RE: [m0n0wall] redirect subdomain to a computer in the LAN

From:	"David Kitchens" <spider at webweaver dot com>
To:	"'monowall'" <m0n0wall at lists dot m0n0 dot ch>
Subject:	RE: [m0n0wall] redirect subdomain to a computer in the LAN
Date:	Tue, 22 Jul 2008 16:38:11 -0400
That works for internal resolution yes, using one physical server with two
sites setup in IIS. It sounds like your IIS is using hostnames already. The
DNS forwarder is only used so that you can resolve the dns from inside and
as long as IIS understands what to do with the external requests, it should
handle OWA and your site just fine. 

  _____  

From: Henning Andreseck [mailto:AndreseckH at gymszbad dot de] 
Sent: Tuesday, July 22, 2008 4:30 PM
To: David Kitchens; monowall
Subject: Re: [m0n0wall] redirect subdomain to a computer in the LAN


ok i'll try this

srv1.andreseck.de ans srv2.andreseck.de are pointing to my external ip (WAN
INTERFACE)
m0n0 redirects all incoming traffic on port 80 to srv = 16.10. srv1 shows
the OWA page. if the adress is srv2.andreseck.de the IIS on srv1 redirects
to srv 2.
i insertet for tests srv2.andreseck.de in the dns forwarder with the ip of
srv1. now i see the page on srv2.

i guess everything is correct?

David Kitchens schrieb: 

I hope my layout here makes sense... you should be using three network cards
in monowall... WAN, DMZ, LAN
 
Firewall (external ip: x.x.x.1 WAN)
Server 1 (IIS I am assuming?) ip: 192.168.16.10 DMZ
Server 2 (IIS again?) ip: 192.168.16.20 DMZ
Your workstation (ip: 192.168.1.1 LAN)
 
srv1.andreseck.de runs on Server 1
srv2.andreseck.de runs on Server 2
 
Port forwarding 80 to 16.10 should show you that site from the outside,
setup DNS Forwarder with a rule pointing srv1.andreseck.de to 192.168.16.10,
it should now be visible from your workstation.
 
If  srv2 needs to be visible from the outside as well, you need two ip
addresses from your provider and will require more configuration. If srv2 is
only needed from the local network, its a simple matter of dns forwarder
again to point it to the other ip.
 
I guess I am still confused if you have two physical servers or two sites?
The config is different for both situations. If both sites are on one IIS
server, the setup is much easier. 

  _____  

From: Henning Andreseck [mailto:AndreseckH at gymszbad dot de] 
Sent: Tuesday, July 22, 2008 4:01 PM
To: David Kitchens
Subject: Re: [m0n0wall] redirect subdomain to a computer in the LAN


ok i thought like this

firewall -> server 1 -> server 2/3/pc 1/2/3/...
the server manages that the right subdomain calls the right server. eg
srv1.andreseck.de show server 2 but it is called by server 1. did i
understand this right? so where can i say the iis that srv2.andreseck.de is
the server with the ip 192.168.16.10...


David Kitchens schrieb: 

How many servers are you using? You can only point port 80 to one server, if

you have multiple external addresses then you can point pc2 to 16.10 but you

likely need Proxy Arp and Server NAT setup as well for those IP's.



Dave 



-----Original Message-----

From: Henning Andreseck [mailto:AndreseckH at gymszbad dot de] 

Sent: Tuesday, July 22, 2008 3:52 PM

To: monowall

Subject: Re: [m0n0wall] redirect subdomain to a computer in the LAN



is it possible to say the iis that it forwards request vor pc1.domain.com to

the internal ip 192.168.17.100 and pc2.domain.com to 192.168.16.10?



thanks



Michel Servaes schrieb:

  

If I recall correctly, this question has been asked before and was 

answered that monowall does not interpret hostnames, but ip addresses.

It had something to do with being a certain layer, that monowall does 

not address... in fact, I don't know of a router/firewall being 

capable in doing what you want...



What you can do, is having an IIS at port 80, which then redirects the 

several hostnames to your internal machines (each being given a 

different port).

This might work under Apache too, but I am no Apache-man :)



Hope this approach suites for you ?



Henning Andreseck wrote:

    

Hi List,

i want to have several subdomains of my main-domain (eg. domain.com 

and pc1.domain.com) and let them point on the pc. so pc1.domain.com 

points on pc1. but how do i do this? importent is only port 80. i 

read something about a solution with apache and virutal host, but is 

it possible to do this with m0n0 and if not, dear m0n0-dev list, is 

it possible to impliment something like this?



tanks



---------------------------------------------------------------------

---



---------------------------------------------------------------------

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch

For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch

      

---------------------------------------------------------------------

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch

For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



    



--

Mit freundlichen Grüßen/Kind regads



Henning Andreseck		

Hirtenweg 115			

38259 Salzgitter 		

-				

E-Mail: AndreseckH at gymszbad dot de

ICQ: 343-550-862		

Jabber: henning at jabber dot gymszbad dot de

-

Tel: 05341/394931

Mobil: 01577-53 73 988









---------------------------------------------------------------------

To unsubscribe, e-mail: m0n0wall dash unsubscribe at lists dot m0n0 dot ch

For additional commands, e-mail: m0n0wall dash help at lists dot m0n0 dot ch



  


-- 

Mit freundlichen Grüßen/Kind regads



Henning Andreseck		

Hirtenweg 115			

38259 Salzgitter 		

-				

E-Mail: AndreseckH at gymszbad dot de

ICQ: 343-550-862		

Jabber: henning at jabber dot gymszbad dot de

-

Tel: 05341/394931

Mobil: 01577-53 73 988


-- 

Mit freundlichen Grüßen/Kind regads



Henning Andreseck		

Hirtenweg 115			

38259 Salzgitter 		

-				

E-Mail: AndreseckH at gymszbad dot de

ICQ: 343-550-862		

Jabber: henning at jabber dot gymszbad dot de

-

Tel: 05341/394931

Mobil: 01577-53 73 988