0

I have a WCF services hosted on IIS on one of our windows 2019 server and it is working properly. Now as per our new architecture we should not expose this service to outside directly. Like if any user tries to hit my WCF service from outside (via internet) it should not directly hit my server to get the response rather the request should first come to DMZ zone windows server and from this DMZ server I need to route to our actual windows server where my wcf service is hosted.

To achieve this I tried with IIS URL Rewrite on my DMZ server. If request comes from outside it will first hit the DMZ server IIS and from there I am using URL rewrite to route the service to my actual server where the services are hosted. But this approach is not working I am getting 404 and 502 errors. Below is the Inbound rule screenshot.

enter image description here

How can I achieve this WCF service routing from one windows server to another windows server?

James Z
  • 12,209
  • 10
  • 24
  • 44
Vasu
  • 1
  • 2
  • are you trying to route requests from HTTP to https? enable failed request tracing in iis and provide the log after removing the sensitive information. make sure you install the Application Request Routing feature in iis. https://learn.microsoft.com/en-us/iis/troubleshoot/using-failed-request-tracing/troubleshooting-failed-requests-using-tracing-in-iis – Jalpa Panchal Nov 23 '20 at 09:54

1 Answers1

0

1)Install Application Request Routing feature.

2)Open iis-> Application Request Routing -> server proxy setting-> enable proxy

enter image description here

3)Add below code in the web.config file:

<system.serviceModel>
     <serviceHostingEnvironment aspNetCompatibilityEnabled="true" multipleSiteBindingsEnabled="true" />
 </system.serviceModel>

4)Open iis, select site(which has public binding)

5)Double click URL Rewrite.

6)Using the “Add Rule(s)…” template that is opened from the right-hand actions pane, create a new Reverse Proxy rule.

7)In reverse proxy template add an internal server or site IP or server name.

You can choose whether to perform SSL Offloading or not. If you leave this checked then all requests to the internal server will be over HTTP regardless of the original web request. This can help with performance and SSL bindings if all requests are within a trusted network. If the network path between the two web servers is not completely trusted and safe then uncheck this.

Next, enable Outbound rules. You can enter your friendly public URL for the outbound rule.

enter image description here

Click ok to save the rule.

You could refer to the below link for more detail:

https://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis

WCF using Reverse proxy

Jalpa Panchal
  • 8,251
  • 1
  • 11
  • 26
  • Thank you so much for your reply. I am trying to route requests from https to https. Is it feasible/possible to do this kind of routing ?? I tired in the same way as mentioned in the article(https://weblogs.asp.net/owscott/creating-a-reverse-proxy-with-url-rewrite-for-iis) but I am getting HTTP Error 502.3 - Bad Gateway Error. – Vasu Nov 24 '20 at 10:47
  • – Vasu Nov 24 '20 at 11:05
  • Above is my DMZ server website config file after adding reverse proxy rule. Please check and correct me if am wrong. – Vasu Nov 24 '20 at 11:07