Restrict IPMI access on Dell BMC and iDRAC to an allowed IP range

Posted by edgester on Server Fault See other posts from Server Fault or by edgester
Published on 2012-06-14T14:05:18Z Indexed on 2012/06/16 21:18 UTC
Read the original article Hit count: 587

Filed under:
|
|
|
|

I'm trying to secure the iDRAC's and BMC's on some of my Dell servers (R210, R410, R510). I want to restrict access to IPMI commands to only a few IP addresses. I've successfully restricted access to the iDrac using the instructions from http://support.dell.com/support/edocs/software/smdrac3/idrac/idrac10mono/en/ug/html/racugc2d.htm#wp1181529 , but the IP restrictions do not affect IPMI. A separate management network is not practical at this time because of lack or ports and some Dell BMC's don't offer a separate port. I'm told by my networking group that our switches don't support trunking, so using the vlan tagging is not an option either.

Is there a way restrict the IPMI access to a list of allowed addresses?

FYI, for various reasons, I have a mix of Dell servers with BMC's, iDrac Express and iDrac enterprise management features.

© Server Fault or respective owner

Related posts about security

Related posts about dell