Back

How to set up L2TP over IPsec for iDRAC on MS Windows

Table of contents

The integrated out-of-band management platform on Dell servers is called iDRAC. By default, access to the iDRAC interface of your servers is provided via a VPN.

If necessary, you can also allow access without a VPN by enabling temporary public access to the iDRAC interface. This can be activated in the customer portal on the server details page under the OOB section. Simply select Enable public access for 24 hours.

Once activated, public access remains enabled for the next 24 hours but can be manually disabled at any time.

For security reasons, VPN access remains the preferred method and should be used whenever possible. This guide explains how to access iDRAC using a VPN.

Finding VPN credentials

Credentials and instructions for setting up a VPN connection to the OOB network are available in the customer portal. To access them:

  1. Navigate to NetworksVPN accessVPN to DRAC

  2. Select the location and click Credentials

  3. In the opened window, you will find the credentials:

Finding VPN credentials

Setting up a new VPN connection

  1. Go to StartSettings

Find settings option

  1. Choose Network & Internet

choose network and internet

  1. Navigate to the VPN tab and click Add a VPN connection

Click add a VPN connection under VPN tab

  1. In the opened window, enter the following details:

    • VPN provider: choose Windows (built-in)

    • VPN type: choose L2TP/IPsec with pre-shared key

    • Connection name: e.g., VPN iDRAC

    • Login credentials obtained from the customer portal:

      • Server name or address: VPN server

      • Pre-shared key: shared secret

      • Username: login

      • Password: password

  2. Click Save

    Enable additional security protocols

    1. In the VPN tab, click Change adapter options in the Related settings section

    click change adapter options

    1. Find the adapter with the same name as your VPN connection and click Change settings of this connection

    change settings of your VPN connection

    1. In the connection properties window, go through the following steps:

      • On the Security tab:

        • Enable Allow these protocols

        • Ensure that only Challenge Handshake Authentication Protocol (CHAP) and Microsoft CHAP Cersion 2 (MS-CHAP v2) are enabled

    update setting under security tab

      • On the Networking tab:

        • Select IPv4 protocol and open its properties using the Properties button

        • Click Advanced, then untick the Use default gateway on remote network checkbox

    update settings under networking tab

      • Click OK to save settings and close all open windows

    Connect to VPN and add routes to iDRAC network

    1. Go to StartSettingsNetwork & InternetVPN

    2. Find your VPN connection and click Connect

    3. Once the VPN connection is established, add the routes to the iDRAC's network:

      • Go to Start, type cmd and open Command Prompt application as Administrator

    open command prompt as admin

      • Execute the following command to get the VPN network adapter ID:

        route print

      • Scroll to the Interfaces List block and find your VPN adapter and its ID

    find your VPN adapter and its id

      • Execute the following commands to add routes:

        route add 198.18.0.0 mask 255.255.128.0 0.0.0.0 if your_adapter_ID
        route add 100.64.0.0 mask 255.255.128.0 0.0.0.0 if your_adapter_ID

        Replace your_adapter_ID with the actual ID you obtained in the previous step.

    replacing adapter id with actual id

    Now you should be able to connect to iDRAC on your server.

    Finding iDRAC credentials

    The IP address and credentials for an individual server's iDRAC interface can be found in the customer portal:

    1. Navigate to Dedicated ServersManageYour serverDetails

    2. Scroll to the OOB section and click Credentials