i've installed ispconfig on fc4 successfully... i have some questions regarding IP and DNS setup requirements... 1) if i intend manage a few (<10) sites using ispconfig, do i need 1 IP address for each site? or the sites can share the same IP address? 2) it seems like the server itself must have a fully qualified domain name, is it correct? if so, must i have a DNS record somewhere else that points to it before i can add new domains? 3) how can i setup the server in my intranet environment to familiarise myself before i put it on the internet for public access? or is this not possible? thanks
You can have as many sites as you like sharing one IP address, except if you want to host SSL web sites (https). Then you need one IP address per SSL web site. It is strongly recommended that the server has a FQDN pointing to it. And yes, this FQDN must have the appropriate DNS record. It is possible, however, to set up ISPConfig with just an IP address, but it's not the optimal solution. It is possible. When the ISPConfig installer asks you for the hostname and domain name, you leave the hostname empty and enter the IP address as domain. However, this is the not-so-optimal solution mentioned above... If your server has an FQDN with a DNS record pointing to your router's public IP address, and your router forwards all needed ports (21, 22, 25, 53, 80, 81, 110, 443, ...) to your ISPConfig server, then you can use this FQDN during the installation. You could also put the FQDN into /etc/hosts and use the FQDN during installation. On your Windows clients you must then also change the hosts file: http://www.howtoforge.com/forums/showthread.php?t=432&highlight=hosts+file+windows
Related kind of problem? Server not accessible from outside. Hi, This is my first post in theese forums, and I hope that it is ok to continue in this thread, otherwise please correct me. I was happy when I saw the thread, because I have som strange problems which I guess is related to DNS-configuration. I have 3 private domains controlled on a debian server as standard virtual namebased domains. DNS, DX and web-names for these domains is hosted outside by a serviceprovider on the internet. From my public wan-Ip a switch divides incoming traffic to two routers in order to maintain two seperate LANs. The webserver has a static ip-adress 192.168.2.98 - Default GW and DNS is 192.168.2.250 (router) The router has an internal ACL where I have set up that HTTP-traffic and other ports, is directed to the webservers specific IP-adress. Now I have made a new webserver with ISPconfig in order to better control my domains. It is set up with an IP 192.168.2.88, again GW and DNS is the router. From inside everythings works perfectly, the mailserver as well. But when I switch off the old server, and change the routing table, none of my domains are visible from the outside. I have tried to add FQDN to the new servers hosts-file also with no luck. I have no extra IP's in the IP-list. I really hope that someone could be helpfull on this issue.
Addendum to the above From a shell on the new ISPconfig server it is possible to ping the outside world. It is allso responding to a dig FQDN. Even more strnage is is that when I have changed the routing so it now points to the new ISPconfig-server the old one seems to repond to the outside world even after removing a hosts-entry.
I thought you switched off your old server? Is it maybe the browser cache that tricks you? Don't you get any web pages from the ISPConfig server at all, or only wrong ones (e.g. the Shared-IP page)?
Hi again, When I switch off the old server, nothing i visible from the outside. Inside the 192.168.x.x range ISPconfig-server responds correctly when I use FQDN's I have removed the virtual host domains from the old server, (httpd.conf and hosts), and applied these on the new ISPConfig-server as welle as changing the routing. I noticed that in my router I also had an opportunity to route which server to respond on DNS, (port 53). I tried to alter this setting, and all of the internal net lost connection. Could it be that ISPconfig has to be the only and primary DNS? How should I then set this up? 1's NS somewhere outthere, second my router?
I don't think the DNS settings have to do with your problems. Leave them as they were before. Do you have a firewall running on your ISPConfig server? Please post the output of Code: iptables -L
Hi again - I really appreciate your kind help. This is the output from iptables: Chain INPUT (policy DROP) target prot opt source destination DROP tcp -- anywhere 127.0.0.0/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- BASE-ADDRESS.MCAST.NET/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (9 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (3 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:www PAROLE tcp -- anywhere anywhere tcp dpt:81 PAROLE tcp -- anywhere anywhere tcp dptop3 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:10000 ACCEPT udp -- anywhere anywhere udp dpt:domain DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (3 references) target prot opt source destination ACCEPT all -- anywhere anywhere
Looks ok. Are you sure you forwarded the ports from your router to the correct server (ISPConfig server)?
Even though this is absolutely without meaning - it works now. I checked and changed and rebooted my router many times during this process. But this morning I looked for a new firmware and upgraded the router. Unfortunately this ment that all settings were lost. I then reconfigured the router as before - and bing - there it was This once again shows that working with IT is a combination of science and woodoo. Falko - many thanks for your effort. And for other readers I hope that you might find some usefull knowledge in my problems.
klavslund, glad you solved your problem... back to me, i have further questions... this is what i have: 1) new box FC4 + ISPConfig installed 2) registered a new domain name (example.com) 3) 4 IP addresses given by my ISP (ip1, ip2, ip3, ip4) 4) rack space with my ISP am i correct to say that i can do this when i bring my server to my ISP rack: 1) setup the box with IPADDR = ip1 2) get my ISP to host the DNS for example.com (and point to ip1) 3) login to www.example.com:81/login.php and start creating new sites =================== Q1) for new sites (eg example2.com), will i be able to host the DNS myself? Q2) if one of my sites (eg https://www.example3.com) require SSL, can i add another IP address (ip2) and enable it using ISPConfig? Q3) i can create sub-domains (eg app.example2.com, mail.example2.com) at will? Q4) i can create unlimited user/email/ftp account (eg [email protected], [email protected]) at will? thanks!
yes. Yes. Just add the IP address in ISPConfig under management > server > settings in the IP-List field, one IP per line. Yes. Yes. Only limited by your hardware though
another question... for a new site that is created by ISPConfig, (www.example2.com) the DNS will be hosted by my box... however, the domain registra of example2.com would require primary and secondary DNS servers right? then who shall be my secondary DNS server?
There are several possibilitys: 1) Point both nameserver entries to your server IP. But if your server fails, the domain will not be reachable anymore in DNS. On the other hand, if Mail and Webserver are on the same server anyway, it does not make a big difference if DNS fails too 2) You need a second server. 3) If i remember correctly, there are some free secondary DNS hosting services. My be you find some in the search engines (not to name googling 4) Maybe your domain regitry provides secondary DNS services, some registrys provide secondary DNS even for free. Many choices, now its up to you
I dont understand how your question is related to this thread. This thread is about the options for a secondary DNS for ISPConfig. ISPCOnfig 2 supports only BIND. can you please explain it a bit more
some questions: 1) notice that apache is showing directory listing - which config file must i update to disable it? 2) after configuring ispconfig, is it recommended that i reserve the "main" FQDM just for accessing ispconfig control panel, or i can use it just like any sites of mine thanks
Directory listings are disabled in ISPCOnfig by default, have you abled them manually in your apache configuration. The apache directive is: Code: Options -Indexes The configuration in your httpd.conf (or apache.conf / apache2.conf) should look ike this: Code: <Directory /home/www/*/web> Options +Includes +FollowSymlinks -Indexes AllowOverride Indexes AuthConfig Limit FileInfo Order allow,deny Allow from all <Files ~ "^\.ht"> Deny from all </Files> </Directory> Code: 2) after configuring ispconfig, is it recommended that i reserve the "main" FQDM just for accessing ispconfig control panel, or i can use it just like any sites of mine Your main FQDM shall be onloy used for the controlpanel.