------------------------------------------------------------------------------------- Internet WAN: Fixed IP Modem/Router/Accesspoint NAT*/DHCP/LAN Static IP 192.168.1.200 --> MAC-address Portforwarding: --> TCP 20,21,22,25,53,80,110,143,443,993,995,3306,8080,8081,10000 Portforwarding: --> UDP 53,3306 Ubuntu Server 10.04 (eth0 192.168.1.200 Static IP) ISPConfig 3 v.3.0.5.2 "Single Server Setup - DNS, WWW, Mail, SQL" Own Primary Nameserver: ns1.mydomain.dk ------------------------------------------------------------------------------------- Hi, Problem: After a new installation of Ubuntu Server and ISPconfig 3 I am having a major problem with reaching the websites default pages. From an outside connection I am trying to reach my domain.dk but keep getting my modem/router admin webinterface. The interface for configuration of the router. All ports are forwardet to the ISPconfig server but still I am getting the webinterface for the modem/router. Short version, jump to "Modification needed?". Long version, just go on: Possible reason: Seaching the forum of the danish ISP and others, I learned that the webinterface of the modem/router can be reached through the internet if you make a "static dns name" --> modem/router and then make a portforward of port 80 --> "static dns name" - this is a "trick" some danish neard's has discovered, to reach the webinterface from the internet - This is normally not allowed because of security settings. This made me think that maybe this is the reason to my problem. From the outside, the request for "mydomain.dk" on port 80 (www) is forwardet to "myserverip" (192.168.1.200) and then maybe "on its way" to the website runs into this; "nameserver 192.168.1.1" ! If it does, the "trick" described above is maybe what happens?!? We have a request on port 80 which is thrown right back "in the face" of the modem/router. "192.168.1.1" the gateway, is the IPnumber you normally use to reach the admin webinterface, but within the LAN. Solution: I have been reading quite a few websites, forum posts, the ISPconfig manual etc. and somewhere I noticed that "resolv.conf" should have same the nameservers as in ISPconfig "System > Server Config > Server" (8.8.8.8,8.8.4.4)* - but they are not! I also noticed that "/etc/network/interfaces" has to have/could have "nameservers" added to it. These modifications would maybe make the domain request resolved in another way and result in a working website. Modification needed? Please take a look at my file's related to the network and dns. Maybe you have a suggestion to which modifications is to be done root@server1:/home/administrator# ifconfig eth0 root@server1:/home/administrator# vi /etc/hosts root@server1:/home/administrator# vi /etc/resolv.conf root@server1:/home/administrator# vi /etc/network/interfaces eth0 Link encap:Ethernet HWaddr 00:05:1c:19:a8:89 inet addr:192.168.1.200 Bcast:192.168.1.255 Mask:255.255.255.0 inet6 addr: fe80::205:1cff:fe19:a889/64 Scope:Link UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:32038 errors:0 dropped:0 overruns:0 frame:0 TX packets:17324 errors:23 dropped:0 overruns:0 carrier:23 collisions:0 txqueuelen:1000 RX bytes:3790972 (3.7 MB) TX bytes:2369093 (2.3 MB) Interrupt:17 Base address:0xd000 127.0.0.1 localhost 192.168.1.200 server1.mydomain.dk server1 # The following lines are desirable for IPv6 capable hosts ::1 localhost ip6-localhost ip6-loopback fe00::0 ip6-localnet ff00::0 ip6-mcastprefix ff02::1 ip6-allnodes ff02::2 ip6-allrouters ~ # Dynamic resolv.conf(5) file for glibc resolver(3) generated by resolvconf(8) # DO NOT EDIT THIS FILE BY HAND -- YOUR CHANGES WILL BE OVERWRITTEN nameserver 127.0.0.1 nameserver 192.168.1.1 domain home search home ~ # This file describes the network interfaces available on your system # and how to activate them. For more information, see interfaces(5). # The loopback network interface auto lo iface lo inet loopback # The primary network interface auto eth0 iface eth0 inet static address 192.168.1.200 netmask 255.255.255.0 network 192.168.1.0 broadcast 192.168.1.255 gateway 192.168.1.1 ~ I am sorry if you are having trouble understanding this post - I'm so very confused after fighting this problem for days and night, and I know my language could be a lot better - it's just that my head is about to explode, been thinking about this problem for so long I am looking forward to any kind of response - which could help me solve this problem. Kind Regards, Dan
Hi, The problem has been solved As described in my post above, there was a "backdoor" to the admin interface of the ISP "TDC Denmark" (Sagem) modem/router! Default this modem/router has no remote access to the admin webinterface for security reasons. Anyway the "backdoor" was found and soon after "closed" again by the ISP! Then, as a combination of the setting up the router for use with the Ubuntu Server and the ISPconfig controlpanel I found another way/backdoor into the modem/router , totally by accident. The software in the modem/router has been "fixed" and my problem solved at the same time. A special thanks for helping and solving this goes to "DarinPeterson", "Zapyahoo", "Rich/RSinfotech", "Till" and "Falko" Thanks for all your help! Kind Regards, Dan
