Zimbra offers Open Source email server software and shared calendar for Linux and the Mac
Go Back   Zimbra :: Forums > Zimbra Collaboration Suite > Installation
Reload this Page LDAP auth working only when firewall stopped

Welcome to the Zimbra :: Forums!
Welcome, if you would like to post a comment please register. We also encourage you to explore all things Zimbra with our team and members of the community.

Reply
 
LinkBack Thread Tools Search this Thread Display Modes
  #1 (permalink)  
Old 09-18-2006, 10:55 PM
Junior Member
  
Posts: 5
Default LDAP auth working only when firewall stopped
I can't log in the web interface nor access emails through imap unless my firewall is stopped. The ldap initialization part of the install only worked after I turned off my firewall. I don't understand which rule I must add since I am already accepting connections on port 389? What should I change in my firewall to make zimbra work while it's turned on?

If it helps, everything is installed on a single machine (zimbra modules, firewall, ...) which has a static IP address (no routers or DHCP, it's in a colocation center)

# iptable -nvl
Chain INPUT (policy DROP 68 packets, 10595 bytes)
pkts bytes target prot opt in out source destination
1012 149K ACCEPT all -- lo * 127.0.0.0/8 127.0.0.0/8
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
1028 73612 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 flags:0x16/0x02
6 336 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:25 flags:0x16/0x02
1 60 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:443 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:7071 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:7780 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:81 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:4343 flags:0x16/0x02
0 0 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:389 flags:0x16/0x02
23 1380 ACCEPT tcp -- eth0 * 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:993 flags:0x16/0x02

Chain FORWARD (policy DROP 0 packets, 0 bytes)
pkts bytes target prot opt in out source destination
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
0 0 ACCEPT all -- eth0 * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED

Chain OUTPUT (policy DROP 427 packets, 26708 bytes)
pkts bytes target prot opt in out source destination
1012 149K ACCEPT all -- * lo 127.0.0.0/8 127.0.0.0/8
0 0 ACCEPT icmp -- * * 0.0.0.0/0 0.0.0.0/0 icmp type 255
942 149K ACCEPT all -- * eth0 0.0.0.0/0 0.0.0.0/0
Reply With Quote
  #2 (permalink)  
Old 09-19-2006, 07:32 AM
Junior Member
  
Posts: 5
Default problem solved
After logging and tracking packets, I figured out the problem. Requests to the ldap deamon were not coming in eth0 but through the loopback. I had to let packets from my external IP to my external IP going either in or out the loopback through ports 389. I did the same thing for ports 25 and 7780 to allow sending emails from web interface and spellchecking with firewall on.
Reply With Quote
Reply

« Previous Thread | Today's Posts or Week's Posts | Next Thread »

Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes
Linear Mode Linear Mode


Similar Threads

Product Information

Why Join?

Registering let's you ask questions, makes it easier to search, displays any files attached to posts, and notifies you about replies.

blog.zimbra.com


Home - Blog - Contact Us - Archive - Top


 

SEO by vBSEO ©2011, Crawlability, Inc.