ProLiant Servers (ML,DL,SL)
cancel
Showing results for 
Search instead for 
Did you mean: 

ILO NIC Disable

stevekat
Advisor

ILO NIC Disable

I had left some remote servers with the ILO switch in 'security disabled' mode on a couple of servers. Upon discovering what this switch exposes (far more than one would expect in my opinion - I thought it merely allows one to enable or disable ILO, but it actually exposes ILO to the network without any security) I went into the desktop utility remotely and selected 'disable' Network Interface Adapter inside the ILO utility (until I could physically get to the servers and change the hardware settings.) The ILO reset after about a minute. I did this on two machines. After both changes, both machines ILO remained available on the network. Is this proper behavior or is their possibly a bug? What is 'disable' Network Interface Adapter if not to turn off the ILO NIC? This is with ILO2 standard, on a DL 360 G5, all firmware updates.
2 REPLIES
Torsten.
Acclaimed Contributor

Re: ILO NIC Disable

The manual says


The iLO 2 Security Override switch allows emergency access to the administrator with physical control
over the server system board. Setting the iLO 2 Security Override switch allows login access, with all
privileges, without a user ID and password.



So don't use the override switch unless there is such emergency.



But you can also set the Lights-Out
Functionality to disabled:

This setting enables connection to iLO 2. If disabled, all
connections to iLO 2 are prevented.
The iLO 2 10/100 network and communications with
operating system drivers are turned off if Lights-Out
functionality is disabled. The iLO 2 Diagnostic Port for an HP
ProLiant BL p Class server is also disabled.
If iLO 2 functionality is disabled (including the iLO 2
Diagnostic Port), you must use the server's Security Override
Switch to enable iLO 2. See your server documentation to
locate the Security Override Switch and set it to override.
Power up the server and use the iLO 2 RBSU to set Lights-Out
Functionality to Enabled.

Hope this helps!
Regards
Torsten.

__________________________________________________
There are only 10 types of people in the world -
those who understand binary, and those who don't.

__________________________________________________
No support by private messages. Please ask the forum!

If you feel this was helpful please click the KUDOS! thumb below!   
stevekat
Advisor

Re: ILO NIC Disable

Interesting. I thought this would work. I first tried disabling ILO in the desktop app under the configuration menu (on two machines.) After ILO reset, the ILO remained available via the network at its IP address. However I could not access ILO via the desktop utility. Since I was not at the machine, I went into the network ILO access and re-enabled ILO, so I then got desktop ILO app access back.

So after re-enabling ILO, so I could get back to into the settings via the desktop app, I 'disabled' the ILO NIC on two machines. After ILO reset on each, ILO remained accessible from the network.

I found a way to disable it remotely via roundabout, but both of the above scenarios did not work.