Hi, Currently we are using enterprise version of pritunl-zero.
I have one service which is for using kibana (ELK) through Pritunl-Zero, i have multiple endpoints where my kibana is running previously i had AWS alb to do routing for multiple endpoints. Since i started using Pritunl-zero i am seeing when i registered multiple ips, its not allowing me to log in…
i am keep redirecting to login page when i click on login (simple form submit button) without any error or any log messages…
(as far as i understand all kind of configuration is as mentioned in docs)
If it’s redirecting to the Kibana login page it may be an issue with how it handles sessions between multiple hosts. If it redirects to the Pritunl Zero login it is likely an issue with the cookie being deleted, try enabling third party cookies.
based on network tab i got to know when i click on login of kibana ui it tries to fetch some files but it gives 401 unauthenticated response in network tab, i tried to remove multiple hosts from service configuration and added single host and it works fine with single ip being target, after that once i logged in with this single ip configuration i added multiple ip in service configuration and then also its working fine…so i guess there is something wrong on how pritunl zero makes sessions or idk. Due to limited login option with normal username and password of kibana, we want to make sure everyone go through google authentication of pritunl-zero so can you help me to solve this issue or steps to find out where this is getting wrong since for all other services which doesnt have multiple ips in service (hosts) pritunl zero works fine…
I have had an email about that issue, try looking in the Chrome Developer Tools. In the Network tab enable preserve logs and check for the request causing the 401. I personally use OpenSearch Kibana with Pritunl Zero and haven’t been able to reproduce the issue.
this are some of the errors i am seeing in network tab, also when i open my kibana it prompts to login page that gets refresh like 3-4 or more times when its configured with more than one ip in service target this refreshing thing is random not happening every time…
Request URL:
example.com/internal/security/user_profile?dataPath=avatar%2CuserSettings
Request Method:
GET
Status Code:
401 Unauthorized
Remote Address:
(pritunl node ip):443
Referrer Policy:
strict-origin-when-cross-origin
other than that this error with blank page after trying to login multiple times after each failure
Request URL:
https://example.com/bootstrap.js
Request Method:
GET
Status Code:
401 Unauthorized
Remote Address:
pritunl-node-ip:443
Referrer Policy:
strict-origin-when-cross-origin
Response Headers (12)
Request Headers
Network Log Row Name: bootstrap.js, Status: 401Unauthorized, Type: script, Initiator: home:184Parser, Size: 557 B0 B, Time: 43 ms42 ms
hitting it multiple times gave me below error in kibana it self
Send a screenshot of the network tab with the requests and the full stack trace from the Kabana error.