• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 5269
  • Last Modified:

Dell DRAC 4 behind a firewall - Unable to connect to vKVM, press OK to exit.

I have a Dell PowerEdge 2800 with the DRAC 4/I Remote Access Controller. Everything works fine from the LAN, including the console.
However, no matter what ports I've tried forwarding so far, I cannot get console to work from outside the router. When I try to open a console it gives the following error: Unable to connect to vKVM, press OK to exit.

So far I have tried forwarding ports 80, 443, 3668, 5869, 5900, 5901, 5902...

Dell fails to answer this same question at:
http://forums.us.dell.com/supportforums/board/message?board.id=pes_oms&message.id=5647&query.id=326927#M5647

How about it experts? 500 big points to the first correct answer!
0
Gargantubrain
Asked:
Gargantubrain
  • 5
  • 3
1 Solution
 
Netman66Commented:
Try creating a VPN tunnel to the firewall as an endpoint - after you establish your tunnel, attempt to attach to your DRAC.

Advise.
0
 
GargantubrainAuthor Commented:
Because I do not have a firewall or router that supports VPN, I need to know what specific ports need to be forwarded for the DRAC 4 to work with a remote console.

Thanks
0
 
Netman66Commented:
I have a contact at Dell - let me see what he has to say.

0
Independent Software Vendors: We Want Your Opinion

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
Netman66Commented:
I have started a dialogue with my contact.

Just to be sure we have the basics covered and I can tell him so with certainty, let's go over a few things.

1)  This server is in a site and you are attempting to access it through the router/firewall from the Internet? or another site?

2)  If another site - how are the sites connected?  point-to-point frame? or through a public cloud?

3)  Since we are going through the router/firewall we'll need some access lists created or else everyone will get in.  Have you created any?  What are you running for a firewall?

4)  Ports 80 and 443 should be all you need to address for this to work - the key is making sure that your ACLs are correct and your forwarding is setup right.  At the risk of disclosing too much publicly, can you give a overview of what you have done so far as detailed as you dare?  

Once I have an idea of your setup, it will make it much easier to hash out with my contact since I will be prepared for whatever he asks me.

If it's simply a matter of fixing the access setup, then that should be easy to deal with.

Advise.
0
 
Netman66Commented:
Here is a link provide from Dell - I suspect you have this already, but I'm just relaying what is coming in from him.

http://support.dell.com/support/edocs/software/smdrac3/drac4/index.htm


You need port 5900 outbound also.

As well, you need Sun's JVM version 1.4.2 or later installed on the PC you are using to access the DRAC.  Clear and disable java caching from the control panel applet.

Advise.
0
 
GargantubrainAuthor Commented:
As I originally noted, I have already tried forwarding the following ports: 80, 443, 3668, 5869, 5900, 5901, 5902

The Dell is in our company LAN, with private IP's and a typical NAT configuration on a Cisco router. The DRAC web pages and console work perfectly from other computers on the LAN (in the same subnet). I already have the Sun JVM installed and configured as directed.

From the Internet, the DRAC web page works after forwarding https 443, but the CONSOLE is what is not working. I am testing it from my home, which is also a LAN with NAT and firewall/router.

All I am asking is what ports need to be opened (perhaps some port(s) need to also be opened on my home router) in order for Console to work. That's it. If there is a technical reason that it won't work through NAT (ipsec headers not compatible with being NAT-ed) then I can understand that. This forum isn't the place to vent but you would think that Dell would document this better for an enterprise-class server and even the DRAC card itself not a cheap add-on at $395...

I suspect I will need to implement a VPN server but so far this is the only application I've tried to implement that absolutely requires it.
0
 
Netman66Commented:
I would think that NAT might be causing this to some degree - however, the part you added about a home router stands out a little.

Have you tried opening port 5900 on your home router to the IP of your corporate router both directions?

...and yes, I agree that Dell should have some way to document the requirements better.

0
 
normkokesCommented:
You can remotely reset the Drac if you telnet or Secure console into the drac and run this command
racadm serveraction racreset

0
 
GargantubrainAuthor Commented:
In the future you should consider NOT reviving discussions that are over 5.5 years old.

In addition, the original question had nothing to do with what commands are needed to reset the DRAC. In fact, with the original question in mind, which is the inability to access the DRAC, your solution is useless since it requires having access to the DRAC.
0

Featured Post

Keep up with what's happening at Experts Exchange!

Sign up to receive Decoded, a new monthly digest with product updates, feature release info, continuing education opportunities, and more.

  • 5
  • 3
Tackle projects and never again get stuck behind a technical roadblock.
Join Now