I've got my IPMI network segregated from all else via a 4th Ethernet port on my pfSense firewall. The networks my firewall sees are WAN, DMZ, LAN, and IPMI. pfSense enforces the rules that IPMI cannot originate a connection with anyone, and that the only network that can reach IPMI is LAN. I'm not doing any filtering of LAN addresses because I let my personal notebook fall wherever, within the DHCP address range for LAN. I suppose I should set a static DHCP address for my notebook then filter on that. Filtering should be done within pfSense as a single rule for the whole IPMI network. Thanks for showing me IPMI can be accessed via a web browser. I'd been using that sucky IPMI View program. I'll have to explore this further.
Yes. I believe so since your overall machine doesn't even need to be turned on to do this. The BMC chip runs off standby power so it's always on unless the power cord is unplugged.
I've got my IPMI network segregated from all else via a 4th Ethernet port on my pfSense firewall. The networks my firewall sees are WAN, DMZ, LAN, and IPMI. pfSense enforces the rules that IPMI cannot originate a connection with anyone, and that the only network that can reach IPMI is LAN. I'm not doing any filtering of LAN addresses because I let my personal notebook fall wherever, within the DHCP address range for LAN. I suppose I should set a static DHCP address for my notebook then filter on that. Filtering should be done within pfSense as a single rule for the whole IPMI network.
Thanks for showing me IPMI can be accessed via a web browser. I'd been using that sucky IPMI View program. I'll have to explore this further.
Is the reboot just the BMC and not the motherboard?
Yes. I believe so since your overall machine doesn't even need to be turned on to do this. The BMC chip runs off standby power so it's always on unless the power cord is unplugged.