Here are the steps to publish multiple sites with one public IP. 1. Set up internal NIC with multiple IP's eg: 10.0.0.10, 10.0.0.11, etc. 2. In IIS point Site1 to 10.0.0.10 port 81 3. In DNS zone mydomain.com create host Site1 Restart DNS server 4. Create Destination Set Site1 with: Destination - Site1.mydomain.com 5. Create Web Publishing Rule Site1 with: Destinations - Selected destination set, Name - Site1 Action - Redirect to this internal Web server (name or IP) - 10.0.0.10, Connect to this port when bridging request as HTTP - 81 6. Make sure Protocol Rules Inbound Access include HTTP protocol 7. Make sure MyISAserver Properties: Incoming Web Requests - Use same Listener for all IP address, TCP port - 80 8. Restart ISA Server Control
thank clive.. but one of your i am not really sure which you said on protocol rule. Do i have to inbound it. if i want to inbound it, what port should be enter. is it port 81 or 80?
One more things..if i have multiple IP addresses by addding at Control Panel -->Network Connection-> LAN conection'properties-> TCP/IP--> then Advanced-> add Ip addresses. Do i Have to bind the multiple IP address? and How to Bind IP addresses?.
The inbound Protocol Rules do not need a port. They allow or reject protocol types. You want to make sure your inbound allow rule includes HTTP.
Referring to adding IP's, I am not sure what you are asking here: Control Panel -->Network Connection-> LAN conection'properties-> TCP/IP--> then Advanced-> add Ip addresses. On the IP Settings tab click on Add and you get a dialogue box where you enter the IP and the subnet mask. Enter the same numbers as your original IP set just increment the IP by 1 and keep the same subnet mask.
I should have mentioned the need to disable socket pooling in IIS. You can find a vb script that will do that at ISATools.org
I should also mention that in your DNS server properties, set to listen on only the primary IP for the NIC, not on all.
When you add multiple IP's to a NIC, the DNS server will by default listen on all of them. This doesn't cause any problems other than it is a waste of resources. In the DNS server properties (Computer Management mmc), set it to only listen on the primary IP of the internal NIC and not on the extra IP's that will be assigned to each Web site. In your case it will be 126.96.36.199.
It probably works but I have never tried assigning different networks to one NIC. You would need to create a separate zone on the DNS server.
Each Web site in IIS needs to listen on the IP assigned to it in the DNS zone.
I've successfully done on internal multiple website but...how external client can access my multiple website? can you give me an advice on how to configure which allowing external clien(internet) can access my multiple internal website..?
Assuming you have set up your DNS correctly to point to your Web sites and completed all the other steps previously mentioned, there is one more step that I did but did not mention because I am not sure it is necessary. You may need to also create a Server Publishing Rule to allow your DNS server to talk to incoming public requests.
If you have multiple Web sites that each have a public FQDN you will need to make the external NIC listen on each public IP. In this case the previously described procedure would need to be modified somewhat.
What happens when someone tries to connect from the outside? Are you still getting the denied error?
When you point to http://site1.mydomain.com ISA uses the FQDN in the configured Destination Set to redirect to site1. There is no need for the request to specify anything more.
You could configure the destination set of external ip address A.B.C.D with the path http://A.B.C.D/web1 and have ISA redirect it to site1 on IIS. This is a different method, one that does not use a FQDN. Choose one way or the other but don't combine them.
There is an article or tutorial that describes the use of sub-folder paths to redirect to different Web sites.
Can it possible that the external ip address has multiple website.What i mean is that..
if i've already registered the domain, i.e mydomain.com and resolved ip address 202.152.x.x and then the external client want to open internal web that goes to web1.mydomain.com (10.10.0.1). can it be possible to use 1 external IP address to point the intenal web web1.mydomain.com which using http://site1.mydomain.com to open web1.mydomain.com(internal website). do i have to get different IP address for http://site1.mydomain.com resolve 188.8.131.52 and another website of http://mydmain.com to resolve 184.108.40.206.?
do you mean if my external ip address is 220.127.116.11, then it goes to http://mydomain.com (primary DNS) and at the same ip address 18.104.22.168 can go to my subdomain of web1.mydomain.com. So, if i am doing all of this, I have to make my internal Domain at DNS such as mydomain.com must be the same of the public domain that was registered. IS THIS CORRECT? (i just want to make sure).
IF THIS IS CORRECT, what would you do if you want to point to web1.mydomain.com?
in my opinion, if i want to point web1.mydomain.com (I am viewing from external client).I have to make destination set of extetnal web1.mydomain.com, then another destination set that goes to web1.mydomain.com so that it points to webserver of (10.10.0.1 resolve web1.mydomain.com of internal DNS) and FQDN is a must.
IS MY OPINION CORRECT? i don't look from internal. i am looking from external assuming i am the external user from internet.
I thought I had made it straight a couple of times.
From the beginning: Scene 1 - External client enters http://mydomain.com, - Registrars DNS name servers point mydomain.com to IP 22.214.171.124 - ISA receives request on external IP 126.96.36.199 - Internal DNS points http://mydomain.com to internal IP 10.0.0.1 - ISA redirects to the mydomain site on IIS at internal IP 10.0.0.1
From the beginning: Scene 2 - External client enters http://WebSite1.mydomain.com, - Registrars DNS name servers point mydomain.com to IP 188.8.131.52 - ISA receives request on external IP 184.108.40.206 - Internal DNS points http://WebSite1.mydomain.com to internal IP 10.0.0.10 - ISA redirects to the WebSite1 site on IIS at internal IP 10.0.0.10
DNS is resolved from right to left - com. then mydomain. then WebSite1.
Your stated opinion is not quite right. - You need a Destination Set and a Web Publishing Rule for mydomain.com - You need a Destination Set and a Web Publishing Rule for WebSite1 - You need a Destination Set and a Web Publishing Rule for WebSite2
In my example there are 3 sites published and each will need an internal DNS entry, a Destination Set and a Web Publishing Rule. If you only want to publish one Website then it should be mydomain.com
And then, you also said for your next scene, when you point http://website1.mydomain.com, it also use an external ip address of 220.127.116.11 and point to internal web website1(10.10.0.10). how would you that? i need to know the configuration.
so, i don't have to get an ip address for website1.mydomain.com
Previously I mentioned how DNS is read from left to right. The significance of that is the Registrars root servers resolve com. to a pair of primary and secondary DNS servers (usually belonging to your ISP but also could be a DNS re-director service like tzo or easyDNS) which resolves mydomain. to your external IP.
When ISA receives a request for mydomain it will look for a Publishing Rule that gets its information from your internal DNS and the Destination Set for mydomain which points to IIS 10.0.0.1.
When ISA receives a request for WebSite1.mydomain it will look for a Publishing Rule that gets its information from your internal DNS and the Destination Set for WebSite1 which points to IIS 10.0.0.10.
Through the magic of DNS and ISA Server you can publish an unlimited number of Web sites through only one external IP. ISA receives the request for other subdomain type sites and directs it to a designated internal IP. The internal IP's are free to use and unlimited in number.
So you are right, you do not have to get an external public IP for WebSite1.mydomain.com nor do you have to register the name WebSite1 with an Internet authority. Internal names like WebSite1 must be unique to your internal network but they do not need to be unique to the Internet as mydomain.com does. This means that WebSite1.someotherdomain.com is unique and different from WebSite1.mydomain.com.
You are complicating matters but yes http://web1.project96.cjb.net can be used if web1.project96 is correctly configured in your DNS server zones. You will need to create a subdomain called project96 and make web1 part of it.
I think before you go wild with subdomains you should think about what it is you are trying to accomplish and get the simpler configuration working first.