nanog mailing list archives
Re: ipmi access
From: Jack Bates <jbates () paradoxnetworks net>
Date: Mon, 02 Jun 2014 09:29:41 -0500
I keep 2 vpn servers. ACL's at router to ipmi vlan, plus whatever additional security ipmi happens to have.
I'm of the belief that vpn servers should be redundant. Kinda silly to lose one and not have access to your network. :)
Jack On 6/2/2014 7:10 AM, Randy Bush wrote:
so how to folk protect yet access ipmi? it is pretty vulnerable, so 99% of the time i want it blocked off. but that other 1%, i want kvm console, remote media, and dim sum. currently, i just block the ip address chunk into which i put ipmi at the border of the rack. when i want access, i reconfig the acl. bit of a pita. anyone care to share better idea(s)? thanks. randy
Current thread:
- Re: ipmi access, (continued)
- Re: ipmi access Nikolay Shopik (Jun 02)
- Re: ipmi access Brian Rak (Jun 02)
- Re: ipmi access Robert Drake (Jun 04)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Nikolay Shopik (Jun 02)
- Re: ipmi access shawn wilson (Jun 02)
- Re: ipmi access Brian Rak (Jun 02)
- Re: ipmi access Jeroen Massar (Jun 02)
- Re: ipmi access Christopher Morrow (Jun 02)
- Re: ipmi access Chris Adams (Jun 02)