Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 2 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #11  
Old 24th February 2008, 23:48
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Thank you leventersoy

I tried starting SSL as you suggested, but FF still returns the following:
Quote:
The connection was interrupted

The connection to www.giganetwireless.net:81 was interrupted while the page was loading.


* The site could be temporarily unavailable or too busy. Try again in a few moments.

* If you are unable to load any pages, check your computer's network
connection.

* If your computer or network is protected by a firewall or proxy, make sure that Firefox is permitted to access the Web.
Regards

Last edited by giganet; 25th February 2008 at 04:19.
Reply With Quote
Sponsored Links
  #12  
Old 25th February 2008, 04:15
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

My Bad, triple post ;-(

Last edited by giganet; 25th February 2008 at 04:19.
Reply With Quote
  #13  
Old 25th February 2008, 04:16
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Sorry for the dual post
Reply With Quote
  #14  
Old 25th February 2008, 17:25
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

This means it's not a firewall problem because you're at least getting a connection (although it was interrupted).
I think you should recreate the SSL certificate, but this time please accept all default values. Don't enter custom data.
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (26th February 2008)
  #15  
Old 26th February 2008, 05:33
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Thank you Falko

I regenerated the SSL cert using all default values as you suggested.

When trying to access ISPConfig however I still get the same results running FF.


Regards
Reply With Quote
  #16  
Old 27th February 2008, 12:05
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Any errors in the error log in /root/ispconfig/httpd/logs?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (27th February 2008)
  #17  
Old 27th February 2008, 18:18
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Thank you Falko

I first tried accessing ISPConfig so any recorded errors generated by the SSL would appear at teh bottom of any logging.

In error_log all errors were not from today.

However, in ssl_request_log I see the following:
Code:
[27/Feb/2008:09:00:19 -0800] 65.197.209.2 TLSv1 DHE-RSA-AES256-SHA "POST /multidoc/edit/edit.php HTTP/1.1" 5
[27/Feb/2008:09:00:19 -0800] 65.197.209.2 TLSv1 DHE-RSA-AES256-SHA "GET /multidoc/edit/edit.php?doctype_id=1013&tree_id=100& HTTP/1.1" 30280
[27/Feb/2008:09:00:54 -0800] 65.197.209.2 TLSv1 DHE-RSA-AES256-SHA "GET /logoff.php? HTTP/1.1" 5
[27/Feb/2008:09:00:54 -0800] 65.197.209.2 TLSv1 DHE-RSA-AES256-SHA "GET /login.php?err=999 HTTP/1.1" 2158
In ssl_engine_log I find the following:

Code:
[27/Feb/2008 09:00:54 32022] [info]  Connection to child 0 established (server www.giganetwireless.net:81, client 65.197.209.2)
[27/Feb/2008 09:00:54 32022] [info]  Seeding PRNG with 1160 bytes of entropy
[27/Feb/2008 09:00:54 32022] [info]  Connection: Client IP: 65.197.209.2, Protocol: TLSv1, Cipher: DHE-RSA-AES256-SHA (256/256 bits)
[27/Feb/2008 09:00:54 32022] [info]  Initial (No.1) HTTPS request received for child 0 (server www.giganetwireless.net:81)
[27/Feb/2008 09:00:54 32022] [info]  Subsequent (No.2) HTTPS request received for child 0 (server www.giganetwireless.net:81)
[27/Feb/2008 09:01:10 32022] [info]  Connection to child 0 closed with standard shutdown (server www.giganetwireless.net:81, client 65.197.209.2)
And in accesss_log I see the following:

Code:
65.197.209.2 - - [27/Feb/2008:09:00:19 -0800] "POST /multidoc/edit/edit.php HTTP/1.1" 302 5
65.197.209.2 - - [27/Feb/2008:09:00:19 -0800] "GET /multidoc/edit/edit.php?doctype_id=1013&tree_id=100& HTTP/1.1" 200 30280
65.197.209.2 - - [27/Feb/2008:09:00:54 -0800] "GET /logoff.php? HTTP/1.1" 302 5
65.197.209.2 - - [27/Feb/2008:09:00:54 -0800] "GET /login.php?err=999 HTTP/1.1" 200 2158
Thanking you in advance for your help Falko.

Regards
Reply With Quote
  #18  
Old 28th February 2008, 19:53
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
Default

Please post the output of
Code:
iptables -L
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (28th February 2008)
  #19  
Old 28th February 2008, 21:40
giganet giganet is offline
Senior Member
 
Join Date: Aug 2007
Location: California
Posts: 243
Thanks: 116
Thanked 1 Time in 1 Post
Send a message via AIM to giganet
Post

Thank you Falko


Code:
Chain INPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
eth0_in    0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:INPUT:REJECT:'
reject     0    --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
eth0_fwd   0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:FORWARD:REJECT:'
reject     0    --  anywhere             anywhere

Chain OUTPUT (policy DROP)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere
eth0_out   0    --  anywhere             anywhere
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:OUTPUT:REJECT:'
reject     0    --  anywhere             anywhere

Chain Drop (2 references)
target     prot opt source               destination
reject     tcp  --  anywhere             anywhere            tcp dpt:auth
dropBcast  0    --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp fragmentation-
needed
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
dropInvalid  0    --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            multiport dports lo
c-srv,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpts:netbios-ns
:netbios-ssn
DROP       udp  --  anywhere             anywhere            udp spt:netbios-ns
dpts:1024:65535
DROP       tcp  --  anywhere             anywhere            multiport dports lo
c-srv,netbios-ssn,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpt:1900
dropNotSyn  tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            udp spt:domain

Chain Reject (4 references)
target     prot opt source               destination
reject     tcp  --  anywhere             anywhere            tcp dpt:auth
dropBcast  0    --  anywhere             anywhere
ACCEPT     icmp --  anywhere             anywhere            icmp fragmentation-
needed
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
dropInvalid  0    --  anywhere             anywhere
reject     udp  --  anywhere             anywhere            multiport dports lo
c-srv,microsoft-ds
reject     udp  --  anywhere             anywhere            udp dpts:netbios-ns
:netbios-ssn
reject     udp  --  anywhere             anywhere            udp spt:netbios-ns
dpts:1024:65535
reject     tcp  --  anywhere             anywhere            multiport dports lo
c-srv,netbios-ssn,microsoft-ds
DROP       udp  --  anywhere             anywhere            udp dpt:1900
dropNotSyn  tcp  --  anywhere             anywhere
DROP       udp  --  anywhere             anywhere            udp spt:domain

Chain all2all (0 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
LISHED
Reject     0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:all2all:REJECT:'
reject     0    --  anywhere             anywhere

Chain dropBcast (2 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            PKTTYPE = broadcast

DROP       0    --  anywhere             anywhere            PKTTYPE = multicast


Chain dropInvalid (2 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            state INVALID

Chain dropNotSyn (2 references)
target     prot opt source               destination
DROP       tcp  --  anywhere             anywhere            tcp flags:!FIN,SYN,
RST,ACK/SYN

Chain dynamic (2 references)
target     prot opt source               destination

Chain eth0_fwd (1 references)
target     prot opt source               destination
dynamic    0    --  anywhere             anywhere            state INVALID,NEW
smurfs     0    --  anywhere             anywhere            state INVALID,NEW
norfc1918  0    --  anywhere             anywhere            state NEW
tcpflags   tcp  --  anywhere             anywhere

Chain eth0_in (1 references)
target     prot opt source               destination
dynamic    0    --  anywhere             anywhere            state INVALID,NEW
smurfs     0    --  anywhere             anywhere            state INVALID,NEW
norfc1918  0    --  anywhere             anywhere            state NEW
tcpflags   tcp  --  anywhere             anywhere
net2fw     0    --  anywhere             anywhere

Chain eth0_out (1 references)
target     prot opt source               destination
fw2net     0    --  anywhere             anywhere

Chain fw2net (1 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
LISHED
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     0    --  anywhere             anywhere

Chain logdrop (0 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:logdrop:DROP:'
DROP       0    --  anywhere             anywhere

Chain logflags (5 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:logflags:DROP:'
DROP       0    --  anywhere             anywhere

Chain logreject (0 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:logreject:REJECT:'
reject     0    --  anywhere             anywhere

Chain net2all (0 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
LISHED
Drop       0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:net2all:DROP:'
DROP       0    --  anywhere             anywhere

Chain net2fw (1 references)
target     prot opt source               destination
ACCEPT     0    --  anywhere             anywhere            state RELATED,ESTAB
LISHED
ACCEPT     tcp  --  anywhere             anywhere
ACCEPT     tcp  --  giganetwireless.net  anywhere            tcp dpt:www limit:
avg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:ftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:telnet
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:smtp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:domain
ACCEPT     tcp  --  65.197.209.0         anywhere            tcp dpt:69
ACCEPT     udp  --  65.197.209.0         anywhere            udp dpt:tftp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:www limit:
avg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:81 limit: a
vg 20/sec burst 24
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:pop3
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:imap2
ACCEPT     udp  --  anywhere             anywhere            udp dpt:imap2
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:snmp
ACCEPT     udp  --  anywhere             anywhere            udp dpt:snmp
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:https limit
: avg 20/sec burst 24
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request l
imit: avg 5/sec burst 8
ACCEPT     tcp  --  anywhere             anywhere            tcp dpt:mysql
ACCEPT     tcp  --  65.197.209.0/24      anywhere            tcp dpt:54000
ACCEPT     tcp  --  anywhere             anywhere            MAC 00:03:25:21:FA:
23 tcp dpt:54000
ACCEPT     tcp  --  anywhere             giganetwireless.net tcp dpt:www
ACCEPT     tcp  --  anywhere             giganetwireless.net tcp dpt:https
Drop       0    --  anywhere             anywhere
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:net2fw:DROP:'
DROP       0    --  anywhere             anywhere

Chain norfc1918 (2 references)
target     prot opt source               destination
rfc1918    0    --  172.16.0.0/12        anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 172.16.0.
0/12
rfc1918    0    --  192.168.0.0/16       anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 192.168.0
.0/16
rfc1918    0    --  10.0.0.0/8           anywhere
rfc1918    0    --  anywhere             anywhere            ctorigdst 10.0.0.0/
8

Chain reject (11 references)
target     prot opt source               destination
DROP       0    --  anywhere             anywhere            PKTTYPE = broadcast

DROP       0    --  anywhere             anywhere            PKTTYPE = multicast

DROP       0    --  65.197.209.128       anywhere
DROP       0    --  255.255.255.255      anywhere
DROP       0    --  BASE-ADDRESS.MCAST.NET/4  anywhere
REJECT     tcp  --  anywhere             anywhere            reject-with tcp-res
et
REJECT     udp  --  anywhere             anywhere            reject-with icmp-po
rt-unreachable
REJECT     icmp --  anywhere             anywhere            reject-with icmp-ho
st-unreachable
REJECT     0    --  anywhere             anywhere            reject-with icmp-ho
st-prohibited

Chain rfc1918 (6 references)
target     prot opt source               destination
LOG        0    --  anywhere             anywhere            LOG level info pref
ix `Shorewall:rfc1918:DROP:'
DROP       0    --  anywhere             anywhere

Chain shorewall (0 references)
target     prot opt source               destination

Chain smurfs (2 references)
target     prot opt source               destination
LOG        0    --  65.197.209.128       anywhere            LOG level info pref
ix `Shorewall:smurfs:DROP:'
DROP       0    --  65.197.209.128       anywhere
LOG        0    --  255.255.255.255      anywhere            LOG level info pref
ix `Shorewall:smurfs:DROP:'
DROP       0    --  255.255.255.255      anywhere
LOG        0    --  BASE-ADDRESS.MCAST.NET/4  anywhere            LOG level info
 prefix `Shorewall:smurfs:DROP:'
DROP       0    --  BASE-ADDRESS.MCAST.NET/4  anywhere

Chain tcpflags (2 references)
target     prot opt source               destination
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,R
ST,PSH,ACK,URG/FIN,PSH,URG
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN,R
ST,PSH,ACK,URG/NONE
logflags   tcp  --  anywhere             anywhere            tcp flags:SYN,RST/S
YN,RST
logflags   tcp  --  anywhere             anywhere            tcp flags:FIN,SYN/F
IN,SYN
logflags   tcp  --  anywhere             anywhere            tcp spt:0 flags:FIN
,SYN,RST,ACK/SYN
Regards
Reply With Quote
  #20  
Old 29th February 2008, 14:25
falko falko is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 41,701
Thanks: 1,900
Thanked 2,722 Times in 2,563 Posts
 
Default

Does it work when you switch off the firewall?
__________________
Falko
--
Download the ISPConfig 3 Manual! | Check out the ISPConfig 3 Billing Module!

FB: http://www.facebook.com/howtoforge

nginx-Webhosting: Timme Hosting | Follow me on:
Reply With Quote
The Following User Says Thank You to falko For This Useful Post:
giganet (29th February 2008)
Reply

Bookmarks

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
SSL for virtual hosts on one certificate rbartz Tips/Tricks/Mods 8 20th November 2007 17:59
New SSL Cert PoleCat Installation/Configuration 15 4th July 2007 10:13
SSL Setup Question bschultz Installation/Configuration 23 3rd June 2007 00:40
Can't get SSL Cert to work rbartz Installation/Configuration 4 23rd April 2006 09:32
Questions in regards to ISP-Server Setup - Ubuntu 5.10 "Breezy Badger" rbrantley HOWTO-Related Questions 16 10th April 2006 18:26


All times are GMT +2. The time now is 18:41.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.