Pivotal Knowledge Base

Follow

HowTo - Access iDRAC/BMC Web interface of a DCA server through ESRS connection?

Environment

  • DCA v1
  • DCA v2
  • iDRAC Web Interface
  • BMC Web Interface
  • SSH Tunnelling
  • MobaXterm, Putty

Problem

Sometimes support engineers need to access iDRAC of a server, however, as the iDRAC interface has internal IP address it is not possible to access the Web interface directly from support engineers desktop.

Solution

Using SSH tunnelling, a support engineer can workaround the limitation and can access the iDRAC Web interface remotely. This is specially useful when remote admin command through *-sp interface is problematic. 

Please follow below steps to access the Web interface remotely through ESRS.

1. Establish ESRS connection to the customer box.

2. Using putty or other ssh client make sure you are able to login the box without a problem.

3. Setting up SSH tunnel for a specific server's iDRAC

Example 1: in case you are using MobaXterm

-- Open a new connection to 127.1.1.1 and login to the box using given credential

-- Open a new tab and run following command;

     ssh -L 443:172.28.0.x:443 -L 5900:172.28.0.x:5900 -l root 127.1.1.1 

      where

  • 172.28.0.x is the server's iDRAC IP
  • root is given userid for mdw/smdw login
  • 127.1.1.1 is the IP address given by ESRS

Example 2: in case you are using putty.exe

(for DCA v2, use port 7578  instead of 5900 for KVM redirection - see note below)

-- Open a new connection to 127.1.1.1 and login to the box using given credential.

-- Goto the main menu(click the small terminal icon on the upper left corner) -> Change Settings -> Connection -> SSH -> Tunnels

-- Source port: 443, Destination: 172.28.0.x:443, then click "Add"

-- Source port: 5900, Destination: 172.28.0.x:5900, then click "Add"

-- Click "Apply" button

   

4. Once the SSH tunnel is setup,  launch web browser from your desktop, Internet Explorer is recommended for virtual console access.

5. Put https://127.0.0.1 in the address bar.

6. Enter 'root' and 'calvin' for Username and Password and click 'Submit' .

Note:

-- You can do this in similar way while you are on a Webex session with the customer. Only thing changed would be the IP address you'll be using to connect to the mdw/smdw. 

-- For DCAv2 BMC Web interface access, use the port 7578 instead of 5900 and put https://127.0.0.1 to the Trusted sites from both Internet explorer & Java settings.

Reference

For DCA v2, refer to intel doc here 

Comments

  • Avatar
    Krzysztof Byszewski

    Don't even try to do it over ESRS, it might take an hour before you even see something, get a webex with the customer

Powered by Zendesk