5 Replies Latest reply: Dec 22, 2014 7:33 AM by nbanba RSS

    Intel R1304BTL BMC access via portforwarding and NAT

    klausagnoletti

      Hello,

       

      I have a Intel R1304BTL server in my datacenter, and I need to access the BMC over internet, and I would like to do so by using port forwarding to the private ip number of the RMM module on the server.

       

      I have no problem getting access to the main webinterface of the BMC on port 443, but when I try to launch a remote console, I get presented to the jviewer.jnlp file and run that using java. And after that not much else happens.

       

      I read in the manual that the ports 7578, 5120 and 5123 are also used, so, assuming they run over TCP (the manual doesn't say), I have forwarded TCP traffic to those ports using ordinary portforwarding.

       

      I don't really know what else to do, except setting up an IPSec tunnel, but that seems to be a little difficult too. Also if the BMC runs SSH I could try setting a few SSH tunnels up, but it is a bit unclear to me if it does so. Does it?

       

      Anyone have ony suggestions on how to accomplish remote KVM access for me?

       

      Thanks,

       

      /klaus

        • 2. Re: Intel R1304BTL BMC access via portforwarding and NAT
          klausagnoletti

          Hi Dan,

           

          Thanks for your reply.

           

          I am not sure what the reply means, though. Does it mean that some versions of java on the client works and some doesn't? I have tried with the same client firectly and using portforwarding, where the direct connection is the only one working. So that doesn't really help me.

           

          Also, I am not using a proxy, so that part doesn't help me either.

           

          The setup I have is similar, so whatever works for GCC would probably work for me too.

           

          Can you help me?

           

          /klaus

          • 3. Re: Intel R1304BTL BMC access via portforwarding and NAT
            Dan_O

            I think Edward wanted to know what version of Java was running.

             

            There are a couple ways I can think of to approach this.  You'd have to do it in a test environment first, of course:

            1)  Forward all ports to the RMM4.  Make sure that works first.  If it does, you're on the right track.

            2)  Packet-sniff the outbound packets on your client.  You should be able to tell if there's any UDP also going out, that needs to be forwarded.

             

            I know the RMM4 TPS claims they're all TCP, but it would be nice to be sure.

             

            The TPS for the RMM4 also mentions that SSH is supported (see page 12(22 of 26) at http://www.intel.com/support/motherboards/server/sb/CS-032452.htm)

            • 4. Re: Intel R1304BTL BMC access via portforwarding and NAT
              klausagnoletti

              Hi Dan,

               

              Surely very helpful suggestions you have. I will try it out tonight

               

              Thanks,

               

              /klaus

              • 5. Re: Intel R1304BTL BMC access via portforwarding and NAT
                nbanba

                normally nat port 7578 is enough.

                 

                Edit the jviewer.jnlp file :

                 

                -----------------------------------------EDIT----------------------------------------------

                <?xml version="1.0" encoding="UTF-8"?>

                 

                <jnlp spec="1.0+" codebase="https://home.soartist.net:44443/Java" >

                     <information>

                        <title>JViewer</title>

                        <vendor>American Megatrends, Inc.</vendor>

                        <description kind="one-line">JViewer Console Redirection Application</description>

                        <description kind="tooltip">JViewer Console Redirection Application</description>

                        <description kind="short">

                            JViewer enables a user to view the video display of managed server via KVM. 

                            It also enables the user to redirect his local keyboard, mouse for managing the server remotely.

                        </description>

                    </information>

                    <security>

                        <all-permissions/>

                    </security>

                    <resources>

                        <j2se version="1.5+"/>

                        <jar href="release/JViewer.jar"/>

                    </resources>

                    <resources os="Windows" arch="amd64">

                       <j2se version="1.5+"/>

                       <nativelib href="release/Win64.jar"/>

                    </resources>

                    <resources os="Windows" arch="x86">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Win32.jar"/>

                    </resources>   

                    <resources os="Linux" arch="x86">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Linux_x86_32.jar"/>

                    </resources>

                    <resources os="Linux" arch="i386">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Linux_x86_32.jar"/>

                    </resources>

                    <resources os="Linux" arch="x86_64">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Linux_x86_64.jar"/>

                    </resources>

                    <resources os="Linux" arch="amd64">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Linux_x86_64.jar"/>

                    </resources>

                    <resources os="Mac OS X" arch="i386">

                        <j2se version="1.5+"/>

                        <nativelib href="release/Mac32.jar"/>

                    </resources>

                    <application-desc>

                        <argument>home.soartist.net</argument>

                        <argument>7578</argument>

                        <argument>lGZcB0cCS7Gsc <argument>mjvnweLQkMlN79SO6EuXCoA110</argument>

                </argument>

                    </application-desc>

                </jnlp>

                 

                -----------------------------------------/EDIT----------------------------------------------

                 

                Look at part <application-desc> starting at line 49 :

                 

                <application-desc>

                        <argument>home.soartist.net</argument>

                        <argument>7578</argument>

                        <argument>lGZcB0cCS7Gsc <argument>mjvnweLQkMlN79SO6EuXCoA110</argument>

                </argument>

                    </application-desc>

                 

                and see the port (7578) to nat written in the line just after the URL.

                After testing nat port 7578 on my router, the console work fine through the firewall

                 

                 

                Hope it can help you.

                nbanba