Re: publishing multiple websites in ISA 2004
- From: "Les Connor [SBS Community Member - SBS MVP]" <les.connor@xxxxxxxxxxxx>
- Date: Tue, 29 Nov 2005 10:19:59 -0600
Hi Skip,
Have you had a look here?
Hosting a website on the SBS server
http://www.smallbizserver.net/Default.aspx?tabid=105
--
Les Connor [SBS Community Member - SBS MVP]
-----------------------------------------------------------
SBS Rocks !
----------------------
"Tell me and I'll forget. Show me and I'll remember. Involve me and I'll
understand." - Confucius
"Skip Shean" <skipshean@xxxxxxxxxxxx(donotspam)> wrote in message
news:utHeh7P9FHA.1416@xxxxxxxxxxxxxxxxxxxxxxx
> Edward,
>
> I had some other comments/questions inline, below. I apologize for ALL
> CAPS -- not screaming, just trying to differentiate who is talking below.
>
> Skip
>
> "Edward Tian" <v-edtian@xxxxxxxxxxxxxxxxxxxx> wrote in message
> news:QG$YgYM9FHA.1236@xxxxxxxxxxxxxxxxxxxxxxxx
> You are welcome, Skip.
>
> Here are the answers to your questions:
>
> 1. About your comment of not hosting websites on the SBS box, this would
> be
> hosted off of a second server that is a member server in the network. Is
> that OK?
>
> Yes, you are right. We can publish multiple internal websites through ISA
> Server 2004 using the web publishing rule method.
>
> THIS WASN'T EXACTLY WHAT I MEANT -- USING A MEMBER SERVER FOR IIS, STILL
> INSIDE OF SBS NETWORK, IS SAFER THAN JUST ON THE SBS/ISA BOX, CORRECT?
>
> 2. Also, I guess the thing that isn't discussed in your email or in the
> "Dr. Tom" article is what do to in IIS... I am not sure how to set things
> up.
>
> You may refer to the following KB article to build your own web site:
>
> 816576 How to create a new virtual server or Web site in Internet
> Information Services (IIS) 6.0
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;816576
>
> 323972 How To Set Up Your First IIS Web Site
> http://support.microsoft.com/default.aspx?scid=kb;EN-US;323972
>
> For more detailed info, I suggest you post a new question to the iis
> newsgroup so that people there could provide you more accurate and
> detailed
> suggestions.
>
> NOT WHAT I MEANT -- I'VE BUILT DOZENS OF WEBSITES -- I JUST HAVEN'T USED
> ISA
> BEFORE AND I'M READING STUFF FOR ISA THAT SUGGESTS CHANGING THE HTTP PORT
> TO
> 81, ETC. PLUS, SO MUCH OF WHAT I'M READING IS FOR ISA 2000 AND DOESN'T
> EVEN
> COVER WEB LISTENERS OR HOW TO CONFIGURE EVERYTHING FROM THE IIS SERVER UP
> TO
> ISA TO THE EXTERNAL INTERNET. THAT'S WHAT I'M CONFUSED ABOUT, NOT
> CREATING
> THE WEBSITE.
>
> 3. Also, I'd like to have a new one where "mail.mydomain.com" is the URL
> to
> get to OWA. How can I use ISA to do this?
>
> Can I assume that you want your external users to access the OWA using
> https://mail.mydomain.com other than inputting a long URL like
> https://mail.mydomain.com/exchange? If my understanding is correct, we can
> perform this path redirection by using a path redirection on the Path tab
> in the Web Publishing Rule.
>
> WHAT I'M ACTUALLY TRYING TO DO IS HAVE THE OWA USER TYPE IN
> HTTP://MAIL.MYDOMAIN.COM (WHICH GOES TO THE SBS BOX) AND THEN ALSO BE ABLE
> TO GO TO HTTP://WWW.MYDOMAIN.COM FOR OUR PUBLIC WEBSITE (WHICH ALSO GOES
> TO
> THE SBS BOX) -- INSIDE OR OUTSIDE THE NETWORK.. IS THAT POSSIBLE?
>
> Double click the OWA publishing rule (If you have run the CEICW Wizard, it
> should be called as SBS OWA Web Publishing Rule), go to the Path tab, Add
> a
> new path as following:
> External Path: /
> Internal Path: /Exchange\
>
> In the case of OWA publishing, the external path is /* (which represents
> all folders and directories on the site) and the internal path is
> /Exchange\. Notice that you must use a backslash at the end of the path
> because the OWA Web Publishing Rule Wizard already entered the /Exchange/
> path.
>
> These path redirections do the following:
>
> When the user enters https:// mail.mydomain.com, the connection is
> redirect
> to the /Exchange folder on the OWA Web site.
>
> The reason why this works is because the OWA Web site is kind enough to
> help users who don't understand the difference between UNC paths and URLs.
> The OWA Web site will accept the backslash as a valid request and convert
> it on the fly to a forward slash. This allows you to use the Internal Path
> statement /Exchange\ and /exchange/* in the Path tab, where it would
> otherwise not be possible to do this if you had to enter forward slashes
> for both entries because the ISA firewall will not allow you to enter
> multiple path mappings that use the same path prefix.
>
> Just to make this clear, the reason why we must enter /Exchange\ in order
> to get the redirect is that we already have a redirect for /Exchange/*,
> which is associated with connections users make when they enter
> https://mail.mydomain.com/exchange. We can't enter the same path twice, so
> we need to trick the ISA firewall's Web Publishing Rule by using
> /Exchange\
> instead, which is associated connections made to
> https://mail.mydomain.com/.
>
> NOTE: Please make sure that the SBS default website could not be reached
> by
> https://mail.mydomain.com, or it will cause confliction. (Double click the
> SBS Business Card Web Publishing Rule, go to the Public Name tab, the URL
> listed is the one by which external users can access the default website.
> In your case, it should be intranet.mydomain.com, not the
> mail.mydomain.com)
>
> 4. IIS 6.0 HTTP port HTTPS port Host
> Headers
> "public" site 80 none
> www.mydomain.com
> companyweb site: 80 444
> companyweb.mydomain.com
> officescan csm 8090 4343
> myserver.mydomain.local:4343/officescan
> SBS default site 80 none
> intranet.mydomain.com
>
> Regarding the current status, this deployment is feasible. You can refer
> to
> the article I provided in my initial response. Please make sure the
> www.mydomain.com, companyweb.mydomain.com and intranet.mydomain.com can be
> resolved to the public IP address of your SBS server.
>
> GOOD IDEA. HOW? THIS IS MY ORIGINAL QUESTION
>
> If anything is unclear, please feel free to let me know. I look forward to
> hearing from you.
>
> Have a nice day!
>
> Best Regards
> Edward Tian(MSFT)
> Microsoft CSS Online Newsgroup Support
>
> Get Secure! - www.microsoft.com/security
> ======================================================
> This newsgroup only focuses on SBS technical issues. If you have issues
> regarding other Microsoft products, you'd better post in the corresponding
> newsgroups so that they can be resolved in an efficient and timely manner.
> You can locate the newsgroup here:
> http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
>
> When opening a new thread via the web interface, we recommend you check
> the
> "Notify me of replies" box to receive e-mail notifications when there are
> any updates in your thread. When responding to posts via your newsreader,
> please "Reply to Group" so that others may learn and benefit from your
> issue.
>
> Microsoft engineers can only focus on one issue per thread. Although we
> provide other information for your reference, we recommend you post
> different incidents in different threads to keep the thread clean. In
> doing
> so, it will ensure your issues are resolved in a timely manner.
>
> For urgent issues, you may want to contact Microsoft CSS directly. Please
> check http://support.microsoft.com for regional support phone numbers.
>
> Any input or comments in this thread are highly appreciated.
> ======================================================
> This posting is provided "AS IS" with no warranties, and confers no
> rights.
>
> --------------------
> | From: "Skip Shean" <skipshean@xxxxxxxxxxxx(donotspam)>
> | References: <ejO4gne8FHA.952@xxxxxxxxxxxxxxxxxxxx>
> <UP4Wll88FHA.4000@xxxxxxxxxxxxxxxxxxxxx>
> | Subject: Re: publishing multiple websites in ISA 2004
> | Date: Mon, 28 Nov 2005 11:59:12 -0600
> | Lines: 174
> | X-Priority: 3
> | X-MSMail-Priority: Normal
> | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | Message-ID: <#JzOFWE9FHA.1332@xxxxxxxxxxxxxxxxxxxx>
> | Newsgroups: microsoft.public.windows.server.sbs
> | NNTP-Posting-Host: c-67-186-81-9.hsd1.il.comcast.net 67.186.81.9
> | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!tk2msftngp13.phx.gbl
> | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:226080
> | X-Tomcat-NG: microsoft.public.windows.server.sbs
> |
> | Thanks, Edward.
> |
> | About your comment of not hosting websites on the SBS box, this would be
> | hosted off of a second server that is a member server in the network.
> Is
> | that OK?
> |
> | Also, I guess the thing that isn't discussed in your email or in the
> "Dr.
> | Tom" article is what do to in IIS... I am not sure how to set things up.
> | Also, I'd like to have a new one where "mail.mydomain.com" is the URL to
> get
> | to OWA. How can I use ISA to do this?
> |
> | I have the following setup:
> |
> | IIS 6.0 HTTP port HTTPS port
> | Host Headers
> | "public" site 80 none
> | www.mydomain.com
> | companyweb site: 80 444
> | companyweb.mydomain.com
> | officescan csm 8090 4343
> | myserver.mydomain.local:4343/officescan
> | SBS default site 80 none
> | intranet.mydomain.com
> |
> | ISA 2004
> |
> | SBS Web listener 80 443
> | uses a certificate I created internally for our server
> | SBS Companyweb listener none 444
> uses
> | same cert as SBS Web listener
> |
> | Thanks! I've got Dr. Tom's book, but I guess it's over my head at this
> | point and the school of hard knocks is a-knockin' pretty hard... :-)
> |
> | Skip
> |
> |
> |
> |
> | "Edward Tian" <v-edtian@xxxxxxxxxxxxxxxxxxxx> wrote in message
> | news:UP4Wll88FHA.4000@xxxxxxxxxxxxxxxxxxxxxxxx
> | Dear Skip:
> | I am sorry for the delayed response due to weekend. Please understand
> that
> | the newsgroups are staffed weekdays by Microsoft Support professionals
> to
> | answer your systems and applications questions. Your understanding is
> | greatly appreciated!
> |
> | From the description, I understand that you want to publish multiple
> | HTTP/HTTPS websites through ISA Server 2004 using Host Headers. If I am
> off
> | base, please do let me know.
> |
> | Can I assume that you only have one external IP address on the SBS
> Server?
> | If so, I suggest you refer to the following article which is written by
> | Thomas Shinder to publish these websites:
> |
> | Publishing Multiple Non-SSL Web Sites with a Single IP Address using ISA
> | Firewalls
> |
> http://www.isaserver.org/tutorials/Publishing-Multiple-Non-SSL-Web-Sites-Sin
> | gle-IP-Address-using-ISA-Firewalls.html
> |
> | In this article, we assume that you have two FQDN www1.domain.com and
> | www2.domain.com, each URL can be resolved to the external IP address of
> the
> | ISA Server and then redirected to the respective web server.
> |
> | Regarding the HTTPS (SSL) web site, we could only host one SSL website
> on
> | one IP address since only one certificate can be used on one web
> listener.
> | In SBS circumstance, there are several built-in websites such as RWW/OWA
> | and companyweb, the SSL port 443 has already been occupied by these
> | websites. If we want to publish multiple SSL sites, we can use either of
> | the following methods:
> |
> | 1. Use the Server publishing rule to publish additional SSL websites on
> | alternate port such as 445 and 446. (The port 444 is used by
> companyweb).
> |
> | 2. Make the SBS Server have multiple public IP address so that each SSL
> | websites can use their respective IP for web publishing.
> |
> | More reference:
> | How to publish an SSL Web site by using SSL tunneling in ISA Server 2004
> | http://support.microsoft.com/?id=837834
> |
> | 838244 How to configure a certificate for use with a Web publishing rule
> in
> | ISA
> | http://support.microsoft.com/?id=838244
> |
> | 324287 HOW TO: Use Host Header Names to Configure Multiple Web Sites in
> | Internet Information Services 6.0
> | http://support.microsoft.com/?id=324287
> |
> | How to publish a Web site directly on your Internet Security and
> | Acceleration Server 2004 computer
> | http://support.microsoft.com/default.aspx?scid=KB;[LN];885186
> |
> | I would like to kindly clarify that since the SBS is a highly integrated
> | Server which already has multiple built-in websites hosted, we don't
> | recommend customer host additional web site on the SBS Server to avoid
> any
> | unexpected problems.
> |
> | Hope the above info helps. Please feel free to let me know if you have
> any
> | questions or concerns.
> |
> | Have a nice day!
> |
> | Best Regards
> | Edward Tian(MSFT)
> | Microsoft CSS Online Newsgroup Support
> |
> | Get Secure! - www.microsoft.com/security
> | ======================================================
> | This newsgroup only focuses on SBS technical issues. If you have issues
> | regarding other Microsoft products, you'd better post in the
> corresponding
> | newsgroups so that they can be resolved in an efficient and timely
> manner.
> | You can locate the newsgroup here:
> | http://www.microsoft.com/communities/newsgroups/en-us/default.aspx
> |
> | When opening a new thread via the web interface, we recommend you check
> the
> | "Notify me of replies" box to receive e-mail notifications when there
> are
> | any updates in your thread. When responding to posts via your
> newsreader,
> | please "Reply to Group" so that others may learn and benefit from your
> | issue.
> |
> | Microsoft engineers can only focus on one issue per thread. Although we
> | provide other information for your reference, we recommend you post
> | different incidents in different threads to keep the thread clean. In
> doing
> | so, it will ensure your issues are resolved in a timely manner.
> |
> | For urgent issues, you may want to contact Microsoft CSS directly.
> Please
> | check http://support.microsoft.com for regional support phone numbers.
> |
> | Any input or comments in this thread are highly appreciated.
> | ======================================================
> | This posting is provided "AS IS" with no warranties, and confers no
> rights.
> |
> | --------------------
> | | From: "Skip Shean" <skipshean@xxxxxxxxxxxx(donotspam)>
> | | Subject: publishing multiple websites in ISA 2004
> | | Date: Fri, 25 Nov 2005 11:58:43 -0600
> | | Lines: 18
> | | X-Priority: 3
> | | X-MSMail-Priority: Normal
> | | X-Newsreader: Microsoft Outlook Express 6.00.2900.2670
> | | X-RFC2646: Format=Flowed; Original
> | | X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2900.2670
> | | Message-ID: <ejO4gne8FHA.952@xxxxxxxxxxxxxxxxxxxx>
> | | Newsgroups: microsoft.public.windows.server.sbs
> | | NNTP-Posting-Host: outgoing.optionsxpress.com 64.94.156.3
> | | Path: TK2MSFTNGXA02.phx.gbl!TK2MSFTNGP08.phx.gbl!TK2MSFTNGP12.phx.gbl
> | | Xref: TK2MSFTNGXA02.phx.gbl microsoft.public.windows.server.sbs:225555
> | | X-Tomcat-NG: microsoft.public.windows.server.sbs
> | |
> | | SBS 2K3 SP1 premium with ISA 2004 installed. I'm an ISA newbie.
> | |
> | | Ran the CEICW, have internet access inside the firewall for clients,
> can
> | | access network via VPN from outside. Also can access OWA from outside
> | the
> | | firewall.
> | |
> | | What I can't seem to do is publish my websites externally. Pre-ISA, I
> | had a
> | | couple of different sites that were a mix of HTTP and HTTPS sites and
> | were
> | | differentiated by the host headers.
> | |
> | | I'm sure this can be done, and I've dug around on Tom Shinder's
> | | isaserver.org site, but to be honest, I don't know what I'm looking
> for.
> | |
> | | Can you help?
> | |
> | |
> | |
> | |
> | |
> |
> |
> |
>
>
.
- Follow-Ups:
- Re: publishing multiple websites in ISA 2004
- From: Skip Shean
- Re: publishing multiple websites in ISA 2004
- References:
- publishing multiple websites in ISA 2004
- From: Skip Shean
- RE: publishing multiple websites in ISA 2004
- From: Edward Tian
- Re: publishing multiple websites in ISA 2004
- From: Skip Shean
- Re: publishing multiple websites in ISA 2004
- From: Edward Tian
- Re: publishing multiple websites in ISA 2004
- From: Skip Shean
- publishing multiple websites in ISA 2004
- Prev by Date: Re: Sharepoint Services.
- Next by Date: Re: Drive Size and Backup
- Previous by thread: Re: publishing multiple websites in ISA 2004
- Next by thread: Re: publishing multiple websites in ISA 2004
- Index(es):
Relevant Pages
|
