• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 434
  • Last Modified:

Restrict access to website by IP address in SBS 2003

Hello,
I have a website hosted in my SBS 2003 using IIS 6. I want to deny access to all the computers except a set of static IP addresses. I put restrictions under directory security for the website and aloow the addresses but in sbs the IP addresses that hit the website are converted to the internal IP of my server so everything is denied. If I add the internal IP to the granted access anybody can see the website. I am not an expert in iis or sbs and I don't know what to change to have iis get the real IP instead of the internal IP so I can restrict the access to the website.
Any help will be great.
Thanks
0
ocortes
Asked:
ocortes
  • 4
1 Solution
 
cb1393Commented:
What do you mean by "the IP addresses that hit the website are converted to the internal IP of my server"- how are you getting the IP of those hitting your site?
0
 
ocortesAuthor Commented:
Hi,
The way that SBS publish the website I can be using any IP address or hitting the website from anywhere and when it goes to iis it just sees the internal IP address in my domain not the real IP that is trying to see the website. I don't know if this has to do with ISA server that I have installed with SBS 2003 premium or if it is the configuration in iis. I just need to block all access except for a set of static IP addresses.
Thanks
0
 
demorpheusCommented:
so why do you want to restric to static IPs? do they relate to physical workstations that users use? if so you might want to think about restricting via Global or local Groups instead so you can limit to user base and not IPs. and use Windows Authentication to restrict access to the site, would make it alot easier to add users to a group to give and remove access then to add\remove static ips.
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
ocortesAuthor Commented:
The app is a web time clock and I just want to allow people to clock in from one of  our offices. Each office has a static ip address and I don't want to create a vpn to our main office that is why I just want to allow the set of static ip address and block everything else.
0
 
ocortesAuthor Commented:
I found the solution, the problem was that ISA server was making the requests appear to come from the ISA Server computer. I change the setting to make the requests appear from the actual client and I can see the IP addresses.
Thank you
0
 
ocortesAuthor Commented:
I found the answer
0

Featured Post

Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

  • 4
Tackle projects and never again get stuck behind a technical roadblock.
Join Now