Redirect IIS web requests to 2nd internal IIS server

Our company recently upgraded to Small Business Server 2011 running iis 7.  We have a single public IP address.  Another of our server running Windows Server 2003 R2  and iis 6 contains a website we use for tracking billable time that is connected to an SQL database on that server.  This website is accessed internally via http://host\XX being a directory under the default site of that server.

What I would like to do is be able to use or to access this site from outside of the domain.  All incoming http/https request come into the SBS 2011 server so it would need to redirect the requests to the other server.

So essentially, any requests coming into (or to the front end server would be send to \\backendserver/XX.  I don't think this is an impossible task, but it's a bit beyond my pay grade.

Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

David Johnson, CD, MVPOwnerCommented:
in your dns setup a cname record  internalipaddress of server 2
klgermanAuthor Commented:
Can you elaborate?  Our domain registrar ( handles DNS for our public domain and SBS 2011 handles DNS internally.  Are you saying to create that cname internally?  And in that case, how will that work for connections coming in from outside of the domain?

Maybe I am over complicating things, but I was thinking this was more than a simple DNS entry.

Thank you.

dependig of what you have as SBS you should have ISA Server or not. ISA can be used to redirect your incomming trafic to your internal web server. If not the firewall can NAT the 80/443 ports to internal IP that host your web service.
I still recomend to use ISA or another firewall/revers proxy software in order to protect your web service.

Protecting & Securing Your Critical Data

Considering 93 percent of companies file for bankruptcy within 12 months of a disaster that blocked access to their data for 10 days or more, planning for the worst is just smart business. Learn how Acronis Backup integrates security at every stage

Cliff GaliherCommented:
What you describe is called a reverse proxy, and SBS 2011 cannot be a reverse proxy server. You would need to set one up in front of servers at the network edge (most UTM security appliances also have reverse proxy capabilities) and, ideally, you should request a second IP from your ISP to make port management easier.

klgermanAuthor Commented:

After reading your post, i've done a bit of research and it looks like the Application Request Routing extension for IIS 7 can do this reverse proxy.  Does that make sense?  I don't want to just jump in and installing it without knowing much about it.
Cliff GaliherCommented:
IIS has supported reverse proxy since v5, but it cannot coexist with some of the other roles on SBS 2011. Thus, as I said above, SBS 2011 cannot do what you desire. Reverse proxy setups such as what you want must be done at the network edge due to limitations of NAT.

klgermanAuthor Commented:
It appears that I can accomplish what I am trying to do with a combination of IIS 7, URL Rewrite and Application Request Routing.  So below, I would like to tidy things up a bit and reiterate what I would like to accomplish now based on this information.  

All HTTP/HTTPS requests into get handled normally by SBS 2011/IIS7 (frontendserver.domain.local) with one exception:

I would like requests for to be redirected to sqlserver.domain.local/tk.  I have decided not to go with because it is not on our UCC certificate and we will get certificate errors.

Open in new window

klgermanAuthor Commented:
Sorry Cliff, I posted that last one before I had a chance to read yours.  I'm not trying to ignore what you are saying. :)

So the general consensus is that without an additional external IP or network appliance to use, I am dead in the water?
Greg HejlPrincipal ConsultantCommented:
do you have a firewall/router?

you can port forward to the IIS6 server from the external IP to the internal IP - set IIS binding to port 8080 - it looks like this

the port info has to be entered by the user

this way you can use your sbs when you move the iis 6 app to iis 7

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
David Johnson, CD, MVPOwnerCommented:
Godaddy is just your domain registrar or does it also host a website?
Either way set up an A record on Godaddy that points to your sbs dns server
on your sbs dns
set up a cname record that points to the server 2003 web server

klgermanAuthor Commented:

Yes, we have a very simple D-Link firewall that has worked great for us for years.  I know I can go the port forwarding route, but I was hoping for something a little "cleaner".  I get a little OCD when it comes to these matters.  Additionally, my user base is not the most knowledgeable when it comes to I.T., so the simpler, the better.  I guess I could always create a link in the landing page of the Remote Web Workplace and they can link to it through there.


Godaddy is only our domain registrar.  Our website is hosted through another local company.  The sbs does not have a public IP as we are behind a NAT firewall (see above).  Probably an important piece of information I should have mentioned earlier. :)

At this point i'm thinking it is best to go the port forwarding route and cut my losses on the "clean" method as its not worth the time i've already put into it.
klgermanAuthor Commented:
Not exactly the answers I hoped for, but I thank everyone for their feedback.  I have used port forwarding to turn a difficult problem into an easy solution.
Greg HejlPrincipal ConsultantCommented:

glad i could help,

I too have a touch of ocd - the most elegant solution will be moving your app from iis6 to iis7 on your sbs box.

good luck!
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Microsoft IIS Web Server

From novice to tech pro — start learning today.