Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations John Tel on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

IIS webserver set up on the Internet - router

Status
Not open for further replies.
topub

topub

Programmer
Jun 6, 2006
42
US
Hi everyone,
Pardon me if this question is in the wrong forum.

We have a few IIS webserver that we want to open to the Internet. What is the best method?

Code: 
Case1:
Have a routing server that takes all the requests [that only listens on port 80, 443] and redirects depending on the URL.

ex:
[URL unfurl="true"]https://www.domain.com[/URL] - redirected to 192.168.1.1 [internal IP]
[URL unfurl="true"]https://server2.domain.com[/URL] - redirected to 192.168.1.2 [internal IP]
[URL unfurl="true"]https://server3.domain.com[/URL] - redirected to 192.168.1.3 [internal IP]

Each of these internal webservers open only ports 80 and 443
Code: 
Case2:
Put each webserver server2, server3.... open to the internet with different URL

so each request goes directly to the machine than through a routing machine.
NOTE: pardon me if I use the word router in more than one sense. Here I am referring to a machine that is both a secure firewall that is a router and may be more..whatever it needs to be to keep internal servers secure

Or if there is a better method to do this....please share with me or point me some URLs that would be helpful.

a whole lot of thanks,
UB
 
Sort by date Sort by votes
Both cases will work, the only thing is that is that case two will require more public IP addresses. I like case one as you do not mention any type of firewall protection in case two.
 
Upvote 0 Downvote
thanks WhoKilledKenny ....
I am looking for a some input on how to implement those cases.. or if there is a better approach.

Code: 
...some to my earlier question..
this server2, server3 webservers talk to a database servers. But I dont want to have "connection String" to be availabe any where on a server that is open to public

Is there a way to do this?
 
Upvote 0 Downvote
the router option is the simplest option and most flexible, if you need to take a server down for maintenance you simply point to a different IP.

Connections strings will not be "visible" unless you have access directly to the servers (or FTP)



Chris.

Indifference will be the downfall of mankind, but who cares?
Woo Hoo! the cobblers kids get new shoes.
People Counting Systems

So long, and thanks for all the fish.
 
Upvote 0 Downvote
Thanks Chris..
Lets say if that machine is hacked into... they'll have access to the file system... so they have the connection string.
 
Upvote 0 Downvote
that would be the same for any server installation, but to get that far the security in general would have to very lax.

However if you are going through a router/firewall/DMZ no one should get to the webservers other than via HTTP

Chris.

Indifference will be the downfall of mankind, but who cares?
Woo Hoo! the cobblers kids get new shoes.
People Counting Systems

So long, and thanks for all the fish.
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

ravalos
  • Locked
  • Question
Problem with PDFs in IIS
Replies
1
Views
1K
gbaughma
gbaughma
nukeinfer
  • Locked
  • Question
Internet restrictions for isolated PCs in the Network
Replies
1
Views
576
mangentle
mangentle
DrB0b
  • Locked
  • Question
Windows 2016 IIS FTP server with a ton of user accounts
Replies
4
Views
705
DrB0b
DrB0b
mangentle
  • Locked
  • Question
What are the key advantages of using Microsoft Windows Servers for businesses?
Replies
1
Views
988
gbaughma
gbaughma
DeepuM
  • Locked
  • Question
Web Response returned Web Exception : The underlying connection was closed error | Simphony & QS
Replies
0
Views
445
DeepuM
DeepuM

Part and Inventory Search

Sponsor

Back
Top