Kemp Support, how can we help?

The latest application delivery knowledge and expertise at your fingertips.

HTTP/HTTPS FQDN Connection Failures On iDRAC





Cause of unavailable GUI after iDrac firmware upgrade.


Product: Flowmon

Version: Any

Platform: HW

Question/Problem Description:

After iDrac firmware upgrade it is not possible access to iDrac web GUI.

Steps to Reproduce:  
Error Message: Error 400 Bad Request.
Defect Number:  
Enhancement Number:  
Cause: The iDRAC9 firmware version blocks HTTP / HTTPS access through Fully Qualified Domain Name (FQDN) when the FQDN is not defined as the iDRAC RAC Name.
Resolution: 1. By default, iDRAC9 will check the HTTP / HTTPS Host Header and compare to the defined 'DNSRacName' and 'DNSDomainName'. When the values do not match, the iDRAC will refuse the HTTP / HTTPS connection. In iDRAC9, this Host Header enforcement can be disabled with the following RACADM command:
sudo /opt/dell/srvadmin/sbin/racadm set idrac.webserver.HostHeaderCheck 0
2. When the HTTP / HTTPS Host Header check is enabled (more secure), iDRAC can be accessed using the IPv4/IPv6 address, the RAC Name and/or the defined iDRAC FQDN (DNSRacName.DNSDomainName). If end-user is accessing with hostnames that iDRAC may not be aware of (such as a manual DNS entries added in DNS records), iDRAC9 firmware version introduced a new attribute 'ManualDNSEntry'. This new setting can be updated with up to 4 IP addresses / host names / FQDNs to provide an allow-list of Host Headers. This ensures that incoming requests are not dropped when the HTTP / HTTPS Host Header carries one of the entries in the 'ManualDNSEntry' setting. You can manual entry to allow a list with the command:
sudo /opt/dell/srvadmin/sbin/racadm set idrac.webserver.ManualDNSEntry <IP>
sudo /opt/dell/srvadmin/sbin/racadm set idrac.webserver.ManualDNSentry <IP>,

Dell article:

Was this article helpful?
0 out of 0 found this helpful