Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Intranet and Extranet Setup

Status
Not open for further replies.
Jiminald

Jiminald

Programmer
Oct 11, 2006
39
GB
Hi,

I am setting up my apache2 webserver (on a windows 2003 box) and I need to serve an intranet as well as an internet/extranet site.

As the sites will share the same files and folders, I'm guessing this is a virtual host on its own

So, I think I need 3 virutal hosts to serve everything, I just need to find a way of splitting the traffic from internal and external traffic.

I port forward port 80 and 443 (used to authenticate users by LDAP) to my box from outside, but it also forwards the external users IP address. So I can only filter by network traffic. The network traffic is: 192.168.32.xxx (computer DHCP IP).

I'm guessing I need to use mod_rewrite or similar.

All help appreciated.

Thanks :)
 
Sort by date Sort by votes
What is the difference in the content to be delivered? If the external clients will see the same website as the internal ones, then only one "host" is necessary (no virtual hosts required). Just point everyone to 192.168.32.xxx or the external IP address. Depending on your firewall, you might need to set up separate internal and external DNS zones.

If you need different virtual hosts, then the easy way is to add an IP address and forward external traffic to it and use the original address for internal users. Again, different DNS zones will be needed.
 
Upvote 0 Downvote
For Example, I have webcams as security cameras, as there are a varitey of people in the room, I cant get everyone's consent in showing their picture online. So I want to hide all the webcams images.

Well if the user in accessing it from inside, I want to run mod_auth_sspi to auto-authenticate.

Why would I need to play around with the DNS?
What would I need to change/modify/add/remove/etc....?

Thanks :)
 
Upvote 0 Downvote
I see. Then yes, probably virtual hosts is the easiest way. mod_rewrite could do it, but you'd have to spell out what you do and don't want to publish.

I'd probably simply use access controls, like .htaccess. Create a directory as /webcam, and put a .htaccess file in or add the configuration to httpd.conf to restrict access to only certain addresses, users or groups.

I mentioned DNS because external users won't be accessing your server at 192.168.anything. For them, your website name needs to resolve to the public address. Depending on your firewall type, internal users may not be able to use the same IP address.
 
Upvote 0 Downvote
Ok. I have only one Net Card in the webserver, so they are both coming in on the one line, the webserver is behind a firewall/proxy for external users, which all ports I need are forwarded.

What I was thinking about my vhosts was, users come in, and i have a subdomain with all the public and shared files, then the respective vhosts hold their own "special" files...

Can you suggesst how to use mod_rewrite to do what I want? I haven't ever needed to deal with it before.

Thanks :)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

SamBones
  • Locked
  • Question
CentOS 7 and Putty
Replies
2
Views
397
SamBones
SamBones
KannaChan
  • Locked
  • Question
TLS1.2 and TLS1.0 proxy in same Virtualhost
Replies
1
Views
355
ChrisHirst
ChrisHirst
macrun95
  • Locked
  • Question
I had a cifs mount blow up and now
Replies
0
Views
167
macrun95
macrun95
eliogabalus
  • Locked
  • Question
apache and IP oddities
Replies
0
Views
242
eliogabalus
eliogabalus
ady2012
  • Locked
  • Question
I had 2 text files and same contain
Replies
5
Views
341
ady2012
ady2012

Part and Inventory Search

Sponsor

Back
Top