I am unable to access check_mk web access on another machine

i am unable to access check_mk web access on another machine.
Successfully installed, the application accessible only on localhost.
Please help me about this …

Could you describe your problem with more detail ?

  • what did you install
  • which versions and edition
  • what are you trying to achieve

Hi,

we need a little bit more information about you problem:
Edition and Version
Linux OS
aso.

Cheers,
Christian

1 Like

[root@dcims var]# cat /etc/redhat-release
CentOS Linux release 8.3.2011

[root@dcims var]# omd versions
1.6.0p21.cee.demo
1.6.0p21.cre (default)

on webaccess showing version like this : Check_mk enterprise (demo) 1.6.0p21

Did you open the firewall to external access?
Is there actually something listening on the IP address?

firewall is disabled
[root@dcims var]# systemctl is-active firewall
inactive
[root@dcims var]#
SELINUX also disabled
[root@dcims var]# getenforce
Disabled
[root@dcims var]#

please do the following commands

omd sites

omd status

and let us know what the output is.

Hi sir,

[root@dcims var]# omd sites
SITE VERSION COMMENTS
sandbox 1.6.0p21.cee.demo
slave 1.6.0p21.cre default version
[root@dcims var]#
[root@dcims var]#
[root@dcims var]#
[root@dcims var]# omd status
Doing ‘status’ on site sandbox:
mknotifyd: running
rrdcached: running
cmc: running
apache: running
dcd: running
xinetd: running
crontab: running

Overall state: running

Doing ‘status’ on site slave:
mkeventd: running
rrdcached: running
npcd: running
nagios: running
apache: running
stunnel: running
xinetd: stopped
crontab: running

Overall state: partially running

[root@dcims var]#

Here is my omd apache.conf
[root@dcims var]# vi /omd/sites/sandbox/etc/apache/apache.conf

###############################################################################

Apache configuration file for OMD site specific webserver daemon

This file is only used, if you have set WEBSERVER to ‘own’ (which

is the default). It is the configuration for a site-specific additional

Apache server process, which is just listening on 127.0.0.1 and is

called by the system-Apache via mod_proxy.

Advantages are: No root-permissions are needed for administrating this

Apache and priviledges are better separated. Also each OMD site has its

own Apache access and error logs below ~/var/log/apache.

###############################################################################

OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD ----------------------------

Better do not change anything in this block or you will have to

resolve conflicts in omd cp/mv/upate:

ServerRoot “/omd/sites/sandbox”
PidFile /omd/sites/sandbox/tmp/apache/run/apache.pid
DocumentRoot “/omd/sites/sandbox/var/www”

Include file where TCP port number is configured. That file

is automatically created and changed by ‘omd config’ if you

change APACHE_TCP_PORT.

Include /omd/sites/sandbox/etc/apache/listen-port.conf

User/Group to run the webserver with

User sandbox
Group sandbox

ServerName is set in listen-port.conf exactly to the Host:Port that the

site apache is listening on. This is also the Host:Port the reverse proxy

is working with.

The site apache (backend server) should always report back with this

Host:Port combination to the system apache (reverse proxy). This enables the

system apache, which is configured using proxy-port.conf, to translate the

URLs reported by the site apache into the public URLs of the reverse proxy.

UseCanonicalName On

---------------------------------------------------------------

Here you can configure and tune Apache

“/omd/sites/sandbox/etc/apache/apache.conf” 237L, 9164C

Here you can configure and tune Apache

ServerAdmin nobody@localhost

Timeout 120
KeepAlive On
MaxKeepAliveRequests 100
KeepAliveTimeout 15

DirectoryIndex index.html index.php index.html.var
AccessFileName .htaccess
ServerTokens OS
HostnameLookups Off
ServerSignature Off

Server-Pool Size Regulation

StartServers: number of server processes to start

MinSpareServers: minimum number of server processes which are kept spare

MaxSpareServers: maximum number of server processes which are kept spare

ServerLimit: Upper limit on configurable number of processes

(maximum value for MaxClients for the lifetime of the server)

MaxClients: Maximum number of connections that will be processed simultaneously

(maximum number of server processes allowed to start)

MaxRequestsPerChild: maximum number of requests a server process serves

StartServers 1
MinSpareServers 1
MaxSpareServers 5
ServerLimit 64
MaxClients 64
MaxRequestsPerChild 4000

###############################################################################

Load Modules

###############################################################################

Ugly IfModules! But they seem to be needed because some distributions have

modules compiled in. An example is the log_config module which is

Ugly IfModules! But they seem to be needed because some distributions have

modules compiled in. An example is the log_config module which is

compiled in on ubuntu/debian and a module on sles/centos.

Needs to be loaded first on some platforms to have the statement

available. On newer ones, the module is already available.

<IfModule !version_module>
LoadModule version_module /omd/sites/sandbox/lib/apache/modules/mod_version.so

Now load the specific modules needed for apache 2.4 and newer

= 2.4>
# SLES12 has apache 2.4 but the module does not need to be loaded
<IfModule !mpm_prefork_module>
LoadModule mpm_prefork_module /omd/sites/sandbox/lib/apache/modules/mod_mpm_prefork.so

LoadModule access_compat_module /omd/sites/sandbox/lib/apache/modules/mod_access_compat.so
LoadModule authn_core_module /omd/sites/sandbox/lib/apache/modules/mod_authn_core.so
LoadModule authz_core_module /omd/sites/sandbox/lib/apache/modules/mod_authz_core.so
LoadModule filter_module /omd/sites/sandbox/lib/apache/modules/mod_filter.so

<IfModule !mod_unixd.c>
    LoadModule unixd_module /omd/sites/sandbox/lib/apache/modules/mod_unixd.so
</IfModule>

And as alternative all modules needed for apache 2.2 old older

<IfVersion < 2.4>
LoadModule authn_default_module /omd/sites/sandbox/lib/apache/modules/mod_authn_default.so
LoadModule authz_default_module /omd/sites/sandbox/lib/apache/modules/mod_authz_default.so

Now load the modules needed for all versions

<IfModule !mod_log_config.c>
LoadModule log_config_module /omd/sites/sandbox/lib/apache/modules/mod_log_config.so

LoadModule auth_basic_module /omd/sites/sandbox/lib/apache/modules/mod_auth_basic.so
LoadModule authn_file_module /omd/sites/sandbox/lib/apache/modules/mod_authn_file.so
LoadModule authz_host_module /omd/sites/sandbox/lib/apache/modules/mod_authz_host.so
LoadModule authz_user_module /omd/sites/sandbox/lib/apache/modules/mod_authz_user.so
LoadModule autoindex_module /omd/sites/sandbox/lib/apache/modules/mod_autoindex.so

LoadModule headers_module /omd/sites/sandbox/lib/apache/modules/mod_headers.so
LoadModule setenvif_module /omd/sites/sandbox/lib/apache/modules/mod_setenvif.so
LoadModule mime_magic_module /omd/sites/sandbox/lib/apache/modules/mod_mime_magic.so
LoadModule mime_module /omd/sites/sandbox/lib/apache/modules/mod_mime.so
LoadModule negotiation_module /omd/sites/sandbox/lib/apache/modules/mod_negotiation.so
LoadModule dir_module /omd/sites/sandbox/lib/apache/modules/mod_dir.so
LoadModule alias_module /omd/sites/sandbox/lib/apache/modules/mod_alias.so
LoadModule rewrite_module /omd/sites/sandbox/lib/apache/modules/mod_rewrite.so
LoadModule cgi_module /omd/sites/sandbox/lib/apache/modules/mod_cgi.so
LoadModule status_module /omd/sites/sandbox/lib/apache/modules/mod_status.so

Options FollowSymLinks AllowOverride None

Configure mod_status (if available)

SetHandler server-status Order deny,allow Deny from all Allow from 172.22.2.80
# Keep track of extended status information for each request
ExtendedStatus On

The following lines prevent .htaccess and .htpasswd files from being

viewed by Web clients.

<Files ~ “^.ht”>
Order allow,deny
TypesConfig /etc/mime.types

<IfVersion < 2.4>
DefaultType text/plain

Loglevel and logfile configuration

LogLevel warn
LogFormat “%{X-Forwarded-For}i %l %u %t “%r” %>s %b “%{Referer}i” “%{User-Agent}i”” combined

Language configuration

LanguagePriority en ca cs da de el eo es et fr he hr it ja ko ltz nl nn no pl pt pt-BR ru sv zh-CN zh-TW
ForceLanguagePriority Prefer Fallback

AddDefaultCharset UTF-8

AddType application/x-compress .Z
AddType application/x-gzip .gz .tgz

AddHandler type-map var

PHP specific configuration

AddType text/html .php

The following directives modify normal HTTP response behavior to

handle known problems with browser implementations.

BrowserMatch “Mozilla/2” nokeepalive
BrowserMatch “MSIE 4.0b2;” nokeepalive downgrade-1.0 force-response-1.0

BrowserMatch “Mozilla/2” nokeepalive
BrowserMatch “MSIE 4.0b2;” nokeepalive downgrade-1.0 force-response-1.0
BrowserMatch “RealPlayer 4.0” force-response-1.0
BrowserMatch “Java/1.0” force-response-1.0
BrowserMatch “JDK/1.0” force-response-1.0

The following directive disables redirects on non-GET requests for

a directory that does not include the trailing slash. This fixes a

problem with Microsoft WebFolders which does not appropriately handle

redirects for folders with DAV methods.

Same deal with Apple’s DAV filesystem and Gnome VFS support for DAV.

BrowserMatch “Microsoft Data Access Internet Publishing Provider” redirect-carefully
BrowserMatch “MS FrontPage” redirect-carefully
BrowserMatch “^WebDrive” redirect-carefully
BrowserMatch “^WebDAVFS/1.[0123]” redirect-carefully
BrowserMatch “^gnome-vfs/1.0” redirect-carefully
BrowserMatch “^XML Spy” redirect-carefully
BrowserMatch “^Dreamweaver-WebDAV-SCM1” redirect-carefully

OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD OMD ----------------------------

Do not change anything below here

MIMEMagicFile /omd/sites/sandbox/etc/apache/magic
ErrorLog /omd/sites/sandbox/var/log/apache/error_log
CustomLog /omd/sites/sandbox/var/log/apache/access_log combined

fcgi settings must be site specific and cannot be used from shared apache

SharememPath “/omd/sites/sandbox/tmp/apache/fcgid_shm”
SocketPath “/omd/sites/sandbox/tmp/apache/fcgid_sock”

Load config files from the include dir. You can put your own

configuration there. Also addons put default files there.

Include /omd/sites/sandbox/etc/apache/conf.d/*.conf

Please format the output with the help of this Icon image

3 Likes

If you use centOS or Rhel please check selinux settings.

Cheers,
Christian

1 Like

What is the error message that you get at the other client you are trying to access checkmk ?
Some ideas :

  • Did you try default network troubleshooting routines, like ping the server, resolve the hostname, curl/wget the website
  • Is there a proxy or firewall between the client and the checkmk server
  • Are you using the correct url and protocol http/https to access the site ?

Yes i tried by ping,
C:\Users\LNMIIT>ping dcims -a

Pinging dcims [172.22.2.80] with 32 bytes of data:
Reply from 172.22.2.80: bytes=32 time<1ms TTL=63
Reply from 172.22.2.80: bytes=32 time=2ms TTL=63
Reply from 172.22.2.80: bytes=32 time<1ms TTL=63
Reply from 172.22.2.80: bytes=32 time<1ms TTL=63

Ping statistics for 172.22.2.80:
Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 2ms, Average = 0ms

On the server proxy and firewall are disabled include SELINUX
my site url is http://172.22.2.80/sanbox
that is accessible from localhost only except another machine in same network.

Maybe check with ss -tulpn if there is actually something listening on the IP/port.
You can try to telnet to the IP/port from a different server and use ncat to see if there is actually data coming in to the server.

When you connect using localhost, you connect to 127.0.0.1 and not 172.22.2.80.

My problem has been resolved

after reinstallation of Check_mk

1 Like