- Community Home
- >
- Servers and Operating Systems
- >
- HPE ProLiant
- >
- ProLiant Servers (ML,DL,SL)
- >
- Lights-out 100 Advanced
Categories
Company
Local Language
Forums
Discussions
Forums
- Data Protection and Retention
- Entry Storage Systems
- Legacy
- Midrange and Enterprise Storage
- Storage Networking
- HPE Nimble Storage
Discussions
Discussions
Discussions
Forums
Discussions
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
- BladeSystem Infrastructure and Application Solutions
- Appliance Servers
- Alpha Servers
- BackOffice Products
- Internet Products
- HPE 9000 and HPE e3000 Servers
- Networking
- Netservers
- Secure OS Software for Linux
- Server Management (Insight Manager 7)
- Windows Server 2003
- Operating System - Tru64 Unix
- ProLiant Deployment and Provisioning
- Linux-Based Community / Regional
- Microsoft System Center Integration
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Discussion Boards
Community
Resources
Forums
Blogs
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Printer Friendly Page
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2012 09:09 AM
04-11-2012 09:09 AM
Lights-out 100 Advanced
Im after some help with setting this up. Also any advice would be helpful
I have a SBS 2008 running on an ML110 G6, certificate is setup and port 443 (https) (on router) directing to the sbs OS (192.168.5.100) on the server.
The lights-out has a fixed IP address (192.168.5.99). How can I access the Lights Out from the outside using https?
Thank you
- Tags:
- iLO
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-11-2012 10:18 PM
04-11-2012 10:18 PM
Re: Lights-out 100 Advanced
It is not recommended that you publish the lights-out to somewhere on the internet where it can be directly accessed.
If I were you I'd set up a vpn on another server and then allow you to connect to the lights-out only via that vpn-server.
You could change the port on the lights-out or change the port on your SBS 2008.
Or, in a lot of NAT routers you can forward for example port 12345 to port 443 on a machine behind the NAT. So then lights-out would still actually listen on port 443 but you would connect to it via port 12345 to the public IP.
But really, I'd be careful with putting lights-out on the internets.
- Tags:
- vpn
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 01:31 AM
04-12-2012 01:31 AM
Re: Lights-out 100 Advanced
Thats a very usefull answer. Thank you. Previously Id been using the VPN server on the router to connect to lights-out but that becamet faulty so I was looking for alternatives.
Ive allready changed the default usernames and have solid passwords on the lights-out but Im assuming from your response that there are still vulnerabilities in the product?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
04-12-2012 01:58 AM
04-12-2012 01:58 AM
Re: Lights-out 100 Advanced
I wouldn't say that there are open vulnerabilities for the Lights-Out 100.
But there have been: http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02498412
I looked briefly in the user guide for the LO100i but couldn't find much more you could do in terms of hardening (except disable telnet, but if you're behind a NAT maybe it's not needed) and to use ssl/certificate.
Maybe there are more hardening things you can do on the router?
http://bizsupport1.austin.hp.com/bc/docs/support/SupportManual/c02752580/c02752580.pdf