• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 241
  • Last Modified:

Reverse Proxy / Same External IP hostnames

Hi,

I have two requirements I believe one is easier than the other though.

I want to be able to use a Reverse Proxy in IIS (I believe).

This is what we have.

One external IP address - 152.152.152.152 (an example) - internal IP 172.16.50.201
Multiple IIS websites which can only ever be on Port 80 on different servers. In this example, lets say two servers. IP on internal servers are: 172.16.51.201 & 172.16.52.202. These two servers are independent and on completely different domains.
My idea would be to point two public DNS records (mysite.site.com and thesite.site.com) to 152.152.152.152 then the client goes to one of the sites and it sees what the hostname is and then points them to the correct server (lets say mysite.site.com should go to 172.16.51.201 and thesite.site.com to 172.16.52.202).

The other objective is pretty much the same - using one external IP but based on the hostname we would like to use port 3389 for RDP to connect to different servers.

Any help would be good please.

Thanks,
Alex
0
BoltonWanderer
Asked:
BoltonWanderer
2 Solutions
 
Jakob DigranesSenior ConsultantCommented:
For the first requirements, it's rather simple. Use Win2012 R2 reverse proxy - then you can set multiple external names to one IP for proxying several inside services on different IPs. I just recently published Exchange 2013 and Lync 2013 using a Win2012R2 Reverse Proxy with one IP. Worked .... okayish. Androids couldn't use activesync, but for plain websites it should be okay.

The second one - here you need either different ports or different IPs
0
 
Steve KnightIT ConsultancyCommented:
Main problem with reverse proxy type situations with one ip is whether you need ssl or not as the information that says what site you want is part of the encrypted https stream.  It would have to decrypt then identify the site.  Without ssl it works well.

For rdp you can use the rdp gateway function. It isn't quite as easy as point 3389 at it and let it sort out as by default or wouldn't know which machine you want.  That uses two ports which you can amend in the 2012 versions.

Steve
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

How do you know if your security is working?

Protecting your business doesn’t have to mean sifting through endless alerts and notifications. With WatchGuard Total Security Suite, you can feel confident that your business is secure, meaning you can get back to the things that have been sitting on your to-do list.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now