Configure IIS Express for external access to VS2010 project
I spent hours on this issue as well, trying to browse from my Android Xoom to my win7 dev machine, so I could test a new asp.net web app I created. All I did was change IISExpress' applicationhost.config from using the PC HostName to the PC's current IP address, for my new site.
<binding protocol="http" bindingInformation="*:80:dev-Lee" />
to
<binding protocol="http" bindingInformation="*:80:192.168.1.102" />
Once I did this & re-started IISExpress... I was able to browse to my dev-Lee machine & see my app from my Xoom!
1 After editing applicationhost.config file (located in the IISExpress folder in your documents), your site bindings should look like below:
<bindings>
<binding protocol="http" bindingInformation="*:8080:*" />
</bindings>
Bindings consist of three parts. Firstly an IP address or list, or as in this case, a wildcard. Secondly the port number, and thirdly a hostname, or list, or wildcard (for filtering by Host
header). For development purposes, a wildcard is most suitable here as you will likely be using a unique port.
2 Because you are using non-localhost binding, additional permissions are required. You could run VS as administrator, or preferably you should add URL ACLs to grant the required permissions. In the example below permission is given to everyone, but you could use your own username.
Note: The urlacl
must exactly match the binding. So a urlacl
for http://*:8080
will allow a binding of *:8080:*
, but not a binding of *:8080:localhost
even though the latter is a subset of the former. this means if, instead of using a wildcard, you list host headers in applicationhost.config
, you must add a matching urlacl
for each.
The steps for configuring HTTP.sys for external traffic are similar to setting up a site to use a reserved port. On Windows 7 or Windows Vista, from an elevated command prompt, run the following command:
netsh http add urlacl url=http://*:8080/ user=DOMAIN\username
On Windows XP, run the following command from an elevated command prompt:
httpcfg set urlacl /u http://*:8080/ /a D:(A;;GX;;;WD)
Note 2 If running VS as administrator or adding ACL entries doesn't solve your problem, then run IIS Express from the command line and check if there are any binding registration failure messages. To start from the command line, give this command:
iisexpress.exe /site:"your-site-name"
3 Finally you will need appropriate firewall entries. For this it is easiest to use the "Windows Firewall with Advanced Security" console.
Under "Inbound Rules" choose "New Rule...".
- Rule Type is "Custom".
- Program is Services->Customize...->Apply to services only. (Although IIS Express is not a service, the HTTP multiplexer it uses is).
- Protocol is TCP
- Specific Ports: List all the ports for all of your IIS Express bindings. You can come back to this rule and add ports at any time. (If this becomes tiresome, you might add a range such as
40000-65534
which covers the entire range used by Visual Studio, but be aware this is less secure). - Action is "Allow the connection"
- Profile will be one of the following. If in doubt, choose "Domain + private".
- "Domain", If yours is a corporate desktop and will only be running on the local domain
- "Domain + Private" If yours is a private development machine in a non-corporate environment, or a corporate laptop which also needs to work when working from home.
- "Domain, Private and Public", if you need to do demonstrations on non-private networks.
- Name should be something like "IIS Express Dev Server"