How To
Summary
For customer environments that require IP access control to the BMC for restricting access when using the 7063-CR1 HMC.
Environment
7063-CR1 HMCs
Any HMC Version or Release
Any BMC or PNOR firmware level
Steps
There are 10 slots available for IP Access Control rules. The order configured is important for establishing the rules correctly.
How to configure IP access:
1) Log in to the BMC GUI as ADMIN
2) Go to the "Configuration" tab
3) Select "IP Access Control".
4) Add a check mark for "Enable IP Access Control" and confirm the action when prompted.
NOTE: The port control is also located under the "Configuration" tab.
A common setup used for IP access control is to limit access to a single IP or a small range. Here is an example of allowing a single IP for a remote system with IP address 192.168.1.1.
5) Add Rule 1: 192.168.1.1/32 and set to "Allow".
6) Add Rule 2: 0.0.0.0/0 and set to "Drop".
Rule in effect: blocks all IP addresses that are not IP 192.168.1.1.
By comparison:
7) Add Rule 1: 0.0.0.0/0 and set to "Drop".
8) Add Rule 2: 192.168.1.1/32 and set to "Allow".
Rule in effect: Blocks all access to the IPMI, because Rule 1 takes precedence over Rule 2 and blocks all IP addresses, even though Rule 2 is set to allow the single IP for access.
The rules can also be used to allow all or a subset of 192 IP address ranges, while blocking all other traffic.
Check mark "Enable IP Access Control"
Click add to add a rule:
Add the rule for allow and click Save:
Add the rule for drop and click Save:
Additional Information
This is access control. Ensure the right ip or ip range is being specified in the right rule order, otherwise the unintended consequence is remote users will lose all access.
Document Location
Worldwide
[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SGGSNP","label":"Hardware Management Console V9"},"ARM Category":[{"code":"a8m0z000000bowEAAQ","label":"Hardware Management Console"}],"ARM Case Number":"TS003873159","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)","Line of Business":{"code":"LOB08","label":"Cognitive Systems"}}]
Was this topic helpful?
Document Information
Modified date:
02 November 2021
UID
ibm16243114