Solved

WatchGuard Firewall - How can I point to another web server on my network.

Posted on 2006-06-13
6
506 Views
Last Modified: 2013-11-16

Zero expertise with my WatchGuard firewall other than being the onsite monkey while the WatchGuard tech walked me thru installing it and setting it up.

Ok Ok. Maybe not giving myself enough credit.  I DO know how to get into Policy Mgr. and do the basics.

To my question.  Running Outlook Webaccess on my Exchange 2003 server.  If I or my users want to chech their webmail they go: 65.154.98.141\EXCHANGE (where EXCHANGE in the actual DNS name of my Exchange server).

But let's say I want to play and I have IIS running on another server, say, APPLICATIONS.

How do I configure my Firewall so I can go 65.154.98.141\APPLICATIONS and see any test websites that I'm running on APPLICATIONS.

I'm using NAT on the firewall to translate the external IP to the internal IP of EXCHANGE but it seems that it will only let me do one; in other words I can't add a second NAT for APPLICATIONS.

Any thoughts???
0
Comment
Question by:mbath20110
  • 2
6 Comments
 
LVL 4

Expert Comment

by:rliu1112
ID: 16898047
here is one way (easiest I think...) lets just use the same IP address...

first, I am assuming that your web server is called APPLICATIONS. and your test web sites are located on APPLICATIONS as subfolders or files under "wwwroot" folder of your IIS?

on your firewall, use NAT to map the TCP port 80 or the external IP (65.154.98.141) to the internal address of your web server (APPLICATIONS). so now all HTML traffic will be directed to the APPLICATIONS machine's "wwwroot" folder (given that it is an IIS machine).

so to test, place a sample web page into the wwwroot folder and lets call it default.htm for now, then use IE and browse to http://65.154.98.141/default.htm and you should see that web page

now, I don't really know how your test sites are created or stored... but its generally created as sub folders under the wwwroot folder. So lets say that I have a test site called TESTSITE01. it would be physically located on \\APPLICATIONS\wwwroot\testsite01.

Then use IE and browse to http://65.154.98.141/testsite01/yourwebpage.htm

I hope this helps...
0
 

Author Comment

by:mbath20110
ID: 16911068

Thanks for respsonding RLiu,

I think you've got me on the right track but the sticking point is, I want to preserve the IP NAT to my Exchange server (so my users can keep getting OWA).

So to refine my question, if I want to leave in place, 65.154.98.141/EXCHANGE, how do I add 65.154.98.141/APPLICATIONS, which is where, as you correctly stated, my test website would be?

Or, is this even something that should (can) be done via the firewall?  Can I do some internal mapping or sharing of folders on Applications that points to Exchange?

And maybe my larger question is,  is what I'm proposing really proper network design?  Should I really be hosting websites on different machines in my network?  If I've already got IIS running on my Exchange server then that's where any and all other websites (internal or external) should be located.

Thanks again.
0
 
LVL 4

Accepted Solution

by:
rliu1112 earned 500 total points
ID: 16921335
I see....

It is best to have the web server and the exchange server on different boxes. here is what I did, hope this could shed some light for your scenerio....
1) point the web port (80) to the web server
I think based on your info, you have it pointed to the Exchange server for now so OWA would work?
2) create an virtual web on the IIS called EXCHANGE
3) within the Virtual web properties, point it to the OWA folder on the Exchange box
the catch here is that these two machines has to be able to see and share with each other.

So now, web traffic for 000.000.000.000/exchange points to the OWA folder of the exchange box and 000.000.000.000 goes to the wwwroot folder on the web server (iis) and 000.000.000.000/applications points to the applications subfolder within wwwroot on the iis.

I think the OWA folder is the \...\exchsvr\webdata folder on the exchange server... have to go check...

I hope this works for you.....
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

If you are like regular user of computer nowadays, a good bet that your home computer is on right now, all exposed to world of Internet to be exploited by somebody you do not know and you never will. Internet security issues has been getting worse d…
This article offers some helpful and general tips for safe browsing and online shopping. It offers simple and manageable procedures that help to ensure the safety of one's personal information and the security of any devices.
In this seventh video of the Xpdf series, we discuss and demonstrate the PDFfonts utility, which lists all the fonts used in a PDF file. It does this via a command line interface, making it suitable for use in programs, scripts, batch files — any pl…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now