Basics of ISPConfig and internal / external ips

Discussion in 'Installation/Configuration' started by rlischer, Feb 5, 2013.

  1. rlischer

    rlischer Member HowtoForge Supporter

    My ISP provided me with 1 ip, I used this ip for my Firewall, I then set up ISPConfig 3 at 10.0.0.60 and used NAT to forward the required ports for ISPConfig 3 to 10.0.0.60. Everything seems to work fine, but all of my sites are set up on IPv4 * so it listens on all ips, even though I only have 10.0.0.60.
    My question is, do I need to add the external ip so it also appears in the drop down? I am wanting to try SSL on multiple sites on this 1 IP, and I don't understand if that IP is supposed to be the 10.0.0.60 or the real external IP which is used in my Firewall only. I am told you can't run SSL on "*", even though its running SSL fine on one site that uses "*" Also, if I do pick 10.0.0.60 for a website, it seems to "break" things. For instance, other sites become the site that has 10.0.0.60 picked instead of *.

    Hope this makes sense. I just need a basic understanding of what IPs I need to be using on the ISPConfig 3 side. I guess I could keep using *, but that's not working with multiple SSL sites on the one IP, at least Godaddy signed SSL certs.

    Thanks!
     
  2. tahunasky

    tahunasky New Member

    Unless you are going to use your server with ISPConfig on it to serve dns requests for your domain/s, there is not need to use the external/WAN ip address in ispconfig. Even SSL wont have problems as long as you forward the port/s (443 / 993 etc) to the server.
     
  3. rlischer

    rlischer Member HowtoForge Supporter

    I do use the DNS wizard to set up DNS for each domain I host. So do I need not not use 10.0.0.60 and add in the actual external IP that is also used in the Firewall?


    thanks
     
  4. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    You use the internal IP address for all services except of DNS records. In dns records, the external IP is used.
     
  5. rlischer

    rlischer Member HowtoForge Supporter

    So all sites I will pick the 10.0.0.60 ip. When I picked the 10.0.0.60 ip for just one site, when I went to other sites it was pulling up that one site at 10.0.0.60.

    I'll give it a try on all sites.

    Thank you
     
  6. rlischer

    rlischer Member HowtoForge Supporter

    So I switched all my sites to 10.0.0.60 from * and restarted nginx and some of the sites disappear and you just get the standard ISPConfig 3 welcome page. This only happened on 2 sites, and 3 others were still pulling up the correct index.html. I have no idea what this means, so I switch them all back to * and everything is fine.
     
  7. rlischer

    rlischer Member HowtoForge Supporter

    One thing I just noticed, the two sites that reverted back to the default ISPConfig welcome page after switching them to 10.0.0.60 both had SSL/SSI turned on with certificates. The others did not.
     
  8. rlischer

    rlischer Member HowtoForge Supporter

    I went back in a deleted and recreated all my sites and picked 10.0.0.60 from the start and all is well now. Also SSL/SSI seems to be working on multiple domains using just 1 ip.
     

Share This Page