Home > Forums › IIS 7 › IIS 7.0 - Application Request Routing (ARR) › Need Help for setup rules

Thread: Need Help for setup rules

Last post 06-30-2009 10:53 AM by mihoge. 11 replies.

Average Rating Rate It (5)Thank you for the rating!

RSS

Page 1 of 1 (12 items)

Sort Posts:

Shortcuts

Search | Active Posts | Unanswered Posts | View all users

06-16-2009, 5:25 AM

Coroebus
Joined on 08-06-2005, 6:45 PM
Posts 13

Need Help for setup rules

Reply Contact

Hello,

I'm trying to publish Owa and MSCRM 4 with ARR.

OWA is exposed on port 80 and MSCRM on port 5555 on the same machine

from the ARR server I can use Owa with this URL : http://10.0.0.3/OWA

and MSCRM http://10.0.0.3:5555

Can you tel me what rules i have to create to publish them ?

Thanks a lot

Excuse me for my froggy english !

06-16-2009, 9:11 AM In reply to

ganeshanekar
Joined on 11-15-2006, 12:29 AM
India
Posts 532

Re: Need Help for setup rules

Reply Contact

Not sure. Sorry.

~ Ganesh

06-16-2009, 10:46 AM In reply to

wonyoo
Joined on 12-15-2007, 6:46 PM
Posts 125

Re: Need Help for setup rules

Reply Contact

I would need to know a few more details.

1) Is OWA and MSCRM 4 running on the same machine?

2) What ports are they running on (80 and 5555)? Are they all via clear text? No SSL?

3) How many such machines do you have?

4) Are you trying to deploy an ARR in front of such machines for load balancing purposes?

5) What ports do you want to expose OWA and MSCRM 4 on ARR?

06-16-2009, 11:56 AM In reply to

Coroebus
Joined on 08-06-2005, 6:45 PM
Posts 13

Re: Need Help for setup rules

Reply Contact

Hello,

thank you for your help.

1) Is OWA and MSCRM 4 running on the same machine?
Yes, and they works fine

2) What ports are they running on (80 and 5555)? Are they all via clear text? No SSL?

CRM : http://10.0.0.3:5555 port 5555
OWA : http://10.0.0.3/owa port 80
SSL is configured but not used

3) How many such machines do you have?

only 1

4) Are you trying to deploy an ARR in front of such machines for load balancing purposes?

no, only for NAT purposes, it is a virtual machine with NAT and I only want to expose web ports

5) What ports do you want to expose OWA and MSCRM 4 on ARR?

only 80 and 443, i want to acces it by http://corp.mydomain.com/crm and http://corp.mydomain.com/owa

Thank you for your help

Excuse me for my froggy english !

06-18-2009, 12:52 PM In reply to

wonyoo
Joined on 12-15-2007, 6:46 PM
Posts 125

Re: Need Help for setup rules

Reply Contact

Here is what I would recommend as a start. Although you do not have to use a server farm in this case (as you are not using it as a load balancing scenario), I would still recommend using the server farm as using ARR in the context of server farm provides additional features, such as health monitoring, run time statistics, etc.

I would create two farms - your config would look something like:

Basically, what you have there is a farm for OWA and another farm for CRM. The main difference is the HTTP port. (80 is default for HTTP so you do not need to specify it for the OWA case.)

Then, I would write the URL rewrite rules that look something like:

What you are doing there is the following:

If the URL looks like http://corp.mydomain.com/owa, then route it to OWA farm. (Note that it is reference 0 - meaning it forwards everything starting /owa.... - this is okay, since your OWA on 10.0.0.3 is also expects /owa...
If the URL looks like http://corp.mydomain.com/crm, then route it to CRM farm. (Note that it is reference 1 - meaning it forwards everything after /crm... - this is necessary since your CRM is running on the root of the server (ie. It does not expect /crm/someurl. It expects /someurl).

As a precautionary measure, you may also want to add the following rule to block everything else.

That is to say that, if the URL does not look like either http://corp.mydomain.com/owa or http://corp.mydomain.com/crm, then respond 400.

Finally, because you are rewriting the URL for your CRM app (ie. the client sends /crm/someurl but your server receives /someurl), it may or may not work correctly depending on whether your crm application uses relative path everywhere. It it uses an absolute path somewhere to reference a resource on the machine, then it may not work correctly. For your OWA, it should work fine.

06-25-2009, 4:03 PM In reply to

mihoge
Joined on 06-25-2009, 3:37 PM
Posts 4

Re: Need Help for setup rules

Reply Contact

Using the information posted by wonyoo I was able to setup a reverse proxy using a server farm and a rewrite rule routing to this server farm. My problem is while the main URL works, https://host.domain.com:7004/directory1, when I click on a link for https://host.domain.com:7004/directory2 I get a page not found message because the URL still has directory1 in the path. Right now my pattern is just "*" and if i change it seemingly anything else, even the working main page then breaks with the same page not found message. Any help would be appreciated.

Tags: ARR Reverse proxy URLRewrite

06-25-2009, 4:21 PM In reply to

wonyoo
Joined on 12-15-2007, 6:46 PM
Posts 125

Re: Need Help for setup rules

Reply Contact

Could you provide more info on where you are getting the /directory2/ path? Is that embedded in the entity body of the response? I am little bit puzzled as to where you might be getting that info. Also, could you provide the URL rewrite rules and the scenarios that you are trying to enable.

Tags: ARR application Request Routing reverse proxy

06-25-2009, 4:51 PM In reply to

mihoge
Joined on 06-25-2009, 3:37 PM
Posts 4

Re: Need Help for setup rules

Reply Contact

Thanks for the fast reply! The /directory2/ is coming from a link on a page in /directory1/ both directories are on the server farm member, not the proxy. The rewrite rule is configured in the GUI as follows:

Name: ARR_title_loadbalance

Requested URL: Matches the pattern

Using: Wildcards

Pattern *

Ignoring case

no conditions

action type: route to server farm

https://FarmName/{R:0}

Stop processing of subsequent rules

Scenario is AAR server is making an internal web application, the RSA Two-Factor self service console, available to the Internet. Internal server has a weblogic site running on HTTPS port 7004. I've created the server farm server specifying the https port to be 7004. I have not created any web.config file on the ARR server in the default directory. I don't this this matters in this case, but there are SSL certificates on the RSA server that I've imported into the ARR server. Failed request traces currently show a 302 error, but I know the path is invalid, but I'm unable to determine how to make toe URL dynamic after the port is specified. I need to be able to be on https://host.domain.com/directory1/ and click a link to get to https://host.domain.com/directory2/sub/blah/blah but right now, clicking that link give me https://host.domain.com/directory1/sub/blah/blah

06-25-2009, 8:57 PM In reply to

wonyoo
Joined on 12-15-2007, 6:46 PM
Posts 125

Re: Need Help for setup rules

Reply Contact

Because your rule is matching everything (Pattern *), neither the URL rewrite or the ARR is manipulating the path (ie. It is not rewriting /directory2/ to /directory1/). I suspect that the 302 is actually coming from the content server.

If you bypass ARR and entered https://host.domain.com/directory2/sub/blah/blah directly on the content server, does it redirect you to https://host.domain.com/directory1/sub/blah/blah?

06-29-2009, 11:09 AM In reply to

mihoge
Joined on 06-25-2009, 3:37 PM
Posts 4

Re: Need Help for setup rules

Reply Contact

No, if I enter https://host.domain.com/directory2/sub/blah/blah directly on the content server it does bring up the proper page, however there is a invalid certificate warning. While on the content server I did notice that on the main page (https://host.domain.com:7004/directory1/) when I hover over the link that fails, the URL displayed is as https://host.domain.com:7004/directory1/sub/blah, but when I click it the actual URL in the address bar becomes https://host.domain.com:7004/directory2/sub/blah. It seems the content server is flipping the URL from directory1 to directory2, but the ARR server doesn't know about the swap. If it's at all helpful, there is a setup how-to for this application and reverse proxy using ISA, would there be useful information in there that might translate into ARR?

06-29-2009, 1:16 PM In reply to

anilr
Joined on 05-23-2006, 10:13 PM
Redmond, WA
Posts 2,343

Re: Need Help for setup rules

Reply Contact

Please collect failed request tracing for all requests passing via ARR - this will clear up exactly what is going on - you can e-mail them to me at anil (dot) ruia (at) microsoft (dot) com

Anil Ruia
Senior Software Design Engineer
IIS Core Server

06-30-2009, 10:53 AM In reply to

mihoge
Joined on 06-25-2009, 3:37 PM
Posts 4

Re: Need Help for setup rules

Reply Contact

Trace logs sent.

as another test, from the Internet I tested typing the failing link by directly typing that url into the browser. oddly enough, the RSA security console page does come up, but there is an authentication warning stating "you need to open a new window with the correct url to login". I know this is coming from the content server and i'm wondering if the error is due to the proxy rewrite or if some cookie based authentication is getting lost.

Page 1 of 1 (12 items)