Hi, I have a bunch of managed virtualmin servers on cloudmin with no problem.
I’ve been re-creating my virtualmin servers with Rocky Linux. They are all individually working (I can access virtualmin panel online and use it normally).
But when I try to add them on Cloudmin to be managed, Webmin connection fails. It says:
Checking SSH login ..
.. logged in OK.
Checking Webmin login ..
.. Webmin login failed : Connection failed (Port 10001 is firewalled. Ports 10001 to 10010 used by Webmin's RPC protocol)
I checked my virtualmin firewall config many times, even disabling it but I get the same message. I also checked if there are any other firewalls in between them but I’m certain there is none.
SELinux is off, I checked netstat to see if webmin is listening to those ports, but it doesnt appear to be, even on the servers that work with cloudmin, so I guess these ports only listen when needed…
Anyway, any suggestions on how I could debug and solve this?
P.S.: My firewalld rules
[root@xxxxx ~]# firewall-cmd --list-all
public (active)
target: default
icmp-block-inversion: no
interfaces: eth0
sources:
services: dhcpv6-client dns dns-over-tls ftp http https imap imaps mdns pop3 pop3s smtp smtp-submission smtps ssh
ports: 10000-10100/tcp 20000/tcp 49152-65535/tcp 20/tcp 2222/tcp 10000-10100/udp
protocols:
forward: no
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" source address="xxx.xxx.xxx.xxx/32" service name="ftp" accept
rule family="ipv4" source address="xxx.xxx.xxx.xxx/32" service name="ftp" accept
rule family="ipv4" source address="xxx.xxx.xxx.xxx/32" port port="3306" protocol="tcp" accept
If you’re at a cloud host, I assume they have their own firewall and you need to configure it appropriately, or use a private subnet for your VMs and allow them all to connect to each other “locally”. Most clouds offer that kind of thing, but you’ll need to consult the cloud provider docs to figure out how.
They are VPS (Cloudmin on OVH Canada, and Virtualmin on Hostinger Brazil), and I made sure to check for any host provided firewalls, they are all disabled. Plus I don’t have any problems connecting to the other non-standard ports and services, thats why I wanted to know if there is a different way I can test for those RPC connections, to debug them on localhost, localnet and then externally
Reachable on both ports.
If i curl https://virtualmin.server.redacted:10000/ on the cloudmin server i get the login page html normally. https cert is valid and all that…
My firewall rule goes from 10000 to 10100, but ok I’ll try more of them.
What if they are all reachable? What could make Cloudmin fail to use them?
Edit:
I made a script to test from 10000 to 10100.
Its reachable from 10000 to 10082. I can’t see a reason for them to not be reachable other than nothing listening on those ports.
What other tests could I do?