on a freshly built Centos 6.4 VM in
our datacenter blade server. This VM has a private address of
10.255.255.26, behind a Cisco firewall performing a one-to-one NAT
translationto a public address. I have an entry inthe /etc/hosts file of
"10.255.255.26 kolab kolab.ndtc.tv". Currently, the DNS is set to
resolve to the external address. I have the Cisco configured to allow
*all* traffic from our corporate office to this vm.
The problem starts when I tryto use the webadmin utility. I enter the
"CN=Directory Manager" username and the password that I entered during
installation. There's a long pause, and then the web page shows
"Internal system error". The /var/log/kolab-webadmin/errors file shows
a "PHP Error: Login failed. Unable to connect to
tcp://66.163.129.247:80. Error: Connection timed out (POST)" message.
It's obvious that I need to inform the Kolab install about it's position
in the grand scheme of our network, but as I said, I can'tfind the docs
to show how to do that.
SELINUX and the ipchains firewall are both disabled.
One thing that I do notice that has confused me a bit: the
/etc/kolab/kolab.conf file has not been overwritten. It contains all of
the default information, and has not been updated using the changes in
the /root/mykolab.conf file. This seems a bit confusing, asthe docs
state that the /etc/kolab/kolab.conf file will be rewritten by
thesetup-ds-admin.pl process invoked by the installation.
I did *not* run the installation using the --fqdn option originally.
That may have been my mistake. However, in trying to rerun the
installation with the --fqdn option, the installation bombs with the
following:
Setup is now going to set up the 389 Directory Server. This may take a
little
while (during which period there is no output and no progress indication).
Shutting down dirsrv:
kolab... [ OK ]
Starting dirsrv:
kolab... [ OK ]
Traceback (most recent call last):
File "/usr/sbin/setup-kolab", line 42, in <module>
setup.run()
File "/usr/lib/python2.6/site-packages/pykolab/setup/__init__.py",
line 43, in run
components.execute('_'.join(to_execute))
File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
line 170, in execute
execute(component)
File "/usr/lib/python2.6/site-packages/pykolab/setup/components.py",
line 202, in execute
components[component_name]['function'](conf.cli_args, kw)
File "/usr/lib/python2.6/site-packages/pykolab/setup/setup_ldap.py",
line 405, in execute
auth._auth.ldap.add_s(dn, ldif)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
195, in add_s
return self.result(msgid,all=1,timeout=self.timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
458, in result
resp_type, resp_data, resp_msgid = self.result2(msgid,all,timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
462, in result2
resp_type, resp_data, resp_msgid, resp_ctrls =
self.result3(msgid,all,timeout)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
469, in result3
resp_ctrl_classes=resp_ctrl_classes
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
476, in result4
ldap_result =
self._ldap_call(self._l.result4,msgid,all,timeout,add_ctrls,add_intermediates,add_extop)
File "/usr/lib64/python2.6/site-packages/ldap/ldapobject.py", line
99, in _ldap_call
result = func(*args,**kwargs)
ldap.ALREADY_EXISTS: {'desc': 'Already exists'}
TIA for any insights!
Alex
More information about the users
mailing list