Go Back   HowtoForge Forums | HowtoForge - Linux Howtos and Tutorials > ISPConfig 3 > Installation/Configuration

Do you like HowtoForge? Please consider supporting us by becoming a subscriber.
Reply
 
Thread Tools Display Modes
  #1  
Old 20th March 2012, 05:46
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default ISPConfig3 not showing panel in https

Hi,

i installed the perfect server debian

problem is apache works fine, webmail works fine. but https does not show up for the admin panel in ispconfig3

IPtables -L shows

PAROLE tcp -- anywhere anywhere tcp dpt:https

also tried ispconfig3 scripts to uninstall.php and install.php

i am using the server's ipaddress https://ipaddress:8080
yet again http://ipaddress works
and http://ipaddress/webmail works.

I have the server connected directly to the internet with no firewall box in-between the server and internet.

I don't know, i feel i followed the guide perfectly. but perhaps I made a mistake. I cant seem to get to the admin panel in ispconfig
Reply With Quote
Sponsored Links
  #2  
Old 20th March 2012, 07:51
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,034
Thanks: 826
Thanked 5,383 Times in 4,230 Posts
Default

ensure that port 8080 TCP is enabled in your firewall. The https port thaty ou listed above is 443 and not 8080.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
  #3  
Old 20th March 2012, 13:57
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default

yeah. Im listing iptables -L to show whats open. I'm assuming its http alt
which says "PAROLE tcp -- anywhere anywhere tcp dpt:http-alt"

Code:
root@webserver466:~# iptables -L
Chain INPUT (policy DROP)
target     prot opt source               destination
fail2ban-ssh  tcp  --  anywhere             anywhere            multiport dports ssh
DROP       tcp  --  anywhere             loopback/8
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
ACCEPT     all  --  anywhere             anywhere
DROP       all  --  base-address.mcast.net/4  anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
PUB_IN     all  --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain FORWARD (policy DROP)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere            state RELATED,ESTABLISHED
DROP       all  --  anywhere             anywhere

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere
PUB_OUT    all  --  anywhere             anywhere

Chain INT_IN (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain INT_OUT (0 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere
ACCEPT     all  --  anywhere             anywhere

Chain PAROLE (11 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain PUB_IN (5 references)
target     prot opt source               destination
ACCEPT     icmp --  anywhere             anywhere            icmp destination-unreachable
ACCEPT     icmp --  anywhere             anywhere            icmp echo-reply
ACCEPT     icmp --  anywhere             anywhere            icmp time-exceeded
ACCEPT     icmp --  anywhere             anywhere            icmp echo-request
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ftp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:ssh
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:smtp
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:domain
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:www
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:pop3
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:imap2
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:https
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:mysql
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:http-alt
PAROLE     tcp  --  anywhere             anywhere            tcp dpt:webmin
ACCEPT     udp  --  anywhere             anywhere            udp dpt:domain
DROP       icmp --  anywhere             anywhere
DROP       all  --  anywhere             anywhere

Chain PUB_OUT (5 references)
target     prot opt source               destination
ACCEPT     all  --  anywhere             anywhere

Chain fail2ban-dovecot-pop3imap (0 references)
target     prot opt source               destination

Chain fail2ban-ssh (1 references)
target     prot opt source               destination
RETURN     all  --  anywhere             anywhere
root@webserver466:~#
Reply With Quote
  #4  
Old 20th March 2012, 17:44
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default

so to sum it up
ssh works
apache says "it works"
ipaddress/web squirrel mail works
phpmyadmin page works

is there any reason why running the script for installing ipconfig3 would not modify the iptables correctly? or should i test moving it to another port by uninstalling and reinstalling?
Reply With Quote
  #5  
Old 21st March 2012, 03:27
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default

ok how do i make sure http-alt is port 8080

i just port scanned the server and do not see port 8080 on, but i need to rule out if the my cable internet provider is blocking it.

Last edited by HenryA; 21st March 2012 at 03:30.
Reply With Quote
  #6  
Old 21st March 2012, 05:10
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default

ok I unstalled ispconfig. reinstalled and set it to port 443 and it WORKED .

I guess im having firewall problems. but the problem is i dont know Debian at all, The only reason i picked it is for ISPConfig comparability. I originally did a perfect centos 6.2 installation, had many issues with a lousy broadcom network card dropping connection. So i installed an Intel card and debian Linux instead.. Wow installation on debian was cake compared to centos.

I reinstalled ispconfig a few more times. port 8080 didnt work again and port 8081. my question is doesnt ispconfig install script open up a port in the firewall?
UPDATE I tested it thoroughly, i can use port 8080 on the internal network but not external network. Should port http-alt be on "parole" what does it mean to be on PAROLE ?

Last edited by HenryA; 21st March 2012 at 05:41.
Reply With Quote
  #7  
Old 21st March 2012, 09:20
till till is offline
Super Moderator
 
Join Date: Apr 2005
Location: Lüneburg, Germany
Posts: 36,034
Thanks: 826
Thanked 5,383 Times in 4,230 Posts
Default

ISPConfig opens a port in the ispconfig firewall, but it can be that you have a second firewall installed on your server that blocks the port. Ensure that you dont run any additional firewall scripts beside the bastille-firewall from ispconfig.

If you use a external router or firewall, then you have to open and forward the ports there manually as ispconfig can not configure your external hardware automatically.
__________________
Till Brehm
--
Get ISPConfig support and the ISPConfig 3 manual from ispconfig.org.
Reply With Quote
The Following User Says Thank You to till For This Useful Post:
HenryA (25th March 2012)
  #8  
Old 21st March 2012, 15:21
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
Default

OK

the box is connected to a cable router directly to the internet with no firewall setup on the cable box.

I thought maybe the cable company blocked port 8080 but thats not true because its a docsis cisco box with no firewall built-in

Right now i only have ssh into the server because I set it up at my friends house. How do I enable port 8080 on Bastille via ISPconfig which currently works on port 443?

1. Can I open the port 8080 in Ispconfig, uninstall ispconfig to remove port 443 from it and reinstall back to port 8080?

or

2. Is there a setting page i can modify to move the port ispconfig listens to once I add port 8080 in the firewall page of Ispconfig
Reply With Quote
  #9  
Old 25th March 2012, 03:17
HenryA HenryA is offline
Junior Member
 
Join Date: Mar 2012
Posts: 8
Thanks: 1
Thanked 0 Times in 0 Posts
 
Default

update -solved-

The problem with not seeing the admin panel on port 8080 is solved. After testing another web server on port 8080 ( installing WAMP on my laptop) it turns out optimum cable blocks port 8080. i called to fix, After they opened the port, everything worked

I did a full re-installation to to make sure the manual worked fine and I noticed that port 8080 doesn't open up by default in ISPConfig . you have to open the port in the admin ispconfig panel from the inside network. I found no entries in the firewall of the admin panel. I selected ADD and all the default ports automatically listed themselves. Afterwards, everything was fine. It would be nice if the manual STATED that i have to open ports to reach the server from outside the inside network

Am i correct in saying that in IPTABLES all the settings that say PAROLE are controlled by BASTILLE in the ispconfig admin panel?

other than that thanks for the help. It did put me on the right track
Reply With Quote
Reply

Bookmarks

Tags
ispconfig3 debian https

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump

Similar Threads
Thread Thread Starter Forum Replies Last Post
haproxy with stunnel problem abubin Server Operation 6 10th April 2012 15:08
Force http to https for the admin panel GarGamel55 Installation/Configuration 3 23rd August 2011 10:46
amavis rejects all inbound emails aclhkaclhk Installation/Configuration 5 28th February 2010 04:24
Firefox hangs accessing control panel in https ADM Installation/Configuration 3 21st April 2007 13:03
Remove the https from the administration panel ? Jonathan Installation/Configuration 1 27th September 2006 22:17


All times are GMT +2. The time now is 06:14.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2014, vBulletin Solutions, Inc.