Integrated Data Protection Appliance(IDPA/PPDP)

Last reply by 05-26-2022 Unsolved
Start a Discussion
Dell Technologies
173

HTTPS Connection Failures On iDRAC After 2.7.2 Upgrade

iDRAC users could encounter connectivity issues like redirection, '400 - Bad Request' errors or Unknown Reason.


Cause

IDPA 2.7.2 block contains iDRAC firmware version 5.10.00.00 which introduced HTTPS connection changes as part of the fix for CVE-2021-21510, The webserver in iDRAC firmware version 5.10.00.00 enforces an HTTPS Host Header check by default.

This also impacts Fully Qualified Domain Name (FQDN) address.

Resolution

DP4400 Systems can be accessed by configured IP as expected, no other changes are required.
iDRAC will no longer be accessible by FQDN.

Please refer to PowerProtect DP4400 Installation Guide for steps to configure networking, as was meant to be performed at initial deployment.



By default, DP5x00 and DP8x00 are not deployed with external IPs therefore only tunneling can be used, in this case as a workaround only we need to disable the Host Header from iDRAC CLI/RACADM

racadm set idrac.webserver.HostHeaderCheck 0

We must re-enable back by running the following command, so we don’t leave the system vulnerable   

racadm set idrac.webserver.HostHeaderCheck 1

 

SSH tunnel can then be used, as per normal procedure

 

https://www.dell.com/support/kbdoc/en-in/000021500/idpa-how-to-perform-firmware-upgrades-using-idrac...

Replies (0)
Latest Solutions
Top Contributor