Let's say you have two servers within a local area network, each of which is behind (on the LAN side or backend) of the same network router that has only one public static IP address configured on the WAN side (frontend) of that router. Furthermore, let's say the operating system on one of those servers is Ubuntu Server 22.04 LTS running Apache2 webserver and hosting various websites and apps, and the operating system on the other server is Microsoft Windows Server 2019 running IIS 10 web server installed, and hosting various websites. Both web servers are listening on TCP ports 80 and 443. Each are obviously bind to separate local network IP addresses (not routable on the internet), and the local network is, say, configured for 192.168.1.0/24.

Our Goal? We want to be able to host and publicly serve websites from both webservers from the single static public IP address configured on the WAN side of the router.

The problem is that the router can only port forward the standard Web TCP ports 80 (http) and 443 (https) to a single local IP address that is bind to one of the two webservers on the backend.

One Answer: Port forward TCP 80 and 443 to the Ubuntu/Apache webserver on, let's say, IP address 192.168.1.106. Configure Virtual Hosts on (and served from) the Apache webserver that will Proxy the IIS websites out through ports 80 and/or 443 through the router. The Router is configured to port forward all WAN side requests to port 80 and port 443 over to the Local IP address of the Ubunty/Apache Server, such as 192.168.1.106. Let's say the Windows IIS webserver is bind to local IP address 192.168.1.64. Then, one or more of the Apache Virtual Host Files (on IP 192.168.1.106) will be configured to Proxy websites from Windows IIS server (on 192.168.2.64).

First, on the IIS server, you will need to edit the bindings of the website to be proxied through the Apache server and out through the router to the internet. Open a remote desktop connection to (or log into) the Windows Server, and then access the IIS Administrative snap-in. Use your mouse to select the particular website for which we want to be proxied (through apache), and click on “Bindings” on the menu at the right side of the IIS interface. On the bindings property page you should see one or more existing host entries for your IIS-hosted website (which are probably already bind to TCP port *.80 on all local LAN IP addresses designated as “ALL-UNASSIGNED” meaning all local lan IP addresses on the windows server, including the localhost at 127.0.0.1 and the server's local IP 192.168.1.64).

yourhostname.yourdomain.com   IP: all-unassigned   port *.80   

Click ADD a new binding for the local network record with “*.lan” extension, such as below:

yourhostname.yourdomain.com   IP: all-unassigned   port *.80

yourhostname.yourdomain.lan   IP: all-unassigned      

Here is an example of the Apache Virtual Host File that contains the proxy entries:

<VirtualHost *:80>

        ServerName yourhostname.yourdomain.com
        # REM-OUT ServerAlias yourhostname.yourdomain.lan

        ServerAdmin hostmaster@yourdomain.com
        # REM-OUT DocumentRoot /var/www/html
        # REM insert the next 10 lines for the proxy/gateway configuration and rewrites:
        ProxyPreserveHost On
        ProxyPass "/" "http://yourhostname.yourdomain.lan/"
        ProxyPassReverse "/" "yourhostname.yourdomain.lan/"

        <IfModule mod_headers.c>
        RewriteEngine On
        SetEnvIf Host "^(.*)$" THE_HOST=$1
        RequestHeader set X-Forwarded-Proto "https"
        ProxyAddHeaders Off
        </IfModule>


        #REM Modify the name of the error and access log to make specific
        ErrorLog ${APACHE_LOG_DIR}/yourhostname-domain-error.log
        CustomLog ${APACHE_LOG_DIR}/yourhostname-domain-access.log combined


</VirtualHost>