topic LOM password reset on 5600 and 12400 appliances in Firewall and Security Management

LOM password reset on 5600 and 12400 appliances

Sergej_Gurenko — Wed, 22 May 2019 19:31:55 GMT

Hello

Can you please suggest if there is an option for LOM password reset? I hound instructions for setting IP, how about resetting LOM Lights Out Management password?

Regards,

Serg

References:

sk97849 - Configuring IP Address for LOM card on 21400 appliance through the System Console

sk94670 - Setting Lights Out Management (LOM) IP address from SecurePlatform OS on Power-1 appliances

At the system console port, load the IPMI drivers into Linux memory:

[Expert@HostName]# /etc/init.d/ipmi start

Should get:
Starting ipmi drivers: [ OK ]

Note: It takes around 20 seconds to load the drivers.

Check if LOM LAN factory default settings are correct. The bold IP addresses indicated by "<----" are the ones that will be modified.

[Expert@HostName]# ipmitool lan print 1

Set in Progress         : Set Complete
Auth Type Support       : NONE MD2 MD5 OEM
Auth Type Enable        : Callback : MD2 MD5 OEM
                        : User     : MD2 MD5 OEM
                        : Operator : MD2 MD5 OEM
                        : Admin    : MD2 MD5 OEM
                        : OEM      :
IP Address Source       : Static Address
IP Address              : 192.168.0.100    <----
Subnet Mask             : 255.255.255.0    <----
MAC Address             : XXXXXXXXXXXXXXX
SNMP Community String   : AMI
IP Header               : TTL=0x00 Flags=0x00 Precedence=0x00 TOS=0x00
BMC ARP Control         : ARP Responses Disabled, Gratuitous ARP Disabled
Gratituous ARP Intrvl   : 0.0 seconds
Default Gateway IP      : 192.168.0.1     <-----
Default Gateway MAC     : 00:00:00:00:00:00
Backup Gateway IP       : 0.0.0.0
Backup Gateway MAC      : 00:00:00:00:00:00
RMCP+ Cipher Suites     : Cipher Suite Priv Max   : XXXXXXXXXXXXXXX
                        :     X=Cipher Suite Unused
                        :     c=CALLBACK
                        :     u=USER
                        :     o=OPERATOR
                        :     a=ADMIN
                        :     O=OEM

Set the timeout value for the LOM console switch to 59 minutes:

Re: LOM password reset on 5600 and 12400 appliances

Wolfgang — Wed, 22 May 2019 19:49:29 GMT

sk120793 => ipmitool user set password 2 vpn123

sk127573 ipmitool raw 0x2e 0x02 ( Full reset of LOM)

Re: LOM password reset on 5600 and 12400 appliances

maninderdeol — Tue, 28 Jul 2020 04:37:53 GMT

Hi,

Just to add into it. If you perform a full reset on LOM on remote Firewall, it will make it inaccessible unless you have 192.168.X.X subnet to talk to it. However, the work around is do " ipmitool lan print 1" or " ipmitool lan print 8" and check the exisiting IP Address and Default Gateway details. Once you have the details, you can perform full reset using "ipmitool raw 0x2e 0x02" under the expertmode in CLI and then assign LOM same IP Address using "lomipset <LOM_IP_ADDRESS> <LOM_NETMASK> <LOM_DEFAULT_GW_ADDRESS>” command under the expertmode and access the LOM using a Web browser, login using defaul login details, and go through the setup process.

Re: LOM password reset on 5600 and 12400 appliances

HusMo — Fri, 04 Nov 2022 16:53:19 GMT

Hello Sergej

Old thread but I just came across this when trying to kick a couple of LOM cards into action. Symptom, LOM MACs not seen on switchport (hence LOMs unreachable).

I tried ipmitool raw 0x2e 0x02 but it didn't do anything. Found the command below on a Nutanix site, tried it and worked perfectly (once cards reset, MACs seen on switchports and LOMs reachable, with configuration retained):

# ipmitool mc reset cold

Maybe a good one to update sk127573 with before doing full factory reset

cheers