Remote access to ispconfig failure: fedora core 4 (64 bit)

Discussion in 'Installation/Configuration' started by dchowdhu, Jan 26, 2006.

  1. dchowdhu

    dchowdhu New Member

    Hi,
    Thanks to Falko the ispconfig working fine for https://mydomain.dom:81 and https://client.dom:81 when access through LAN.

    The problem starts when it is access from outside NAT/Firewall. The access to https fails with no page found. I have allowed the firewall and NAT to forward port 81 and https and http to the ispconfig server yet the problem still exists.

    Please note that http://mydomain.dom and http://client.dom is working does not matter where I access it from.

    Please help, my ispconfig server is behind NAT/firewall. It is fedora core 4 on AMD 64 X2 machine.

    Will appreciate your kind help.
    thanks

    Dhiman
     
  2. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    What do you mean with "The access to https fails with no page found."

    Did you get a 404 error in the browser or does no page show up?
     
  3. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Which URL do you have in /home/admispconfig/ispconfig/lib/config.inc.php?
     
  4. dchowdhu

    dchowdhu New Member

    No Error messages. It seems like trying to get response then simple filure as given below from the browser ( Ihave configure IE with SSL etc as stated in the messge):


    ---------------
    The page cannot be displayed
    The page you are looking for is currently unavailable. The Web site might be experiencing technical difficulties, or you may need to adjust your browser settings.

    --------------------------------------------------------------------------------

    Please try the following:

    Click the Refresh button, or try again later.

    If you typed the page address in the Address bar, make sure that it is spelled correctly.

    To check your connection settings, click the Tools menu, and then click Internet Options. On the Connections tab, click Settings. The settings should match those provided by your local area network (LAN) administrator or Internet service provider (ISP).
    See if your Internet connection settings are being detected. You can set Microsoft Windows to examine your network and automatically discover network connection settings (if your network administrator has enabled this setting).
    Click the Tools menu, and then click Internet Options.
    On the Connections tab, click LAN Settings.
    Select Automatically detect settings, and then click OK.
    Some sites require 128-bit connection security. Click the Help menu and then click About Internet Explorer to determine what strength security you have installed.
    If you are trying to reach a secure site, make sure your Security settings can support it. Click the Tools menu, and then click Internet Options. On the Advanced tab, scroll to the Security section and check settings for SSL 2.0, SSL 3.0, TLS 1.0, PCT 1.0.
    Click the Back button to try another link.



    Cannot find server or DNS Error
    Internet Explorer
     
  5. dchowdhu

    dchowdhu New Member

    Remote access to ISPCONFIG

    Hi Till,
    I have tried to decode the packet from client having internet explorer that is browsing the ispconfig server.
    10 (Host administratively prohibited)


    The request is getting icmp error message as follows:
    No. Time Source Destination Protocol Info
    30 10.517804 67.120.213.239 10.1.31.128 ICMP Destination unreachable (Host administratively prohibited)

    Frame 30 (90 bytes on wire, 90 bytes captured)
    Arrival Time: Jan 26, 2006 15:35:14.402820000
    Time delta from previous packet: 0.016605000 seconds
    Time since reference or first frame: 10.517804000 seconds
    Frame Number: 30
    Packet Length: 90 bytes
    Capture Length: 90 bytes
    Protocols in frame: eth:ip:icmp:ip:tcp
    Ethernet II, Src: ZhsZeitm_63:ab:fc (00:d0:05:63:ab:fc), Dst: Ibm_5e:03:3c (00:0d:60:5e:03:3c)
    Destination: Ibm_5e:03:3c (00:0d:60:5e:03:3c)
    Source: ZhsZeitm_63:ab:fc (00:d0:05:63:ab:fc)
    Type: IP (0x0800)
    Internet Protocol, Src: 67.120.213.239 (67.120.213.239), Dst: 10.1.31.128 (10.1.31.128)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
    0000 00.. = Differentiated Services Codepoint: Default (0x00)
    .... ..0. = ECN-Capable Transport (ECT): 0
    .... ...0 = ECN-CE: 0
    Total Length: 76
    Identification: 0xab90 (43920)
    Flags: 0x00
    0... = Reserved bit: Not set
    .0.. = Don't fragment: Not set
    ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 48
    Protocol: ICMP (0x01)
    Header checksum: 0x9c2e [correct]
    Source: 67.120.213.239 (67.120.213.239)
    Destination: 10.1.31.128 (10.1.31.128)
    Internet Control Message Protocol
    Type: 3 (Destination unreachable)
    Code: 10 (Host administratively prohibited)
    Checksum: 0x3900 [correct]
    Internet Protocol, Src: 10.1.31.128 (10.1.31.128), Dst: 67.120.213.239 (67.120.213.239)
    Version: 4
    Header length: 20 bytes
    Differentiated Services Field: 0x00 (DSCP 0x00: Default; ECN: 0x00)
    0000 00.. = Differentiated Services Codepoint: Default (0x00)
    .... ..0. = ECN-Capable Transport (ECT): 0
    .... ...0 = ECN-CE: 0
    Total Length: 48
    Identification: 0x870e (34574)
    Flags: 0x04 (Don't Fragment)
    0... = Reserved bit: Not set
    .1.. = Don't fragment: Set
    ..0. = More fragments: Not set
    Fragment offset: 0
    Time to live: 112
    Protocol: TCP (0x06)
    Header checksum: 0x40c7 [correct]
    Source: 10.1.31.128 (10.1.31.128)
    Destination: 67.120.213.239 (67.120.213.239)
    Transmission Control Protocol, Src Port: 2430 (2430), Dst Port: 81 (81), Seq: 3952035904, Ack: 0
    Source port: 2430 (2430)
    Destination port: 81 (81)
    Sequence number: 3952035904 (relative sequence number)
    Header length: 28 bytes
    Flags: 0x0002 (SYN)
    0... .... = Congestion Window Reduced (CWR): Not set
    .0.. .... = ECN-Echo: Not set
    ..0. .... = Urgent: Not set
    ...0 .... = Acknowledgment: Not set
    .... 0... = Push: Not set
    .... .0.. = Reset: Not set
    .... ..1. = Syn: Set
    .... ...0 = Fin: Not set
    Window size: 64512
    Checksum: 0x0de8 [incorrect, should be 0x06dd]
    Options: (8 bytes)
    Maximum segment size: 1380 bytes
    NOP
    NOP
    SACK permitted
     
  6. falko

    falko Super Moderator Howtoforge Staff Moderator HowtoForge Supporter ISPConfig Developer

    Seems to be a firewall problem. Your firewall has to allow port 81.

    Which error message do you get with Firefox?
     
  7. till

    till Super Moderator Howtoforge Staff HowtoForge Supporter ISPConfig Developer

    Also some internet providers block uncommon ports like port 81, if you are sure you configured your firewall correctly you might ask your internet provider if they where blocking port 81.
     

Share This Page