Table of Contents
Advertisement
Enabling LOM and LOM Users
Before you can use LOM to restore an appliance, you must enable and configure the feature. You must also
explicitly grant LOM permissions to users who will use the feature.
You configure LOM and LOM users on a per-appliance basis using each appliance's local web interface. That is,
you cannot use the Management Center to configure LOM on a Firepower device. Similarly, because users are
managed independently per appliance, enabling or creating a LOM-enabled user on the Management Center does
not transfer that capability to users on Firepower devices.
LOM users also have the following restrictions:
You must assign the Administrator role to the user.
The user name may have up to 16 alphanumeric characters. Hyphens and longer user names are not
supported for LOM users.
The password may have up to 20 alphanumeric characters. Longer passwords are not supported for LOM
users. A user's LOM password is the same as that user's system password.
8000 Series devices can have up to 13 LOM users.
Note:
For detailed instructions on the following tasks, see the Configuring Appliance Settings chapter in the
Firepower Management Center Configuration Guide.
To enable LOM:
1.
Select
System > Configuration
2.
Enable remote access using the
gateway (or use DHCP to have these values automatically assigned).
Note:
The LOM IP address must be different from the management interface IP address of the appliance.
To enable LOM capabilities for a Firepower System user:
1.
Select
System > User Management
that you will use for LOM access to the appliance.
2.
On the User Configuration page, enable the
3.
Enable the
Allow Lights-Out Management Access
Installing an IPMI Utility
You use a third-party IPMI utility on your computer to create an SOL connection to the appliance.
If your computer is running Linux or Mac OS, use IPMItool. Although IPMItool is standard with many Linux
distributions, you must install IPMItool on a Mac. First, confirm that your Mac has Apple's xCode developer tools
package installed. Also, make sure the optional components for command line development are installed ("UNIX
Development" and "System Tools" in newer versions, or "Command Line Support" in older versions). Finally,
install MacPorts and IPMItool. For more information, use your favorite search engine or see these sites:
https://developer.apple.com/technologies/tools/
http://www.macports.org/
For Windows environments, use ipmiutil, which you must compile yourself. If you do not have access to a compiler,
you can use ipmiutil itself to compile. For more information, use your favorite search engine or see this site:
http://ipmiutil.sourceforge.net/
Firepower 8000 Series Getting Started Guide
, then click
Console Configuration
, then specify the LOM IP address, netmask, and default
Physical Serial Port
, then either edit an existing user to add LOM permissions, or create a new user
Administrator
check box and save your changes.
Restoring a Device to Factory Defaults
.
role if it is not already enabled.
32
Advertisement
Table of Contents
