?
Solved

Redirect to Virtual Machine IIS

Posted on 2011-05-05
45
Medium Priority
?
643 Views
Last Modified: 2014-12-26
Hi, I've a dedicated web server with a public IP addess like 34.34.34.34
on this Windows 2008 Server I've a virtual machine with a Linux Installed and connected to network with NAT.
This VM have IP address like 192.168.111.222.
I've configured a simple WebSite in IIS with binding address (like mysite.com)
Now I want that when an user request WWW.MYSITE.COM all traffic must be redirected to VM IP address.
Thanks
0
Comment
Question by:ISIGest
  • 19
  • 18
  • 5
  • +1
43 Comments
 
LVL 124
ID: 35697129
why doesn't the public IP address NAT directly to the VM with IP address 192.168.111.222?
0
 

Author Comment

by:ISIGest
ID: 35697168
The public IP address is the Server IP and I connect to it in Remote Desktop (the server is in my mantainer infrastructure) and I cannot assign directly the public IP to VM :(
0
 
LVL 124
ID: 35697213
What are you using VMware ? Server, Player, Workstation?

You may be able to use Advanced NAT and Port Forward Port 80 on the "host" with NATed to the VM on the host.

(but you'd have to drop the IIs site, if that's needed)

http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html

So in effect you got a Double NAT

Rwquest comes in from the Internet on Port 80 (TCP - www) is port forwarded from a router on external IP address 34.34.34.34 --- Windows 2008 Server --- Port Forward Advanced NAT Port 80 --- VM (via NAT 192.168.111.222).

Is there a need for the IIs website?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
LVL 124
ID: 35697224
here's a solution we worked on EE, where someone did something similar, I warn you it's long

http://www.experts-exchange.com/Software/VMWare/Q_26973410.html
0
 

Author Comment

by:ISIGest
ID: 35697244
I use VMware player with a Turnkey preinstaller Joomla
0
 
LVL 124
ID: 35697247
Okay, VMware Player also supports NAT, and Advanced NAT, Port Forward.

So the VM at present is NATed and not Bridged.
0
 

Author Comment

by:ISIGest
ID: 35697270
On my Windows 2008 IIS there ase some website with ASP ASPX.NET and static HTML and other.
In this Virtual Machine I've installer with Turnkey a Joomla site.
Now I want (only for single URL) that all traffic requested must turn to this virtual machine (192.168.111.222)
0
 

Author Comment

by:ISIGest
ID: 35697272
NAT
0
 
LVL 124
ID: 35697293
Okay, so you'll be able to do this if you work through the Advanced NAT features.
0
 
LVL 124
ID: 35697304
So you have a website on IIs that also must be used simultaneously with the Joomla site?
0
 
LVL 124
ID: 35697316
if you setup NAT portforward of e.g 81 portforwarded to 80 (Joomla) site, would that work for you?

Port 80 - IIS Website (Win 2008)
Port 81 - Joomla Website running in a VM (on Port 80)
0
 

Author Comment

by:ISIGest
ID: 35697508
Yes it's a good solution
0
 

Author Comment

by:ISIGest
ID: 35697514
Yous say: So you have a website on IIs that also must be used simultaneously with the Joomla site?

Yes I want this...
How I can do that..?
0
 
LVL 124
ID: 35697637
Look at the Advanced NAT documents here

http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html

It should be as simple as going to the vmware advanced nat setup and port forward port tcp/81 to port 80 on your vm;

or whatever port you want to port forward on the host (also make sure it's ununsed).

and the port on your VM for the www service (joomla) which I assume is 80.
0
 
LVL 124
ID: 35697640
Also make sure the Windows 2008 firewall doesn't get in the way.
0
 

Author Comment

by:ISIGest
ID: 35697790
Are you sure??
The link is only for VMware (not for VMware player)

But the default URL of my Joomla site in Windows 2008 is always on 80!!
The user must specify the url like this: www.mysite.com:81 ??
0
 
LVL 124
ID: 35697943
Umm, it's possible Advanced NAT is not supported by VMware Player.
0
 
LVL 124
ID: 35697989
Check the installation directory for applications other than VMware Player.
0
 

Author Comment

by:ISIGest
ID: 35698024
NOTHING
0
 
LVL 124
ID: 35698085
do you have vmnetcfg.exe?
0
 

Author Comment

by:ISIGest
ID: 35698158
no
0
 

Author Comment

by:ISIGest
ID: 35698215
Can I do that with VirtualBox if I install it??
0
 
LVL 124
ID: 35698320
Yes, Virtualbox supports Advanced NAT and port forwarding.

see here

there is a section called Configuring port forwarding with NAT, that's what you need to do.

http://www.virtualbox.org/manual/ch06.html
0
 

Author Comment

by:ISIGest
ID: 35698332
Can you please help me to configure all IIS and VirtualBox to work correctly?
Please
0
 
LVL 124

Accepted Solution

by:
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1000 total points
ID: 35698404
VBoxManage modifyvm "VM name" --natpf1 "www81,tcp,,81,,80"

With the above example, all TCP traffic arriving on port 81 on any host interface will be forwarded to port 80 in the guest. The protocol name tcp is a mandatory attribute defining which protocol should be used for forwarding (udp could also be used). The name www81 is purely descriptive and will be auto-generated if omitted. The number after --natpf denotes the network card, like in other parts of VBoxManage.

That's it.

If you want to know how to setup Virtualbox on Server 2008 and install a Virtual Machine, that's out of scope of this question, and you need to post a new question.
0
 
LVL 124
ID: 35698413
oh, that's the command you would use, cut and paste it, after you've installed and created the VM.
0
 
LVL 28

Assisted Solution

by:bgoering
bgoering earned 1000 total points
ID: 35698439
Take a look at http://communities.vmware.com/thread/245342 for how to get the vmnetcfg program working for vmware player. After you have that set up you can port forward some arbitrary port on your host to your linux guest port 80.

Reconfigure your simple IIS website on to some other arbitrary port (or IP address).

Next add Application Request Routing to your IIS and configure it as a reverse proxy. The AAR module will get all web requests - look at the host name header, then route it appropriately to your IIS web app or your Linux web app.

See http://www.experts-exchange.com/Software/Server_Software/Web_Servers/Microsoft_IIS/Q_26864166.html for a bit more info on AAR. I use it at home (where I am limited to a single IP) to route requests to multiple Windows and Linux web servers.

Good Luck
0
 

Author Comment

by:ISIGest
ID: 35698441
OK now I try it...
But how I have configure IIS to redirect the url www.mysite.com to 81 port?
0
 
LVL 124
ID: 35698452
yes.
0
 
LVL 124

Assisted Solution

by:Andrew Hancock (VMware vExpert / EE MVE^2)
Andrew Hancock (VMware vExpert / EE MVE^2) earned 1000 total points
ID: 35698726
someone has nicely done the work for you, here's a link to the missing vmnetcfg.exe

http://communities.vmware.com/servlet/JiveServlet/download/1569571-40845/network.cab

There's a lot more features in the Virtualbox product than VMware Player 3.0, unless you want to upgrade and pay $199 for the additional features which VMware Workstaton can offer. e.g. teamed workstations, snapshotting etc

0
 

Author Comment

by:ISIGest
ID: 35699311
All work fine but I've only a problem...
The redirect is very very slow and the image are not displayed
0
 
LVL 28

Assisted Solution

by:bgoering
bgoering earned 1000 total points
ID: 35699394
Make sure all the image links (src=) are relative in the html. That will preserve the port change, otherwise you will need to update your pages to include the form http://host.domain.com:81/image.jpg (adding :portnum)

As for slow, virtual machines in player (or workstation, or any hosted hypervisor) often do not perform real well. To improve first make sure vmware tools are installed in your guest. You will also want to look at http://www.vmware.com/pdf/ws7_performance.pdf - this document details many things you can do to optimize performance in a vm. It is written for vmware workstation, but it is equally applicable to player.
0
 

Author Comment

by:ISIGest
ID: 35699493
If I access to link 192.168.111.222:81 from Windows 2008 Server all work very well and fast.
If I try to acces from remote pc to url www.mywebsite.com the image are not displayed and the site is very slow.
0
 

Author Comment

by:ISIGest
ID: 35699609
ok all work now...
the problem now is that the home page was loaded correctly buy if I click on some link the url will be http://192.168.111.222/aboutus.html   :(
0
 
LVL 124
ID: 35700041
Glad it's all working for you with Advanced NAT.
0
 

Author Comment

by:ISIGest
ID: 35704204
All work with Advanced NAT and Url Rewrite.
My problem now is the link my mi website: urls are http://192.168.111.222/aboutus.html and not http://www.mysite/aboutus.html 
0
 
LVL 28

Expert Comment

by:bgoering
ID: 35705911
Please diagram you Internet connectivity.. Is it someting like

Internet -> 34.34.34.34 on router/firewall -> web server (what is IP?)

or

Internet -> 34.34.34.34 where public ip is on web server
0
 

Assisted Solution

by:ISIGest
ISIGest earned 0 total points
ID: 35865726
Ok, I solved with 2 outbound rules to substituite the internal generated IP with external url.
Now I have other problem...the problem is with a custom internal port.
This virtual machine listen on port 12345 for a specific operation and webservice.
How I can redirect (rewrite) to this port wtith an external url like "www.mysite.com/internal" without specify the port number?
0
 
LVL 28

Expert Comment

by:bgoering
ID: 35872081
Did you install and configure the ARR? Why do you need web to listen on different port?

What I have is

Internet -> Router/Firewall -> Server running ARR.
ARR looks at host name header, if www.mysite.com) AAR issues request to server that services www.mysite.com on some interal ip like 192.168.1.30, then gets response from the server and returns it through router/firewall to Internet to issuing client.

If www.site2.com AAR issues request to server that services www.site2.com on some other internal ip like 192.168.1.40, then gets response from the server and returns it through router/firewall to Internet to issuing client.

and so on. No need to do port translation in such a case, nor do I really do url rewrite, its more like it is load balancer that examines host name header then issues request to appropriate server on some arbitrary internal IP. That server can be a vm or a physical box, it doesn't really make any difference. It can even be a pool of several servers to load balance request.

Please diagram or thoroughly explain your setup.
0
 

Author Comment

by:ISIGest
ID: 35872335
Ok.
I've three VM in a machine with Windows Web Server 2008 R2.
1th have IP 192.168.x.1
2th have IP 192.168.x.2
3th have IP 192.168.x.3

Now I want that all traffic on "www.mysite1.com" go to  192.168.x.1, all from "www.mysite2.com" got to 192.168.x.2 and "www.mysite3.com" go to 192.168.x.3.
All site and VM can have an FTP, HTTP, HTTPS and other TCP or UDP connection that under the URL must redirect to secific VM.
0
 
LVL 124
ID: 35872496
Thats a new question, please create a new question.
0
 
LVL 28

Expert Comment

by:bgoering
ID: 35874567
The only thing that would have a host name header like www.mysite.com would have to be  issued by a web browser that is http 1.0 or above compliant (http 0.9 used by really old browsers do not attach host name headers)

so in short, you can route such traffic for HTTP and HTTPS, the other traffic like FTP and other arbitrary TCP or UDP traffic can't be routed that way because they have no host name header, and by the time it gets to you DNS has resolved only the IP.

Specific traffic can be routed via NAT - so say you have a DNS server listening on UDP port 53, when it arrives use the NAT port forwarding feature to route the traffic to the DNS server. The limitation to this is that you can have only one DNS server. Likewise with NAT any particular port and IP combination can only go to a single server. Often this is sufficient.

If you want all ports and protocols routed to specific servers then you will need to invest in having a unique external IP address for each server, and a router/firewall capable of proxy arp and use that to route all the traffic destined to a specific external IP to a corresponding interal server.
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 37731944
It is a lot simpler if you have a DNS server
create a new zoneMYSITE.COM add an
A record
a www 169.123.123.23 (the nat address) This way you don't have to worry about port 80/81
0

Featured Post

Concerto's Cloud Advisory Services

Want to avoid the missteps to gaining all the benefits of the cloud? Learn more about the different assessment options from our Cloud Advisory team.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Giving access to ESXi shell console is always an issue for IT departments to other Teams, or Projects. We need to find a way so that teams can use ESXTOP for their POCs, or tests without giving them the access to ESXi host shell console with a root …
Ransomware is a malware that is again in the list of security  concerns. Not only for companies, but also for Government security and  even at personal use. IT departments should be aware and have the right  knowledge to how to fight it.
This Micro Tutorial steps you through the configuration steps to configure your ESXi host Management Network settings and test the management network, ensure the host is recognized by the DNS Server, configure a new password, and the troubleshooting…
How to Install VMware Tools in Red Hat Enterprise Linux 6.4 (RHEL 6.4) Step-by-Step Tutorial
Suggested Courses

839 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question