There is NO INTERNET betwen the clients and the Servers. All setup is 'Internal' ONLY.
Hardware setup: I have 6 Servers,
i) Server A, is File Server for Shares - hosting WEBCONTENT, WEBCONFIG, CERTSTORE & ARRCONFIG shares.
ii) Server B, C & D - are IIS Web Servers in shared configuration and using the directories, WEBCONFIG & WEBCONTENT.
iii) Server E & F - are 2 Web Servers running Application Routing Request and URL Rewrite. These two servers are running NLB and and having a shared configuration using the directory, ARRCONFIG. Also, on these servers Centralized Certificate Store is configured.
Scenario:
I installed WEB SERVER Role on all WEB SERVERS (B, C & D) and accessed http://localhost & it opened IIS Default page. I added a Demo Site to Server B and it was working fine (http://demosite.com:90) . I copied the contents of Demo Site to WEBCONTENT folder and enabled Shared configuration. I later added other two servers to shared configuration.
I installed WEB SERVER Role on Servers E & F. After that installed URL Re-write & ARR Module. On Server E, I created a Web Server FARM and added the servers B, C & D to the Farm. I enabled Server Proxy and added the URL to the "Health" Check option of Web Server Farm. I verified the URL and the Test was passed as 'OK'.
My Question:
1. Do I need Forward Proxy or Reverse Proxy? My understanding is Reverse Proxy. If I'm wrong, guide me.
2. How do I configure Reverse Proxy so that clients connecting to ARR servers using the URL should open the page. I have a added a DNS entry to AD, pointing the web url to NLB IP of ARR. ex: demosite.com - 192.168.10.90
Let me know which part I'm missing or needs to be configured.
For URL Rewrite I read some links,
https://docs.microsoft.com/en-us/iis/extensions/url-rewrite-module/reverse-proxy-with-url-rewrite-v2-and-application-request-routing
When I was editing the Web.config file in ARR Servers for URL Rewrite, it kept giving me syntax error. Do I need to add the Reverse Proxy rule under Inbound Rule or Outbound Rule.
I have configured Centralized Certificate Store and still not yet used because my demo sites are still not using https. So If I plan to use HTTPS, do I just store my certificates in CERTSTORE or do i need to do additional bindings?
Please guide me as to what I'm missing.
