Solved

Two URL's pointing to 1 Website - Redirect URL1 to URL2

Posted on 2014-03-28
11
367 Views
Last Modified: 2014-04-03
I've just published a site to the web which staff access using https://URL-1.acme.com and it's working fine. When users access the site internally they use https://URL-2.acme.com.

To make things simpler for staff I'd like them to be able to access the site internally using either URL-1 or URL-2. I've created an internal DNS record for URL-1 to point to the web server and users can browse to the site.

The issue is the site internally is https://URL-2.acme.com with an SSL Cert of the same name bound to it and when a user browses internally using URL-1 they're getting an SSL warning due to mismatched address.

Ideally what i'd like is when a user browses to URL-1 internally it's automatically redirected to URL-2 but I've poked around and can't find anything obvious so hoping someone here can help before I break things.

Hopefully that makes sense and let me know if you need me to provide more info. Thanks in advance.
0
Comment
Question by:misfit139
  • 5
  • 5
11 Comments
 
LVL 28

Expert Comment

by:becraig
ID: 39963044
URL Rewrite would be  your best bet here:
More info on URL rewrite :
http://www.surfingsuccess.com/asp/iis-url-rewrite.html


An example for you would be:
http_host matches url1 and {REMOTE_ADDR}  matches your internal ips
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 150 total points
ID: 39963048
Quick and dirty way is to have an index.html that just contains this to redirect to the main url.

<META http-equiv="refresh" content="0;URL=http://main-site">
0
 
LVL 28

Assisted Solution

by:becraig
becraig earned 350 total points
ID: 39963051
Here is a much clearer walkthrough on using URL rewrite to accomplish what you need:
https://docs.gosecureauth.com/display/docs/URL+Rewrite+-+IP+Restrictions


I am assuming here you want anyone who is not internal to still be able to access URL1 ?
0
 
LVL 1

Author Comment

by:misfit139
ID: 39963266
Thanks for the responses guys and sorry for not getting back to you sooner. I tried the quick and dirty way suggested by Gary but you still get the Cert Warning and then when you click continue it does change the URL.

I've also installed the URL Rewrite module, rebooted the server and tried following the walkthrough but not having any luck. I have tried "redirect" and "rewrite" I've tried it from the top level of IIS and from the Website but nothing happens.

Not sure where i'm going wrong and yes becraig I still want URL-1 to be accessible to external users.
Redirect2.JPG
Redirect.JPG
0
 
LVL 28

Expert Comment

by:becraig
ID: 39963325
Ok so here is what you need to do

1.  This first pattern is good *
2. Logical grouping should be {REMOTE_ADDR}  (This should be your internal IP address, e.g. 192.168.1.*)

Then you do the redirect URL

Send it to URL2 etc



IIsreset and test.
0
IT, Stop Being Called Into Every Meeting

Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

 
LVL 1

Author Comment

by:misfit139
ID: 39963448
Hi Becraig, thanks for your reply. I've tried as you suggested but now I'm getting Page cannot be displayed, I disabled the rule and I'm then go back to getting the Cert error.

Tested from two PC's both on 192.168.160.x subnet.
Redirect3.JPG
0
 
LVL 28

Expert Comment

by:becraig
ID: 39963542
Ok so first issue

Please double check the destination URL in the rule since the page cannot be displayed sounds like a DNS resolution error.

It is obvious the redirect based on ip works since you get a different result in the browser, please ensure you can resolve the redirect URL ;

Nslookup site2 from a command prompt.  

Second.

You will get the cert error since you are loading a site different to the one requested.
0
 
LVL 1

Author Comment

by:misfit139
ID: 39963590
Disabled URL Rewrite rule retsart IIS
Checked the redirect URL, copied and pasted in to a browser and works.
Nslookup returns the correct IP for both URL from the same PC I tested on.
I can browse to both URL's

Enable URL Rewrite rule Restart IIS
From test PC browse to URL-1 get Cert error, click on continue and stay on URL-1 "Page cannot be displayed.
From test PC browse to URL-2 no cert error straight to Page cannot be displayed.
Nslookup still returns the IP of the Webserver on both URL's and can ping that IP.

Here is the code from the Web.config file

<rules>
                <rule name="URL-1 to URL-2" enabled="true" stopProcessing="true">
                    <match url=".*" />
                    <conditions logicalGrouping="MatchAny">
                        <add input="{REMOTE_ADDR}" pattern="192.168.*.*" />
                    </conditions>
                    <action type="Redirect" url="https://URL-2.acme.com/{R:0}" appendQueryString="true" />


Also you said "It is obvious the redirect based on ip works since you get a different result in the browser"

I actually don't think it is working, when I browse to URL-1 it remains on URL-1 after clicking on continue on Cert error page. That is with the Rule enabled or disabled, the only difference being the page is displayed when the rule is disabled.
0
 
LVL 1

Accepted Solution

by:
misfit139 earned 0 total points
ID: 39963794
Doing some reading and it appears it's not possible to do it the way we are trying. A redirection by URL Rewrite will only happen once the SSL connection is established. It would be getting an error though as the URL i'm connecting to is not covered by the Certificate bound to 443.

So what I've done is added a second IP and bound it to 443 with the URL-1 Certificate. Now it just works on both URL's and i can play around with URL Rewrite later if I want.

A more efficient way of doing it would be to get a Cert that allowed multiple SAN entries and remove the need for a second IP.

Thanks for all your efforts Becraig and thank you Gary for your post as well.
0
 
LVL 28

Expert Comment

by:becraig
ID: 39963871
Your problem here as indicated above is the SSL redirect.  

There are ways to resolve that, which will allow URL rewrite to work.
0
 
LVL 1

Author Closing Comment

by:misfit139
ID: 39974505
If like me you are trying to redirect one SSL URL to a second SSL URL and the second URL is the only SAN valid on the Certificate. Then URL Rewrite doesn't work because the SSL connection fails to establish due to the Certificate mismatch. In a different situation both the other guys answers would be more beneficial.
0

Featured Post

Highfive + Dolby Voice = No More Audio Complaints!

Poor audio quality is one of the top reasons people don’t use video conferencing. Get the crispest, clearest audio powered by Dolby Voice in every meeting. Highfive and Dolby Voice deliver the best video conferencing and audio experience for every meeting and every room.

Join & Write a Comment

Developer tools in browsers have been around for a while, yet they are still heavily underused by developers. Developers still fix html or CSS then refresh page to see effect, or they put alert or debugger in JavaScript and then try again and again …
Have you tried to learn about Unicode, UTF-8, and multibyte text encoding and all the articles are just too "academic" or too technical? This article aims to make the whole topic easy for just about anyone to understand.
The viewer will learn how to count occurrences of each item in an array.
The viewer will the learn the benefit of plain text editors and code an HTML5 based template for use in further tutorials.

705 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now