Using a Dell DRAC virtual console through a NAT firewall

iptables nat port-forwarding drac
6,245

The trick is not to change the port in iptables' NAT configuration, but to change it on the DRAC. Changing the DRAC port to 8019 and changing the iptables rule to:

--append PREROUTING --in-interface eth1 --protocol tcp --destination xxx.xxx.xxx.xx --destination-port 8019 --jump DNAT --to-destination 172.16.96.91:8019

gets things going a little further before failure. Adding:

--append PREROUTING --in-interface eth1 --protocol tcp --destination xxx.xxx.xxx.xx --destination-port 5900 --jump DNAT --to-destination 172.16.96.91:5900

gets the console and remote media functionality working 100%. As the DRAC also offers the functionality to change port 5900, I'd imagine it'd be safe to move this to a different port.

Share:
6,245

Related videos on Youtube

jetboy
Author by

jetboy

Updated on September 18, 2022

Comments

  • jetboy
    jetboy over 1 year

    I have two Dell Poweredge R210 servers, both running Ubuntu 10 Server x64.

    Server A has a Dell iDRAC6 Enterprise ILO card (on 172.16.96.91), and both the server and the DRAC use Server B as a gateway (with server B's WAN IP being xxx.xxx.xxx.xx). Server B uses the following NAT rules in IPTables to route traffic through to Server A's DRAC:

    *NAT

--append PREROUTING --in-interface eth1 --protocol tcp --destination xxx.xxx.xxx.xx --destination-port 8019 --jump DNAT --to-destination 172.16.96.91:443

--append POSTROUTING --out-interface eth1 --jump SNAT --to-source xxx.xxx.xxx.xx

    This works fine for accessing Server A's iDRAC via Server B, apart from the Java virtual console. This fails with the following error:

    com.sun.deploy.net.FailedDownloadException: Unable to load resource: https://xxx.xxx.xxx.xx:443/software/avctKVM.jar
at com.sun.deploy.net.DownloadEngine.actionDownload(Unknown Source)

etc.

    I know that the Java console uses port 5900, and possibly ports 83 and 5891.

    Can anyone help me in getting this working?

    • mbrownnyc
      mbrownnyc over 12 years
    • Nils
      Nils over 12 years
      Which kind of DRAC is this? DRAC5? iDRAC6 (Enterprise)? They behave quite different when it comes down to the java console.
    • jetboy
      jetboy over 12 years
      iDRAC6 Enterprise. I've amended the original question to reflect this.

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Windows 10 - NAT - Port forwarding & IP masquerade
Destination NAT Onto the Same Network from internal clients
iptables forward rule not working in openwrt
Forward traffic to local LAN IP while keeping the originator IP
My iptable rules do not allow VPN connections
Port forwarding with OpenVPN
How to set mark on packet when forwarding it in nat prerouting table?
iptables: Port forwarding with masquerading is not working
Basic iptables NAT port forwarding
Port forwarding with DNAT not working