I have some Windows machines on an internal network.
One of them (at 192.168.164.14/24) has an HTTP/HTTPS server listening on the usual ports, 80 and 443, respectively.
Due to an odd constraint I need to have some of the other machines connect to this server via another server (at 192.168.160.25/24). I want this to be completely transparent; this machine should simply forward requests to the web server and replies from the web server back to the client.
Windows Server 2003 R2 seems to have a way to do this built in - the Routing and Remote Access service.
I configured RRAS with the Wizard with: Custom Configuration > NAT and Basic Firewall, LAN routing.
Under "NAT / Basic Firewall" in the RRAS tool I set up (on the NIC with 192.168.160.25/24):
- Public Interface connected to the Internet
- Enable NAT on this interface
- Services and Ports
- Secure Web Server (HTTPS)
- Public address: On this interface
- Protocol: TCP
- Incoming port: 443
- Private address: 192.168.164.14
- Outgoing port: 443
- Web Server (HTTP)
- Public address: On this interface
- Protocol: TCP
- Incoming port: 80
- Private address: 192.168.164.14
- Outgoing port: 80
- Secure Web Server (HTTPS)
However, this configuration doesn't work - the 192.168.160.25 machine won't accept connections on ports 80 or 443.
An alternate tactic, using netsh portproxy doesn't work either:
C:\>netsh interface portproxy show v4tov4
Listen on IPv4: Connect to IPv4:
Address Port Address Port
--------------- ---------- --------------- ----------
192.168.160.25 80 192.168.164.14 80
192.168.160.25 443 192.168.164.14 443
C:\>netstat /na | find "80"
C:\>netstat /na | find "443"
What am I missing? I should not IPV6 is installed; Googling shows this is a common cause for failures. Any help is appreciated.