Elastic agent behind NAT

Hi, I came across some issues while trying to install elastic-agent. The case is I have a fleet server with elastic and kibana on local machine with local IP adres. The problem is that i need to deploy elastic agent on another host that sees the fleet server through external adres. And thi is the one I use to enroll elastic agent. For example. Fleet is running on internal 192.168.0.1 And the external is 34.55.23.22. These are just example IPs. So the enroll command I use on host where I want to have an elastic-agent is:

elastic-agent enroll -f --url=https://EXTERNAL_IP:8220 --enrollment-token=Token --certificate-authorities /etc/pki/ca-trust/source/anchors/ca.crt

The /etc/pki/ca-trust/source/anchors/ca.crt is installed and this the same one that I am using on fleet server. Fleet server and Elastic certificates are created with two Ip adresses internal and external.

obraz

After enrollment the agent is healthy for about seconds and becomes unhealthy.

So I checked the logs and this is the error:

{"log.level":"error","@timestamp":"2022-10-12T09:11:14.646Z","log.origin":{"file.name":"fleet/fleet_gateway.go","file.line":202},"message":"failed to dispatch actions, error: fail to communicate with updated API client hosts: Get "https://INTERNAL_IP:8220/api/status?": context deadline exceeded","ecs.version":"1.6.0"}

So the conclusion is that it still tries to communicate with and internal adres. Why? How can i change it?

Thank you in advance for your help.

Ok think i got this. I need to change fleet adres in settings inside fleet tab.

This topic was automatically closed 28 days after the last reply. New replies are no longer allowed.