Solved

Multiple IIS Web Servers behind one firewall

Posted on 2004-10-21
1,581 Views
Last Modified: 2013-11-16
Hi,

Could somebody help me out with this, I have 3 win2k IIS webservers each hosting seperate domains using seperate IPs behind a BusGuardian firewall. How do I configure my port forwarding so each domain can be accessed.
Thanks
0
Question by:Duec
    11 Comments
     
    LVL 3

    Expert Comment

    by:cnewgaard
    You would set the port forwarding to match the external ip to the internal ip's of the respective webserver.  Say www.mine.com has an external ip of 1.1.1.1 and an internal ip of 62.11.22.11 you would tell the firewall to forward all requests for web traffic to 1.1.1.1 to be forwarded to 62.11.22.11.  This would have to be done for each seperate ip address that you are hosting on.  I'm not fimiliar with the BusGuardian firewall but it's usually pretty straight forward if it has a web interface to it.  
    0
     
    LVL 16

    Expert Comment

    by:The--Captain
    >How do I configure my port forwarding so each domain can be accessed

    Do you have more than 1 external IP?  If not, you need to be taking a different approach...

    Cheers,
    -Jon

    0
     
    LVL 1

    Expert Comment

    by:Ali_Jas
    Hi Duec,

    The--Captain is right.
    because normal HTTP traffic comes on one port (80) , and you can forward a port to only one internal ip, you cannot run seperate websites on seperate internal ip's

    the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers).

    Nevertheless. many ISP's offer the ability to get more Public  Ip address on a single DSL or Phoneline.
    then you can forward each public ip address to a internal ip address website.

    or eventually install the public ip addresses on the server which hosts the websites.
    0
     
    LVL 16

    Expert Comment

    by:The--Captain
    >the only ways to do this, is to change the port of the website which isn't neat. or work with Http 1.1 (Host headers)

    Actually, I was thinking of getting all the internal servers to be identical and each being capable of serving up all the websites (and kept synchronized through replication) and using an internal load-balancing device to switch between them.  But whatever works...

    Cheers,
    -Jon

    0
     
    LVL 2

    Expert Comment

    by:msidnam
    Depending on your setup you can put all three websites on the same server and use host headers to seperate the three. they would all use the same ip address but they would have different names, www.123.com, www.abc.com and www.abc123.com. We use this setup in our office for our intranet sites.

    I am not sure what version you are using of IIS but here is how to do it in ver 6.0:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;324287
    0
     
    LVL 3

    Expert Comment

    by:cnewgaard
    Sorry I didn't explain a little better.  Yes you would need 3 seperate external ip's to use my solution.  If you only have one your best shot is to go with msidnam's solution.
    0
     

    Author Comment

    by:Duec
    Sorry I guess I should have given you a bit more info, to better explain my issue, my appologies.
    I have only 1 external IP coming in on a T1 connection, I can't combine these websites into one common Win2k box, that of course would be nice and convenient. However each server (Win2k IIS 5) is running its own Web application, each with its own SQL 2000 database. I know that it would be best to purchase 2 more external IPs, again that makes life easier and I will do that when I'm financially able, however I'm looking for an interm solution.  

    This is what I've been trying and maybe your feedback can help me or it will confirm I'm crazy.

    My domains:
    Domaina.com
    Domainb.com
    Domainc.com

    All 3 domains setup as host headers on 1 Web Server. So no matter what domain you go to you end up at the same page, we'll call it a "landing page".  This page has 3 links or 3 buttons on it, one for each domain.  Now this is where it gets tricky URL's on each button would be.

    Button 1
    http://www.Domaina.com:8100

    Button 2
    http://www.Domainb.com:8200

    Button 3
    http://www.Domainc.com:8300

    Now port forwading rules would have to be created on the firewall of course to forward each domain to the appropriate internal IP. This is a grey area for me.

    The other problem or challange is how to keep the port #'s appended to each domain as a visiter browses throught the site. How would I do that?

    Anyway, is this a solution that could possibly work or am I just dreaming, any help here would be appreciated. So far I've just got this on paper and have'nt acctually tried it yet. I've also increased the points to 500 cause I think the question is worth it. Give me a solution guys/gals.
    0
     
    LVL 3

    Accepted Solution

    by:
    Yes that would work, but I am thinking it should be possible to have IIS do it automatically.
    Once you have chosen the lucky server to get port 80 forarded to it, set up it's site to just work as normal based on the host header.
    Then create two other virtual sites in IIS, also on port 80, one for each site and again based on host headers.
    Now in the properties of a virutal site you will see that you can set it to either point to a folder under the actual location of your web site or some other directory on your server. There is also another option to make this site a permanent redirect. Select this and point it to http://blahblahblah.whatever:81 and for the second, use another port. Then get on those two servers, and make sure they are configured to listen on those ports that you have just chosen.

    When you make the webpages, you will have to make sure that there are no urls or img tags etc referencing eg http://someothersite.etc/directories/thingsandstuff
    they would all have to be relative URLS. these look like  ./thingsandstuff ../../../somethingelse/  I once learned all about how those dots work, you can get all the way back to the root directory of your hard disk I think if you try hard enough.
    0
     
    LVL 12

    Expert Comment

    by:Mazaraat
    Actually you can use one IP address to host multiple websites, you have to use Host Headers, here is a walk through and how to set it up:

    http://support.microsoft.com/default.aspx?scid=kb;en-us;190008
    0
     

    Author Comment

    by:Duec
    Thanks "ccceqo2" much better idea than the one I had, works great. Also thanks to everyone else that contributed to my problem.
    0
     
    LVL 3

    Expert Comment

    by:ccceqo2
    Cool, well I was also going to mention that if your router supports port redirection you could do the following:
    As above, but setup the other two servers to also listen on port 80.
    Now make your router forward incoming public IP port 81 to private IP 2 port 80 and then public IP port 82 to private IP 3 port 80.
    It won't help people outside your network, or solve the problem of needing relative URLS.
    What it will do is make it an easier transition when you do get the extra public IPs.
    0

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    Highfive + Dolby Voice = No More Audio Complaints!

    Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

    You need passwords for many websites and you know that it's unwise to use the same password everywhere.  You have also heard that it's important to use "strong" passwords -- but they can be hard to remember.  This article describes several options t…
    Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
    Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
    After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    884 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    18 Experts available now in Live!

    Get 1:1 Help Now