I am running a 3rd party software on two internal servers running IIS 6.0. Both internal servers have 2 NIC cards, one is disabled and one is running on the internal network (172.16.1.5 and 172.16.1.11). Both servers are published to the web via ARP entries in a DLINK DFL 800 firewall/VPN device (http://www.dlink.com/products/?pid=453) and have SAT/NAT rules correctly configured. The software was designed to be installed to an IP address rather than a DNS name. During installation, the software was configured with the internal IP addresses of the web servers.
Now to the tricky part....The ARP entries are functioning pretty darn well, as the software portal is accessible via the public IP address. Most pages display fine; however there are certain links within the page that make a call to the internal IP address of my web servers. For example, you login to the software portal and click a link called "Reporting" which makes a call to the internal IP address 172.16.1.5/reporting. This causes a page cannot be displayed error, since it is calling the internal page. This problem is known by my software vendor, and they have asked that I look into using Microsoft ISA server as a Reverse Proxy to serve these pages.
I have signed up and downloaded the evaluation copy of ISA Server 2006 and I am interested in setting this up. When I asked for details of the installation/setup I was provided with the following "guide" (attached) LOL.... Now, the vendor says their other client is using a single NIC configuration and they don't know much else of how it is set up.
I would like to set this feature up if possible using the Reverse Proxy to cache my internal web server pages. I have a potential candidate server for this role. It does have 2 NIC cards; however like before one is enabled with private IP 172.16.1.3 and one is disabled. What steps should I consider? My DLINK DFL 800 has a DMZ port on the front of the device. If I want to connect my server to it, do I use a crossover cable and what does the NIC configuration look like? Should I keep one NIC on the private LAN and enable the second NIC with the public IP address? If I install ISA server, what rules should I consider? I DON'T need the additional firewall, simply a Reverse Proxy to serve the internal pages to external clients.
Many many thanks in advance for your expert comments and suggestions.
ALSO to add:
If you visit the website http://220.127.116.11/voxco.web and login with the credential Test, password is CC3Demo and context Luce it will take you to a dashboard. On the top, click on the link that says "Reporting" and notice the address bar opens up with the IP 172.16.1.5/reporting. The page will not display since it is calling the internal IP of the webserver.
The DLINK DFL800 does not support IP Loopback, so it has made this somewhat of a chore. I am not using a DMZ currently, but that is not out of the question. I heard I can use a Unihomed ISA server for Reverse Proxy, per the screenshot above to accomplish this task. I have the evaluation of ISA downlaoded and would like to perhaps try this if anyone can provide any feedback or insight into possible setups/rules, etc... My DLINK DFL 800 has a DMZ port available and I have a candidate member server I can publish the ISA to, but I would have no idea where to start with rules, etc... in conjunction with my DLINK.
I also heard I could use a tranparent DMZ to bridge the WAN and LAN network together. I am at a loss and DLINK has given minimal suggestions, so I am turning to you experts.