How to Remotely access the iLO4 of Home HP MicroServer Gen8 behind a corporation firewall

Written by

Leic

in

, ,

By ssh local port forward, we can access the iLO4 and Remote console of Home from the corporation network which protected by firewall,  with only 80 and 433 ports opened via proxy.

 

HOME

HP Proliant MicroServer Gen8
iLO4 Advance License installed
iLO4  IP=HOME_ILO4_IP               ( Local IP of iLO4 port,   172.24.0.xxx )

WAN Router
WNR2000 V3
DD-WRT build 24160,
Remote ssh login enabled
WAN IP=HOME_WAN_IP              ( 220.234.xxx.xxx, public IP )

 

OFFICE

Network:

Only out going 89/443 allowed via HTTP Proxy:
OFFICE_PROXY_IP : OFFICE_PROXY_PORT

Linux workstation:
Ubuntu 10.10
Open JDK v7.0      Installed
CorkScrew             Installed

 

Windows workstation:

Windows 7
putty 0.63   Installed

How to Accesss ILO4 and Remote Console

by using SSH local port forward,  From Office Workstation to Home SSH Server (Router),  we can assess iLO4 and Remote Console in Office.

 

Linux:

#!/bin/sh

# Http proxy of Corp
HTTP_PROXY_HOST=OFFICE_PROXY_IP
HTTP_PROXY_PORT=OFFICE_PROXY_PROXY

#  Home ssh server
SSH_HOST=HOME_WAN_IP
SSH_PORT=443
SSH_USER=xxxx

#  Home ILO4 Host
REMOTE_ILO_HOST=HOME_ILO4_IP
REMOTE_ILO_PORT=”22 23 17990 80 443 17988 161 162 623″

# Office Workstation  ILO4 IP
BIND_ILO_HOST=127.0.0.1
#BIND_ILO_HOST=192.168.127.8

#Generate proxy config file

ILO_SSH_PROXY_CONFIG=/tmp/ilo_ssh_config

echo “Host ${DDWRT_SSH_HOST}” > ${ILO_SSH_PROXY_CONFIG}
echo “ProxyCommand corkscrew ${HTTP_PROXY_HOST} ${HTTP_PROXY_PORT} %h %p” >> ${ILO_SSH_PROXY_CONFIG}
echo “port ${DDWRT_SSH_PORT}” >> ${ILO_SSH_PROXY_CONFIG}

echo “Host ${LINUX_SSH_HOST}” >> ${ILO_SSH_PROXY_CONFIG}
echo “ProxyCommand corkscrew ${HTTP_PROXY_HOST} ${HTTP_PROXY_PORT} %h %p” >> ${ILO_SSH_PROXY_CONFIG}
echo “port ${LINUX_SSH_PORT}” >> ${ILO_SSH_PROXY_CONFIG}

ILO_OPT_LIST=””
for p in ${REMOTE_ILO_PORT}; do
ILO_OPT_LIST=”${ILO_OPT_LIST} -L ${BIND_ILO_HOST}:${p}:${REMOTE_ILO_HOST}:${p}”
done

# Stop local services already bind to the local ILO4 Ports
sudo /etc/init.d/ssh stop
sudo /etc/init.d/lighttpd stop

# Setup SSH local forward link from Office to Home
echo “sudo ssh -N -f -F ${ILO_SSH_PROXY_CONFIG} ${ILO_OPT_LIST} ${SSH_USER}@${SSH_HOST}”
sudo ssh -N -f -F ${ILO_SSH_PROXY_CONFIG} ${ILO_OPT_LIST} ${SSH_USER}@${SSH_HOST}

SSH_PID=`pgrep -f “${ILO_OPT_LIST}”`

# Access the iLO4 via firefox browser
firefox https://${BIND_ILO_HOST}/

# Launch the Java remote console from iLO4

# cleanup,  stop the ssh local forward
sudo kill -9 ${SSH_PID}

 

Windows 7:

Config putty iLO4 session as following:

Config  Connection/Proxy/HTTP proxy

Config  Connection/SSH/Tunnels,  by add follow local port forwarding:

(BIND_ILO_HOST -> HOME_ILO4_IP)

22 23 17990 80 443 17988 161 162 623

Launch firefox,  and   goto https:// BIND_ILO_HOST  => iLO4 Panel Access

Launch  remote console/ .iNET.IRC from iLO4 panel

 

 Note:

Note:

If the PC support Intel AMT technology, you may meet the error 10013 when try to forward 623 port,
because the port 623 have been taken by the LMS.exe service:

Solution: Disable the LMS service

Launch the terminal with admin permission, and run:

sc stop “UNS”
sc stop “LMS”
Or disable it forever:

sc config “UNS” start= disabled
sc config “LMS” start= disabled

 

*********************************************

iLO 2 Advanced License Keys:
35DPH-SVSXJ-HGBJN-C7N5R-2SS4W
35SCR-RYLML-CBK7N-TD3B9-GGBW2