Hi everyone, Well, i bought the ispconfig manual after finish the setup of ISPConfig on my LAN, i have used this guide: http://www.howtoforge.com/multiserv...se-servers-on-debian-squeeze-with-ispconfig-3 But, the manual dont show how can i get this system on web using an valid static ip. My network setup is: Debian Gateway (nat transparent using masquared) with 2 nics eth0 (192.168.25.2 - Router is 192.168.25.1) in a bridge router where i get the static ip by pppoe eth1 (192.168.0.1) my LAN i can ping all servers on LAN, i can set the things on ISPConfig Host pannel, but noone outside of my LAN can see my websites... I already set the DNS to my valid static IP on both dns sides (the seller of my domain) and inside of ISPConfig, and dont work... On my ISPConfig Host pannel i set the static IP on: System Server IP (i put the static IP) Someone could help me?
My setup: 1 Debian as Gateway with 2 NICS eth0 = In an bridge modem using pppoe for get the valid IP (VDSL connection - with static IP) eth1 = 192.168.0.1 - My LAN Modules ip_tables iptable_filter iptable_mangle iptable_nat ipt_MASQUERADE ipt_LOG ipt_REDIRECT Polices iptables -P INPUT ACCEPT iptables -P OUTPUT ACCEPT iptables -P FORWARD ACCEPT Roles # Web Traffic iptables -A INPUT -p tcp -m multiport --dports 80,443 -j ACCEPT iptables -A FORWARD -p tcp --dport 80 -d 192.168.0.3 -j ACCEPT iptables -A FORWARD -o ppp0 -p udp -m multiport --dports 80,8080 -j ACCEPT iptables -A FORWARD -o ppp0 -p tcp --dport 443 -j ACCEPT # Bind 9 iptables -A INPUT -p udp --dport 53 -j ACCEPT iptables -A FORWARD -o ppp0 -p udp -m multiport --dports 53,5353 -j ACCEPT iptables -t nat -A POSTROUTING -s 192 -o ppp0 -j MASQUERADE iptables -t nat -A PREROUTING -p tcp --dport 80 ppp0 -j DNAT --to 192.168.0.3 echo "1" > /proc/sys/net/ipv4/ip_forward Sockets iptables -A INPUT -m state --state ESTABLISHED,RELATED -j ACCEPT iptables -A FORWARD -m state --state ESTABLISHED,RELATED -j ACCEPT 1 Debian with APACHE eth0 = 192.168.0.3
You use a NAT setup on your server, this means that you have to use the interanl IP address of your server in ispconfig and not the external IP for the website as the translation between internal and external IP is done by your router. Remove the external static IP in ISPConfig and add the internal (192.168.0.3) instead. Then add websites for that IP. If you cant reach the sites internally and not externally, then its a config issue in your router and not the ispconfig server.
Hey, Thanks for the answer. I removed the valid static IP. Should i update the dns records for the internal IP also? Or, i only need add an A Server record pointing to 192.168.0.3? How can i check the websites using lan? when i type: http://192.168.0.3 I got the apache message: It works!
No, the dns records have to use the external IP. http://www.faqforge.com/linux/contr...ess-a-namebased-website-without-a-dns-record/
Ok i removed the public ip from apache server, i set the domains to bind on 192.168.0.3 and dindt work, i changed to *, and same thing, dindt worked. I did the test using the change on hosts and i see the ISPConfig webpage to the domains. Now i`m lost on how to setup my gateway / firewall... I started with an machine dedicated to be the gateway, then i put 2 nics: eth0 = 192.168.25.2 (Same range of modem to use pppoe) eth1 = 192.168.0.1 (My LAN) After phew tests i discovered i dont need an NIC on same range to use pppoe... Now my "Gateway" have only one NIC - eth0 (192.168.0.1) and the ppp0 with fixed IP The web server still on 192.168.0.3 (another virtual machine). Before try focus on security i`m trying transparent proxy without success, can i get an example about what rules i need set on my firewall to see the things working?
After get so bored with lot of failures trying doing this work, i choosed try pfsense before give and start think about use VPS system instead host my blogs at my house... Using pfSense seems web port forwarding is working now... But my websites get broken the header / footepad of ISPConfig... When i restart the server says something about: [warn] NameVirtualHost xxx.xxx.xxx.x:80 has no VirtualHosts Because the default values of pfsense my network range changed... I already did the updates on: /etc/network/interfaces /etc/resolv.conf /etc/hosts Gonna start add again my websites and see if work with the ISPConfig header / footer bars. Then i would move forward to mail server.
