DNS issue and Default Website

SYSTEM INFORMATION
OS type and version Ubuntu Linux 22.04.4
Virtualmin version 7.10.0

I’m having 2 issues that idk how to resolve…

1. DN issue
I’m using Virtualmin DNS and, if I log into myweb.com it works fine but…
If I log into myweb.com:10000 it’ll only load if I’m not conected to the local network…
If I’m connected to the same router as the server it’ll not resolve admin.myweb.com or myweb.com:10000, if I’m conected to another router or movile 4G it’ll work perfectly fine…
It was working perfectly fine on my local network a few days ago… but now, all of a sudden… it stopped working.

2. Deffault Website
When I created the server, if you searched the server IP, it was redirecting you to my webpage but, I’ve created another website and now, if I search my server IP, it’ll redirect you to this new website… I want Virtualmin to redirect IP to my own webpage, not my clients webpage…

Thx in advance for the help ^^

is this server in a data center or at home behind a domestic router ?

In Virtualmin, select your website. Then in Web Configuration → Website Options, set “Default website for IP address” to Yes. This will cause your website to show when anyone visits your IP address in a browser.

See

1 Like

Did you set up Virtualmin to run with a public IP or with an internal? This seems like a routing issues inside your network, reason you can access it from the outside but not from your internal network.

Perfecttt it worked. Thx a lot ^^

With internal IPs, it was working fine a few days ago

EDIT: Ok, it was using my internal IP but now, idk why, it’s changed to the external IP on every DNS record…


It’s configured to use internal IP, and it was using that one, but now DNS changed to public one

The thing is, if try to open xurxomf.xyz it should check the main DNS, this oune should tell my PC that my external IP is the DNS wich will say that that same external IP is the website and it should try connecting via that IP.

I did this with a loooooof ot of server and it was working

I don’t follow.

What happens when you try to access:
https://192.168.18.3:10000

From your internal network? It should open the control panel.

Why are you running a DNS server in Virtualmin if its inside your internal network? A DNS server is made for public IP’s, you should disable the DNS server in Virtualmin if you are using it internally and using something else to externally modify the IP for your domain name.

https://192.168.18.3:10000 this is working fine, and xurxomf.xyz:10000 works fine too but from outside.

I’ve the DNS bc it’s not an internal server, it’s meant to server website to everyone xD

The problem here is the DNS is not working from the local network but it is from the internet… strange.

is there any need to access the domain internally ? but I guess you can add a host to reflect the local IP, however you never answered this question

So your domain xurxomf.xyz is not responding inside your internal network but is from the outside. Well, that pretty much resumes things. Something in your network is either blocking it or you have an internal DNS resolver that obviously is not resolving your public domain.

What happens if you ping your domain xurxomf.xyz from your internal network? Do you get a response? If yes, what IP is it responding too.

On Windows from a PC inside your network, execute ‘cmd’ then execute:

ping xurxomf.xyz

Post the result you get. Your issue is very likely that, you are running the DNS for the domain on the same network public IP which is only accessible from the outside. Your local network probably has a different DNS resolver which the domain does not work or your DNS port is not exposed to the internal network and just the outside. Maybe your network administrator locked the ports down from the outside for security reasons, since you said it was working before. Running all your DNS servers and web server on one IP and a local network is mostly the opposite of network security. If this is a company, you will have random people roaming your network and internal systems in no time.

Sorry, on a domestic router

xurxomf.xyz is responding and website is working… xurxomf.xyz:10000, admin.xurxomf.xyz, xurxomf.xyz:20000 are not responding and not working, only the main domain is working.

Is not a big problem as I can access everything via IP but… it’s easier to access using domain name

When you say not responding, you mean it pings and timeouts or directly does nothing (no ping) at all and fails?

It’s not really helpful if you don’t post the results because if it fails directly it means it’s DNS resolution, if it resolves but pings fails it’s a port or firewall block.

You should post the complete results you get from CMD to be able to assist you instead of trying to guess the issue. Help us help you.

Then next run the following command and also post the full result and I will be able to tell you more about the issue. The reason I ask these things is to pinpoint the issue so you can know where to look.

Paste the entire ping result. And then next run the following command also from CMD and paste again the entire result:

nslookup xurxomf.xyz

That’s expected. How could it work otherwise? The rest of the world can’t do anything with your internal IP address. (But, of course it is a configurable option. It just doesn’t make sense to configure DNS to serve a private IP unless you’re running private websites that should not be available on the internet.)

I’m not sure what @volk is asking you to do after ?

What you describe is completely normal. When you connect through your router to access an internal other source it doesn’t try to reach internet. It does all of this internally so domain will not help. It simply doesn’t even try to guess it.

It’s impossible internally to get your site by domain name. it’s the definition of “internally”

Then you said:

@Joe is completely right. Again everything is Fine here. How would you like someone to reach you through internal IP ? It’s impossible, It’s in the definition of how a domain name and the whole stuff behind works. Than to the public IP.

So let’s recap for everyone who will find this Topic and start to mess up with the workflow due to it.

Internally:

Means your are doing everything OFFLINE. So no needs to have internet. It’s the router itself who redirect you in the right direction based on local IP (No internet, no wifi, 4G, It doesn’t see anything out of it perimeter)

Externally/Publicly/DomainName (Simply said):

This time Your router look at internet. Ask if the “Domain Name”/“Public IP”, you are asking for, exist. And when it get the answer from internet it send you to the right place.

So you can NOT reach local IP from internet. It’s the definition of local IP.
You can NOT reach “Domain Name”/“Public IP” Locally. It’s all about “Public”, you need internet.

What I asked him to do is just run 2 windows commands to see if he can resolve the domain internally from inside his network and what DNS resolver he is using (if any).

Its likely his DNS router if this is a company network or even home router have their own DNS server inside the local network, and if he can’t reach Virtualmin DNS Bind directly from his inside network that explains why the domain works externally and not from the inside.

What he is trying to achieve is just have the domain working from inside his network. He has set up both Virtualmin and his ns1, and ns2 to the same IP address, which the domain is using, and it resolves online but not inside his local network.

Its either a DNS resolver inside his network or a firewall blocking the port 53 inside this local network which is open externally. He clearly has a NAT separation between his open internet and his local network, between that there could be anything and it’s difficult to guess without knowing his local network.

The command I asked him to run is just to see what respond he gets when he tries to resolve the domain inside his network, if it’s the Virtualmin IP or another device when he runs it.

He is not trying to reach his local IP from the Internet. He is just trying to get the domain working as well from computers inside his network.

Thank you very much for the explanation BUT I read again and He clearly said (I’m just highlighting, no harm here):

"I’ve the DNS bc it’s not an internal server, it’s meant to server website to everyone xD

The problem here is the DNS is not working from the local network but it is from the internet… strange."

But then he said:

" Sorry, on a domestic router "

So can not be a company. Me, I usually call this an internal server (But Reachable from outside).

And he even added he don’t understand:

“it’s changed to the external IP on every DNS record…”

So I hardly believe he did it a lot of times. Because what happened is just normal. How could other reach his local server if they don’t have the public IP ?

You tell me:

“He is not trying to reach his local IP from the Internet. He is just trying to get the domain working as well from computers inside his network.”

Let’s admit it (Still everything he said above is far to be clear). But I purposely bring clarification on the workflow because any new comer will be lost if he read this Topic (Forum are public and mean to help everyone).

Lastly:

"What he is trying to achieve is just have the domain working from inside his network. "

So if it’s what he is trying to do, and honestly I didn’t understand it like this ( He then said: “xurxomf.xyz is responding and website is working… xurxomf.xyz:10000, admin.xurxomf.xyz, xurxomf.xyz:20000” ). I agree with you There is not 1 way for us to tell him how to do this considering each Domestic router have it’s own configuration. Sometime It can happen that the router doesn’t allow to modify anything. Sometime the router allow to add specific Rules.

Maybe He can share it’s router setting.

So then you can also put a whole server room in your basement or you can even drive on a forest path with a F1 (Really no harms, I’m kind to be ironic and make jokes).

But I think he messed up with its router setting XD and if he only have 1 local server he should just reset the router setting (NOT the rules allowing everyone to reach its server) and it will get everything fine considering the DNS is now up-to-date.

The problem here, I think, is that your router doesn’t do “hairpin” or “turnaround” NAT. Not all routers do, though most do these days.

If your router does do hairpin NAT, then you can access your server from the public IP address (that your client gets from DNS) – the router knows its public IP (of course), and when it sees an outgoing packet with that IP and you have port forwarding set for the port being used, it “turns it around” and NAT’s the private IP of your server, for which you have port forwarding. It does this just as it would for any client accessing the server from the public internet.

I.e., if you have xurxomf.xyz resolving to public IP 1.2.3.4 (in the DNS), and you have port 10000 forwarded in your router to 192.168.18.6 (so that you can reach that internal IP address on port 10000), then when you ask for xuxomf.xyz:10000 from your private network, hairpin NAT in the router will forward it to 192.168.18.6:10000.

But without hairpin NAT, your router will simply not route the packet to itself, effectively dropping it.

(edited for a little more clarity.)

You can use Split DNS, define the local IP for the domain in the router. This should allow local access to the domain while still allowing external access on the public IP.

Or use NAT reflection. This requires a suitable router.

For both of these you can use pfsense, which is free. I have an in-depth tutorial on this, but it is a bit of a read.

Is this the issue relevant to the website domain or hosting?