Multiple IIS 7.0 Sites using Windows 2008 Network Load Balancing

I am trying to setup muliple sites in an IIS 7.0 environment that is using the Windows 2008 NLB. Here is the setup:
Server1 dedicated IP address: 172.16.1.71
Server2 dedicated IP address: 172.16.1.72
NLB shared address 1: 172.16.1.70
Port rules defined for ports 80 and 443 to cluster IP address 172.16.1.70
Secondary IP address added on server1 and server2 for the .70 address

Alone, this all works just fine. I can access the same site (http://172.16.1.70) even while restarting one of the systems (tested with both servers.)

Now, I want to add a new site in IIS 7.0 for a new load balanced IP address, 172.16.1.69.

Inside the Cluster Properties tab for the cluster (defined as 172.16.1.70 with two hosts) in the NLBMGR, I have added another IP address for 172.16.1.69. I added port rules that mirror those of the .70 address (so now there are four rules listed; all both Tcp and UDP, Mode Multiple, no priority, no load, and Single Affinity; one each for .69 port 80, .69 port 443, .70 port 80, and .70 port 443.)

I have verified that pinging either the .70 or .69 address does return a response even when either of the systems is restarted.

Problem is how to connect this new .69 address to a website in IIS 7.0. Right now, the default IIS splash screen is shown when I attach to http://172.16.1.70. No page is displayed for .69. I took a look in IIS 7.0 for the default site and it pretty much says All Unassigned over port 80 to the default site. Looking at the bindings on server1, the only IP address listed in the drop down is the dedicated IP address, 172.16.1.71.

This is different from my IIS 6.0 systems that are not load balanced. On those systems, if I have multiple IP addresses bound to the NIC, I can pick from those IP addresses when I setup a new site. In this case, I do not even see the one it does respond to, 172.16.1.70.

I am sure someone must have setup a few different sites on a NLB set of servers. Any ideas
JasonInDenverAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

JasonInDenverAuthor Commented:
Update on this one....I solved it.

The load balancing was setup correctly and, as it turns out, so was my IIS setup. My firewall was not setup correctly.

For the site in IIS, I had to create a new site and manually enter the IP address I wanted to use (IIS 6.0 used a drop down so it was easy to see what was available, but not IIS 7.0)

Turns out that my issue was that I had not defined an object for this test IP address in my firewall and added it to the allowed groups. My system could ping the site because there was a rule that allows any traffic over any port to any system in the DMZ. I did not think about the fact that we have a proxy server deployed and http and https traffic will source from that IP address, not mine. So pings worked but http traffic was blocked at the firewall. As soon as I shut the proxy down, I was able to get to my test page.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Windows OS

From novice to tech pro — start learning today.