How can I open public access to internal websites
I have 3 internal websites on 3 different machines. They are working fine as long as they are accessed internally. I want to open access to them from outside (public internet) for my boss. To do so, I have opened port 80 on the firewall and redirect my firewall's IP address to the internal IP address of the first web server.
This configuration is working fine, and my boss can get access to the first internal websites. Now I want to open access to the second web server, but I can not redirect the same IP/Port number to the second web server machine. What I did, I created a virtual directory on the IIS of the first web server and redirected it to the second web server. But the problem is when my boss uses, say, http://PUBLIC_IP/VIRTUAL_DIRECTORY, he receives a "Page not found" error, becasue IIS is returning an internal web address.
How can I open access to the second and third websites, without assigning different public IP addresses to them. I want my boss use same IP address with different "slash" names to get access to each web site.
This configuration is working fine, and my boss can get access to the first internal websites. Now I want to open access to the second web server, but I can not redirect the same IP/Port number to the second web server machine. What I did, I created a virtual directory on the IIS of the first web server and redirected it to the second web server. But the problem is when my boss uses, say, http://PUBLIC_IP/VIRTUAL_DIRECTORY, he receives a "Page not found" error, becasue IIS is returning an internal web address.
How can I open access to the second and third websites, without assigning different public IP addresses to them. I want my boss use same IP address with different "slash" names to get access to each web site.
ASKER
Hi Tolomir. Thank you for your comment.
I have a ISA 2006 machine in my LAN acting as a WebProxy-only; i.e. it has only one NIC connected to the LAN. Can I configure ISA so that it plays a reverse-proxy role as well? If yes, how? This way, I reconfigure firewall so that it forwards HTTP request on a special port to the internal IP address of ISA. and configure ISA so that it forwards HTTP requests on that special port to the web server's IP address on port 80. does this scenario make sense?
I have a ISA 2006 machine in my LAN acting as a WebProxy-only; i.e. it has only one NIC connected to the LAN. Can I configure ISA so that it plays a reverse-proxy role as well? If yes, how? This way, I reconfigure firewall so that it forwards HTTP request on a special port to the internal IP address of ISA. and configure ISA so that it forwards HTTP requests on that special port to the web server's IP address on port 80. does this scenario make sense?
Take a look at:
Step 2.1. Configure a Reverse Proxy
http://technet.microsoft.com/en-us/library/bb663639.aspx
This should explain it.
Step 2.1. Configure a Reverse Proxy
http://technet.microsoft.com/en-us/library/bb663639.aspx
This should explain it.
ASKER
That article shows that I can use a single NIC ISA server as a reverse-proxy. That's good. Now the question is how I can set it up to resolve my problem. Can I configure it so that it forwards both IP and port to some thing different?
For example, if client enters x.x.x.x:pppp in the browser, can I configure ISA so that it forwards the request to y.y.y.y:nnnn (note that both IP and port have been changed)?
For example, if client enters x.x.x.x:pppp in the browser, can I configure ISA so that it forwards the request to y.y.y.y:nnnn (note that both IP and port have been changed)?
no you should use a name like
mywebserver.com/website1
mywebserver.com/website2
mywebserver.com/website3
the reverse proxy redirects this request to
internal-server-a/website1
internal-server-b/website2
internal-server-c/website3
I did never setup such an isa proxy, I could just help you with apache, sorry.
Tolomir
mywebserver.com/website1
mywebserver.com/website2
mywebserver.com/website3
the reverse proxy redirects this request to
internal-server-a/website1
internal-server-b/website2
internal-server-c/website3
I did never setup such an isa proxy, I could just help you with apache, sorry.
Tolomir
ASKER
I think reverse proxy is not a solution. What I want is a way to forward both IP/port to a different IP/port.
Well you cannot redirect 1 ip + 1 port to 2 different ips or ports.
you could redirect 1 ip with 3 different ports to 3 webservers with port 80
Otherwise you have to stick with reverse proxy. (A reverse proxy translates internal names to external resources and vice versa)
you could redirect 1 ip with 3 different ports to 3 webservers with port 80
Otherwise you have to stick with reverse proxy. (A reverse proxy translates internal names to external resources and vice versa)
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Checkout: http://www.visolve.com/squid/whitepapers/reverseproxy.php for details.
This is the current version of squid for windows: http://squid.acmeconsulting.it/
Tolomir