Can't access IIS App from local mahines on the newtwork, anywhere else OK

I have experienced a variation on this problem several times now..either an app that I have configured will not serve out on the machine that is serving it (though is it accessible from the outside world) or a site being hosted on a machine that is a part of our network (using a seperate IP, though still technically a part of our local network) will serve out to all outsiders, but not users on the network with the macihne.

In this particular case, I am running IIS 5 on a win2k machine that is not configured for DNS, DHCP, or Domain Control services...The server hosts a site that resolves outwardly using host headers (the  dns record matches the host headers configured in IIS) and the site is capable of being viewed by 99% of the world. The issue is that all of the machines on our network (though on a differnt IP on that network) cannot access the site.

To be clear, the local server can browse the site, any outsider can browse the site, but all other users (on a segment of the network that uses a different IP from the web server, lIS is on .75 while networked users on .74 wan-side) are unable to view the site.

I have tried to ping and tracert the domain name on machines from the network that are unable to view the site, and all return the correct dns translation of the IP address as well as packets responding from the router that the server is connected to. The trace results in the same trace as that of the local web server (that can traverse the site content), but when one tries to browse the site, the request times out.

To date, my logic is as follows...firewalling being done by our local routers could be responsible, but this does not explain why outside traffic can get to the site. Also, the request to view the site is a vanilla http request packet being sent out using a host header the path should be able to go out to the outside world and then back...but instead, it attempts to connect directly to the address of the web sever (I know this because tracert-ing the name results in one hop from both sources invloved - the local web server, that does serve the content and the local network machines that do not). So, at this point, I think that the packets are getting stuck at some point locally.

The topography involved is:
               |                                                     |
Router for Web Server & SQL        Router for LAN Workgroup
    |                      |                            |                |
IIS Server       SQL Server             App Server       / \
                                                                    Workstations   (10 or so)

The request from either the App Server or any of the Workstations results in a timeout, while the SQL & IIS machines both get to the site on the IIS machine.

If anyone has any clue as to why this could be happening, please help out with some suggestions...

Who is Participating?
Can the workstations browse the Web in general?

When you say 'all return the correct dns translation of the IP address' is this correct address a public address that the rest of the world also resolves the DNS name as?

If you enter the web servers DNS name in a workstation's HOSTS file using the private IP address of the IIS server can the client access the web server now.

Does the 'Router for LAN Workgroup have a specific Static route to the subnet which the IIS Server is a member with the gateway IP address set to the 'Router for Web Server's IP address?

Hi cantedview,

 proxy and firewalls could be blocking submasks if on different networks.

The Web server router will also need a route to the Workstations subnet via the LAN workgroup router
cantedviewAuthor Commented:

The issue is the routing path of the two routers in place...and the solution seems to be to establish a static routing path that is the same for both segments of the network. The problem is that for the routers that we have in place, this can't be done, so I can't test it. We are looking into replacing the equipment in order to achieve this.

Since anthonywjones66 recommended that we examine static routing, I am awarding him the points despite not having arrived at a fix yet. In the mean time, I am going to bridge the two segements with a seperate switch so that the web server can be accessed directly (using HOST file)..again, a reccomendation of anthonywjones66.

Thank you both for your time...EE is a great resource.

Thank you for taking the time to come back and finalize this question.  Good luck in getting this resolved for good.

EE Cleanup Volunteer
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.