The Community Forums

Interact with an entire community of cPanel & WHM users!
  1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Server behind NAT router

Discussion in 'General Discussion' started by cbservers, Jun 8, 2003.

  1. cbservers

    cbservers Member

    Joined:
    Sep 10, 2002
    Messages:
    7
    Likes Received:
    0
    Trophy Points:
    1
    Location:
    Aussie Land
    Is there any problems with Cpanel being installed on a server behind a NAT router with the ports mapped to the server?

    does Cpanel then have any issues with it being on an internal IP address eg 10.0.0.1 while Cpanel is registered with a proper visible IP address?

    cPanel.net Support Ticket Number:
     
  2. bert

    bert Well-Known Member

    Joined:
    Aug 21, 2001
    Messages:
    602
    Likes Received:
    0
    Trophy Points:
    16
    I have a test server behind a NAT in my office. The server is not a DMZ host, but I have port forwarding enabled for the following ports:

    21 FTP
    22 SSH
    23 TELNET
    25 SMTP
    53 DNS
    123 NTP
    110 POP3
    143 IMAP
    389 ldap
    443 HTTPS
    873 rsync
    953 RNDC
    993 IMAPS
    2080 - 3000 CPANEL AND WEBMAIL
    3306 MySQL
    6666 MELANGE CHAT

    I don't know if I am missing any other port, but forwarding the ports above should be enough to begin.

    Please note that this is a test server, therefore I do not know what kind of implications this could have on a production environment.

    A couple of things to keep in mind:

    1. - Make sure you configure /etc/wwwacct.conf with the actual IP address to the server (the private IP), otherwise when creating accounts, cPanel will use the public/exposed IP.

    2. - You might also want to edit /scripts/ipcheck so that it does not run, otherwise you will get daily emails telling you that the IP address to the server's hostname does not correspond with it's DNS entry. Once you modify the script, do not forget to chattr +i to avoid the cpanel updates from returning it to its original state.

    Good luck :)

    cPanel.net Support Ticket Number:
     
  3. chimeraonline

    chimeraonline Member

    Joined:
    Jul 2, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    Bert do you have any problems sending out emails behind the NAT? This is one thing I cannot seem to do
     
  4. bert

    bert Well-Known Member

    Joined:
    Aug 21, 2001
    Messages:
    602
    Likes Received:
    0
    Trophy Points:
    16
    I never experienced any issues with the NAT. However, I had all the ports listed above forwarded to the correct IP. Make sure you're forwarding port 25 accordingly. Also, make sure your ISP is not blocking such port. Some ISPs are known to block the port to prevent their users from sending mail with their own or even 3rd party SMTP servers.
     
  5. chimeraonline

    chimeraonline Member

    Joined:
    Jul 2, 2004
    Messages:
    6
    Likes Received:
    0
    Trophy Points:
    1
    My ISP does block port 25 however I have setup to use port 26 and 2525 for smtp and neither of these have worked. Any idea?
     
  6. dev.null

    dev.null Well-Known Member

    Joined:
    May 27, 2003
    Messages:
    75
    Likes Received:
    1
    Trophy Points:
    6
    Just because you set your server up to listen on port 26/2525 doesn't mean you will get email, as matter of fact it means you won't.

    All SMTP servers out there sending email to your domain(s) will connect to your IP at port 25 to send email to you. Since your ISP blocks it they effectively won't be able to connect. There is no way to tell all the servers in the world to send SMTP to your port 26 and 2525.

    I used to bootleg off my ISP too, they didn't allow servers, but I ran them anyway. Fortunately for me they didn't block any traffic. They relied on an internal scanner of theirs to connect to server ports as a way of telling when someone was running a server. I just blocked that scanner's IP and never had any problems.

    Of course this isn't any way to run a real hosting company so eventually I had to grow out of it.

    I like your spunk, if you want I'll host your domains email-only. In other words you host the whole site, just set the MX record to my server. I'll give you a real super cut rate, post a private message to me /dev/null if you are interested.
     
  7. dev.null

    dev.null Well-Known Member

    Joined:
    May 27, 2003
    Messages:
    75
    Likes Received:
    1
    Trophy Points:
    6
    One that just JUMPED out at me was port 80. Kinda hard to run a web server with that one closed...

    When I was reading this post earlier I was focused on the email issue and didn't pay a lot of attention to the ports listed.
     
  8. bert

    bert Well-Known Member

    Joined:
    Aug 21, 2001
    Messages:
    602
    Likes Received:
    0
    Trophy Points:
    16

    LOL. You're absolutely right, I guess I missed it :p
     
  9. Lestat

    Lestat Well-Known Member

    Joined:
    Sep 13, 2003
    Messages:
    199
    Likes Received:
    0
    Trophy Points:
    16

    1: I have my wwwacct.conf set with the actual outside address. Not the private. That seem to work for me. I seem to have errors when setting the local domains to the local lan IP. I am running the server on a DMZ unit along with a Nokia checkpoint firewall. I have the firewall pointing external address to internal address of the server. I then added the actual outside IP's to the box. Then changed the ip for the virtual server to the outside one and the shared virtual host ip is also the external IP. Not the internal ip otherwise I get errors that page cannot be displayed. Well I have everything working but can only reach the site and email when on an external machine that is not on the local network. So if I go about doing your way I can get this to work on inside and outside?

    2: What did you edit in this config to stop sending these emails? Please post the actual script modifications that need to be done.
     
  10. Lestat

    Lestat Well-Known Member

    Joined:
    Sep 13, 2003
    Messages:
    199
    Likes Received:
    0
    Trophy Points:
    16
Loading...

Share This Page