Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Connect » Mavericks Server port glomming SOLVED
  •  
RKD in OKC

Messages: 5
Karma: 1
Send a private message to this user
Being forced to run either Lion Server or Mavericks Server and would like to have Kerio Connect running on the same box. The problem is that the Server.app uses all the interfaces or IP Addresses for http (port 80) and https (port 443). I've gotten other 3rd party services like the web interface for Rumpus FTP to work by setting up a web site in the Server.app and redirecting it to the same IP address and an unused port. I do understand however that redirect Kerio http and https connections would be unreliable for some clients since not just webmail but also most exchange type and active sync clients use http and https.

The question I have is what about setting up reverse proxy instead of redirect on Maverick Server's Appache to intermediate for Kerio Connect http and https on non-standard ports? The clients would only see the standard ports yet Kerio Connect could serve the content on non-conflicting ports. What if any problems might this cause?

[Updated on: Sun, 27 April 2014 04:26]

  •  
sfpete

Messages: 151
Karma: 8
Send a private message to this user
Did you have an issue in *Mavericks* server?

I know exactly what you mean with Lion Server and Rumpus, but don't seem to have that same issue in Mavericks Server at all. It just worked.

Not presently running an Kerio Connect installs on Mavericks *server* presently, so not sure if it's apples to apples (see what I did there?) there as well.

Try using server.app locally?
  •  
RKD in OKC

Messages: 5
Karma: 1
Send a private message to this user
Problem is running Kerio Connect on same computer as Mavericks SERVER.

Done some testing and mod_proxy is on by default and can be added to a virtual site's config file without being overwritten.

Reverse Proxy is working great with Server port 80 proxy to port 8800 on Kerio with port 80 deleted on Kerio Connect http. http service starts and serves with No port numbers showing up in the url and Connect Client works.

Not doing so well trying to get SSL Server port 443 proxy to port 8843 on Kerio with port 443 deleted on Kerio Connect https.
Get a Error reading from remote server returned by /. Not too sure what the heck I am doing and don't know what the error means.

[Updated on: Fri, 25 April 2014 00:56]

  •  
RKD in OKC

Messages: 5
Karma: 1
Send a private message to this user
Got it working!!! They can coexist!!!

Had to put the ProxyPass statements AFTER the ProxySSL statements in the virtual host config.

Basically using Mavericks Server's Apache as a port proxy server for Kerio Connect.
  •  
RKD in OKC

Messages: 5
Karma: 1
Send a private message to this user
Not working as well as I thought. All the incoming client IP addresses show up as the default IP address of the Mavericks server in both Rumpus and Kerio. This means I cannot log client IP for either server. Not good from blocking hacking attacks.

Resorted to running Mavericks and NOT Mavericks SERVER on one box with Apache, Rumpus, and Kerio Connect and Mavericks Server on a separate box for Open Directory and User Management.

To make Apache and the web server easier to administer using VirutalHostX to manage Apache config files and Sandbox to manage user www ACL permissions in web shared directories. The important part of the permissions for Apache is to set the ACL to always inherit for the www user.

Both Rumpus and Kerio will lookup user info from Open Directory on the Mavericks SERVER box.

The only drawback once setup is that I can only provide Rumpus FTP/WEBDAV access to client web folders, no AFP or Samba. Not a big issue.

[Updated on: Sun, 31 August 2014 17:36]

  •  
anarvey

Messages: 36
Karma: 5
Send a private message to this user
You might want to take a look at the Reverse Proxy Tutorial at the RAIS page <http://rais.precursor.ca>.

This shows you how to properly configure reverse proxy for Mavericks and Yosemite Server using the Advanced Web App feature.

Specific instructions are available for Kerio Connect, Rumpus and FileMaker Server.
  •  
Think Fixed

Messages: 456

Karma: 29
Send a private message to this user
RKD in OKC wrote on Sun, 31 August 2014 10:35
Not working as well as I thought. All the incoming client IP addresses show up as the default IP address of the Mavericks server in both Rumpus and Kerio. This means I cannot log client IP for either server. Not good from blocking hacking attacks.

Resorted to running Mavericks and NOT Mavericks SERVER on one box with Apache, Rumpus, and Kerio Connect and Mavericks Server on a separate box for Open Directory and User Management.

To make Apache and the web server easier to administer using VirutalHostX to manage Apache config files and Sandbox to manage user www ACL permissions in web shared directories. The important part of the permissions for Apache is to set the ACL to always inherit for the www user.

Both Rumpus and Kerio will lookup user info from Open Directory on the Mavericks SERVER box.

The only drawback once setup is that I can only provide Rumpus FTP/WEBDAV access to client web folders, no AFP or Samba. Not a big issue.


I try not to have too many web services running on the same server. This does not actually solve your issue on OS X Server, but why not move your mail services to a hosted Kerio Connect server? My company, Think Fixed has our server hosted on CentOS with a great cloud hosting company. Day to day management is the same, but there are no headaches with having to manage the physical box anymore. If you go with a dedicated Kerio Connect server, you can keep the same host name, SSL certificate, etc., which means little to know impact on your end users when you make the switch.

Howie Isaacks
Systems Admin | Apple Solutions Consultant
Think Fixed LLC, Dallas and Fort Worth

www.thinkfixed.com
Previous Topic: messages is in READ state
Next Topic: Cant see NAS (share folder) from Virtual Appliance
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Mon Mar 27 02:47:21 CEST 2017

Total time taken to generate the page: 0.01083 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.