I am just strated running Virtualmin 3 on an ubuntu machine and some users report they have trouble in connecting to the server as they are behind a firewall which bkocks ports 10000 and 20000.
Is there a way to use standard ports instead?
Yes, you can configure which port(s) Webmin and Usermin listen on, on the pages
Webmin -> Webmin -> Webmin Configuration -> Ports and Addresses
Webmin -> Webmin -> Usermin Configuration -> Ports and Addresses
You can even add multiple ports there, so as to listen on the default ports and additionally on one that isn’t firewall-blocked.
which are the recommended ports since the server is behind a NAT?
I imagine I cannot use port 80 or 443. I might have Port 8080 available.
Any chance to use a subfolder as done for roundcube (https://mydomain/roundcube) or squirrelmail (https://mydomain/squirrelmail)?
You can use any port that is not blocked by the firewall you mentioned, and that is not otherwise needed. A “recommendation” would depend on those two things. The usual protocols like HTTP, SMTP, POP3 etc., if not allocated by other services, come to mind. Though in the default installation they ARE occupied, which means you’d need to disable those services then.
As for Webmin from a subfolder: This is theoretically possible, but you’d need to run Webmin via your Apache then: http://www.webmin.com/apache.html
In the default installation, Webmin utilizes its own Perl-based mini webserver, and thus must have a different port number than Apache. Except you have a chance to give it its own IP address (you need at least 2 IPs on the server for that), then you can have Apache and Webmin listen on their respective IPs on port 80.
Wery useful info.
I will try to use set Webmin via Apache as it seems to me the cleanest way for my users and a solution not prone to failures in case of future reconfigurations of either the users’ firewalls or my NAT settings.
Here’s what I did:
- Created a sub domain webmin.mydomain.com (for example)
- In Server Configuration -> Edit Proxy Website set Proxying Enabled to Yes and write the Proxy to URL https://mydomain.com:10000
- Select mydomain.com in Virtualmin and in Server Configuration -> Manage SSL Certificate -> Let’s Encrypt -> Request certificate (if you don’t have already a certificate for this domain)
- In Server Configuration -> Manage SSL Certificate click the Copy to Webmin button to use mydomain.com certificate for webmin
- In Webmin, Webmin -> Webmin Configuration -> Trusted referrers add mydomain.com and webmin.mydomain.com to the Trusted websites list
Now https://webmin.mydomain.com can be accessed even behind the most annoying firewalls and you can still have your apache2 running on port 80/443!