Solved

Moving web servers into a DMZ?

Posted on 2016-10-25
3
46 Views
Last Modified: 2016-11-07
We've a pair of load balanced MS Windows 2008 R2 servers setup as a cluster for redundancy running IIS7.5.  And we host about 40 sites and domains.  We're using MS Load Balancer app.

I need to move these sites into a DMZ.  So my first question is do I have to change the ip address on the web servers and assign one from the DMZ subnet?  Or should I just be able to change the ip address of the sites and assign them an address from the DMZ.

I tried doing that today and it didn't work.  It worked fine on the server itself.  But when I try to access the site by ip it can't be found.

Let me  know if you need more info.

Thanks
0
Comment
Question by:mobot
  • 2
3 Comments
 
LVL 24

Accepted Solution

by:
Dr. Klahn earned 500 total points
ID: 41859513
Presumably your web servers are now inside your LAN and the firewall has been told to route port 80 traffic to their current IP address.

Then the first step would be to reassign them new static IP addresses inside the DMZ, which you've done.

If the servers host multiple sites, access by IP address might not work correctly.  Virtual hosts are "routed to" internally in the server by the hostname section of the incoming URL.

When you moved the servers into the DMZ, was the firewall told to route port 80 traffic to their new IP address?
0
 

Author Comment

by:mobot
ID: 41864197
I didn't move the actual IIS servers that host the sites into the DMZ.

What I did was add an ip address from the DMZ subnet to the cluster properties.  Then assign that address from the DMZ subnet to a site.  I made the appropriate changes to DNS,  DNS resolves correctly.
I can access the site in IIS Manager on the server.

But from my workstation's browser I can't access the site.

So I'm asking do I need to assign addresses from the DMZ subnet to the IIS servers before I add the sites to the DMZ?

Thanks
0
 

Author Comment

by:mobot
ID: 41872727
Anyone???
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

In our day to day coding, how many times have we come across a necessity to check whether a URL is a broken link or not? For those of you that answered countless and are using ColdFusion like myself, then this article is for you.  It will show yo…
If you don't have the right permissions set for your WordPress location in IIS, you won't be able to perform automatic updates. Here's how to fix the problem.
This tutorial gives a high-level tour of the interface of Marketo (a marketing automation tool to help businesses track and engage prospective customers and drive them to purchase). You will see the main areas including Marketing Activities, Design …
This is used to tweak the memory usage for your computer, it is used for servers more so than workstations but just be careful editing registry settings as it may cause irreversible results. I hold no responsibility for anything you do to the regist…

912 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now