New ISPconfig3 installation - what to do before creating the first client/website

Discussion in 'Installation/Configuration' started by danhansen@denmark, Apr 2, 2013.

  1. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    ---------------------------------------------------------------------------------------------
    Internet Service Information:
    Fast Internet Line/Used only for Internet-Servers.
    Static IP
    All ports opened in router --> server ip number
    Primary nameserver --> ns1.mynameserver.tld
    Secondary nameserver --> ns2.somedanishdomainservice.tld

    System Information:
    Ubuntu Server 10.04
    ISPconfig 3 v.3.0.5.2
    Single Server Setup (running primary nameserver)
    Tutorial: The Perfect Server - ISPConfig3 - Ubuntu Server 10.04
    Downloaded Manual for ISPConfig3 by Falko Timme
    ---------------------------------------------------------------------------------------------

    Hi,

    After reinstalling the server and printing/reading 373 pages of the isp manual, severel HowTo's I would like to know if there is some kind of "default" setting of ISPConfig3 - before creating the first user/website. I am thinking about the system only, not how the client, website, dns etc. is created. This is shown in the manual. What I am looking for is some "default" settings for ex. "System > Server Config > Server" and "System > Server IP Adresses" (does any IP adresses have to be created here to make a "first website" possible?) etc. etc. Which "tabs" and sections will have to be filled in/setup before a website can be created???

    Please help me :confused:

    Kind Regards,
    Dan
     
  2. till

    till Super Moderator Staff Member ISPConfig Developer

    All settings are ok by default, so no need to change them. Just create the client and website in ispconfig. If you want to use the IP address instead of * for the website (e.g. if you want to create a ssl website), then add the IP under System > Server IP. But that optional.
     
  3. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    website - single server setup

    Hi Till,

    Thanks for your mail.

    I just afsked about this in another thread. I just cant reach the client website. After the website has been created it is possible to create a ftp account and ftp to the site, but if you enter the domain in a browser you reach the admin site of the router. Not a default website for the client.

    Any idea would be just great.

    Kind Regards,
    Dan
     
  4. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    still no website online...

    Hi Till,

    System information:
    Ubuntu Server 10.04
    ISPconfig 3 v.3.0.5.2
    Single Server Setup with primary nameserver, webserver, mailserver, sqlserver.


    Still fighting the problem with access to new website. As mentioned earlier on, the client webfolder is created when the site is created in ispconfig cp. When creating a ftp account to the client/domain it's possible to ftp into the webfolder where the default html files are (default website). Kys just not possible to reach the site from a browser! Dns works! Primary nameserver works and is approved by danish domain provider (dk-hostmaster.dk)

    I have been reading more than 200 pages of the downloaded manual, and I recall have been reading about the "Network configuation" utility.:
    "The network configuration option is only available for Debian and Ubuntu Servers. Do not enable this option if your network interface is not eth0."
    What I read was that if this optional utility was "checked/selected" ispconfig will make all of the configuration when creating ex. a website. But, default it's not "selected' - then how can it be anough creating a website from ispconfig cp? What is it that ispconfig is setting up automatic with the option selected? And therefore, this must be missing when the option "network configuration" is not selected!?! I will search the manual for it right now, it had to do with ipnumbers some of it, and it was not only gateway, nameservers etc. I'm pretty sure of! o)

    Kind Regards,
    Dan
     
  5. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    SOS - please help me. This may be very easy for some of you experts :)

    Hi,

    System information: Ubuntu Server 10.04
    ISPconfig 3 v.3.0.5.2
    Single Server Setup with primary nameserver, webserver, mailserver, sqlserver.

    I may have made the dummest error of all times, but having been fighting nameservers and related problems for 4 days in a row, my head is full of s... !
    Question: ISPconfig controlpanel > DNS > records: when creating a A-record you enter a ipnumber. Is it the public ip number ex. 178.172.188.18 or is it the local serverip ex. 192.168.1.100 ??? If it is, where Else will I have to chance from outside/public ip to local iserveripnumber?

    I was reading and looking for reasons to why I cant get it to work. Has only been able to ftp locally using the serveripnumber. Cant reach websites or anything using domains. Then I found this site and I noticed that it was local ipnumbers which was used:
    http://www.faqforge.com/category/linux/controlpanels/ispconfig3/

    Looking very much forward to your response.

    Kind Regards,
    Dan
     
  6. RSInfotech

    RSInfotech New Member

    Hi Dan,

    Your DNS-A records must point to your fixed, public IP address but you'll also have to enable port forwarding on your router for each service that you want to run.

    Your router should have a control panel where you need to enable settings to forward incoming requests, say, on port 80 (for http) to one of your connected local IP addresses, this IP address will usually be that of the machine running ISPConfig.

    So, your DNS-A records should reference your public IP address and your router should reference your local IP address.

    Hope this helps?

    Regards,

    Rich.
     
  7. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    DNS - public or local ip-numbers

    Hi Rich,

    Thanks for your response. Please notice that I have all the ports open, and forwardet to the server eith the local ipnumber as you describe. I even tried with all ports open and forwardet to mylocalserverip (ex. 192.168.1.200).

    The problem was at first that I couldn't reach the default websites at all. Then I tried changing the ip in the dns records to mylocalserverip and then all of the websites works locally but still not from the outside. Please notice that it is the domain which is used for the nameserver I am showing here. The A-record "NS1" is a glue-record as shown in the tutorial: http://www.howtoforge.com/ispconfig_dns_providerdomain_schlund

    A mydomain.tld. 192.168.1.200 0 3600
    A mail 192.168.1.200 0 3600
    A ns1 192.168.1.200 0 86400
    A www 192.168.1.200 0 3600
    MX mydomain.tld. mail.mydomain.tld. 10 3600
    NS mydomain.tld. ns1.mynameserver.tld. 0 3600
    NS mydomain.tld. ns2.somesecondarydns.dk.0 3600


    Here's proof that the sites works at last! But only locally:

    Welcome to your website!
    This file may be deleted or overwritten without any difficulty. This is produced........
    Powered by ISPConfig


    I tried to change the A-record "NS1" to the public static ipnumber ealier on, but changed my mind. But according to your advice it has to be the public ipnumber, so I will change it again right now!! I've been reading the large ISPconfig3 manual for days, but haven't been able to find info regarding this problem..
    The changing of ip in the A-record can only be for the "NS1" record, right? Because, as mentioned above, it was the chage from public ipnumbers to local ipnumbers that made the websites work locally!?!

    Here's where I got the idea to change from the fixed public ipnumber the local serveripnumber:
    http://www.faqforge.com/wp-content/uploads/2012/11/ispconfig_dns11.png
    or
    http://www.faqforge.com/category/linux/controlpanels/ispconfig3/ (down the page to: "Setting up email routing to gmail / google apps via ISPConfig 3 >> DNS Zone)

    I am looking so much foward to your response - I was really looking forward to programming our new internetshop insted of fighting this config :eek:

    Kind Regards,
    Dan
    ---------------------------------------------------------------------------------------------
    Internet Service Information:
    Fast Internet Line/Used only for Internet-Servers.
    Static IP
    All ports opened in router --> server ip number
    Primary nameserver --> ns1.mynameserver.tld
    Secondary nameserver --> ns2.somedanishdomainservice.tld

    System Information:
    Ubuntu Server 10.04
    ISPconfig 3 v.3.0.5.2
    Single Server Setup (running primary nameserver)
    Tutorial: The Perfect Server - ISPConfig3 - Ubuntu Server 10.04
    Downloaded Manual for ISPConfig3 by Falko Timme
    ---------------------------------------------------------------------------------------------
     
  8. zapyahoo

    zapyahoo Member

    Hello Dan,

    As Rich said use your external WAN IP for the A records. Above you are using the LAN IP and that will cause the websites to work locally.

    After changing the records to WAN IP, test your website from an external source than your LAN... i.e. go to webpagetest . org and test the domains or public ip from there. (if you are testing the domain make sure you use online dns test tools to see if dns is replicated and responds to the correct public ip).

    If that works then the issue is your client computer / lan. The websites are available to the outside world but not your lan, this might be a server hosts.file, dns or apache configuration issue.
    You can also quick fix this by editing your windows operating system host file, and force your lan computer to use the local ip insted of the public ip.
     
  9. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    Changed A-records back to fixed ip number - Gets router admin interface !?!

    Hi Zaoyahoo,

    Thanks for your response :)

    As mentioned in my post I changed it back to the external ip (I named it fixed/public ip) at 2 am this morning. Just like Rich told me to :)

    Just tested my page from "webpagetest.org" and the result is the same as in my own testing - I have been testing from an smartphone using the mobile network, not the wifi-connection (throug the router - wireless) - to avoid exactly the problem you talk about. The result from the test is the same as we talked about in one of the other threads, now I reach the "admin" part/controlpanel of my router, just as if I entered 192.168.1.1.:
    [​IMG]
    (Doesn't now if you can se this image - its the url of the test result - will try to insert it another way beneath. Attached it as a file to this post! (But it's just the admin page of the router.
    And I did forward port 80 in the router to myserverip. Has testet open ports with ShieldsUp etst at: https://www.grc.com/x/ne.dll?bh0bkyd2 and port 80 is open. But some of the ports which I opened in my router actually isn't open I se. Just don't get it, port 80 is portforwardet to myserveripnumber and still the result of entering mydomain.dk (from an outside connection and the websitetest) is the admin site of my router (same as if I entered 192.168.1.1) That's why I tried with changing IPnumbers in the A-records.. :confused:
    Here's the result of the ShielUp test:

    ----------------------------------------------------------------------
    GRC Port Authority Report created on UTC: 2013-04-05 at 11:46:02
    Results from scan of ports: 0-1055

    8 Ports Open
    1046 Ports Closed
    2 Ports Stealth
    ---------------------
    1056 Ports Tested

    Ports found to be OPEN were: 21, 22, 53, 80, 110, 143, 993, 995

    Ports found to be STEALTH were: 25, 119

    Other than what is listed above, all ports are CLOSED.

    TruStealth: FAILED - NOT all tested ports were STEALTH,
    - NO unsolicited packets were received,
    - A PING REPLY (ICMP Echo) WAS RECEIVED.
    ----------------------------------------------------------------------


    PS! I am not using windows - I am using Ubuntu 12.04 as a workstation..
    Here's a thread from 4 am this morning, where I tried to explain the problem in details. Wrote for 2hours and 20minuts: http://www.howtoforge.com/forums/showthread.php?t=61301
    Any idea what to do now?


    Looking so much forward to hear from you.

    Kind Regards,
    Dan
     

    Attached Files:

    Last edited: Apr 5, 2013
  10. markc

    markc Member

    Has your router got an option to configure and internal IP as a DMZ? Is so then that will let ALL traffic through to the internal server on your private LAN network. Your external port scan indicates that port 80 is open but that doesn't say whether that is port 80 on the router or the one forwarded to on the internal server.

    When you configure the webserver, tell it to listen on the INTERNAL LAN IP and on your linux desktop add "192.168.xx.xx yourdomainname.tld" to /etc/hosts to force your browser to go directly to the webserver on the LAN IP.

    Also, when testing your DNS, set all your TTL settings to 300 seconds so any changes propagate within about 5 to 10 minutes.
     
  11. markc

    markc Member

    I just posted a quick reply and got a nginx error. Quick points...

    Use a DMZ if your router supports it. That sends ALL traffic to the internal server.

    Set your web server to listen to the internal LAN IP of the server.

    Set your DNS TTL to 300 so your resource records propagate in 5 minutes.
     
  12. zapyahoo

    zapyahoo Member

    Dan

    Can you post here your /etc/hosts file
     
  13. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    DMZ, Webserver to listen & DNS TTL


    Hi Markc,

    [DMZ...]
    DMZ is enabled, and forwardet to myserverip which is 192.168.1.200 . First I just opened the ports needed for ISPconfig but to solve this problem I enabled DMZ !! I wil insert a screendump of my portforwarding list. DNZ is listed in the bottom of this list. The list will be inserted in the bottom of this post!

    [... webserver, tell it to listen on the INTERNAL LAN IP etc.]
    I thinks this may be whats wrong - It sounds like it could be it, but where do I set this up? First the webserver, this is what I really need! Later, I would like the fix for the desktop as well.

    [..set all your TTL settings to 300 seconds]
    I will do that right away!

    PortForwarding List & DMZ:

    Navn Aktiveret Status Protokol Fra port Til port Omdirigerings port Lokal IP adresse Funktion

    SSH/sFTP
    SecureShell/SecureFTP Yes ENABLED TCP 22 22 22 192.168.1.200
    ISPConfig3 ControlPanel Yes ENABLED TCP 8080 8080 8080 192.168.1.200
    POP3 Email (usikker) Yes ENABLED TCP 110 110 110 192.168.1.200
    SMTP Email Yes ENABLED TCP 25 25 25 192.168.1.200
    FTP Server Yes ENABLED TCP 21 21 21 192.168.1.200
    NameServer Yes ENABLED UDP 53 53 53 192.168.1.200
    NameServer Yes ENABLED TCP 53 53 53 192.168.1.200
    ISPConfig3 Webmail Yes ENABLED TCP 8081 8081 8081 192.168.1.200
    WebServer HTTP Yes ENABLED TCP 80 80 80 192.168.1.200
    IMAP Email (usikker) Yes ENABLED TCP 143 143 143 192.168.1.200
    FTP data Yes ENABLED TCP 20 20 20 192.168.1.200
    WebServer Https (sikker) Yes ENABLED TCP 443 443 443 192.168.1.200
    IMAPs Email tls/ssl(sikker) Yes ENABLED TCP 993 993 993 192.168.1.200
    POP3 Email tls/ssl(sikker) Yes ENABLED TCP 995 995 995 192.168.1.200
    3306? Yes ENABLED TCP 3306 3306 3306 192.168.1.200
    3306? Yes ENABLED UDP 3306 3306 3306 192.168.1.200
    10000? Yes ENABLED TCP 10000 10000 10000 192.168.1.200
    DMZ Yes ENABLED ALL 0 0 0 192.168.1.200

    Opret en ny regel
    [ ] UPnP


    Sorry about the order, couldn't get it to look any better here, i tried! It looked great in the textfield but not efter being posted :eek:

    I am sitting right here the next 12 hours hoping any of you will have the time to get me through this. :)

    Kind Regards,
    Dan
     
  14. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    Post here your /etc/hosts file - Done!


    Hi Zapyahoo,

    Thanks! Thanks! Great, now I think there is a chance for this to get to work in the near future :)
    Here is the /etc/hosts file:

    127.0.0.1 localhost
    192.168.1.200 server1.mydomain.dk server1

    # The following lines are desirable for IPv6 capable hosts
    ::1 localhost ip6-localhost ip6-loopback
    fe00::0 ip6-localnet
    ff00::0 ip6-mcastprefix
    ff02::1 ip6-allnodes
    ff02::2 ip6-allrouters
    ~
    ~
    ~


    Well, it isn't hard to hear that I am very greatfull - I really am, I have been waiting for this since before christmas where the line for the webserver got installed. This morning, those 2 hours I sleept I had a nightmare regarding forwardet ports - it really gets to me. Maybe this is because of all the time thats put into this project :)

    Looking so much forward to hear from you again ;)

    Kind Regards,
    Dan
     
  15. RSInfotech

    RSInfotech New Member

    Dan, what is the result of dig query on your domain name?

    Code:
    [user@server ~]# dig yourdomainname.dk
    This should resolve to your public IP address and the nameservers you've set up, does it?
     
  16. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    Hi Markc,

    I saw the other post and replied there - further down I think ;) But forgot to ask about one thing, setting the DNS TTL to 300, do you mean all of them? including the A-record "NS1" which is the Glue-record for the domain used to the nameserver.

    Idea: The router/modem from my ISP, has a funny way to set things up. Not at all like Dlink DIR655 a router I used some time ago - Here things were in their right places. In the new router/modem (a Sagem i think) from my ISP (TDC@Denmark) things overlap, is placed umong umrelated things etc. But,
    Instead or together with the "Static DNS" --> myserveripnumber 192.168.1.200 , would it help if I try make an "Fixed Connection(transl from danish) " --> MAC-address IPnumber:

    [Add connection]
    IP adresse: ... - ... - ... - ...
    MAC adresse: 00 : 00 : 00 : 00 : 00 : 00

    Could this be it? I will not just try because if anyone of you who asked me for screendumps of config files etc. is working on a solution, this would complicate things and result in you wasting your time. I can't se the server and mac-adresse in the list but maybe this is because it is set for static dns, DMZ or for some other reason. I made a ifconfig eth0 in the shell of the server and forund the ethernet mac-adresse there, or so I think it is :eek:

    Well, I am sitting hear on my a.. and this I will be doing until some magic wizard comes along...

    Looking forward to hear from you..

    Kind Regards,
    Dan
     
  17. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    dig mydomain.dk - result (didn't see your post before now! S..t!

    Hi,

    Thanks!
    Didn't se your post before now - and I was sitting here hoping for a repply. Maybe its because I was writing and posting a thread at the same time. Sorry for that, I will try to answer faster and be more alert :) Anyway,here's the result of:
    dig mydomain.dk:

    root@server1:/home/administrator# dig mydomain.dk

    ; <<>> DiG 9.8.1-P1 <<>> mydomain.dk
    ;; global options: +cmd
    ;; Got answer:
    ;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 13735
    ;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 1

    ;; QUESTION SECTION:
    ;mydomain.dk. IN A

    ;; ANSWER SECTION:
    mydomain.dk. 300 IN A 108.182.178.18

    ;; AUTHORITY SECTION:
    mydomain.dk. 300 IN NS ns1.mydomain.dk.
    mydomain.dk. 300 IN NS ns2.somednsservice.dk.

    ;; ADDITIONAL SECTION:
    ns1.mydomain.dk. 300 IN A 108.182.178.18

    ;; Query time: 5 msec
    ;; SERVER: 127.0.0.1#53(127.0.0.1)
    ;; WHEN: Fri Apr 5 22:05:06 2013
    ;; MSG SIZE rcvd: 106


    PS! Due to the politics of submittings domains in the forum I am using "mydomain.dk" as I have seen others do. This is the way to do it, right? Or is it ok to show domains etc? Just qurious ;)

    Earlier on there was talk about making the webserver listening for some port, Was this not a possible reason?

    And, please look here too - here local ipnumbers has been used in DNS records:
    http://www.faqforge.com/wp-content/uploads/2012/11/ispconfig_dns11.png
    or
    http://www.faqforge.com/category/linux/controlpanels/ispconfig3/ (down the page to: "Setting up email routing to gmail / google apps via ISPConfig 3 >> DNS Zone)


    Kind Regards,
    Dan
     
  18. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

    Set your web server to listen to the internal LAN IP of the server.


    Hi again,

    I repplied beneath this post too, but I am very much interested in your suggestion:

    "Set your web server to listen to the internal LAN IP of the server."

    Please let me know where this is done?!?


    Kind Regards,
    Dan
     
  19. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter


    Hi markc
    ,
    My major problem has been solved!
    Qurious, look here: http://www.howtoforge.com/forums/showthread.php?p=295500#poststop

    Regarding the quote:
    1. What did you mean by "Set your web server to listen to the internal LAN IP of the server." If it's not the local server ip number, please show me what you mean. Maybe I still need some configuring.
    2. To go directly to domain, add "domain.tld 192.168.x.xx" to "/etc/hosts" on desktop.
    This I have to do for all the domains I want to go directly to, right? Do I have to make both "domain.tld" and "www.domain.tld" to be able to reach both types?

    Looking forward to hear from you.

    Kind Regards,
    Dan
     
  20. danhansen@denmark

    danhansen@denmark Member HowtoForge Supporter

Share This Page