Due to an IPMI vulnerability, Ribbon recommends not connecting the BMC Ethernet port to an external network unless the network is deemed well-protected.
[Reference: NIST National Vulnerability Database website]
Ribbon ships the SBC 5000 series pre-configured with the default IP address “169.254.77.1” to facilitate out of the box access to the BMC web interface. Configure your PC/Laptop IP address to be on this network so that it can communicate with SBC 5000 series platform. To access the BMC web application, connect the Field Service Port to the PC configured with the pre-configured IP address and type the IP address in a web browser.
Refer to Introduction to EMA for a list of supported browsers and operating systems.
To configure BMC for remote access:
Connect your PC/laptop via an Ethernet cable to the Field Service Port (FSP) at the back of SBC (Here it is 5210) and power it up (if not already on).
In Windows 7 operating system, open Control Panel > Network and Sharing Center. The Network and Sharing Center window displays.
Click Local Area Connection link.The Local Area Connection Status screen displays.
Click Properties. The LAN Properties screen displays.
Select "Internet Protocol Version 4 (TCP/IPv4)" option and click Properties. The Internet Protocol Version 4 (TCP/IPv4) Properties screen appears.
Select Use the following IP addresses option and input the IP address, Subnet mask, and Default gateway. Click OK.
Type the pre-configured IP address “169.254.77.1” in a web browser (Firefox is the recommended browser. If using Internet Explorer, you must manually add “https://169.254.77.1” as a trusted site), and connect to the BMC web interface.
The SBC 5000 is delivered with sample self-signed X.509 certificates. Please be aware that even though these sample certificates will allow you to use HTTPS to access the SBC 5000 from BMC and EMA interfaces, using this protocol with the sample certificates is not a truly secure access method. If your organization requires a more secure access, see Generating PKI Certificates.
Log on to the SBC 5000 BMC GUI. The SBC 5000 BMC main screen is displayed.
Click Configuration > Network. The Network Settings window is displayed.
Configure the BMC IP Address, Prefix and Default Gateway network settings. Select Enable JViewer and/or Enable SSH options under the “Security” settings depending upon your security requirements. It is recommended to leave the Enable IPMI option disabled.
Enable IPMI is a service impacting operation. This reboots both the BMC and the host server. The changes to any of the three security items does not occur until you click Save.
Click Save. The following pop-up message is displayed.
Disconnect the PC/Laptop from FSP.
Connect the FSP of SBC 5000 to the Ethernet router on LAN segment using a CAT5 Ethernet cable to access the BMC over the network.
Continue to configure network management interfaces.
Once the real BMC address is configured, you cannot access the pre-configured BMC address. Clear the browser cache (browser-specific) and open a new browser session to reflect the changes.