A few things stick out in my mind:
1. Since the MAC addresses are different for both the IPMI and eth0,
this means that, potentially, you should be able to ping the IPMI card
and get responses. Does that work?
2. When you did a "lan print 2", there weren't any Cipher suites shown
for a given privledge level. Maybe your machine's IPMI BMC only
supports IPMI 1.0 or "-I lan". For example, this is what I see:
--
RMCP+ Cipher Suites : 0,1,2,3,4,5,6,7,8,9,10,11,12,13,14
Cipher Suite Priv Max : Xaaaaaaaaaaaaaa
: X=Cipher Suite Unused
: c=CALLBACK
: u=USER
: o=OPERATOR
: a=ADMIN
: O=OEM
--
3. Finally, as I understand it, you CANNOT use the local machine to
communicate to the BMC via the Network. The previous connections you
were making was using the internal Open or "kcs" interface. If you want
to do IPMI testing via the network interface, you need to use some other
machine.
--David
> Hi all. I'm having a bit of a hard time getting remote ipmitool commands
>
> to work on a Relion 1600 from Penguin Computing. Local ipmitool commands
>
> work fine, but when I try to connect from another machine, I start
> running into problems...
>
> This is a rather verbose email, as I'm going to go through everything I
> do step by step with lots of output. Hopefully someone will be able to
> see where I am going wrong.
>
> First of all, let's look at the default settings that the machien
> shipped with:
>
> ====================================================
>
> [EMAIL PROTECTED] ipmitool lan print 2
> Set in Progress : Set Complete
> Auth Type Support : NONE MD5 PASSWORD
> Auth Type Enable : Callback : NONE MD5 PASSWORD
> : User : NONE MD5 PASSWORD
> : Operator : NONE MD5 PASSWORD
> : Admin : NONE MD5 PASSWORD
> : OEM : NONE MD5 PASSWORD
> IP Address Source : Static Address
> IP Address : 192.168.2.100
> Subnet Mask : 255.255.255.0
> MAC Address : 00:a0:d1:e5:d1:8b
> SNMP Community String : public
> IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10
> Default Gateway IP : 192.168.2.203
> 802.1q VLAN ID : Disabled
> 802.1q VLAN Priority : 0
> RMCP+ Cipher Suites : 0,1,2,3
> Cipher Suite Priv Max : Not Available
>
> =======================================================
>
> Now I'm going to use ipmitool to set the IP address to something I can
> access from the Internet. First, we'll look at my network settings for
> eth0 on the server:
>
> =======================================================
>
> [EMAIL PROTECTED] ifconfig eth0
> eth0 Link encap:Ethernet HWaddr 00:A0:D1:E5:D1:88
> inet addr:XXX.XXX.XXX.206
> Bcast:XXX.XXX.XXX.255
> Mask:255.255.255.0
>
>
> [EMAIL PROTECTED] route -n
> Kernel IP routing table
> Destination Gateway Genmask Flags Metric Ref Use
> Iface
> XXX.XXX.XXX.0 0.0.0.0 255.255.255.0 U 0 0
> 0 eth0
> 0.0.0.0 XXX.XXX.XXX.1 0.0.0.0 UG 0 0
> 0 eth0
>
> =================================================================
>
> The server is configured for XXX.XXX.XXX.206, so to avoid any potential
> conflicts, I'm going to set the BMC for XXX.XXX.XXX.205 using ipmitool:
>
> ==================================================================
>
>
> [EMAIL PROTECTED] ipmitool lan set 2 ipaddr XXX.XXX.XXX.205
> Setting LAN IP Address to XXX.XXX.XXX.205
>
> [EMAIL PROTECTED] ipmitool lan set 2 defgw ipaddr XXX.XXX.XXX.1
> Setting LAN Default Gateway IP to XXX.XXX.XXX.1
>
> [EMAIL PROTECTED] ipmitool lan print 2
> Set in Progress : Set Complete
> Auth Type Support : NONE MD5 PASSWORD
> Auth Type Enable : Callback : NONE MD5 PASSWORD
> : User : NONE MD5 PASSWORD
> : Operator : NONE MD5 PASSWORD
> : Admin : NONE MD5 PASSWORD
> : OEM : NONE MD5 PASSWORD
> IP Address Source : Static Address
> IP Address : XXX.XXX.XXX.205
> Subnet Mask : 255.255.255.0
> MAC Address : 00:a0:d1:e5:d1:8b
> SNMP Community String : public
> IP Header : TTL=0x40 Flags=0x40 Precedence=0x00 TOS=0x10
> Default Gateway IP : XXX.XXX.XXX.1
> 802.1q VLAN ID : Disabled
> 802.1q VLAN Priority : 0
> RMCP+ Cipher Suites : 0,1,2,3
> Cipher Suite Priv Max : Not Available
>
> =======================================================
>
> The public IP address is now configured. Let's check the channel access:
>
> ========================================================
>
> [EMAIL PROTECTED] ipmitool channel getaccess 2 1
> Maximum User IDs : 16
> Enabled User IDs : 14
>
> User ID : 1
> User Name :
> Fixed Name : Yes
> Access Available : call-in / callback
> Link Authentication : disabled
> IPMI Messaging : enabled
> Privilege Level : ADMINISTRATOR
>
> ========================================================
>
> And the general information:
>
> ========================================================
>
> [EMAIL PROTECTED] ipmitool channel info 2
> Channel 0x2 info:
> Channel Medium Type : 802.3 LAN
> Channel Protocol Type : IPMB-1.0
> Session Support : multi-session
> Active Session Count : 0
> Protocol Vendor ID : 7154
> Volatile(active) Settings
> Alerting : enabled
> Per-message Auth : enabled
> User Level Auth : enabled
> Access Mode : always available
> Non-Volatile Settings
> Alerting : enabled
> Per-message Auth : enabled
> User Level Auth : enabled
> Access Mode : always available
>
> =========================================================
>
> And now I'm going to set the password to 'admin':
>
> ==========================================================
>
> [EMAIL PROTECTED] ipmitool lan set 2 password admin
> Password set for user 1
>
> ==========================================================
>
> And now, finally, I go to my other computer and try to use ipmitool with
>
> both lan and lanplus. Here is the failure:
>
> ===========================================================
>
> [EMAIL PROTECTED] /pkg/ipmitool/1.8.9/bin/ipmitool -I lanplus -H
> XXX.XXX.XXX.205
> chassis status
> Password:
> Error: Unable to establish IPMI v2 / RMCP+ session
> Error sending Chassis Status command
> [EMAIL PROTECTED] /pkg/ipmitool/1.8.9/bin/ipmitool -I lan -H XXX.XXX.XXX.205
> chassis status
> Password:
> Error: Unable to establish LAN session
> Error sending Chassis Status command
>
> =============================================================
>
> I feel like there is some simple, obvious thing that I am overlooking.
> Any suggestions?
>
>
>
> ------------------------------------------------------------------------
> -
> Take Surveys. Earn Cash. Influence the Future of IT
> Join SourceForge.net's Techsay panel and you'll get the chance to share
> your
> opinions on IT & business topics through brief surveys-and earn cash
> http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDE
> V
> _______________________________________________
> Ipmitool-devel mailing list
> Ipmitool-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
>
-------------------------------------------------------------------------
Take Surveys. Earn Cash. Influence the Future of IT
Join SourceForge.net's Techsay panel and you'll get the chance to share your
opinions on IT & business topics through brief surveys-and earn cash
http://www.techsay.com/default.php?page=join.php&p=sourceforge&CID=DEVDEV
_______________________________________________
Ipmitool-devel mailing list
Ipmitool-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ipmitool-devel
