problem with login ...
 
Notifications
Clear all

[Solved] problem with login with web external IP

11 Posts
2 Users
0 Reactions
1,121 Views
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

Hi , i have been completed fresh install of carbonio but i have problem

 

when i loged in with local ip , its normaly

but when i loged with external ip its always shows error and i cant login again

its says

 

Something went wrong…
 
Some technical issues occurred while processing your request. Please try to refresh the page or go back to the login page.
 
 
 
but after i restart with zmcontrol restart its normal again . and my server its under router which have public ip .its happened every 1 hour.
where i can find log and the main problem of login page???

   
Quote
(@sharif)
Admin
Joined: 3 years ago
Posts: 593
 

@raystinger

Hi,

Sorry to hear about your trouble.

What I can assume:

1. Your server is configured using private IP address.

2. Your router has a public IP address that is acting as a nating IP for your server.

3. When you try to access your server using private IP from local LAN, you can do it.

4. When you try to access your server using public IP (Nating IP) from outside of your network, you find difficulties.

 

I would suggest as bellows:

1. Check the A & MX record of your server.

2. Check the Nating/Forwarding from your router to the server's private ip address

3. Check if there any issue in your network. If your server is reachable locally then it should be reachable via public IP address without any issue.

Try these and let us know.

Regards,

Sharif


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

@sharif but why i can loged on after zmcontrol restart ? and its work only 1 hour.

im using ns forwarder so im using local ip on my mx record


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

 

i have been used ufw and i block from incoming request  with

 https://mail.mydomain.co.id:7073/service/admin/soap 

and i do block with

 

ufw deny 7073/tcp

ufw deny 7073/udp

and the result still come attack from that url

 

Mar 21 17:57:09 mail saslauthd[249191]: zmauth: authenticating against elected url 'https://mail.mydomain.co.id:7073/service/admin/soap/' ...
Mar 21 17:57:09 mail saslauthd[249191]: zmpost: url='https://mail.mydomain.co.id:7073/service/admin/soap/' returned buffer->data='<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"><soap:Header><context xmlns="urn:zimbra"/></soap:Header><soap:Body><soap:Fault><soap:Code><soap:Value>soap:Sender</soap:Value></soap:Code><soap:Reason><soap:Text>authentication failed for [ftp]</soap:Text></soap:Reason><soap:Detail><Error xmlns="urn:zimbra"><Code>account.AUTH_FAILED</Code><Trace>qtp1572127577-196:1711018629517:f24b21ca2edaeb8a</Trace></Error></soap:Detail></soap:Fault></soap:Body></soap:Envelope>', hti->error=''
Mar 21 17:57:09 mail saslauthd[249191]: auth_zimbra: ftp auth failed: authentication failed for [ftp]
Mar 21 17:57:09 mail saslauthd[249191]:                 : auth failure: [user=ftp] [service=smtp] [realm=] [mech=zimbra] [reason=Unknown]
Mar 21 17:57:09 mail postfix/smtpd[303857]: warning: _gateway[192.168.200.252]: SASL LOGIN authentication failed: authentication failure, sasl_username=ftp

 

 

 

 


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

 

 

@sharif  here is my mx and a record

 

$ttl 3600
@       IN      SOA     mydomain.co.id. mail.mydomain.co.id. (
                               10118      ; Serial
                               43200      ; Refresh
                               3600       ; Retry
                               3600000    ; Expire
                               2592000 )  ; Minimum
;       Define the nameservers and the mail servers
        IN      NS      ns2.externaldns.com.
mydomain.co.id.         IN      MX      5 mail.mydomain.co.id.
mail.mydomain.co.id.    IN      A       192.168.200.39
mail.mydomain.co.id.    IN      A       11.22.33.44( new added )

 

are these  correct or not?

 

okay lets says my public ip its 11.22.33.44  and my local its 192.168.200.39   ( look on my config )

and here its setting on my router

 

on public ip 11.22.33.44 i open port 25,80,443,53  then i use tcp and dstnat to my local ip 192.168.200.39 (all port )

i do

zmproxyctl  restart

and working again


   
ReplyQuote
(@sharif)
Admin
Joined: 3 years ago
Posts: 593
 

@raystinger 

What router you are using?
from any external device, If you telnet <mailserver_hostname> 25, does it connect?

Regards,

Sharif


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

@sharif yes its connect with force auth because im added

 

mynetwork = 127.0.0.1/8 192. 168.200.39/32

 

its function normaly without problems


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  
  • im use mikrotik rb750 gr3   

config  11..22.33.44 as dstnat using tcp6  and forwarded to 192.168.200.39/32 

thats all 


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  
  • im use mikrotik rb750 gr3   

config  11..22.33.44 as dstnat using tcp6  and forwarded to 192.168.200.39/32 

thats all 


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

previously im use zimbra 8.6 with same setting without any problem.


   
ReplyQuote
(@raystinger)
Joined: 9 months ago
Posts: 37
Topic starter  

@sharif Hi sir i got my answer by myself

im searching for deep log then i have simply to tell about zimbra till carbonio

1. the default installations its very risky where smtp remote directly open

2. i find many request log from message log such as

filed to authenication http://mydomain.com:7073 invalid user name --> this is crazy and continous attack where finaly i found

the main problem its ddos big attack then make web server nginx send error http error 503 service unavailable

then the final  result its

2024-03-22 19:55:43,338 INFO  [main] [] misc - DoSFilter: Configured whitelist IPs = 192.168.200.39,127.0.0.1,::1,0:0:0:0:0:0:0:1

the ddos attack was gone and now my server its going work normally both internal and external IP s

 

 


   
ReplyQuote