1 Topic by stefan.perovic

  • stefan.perovic
  • Member
  • Offline
  • Registered: 2018-07-12
  • Posts: 17

Topic: Have iredmail admin gui on different interface than SoGo?

==== REQUIRED BASIC INFO OF YOUR IREDMAIL SERVER ====
- iRedMail version (check /etc/iredmail-release):  Lastest, some with iredmail easy, some with pro, some regular
- Deployed with iRedMail Easy or the downloadable installer? both
- Linux/BSD distribution name and version:  Ubuntu 18.04
- Store mail accounts in which backend (LDAP/MySQL/PGSQL):  Mysql
- Web server (Apache or Nginx): Nginx
- Manage mail accounts with iRedAdmin-Pro? Yes on some servers
- [IMPORTANT] Related original log or error message is required if you're experiencing an issue.
====

Hello,
I would like to set Admin interface on a physical interface than webmail.
To explain,
I have 2 ethernets in the servers ( 1 private network, 1 public network ) , and I would like all administration to be done via a private network. For SSH its easy to allow connections only from a private network, however, I would also like the admin panel ( web interface on 443) to be only accessible from LAN, while webmail is accessible from WAN for clients to be able to use it.

I have multiple servers with the same requirement, some deployed with iredmaileasy, some regular, some with admin pro.

Thanks for any and all help

----

Spider Email Archiver: On-Premises, lightweight email archiving software developed by iRedMail team. Supports Amazon S3 compatible storage and custom branding.

2 Reply by ZhangHuangbin

  • ZhangHuangbin
  • ZhangHuangbin
  • iRedMail Developers
  • Offline
  • Registered: 2009-05-06
  • Posts: 31,088

Re: Have iredmail admin gui on different interface than SoGo?

- For iRedMail server deployed with downloadable installer: open /etc/nginx/templates/iredadmin.tmpl, find the commented out "Access control" line and add your own ACL rules under it.
- For iRedMail server deployed with iRedMail Easy platform: create file /opt/iredmail/custom/nginx/webapps/iredadmin.conf, add ACL rules directly (the "allow" and "deny" directives).

For example:

allow 127.0.0.1;
allow 192.168.1.10;
allow 192.168.1.0/24;
deny all;

3 Reply by stefan.perovic

  • stefan.perovic
  • Member
  • Offline
  • Registered: 2018-07-12
  • Posts: 17

Re: Have iredmail admin gui on different interface than SoGo?

ZhangHuangbin wrote:

- For iRedMail server deployed with downloadable installer: open /etc/nginx/templates/iredadmin.tmpl, find the commented out "Access control" line and add your own ACL rules under it.
- For iRedMail server deployed with iRedMail Easy platform: create file /opt/iredmail/custom/nginx/webapps/iredadmin.conf, add ACL rules directly (the "allow" and "deny" directives).

For example:

allow 127.0.0.1;
allow 192.168.1.10;
allow 192.168.1.0/24;
deny all;

Brilliant, worked on the 1st try. Thanks smile