Multiple secure websites behind Sonicwall NSA 240

Hello,

i've got a Sonicwall NSA240 firewall and just one public IP address. I have changed the secure management port of the Sonicwall from 443 to 4433, because i needed port 443 to map to my Exchange 2010 server.

The problem now is that i have got another server (2012) where i am hosting another secure website (https) on IIS, which must be accessible from the internet using https!

I can't find the solution to get this thing to work. My hope is all on you guys! ;-)

Grts
Robert Reijnders
cAZtricumAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Blue Street TechLast KnightCommented:
Hi cAZtricum,

You should get more Public IPs.

I don't understand why you need to change ports. .. you can have many services running on the same ports.  If you want to track them just create custom services, e.g. exchange server, hosted exchange and https management is already set by default.

Is there a reason you need to do this?

Where are the servers located. .. in the DMZ?

Three firewall rules should do it with some custom NAT Policies routing the Pub Ips to the servers.
0
cAZtricumAuthor Commented:
Well, i have port 443 mapped to my exchange server because of outlook web access. There is another website i am running on IIS 8.0 which i also must access through port 443. So both servers needs to be accessed through the same port/service.
0
Blue Street TechLast KnightCommented:
The problem is not having enough Public IPs. Once you purchase 1 or 2 more (should be like an additional $10-25/mo, you can allocate each one to each server. Like I said using the same service ports doesn't matter.

The issue is the Public IP is only pointing to one server and since that server already used port 443 the other server must either be on its own pub IP or on a separate port.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Determine the Perfect Price for Your IT Services

Do you wonder if your IT business is truly profitable or if you should raise your prices? Learn how to calculate your overhead burden with our free interactive tool and use it to determine the right price for your IT services. Download your free eBook now!

cAZtricumAuthor Commented:
Thanks Diversiteit. I already feared this was the only solution. Nowadays it isn't so easy to get some extra public IP's. I will contact my ISP, thanks again!
0
Patrick BogersDatacenter platform engineer LindowsCommented:
Hi,

Even you get yourself an extra public ip adress OR you are stuck moving the new website to the same box Exchange is hosted on. This way IIS will determine based on host headers which website is called upon using port 443. (BTW this is not my advise, just a possibillity)
0
Blue Street TechLast KnightCommented:
I'm glad I could!

Why a 'B' though? See the grading guidelines: http://support.experts-exchange.com/customer/portal/articles/481419-what-grade-should-i-award-

Please explain or change to an 'A'.

Thanks, I appreciate it!
0
Patrick BogersDatacenter platform engineer LindowsCommented:
I dont think it is chique to ask for a better grade since we only told him his request is highly impossible?!
0
cAZtricumAuthor Commented:
It is a solution but not the one i hoped for, that's why. As Patricksr1972 mentioned, it is a little arrogant to ask for a better grade... Nevertheless thank you for your quick answers!
0
Blue Street TechLast KnightCommented:
Your welcome. It's not arrogance, just following the grading guidelines. :-)
Just because you don't like the answer doesn't change the fact that it is the answer. Thank you for your reply.

Cheers!
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Hardware Firewalls

From novice to tech pro — start learning today.