Dear Support Team,
After I have Virtualmin Pro installed on my Linode server, it become impossible to connect to the server from China with SSH, it's only possible to connect through VPN with a non Chinese IP address.
Before installing Virtualmin Pro, I did not have any problem to connect to the server with my normal Chinese IP address, it was also fast.
I found this problem also with ownCloud installed with Virtualmin, when I try to connect to ownCloud on IOS APP with my normal Chinese IP address, it tells that it is impossible to connect to the server. But after I turn on VPN service with a non Chinese IP address, it can connect to the server instantly and everything work fine.
Is there any Virtualmin default configuration that does not permit connections from China?
How can I fix this problem?
Please help me!
Thank you in advance for your kindly help!
Submitted by andreychek on Tue, 03/07/2017 - 08:28 Comment #1
Howdy -- thanks for contacting us!
Virtualmin Pro and GPL don't block any connections. They also don't setup any software by default which does that.
If something is being blocked, there is likely some other component that is doing so.
What is being blocked exactly, is it connections to a website running on your server? Or is it connections to Virtualmin? Or is it all connections?
Submitted by xuxlgx on Tue, 03/07/2017 - 09:17 Comment #2
Dear Support Team,
First of all, thank you very much for your prompt reply!
About my issue, the connections to Virtualmin and to the websites are not blocked, they are fine.
But all the connections using SSH and SFTP are blocked with my normal Internet connection, I need to turn on VPN service with a non Chinese IP to be able to connect to the server using SSH or SFTP.
And After I have installed ownCloud on the server, at first I tried many times to connect on the ownCloud IOS APP, it cannot make a connection with the server, only after I turn on VPN service with a non Chinese IP it was able to connect to the server.
The connections to the ownCloud Web APP page are fine, I am able to connect to the Web APP both by Desktop and by Mobile Browser.
Basically just the connections using Applications other than the Web Browser are blocked.
Hope you can help me to find a solution. Thank you in advance for your help!
Submitted by andreychek on Tue, 03/07/2017 - 09:56 Comment #3
Yeah Virtualmin itself definitely wouldn't be doing any blocking like that, though there are other tools which may be doing that.
Are you perhaps using Fail2ban or CSF?
One of those could be causing the issue you're describing.
Also, are you running a firewall?
You may want to run "iptables -L -n", and ensure that the firewall isn't configured to block some connections.
Submitted by xuxlgx on Wed, 03/08/2017 - 09:40 Comment #4
Dear Support Team,
Thank you very much for your reply!
I think my problem is not due to the firewalls, because from the beginning untill now I have not activated yet any firewall on my server, FirewallD is not running and IPtables package is not installed.
Also Fail2Ban is not installed on the system.
I tried to Rebuild the server deleting everything and deploying Centos 7 again, and istalled Virtualmin again. The problem is the same, before installing Virtualmin, I can connect to the server via SSH with my normal internet connection with chinese IP address. After I installed virtualmin, I cannot connect to the server via SSH with my normal Internet connection anymore, I need to turn on VPN with non chinese IP address to be able to connect to the server via SSH.
What other kind of settings can causes this kind of issue?
I am not able also to connect to the mail server, both with webmail RoudCube and with my Desktop Email client. I don't know if they have the same cause or they are two different issues.
The only thing that I changed in the configurations is to set the default SSH port 22 to 1962.
I also activated duo authentication for my Virtualmin root user with Authy.
Hope you can help me. Thank you very much!
Submitted by andreychek on Wed, 03/08/2017 - 10:41 Comment #5
There aren't any default settings which would cause what you're seeing.
The only way to cause that would be if some sort of setting was manually applied later, such as a firewall. It doesn't sound like you have a firewall running there though.
If you're fairly certain that no software has been installed or configured to block certain hosts, you may also need to talk to your provider. It's possible that your provider is the one who has setup some form of blocking.
Submitted by xuxlgx on Sat, 03/11/2017 - 03:53 Comment #6
I will check again on the provider side.
Thank you again for your kindly help!
Submitted by xuxlgx on Sat, 03/11/2017 - 03:54 Comment #7
Submitted by andreychek on Sat, 03/11/2017 - 08:05 Comment #8
If your provider isn't sure what the issue is, we'd be happy to help you look into this deeper!