Table of Contents Introduction Supported HD Video Appliances Confirm Package Contents Required Tools Before You Begin In cases where the label is missing or unreadable Installing the IPMI Module Configuring DHCP Accessing the IPMI Web Interface the First Time Overview Functional Description Power and Reset Control Firmware Upgrade Cooling Management...
Page 4
External User Services LDAP / E-Directory Settings Setting Up LDAP / E-Directory Authentication Adding a New Role Group RADIUS Settings Configuring RADIUS Authentication KVM Mouse Settings Log Settings SEL Log Settings Policy Advanced Log Settings Configuring the Remote Server to Enable Syslogging Media Redirection Settings Network Settings Network IP Settings...
Page 5
IP Address Firewall Rules Adding an IP Rule Viewing Existing IP Rules Port Firewall Rules Adding a Port Rule Viewing Existing Port Rules User Management Adding a New User Unsupported Password Characters Modifying an Existing User Reserved Users Remote Control Supported Browsers Using the Remote Control Interface Power Control ACPI Shutdown Windows Settings...
Page 6
Password Recovery User Management Settings for Email Receiver Password Recovery SMTP Settings Internal Email Server Gmail Server Hotmail Server Password Recovery with the IPMITool For More Information Product User Guides...
Introduction Avigilon provides an optional Intelligent Platform Management Interface (IPMI) Module Kit for the HD Video Appliance 3X (HDVA3X). This kit provides you with enhanced remote control for the HDVA3X appliance, to more easily control and monitor HDVA3X appliances from a central location.
Confirm Package Contents Confirm that the kit you are installing contains the following components: 1 × IPMI module 3 × screws 3 × standoffs Required Tools The following tools are not included in the kit package, but are needed to complete the installation: HDVA3X appliance (8/16/24 port) Monitor Keyboard and mouse...
Page 9
wmic COMPUTERSYSTEM get SystemSKUNumber 4. Enter the following command to retrieve the serial number information: wmic BIOS get SerialNumber In cases where the label is missing or unreadable...
Installing the IPMI Module The following steps will install the IPMI module in your HDVA3X appliance. Important: It is recommended that you always use an antistatic mat and antistatic strap while working on components inside the system. 1. If turned on, power down the HDVA3X appliance. 2.
Page 11
7. Replace the lid back onto the unit and secure it in place with the two M2 screws. 8. By default, the IPMI Web interface IP address is set to 192.168.1.2. If you want to set the IPMI to DHCP, see Configuring DHCP on the next page.
1. Use a Cat5e Ethernet cable to connect the IPMI module Ethernet port to a DHCP server. 2. Power on the HDVA3X appliance and press the Delete key when prompted on the black Avigilon splash screen next to the BIOS option. You will be prompted to enter a password.
Accessing the IPMI Web Interface the First Time To access the IPMI web interface, you will need a computer on the same network as the IPMI module and you will need to know the IP address of the IPMI module. The default static IP address is 192.168.1.2. If you switched the IPMI module to use DHCP to assign IP addresses, contact your network administrator or otherwise discover the assigned IP address of the IPMI module.
Overview The IPMI functionality of the HD Video Appliance is intended to comply with IPMI 2.0. Functional Description The IPMI module will provide the following functions on the HD Video Appliance platform. These functions cover the management of the platform, sensor monitoring, event logs, power/reset control, I2C access to internal non-intelligent devices, and firmware upgrades of the IPMI module.
Page 15
KCS Channel: For communicating with the system payload (x86 motherboard). LAN Channel: Using the side-band interface NC-SI of the HD Video Appliance network interface card. For the LAN port location, see Configuring DHCP on page 12. Messaging Interface...
Using the IPMI Web Interface The IPMI web-based user interface allows you to easily monitor the remote server's hardware information such as temperatures, fan rotations, voltages and power. You can also remotely power on/off or reset the HD Video Appliance. Browser Setting Requirements To properly use the IPMI web interface, use the following browser settings: Allow File Downloads From This Site For Internet Explorer: Navigate to Tools >...
Sensor Readings Click Sensor to view sensor related information on the Sensor Readings page. From this page you can click on any sensor to view more information about that particular sensor, including thresholds and a graphical representation of all associated events. The Sensor Readings page provides live readings of all of the available sensors, including details like the Sensor Name, Status, Current Reading, and Behavior.
IPMI Settings From the Settings page you can access various configuration settings for the IPMI module. See the sections below for more information on the different settings pages available. Captured BSOD This page captures a screenshot of the blue screen and error messages that displays in the event of the system crashing.
LDAP / E-Directory Settings From the Lightweight Directory Access Protocol (LDAP) / E-Directory Settings page you need an LDAP or E- directory server on your network to authenticate IPMI users. This is done by passing login requests to your LDAP server and helps to keep authentication centralized and avoid the need to create and update users in multiple locations.
Adding a New Role Group 1. Navigate to Settings > External User Settings > LDAP/E-Directory Settings > Role Groups. 2. Select a blank row and click Add Role Group. Alternatively you can double-click the blank row. 3. Enter a Group Name to identify the role group. The role group name is a string of up to 255 alpha-numeric characters.
Auth-Type= PAP Cleartext-Password="operator" Auth-Type=PAP Vendor-Specific="H=3" 9. Click Save to save your settings. KVM Mouse Settings The IPMI module has three options for handling mouse emulation from the local window to the remote screen on the KVM Mouse Setting page. Choose the mouse setting based on the operating system of the device you are remotely connecting to.
a. Select the type of port used by the remote log server. Select either UDP or TCP in the Port Type field. b. Enter the server address in the Remote Log Server field. IPv4 and FQDN formats are supported. The maximum allowed size is 64 bytes. c.
1. Navigate to Settings > Network Settings > Network IP Settings. 2. Configure the network settings as either LAN or VLAN: LAN: a. Check the Enable LAN checkbox. b. Select the LAN Interface to be configured from the drop-down list. c. Check the Enable IPv4 checkbox to enable IPv4 settings on the LAN interface. To have the IPv4 network settings dynamically configured using DHCP, check the Enable IPv4 DHCP checkbox.
1. Navigate to Settings > Network Settings > DNS Configuration. 2. Check the DNS Enabled checkbox. 3. Select the Host Name Setting option of Automatic or Manual. If Automatic is selected, the Host Name field will be read only and automatically filled. If Manual is selected, enter a Host Name in the field.
Page 25
power system failure, fan failure, and so on. The remaining entries can be made available for System Management Software configured events. Note: Individual entries can be tagged as reserved for system use. So the ratio of pre-configured entries and run-time configurable entries can be re-allocated as needed. 1.
configured for up to 3 sets of data. i. Enter a value from 0 to 255 in the Event Data 1 AND Mask field to indicate a wildcard or compared bit. ii. The Event Data 1 Compare 1 and Event Data 1 Compare 2 fields are used to indicate whether each bit position's comparison is exact or not.
LAN Destinations The LAN Destinations page is used to configure the LAN destinations for PEF configuration. You can add, modify, or delete entries on this page. Adding a LAN Destination 1. Navigate to Settings > Platform Event Filters > LAN Destinations. This page contains the LAN destinations that can be configured.
Field Description Interfaces The interface in which the service is running. Non-secure Port The non-secure port number for the service. This field can be edited. Default ports: Web: 80 KVM: 7578 CD Media: 5120 Secure Port The secure port number for the service. This field can be edited. Default ports: Web: 443 KVM: 7582...
1. Navigate to Settings > Services. 2. Click the View icon ( ) for a service with an active session to view the details of that session. 3. The following session details are displayed: Field Description Session Type Displays the type of active session. User ID and User Name Displays the user name and ID of the current user.
SMTP Settings Simple Mail Transfer Protocol (SMTP) is an Internet standard for email transmission across IP networks. Use the SMTP Settings page to configure the SMTP settings for the IPMI module. 1. Navigate to Settings > SMTP Settings. 2. Select a LAN Interface from the drop-down list. 3.
Use a CA-signed certificate that you already possess. For more information, see Using a CA-Signed SSL Certificate below. Generate a certificate signing request (CSR) to send to a CA for signing. For more information, see Using the Certificate Signing Request Workflow below.
1. Navigate to Settings > SSL Settings. 2. Click the Generate SSL Certificate tab. Fill in the required information to generate the certificate: a. Common Name: enter a common name for the certificate. b. Organization: enter the organization name for which the certificate will be generated. c.
1. Navigate to Settings > SSL Settings. 2. Click the Generate SSL Certificate tab. Fill in the required information to generate the certificate: a. Common Name: enter a common name for the certificate. b. Organization: enter the organization name for which the certificate will be generated. c.
6. Enter the End Time as the time when the respective firewall rule ends. Note: The time should be in the dd-mm-yy:hh-mm format. 7. Click Save to save the settings. Updating Existing Firewall Settings This page will be blank if no firewall settings have previously been added. For more information, see Adding Firewall Settings on the previous page.
a. Enter the date the rule will take effect in the Start Date field. b. Enter the date the rule will end in the End Date field. c. Enter the time the rule will take effect in the Start Time field. d.
5. Select the network type of the port(s) for this rule from the Network Type drop-down list.You can select from IPv4, IPv6, or Both. 6. Select the Enable Timeout checkbox to enable this rule with timeout settings. If you have enabled timeout, configure the following settings: Note: Use the YYYY/MM/DD date format and hh-mm time format.
User icon: You can click on a free user icon to add a new user. Free slots are shown as disabled. For more information, see Adding a New User below. You can click on an active user's icon to modify that user's settings. For more information, see Modifying an Existing User on page 39.
Note: For new password emails to be sent, the SMTP server must be configured to send emails. For more information, see SMTP Settings on page 30. 8. Select the format of the emails with the Email Format drop-down menu. There are two options: AMI-Format: The subject line for this format will be Alert from (your host name).
Character DC1 (device control 1) DC2 (device control 2) DC3 (device control 3) DC4 (device control 4) NAK (negative ack.) SYN (synchronous idle) ETB (end of trans. blk) CAN (cancel) EM (end of medium) SUB (substitute) ESC (escape) FS (file separator) GS (group separator) RS (record separator) US (unit separator)
Tip: The password should be a combination of alphanumeric characters, symbols, and uppercase characters. Spaces are not supported. For a list of all unsupported password characters, see Unsupported Password Characters on page 38. The password should be a string if you are setting the password using the ipmitool user set password command.
Remote Control Click Remote Control on the side navigational panel to take remote control of the HD Video Appliance. This page allows you to remotely control the HD Video Appliance operating system as if you were directly connected to the appliance. 1.
Page 42
Hold Down: This menu contains the following sub-menu options: Right Ctrl Key: This menu option can be used to act as the right-side CTRL key when in Console Redirection. Right Alt Key: This menu option can be used to act as the right-side ALT key when in Console Redirection.
Page 43
screen in Console Redirection. If you disable this option, the display will be back on the server screen. Capture Screen: Use this option to take a screenshot of the host screen and save it in the client system. Mouse: This menu contains the following sub-menu options: Show Client Cursor: This option can be used to show or hide the local mouse cursor on the remote client system.
Power Control The Power Control page allows you to view and control the power of your server. To perform a power function, select that option from the list and click Perform Action. The various options on the Power Control page are described below: Power Off: Immediately power off the server.
Maintenance Options The Maintenance group of pages allows you to perform maintenance tasks on the device. See the following sections for more detailed information. Backup Configuration This page allows you to set up the specific configurations to be backed up. 1.
a. Closes all active client requests. b. Prepares the device for the firmware upgrade. c. Uploads the firmware image. Note: A file upload pop-up window will open for http/https uploads. For tftp files, the file is automatically uploaded and will display the status of the upload. You can set the IPMI module to use either web upload or tftp on the Firmware Image Location page.
Higher firmware version: Select this option to boot the image with the higher firmware version in the next boot up process. Lower firmware version: Select this option to boot the image with the lower firmware version in the next boot up process. Most recently updated firmware: Select this option to boot the image with the most recently updated firmware in the next boot up process.
Note: All configuration items will be set as preserved/overwrite by default during the restore configuration operation. 1. Navigate to Maintenance > HPM Firmware Update. 2. Click Browse. Find and select the firmware image to be flashed in HPM format. 3. Click Start firmware update to upgrade the current device firmware. 4.
Restore Factory Defaults This page allows you to restore the factory default settings of the device firmware. Important: After entering the restore factory defaults widget, other web pages and services will be disabled. All open widgets will be closed automatically and the device will reset and reboot within a few minutes.
Note: In case of SNMP, EXTLOG, and REDFISH are disabled in the stack, Set and Get for SNMP, EXTLOG, and REDFISH will fail with error code: 80h - Param Not Supported. Restore Default Configuration Command This command is used to restore the default configuration values. NetFn 0x32 Command...
Password Recovery There are two password recovery options for the IPMI module. You can configure password recovery emails or use the IPMITool to reset the password. Setting Up Email Password Recovery You can configure the IPMI module to send password recovery emails in the event that a user forgets their password.
Primary Username: the same as the Sender Email ID. Primary Password: the two-step authentication APP password. See the Gmail SMTP setup page more details. For the secured channel option, check whichever of the following options that applies to your setup: Primary SMTP SSLTLS Enable Primary SMTP STARTTLS Enable Both of the above options will have the below fields to fill: Upload SMTP CA Certificate File: Upload the file that contains the certificate signed by the trusted...
used for in the Email ID field for both the admin user, typically the sender, and any users that may need to receive the password recovery emails. Password Recovery with the IPMITool If a user's password requires recovery and the email option has not been set up, you can use the IPMITool to reset that user's password instead.
Page 56
Limited Warranty Avigilon warranty terms for this product are provided at avigilon.com/warranty. Password Recovery with the IPMITool...
For More Information For additional product documentation and software and firmware upgrades, visit support.avigilon.com. Technical Support Contact Avigilon Technical Support at support.avigilon.com/s/contactsupport. Product User Guides For product user guides, visit the Downloads page: Avigilon Workstations: avigilon.com/products/video-infrastructure/remote-monitoring AI NVR: https://www.avigilon.com/products/video-infrastructure/ai-nvr#downloads For More Information...