Solved

Masking an internal network redirect with IIS?

Posted on 2016-07-25
5
38 Views
Last Modified: 2016-07-30
I've got a sub-domain set up externally with masking that to goes a blog another group in our company is using.  I've created a sub-domain at our domain host of blog.company.org that redirects to programs.blogco.com/company - but is masked as blog.company.org.  No problem there.

What our employees see while at work is why I'm asking this question.  Because of the /company in the url, I know I can't do anything with the internal DNS like I usually would and I don't have an ip address for the blog site to point to.  I created an internal web site in IIS so I can do url rewrites or redirects but the address in browser always resolves back to programs.blogco.com/company - so that's what our staff sees.  While this isn't especially bothersome to me, I know the question will come as to why we can't show blog.company.org internally as well?  I've got the URL Rewrite and ARR modules installed but am struggling to make sense of it all and am not sure if what I'm looking for is possible.

So that is my question - is there anything I can do in IIS so what while at work, when our employees go the blog site, they see blog.company.org in their browser instead of programs.blogco.com/company like they do now?

I hope this is clear - as always, thanks in advance.
0
Comment
Question by:saabStory
  • 2
  • 2
5 Comments
 
LVL 49

Expert Comment

by:Ryan Chong
ID: 41728762
is that both domains within the intranet?
0
 
LVL 26

Accepted Solution

by:
Dan McFadden earned 500 total points
ID: 41729344
You don't need URL Rewrite or ARR.

1.  Do you have only 1 IIS box?
2.  Is the blog content on this IIS server
3.  Are you running AD?
3a.  If yes, is company.org your AD domain name?

Just setup an new internal site and point the root of the site to the location of the blog content.  This assumes that the content of the blog is on the same IIS server.

In DNS just create a CNAME pointing to the IIS servers internal name.  Use host names on the site bindings to point to the internal ip and use the CNAME created.

Dan
0
 

Author Comment

by:saabStory
ID: 41729472
Sorry - I didn't provide all the info - still somewhat new at this part.  Hopefully this will clear it up.

We have multiple servers in house, including 3 large VM hosts - 2 for internal applications and 1 for web applications and sites in a DMZ.  So, multiple instances of IIS running on the different web servers we have for various thing.  We run AD and have an internal DNS.  For the sake of this question, let's just say our domain name is northtx.org.

The blog is hosted on an external site at wix.com and that's where the problem begins as the address is: http://programs20.wixsite.com/northtx.

The '/' in the blog address, prevents me getting an ip address for an ANAME record and also makes it impossible to use a CNAME record as well. I've done multiples of those in other scenarios - it's the '/' that has me stumped as to what to do.

At the moment, I have a subdomain of blog.northtx.org set up on our domain host that redirect to wix and masks the address.  Internally, I have an internal web site bound to blog.northtx.org  that simply redirects internal traffic for blog.northtx.org to programs20.wixsite.com/northtx.  

What I need to know is if there is a way to configure IIS to mask the address like our domain host does so that our internal customers see blog.northtx.org instead of the wixsite address.

I hope that is clearer than before - my apologies for the confusion.
0
 
LVL 26

Expert Comment

by:Dan McFadden
ID: 41729799
What are you using for your AD domain name?

Why not just let your internal users hit the external site directly?

Dan
0
 

Author Comment

by:saabStory
ID: 41736173
Sorry for the late response - we've been short-handed and it 'other duties as assigned'.

Our only domain is the northtx.org.  We've been trying to figure out why we can't simply go there - don't know if its something with the firewall or something else - it's always been thus.  Problem is, the guy who built everything died a little over an year ago and had not shared all the details.  We've come to find out that a lot of it is pretty ad-hoc so there may not be an easy solution for this like I hoped.

I appreciate your time however - at the moment, I have to close this as I need to concentrate on some other projects for the next couple of months.
0

Featured Post

Do You Know the 4 Main Threat Actor Types?

Do you know the main threat actor types? Most attackers fall into one of four categories, each with their own favored tactics, techniques, and procedures.

Join & Write a Comment

Here are the symptoms: You start receiving calls from users that one of your legacy web apps isn't coming up, so you log into your IIS 5 server to check it out.  When you pull up the services, you notice that the WWW Publishing service isn't runn…
Lync server 2013 Backup Service Error ID 4049 – After File Share Migration
This demo shows you how to set up the containerized NetScaler CPX with NetScaler Management and Analytics System in a non-routable Mesos/Marathon environment for use with Micro-Services applications.
This video demonstrates how to create an example email signature rule for a department in a company using CodeTwo Exchange Rules. The signature will be inserted beneath users' latest emails in conversations and will be displayed in users' Sent Items…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

10 Experts available now in Live!

Get 1:1 Help Now