Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Multiple IIS Web Servers behind one firewall

Posted on 2004-10-21
11
Medium Priority
?
1,590 Views
Last Modified: 2013-11-16
Hi,

Could somebody help me out with this, I have 3 win2k IIS webservers each hosting seperate domains using seperate IPs behind a BusGuardian firewall. How do I configure my port forwarding so each domain can be accessed.
Thanks
0
Comment
Question by:Duec
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
  • 2
  • 2
  • +4
11 Comments
 
LVL 3

Expert Comment

by:cnewgaard
ID: 12378053
You would set the port forwarding to match the external ip to the internal ip's of the respective webserver.  Say www.mine.com has an external ip of 1.1.1.1 and an internal ip of 62.11.22.11 you would tell the firewall to forward all requests for web traffic to 1.1.1.1 to be forwarded to 62.11.22.11.  This would have to be done for each seperate ip address that you are hosting on.  I'm not fimiliar with the BusGuardian firewall but it's usually pretty straight forward if it has a web interface to it.  
0
 
LVL 16

Expert Comment

by:The--Captain
ID: 12378252
>How do I configure my port forwarding so each domain can be accessed

Do you have more than 1 external IP?  If not, you need to be taking a different approach...

Cheers,
-Jon

0
 
LVL 1

Expert Comment

by:Ali_Jas
ID: 12378410
Hi Duec,

The--Captain is right.
because normal HTTP traffic comes on one port (80) , and you can forward a port to only one internal ip, you cannot run seperate websites on seperate internal ip's

the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers).

Nevertheless. many ISP's offer the ability to get more Public  Ip address on a single DSL or Phoneline.
then you can forward each public ip address to a internal ip address website.

or eventually install the public ip addresses on the server which hosts the websites.
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 
LVL 16

Expert Comment

by:The--Captain
ID: 12378648
>the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers)

Actually, I was thinking of getting all the internal servers to be identical and each being capable of serving up all the websites (and kept synchronized through replication) and using an internal load-balancing device to switch between them.  But whatever works...

Cheers,
-Jon

0
 
LVL 2

Expert Comment

by:msidnam
ID: 12381023
Depending on your setup you can put all three websites on the same server and use host headers to seperate the three. they would all use the same ip address but they would have different names, www.123.com, www.abc.com and www.abc123.com. We use this setup in our office for our intranet sites.

I am not sure what version you are using of IIS but here is how to do it in ver 6.0:

http://support.microsoft.com/default.aspx?scid=kb;en-us;324287
0
 
LVL 3

Expert Comment

by:cnewgaard
ID: 12381451
Sorry I didn't explain a little better.  Yes you would need 3 seperate external ip's to use my solution.  If you only have one your best shot is to go with msidnam's solution.
0
 

Author Comment

by:Duec
ID: 12382279
Sorry I guess I should have given you a bit more info, to better explain my issue, my appologies.
I have only 1 external IP coming in on a T1 connection, I can't combine these websites into one common Win2k box, that of course would be nice and convenient. However each server (Win2k IIS 5) is running its own Web application, each with its own SQL 2000 database. I know that it would be best to purchase 2 more external IPs, again that makes life easier and I will do that when I'm financially able, however I'm looking for an interm solution.  

This is what I've been trying and maybe your feedback can help me or it will confirm I'm crazy.

My domains:
Domaina.com
Domainb.com
Domainc.com

All 3 domains setup as host headers on 1 Web Server. So no matter what domain you go to you end up at the same page, we'll call it a "landing page".  This page has 3 links or 3 buttons on it, one for each domain.  Now this is where it gets tricky URL's on each button would be.

Button 1
http://www.Domaina.com:8100

Button 2
http://www.Domainb.com:8200

Button 3
http://www.Domainc.com:8300

Now port forwading rules would have to be created on the firewall of course to forward each domain to the appropriate internal IP. This is a grey area for me.

The other problem or challange is how to keep the port #'s appended to each domain as a visiter browses throught the site. How would I do that?

Anyway, is this a solution that could possibly work or am I just dreaming, any help here would be appreciated. So far I've just got this on paper and have'nt acctually tried it yet. I've also increased the points to 500 cause I think the question is worth it. Give me a solution guys/gals.
0
 
LVL 3

Accepted Solution

by:
ccceqo2 earned 2000 total points
ID: 12384395
Yes that would work, but I am thinking it should be possible to have IIS do it automatically.
Once you have chosen the lucky server to get port 80 forarded to it, set up it's site to just work as normal based on the host header.
Then create two other virtual sites in IIS, also on port 80, one for each site and again based on host headers.
Now in the properties of a virutal site you will see that you can set it to either point to a folder under the actual location of your web site or some other directory on your server. There is also another option to make this site a permanent redirect. Select this and point it to http://blahblahblah.whatever:81 and for the second, use another port. Then get on those two servers, and make sure they are configured to listen on those ports that you have just chosen.

When you make the webpages, you will have to make sure that there are no urls or img tags etc referencing eg http://someothersite.etc/directories/thingsandstuff
they would all have to be relative URLS. these look like  ./thingsandstuff ../../../somethingelse/  I once learned all about how those dots work, you can get all the way back to the root directory of your hard disk I think if you try hard enough.
0
 
LVL 12

Expert Comment

by:Mazaraat
ID: 12385275
Actually you can use one IP address to host multiple websites, you have to use Host Headers, here is a walk through and how to set it up:

http://support.microsoft.com/default.aspx?scid=kb;en-us;190008
0
 

Author Comment

by:Duec
ID: 12389269
Thanks "ccceqo2" much better idea than the one I had, works great. Also thanks to everyone else that contributed to my problem.
0
 
LVL 3

Expert Comment

by:ccceqo2
ID: 12389442
Cool, well I was also going to mention that if your router supports port redirection you could do the following:
As above, but setup the other two servers to also listen on port 80.
Now make your router forward incoming public IP port 81 to private IP 2 port 80 and then public IP port 82 to private IP 3 port 80.
It won't help people outside your network, or solve the problem of needing relative URLS.
What it will do is make it an easier transition when you do get the extra public IPs.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Make the most of your online learning experience.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
If you're a developer or IT admin, you’re probably tasked with managing multiple websites, servers, applications, and levels of security on a daily basis. While this can be extremely time consuming, it can also be frustrating when systems aren't wor…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

609 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question