HTTPS Connection Failures On iDRAC After 2.7.2 Upgrade

iDRAC users could encounter connectivity issues like redirection, '400 - Bad Request' errors or Unknown Reason.

Cause

IDPA 2.7.2 block contains iDRAC firmware version 5.10.00.00 which introduced HTTPS connection changes as part of the fix for CVE-2021-21510, The webserver in iDRAC firmware version 5.10.00.00 enforces an HTTPS Host Header check by default.

This also impacts Fully Qualified Domain Name (FQDN) address.

Resolution

DP4400 Systems can be accessed by configured IP as expected, no other changes are required.
iDRAC will no longer be accessible by FQDN.

Please refer to PowerProtect DP4400 Installation Guide for steps to configure networking, as was meant to be performed at initial deployment.

By default, DP5x00 and DP8x00 are not deployed with external IPs therefore only tunneling can be used, in this case as a workaround only we need to disable the Host Header from iDRAC CLI/RACADM

racadm set idrac.webserver.HostHeaderCheck 0

We must re-enable back by running the following command, so we don’t leave the system vulnerable

racadm set idrac.webserver.HostHeaderCheck 1

SSH tunnel can then be used, as per normal procedure

https://www.dell.com/support/kbdoc/en-in/000021500/idpa-how-to-perform-firmware-upgrades-using-idrac-remotely

View All

No Events found!

Integrated Data Protection Appliance(IDPA/PPDP)

HTTPS Connection Failures On iDRAC After 2.7.2 Upgrade

iDRAC users could encounter connectivity issues like redirection, '400 - Bad Request' errors or Unknown Reason.

Resolution