Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 486
  • Last Modified:

Using port 80 for 2 web servers.. How do i forward to each?

Hello,

I currently have the following setup:

IIS running on 192.168.100.2 port 80
Apache running on 192.168.100.2 port 8080

I have 2 sub domains which are used for me two web servers..

home.domain.com -> IIS
dev.domain.com:8080 -> Apache

I know how to put Apache on port 80.. I just need to give it a new IP address.. Say 192.168.100.3..

Problem is, how do i get dev.domain.com to reach that IP??

Thanks


0
fugazer
Asked:
fugazer
  • 7
  • 5
  • 3
  • +1
4 Solutions
 
Henrik JohanssonSystems engineerCommented:
Start DNS-manager (dnsmgmt.msc), expand 'Forward lookup zones'->domain.com
Double-click on dev and change it to the correct IP-address.
0
 
smilerzCommented:
Each IP address needs to be registered with the correct name in DNS - are you using Microsoft DNS or some third party?
0
 
fugazerAuthor Commented:
yes i'm using DNS..

Before i make the change, i'm wondering if incoming traffic from dev.domain.com will route to the proper server??

So... home.domain.com will stay the same ->IIS Sharepoint
and dev.domain.com will now forward to -> Apache

Essentially the same appearance as i currently have expect now eliminating port 8080.

0
Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

 
Henrik JohanssonSystems engineerCommented:
home.domain.com and dev.domain.com is two different DNS-records.
Updating dev will not affect home if not home is a CNAME pointing to dev.
If they're both A-records (host), just update dev to point on the correct IP.
If any of them is CNAME-record (alias) to the other's A-record, you nead to delete the CNAME-record and re-create it as A-record.
0
 
fugazerAuthor Commented:
well.. i made the switch

And what i was worried about happened..

i switched dev.domain.com over to 192.168.100.3 (A Record)

Internally on our network everything is fine..

But i had my friend access dev.domain.com and it brought him to our IIS server with sharepoint.

Internally it works, externally no go..

I have a router that sits before W2k3 server and Port 80 forwards off to IP 192.168.100.2

I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work..

With port 80, and external traffic coming in on port 80, its either Sharepoint (192.168.100.2) or Apache (192.168.100.3)..

I'm i dead in the water?

The linksys wrt54g router has been upgraded with -> Firmware Version: v4.71.1, Hyperwrt 2.1b1 + Thibor15c

Is there some advanced setting i can do on the router to direct the traffic to the correct target?

Or is there some special W2k3 setting i can do?

0
 
smilerzCommented:
You need two different firewall rules on the external network with two separate publically accessible IPs/domains.

ie you need a public DNS for 200.0.0.1 that is NATd to 192.168.100.2 and one for 200.0.0.2 that is NAT'd to 192.168.100.3.

0
 
fugazerAuthor Commented:
I uninstalled our NAT to get our 2 networks talking..

http://www.experts-exchange.com/OS/Microsoft_Operating_Systems/Server/2003_Server/Q_23653796.html


Frustrating...

Is the root of all my trouble's the router that sits before my W2k3??

Should the internet be plugged in directly to the windows server?




0
 
smilerzCommented:
No, you should never place a computer directly on the internet.

Are you trying to bridge two networks together or are you just trying to get these two websites up on the internet?
0
 
fugazerAuthor Commented:
So it is correct that i have the router before the windows server? I used this as my firewall, and access point for wireless notebooks..

NIC1 and NIC2 are bridged..

My goal is to eliminate the need for port 8080, and just have the 2 websites up and running..

dev.domain.com
home.domain.com

currently it is set up like this:
dev.domain:com:8080
home.domain.com


0
 
Henrik JohanssonSystems engineerCommented:
Yes, the server should be protected between the firewall box.

If only having one external public IP, you nead to use different ports in the firewall rule to make the visitors reach the different internal servers.
If not wanting to use different ports on the different addresses, you nead to configure a proxy solution to let all traffic to port 8080 pass through the server running at port 80. This can be done with apache's mod_proxy by letting apache listen on port 80 for both hostnames and configure a rule that checks the hostname and proxy-pass requests for IIS' servername:80 to servername:8080
0
 
fugazerAuthor Commented:
will that allow user's outside our network to access the apache webserver without having to write 8080 in the url?? ie.. http://dev.domain.com 
0
 
Henrik JohanssonSystems engineerCommented:
Yes, the user will only know about the port 80 address when using a proxy solution and all traffic to port 8080 is done through the proxy server listening on port 80.
0
 
fugazerAuthor Commented:
Okay.. i think i understand.

I've never set up a proxy before, and im a little confused on how to achieve the setup you suggested.
0
 
fugazerAuthor Commented:
i'm having trouble setting up the proxy configuration as you suggested Wizard.. do you have any more insight for me? Or even better, can you tell me how to do this?
0
 
Henrik JohanssonSystems engineerCommented:
Create a virtual server in apache and use a rule like below to proxy incoming traffic to IIS.

Also see apache's manuals for mod_rewrite
http://httpd.apache.org/docs/1.3/misc/rewriteguide.html
http://httpd.apache.org/docs/1.3/mod/mod_rewrite.html


ServerName dev.domain.com
ServerPort 80
 
<VirtualServer internal-IP-address-mapped-in-firewall>
  ServerName home.domain.com
  RewriteEngine on
  RewriteCond %{HTTP_HOST} ^home\.domain\.com
  RewriteRule ^/(.*) http://home.domain.com:8080/$1 [P,L]
</VirtualServer

Open in new window

0
 
yfastudCommented:
quote "I also added another forward from port 80 to 192.168.100.3, but obviously that didn't work.. "

your dev.domain.com runs on port 8080 so you should port froward to 8080 instead; btw, you might want try 8181 since most routers use 8080 for remote access

then setup vh as sample here

Listen 8181
 
NameVirtualHost *:8181
 
<VirtualHost *:8181>
ServerName dev.domain.com
DocumentRoot path/to/dev.domain.com/folder
</VirtualHost>

Open in new window

0

Featured Post

Free recovery tool for Microsoft Active Directory

Veeam Explorer for Microsoft Active Directory provides fast and reliable object-level recovery for Active Directory from a single-pass, agentless backup or storage snapshot — without the need to restore an entire virtual machine or use third-party tools.

  • 7
  • 5
  • 3
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now