Link to home
Start Free TrialLog in
Avatar of ISIGest
ISIGestFlag for Italy

asked on

Redirect to Virtual Machine IIS

Hi, I've a dedicated web server with a public IP addess like 34.34.34.34
on this Windows 2008 Server I've a virtual machine with a Linux Installed and connected to network with NAT.
This VM have IP address like 192.168.111.222.
I've configured a simple WebSite in IIS with binding address (like mysite.com)
Now I want that when an user request WWW.MYSITE.COM all traffic must be redirected to VM IP address.
Thanks
Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

why doesn't the public IP address NAT directly to the VM with IP address 192.168.111.222?
Avatar of ISIGest

ASKER

The public IP address is the Server IP and I connect to it in Remote Desktop (the server is in my mantainer infrastructure) and I cannot assign directly the public IP to VM :(
What are you using VMware ? Server, Player, Workstation?

You may be able to use Advanced NAT and Port Forward Port 80 on the "host" with NATed to the VM on the host.

(but you'd have to drop the IIs site, if that's needed)

http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html

So in effect you got a Double NAT

Rwquest comes in from the Internet on Port 80 (TCP - www) is port forwarded from a router on external IP address 34.34.34.34 --- Windows 2008 Server --- Port Forward Advanced NAT Port 80 --- VM (via NAT 192.168.111.222).

Is there a need for the IIs website?
Avatar of ISIGest

ASKER

I use VMware player with a Turnkey preinstaller Joomla
Okay, VMware Player also supports NAT, and Advanced NAT, Port Forward.

So the VM at present is NATed and not Bridged.
Avatar of ISIGest

ASKER

On my Windows 2008 IIS there ase some website with ASP ASPX.NET and static HTML and other.
In this Virtual Machine I've installer with Turnkey a Joomla site.
Now I want (only for single URL) that all traffic requested must turn to this virtual machine (192.168.111.222)
Avatar of ISIGest

ASKER

NAT
Okay, so you'll be able to do this if you work through the Advanced NAT features.
So you have a website on IIs that also must be used simultaneously with the Joomla site?
if you setup NAT portforward of e.g 81 portforwarded to 80 (Joomla) site, would that work for you?

Port 80 - IIS Website (Win 2008)
Port 81 - Joomla Website running in a VM (on Port 80)
Avatar of ISIGest

ASKER

Yes it's a good solution
Avatar of ISIGest

ASKER

Yous say: So you have a website on IIs that also must be used simultaneously with the Joomla site?

Yes I want this...
How I can do that..?
Look at the Advanced NAT documents here

http://www.vmware.com/support/ws55/doc/ws_net_nat_advanced.html

It should be as simple as going to the vmware advanced nat setup and port forward port tcp/81 to port 80 on your vm;

or whatever port you want to port forward on the host (also make sure it's ununsed).

and the port on your VM for the www service (joomla) which I assume is 80.
Also make sure the Windows 2008 firewall doesn't get in the way.
Avatar of ISIGest

ASKER

Are you sure??
The link is only for VMware (not for VMware player)

But the default URL of my Joomla site in Windows 2008 is always on 80!!
The user must specify the url like this: www.mysite.com:81 ??
Umm, it's possible Advanced NAT is not supported by VMware Player.
Check the installation directory for applications other than VMware Player.
Avatar of ISIGest

ASKER

NOTHING
Avatar of ISIGest

ASKER

no
Avatar of ISIGest

ASKER

Can I do that with VirtualBox if I install it??
Yes, Virtualbox supports Advanced NAT and port forwarding.

see here

there is a section called Configuring port forwarding with NAT, that's what you need to do.

http://www.virtualbox.org/manual/ch06.html
Avatar of ISIGest

ASKER

Can you please help me to configure all IIS and VirtualBox to work correctly?
Please
ASKER CERTIFIED SOLUTION
Avatar of Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Andrew Hancock (VMware vExpert PRO / EE Fellow/British Beekeeper)
Flag of United Kingdom of Great Britain and Northern Ireland image

Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
oh, that's the command you would use, cut and paste it, after you've installed and created the VM.
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ISIGest

ASKER

OK now I try it...
But how I have configure IIS to redirect the url www.mysite.com to 81 port?
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ISIGest

ASKER

All work fine but I've only a problem...
The redirect is very very slow and the image are not displayed
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of ISIGest

ASKER

If I access to link 192.168.111.222:81 from Windows 2008 Server all work very well and fast.
If I try to acces from remote pc to url www.mywebsite.com the image are not displayed and the site is very slow.
Avatar of ISIGest

ASKER

ok all work now...
the problem now is that the home page was loaded correctly buy if I click on some link the url will be http://192.168.111.222/aboutus.html   :(
Glad it's all working for you with Advanced NAT.
Avatar of ISIGest

ASKER

All work with Advanced NAT and Url Rewrite.
My problem now is the link my mi website: urls are http://192.168.111.222/aboutus.html and not http://www.mysite/aboutus.html 
Please diagram you Internet connectivity.. Is it someting like

Internet -> 34.34.34.34 on router/firewall -> web server (what is IP?)

or

Internet -> 34.34.34.34 where public ip is on web server
SOLUTION
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Did you install and configure the ARR? Why do you need web to listen on different port?

What I have is

Internet -> Router/Firewall -> Server running ARR.
ARR looks at host name header, if www.mysite.com) AAR issues request to server that services www.mysite.com on some interal ip like 192.168.1.30, then gets response from the server and returns it through router/firewall to Internet to issuing client.

If www.site2.com AAR issues request to server that services www.site2.com on some other internal ip like 192.168.1.40, then gets response from the server and returns it through router/firewall to Internet to issuing client.

and so on. No need to do port translation in such a case, nor do I really do url rewrite, its more like it is load balancer that examines host name header then issues request to appropriate server on some arbitrary internal IP. That server can be a vm or a physical box, it doesn't really make any difference. It can even be a pool of several servers to load balance request.

Please diagram or thoroughly explain your setup.
Avatar of ISIGest

ASKER

Ok.
I've three VM in a machine with Windows Web Server 2008 R2.
1th have IP 192.168.x.1
2th have IP 192.168.x.2
3th have IP 192.168.x.3

Now I want that all traffic on "www.mysite1.com" go to  192.168.x.1, all from "www.mysite2.com" got to 192.168.x.2 and "www.mysite3.com" go to 192.168.x.3.
All site and VM can have an FTP, HTTP, HTTPS and other TCP or UDP connection that under the URL must redirect to secific VM.
Thats a new question, please create a new question.
The only thing that would have a host name header like www.mysite.com would have to be  issued by a web browser that is http 1.0 or above compliant (http 0.9 used by really old browsers do not attach host name headers)

so in short, you can route such traffic for HTTP and HTTPS, the other traffic like FTP and other arbitrary TCP or UDP traffic can't be routed that way because they have no host name header, and by the time it gets to you DNS has resolved only the IP.

Specific traffic can be routed via NAT - so say you have a DNS server listening on UDP port 53, when it arrives use the NAT port forwarding feature to route the traffic to the DNS server. The limitation to this is that you can have only one DNS server. Likewise with NAT any particular port and IP combination can only go to a single server. Often this is sufficient.

If you want all ports and protocols routed to specific servers then you will need to invest in having a unique external IP address for each server, and a router/firewall capable of proxy arp and use that to route all the traffic destined to a specific external IP to a corresponding interal server.
It is a lot simpler if you have a DNS server
create a new zoneMYSITE.COM add an
A record
a www 169.123.123.23 (the nat address) This way you don't have to worry about port 80/81