How to Remotely access the iLO4 of Home HP MicroServer Gen8 behind a corporation firewall

By ssh local port forward, we can access the iLO4 and Remote console of Home from the corporation network which protected by firewall,  with only 80 and 433 ports opened via proxy.

 

HOME

HP Proliant MicroServer Gen8
iLO4 Advance License installed
iLO4  IP=HOME_ILO4_IP               ( Local IP of iLO4 port,   172.24.0.xxx )

WAN Router
WNR2000 V3
DD-WRT build 24160,
Remote ssh login enabled
WAN IP=HOME_WAN_IP              ( 220.234.xxx.xxx, public IP )

 

OFFICE

Network:

Only out going 89/443 allowed via HTTP Proxy:
OFFICE_PROXY_IP : OFFICE_PROXY_PORT

Linux workstation:
Ubuntu 10.10
Open JDK v7.0      Installed
CorkScrew             Installed

 

Windows workstation:

Windows 7
putty 0.63   Installed

How to Accesss ILO4 and Remote Console

by using SSH local port forward,  From Office Workstation to Home SSH Server (Router),  we can assess iLO4 and Remote Console in Office.

 

Linux:

#!/bin/sh

# Http proxy of Corp
HTTP_PROXY_HOST=OFFICE_PROXY_IP
HTTP_PROXY_PORT=OFFICE_PROXY_PROXY

#  Home ssh server
SSH_HOST=HOME_WAN_IP
SSH_PORT=443
SSH_USER=xxxx

#  Home ILO4 Host
REMOTE_ILO_HOST=HOME_ILO4_IP
REMOTE_ILO_PORT=”22 23 17990 80 443 17988 161 162 623″

# Office Workstation  ILO4 IP
BIND_ILO_HOST=127.0.0.1
#BIND_ILO_HOST=192.168.127.8

#Generate proxy config file

ILO_SSH_PROXY_CONFIG=/tmp/ilo_ssh_config

echo “Host ${DDWRT_SSH_HOST}” > ${ILO_SSH_PROXY_CONFIG}
echo “ProxyCommand corkscrew ${HTTP_PROXY_HOST} ${HTTP_PROXY_PORT} %h %p” >> ${ILO_SSH_PROXY_CONFIG}
echo “port ${DDWRT_SSH_PORT}” >> ${ILO_SSH_PROXY_CONFIG}

echo “Host ${LINUX_SSH_HOST}” >> ${ILO_SSH_PROXY_CONFIG}
echo “ProxyCommand corkscrew ${HTTP_PROXY_HOST} ${HTTP_PROXY_PORT} %h %p” >> ${ILO_SSH_PROXY_CONFIG}
echo “port ${LINUX_SSH_PORT}” >> ${ILO_SSH_PROXY_CONFIG}

ILO_OPT_LIST=””
for p in ${REMOTE_ILO_PORT}; do
ILO_OPT_LIST=”${ILO_OPT_LIST} -L ${BIND_ILO_HOST}:${p}:${REMOTE_ILO_HOST}:${p}”
done

# Stop local services already bind to the local ILO4 Ports
sudo /etc/init.d/ssh stop
sudo /etc/init.d/lighttpd stop

# Setup SSH local forward link from Office to Home
echo “sudo ssh -N -f -F ${ILO_SSH_PROXY_CONFIG} ${ILO_OPT_LIST} ${SSH_USER}@${SSH_HOST}”
sudo ssh -N -f -F ${ILO_SSH_PROXY_CONFIG} ${ILO_OPT_LIST} ${SSH_USER}@${SSH_HOST}

SSH_PID=`pgrep -f “${ILO_OPT_LIST}”`

# Access the iLO4 via firefox browser
firefox https://${BIND_ILO_HOST}/

# Launch the Java remote console from iLO4

# cleanup,  stop the ssh local forward
sudo kill -9 ${SSH_PID}

 

Windows 7:

Config putty iLO4 session as following:

Config  Connection/Proxy/HTTP proxy

Config  Connection/SSH/Tunnels,  by add follow local port forwarding:

(BIND_ILO_HOST -> HOME_ILO4_IP)

22 23 17990 80 443 17988 161 162 623

Launch firefox,  and   goto https:// BIND_ILO_HOST  => iLO4 Panel Access

Launch  remote console/ .iNET.IRC from iLO4 panel

 

 Note:

Note:

If the PC support Intel AMT technology, you may meet the error 10013 when try to forward 623 port,
because the port 623 have been taken by the LMS.exe service:

Solution: Disable the LMS service

Launch the terminal with admin permission, and run:

sc stop “UNS”
sc stop “LMS”
Or disable it forever:

sc config “UNS” start= disabled
sc config “LMS” start= disabled

 

*********************************************

iLO 2 Advanced License Keys:
35DPH-SVSXJ-HGBJN-C7N5R-2SS4W
35SCR-RYLML-CBK7N-TD3B9-GGBW2

 

Install windows7 onto iscsi target: Overview

Target:

Install windows7 from ISO file on Cifs server, onto to the iscsi target.

With the help of the following software:

   pxe/ipxe

   http

   cifs

   winpe

 

 

Test Environment:

Server:      Linux PC,  IP_Server=192.168.127.88

Including tftp/samba/iscsc server

Client:       Diskless Virtual Box on window7

Router:     DDWRT with IP_router=192.168.127.2

 

继续阅读

windows iscsicli

Action Command
Set startup type to automatic sc [server-name] config msiscsi start= auto
Add iSCSI Targets iscsicli.exe QAddTargetPortal [tartget-portal-address] [chap-username] [chap-password]
Get iSCSI Targets iscsicli.exe ListTargets
Login to Targets iscsicli.exe QLoginTarget [target-iqn]
Set up a persistent connection (reconnects after server reboot) iscsicli.exe PersistentLoginTarget [target-iqn] T * * * * * * * * * * * * * * * 0
List the persistent connections to target LUNs iscsicli.exe ListPersistentTargets
Check active connections iscsicli.exe ReportTargetMappings