ISIGest
asked on
Redirect to Virtual Machine IIS
Hi, I've a dedicated web server with a public IP addess like 34.34.34.34
on this Windows 2008 Server I've a virtual machine with a Linux Installed and connected to network with NAT.
This VM have IP address like 192.168.111.222.
I've configured a simple WebSite in IIS with binding address (like mysite.com)
Now I want that when an user request WWW.MYSITE.COM all traffic must be redirected to VM IP address.
Thanks
on this Windows 2008 Server I've a virtual machine with a Linux Installed and connected to network with NAT.
This VM have IP address like 192.168.111.222.
I've configured a simple WebSite in IIS with binding address (like mysite.com)
Now I want that when an user request WWW.MYSITE.COM all traffic must be redirected to VM IP address.
Thanks
why doesn't the public IP address NAT directly to the VM with IP address 192.168.111.222?
ASKER
The public IP address is the Server IP and I connect to it in Remote Desktop (the server is in my mantainer infrastructure) and I cannot assign directly the public IP to VM :(
What are you using VMware ? Server, Player, Workstation?
You may be able to use Advanced NAT and Port Forward Port 80 on the "host" with NATed to the VM on the host.
(but you'd have to drop the IIs site, if that's needed)
http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html
So in effect you got a Double NAT
Rwquest comes in from the Internet on Port 80 (TCP - www) is port forwarded from a router on external IP address 34.34.34.34 --- Windows 2008 Server --- Port Forward Advanced NAT Port 80 --- VM (via NAT 192.168.111.222).
Is there a need for the IIs website?
You may be able to use Advanced NAT and Port Forward Port 80 on the "host" with NATed to the VM on the host.
(but you'd have to drop the IIs site, if that's needed)
http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html
So in effect you got a Double NAT
Rwquest comes in from the Internet on Port 80 (TCP - www) is port forwarded from a router on external IP address 34.34.34.34 --- Windows 2008 Server --- Port Forward Advanced NAT Port 80 --- VM (via NAT 192.168.111.222).
Is there a need for the IIs website?
here's a solution we worked on EE, where someone did something similar, I warn you it's long
https://www.experts-exchange.com/questions/26973410/I-have-a-problem-pinging-from-laptop-to-my-VMware-virtual-machine-need-help.html
https://www.experts-exchange.com/questions/26973410/I-have-a-problem-pinging-from-laptop-to-my-VMware-virtual-machine-need-help.html
ASKER
I use VMware player with a Turnkey preinstaller Joomla
Okay, VMware Player also supports NAT, and Advanced NAT, Port Forward.
So the VM at present is NATed and not Bridged.
So the VM at present is NATed and not Bridged.
ASKER
On my Windows 2008 IIS there ase some website with ASP ASPX.NET and static HTML and other.
In this Virtual Machine I've installer with Turnkey a Joomla site.
Now I want (only for single URL) that all traffic requested must turn to this virtual machine (192.168.111.222)
In this Virtual Machine I've installer with Turnkey a Joomla site.
Now I want (only for single URL) that all traffic requested must turn to this virtual machine (192.168.111.222)
ASKER
NAT
Okay, so you'll be able to do this if you work through the Advanced NAT features.
So you have a website on IIs that also must be used simultaneously with the Joomla site?
if you setup NAT portforward of e.g 81 portforwarded to 80 (Joomla) site, would that work for you?
Port 80 - IIS Website (Win 2008)
Port 81 - Joomla Website running in a VM (on Port 80)
Port 80 - IIS Website (Win 2008)
Port 81 - Joomla Website running in a VM (on Port 80)
ASKER
Yes it's a good solution
ASKER
Yous say: So you have a website on IIs that also must be used simultaneously with the Joomla site?
Yes I want this...
How I can do that..?
Yes I want this...
How I can do that..?
Look at the Advanced NAT documents here
http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html
It should be as simple as going to the vmware advanced nat setup and port forward port tcp/81 to port 80 on your vm;
or whatever port you want to port forward on the host (also make sure it's ununsed).
and the port on your VM for the www service (joomla) which I assume is 80.
http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html
It should be as simple as going to the vmware advanced nat setup and port forward port tcp/81 to port 80 on your vm;
or whatever port you want to port forward on the host (also make sure it's ununsed).
and the port on your VM for the www service (joomla) which I assume is 80.
Also make sure the Windows 2008 firewall doesn't get in the way.
ASKER
Are you sure??
The link is only for VMware (not for VMware player)
But the default URL of my Joomla site in Windows 2008 is always on 80!!
The user must specify the url like this: www.mysite.com:81 ??
The link is only for VMware (not for VMware player)
But the default URL of my Joomla site in Windows 2008 is always on 80!!
The user must specify the url like this: www.mysite.com:81 ??
Umm, it's possible Advanced NAT is not supported by VMware Player.
Check the installation directory for applications other than VMware Player.
ASKER
NOTHING
do you have vmnetcfg.exe?
ASKER
no
ASKER
Can I do that with VirtualBox if I install it??
Yes, Virtualbox supports Advanced NAT and port forwarding.
see here
there is a section called Configuring port forwarding with NAT, that's what you need to do.
http://www.virtualbox.org/manual/ch06.html
see here
there is a section called Configuring port forwarding with NAT, that's what you need to do.
http://www.virtualbox.org/manual/ch06.html
ASKER
Can you please help me to configure all IIS and VirtualBox to work correctly?
Please
Please
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
oh, that's the command you would use, cut and paste it, after you've installed and created the VM.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
OK now I try it...
But how I have configure IIS to redirect the url www.mysite.com to 81 port?
But how I have configure IIS to redirect the url www.mysite.com to 81 port?
yes.
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
All work fine but I've only a problem...
The redirect is very very slow and the image are not displayed
The redirect is very very slow and the image are not displayed
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
If I access to link 192.168.111.222:81 from Windows 2008 Server all work very well and fast.
If I try to acces from remote pc to url www.mywebsite.com the image are not displayed and the site is very slow.
If I try to acces from remote pc to url www.mywebsite.com the image are not displayed and the site is very slow.
ASKER
ok all work now...
the problem now is that the home page was loaded correctly buy if I click on some link the url will be http://192.168.111.222/aboutus.html :(
the problem now is that the home page was loaded correctly buy if I click on some link the url will be http://192.168.111.222/aboutus.html :(
Glad it's all working for you with Advanced NAT.
ASKER
All work with Advanced NAT and Url Rewrite.
My problem now is the link my mi website: urls are http://192.168.111.222/aboutus.html and not http://www.mysite/aboutus.html
My problem now is the link my mi website: urls are http://192.168.111.222/aboutus.html and not http://www.mysite/aboutus.html
Please diagram you Internet connectivity.. Is it someting like
Internet -> 34.34.34.34 on router/firewall -> web server (what is IP?)
or
Internet -> 34.34.34.34 where public ip is on web server
Internet -> 34.34.34.34 on router/firewall -> web server (what is IP?)
or
Internet -> 34.34.34.34 where public ip is on web server
SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Did you install and configure the ARR? Why do you need web to listen on different port?
What I have is
Internet -> Router/Firewall -> Server running ARR.
ARR looks at host name header, if www.mysite.com) AAR issues request to server that services www.mysite.com on some interal ip like 192.168.1.30, then gets response from the server and returns it through router/firewall to Internet to issuing client.
If www.site2.com AAR issues request to server that services www.site2.com on some other internal ip like 192.168.1.40, then gets response from the server and returns it through router/firewall to Internet to issuing client.
and so on. No need to do port translation in such a case, nor do I really do url rewrite, its more like it is load balancer that examines host name header then issues request to appropriate server on some arbitrary internal IP. That server can be a vm or a physical box, it doesn't really make any difference. It can even be a pool of several servers to load balance request.
Please diagram or thoroughly explain your setup.
What I have is
Internet -> Router/Firewall -> Server running ARR.
ARR looks at host name header, if www.mysite.com) AAR issues request to server that services www.mysite.com on some interal ip like 192.168.1.30, then gets response from the server and returns it through router/firewall to Internet to issuing client.
If www.site2.com AAR issues request to server that services www.site2.com on some other internal ip like 192.168.1.40, then gets response from the server and returns it through router/firewall to Internet to issuing client.
and so on. No need to do port translation in such a case, nor do I really do url rewrite, its more like it is load balancer that examines host name header then issues request to appropriate server on some arbitrary internal IP. That server can be a vm or a physical box, it doesn't really make any difference. It can even be a pool of several servers to load balance request.
Please diagram or thoroughly explain your setup.
ASKER
Ok.
I've three VM in a machine with Windows Web Server 2008 R2.
1th have IP 192.168.x.1
2th have IP 192.168.x.2
3th have IP 192.168.x.3
Now I want that all traffic on "www.mysite1.com" go to 192.168.x.1, all from "www.mysite2.com" got to 192.168.x.2 and "www.mysite3.com" go to 192.168.x.3.
All site and VM can have an FTP, HTTP, HTTPS and other TCP or UDP connection that under the URL must redirect to secific VM.
I've three VM in a machine with Windows Web Server 2008 R2.
1th have IP 192.168.x.1
2th have IP 192.168.x.2
3th have IP 192.168.x.3
Now I want that all traffic on "www.mysite1.com" go to 192.168.x.1, all from "www.mysite2.com" got to 192.168.x.2 and "www.mysite3.com" go to 192.168.x.3.
All site and VM can have an FTP, HTTP, HTTPS and other TCP or UDP connection that under the URL must redirect to secific VM.
Thats a new question, please create a new question.
The only thing that would have a host name header like www.mysite.com would have to be issued by a web browser that is http 1.0 or above compliant (http 0.9 used by really old browsers do not attach host name headers)
so in short, you can route such traffic for HTTP and HTTPS, the other traffic like FTP and other arbitrary TCP or UDP traffic can't be routed that way because they have no host name header, and by the time it gets to you DNS has resolved only the IP.
Specific traffic can be routed via NAT - so say you have a DNS server listening on UDP port 53, when it arrives use the NAT port forwarding feature to route the traffic to the DNS server. The limitation to this is that you can have only one DNS server. Likewise with NAT any particular port and IP combination can only go to a single server. Often this is sufficient.
If you want all ports and protocols routed to specific servers then you will need to invest in having a unique external IP address for each server, and a router/firewall capable of proxy arp and use that to route all the traffic destined to a specific external IP to a corresponding interal server.
so in short, you can route such traffic for HTTP and HTTPS, the other traffic like FTP and other arbitrary TCP or UDP traffic can't be routed that way because they have no host name header, and by the time it gets to you DNS has resolved only the IP.
Specific traffic can be routed via NAT - so say you have a DNS server listening on UDP port 53, when it arrives use the NAT port forwarding feature to route the traffic to the DNS server. The limitation to this is that you can have only one DNS server. Likewise with NAT any particular port and IP combination can only go to a single server. Often this is sufficient.
If you want all ports and protocols routed to specific servers then you will need to invest in having a unique external IP address for each server, and a router/firewall capable of proxy arp and use that to route all the traffic destined to a specific external IP to a corresponding interal server.
It is a lot simpler if you have a DNS server
create a new zoneMYSITE.COM add an
A record
a www 169.123.123.23 (the nat address) This way you don't have to worry about port 80/81
create a new zoneMYSITE.COM add an
A record
a www 169.123.123.23 (the nat address) This way you don't have to worry about port 80/81