Re: SSL...

[Brad <web...@ca...>]

Hi Joe.

I don't think that I am asking the correct question here.

I have been using Webmin to access a remote server for quite some time wi=
th no=20
problems at all. Now, all I have done is activate SSL in Webmin on the se=
rver=20
and now I cannot connect to it any more. Port 10000 access hasn't changed=
 as=20
far as the firewall is concerned, so it must have something to do with SS=
L.=20
Is there any particular port/address etc that I need to set up in the=20
ipchains firewall ruleset to allow port 10000 with SSL through?

There are a number of SSL ports mentioned in /etc/services but I am unsur=
e if=20
any of these need to be allowed through.

Regards,
Brad


On Wed, 4 Sep 2002 19:07, Joe Cooper wrote:
> Umm... Didn't I explain how in the previous message?  I'm not sure I ca=
n
> be any more explicit, but I'll try.
>
> You can alter the proxy to permit the CONNECT method on port 10000, or
> you can move your Webmin to a port that is allowed to CONNECT by defaul=
t
> (probably 553 and/or 443).
>
> No one here knows what kind of proxy you have running, as you haven't
> mentioned it, and so no one can help you with more specific details.  I
> know how to do it in Squid and explained it briefly in the last message=
=2E
>   I don't know how it is done in other proxy software.  You'll probably
> need to consult the documentation for the product.  The error you've
> given isn't a standard Squid error either, so I'm probably not going to
> be able to help beyond this message.
>
> The message may not have been generated by a proxy, but I can't think o=
f
> any other way for it to occur.  Webmin doesn't generate messages that
> say that.  If Webmin had generated an error, for example because you
> were coming from an IP not permitted to log in, it would say:
>
> Error - Access denied for 65.65.97.144
>
> So the error has to be coming from somewhere else--the obvious choice i=
s
> a proxy.
>
> Brad wrote:
> > I have always used servername:10000 but it is now suggesting that I u=
se
> > https://homeproxy:10000/ instead. How can I allow SSL through the
> > firewall? Port 10000 is OK, as I have been using it for quite a while
> > with no problems.
> >
> > Regards,
> > Brad
> >
> > On Fri, 23 Aug 2002 05:42, Joe Cooper wrote:
> >>You have a proxy between you and the Webmin server.  Most proxies onl=
y
> >>permit "CONNECT" method requests on certain ports (443/553, and a cou=
ple
> >>others in some cases).  You can either alter your proxy to allow SSL
> >>connections on port 10000 (in Squid, this is a simple addition to the
> >>SSL_Ports ACL), or move your Webmin to a port that is permitted throu=
gh
> >>your proxy.
> >>
> >>Brad wrote:
> >>>I have enabled SSL on Webmin and now when I enter my url as:
> >>>
> >>>https://servername:10000/
> >>>
> >>>I get:
> >>>
> >>>Forbidden
> >>>You don't have permission to access servername:10000 on this server.