3

I am running a website in IIS and am also running another piece of software which streams media over port 1935 on the same server. The streaming software also has the capability of delivering content over port 443. I have assigned an SSL certificate to it, but it can't bind to port 443 on the IP address it uses as it is being taken by IIS.

I am not able to use the 'netsh' command to explicity bind the IP address being used by the website, because I also need to binding for the streaming application's IP address in IIS so that content can be deliverd over port 80.

Is there a way of being able to stop IIS listing on port 443 for a specific IP address, whilst still allowing it to listen on port 80 for the same IP?

5lovak
  • 422
  • 5
  • 11
  • did u find any solution? – Behrouz.M May 25 '18 at 09:31
  • There was no solution to this in the end, apart from to use an additional IP address on the server. You can then bind the IP address to be used in IIS using the 'netsh' command, and use the other IP address for SSL in the other web server. If an IP address is bound to IIS, then it is always for ports 80 and 443. – 5lovak May 25 '18 at 14:07

2 Answers2

0

By default, IIS binds to all IP addresses even when you specify an IP Address in the Site's Binding.

What you need is runing following command in an elevated command prompt.

netsh add iplisten ipaddress=www.xxx.yyy.zzz`

where www.xxx.yyy.zzz is the IP Address you want IIS to bind to. Run the command multiple times if you want IIS to bind to additional IP Address.

https://docs.microsoft.com/en-us/windows-server/networking/technologies/netsh/netsh-http

Tony
  • 101
  • 2
0

You can configure it in bingings for you site:

  1. Open IIS Manager.
  2. In the Connections pane, expand the Sites node in the tree, and then click to select the site for which you want to edit a binding.
  3. In the Actions pane, click Bindings.
  4. In the Site Bindings dialog box, select binding to ip-adreess you need to free and remove it. Or select 443 port binding with * in ip-adreess field end edit it to turn off the binding to the ip-address that you want to release.
  5. After edditing close with Ok
Slipeer
  • 3,255
  • 2
  • 18
  • 32
  • 1
    Thank you for your suggestion, but I don't have an SSL binding for my site in IIS. IIS is listening on port 443 for all IP addresses on the box. If I do a netstat I can see that PID 4 (IIS) is listening for it on all IP's, even though it isn't explicitly bound. – 5lovak Dec 15 '16 at 15:37
  • May I suggest that, you use secondary IP address on the interface and just translate queries going to your initial destination port to this ip with whichever port you want to use? This way you have logical separation of applications. – nethero Jan 25 '19 at 09:51