Solved

URL Rewriting

Posted on 2011-09-19
18
720 Views
Last Modified: 2012-05-12
I've installed URL Rewriting on my IIS server, to redirect HTTP requests to my secure OWA folder. This works if I go to localhost from IE on my IIS server, but if I try to connect to the localhost from another machine on the same network I just get the default IIS7 page up.

What am I'm doing wrong here? Any requests from outside doesnt work either, but if I go to the HTTPS page it show the OWA login page.

Thanks for any help!
0
Comment
Question by:Mr Woober
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
18 Comments
 
LVL 17

Expert Comment

by:Rovastar
ID: 36559829
How many websites do you have?

Often the Default IIS page is when traffic is directed to "DefaultWebSIte" as peopel leave that there even when not used.

Does traffic without the rewrite route ok ? (i.e. not going to the default page from outside the domain)

What rule are you using atm?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36559922
I only have one webpage, and thats the Outlook Web App for Exchange 2010. As I want it to redirect HTTP traffic to the HTTPS.

I cant reach the HTTP page outside the the server, nor either a server thats on the same network. But it works with HTTPS.

I've used this link to setup URL Rewrite:
http://morgansimonsen.wordpress.com/2009/04/02/using-iis-7-url-rewrite-module-to-simplify-exchange-2007-outlook-web-access-urls-on-windows-server-2008/

And got those rules they show here.
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36559942
Connect to localhost?  Localhost always points to the computer you're sitting in front of.  Try connecting to the server's name (FQDN is best) instead.

If the redirection worked from the server, but still does not work from other workstations, check your redirect target.  Don't redirect to localhost - client computers will misinterpret that to point to *themselves*.  Write your redirect to use the server FQDN.

If you're using a different DNS domain name for access from Intranet v. Internet, then you've got another level of complexity to resolve...
0
Back Up Your Microsoft Windows Server®

Back up all your Microsoft Windows Server – on-premises, in remote locations, in private and hybrid clouds. Your entire Windows Server will be backed up in one easy step with patented, block-level disk imaging. We achieve RTOs (recovery time objectives) as low as 15 seconds.

 
LVL 1

Author Comment

by:Mr Woober
ID: 36559992
Hmm.. Doesnt work with the FQDN name, only with localhost.

I attached my site bindings in IIS, I tried to add the FQDN name but that didnt work either.
site-bindings.jpg
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560005
type: https / port 443 should have IP address * (like the first line for http).  That will make https available on interfaces other than the loopback (127.0.0.1).  The loopback is what "localhost" resolves to.  The loopback is always local.

Try adding * as the IP address on the third entry from the bottom.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560072
After doing editing the HTTPS bindings, it doesnt work at all now, just get a page could not be found.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560197
Now its working, the website had stopped its service. But that didnt help either :(
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560719
Okay, let's get detailed...

The default web site bindings should look like the attached images.  (Sorry about the "*" in HTTPS - I hadn't bothered to look.)

 IIS Default Web Site bindings
 The HTTPS binding (shown highlighted in the first image) should have the detailed settings shown in the second image.

 Details of HTTPS default binding
Restart the IIS Admin service, just to ensure everything is in sync.

Test from the server console:
http://localhost <- does that redirect to OWA?
https://localhost <- does that redirect to OWA?
http://<ServerFQDN>  <- note: replace <ServerFQDN> with your server's FQDN
https://<ServerFQDN> <- same note as above

Which of these work, which do not?  Turn off friendly messages in your browser.  What error is shown for those that do not work?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562663
I've now tested it with your setup, attached my SSL certificate to the SSL binding.

http://localhost <- does redirect to OWA
https://localhost <- does redirect to OWA
http://<ServerFQDN>  <- Dont work! I replaced <ServerFQDN> with my server's FQDN
https://<ServerFQDN> <- Does work :)

Error is show that page could not be displayed

Thanks!

Here is my current config, but when using webmail.rkk.no it doesnt work :(
site-bind.jpg
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562695
I mean http://webmail.rkk.no doesnt redirect to HTTPS
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562741
Are you using webmail.rkk.no from inside your network, or outside?

On an inside workstation, do this...

C:\> nslookup webmail.rkk.no

Open in new window


From here, https://webmail.rkk.no works, and redirects to /owa just fine.

 Your webmail from outside.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562766
Yeah, but I want http://webamail.rkk.no redirect to the HTTPS page, so you dont have to write HTTPS everytime you should logon :)
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562837
nslookup webmail.rkk.no

Server: Uknown
Adress: x.x.0.10

Non-authorative answer:
Name: webmail.rkk.no
Address: x.x.108.76

Open in new window


But the webserver is at x.x.0.14
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562856
...but http://webmail.rkk.no does not redirect.  Nor do I get the default IIS page.  Is port 80 configured to connect to this server in your firewall config?
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 500 total points
ID: 36562896
So we have a couple of problems here.

First, I suspect that HTTP (TCP port 80) is not being forwarded through your firewall.  Obviously HTTPS (TCP port 443) is, or I wouldn't be able to get there from here.

Second, you have a DNS problem.  From outside (public DNS), I get this...

C:\>nslookup webmail.rkk.no
Server:  dc01.someplace.net
Address:  192.168.x.10

Non-authoritative answer:
Name:    webmail.rkk.no
Address:  79.160.108.76

That looks a lot like your reply.  (I didn't bother to mask this, since it's *public* DNS.)  So... when you say "the webserver is at x.x.0.14" - I'm guessing that "x.x" is a private (not public) IP address block.

I'm further guessing that "rkk.no" is not the name of your Active Directory domain.

If I'm right about some or all of this, then you'll need to configure split DNS - so that your public address space "rkk.no" resolves to private IP addresses when queried from inside your network.

Let me know if I'm getting warmer...
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562921
Now its working, I forgot to setup an policy to accept traffic on port 80 :\

Thanks for the help!
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 36562930
Thanks for good help :)
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562932
Tested from here.  Works OK from http://webmail.rkk.no.

Well done!
0

Featured Post

Webinar: Aligning, Automating, Winning

Join Dan Russo, Senior Manager of Operations Intelligence, for an in-depth discussion on how Dealertrack, leading provider of integrated digital solutions for the automotive industry, transformed their DevOps processes to increase collaboration and move with greater velocity.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Sweet32 Vulnerability in Microsoft IIS7.5 6 2,387
SSL Certificate for IIS7 Site 2 104
How to redirect sub-domains on IIS 4 46
FTP security 1 34
Introduction and Prerequisites This article describes methods for detecting whether a client browser accepts and returns HTTP cookies and whether the client browser runs JavaScript.  Most client browsers will, by default, be configured to use cooki…
When it comes to showing a 404 error page to your visitors, you do not want that generic page to show, and you especially do not want your hosting provider’s ad error page to show either. In this article, I will show you how to enable the custom 40…
Finds all prime numbers in a range requested and places them in a public primes() array. I've demostrated a template size of 30 (2 * 3 * 5) but larger templates can be built such 210  (2 * 3 * 5 * 7) or 2310  (2 * 3 * 5 * 7 * 11). The larger templa…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question