BladeSystem - General
cancel
Showing results for 
Search instead for 
Did you mean: 

HP OA web interface via SSH tunnel

Gary.at.UBC
Occasional Contributor

HP OA web interface via SSH tunnel

Hi,

I have several mgmt devices on a 192.x.x.x network behind a firewall that I wish to access remotely. I'm looking to avoid the issues with a VPN and just wish to use a simple SSH tunnel.

I've tried tunneling the HP Onboard Administrator web interface with something like the following:

ssh -N -p 22 adminuser@firewall.ubc.ca -L 5000/192.1.0.10/443

after completing authentication, I can pull up the initial login page for OA by browsing to https://localhost:5000, however this does not provide the correct information about our c3000 chassis on the login page. Instead, it refers to "Enclosure 1" and is missing other info.

If I configured a one-to-one port-forwarding through the firewall to the c3000 and everything works fine.

What's the problem with running through the SSH tunnel? Any suggestions as to what's up?

Many thanks, Gary.
2 REPLIES
Gary.at.UBC
Occasional Contributor

Re: HP OA web interface via SSH tunnel

One piece of follow-up info. You may ask why I am tunneling https through ssh? The reason is at various points in the OA interface you can click over to http (unencrypted) mgmt interfaces of other devices like the GbE switch modules which are on the 192.x.x.x network and I need those to traverse the SSH tunnel as well (and I will include -L defs for them once the OA main interface is working).

Thanks, Gary.
James Abendroth
Occasional Visitor

Re: HP OA web interface via SSH tunnel

The OA GUI checks for 'localhost' when building the URL string for SOAP access. This check will be removed in an upcoming OA release.

As a workaround, you can add another entry to your hosts file for 127.0.0.1. For example:

127.0.0.1 james_local

Then you can access https://james_local:5000/. This worked for us with an SSH tunnel to the OA using PuTTY.

James