re: Hosting website with IIS 6

Hi - I am trying to host a website for my small business and am having extreme difficulty. Any instructions would be appreciated.

Here is our current system topology:

We have a Comcast business class web account that provides us with 5 static IP addresses.

Our office network is controlled by a Windows 2003 Small Business Server. It acts as our DNS and DHCP server. It is assigned one of the 5 static IP addresses from Comcast. A cable from the modem/router is connected to the first LAN port. A 24 port switch is connected to the 2nd LAN port. This switch connects all the devices in the office, and the server manages them.

Connected to this server via the switch is multiple computers, printers, etc. and an additional server. This server is running Windows Server 2003 Standard, and its primary function is to be our web server. I would like to put our web files on this server and use this sever as our web server. This sever is assigned a local IP address from the SBS server.

We have a domain name purchased and secured from GoDaddy.

Now the fun part: What do I have to do, step by step, to have http://www.ourcompanysite.com (for example) access the web server and launch the site?

If any more information is needed I will be happy to oblige.

Thank you greatly.
alc0905Asked:
Who is Participating?
 
brwwigginsConnect With a Mentor IT ManagerCommented:
You missed one important part of Tray896's comment

"That would be done on the networking side, not the web server side."

You need to configure your firewall to forward requests on port 80 for your external IP address over to the internal IP address of your web server.

Also, creating a www record on your DNS server is only for your network. You need to get with your registrar or whomever holds the records for your external DNS and create the www entry there so that everyone can resolve it.
0
 
shrinivasmwCommented:
First you will need WebServer.

It depends on what kind of code you are deploying. If you have asp.net/asp/html code you can have IIS installed on your machine. On IIS you need to create virtual directory, map your (compiled)code files to this virtual directory NOTE: virtual directory name should be the name of domain you want. And thats it, you are done.

For Java code deployment, chcek for APACHE TOMCAT webserver, where you can host application.
0
 
alc0905Author Commented:
Right. I have IIS installed on the server in question. Creating the website in IIS (using host headers for example) is not problematic for me. Right now I'm just trying to display a simple HTML page.

What's the problem for me is that I cannot get the website I created viewable on the internet.

The website is being hosted on a server that is a member of a domain (the server is not the domain controller).

I have a feeling I have not properly configured some DNS settings or something somewhere.

0
Protect Your Employees from Wi-Fi Threats

As Wi-Fi growth and popularity continues to climb, not everyone understands the risks that come with connecting to public Wi-Fi or even offering Wi-Fi to employees, visitors and guests. Download the resource kit to make sure your safe wherever business takes you!

 
Tray896Commented:
If you already have the web server and everything, then all you should need to do is get external DNS for www.ourcompanysite.com registered to your external IP address.  You'll then need to configure the routing so that the external IP address is tied back to the internal IP of your server that the website is running on.  That would be done on the networking side, not the web server side.
0
 
alc0905Author Commented:
"You'll then need to configure the routing so that the external IP address is tied back to the internal IP of your server that the website is running on."

Exactly. That is what I need help on. I have been trying using various online guides to figure it out but the solution is proving elusive.

In my DNS settings, I can set the www record to point to the external IP address being used by my SBS server (domain controller). I do not know how to then point it to the internal IP address of the web server (say 192.168.16.13)
0
 
alc0905Author Commented:
Right. I've made progress on that end.

I wanted to just get the server connected to the internet directly, so I plugged it into our modem directly and gave it an assigned external IP.

In our GoDaddy account settings, we set the name servers to be the ones provided by our ISP, Comcast.

In our Comcast DNS settings, I have various records used for our mail server, with the addition of:

a www record pointing to the external IP address of the server.

an A record pointing to the said external IP address of the server (not sure if this is needed)

Typing in the site's url in the browser here at work, the test page opens up beautifully.

Outside of the office, a connection timed out error occurs.

Calling comcast, they informed me my DNS records look correct and port 80 is open to allow communication, and said to wait 72 hours for DNS record updates to go through.

This is just a workaround though - I'd rather have the web server connected as a member of the domain and not directly connected to the internet.
0
 
Tray896Commented:
I use Kloth to determine whether or not my sites have been setup in external DNS: http://www.kloth.net/services/nslookup.php

Also, if its simply a DNS issue from the outside then you could verify this by trying to telnet to the IP address of your website over port 80 from a machine outside the network.  To do this, simply open a command prompt and type the following (replace with your IP):

telnet 192.1.1.1 80

If you get a blank screen, then that port is open to the outside world.  If it times out, it isn't.
0
 
alc0905Author Commented:
I will try this when I get home tonight. Thanks for all the help thus far to you all.
0
 
alc0905Author Commented:
Result of test:

Connecting To 75.xxx.xxx.xxx...Could not open connection to the host, on port 80
: Connect failed

The server is plugged directly into the modem - and the modem is supposedly allowing all incoming connections.

Any Ideas? (It's an SMC modem device with 4 Ethernet ports - Comcast Business)
0
 
Mike LazarusAct! Evangelist - CRM ConsultantCommented:
Is the modem forwarding port 80 to the server?
Have a look for your SMC model here: http://portforward.com/

While this was written for IIS5 on Windows 2000, you miht still find much of it useful:
http://blog.glcomputing.com.au/2009/01/iis-installation-and-lockdown-with.html
0
 
alc0905Author Commented:
I have determined what was causing the issue.

I disabled the web server's connection to our local network (the local address).

Instead, I directly connected the server to the modem in the 2nd lan port, and manually assigned it the external IP address and the comcast settings (dns, gateway, etc).

By doing so, I was able to view the test page over the internet.

Now my question is, how do I properly set up everything so that the web server is not directly connected to the modem, but instead is a part of my domain (thus connected to our switch) and uses just the local IP address.
0
 
RovastarCommented:
To be honest you are in the wrong zone here.

This is not an IIS issue it is a network routing and configuration one.

This will depend on the make and model of your route and how your internal network is configured.
0
 
brwwigginsIT ManagerCommented:
for security reasons, you really should have some sort of firewall between your comcast modem and the webserver and/or your internal network.

This will allow you greater control of where the inbound traffic goes. I don't know if the comcast modem has any port forwarding and NAT features that would allow you to redirect inbound port 80 traffic to a specific internal IP address
0
 
alc0905Author Commented:
@ Rovastar: You are absolutely correct. At first I believed it was an IIS issue, as I am new to the area, but a week of troubleshooting proved otherwise. At least i got the IIS config part right.

@brwwiggins: We are looking into getting protection so we are aware of those issues =)
0
 
Ted BouskillSenior Software DeveloperCommented:
I've helped over a dozen companies setup SBS Server in almost this identical situation and always make the same recommendation.

There is substantial risk hosting your public website on your local server.  If that website is penetrated you put your business at risk and it's a high risk.  It will cost you time (which is money) to do all this work to secure your server and it will be an ongoing cost for maintenance.

Hosting a web site on GoDaddy's servers is VERY inexpensive.  Even for one with extra options it's far cheaper than your time and they will securely keep your website safe.

My recommendation is use your SBS server for your intranet site and use GoDaddy for your public site.
0
 
alc0905Author Commented:
@tedbilly: unfortunately I don't have much pull in that area. My superiors are pretty adamant (sp) on hosting it in house.

However, our SBS server is not hosting our public website. We have an SBS server that acts as our domain controller. We have another server, a member server, that will host the site. That member server will be public, not the SBS server.
0
 
Ted BouskillSenior Software DeveloperCommented:
OK.  There are a LOT of comments here.  Can you summarize the situation as it is and I'll try to help.  Cheers
0
 
alc0905Author Commented:
Summary:

We have a Windows 2003 SBS server (call it server A) acting as our domain controller. This server accepts communication from the internet, and has been assigned an external IP address (first lan port). As it is our domain controller, it also manages our local network, assigning local addresses via DHCP to our client devices via a switch (2nd lan port).

We recently purchased another server running windows server 2003 standard (call it server B), and we want to host our company website on this server. Right now, the server is connected to our domain and is only assigned a local IP address from our domain controller (so it is a member server).

I attached a diagram that explains our set up better. If I were to host our site on server B, what steps must I take?
diagram.png
0
 
Mike LazarusAct! Evangelist - CRM ConsultantCommented:
You should have the DC behind the switch and the web server in front.
0
 
Ted BouskillConnect With a Mentor Senior Software DeveloperCommented:
GLComputing, not necessarily.  If the asker simply routes web traffic through the SBS server to the web server there is no risk to the SBS server.  SBS server includes a copy of ISA which is a good quality firewall application so the architecture is valid.

als0905:  There are three portions of this system that have to be configured correctly to make this work.  All of which should really be a minimum of three questions.

Question #1) How do I configure a registered domain name at GoDaddy to reach a static IP I have setup to receive web traffic on my own server

Question #2) How do I setup ISA server on a SBS to redirect traffic to an internal web server that will be accessed from the internet

Question #3) How do I securely lock down a web server and application that will be providing an internet application.

0
 
alc0905Author Commented:
@tedbilly: thanks for your response!

I am 100% confident that I have taken care of everything related to question one. If I connect the web server directly to our modem, our web page can be properly be displayed over the internet. Configuring GoDaddy's settings to match our ISP settings was easy.

Question 2, regarding directing traffic from the SBS server to the web server is where I am stuck. If you or anyone can provide some reference/setup material or instructions, it would be greatly appreciated!
0
 
Ted BouskillSenior Software DeveloperCommented:
Have you installed ISA Services on the SBS server?

To be fair to the experts I'd suggest you close this question and award points to any experts that have been helpful, then ask a new question in the ISA Zone (http://www.experts-exchange.com/Microsoft/Windows_Security/)

Your best chance of getting an answer you need is to provide the topology diagram and state that you simply need to configure ISA to route requests from the external static IP to your internal web server.
0
 
alc0905Author Commented:
Will do.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.