• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 625
  • Last Modified:

Publish an internal hostheader website ISA2004/SBS2003

Want to publish an intranet site 'OurPolicy' (not accessed via CompanyWeb).  It is hosted on the SBS server, IIS, port 80, using hostheader to direct to the correct website.

internally, the site is accessed by http://ourpolicy/   where host headers are used in IIS to separate from Default Web site. like companyweb.

How do we create a new WebPublishing rule to allow secure access ?

Any How-to pages ?  Tried the MS & ISAServer.org sites.

Tried copying the RWW policy but got lost with host headers and link translations.
0
Robberbaron (robr)
Asked:
Robberbaron (robr)
  • 3
  • 2
1 Solution
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
You want secure access, as in HTTPS, for internal access only? Or, are you looking to publish to the Web?

Philip
0
 
Robberbaron (robr)Author Commented:
apologies.

we want to publish the current internal website so that it can be accessed by staff when they are external to the office.

further reading & review suggests that giving the 'ourpolicy' website an independent SSL port may work. Much like RWW is SSL43 and CompanyWeb is 444.   It currently only has Port 80, using hostheaders to differentiate destinations.


Im surmising that the website is then easiest access by a link from RWW specifiing the SSL port.

Is it possible to set ISA publishing rule to accept connections for myserver.com/ourpolicy as SSL443 and redirect to SSL8089 (8089 is an unassigned port)

any comments ?

0
 
Philip ElderTechnical Architect - HA/Compute/StorageCommented:
You will need to bind the external URL Host Header in IIS for the site:
 www.mypublicsite.com 192.168.22.254

From there, you would create a Web publishing rule that points to your IIS box that directs www.mypublicsite.com via host header.

To do SSL, you will need to bind a second IP address to your external NIC, have the internet DNS A of www.mypublicsite.com pointing to that second IP and configure the above HTTPS listener to listen on that IP address only.

You will need to purchase a third party trusted certificate and import it into the Personal store on SBS. From there you will be able to bind that certificate to the HTTPS listener on port 443 as it should be.

You can mess around with ports, but that can cause more trouble than it's worth.

The above is a big picture on the proper methodology. If you know ISA, then it will be enough to get you going in the right direction and have your site published.

Philip
0
 
Robberbaron (robr)Author Commented:
sorry. been out of action for a couple of weeks.

I was trying to mimic the way RWW accessed CompanyWeb.   One external IP, redirecting to an internal port.  We only have one IP available and it's not worth purchasing a certificate.

I've copied what I thought were all the settings from CompanyWeb and openned up the port 8443 through ISA using tool from isatools.org

But cant seem to get it to load up.
0
 
Robberbaron (robr)Author Commented:
not what I was looking for so havent tested. Maybe only option
0

Featured Post

Concerto Cloud for Software Providers & ISVs

Can Concerto Cloud Services help you focus on evolving your application offerings, while delivering the best cloud experience to your customers? From DevOps to revenue models and customer support, the answer is yes!

Learn how Concerto can help you.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now