Recommended Posts

Hi everyone,

 

I'm looking for some help with virtual webservers, and accessing them over the internet. This is a big one, and quite technical, so I was trying to eye up @BudMan at the bar for this waving a pint at him, let's see if he bites. First off, some info about my server:

 

MB/CPU/RAM: SuperMicro X9DRL-iF MB, dual Xeon E5-2620 CPU's & 32GB ECC RAM

Case: Phanteks Enthoo Pro full size tower case with dual Corsair watercoolers and case fans.

OS: Windows Server 2012 - configured as Active Directory and Apache server for domain "kitamuracomputers.net" with several subdomains.

System hostname: riku.kitamuracomputers.net

Network IP addressing: Manual/Static

Virtualisation Software: VirtualBox and VMWare Workstation 12 Pro

 

This beastly computer above, known as Riku, is the leading mechanical lady that powers my entire small computer repair business with her companion mirror backup server Cleo, they never miss a beat (reliable multitasking ladies lol), and I want to start using Riku for virtualisation, except I'm not as up-to-date with virtualisation as I should be, too busy running the business and looking after customers, and the servers. I know, I know, solutions not excuses, but oh well, abusing my own company oath! I'm the boss, I can be naughty now and again, it's in my geek blood :)

 

I can install OS'es and all that stuff, and set up VM's for access over the internet via RDP, and assign manual IP addresses to VM's. I'm not quite at the VMWare eSXi (is it still called that?!?) data farm stage lol, but I'm getting there and I love virtualization, it's so easy backing them up and snapshotting!

 

My issue

 

I want to set up virtual servers. Here's the steps I take:

 

1. Use either Linux or Windows in a VM, and install a LAMP or WAMP stack (fully securing it regards passwords and all that before web facing it, of course), giving it a static IP address and host name, in this case, "sarah.kitamuracomputers.net".

2. Create a basic website on the VM, testing the stack locally which works fine, also works outside the VM on the network.

3. Set up subdomain A records for the (example) name "sarah.kitamuracomputers.net" on both Active Directory on Riku and my domain registrar.

 

However, I can access the VM site perfectly on the internal network, but not over the internet, the main webpage for kitamuracomputers.net comes up (which is handled by the host webserver) instead of the one for the sarah.kitamuracomputers.net VM.

Riku herself is our main webserver for the domain, running Apache, PHP, MySQL and TomCat. She also handles subdomains via Virtual Hosts in Apache. This is where I think the problem lies. It's either a port issue (port 80 on both?) or either Active Directory or Apache VirtualHost isn't redirecting the requests properly. Apache on the host and the Apache on the VM seem to be conflicting somewhere, and I can't figure out where. All the guides on StackOverflow et-al assume the host doesn't have a server on it, which ours does.

 

The reason I ask all this is because we want to start a cloud service using OwnCloud, and a tutorial video system using ClipBucket for customer/staff use, but only Linux is supported as OS for both, so I will need to virtualize it as we don't want another machine running just to run this when our beasty leading electrical lady has all that power.

 

Am I getting the traffic direction right? Router -> Riku (Server) -> Active Directory/Apache -> VM?

 

From what I can see through research I need to set up RewriteRules because the host and guest are webservers? Our router has all the appropriate forwarding done. You're probably thinking I'm biting off too much, but I love a challenge, :) even an impossible one!

Link to comment
https://www.neowin.net/forum/topic/1351196-access-vm-webserver-over-internet/
Share on other sites

You want to run a business running on workstation and virtualbox?  Those are type 1 hypervisors... Move to something a bit more stable and less resource hungry.. Esxi is still FREE.. Or if your windows show why not run hyper-v?  Or Xen even.. 

 

How many public IPs do you have to host this cloud service?  You can for sure point different fqdn to different boxes behind your public IP... But you would have to use a reverse proxy to do it..

 

What sort of bandwidth do you have to host a cloud business?

 

 

 

  On 18/12/2017 at 20:50, BudMan said:

You want to run a business running on workstation and virtualbox?  Those are type 1 hypervisors... Move to something a bit more stable and less resource hungry.. Esxi is still FREE.. Or if your windows show why not run hyper-v?  Or Xen even.. 

 

How many public IPs do you have to host this cloud service?  You can for sure point different fqdn to different boxes behind your public IP... But you would have to use a reverse proxy to do it..

 

What sort of bandwidth do you have to host a cloud business?

 

 

 

Expand  

It's not going to be a fully blown cloud business like OneDrive, just some free space for customers to store backups and personal stuff. We were going to use it as a promotional USP say "Have a repair with us and get 500GB free cloud space!" It also makes it easier for staff out on repair jobs to backup systems if they wash & wipe, we've had occurrences of external HDD & USB drives failing out on jobs, this is a failsafe.

 

As to bandwidth I'm not sure, but I know we can have it extended if need be. We have 1 static public IP. Reverse proxy, sounds familiar. How would I go about it in a VirtualHost?

This topic is now closed to further replies.
  • Posts

    • Certificates for one of Windows 11's hardware requirements expire soon, here is what to know by Taras Buria Secure Boot is a known term for Windows 11 users. It is one of Windows 11's hardware requirements, and without it, the operating system cannot be installed, at least officially. Secure Boot was introduced in 2012 with the release of Windows 8, and its certificates, first issued in 2011, are set to expire soon. Now, Microsoft has posted a blog post about the importance of this event and why organizations and users must ensure their Secure Boot certificates are up to date. In a nutshell, Secure Boot is a special mechanism that ensures that your PC is using verified firmware and a trusted bootloader. Certificates released in 2011 will expire in June 2026, and if left outdated, will disrupt the integrity of the device startup process. Without new certificates, Windows Boot Manager and Secure Boot components can't receive security fixes, leaving affected devices exposed to bootkit malware (such as BlackLotus), which is very hard to detect with standard antivirus software. Other results of having expired Secure Boot certificates include the inability to trust software signed with new certificates. PCs that could be affected by expired certificates include physical and virtual machines (VMs) with supported versions of Windows 10, Windows 11, Windows Server 2025, Windows Server 2022, Windows Server 2019, Windows Server 2016, Windows Server 2012, Windows Server 2012 R2. Copilot+ PCs released in 2025 are not affected. To avoid these potentially disastrous consequences, Microsoft urges organizations and users to update their entire PC fleet to newer certificates, which were released in 2023: Expiration Date Expiration Certificate Updated Certificate What it does Storing Location June 2026 Microsoft Corporation KEK CA 2011 Microsoft Corporation KEK 2K CA 2023 Signs updates to DB and DBX Key Enrollment Key (KEK) Microsoft Corporation UEFI CA 2011 (or third-party UEFI CA)* Microsoft Corporation UEFI CA 2023 Microsoft Option ROM UEFI CA 2023 Signs third-party OS and hardware driver components Signs third-party option ROMs Allowed Signature database (DB) October 2026 Microsoft Windows Production PCA 2011 Windows UEFI CA 2023 Signs the Windows bootloader and boot components So, what do you need to do? Microsoft says that the easiest solution is to let Microsoft manage your Windows updates. In the upcoming months, Microsoft will release new certificates as part of monthly cumulative updates, so it will take care of everything for you. The company also recommends enrolling Windows 10 devices in the Extended Security Updates program, which is free for regular consumers and paid for enterprises. Microsoft will also provide the necessary certificates for Linux systems that dual-boot Windows. Of course, not every Windows PC can receive such updates. For example, so-called "air-gapped" devices, which are physically isolated from the internet and local networks, cannot receive updates like your home PC does. For such devices, Microsoft offers limited support, which is detailed in the blog post. You can also track Windows Secure Boot certificate updates on a newly published support document. You can check if your system has Secure Boot enabled by pressing Win + R, typing msinfo32, and checking "Secure Boot State."
    • Silly decision. Trying to pull Apple to łook/sound cool but it ain't. XPS was just fine.
  • Recent Achievements

    • One Month Later
      jfam earned a badge
      One Month Later
    • First Post
      TheRingmaster earned a badge
      First Post
    • Conversation Starter
      Kavin25 earned a badge
      Conversation Starter
    • One Month Later
      Leonard grant earned a badge
      One Month Later
    • Week One Done
      pcdoctorsnet earned a badge
      Week One Done
  • Popular Contributors

    1. 1
      +primortal
      543
    2. 2
      ATLien_0
      200
    3. 3
      +FloatingFatMan
      176
    4. 4
      Michael Scrip
      145
    5. 5
      snowy owl
      113
  • Tell a friend

    Love Neowin? Tell a friend!