Netgate 8300: BMC FW Health - Sensor Failure
-
@keyser said in Netgate 8300: BMC FW Health - Sensor Failure:
@stephenw10 I have three 8300 MAX’es waiting to be unpacked and installed at a customer. Are all shipped 8300’s expected to suffer this issue, and do you expect the fix to be software based, or are we looking at RMA’ing all of them?
The most prudent option would be to wait till the issue is fully resolved with the units in your possesion. I've wasted days of my personal time on Netgate hardware (both 1537 and 8300), not to mention the cost of company downtime.
-
@ltctech I asked because I don’t wan’t to go through all that trouble - and have subsequently not unpacked them until there is a status on this. I’d rather just return them unpacked if the issues in known to be there and require RMA.
-
@stephenw10 said in Netgate 8300: BMC FW Health - Sensor Failure:
I'm not involved in the effort directly. Let me see if I can get anything further...
Any Update on this? I have to unpack them tomorrow unless they need to be RMA’ed
-
Let me see....
-
Ok, we don't expect an RMA to be required here. The issue can be resolved with a BMC firmware update which can be applied in the field.
We have been testing it and will let you know as soon as we're sure it's good.
-
@keyser
now you can unpack the cool new hardware! :) -
Yup and just to be clear this is not actually any sort of hardware issue. It's an incorrectly flagged value.
-
@stephenw10
Hi there:
Any updates on this issue?
Thx -
Let me check. Last I heard the update was good.
-
@stephenw10
Ok thanks. Is there an available update that I may apply then? -
Checking now. Might be tomorrow before I can find out from out guys in Austin who were testing it.
-
Ok the update looks good in our testing and should be available very soon.
-
@stephenw10
Ok then thank you.
Do you have any timeline? -
I'll let you know as soon as I have one.
-
Netgate sent me back the unit. I unpacked it Friday and began setting it up again. The sensor in question was now green. I installed a certificate on the BMC, which it restarted with and worked fine.
Then I noticed that chassis intrusion was tripped, which was odd as I had not opened it. I reset it using this guide:
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-8300/intrusion-switch.htmlI then proceeded to shutdown pfSense, pulled power, and booted it back up. After which, the BMC fails to respond to web requests. I can ping it. I can even connect to it via ipmitool and SSH over the network from WSL and access the serial console. Though it no longer serves a website, it's not responding to TCP connection at 80 nor 443 at all. Pulling power does not help.
The BMC complained about a wrong extension for the certificate in my first attempts to upload it, as it was crt instead of pem. Once I renamed it to pem, it accepted it, both certificate and key are PEM encoded. It did serve the correct certificate after, and the browser warnings went away.
The other changes I made to the BMC as far as I can remember:
- Changed Hostname
- Changed password
- Disabled SNMP
- Setup our SMTP server for alerts
There is no issue with pfSense itself on the unit, it still works fine. However, the BMC firmware appears to be flaky. If pfSense does have issues in the future, one will need the BMC to fix it. One could also use the included serial cable, assuming one hasn't lost it.
I had asked Netgate if it's possible to factory reset the BMC. In reply, we were was asked to ship it back to them for evaluation once more.
-
Hmm, that's.... painful!
Unfortunately I don't have direct access to an 8300 to offer much insight here.
-
Update on this can be found here: https://www.netgate.com/8300-bmc-firmware-update
You should be able to upgrade this in the field though.