• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 661
  • Last Modified:

IIS 7 Binding Issue

I have a small network (DC=SBS 2008, Web server=W2K w/IIS & SQL Server 2000) that I'd like to add a 2nd Windows 2008 Server w/IIS 7 to.  The initial IIS install (ServerA.domain.com) has an app that we''ll need to run for another 6-8 months, along with our company's public website.  The app is accessed by offsite employees through IIS.

The new 2008 server (ServerB.domain.com) has an app for employees-only access, with 99% of them offsite.

To run both web servers concurrently, I had planned to add a non-standard port for serverB.

I have a Sonicwall TZ170 firewall that I have set for all http, port 80 traffic to go to serverA.domain.com's IP address.  I created a rule on the Sonicwall for http, port 8081 traffic to go to serverB.domain.com.

I set the binding on server B's default site to port 8081 and restarted IIS 7.

Here's where it comes unglued: The second I change the binding on serverB from 80 to anything else, I cannot access serverB's site (www.domain.com:8081 or, internally, serverB.domain.com:8081).

I am looking for help on fixing this problem and I'm open to alternative ideas on accomplishing the same task.
  • 3
  • 2
1 Solution
Internally does serverb have to be on 8081?  You can still have external traffic aimed at 8081 externally, but keep the internal port on 80.

Just add a rule to port forward all 8081 to serverb on 80.

If you do need to change it, what happens when you change it?  What error do you get.  Check your event logs for entries relating to the change.  It may be that 8081 is already in use somewhere on the system and that's what breaks it.

What happens if you set the port to 2080 (or any random number) do you get the same problem still.?
Andres PeralesCommented:
The better solution would be to use separate IP addresses, and keep everything on standard ports.  Do you have external public IP addresses available for use?
If so then, you would just assing servera.domain.com to listen one IP address and serverb.domain.com to listen on the other IP address.
Then on the sonic you would create a rule for the new external IP address traffic to go to the new server.
Or you could use Hostheaders for everything, and let DNS manage all of it.
mbuttsAuthor Commented:
No, just picked that one since I use 8080 for accessing the firewall.  Running netstat -an shows that 8081 is not in use (when I've got the site bound to 80).  8081 shows up as listening when I change it to 8081.

For adding a rule to port forward, where are you referring to (firewall or IIS)?

Which logs are you referring to?

I tried a half dozen semi-random port numbers and get the same result: Internet Explorer cannot display the web page.
Get your problem seen by more experts

Be seen. Boost your question’s priority for more expert views and faster solutions

mbuttsAuthor Commented:

The sonicwall has a single WAN port.  I don't believe I can associate a 2nd public IP for ServerB.
Andres PeralesCommented:
If your ISP has issued you multiple IP addresses, and has given you the correct subnet mask you can assign those IP addresses to the Firewall and use them to assign services to your devices...
mbuttsAuthor Commented:
Could you give me a bit more info on this?  I do have more static IPs & SNM from the ISP, but I don't understand how this would work.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

  • 3
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now