ISPConfig behind firewall

Discussion in 'General' started by bogd4n, May 23, 2014.

  1. bogd4n

    bogd4n New Member

    Hi everyone,

    I'm relatively new to Linux in general so don't mind if this question is trivial please. I've installed ISPConfig3 on a single server configured with private IP address behind firewall. I've enabled NAT on my firewall but I'm unable to connect to the server neither I can send emails when I use either static public IP address or FQDN in my e-mail client setup. Could be firewall itself cause I've had similar issues with it before, namely despite having the rule set it wouldn't allow and forward certain ports and protocols, so I wanted to check here first if it is ok to configur the server with private IP address or it has to be public (though I don't remember I've read it anywhere). Oh, and not to forget to mention, IP tables is disabled.

    Thank you very much in advance.
  2. sjau

    sjau Local Meanie Moderator

    you need to forward according ports from your firewall to your server.

    That would be port 80 for http
    port 25 (and a few others) for email and imap/pop3
    port 21 for ftp
    port 22 for ssh

    Probably best if you put the server into the DMZ
  3. bogd4n

    bogd4n New Member

    Thanks. Good idea! Gonna try with DMZ first. I've forwarded ports but for some reason my firewall is not applying the rules :( What I needed is the confirmation that ISPConfig server does not have to be configured with static public IP address in order to work.
  4. till

    till Super Moderator Staff Member ISPConfig Developer

    It does not matter for ispconfig if the server is behind a router or not. so you dont have to configure a static public ip on your server, just the internal IP has to be configured.
  5. sjau

    sjau Local Meanie Moderator

    no, that doesn't need to be. However if you have not a static public IP adress, then most mailservers will reject your outgoing email. In that case, you just tell your postfix server to relay the outgoing messages through an account at your ISP.

Share This Page