Netgate 8300: BMC FW Health - Sensor Failure
-
@keyser
now you can unpack the cool new hardware! :) -
Yup and just to be clear this is not actually any sort of hardware issue. It's an incorrectly flagged value.
-
@stephenw10
Hi there:
Any updates on this issue?
Thx -
Let me check. Last I heard the update was good.
-
@stephenw10
Ok thanks. Is there an available update that I may apply then? -
Checking now. Might be tomorrow before I can find out from out guys in Austin who were testing it.
-
Ok the update looks good in our testing and should be available very soon.
-
@stephenw10
Ok then thank you.
Do you have any timeline? -
I'll let you know as soon as I have one.
-
Netgate sent me back the unit. I unpacked it Friday and began setting it up again. The sensor in question was now green. I installed a certificate on the BMC, which it restarted with and worked fine.
Then I noticed that chassis intrusion was tripped, which was odd as I had not opened it. I reset it using this guide:
https://docs.netgate.com/pfsense/en/latest/solutions/netgate-8300/intrusion-switch.htmlI then proceeded to shutdown pfSense, pulled power, and booted it back up. After which, the BMC fails to respond to web requests. I can ping it. I can even connect to it via ipmitool and SSH over the network from WSL and access the serial console. Though it no longer serves a website, it's not responding to TCP connection at 80 nor 443 at all. Pulling power does not help.
The BMC complained about a wrong extension for the certificate in my first attempts to upload it, as it was crt instead of pem. Once I renamed it to pem, it accepted it, both certificate and key are PEM encoded. It did serve the correct certificate after, and the browser warnings went away.
The other changes I made to the BMC as far as I can remember:
- Changed Hostname
- Changed password
- Disabled SNMP
- Setup our SMTP server for alerts
There is no issue with pfSense itself on the unit, it still works fine. However, the BMC firmware appears to be flaky. If pfSense does have issues in the future, one will need the BMC to fix it. One could also use the included serial cable, assuming one hasn't lost it.
I had asked Netgate if it's possible to factory reset the BMC. In reply, we were was asked to ship it back to them for evaluation once more.
-
Hmm, that's.... painful!
Unfortunately I don't have direct access to an 8300 to offer much insight here.
-
Update on this can be found here: https://www.netgate.com/8300-bmc-firmware-update
You should be able to upgrade this in the field though.
