For cPanel & WHM version 68
We strongly recommend that you only perform these actions on a new installation of cPanel & WHM. Do not attempt a 1:1 NAT configuration on an existing production server.
When you install cPanel & WHM, the installer will detect whether your server is on a NAT-configured network. If the installer detects a NAT-configured network, your server will configure itself for NAT mode and attempt to automatically map local IP addresses to public IP addresses.
- If you use a NAT environment, your server must reside in a 1:1 NAT configuration to install cPanel & WHM.
- For a list of ports that you must open to allow cPanel & WHM services to function on your server, read our How to Configure Your Firewall for cPanel Services documentation.
The mapping process
The system attempts to map all non-loopback IP addresses bound to any network interface on the server to a public IP address.
To complete this process, the system performs the following actions:
- Your server will send an outgoing connection from each local IP address to the
http://myip.cpanel.net/v1.0/server responds with the public IP address from which it received the request.
- The system maps the local IP address to this public IP address.
We do not recommend that you map more than one local IP map address to a single public IP address.
Manage IP addresses
You can manage the maps for local and remote IP addresses with the following WHM interfaces:
- Add a New IP Address (WHM >> Home >> IP Functions >> Add a New IP Address)
- Show or Delete Current IP Address (WHM >> Home >> IP Functions >> Show or Delete Current IP Address)
Each interface displays the warning notice NAT mode enabled if NAT is enabled on your server.
If multiple local IP addresses match the same public IP address, the system will only map the first local IP address in the
The build_cpnat script
build_cpnat script uses the
http://myip.cpanel.net/v1.0/ server to map local IP addresses to public IP addresses. However, if you wish to use a different IP address lookup service, open the
/etc/cpsources.conf file with a text editor and add the following line:
For more information about the
build_cpnat script, run the following command:
- If you accidentally delete your
cpnatfile or the file becomes becomes corrupted, rebuild it with the
/var/cpanel/cpnatfile acts as a flag file for NAT mode. If the installer mistakenly detects a NAT-configured network, delete the
/var/cpanel/cpnatfile to disable NAT mode.