Due to an IPMI vulnerability, Ribbon recommends to not connect the BMC Ethernet port to an external network unless the network is deemed well-protected.
[Reference: NIST National Vulnerability Database website]
Ribbon ships the SBC 7000 pre-configured with the default IP address “169.254.77.1” to facilitate out of the box access to the BMC web interface. Configure your PC/Laptop IP address to be on this network so that it can communicate with SBC 7000 platform. To access the BMC web application, connect the Field Service Port to the PC configured with the pre-configured IP address and type the IP address in a web browser.
See Introduction to EMA for a list of supported browsers and operating systems.
To configure BMC for remote access:
Connect your PC/laptop via an Ethernet cable to the Field Service Port (FSP) at the back of SBC 7000 and power it up (if not already on).
- Verify that both link LEDs at the FSP are lit. If only the left LED is lit, your PC/laptop network adapter link speed may be set to 10Mbps. Check the PC/laptop Device Manager, and if necessary set your PC/laptop link speed to 100 Mbps/Full Duplex.
- If your PC/laptop uses DHCP and Automatic Private IP Address setting (default setting), the PC/laptop is assigned an IP address in the same subnet as the initial BMC IP; therefore proceed to Step 9. If your PC/laptop does not use DHCP, proceed to the Step 4 to configure a static IP.
In Windows 7 operating system, Open Control Panel > Network and Sharing Center. The Network and Sharing Center window displays.
Click Local Area Connection link.The Local Area Connection Status screen is displayed.
Click Properties. The LAN Properties screen displays.
Select "Internet Protocol Version 4 (TCP/IPv4)" option and click Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties screen appears.
Select Use the following IP addresses option and input the IP address, Subnet mask, and Default gateway. Click OK.
Type the pre-configured IP address “169.254.77.1” in a web browser (Firefox is the recommended browser. If using Internet Explorer, you must manually add “https://169.254.77.1” as a trusted site), and connect to the BMC web interface.
NoteThe SBC 7000 is delivered with sample self-signed X.509 certificates. Please be aware that even though these sample certificates will allow you to use HTTPS to access the SBC 7000 from BMC and EMA interfaces, using this protocol with the sample certificates is not a truly secure access method. If your organization requires a more secure access, refer to Generating PKI Certificates.
Log on to the SBC 7000 BMC GUI. The SBC 7000 BMC main screen is displayed.
Navigate to Configuration > Network tab.
The Network Settings screen is displayed.
Configure the BMC IP Address, Prefix and Default Gateway network settings. Select Enable JViewer and/or Enable SSH options under the “Security” settings depending upon your security requirements. It is recommended to leave the Enable IPMI option disabled.
NoteEnable IPMI is a service impacting operation. This reboots both the BMC and the host server. The changes to any of the three security items does not occur until the Save button is clicked.
Click Save. The following pop-up message appears.
- Click OK in each pop-up message to proceed.
Disconnect the PC/Laptop from FSP.
Connect the FSP of SBC 7000 to the Ethernet router on LAN segment using a CAT5 Ethernet cable to access the BMC over the network.
- Connect a PC to the IP network that can access the BMC IP address.
Continue to configure network management interfaces.
NoteOnce the real BMC address is configured, you cannot access the pre-configured BMC address. Clear the browser cache (browser-specific) and open a new browser session to reflect the changes.