Home/Office network firewall blocks virtualmin

if i set my home/office network firewall to high, it blocks my virtualmin server.

Now i realise i could simply lower the firewall setting, however, its not blocking websites.

I have kids so i need the firewall set high.

what is it that i need to change on my server so that the server is not automatically blocked when firewall settings are high?

I guess nobody here knows which firewall you use at home, :wink:

But i also guess your KIDS would find out some, mostly they do.

Better to support them with some time from you how safe internet and less safer internet and all of those thing work. Be interested in what they want to do with the web. If gaming then also give them some of your interest time to prevent game addiction is better then forbid…

I know some , kids then go to nextdoor and still … or even they have a spare key of the router/firewall closet, and at night they have there own cable… :innocent:

For some routers you can have extra filters for bad url/ ips , for AVM ( consumer…) here they even have updated lists you can use.

Further you can have their hosts file use this and then have/set write/change blocked
http://winhelp2002.mvps.org/hosts.htm as local admin user

Generally you can explicitly allow some ports or hosts even when a firewall is enabled. So…allow port 10000-10010 for the IP of your Virtualmin server. 20000, also, if you want to use Usermin, too.

If you can’t do that…I don’t know. It’s more a question for your router/firewall vendor. I’m definitely not an expert on SOHO and consumer routers.

I think you are all misunderstanding my question…I am asking about why a home firewall set to high security is blocking me accessing my vps in a datacenter elsewhere in the world…ie outside network.

What this means is that clearly my virtualmin system (which is in a datacenter) is not meeting the security requirements for a home router firewall set to “high”. If I lower my home/office firewall setting to “normal”, my vps virtualmin url (https://domain.com:10000 in datacenter is not blocked.

So when home network firewall is set to “high”, I also cannot log into Usermin, i also cannot send emails through my server using any device connected to my home office network even when using mail clients such as Outlook or Apple mail. However I can still log into on web browser and send emails using traditional hotmail or yahoo mail accounts…but not postfix accounts hosted in virtualmin.

I know that I can simply add an exception to firewall, however i am more interested in ensuring my virtualmin vps meets standard firewall expectations. I am being suspiciously cautious it doesnot meet the expectations of home firewalls whenever they are set to “high”

Is it the server SSL certificate? Is it something else about the server such as a custom port which is not tcp port 80? (because even usermin when accessed via a browser is using non standard port yes?)

What criteria do firewalls use to automatically filter based on such settings as “low”, “normal”, “high”? I want my server to meet “high” firewall packet filtering expectations

@adamjedgar whats the firewall software? virtualmin defo meets hardcore firewalls and its good enough…

Still a question for the router/firewall vendor. :wink:

I doubt it’s doing any kind of stateful packet inspection to have an idea of what kind of SSL certificate you’re using, etc. It’s probably a ban on IPs based on history of those blocks of IPs (like some web hosts have a history of being lax on spam, or other abusive stuff, so maybe their IP blocks are blocked when on “high”). I dunno, I’m guessing. As I said, I’m not an expert on the current state of home office/small office routers/firewalls.

It’s going to be specific to your router/firewall, and they’re going to know why they’re blocking a given site or service…we can’t know.

also as you said above yes ports can play some role out there, but I do not see any reasons for blocking…

regards question about what criteria your firewall software… that question is great to ask your firewall provider perhaps admin etc… nothing to do with virtualmin I think :anguished:

I should also add…this is not a virtualmin fault, i also have an external network ispconfig system which cannot be accessed when home/office firewall is set to “high”. So it’s not likely an blacklist ipaddress issue either.

I am not sure if the firewall defaults for “low”, “normal” and “high” are configured by my home/office ISP/Telco or not. The internet modem is a Telstra Smart Modem (the name is trademarked by Telstra in Australia). I might ask my ISP for the criteria they use for “low” “normal” and “high”

I am thinking it must be blocking because of non standard port?

Seems likely. You can change the port Webmin uses easily, but you’ll need to figure out what ports are “OK” according to your firewall and also not needed for other services. You can’t use 80 or 443, if you’re also using the same IP for web hosting, so it’s gotta be something else…those are usually the reliable ports when trying to get through a firewall.

@ adamjedgar

in my first answer i pointed you that about nobody knows which firewall…

Your reply after that … suggest you didn’t read / understand my post?

You will have much more problems with firewall high and not knowing about what it realy means for that device!

Home automation, some cams, vpns and so on.

So first again also here do more reading about by youre used devices and their software / security.

Again also here most important warning: firewalls don’t protect , they are only just trying to protect!

you need to know them better , and to handle use and config them right, then they do a better job, but even then the common sense also teaching your KIDS about the dangers is one of them.

Example: Maybe just maybe there is whitelist function?