Home > Dell > System > Dell Drac 5 User Guide

Dell Drac 5 User Guide

Here you can view all the pages of manual Dell Drac 5 User Guide. The Dell manuals for System are available online for free. You can easily download all the documents as PDF.

Page 221

Configuring Security Features221
 NOTE: SSHv1 is not supported.
Configuring Services
 NOTE: To modify these settings, you must have Configure DRAC 5 permission. 
Additionally, the remote RACADM command-line utility can only be enabled if the 
user is logged in as root.
1Expand the System tree and click Remote Access. 
2Click the Configuration tab and then click Services.
3
Configure the following services as required:
• Local Configuration (Table 12-7)
• Web server (Table 12-8)
• SSH (Table 12-9)
Table...

Page 222

222Configuring Security Features
• Telnet (Table 12-10)
• Remote RACADM (Table 12-11)
• SNMP agent (Table 12-12)
• Automated System Recovery Agent (Table 12-13)
Use the 
Automated Systems Recovery Agent to enable the Last Crash 
Screen
 functionality of the DRAC 5.
 NOTE: Server Administrator must be installed with its Auto Recovery feature 
activated by setting the Action to either: Reboot System, Power Off System, 
orPower Cycle System, for the Last Crash Screen to function in the DRAC 5.
4Click Apply...

Page 223

Configuring Security Features223
TimeoutThe time in seconds that a connection is allowed to 
remain idle. The session is cancelled when the timeout is 
reached. Changes to the timeout setting do not affect the 
current session. When you change the timeout setting, 
you must log out and log in again to make the new setting 
effective. Timeout range is 60 to 1920 seconds.
HTTP Port NumberThe port used by the DRAC that listens for a server 
connection. The default setting is 80.
HTTPS Port NumberThe port...

Page 224

224Configuring Security Features
Active SessionsThe number of current sessions on the system, less than 
or equal to the Max Sessions. 
TimeoutThe Secure Shell idle timeout, in seconds. Range = 60 to 
1920 seconds. Enter 0 seconds to disable the Timeout 
feature. The default setting is 0.
Po r t  N u m b e rThe port used by the DRAC that listens for a server 
connection. The default setting is 23.
Table 12-11. Remote RACADM Settings
Setting Description
EnabledEnables or disables remote RACADM. Checked=...

Page 225

Configuring Security Features225
Enabling Additional DRAC 5 Security Options
To prevent unauthorized access to your remote system, the DRAC 5 provides 
the following features:
• IP address filtering (IPRange) — Defines a specific range of IP addresses 
that can access the DRAC 5. 
• IP address blocking — Limits the number of failed login attempts from a 
specific IP address
These features are disabled in the DRAC 5 default configuration. Use the 
following subcommand or the Web-based interface to enable...

Page 226

226Configuring Security Features
The login proceeds if the following expression equals zero:
cfgRacTuneIpRangeMask & ( ^ 
cfgRacTuneIpRangeAddr)
where & is the bitwise AND of the quantities and ^ is the bitwise 
exclusive-OR.
See DRAC 5 Property Database Group and Object Definitions on page 345 
for a complete list of cfgRacTune properties.
Enabling IP Filtering
Below is an example command for IP filtering setup.
See Using RACADM Remotely on page 78 for more information about 
RACADM and RACADM commands....

Page 227

Configuring Security Features227
To restrict the login to a single IP address (for example, 192.168.0.57), use the 
full mask, as shown below.
racadm config -g cfgRacTuning -o 
cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o 
cfgRacTuneIpRangeAddr 192.168.0.57
racadm config -g cfgRacTuning -o 
cfgRacTuneIpRangeMask 255.255.255.255
To restrict logins to a small set of four adjacent IP addresses (for example, 
192.168.0.212 through 192.168.0.215), select all but the lowest two bits in the 
mask,...

Page 228

228Configuring Security Features
IP Blocking
IP blocking dynamically determines when excessive login failures occur from 
a particular IP address and blocks (or prevents) the address from logging into 
the DRAC 5 for a preselected time span. 
The IP blocking parameter uses cfgRacTuning group features that include:
• The number of allowable login failures
• The timeframe in seconds when these failures must occur 
• The amount of time in seconds when the guilty IP address is prevented 
from establishing a...

Page 229

Configuring Security Features229
Enabling IP Blocking
The following example prevents a client IP address from establishing a session 
for five minutes if that client has failed its five login attempts in a one-minute 
period of time. 
racadm config -g cfgRacTuning -o 
cfgRacTuneIpRangeEnable 1
racadm config -g cfgRacTuning -o 
cfgRacTuneIpBlkFailCount 5
racadm config -g cfgRacTuning -o 
cfgRacTuneIpBlkFailWindows 60
racadm config -g cfgRacTuning -o 
cfgRacTuneIpBlkPenaltyTime 300
The following example...

Page 230

230Configuring Security Features
Configuring the Network Security Settings Using the DRAC 5 GUI
 NOTE: You must have Configure DRAC 5 permission to perform the following steps.
1In the System tree, click Remote Access. 
2Click the Configuration tab and then click Network.
3In the Network Configuration page, click Advanced Settings.
4In the Network Security page, configure the attribute values and then click 
Apply Changes.
Table 12-17 describes the 
Network Security page settings.
5Click the appropriate...
Start reading Dell Drac 5 User Guide

Related Manuals for Dell Drac 5 User Guide

All Dell manuals