Table of Contents
Advertisement
To forward SSL sockets, the proxy server must support the basic proxy header functions (as described in
RFC 2616) and the CONNECT method. Optionally, basic proxy authentication (RFC 2617) may be
configured so that the HMC authenticates before attempting to forward sockets through the proxy server.
For the HMC to communicate successfully, the client's proxy server must allow connections to port 443.
You can configure your proxy server to limit the specific IP addresses to which the HMC can connect. See
"Internet SSL address lists" on page 7 for a list of IP addresses.
Using a direct Internet SSL connection
If your HMC can be connected to the Internet, and the external firewall can be set up to allow established
TCP packets to flow outbound to the destinations described in "Internet SSL address lists" on page 7, you
can use a direct Internet connection.
Using Internet SSL to connect to remote support
All the communications are handled through TCP sockets initiated by the HMC and use a high-grade
SSL to encrypt the data that is transmitted. The destination TCP/IP addresses are published (see "Internet
SSL address lists" on page 7) so that external firewalls can be configured to allow these connections.
Note: The standard HTTPS port 443 is used for all communications.
The HMC can be enabled to connect directly to the Internet or to connect indirectly from a proxy server
provided by the customer. The decision about which of these approaches works best for your installation
depends on the security and networking requirements of your enterprise. The HMC (directly or through
the SSL proxy) uses the following addresses when it is configured to use Internet SSL connectivity.
13
Installing and configuring the Hardware Management Console
Hide quick links:
Advertisement
Table of Contents
