Archive for the ‘Uncategorized’ category

Running cPanel in a NAT Environment with Cisco ASA/PIX Firewalls

September 24th, 2009

As we all know, cPanel does not support NAT at this time. I’ve heard that this may change in the future, but for now we need to make do with what we’ve got.

It’s no problem to have Apache listening on a private IP address because the PIX or ASA handles the public to private IP address translation.  But for DNS, when a zone is queried, it can’t provide a private IP address and expect an outside server to be able to resolve it.  That’s where the fixup, static, and alias commands come in handy.

There are a few IOS rules that will help out immensely with cPanel and DNS translation.

Cisco to the rescue! This will enable the firewall to provide address translation to DNS packets:
fixup protocol dns maximum-length 512

A static NAT mapping must exist, associating the public & private IP:
static (inside,outside) cpanelserver.ext cpanelserver.int 255.255.255.255

An alias must be created which allows translation inside the private network:
alias (inside) cpanelserver.int cpanelserver.ext 255.255.255.255

  • Share/Bookmark

No comments »

Posted in Uncategorized


cPanel Web Site Hosting by IntraHost