Solved

How to make an internal website on Lan to be seen on the internet

Posted on 2011-09-03
13
482 Views
Last Modified: 2012-06-27
Hi EE,

I have a home page running that can be seen on the internet. This was set up on a linux box by another admin.

I have another site that is running on a server 2003 serving active pages. This site is running well internally. A link to this site is on my home page but it is not accessed outside of my network. I want it accessible outside.

The site is running iis 6.0 but I dont want it to be accessed directly from the server 2003 but to use the link on the linux box to work.

Can someone direct me to some hints or documents to set this up so that I can access this page outside on the internet.

Thanks in advance.
0
Comment
Question by:marakara
  • 5
  • 3
  • 2
  • +2
13 Comments
 
LVL 6

Expert Comment

by:c1nmo
ID: 36479106
You'll need to configure your routers/firewalls to allow external access, what do you have in place?
0
 
LVL 82

Assisted Solution

by:Dave Baldwin
Dave Baldwin earned 150 total points
ID: 36479138
"the link on the linux box" has to allow a browser outside of your network to connect to the server that hosts the page, that's the way it works.  If there is active content and links there, there has to be a way for the browser to contact the page on the server.  You might be able to create a proxy service on the Linux box as a bridge to the outside world.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 36479143
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 36479161
You can apparently map files on another server into the Apache web server.  http://httpd.apache.org/docs/2.0/mod/core.html#directory  Permissions have to be set on both servers to allow this to happen.  Something like this:
<Directory "REMOTESRVR/VOL1:/data/wp">
Options Indexes MultiViews
AllowOverride None
Order allow,deny
Allow from all
</Directory>

Open in new window

0
 
LVL 3

Expert Comment

by:WiReDWolf
ID: 36479527
I think what he might be saying is he wants links from the Linix box to be able to hit the Windows box.  If that's the case it should be possible using the referrer to block any hits that don't come from the LInux box.  Without an example it's hard to tell.

Mapping via Apache is pretty cool though.  Good to know.
0
 

Author Comment

by:marakara
ID: 36479986
Thanks, here are some more information.

My LAN network address is 10.1.1.0/24
The address of my 2003 server is 10.1.1.5
The linux box is my default gateway and serves as  my firewall which has the external interface to my ISP

I can access my internal website via "10.1.1.5/link_to_inetpub/webpages.asp" or instead of using ip address i use the name of server.

On the linux box is a static html page that has links to 10.1.1.5/link2MyActivePage/webpages.asp.
On the server 2003 is also a dns server that does my name resolutions for me.

I can understand the logic behind the first two comments and they make perfect sense.

Its just how to go about it as I havent done this before and a bit lost.

Do i have to do something in iis or is it a dns thing where I have to have a FQDN to mapped to 10.1.1.5 as this is not recognised on the internet? Any more thoughts most welcomed.


0
Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

 
LVL 3

Accepted Solution

by:
WiReDWolf earned 175 total points
ID: 36480024
This is a bit clearer now.  Thanks for the added details.

Right away I can see you're going to have a problem.  All inbound traffic on port 80 is technically going through your firewall and directed to your Apache web server on the Linux box.  Since the Linux box is both your firewall/gateway AND your web server routing traffic would be extremely difficult without adding another NIC and public address.

I understand that you want to publish active server pages which is why you're leaning towards IIS over Apache.  However, I think given the challenges you're going to have the simplest answer might be to just outfit your Apache webserver with an ASP module.
Here's one example:
http://pcquest.ciol.com/content/linux/103101103.asp

Otherwise you have two other options:
1.Use your LInux Firewall to port forward all http/https traffic directly to your 2003 server (should be easy)
2.Install a Proxy server to your linux box and figure out how to configure it to only proxy your internal server to the Internet - which can be a big security risk if you don't configure your proxy server correctly and is not recommended
0
 
LVL 10

Assisted Solution

by:simonlimon
simonlimon earned 175 total points
ID: 36480172
If you don't want to use a proxy, you could add a second IP address and forward the traffic to your other websites for that external IP on the default port.

Alternatively, you could publish the other website on your external router using an external port other than 80 or 443, you didn't specify.

You would either publish on a different external port, say 8080 and then redirect it to the internal IP and port 80.

That way you keep your service on the default port and are still able to access from outside.

Or simply change the application port to say 8080 and simply forward the external traffic destined 8080 to that internal IP and port.
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 36480704
If your ASP pages connect to Access or SQL Server, Apache on Linux won't be able to help you.  There are no acceptable drivers for either one on Linux.  You have to have direct access to the Windows server to use those.
0
 
LVL 10

Expert Comment

by:simonlimon
ID: 36480848
That's not what a proxy does. It simply rewrites URLs and serves as a HTTP proxy for the website.

IT Routes requests based on host headers and you don't need SQL drivers. It's just HTTP :)
0
 
LVL 82

Expert Comment

by:Dave Baldwin
ID: 36481603
Yes, but one of my suggestions was to make the files on Windows be a remote directory for Apache on Linux.  If they are ASP and / or access the databases, then they would not work as a remote directory under Apache on Linux.

To use a proxy, the question becomes how do you expose a LAN site to the internet when it does not have an Internet domain name.
0
 

Author Comment

by:marakara
ID: 36486968
Thanks for directions simonlimon and DaveBaldwin.
Issues been resolved now by making an A record  with FQDN that is acceptable on the internet. ie www.activepage.website.com with external ip address on the linux box. An rproxy is then used to point back to the servers ip address.


0
 

Author Closing Comment

by:marakara
ID: 36487038
Points allocated to WiReDWolf, simonlimon and DaveBaldwin. Thanks for the leads;)
0

Featured Post

6 Surprising Benefits of Threat Intelligence

All sorts of threat intelligence is available on the web. Intelligence you can learn from, and use to anticipate and prepare for future attacks.

Join & Write a Comment

First of all, clustering IIS is something you should rarely consider doing. In almost all cases, Microsoft Network Load Balancing (NLB) (http://technet.microsoft.com/en-us/library/cc758834(WS.10).aspx) is a much better solution when you need to p…
Back in July, I blogged about how Microsoft's new server pricing model, combined with the end of the Small Business Server package, would result in significant cost increases for many small businesses (see SBS End of Life: Microsoft Punishes Small B…
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
This tutorial demonstrates a quick way of adding group price to multiple Magento products.

757 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

18 Experts available now in Live!

Get 1:1 Help Now