We help IT Professionals succeed at work.

2 Websites on an IIS behind a Linux Firewall and a router

WhiteFalcon022100
on
347 Views
Last Modified: 2010-03-18
I've an Internet Information Server 4.0 which is connected to a linux firewall, using the proxy squid and the rinetd package. This Firewll is connected to a Cisco router.
The problem is, that i have to use the IIS as a server for two webpages.
The adresses of this two webpages are route to the same ip-Adress. To the Adress of the firewall, which guides them to the IIS.
How can I divide the connections of these  two adresse either on the firewall or on the IIS 4.0?

Thanks to all.

Comment
Watch Question

Commented:
My guess is that at least one web page will require a non-standard port number. Then you need to run IPCHAINS on the linux firewall to forward the packets.

see:
http://members.home.net/ipmasq/ipmasq-HOWTO-1.81-6.html#Forwarders 
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Commented:
WhiteFalcon,
   monas option (and explanations) surely looks good to me.  Quite complex though.
   
   Another option that you might want to consider is to work on the squid.  Perhaps you can do some rule rewriting on the squid, and let squid do the fetching for web pages from either the two internal web servers.  I would recommend this since on squid, you can actually work on the URL string that the user passed in and rewrite the header and passed it to the internal web server.  The worst part is, I can't give you a detail step-by-step on how you could do this.  I've came across this idea from http://squid.nlanr.net.  Give them a visit.

   The other option is to make use of rinetd. (I would like to apologize if monas already touch this -- reading thru his/her explanation give me a woo woo).  You need to set up your IIS to run on a different port number for each virtual domain you want to serve.  Assuming that you have:
     www.domaina.com listen on port 80  ( I'm not sure IIS can do this or not)
     www.domainb.com listen on port 81  ( )

and your internal ip is aa.bb.cc.dd which points to the box where domaina and domainb pages are hosted.


and on the firewall , alias you network interface to have two IP, look at you rinetd.conf

first-ip-address 80 aa.bb.cc.dd 80  <-- for domain www.domaina.com
second-ip-address 80 aa.bb.cc.dd 81 <-- for domain www.domainb.com


Hope this helps

samri

Author

Commented:
There is one problem. I do not know whether the Cisco Router routes the Host header names to the firewall or not.
Can somebody tell me how I can find this out??

Commented:
WhiteFalcon,

      I sure routes. Cisco works at TCP/IP level, and "host header" is at HTTP level, which is above TCP/IP. And therefore it could route all or nothing... Unless it works as a firewall also and has web proxy built in...

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.