Hi, i installed the perfect server debian problem is apache works fine, webmail works fine. but https does not show up for the admin panel in ispconfig3 IPtables -L shows PAROLE tcp -- anywhere anywhere tcp dpt:https also tried ispconfig3 scripts to uninstall.php and install.php i am using the server's ipaddress https://ipaddress:8080 yet again http://ipaddress works and http://ipaddress/webmail works. I have the server connected directly to the internet with no firewall box in-between the server and internet. I don't know, i feel i followed the guide perfectly. but perhaps I made a mistake. I cant seem to get to the admin panel in ispconfig
ensure that port 8080 TCP is enabled in your firewall. The https port thaty ou listed above is 443 and not 8080.
yeah. Im listing iptables -L to show whats open. I'm assuming its http alt which says "PAROLE tcp -- anywhere anywhere tcp dpt:http-alt" Code: root@webserver466:~# iptables -L Chain INPUT (policy DROP) target prot opt source destination fail2ban-ssh tcp -- anywhere anywhere multiport dports ssh DROP tcp -- anywhere loopback/8 ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED ACCEPT all -- anywhere anywhere DROP all -- base-address.mcast.net/4 anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere PUB_IN all -- anywhere anywhere DROP all -- anywhere anywhere Chain FORWARD (policy DROP) target prot opt source destination ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED DROP all -- anywhere anywhere Chain OUTPUT (policy ACCEPT) target prot opt source destination PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere PUB_OUT all -- anywhere anywhere Chain INT_IN (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain INT_OUT (0 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere ACCEPT all -- anywhere anywhere Chain PAROLE (11 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain PUB_IN (5 references) target prot opt source destination ACCEPT icmp -- anywhere anywhere icmp destination-unreachable ACCEPT icmp -- anywhere anywhere icmp echo-reply ACCEPT icmp -- anywhere anywhere icmp time-exceeded ACCEPT icmp -- anywhere anywhere icmp echo-request PAROLE tcp -- anywhere anywhere tcp dpt:ftp PAROLE tcp -- anywhere anywhere tcp dpt:ssh PAROLE tcp -- anywhere anywhere tcp dpt:smtp PAROLE tcp -- anywhere anywhere tcp dpt:domain PAROLE tcp -- anywhere anywhere tcp dpt:www PAROLE tcp -- anywhere anywhere tcp dpt:pop3 PAROLE tcp -- anywhere anywhere tcp dpt:imap2 PAROLE tcp -- anywhere anywhere tcp dpt:https PAROLE tcp -- anywhere anywhere tcp dpt:mysql PAROLE tcp -- anywhere anywhere tcp dpt:http-alt PAROLE tcp -- anywhere anywhere tcp dpt:webmin ACCEPT udp -- anywhere anywhere udp dpt:domain DROP icmp -- anywhere anywhere DROP all -- anywhere anywhere Chain PUB_OUT (5 references) target prot opt source destination ACCEPT all -- anywhere anywhere Chain fail2ban-dovecot-pop3imap (0 references) target prot opt source destination Chain fail2ban-ssh (1 references) target prot opt source destination RETURN all -- anywhere anywhere root@webserver466:~#
so to sum it up ssh works apache says "it works" ipaddress/web squirrel mail works phpmyadmin page works is there any reason why running the script for installing ipconfig3 would not modify the iptables correctly? or should i test moving it to another port by uninstalling and reinstalling?
ok how do i make sure http-alt is port 8080 i just port scanned the server and do not see port 8080 on, but i need to rule out if the my cable internet provider is blocking it.
ok I unstalled ispconfig. reinstalled and set it to port 443 and it WORKED . I guess im having firewall problems. but the problem is i dont know Debian at all, The only reason i picked it is for ISPConfig comparability. I originally did a perfect centos 6.2 installation, had many issues with a lousy broadcom network card dropping connection. So i installed an Intel card and debian Linux instead.. Wow installation on debian was cake compared to centos. I reinstalled ispconfig a few more times. port 8080 didnt work again and port 8081. my question is doesnt ispconfig install script open up a port in the firewall? UPDATE I tested it thoroughly, i can use port 8080 on the internal network but not external network. Should port http-alt be on "parole" what does it mean to be on PAROLE ?
ISPConfig opens a port in the ispconfig firewall, but it can be that you have a second firewall installed on your server that blocks the port. Ensure that you dont run any additional firewall scripts beside the bastille-firewall from ispconfig. If you use a external router or firewall, then you have to open and forward the ports there manually as ispconfig can not configure your external hardware automatically.
OK the box is connected to a cable router directly to the internet with no firewall setup on the cable box. I thought maybe the cable company blocked port 8080 but thats not true because its a docsis cisco box with no firewall built-in Right now i only have ssh into the server because I set it up at my friends house. How do I enable port 8080 on Bastille via ISPconfig which currently works on port 443? 1. Can I open the port 8080 in Ispconfig, uninstall ispconfig to remove port 443 from it and reinstall back to port 8080? or 2. Is there a setting page i can modify to move the port ispconfig listens to once I add port 8080 in the firewall page of Ispconfig
update -solved- The problem with not seeing the admin panel on port 8080 is solved. After testing another web server on port 8080 ( installing WAMP on my laptop) it turns out optimum cable blocks port 8080. i called to fix, After they opened the port, everything worked I did a full re-installation to to make sure the manual worked fine and I noticed that port 8080 doesn't open up by default in ISPConfig . you have to open the port in the admin ispconfig panel from the inside network. I found no entries in the firewall of the admin panel. I selected ADD and all the default ports automatically listed themselves. Afterwards, everything was fine. It would be nice if the manual STATED that i have to open ports to reach the server from outside the inside network Am i correct in saying that in IPTABLES all the settings that say PAROLE are controlled by BASTILLE in the ispconfig admin panel? other than that thanks for the help. It did put me on the right track
