Server behind NAT router
Is there any problems with Cpanel being installed on a server behind a NAT router with the ports mapped to the server?
does Cpanel then have any issues with it being on an internal IP address eg 10.0.0.1 while Cpanel is registered with a proper visible IP address?
cPanel.net Support Ticket Number:
I have a test server behind a NAT in my office. The server is not a DMZ host, but I have port forwarding enabled for the following ports:
21 FTP
22 SSH
23 TELNET
25 SMTP
53 DNS
123 NTP
110 POP3
143 IMAP
389 ldap
443 HTTPS
873 rsync
953 RNDC
993 IMAPS
2080 - 3000 CPANEL AND WEBMAIL
3306 MySQL
6666 MELANGE CHAT
I don't know if I am missing any other port, but forwarding the ports above should be enough to begin.
Please note that this is a test server, therefore I do not know what kind of implications this could have on a production environment.
A couple of things to keep in mind:
1. - Make sure you configure /etc/wwwacct.conf with the actual IP address to the server (the private IP), otherwise when creating accounts, cPanel will use the public/exposed IP.
2. - You might also want to edit /scripts/ipcheck so that it does not run, otherwise you will get daily emails telling you that the IP address to the server's hostname does not correspond with it's DNS entry. Once you modify the script, do not forget to chattr +i to avoid the cpanel updates from returning it to its original state.
Good luck
cPanel.net Support Ticket Number:
Bert Kammerer
Creator of the X Skins[/url]
Bert do you have any problems sending out emails behind the NAT? This is one thing I cannot seem to do
I never experienced any issues with the NAT. However, I had all the ports listed above forwarded to the correct IP. Make sure you're forwarding port 25 accordingly. Also, make sure your ISP is not blocking such port. Some ISPs are known to block the port to prevent their users from sending mail with their own or even 3rd party SMTP servers.Originally Posted by chimeraonline
Bert Kammerer
Creator of the X Skins[/url]
My ISP does block port 25 however I have setup to use port 26 and 2525 for smtp and neither of these have worked. Any idea?
Just because you set your server up to listen on port 26/2525 doesn't mean you will get email, as matter of fact it means you won't.
All SMTP servers out there sending email to your domain(s) will connect to your IP at port 25 to send email to you. Since your ISP blocks it they effectively won't be able to connect. There is no way to tell all the servers in the world to send SMTP to your port 26 and 2525.
I used to bootleg off my ISP too, they didn't allow servers, but I ran them anyway. Fortunately for me they didn't block any traffic. They relied on an internal scanner of theirs to connect to server ports as a way of telling when someone was running a server. I just blocked that scanner's IP and never had any problems.
Of course this isn't any way to run a real hosting company so eventually I had to grow out of it.
I like your spunk, if you want I'll host your domains email-only. In other words you host the whole site, just set the MX record to my server. I'll give you a real super cut rate, post a private message to me /dev/null if you are interested.
/dev/null
Your local neighborhood null device.
One that just JUMPED out at me was port 80. Kinda hard to run a web server with that one closed...
When I was reading this post earlier I was focused on the email issue and didn't pay a lot of attention to the ports listed.
/dev/null
Your local neighborhood null device.
LOL. You're absolutely right, I guess I missed it
Bert Kammerer
Creator of the X Skins[/url]
1. - Make sure you configure /etc/wwwacct.conf with the actual IP address to the server (the private IP), otherwise when creating accounts, cPanel will use the public/exposed IP.
2. - You might also want to edit /scripts/ipcheck so that it does not run, otherwise you will get daily emails telling you that the IP address to the server's hostname does not correspond with it's DNS entry. Once you modify the script, do not forget to chattr +i to avoid the cpanel updates from returning it to its original state.
Good luck
cPanel.net Support Ticket Number:
1: I have my wwwacct.conf set with the actual outside address. Not the private. That seem to work for me. I seem to have errors when setting the local domains to the local lan IP. I am running the server on a DMZ unit along with a Nokia checkpoint firewall. I have the firewall pointing external address to internal address of the server. I then added the actual outside IP's to the box. Then changed the ip for the virtual server to the outside one and the shared virtual host ip is also the external IP. Not the internal ip otherwise I get errors that page cannot be displayed. Well I have everything working but can only reach the site and email when on an external machine that is not on the local network. So if I go about doing your way I can get this to work on inside and outside?
2: What did you edit in this config to stop sending these emails? Please post the actual script modifications that need to be done.
This is what I did http://forums.cpanel.net/showthread.php?t=35776
LinkBack URL
About LinkBacks
Reply With Quote