× The internal search function is temporarily non-functional. The current search engine is no longer viable and we are researching alternatives.
As a stop gap measure, we are using Google's custom search engine service.
If you know of an easy to use, open source, search engine ... please contact support@midrange.com.



Do you analyze each user's IP address and exactly what ports they use and
outlaw users using DHCP so they have a fixed IP address when they access
business data? Probably not. So I see no need to be more fixated on the
HMC to Power system.
And, yes, I do access the ASMI directly from my PC on occasion, from
various offices, data centers and vpn from home.
We also have a vHMC in each data center, but they can also access the power
systems in the other data center as a backup.

And I truly hate the "If I don't see activity on those ports for X weeks
I'll close them". The network guy did this and now you have to sacrifice
an unblemished goat and two doves to get something opened up that wasn't
used in that time frame - like call home support.

On Mon, Jan 23, 2023 at 5:09 AM Roberto José Etcheverry Romero <
yggdrasil.raiker@xxxxxxxxx> wrote:

It's not that hard to understand. A common implementation uses the HMC as a
DHCP server and nobody wants a rogue DHCP server in their network.
Additionally, no Power guy wants the Network guys messing around with the
HMC-Power link, so either a direct cable or a fully isolated VLAN is a good
way to avoid having to deal with the whole Software Defined Networks or
"What ports do you use?", "If I don't see activity on those ports for X
weeks I'll close them" and etc. In more complex cases, or when you don't
have to fight the network team, having them in the management VLAN is
perfectly doable, but never should management interfaces be directly
available from Joe's computer down in HR.
The 2 port solution you mention is the normal deployment option even when
using a vHMC, that way the HMC only exposes the services that you need.


On Sun, 22 Jan 2023 at 20:30, Rob Berendt <robertowenberendt@xxxxxxxxx>
wrote:

A lot of people are fixated with putting their HMC and their Power system
HMC management port on their own private network. Like it's ok if your
payroll, HR, medical, engineering, trade secrets, etc are on your
corporate
network but heaven help you if you put your Power systems HMC management
port on your corporate network! Seems freaky odd to me. A compromise is
to have two ports on your HMC. One dedicated to your Power system's hmc
management port and one for remote access.
Sometimes it just simply a matter of going to the HMC and allowing remote
connectivity

https://www.ibm.com/support/pages/node/634429
https://www.ibm.com/support/pages/node/667941

IDK if the above are for your version of HMC.
I'd suggest looking at https://www.ibm.com/docs/en/hmc but IBM really
makes
you beg to get access.



On Sat, Jan 21, 2023 at 1:36 PM Åke Olsson <konsult@xxxxxxxxxxxxxxx>
wrote:

Seems as if I am off the hook.

The HMC cannot be accessed remotely so I will not have to fiddle with
that
bit.



--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription
related
questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing
list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.


--
This is the Midrange Systems Technical Discussion (MIDRANGE-L) mailing list
To post a message email: MIDRANGE-L@xxxxxxxxxxxxxxxxxx
To subscribe, unsubscribe, or change list options,
visit: https://lists.midrange.com/mailman/listinfo/midrange-l
or email: MIDRANGE-L-request@xxxxxxxxxxxxxxxxxx
Before posting, please take a moment to review the archives
at https://archive.midrange.com/midrange-l.

Please contact support@xxxxxxxxxxxxxxxxxxxx for any subscription related
questions.



As an Amazon Associate we earn from qualifying purchases.

This thread ...

Replies:

Follow On AppleNews
Return to Archive home page | Return to MIDRANGE.COM home page

This mailing list archive is Copyright 1997-2023 by midrange.com and David Gibbs as a compilation work. Use of the archive is restricted to research of a business or technical nature. Any other uses are prohibited. Full details are available on our policy page. If you have questions about this, please contact [javascript protected email address].

Operating expenses for this site are earned using the Amazon Associate program and Google Adsense.