How to configure port access with restrictions for zabbix agent and server using firewall?
The first two errors are unrelated. They tell you that the hostname is misconfigured for active checks (and the connectivity works from the agent to the server).
The last error does not seem to be firewall related, a least judging by the error message - "No route to host". That is more likely a routing/network configuration issue.
To verify that, you can try temporarily shutting down the firewall on the agent box and telnetting from the server to the agent on port 10050.
Related videos on Youtube
14 : 43
06 : 03
32 : 18
06 : 40
17 : 20
![Zabbix agent Get value from agent failed cannot connect to [[IP]:10050]: [113]No route to host](https://i.ytimg.com/vi/q8yfMYVWt_Y/hq720.jpg?sqp=-oaymwEcCNAFEJQDSFXyq4qpAw4IARUAAIhCGAFwAcABBg==&rs=AOn4CLBbWg8zhXnr7sCWyaNErjviTVPxpA)
09 : 16
01 : 39
mcv
Updated on September 18, 2022Comments
-
mcv almost 2 years
I have my Agent / Server configured correctly, I know this because it was working. I just made changes to the firewall on the agent side restricting access on port 10050, but permitting the Server access like so:
$ firewall-cmd --new-zone=zabbix $ firewall-cmd --reload $ firewall-cmd --get-zones $ firewall-cmd --permanent --zone=zabbix --add-rich-rule=' rule family="ipv4" source address="<<server_ip>>" port protocol="tcp" port="10050" accept' $ firewall-cmd --reload $ firewall-cmd --zone=zmonitor --list-allNow there is a communication issue. The agent log is reporting the following:
no active checks on server [<<server_ip>>:10051]: host [<<hostname>>.local] not foundThe sever is reporting the following:
cannot send list of active checks to "<<agent_ip>>": host [<<hostname>>.local] not foundZabbix Web Server reports the following issue:
Get value from agent failed: cannot connect to [[<<Agent_IP>>]:10050]: [113] No route to hostWhat is wrong with
--add-rich-rule? -
mcv over 7 yearsThanks I double checked my Hostname, saw that it there was a typo. The difference between a - and an _.