Hi guys, so... fixed all (minus the public cert..?..) but.. after pointing the domain at my IP... and waiting a good few hours... i still do not have any propagation and by now at least half the world would know about it. here is my print out... ##### SERVER ##### IP-address (as per hostname): ***.***.***.*** [WARN] could not determine server's ip address by ifconfig [INFO] OS version is Ubuntu 20.04.3 LTS [INFO] uptime: 07:49:52 up 2:31, 2 users, load average: 0.03, 0.06, 0.03 [INFO] memory: total used free shared buff/cache available Mem: 5.6Gi 2.5Gi 1.8Gi 16Mi 1.2Gi 2.8Gi Swap: 3.8Gi 0B 3.8Gi [INFO] systemd failed services status: UNIT LOAD ACTIVE SUB DESCRIPTION ● snap.lxd.activate.service loaded failed failed Service for snap application lxd.activate LOAD = Reflects whether the unit definition was properly loaded. ACTIVE = The high-level unit activation state, i.e. generalization of SUB. SUB = The low-level unit activation state, values depend on unit type. 1 loaded units listed. [INFO] ISPConfig is installed. ##### ISPCONFIG ##### ISPConfig version is 3.2.6 ##### VERSION CHECK ##### [INFO] php (cli) version is 7.4.3 [INFO] php-cgi (used for cgi php in default vhost!) is version 7.4.3 ##### PORT CHECK ##### ##### MAIL SERVER CHECK ##### ##### RUNNING SERVER PROCESSES ##### [INFO] I found the following web server(s): Apache 2 (PID 16546) [INFO] I found the following mail server(s): Postfix (PID 16486) [INFO] I found the following pop3 server(s): Dovecot (PID 16531) [INFO] I found the following imap server(s): Dovecot (PID 16531) [INFO] I found the following ftp server(s): PureFTP (PID 16574) ##### LISTENING PORTS ##### (only () Local (Address) ***.***.***.***:53 (16582/named) [localhost]:53 (16582/named) [anywhere]:21 (16574/pure-ftpd) ***.***.***.***:53 (577/systemd-resolve) [anywhere]:22 (706/sshd [localhost]:953 (16582/named) [anywhere]:25 (16486/master) [anywhere]:993 (16531/dovecot) [anywhere]:995 (16531/dovecot) [localhost]:10023 (831/postgrey) [localhost]:10024 (20492/amavisd-new) [localhost]:10025 (16486/master) [localhost]:10026 (20492/amavisd-new) [localhost]:10027 (16486/master) [anywhere]:587 (16486/master) [localhost]:11211 (7066/memcached) [anywhere]:110 (16531/dovecot) [anywhere]:143 (16531/dovecot) [anywhere]:465 (16486/master) *:*:*:*::**:*:*:*::*53 (16582/named) *:*:*:*::*:53 (16582/named) *:*:*:*::*:21 (16574/pure-ftpd) *:*:*:*::*:22 (706/sshd *:*:*:*::*:25 (16486/master) *:*:*:*::*:953 (16582/named) *:*:*:*::*:443 (16546/apache2) *:*:*:*::*:993 (16531/dovecot) *:*:*:*::*:995 (16531/dovecot) *:*:*:*::*:10024 (20492/amavisd-new) *:*:*:*::*:10026 (20492/amavisd-new) *:*:*:*::*:3306 (15814/mysqld) *:*:*:*::*:587 (16486/master) [localhost]10 (16531/dovecot) [localhost]43 (16531/dovecot) *:*:*:*::*:8080 (16546/apache2) *:*:*:*::*:80 (16546/apache2) *:*:*:*::*:8081 (16546/apache2) *:*:*:*::*:465 (16486/master) ##### IPTABLES ##### Chain INPUT (policy ACCEPT) target prot opt source destination Chain FORWARD (policy ACCEPT) target prot opt source destination Chain OUTPUT (policy ACCEPT) target prot opt source destination ##### LET'S ENCRYPT ##### Certbot is installed in /usr/bin/letsencrypt
Sure. Intune.net.nz Ttl was 3200sec but now its not picked up by any of the global servers. Il copy my dns records and paste them next
fyi itmail1 is the name of my ispconfig server. i added this record to try and get the cert to work. however when i tried yesterday it was saying yesterday there was a issue contacting the site and to try again but i dont think the cert will work until the records are published?
i have just added the dns records to my other ispconfig server which is already live and working with other domains and have set it as the ns2 server. im hoping it will help narrow down where the issue is.
The second nameserver seems to have worked fine getting the records to propagate so the issue appears to be with the new server. Could you give me a list of required ports to be opened for ispconfig to operate? im fairly sure i have everything that needs to be opened up.
Using Internet Search Engines with Code: site:howtoforge.com ports to open in firewall finds useful articles.
Thanks mate. I already had all the ports done. It was actually my isp that had restricted port 53. So ispconfig is all working fine as is now with cert working. However, i have just added a second domain and its not propagating. Anything in particular that would accept dns for the server but not additional domains? I think i went through this the first time around. But can not for the life of me recall what/where the issue is.
make a screenshot of both tabs of the DNS record settings of the record which is not propagating and post it.
OK guys, problem resolved. the answer was.... I have my domains sitting with crazydomains. in order to point these domains at my ispconfig nameservers i have to do the following: before starting. note that crazydomains do not allow 2 different nameservers with the same ip address set to the same domain. 1) have the new server running and configured with the required nameserver records. 2) set ns1.crazydomains.com and ns2.crazydomains.com as the name servers in the crazydomains domain panel for that domain 3) set the "a" record inside crazydomains for ns1.yournewISPConfigdomain.com and ns2.yourothernewISPconfig.com 4) wait for propagation of crazydomain nameserver a records (2-4hours) 5) once propergated. change the name server for ns1.crazydomains.com inside the crazydomain panel to ns1.yournewISPConfigdomain.com 6) dns check your name servers. half will likely say crazydomains and the other half will say the new nameserver settings. 7) now change ns2.crazydomains.com to your ns2.yourothernewISPConfig.com and wait 2-4 hours 8) dns check your nameservers. these will continue to propagate using the correct nameservers. Crazydomains staff will tell you to set an a records in the domain panel to your nameserver and to leave the nameservers as crazydomains. However this means you will have to pay for premium dns services from them if you want to add a spf record or any other text records. my records now show name servers are my servers not crazydomains. and dns check gives me all of my nameserver records correctly.