Solved

how can i use port forwarding and routing to allow access ILO from home

Posted on 2010-11-26
10
4,905 Views
Last Modified: 2012-06-27
Dear Sir
i have a hp proliant server instal with windows server 2008 that i configure to allow ILO access.
the ILO ip address :192.168.0.9
our server has 2 interface :
internal :192.168.0.1
external :192.168.100.5

our modem has the ip :192.168.100.1 in the lan interface
i want to enable the port forwarding to the ilo ip :192.168.0.9 to access the hp server from home.
i configure the port forwarding in the modem :
server: 192.168.0.9
protocol :tcp&udp
external port start : 80
external port end :80
internal port start :80
internal port end :80

and i configure a static route in the modem :
network :192.168.0.0
subnet : 255.255.255.0
gateway :192.168.100.5
interface : lan interface

from the home i enter the ip address of my modem,nothing happen , and check the logging using forefront tmg (installed in the hp server) but i can't find any packet come from my home ip ,

is there any thing can i configure in the forefront tmg to allow access the ilo ip , or there something in the routing and remote access role in the windows server 2008?

Regards
0
Comment
Question by:spring80
  • 4
  • 2
  • 2
  • +2
10 Comments
 
LVL 22

Expert Comment

by:Matt V
ID: 34218152
You should not need a route in the modem for the iLO IP as the modem is directly connected to that network.

Otherwise that forwarding configuration should work fine.
0
 
LVL 6

Expert Comment

by:ipajones
ID: 34218319
mattymotas:  surely you can't have a gateway address that's not on the same subnet ?
0
 
LVL 1

Accepted Solution

by:
chriswestscfc earned 167 total points
ID: 34218333
as mattvmotas said above, no need for static route, just port forwarding should do it. also check the firewall settings in case you need to open a port in there. you could also open and forward 3389 for remote desktop so you could tinker from home, or even better if the router has remote management then enable this and you can remoteley manage it through https:// using your internet ip
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 
LVL 22

Assisted Solution

by:Matt V
Matt V earned 166 total points
ID: 34218364
ipajones:  The modem has 2 IPs, 192.168.0.1 and 192.168.100.5.  It can already see the internal and external networks and does not require a static route.
0
 
LVL 5

Expert Comment

by:q2q
ID: 34218414
ILO uses https so you will need to also forward port 443, source and destination.
0
 

Author Comment

by:spring80
ID: 34218469
not work for me.
Should i enter a static route to 192.168.0.9 in the routing and remote access in th windows server 2008 role ??

i can access the ilo from internal network ,but from outside i can't
0
 
LVL 5

Assisted Solution

by:q2q
q2q earned 167 total points
ID: 34218514
Some routers are very specific and can only forward packets to devices on their local subnet in this case 192.168.100.x can you confirm the modem type so we can check it will work. If it wont work you would need to have the ilo on the same subnet and so give it a 192.168.0.x ip address.
0
 

Author Comment

by:spring80
ID: 34220831
i don't know why it is not working.
The remote desktop from home to work works like a charm.
but the ilo not working, i want ilo because sometime the server is down,i want to connect from home to turn on the server.

the modem is Sagem fast 2804STC.
the new ilo ip is :192.168.100.3
it has 2 ethernet port, i connect the first one to the ethernet port (external interface) in the server,and the second to the ilo port in the server , i can ping the ilo ip from the server.
So now the modem lan ip :192.168.100.1
ILO ip : 192.168.100.3
Server external ip : 192.168.100.5

i create a simple port forwarding in my modem :
server: 192.168.100.3
protocol :tcp&udp
external port start : 80
external port end :80
internal port start :80
internal port end :80

And
server: 192.168.100.3
protocol :tcp&udp
external port start : 443
external port end :443
internal port start :443
internal port end :443

But also doesn't work

The port forwarding rule to allow the remote desktop to the server is :
server :192.168.100.1
protocol : tcp
external port start : 3389
external port end : 3389
internal port start : 3389
external port end : 3389
And it is work.

Any suggestion for the ilo ??
0
 

Author Comment

by:spring80
ID: 34220882
it is working now when configure DMZ for the ilo ip address :192.168.100.3
Is there any problem to allow the DMZ for this ??
or it is better to use the port forwarding only without DMZ ??
0
 

Author Comment

by:spring80
ID: 34220911
It is working now without DMZ .

1- first when dmz enable , i access the ilo from home, and enter the access option and change the http port from 80 to 88

2- then i remove the DMZ option

3- i create a new forwarding port rule :
server: 192.168.100.3
protocol :tcp&udp
external port start : 80
external port end :80
internal port start :88
internal port end :88

And
server: 192.168.100.3
protocol :tcp&udp
external port start : 443
external port end :443
internal port start :443
internal port end :443

4- trying to connect from home, it is work :):)

thanks for your help
0

Featured Post

Does Powershell have you tied up in knots?

Managing Active Directory does not always have to be complicated.  If you are spending more time trying instead of doing, then it's time to look at something else. For nearly 20 years, AD admins around the world have used one tool for day-to-day AD management: Hyena. Discover why

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Creating an OSPF network that automatically (dynamically) reroutes network traffic over other connections to prevent network downtime.
Shadow IT is coming out of the shadows as more businesses are choosing cloud-based applications. It is now a multi-cloud world for most organizations. Simultaneously, most businesses have yet to consolidate with one cloud provider or define an offic…
This tutorial will walk an individual through locating and launching the BEUtility application to properly change the service account username and\or password in situation where it may be necessary or where the password has been inadvertently change…
This tutorial will walk an individual through the steps necessary to join and promote the first Windows Server 2012 domain controller into an Active Directory environment running on Windows Server 2008. Determine the location of the FSMO roles by lo…

810 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question