IIS permissions with portfowarding

Hi all,

I am not sure why this is not working and would really like some advice and help please.

I have an Ubuntu box acting as my main server doing firewall and website with PHP etc. I have a small 2003 box inside the network where I am playing with .NET. The only way I could figure out how to get both web servers running at the same time was to use portforwarding to the windows box. i.e:

http://houseofhawkins.com = Ubuntu

http://houseofhawkins.com:8866 = windows box.

the windows box is still running on port 80 and I can test it and get the site up happily from inside my network, but when I put that url in it wont display:



I have done: http://www.canyouseeme.org/ and it says it can see the port and the service but no page is displayed.

This leads me to think that IIS is blocking it externally or something. I have NO idea how to figure this out and am really stuck now.

Any and all advice would be SO welcome.

Thank you in advance

If IIS is running on port 80, where are you translating incoming traffic from port 8866 to port 80?

sorry I didn't put that. I use IP tables for my firewall on the Ubuntu box. I have the following rule:

$IPTABLES -A PREROUTING -t nat -i $EXTIF -p tcp --dport 8866 -j DNAT --to 192.168.10.100:80
$IPTABLES -A FORWARD -p tcp -m state --state NEW -d 192.168.10.100 --dport 80 -j ACCEPT

the windows box has a static IP of 192.168.10.100. I use port forwarding in a couple of other places with the same info (basically) so I am pretty sure the rule is perfectly ok.

I am wondering if it is because I was in the local network. I seem to remember a similar problem somewhere where it worked for outside the network but not inside....

I can not test this at the moment as my work is kind enough to block all but port 80 so I will test windows.houseofhawkins.com later (if someone reads this before I post again and feels kind could they see if they get a naf looking site appear please?).. this site is VERY much still in production (eary stages).. just want to ensure I have the links working correctly.

Thanks

just tested it from brother works vpn.. it does work.. it was a werid issue of my local dns i think.. my work blocks all other ports so I couldnt see it there either.

but its all alive now

I'm glad you got it working.

btw, I've use rinetd in Fedora as a simpler-to-configure TCP port redirector as an alternative to changing iptables.

Thanks for the info.. looks interesting.. wish I could find a way to truly mask the fact that I have to put the request into another port.... ( I have dynamic dns with easydns.com) I tried setting up a subdomain and just forwarding that to the normal server and use the virtual host to forward it to the other machine but with no joy...

that would get rid of the need for a different port and the problem of ports being blocked.