[Last Call] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

re: Hosting website with IIS 6

Posted on 2009-12-28
25
Medium Priority
?
685 Views
Last Modified: 2013-12-14
Hi - I am trying to host a website for my small business and am having extreme difficulty. Any instructions would be appreciated.

Here is our current system topology:

We have a Comcast business class web account that provides us with 5 static IP addresses.

Our office network is controlled by a Windows 2003 Small Business Server. It acts as our DNS and DHCP server. It is assigned one of the 5 static IP addresses from Comcast. A cable from the modem/router is connected to the first LAN port. A 24 port switch is connected to the 2nd LAN port. This switch connects all the devices in the office, and the server manages them.

Connected to this server via the switch is multiple computers, printers, etc. and an additional server. This server is running Windows Server 2003 Standard, and its primary function is to be our web server. I would like to put our web files on this server and use this sever as our web server. This sever is assigned a local IP address from the SBS server.

We have a domain name purchased and secured from GoDaddy.

Now the fun part: What do I have to do, step by step, to have http://www.ourcompanysite.com (for example) access the web server and launch the site?

If any more information is needed I will be happy to oblige.

Thank you greatly.
0
Comment
Question by:alc0905
  • 11
  • 4
  • 2
  • +4
23 Comments
 
LVL 2

Expert Comment

by:shrinivasmw
ID: 26131929
First you will need WebServer.

It depends on what kind of code you are deploying. If you have asp.net/asp/html code you can have IIS installed on your machine. On IIS you need to create virtual directory, map your (compiled)code files to this virtual directory NOTE: virtual directory name should be the name of domain you want. And thats it, you are done.

For Java code deployment, chcek for APACHE TOMCAT webserver, where you can host application.
0
 

Author Comment

by:alc0905
ID: 26131995
Right. I have IIS installed on the server in question. Creating the website in IIS (using host headers for example) is not problematic for me. Right now I'm just trying to display a simple HTML page.

What's the problem for me is that I cannot get the website I created viewable on the internet.

The website is being hosted on a server that is a member of a domain (the server is not the domain controller).

I have a feeling I have not properly configured some DNS settings or something somewhere.

0
 
LVL 15

Expert Comment

by:Tray896
ID: 26132230
If you already have the web server and everything, then all you should need to do is get external DNS for www.ourcompanysite.com registered to your external IP address.  You'll then need to configure the routing so that the external IP address is tied back to the internal IP of your server that the website is running on.  That would be done on the networking side, not the web server side.
0
NFR key for Veeam Agent for Linux

Veeam is happy to provide a free NFR license for one year.  It allows for the non‑production use and valid for five workstations and two servers. Veeam Agent for Linux is a simple backup tool for your Linux installations, both on‑premises and in the public cloud.

 

Author Comment

by:alc0905
ID: 26132396
"You'll then need to configure the routing so that the external IP address is tied back to the internal IP of your server that the website is running on."

Exactly. That is what I need help on. I have been trying using various online guides to figure it out but the solution is proving elusive.

In my DNS settings, I can set the www record to point to the external IP address being used by my SBS server (domain controller). I do not know how to then point it to the internal IP address of the web server (say 192.168.16.13)
0
 
LVL 20

Accepted Solution

by:
brwwiggins earned 1000 total points
ID: 26132918
You missed one important part of Tray896's comment

"That would be done on the networking side, not the web server side."

You need to configure your firewall to forward requests on port 80 for your external IP address over to the internal IP address of your web server.

Also, creating a www record on your DNS server is only for your network. You need to get with your registrar or whomever holds the records for your external DNS and create the www entry there so that everyone can resolve it.
0
 

Author Comment

by:alc0905
ID: 26133216
Right. I've made progress on that end.

I wanted to just get the server connected to the internet directly, so I plugged it into our modem directly and gave it an assigned external IP.

In our GoDaddy account settings, we set the name servers to be the ones provided by our ISP, Comcast.

In our Comcast DNS settings, I have various records used for our mail server, with the addition of:

a www record pointing to the external IP address of the server.

an A record pointing to the said external IP address of the server (not sure if this is needed)

Typing in the site's url in the browser here at work, the test page opens up beautifully.

Outside of the office, a connection timed out error occurs.

Calling comcast, they informed me my DNS records look correct and port 80 is open to allow communication, and said to wait 72 hours for DNS record updates to go through.

This is just a workaround though - I'd rather have the web server connected as a member of the domain and not directly connected to the internet.
0
 
LVL 15

Expert Comment

by:Tray896
ID: 26133264
I use Kloth to determine whether or not my sites have been setup in external DNS: http://www.kloth.net/services/nslookup.php

Also, if its simply a DNS issue from the outside then you could verify this by trying to telnet to the IP address of your website over port 80 from a machine outside the network.  To do this, simply open a command prompt and type the following (replace with your IP):

telnet 192.1.1.1 80

If you get a blank screen, then that port is open to the outside world.  If it times out, it isn't.
0
 

Author Comment

by:alc0905
ID: 26133302
I will try this when I get home tonight. Thanks for all the help thus far to you all.
0
 

Author Comment

by:alc0905
ID: 26134593
Result of test:

Connecting To 75.xxx.xxx.xxx...Could not open connection to the host, on port 80
: Connect failed

The server is plugged directly into the modem - and the modem is supposedly allowing all incoming connections.

Any Ideas? (It's an SMC modem device with 4 Ethernet ports - Comcast Business)
0
 
LVL 30

Expert Comment

by:Mike Lazarus
ID: 26144106
Is the modem forwarding port 80 to the server?
Have a look for your SMC model here: http://portforward.com/

While this was written for IIS5 on Windows 2000, you miht still find much of it useful:
http://blog.glcomputing.com.au/2009/01/iis-installation-and-lockdown-with.html
0
 

Author Comment

by:alc0905
ID: 26146012
I have determined what was causing the issue.

I disabled the web server's connection to our local network (the local address).

Instead, I directly connected the server to the modem in the 2nd lan port, and manually assigned it the external IP address and the comcast settings (dns, gateway, etc).

By doing so, I was able to view the test page over the internet.

Now my question is, how do I properly set up everything so that the web server is not directly connected to the modem, but instead is a part of my domain (thus connected to our switch) and uses just the local IP address.
0
 
LVL 17

Expert Comment

by:Rovastar
ID: 26146343
To be honest you are in the wrong zone here.

This is not an IIS issue it is a network routing and configuration one.

This will depend on the make and model of your route and how your internal network is configured.
0
 
LVL 20

Expert Comment

by:brwwiggins
ID: 26146551
for security reasons, you really should have some sort of firewall between your comcast modem and the webserver and/or your internal network.

This will allow you greater control of where the inbound traffic goes. I don't know if the comcast modem has any port forwarding and NAT features that would allow you to redirect inbound port 80 traffic to a specific internal IP address
0
 

Author Comment

by:alc0905
ID: 26146601
@ Rovastar: You are absolutely correct. At first I believed it was an IIS issue, as I am new to the area, but a week of troubleshooting proved otherwise. At least i got the IIS config part right.

@brwwiggins: We are looking into getting protection so we are aware of those issues =)
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 26154960
I've helped over a dozen companies setup SBS Server in almost this identical situation and always make the same recommendation.

There is substantial risk hosting your public website on your local server.  If that website is penetrated you put your business at risk and it's a high risk.  It will cost you time (which is money) to do all this work to secure your server and it will be an ongoing cost for maintenance.

Hosting a web site on GoDaddy's servers is VERY inexpensive.  Even for one with extra options it's far cheaper than your time and they will securely keep your website safe.

My recommendation is use your SBS server for your intranet site and use GoDaddy for your public site.
0
 

Author Comment

by:alc0905
ID: 26155513
@tedbilly: unfortunately I don't have much pull in that area. My superiors are pretty adamant (sp) on hosting it in house.

However, our SBS server is not hosting our public website. We have an SBS server that acts as our domain controller. We have another server, a member server, that will host the site. That member server will be public, not the SBS server.
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 26156510
OK.  There are a LOT of comments here.  Can you summarize the situation as it is and I'll try to help.  Cheers
0
 

Author Comment

by:alc0905
ID: 26158564
Summary:

We have a Windows 2003 SBS server (call it server A) acting as our domain controller. This server accepts communication from the internet, and has been assigned an external IP address (first lan port). As it is our domain controller, it also manages our local network, assigning local addresses via DHCP to our client devices via a switch (2nd lan port).

We recently purchased another server running windows server 2003 standard (call it server B), and we want to host our company website on this server. Right now, the server is connected to our domain and is only assigned a local IP address from our domain controller (so it is a member server).

I attached a diagram that explains our set up better. If I were to host our site on server B, what steps must I take?
diagram.png
0
 
LVL 30

Expert Comment

by:Mike Lazarus
ID: 26158661
You should have the DC behind the switch and the web server in front.
0
 
LVL 51

Assisted Solution

by:Ted Bouskill
Ted Bouskill earned 1000 total points
ID: 26158709
GLComputing, not necessarily.  If the asker simply routes web traffic through the SBS server to the web server there is no risk to the SBS server.  SBS server includes a copy of ISA which is a good quality firewall application so the architecture is valid.

als0905:  There are three portions of this system that have to be configured correctly to make this work.  All of which should really be a minimum of three questions.

Question #1) How do I configure a registered domain name at GoDaddy to reach a static IP I have setup to receive web traffic on my own server

Question #2) How do I setup ISA server on a SBS to redirect traffic to an internal web server that will be accessed from the internet

Question #3) How do I securely lock down a web server and application that will be providing an internet application.

0
 

Author Comment

by:alc0905
ID: 26159044
@tedbilly: thanks for your response!

I am 100% confident that I have taken care of everything related to question one. If I connect the web server directly to our modem, our web page can be properly be displayed over the internet. Configuring GoDaddy's settings to match our ISP settings was easy.

Question 2, regarding directing traffic from the SBS server to the web server is where I am stuck. If you or anyone can provide some reference/setup material or instructions, it would be greatly appreciated!
0
 
LVL 51

Expert Comment

by:Ted Bouskill
ID: 26159669
Have you installed ISA Services on the SBS server?

To be fair to the experts I'd suggest you close this question and award points to any experts that have been helpful, then ask a new question in the ISA Zone (http://www.experts-exchange.com/Microsoft/Windows_Security/)

Your best chance of getting an answer you need is to provide the topology diagram and state that you simply need to configure ISA to route requests from the external static IP to your internal web server.
0
 

Author Comment

by:alc0905
ID: 26160655
Will do.
0

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This month, Experts Exchange’s free Course of the Month is focused on CompTIA IT Fundamentals.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

830 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question