How to expose IIS to the internet

defiant1970 · ‎05-24-2010

I am really new to vmware and I have a problem.

I have installed ESXi 4.0 and the system is working properly (I think). I created a virtual machine to serve up my website and called it webserver and is connecting out to the internet fine. Previously I had a phisical box for this task. The router is setup to fowared the port 80 requests to the webserver IP Address. Now when I access a machine within the ESXi Host you can see the website from the webserver (repeat with in the ESXi Host network) using the local ip 192.168.1.100. Now trying to connect to the webserver outside the host (like my desktop machine) which is a real network and enter the same IP address 192.168.1.100 there is an error connecting to the webserver's website.

I Have been reading alot looking for an answer to this question. I don't know how to get this networking to work. Somethings I have read (I don't know if this right or not) you have to bridge or uplink the virtual network to the phisical network. In other words I am lost and I do know something about networking, but the networking with vmware seems different than what I am use to.

Any help would be very greatfull

Harry

Linjo · ‎05-24-2010

Hi Harry.

The netwoking in ESX is not much different from a physical switch.

When adressing your server from the internet you can not use the internal IP192.168.1.100, you have to use the external (whatever your service provider provided you with.) If you open a browser from within your network and go to www.whatsmyip.org it should tell you.

Then you need to setup a port forwarding on your router to your internal IP and maybe also open the firewall for the port 80.

Best regards,

Linjo

If you find this information useful, please award points for "correct" or "helpful".

Best regards, Linjo Please follow me on twitter: @viewgeek If you find this information useful, please award points for "correct" or "helpful".

defiant1970 · ‎05-25-2010

thank you for the answer

All the document I read didn't mention the IP addressing has to come from the ISP. Wow

thanks

Harry

Texiwill · ‎05-26-2010

Hello,

Here is how I do this (for Apache not IIS, but it is really the same)

Internet <-> pSwitch (DMZ) <-> pNIC (DMZ) <-> virtual FW <-> vSwitch (DMZ) <-> Web Server

or

Internet <-> DMZ Firewall <-> pNIC (DMZ) <-> vSwitch (DMZ) <-> Web Server

You really want to keep the VMs out in the wild behind some sort of DMZ firewall whether physical or virtual. I would not just PLACE the VM out on the internet directly.

Best regards,
Edward L. Haletky VMware Communities User Moderator, VMware vExpert 2009

Now Available: 'VMware vSphere(TM) and Virtual Infrastructure Security'[/url]

Also available 'VMWare ESX Server in the Enterprise'[/url]

Blogging: The Virtualization Practice[/url]|Blue Gears[/url]|TechTarget[/url]|Network World[/url]

Podcast: Virtualization Security Round Table Podcast[/url]|Twitter: Texiwll[/url]

--
Edward L. Haletky
vExpert XIV: 2009-2023,
VMTN Community Moderator
vSphere Upgrade Saga: https://www.astroarch.com/blogs
GitHub Repo: https://github.com/Texiwill

defiant1970 · ‎05-28-2010

Hello

Is the dmz host settings in the router?

I am not sure what your acronyms stand for could you elaborate?

This very anti VMware but I did start using virtualization software from micromoth. I have to switch hard drives from VMware to working Win Hyper-V with a working webserver for right now. This is the beginning of our business data center and I have only one IP. All requests come through this IP and are forward to the right ports to the right computers, and are setup through the router (basic stuff hu) which is a Linksys 54g. The router is the DHCP but there is static setup for each server (internal IP's).

This network worked pretty much the same for the last 5 years except the intagration of virtualization.

Is VMware geared towards networks directly connected to the internet?