forward to dns name and port

How do i setup forwarding for websites and ports?
What I want to do is have the user type in: http://<insertDname1> and be forwarded to http://<insertDname2>:<port> or <IPAddress>:<Port> while retaining the first domain name.  I think its a virtual host but I have never set this up before.
Software:
Windows Server 2003 Standard Edition R2
Firewall hardware: SonicWall 2040 Pro with Sonic OS Enchanced
LVL 1
DVDude_1Asked:
Who is Participating?
 
Joseph HornseyConnect With a Mentor President and JanitorCommented:


Set the host headers as follows:

domain: mydomain.com
site1: bugs
Header info: 192.168.50.150:80 -> bugs.mydomain.com
site2: dev
Header info: 192.168.50.150:80 -> dev.mydomain.com
site3: stage
Header info: 192.168.50.150:80 -> stage.mydomain.com

Here's how to think of this:

You can differentiate between web sites three different ways:

1. By IP address
2. By port number
3. By host header

If you use a separate IP address for each web site, then using separate port numbers or host headers is uneccessary
If you use a separate port number for each web site, then using separate IP addresses or host headers is uneccessary
If you use a separate host header for each web site, then using separate IP addresses or port numbers is uneccessary

The beauty of host headers is that the web server is still listening to port 80 on only one IP address.  It looks at the request and picks out the FQDN (bugs.mydomain.com) to determine which web site to send the request to.  So, separate port numbers or IP addresses aren't needed.

The way you're configured now would work if you went to dev.mydomain.com:8013 or bugs.mydomain.com:8888.

Does that make sense?

<-=+=->



0
 
tmtroutmanCommented:
Set up another DNS zone and create a host record for dname1 pointing to the correct IP address.
0
 
mikeleebrlaCommented:
actually you can't do the port part with DNS at all.  All DNS does is tranlate FQDNs to IP addresses and visa versa.  Any port forwarding will have to be done on your router/firewall.

0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
tmtroutmanCommented:
I thought the submitter wanted either or. mikeleebrla is right, i just gave you a solution if you wanted to do it with ip using dns. Seems easier to me than making changes in a router or firewall, but i'm lazy :)
0
 
mikeleebrlaCommented:
not according to the quesiton,,, both of his scenerios involve changing the destination port

i'm not really sure WHY you would need to do this however.  If the question asker could give a WHOLE explanation of the problem perhaps we could give a better solution than changing the destiation port.
0
 
Joseph HornseyPresident and JanitorCommented:

Actually, the problem that you're running into is two-fold:

1. You want the request (for Dname1) to be re-directed to Dname2 - this is name to IP address resolution (DNS)
2. You want the request (for port 80) to be re-directed to the other port - this is port forwarding (application layer)

Here's an example (assuming that the web site is inside your network):
                 - You want users to type in http://www.domain1.com to get to the web site
                 - The web site is located on Server2 which has an IP address of 192.168.5.201/24 on your internal network
                 - You have the block of addresses 10.152.67.9/29 on your external interface of the firewall and you decide to assign 10.152.67.12 to the web site

To accomplish this, you would need to do the following:
                 - Create a DNS A record for www in the domain1.com zone and assign it the IP address 10.152.67.12
                 - Create a mapping on your firewall which would map 10.152.67.12 to 192.168.5.201

This will not take care of changing the port from 80 to something else.  However, on your internal network you should have an abundance of IP addresses, so just assign an IP address to that web site and let it use port 80.

Here's another example (assuming that you can't do the above):
                 - You want users to type in http://www.domain1.com to get to the web site
                 - There's an existing web site at http://www.domain2.com:12345 which the request needs to go to
                 - You don't have the option of changing the port, IP address or DNS name

To accomplish this, you would need to do the following:
                 - At the domain1.com web site, create an HTML file and make it the Default Document in IIS for that site
                 - Here's the HTML for that document:
                     
                      <html>
                      <head>
                      <meta http-equiv="REFRESH" content="0; URL=http://www.domain2.com:12345/">
                      <meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
                      <title>Page Redirect</title>
                      </head>
                      <body link="#0000A6" vlink="#0000A6" alink="#0000A6">
                      <center>
                      <FONT COLOR=#0000A6>
                      <H4>If you aren't automatically redirected to the other site, click <a href="http://www.domain2.com:12345/">here</a>. </H4>
                      </FONT>
                      </center>
                      </body>
                      </html>

If you don't want to do it the HTML way, you can always do it with a 301 redirect using ASP.NET (create a text file with .aspx extension and make that the default page for your original web site):

                      <script runat="server">
                      private void Page_Load(object sender, System.EventArgs e)
                      {
                      Response.Status = "301 Moved Permanently";
                      Response.AddHeader("Location","http://www.domain2.com:12345/");
                      }
                      </script>

Hope that helps!

<-=+=->
0
 
Joseph HornseyPresident and JanitorCommented:

Oops... I forgot.  In the second example, you'll still need to set up a DNS A record and port forwarding on your firewall if the site is inside your network.

<-=+=->
0
 
DVDude_1Author Commented:
intranet web sites. hosted by a win2k3 member server...   internal domain only... again a test case.  I want users to type in http://<insertcompname>.<insertDname> instead of http://<IPAddress>:<port> or http://<insertcompname>.<insertDname>:<port>...  there are multiple websites on the server in question that are differentiated by ports ex..  192.168.x.x:80, 192.168.x.x:8080, and 192.168.x.x:8888 are different pages.  I want the end user to enter http://<something>.<insertDname> and get directed to 192.168.x.x:80, likewise have http://<somethingelse>.<insertDname> would forward to 192.168.x.x:8080 etc.  with 192.168.x.x being the same in all cases...   how would I do this? currently the test dns server has Arecords for the webservers.
0
 
DVDude_1Author Commented:
and I do have access to the firewall if needed
0
 
Joseph HornseyPresident and JanitorCommented:

Dude,

The easiest way to do this is to use host headers.  (Sorry... I thought you were trying to do something else)

To use host headers, open your IIS management console, right-click on the web site and go to Properties.  On the web site tab, you have a button next to the IP address field called "Advanced".  Click on that and you'll be able to configure the host headers (it's the "Multiple identities for this web site" box on the top of the window).

Example:

You've got three web sites and you want users to be able to go to app1.yourdomain.com, app2.yourdomain.com and app3.yourdomain.com.  You don't want them to input port numbers.

Here's how you set it up:

1. Create DNS A records for app1, app2 and app3 and point them all to the same IP address (the address on your server)
2. Go to each web site and configure the host header:
     - Right-click on web site and choose Properties
     - On the Web Site tab, click Advanced
     - On the Advanced window, click the top Add button
     - Select the IP address (they'll all use the same one)
     - Set the TCP port to 80
     - Set the host header value to the correct name (e.g., app1.yourdomain.com or app2.yourdomain.com)

That will do it for you!

Hope that helps!

<-=+=->

0
 
mikeleebrlaCommented:
yep, host headers are the way to do this.

http://www.visualwin.com/host-header/

remove all of that changing of the default HTTP port 80 stuff to another port that you configured also. true, that way will work, but is confusing for users.
0
 
DVDude_1Author Commented:
Thanks, I will test later today..
0
 
Smacky311Commented:
I'm sure you could also achieve the same results with a META Refresh:  http://www.html-reference.com/META_httpequiv_refresh.htm
0
 
DVDude_1Author Commented:
ok well i must be doing something wrong.... I tried SplinterCell's way and I keep getting:
bad request
or
invalid hostname
or
invaild host header

any other solutions that do not require modifing the <meta> or <head> tags in the html codE?
0
 
DVDude_1Author Commented:
I did create the required 'A' records
0
 
Joseph HornseyPresident and JanitorCommented:
Dude,

The only thing I can think of is that the host headers are not configured correctly.  The key is that you use the same IP address for each web site (and thus, each A record) and the same port number.

Example:

My domain - mydomain.com
Site 1 - testing
Site 2 - accounting
Site 3 - timeclock
Server IP - 192.168.1.222

I'd configure A records in the mydomain.com domain for testing, accounting and timeclock and give them all the same IP address (192.168.1.222).

Next, I'd configure IIS and create three virtual servers.  Each would have the same IP address (192.168.1.222), the same port (80) and I would configure the host headers for each site as testing.mydomain.com, accounting.mydomain.com and timeclock.mydomain.com (one per site).

Your host headers have to exactly match the FQDN being entered into IE.  So, if the host header is timeclock.mydomain.com, then you'd have to go to the web site via IE by typing in "http://timeclock.mydomain.com".  If you just put in "http://timeclock", it won't work.

Also, if you've got a proxy server on your network, you'll need to make sure you're bypassing it for internal addresses.

Double-check that stuff and then post back.

<-=+=->

0
 
DVDude_1Author Commented:
ok so this is what i entered:

domain: mydomain.com
site1: bugs
Header info: 192.168.50.150:8888 -> bugs.mydomain.com
site2: dev
Header info: 192.168.50.150:8013 -> dev.mydomain.com
site3: stage
Header info: 192.168.50.150:80 -> stage.mydomain.com


A records:
bugs.mydomain.com -> 192.168.50.150
dev.mydomain.com -> 192.168.50.150
stage.mydomian.com -> 192.168.50.150

and no matter what I type in bugs.mydomain.com or dev.mydomain.com in a browser I still only get the default port 80 page which is the stage.mydomain.com

What am I doing wronG?
0
 
DVDude_1Author Commented:
yes thanks you
0
All Courses

From novice to tech pro — start learning today.