HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials

HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials (http://www.howtoforge.com/forums/index.php)
-   Installation/Configuration (http://www.howtoforge.com/forums/forumdisplay.php?f=27)
-   -   Basics of ISPConfig and internal / external ips (http://www.howtoforge.com/forums/showthread.php?t=60441)

rlischer 5th February 2013 02:03

Basics of ISPConfig and internal / external ips
 
My ISP provided me with 1 ip, I used this ip for my Firewall, I then set up ISPConfig 3 at 10.0.0.60 and used NAT to forward the required ports for ISPConfig 3 to 10.0.0.60. Everything seems to work fine, but all of my sites are set up on IPv4 * so it listens on all ips, even though I only have 10.0.0.60.
My question is, do I need to add the external ip so it also appears in the drop down? I am wanting to try SSL on multiple sites on this 1 IP, and I don't understand if that IP is supposed to be the 10.0.0.60 or the real external IP which is used in my Firewall only. I am told you can't run SSL on "*", even though its running SSL fine on one site that uses "*" Also, if I do pick 10.0.0.60 for a website, it seems to "break" things. For instance, other sites become the site that has 10.0.0.60 picked instead of *.

Hope this makes sense. I just need a basic understanding of what IPs I need to be using on the ISPConfig 3 side. I guess I could keep using *, but that's not working with multiple SSL sites on the one IP, at least Godaddy signed SSL certs.

Thanks!

tahunasky 5th February 2013 03:30

Unless you are going to use your server with ISPConfig on it to serve dns requests for your domain/s, there is not need to use the external/WAN ip address in ispconfig. Even SSL wont have problems as long as you forward the port/s (443 / 993 etc) to the server.

rlischer 5th February 2013 12:21

Quote:

Originally Posted by tahunasky (Post 291603)
Unless you are going to use your server with ISPConfig on it to serve dns requests for your domain/s, there is not need to use the external/WAN ip address in ispconfig. Even SSL wont have problems as long as you forward the port/s (443 / 993 etc) to the server.

I do use the DNS wizard to set up DNS for each domain I host. So do I need not not use 10.0.0.60 and add in the actual external IP that is also used in the Firewall?


thanks

till 5th February 2013 13:24

You use the internal IP address for all services except of DNS records. In dns records, the external IP is used.

rlischer 5th February 2013 13:33

Quote:

Originally Posted by till (Post 291619)
You use the internal IP address for all services except of DNS records. In dns records, the external IP is used.

So all sites I will pick the 10.0.0.60 ip. When I picked the 10.0.0.60 ip for just one site, when I went to other sites it was pulling up that one site at 10.0.0.60.

I'll give it a try on all sites.

Thank you

rlischer 5th February 2013 13:49

So I switched all my sites to 10.0.0.60 from * and restarted nginx and some of the sites disappear and you just get the standard ISPConfig 3 welcome page. This only happened on 2 sites, and 3 others were still pulling up the correct index.html. I have no idea what this means, so I switch them all back to * and everything is fine.

rlischer 5th February 2013 14:05

One thing I just noticed, the two sites that reverted back to the default ISPConfig welcome page after switching them to 10.0.0.60 both had SSL/SSI turned on with certificates. The others did not.

rlischer 5th February 2013 18:53

I went back in a deleted and recreated all my sites and picked 10.0.0.60 from the start and all is well now. Also SSL/SSI seems to be working on multiple domains using just 1 ip.


All times are GMT +2. The time now is 18:48.

Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.