Question & Answer
Question
When the user tries to connect to IBM DataPower Gateway with the ipmitool command, the error "Unable to establish IPMI v2 / RMCP+ session" is reported in the command output.
With the "-vvv" option, the output of the ipmitool command shows that RAKP 2 HMAC is invalid.
./ipmitool -vvv -I lanplus -H xx.xx.xx.xx -U ipmiadmin -L operator chassis selftest
Password:
>> Sending IPMI command payload
>> netfn : 0x06
>> command : 0x38
>> data : 0x8e 0x03
BUILDING A v1.5 COMMAND
>> IPMI Request Session Header
>> Authtype : NONE
>> Sequence : 0x00000000
>> Session ID : 0x00000000
>> IPMI Request Message Header
>> Rs Addr : 20
>> NetFn : 06
>> Rs LUN : 0
>> Rq Addr : 81
>> Rq Seq : 00
>> Rq Lun : 0
>> Command : 38
<< IPMI Response Session Header
<< Authtype : NONE
<< Payload type : IPMI (0)
<< Session ID : 0x00000000
<< Sequence : 0x00000000
<< IPMI Msg/Payload Length : 16
<< IPMI Response Message Header
<< Rq Addr : 81
<< NetFn : 07
<< Rq LUN : 0
<< Rs Addr : 20
<< Rq Seq : 00
<< Rs Lun : 0
<< Command : 38
<< Compl Code : 0x00
>> SENDING AN OPEN SESSION REQUEST
<< Message tag : 0x00
<< RMCP+ status : no errors
<< Maximum privilege level : operator
<< Console Session ID : 0xa0a2a3a4
<< BMC Session ID : 0x00000006
<< Negotiated authenticatin algorithm : hmac_sha1
<< Negotiated integrity algorithm : hmac_sha1_96
<< Negotiated encryption algorithm : aes_cbc_128
>> Console generated random number (16 bytes)
4a 5b 3a 62 04 29 ab 20 6b ab d4 0d 3f d0 81 cd
>> SENDING A RAKP 1 MESSAGE
<< Message tag : 0x00
<< RMCP+ status : no errors
<< Console Session ID : 0xa0a2a3a4
<< BMC random number : 0xa7a2ecf3ac9bb13ba7e23bf7369bb13b
<< BMC GUID : 0x42bc5ee4a4df4fc8814ebf196cad60dd
<< Key exchange auth code [sha1] : 0xb34b1d34e5cd45eb6b99cb4a7b26171661e76b83
bmc_rand (16 bytes)
a7 a2 ec f3 ac 9b b1 3b a7 e2 3b f7 36 9b b1 3b
>> rakp2 mac input buffer (67 bytes)
a4 a3 a2 a0 06 00 00 00 4a 5b 3a 62 04 29 ab 20
6b ab d4 0d 3f d0 81 cd a7 a2 ec f3 ac 9b b1 3b
a7 e2 3b f7 36 9b b1 3b 42 bc 5e e4 a4 df 4f c8
81 4e bf 19 6c ad 60 dd 13 09 69 70 6d 69 61 64
6d 69 6e
>> rakp2 mac key (20 bytes)
6d 33 28 74 63 59 68 2d 47 4c 38 2a 21 3b 5f 00
00 00 00 00
>> rakp2 mac as computed by the remote console (20 bytes)
8a 31 72 ba 7d 84 f5 40 c3 41 f5 80 ab 00 6f 44
c7 fb e4 31
> RAKP 2 HMAC is invalid
Error: Unable to establish IPMI v2 / RMCP+ session
[{"Line of Business":{"code":"LOB77","label":"Automation Platform"},"Business Unit":{"code":"BU048","label":"IBM Software"},"Product":{"code":"SS9H2Y","label":"IBM DataPower Gateway"},"ARM Category":[{"code":"a8m50000000CduQAAS","label":"DataPower-\u003EMGMT (MM)-\u003EIPMI"}],"ARM Case Number":"TS003953838","Platform":[{"code":"PF025","label":"Platform Independent"}],"Version":"All Version(s)"}]
Log InLog in to view more of this document
This document has the abstract of a technical article that is available to authorized users once you have logged on. Please use Log in button above to access the full document. After log in, if you do not have the right authorization for this document, there will be instructions on what to do next.
Product Synonym
DataPower
Was this topic helpful?
Document Information
Modified date:
08 June 2021
UID
ibm16333445