This question was originally posted on DCIM Support by email@example.com on 2016-05-06
As part of a standard security configuration, i have restricted access to the Webmin page of the DCO nodes to a specified IP list/VLAN. We have recently moved buildings and the old VLAN ranges are not available and i have forgotten to update the access list before the move.
How can I gain access to the Webmin interface to update this access list?
Many thanks, Mike
This answer was originally posted on DCIM Support by Jef Faridi on 2016-05-06
Hi Mike, I think the configuration files for the IP access control would be /etc/hosts.allow and /etc/hosts.deny. I would try "ssh log in" to the server, edit the file /etc/hosts.allow (using vi-editor or nano), and then add the IP for the workstation/host that needs Webmin access, so I can log in to Webmin and update the list. Kind regards
This comment was originally posted on DCIM Support by firstname.lastname@example.org on 2016-05-12
Unfortunately this had no effect but I have now managed to resolve the issue after some workarounds.
I had to spin up a temporary virtual machine on the old VLAN to gain access whilst I set the restrictions on all nodes to allow all. However, this wasn't enough to allow me to access from the new site and in the end had to resort to manually editing the iptables via an SSH session to each host. There was an entry remaining in the iptables that was still restricting access despite them being removed from the Webmin interface. by adding a line similar to the below to the iptables and removing the line specifying the old restriction I am now able to access the interfaces again:
iptables -l INPUT 19 -p tcp s IPSUBNET -dport webmin -j ACCEPT
Needless to say this was not an ideal solution but it did work.
Discuss challenges in energy and automation with 30,000+ experts and peers.
Find answers in 10,000+ support articles to help solve your product and business challenges.
Find peer based solutions to your questions. Provide answers for fellow community members!