locked
IIS 7 re-directing multiple URL's RRS feed

  • Question

  • User1892680260 posted

    Hi all,

     I have an IIS Server (windows 2008 R2 Enterprise) which we are hoping to act as a front end server, and redirect users to 2 different URL's on different servers.

    Users will connect to IISserver1.company.org/link1 and IISserver1.company.org/link2. What we are hoping to do, is setup IIS to forward these requests onto the relevant backend server, depending on the /link1 or /link2 in the URL.

    The backends are:

    Backend1 is a 3rd party web page running on a Windows 2003 server, not hosting IIS. URL is generated via the application itself.

    Backend2 is an IIS 6 server, publishing a local webpage which is generated by a 3rd party application (cognos based).

    Both backends have direct URL's that allow access to the web login page for each app. I can connect from the IIS 7 server directly to both URL's no problem.

     

    In IIS 6, I'm sure we could have just setup sub folders within the Web Site, and set the homepage rediection to the new URL?

    However, I have tried to get this working a number of ways in IIS 7, but it seems to be looking for a local directory all the time. I can't even just point IIS 7 to the web root folders on the backend because they are not both IIS servers - therefore Backend1 server doesn't have a wwwroot folder as such.

    Can someone please advise how, if possible, I can do this? Would I need to install an optional module (ARR for example) to be able to do this?

     

    Thanks

     

    Edit - Apologies - I meant to post this in the ARR forum, but all help welcome!

    Wednesday, January 19, 2011 11:43 AM

Answers

All replies

  • User744767459 posted

    Hi,

    You can achieve this by using ARR and URL Rewrite Module, for the detailed information, please refer to:

    Reverse Proxy with URL Rewrite v2 and Application Request Routing

    http://learn.iis.net/page.aspx/659/reverse-proxy-with-url-rewrite-v2-and-application-request-routing/

    If you encounter any problem, please update here.

    Friday, January 21, 2011 1:36 AM
  • User1892680260 posted

    Thanks very much for your reply.

     I've installed the ARR and URL re-writing modules now, and I have a test page working which is great.

    However I have an issue with what we need to accomplish in our end design:

    Our current setup is structured as .....  Office VDI > F/W (ports 80 and 443 opened to IIS server only) > IIS Server > FW (Ports opened for req'd URL's to destination host servers) > Backend Applications (cognos & weblogic web) servers

    Direct connection from the Office VDI zone direct to the backend servers (through both firewalls) is not allowed.

     

    When I have it set up, it works fine from the IIS server but not from the VDI zone.

    From what I can see, IIS is passing back the re-written URL to the client and the connection is trying to go direct from the VDI Client to the application server?  I have tried using the re-write and re-direct options in the rule, and both seem to be passing the 'new' URL back to the client, rather than passing the request through.

    Is there anyway we can have IIS to push through the request without passing the new URL back to the client?

     

    Thanks in advance

     

    Friday, January 21, 2011 6:21 AM
  • User744767459 posted

    Hi,

    Do you mean the incorrect links in response HTML generated by application?

    If this is your case, you'll need to use outbound rewriting feature to fix these links.

    Creating Outbound Rules for URL Rewrite Module

    http://learn.iis.net/page.aspx/657/creating-outbound-rules-for-url-rewrite-module/

    Monday, January 24, 2011 2:18 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly.

     

    Regards

     

    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly.

     

    Regards

     

    Can
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly.

     

    Regards

     

    Can you
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any

     

    Regards

     

    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any

     

    Regards

     

    help
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any

     

    Regards

     

    help would
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any

     

    Regards

     

    help would be
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any

     

    Regards

     

    help would be greatly
    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Hi Leo,

     

    Thanks for your reply.

    What I'm getting is the correct URL - i.e what the IIS server would be using to connect to the application - being returned to the client, and it appears to be trying to connect directly from the client to the application server (using the URL which is only open between IIS server and application server - not from the VDI desktop). Because of this, the URL/ARR side of things works perfectly from the IIS server when testing with http:localhost/[application alias] but not working from the client VDI, because it is being blocked by the firewall.

     It looks to me like the IIS Server is accepting the initial URL (the dns alias) and transforming that into the new URL ok, but instead of passing this connection through to the backend directly, it is passing the new URL back to the client and the client is then trying to connect directly.

    What I need is for IIS to pass the request for the dns alias through to the backend seemlessly, without the client knowing/trying the amended URL directly. Any help would be greatly appreciated.

     

    Regards

     

    Monday, January 24, 2011 3:35 AM
  • User1892680260 posted

    Woah .. not sure what happened there - apologies for the multiple resonses, was not intended!

     

    Monday, January 24, 2011 3:37 AM
  • User1892680260 posted

    Hi Leo,

     Have made a bit of progress on this today, but still not quite there.

     

    Where we are now is:

    Client VDI > Backend App URL  - URL request is hitting the app server, because we can see the inbound connection in the log. This tells me the IIS rules are configured correctly, and IIS is routing the request to the backend ok, however nothing is returned to the client desktop. (page cannot be displayed)

    IIS > Application server - works ok, as we can connect to http://localhost/[app url] on the IIS server, and it returns the application login page from the backend.

    Client VDI > IIS server - works ok with default IIS page, but not with any of the backend URL's.

     

    I think what we may have is when the response comes back from the backend server, IIS is failing to route this response back to the original client? Would I be correct in thinking this is likely to be within the "outbound rules" in the URL re-writing module?

    Is there anyway of passing all responses back to the original client (regardless of which backend it comes from), or do you have to setup explicit rules for each?

     

    Thanks again for your support

     

    Monday, January 24, 2011 1:01 PM
  • User744767459 posted

    Hi,

    IIS should be able to pass responses back to the original client. The outbound rule here is used to replace internal URL in response with initial URL in case client trying to connect backend server directly.

    I'd suggest you enable Failed Request Tracing to see what's happens.

    Using Failed Request Tracing to Trace Rewrite Rules

    http://learn.iis.net/page.aspx/467/using-failed-request-tracing-to-trace-rewrite-rules/

    • Marked as answer by Anonymous Tuesday, September 28, 2021 12:00 AM
    Wednesday, January 26, 2011 2:46 AM