Learn how to a build a cloud-first strategyRegister Now

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 741
  • Last Modified:

URL Rewriting

I've installed URL Rewriting on my IIS server, to redirect HTTP requests to my secure OWA folder. This works if I go to localhost from IE on my IIS server, but if I try to connect to the localhost from another machine on the same network I just get the default IIS7 page up.

What am I'm doing wrong here? Any requests from outside doesnt work either, but if I go to the HTTPS page it show the OWA login page.

Thanks for any help!
0
Mr Woober
Asked:
Mr Woober
  • 10
  • 7
1 Solution
 
RovastarCommented:
How many websites do you have?

Often the Default IIS page is when traffic is directed to "DefaultWebSIte" as peopel leave that there even when not used.

Does traffic without the rewrite route ok ? (i.e. not going to the default page from outside the domain)

What rule are you using atm?
0
 
Mr WooberAuthor Commented:
I only have one webpage, and thats the Outlook Web App for Exchange 2010. As I want it to redirect HTTP traffic to the HTTPS.

I cant reach the HTTP page outside the the server, nor either a server thats on the same network. But it works with HTTPS.

I've used this link to setup URL Rewrite:
http://morgansimonsen.wordpress.com/2009/04/02/using-iis-7-url-rewrite-module-to-simplify-exchange-2007-outlook-web-access-urls-on-windows-server-2008/

And got those rules they show here.
0
 
netjgrnautCommented:
Connect to localhost?  Localhost always points to the computer you're sitting in front of.  Try connecting to the server's name (FQDN is best) instead.

If the redirection worked from the server, but still does not work from other workstations, check your redirect target.  Don't redirect to localhost - client computers will misinterpret that to point to *themselves*.  Write your redirect to use the server FQDN.

If you're using a different DNS domain name for access from Intranet v. Internet, then you've got another level of complexity to resolve...
0
Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

 
Mr WooberAuthor Commented:
Hmm.. Doesnt work with the FQDN name, only with localhost.

I attached my site bindings in IIS, I tried to add the FQDN name but that didnt work either.
site-bindings.jpg
0
 
netjgrnautCommented:
type: https / port 443 should have IP address * (like the first line for http).  That will make https available on interfaces other than the loopback (127.0.0.1).  The loopback is what "localhost" resolves to.  The loopback is always local.

Try adding * as the IP address on the third entry from the bottom.
0
 
Mr WooberAuthor Commented:
After doing editing the HTTPS bindings, it doesnt work at all now, just get a page could not be found.
0
 
Mr WooberAuthor Commented:
Now its working, the website had stopped its service. But that didnt help either :(
0
 
netjgrnautCommented:
Okay, let's get detailed...

The default web site bindings should look like the attached images.  (Sorry about the "*" in HTTPS - I hadn't bothered to look.)

 IIS Default Web Site bindings
 The HTTPS binding (shown highlighted in the first image) should have the detailed settings shown in the second image.

 Details of HTTPS default binding
Restart the IIS Admin service, just to ensure everything is in sync.

Test from the server console:
http://localhost <- does that redirect to OWA?
https://localhost <- does that redirect to OWA?
http://<ServerFQDN>  <- note: replace <ServerFQDN> with your server's FQDN
https://<ServerFQDN> <- same note as above

Which of these work, which do not?  Turn off friendly messages in your browser.  What error is shown for those that do not work?
0
 
Mr WooberAuthor Commented:
I've now tested it with your setup, attached my SSL certificate to the SSL binding.

http://localhost <- does redirect to OWA
https://localhost <- does redirect to OWA
http://<ServerFQDN>  <- Dont work! I replaced <ServerFQDN> with my server's FQDN
https://<ServerFQDN> <- Does work :)

Error is show that page could not be displayed

Thanks!

Here is my current config, but when using webmail.rkk.no it doesnt work :(
site-bind.jpg
0
 
Mr WooberAuthor Commented:
I mean http://webmail.rkk.no doesnt redirect to HTTPS
0
 
netjgrnautCommented:
Are you using webmail.rkk.no from inside your network, or outside?

On an inside workstation, do this...

C:\> nslookup webmail.rkk.no

Open in new window


From here, https://webmail.rkk.no works, and redirects to /owa just fine.

 Your webmail from outside.
0
 
Mr WooberAuthor Commented:
Yeah, but I want http://webamail.rkk.no redirect to the HTTPS page, so you dont have to write HTTPS everytime you should logon :)
0
 
Mr WooberAuthor Commented:
nslookup webmail.rkk.no

Server: Uknown
Adress: x.x.0.10

Non-authorative answer:
Name: webmail.rkk.no
Address: x.x.108.76

Open in new window


But the webserver is at x.x.0.14
0
 
netjgrnautCommented:
...but http://webmail.rkk.no does not redirect.  Nor do I get the default IIS page.  Is port 80 configured to connect to this server in your firewall config?
0
 
netjgrnautCommented:
So we have a couple of problems here.

First, I suspect that HTTP (TCP port 80) is not being forwarded through your firewall.  Obviously HTTPS (TCP port 443) is, or I wouldn't be able to get there from here.

Second, you have a DNS problem.  From outside (public DNS), I get this...

C:\>nslookup webmail.rkk.no
Server:  dc01.someplace.net
Address:  192.168.x.10

Non-authoritative answer:
Name:    webmail.rkk.no
Address:  79.160.108.76

That looks a lot like your reply.  (I didn't bother to mask this, since it's *public* DNS.)  So... when you say "the webserver is at x.x.0.14" - I'm guessing that "x.x" is a private (not public) IP address block.

I'm further guessing that "rkk.no" is not the name of your Active Directory domain.

If I'm right about some or all of this, then you'll need to configure split DNS - so that your public address space "rkk.no" resolves to private IP addresses when queried from inside your network.

Let me know if I'm getting warmer...
0
 
Mr WooberAuthor Commented:
Now its working, I forgot to setup an policy to accept traffic on port 80 :\

Thanks for the help!
0
 
Mr WooberAuthor Commented:
Thanks for good help :)
0
 
netjgrnautCommented:
Tested from here.  Works OK from http://webmail.rkk.no.

Well done!
0

Featured Post

Free Tool: ZipGrep

ZipGrep is a utility that can list and search zip (.war, .ear, .jar, etc) archives for text patterns, without the need to extract the archive's contents.

One of a set of tools we're offering as a way to say thank you for being a part of the community.

  • 10
  • 7
Tackle projects and never again get stuck behind a technical roadblock.
Join Now