?
Solved

URL Rewriting

Posted on 2011-09-19
18
Medium Priority
?
725 Views
Last Modified: 2012-05-12
I've installed URL Rewriting on my IIS server, to redirect HTTP requests to my secure OWA folder. This works if I go to localhost from IE on my IIS server, but if I try to connect to the localhost from another machine on the same network I just get the default IIS7 page up.

What am I'm doing wrong here? Any requests from outside doesnt work either, but if I go to the HTTPS page it show the OWA login page.

Thanks for any help!
0
Comment
Question by:Mr Woober
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 10
  • 7
18 Comments
 
LVL 17

Expert Comment

by:Rovastar
ID: 36559829
How many websites do you have?

Often the Default IIS page is when traffic is directed to "DefaultWebSIte" as peopel leave that there even when not used.

Does traffic without the rewrite route ok ? (i.e. not going to the default page from outside the domain)

What rule are you using atm?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36559922
I only have one webpage, and thats the Outlook Web App for Exchange 2010. As I want it to redirect HTTP traffic to the HTTPS.

I cant reach the HTTP page outside the the server, nor either a server thats on the same network. But it works with HTTPS.

I've used this link to setup URL Rewrite:
http://morgansimonsen.wordpress.com/2009/04/02/using-iis-7-url-rewrite-module-to-simplify-exchange-2007-outlook-web-access-urls-on-windows-server-2008/

And got those rules they show here.
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36559942
Connect to localhost?  Localhost always points to the computer you're sitting in front of.  Try connecting to the server's name (FQDN is best) instead.

If the redirection worked from the server, but still does not work from other workstations, check your redirect target.  Don't redirect to localhost - client computers will misinterpret that to point to *themselves*.  Write your redirect to use the server FQDN.

If you're using a different DNS domain name for access from Intranet v. Internet, then you've got another level of complexity to resolve...
0
WatchGuard's M Series Appliances - Miecom Approved

WatchGuard's newest M series appliances were put to the test by Miercom.  We had great results and outperformed all of our competitors in both stateless and stateful traffic throghput scenarios! Ready to see how your UTM appliance stacked up? Download the Miercom Report!

 
LVL 1

Author Comment

by:Mr Woober
ID: 36559992
Hmm.. Doesnt work with the FQDN name, only with localhost.

I attached my site bindings in IIS, I tried to add the FQDN name but that didnt work either.
site-bindings.jpg
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560005
type: https / port 443 should have IP address * (like the first line for http).  That will make https available on interfaces other than the loopback (127.0.0.1).  The loopback is what "localhost" resolves to.  The loopback is always local.

Try adding * as the IP address on the third entry from the bottom.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560072
After doing editing the HTTPS bindings, it doesnt work at all now, just get a page could not be found.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36560197
Now its working, the website had stopped its service. But that didnt help either :(
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36560719
Okay, let's get detailed...

The default web site bindings should look like the attached images.  (Sorry about the "*" in HTTPS - I hadn't bothered to look.)

 IIS Default Web Site bindings
 The HTTPS binding (shown highlighted in the first image) should have the detailed settings shown in the second image.

 Details of HTTPS default binding
Restart the IIS Admin service, just to ensure everything is in sync.

Test from the server console:
http://localhost <- does that redirect to OWA?
https://localhost <- does that redirect to OWA?
http://<ServerFQDN>  <- note: replace <ServerFQDN> with your server's FQDN
https://<ServerFQDN> <- same note as above

Which of these work, which do not?  Turn off friendly messages in your browser.  What error is shown for those that do not work?
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562663
I've now tested it with your setup, attached my SSL certificate to the SSL binding.

http://localhost <- does redirect to OWA
https://localhost <- does redirect to OWA
http://<ServerFQDN>  <- Dont work! I replaced <ServerFQDN> with my server's FQDN
https://<ServerFQDN> <- Does work :)

Error is show that page could not be displayed

Thanks!

Here is my current config, but when using webmail.rkk.no it doesnt work :(
site-bind.jpg
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562695
I mean http://webmail.rkk.no doesnt redirect to HTTPS
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562741
Are you using webmail.rkk.no from inside your network, or outside?

On an inside workstation, do this...

C:\> nslookup webmail.rkk.no

Open in new window


From here, https://webmail.rkk.no works, and redirects to /owa just fine.

 Your webmail from outside.
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562766
Yeah, but I want http://webamail.rkk.no redirect to the HTTPS page, so you dont have to write HTTPS everytime you should logon :)
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562837
nslookup webmail.rkk.no

Server: Uknown
Adress: x.x.0.10

Non-authorative answer:
Name: webmail.rkk.no
Address: x.x.108.76

Open in new window


But the webserver is at x.x.0.14
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562856
...but http://webmail.rkk.no does not redirect.  Nor do I get the default IIS page.  Is port 80 configured to connect to this server in your firewall config?
0
 
LVL 6

Accepted Solution

by:
netjgrnaut earned 2000 total points
ID: 36562896
So we have a couple of problems here.

First, I suspect that HTTP (TCP port 80) is not being forwarded through your firewall.  Obviously HTTPS (TCP port 443) is, or I wouldn't be able to get there from here.

Second, you have a DNS problem.  From outside (public DNS), I get this...

C:\>nslookup webmail.rkk.no
Server:  dc01.someplace.net
Address:  192.168.x.10

Non-authoritative answer:
Name:    webmail.rkk.no
Address:  79.160.108.76

That looks a lot like your reply.  (I didn't bother to mask this, since it's *public* DNS.)  So... when you say "the webserver is at x.x.0.14" - I'm guessing that "x.x" is a private (not public) IP address block.

I'm further guessing that "rkk.no" is not the name of your Active Directory domain.

If I'm right about some or all of this, then you'll need to configure split DNS - so that your public address space "rkk.no" resolves to private IP addresses when queried from inside your network.

Let me know if I'm getting warmer...
0
 
LVL 1

Author Comment

by:Mr Woober
ID: 36562921
Now its working, I forgot to setup an policy to accept traffic on port 80 :\

Thanks for the help!
0
 
LVL 1

Author Closing Comment

by:Mr Woober
ID: 36562930
Thanks for good help :)
0
 
LVL 6

Expert Comment

by:netjgrnaut
ID: 36562932
Tested from here.  Works OK from http://webmail.rkk.no.

Well done!
0

Featured Post

How Blockchain Is Impacting Every Industry

Blockchain expert Alex Tapscott talks to Acronis VP Frank Jablonski about this revolutionary technology and how it's making inroads into other industries and facets of everyday life.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
A few customers have recently asked my thoughts on Password Managers.  As Security is a big part of our industry I was initially very hesitant and sceptical about giving a program all of my secret passwords.  But as I was getting asked about them mo…
If you’ve ever visited a web page and noticed a cool font that you really liked the look of, but couldn’t figure out which font it was so that you could use it for your own work, then this video is for you! In this Micro Tutorial, you'll learn yo…
In this video you will find out how to export Office 365 mailboxes using the built in eDiscovery tool. Bear in mind that although this method might be useful in some cases, using PST files as Office 365 backup is troublesome in a long run (more on t…

752 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question