Connect. Communicate. Collaborate. Securely.

Home » Kerio User Forums » Kerio Control » Split HTTP Traffic (How do I split two web sites?)
  •  
vertigo1md1032

Messages: 4
Karma: 0
Send a private message to this user
I know that this is probably something simple...

I have two seperate Web Servers in my network on my 10.0.0.X LAN. They both sit behind a single WAN IP Address (24.X.X.X). How can I split traffic so that all protocols/services (http, RDP, FTP) etc, for server1.domain.com go to server1 (10.0.0.10) in my domain, and server2.domain.com go to server2 (10.0.0.20)?
Thanks in advance.

Josh

  •  
vertigo1md1032

Messages: 4
Karma: 0
Send a private message to this user
Does anyone know how to do this?
  •  
vertigo1md1032

Messages: 4
Karma: 0
Send a private message to this user
OK this is ridiculous! Either way...

For anyone looking to run two servers with active server web pages behind a Kerio Firewall:

Until they actually add a 'publishing rule' feature, this is IMPOSSIBLE with Kerio. If it must be done (as in my case), the best way to do it is to cloak your DNS at the registrar and point the page to a different port. Then run a translation port mapping rule to grab everything off the port you are cloaked to (81) and translate it to 80.

MS ISA 2000,04,and 06 have this!! They will allow you to say "what is the website behind your firewall? - siteone.domain.com. Ok what would you like it to be published as to the outside world? sitetwo.domain.com." It's called a publishing rule and is easily the best thing MS has going for them in terms of ISA/Firewalls.

Kerio needs to jump on the ball! I love KWF but this is critical!
  •  
winkelman

Messages: 2119
Karma: 3
Send a private message to this user
Alternative solution:
Bind two public IP addresses to your WAN NIC, publish both web servers to those seperate IP addresses (in DNS) en route incoming traffic based on the destination IP. (This would cost you one public IP address, yes.)
  •  
RHarmsen.nl

Messages: 189

Karma: 0
Send a private message to this user
Or let one of the webservers act as a proxy for the second one.

I did this with apache in order to provide my Kerio Webmail to my users, on the same port as our website
  •  
vertigo1md1032

Messages: 4
Karma: 0
Send a private message to this user
The "bind two IP's" idea went right out the window. No offense. The idea was to figure out a way to publish the hostname to the internet- I.E- mail.domain.com and www.domain.com visible from the outside, both with active server pages (aspx etc.) and both on port 80.

On the other hand the proxy idea...? Isn't that what Kerio essentially is? That's what I'm using it for at least. Besides the proxy would have to go in not out, and if that's the case then it's impossible if you don't specify the proxy traffic on the remote users machine.

Am I wrong? I'm a big enough guy to admit when/if I'm wrong, but I've already considered both of these alternatives. I believe this is a failure of the product. ISA will win every time when it comes to ASPX, Sharepoint, OWA, CRM (on 80, for whatever reason), etc., and unfortunately I like Kerio better. Specifically for the GUI and the wizard at the beginning. It shaves at least an hour off the initial setup. Nice addition.

Are there any other suggestions?
Previous Topic: 3 local subnets and 3 external IPs
Next Topic: Winroute & Mobile Phone Email
Goto Forum:
  


Disclaimer:
Kerio discussion forums are intended for open communication between forum members and may contain information and material posted by members which may be useful in learning about Kerio products. The discussion forums are not intended to provide technical support for any specific product. Any information implied or expressed in the discussion forums is that of the posting member. Kerio is in no way responsible for the information posted in the forums, or its accuracy. Kerio employees may participate in the discussions, but their postings do not represent an offical position of the company on any issues raised or discussed. Kerio reserves the right to monitor and maintain the forums to promote free and accurate exchange of information.

Current Time: Sun Nov 19 15:28:49 CET 2017

Total time taken to generate the page: 0.00714 seconds
.:: Contact :: Home ::.
Powered by: FUDforum 3.0.4.