Solved

Using port 80 for 2 web servers.. How do i forward to each?

Posted on 2008-10-31
18
474 Views
Last Modified: 2012-05-05
Hello,

I currently have the following setup:

IIS running on 192.168.100.2 port 80
Apache running on 192.168.100.2 port 8080

I have 2 sub domains which are used for me two web servers..

home.domain.com -> IIS
dev.domain.com:8080 -> Apache

I know how to put Apache on port 80.. I just need to give it a new IP address.. Say 192.168.100.3..

Problem is, how do i get dev.domain.com to reach that IP??

Thanks


0
Comment
Question by:fugazer
  • 7
  • 5
  • 3
  • +1
18 Comments
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22856172
Start DNS-manager (dnsmgmt.msc), expand 'Forward lookup zones'->domain.com
Double-click on dev and change it to the correct IP-address.
0
 
LVL 8

Expert Comment

by:smilerz
ID: 22857619
Each IP address needs to be registered with the correct name in DNS - are you using Microsoft DNS or some third party?
0
 

Author Comment

by:fugazer
ID: 22858045
yes i'm using DNS..

Before i make the change, i'm wondering if incoming traffic from dev.domain.com will route to the proper server??

So... home.domain.com will stay the same ->IIS Sharepoint
and dev.domain.com will now forward to -> Apache

Essentially the same appearance as i currently have expect now eliminating port 8080.

0
Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22858075
home.domain.com and dev.domain.com is two different DNS-records.
Updating dev will not affect home if not home is a CNAME pointing to dev.
If they're both A-records (host), just update dev to point on the correct IP.
If any of them is CNAME-record (alias) to the other's A-record, you nead to delete the CNAME-record and re-create it as A-record.
0
 

Author Comment

by:fugazer
ID: 22858638
well.. i made the switch

And what i was worried about happened..

i switched dev.domain.com over to 192.168.100.3 (A Record)

Internally on our network everything is fine..

But i had my friend access dev.domain.com and it brought him to our IIS server with sharepoint.

Internally it works, externally no go..

I have a router that sits before W2k3 server and Port 80 forwards off to IP 192.168.100.2

I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work..

With port 80, and external traffic coming in on port 80, its either Sharepoint (192.168.100.2) or Apache (192.168.100.3)..

I'm i dead in the water?

The linksys wrt54g router has been upgraded with -> Firmware Version: v4.71.1, Hyperwrt 2.1b1 + Thibor15c

Is there some advanced setting i can do on the router to direct the traffic to the correct target?

Or is there some special W2k3 setting i can do?

0
 
LVL 8

Expert Comment

by:smilerz
ID: 22858738
You need two different firewall rules on the external network with two separate publically accessible IPs/domains.

ie you need a public DNS for 200.0.0.1 that is NATd to 192.168.100.2 and one for 200.0.0.2 that is NAT'd to 192.168.100.3.

0
 

Author Comment

by:fugazer
ID: 22858795
I uninstalled our NAT to get our 2 networks talking..

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23653796.html


Frustrating...

Is the root of all my trouble's the router that sits before my W2k3??

Should the internet be plugged in directly to the windows server?




0
 
LVL 8

Accepted Solution

by:
smilerz earned 125 total points
ID: 22861756
No, you should never place a computer directly on the internet.

Are you trying to bridge two networks together or are you just trying to get these two websites up on the internet?
0
 

Author Comment

by:fugazer
ID: 22863097
So it is correct that i have the router before the windows server? I used this as my firewall, and access point for wireless notebooks..

NIC1 and NIC2 are bridged..

My goal is to eliminate the need for port 8080, and just have the 2 websites up and running..

dev.domain.com
home.domain.com

currently it is set up like this:
dev.domain:com:8080
home.domain.com


0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 22863608
Yes, the server should be protected between the firewall box.

If only having one external public IP, you nead to use different ports in the firewall rule to make the visitors reach the different internal servers.
If not wanting to use different ports on the different addresses, you nead to configure a proxy solution to let all traffic to port 8080 pass through the server running at port 80. This can be done with apache's mod_proxy by letting apache listen on port 80 for both hostnames and configure a rule that checks the hostname and proxy-pass requests for IIS' servername:80 to servername:8080
0
 

Author Comment

by:fugazer
ID: 22863674
will that allow user's outside our network to access the apache webserver without having to write 8080 in the url?? ie.. http://dev.domain.com 
0
 
LVL 31

Expert Comment

by:Henrik Johansson
ID: 22863822
Yes, the user will only know about the port 80 address when using a proxy solution and all traffic to port 8080 is done through the proxy server listening on port 80.
0
 

Author Comment

by:fugazer
ID: 22863938
Okay.. i think i understand.

I've never set up a proxy before, and im a little confused on how to achieve the setup you suggested.
0
 

Author Comment

by:fugazer
ID: 22913048
i'm having trouble setting up the proxy configuration as you suggested Wizard.. do you have any more insight for me? Or even better, can you tell me how to do this?
0
 
LVL 31

Assisted Solution

by:Henrik Johansson
Henrik Johansson earned 250 total points
ID: 22934744
Create a virtual server in apache and use a rule like below to proxy incoming traffic to IIS.

Also see apache's manuals for mod_rewrite
http://httpd.apache.org/docs/1.3/misc/rewriteguide.html
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html


ServerName dev.domain.com
ServerPort 80
 
<VirtualServer internal-IP-address-mapped-in-firewall>
  ServerName home.domain.com
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^home\.domain\.com
  RewriteRule ^/(.*) http://home.domain.com:8080/$1 [P,L]
</VirtualServer

Open in new window

0
 
LVL 8

Assisted Solution

by:yfastud
yfastud earned 125 total points
ID: 24443445
quote "I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work.. "

your dev.domain.com runs on port 8080 so you should port froward to 8080 instead; btw, you might want try 8181 since most routers use 8080 for remote access

then setup vh as sample here

Listen 8181
 
NameVirtualHost *:8181
 
<VirtualHost *:8181>
ServerName dev.domain.com
DocumentRoot path/to/dev.domain.com/folder
</VirtualHost>

Open in new window

0

Featured Post

DevOps Toolchain Recommendations

Read this Gartner Research Note and discover how your IT organization can automate and optimize DevOps processes using a toolchain architecture.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Periodically we have to update or add SSL certificates for customers. Depending upon your hosting plan you may be responsible for the installation and/or key generation. In the wake of Heartbleed many sites were forced to re-key. We will concen…
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
Microsoft Active Directory, the widely used IT infrastructure, is known for its high risk of credential theft. The best way to test your Active Directory’s vulnerabilities to pass-the-ticket, pass-the-hash, privilege escalation, and malware attacks …
Established in 1997, Technology Architects has become one of the most reputable technology solutions companies in the country. TA have been providing businesses with cost effective state-of-the-art solutions and unparalleled service that is designed…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question