Alternative Hostname for an IIS web site for internal access only

Question

I'm using IIS in Windows 2003 Server for a SharePoint intranet.
External incoming requests will be using the host header portal.mycompany.com and be forced to use SSL.

I was wondering if there's a way to set up an alternate host header such as
http://internalportal/
which only accepts requests from the internal network, but doesn't force the users to use SSL.

Any recommendations for how to set this up?

Answer 1

Daniel, keep in mind that just because something is possbile in IIS, and via any number of off box solutions (like hardware load balancers and SSL) doesn't mean that it is supported by SharePoint, or that it is implemented in the same way.

You can do what you are asking for, however you should do it via SharePoint Central Administration, and "Create or Extend a Web Application" and then "Extend and Existing Application".

In this way you can create a new web site (in IIS) for accessing your existing SharePoint Web Application, one that can be accessed via a different hostheader, port, using SSL, Authentication mechanism, etc.

As a general rule, if you can do something in IIS AND in SharePoint, you should do it only in SharePoint.

Answer 2

Assuming that http://internalportal/ wasn't accessible from outside the company, you could set up two websites in IIS. The first site, configured to use a host header value of 'portal.mycompany.com', would require SSL. The second site, configured to use a host header value of 'internalportal', would not require SSL. The host header value is configured under 'Web Site' -> 'Advanced'.

Having a hardware load balancer makes things much easier. The site on the load balancer is set up to require SSL, and your websites in IIS are setup not to require SSL.

Answer 3

You could just add a second host header and internal IP address to the site for internal non-ssl access

172.16.3.1:443:portal.mycompany.com
172.16.3.2:80:internalportal