Using and SSH tunnel and socks proxy with A dell DRAC (Dell remote access controller)

Posted by Dark Training on May 12, 2011 tags: | security | dell

I thought I would share how to do this because I did a quick sweep on google for "DRAC proxy" and "DRAC socks proxy" and came up with nothing.

So here is the scenario, you have a series of remote servers in some collocation facility somewhere but all the DRAC interfaces are not on a public LAN segment (This is a good thing by the way). You have a single machine that has both public and private facing interfaces that is listening on TCP 22 (SSH). You create an SSH tunnel with a dynamic port like 8080, adjust your browser to allow for the socks proxy connection and you can hit the DRAC login page but when you try to launch the remote console (remote viewer) it just fails.

Here is what the connection looks like:

So here is how we go about getting a connection step by step using putty and firefox as my examples but you can adjust as needed.

First lets setup putty. 1.) Start by entering the IP address of your SSH server
2.) Expand SSH from the side menu and select "Tunnels"

Configuring the tunnel. 1.)We are going to use the port 8080 as our source port
2.)We select dynamic from the radio button list
3.)Press the "Add" button
4.)After you press add you should see "D8080" in the forwarded ports box

Configuring firefox for the socks proxy. 1.)Go into the firefox options and choose the advanced option
2.)Select the network tab
3.) Click the settings button

Configuring the connection settings. To configure the settings in the http proxy and socks host use 127.0.0.1 with the port 8080

Configure Java for the proxy In the control pannel launch Java 1.)Select Network settings

Configure Java network settings
1.)Leave the address blank and port blank
2.)Click the advanced button

Java Advanced Settings
1.)In the socks field enter 127.0.0.1 and port 8080
Hit Ok, the Apply in the previous menu.

That should do it, now you can type the internal IP address of the host into firefox and you should now be able to see the DRAC login screen, and now you can also use the remote control function as well!

**Update I've seen an issue where after doing the steps above the Java app will not load. The trick to fixing it was that after you completed the steps above, when you try to launch the DRAC GUI it ask's about the Certificate, check the box for "Always Allow"