Server Management - Systems Insight Manager
1834247 Members
2460 Online
110066 Solutions
New Discussion

Re: SMH access while using the FIPS local security option enabled

 
Greg Comer
New Member

SMH access while using the FIPS local security option enabled

We seen an article that Keith had yesterday on the home page access through I.E. while the fips security option was enabled. We're trying to do the same thing for the U.S. Navy using there DISA-Gold security lockdown loaded on a Proliant 570 and 530 MT and TM Servers. When we load the DISA-Gold on these systems that's one of the features it goes out and turns on automatically we finally figured out this week. We're going into I.E. and checking TLS 1.0 on, by itself and with SSL 2.0 and 3.0 as well, we still haven't been able to access the SMH. Is there anything else that goes along with this to be able to access the home page? Right now the SMH is the only thing we can not access over the web all other HTTPS connections seem to work O.K. Any ideas would be greatly appreciated.
2 REPLIES 2
Rich Purvis
Honored Contributor

Re: SMH access while using the FIPS local security option enabled

I don't know what that software does - does it lock down the ports at all? You might try seeing if port 2301 and 2381 or open and listening - there are various network utilities that can tell you that. Those are the ports SMH uses. If you are browsing to 2301 you should be using HTTP and if you are browsing to 2381 you should be using HTTPS. Something like this:
http://127.0.0.1:2301
or
https://127.0.0.1:2381

If you browse to 2301 you will get pushed to 2381 and https.

-Rich
Why does my tivo keep recording Nickelodeon?
Greg Comer
New Member

Re: SMH access while using the FIPS local security option enabled

We don't think the lockdown software DISA-Gold is blocking port 2381. We can go in and disable the fips compliant option in local security policy and we can bring up the SMH on both systems. We can also go to another ML-570 just running win 2003 with no lockdown software and enable the fips and check the I.E. TLS 1.0 and it cuts us off from the SMH on the basic load system as well. We're runing Win 2003 Enterprise edition server. We were wondering if there is something we're mising 2003 wise or maybe some addon to I.E. I.E. version is 6.0.3790.1830 128bit encryption, with service pack 1 update to I.E.