Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Two URL's pointing to 1 Website - Redirect URL1 to URL2

Posted on 2014-03-28
11
Medium Priority
?
425 Views
Last Modified: 2014-04-03
I've just published a site to the web which staff access using https://URL-1.acme.com and it's working fine. When users access the site internally they use https://URL-2.acme.com.

To make things simpler for staff I'd like them to be able to access the site internally using either URL-1 or URL-2. I've created an internal DNS record for URL-1 to point to the web server and users can browse to the site.

The issue is the site internally is https://URL-2.acme.com with an SSL Cert of the same name bound to it and when a user browses internally using URL-1 they're getting an SSL warning due to mismatched address.

Ideally what i'd like is when a user browses to URL-1 internally it's automatically redirected to URL-2 but I've poked around and can't find anything obvious so hoping someone here can help before I break things.

Hopefully that makes sense and let me know if you need me to provide more info. Thanks in advance.
0
Comment
Question by:misfit139
  • 5
  • 5
11 Comments
 
LVL 29

Expert Comment

by:becraig
ID: 39963044
URL Rewrite would be  your best bet here:
More info on URL rewrite :
http://www.surfingsuccess.com/asp/iis-url-rewrite.html


An example for you would be:
http_host matches url1 and {REMOTE_ADDR}  matches your internal ips
0
 
LVL 58

Assisted Solution

by:Gary
Gary earned 450 total points
ID: 39963048
Quick and dirty way is to have an index.html that just contains this to redirect to the main url.

<META http-equiv="refresh" content="0;URL=http://main-site">
0
 
LVL 29

Assisted Solution

by:becraig
becraig earned 1050 total points
ID: 39963051
Here is a much clearer walkthrough on using URL rewrite to accomplish what you need:
https://docs.gosecureauth.com/display/docs/URL+Rewrite+-+IP+Restrictions


I am assuming here you want anyone who is not internal to still be able to access URL1 ?
0
VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

 
LVL 1

Author Comment

by:misfit139
ID: 39963266
Thanks for the responses guys and sorry for not getting back to you sooner. I tried the quick and dirty way suggested by Gary but you still get the Cert Warning and then when you click continue it does change the URL.

I've also installed the URL Rewrite module, rebooted the server and tried following the walkthrough but not having any luck. I have tried "redirect" and "rewrite" I've tried it from the top level of IIS and from the Website but nothing happens.

Not sure where i'm going wrong and yes becraig I still want URL-1 to be accessible to external users.
Redirect2.JPG
Redirect.JPG
0
 
LVL 29

Expert Comment

by:becraig
ID: 39963325
Ok so here is what you need to do

1.  This first pattern is good *
2. Logical grouping should be {REMOTE_ADDR}  (This should be your internal IP address, e.g. 192.168.1.*)

Then you do the redirect URL

Send it to URL2 etc



IIsreset and test.
0
 
LVL 1

Author Comment

by:misfit139
ID: 39963448
Hi Becraig, thanks for your reply. I've tried as you suggested but now I'm getting Page cannot be displayed, I disabled the rule and I'm then go back to getting the Cert error.

Tested from two PC's both on 192.168.160.x subnet.
Redirect3.JPG
0
 
LVL 29

Expert Comment

by:becraig
ID: 39963542
Ok so first issue

Please double check the destination URL in the rule since the page cannot be displayed sounds like a DNS resolution error.

It is obvious the redirect based on ip works since you get a different result in the browser, please ensure you can resolve the redirect URL ;

Nslookup site2 from a command prompt.  

Second.

You will get the cert error since you are loading a site different to the one requested.
0
 
LVL 1

Author Comment

by:misfit139
ID: 39963590
Disabled URL Rewrite rule retsart IIS
Checked the redirect URL, copied and pasted in to a browser and works.
Nslookup returns the correct IP for both URL from the same PC I tested on.
I can browse to both URL's

Enable URL Rewrite rule Restart IIS
From test PC browse to URL-1 get Cert error, click on continue and stay on URL-1 "Page cannot be displayed.
From test PC browse to URL-2 no cert error straight to Page cannot be displayed.
Nslookup still returns the IP of the Webserver on both URL's and can ping that IP.

Here is the code from the Web.config file

<rules>
                <rule name="URL-1 to URL-2" enabled="true" stopProcessing="true">
                    <match url=".*" />
                    <conditions logicalGrouping="MatchAny">
                        <add input="{REMOTE_ADDR}" pattern="192.168.*.*" />
                    </conditions>
                    <action type="Redirect" url="https://URL-2.acme.com/{R:0}" appendQueryString="true" />


Also you said "It is obvious the redirect based on ip works since you get a different result in the browser"

I actually don't think it is working, when I browse to URL-1 it remains on URL-1 after clicking on continue on Cert error page. That is with the Rule enabled or disabled, the only difference being the page is displayed when the rule is disabled.
0
 
LVL 1

Accepted Solution

by:
misfit139 earned 0 total points
ID: 39963794
Doing some reading and it appears it's not possible to do it the way we are trying. A redirection by URL Rewrite will only happen once the SSL connection is established. It would be getting an error though as the URL i'm connecting to is not covered by the Certificate bound to 443.

So what I've done is added a second IP and bound it to 443 with the URL-1 Certificate. Now it just works on both URL's and i can play around with URL Rewrite later if I want.

A more efficient way of doing it would be to get a Cert that allowed multiple SAN entries and remove the need for a second IP.

Thanks for all your efforts Becraig and thank you Gary for your post as well.
0
 
LVL 29

Expert Comment

by:becraig
ID: 39963871
Your problem here as indicated above is the SSL redirect.  

There are ways to resolve that, which will allow URL rewrite to work.
0
 
LVL 1

Author Closing Comment

by:misfit139
ID: 39974505
If like me you are trying to redirect one SSL URL to a second SSL URL and the second URL is the only SAN valid on the Certificate. Then URL Rewrite doesn't work because the SSL connection fails to establish due to the Certificate mismatch. In a different situation both the other guys answers would be more beneficial.
0

Featured Post

Vote for the Most Valuable Expert

It’s time to recognize experts that go above and beyond with helpful solutions and engagement on site. Choose from the top experts in the Hall of Fame or on the right rail of your favorite topic page. Look for the blue “Nominate” button on their profile to vote.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

These days, all we hear about hacktivists took down so and so websites and retrieved thousands of user’s data. One of the techniques to get unauthorized access to database is by performing SQL injection. This article is quite lengthy which gives bas…
Without even knowing it, most of us are using web applications on a daily basis.  In fact, Gmail and Yahoo email, Twitter, Facebook, and eBay are used by most of us daily—and they are web applications. We generally confuse these web applications to…
HTML5 has deprecated a few of the older ways of showing media as well as offering up a new way to create games and animations. Audio, video, and canvas are just a few of the adjustments made between XHTML and HTML5. As we learned in our last micr…
Wufoo.com provides powerful tools for surveying targeted groups, and utilizing data from completed surveys to find trends, discover areas of demand or customer expectation, and make business decisions on products or services.
Suggested Courses

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question