Solved

Using port 80 for 2 web servers.. How do i forward to each?

Posted on 2008-10-31
18
480 Views
Last Modified: 2012-05-05
Hello,

I currently have the following setup:

IIS running on 192.168.100.2 port 80
Apache running on 192.168.100.2 port 8080

I have 2 sub domains which are used for me two web servers..

home.domain.com -> IIS
dev.domain.com:8080 -> Apache

I know how to put Apache on port 80.. I just need to give it a new IP address.. Say 192.168.100.3..

Problem is, how do i get dev.domain.com to reach that IP??

Thanks


0
Comment
Question by:fugazer
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 7
  • 5
  • 3
  • +1
18 Comments
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22856172
Start DNS-manager (dnsmgmt.msc), expand 'Forward lookup zones'->domain.com
Double-click on dev and change it to the correct IP-address.
0
 
LVL 8

Expert Comment

by:smilerz
ID: 22857619
Each IP address needs to be registered with the correct name in DNS - are you using Microsoft DNS or some third party?
0
 

Author Comment

by:fugazer
ID: 22858045
yes i'm using DNS..

Before i make the change, i'm wondering if incoming traffic from dev.domain.com will route to the proper server??

So... home.domain.com will stay the same ->IIS Sharepoint
and dev.domain.com will now forward to -> Apache

Essentially the same appearance as i currently have expect now eliminating port 8080.

0
MIM Survival Guide for Service Desk Managers

Major incidents can send mastered service desk processes into disorder. Systems and tools produce the data needed to resolve these incidents, but your challenge is getting that information to the right people fast. Check out the Survival Guide and begin bringing order to chaos.

 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22858075
home.domain.com and dev.domain.com is two different DNS-records.
Updating dev will not affect home if not home is a CNAME pointing to dev.
If they're both A-records (host), just update dev to point on the correct IP.
If any of them is CNAME-record (alias) to the other's A-record, you nead to delete the CNAME-record and re-create it as A-record.
0
 

Author Comment

by:fugazer
ID: 22858638
well.. i made the switch

And what i was worried about happened..

i switched dev.domain.com over to 192.168.100.3 (A Record)

Internally on our network everything is fine..

But i had my friend access dev.domain.com and it brought him to our IIS server with sharepoint.

Internally it works, externally no go..

I have a router that sits before W2k3 server and Port 80 forwards off to IP 192.168.100.2

I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work..

With port 80, and external traffic coming in on port 80, its either Sharepoint (192.168.100.2) or Apache (192.168.100.3)..

I'm i dead in the water?

The linksys wrt54g router has been upgraded with -> Firmware Version: v4.71.1, Hyperwrt 2.1b1 + Thibor15c

Is there some advanced setting i can do on the router to direct the traffic to the correct target?

Or is there some special W2k3 setting i can do?

0
 
LVL 8

Expert Comment

by:smilerz
ID: 22858738
You need two different firewall rules on the external network with two separate publically accessible IPs/domains.

ie you need a public DNS for 200.0.0.1 that is NATd to 192.168.100.2 and one for 200.0.0.2 that is NAT'd to 192.168.100.3.

0
 

Author Comment

by:fugazer
ID: 22858795
I uninstalled our NAT to get our 2 networks talking..

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23653796.html


Frustrating...

Is the root of all my trouble's the router that sits before my W2k3??

Should the internet be plugged in directly to the windows server?




0
 
LVL 8

Accepted Solution

by:
smilerz earned 125 total points
ID: 22861756
No, you should never place a computer directly on the internet.

Are you trying to bridge two networks together or are you just trying to get these two websites up on the internet?
0
 

Author Comment

by:fugazer
ID: 22863097
So it is correct that i have the router before the windows server? I used this as my firewall, and access point for wireless notebooks..

NIC1 and NIC2 are bridged..

My goal is to eliminate the need for port 8080, and just have the 2 websites up and running..

dev.domain.com
home.domain.com

currently it is set up like this:
dev.domain:com:8080
home.domain.com


0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 22863608
Yes, the server should be protected between the firewall box.

If only having one external public IP, you nead to use different ports in the firewall rule to make the visitors reach the different internal servers.
If not wanting to use different ports on the different addresses, you nead to configure a proxy solution to let all traffic to port 8080 pass through the server running at port 80. This can be done with apache's mod_proxy by letting apache listen on port 80 for both hostnames and configure a rule that checks the hostname and proxy-pass requests for IIS' servername:80 to servername:8080
0
 

Author Comment

by:fugazer
ID: 22863674
will that allow user's outside our network to access the apache webserver without having to write 8080 in the url?? ie.. http://dev.domain.com 
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22863822
Yes, the user will only know about the port 80 address when using a proxy solution and all traffic to port 8080 is done through the proxy server listening on port 80.
0
 

Author Comment

by:fugazer
ID: 22863938
Okay.. i think i understand.

I've never set up a proxy before, and im a little confused on how to achieve the setup you suggested.
0
 

Author Comment

by:fugazer
ID: 22913048
i'm having trouble setting up the proxy configuration as you suggested Wizard.. do you have any more insight for me? Or even better, can you tell me how to do this?
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 22934744
Create a virtual server in apache and use a rule like below to proxy incoming traffic to IIS.

Also see apache's manuals for mod_rewrite
http://httpd.apache.org/docs/1.3/misc/rewriteguide.html
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html


ServerName dev.domain.com
ServerPort 80
 
<VirtualServer internal-IP-address-mapped-in-firewall>
  ServerName home.domain.com
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^home\.domain\.com
  RewriteRule ^/(.*) http://home.domain.com:8080/$1 [P,L]
</VirtualServer

Open in new window

0
 
LVL 8

Assisted Solution

by:yfastud
yfastud earned 125 total points
ID: 24443445
quote "I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work.. "

your dev.domain.com runs on port 8080 so you should port froward to 8080 instead; btw, you might want try 8181 since most routers use 8080 for remote access

then setup vh as sample here

Listen 8181
 
NameVirtualHost *:8181
 
<VirtualHost *:8181>
ServerName dev.domain.com
DocumentRoot path/to/dev.domain.com/folder
</VirtualHost>

Open in new window

0

Featured Post

Flexible connectivity for any environment

The KE6900 series can extend and deploy computers with high definition displays across multiple stations in a variety of applications that suit any environment. Expand computer use to stations across multiple rooms with dynamic access.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
ticket bloat 3 70
Delete Disconnected Site from Active Directory 3 60
Problem to copy file 14 51
BgInfo help 5 65
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
Restoring deleted objects in Active Directory has been a standard feature in Active Directory for many years, yet some admins may not know what is available.
Email security requires an ever evolving service that stays up to date with counter-evolving threats. The Email Laundry perform Research and Development to ensure their email security service evolves faster than cyber criminals. We apply our Threat…

733 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question