[SOLVED] No outside connectivity after install?

[billinvegas]

Hi,
I have a weird, and rather urgent problem...

Have ZCS installed, all seemed to go well, and I DID have connectivity to the outside world (otherwise couldn't have done the atp-get updates and upgrades)

made a DNS change and put the box on the network tonight.

now, I cannot seem to ping, or access external sites (all outgoing mail is deferred)

I am really confused! I know that it was working prior to the install, but now it seems to have no connectivity to the outside world.
thought it might be dns, but now I can't ping by IP address either...

So frustrated, anyone with any insights or pointers as to where to look for problems? restarted the network - no change...
rebooted the box - no change...
I'm going crazy! I'm probably overlooking something...

[phoenix]

What DNS changes did you make (and why)? Are you sure your DNS server is running?

[billinvegas]

Ok, have given up for the night, had to restore the original mail server.

Here's more info on what I attempted:

ubuntu 10.04, zcs open source edition. install seemed to go smoothly...

original mail server still online, firewall is forwarding smtp and doing NAT to it's non-routable ip address (10.0.0.2) DNS still points to this box (actually WAN side IP of firewall)

ZCS was set up with IP of 10.0.0.10, after the install I began to create user accounts, domain alias, user aliases, etc...this time usernames were unique and different from former e-mail addresses (i.e. instead of joe@domain, he is now jplastname@domain.com)

tested the mail on the zcs, by logging into web interface and sending mail to / from users internally - seems to work.

Here's where I didn't check for external connectivity i.e. ping an outside domain.

after the business closed for the evening, changed the MX records for my domain, and made the ZCS have a priority of 10 (A records already in place), changed the forwarding rules on the firewall to point to the new internal ip address, and waited for DNS to propogate, and began to test.

Sent a few test e-mails from my gmail account, seemed to work as expected, but, when I tried to reply - no replies sent

there were entries in the "deferred" queue, and the error was "host not found"

checking server status also showed that antispam and antivirus had red "x"'s

tried to ping a host from the command line - no response
figured it could be DNS, so I tried pinging by ip address - still no response.

The odd thing is, I know I had connectivity earlier, because I ran the
apt-get update and apt-get upgrade commands, and all worked fine.

checked the config files, all seems to be correct. still can't get to the outside world...

restarted networking, restarted the entire server, still no connectivity.

so, I hope that's enough background information, perhaps someone can suggest what logs to check, or other troubleshooting means...

I've re-os'd and re-installed zcs probably 4 times trying to get it to work right, hoping one of these times it will work...

[billinvegas]

Quote:

Originally Posted by phoenix

What DNS changes did you make (and why)? Are you sure your DNS server is running?

The DNS changes were made to the public DNS MX records to make the ZCS the primary (score 10) MX for the domain...

started / restarted bind - got a reply of OK for both...

[phoenix]

Is this server on a public IP or on a LAN? When you say 'no connectivity', what exactly do you mean? Can you ping any outside addresses? Is your resolve.conf correct and does it point to a DNS server? Do you have a DNS server running on your Zimbra server?

[billinvegas]

Quote:

Originally Posted by phoenix

Is this server on a public IP or on a LAN? When you say 'no connectivity', what exactly do you mean? Can you ping any outside addresses? Is your resolve.conf correct and does it point to a DNS server? Do you have a DNS server running on your Zimbra server?

this server is on a LAN - Public IP is the WAN side of our firewall,
it's doing NAT, and fowarding SMTP and HTTPS to the LAN IP of the ZCS
10.0.0.10

resolv.conf is correct, it has the ISP's DNS server info in it.

BIND is running on the ZCS, and as I understand the way it's supposed to work, it's just doing DNS for the company domain (companydomain.com)

on the zcs box, a dig of companydomain.com returns the proper IP information, with the zcs box as being the server queried.
dig companydomain.com mx returns proper information as well...

Now - are you all ready for this? I'll put it in my next post...

[billinvegas]

Ok, this is puzzling


I now can ping both by name and ip address on this box!

The only things that have been done is to restore the public DNS back to the original mail server, and firewall was returned to forwarding smtp to the original mail server, and no longer foward SMTP and HTTPS to the ZCS...

No changes made on the zcs box, as I've been typing replies for the last 10 minutes or so on this forum!

I don't think that changing DNS would keep the box from being able to resolve, or ping by ip...

The only firewall change was to no longer forward HTTPS and SMTP to the zcs' lan ip, and restored forwarding SMTP to the original mail server LAN ip



tomorrow, I'll investigate the firewall, but I'm not sure if that's the culprit.

so tired...

[billinvegas]

Ok, I lied, since I had connectivity, I tried to send a message from the zcs web interface to my gmail account. I got the following:

(i hope I got the attachment done correctly)

[phoenix]

[QUOTE=billinvegas;221203resolv.conf is correct, it has the ISP's DNS server info in it.[/QUOTE]That should contain the IP address of the DNS server on your Zimbra server.