Solved

WatchGuard Firewall - How can I point to another web server on my network.

Posted on 2006-06-13
6
515 Views
Last Modified: 2013-11-16

Zero expertise with my WatchGuard firewall other than being the onsite monkey while the WatchGuard tech walked me thru installing it and setting it up.

Ok Ok. Maybe not giving myself enough credit.  I DO know how to get into Policy Mgr. and do the basics.

To my question.  Running Outlook Webaccess on my Exchange 2003 server.  If I or my users want to chech their webmail they go: 65.154.98.141\EXCHANGE (where EXCHANGE in the actual DNS name of my Exchange server).

But let's say I want to play and I have IIS running on another server, say, APPLICATIONS.

How do I configure my Firewall so I can go 65.154.98.141\APPLICATIONS and see any test websites that I'm running on APPLICATIONS.

I'm using NAT on the firewall to translate the external IP to the internal IP of EXCHANGE but it seems that it will only let me do one; in other words I can't add a second NAT for APPLICATIONS.

Any thoughts???
0
Comment
Question by:mbath20110
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
6 Comments
 
LVL 4

Expert Comment

by:rliu1112
ID: 16898047
here is one way (easiest I think...) lets just use the same IP address...

first, I am assuming that your web server is called APPLICATIONS. and your test web sites are located on APPLICATIONS as subfolders or files under "wwwroot" folder of your IIS?

on your firewall, use NAT to map the TCP port 80 or the external IP (65.154.98.141) to the internal address of your web server (APPLICATIONS). so now all HTML traffic will be directed to the APPLICATIONS machine's "wwwroot" folder (given that it is an IIS machine).

so to test, place a sample web page into the wwwroot folder and lets call it default.htm for now, then use IE and browse to http://65.154.98.141/default.htm and you should see that web page

now, I don't really know how your test sites are created or stored... but its generally created as sub folders under the wwwroot folder. So lets say that I have a test site called TESTSITE01. it would be physically located on \\APPLICATIONS\wwwroot\testsite01.

Then use IE and browse to http://65.154.98.141/testsite01/yourwebpage.htm

I hope this helps...
0
 

Author Comment

by:mbath20110
ID: 16911068

Thanks for respsonding RLiu,

I think you've got me on the right track but the sticking point is, I want to preserve the IP NAT to my Exchange server (so my users can keep getting OWA).

So to refine my question, if I want to leave in place, 65.154.98.141/EXCHANGE, how do I add 65.154.98.141/APPLICATIONS, which is where, as you correctly stated, my test website would be?

Or, is this even something that should (can) be done via the firewall?  Can I do some internal mapping or sharing of folders on Applications that points to Exchange?

And maybe my larger question is,  is what I'm proposing really proper network design?  Should I really be hosting websites on different machines in my network?  If I've already got IIS running on my Exchange server then that's where any and all other websites (internal or external) should be located.

Thanks again.
0
 
LVL 4

Accepted Solution

by:
rliu1112 earned 500 total points
ID: 16921335
I see....

It is best to have the web server and the exchange server on different boxes. here is what I did, hope this could shed some light for your scenerio....
1) point the web port (80) to the web server
I think based on your info, you have it pointed to the Exchange server for now so OWA would work?
2) create an virtual web on the IIS called EXCHANGE
3) within the Virtual web properties, point it to the OWA folder on the Exchange box
the catch here is that these two machines has to be able to see and share with each other.

So now, web traffic for 000.000.000.000/exchange points to the OWA folder of the exchange box and 000.000.000.000 goes to the wwwroot folder on the web server (iis) and 000.000.000.000/applications points to the applications subfolder within wwwroot on the iis.

I think the OWA folder is the \...\exchsvr\webdata folder on the exchange server... have to go check...

I hope this works for you.....
0

Featured Post

Get 15 Days FREE Full-Featured Trial

Benefit from a mission critical IT monitoring with Monitis Premium or get it FREE for your entry level monitoring needs.
-Over 200,000 users
-More than 300,000 websites monitored
-Used in 197 countries
-Recommended by 98% of users

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Do you have a windows based Checkpoint SmartCenter for centralized Checkpoint management?  Have you ever backed up the firewall policy residing on the SmartCenter?  If you have then you know the hassles of connecting to the server, doing an upgrade_…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
NetCrunch network monitor is a highly extensive platform for network monitoring and alert generation. In this video you'll see a live demo of NetCrunch with most notable features explained in a walk-through manner. You'll also get to know the philos…
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…
Suggested Courses

617 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question