Hello All,
Could you please help me out how do I need to setup this scenario.
OTRS 2.4.7 version I would like to allow only the agents accessing my otrs web link from USA region, other regions should not have access to it.
Our data center firewall does not have option to restrict IP country wise.
Other options would be by creating .htaccess file and need to put only allowed IP address but I have a doubt in which path we need to create this .htaccess file. Is it in /opt/otrs/ folder or in /etc/httpd/conf/httpd.conf file.
I would be glad if anyone help me to setup this way.
Thanks,
Saleem
OTRS link only accessible from allowed IP addresses
Moderator: crythias
-
crythias
- Moderator
- Posts: 10170
- Joined: 04 May 2010, 18:38
- Znuny Version: 5.0.x
- Location: SouthWest Florida, USA
- Contact:
Re: OTRS link only accessible from allowed IP addresses
upgrade your otrs. 2.4.7 is way too far old to support.
after that, http://www.sitepoint.com/how-to-block-e ... g-website/
(Above is a search result).
after that, http://www.sitepoint.com/how-to-block-e ... g-website/
(Above is a search result).
OTRS 6.0.x (private/testing/public) on Linux with MySQL database.
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
Please edit your signature to include your OTRS version, Operating System, and database type.
Click Subscribe Topic below to get notifications. Consider amending your topic title to include [SOLVED] if it is so.
Need help? Before you ask
-
salnavdin
- Znuny newbie
- Posts: 6
- Joined: 12 Mar 2015, 12:45
- Znuny Version: 2.4.7
- Real Name: Saleemuddin Mohammed
Re: OTRS link only accessible from allowed IP addresses
Hello Crythias,
Since long I was trying to upgrade from 2.4 to latest version, successfully upgraded till 3.2.18 version. Everything looks fine but we are not able to send mail to some clients those are having MX at mimecast. For other emails are being delivered to the clients.
Here is the log of sendmail. /var/log/maillog
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:ec_curve.c:316:
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:1408D010:SSL routines:SSL3_GET_KEY_EXCHANGE:EC lib:s3_clnt.c:1641:
May 3 12:23:49 otrs sendmail[21471]: ruleset=tls_server, arg1=SOFTWARE, relay=us-smtp-inbound-1.mimecast.com, reject=403 4.7.0 TLS handshake failed.
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:ec_curve.c:316:
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:1408D010:SSL routines:SSL3_GET_KEY_EXCHANGE:EC lib:s3_clnt.c:1641:
May 3 12:23:49 otrs sendmail[21471]: ruleset=tls_server, arg1=SOFTWARE, relay=us-smtp-inbound-2.mimecast.com, reject=403 4.7.0 TLS handshake failed.
May 3 12:23:49 otrs sendmail[21471]: u43GNn12021469: to=<XXX@XXX.COM>,<XXX@SSSsD.COM>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=2127821, relay=us-smtp-inbound-2.mimecast.com. [205.139.110.242], dsn=4.0.0, stat=Deferred: 403 4.7.0 TLS handshake failed.
May 3 12:23:50 otrs sendmail[21471]: STARTTLS=client, relay=aspmx.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
These are continuously getting when we send email to our clients.
OS Centos6.5
perl v22
As per the link below I disabled TLS connection in /etc/mail/access file and mapped it with access.db
http://serverfault.com/questions/254364 ... ils#273335
Please advise me what would went wrong.
Thanks,
Saleem
Since long I was trying to upgrade from 2.4 to latest version, successfully upgraded till 3.2.18 version. Everything looks fine but we are not able to send mail to some clients those are having MX at mimecast. For other emails are being delivered to the clients.
Here is the log of sendmail. /var/log/maillog
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:ec_curve.c:316:
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:1408D010:SSL routines:SSL3_GET_KEY_EXCHANGE:EC lib:s3_clnt.c:1641:
May 3 12:23:49 otrs sendmail[21471]: ruleset=tls_server, arg1=SOFTWARE, relay=us-smtp-inbound-1.mimecast.com, reject=403 4.7.0 TLS handshake failed.
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client, error: connect failed=-1, SSL_error=1, errno=0, retry=-1
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:100AE081:elliptic curve routines:EC_GROUP_new_by_curve_name:unknown group:ec_curve.c:316:
May 3 12:23:49 otrs sendmail[21471]: STARTTLS=client: 21471:error:1408D010:SSL routines:SSL3_GET_KEY_EXCHANGE:EC lib:s3_clnt.c:1641:
May 3 12:23:49 otrs sendmail[21471]: ruleset=tls_server, arg1=SOFTWARE, relay=us-smtp-inbound-2.mimecast.com, reject=403 4.7.0 TLS handshake failed.
May 3 12:23:49 otrs sendmail[21471]: u43GNn12021469: to=<XXX@XXX.COM>,<XXX@SSSsD.COM>, delay=00:00:00, xdelay=00:00:00, mailer=esmtp, pri=2127821, relay=us-smtp-inbound-2.mimecast.com. [205.139.110.242], dsn=4.0.0, stat=Deferred: 403 4.7.0 TLS handshake failed.
May 3 12:23:50 otrs sendmail[21471]: STARTTLS=client, relay=aspmx.l.google.com., version=TLSv1/SSLv3, verify=FAIL, cipher=ECDHE-RSA-AES128-GCM-SHA256, bits=128/128
These are continuously getting when we send email to our clients.
OS Centos6.5
perl v22
As per the link below I disabled TLS connection in /etc/mail/access file and mapped it with access.db
http://serverfault.com/questions/254364 ... ils#273335
Please advise me what would went wrong.
Thanks,
Saleem
Re: OTRS link only accessible from allowed IP addresses
this seems to be an SSL and/or sendmail issue and is not OTRS related.
"Production": OTRS™ 8, OTRS™ 7, STORM powered by OTRS
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
"Testing": ((OTRS Community Edition)) and git Master
Never change Defaults.pm! :: Blog
Professional Services:: http://www.otrs.com :: enjoy@otrs.com
-
salnavdin
- Znuny newbie
- Posts: 6
- Joined: 12 Mar 2015, 12:45
- Znuny Version: 2.4.7
- Real Name: Saleemuddin Mohammed
Re: OTRS link only accessible from allowed IP addresses
Thanks Jojo,
I resolved it, updated openssl version, guess there was a mismatch ssl error with our server.
Thanks,
Saleem
I resolved it, updated openssl version, guess there was a mismatch ssl error with our server.
Thanks,
Saleem
-
salnavdin
- Znuny newbie
- Posts: 6
- Joined: 12 Mar 2015, 12:45
- Znuny Version: 2.4.7
- Real Name: Saleemuddin Mohammed
Re: OTRS link only accessible from allowed IP addresses
One problem still exist in ticket information column on right hand side, we added few extra fields in otrs 2.4.7 which is visible in ticket information column.
Same fields are not visible when we upgraded to otrs 3.2.18 version.
Appreciate you help please.
Thanks,
Saleem
Same fields are not visible when we upgraded to otrs 3.2.18 version.
Appreciate you help please.
Thanks,
Saleem
You do not have the required permissions to view the files attached to this post.