Web Publishing

Microsoft Internet Security and Acceleration Server 2000

Web Publishing

This scenario parallels the Web server on local network scenario of the ISA product documentation, in which a similar configuration is created through ISA Management.

The following illustration show a Web publishing scenario, with the Web servers located behind the Microsoft Internet Security and Acceleration (ISA) Server computer.

Two Web servers are located on the internal network, which is protected by ISA Server. When an Internet user requests an object on example.microsoft.com\Marketing or example.microsoft.com\Development, the request is actually sent to the ISA Server computer, which routes the request to the appropriate Web server.

Notice that when external clients request objects from Web servers, they actually gain access to the ISA Server computer. This way, ISA Server ensures that the network is never penetrated by external users. Furthermore, the Internet protocol (IP) addresses of the Web servers are never exposed. Instead, the Internet users gain access to the Web servers by specifying the ISA Server computer's IP address.

Suppose you want to publish two internal servers on the example.microsoft.com domain, one called Dev and one called Mktg. The Mktg computer should return objects when a client requests example.microsoft.com/Marketing, and Dev should return objects when a client requests example.microsoft.com/Development.

Note The relevant portion of the administrator's script is shown for each step. Each portion could be run as an independent script because it creates the root object by using the code:

Set objFPC = CreateObject("FPC.root")

Each script also includes definitions of enumerated values. Where appropriate, each script creates an object "objArray" that is equal to the array on which the script is run:

Set objArray = objFPC.Arrays.GetContainingArray

If the script were to be run as a single script, you would only have to create the root object once, define each enumerated value once, and create the array object once. The complete Web publishing script is shown at the end of this topic.

Follow these steps to publish the Web servers.

Verify that the DNS server maps the fully-qualified domain name to the IP address of the ISA Server computer. Internet clients use the domain name to request content.

Configure the ISA Server incoming Web request properties. The IP address should include the IP address of the external interface, assumed to be 2.2.2.2 for the purposes of this example.

Sub IncomingWeb()
'Create the root object
Set objFPC  = CreateObject ("FPC.Root")
'Get the current array
Set objArray = objFPC.Arrays.GetContainingArray
'Get the incoming Web request object
Set objWebRequest = objArray.ArrayPolicy.WebProxy.InComingWebRequests
'Tell the Web proxy not to listen on all interfaces.
objWebRequest.AllInterfaces = True
Set objServer = objArray.Servers.GetContainingServer
'The IP address must be that of an external interface
Set objListenEntry = objServer.ReverseProxyListenEntries.Add("2.2.2.2")
'Save your changes
objServer.Save
objListenEntry.Save
objWebRequest.Save

End Sub
IncomingWeb

Create a destination set called Marketing, which should include the computer example.microsoft.com and the path \Marketing\*, and a destination set called Development, which should include the computer example.microsoft.com and the path \Development\*.

Set objFPC  = CreateObject ("FPC.Root")
' set the destination sets to current array
Set MyFPCDestinationSets = objFPC.Arrays.GetContainingArray.PolicyElements.DestinationSets
' add a new set to the collection
Set MyFPCDestinationSet = MyFPCDestinationSets.Add("Marketing")
' add a new destination to the set
Set MyFPCDestination = MyFPCDestinationSet.Add("example.microsoft.com", , "/Marketing/")
'Set the path
MyFPCDestination.SetDestinationAsDomain "example.microsoft.com","/Marketing/"

' add a new set to the collection
Set MyFPCDestinationSet = MyFPCDestinationSets.Add("Development")
' add a new destination to the set
Set MyFPCDestination = MyFPCDestinationSet.Add("example.microsoft.com", , "/Development/")
'Set the path
MyFPCDestination.SetDestinationAsDomain "example.microsoft.com","/Development/"
' save your changes
MyFPCDestinationSets.Save

Configure a Web publishing rule that has the following parameters:

Set Destination Set to the Marketing destination set.
Set Applies to to Any user, group, or client computer.
Set Action to Redirect to a hosted site and specify Mktg as the specified host.

Sub PubRule1()
Set objFPC  = CreateObject ("FPC.Root")
const fpcRouteRedirect = 1
const fpcAppliesToAll = 0

Set objArray = objFPC.Arrays.GetContainingArray
'Get the publishing rules collection
Set PublishingRules = objArray.Publishing.WebPublishingRules
'Add the publishing rule
Set PublishingRule = PublishingRules.Add("Mktg redirect rule")
'Configure the rule
PublishingRule.SetWebSiteAndPorts fpcRouteRedirect, "Marketing"
PublishingRule.AppliesToMethod = fpcAppliesToAll
PublishingRule.Description = "Marketing Web publishing rule"
PublishingRule.Enabled = True
PublishingRule.Save
End Sub
PubRule1

Configure the second Web publishing rule with the following parameters:

Set Destination Set to the Development destination set.
Set Applies to to Any user, group, or client computer.
Set Action to Redirect to a hosted site and specify Dev as the specified host.

Sub PubRule2()
const fpcRouteRedirect = 1
const fpcAppliesToAll = 0

Set objArray = objFPC.Arrays.GetContainingArray
'Get the publishing rules collection
Set PublishingRules = objArray.Publishing.WebPublishingRules
'Add the publishing rule
Set PublishingRule = PublishingRules.Add("Development redirect rule")
'Configure the rule
PublishingRule.SetWebSiteAndPorts fpcRouteRedirect, "Development"
PublishingRule.AppliesToMethod = fpcAppliesToAll
PublishingRule.Description = "Marketing Web publishing rule"
PublishingRule.Enabled = True
PublishingRule.Save
End Sub
PubRule2