- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- Re: Accessing ILO4 Integrated Remote Console throu...
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2020 04:38 AM
06-09-2020 04:38 AM
Accessing ILO4 Integrated Remote Console through tunnel
Hello everyone,
I have a Proliant DL20 Gen9. From the local network I can access the .NET remote terminal without any issue (I don't know why I get an UnsatisfiedLinkError exception when I try to use java web start).
Now, I would like to access the remote console from outside the local network through an ssh tunnel. I have forwarded all the required ports: 17990, 17988, 443 and 80 but nothing happens when I try to launch the terminal, I am not even asked permission to run the application as I would be in the local network.
I have run some tests in the local network using network tools and it seems that the ILO4 website tries to download the .NET application from the internal IP address of the server as follows:
ServerILOIP: 192.168.1.103
AuxServer: 192.168.1.40
MyLaptop: 192.168.1.120
- I set up an ssh tunnel listening on ports 17990, 17988, 443 and 80 at AuxServer and forwarding them to the same ports at ServerILOIP.
- From MyLaptop I open Microsoft Edge and I open https://AuxServer. I can log in and browse the ILO4 website normally. If I launch the .NET remote console, it opens and works normally.
However, when I launch the application, a connection is open from MyLaptop to ServerILOIP, port 80, to download the application. The query is:
GET /html/IRC.application?addr=192.168.1.40&sessionKey=ffb2e05d06ea4fd73a718da31250e4f5&lang=en&port=443&alt_mode=0&cofc_goback=false
Note that I connected to AuxServer with the browser and the important ports, including 80, are forwarded to ServerILOIP. The application should (and can) be downloaded from AuxServer:80, but it tries to make the direct connection. It is like the local IP of the server is hardcoded somewhere in the code of the website.
This seems to be why I cannot use the remote console from the outside, because it still tries to connect to the local IP address, which is not directly accessible. Do you know any way to circunvent this problem?
Any suggestions will be much appreciated.
Regards,
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2020 06:14 AM
06-09-2020 06:14 AM
Re: Accessing ILO4 Integrated Remote Console through tunnel
Hi
This might be due to iLO secuirty setting.
Please follow the workaround mentioned in customer advisory and share the observation.
https://support.hpe.com/hpesc/public/docDisplay?docId=emr_na-c05237563
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-09-2020 06:20 AM
06-09-2020 06:20 AM
Re: Accessing ILO4 Integrated Remote Console through tunnel
Also if iLO is on a private IP you can check by doing NAT.
[Any personal opinions expressed are mine, and not official statements on behalf of Hewlett Packard Enterprise]
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-10-2020 02:10 AM
06-10-2020 02:10 AM
Re: Accessing ILO4 Integrated Remote Console through tunnel
Hello @AmRa,
Thanks for your reply.
The "Enforce AES/3DES Encryption" setting was already disabled. However, I discovered that there is a remote console standalone application:
https://support.hpe.com/hpsc/swd/public/detail?swItemId=MTX_4f842ceb31cf48d392e22705a8
which does work by simply redirecting ports 443 and 17990.
Regarding your suggestion to use NAT, like I said in my previous message, when launching the remote console directly from the ILO website, it tries to download the application by connecting directly to the address of the ILO NIC. Therefore, unless that address is directly accesible (which it cannot be from the outside, as it has a private address), I cannot see how it could work. It seems the private address of the server is hardcoded somewhere in the ILO website.
Regards