1. Please take a little time for this simple survey! Thank you for participating!
    Dismiss Notice
  2. Dear Pleskians, please read this carefully! New attachments and other rules Thank you!
    Dismiss Notice
  3. Dear Pleskians, I really hope that you will share your opinion in this Special topic for chatter about Plesk in the Clouds. Thank you!
    Dismiss Notice

Plesk behind Firewall + NAT

Discussion in 'Plesk for Linux - 8.x and Older' started by arrkerr, Dec 4, 2007.

  1. arrkerr

    arrkerr Guest

    0
     
    My plesk server has a private IP address - it is NATed through a firewall.

    Is this a supported configuration?

    The plesk server thinks its IP address is 192.168.0.10, when in reality it is x.x.x.x. When the DNS is set up it uses the internal IP, rather than the external. Is there a place in plesk where I can say X ip address is really Y ip address, and have it be smart enough to use Y in the DNS but still X in the apache config, etc.?
     
  2. Nicochet

    Nicochet Guest

    0
     
    Hi,

    Like you i am new over here. There is no place in plesk to translate private IP into public, but you can define the default dns records to point to the public ip. After that, in your router you have to translate the public ports to the private ip ports using nat, and that's it. I have it working perfectly that way right now.
     
  3. arrkerr

    arrkerr Guest

    0
     
    You're right! Not the most glorious solution, but a good one non the less. Thanks!
     
  4. Amin Taheri

    Amin Taheri Golden Pleskian Plesk Certified Professional

    33
     
    Joined:
    Jul 5, 2007
    Messages:
    1,398
    Likes Received:
    1
    Location:
    Seattle Area
    I have it setup similar as well, although every site on the box has a private IP, even in local DNS.

    Then the Router has a NAT table that routes each public to the corresponding private. If some one has a dedicated IP, as far as Plesk is concerned its a private IP, while the NAT router does all the heavy lifting.
     
  5. arrkerr

    arrkerr Guest

    0
     
    HostingGuy - how do you deal with outside DNS lookups though? When a domain is added to plesk it creates the DNS zone with the local IP. If someone outside does a DNS lookup on that domain they'll get an internal IP...
     
  6. arrkerr

    arrkerr Guest

    0
     
    I found that if you set up a DNS template with your public IP your clients will then get this message on their screen, which is BAD:

    Warning: The domain name <domain name> resolves to the IP address <public ip>. Your Web site is assigned the IP address <private ip>. If your Web site does not open in a Web browser when you refer to it by its domain name, go to the DNS management screen (Domains > Domain name > DNS) and change the properties of the A resource record: assign the IP address <private ip> to the domain name 4ims.net.

    Do people that work for plesk read these forums or just users? You'd think someone from swsoft would at least have a comment, even if it is 'it doesn't work'.
     
  7. prowler318

    prowler318 Guest

    0
     
    I just tell my clients to ingore that. You can have a message sent out to all of your clients notifying them that you use private IP for their protection of data or something. ;)
    Or you can purchase a watchguard, juniper, or asa / pix to do a drop in type configuration and use public IP on your linux box. I have both a watchguard and pix but I had our firewalls configured for 1 to 1 nat before I started using plesk. So unless I change everything or purchase another firewall just for the plesk servers then I will have to stay with the nat setup. Albeit, I could add an interface to the pix and use a DMZ with public addresses. Not worth it yet!

    Prowler318.
     
  8. Amin Taheri

    Amin Taheri Golden Pleskian Plesk Certified Professional

    33
     
    Joined:
    Jul 5, 2007
    Messages:
    1,398
    Likes Received:
    1
    Location:
    Seattle Area
    We actually use our own DNS on external windows servers, we use event handlers to craete the zones when clients first add the domains, and after that we dont allow them to modify the dns zone so unless there are sub domains (which we also pick up) there are no modificatinos done to DNS.

    We also do Mail on external windows servers so there is no mail, and we do Mysql4&5 on external (you guessed it) windows servers

    We were a windows shared hosting "household" and plugged in Plesk to our existing infrastructure.

    I also dont recomend a DMZ as that can lower your security and increase your exposure on the net, but if you do use DMZ make sure you configure your router properly and install local firewalls like apf or something.
     
Loading...