IP Address Range Restrictions | HP Integrated Lights-Out guide

Directory-Enabled Remote Management

199

IP Address Range Restrictions

IP address range restrictions enable the administrator to specify network addresses that are granted or denied access by the restriction. The address range is typically specified in a low-to-high range format. An address range can be specified to grant or deny access to a single address. Addresses that fall within the low to high IP address range meet the IP address restriction.

IP Address and Subnet Mask Restrictions

IP address and subnet mask restrictions enable the administrator to specify a range of addresses that are granted or denied access by the restriction. This format has similar capabilities as an IP address range but might be more native to your networking environment. An IP address and subnet mask range is typically specified using a subnet address and address bit mask that identifies addresses that are on the same logical network.

In binary math, if the bits of a client machine address, added with the bits of the subnet mask, match the restriction subnet address, then the client machine meets the restriction.

DNS-Based Restrictions

DNS-based restrictions use the network naming service to examine the logical name of the client machine by looking up machine names assigned to the client IP addresses. DNS restrictions require a functional name server. If the name service goes down or cannot be reached, DNS restrictions cannot be matched and will fail.

DNS-based restrictions can limit access to a single, specific machine name or to machines sharing a common domain suffix. For example, the DNS restriction, www.hp.com, matches hosts that are assigned the domain name www.hp.com. However, the DNS restriction, *.hp.com, matches any machine originating from HP.

DNS restrictions can cause some ambiguity because a host can be multi-homed. DNS restrictions do not necessarily match one-to-one with a single system.

Image 199

HP Integrated Lights-Out IP Address Range Restrictions, IP Address and Subnet Mask Restrictions, DNS-Based Restrictions

Contents

HP Integrated Lights-Out User Guide Audience Assumptions Contents User Guide Integrated Lights-Out ILO Security 135 Certificate Services 189 Insight Manager 7 Integration 223 Lights-Out DOS Utility 249 Login Modglobalsettings Moddiagport Settings ILO Parameters 331 Contents Technical Support 397 New in This Version Operational OverviewThis Section Network Connection Overview Usage Model Supported Server Operating System Software Supported Browsers Configuring Linux Font Size Linux Browser ConfigurationPage ILO Configuration Options Configuring iLO ILO Rbsu Browser-Based Setup Scripted Setup Installing iLO Device Drivers Select Software and Drivers Installing or Updating the iLO Drivers for MicrosoftILO Pre-requisite Files for Microsoft Novell NetWare Server Driver Support Installing or Updating iLO Drivers for NetWareILO Pre-Requisite Files for NetWare ILO Pre-requisite Files for Red Hat and SuSE Linux Files Red Hat Linux and SuSE Linux Server Driver SupportInstaling or Updating iLO Linux and SuSE Drivers Enabling iLO Advanced Functionality ILO Advanced Evaluation License Activating iLO Advanced Features Using a BrowserILO Advanced License Options User Guide Integrated Lights-Out Activating iLO Advanced Using Scripting ProLiant BL p-Class Configuration ProLiant BL p-Class User Requirements Static IP Bay Configuration Configuring Static IP Bay Settings Configuring a ProLiant BL p-Class Blade Enclosure User Guide Integrated Lights-Out ProLiant BL p-Class Advanced Configuration Parameters ProLiant BL p-Class Standard Configuration Parameters Ribcl Rackinfo Commands Enable iLO IP Address Assignment Getting Static IP Bay Configuration Settings Ribcl Rackinfo Command ExamplesModifying Static IP Bay Configuration Settings Integration with Riloe II Accessory Boards Logging in to iLO for the First Time Using iLO Logging in to iLO for the First Time Using a Browser Using iLO User Guide Integrated Lights-Out Using iLO Help Progressive Delays for Failed Browser Login Attempts Status Summary System StatusILO Status Server Status ILO Event Log Integrated Management Log Post Diagnostic Results for the Host Server Server and iLO Diagnostics Virtual NMI Button Nvram Environment Variables Listing ILO Self-Test Results Remote Console Option Remote Console Remote Console Information Option Display Properties Enhanced Features of the Remote ConsoleRecommended Client Settings Optimizing Performance for Graphical Remote Console Mouse Properties Remote Console Linux SettingsRecommended Server Settings Remote Console Microsoft Windows Server 2003 Settings Microsoft Windows NT 4.0 and Windows 2000 Settings Novell NetWare Settings Red Hat Linux and SuSE Linux Server SettingsRemote Console Hot Keys Supported Hot Keys Remote Console Single-Cursor Single- and Dual-Cursor Modes for Graphical Remote Console Remote Console Dual-Cursor Virtual Devices Virtual Power Using iLO Virtual Media MS-DOS Operating System USB Support USB USB CD USB CD2 ILO Virtual Floppy Using iLO Virtual Media DevicesSelect Local Floppy Drive Click Connect Access iLO through a browser Connect Click Create Disk Image Select Local CD-ROM Drive ILO Virtual CD-ROM Using an Image File Virtual Media CD-ROM Operating System Notes Mounting USB Virtual Media CD in NetWare Mount /dev/scd0 /mnt/cdrom -t iso9660 Virtual Media Composite Device Support Select Local Floppy Drive ILO Virtual Media Privilege Virtual Media Applet TimeoutVirtual Media Scripting Command Line Input Result Virtual Media Image Files Scripting Web Server Requirements CGI Helper Application Virtual Indicators Windows EMS Console Virtual Serial Port Virtual Serial Port and Linux Security Information User Administration AdministrationLinux End-to-End Support Adding a New User Click View/Modify User Viewing or Modifying an Existing Users Settings Click Global Settings Global SettingsDeleting a User User Guide Integrated Lights-Out Network Settings Click Network Settings Using iLO ILO Diagnostic Port Configuration Parameters Recovering from a Failed iLO Firmware Update SNMP/Insight Manager Settings Enabling Snmp Alerts Generating Test Alerts Click Apply Settings Configure Insight Manager Integration Upgrade iLO Firmware Click Send firmware image Licensing Certificate Administration ProLiant BL p-Class Advanced Management Directory Settings User Guide Integrated Lights-Out Rack Settings Server Blade Management Module Power Management Module ILO Control of ProLiant BL p-Class Server LEDs Redundant Power Management Module Server Post Tracking Insufficient Power NotificationHot-Plug Keyboard Keyboard Definitions Hot-Plug Keyboard Recommended Usage Hot-Plug Keyboard Troubleshooting User Guide Integrated Lights-Out Terminal Services Client Requirements Terminal Services Pass-Through Option Windows RDP Pass-Through Service Terminal Services Pass-Through Installation Windows 2000 Terminal Services Port Change Enabling the Terminal Services Pass-Through Option Terminal Services Warning Message Terminal Services Pass-Through Status Terminal Services Button Display Remote Console and Terminal Services Clients ComputerPropertiesRemoteRemote Desktop Terminal Services TroubleshootingManagerMultifunction Adapters Telnet Support HP ProLiant Essentials Rapid Deployment Pack IntegrationViewerApplication Telnet Simple Command Set Using Telnet Telnet Security Supported Key Sequences ILO VT100+ Key Map Altk Altlowerj Linux Codes for the F-Keys VT100+ Codes for the F-Keys Using SSH Using Secure ShellSecure Shell Using OpenSSH ILO Supported SSH FeaturesUsing PuTTY ILO Shared Network Port Requirements ILO Shared Network Port ILO Shared Management Port Features and Restrictions Enabling the iLO Shared Network Port Feature Select AdministrationNetwork Settings Re-enabling the Dedicated iLO Management Port Select NetworkNICTCP/IP, and press the Enter key Command Line Interface Escape CLI CommandsHelp Remcons Power Exit VspPage ILO Security Security FeaturesGeneral Security Guidelines Encryption ILO Security Override Switch Administration User Accounts Privileges Login Security Global Security Settings Password Guidelines Certificates Securing Rbsu Page Benefits of Directory Integration Directory Services Features Supported by Directory Integration Installing Directory Services Schema Documentation Directory Services Support Schema Required Software Schema Installer EDirectory Installation Prerequisites Schema Preview Setup Directory Services 151 Results Management Snap-In Installer Active Directory Installation Prerequisites Directory Services for Active Directory Directory Services Preparation for Active Directory Start MMC Install the Active Directory Schema snap-in in MMC Snap-In Installation and Initialization for Active Directory Directory Services 157 User Guide Integrated Lights-Out Directory Services 159 User Guide Integrated Lights-Out Directory Services 161 Directory Services Objects Active Directory Snap-Ins HP Devices Active Directory Role Restrictions Members User Guide Integrated Lights-Out Time Restrictions Enforced Client IP Address or DNS Name Access Remove Active Directory Lights-Out Management Snap-in Installation and Initialization for eDirectory Directory Services for eDirectory User Guide Integrated Lights-Out Directory Services 173 Apply Directory Services 175 Directory Services Objects for eDirectory Role Managed Devices Role Restrictions EDirectory Role Restrictions Time Restrictions Delete Lights-Out Management Directory Services 183 Configuring Directory Settings Directory Services 185 Directory Tests User Login Using Directory Services User Guide Integrated Lights-Out Introduction to Certificate Services Certificate ServicesInstalling Certificate Services Configuring Automatic Certificate Request Verifying Directory Services Certificate Services 191 Page Introduction to Directory-Enabled Remote Management Directory-Enabled Remote Management Using Bulk Import Tools Using Existing Groups Using Multiple Roles AdminUserAdminRole Server UserRole Restricting Roles Creating Roles to Follow Organizational StructureRole Time Restrictions IP Address and Subnet Mask Restrictions IP Address Range RestrictionsDNS-Based Restrictions Role Address Restrictions How Directory Login Restrictions are Enforced User Address Restrictions How User Time Restrictions are Enforced Creating Multiple Restrictions and Roles Directory-Enabled Remote Management 203 User Guide Integrated Lights-Out Introduction to Lights-Out Migration Utilities Lights-Out Directories Migration Utilities Compatibility Pre-Migration Checklist HP Lights-Out Directory Package Finding Management Processors Hpqlomig Operation Lights-Out Directories Migration Utilities 209 Upgrading Firmware on Management Processors Enter your Login NamePassword and click Find Lights-Out Directories Migration Utilities 211 Naming Management Processors Select either Use Network Address or Create Name Using Index Configuring Directories Browse Click Update Directory Setting Up Management Processors for Directories Click Configure Hpqlomgc Operation Directory is updated Launching Hpqlomgc Using Application LaunchFirmware version is validated and updated if necessary Management processor directory settings are updated Lights-Out Directories Migration Utilities 219 Hpqlomgc Command Language Iloconfig Page Integrating iLO with Insight Manager Insight Manager 7 Integration Identification and Association Functional Overview Queries StatusLinks Configuring Identification of iLO Insight Manager 7 Integration 227 Receiving Snmp Alerts in Insight Manager Port Matching Insight Manager 7 Integration 229 User Guide Integrated Lights-Out ProLiant BL p-Class Rack Visualization User Guide Integrated Lights-Out Integrating iLO with Systems Insight Manager Systems Insight Manager Integration Systems Insight Manager Functional Overview System Insight Manager Status System Insight Manager Identification and Association System Insight Manager Links Configuring System Insight Manager Identification of iLOSystem Insight Manager Systems Lists Receiving Snmp Alerts in Systems Insight Manager System Insight Manager Port Matching Systems Insight Manager Integration 239 Page Lights-Out Configuration Utility Group Administration and iLO Scripting \PROGRAM FILES\INSIGHT MANAGER\HP\SYTEMS Select Management Processor and click OK Query Definition in Insight Manager Application Launch Using Insight Manager Click ToolsCustom CommandsNew Custom Command Create a Custom CommandCreate a Customized List Click either Schedule or Run Now Create a Task Lights-Out Configuration Utility Parameters Batch Processing Using the Lights-Out Configuration Utility Cpqlocfg Overview of the Lights-Out DOS Utility Lights-Out DOS Utility Cpqlodos Recommended Usage Command Line ArgumentsCpqlodos General Guidelines Lights-Out DOS Utility 251 Cpqlodos Runtime Error Ribcl XML Commands for CpqlodosCpqlodos Parameter Adduser Parameters Adduser Runtime Errors Setlicense Parameter Setlicense Runtime Errors Perl Scripting Using Perl with the XML Scripting InterfaceXML Enhancements XML script modification Opening an SSL Connection Sending the XML Header and Script Body Perl Scripting 259 User Guide Integrated Lights-Out Hponcfg Hponcfg Online Configuration UtilityHponcfg Supported Operating Systems Hponcfg Requirements Hponcfg Installation and Usage Linux Server Installation Windows Server Installation Using Hponcfg Hponcfg Command Line Parameters Hponcfg Usage Model Obtaining an Entire Configuration Sample adduser.xml input file Creating a User Account Hponcfg Online Configuration Utility Page Remote Insight Command Language Ribcl and ProLiant BL p-Class Servers Overview of the Remote Insight Board Command Language XML Header Ribcl Sample Scripts Ribcl General GuidelinesData Types Boolean String Response DefinitionsString Specific String Ribcl Ribcl Runtime ErrorsRibcl Parameter Login Parameters LoginLogin Runtime Errors Userinfo Userinfo Runtime ErrorUserinfo Parameter Adduser Parameters Adduser Remote Insight Command Language Adduser Runtime Errors Deleteuser Deleteuser Runtime ErrorsDeleteuser Parameter Getuser Getuser Runtime ErrorsGetuser Parameter Getuser Return Messages Moduser Moduser Parameters Moduser Runtime Errors Getallusers Return Messages Getallusers Runtime ErrorGetallusers Getallusers Parameters Getalluserinfo Getalluserinfo Runtime ErrorsGetalluserinfo Parameters Getalluserinfo Return Messages Ribinfo Resetrib Runtime Errors ResetribRibinfo Runtime Errors Resetrib Parameters Getnetworksettings Return Messages GetnetworksettingsGetnetworksettings Parameters Getnetworksettings Runtime Errors Dhcpwinsserver VALUE=Y Regwinsserver VALUE=Y Modnetworksettings Modnetworksettings /RIBINFO Login Ribcl Modnetworksettings Parameters User Guide Integrated Lights-Out Modnetworksettings Runtime Errors GetglobalsettingsGetglobalsettings Parameters Getglobalsettings Runtime Errors ModglobalsettingsGetglobalsettings Return Messages Modglobalsettings Parameters User Guide Integrated Lights-Out Remote Insight Command Language Getsnmpimsettings Runtime Errors GetsnmpimsettingsModglobalsettings Runtime Errors Getsnmpimsettings Parameters Modsnmpimsettings Parameters Modsnmpimsettings Modsnmpimsettings Runtime Errors Cleareventlog Cleareventlog Runtime ErrorsCleareventlog Parameters Updateribfirmware Parameters UpdateribfirmwareUpdateribfirmware Runtime Errors Getfwversion Return Messages Getfwversion Runtime ErrorsGetfwversion Getfwversion Parameters Hotkeyconfig Parameters Hotkeyconfig License Hotkeyconfig Runtime Errors License Parameters License Runtime Errors Dirinfo Parameters GetdirconfigDirinfo Runtime Errors Dirinfo Getdirconfig Runtime Errors Getdirconfig ParametersGetdirconfig Return Messages Moddirconfig Parameters Moddirconfig Rackinfo Moddirconfig Runtime Errors Modbladerack Rackinfo Runtime ErrorsRackinfo Parameters Modbladerack Parameters Getdiagportsettings Runtime Errors GetdiagportsettingsModbladerack Runtime Errors Getdiagportsettings Parameters Getdiagportsettings Return Messages ModdiagportsettingsModdiagportsettings Parameters Gettopology Moddiagportsettings Runtime Errors Gettopology Parameters ServerinfoGettopology Return Message Serverinfo Runtime Errors GethostpowerstatusServerinfo Parameter Gethostpowerstatus Return Messages SethostpowerGethostpowerstatus Parameters Gethostpowerstatus Runtime Errors Sethostpower Parameters ResetserverSethostpower Runtime Errors Presspwrbtn Parameters Resetserver ParametersResetserver Errors Presspwrbtn Holdpwrbtn Parameters Presspwrbtn Runtime ErrorsHoldpwrbtn Runtime Errors Holdpwrbtn Coldbootserver Parameters ColdbootserverColdbootserver Runtime Errors Getuidstatus WarmbootserverWarmbootserver Parameters Warmbootserver Runtime Errors Getuidstatus Parameters UidcontrolGetuidstatus Response Insertvirtualmedia Parameters Uidcontrol ErrorsInsertvirtualmedia Uidcontrol Parameters Insertvirtualfloppy Runtime Errors Ejectvirtualmedia Ejectvirtualmedia Runtime ErrorsEjectvirtualmedia Parameters Getvmstatus Return Messages Getvmstatus Runtime ErrorsGetvmstatus Getvmstatus Parameters Setvmstatus Parameters Setvmstatus Setvmstatus Runtime Errors ILO Parameters Table ILO Parameters Global Settings ILO Parameters 333 SNMP/Insight Manager Settings ILO Parameters 335 ILO Status Server Name Server Status ParametersServer ID User Administration Parameters Virtual Power and Reset PasswordAdminister User Accounts Remote Console Access Pass-Through Configuration Idle Connection Timeout MinutesEnable Lights-Out Functionality Enable iLO Rbsu Remote Console Data Encryption Require Login for iLO RbsuRemote Console Port Configuration Show iLO During Post Virtual Media Port Terminal Services PortWeb Server Non-SSL Port Web Server SSL Port Network Settings Parameters Serial Command Line Interface StatusSerial Command Line Interface Speed bits/second Minimum Password Length Speed Enable NICShared Network Port Transceiver Speed Autoselect ILO IP Address Registering with Wins ServerRegistering with DNS Server Ping Gateway on Startup Dhcp Server ILO Gateway IP AddressILO Subsystem Name Domain Name Snmp Alert Destinations SNMP/Insight Manager Settings ParametersEnable iLO Snmp Alerts Enable Snmp Pass-Through ILO Advanced Pack License Key ILO Advanced License Activation SettingsInsight Manager Web Agent URL Level of Data Returned Bay Rack NameEnclosure Name Bay Name Directory Settings Parameters Power SourceEnable Automatic Power On Enable Rack Alert Logging IML Directory Server Address Enable Directory AuthenticationEnable Local User Accounts LOM Object Password Click Test Settings Testing Directory SettingsClick Start Test Core Attributes Directory Services SchemaHP Management Core Ldap OID Classes and Attributes Core Classes HpqTarget Core Class DefinitionsHpqRole HpqRoleMembership Core Attribute DefinitionsHpqPolicy HpqPolicyDN HpqTargetMembership HpqRoleIPRestrictionDefaultHpqRoleIPRestrictions Directory Services Schema 357 HpqRoleTimeRestriction Lights-Out Management Attributes Lights-Out Management Classes Lights-Out Management Attribute Definitions Lights-Out Management Class DefinitionsHpqLOMv100 HpqLOMRightRemoteConsole HpqLOMRightLoginHpqLOMRightVirtualMedia HpqLOMRightLocalUserAdmin HpqLOMRightServerResetHpqLOMRightConfigureSettings Page Minimum Requirements Troubleshooting iLO ILO Post LED Indicators Troubleshooting iLO 365 FEH Code Consistency Check Explanation Event Log Entries Troubleshooting iLO 367 User Guide Integrated Lights-Out Troubleshooting iLO 369 Hardware and Software Link-Related Issues MS-DOS Error Codes Hardware Login IssuesSoftware ILO Management Port Not Accessible by Name Login Name and Password Not AcceptedDirectory User Premature Logout Inability to Access the Login ILO Rbsu Unavailable after iLO and Server Reset Inability to Connect to iLO after Changing Network Settings Inability to Access iLO Using TelnetInability to Connect to the iLO Diagnostic Port Inability to Connect to the iLO Processor through the NIC Firewall Issues Proxy Server Issues Troubleshooting Alert and Trap Problems Authentication Code Error Message ILO Security Override Switch Local USB Mouse and Linux Troubleshooting Mouse Problems Remote Console Mouse Control Issue Mouse Issue Using SuSE Linux Emulating a PS/2 Keyboard in a Headless Server Environment Troubleshooting Remote Console ProblemsLinux Remote Console User Guide Integrated Lights-Out Remote Console Text Window not Updating Properly PuTTY Client Unresponsive with Shared Network Port Troubleshooting SSH and Telnet ProblemsRemote Console Turns Grey or Black Initial PuTTY Input Slow SSH Text Support from a Remote Conosle Session Troubleshooting Terminal Services ProblemsTerminal Services Button Is Not Working Terminal Services Proxy Stops Responding Video Applications not Displaying in the Remote Console Troubleshooting Video and Monitor ProblemsGeneral Guidelines Telnet Displays Incorrectly in DOS Virtual Media Applet has a Red X and Will Not Display Troubleshooting Virtual Media ProblemsTroubleshooting Miscellaneous Problems Virtual Drive Listing Shared Instances Cookie Sharing Between Browser Instances and iLOCookie Order Behavior Troubleshooting iLO 389 Displaying the Current Session Cookie Preventing Cookie-Related User Issues Incorrect Time or Date of the Entries in the Event Log Inability to Upgrade iLO FirmwareILO Network Flash Recovery Diagnostic Steps Flash Recovery Process ROMPaq ILO Does Not Respond to SSL Requests Testing SSL Request New Certificate Resetting iLO Server Name Still Present after Erase Utility is Executed Troubleshooting a Remote Host HP Contact Information Technical SupportBefore You Contact HP User Guide Integrated Lights-Out Acronyms and Abbreviations DAV ILO JVM MTU RDP SSL Page Index LAN Index Uidcontrol