Domain Controller HTTP Redirect

No Gravatar

First, I’m not a networking guy so if this steps on some best practice please comment below on a better solution.

For a recent customer, a new domain (we’ll say contoso.com) was setup for both internal and external access.  The customer found that employees within the company network were not able to access the contoso.com webpage without specifying www.contoso.com.  Instead they were directed to a domain controller and thus a dead end.  Obviously we didn’t want to install IIS on each DC just to redirect the traffic.  Thankfully we found what looks to be a simple solution… port proxy at the server network interface level.  So far the testing looks perfect.

To enable the proxy (or forward)

netsh interface portproxy add v4tov4 listenport=80 connectaddress=www.contoso.com connectport=80 protocol=tcp

OR  netsh interface portproxy add v4tov4 listenport=80 connectaddress=<website IP> connectport=80 protocol=tcp

To see the forwarder(s)

netsh interface portproxy show all

To delete the forwarders

netsh interface portproxy delete v4tov4 listenport=80

 

References

https://support.microsoft.com/kb/555744

https://technet.microsoft.com/en-us/library/cc731068%28v=ws.10%29.aspx?f=255&MSPPError=-2147217396#BKMK_1

https://supportforums.cisco.com/discussion/11994731/what-port-numbers-icmptcpudp

http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml

April 8, 2015

Posted In: Uncategorized