1

Topic: Using a Different Port on Iredmail, Roundcube, Ngnix

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release): 1.1 OPENLDAP edition.
- Deployed with iRedMail Easy or the downloadable installer? Easy
- Linux/BSD distribution name and version: Ubuntu 18.04LTS
- Store mail accounts in which backend (LDAP/MySQL/PGSQL): LDAP
- Web server (Apache or Nginx): NGNIX
- Manage mail accounts with iRedAdmin-Pro? NO
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====
Hi All,
I have a single WAN IP, and an existing web server using ports 80, and 443.
I would like to be able to access round cube on my IredMail using port 777 from the WAN.

I have tried a simple port translation from port 777 (on WAN) to port 443 on the LAN side, but no luck.

I have found others have asked this question, but not specifically for ngnix & roundcube.

I would really appreciate if anyone can help me out please.

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2

Re: Using a Different Port on Iredmail, Roundcube, Ngnix

Are you hosting the existing web server on the iredmail server? if so it might be better to change it in the vhost file

/etc/nginx/sites-enabled/00-default-ssl.conf

If you have multiple servers NAT'd behind the same public IP, then a better solution would be to implement a reverse proxy.
On my home config I use pfSense with the Squid reverse proxy, works great for me with multiple web sites and mail servers, and no need to change ports anywhere, doesn't matter how many servers you have

3

Re: Using a Different Port on Iredmail, Roundcube, Ngnix

MuPp3t33r wrote:

Are you hosting the existing web server on the iredmail server? if so it might be better to change it in the vhost file

/etc/nginx/sites-enabled/00-default-ssl.conf

If you have multiple servers NAT'd behind the same public IP, then a better solution would be to implement a reverse proxy.
On my home config I use pfSense with the Squid reverse proxy, works great for me with multiple web sites and mail servers, and no need to change ports anywhere, doesn't matter how many servers you have

Hi, thank you for the reply.

I run multiple VM's behind a PFsense firewall, like you I am guessing.
I haven't worked out how to use the squid reverse proxy, so if you have any links to a how-to's for that I would be well in your debt !!

4

Re: Using a Different Port on Iredmail, Roundcube, Ngnix

dwainsworld wrote:

I run multiple VM's behind a PFsense firewall, like you I am guessing.

I don't have any how-to's for you, but I can give you an overview of my config, which may help you out a little smile
I've attached some screenshots of the web server config guide.

First, you will need to have a certificate set up for your domain if you want to do HTTPS proxying, if you have your own custom certificate you can add this in Cert Manager, for myself I use Acme Certificates to get the free one from Let'sEncrypt.

Second, set up your web server(s), mappings, and redirects, along with configuring the required "general" settings.

Lastly you'll need to configure your port forwarding for ports 80 & 443, they will need to forward to the interface that SquidRP is listening on.

Your email ports (eg 25,143,110,587,etc) will still NAT to the mail server as it has been, so only web ports get proxied

Post's attachments

01_NAT_PortForwarding.PNG
01_NAT_PortForwarding.PNG 47.81 kb, file has never been downloaded. 

01_reverseproxy_generalsettings.PNG 113.77 kb, file has never been downloaded. 

01_reverseproxy_webserver.PNG
01_reverseproxy_webserver.PNG 56 kb, file has never been downloaded. 

02_reverseproxy_mappings.PNG
02_reverseproxy_mappings.PNG 71.83 kb, file has never been downloaded. 

03_reverseproxy_redirects.PNG
03_reverseproxy_redirects.PNG 70.58 kb, file has never been downloaded. 

You don't have the permssions to download the attachments of this post.