ZTNA to Dell iDRAC

Question

Has anyone been able to get ZTNA to iDRAC working? I have st all the ports and access method Agent. 
 
 When I connect to the iDrac i get a web prompt 
 Your connection isn't private 
 Attackers might be trying to steal your information from idrac.xxx.xx.x (for example, passwords, messages or credit cards). 
 
 NET::ERR_CERT_AUTHORITY_INVALID 
 idrac.xxx.x.x uses encryption to protect your information. When Microsoft Edge tried to connect to idrac.xxx.x this time, the website sent back unusual and incorrect credentials. This may happen when an attacker is trying to pretend to be idrac.xx.xx.xx, or a WiFi sign-in screen has interrupted the connection. Your information is still secure because Microsoft Edge stopped the connection before any data was exchanged. 
 You can't visit idrac.xx.xx.x at the moment because the website uses HSTS. Network errors and attacks are usually temporary, so this page will probably work later.

Prism · Answer

Hello! 
 A bit late of an answer, but... 
 The Agent mode works differently as Agentless, (It doesn't act as a reveres proxy), meaning if the service you're connecting doesn't have a valid TLS certificate, your browser will give an error message. 
 The reason on why you can't open is a stated above, and since the domain have HSTS, you won't be able to bypass the error message. 
 One way to fix It is to use Agentless mode for iDRAC, since disabling HSTS can be insecure. 
 PS; on Chrome-based browsers you can "force" bypass this error message by typing "thisisunsafe" at the iDRAC error message. 
 Thanks!

ZTNA to Dell iDRAC

Your connection isn't private

Top Replies