[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

IP address change for my website not working

Posted on 2012-08-23
21
Medium Priority
?
2,269 Views
Last Modified: 2012-08-27
Hello,
I have 2 static IP address on my company and I need to change a website from one to the other. We have the Domain hosted with godaddy and I went there and changed the a records to point to the new address that I want to use and after the changes propagate I just get an error page. 403 - Forbidden: Access is denied. That to me looks like an IIS error. (see attached image). We have a SonicWall firewall but to me it doesn't llok like a SonicWall error.
We are using IIS 7. What else do I need to change besides the a records on my ISP to change the website?
Thank you
Error.jpg
0
Comment
Question by:ocortesmx
  • 5
  • 5
  • 3
  • +4
19 Comments
 
LVL 17

Expert Comment

by:Brad Bouchard
ID: 38325154
I think what you need to do is clear your DNS cache.  I just attempted to go to your site:  www.lonestarmt.com and it worked for me.

Open a command prompt on your computer and type:  IPCONFIG/FLUSHDNS

Also, clear all browser history on your browser(s) and then try again.
0
 
LVL 1

Expert Comment

by:mr-kenny
ID: 38325178
have you checked, that the files of the web site are there in the physical path? Is there a index.htm or default.aspx?
0
 

Author Comment

by:ocortesmx
ID: 38325196
Thanks for the comment. It works fine now because I changed the a records on godaddy back to the original IP address. I couldn't have the website down all day. But if I change the IP address to the new one I get the same error.
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:ocortesmx
ID: 38325237
Yes the files on the website are on the physical path and it has the default.aspx. The site works fine when I put the old IP address back on godaddy
0
 
LVL 35

Expert Comment

by:Ernie Beek
ID: 38329522
Is that second public IP (on port 80 and 443) NATted (PATted) correctly to the internal IP of your webserver?
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 38329627
does your router support 2 external ip addresses ??
in IIS is your website bindings set to recieve from any ip address?

iis manager
what is the TTL at godaddy? It may take up to 24 hours for the address change to propogate throughout the network
0
 
LVL 81

Expert Comment

by:arnold
ID: 38329727
Make sure on the new site, that you are not restricting access by IP.

Does the new location work from the inside?

using local hosts file you can point the site to the new IP so you can test it.

Site binding is not the issue. The issue is whether anonymous user access is allowed.

sonicwall
oldIP port 80 => internal IP port 80
newIP port 80 => internal IP2 port 80

http://newip/ do you see the site?

Do you allow remote management of your SonicWall? Is the newIP used for that purpose with a restriction access from a specific IP/range?  It might be that is what is going on.
while you think you are going to yoursite.com you actually hitting the sonicwall configuration website and it is denying access because of the Access control you have configured for remote management.
0
 

Author Comment

by:ocortesmx
ID: 38329871
Hello,
erniebeek, how do you check the NATted?
ve3ofa, yes my SonicWall is using 2 static IP addresses and the site is accepting all unassigned on port 80 with the host name pointing to my domain.
arnold, there is not a new site, the site that I have running on static ip 1 and runs fine needs to be moved to static ip 2. The two ips are on the same sonicwall. If I type the new IP directly on the browser I get the same forbidden error. On the SonicWall for the new IP I don't have http or https checked for remote management.
This new IP is already being used y Exchange for our email server.

I don't know all the steps needed to make the move, I was thinking that there is a place on iis 7 to set the ip address of the webiste and changing  the a records with godaddy will be enough but I am missing something.
0
 
LVL 81

Expert Comment

by:arnold
ID: 38329921
Create a port forward ip2 port 80 to internal server port 80. And make sure it is enabled.
Currentip port 80 => internalip port 80
Newip port 80 => internalip port 80
See if that is allowed.
Then make sure that the site works using newip.

Alternatively, you can add an additional internal ip on the IIS site to which the second IP is pointed.
0
 

Author Comment

by:ocortesmx
ID: 38330039
arnold,
Sorry I am new to networking, when you say create a port forward ip2 to internal, are you talking about an access rule on the Firewall section of the sonicwall? And how you assign the secound ip on iis?
Thanks
0
 
LVL 81

Expert Comment

by:arnold
ID: 38330080
Yes you need to create a similar rule to what you currently have for the existing public ip for the new IP.
The issue might be that you did a one to one mapping from the second IP to the exchange server.
You add the additional IP under the properties of the network nterface, tcp/ip properties advanced.

Do you have multile sites defined? What info do you have in the display an example of which was posted by another expert earlier?
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 38331362
That error indicates anonymous access to the site is disabled.

It doesn't appear to be a port forwarding issue as you can see the IIS7 deny page.
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 38331498
Just a comment

Please contact us if there is anything we can do to serve you. We would love to partner with you and help make your business more successful.

HOW?
0
 
LVL 81

Accepted Solution

by:
arnold earned 1400 total points
ID: 38331668
the IIS 7 403 error can be coming from the Exchange server.
It can be a port forwarding issue.
one to one mapping public_IP to Internal_IP.
0
 
LVL 47

Expert Comment

by:Craig Beck
ID: 38333330
You port forward on the router though arnold, but the page we're seeing is an IIS page, not a router page so the port forward must be ok (otherwise we wouldn't see the IIS response).

The 403 error looks like an authentication issue.  If it was a port forwarding issue I'd expect you to see a "Page Can Not Be Found" error from the browser.

Generally if you have a one-to-one mapping you forward all ports to their corresponding ports on the internal server, so that again suggests its not a port forwarding issue.

@ocortesmx - can you take a screenshot of the Authentication page for the IIS site?
0
 
LVL 81

Expert Comment

by:arnold
ID: 38333372
If the forwarding points to the wrong server, the solution resides and can only be completed on the sonicwall.
Does the exchange also provides external web access to check for email?
0
 
LVL 47

Assisted Solution

by:Craig Beck
Craig Beck earned 600 total points
ID: 38333387
I see where you're going, arnold, but if that is the case and OWA is being forwarded then this does not have a solution other than to use a different IP address for the new website.  The SonicWall doesn't do host-header translation AFAIK.
0
 

Author Closing Comment

by:ocortesmx
ID: 38336748
The error is coming from Exchange we are using OWA and eventhough the port forwarding was working I am getting the error. I am asking my ISP to issue additional static IPs so I can have a new one for the website.
Thank you for all your help
0
 
LVL 84

Expert Comment

by:David Johnson, CD, MVP
ID: 38339417
you can always test using your new static address

http://70.123.234.123/

if that works then change your dns records at the registrar
0

Featured Post

Free Tool: Subnet Calculator

The subnet calculator helps you design networks by taking an IP address and network mask and returning information such as network, broadcast address, and host range.

One of a set of tools we're offering as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will show how Aten was able to supply easy management and control for Artear's video walls and wide range display configurations of their newsroom.
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…

834 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question