I have the need to receive requests for intranet.domain.com and webmail.domain.com on the same IIS webserver.
This webserver has two internal IP addresses which host each of these two subdomains.
Is anyone able to suggest how I might go about using the Cisco ASA 5505 I have implemented to redirect queries for each URL through to the corresponding private internal IP hosted on the web server?
Both websites are hosted on port 443 using the same digital (wildcard) certificate.
I am able to do this using host headers and updating the SecureBindings attribute in the metabase but this has killed off ActiveSync's ability to push emails.
You can't have two different secure (https) websites hosted on the same IP address.
I see you have addressed this on the webserver by having two internal IPs. However the traffic passing through the firewall will be encrypted, so the ASA can't read the host header, so can't redirect to the correct internal IP.
The simplest solution is to have two external IPs, each NATed to an internal IP on the webserver.
First of all - this is not something a Cisco ASA or NAT can solve for you.
I can see 3 potential solutions:
EDIT: I wasn't aware of the SNI restrictions. I can't see any other solution than getting a second external IP
ASA is not the answer for certain.
OK so the answer is that it can be done but no host headers on the default website. As it is the default website the traffic still flows there but headers on the other sites allow hosting them on the same IP. Host headers on default website breaks Exchange Active Sync.