We help IT Professionals succeed at work.

Check out our new AWS podcast with Certified Expert, Phil Phillips! Listen to "How to Execute a Seamless AWS Migration" on EE or on your favorite podcast platform. Listen Now

x

Restrict access to website by IP address in SBS 2003

ocortes
ocortes asked
on
Medium Priority
453 Views
Last Modified: 2012-05-11
Hello,
I have a website hosted in my SBS 2003 using IIS 6. I want to deny access to all the computers except a set of static IP addresses. I put restrictions under directory security for the website and aloow the addresses but in sbs the IP addresses that hit the website are converted to the internal IP of my server so everything is denied. If I add the internal IP to the granted access anybody can see the website. I am not an expert in iis or sbs and I don't know what to change to have iis get the real IP instead of the internal IP so I can restrict the access to the website.
Any help will be great.
Thanks
Comment
Watch Question

Commented:
What do you mean by "the IP addresses that hit the website are converted to the internal IP of my server"- how are you getting the IP of those hitting your site?

Author

Commented:
Hi,
The way that SBS publish the website I can be using any IP address or hitting the website from anywhere and when it goes to iis it just sees the internal IP address in my domain not the real IP that is trying to see the website. I don't know if this has to do with ISA server that I have installed with SBS 2003 premium or if it is the configuration in iis. I just need to block all access except for a set of static IP addresses.
Thanks
so why do you want to restric to static IPs? do they relate to physical workstations that users use? if so you might want to think about restricting via Global or local Groups instead so you can limit to user base and not IPs. and use Windows Authentication to restrict access to the site, would make it alot easier to add users to a group to give and remove access then to add\remove static ips.

Author

Commented:
The app is a web time clock and I just want to allow people to clock in from one of  our offices. Each office has a static ip address and I don't want to create a vpn to our main office that is why I just want to allow the set of static ip address and block everything else.
Commented:
Unlock this solution with a free trial preview.
(No credit card required)
Get Preview

Author

Commented:
I found the answer
Unlock the solution to this question.
Thanks for using Experts Exchange.

Please provide your email to receive a free trial preview!

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.