Hi, my ISP provides me with a Ipv4 and an ipv6 IP. Periodically, the ipv4 expires and I get a new ipv4. The ipv6 seems to be static.
Whenever this happens I can’t log into webmin as i have enabled IP Access Control. Webmin rejects my connection on ipv4 - it doesn’t try ipv6 even though the ipv6 is OK and matches an IP in Access Control.
Is it possible only to allow ipv6 connections to the webmin control panel? I can see an option in Ports and Addresses to “allow ipv6” but nothing that prevents ipv4.
Obviously I can login another way and change the allowed address using vi on command line so not the end of the world if not
Am I correct in thinking this is home setup rather than a server that is hosted by a comercial company ? In my experience webmin waits a while then allows the connection, but to be fair tou need to give more info on your setup for anyone to help
Hi, thanks for the reply and apologies. More info below.
My broadband provider gives me an ipv6 (/64) range and a single ipv4. The ipv4 expires from time to time and I get a new one. This then prevents me from accessing webmin/virtualmin on my servers even though the ipv6 is unchanged.
The servers (VPS) with webmin and virtualmin are provided by commercial web hosting services (I have two with different companies and both exhibit this problem). The data centres are both in the UK.
Each server has an ipv4 IP and an ipv6 ip range. I have root access to each server.
On each server I have restricted webmin IP access control to the ipv4 and the ipv6 range (/64) like this (ips shown are not real)
I have the same setup but I never have the issue, and to be fair in 5 years the allocated ipv4 has never changed with both suppliers. But are you not being able to access webmin through your domestic ip changing via a service change there ? Switch off the ip access control option and see if that helps. Can you connect to the server via ssh when this ip address changes ?
Hi thanks for the response. If I switch off the IP access control then anyone can access the control panel (I appreciate they need the password). I don’t want this. I want webmin/virtualmin only to be available when I am accessing from my home network.
SSH is switched off - but this is not relevant as I am just trying to restrict access to webmin/virtualmin by IP - not any other services.
The issue only arises when my broadband provider resets my ipv4 IP address - the webmin IP access control does not seem to fallback to ipv6 when ipv4 access control fails.
Hi I am not sure how Dynamic DNS helps with my original query - apologies if I have misunderstood how it works. My servers have static IPs that do not change.
All I want is for webmin to allow ipv6 connections to the control panel using IP Access Control when ipv4 fails because my broadband ipv4 (non-static) IP has been changed by my service provider. The ipv6 address my broadband provides is static so does not change when I reboot router, etc.
Has the domain your accessing webmin from got an ip6 address ? Just tested this and found if the domain you are using to access webmin doesn’t have an ipv6 address it wont switch to ipv6 but if it does have an ipv6 address it will
perhaps not relevant, but I set up a quick site and found that over a few hours my ipv6 address altered so my ipv6 address changed to one of the deprecated addresses and later back again.This may be a quirk of the network & router I use so my be of no use to you but others reading this thread may find it useful
The issue is a a connection to the server from your home/work? I’m a bit confused sorry.
I don’t think you should turn off SSH, restrict it to key only connection via ssh. You could lock yourself out unless you a ‘phyical’ way to connect, not via the network.
I decided to create a new DNS entry e.g. panel.mydomain.com (I tried webmin.mydomain.com but this cause a problem because, of course, the webmin user already exists ).
I only added an AAAA record for this subdomain so the connection is just done over ipv6 and it now works as desired.
