Short answer: No, you can't use IIS reverse proxy (as configured) to access MongoDB—here's why, and how to fix it:

Core Problem: IIS Proxy is Built for HTTP, Not MongoDB's Binary Protocol #

MongoDB communicates using a custom TCP binary protocol, not HTTP/HTTPS. Your IIS reverse proxy relies on the URL Rewrite module, which is designed exclusively to parse and modify HTTP traffic. When your MongoDB client sends binary requests to the IIS proxy, IIS treats that data as invalid HTTP, mangles it (adding headers, reformatting, etc.), and forwards a corrupted version to MongoDB. This causes the exact errors you're seeing:

1. The msgLen Protocol Error #

NETWORK [js] recv(): message msgLen 1347703880 is invalid. Min 16 Max: 48000000

This happens because MongoDB receives HTTP-modified data instead of its expected binary protocol packets. The server can't parse the mangled message length, so it throws this error.

2. The Browser HTTP Warning #

It looks like you are trying to access MongoDB over HTTP on the native driver port

Your browser sends an HTTP request, but MongoDB's 27017 port only listens for its binary protocol. IIS just forwards the HTTP request straight to MongoDB, which doesn't understand it—hence the warning.

Your current IIS configuration is designed for HTTP URL rewriting, not raw TCP traffic:

<?xml version="1.0" encoding="UTF-8"?>
<configuration>
 <system.webServer>
  <rewrite>
   <rules>
    <rule name="ReverseProxyInboundRule1" stopProcessing="true">
     <match url="(.*)" />
     <action type="Rewrite" url="{C1}://mongoserver:27017/{R:1}" />
    </rule>
   </rules>
  </rewrite>
 </system.webServer>
</configuration>

You need a tool that forwards raw TCP traffic without modifying it. Here are your best options:

Option 1: Use a TCP-Ready Reverse Proxy #

Tools like Nginx (with the stream module) or HAProxy are built to handle non-HTTP protocols. They pass MongoDB's binary requests directly to the server unaltered.

A basic Nginx stream configuration for MongoDB looks like this:

stream {
    server {
        listen <PORT_YOUR_CLIENTS_WILL_USE>;
        proxy_pass mongoserver:27017;
    }
}

Option 2: Windows Built-In Port Forwarding #

If you want to stick with Windows tools, use netsh portproxy to create a raw TCP forwarder. This routes traffic from your IIS server's port to MongoDB's 27017 port without HTTP interference.

Run this in an elevated Command Prompt:

netsh interface portproxy add v4tov4 listenaddress=<YOUR_IIS_SERVER_IP> listenport=<CLIENT_ACCESS_PORT> connectaddress=<MONGOSERVER_IP> connectport=27017

Verify the rule exists with:

netsh interface portproxy show v4tov4

Option 3: Add TLS Encryption (If Required) #

If you need to secure the connection:

• Enable TLS directly on MongoDB (configure net.ssl in mongod.conf) and have clients connect with the --ssl flag.
• Use a TCP proxy like Nginx to handle TLS termination (encrypt traffic between clients and proxy, then send unencrypted or encrypted traffic to MongoDB).

内容的提问来源于stack exchange，提问作者Santhosh