Ok, this is complicated to describe:
We have our primary web domain on bluehost y.net.
We have a sub-domain that we redirected from bluehost to a DMZ webserver at our local office. So the sub-domain is x.y.net. I can hit the default IIS webpage through HTTP with that, so the redirect is working.
Now, it turns out the previous IT admin also has a redirect from bluehost for our exchange/owa login. He also had a digicert UCC certificate on it. Now, I can add the new subdomain to that but then I have two redirects to our external IP with no way to differentiate which HTTPS requests go to which server. Redirects cannot specify external ports on Bluehost for port forwarding.
We use a Netgear UTM25 firewall and I don't see how to make any rules that can differentiate this traffic.
At first I was going to replace the UCC with a wildcard and consolidate everything, but that still doesn't solve my HTTPS routing problem.
The solutions I have come up with:
1. Specify second external IP on the second WAN port, but I am not sure that won't cause issues with internal routing as the web server has to communicate with our DNS and an SQL server through port forwards.
2. Remove the sub-domain for the exchange server and make the connection instead through an external port forward, but I am not sure that will alleviate the HTTPS confusion.