license does not match ip

[cybertechweb]

Hello..

After ordering direct admin i was happy to see that the install was a breeze.. However after installing i am unable to connect on port 2222

After consulting the error log i came up with the following reason:
license file does not match your ip

I think the problem is that when i got my direct admin license i registered it to my internet routable static ip address (68.x.x.x).. However my servers are all on an internal network.
So the actual ip address of the server i installed onto is an internal ip address.. e.g. 192.168.0.50.
Am i correct in assuming that i need to have the ip address on my license matched to this internal ip address that i actually installed onto?

Im guessing this is the situation..

thanks
Jason
Cybertechwebhosting

 

[ProWebUK]

So the actual ip address of the server i installed onto is an internal ip address.. e.g. 192.168.0.50.

This has been brought up many times previously, you are not allowed to use any other IP to run DirectAdmin apart from the one you specified during the purchase.
Quite simple, if they allowed 192.168.0.50 as a working license IP address then many users could also get that same IP using a router, causing licensing problems.

Chris

 

[cybertechweb]

oh... i see see what you mean chris.

So basically i need a static ip for every server i have running direct admin... Theres no way around this? (such as manipulating packet headers with ipchains for example)

thanks

Jason

 

[ProWebUK]

You would need a static IP for each server, you should be able to purchase blocks of IP address from your ISP for this.

Basically, as i said if it was possible to put DirectAdmin behind a false ip (eg 192.168.0.50) anyone who could get their router to act as that IP address could be using DirectAdmin without a valid license, It is the same with any false IP address like that.

Chris

 

[JoeInShed]

can you not put the server in a DMZ ?

 

[DirectAdmin Support]

Hello,

For piracy issues, sorry, you cannot. It's a design decision.

John

 

[JoeInShed]

Hello,

For piracy issues, sorry, you cannot. It's a design decision.

John

if you put your server in the dmz you should be able to set it up with a static IP, and leave everything out of the dmz on NAT.

 

[ProWebUK]

if you put your server in the dmz you should be able to set it up with a static IP, and leave everything out of the dmz on NAT.

Still think no. A real IP is unique, a false IP however, is not and will allow piracy to take place far easier if DirectAdmin allowed it.

Chris

 

[cybertechweb]

You would need a static IP for each server, you should be able to purchase blocks of IP address from your ISP for this.

Yeah purchasing a block of ips will not be a problem for me.. However my isp charges $5 bucks a pop, per month. Im switching to T1 soon so this will not be a problem in the future. I guess you cant really go on the honor system on this one. Though i would have purchased DA for each internal ip, i can see how many people perhaps would not.

I kinda wonder why they dont register this software differently so you can use a normal DMZ. I know MAC addresses are all unique to each device... But then again this is my first time working with licensed software so I probably dont know what im talkin about. As they said.. Its a design decision and i guess its not really a big deal.

Thanks all who posted including DA support for clarifing this issue.

Jason

 

[ProWebUK]

There are other ways, although the way DA have it is probably the best for the kind of software it is and the best way for them to keep piracy to a bare minimum and ensure that it is 100% unique.

Chris

 

[FarCry]

Also, if you were to buy an ip for your WAN (external) address, you could have as many servers as you want on that.

On another note, if you bought a license for 192.168.1.3, then anyone would be able to install DA using your license and user id.. this would mean that you could give out DA to anyone you want as long as they set the IP on eth0 to 192.168.1.3...

 

[FrFx]

What if designers would bind license to something smarter
than public ip. For instance using hardware (mac) address
of nic, checksum of bios ??? Redesigning network infrastructure
just to be able to comply with license terms is not something
smart.


Ales

 

[ProWebUK]

What if designers would bind license to something smarter
than public ip. For instance using hardware (mac) address
of nic, checksum of bios ??? Redesigning network infrastructure
just to be able to comply with license terms is not something
smart.

Could possibly be taken into consideration by the sounds of it, just give it some time im sure John and Mark will look into other possiblities if needs be.

Chris

 

[DirectAdmin Support]

Hello,

Yes, the MAC address is under consideration. It would solve the internal network issue. We'll probably throw that in when we redo our internal licensing system.

As for the current setup. If you can add an IP to your current server where the extenal IP can be bound to the machine and used externally as that IP, then DA will work. Conditions: 1) external IP is in license 2) license on the server is in license and it useable. Anything past that doesn't matter.

John

 

[jmstacey]

My 2 cents:

As far as I know, mac addresses can also be cloned and theres not garanteed way of avoiding piracy, but the method you chose does appear to be the best at the moment even though its a inconvenience. But perhaps there is another way. In the office I work at, the dental software we use requires a license disk (floppy) in order to install and each installation disc is unique for that individual license floppy, perhaps something of the sort could be developed fo da only online based.

This ip problem it is a big turn off to buyers because it requires us to totally rework our infrastructures if we had to have it set up behind a router..

Just shooting the moon here, but possibly might there be a way to have the authentication system go through a certain port? That way you could still have the server behind a router but when the system tries to contact the server to update the license it would do it through xxxx port number which would be forwarded to the server running DA therefore verifying that it wasn't a pirated copy because I don't think you could forge a ip address that way since it still uses the external ip address to contact the server, then the server wouldn't have to bind to the external ip address..

A little confusing?
-Jon-

 

[DirectAdmin Support]

Hello,

I agree that the local IP checking is a bit of a pain. We could have it go out and ask one of our servers, but when that happens, reliability comes into play. If all of our checking servers are down (for whatever reason), then nobody would be able to start their panels.. but it's the simplest method that I can think of (we'd use it there wasn't the reliability issue). I guess we could always just use at least 3 or 4 authentication servers, and hopefully, that would be reliable enough. For now, we'll stick with our current method.

John

 

[jamesthoms]

Changing IPs

I'm moving my server to a new location with new IP addresses.

What do I need to watch out for regarding direct admin.

I know I'm going to have to generate a new license key using the new IP address. Is there any online documentation as to the best method to do so?

Thanks,

-James

 

[ProWebUK]

You need to email sales asking for the licenses IP address to be chnaged I believe.

Chris