Solved

URL Rewriting

Posted on 2011-09-19
18
708 Views
Last Modified: 2012-05-12
I've installed URL Rewriting on my IIS server, to redirect HTTP requests to my secure OWA folder. This works if I go to localhost from IE on my IIS server, but if I try to connect to the localhost from another machine on the same network I just get the default IIS7 page up.

What am I'm doing wrong here? Any requests from outside doesnt work either, but if I go to the HTTPS page it show the OWA login page.

Thanks for any help!
0
Comment
Question by:Mr Woober
  • 10
  • 7
18 Comments
 
LVL 17

Expert Comment

by:Rovastar
ID: 36559829
How many websites do you have?

Often the Default IIS page is when traffic is directed to "DefaultWebSIte" as peopel leave that there even when not used.

Does traffic without the rewrite route ok ? (i.e. not going to the default page from outside the domain)

What rule are you using atm?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36559922
I only have one webpage, and thats the Outlook Web App for Exchange 2010. As I want it to redirect HTTP traffic to the HTTPS.

I cant reach the HTTP page outside the the server, nor either a server thats on the same network. But it works with HTTPS.

I've used this link to setup URL Rewrite:
http://morgansimonsen.wordpress.com/2009/04/02/using-iis-7-url-rewrite-module-to-simplify-exchange-2007-outlook-web-access-urls-on-windows-server-2008/

And got those rules they show here.
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36559942
Connect to localhost?  Localhost always points to the computer you're sitting in front of.  Try connecting to the server's name (FQDN is best) instead.

If the redirection worked from the server, but still does not work from other workstations, check your redirect target.  Don't redirect to localhost - client computers will misinterpret that to point to *themselves*.  Write your redirect to use the server FQDN.

If you're using a different DNS domain name for access from Intranet v. Internet, then you've got another level of complexity to resolve...
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36559992
Hmm.. Doesnt work with the FQDN name, only with localhost.

I attached my site bindings in IIS, I tried to add the FQDN name but that didnt work either.
site-bindings.jpg
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560005
type: https / port 443 should have IP address * (like the first line for http).  That will make https available on interfaces other than the loopback (127.0.0.1).  The loopback is what "localhost" resolves to.  The loopback is always local.

Try adding * as the IP address on the third entry from the bottom.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560072
After doing editing the HTTPS bindings, it doesnt work at all now, just get a page could not be found.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560197
Now its working, the website had stopped its service. But that didnt help either :(
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560719
Okay, let's get detailed...

The default web site bindings should look like the attached images.  (Sorry about the "*" in HTTPS - I hadn't bothered to look.)

 IIS Default Web Site bindings
 The HTTPS binding (shown highlighted in the first image) should have the detailed settings shown in the second image.

 Details of HTTPS default binding
Restart the IIS Admin service, just to ensure everything is in sync.

Test from the server console:
http://localhost <- does that redirect to OWA?
https://localhost <- does that redirect to OWA?
http://<ServerFQDN>  <- note: replace <ServerFQDN> with your server's FQDN
https://<ServerFQDN> <- same note as above

Which of these work, which do not?  Turn off friendly messages in your browser.  What error is shown for those that do not work?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562663
I've now tested it with your setup, attached my SSL certificate to the SSL binding.

http://localhost <- does redirect to OWA
https://localhost <- does redirect to OWA
http://<ServerFQDN>  <- Dont work! I replaced <ServerFQDN> with my server's FQDN
https://<ServerFQDN> <- Does work :)

Error is show that page could not be displayed

Thanks!

Here is my current config, but when using webmail.rkk.no it doesnt work :(
site-bind.jpg
0
Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

 
LVL 1

Author Comment

by:Mr Woober
ID: 36562695
I mean http://webmail.rkk.no doesnt redirect to HTTPS
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562741
Are you using webmail.rkk.no from inside your network, or outside?

On an inside workstation, do this...

C:\> nslookup webmail.rkk.no

Open in new window


From here, https://webmail.rkk.no works, and redirects to /owa just fine.

 Your webmail from outside.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562766
Yeah, but I want http://webamail.rkk.no redirect to the HTTPS page, so you dont have to write HTTPS everytime you should logon :)
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562837
nslookup webmail.rkk.no

Server: Uknown
Adress: x.x.0.10

Non-authorative answer:
Name: webmail.rkk.no
Address: x.x.108.76

Open in new window


But the webserver is at x.x.0.14
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562856
...but http://webmail.rkk.no does not redirect.  Nor do I get the default IIS page.  Is port 80 configured to connect to this server in your firewall config?
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 500 total points
ID: 36562896
So we have a couple of problems here.

First, I suspect that HTTP (TCP port 80) is not being forwarded through your firewall.  Obviously HTTPS (TCP port 443) is, or I wouldn't be able to get there from here.

Second, you have a DNS problem.  From outside (public DNS), I get this...

C:\>nslookup webmail.rkk.no
Server:  dc01.someplace.net
Address:  192.168.x.10

Non-authoritative answer:
Name:    webmail.rkk.no
Address:  79.160.108.76

That looks a lot like your reply.  (I didn't bother to mask this, since it's *public* DNS.)  So... when you say "the webserver is at x.x.0.14" - I'm guessing that "x.x" is a private (not public) IP address block.

I'm further guessing that "rkk.no" is not the name of your Active Directory domain.

If I'm right about some or all of this, then you'll need to configure split DNS - so that your public address space "rkk.no" resolves to private IP addresses when queried from inside your network.

Let me know if I'm getting warmer...
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562921
Now its working, I forgot to setup an policy to accept traffic on port 80 :\

Thanks for the help!
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 36562930
Thanks for good help :)
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562932
Tested from here.  Works OK from http://webmail.rkk.no.

Well done!
0

Featured Post

Microsoft Certification Exam 74-409

Veeam® is happy to provide the Microsoft community with a study guide prepared by MVP and MCT, Orin Thomas. This guide will take you through each of the exam objectives, helping you to prepare for and pass the examination.

Join & Write a Comment

Debug Tools to analyse IIS process: This article focus on taking memory dumps from IIS to determine which code is taking more time and to analyse which calls hangs/causes more CPU usage. To take dumps,download the following. Install1: To st…
A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
This video explains how to create simple products associated to Magento configurable product and offers fast way of their generation with Store Manager for Magento tool.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now