Can't access ISPConfig after installation

Discussion in 'Installation/Configuration' started by Luke Roughley, Jan 11, 2016.

  1. Luke Roughley

    Luke Roughley New Member

    I followed the guide for installation of ISPConfig 3 on Centos 7 (https://www.howtoforge.com/perfect-...l-php-pureftpd-postfix-dovecot-and-ispconfig3) and I am having problem accessing the control panel after completion.
    I ran the script and it found that there was a warning "could not determind server's ip address by ifconfig"
    While trying to debug this I modified my IPTABLES also, thinking that it could be blocked by firewall, and now have no access on any of the ports.
    Firewalld is disabled as per tutorial.

    Thanks for any help anyone can offer.

    See output below:
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] ISPConfig is installed.

    ##### ISPCONFIG #####
    ISPConfig version is 3.0.5.4p8


    ##### VERSION CHECK #####

    [INFO] php (cli) version is 5.4.16

    ##### PORT CHECK #####

    [WARN] Port 465 (SMTP server SSL) seems NOT to be listening

    ##### MAIL SERVER CHECK #####

    [WARN] I found no "submission" entry in your postfix master.cf
    [INFO] this is not critical, but if you want to offer port 587 for smtp connections you have to enable this.
    [WARN] I found no "smtps" entry in your postfix master.cf
    [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this.

    ##### RUNNING SERVER PROCESSES #####

    [INFO] I found the following web server(s):
    Unknown process (httpd) (PID 62505)
    [INFO] I found the following mail server(s):
    Postfix (PID 60473)
    [INFO] I found the following pop3 server(s):
    Dovecot (PID 60520)
    [INFO] I found the following imap server(s):
    Dovecot (PID 60520)
    [INFO] I found the following ftp server(s):
    PureFTP (PID 60555)

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [localhost]:953 (60577/named)
    [anywhere]:25 (60473/master)
    [anywhere]:993 (60520/dovecot)
    [anywhere]:995 (60520/dovecot)
    [localhost]:10024 (60497/amavisd)
    [localhost]:9000 (48355/php-fpm:)
    [localhost]:10025 (60473/master)
    [anywhere]:3306 (60345/mysqld)
    [anywhere]:110 (60520/dovecot)
    [anywhere]:143 (60520/dovecot)
    ***.***.***.***:53 (60577/named)
    [localhost]:53 (60577/named)
    [anywhere]:21 (60555/pure-ftpd)
    [anywhere]:22 (21444/sshd)
    *:*:*:*::*:953 (60577/named)
    *:*:*:*::*:25 (60473/master)
    *:*:*:*::*:443 (62505/httpd)
    *:*:*:*::*:993 (60520/dovecot)
    *:*:*:*::*:995 (60520/dovecot)
    *:*:*:*::*:10024 (60497/amavisd)
    [localhost]10 (60520/dovecot)
    [localhost]43 (60520/dovecot)
    *:*:*:*::*:8080 (62505/httpd)
    *:*:*:*::*:80 (62505/httpd)
    *:*:*:*::*:8081 (62505/httpd)
    *:*:*:*::*:53 (60577/named)
    *:*:*:*::*:21 (60555/pure-ftpd)
    *:*:*:*::*:22 (21444/sshd)



    ...skipping one line

    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- [anywhere]/0 [anywhere]/0 state RELATED,ESTABLISHED
    ACCEPT all -- [anywhere]/0 [anywhere]/0
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22 state NEW
    ACCEPT all -- [anywhere]/0 [anywhere]/0 state RELATED,ESTABLISHED
    REJECT all -- [anywhere]/0 [anywhere]/0 reject-with icmp-port-unreachable
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:80
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:443
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:143
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:110
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:995
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:465
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:25
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8080
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:8081
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:143
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:993
    ACCEPT tcp -- [anywhere]/0 [anywhere]/0 tcp dpt:22

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
    ACCEPT all -- [anywhere]/0 [anywhere]/0
    ACCEPT all -- [anywhere]/0 [anywhere]/0
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    ISPConfig is listening on port 8080, so it should be running.

    Did you try to access it by IP?

    https://yourip:8080

    Is your server behind a router?
     
  3. Luke Roughley

    Luke Roughley New Member

    Just tried ip address also and no access. The server is not behind a Router, its a cloud server if that makes any difference.

    Tried disabling iptables just now and still nothing. I am able to access port 80 and port 443 but when trying :8080 I get connection timed out.
     
  4. Luke Roughley

    Luke Roughley New Member

    I have just fixed the issue [WARN] I found no "submission" entry in your postfix master.cf

    With the port check warning about 465 not listening, how would I go about fixing this? I only need to offer secure mail from the server.

    I am currently working on the idea that this warning "[WARN] could not determine server's ip address by ifconfig" could have something to do with me not being able to access the webpage so I am looking into where my IP address is stored now.

    Here is my latest htr_report
    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] ISPConfig is installed.

    ##### ISPCONFIG #####
    ISPConfig version is 3.0.5.4p8


    ##### VERSION CHECK #####

    [INFO] php (cli) version is 5.4.16

    ##### PORT CHECK #####

    [WARN] Port 465 (SMTP server SSL) seems NOT to be listening

    ##### MAIL SERVER CHECK #####

    [WARN] I found no "smtps" entry in your postfix master.cf
    [INFO] this is not critical, but if you want to offer SSL for smtp (not TLS) connections you have to enable this.

    ##### RUNNING SERVER PROCESSES #####

    [INFO] I found the following web server(s):
    Unknown process (httpd) (PID 19034)
    [INFO] I found the following mail server(s):
    Postfix (PID 18882)
    [INFO] I found the following pop3 server(s):
    Dovecot (PID 18929)
    [INFO] I found the following imap server(s):
    Dovecot (PID 18929)
    [INFO] I found the following ftp server(s):
    PureFTP (PID 18963)

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [localhost]:953 (18985/named)
    [anywhere]:25 (18882/master)
    [anywhere]:993 (18929/dovecot)
    [anywhere]:995 (18929/dovecot)
    [localhost]:10024 (18906/amavisd)
    [localhost]:9000 (48355/php-fpm:)
    [localhost]:10025 (18882/master)
    [anywhere]:3306 (18752/mysqld)
    [anywhere]:587 (18882/master)
    [anywhere]:110 (18929/dovecot)
    [anywhere]:143 (18929/dovecot)
    ***.***.***.***:53 (18985/named)
    [localhost]:53 (18985/named)
    [anywhere]:21 (18963/pure-ftpd)
    [anywhere]:22 (21444/sshd)
    *:*:*:*::*:953 (18985/named)
    *:*:*:*::*:25 (18882/master)
    *:*:*:*::*:443 (19034/httpd)
    *:*:*:*::*:993 (18929/dovecot)
    *:*:*:*::*:995 (18929/dovecot)
    *:*:*:*::*:10024 (18906/amavisd)
    *:*:*:*::*:587 (18882/master)
    [localhost]10 (18929/dovecot)
    [localhost]43 (18929/dovecot)
    *:*:*:*::*:8080 (19034/httpd)
    *:*:*:*::*:80 (19034/httpd)
    *:*:*:*::*:8081 (19034/httpd)
    *:*:*:*::*:53 (18985/named)
    *:*:*:*::*:21 (18963/pure-ftpd)
    *:*:*:*::*:22 (21444/sshd)




    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target prot opt source destination

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination
     
  5. Luke Roughley

    Luke Roughley New Member

    IP-address (as per hostname): value is my IP address so I don't think this is the problem. I checked this by reading the htf-common-issues.php script and modifying the ANONYMIZE constant to false.
    Seems that it finds IP correctly by hostname.

    @till Just found something a little odd, firewall-cmd --state reports running, while systemctl status firewalld.service reports inactive(dead) masked. Is this normal?
     
  6. Luke Roughley

    Luke Roughley New Member

    Turns out there was ANOTHER firewall in front of my server I had no idea existed.

    I have configured this now and as soon as I did I was able to access the control panel. Lesson learned: Always check your hosts for additional firewalls.
     
    till likes this.
  7. till

    till Super Moderator Staff Member ISPConfig Developer

    I use mostly Debian and Ubuntu, so I can't tell you if thats normal. But for my understanding, this should not be the case or at least it does not make much sense to me.
     
  8. Edenilson

    Edenilson New Member

    Hi friend, I installed ISPConfig 3. But I can not get inside. I need help.
    FQDN: mail.lojaweb.pro
    Domain: lojaweb.pro

    Follow cat htf_report.txt:

    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] ISPConfig is installed.

    ##### ISPCONFIG #####
    ISPConfig version is 3.1.13


    ##### VERSION CHECK #####

    [INFO] php (cli) version is 7.2.9-1+0~20180910100512.5+stretch~1.gbpdaac35

    ##### PORT CHECK #####

    [WARN] Port 21 (FTP server) seems NOT to be listening

    ##### MAIL SERVER CHECK #####


    ##### RUNNING SERVER PROCESSES #####

    [INFO] I found the following web server(s):
    Unknown process (nginx:) (PID 17953)
    [INFO] I found the following mail server(s):
    Postfix (PID 17804)
    [INFO] I found the following pop3 server(s):
    Dovecot (PID 17901)
    [INFO] I found the following imap server(s):
    Dovecot (PID 17901)
    [WARN] I could not determine which ftp server is running.

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [localhost]:10023 (875/postgrey)
    [localhost]:10024 (5050/amavisd-new)
    [localhost]:10025 (17804/master)
    [localhost]:10026 (5050/amavisd-new)
    [localhost]:10027 (17804/master)
    [anywhere]:587 (17804/master)
    [anywhere]:110 (17901/dovecot)
    [anywhere]:143 (17901/dovecot)
    [anywhere]:80 (17953/nginx:)
    [anywhere]:8080 (17953/nginx:)
    [anywhere]:8081 (17953/nginx:)
    [anywhere]:465 (17804/master)
    ***.***.***.***:53 (5096/named)
    [localhost]:53 (5096/named)
    [anywhere]:22 (822/sshd)
    [anywhere]:25 (17804/master)
    [localhost]:953 (5096/named)
    [anywhere]:443 (17953/nginx:)
    [anywhere]:993 (17901/dovecot)
    [anywhere]:995 (17901/dovecot)
    *:*:*:*::*:10023 (875/postgrey)
    *:*:*:*::*:10024 (5050/amavisd-new)
    *:*:*:*::*:10026 (5050/amavisd-new)
    *:*:*:*::*:3306 (4806/mysqld)
    *:*:*:*::*:587 (17804/master)
    [localhost]10 (17901/dovecot)
    [localhost]43 (17901/dovecot)
    *:*:*:*::*:80 (17953/nginx:)
    *:*:*:*::*:8080 (17953/nginx:)
    *:*:*:*::*:8081 (17953/nginx:)
    *:*:*:*::*:465 (17804/master)
    *:*:*:*::*:53 (5096/named)
    *:*:*:*::*:22 (822/sshd)
    *:*:*:*::*:25 (17804/master)
    *:*:*:*::*:953 (5096/named)
    *:*:*:*::*:443 (17953/nginx:)
    *:*:*:*::*:993 (17901/dovecot)
    *:*:*:*::*:995 (17901/dovecot)




    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    f2b-dovecot tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993,587,465,4190
    f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25
    f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Chain f2b-dovecot (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-postfix-sasl (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-sshd (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0



    root@mail:/# firewall-cmd --state
    -bash: firewall-cmd: command not found
    root@mail:/# systemctl status firewalld.service
    Unit firewalld.service could not be found.
    root@mail:/# cat htf_report.txt

    ##### SERVER #####
    IP-address (as per hostname): ***.***.***.***
    [WARN] could not determine server's ip address by ifconfig
    [INFO] ISPConfig is installed.

    ##### ISPCONFIG #####
    ISPConfig version is 3.1.13


    ##### VERSION CHECK #####

    [INFO] php (cli) version is 7.2.9-1+0~20180910100512.5+stretch~1.gbpdaac35

    ##### PORT CHECK #####

    [WARN] Port 21 (FTP server) seems NOT to be listening

    ##### MAIL SERVER CHECK #####


    ##### RUNNING SERVER PROCESSES #####

    [INFO] I found the following web server(s):
    Unknown process (nginx:) (PID 17953)
    [INFO] I found the following mail server(s):
    Postfix (PID 17804)
    [INFO] I found the following pop3 server(s):
    Dovecot (PID 17901)
    [INFO] I found the following imap server(s):
    Dovecot (PID 17901)
    [WARN] I could not determine which ftp server is running.

    ##### LISTENING PORTS #####
    (only ()
    Local (Address)
    [localhost]:10023 (875/postgrey)
    [localhost]:10024 (5050/amavisd-new)
    [localhost]:10025 (17804/master)
    [localhost]:10026 (5050/amavisd-new)
    [localhost]:10027 (17804/master)
    [anywhere]:587 (17804/master)
    [anywhere]:110 (17901/dovecot)
    [anywhere]:143 (17901/dovecot)
    [anywhere]:80 (17953/nginx:)
    [anywhere]:8080 (17953/nginx:)
    [anywhere]:8081 (17953/nginx:)
    [anywhere]:465 (17804/master)
    ***.***.***.***:53 (5096/named)
    [localhost]:53 (5096/named)
    [anywhere]:22 (822/sshd)
    [anywhere]:25 (17804/master)
    [localhost]:953 (5096/named)
    [anywhere]:443 (17953/nginx:)
    [anywhere]:993 (17901/dovecot)
    [anywhere]:995 (17901/dovecot)
    *:*:*:*::*:10023 (875/postgrey)
    *:*:*:*::*:10024 (5050/amavisd-new)
    *:*:*:*::*:10026 (5050/amavisd-new)
    *:*:*:*::*:3306 (4806/mysqld)
    *:*:*:*::*:587 (17804/master)
    [localhost]10 (17901/dovecot)
    [localhost]43 (17901/dovecot)
    *:*:*:*::*:80 (17953/nginx:)
    *:*:*:*::*:8080 (17953/nginx:)
    *:*:*:*::*:8081 (17953/nginx:)
    *:*:*:*::*:465 (17804/master)
    *:*:*:*::*:53 (5096/named)
    *:*:*:*::*:22 (822/sshd)
    *:*:*:*::*:25 (17804/master)
    *:*:*:*::*:953 (5096/named)
    *:*:*:*::*:443 (17953/nginx:)
    *:*:*:*::*:993 (17901/dovecot)
    *:*:*:*::*:995 (17901/dovecot)




    ##### IPTABLES #####
    Chain INPUT (policy ACCEPT)
    target prot opt source destination
    f2b-dovecot tcp -- [anywhere]/0 [anywhere]/0 multiport dports 110,995,143,993,587,465,4190
    f2b-postfix-sasl tcp -- [anywhere]/0 [anywhere]/0 multiport dports 25
    f2b-sshd tcp -- [anywhere]/0 [anywhere]/0 multiport dports 22

    Chain FORWARD (policy ACCEPT)
    target prot opt source destination

    Chain OUTPUT (policy ACCEPT)
    target prot opt source destination

    Chain f2b-dovecot (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-postfix-sasl (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0

    Chain f2b-sshd (1 references)
    target prot opt source destination
    RETURN all -- [anywhere]/0 [anywhere]/0
     
  9. BenCode

    BenCode New Member

    Well done! ISPConfig installed and configured correctly :D
    I have followed this guide,
    ISPConfig 3.1: Automated installation on Debian 9
    to perform a fresh installation of the ISPConfig 3.1 on Debian 9.5, the installation was completed but the ISPConfig default page cannot be reached. The only page I can reached is the Apache2 Debian Default Page using the only IP address. If using https + IP at 8080, it gets a blank page with a message "Your connection is not private".

    Any help will be much appreciated.

    PS: Please help to move this topic to an appropriate forum if it was posted in the wrong place. Thanks in advance.
     
  10. Taleman

    Taleman Well-Known Member HowtoForge Supporter

    It was posted in right forum but you hijacked a thread.
    Is that
    only a warning from browser and you can continue by accepting the not private connection? If you have not created a certificate for you ISPConfig it does not get the green padlock yet.
    https://www.howtoforge.com/tutorial/securing-ispconfig-3-with-a-free-lets-encrypt-ssl-certificate/
    If that does not help:
    https://www.howtoforge.com/community/threads/please-read-before-posting.58408/
     

Share This Page