I have a zabbix server installed in ubuntu 18.04 in AWS cloud and setup the domain & SSL.
The AWS server has a nginx web server running in port 80 & 443 and apache2 is configured in 7526. Only port 80 & 443 is enabled in AWS security group for security reasons. So apache2 is also not accessible from outside world.
I have configured the zabbix server in apache2 and having a nginx proxy to connect to the zabbix server from outside world. Zabbix front end works perfectly after this proxy in nginx.
I have system located in various places so decided to connect it to the zabbix server via Active check. In Active check the zabbix agent connects to the zabbix server via 10051 port by default. I can't open a new port in the AWS firewall due to security reasons.
How can I connect the zabbix server and the zabbix agent for active checks?.
Note : For testing I enabled 10051 port in AWS firewall and the zabbix agent can able to connect to the server
EDITED
Please see my zabbix_agentd.conf file with the configuration of the ServerActive parameter.
As you can see now app.myoffice.com is now enabled and zabbix tries to connect to the default 10051 port so it fails to connect to the server since only port 80 & 443 is active in firewall
Can I give the serverActive=https://example.mydomain.com/zabbixserver/app like this? If yes then how is it?
Best Answer
Neither zabbix server, nor zabbix agent support listening on ports lower than 1024.
Official documentation for server and agent clearly states supported port range.
Server:
Agent:
Also, ports lower than 1024 are priviliged, so normal users are not allowed to run servers on them.
Additionally, ports 80 and 443 are reserved for HTTP and HTTPS respectively. Zabbix agent uses it's own, JSON based protocol [source]. While technically possible, listening for two different protocols on same port causes a lot of issues.
Your best, and possibly only, solution is to open traffic on ports 10050 and 10051.