I have one public IP Address and two web server inside my LAN. for example 10.0.0.1, 10.0.0.2 are the local IP address my Web servers. I have configured to NAT port 80 to 10.0.0.1 on my router. Just wondering if it's possible to reverse NAT in the router by name? If the request header is test1.com redirect to 10.0.0.1 and if it's test2.com redirect to 10.0.0.2. Or can I do that at IIS level? I mean in the router redirect all 80 request to 10.0.0.1 and in the Webserver1 if the hostname is test2.com then redirect to 10.0.0.2.
Related
I would like to deny access (from outside) to http / https ports when the server's ip address is used in the URI and there is no domain name. Is this possible?
The server is Ubuntu 20.04 and uses Linux IPTables Firewall + Webmin.
I am using Windows Server 2019 and in IIS 10 I have created a website and I have bound it to both: "localhost" and "mydomain.com" on port 80.
mydomain.com works correctly from any client but on the server only when I call "localhost" it works otherwise I get the following error (when called by domain):
Configure your DNS in your local server to resolve the domain name as localhost
On clients, your request domain.com is resolved by its configured DNS.
It can be on public DNS (internet) or private ones (company, intranet).
From the server domain.com, do you have access to the same DNS than your clients use ?
If not, either configure additional DNS servers :
https://serverspace.io/support/help/configuring-a-dns-server-on-windows-server-2012-or-later/
or you could edit you Host file of mydomain.com (local DNS):
C:\Windows\System32\drivers\etc\hosts
It may look like that :
127.0.0.1 localhost
127.0.1.1 mydomain.com
# and existing settings
The goal here is to set up a hostednetwork wifi on a server (fake server, it's Windows 10 x64), the client connect to this wifi, then connect to the website on the server. This is done by creating the hostednetwork :
netsh wlan set hostednetwork mode=allow ssid=BORNE-1234 key=12345678
netsh wlan start hostednetwork
IIS is configured with a simple website in it. And I just tried every bindings possible :
http borne.fr 80 *
http borne.fr 80 192.168.137.1
http (Empty) 80 192.168.137.1
http www.borne.fr 80 *
http www.borne.fr 80 192.168.137.1
Then i edit the C:\Windows\System32\drivers\etc\hosts file to add this line :
192.168.137.1 borne.fr www.borne.fr
I even tried with 127.0.0.1 but nothing works. On a browser on the server, borne.fr works. But if I connect to the created wifi with another machine borne.fr give the error ERR_NAME_NOT_RESOLVED whereas with the IP address it works. I tried everything mentioned here https://serverfault.com/a/452269.
I also added an exception on the firewall (in and out) for port 80.
Any Ideas ?
You need to also set "192.168.137.1 borne.fr www.borne.fr" on another machine.
If "192.168.137.1 borne.fr www.borne.fr" is not set on another computer, it will not know what the IP address of www.borne.fr is.
Hosts files were used to resolve hosts names before DNS. hosts files would be massive documents used to aide the network name resolution.
If you have a DNS server in your LAN, you can configure the DNS server to resolve www.borne.fr to 192.168.137.1.
I have a website hosted on the following path: mywebsite.com/test with the following DNS
mywebsite.com A 1.2.3.4 (host ip)
host.mywebsite.com A 1.2.3.4 (host ip)
On another domain I'm trying to make a subdomain CNAME redirect to this page using the following:
link.myotherdomain.com CNAME . mywebsite.com/test
However when I access link.myotherdomain.com it shows the host.mywebsite.com instead of mywebsite.com
I'm doing something wrong?
Thanks
CNAME record cannot include path. It only for domin to domain.
This setting will work.
link.myotherdomain.com. CNAME mywebsite.com.
If configured properly, all of mywebsite.com host.mywebsite.com link.myotherdomain.com are resolve to 1.2.3.4, then the following HTTP request is sent to IP address 1.2.3.4.
GET /test HTTP/1.1
Host: link.myotherdomain.com
......(omit)
Now, the most suspiicious element is the Virtual Host setting of webserver.
This is a function of the web server that behaves as if it is a different server according to the Host value in the request header.
To survey about Virtual Host, the following might be the most simple method.
curl -H 'Host:mywebsite.com' http://1.2.3.4/test // this will ok
curl -H 'Host:link.myotherdomain.com' http://1.2.3.4/test // this will not ok if Virtual Host enabled
I'm having a small issue with dnsmsasq on debian-jessie, it seems to forward incoming DNS queries to 2 ports instead of 1.
Background:
Runs on a machine whose LAN IP is 192.168.0.10. Sits behind a home router. The home router is configured to forward DNS traffic to 192.168.0.10. That part works, I do see incoming traffic from the LAN onto this machine.
dnsmasq configuration:
>cat /etc/dnsmasq.conf | grep -v ^# | grep -v ^\s*$
domain-needed
bogus-priv
server=127.0.0.1#5053
cache-size=10000
My resolv.conf tells local processes to send DNS queries to dnsmasq
>cat /etc/resolv.conf
# Generated by resolvconf
nameserver 127.0.0.1
And dnsmasq, if it can't answer from its cache, then forwards incoming DNS traffic to another service running locally and listening on port 5053 via the server=127.0.0.1#5053 config. That service is something I build myself and it does not forward DNS queries to 8.8.8.8
This works but not the way I intended. DNS queries get answered properly. As expected, port 5053 shows traffic and even provides answers (though slower than GoogleDNS)
>tcpdump -l -n -i any '(port 5053) and (port 53)'
13:57:53.817522 IP 127.0.0.1.47207 > 127.0.0.1.53: 7494+ [1au] A? www.example.com. (44) # dnsmasq receives a query from `dig www.example.com` running locally
13:57:53.818609 IP 127.0.0.1.5258 > 127.0.0.1.5053: UDP, length 44 # dnsmasq forwards to local DNS Server listening on 5053
13:57:53.818970 IP 192.168.0.10.5258 > 8.8.8.8.53: 50849+ [1au] A? www.example.com. (44) # dnsmasq forwards to 8.8.8.8 on port 53 (Google DNS)
13:57:53.862170 IP 8.8.8.8.53 > 192.168.0.10.5258: 50849$ 1/0/1 A 93.184.216.34 (60) # dnsmasq receives answer from 8.8.8.8
13:57:53.862559 IP 127.0.0.1.53 > 127.0.0.1.47207: 7494 1/0/1 A 93.184.216.34 (60) # dnsmasq forwards answer to dig running locally
13:57:53.980238 IP 127.0.0.1.5053 > 127.0.0.1.5258: UDP, length 49 # dnsmasq receives answer from local DNS Server
So it appears dnsmasq tee's DNS queries to both
127.0.0.1 on port 5053, and almost immediately after also forwards to
8.8.8.8 on port 53
Why, what's wrong with my dnsmasq configuration, I expected traffic only on port 5053?
And where is that 8.8.8.8 coming from. Yes I know that's Google DNS, but where is dnsmasq or linux getting that IP from and which config file can I edit to change that?
>grep -r 8\.8\.8\.8 /etc/*.conf
returns nothing.