Multiple IIS Web Servers behind one firewall


Could somebody help me out with this, I have 3 win2k IIS webservers each hosting seperate domains using seperate IPs behind a BusGuardian firewall. How do I configure my port forwarding so each domain can be accessed.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

You would set the port forwarding to match the external ip to the internal ip's of the respective webserver.  Say has an external ip of and an internal ip of you would tell the firewall to forward all requests for web traffic to to be forwarded to  This would have to be done for each seperate ip address that you are hosting on.  I'm not fimiliar with the BusGuardian firewall but it's usually pretty straight forward if it has a web interface to it.  
>How do I configure my port forwarding so each domain can be accessed

Do you have more than 1 external IP?  If not, you need to be taking a different approach...


Hi Duec,

The--Captain is right.
because normal HTTP traffic comes on one port (80) , and you can forward a port to only one internal ip, you cannot run seperate websites on seperate internal ip's

the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers).

Nevertheless. many ISP's offer the ability to get more Public  Ip address on a single DSL or Phoneline.
then you can forward each public ip address to a internal ip address website.

or eventually install the public ip addresses on the server which hosts the websites.
Firewall Management 201 with Professor Wool

In this whiteboard video, Professor Wool highlights the challenges, benefits and trade-offs of utilizing zero-touch automation for security policy change management. Watch and Learn!

>the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers)

Actually, I was thinking of getting all the internal servers to be identical and each being capable of serving up all the websites (and kept synchronized through replication) and using an internal load-balancing device to switch between them.  But whatever works...


Depending on your setup you can put all three websites on the same server and use host headers to seperate the three. they would all use the same ip address but they would have different names,, and We use this setup in our office for our intranet sites.

I am not sure what version you are using of IIS but here is how to do it in ver 6.0:;en-us;324287
Sorry I didn't explain a little better.  Yes you would need 3 seperate external ip's to use my solution.  If you only have one your best shot is to go with msidnam's solution.
DuecAuthor Commented:
Sorry I guess I should have given you a bit more info, to better explain my issue, my appologies.
I have only 1 external IP coming in on a T1 connection, I can't combine these websites into one common Win2k box, that of course would be nice and convenient. However each server (Win2k IIS 5) is running its own Web application, each with its own SQL 2000 database. I know that it would be best to purchase 2 more external IPs, again that makes life easier and I will do that when I'm financially able, however I'm looking for an interm solution.  

This is what I've been trying and maybe your feedback can help me or it will confirm I'm crazy.

My domains:

All 3 domains setup as host headers on 1 Web Server. So no matter what domain you go to you end up at the same page, we'll call it a "landing page".  This page has 3 links or 3 buttons on it, one for each domain.  Now this is where it gets tricky URL's on each button would be.

Button 1

Button 2

Button 3

Now port forwading rules would have to be created on the firewall of course to forward each domain to the appropriate internal IP. This is a grey area for me.

The other problem or challange is how to keep the port #'s appended to each domain as a visiter browses throught the site. How would I do that?

Anyway, is this a solution that could possibly work or am I just dreaming, any help here would be appreciated. So far I've just got this on paper and have'nt acctually tried it yet. I've also increased the points to 500 cause I think the question is worth it. Give me a solution guys/gals.
Yes that would work, but I am thinking it should be possible to have IIS do it automatically.
Once you have chosen the lucky server to get port 80 forarded to it, set up it's site to just work as normal based on the host header.
Then create two other virtual sites in IIS, also on port 80, one for each site and again based on host headers.
Now in the properties of a virutal site you will see that you can set it to either point to a folder under the actual location of your web site or some other directory on your server. There is also another option to make this site a permanent redirect. Select this and point it to http://blahblahblah.whatever:81 and for the second, use another port. Then get on those two servers, and make sure they are configured to listen on those ports that you have just chosen.

When you make the webpages, you will have to make sure that there are no urls or img tags etc referencing eg http://someothersite.etc/directories/thingsandstuff
they would all have to be relative URLS. these look like  ./thingsandstuff ../../../somethingelse/  I once learned all about how those dots work, you can get all the way back to the root directory of your hard disk I think if you try hard enough.

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Actually you can use one IP address to host multiple websites, you have to use Host Headers, here is a walk through and how to set it up:;en-us;190008
DuecAuthor Commented:
Thanks "ccceqo2" much better idea than the one I had, works great. Also thanks to everyone else that contributed to my problem.
Cool, well I was also going to mention that if your router supports port redirection you could do the following:
As above, but setup the other two servers to also listen on port 80.
Now make your router forward incoming public IP port 81 to private IP 2 port 80 and then public IP port 82 to private IP 3 port 80.
It won't help people outside your network, or solve the problem of needing relative URLS.
What it will do is make it an easier transition when you do get the extra public IPs.
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.