Can't see the ISPconfig Web GUI

New to this forum. I just posted at the new post profile box. Apologize for posting at the wrong place.
I can't seem to load the ISC screen at all from my web browser. I use the automated script to install the ISC. Can anyone point me to where I can find information to fix the issue.
Thanks.

 

Found out that ispconfig 3.1 database is not in mariadb. This could explain why.

 

Using ISPConfig Perfect Server Guide may be more reliable method to install. That script seems to fail sometimes and not inform about the failure.
https://www.ispconfig.org/documentation/

 

I've installed manually as suggested. Every thing seem to be there. In the /var/www/ a ispconfig symbolic to /usr/local/ispconfig/interface/web files are all there with ispconfig as owner and group. I still can see the ispconfig log in screen. The ispconfig symbolic link is owned by root and in root group, is this why?
Database is now in maridb.

 

The owner of symbolic link does not matter, what matters is owner and permission on the target the link points to.

Does it work now or is the error still there?

 

Owner ispconfig at the target and permission of everything in the target directory 0750.
I think I found the issue. The target does not permit anyone from the web?

Sorry, my typo. I still can't (unable to) see the ispconfig log in screen.

---- Sharing my installation so far -----------------------------------
I installed the Ubuntu 18.04 LAMP prior to both automatic and manual installation of ISPC. I was counting on the automatic script to take care of the virtualhost set up. The automatic installation had several issues (with all due respect). First, it did not install the dbispconfig database in the mariadb. However, the roundcube database was installed by the automatic script. I did not checked or tried to find out where the directory/file for ispconfig to run from.
Upon manual installation as suggested, the ispconfig symbolic link was created in /var/www directory and linked to /usr/local/ispconfig/interface/web directory. Lots of files in there. And as mentioned earlier owned by ispconfig with 0750 permissions. Installation seem successful. Rebooted the LAMP several time and everything are good.
I am still unable to get the ispconfig web GUI to show up.
--- now ----
https://mypublicIP - I get this error "This site can't provide a secure connection" and the last line ERR_SSL_PROTOCOL_ERROR
I believe this is the SSL/TLS related issue with VirtualHost. I am rookie at best and enough to be dangerous in CA Certificates.
The reason I mentioned virtualhost is when http://mypublicIP the Apache2 default page is shown. The index.html is in /var/www/html as I have not set up the virtualhost with public_html default directory.
Everything is still working for the LAMP. Perhaps I should have setup the virtualhost prior to installing ISPC.

 

I understand what you are referring to. If it's installed from scratch i.e. prior to the first startup or after the first start up install LAMP from tasksel. I will never use tasksel again. It's a good thing the bare-bone installation does not preloaded with tasksel. ISPC is essentially a system running on a LAMP stack, is it not?
I have always done a bare-bone install with only default Openssh loaded so that I can do the rest remotely.
I will then ssh in to install Apache, MySQL, PHP, webmin then phpMyAdmin. This way I'll know exactly what is working and what is not prior to installing other systems, especially the RAID as this give me a fresh starting point for the rest.
I would love to learn other methods to ease troubleshooting a bare-bone system with RAID and working.
If I have to install ISPC prior to other installations in order to make it work. I can live with that.

Yes, I have followed them with every steps listed. I even have a checklist checking off the steps and on step 8, I reinstalled the Apache, MySQL and the rest... to the step 17. The only thing are not installed are optional systems such as Metronome PHP Opcode cache and HHVM. The installation syntax are identical and if they are already installed, they will be shown either the latest version or upgrade to latest version. As stated the L.A.M.P. systems are all running without errors before and after ISPC installation.
I know ISPC is using port 8080. My router forwards all http traffic from port 80 to 8080. And yes, I followed the installer's port 8080 by hitting enter as instructed.
So, with that all http://publicIP will be forwarded to internalIP port 8080
You have stated an interesting commend "if you would have used port 80 or 443 when the installer recommended you to use 8080".
I have also forwarded https listening to default external port 443 traffics to internalIP port 443 for other purposes. Now, when an https://publicIP will automatically change to internalIP:443. I have not try it yet, If I change this to 8080 it might work.
I had tried https://internalIP:8080, it gave me a 403 Forbidden error. (BRB).
----- This is my testing so far -----
I changed the router https listening port 443 by forwarding to 8080. This is to make sure any request by https will go to port 8080 set to ISCP and matching what you stated earlier.
Switched my computer to another network (I have two separate access points)
http://publicIP gave me an error 400 Bad Request
http://publicIP gave me an error This site can't be reached
https://publicIP gave me an error 403 Forbidden
Switched my computer to the same network ISPC server is on.
http://SameIP_as_ISPC - error This site can't be reached
https://SameIP_as_ISPC - error This site can't be reached
http://SameIP_as_ISPC:8080 - error This site can't be reached
https://SameIP_as_ISPC:8080 - error This site can't be reached
Changed the http listening port 80 forward to 80
http://SameIP_as_ISPC - Apache default page (Web server and http service is working fine)
http://SameIP_as_ISPC:8080 - error 400 Bad request
http://SameIP_as_ISPC - error This site can't be reached
https://SameIP_as_ISPC:8080 - error 403 Forbidden
As much as our disagreement with installation of ISPC first then AMP or AMP first then ISPC. I still believe that it's the permission issue some where and confirmed by the error 403.
Cheers

 

Looks like ISPConfig manual does not cover installation behind NAT. But using Internet Search Engines with

Code:

site:howtoforge.com NAT ISPConfig ports

finds several Forum threads.

 

Thanks Jesse. just gave me a "Uh-Ha" moment and a new fresh trouble shooting path. I never though of setting the router's https services to translate default browser assigned port 443 to router's extIP:8080 then forward to intIP:8080.
My WiFi/router only allow 1 single entry of https service and is set to extIP port 443 with a changeable field.
However, I can fool my router's single https service still listening to extIP port 443 assigned by the browser, translate to extIP:8080 and then forward to intIP:8080. That will meet the ISPC set up from web to router to the server.
Unfortunately, I have reinstalled the server to bare-bone without LAMP prior to your post.
I have stated that the services (including ISPC) are running without issues after the manual installation. The error 403 clearly indicated it was a permission issue from the web. Now, I know where to look.

 

When I did the manual installation. The syntax is identical to your entries. The installation may have been corrupted by the automated script as I have not investigate what syntax was used.
Regardless, I have an absolute minimum install now. with just the Active Openssh service.
However, I will install webmin prior to installing others.

I have multiple notebook computers that can access the server remotely. At the server location, one running WIN10 using PuTTY, and the other running Linux that I can ssh into. At home, I can PuTTy and ssh to the server. The server is located at a business with static IP.

I am a retired Industrial Automation engineering specialist. I have dealt with lots of network access issues and also applied policies to network security issues to stop unauthorised access in Industrial network environment.
I am now a hobbyist continuing with my knowledge and experience in things I have left many years ago. I had an installation of an ISPC in 2007 with Ubuntu 7.04 on a DELL 600SC server (Salvage from work). It was my sandbox in those day for my after work hobby. I moved and the server was untouched for over 12 years. I booted it up last week and it still runs .
Thanks for your help. We may disagree with certain approaches. But, it's all for the good courses. Help people solving problems.
I will keep people posted of the new installation of ISPC.

 

Yes, it is needed and it would be impossible to do a HowTo.
Internet security has became such a pain.
Thanks for your help. I am reinstalling the server.
It has been a good learning post.

 

And, that was exactly what I did. Literally copy/paste to the terminal in most parts.
I have two computers remote access to the server.
Computer 1 (a WIN-10) displaying "The Perfect Server - Ubuntu 18.04 (Bionic Beaver) with Apache, PHP, MySQL, PureFTPD, BIND, Postfix, Dovecot and ISPConfig 3.1". Your guide.
Computer 2 (a Linux PC) displaying the same guide above and a terminal with ssh connection to the remote server.
Scrolling down the Computer 1 browser to preview the commands and the next step first then go to the Linux PC, scroll down to the same place, copy the syntax then paste into the terminal.
This way I can be sure and know exactly what will be install next, the commands to use next, reviewed them then copy/paste them.
The reason for two computers is, the Linux PC has only one display, where as the WIN-10 notebook has two displays. I could have done it all in WIN-10 but I prefer to do it in a Linux terminal then the PuTTy terminal.
As I stated, syntax are the same regardless.

 

The new installation of ISPC has completed. It was done from my home using a Linux computer, ssh to the server at a business location where the server is physically located.
Yesterday, I did a fresh reinstalled from an Ubuntu Server 18.04 LTS ISO image. Which has some minor differences from a Ubuntu non server version in "How to Install Ubuntu 18.04 LTS (Bionic Beaver) Minimal Server" guide. Regardless, this is a fresh install onto my sba disk with new partition and reformated ext4 fs. After the fresh install, I unplugged the monitor and keyboard and moved it to the permanent location for the server.
This afternoon, I ssh in to my server, remounted my RAID disks with minor set up. Everything is up and running.
Next I installed webmin, which does not require apache service, therefore there should not be any conflict at all. I was able to access, manage my server from my home PCs using webmin, which is important to me. So, everything is running happily without Apache, MySQL and PHP services.
I did everything as recommended word for word, copied between The Perfect Server guide and pasted to the terminal with occasional password entries and CA Certificate prompts.
After the final message "Installation Completed". I went to the browser and begin my test:
---------- testing from home ------------
This test was conducted away from the private network where the ISPC is installed. The private network is behind a WiFi/router with private network address pool of 192.168.1.0/24
http://publicIP - This site can't be reached
http://publicIP:8080 - This site can't be reached
https://publicIP - 1. Possible attack detected. This action has been logged.
https://publicIP:8080 - This site can't be reached
No error 400 or 403
This is a good sign.
I am saying it because I need to allow browser https request using default port 443 to translate to extIP:8080 for intIP:8080
I will add this https service in the router to port forward 8080 to 8080 tomorrow.

 

I have been running ISPConfig servers behind a NAT router for more than 7 years and so far I have no problem with the setup.

In most cases, just forward relevant port to the right server as already suggested by @Jesse Norell above and you should be fine.

Other than that you should maybe also note that most self hosted home / office servers are on dynamic ip, so you may need to work on that a bit for accessing it externally / publicly.