Solved

Unusual port numbers recorded when accessing IIS website through a Reverse Proxy

Posted on 2016-07-21
1
30 Views
Last Modified: 2016-07-21
Hello Experts

A customer of mine has an internal webserver that logs all accesses.  They used to use NAT to allow external access to this webserver and each access was recorded in the IIS logs as coming in on port 443 (correctly).

I have recently deployed an IIS based Reverse Proxy for them (along with DMZ / ASA firewall etc) and now the logs on the internal webserver records the access attempts as coming from the correct customer public IP addresses but on ports other than 443 (see attached image).

Everything seems to be working correctly and the firewall is only allowing 443 access from outside in so I am at a loss at the moment to explain the odd ports in the IIS logs - if anyone can offer a reason for this I would be most grateful.

Thanks.
1.jpg
0
Comment
Question by:Plagus
1 Comment
 
LVL 30

Accepted Solution

by:
renazonse earned 500 total points
ID: 41722994
I feel this is normal behavior. Access from the client source port will be something random with this setup like outbound access through your ASA to external services. If you watch the logs in the ASA you'll see the same situation reporting client source ports with normal destination ports.
0

Featured Post

How your wiki can always stay up-to-date

Quip doubles as a “living” wiki and a project management tool that evolves with your organization. As you finish projects in Quip, the work remains, easily accessible to all team members, new and old.
- Increase transparency
- Onboard new hires faster
- Access from mobile/offline

Join & Write a Comment

Running classic asp applications under Windows Server 2008 R2 (x64) and IIS 7 is not as easy as one may think. It took me a while to figure it out while getting error 8002801d a few times. After you install the OS you will need to install the fol…
Prologue It is often required to host multiple websites on a single instance of IIS, mostly in development environments instead of on production servers. I am sure it is not much a preferred solution on production servers but this is at least a pos…
It is a freely distributed piece of software for such tasks as photo retouching, image composition and image authoring. It works on many operating systems, in many languages.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

760 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

17 Experts available now in Live!

Get 1:1 Help Now