Re: publishing multiple websites in ISA 2004
- From: v-edtian@xxxxxxxxxxxxxxxxxxxx (Edward Tian)
- Date: Tue, 29 Nov 2005 09:20:12 GMT
You are welcome, Skip.
Here are the answers to your questions:
1. About your comment of not hosting websites on the SBS box, this would be
hosted off of a second server that is a member server in the network. Is
that OK?
Yes, you are right. We can publish multiple internal websites through ISA
Server 2004 using the web publishing rule method.
2. Also, I guess the thing that isn't discussed in your email or in the
"Dr. Tom" article is what do to in IIS... I am not sure how to set things
up.
You may refer to the following KB article to build your own web site:
816576 How to create a new virtual server or Web site in Internet
Information Services (IIS) 6.0
http://support.microsoft.com/default.aspx?scid=kb;EN-US;816576
323972 How To Set Up Your First IIS Web Site
http://support.microsoft.com/default.aspx?scid=kb;EN-US;323972
For more detailed info, I suggest you post a new question to the iis
newsgroup so that people there could provide you more accurate and detailed
suggestions.
3. Also, I'd like to have a new one where "mail.mydomain.com" is the URL to
get to OWA. How can I use ISA to do this?
Can I assume that you want your external users to access the OWA using
https://mail.mydomain.com other than inputting a long URL like
https://mail.mydomain.com/exchange? If my understanding is correct, we can
perform this path redirection by using a path redirection on the Path tab
in the Web Publishing Rule.
Double click the OWA publishing rule (If you have run the CEICW Wizard, it
should be called as SBS OWA Web Publishing Rule), go to the Path tab, Add a
new path as following:
External Path: /
Internal Path: /Exchange\
In the case of OWA publishing, the external path is /* (which represents
all folders and directories on the site) and the internal path is
/Exchange\. Notice that you must use a backslash at the end of the path
because the OWA Web Publishing Rule Wizard already entered the /Exchange/
path.
These path redirections do the following:
When the user enters https:// mail.mydomain.com, the connection is redirect
to the /Exchange folder on the OWA Web site.
The reason why this works is because the OWA Web site is kind enough to
help users who don't understand the difference between UNC paths and URLs.
The OWA Web site will accept the backslash as a valid request and convert
it on the fly to a forward slash. This allows you to use the Internal Path
statement /Exchange\ and /exchange/* in the Path tab, where it would
otherwise not be possible to do this if you had to enter forward slashes
for both entries because the ISA firewall will not allow you to enter
multiple path mappings that use the same path prefix.
Just to make this clear, the reason why we must enter /Exchange\ in order
to get the redirect is that we already have a redirect for /Exchange/*,
which is associated with connections users make when they enter
https://mail.mydomain.com/exchange. We can't enter the same path twice, so
we need to trick the ISA firewall's Web Publishing Rule by using /Exchange\
instead, which is associated connections made to https://mail.mydomain.com/.
NOTE: Please make sure that the SBS default website could not be reached by
https://mail.mydomain.com, or it will cause confliction. (Double click the
SBS Business Card Web Publishing Rule, go to the Public Name tab, the URL
listed is the one by which external users can access the default website.
In your case, it should be intranet.mydomain.com, not the mail.mydomain.com)
4. IIS 6.0 HTTP port HTTPS port Host
Headers
"public" site 80 none
www.mydomain.com
companyweb site: 80 444
companyweb.mydomain.com
officescan csm 8090 4343
myserver.mydomain.local:4343/officescan
SBS default site 80 none
intranet.mydomain.com
Regarding the current status, this deployment is feasible. You can refer to
the article I provided in my initial response. Please make sure the
www.mydomain.com, companyweb.mydomain.com and intranet.mydomain.com can be
resolved to the public IP address of your SBS server.
If anything is unclear, please feel free to let me know. I look forward to
hearing from you.
Have a nice day!
Best Regards
Edward Tian(MSFT)
Microsoft CSS Online Newsgroup Support
Get Secure! - www.microsoft.com/security
======================================================
This newsgroup only focuses on SBS technical issues. If you have issues
regarding other Microsoft products, you'd better post in the corresponding
newsgroups so that they can be resolved in an efficient and timely manner.
You can locate the newsgroup here:
http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
When opening a new thread via the web interface, we recommend you check the
"Notify me of replies" box to receive e-mail notifications when there are
any updates in your thread. When responding to posts via your newsreader,
please "Reply to Group" so that others may learn and benefit from your
issue.
Microsoft engineers can only focus on one issue per thread. Although we
provide other information for your reference, we recommend you post
different incidents in different threads to keep the thread clean. In doing
so, it will ensure your issues are resolved in a timely manner.
For urgent issues, you may want to contact Microsoft CSS directly. Please
check http://support.microsoft.com for regional support phone numbers.
Any input or comments in this thread are highly appreciated.
======================================================
This posting is provided "AS IS" with no warranties, and confers no rights.
--------------------
| From: "Skip Shean" <skipshean@xxxxxxxxxxxx(donotspam)>
| References: <ejO4gne8FHA.952@xxxxxxxxxxxxxxxxxxxx>
<UP4Wll88FHA.4000@xxxxxxxxxxxxxxxxxxxxx>
| Subject: Re: publishing multiple websites in ISA 2004
| Date: Mon, 28 Nov 2005 11:59:12 -0600
| Lines: 174
| X-Priority: 3
| X-MSMail-Priority: Normal
| X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
| X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
| Message-ID: <#JzOFWE9FHA.1332@xxxxxxxxxxxxxxxxxxxx>
| Newsgroups: microsoft.public.windows.server.sbs
| NNTP-Posting-Host: c-67-186-81-9.hsd1.il.comcast.net 67.186.81.9
| Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
| Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:226080
| X-Tomcat-NG: microsoft.public.windows.server.sbs
|
| Thanks, Edward.
|
| About your comment of not hosting websites on the SBS box, this would be
| hosted off of a second server that is a member server in the network. Is
| that OK?
|
| Also, I guess the thing that isn't discussed in your email or in the "Dr.
| Tom" article is what do to in IIS... I am not sure how to set things up.
| Also, I'd like to have a new one where "mail.mydomain.com" is the URL to
get
| to OWA. How can I use ISA to do this?
|
| I have the following setup:
|
| IIS 6.0 HTTP port HTTPS port
| Host Headers
| "public" site 80 none
| www.mydomain.com
| companyweb site: 80 444
| companyweb.mydomain.com
| officescan csm 8090 4343
| myserver.mydomain.local:4343/officescan
| SBS default site 80 none
| intranet.mydomain.com
|
| ISA 2004
|
| SBS Web listener 80 443
| uses a certificate I created internally for our server
| SBS Companyweb listener none 444
uses
| same cert as SBS Web listener
|
| Thanks! I've got Dr. Tom's book, but I guess it's over my head at this
| point and the school of hard knocks is a-knockin' pretty hard... :-)
|
| Skip
|
|
|
|
| "Edward Tian" <v-edtian@xxxxxxxxxxxxxxxxxxxx> wrote in message
| news:UP4Wll88FHA.4000@xxxxxxxxxxxxxxxxxxxxxxxx
| Dear Skip:
| I am sorry for the delayed response due to weekend. Please understand that
| the newsgroups are staffed weekdays by Microsoft Support professionals to
| answer your systems and applications questions. Your understanding is
| greatly appreciated!
|
| From the description, I understand that you want to publish multiple
| HTTP/HTTPS websites through ISA Server 2004 using Host Headers. If I am
off
| base, please do let me know.
|
| Can I assume that you only have one external IP address on the SBS Server?
| If so, I suggest you refer to the following article which is written by
| Thomas Shinder to publish these websites:
|
| Publishing Multiple Non-SSL Web Sites with a Single IP Address using ISA
| Firewalls
|
http://www.isaserver.org/tutorials/Publishing-Multiple-Non-SSL-Web-Sites-Sin
| gle-IP-Address-using-ISA-Firewalls.html
|
| In this article, we assume that you have two FQDN www1.domain.com and
| www2.domain.com, each URL can be resolved to the external IP address of
the
| ISA Server and then redirected to the respective web server.
|
| Regarding the HTTPS (SSL) web site, we could only host one SSL website on
| one IP address since only one certificate can be used on one web listener.
| In SBS circumstance, there are several built-in websites such as RWW/OWA
| and companyweb, the SSL port 443 has already been occupied by these
| websites. If we want to publish multiple SSL sites, we can use either of
| the following methods:
|
| 1. Use the Server publishing rule to publish additional SSL websites on
| alternate port such as 445 and 446. (The port 444 is used by companyweb).
|
| 2. Make the SBS Server have multiple public IP address so that each SSL
| websites can use their respective IP for web publishing.
|
| More reference:
| How to publish an SSL Web site by using SSL tunneling in ISA Server 2004
| http://support.microsoft.com/?id=837834
|
| 838244 How to configure a certificate for use with a Web publishing rule
in
| ISA
| http://support.microsoft.com/?id=838244
|
| 324287 HOW TO: Use Host Header Names to Configure Multiple Web Sites in
| Internet Information Services 6.0
| http://support.microsoft.com/?id=324287
|
| How to publish a Web site directly on your Internet Security and
| Acceleration Server 2004 computer
| http://support.microsoft.com/default.aspx?scid=KB;[LN];885186
|
| I would like to kindly clarify that since the SBS is a highly integrated
| Server which already has multiple built-in websites hosted, we don't
| recommend customer host additional web site on the SBS Server to avoid any
| unexpected problems.
|
| Hope the above info helps. Please feel free to let me know if you have any
| questions or concerns.
|
| Have a nice day!
|
| Best Regards
| Edward Tian(MSFT)
| Microsoft CSS Online Newsgroup Support
|
| Get Secure! - www.microsoft.com/security
| ======================================================
| This newsgroup only focuses on SBS technical issues. If you have issues
| regarding other Microsoft products, you'd better post in the corresponding
| newsgroups so that they can be resolved in an efficient and timely manner.
| You can locate the newsgroup here:
| http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
|
| When opening a new thread via the web interface, we recommend you check
the
| "Notify me of replies" box to receive e-mail notifications when there are
| any updates in your thread. When responding to posts via your newsreader,
| please "Reply to Group" so that others may learn and benefit from your
| issue.
|
| Microsoft engineers can only focus on one issue per thread. Although we
| provide other information for your reference, we recommend you post
| different incidents in different threads to keep the thread clean. In
doing
| so, it will ensure your issues are resolved in a timely manner.
|
| For urgent issues, you may want to contact Microsoft CSS directly. Please
| check http://support.microsoft.com for regional support phone numbers.
|
| Any input or comments in this thread are highly appreciated.
| ======================================================
| This posting is provided "AS IS" with no warranties, and confers no
rights.
|
| --------------------
| | From: "Skip Shean" <skipshean@xxxxxxxxxxxx(donotspam)>
| | Subject: publishing multiple websites in ISA 2004
| | Date: Fri, 25 Nov 2005 11:58:43 -0600
| | Lines: 18
| | X-Priority: 3
| | X-MSMail-Priority: Normal
| | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
| | X-RFC2646: Format=Flowed; Original
| | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
| | Message-ID: <ejO4gne8FHA.952@xxxxxxxxxxxxxxxxxxxx>
| | Newsgroups: microsoft.public.windows.server.sbs
| | NNTP-Posting-Host: outgoing.optionsxpress.com 64.94.156.3
| | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
| | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:225555
| | X-Tomcat-NG: microsoft.public.windows.server.sbs
| |
| | SBS 2K3 SP1 premium with ISA 2004 installed. I'm an ISA newbie.
| |
| | Ran the CEICW, have internet access inside the firewall for clients, can
| | access network via VPN from outside. Also can access OWA from outside
| the
| | firewall.
| |
| | What I can't seem to do is publish my websites externally. Pre-ISA, I
| had a
| | couple of different sites that were a mix of HTTP and HTTPS sites and
| were
| | differentiated by the host headers.
| |
| | I'm sure this can be done, and I've dug around on Tom Shinder's
| | isaserver.org site, but to be honest, I don't know what I'm looking for.
| |
| | Can you help?
| |
| |
| |
| |
| |
|
|
|
.
- Follow-Ups:
- Re: publishing multiple websites in ISA 2004
- From: Skip Shean
- Re: publishing multiple websites in ISA 2004
- References:
- publishing multiple websites in ISA 2004
- From: Skip Shean
- RE: publishing multiple websites in ISA 2004
- From: Edward Tian
- Re: publishing multiple websites in ISA 2004
- From: Skip Shean
- publishing multiple websites in ISA 2004
- Prev by Date: Re: Sharepoint
- Next by Date: Re: ISA 2004 Client
- Previous by thread: Re: publishing multiple websites in ISA 2004
- Next by thread: Re: publishing multiple websites in ISA 2004
- Index(es):
Relevant Pages
|
Loading
