0

We are working on our SharePoint 2013 Azure internal sites to make internet accessible. Here are the steps performed:

  1. Assigned a public IP and created DNS entry. Host name is getting resolved to public IP on performing nslookup.
  2. Extended the existing web application to internet zone and IIS web site is available for extended web application.
  3. Created CSR and successfully installed SSL certificate provided by the vendor. Binding has been also completed from IIS.
  4. AAM has been completed.
  5. Our WFE VMs have virtual IP and internal IP. Do I need to create a DNS entry for my domain which I am trying to access mapped to virtual IP of the server?
  6. I can see an load balanced HTTPS end point has been created on Azure Portal with protocol as TCP and 443 as both internal and external port but in Access Control List I can see action as "Deny". Do I need to change it to permit ?
  7. What we have done is we have added a DNS entry for our domain and IP mapped to one of the reserve IP address (not virtual IP of any of the WFE servers). Is this maybe the issue?

When I am trying to access SharePoint site from internet, I am not able to access and getting "Page cant be displayed" error.

We are not still not able to access the site on the internet. When we are doing a tracert to the host name, after some hops we are getting "Request Time Out".

On IE we are getting a "This page cant be displayed" error. From fiddler we are getting a "502:Connection Failed" error. I am not sure what and where could be the error.

Is any change is required at load balancer or IIS?

Simon W
  • 320
  • 1
  • 8
vivek mishra
  • 81
  • 1
  • 1
  • 2
  • What is the status of nodes in loadbalancer?Checked that? – serverstackqns Mar 24 '15 at 10:46
  • Thanks for the prompt response. In the load balancer the VM status is running. – vivek mishra Mar 24 '15 at 10:53
  • I can see an load balanced HTTPS end point has been created on Azure Portal with protocol as TCS and 443 as both internal and external port but in Access Control List I can see action as "Deny". Do I need to change it to permit ? I think this should be permit. Tried? – serverstackqns Mar 24 '15 at 10:57
  • I'll try and will provide the update. Thanks for the response. Also Do I need to create a public DNS entry with the domain of my website mapped to virtual ip of WFE VM. or it should work without it? – vivek mishra Mar 24 '15 at 11:01
  • In DNS it should be mapped to the VIP, mapped in the load balancer. – serverstackqns Mar 24 '15 at 11:03
  • We removed the Access Control List and now its No ACL. Is it permitting all the internet traffic to web server ? Or we need to create with "permit" separately. If yes what should be the remote subnet value as we are trying to make it internet accessible. – vivek mishra Mar 24 '15 at 11:36

0 Answers0