Koozali.org: home of the SME Server
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: SME Server 7.x problem displaying webpages behind NAT
« previous next »
Pages: [1]   Go Down

SME Server 7.x problem displaying webpages behind NAT

  • 1 Replies
  • 1675 Views

Rensel

SME Server 7.x problem displaying webpages behind NAT
« on: February 06, 2007, 01:49:10 PM »
PROBLEM HAS BEEN SOLVED.
Was a DNS issue ( config.php referred to the internal 192.168.1.250 host as being the 'live site'



Hi all,

First of all : I'm new to SME server and have only read basic MASQ / iptables information, but maybe someone can help me with a problem.

I have successfully installed SME Server 7.x newest version in SERVER-ONLY mode. I have then used the /server-manager to create a basic webpage ( index.htm ) and this worked like a charm. I have proceeded to install Joomla on the server, which works perfectly. So far so good.
I have a perfectly running Joomla system, with PHP and MySQL all running fine. That is, from WITHIN a lan. As soon as I put a router between the host and the server, I get very strange problems.

The symptoms :
When I use the server in a lan , same IP subnet ( 192.168.x.x ) then I can do everything I want, SSH , web , php , server-manager etc.

But I want to use this server as a webserver from my home, so what I did I configured my router to NAT traffic from the outside to inside using the virtual server settings in the router. I know a little about networking and have done this many times, and it always worked.

Now I have done the same : Virtual servers 80 / 443 / 22 / 21 to forward traffic coming on the outside ports to the SME server inside and I left to work to try and connect.

What I get is very strange. I can still connect to the server using SSH , but after a few seconds of inactivity, the connection will 'hang'. If I keep typing etc, doing things, I can keep connected for hours. The webserver only displays simple HTML, it seems like the data from images and database are not returned, and I cannot access my ventrilo server or /server-administrator webpage.

I have no idea why NAT broke my server down so strangely, if I connect directly from the internal LAN, everything works fine.

I would love any advice on what I could do to solve my issue.

EDIT : I have tried to stop MASQ and iptables completely, this didn't change anything.

EDIT2: found someone with the same problem :
www.linuxforums.org/forum/servers/24614-over-my-head-mitel-server-sme.html
No solution posted there.

EDIT3: FTP works / SSH works / HTTP works but only half. that is the main problem. I see something appearing, but only half the info. Could it be Joomla security settings instead of SME ?
Logged

Rensel

The configuration output
« Reply #1 on: February 06, 2007, 02:13:31 PM »
/sbin/e-smith/db configuration show
AccessType=dedicated
ActiveAccounts=0
ConsoleMode=login
ContactEmail=
ContactName=
ContactOrg=
DialupConnOffice=long
DialupConnOutside=long
DialupConnWeekend=long
DialupFreqOffice=every15min
DialupFreqOutside=everyhour
DialupFreqWeekend=everyhour
DialupModemDevice=/dev/ttyS1
DialupPhoneNumber=
DialupUserAccount=replacedname
DialupUserPassword=userpassword
DomainName=replacedname.eu
DynDNS=service
    status=disabled
EmailUnknownUser=returntosender
EthernetAssign=normal
EthernetDriver1=8139too
EthernetDriver2=unknown
ExternalDHCP=off
ExternalNetmask=255.255.255.0
GatewayIP=192.168.1.1
InternalInterface=interface
    Broadcast=192.168.1.255
    Configuration=static
    Driver=8139too
    IPAddress=192.168.1.250
    NICBondingOptions=miimon=200 mode=active-backup
    Name=eth0
    Netmask=255.255.255.0
    Network=192.168.1.0
LocalIP=192.168.1.250
LocalNetmask=255.255.255.0
MinUid=5000
PasswordSet=yes
SMTPSmartHost=
SquidParent=
SquidParentPort=
StatusReports=off
SystemMode=serveronly
SystemName=replacedname
TimeZone=Europe/Amsterdam
UnsavedChanges=no
acpid=service
    status=enabled
apmd=service
    status=enabled
atalk=service
    MaxClients=20
    status=enabled
backup=service
    Program=flexbackup
    backupTime=2:00
    reminderTime=14:00
    status=disabled
bootstrap-console=service
    ForceSave=no
    Run=no
    status=enabled
clamav=service
    ArchiveBlockEncrypted=no
    ArchiveBlockMax=no
    ArchiveMaxCompressionRatio=300
    ArchiveMaxFileSize=15M
    ArchiveMaxFiles=1500
    ArchiveMaxRecursion=8
    Checks=24
    DNSDatabaseInfo=current.cvd.clamav.net
    DatabaseMirror=db.local.clamav.net
    Debug=no
    DetectBrokenExecutables=no
    FilesystemScan=disabled
    FilesystemScanExclude=/proc,/sys,/usr/share,/var
    FilesystemScanFilesystems=/home/e-smith/files
    FilesystemScanReportTo=admin
    Foreground=yes
    IdleTimeout=60
    LeaveTemporaryFiles=no
    LogClean=no
    LogFileUnlock=yes
    LogTime=no
    LogVerbose=yes
    MaxAttempts=6
    MaxConnectionQueueLength=30
    MaxDirectoryRecursion=20
    MaxThreads=20
    Quarantine=disabled
    QuarantineDirectory=/var/spool/clamav/quarantine
    ReadTimeout=300
    ScanArchive=yes
    ScanHTML=yes
    ScanMail=yes
    ScanOLE2=yes
    ScanPE=yes
    ScanRAR=no
    SelfCheck=1800
    ShowProxySettings=no
    ShowUpdateSettings=no
    SignaturesUpdated=unknown
    UpdateNonOfficeHrs=disabled
    UpdateOfficeHrs=disabled
    UpdateWeekend=disabled
    status=enabled
clamd=service
    MemLimit=80000000
    status=enabled
cpuspeed=service
    status=disabled
crond=service
    status=enabled
ctrlaltdel=service
    status=enabled
dhcpcd=service
    status=disabled
dhcpd=service
    Bootp=deny
    end=192.168.1.250
    start=192.168.1.65
    status=disabled
diald=service
    status=disabled
dnscache=service
    TCPPort=53
    UDPPort=53
    access=private
    status=enabled
dnscache.forwarder=service
    status=enabled
fetchmail=service
    FreqOffice=every15min
    FreqOutside=every15min
    FreqWeekend=every15min
    Method=standard
    SecondaryMailAccount=popaccount
    SecondaryMailPassword=poppassword
    SecondaryMailServer=mail.myisp.xxx
    status=disabled
flexbackup=backupservice
    Blocksize=32
    BufferMegs=20
    BufferProg=buffer
    TapeBlocksize=0
    Type=tar
    erase_rewind_only=true
freshclam=service
    status=enabled
ftp=service
    LoginAccess=public
    TCPPort=21
    access=public
    status=enabled
haldaemon=service
    status=enabled
horde=service
    DbPassword=xxx
    imp=installed
    status=enabled
httpd-admin=service
    PermitPlainTextAccess=no
    TCPPort=980
    ValidFrom=
    access=localhost
    status=enabled
httpd-e-smith=service
    TCPPort=80
    access=public
    status=enabled
imap=service
    ConcurrencyLimit=400
    ConcurrencyLimitPerIP=12
    TCPPort=143
    access=private
    status=enabled
imaps=service
    ConcurrencyLimit=400
    ConcurrencyLimitPerIP=12
    TCPPort=993
    access=private
    status=enabled
imp=service
    access=SSL
    status=disabled
ippp=service
    status=disabled
irqbalance=service
    status=enabled
isdn=service
    Protocol=2
    UserSyncPPP=yes
    status=disabled
klogd=service
    status=enabled
ldap=service
    TCPPort=389
    access=public
    defaultCity=Ottawa
    defaultCompany=XYZ Corporation
    defaultDepartment=Main
    defaultPhoneNumber=555-5555
    defaultStreet=123 Main Street
    status=enabled
local=service
    status=enabled
lpd=service
    status=enabled
masq=service
    DenylogTarget=drop
    Logging=most
    Stealth=no
    Trace=disabled
    pptp=yes
    status=enabled
maxAcctNameLength=31
maxGroupNameLength=31
messagebus=service
    status=enabled
microcode_ctl=service
    status=enabled
modPerl=service
    status=disabled
modSSL=service
    CipherSuite=ALL:!aNULL:!ADH:!eNULL:!LOW:!EXP:RC4+RSA:+HIGH:+MEDIUM
    TCPPort=443
    access=public
    status=enabled
mysql.init=service
    status=enabled
mysqld=service
    LocalNetworkingOnly=yes
    status=enabled
network=service
    status=enabled
nmbd=service
    UDPPorts=137,138
    access=private
    status=enabled
ntpd=service
    MemLimit=6000000
    NTPServer=pool.ntp.org
    status=enabled
nut=service
    MasterPass=xxx
    Model=newhidups
    SlavePass=xxx
    status=disabled
oidentd=service
    TCPPort=113
    access=public
    status=disabled
passwordstrength=configuration
    Admin=strong
    Ibays=strong
    Users=strong
php=service
    AllowUrlFopen=Off
    status=enabled
pop3=service
    TCPPort=110
    access=private
    status=enabled
pop3s=service
    TCPPort=995
    access=private
    status=enabled
pppoe=service
    DemandIdleTime=no
    InKernel=no
    SynchronousPPP=no
    status=disabled
pptpd=service
    TCPPort=1723
    access=public
    sessions=0
    status=disabled
qmail=service
    MaxMessageSize=15000000
    status=enabled
qpsmtpd=service
    Bcc=disabled
    BccMode=cc
    BccUser=maillog
    DNSBL=disabled
    LogLevel=8
    MaxScannerSize=25000000
    RBLList=sbl-xbl.spamhaus.org,whois.rfc-ignorant.org,dnsbl.njabl.org,relays.ordb.org
    RHSBL=disabled
    RequireResolvableFromHost=no
    SBLList=dsn.rfc-ignorant.org
    access=public
    status=enabled
radiusd=service
    status=enabled
raidmonitor=service
    status=enabled
serial-console=service
    BaudRate=19200
    Device=ttyS1
    status=disabled
smb=service
    DeadTime=10080
    DomainMaster=no
    KeepVersions=disabled
    OpLocks=enabled
    RecycleBin=disabled
    RoamingProfiles=no
    ServerName=replacedname
    UnixCharSet=UTF8
    UseClientDriver=yes
    Workgroup=mitel-networks
    status=enabled
smbd=service
    TCPPorts=139,445
    access=private
    status=enabled
smtp-auth-proxy=service
    Debug=0
    Passwd=
    Userid=
    status=disabled
smtpd=service
    Authentication=disabled
    Instances=40
    InstancesPerIP=5
    MaximumDateOffset=0
    PatternsScan=disabled
    Proxy=enabled
    TCPPort=25
    TCPProxyPort=25
    VirusScan=enabled
    access=public
    status=enabled
    tnef2mime=enabled
spamassassin=service
    DNSAvailable=yes
    MessageRetentionTime=90
    OkLanguages=all
    OkLocales=all
    RejectLevel=0
    ReportSafe=0
    Sensitivity=medium
    SkipRBLChecks=0
    SortSpam=enabled
    Subject=[SPAM]
    SubjectTag=disabled
    TagLevel=5
    UseBayes=0
    status=disabled
spamd=service
    status=enabled
sqpsmtpd=service
    access=public
    status=enabled
squid=service
    EnforceSafePorts=no
    SafePorts=21,70,80,81,119,210,443,563,980,1024-65535
    TCPPort=3128
    TCPProxyPort=80:3128
    TransparentPort=3128
    access=private
    status=enabled
sshd=service
    MaxAuthTries=2
    PasswordAuthentication=yes
    PermitRootLogin=yes
    Protocol=2
    TCPPort=22
    access=public
    status=enabled
ssmtpd=service
    Authentication=enabled
    Instances=10
    TCPPort=465
    access=public
    status=enabled
statusreport=service
    DayOfWeek=0
    Hour=22
    Minute=4
    status=enabled
sysconfig=configuration
    InstallEpoch=1170314425
    KeyboardType=pc
    Keytable=us
    Language=en_US
    PreviousSystemMode=serveronly
    Registration=none
    ReleaseVersion=7.1
    SystemID=AFC1A626-B1C4-11DB-BB8C-E2792A0774A7
syslog=service
    LogAll2VT6=no
    status=enabled
testing=service
    destruction=0
tinydns=service
    UDPPorts=53
    access=localhost
    status=enabled
viewlogfiles=configuration
    DefaultOperation=view
yum=service
    AutoInstallUpdates=disabled
    EnableGroups=0
    GPGCheck=0
    PackageFunctions=disabled
    RandomDelay=120
    status=enabled
[root@replacedname e-smith]#
Logged
Pages: [1]   Go Up
« previous next »
  1. Koozali.org: home of the SME Server
  2. Obsolete Releases
  3. SME Server 7.x
  4. Topic: SME Server 7.x problem displaying webpages behind NAT