Configuring the Remote Management Module (RMM) for Gen 3.5 Appliances

Overview

The remote management module (RMM) or management port in the T-510 and T-1100/1100XL Tufin appliances lets you connect to an administration web interface for the appliance. In the administration web interface you can use the status and configuration tools to manage the server remotely.

Prerequisites

Ports

The following ports must be open between the appliance and the TufinOS installation host:

Use

Port

HTTP 80 (TCP)
HTTPS 443 (TCP)

KVM

7578, 7582 (UDP/TCP)

Virtual Media

5120, 5123, 5124, 5127 (UDP/TCP)

Configure RMM Using BIOS

  1. Reboot/power on the appliance.

  2. In the next screen, press the F2 key to enter the BIOS setup.

  3. In the next screen, go to Setup Menu.

  4. Select Server Management and enter the BMC LAN Configuration.

  5. Edit the settings as required.

  6. Save settings and reboot the appliance.

Configure RMM Using SSH or a Console

  1. Make sure that the MGMT port for the appliance is connected to the network.

  2. Configure network settings:

    1. Connect the appliance using SSH or a console.

    2. Set the following network settings:

      ipmitool lan set 3 ipaddr <rmm_ip>
      ipmitool lan set 3 netmask <subnet_netmask>
      ipmitool lan set 3 defgw ipaddr <default_gateway_ip>

  3. Verify the configuration:

    ipmitool lan print 3

  4. Ping the RMM IP address to confirm connectivity:

    ping <RMM IP Address>

  5. Configure the user settings:

    1. Check the existing user list:
    2. ipmitool user list 3

    3. Create a new user or modify settings for an existing User ID.

      ipmitool user set name <user_id> <username>
      ipmitool user set password <user_id>
      ipmitool channel setaccess <channel number> <user id> [callin=on|off] [ipmi=on|off] [link=on|off] [privilege=level]

      For example:

      ipmitool user set name 3 myuser
      ipmitool user set password 3
      ipmitool channel setaccess 1 3 callin=on ipmi=on link=on privilege=4

    4. Enable the new user:

      ipmitool user enable <user_id>

  6. In a browser, log into the Web Interface and confirm that you can connect using the username and password defined in the previous step.

    https://<RMM IP Address>

  7. (Optional) Login to the RMM and make additional security adjustments:

    1. Connect to the WebUI (https://<ip_address>) and login with the created user.
    2. If you are unable to connect to login to the user interface, see Troubleshooting Appliances.
    3. In the WebUI, go to Configuration > Users:

      1. Disable the root and anonymous users.
      2. Delete any other users.
    4. If you want to change the SSL certificate for the server, go to Configuration > SSL and upload the certificate file.
    5. If you want to force all connections to the RMM to use HTTPS, go to Configuration > Login and enable Force HTTPS.

Now you can securely connect to the RMM to do remote administration tasks. For more about using the RMM, refer to the IntelĀ® Remote Management Module 4 (IntelĀ® RMM4) User Guide.