GFI Software

Welcome to the GFI Software community forum! For support please open a ticket from https://support.gfi.com.

Home » GFI User Forums » Kerio Connect » Kerio connect behind reverse proxy? (Can kerio connect be configured to log IP from X-forwarded-for when behind a proxy?)
Re: Kerio connect behind reverse proxy? [message #149900 is a reply to message #147721] Thu, 17 June 2021 08:06 Go to previous messageGo to next message
vespino is currently offline  vespino
Messages: 5
Registered: August 2016
I have the following in my nginx reverse proxy:

server {
    listen 8443 ssl http2;
    server_name mail.domain.com;

    include /etc/nginx/error.conf;

    location / {
        proxy_set_header Host $host;
        proxy_pass https://<internal ip of mail server>/;
        proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header X-Forwarded-Proto $scheme;
        client_max_body_size 0;
        proxy_connect_timeout 3600;
        proxy_send_timeout 3600;
        proxy_read_timeout 3600;
        send_timeout 3600;
    }
}

In my mailserver.cfg the following:

<variable name="UseProxiedInfo">1</variable>
<variable name="TrustedProxyAddressGroup">proxy</variable>

And:

<listitem>
  <variable name="Name">proxy</variable>
  <variable name="Value"><nginx ip>/255.255.255.0</variable>
  <variable name="Enabled">1</variable>
  <variable name="Desc"></variable>
  <variable name="Guid">a0ad4250-dcfc-4a76-9336-c6f30df362c1</variable>
  <variable name="GroupGuid">b3b9b745-d659-4cdf-a5a4-069de171d899</variable>
</listitem>

But my security log keeps displaying: [17/Jun/2021 08:01:22] HTTP/WebMail: User <non existing user> doesn't exist. Attempt from IP address 127.0.0.1.

What else should I do? I'm running Kerio 9.3.1.

Report message to a moderator

Re: Kerio connect behind reverse proxy? [message #149901 is a reply to message #149900] Thu, 17 June 2021 08:44 Go to previous messageGo to next message
kabo.kgwarae is currently offline  kabo.kgwarae
Messages: 16
Registered: April 2021
Hi

It looks like it could be an internal user as the IP is the localhost, and most likely the password for the user has changed. If you are not aware of the user, I recommend opening a ticket with support so they can investigate further.

https://support.kerioconnect.gfi.com/hc/en-us

GFI Customer Support Edge Team

Report message to a moderator

Re: Kerio connect behind reverse proxy? [message #149902 is a reply to message #149901] Thu, 17 June 2021 09:01 Go to previous messageGo to next message
Mister-Magoo is currently offline  Mister-Magoo
Messages: 18
Registered: April 2005
Hi,
In security tab, you don't see original IP.
Only in debug tab like this:

[17/Jun/2021 08:57:54][19960] {https} HTTP connection from 172.16.xx.xx:46934 started
[17/Jun/2021 08:57:54][19960] {https} Original client IP address (which is plainly connected to proxy): 5.xx.xx.xx

The first line is with the proxy ip and the second with real ip.
It will be best if real ip will seen in every tabs ... Kerio please, can you add the function in security tab and live connections dashboard ??

Report message to a moderator

Re: Kerio connect behind reverse proxy? [message #149903 is a reply to message #149902] Thu, 17 June 2021 12:05 Go to previous messageGo to next message
vespino is currently offline  vespino
Messages: 5
Registered: August 2016
Strange, I don't see the login attempt in de debug log. So basically for now there is nothing I can do about it?

Report message to a moderator

Re: Kerio connect behind reverse proxy? [message #149909 is a reply to message #147601] Mon, 21 June 2021 09:48 Go to previous messageGo to next message
apn is currently offline  apn
Messages: 10
Registered: April 2021
hi,
my (basic knowledge) guess..
i think you need to activate it, otherwise it has only standard output.

go to debug log, right click in the log window, select "Messages.."
and here you have to find the right options to activate.

Report message to a moderator

Re: Kerio connect behind reverse proxy? [message #149911 is a reply to message #147601] Mon, 21 June 2021 14:14 Go to previous message
anarvey is currently offline  anarvey
Messages: 72
Registered: May 2007
I don't view these forums as often as I used to so I apologize for the late reply.

I have been publishing a guide to reverse proxy for Kerio for many years which may provide some help.

It is focused on a Mac acting as the reverse proxy using macOS built-in or macOS server apache.

You can find it here: https://www.precursor.ca/rais/#Tutorials

Report message to a moderator

Previous Topic: Folders with diacritics missing in Outlook
Next Topic: MacOS Cataline and lost access to my database
Goto Forum:
  

[ Syndicate this forum (XML) ] [ RSS ] [ PDF ]

Current Time: Fri Jun 02 00:00:52 CEST 2023

Total time taken to generate the page: 0.06048 seconds
.:: Contact :: Home :: Acceptable Use Policy ::.

Powered by: FUDforum 3.0.9.
Copyright ©2001-2022 FUDforum Bulletin Board Software