Accessing IPMI and Changing IPMI Password¶
Note
By default, the IPMI port is configured to be a DHCP client. When connected to a network with DHCP, the IP address will appear in the lower right corner of the screen during boot.
In compliance with new privacy legislation, the Username and Password to access the IPMI port on the Netgate 1537 1U has been changed to a unique password on each device. Netgate started shipping systems with this change beginning February 21, 2020.
Prior to February 21, 2020, the IPMI Username and Password were ADMIN/ADMIN
.
After February 21, 2020, the IPMI Username is still ADMIN
, the password is
located on a sticker on the bottom of the Netgate 1537 as shown below.
Note
The password is alpha-numeric and the letters are capital letters.
Changing the IPMI Password¶
The IPMI password for Netgate appliances can be changed either through the browser-based IPMI console or by using the ipmitool utility directly in pfSense® software.
Using IPMI Web Console¶
To change the IPMI password in the web console:
Navigate to the IPMI address using a web browser
Log in to the IPMI console with the current credentials
Navigate to Configuration > Users
Select the user to modify
This is likely the
ADMIN
user or another user with Administrator privileges.Click Modify User
Check Change Password
Enter the new Password
Enter it again in Confirm Password
Click Modify
Click OK on the message window that says “Modified user successfully.”
Using the ipmitool Utility¶
If the IPMI web interface is unavailable or the current password is unknown, the
ipmitool
utility packaged with pfSense software can change the password.
These commands may be performed in the GUI at Diagnostics > Command Prompt
or at a console or SSH shell prompt as the root
user.
Load the IPMI kernel module
kldload ipmi
List the current IPMI users
ipmitool user list
Note
Netgate appliances use the user name
ADMIN
by default.The command prints a list of users, for example:
ID Name Callin Link Auth IPMI Msg Channel Priv Limit 1 true false false Unknown (0x00) 2 ADMIN true false false Unknown (0x00) 3 true false false Unknown (0x00) 4 true false false Unknown (0x00) 5 true false false Unknown (0x00) 6 true false false Unknown (0x00) 7 true false false Unknown (0x00) 8 true false false Unknown (0x00) 9 true false false Unknown (0x00) 10 true false false Unknown (0x00)
Warning
Usernames are case-sensitive.
Reset the password for a user
The default
ADMIN
user is User ID2
, and the example below sets the password for this user toNETGATE
.ipmitool user set password 2 NETGATE
Warning
This password is for example purposes only. Use a secure password.
If successful, the output will be:
Set User Password command successful (user 2)
Unload the IPMI kernel module
kldunload ipmi
Reset IPMI Network Configuration¶
The ipmitool
utility can also change or reset the network configuration of
the IPMI interface if it cannot be reached over the network.
These commands may be performed in the GUI at Diagnostics > Command Prompt
or at a console or SSH shell prompt as the root
user.
Load the IPMI kernel module
kldload ipmi
Set the IPMI IP address and subnet mask
The following commands configure the IP address of the IPMI interface and its corresponding subnet mask in dotted quad notation.
This example sets the IPMI IP address to
172.31.123.5/24
:ipmitool lan set 1 ipsrc static ipmitool lan set 1 ipaddr 172.31.123.5 ipmitool lan set 1 netmask 255.255.255.0
Set the IPMI gateway IP address
To communicate with IPMI outside of its configured subnet, the IPMI interface must have a default gateway set.
This example sets the default gateway to
172.31.123.1
.ipmitool lan set 1 defgw ipaddr 172.31.123.1
Enable IPMI access on the interface
ipmitool lan set 1 access on
Unload the IPMI kernel module
kldunload ipmi