New IPMI Access Procedures
Posted by Kevin Stange on 21 July 2014 10:46 AM |
|
In response to recent critical vulnerabilities, a few weeks ago we temporarily disabled access to the remote control systems included with our dedicated servers. This system is known as IPMI. We also accelerated our plan for an encrypted, authenticated solution that keeps IPMI systems isolated from the Internet. We’re pleased to announce that we have extended the existing Internal Network VPN to access IPMI systems. If you already use our VPN, you can connect and immediately access your server’s IPMI with its normal IP address and credentials. This change does not permit IPMI systems to access the Internal Network. If you have not accessed the VPN before, access is fairly easy to set up and is supported on Windows, Mac, and Linux computers. Please see our Internal Network VPN Access article for details on how to request access, and how to configure your computer. In the coming months, we will be changing the IP addresses for IPMI. The new IP addresses will be from restricted, private ranges that begin with “10.” We are making this change because it is no longer necessary to use public addresses when IPMI is hidden behind the VPN server. This also ensures that individuals on the Internet never have direct access. Previous IP addresses will be recycled for use with new servers and services. If you have questions about VPN system changes, IPMI security, or to request access immediately, please create a ticket via our helpdesk or by email. We thank you for your patience while we worked to retool IPMI access procedures, and apologize again for any inconvenience caused by temporary loss of access. | |