We help IT Professionals succeed at work.

Two IIS Sites with Internet Connection Sharing and Internet Connection Firewall?

sftweng
sftweng asked
on
962 Views
Last Modified: 2010-03-20
I have two Windows XP Pro machines, Maclir and Lugh, both configured for IIS (5.1). Maclir is configured with Internet Connection Sharing and Internet Connection Firewall, and Lugh connects to Maclir on a LAN connection, using its ICS services.

Can I run two independent IIS web sites, each with a different domain name but resolving to the same IP address by configuring some sort of passthrough to Lugh from Maclir? It appears possible to use two different domain names for one site on one machine but that's not what I want.

I'd like to do with IIS what I could do with Apache & Tomcat, with virtual or distributed hosts, or with the Borland Enterprise Server (which uses Apache and Tomcat). Can IIS be configured to do this? If so, how?

Thanks in advance,
Alan
Comment
Watch Question

CERTIFIED EXPERT

Commented:
Alan,
You need either NAT or reverse proxy to achieve this funcionality.
ICS does not provide NAT, and IIS does not include reverse proxy.

What you can do, is setup IIS on Maclir to use port 8080, install Apache on this machine, and passthrough the HTTP requests either to MAclir:8080 or to Lugh using Apache built in reverse proxy support.

Or, by a decent firewall/router that will be able to do NAT to your servers.

ShalomC

Author

Commented:
Thanks, ShalomC. The configuration does include a LinkSys BEFSR41 Router which can forward selected ports to known NAT addresses but the problem is that ICS requires DHCP allocation of addresses (which might change) to its clients (e.g., Lugh) so I can't be certain of doing port forwarding that way. Maclir is setup now in the router's DMZ.

And just in case you ask, no I can't connect Lugh directly to the router with a fixed NAT IP address because the link to Maclir is a wireless link and I don't want to get another wireless adapter for Lugh.

It looks like I'll have to take your first suggestion but it would be nice to come up with a different solution. Perhaps I should just write a proxy (using Delphi) that distributes input from port 80 according to the DSN name (not numeric address) in the header to each client IIS node - can you comment about feasibility here for IIS? I guess I'd have to configure IIS to listen on the proxied port (say 8080) on each machine.

Author

Commented:
Sorry for the typo - that should be "DNS" name, not "DSN".
CERTIFIED EXPERT

Commented:
Hey,
You can write your own proxy, if you really want.
You will find on MSDN sample code about writing ISAPI modules for IIS.
There are also some commercial and shareware proxy products, perhaps one fits your needs.
Personally, I would stick with apache.....

Author

Commented:
I suppose I should ask over in "Apache" but do you know if I can use logical (node) names in Apache proxy statements rather than hard-coded IP addresses, something like this?

NameVirtualHost *

<VirtualHost *>

ServerName maclir.example.com
ProxyPass / http://maclir/domain1/ 
ProxyPassReverse / http://maclir/domain1/ 

</VirtualHost>

<VirtualHost *>

ServerName lugh.example.com
ProxyPass / http://lugh/domain2/ 
ProxyPassReverse / http://lugh/domain2/ 

</VirtualHost>
CERTIFIED EXPERT
Commented:
Unlock this solution and get a sample of our free trial.
(No credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a sample view!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.