Black Box Advanced Console Server User Manual Download Page 45 | Manualshive

Page: 45 / 392

background image

BLACK BOX® CS Installation, Administration, and User’s Guide

15

Packet Filtering on CS

Add Rule and Edit Rule Options

When you add or edit a rule you can define any of the options described in the
following table.

You can flag any of the above elements with

inverted

so that the target action

is performed on packets that do not match any of the criteria specified in that
line. For example, if you select DROP as the target action, specify “Inverted”
for a source IP address, and do not specify any other criteria in the rule, any

Table 1-3:

Filter Options for Packet Filtering Rules

Filter Options

Description

Source IP and Mask
Destination IP and Mask

If you specify a source IP, incoming packets are filtered for
the specified IP address. If you specify a destination IP,
outgoing packets are filtered for the specified IP address.

If you fill in a source or destination mask, incoming or
outgoing packets are filtered for IP addresses from the
subnetwork in the specified netmask.

Protocol

You can select a protocol for filtering from one of the
following options:

• ALL
• Numeric Protocol Options
• TCP Protocol Options
• UDP Protocol Options
• ICMP Protocol Options

Input Interface

The input interface (eth

N

) used by the incoming packet.

Output Interface

The output interface (eth

N

) used by the outgoing packet.

Fragments

The types of packets to be filtered:

• All packets

• 2nd, 3rd... fragmented packets

• Non-fragmented and 1st fragmented packets

«
...
43
44
45
46
47
...
»

Summary of Contents for Advanced Console Server

Page 1: ...dvanced Console Server Installation Administration and User s Guide Software Version 2 6 0 BLACK BOX Corporation 1000 Park Drive Lawrence PA 15055 1018 877 877 2269 http www blackbox com Release Date December 2005 ...

Page 2: ... notice BLACK BOX is the registered trademark of BLACK BOX Corporation in the United States and other countries All trademarks trade names logos and service marks referenced herein even when not specifically marked as such belong to their respective companies and are not to be considered unprotected by law ...

Page 3: ...s and Configurations 8 Connectors on the BLACK BOX CS 10 Accessing CS and Connected Devices 10 Web Manager 11 Prerequisites for Using the Web Manager 11 Types of Users 12 Security 12 Authentication 13 VPN 15 Packet Filtering on CS 15 Structure of IP Filtering 15 Chain 16 Rule 16 Add Rule and Edit Rule Options 17 SNMP 22 Notifications Alarms and Data Buffering 23 ...

Page 4: ...uration 29 Shipping Box Contents 30 Important Pre installation Requirements 34 Java Plug In Requirement for Serial Port Access 35 Basic Installation Procedures 36 Mounting the CS 37 Making an Ethernet Connection 37 Connecting Servers and Other Devices to CS 38 Making a Direct Connection to Configure the Network Parameters 39 Powering on the CS and the Connected Devices 39 Configuring the Network P...

Page 5: ...U Multi Outlet Ctrl 62 Security 65 Chapter 4 Web Manager for Administrators 67 BLACK BOX Web Manager 68 Prerequisites for Using the Web Manager 68 Common Tasks for CS Administrators 69 Common Features of Administrator Forms 70 Buttons and CS Information 70 Logging Into the Web Manager 72 Overview of Administrative Modes 75 Wizard Mode 76 Expert Mode 76 Chapter 5 Configuring CS in Wizard Mode 79 St...

Page 6: ...ations 118 Connect 118 IPDU Power Mgmt 122 Outlets Manager 123 View IPDUs Info 126 Users Manager 129 Configuration 131 Software Upgrade for the AlterPath PM 133 IPDU Multi Outlet Ctrl 135 Prerequisites for Multi Outlet Control 137 Power Management Icons 137 IPMI Power Management 141 Terminal Profile Menu 148 Chapter 8 Network Menu Forms 153 Network 154 Host Settings 154 Syslog 159 PCMCIA Managemen...

Page 7: ...9 Users and Groups 210 Adding a User 211 Adding a Group 212 Active Ports Sessions 214 Authentication 216 Configuring Authentication for CS Logins 217 Configuring Authentication Servers for Logins to CS and Connected Devices 218 Group Authorization on TACACS 222 Security Profiles 228 Pre defined Security Profiles 229 Default Security Profile 229 Custom Security Profile 229 Serial Port Settings and ...

Page 8: ...er 270 Power Management 273 Other 279 Virtual Ports 283 Ports Status 289 Ports Statistics 290 Chapter 11 Administration Menu Forms 293 System Information 294 Notifications 297 Email Notifications Entry 299 Pager Notifications Entry 302 SNMP Trap Notifications Entry 304 Serial Ports Alarm Notification 306 Time Date 307 Setting Time and Date with NTP 308 Boot Configuration 309 Backup Configuration 3...

Page 9: ...nsole Server 324 Working inside the Advanced Console Server 326 Replacing the Battery 326 FCC Warning Statement 327 Notice About FCC Compliance for all Advanced Console Server Models 327 Canadian DOC Notice 327 Aviso de Precaución S Mark Argentina 328 Trabajar dentro del Advanced Console Server 329 Batería 329 Appendix C Supported PCMCIA Cards 331 Glossary 335 Index 353 ...

Page 10: ...Contents x ...

Page 11: ...Power Management 27 Table 1 9 Power Management Options in the Web Manager 28 Table 2 1 Shipping Box Contents for LS1004A LS1048A 30 Table 2 2 Shipping Box Contents for LS1001A 33 Table 2 3 CS Basic Installation Tasks 36 Table 2 4 Tasks Related to Connecting AlterPath PMs 50 Table 3 1 Common Screen Information 53 Table 3 2 Java Applet Buttons 55 Table 3 3 Serial Ports Connection Protocols 57 Table ...

Page 12: ...ge 91 Table 5 5 Wizard Add User Dialog Field Names and Definitions 95 Table 5 6 Wizard Data Buffering Field Names and Definitions 100 Table 5 7 Wizard Differences Between Remote and Local Buffering 101 Table 5 8 CS Configuration and Expert Menus Chapters 105 Table 6 1 Expert Mode Menu and Forms 109 Table 6 2 Expert Applications 110 Table 6 3 Expert Network 111 Table 6 4 Expert Security 112 Table 6...

Page 13: ...TCP Options Fields 195 Table 8 14 Expert UDP Options Fields 196 Table 8 15 Expert Firewall Configuration Input and Output Interface and Fragments Fields Definitions 198 Table 8 16 Expert Target LOG Options Selection Fields 199 Table 8 17 Expert Reject Options Sections 200 Table 8 18 Expert Fields and Menus for Configuring Static Routes 207 Table 9 1 Expert Security Menu 209 Table 9 2 Expert Add Us...

Page 14: ...12 Expert Ports Physical Ports Other Form Fields 280 Table 10 13 Expert New Modify Port Dialog Box Fields 285 Table 10 14 Expert Port Status Read Only Form 290 Table 10 15 Expert Ports Port Status Read Only Form 291 Table 11 1 Expert Administration Menu 293 Table 11 2 System Information 296 Table 11 3 Expert Notifications Form Fields 298 Table 11 4 Expert Email Notifications Dialog Box Fields 300 ...

Page 15: ...IA Eject Button in Web Manager 49 Figure 2 5 AlterPath PMs Connected to the CS 50 Figure 3 1 Regular User Web Manager Login form 52 Figure 3 2 Regular User Form 53 Figure 3 3 Regular User Connect Form 54 Figure 3 4 Java Applet 55 Figure 3 5 Regular User IPDU Power Mgmt Forms 58 Figure 3 6 Regular User Outlets Manager no permissions 59 Figure 3 7 Regular User Outlets Manager with permissions 59 Fig...

Page 16: ...ard Step 2 Network Settings DHCP disabled 88 Figure 5 7 Wizard Step 2 Network Settings DHCP enabled 89 Figure 5 8 Wizard Step 3 Port Profile 90 Figure 5 9 Wizard Step 4 Access 94 Figure 5 10 Wizard Step 4 Access Add User Dialog Box 95 Figure 5 11 Wizard Step 4 Change Password Dialog Box 96 Figure 5 12 Wizard Step 5 Data Buffering Inactive 98 Figure 5 13 Wizard Step 5 Data Buffering Local 99 Figure...

Page 17: ...rl 136 Figure 7 15 Expert Applications Multi Outlet Ctrl not configured 137 Figure 7 16 Expert Applications Multi Outlet Control Icons138 Figure 7 17 Expert Applications IPMI Power Mgmt 141 Figure 7 18 Expert IPMI Power Mgmt Add Edit IPMI Device Dialog Boxes 142 Figure 7 19 Expert IPMI Power Mgmt Device Entry Example142 Figure 7 20 Expert Serial Port Power Management Enable Power Management 146 Fi...

Page 18: ...on Dialog Box Call Back 165 Figure 8 8 Expert ISDN PCMCIA Card Configuration Dialog Box 167 Figure 8 9 Expert GSM PCMCIA Card Configuration Dialog Box 169 Figure 8 10 Expert GSM PCMCIA Card Configuration Dialog Box Call Back 169 Figure 8 11 Expert Ethernet PCMCIA Card Configuration Dialog Box 171 Figure 8 12 Expert PCMCIA Compact Flash Hard Disk Configuration Dialog Box 173 Figure 8 13 Expert PCMC...

Page 19: ...ain Dialog Box 191 Figure 8 25 Firewall Configuration Edit Rules for chain_name Form 191 Figure 8 26 Firewall Configuration Edit Rules for chain_name Buttons 192 Figure 8 27 Expert Firewall Configuration Add Rule and Edit Rule Dialog Boxes 192 Figure 8 28 Firewall Configuration Add Rule and Edit Rule Target Menu Options 193 Figure 8 29 Firewall Configuration Add Rule and Edit Rule Source and Desti...

Page 20: ...5 Figure 8 40 Expert Static Routes Add and Edit Dialog Boxes Default Route 205 Figure 8 41 Expert Static Routes Add and Edit Dialog Boxes Network Route 206 Figure 8 42 Expert Static Routes Add and Edit Dialog Boxes Host Route 207 Figure 9 1 Expert Security Users and Groups Form 210 Figure 9 2 Expert Security Users and Groups Add User Dialog Box 211 Figure 9 3 Expert Security Users and Groups Add G...

Page 21: ...stom Security Profile Dialog Box 236 Figure 10 1 Expert Ports 240 Figure 10 2 Expert Ports Physical Ports 241 Figure 10 3 Expert Ports Physical Ports Modify Ports Tab Options 242 Figure 10 4 Expert Ports Physical Ports General Form 244 Figure 10 5 Expert Ports Physical Ports Console Connection Active Tabs 249 Figure 10 6 Expert Ports Physical Ports Console Connection 249 Figure 10 7 Connection Pro...

Page 22: ...Ports Serial Port Settings 260 Figure 10 22 Expert Ports Physical Ports Access Form 261 Figure 10 23 Expert Ports Physical Ports Data Buffering 266 Figure 10 24 Expert Ports Physical Ports Data Buffering 267 Figure 10 25 Expert Port Physical Ports Multi User 271 Figure 10 26 Expert Ports Physical Ports Power Management 273 Figure 10 27 Expert Ports Physical Ports Power Management 274 Figure 10 28 ...

Page 23: ...re 11 2 Expert Administration Notifications 298 Figure 11 3 Expert Administration Notifications Email Add Edit Dialog box 300 Figure 11 4 Expert Administration Notifications Pager Add Edit Dialog box 302 Figure 11 5 Expert Administration Notifications SNMP Trap Add Edit Dialog box 305 Figure 11 6 Expert Administration Time Date 307 Figure 11 7 Expert Administration Time Date NTP Enable308 Figure 1...

Page 24: ...Figures xxiv ...

Page 25: ...oot password 41 T To Use the wiz Command to Configure Network Parameters 42 T To Select a Security Profile 45 T To Use a Dynamic IP Address to Access the Web Manager 47 T To Use the Default IP Address to Access the Web Manager 47 T To Install a PCMCIA Card 48 T To Remove a PCMCIA Card 48 T To Configure a PCMCIA Card 49 T To Daisy Chain AlterPath PMs to the CS 50 T Logging in to the Web Manager 52 ...

Page 26: ...ownload AlterPath PM Software From BLACK BOX 134 T To Upgrade Software on an AlterPath PM 135 T To Power On or Power Off a Group of Outlets in the Same Power State139 T To Power On or Power Off a Group of Outlets in Different Power States 139 T To Lock or Unlock a Group of Outlets in the Same Power State 140 T To Lock or Unlock a Group of Outlets in Different Lock States 140 T To Turn the Power of...

Page 27: ... Card Slot 178 T To Configure VPN 182 T To Configure SNMP 186 T To Add a Chain 201 T To Edit a Chain 201 T To Add a Rule 202 T To Edit a Rule 203 T To Define the CS s IP Address and Hostname 204 T To Configure Static Routes Expert 207 T To Add a User 212 T To Delete a User or Group 213 T To Change a User s Password 213 T To Add a Group 213 T To Modify a Group 214 T To View Kill or Refresh Active U...

Page 28: ...g for One or More Serial Ports 272 T To Configure a Serial Port for IPDU or IPMI Power Management 276 T To Configure a User for IPDU Power Management While Connected To a Serial Port 278 T To Configure TCP Port Number STTY Options Break Interval and the Login Banner for a Serial Port Connected to a Console 281 T To Configure Terminal Server Connection Options 282 T To Cluster CS Units or Modify Cl...

Page 29: ...uide xxix T To Back Up or Restore the Configuration Files using an FTP Server 314 T To Back Up or Restore the Configuration Files using a Storage Device 315 T To Upgrade the CS s firmware 317 T To Reboot the CS 318 T To Configure the Online Help Path 319 ...

Page 30: ...Procedures xxx ...

Page 31: ...t up and administer other external services or servers that the CS may access for authentication system logging IPMI control SNMP notifications data logging file sharing or other purposes This document assumes that users who are authorized to connect to servers and other devices through the CS already know how to use the connected devices Document Organization The document contains the following c...

Page 32: ...nfiguring the CS in Expert Mode Provides an introduction to the Expert mode Describes the forms in each section and provides a mapping to each form with a link to the desired section 7 Applications Menu Forms Provides an overview of each form associated with the Applications menu describes the functionality of the individual elements in each form and provides step by step configuration procedures ...

Page 33: ...ep configuration procedures Appendices Appendix A provides hardware specifications and Appendix B details safety information Index Provides a way to look up terms In the online version of this manual clicking the terms in the index brings you to where they are used in the manual Related Documents The following document for the BLACK BOX Advanced Console Server is shipped with the product Advanced ...

Page 34: ... Console Server Quick Start Filename or Command Names of commands files and directories onscreen computer output Edit the pslave conf file User type What you type in an example compared to what the computer displays root ifconfig eth0 Table v 2 Other Terms and Conventions Term or Convention Meaning Examples Hot keys When hot keys are shown with a plus between two or three keys means that they must...

Page 35: ...rest of this manual Overview Page 6 Advanced Console Server Models and Configurations Page 6 Connectors on the Advanced Console Server Page 8 Methods of Accessing CS and Connected Devices Page 8 Web Manager Page 9 Prerequisites for Using the Web Manager Page 9 Types of Users Page 10 Security Features Page 10 Authentication Page 11 VPN Page 13 Packet Filtering Page 13 SNMP Page 20 Notifications Ala...

Page 36: ...lots and the back of a LS1032A with its Serial Ethernet and Console ports Figure 1 1 LS1032A Front and back with PCMCIA Card Slots Product Models and Configurations The following table shows the available configurations See Appendix A for hardware specifications Administering Users of Connected Devices Page 22 Power Management Page 23 Table 1 1 Model Numbers and Configuration Options Model Number ...

Page 37: ...nd Configurations The following figure illustrates the BLACK BOX family of advanced console servers Figure 1 2 BLACK BOX CS family of Advanced Console Servers LS1008A 8 LS1016A 16 LS1032A 32 LS1048A 48 Table 1 1 Model Numbers and Configuration Options Model Number Serial Ports ...

Page 38: ...DN GSM or CDMA optional PCMCIA card Using the Web Manager you can login and launch a console session such as Telnet or SSH to connect to the console of devices that are connected to the CS s serial ports By connecting a computer running a terminal emulation program an CS administrator can log into the CS box and enter commands in the CS shell or use the Command Line Interface CLI tool Note Only on...

Page 39: ...ugh a dial in or callback connection with one of the following An optional external modem connected to one of the serial ports A modem on an optional PCMCIA modem card An optional CDMA GSM or ISDN card Prerequisites for Using the Web Manager The prerequisites described in this section must be complete before anyone can access the Web Manager If you have questions about any of the following prerequ...

Page 40: ...full read write and management Note It is strongly recommended to change the default password bb before setting up the CS for secure access to the connected servers or devices Users who can be part of an Admin group with administrative privileges This may be a regular user who can perform the same tasks as an administrator Regular users who can access the connected devices through the serial ports...

Page 41: ...e supported authentication methods Table 1 2 CS Supported Authentication Methods Authentication Type Definition None No authentication Kerberos Authentication is performed using a Kerberos server Kerberos Local Kerberos authentication is tried first switching to Local if unsuccessful KerberosDownLocal Local authentication is performed only when the Kerberos server is down LDAP Authentication is pe...

Page 42: ...rmed only when the NIS server is down Radius Authentication is performed using a Radius authentication server Radius Local Radius authentication is tried first switching to Local if unsuccessful RadiusDownLocal Local authentication is performed only when the Radius server is down TACACS Authentication is performed using a TACACS authentication server TACACS Local TACACS authentication is tried fir...

Page 43: ...et up a security gateway you can install IPSec on any machine that does networking over IP including routers firewall machines application servers and end user machines The ESP and AH authentication protocols are supported RSA Public Keys and Shared Secret are also supported For detailed information and procedures to configure a VPN connection see VPN Connections on page 176 Packet Filtering on CS...

Page 44: ...ackets being forwarded are accepted Rule Each chain can have one or more rules that define the following The packet characteristics being filtered The packet is checked for characteristics defined in the rule For example a specific IP header input and output interfaces TCP flags and protocol What to do when the packet matches the rule The packet can be handled according to a specified target polic...

Page 45: ...ce IP and Mask Destination IP and Mask If you specify a source IP incoming packets are filtered for the specified IP address If you specify a destination IP outgoing packets are filtered for the specified IP address If you fill in a source or destination mask incoming or outgoing packets are filtered for IP addresses from the subnetwork in the specified netmask Protocol You can select a protocol f...

Page 46: ...Table 1 4 TCP Protocol Packet Filtering Options Field Menu Option Definition Source Port OR Destination Port You can specify a source or destination port number for filtering in the Source Port or Destination Port field You can also specify a range so that TCP packets are filtered for any port number within the range TCP Flags Specifying any of the flags SYN synchronize ACK acknowledge FIN finish ...

Page 47: ...ol unreachable port unreachable fragmentation needed source route failed network unknown host unknown network prohibited host prohibited TOS network unreachable TOS host unreachable communication prohibited host precedence violation Table 1 5 UDP Protocol Packet Filtering Options Field Definition Source Port OR Destination Port Specify a source or destination port number for filtering in the Sourc...

Page 48: ...tation time exceeded ttl zero during transit ttl zero during reassembly parameter problem ip header bad required option missing timestamp request timestamp reply address mask request address mask reply Target Actions The Target is the action to be performed on an IP packet that matches all the criteria specified in a rule The target actions are ACCEPT DROP RETURN LOG REJECT ...

Page 49: ...following list shows the options for the REJECT Target icmp net unreachable icmp host unreachable icmp port unreachable icmp proto unreachable icmp net prohibited icmp host prohibited echo reply tcp reset Options Definition Log Level emerg alert crit err warning notice info debug Log Prefix The prefix to use in the log entry TCP Sequence Includes the TCP sequence in the log TCP Options Includes TC...

Page 50: ...cations about significant events or traps to an SNMP management application The CS SNMP agent supports SNMP v1 v2 and v3 The following table shows the tasks related to administering SNMP on the CS and provides links to where they are documented To Add a Chain Page 199 To Edit a Chain Page 199 To Add a Rule Page 200 To Edit a Rule Page 201 To Configure SNMP See To Configure SNMP on page 184 To conf...

Page 51: ... servers called syslog servers Console data from devices connected to serial ports can be stored in data buffer files on syslog servers By default logging and data buffering are not done Prerequisites for Logging to Syslog Servers Before configuring syslogging the CS administrator must ensure that syslog server is pre configured with a public IP address and it is accessible from CS The CS administ...

Page 52: ...to this example you would select the facility number Local2 from the Facility Number pull down menu on the Syslog form Administering Users of Connected Devices This sections provides a list of task that an CS administrator can perform to enable access to connected devices Planning Access to Connected Devices The CS administrator needs to perform specific tasks to setup and configure user access to...

Page 53: ... power management options Remote power management of servers that have IPMI controllers The CS s implementation of the Intelligent Platform Management Interface IPMI protocol lets authorized users manage power for servers that have embedded IPMI controllers IPMI servers do not need to be connected to the CS because their IPMI controllers respond to out of band IPMI Table 1 7 Tasks for Configuring ...

Page 54: ... distribution unit IPDU can be an AlterPath PM connected to any serial port Up to 128 IPDU outlets can be daisy chained The diagram below shows a typical setup of the CS and an AlterPath PM unit Figure 1 4 IPDU Integration With CS Configuring Power Management Administrators commonly perform power management through the Web Manager to assign power management permissions to users configure IPMI devi...

Page 55: ...r Management Using the CLI CS administrators can use the CLI command with the config ipmi options to manage power on IPMI devices while logged into the CS with administrative rights The ipmitool command is documented in the BLACK BOX Advanced Console Server Command Reference Guide Table 1 8 Tasks for Configuring Power Management Task Where Documented Configure users to manage power on IPDUs To Con...

Page 56: ...e Web Manager The Web Manager menu includes the two power management options listed in the following table with links to where each is documented Power Management from the CS Command Line CS administrators can use the ipmitool command to manage power on IPMI devices while logged into the CS with administrative rights The ipmitool command is documented in the BLACK BOX Advanced Console Server Comma...

Page 57: ...ing figure illustrates an example of an CS configured with connected devices Shipping Box Contents Page 28 Important Pre Installation Requirements Page 32 Basic Installation Procedures Page 34 Other Methods of Accessing the Web Manager Page 45 Installing PCMCIA Cards Page 46 Connecting AlterPath PM IPDUs Page 47 ...

Page 58: ...entry for each part provides an illustration its part number description and purpose You can use checkboxes to check off each item and you can use the part numbers from this table to reorder any of the parts The list is numbered for internal cross referencing among descriptions within this table Table 2 1 Shipping Box Contents for LS1004A LS1048A R Item Description Purpose 1 Documentation CD PDF c...

Page 59: ...ole port to a computer that has a DB 25 female connector 6 RJ45 to DB9F crossover adapter To connect the console port to a computer that has a DB 9 connector 7 Sun Netra crossover adapter To connect the console port to a Sun Netra server or other devices with the same pinout configuration 8 RJ45 to RJ45 7ft CAT5 cable Use for the following To connect a device or an IPDU to a serial port To connect...

Page 60: ...45 to DB25M straight thru cable Use for modems and other DCE devices 10 DB25F Loopback Use to test and diagnose serial ports 11 2 Mounting brackets with 10 screws 2 spares Use to mount the CS to a rack or cabinet R Item Description Purpose ...

Page 61: ...ion CD PDF copies of this guide 3 RJ45 to DB9F crossover adapter To connect the console port to a computer that has a DB 9 connector 4 DB25F Loopback Use to test and diagnose serial ports 5 3 5mm Block Plug Use to establish RS 485 connection 6 DB9F to DB25M adapter Use to convert serial port connectors 7 Bumpon Protect Pads Adhesive pads to protect and stabilize CS1 ...

Page 62: ...cted to A web browser that supports the CS Web Manager such as Netscape Internet Explorer 6 0 Firefox or Mozilla Java 2 Runtime Environment JRE version 1 4 2 or later J2RE can be downloaded from http java com 8 RJ45 to RJ45 7ft CAT5 cable Use for the following To connect a device or an IPDU to a serial port To connect an Ethernet port to the LAN To connect a terminal to a console port 9 DB9F to DB...

Page 63: ...here should be a check box that says Use Java 2 v1 4 2 As shown in the following figure d If an option similar to the above figure does not appear it means that JRE is not installed on your system Or if the option appears but the checkbox is not enabled this means your browser is not activated to use the Java plug in that came with JRE 2 To check Netscape or Mozilla on Windows do the following ste...

Page 64: ... the page numbers where the tasks are described in more detail Table 2 3 CS Basic Installation Tasks Task Where Documented Mount the CS Mounting the CS on page 35 Make an Ethernet connection Making an Ethernet Connection on page 35 Connect servers and other devices to be managed through the CS Connecting Servers and Other Devices to CS on page 36 Make a direct terminal connection to prepare CS for...

Page 65: ...ex screwdriver and appropriate nuts and bolts before starting the following procedure T To rack mount CS perform the following steps 1 Install the brackets on to the front or back edges of the box using a screw driver and the screws provided with the mounting kit 2 Mount the CS box in a secure position Note To ensure safety refer to Appendix B Safety Guidelines Making an Ethernet Connection You ca...

Page 66: ...igured User accounts exist for the users who need access to the server or device If a device is to use remote authentication make sure that the authentication servers are installed and fully configured You have obtained from the server s administrator the information IP address and other method specific information which you need to configure the authentication server on the CS T To Connect Device...

Page 67: ... installed T To Connect to the Console Port 1 Install and launch your serial communication software on a terminal or a computer For example if you are using a PC use HyperTerminal to perform the initial configuration of the CS directly through your PC s COM port 2 Open HyperTerminal Start All Programs Accessories Communications HyperTerminal 3 Start a New Connection session select an available COM...

Page 68: ...ake CS available on the network collect the following information from your system administrator and proceed with the network configuration procedure Hostname An IP address for CS Domain name DNS IP address Gateway IP address Network mask NTP server s IP address if you are using a time date server Performing Basic Network Configuration Using the wiz Command The following procedure assumes that a h...

Page 69: ...e CS for secure access to the connected servers or devices T To Change the root password 1 Enter the passwd command d Enter a new password when prompted The following Security Advisory appears the first time CS is powered on or when the unit is reset to factory default parameters root CAS root passwd New password new_password Re enter new password new_password Password changed ...

Page 70: ... Telnet SSHv1 SSHv2 and HTTP HTTPS enabled The following actions are STRONGLY recommended 1 To change the ROOT user s password before setting up the device 2 That you SELECT A SECURITY PROFILE to complete the INITIAL SETUP Security is dependent on Policy and is Configurable to fit in environments with varying levels of Security This device provides three pre set Security Levels SECURED MODERATE an...

Page 71: ...e the defaults 3 Press Enter to accept the default hostname otherwise enter your own hostname 4 Press Enter to keep DHCP enabled or enter n to specify a static IP address for CS By default CS uses the IP address provided by the DHCP server If your network does not use DHCP then CS will default to 192 168 160 10 Set to defaults y n n n Hostname CAS fremont_branch_CS Do you want to use DHCP to autom...

Page 72: ...ter y after the prompts shown in the following screen example 11 To confirm the configuration enter the ifconfig command 12 After the initial configuration proceed to the Web Manager to select a security profile System IP 192 168 160 10 CS_IP_address Domain name blackbox com domain_name Primary DNS Server 192 168 44 21 DNS_server_IP_address Gateway IP eth0 gateway_IP_address Network Mask netmask A...

Page 73: ...rowser redirects to Wizard Step1 Security Profiles T To Select a Security Profile Select a pre defined Security Profile or define a Custom profile for specific services The profiles are Secured Disables all protocols except SSHv2 HTTPS and SSH to Serial Ports Moderate Enables SSHv1 SSHv2 HTTP HTTPS Telnet SSH and Raw connections to Serial Ports ICMP and HTTP redirection to HTTPS Open Enables all s...

Page 74: ... ports see Appendix 9 Security Menu Forms and Appendix 10 Ports Menu Forms For additional configuration and administration options and other important related information see the chapters in the CS user manual that are listed in the following table Topic Where Documented Installation and Configuration Process Appendix 2 Installation and Configuration For Regular Users How to use the Web Manager to...

Page 75: ...computers and other devices to be managed through the CS 3 Power on the CS and connected devices 4 Obtain the CS s current IP address 5 Enter the CS s IP address in the browser s Address window 6 Login to the CS and finish configuring users and other settings using the Web Manager T To Use the Default IP Address to Access the Web Manager The default IP address for the CS is 192 168 160 10 This pro...

Page 76: ...pendix C Supported PCMCIA Cards Figure 2 3 Front Panel PCMCIA Card Slots T To Install a PCMCIA Card 1 Insert the PCMCIA card into slot 1 or slot 2 2 Use the Web Manager to configure the PCMCIA card Note A hard disk PCMCIA card is automatically mounted once it is inserted and it needs no configuration T To Remove a PCMCIA Card Caution Always use the Web Manager to eject a PCMCIA card Any other meth...

Page 77: ... can connect AlterPath Power Management PM intelligent power distribution units IPDUs to the serial ports on the CS using an RJ 45 to RJ 45 UTP cable AlterPath PM includes two RS 232 outlets for serial management and daisy chaining Any combination of Alter PM models up to 128 outlets can be daisy chained into a single virtual power distribution unit The following figure shows an CS and two AlterPa...

Page 78: ... PMs Table 2 4 Tasks Related to Connecting AlterPath PMs Task Where Documented Configure serial ports for power management protocol To Configure a Serial Port for IPDU or IPMI Power Management on page 274 How the administrators perform IPDU power management using the Web Manager IPDU Power Mgmt on page 120 How the regular users manager power outlets using the Web Manager To Close an SSH Session on...

Page 79: ... devices that are connected to the serial ports on the CS Perform IPDU power management Change their current password This chapter contains the following sections Using the Web Manager CS users perform most tasks through the Web Manager The Web Manager runs in a browser and provides a real time view of all the equipment that is connected to the CS Using the Web Manager Page 49 Features of Regular ...

Page 80: ... the Web Manager 1 Connect your web browser to CS by typing in the Console Access Server s IP address e g https 10 10 10 10 provided to you by your system administrator in your internet browser Note Refer to Chapter 2 for the requirements to start with the Web Manager Press Enter The system brings up the CS Web Manager Login form 2 Type in your username and password as provided to you by your syst...

Page 81: ...f the Web Manager when regular users log in Figure 3 2 Regular User Form The form in the middle changes according to which menu option is selected The following table illustrates the functions that are common to all the forms Table 3 1 Common Screen Information Form Area Purpose Click this button to log out Form area Menu Logout button and CS information area ...

Page 82: ...age 53 Connect to Serial Ports on page 54 Permission to access a port or perform power management is granted by the CS administrator when your user account is created Contact your administrator to gain authorization to access the serial port that the server or devices is connected to Displays the hostname and IP address assigned during initial configuration and the model number of the CS Brings up...

Page 83: ...n on the CS The following figure shows the Java applet when you connect to the CS Note in the Connected to message in the below figure at the top of the screen the IP address of the CS followed by the session type in this case SSH Figure 3 4 Java Applet The following table describes the available buttons in the Java applet Table 3 2 Java Applet Buttons Button Purpose To send a break to the termina...

Page 84: ... allow access to the connected devices Consult your system administrator for configuring the authentication method When you select a port from the Serial pull down list and click the Connect button a Java applet viewer appears A Connected to message in a gray area at the top of the screen shows the IP address of the CS followed by the TCP port number See an example of the Java applet in Figure 3 4...

Page 85: ...k with the administrator to find which port numbers to use T To Use Telnet to Connect to a Device Through a Serial Port For this procedure you need the hostname of the CS or its IP address and the TCP port number for the serial port to which the device is connected To use Telnet in a shell enter the following command T To Close a Telnet Session Enter the Telnet hotkey defined for the client The de...

Page 86: ...scape character followed by a at the beginning of a line to close the SSH session IPDU Power Mgmt IPDU or Intelligent Power Distribution Units management allows you to manage the power outlets on the AlterPath PM products When you select the IPDU Power Mgmt option if you have permission to manage outlets on an AlterPath PM two tabs appear at the top of the form as shown in the following figure Out...

Page 87: ...sion to manage power on any of the AlterPath PM outlets or 2 CS cannot detect an AlterPath PM that has been configured for power management Contact the CS administrator for help if you see this message Figure 3 6 Regular User Outlets Manager no permissions The following form appears if you have permission to manage power on one or more outlets of the AlterPath PM Figure 3 7 Regular User Outlets Ma...

Page 88: ...et Edit the power up interval The power up interval is the time interval in seconds that the system waits between turning on the currently selected outlet and the next outlet The default is set at 30 seconds Cycle Turn power briefly off and on again Turn the power On Off to the outlet Lock or unlock the outlet to prevent accidental changes to the power state The following table describe the corres...

Page 89: ... Information on the View IPDUs Info Form Description Example Name Either a default name or administrator configured name PM Number of Units The number of IPDUs connected to the port The first IPDU is referred to as the master Any other IPDUs daisy chained off the first IPDU are referred to as slaves 1 Syslog Whether syslogging has been configured for messages from this IPDU ON Buzzer Whether a buz...

Page 90: ...number PM8 15A Software Version PM firmware version 1 5 0 Alarm Threshold Number of amperes that triggers an alarm or syslog message if it is reached 15 0A Current Current level on the IPDU 0 0A Maximum Detected Maximum current detected 0 4A Use this button to refresh the currently displayed maximum detected temperature Temperature Temperature on the AlterPath PM Available only on selected models ...

Page 91: ... figure appears if 1 There is no multi outlet device defined 2 Power Management is not enabled for the serial port the device is connected to 3 CS cannot detect an AlterPath PM that has been configured for power management Contact the CS administrator for help if you see this message Figure 3 9 Regular User IPDU Multi Outlet no permissions The following form appears if you have permission to view ...

Page 92: ...click when all of the outlets are in the same state The first click turns the other outlets on or unlocks them so that all the outlets are in the same state the second click turns all of the outlets off or locks them The Cycle button operates only if all outlets of a group are turned on Note The PU Power Up interval parameter configured for each outlet plays an important role in the power up seque...

Page 93: ...sion on page 56 Security When you select the Security menu option the following form appears Table 3 7 Regular User Password Management Form T To Change Your Password 1 Select the Security option from the menu panel The Security form appears 2 Enter your current password in the Current Password field 3 Enter the new password in the New Password and the Repeat New Password fields 4 Click OK 5 Log o...

Page 94: ...Web Manager for Regular Users 64 ...

Page 95: ...ubsequent chapters describe the menus forms and the configuration procedures of the Web Manager in Wizard and Expert modes If you are a regular user see Chapter 3 Web Manager for Regular Users The sections listed in the following table provides background information related to CS administrators use of the Web Manager including explanations of the types of information to be entered in each of the ...

Page 96: ...IA slots An optional CDMA wireless GSM or ISDN card Prerequisites for Using the Web Manager The prerequisites described in this section must be completed before anyone can access the Web Manager If you have questions about any of the following prerequisites contact your system or network administrator Basic network parameters must be defined on the CS so the Web Manager can be launched over the ne...

Page 97: ...sign users permissions to manage outlets on connected AlterPath PMs To Configure Users to Manage Power Outlets on IPDUs on page 128 Set up local or remote data buffering and specify alarms for one or more serial ports To Configure Data Buffering for Serial Ports on page 267 To Choose a Method for Sending Notifications for Serial Port Data Buffering Events on page 297 Set up logging of system messa...

Page 98: ...hen the logged in user is an administrator Figure 4 1 Administrator Web Manager Buttons The following table describes the uses for each control button Table 4 2 Administrator Web Manager Buttons Button Name Use back Only appears in Wizard mode Returns the previous form try changes Tests the changes entered on the current form without saving them cancel changes Cancels all unsaved changes apply cha...

Page 99: ...Trying Saving and Restoring Configuration Changes Task Action Result try changes Click the try changes button Updates the appropriate configuration files Changes are preserved if you log in and log out and even if you restart the system Changes stay in effect unless the cancel changes button is clicked The changes can be restored at any time until the apply changes button is clicked cancel changes...

Page 100: ...need to run the Web Manager Finding a dynamically assigned IP address requires making an inquiry to the DHCP server using the MAC address a 12 digit hexadecimal number which is on a label on CS Check with the system administrator who configured the basic network parameters on the assigned IP address If there is no DHCP server use the default static IP address 192 168 160 10 that is pre configured ...

Page 101: ...trator Web Manager Login Form 2 Log in as root and type in the root password The default password is bb Caution It is important to change the root password as soon as possible to avoid security breaches If another administrator is already logged in the dialog box shown in the following screen example appears ...

Page 102: ...nistrator Multi Administrator Login Message 3 Click the appropriate radio button and then click Apply Note The following Security Advisory appears the first time CS is accessed Browser s pop up blocker should be disabled for this dialog box to appear ...

Page 103: ... Administrator Security Advisory Message Overview of Administrative Modes The CS Web Manager operates in two modes 1 Wizard 2 Expert In Wizard mode the Expert button displays In Expert mode the Wizard button displays Clicking these buttons toggles between Wizard and Expert mode Expert is the default mode ...

Page 104: ...the left bottom corner of the menu panel Shown below is a typical form of the CS web interface in Wizard Mode The user entry form varies depending on the selected menu item Figure 4 5 Example of Web Manager Form in Wizard Mode Expert Mode Designed for advanced users this is the default mode when you log in to the CS If you are in the Wizard mode you can change to Expert mode by clicking on the Exp...

Page 105: ...gly Occasionally an Expert Mode menu selection has multiple forms which are identified by tabs such as the one shown in Figure 4 6 Figure 4 6 Example of Web Manager Form in Expert Mode The subsequent chapters shown below describe the Wizard and Expert configuration modes in detail introduces the menu elements in the Expert mode and describe the underlying procedures Table 4 5 Administrator CS Conf...

Page 106: ...Web Manager for Administrators 76 Security Menu Expert Chapter 9 Ports Menu Expert Chapter 10 Administration Menu Expert Chapter 11 Table 4 5 Administrator CS Configuration and Expert Menus Chapters ...

Page 107: ...d in order to have more control over the services that are active at any time Pre defined Security Profiles There are three pre defined security profiles 1 Secure The Secure profile disables all protocols except SSHv2 HTTPS and SSH to Serial Ports Authentication to access Serial Ports is required and SSH root access is not allowed Step 1 Security Profile Page 77 Step 2 Network Settings Page 85 Ste...

Page 108: ... SSHv1 SSHv2 HTTP HTTPS SNMP RPC ICMP and Telnet SSH and Raw connections to the Serial Ports Authentication to access serial ports is not required Default Security Profile The Default Security Profile sets the parameters to same as Moderate profile See the following tables for the list of enabled services when the Default security profile is used Custom Security Profile The Custom Security Profile...

Page 109: ...each security profile 1 The Default security profile parameters are the same as Moderate profile Access to CS Secure Moderate Open Default1 Custom Telnet 3 SSHv1 3 3 3 SSHv2 3 3 3 3 Allow SSH root access 3 3 3 HTTP 3 3 3 HTTPS 3 3 3 3 HTTP redirection to HTTPS 3 3 Access to Serial Ports Secure Moderate Open Default1 Custom Console Telnet 3 3 3 Console SSH 3 3 3 3 Console Raw 3 3 3 Serial Port Auth...

Page 110: ...ther navigation to other sections of the Web Manager is not possible without selecting or configuring a Security Profile Once you select or configure a Security Profile and apply the changes CS Web Manager restarts for the security configuration to take effect 2 CS firmware is upgraded and the system is restarting with the new firmware In this situation the CS was already in use and certain config...

Page 111: ...sers to individual ports The following figure shows the default factory settings of serial ports Figure 5 1 Administrator Physical Ports Factory Settings If you reconfigure the Security Profile and restart the Web manager you need to make sure the serial ports protocols and access methods match the selected security profile The following reminder dialog box appears before you proceed to Step2 Netw...

Page 112: ...wing procedure assumes you have installed a new CS at your site or you have reset the unit to factory default 1 Enter the assigned IP address of the CS in your browser and login as an administrator The following security warning dialog box appears Figure 5 3 Security Advisory Dialog Box ...

Page 113: ...ry and click the Close button 3 The Web Manager is redirected to Wizard Step 1 Security Profile The following form is displayed Figure 5 4 Wizard Step 1 Security Profile Form 4 Select a pre defined Security Profile by pressing one of the Secured Moderate Open or Default profiles or create a Custom profile The following dialog box appears when you select the Custom profile ...

Page 114: ...red precautions to understand the potential impacts of each individual service configured under the Custom profile Refer to Table 5 1 on page 79 and the subsequent tables for a comparison of the available services in each security profile Refer to the Glossary for a definition of the available services ...

Page 115: ...changes to take effect The following dialog box appears 6 Select apply changes to save the configuration to Flash CS Web Manager restarts 7 Login after Web Manager restarts and click on the Wizard button to switch to Wizard mode 8 Proceed to Step 2 Network Settings Step 2 Network Settings Selecting Step 2 Network Settings brings up a form for reconfiguring existing network settings During initial ...

Page 116: ...Gateway IP address Network mask NTP server s IP address if you are using a time date server In Expert mode under Network menu you can specify additional networking related information and perform other advanced configuration tasks If the DHCP is disabled the form appears as shown in the following figure Figure 5 6 Wizard Step 2 Network Settings DHCP disabled If the DHCP is enabled the form appears...

Page 117: ...is enabled a local DHCP server assigns CS a dynamic IP address that can change The administrator chooses whether or not to use DHCP during initial setup 2 If you are using DHCP proceed to Step 3 Port Profile if not click on the checkbox to deselect DHCP and enter your network settings manually 3 Enter the following network information Host Name IP addresses Network Mask Domain Name DNS Server Gate...

Page 118: ...zard Step 3 Port Profile In Wizard mode the system assumes that all devices will be connected to the serial ports with the same parameter values If you need to assign different parameters to the serial ports that each server or device is connected to use the Expert mode Ports Physical Ports to assign individual port parameters Note From the factory by default all Serial Ports are disabled The admi...

Page 119: ...ted plain socket connections Use Expert mode if you want to specify any of several other connection protocols that are listed under Ports Physical Ports Modify General Flow Control None Default Hardware Software Must match the flow control method of the devices connected to all serial ports Parity None Default Odd Even Must match the parity used by the devices connected to all serial ports Baud Ra...

Page 120: ...n effect on the connected devices If the connected devices require different connection protocols and speed configure individual settings in Expert mode Ports Physical Ports See Chapter 10 Ports Menu Forms for more detail 1 Select a protocol Console Telnet Console SSH Console TelnetSSH or Console Raw from the Connection Protocol pull down menu The default is Console Telnet 2 To change the flow con...

Page 121: ...nge whether authentication is required check the Authentication Required checkbox for enabled or leave it unchecked for disabled 8 Select apply changes to save configuration to Flash 9 Select the Next button or proceed to the next section Step 4 Access Step 4 Access Selecting Step 4 Access brings up a form shown in the following figure which allows you to add or delete user accounts and set or cha...

Page 122: ...ned Users and has Add Change Password and Delete buttons In the Users list by default there is a root account that cannot be deleted The root has access privileges to all the Web Manager s functionality as well as access to all the serial ports on the CS Clicking the Add button brings up the following form ...

Page 123: ...d Password and Repeat Password The password for the account Group The choices in the Group menu are Regular User Default or Admin Note To configure a user to be able to perform administrative functions select the Admin group To define a new group go to the Expert mode and select Security Users and Groups dropdown list Select whether the user of this group is a NonBio Default or a BioUser The BioUs...

Page 124: ...User Name and Password fields and enter the password again in the Repeat Password field 3 Select from the Group menu options a To create a regular user account without administrator privileges select Regular User Default from the Group pull down menu Shell Optional The default shell when the user makes an SSH or a Telnet connection Choices are sh Default or bash Comments Optional notes about the u...

Page 125: ... field optional 6 Enter comments to identify the user s role or configuration in the Comments field optional 7 Click OK 8 Click the apply changes button T To Delete a User 1 Select Step 3 Access The Access form displays 2 Select the user name to delete 3 Click Delete 4 Click apply changes T To Change a Password Caution Leaving the default root password unchanged leaves the CS and connected devices...

Page 126: ...age source such as an NFS server or Syslog server The following figure shows the form when Enable Data Buffering is inactive Figure 5 12 Wizard Step 5 Data Buffering Inactive Once data buffering is enabled the form displays a number of fields The displayed fields depends on whether selected Destination is Local or Remote The values set in this form apply to all serial ports Data buffering allows a...

Page 127: ...sk of an external server such as an NFS or Syslog server The following figure shows the form when Data Buffering is set to enabled and the Destination is set to Local Figure 5 13 Wizard Step 5 Data Buffering Local The following figure shows the form when data buffering is set to Destination Remote ...

Page 128: ...h or Remote on a server Mode For Local Destination Select Linear for sequential files or Circular for non sequential format Local data buffering stores data in circular or linear mode In circular mode data is written into the specified local data file until the upper limit on the file size is reached then the data is overwritten starting from the top of the file as additional data comes in Circula...

Page 129: ...ow Menu Defines the options you want to show in the menu of the buffer file Table 5 7 Wizard Differences Between Remote and Local Buffering Option Description Remote server Data is stored in files sequentially The NFS server must be configured with the mount point shared exported In linear mode data is written into a continuous sequence of files and the file spaces is not reused The administrator ...

Page 130: ...nation pull down menu appears 3 Select a location for the data files from the Destination pull down menu either Local or Remote Additional pull down menus and fields appear depending on which destination is selected 4 When the destination is local perform the following steps a From the Mode pull down menu select Circular or Linear data buffering b Type a file size in bytes into the File Size Bytes...

Page 131: ...server must be mounted on the CS b To cause a timestamp to be saved with the data in the data buffer file enable the Record the timestamp in the data buffering file c Select an option from the Show Menu pull down menu The choices are show all options No Show data buffering file only and Show without the erase options 6 Click apply changes Step 6 System Log Selecting Step 6 System Log brings up a f...

Page 132: ...g make sure an pre configured syslog server is available on the same network as the CS Obtain the following information from the syslog server s administrator The IP address of the syslog server The facility number for messages coming from the CS See Chapter 1 Syslog Servers on how facility numbers are used T To Add a Syslog Server This procedure assumes you have the following information The IP a...

Page 133: ...5 Click apply changes T To Delete a Syslog Server 1 From the Syslog Server list select the syslog server that you want to delete from the current facility location and then select Delete 2 Click apply changes The subsequent chapters shown below describe the Expert configuration mode in detail introduces the menu elements in the Expert mode and describe the underlying procedures Table 5 8 CS Config...

Page 134: ...Expert Chapter 8 Network Menu Forms Security Menu Expert Chapter 9 Security Menu Forms Ports Menu Expert Chapter 10 Ports Menu Forms Administration Menu Expert Chapter 11 Administration Menu Forms Table 5 8 CS Configuration and Expert Menus Chapters ...

Page 135: ... to perform advanced configuration click the Expert button at the bottom of the left menu panel to switch to Expert mode If the Wizard button displays at the lower left of the screen you are in Expert mode The top menu bar contains the primary commands and the left menu panel contains the secondary commands Based on what you select from the top menu bar the left menu panel selections change accord...

Page 136: ...Expert Mode Screen Elements Note Procedures in this manual use shortcuts to tell how to get to Web Manager forms For example a step telling the user to access the Outlets Manager form use this convention In Expert mode go to Applications IPDU Power Mgmt Outlets Manager Top Menu Form Area Tabs Left Menu Wizard Expert Command buttons ...

Page 137: ...iew IPDUs Info Users Manager Configuration Software Upgrade for the AlterPath PM IPDU Power Mgmt IPMI Power Management Terminal Profile Menu Host Settings Syslog PCMCIA Management VPN Connections SNMP Firewall Configuration Host Table Static Routes Users and Groups Active Ports Sessions Authentication Auth Type Radius Tacacs Ldap Kerberos NIS Security Profiles Ports Administration Physical Ports M...

Page 138: ...re you may power remote machines on and off check the status and lock the power outlet in the on or off state to prevent accidental changes Chapter 7 Page 120 IPDU Multi Outlet Ctrl Manage all power outlets of a multi outlet device connected to the AlterPath PM family of Intelligent Power Distribution Units in one single operation Chapter 7 Page 133 IPMI Power Mgmt Manage IPMI devices Power on and...

Page 139: ...the optional PCMCIA cards BLACK BOX CS supports several PCMCIA cards including modem ISDN wireless and wired NICs Compact Flash and IDE drives for data buffer storage Chapter 8 Page 158 VPN Connections Configure one or more VPN connections to other systems or CS attached devices Chapter 8 Page 176 SNMP Configure Simple Network Management Protocol SNMP with community names OID and user names SNMPv1...

Page 140: ...ons as well as their identifications features and usage statistics Chapter 9 Page 212 Authentication Enter the authentication method used to access CS Chapter 9 Page 214 Security Profiles Select a pre defined Security Profile or choose Custom Profile to configure individual settings Chapter 9 Page 226 Table 6 5 Expert Ports Menu Selection Use this menu to Where Documented Physical Ports Activates ...

Page 141: ...10 Page 287 Ports Statistics View information on the data reception Rx bytes and transmission Tx bytes on each physical port View current CAS user s Baud rate frame parity break and overruns Chapter 10 Page 288 Table 6 6 Administration Menu Selection Use this menu to Where Documented System Information View information on the system hardware version file system and PCMCIA cards loaded Chapter 11 P...

Page 142: ...CK BOX CS can boot from its internal firmware or from the network This section configures the required parameters Chapter 11 Page 307 Backup Configuration Use a FTP server to save and retrieve your CS configuration use a storage device to store your configuration Chapter 11 Page 310 Upgrade Firmware Upload upgrade new firmware Chapter 11 Page 313 Reboot Reboot the CS system Chapter 11 Page 316 Onl...

Page 143: ...BLACK BOX CS Installation Administration and User s Guide 113 Description of Forms in Expert Mode ...

Page 144: ...Configuring the CS in Expert Mode 114 ...

Page 145: ...he serial ports Page 116 IPDU Power Mgmt Manage power outlets on the AlterPath PM family of Intelligent Power Distribution Units From here you may power remote machines on and off check the status and lock the power outlet in the on or off state to prevent accidental changes Page 120 IPDU Multi Outlet Ctrl Manage all power outlets of a multi outlet server or device connected to the AlterPath PM in...

Page 146: ...nnect form under Applications brings up the form shown in the following figure Terminal Profile Menu Configure a menu of commands that will be presented to the user when they power on their computer terminal and login to the CS This is a special application used only when the CS is being used as server with terminals attached Page 146 Table 7 1 Expert Applications Menu Menu Selection Use this menu...

Page 147: ...lications Connect Form Using the Connect form you can connect directly to CS or to the devices that are connected to the serial ports Connect to CS Clicking the Connect to CS radio button and clicking the Connect button brings up a Java applet running an SSH session similar to the following figure ...

Page 148: ... information see Chapter 9 Security Menu Forms Serial The Serial pull down menu lists all the serial port numbers or the administrator assigned aliases that a user is authorized to access Selecting a port number or alias and clicking Connect brings up a Java applet with a connection protocol that the serial port is configured for For example if the serial port is named PM and configured for power ...

Page 149: ... in the Connected to grey bar circled in red in the above two figures If authentication is in effect for the port you need to supply a username and password to log into the device T To Connect to the CS This procedure logs you into the CS as a Regular User in a SSH session 1 Go to Applications Connect in Expert mode 2 Click the Connect to CS radio button 3 Click the Connect button ...

Page 150: ...ect a port number or alias from the Serial pull down menu 4 Click Connect A Java applet viewer appears If authentication is specified for the selected port you are prompted to log in If not you are automatically logged in IPDU Power Mgmt Selecting the IPDU Power Mgmt brings up the five tabs shown in the following figure Using the IPDU power management forms you can manage the power to the connecte...

Page 151: ...hing the outlet off and on Lock outlets in the on or off state to prevent accidental changes Unlock the outlets Assign an alias to the outlet to identify the device for which it provides power Change the power up interval The power up interval is the time interval in seconds that the system waits between turning on the currently selected outlet and the next outlet Save the current configuration to...

Page 152: ...ns Description In the example below outlet 1 is switched on and locked and outlet 2 is switched off and unlocked Button Purpose Yellow bulbs indicate an outlet is switched on Gray indicates an outlet is switched off An opened padlock indicates that an outlet is unlocked A closed padlock indicates that an outlet is locked An orange Cycle button is active next to each outlet that is on ...

Page 153: ...e server or device name and change the power up interval Note The power up interval is the amount of time in seconds that elapses after the selected outlet is turned on before another outlet can be turned on T To View Status Lock Unlock Rename or Cycle Power Outlets 1 Go to Applications IPDU Power Mgmt Outlets Manager The Outlets Manager form appears 2 To switch an outlet on or off click the adjac...

Page 154: ...To change the time between when this outlet is turned on and another can be turned on change the default 0 50 number of seconds in the Power Up Interval field 6 Click OK 7 Click the Save Outlets State button 8 Click apply changes View IPDUs Info Selecting Applications IPDU Power Mgmt View IPDUs Info tab the form in the following figure appears Figure 7 9 IPDU Power Mgmt View IPDUs Info The figure ...

Page 155: ... two PM8 15A IPDUs are daisy chained through Serial Port 1 Description Example Name Either a default name or administrator configured name appears PM Number of Units The number of IPDUs connected to the port The first IPDU is referred to as the master Any other IPDUs daisy chained off the first IPDU are referred to as slaves 2 IPDUs daisy chained through the Serial Port 1 Number of Outlets Total n...

Page 156: ... Max Detected Temperature button Description Example Model AlterPath PM model number PM8 15A Software Version AlterPath PM firmware version 1 5 0 Alarm Threshold Number of amperes that triggers an alarm or syslog message if it is reached 15 0A Current Current level on the IPDU 0 0A Maximum Detected Maximum current detected 0 4A Button to reset the maximum detected current value Temperature Tempera...

Page 157: ...ath PM The AlterPath PM is connected to serial port 1 which is configured for power management Figure 7 10 IPDU Power Mgmt Users Manager If more than one serial port is configured for power management multiple users lists appear one for each IPDU power management port Clicking Add brings up the following dialog box where you can specify one or more comma separated user names and one or more outlet...

Page 158: ...t a user select the username from the Users Information list and then click Edit The Add Edit User x Outlets dialog box appears 4 To add a new user click Add The Add Edit User x Outlets dialog box appears 5 In the Add Edit User x Outlets dialog box do the following as appropriate a Enter the username in the User field b Enter or modify the numbers of the outlets to which the user is assigned in th...

Page 159: ...hen the current on the IPDU exceeds the selected threshold Syslog messages are generated Buzzer sounds if the current exceeds the defined threshold The Configuration form shows an entry for each serial port that has an AlterPath PM IPDU connected to and is configured for power management The first connected IPDU is called the master the second and subsequently connected IPDUs are called slaves On ...

Page 160: ...to trigger alarms syslogging or over current protection for an IPDU 1 Go to Applications IPDU Power Mgmt Configuration 2 The Configuration form displays entries for all ports configured for power management Perform the following steps for each IPDU a Assign a name to the IPDU in the Name field if desired b For each AlterPath PM click the appropriate check boxes to enable or disable Over Current Pr...

Page 161: ...mation about each directly connected PM is displayed The primary connected IPDU is referred to as the master and any daisy chained PMs are called slaves The form displays the version number of the software that is currently installed on each PM To upgrade IPDU software using this form you first must download a more recent version of the AlterPath PM software into the CS s tmp directory with the fi...

Page 162: ...wing example shows the AlterPath PM section on the downloads page For example the version of AlterPath PM firmware in the previous figure is Software Version 1 5 0 In this case the software is updated You would download it if it is more recent than the version shown on the form 3 Click the Firmware link 4 In the version directory click the name of the binary you want to download For example pm_150...

Page 163: ...filename pmfirmware 1 Go to Applications Power Mgmt Software Upgrade The Software Upgrade form displays 2 Click the Refresh button If a tmp pmfirmware exists containing a more recent version of the PM firmware than the one currently installed an Update button appears 3 Click Update 4 Click apply changes IPDU Multi Outlet Ctrl Selecting Applications IPDU Multi Outlet Ctrl display the following form...

Page 164: ...nnected to the same PM or not all outlets that are configured to the same serial port can be treated as a group and controlled simultaneously from this form The following form displays if Multi Outlet Ctrl is not configured For the procedure see To Configure a Serial Port for IPDU or IPMI Power Management on page 143 ...

Page 165: ...al port must be configured for power management A device connected to a serial port must be plugged into at least two outlets on the PM The PM and the outlet numbers to which the device is plugged must be configured on the serial port that the device is connected to Power Management Icons In the first line of each group the light bulb and the lock icons as well as the Cycle button operate over the...

Page 166: ...group is off A yellow light bulb indicates that the group is on Clicking the light bulb icon once changes the power status of all of the outlets in the group A grey and open lock icon indicates that the outlets are unlocked and can be powered on or off A full color closed lock icon indicates that the outlet is locked and cannot be turned on or off Clicking the lock icon once changes the lock statu...

Page 167: ...the next outlet in the group turns on only after the power up interval specified for the current outlet has elapsed To configure this parameter go to Applications IPDU Power Mgmt Outlets Manager Edit T To Power On or Power Off a Group of Outlets in the Same Power State Use these instructions if all of the outlets in a group are turned either off or on 1 Go to Applications IPDU Multi Outlet Ctrl 2 ...

Page 168: ...f outlets click the closed padlock icon adjacent to the group name T To Lock or Unlock a Group of Outlets in Different Lock States Use these instructions if not all of the outlets in a group are locked or unlocked 1 Go to Applications IPDU Multi Outlet Ctrl 2 To lock the group of outlets do the following steps a Click the open padlock icon adjacent to the group name once to unlock all of the outle...

Page 169: ...terface or IPMI refers to the monitoring and control functions that are built into the platform hardware and primarily is used for monitoring a server s hardware such as temperature voltage and errors On the IPMI Power Mgmt form under Applications you can enable and perform power management of devices that have IPMI controllers As shown in the following figure if no IPMI devices have been added pr...

Page 170: ...PMI Devices list or the configuration for the device is changed The following figure shows an entry for an IPMI server Figure 7 19 Expert IPMI Power Mgmt Device Entry Example Once an IP address for a device is added to the list of IPMI devices on this form any user authorized for power management can turn power on and off and cycle power for the IPMI device through the Web Manager Also users ...

Page 171: ... in an IPMI Devices List The user with power management privileges can manage power on listed IPMI devices The following table describes the icons available in the IPMI Power Mgmt form Table 7 7 Expert IPMI Power Mgmt Form Icons Table 7 6 Expert IPMI Information Field Name Description Device Alias Optional IP Address IP address of the device on the network Authentication type None Straight Passwor...

Page 172: ...the IPMI device in the IP Address field c Choose an authentication type if desired from the Authentication Type pull down menu d Choose a user permission type from the Access Level pull down menu The default is User e Enter a Username When the status is unknown a question mark appears instead of the light bulb A question mark indicates either of the following conditions The device was added or del...

Page 173: ...ions IPMI Power Mgmt Entries for all previously defined IPMI devices appear on the form 2 To toggle the state of a device click the adjacent light bulb icon 3 To briefly turn the power off then on again click the Cycle button T To Configure a Serial Port for IPDU or IPMI Power Management 1 Go to Ports Physical Ports 2 To select a port or ports to modify click the appropriate Modify Ports button an...

Page 174: ...Port Power Management Enable Power Management 4 Click the Add button The Add Outlet dialog box appears Figure 7 21 Expert Power Management Add Outlet Dialog Box 5 Enter the outlet number s separated by comma into which the device is connected to 6 Click OK ...

Page 175: ...Perform this procedure to allow a user to perform power management for a device while connected to the device through one of the CS s serial ports 1 To allow everyone with access permissions for this port to perform power management on this port click the Allow All Users radio button 2 To restrict power management on this port to a restricted list of users authorized to access this port click the ...

Page 176: ...d to the port Enter the key combination in the IPMI key field with as in I The caret stands for the Ctrl key Note The default IPMI hot key is I The hexadecimal code for the Ctrl I is the same as the keyboard s Tab key You can choose to change the default IPMI hotkey 3 Select the name of the previously added IPMI device from the IPMI Server pull down menu 4 Click Done 5 Click apply changes Terminal...

Page 177: ...wing figure shows an empty menu Figure 7 24 Expert Applications Terminal Profile Menu The menu can contain any command recognized by the Linux operating system on the CS The most common use of this feature is to create multiple menu options for launching SSH sessions on remote hosts When you click Add the Add Option dialog box appears as shown in the following figure Figure 7 25 Expert Terminal Pr...

Page 178: ...o Create a Menu for a Local Computer Terminal 1 Go to Applications Terminal Profile Menu The Terminal Profile menu displays 2 Enter a title for the menu in the Menu title field 3 To edit an existing menu option select the Action Name from the table and then click Edit 4 To add a new menu option click Add The Add Option dialog box appears a Enter a title for the menu option in the Title field b Ent...

Page 179: ...BLACK BOX CS Installation Administration and User s Guide 149 Applications 5 Click apply changes ...

Page 180: ...Applications Menu Forms 150 ...

Page 181: ...ding Page 152 Syslog Configure how the CS will handle its syslog messages The CS generates syslog messages related to users connecting to ports login failures and other information that can be used for audit and control purposes Page 157 PCMCIA Management Configure the optional PCMCIA cards CS supports several PCMCIA cards including modem ISDN GSM CDMA wireless LAN Ethernet LAN Compact Flash and I...

Page 182: ...dialog boxes guide you to configure the required parameters Page 181 Firewall Configuration Configure static IP tables and how packets should be filtered Page 186 Host Tables View information about the local network environment View table of hosts create edit and delete hosts Page 201 Static Routes To manually add routes Static routes are a very quick and effective way to route data from one subne...

Page 183: ... as shown in the following figure Figure 8 2 Expert Network Host Settings DHCP Disabled The following table provides a brief definition of the Host Settings form fields Table 8 2 Expert Host Settings Form Fields Filed Name Field Definition Host Name The fully qualified domain name identifying the specific host computer on the network ...

Page 184: ... for more than one network Network Mask The 32 bit number used to group IP addresses together or to indicate the range of IP addresses for a subnet Secondary Network Mask Optional MTU Maximum Transmission Unit used by the TCP protocol DNS Server Address of the Domain Name Server Secondary DNS Server Address of the backup Domain Name Server Domain Name The name that identifies the domain for exampl...

Page 185: ...eckbox to remove the check mark Additional fields appear 3 Enter the name assigned to the IP address of the CS in the Host Name field 4 Enter a console banner in the Console Banner field Bonding Enables redundancy for the Ethernet devices using the standard Ethernet interface as the primary mode of access and a PCMCIA card as a secondary mode of access If bonding is enabled the following values sh...

Page 186: ...ormation if desired a Enter the address of the domain name server in the Primary DNS Server field b If there is a backup DNS server enter the address of the secondary DNS in the Primary DNS Server field c Enter the domain in the Domain Name field d Enter the IP address of the gateway in the Gateway IP field 7 If you are done go to step 9 If you are enabling Bonding continue to step 8 8 To activate...

Page 187: ...m shown in the following figure appears Figure 8 3 Expert Network Syslog You can use the Syslog form to configure how the CS handles system logged messages The Syslog form allows you to do the following Specify one or more syslog servers to receive syslog messages related to ports Specify rules for filtering messages ...

Page 188: ...el Emergency Alert Critical Error Warning Notice Info Debug Category CAS log Data Buffering log Web log or System log T To Configure Syslogging for Serial Ports and Specify Message Filtering 1 Go to Network Syslog in Expert mode The Syslog form appears 2 Select a facility number for messages generated by serial ports by selecting the number from the CAS Ports Facility pull down menu 3 Select a des...

Page 189: ...ash IDE Hard Disk Note You can insert a card at any time and the corresponding driver should load automatically Before removing a card however you must use the Web Manager to eject the card and stop the system from using the card If you install an IDE PCMCIA card in a slot it automatically mounts and no configuration is necessary through this form Note CS supports GPRS and 1xRTT PCMCIA cards throu...

Page 190: ...ert the card into the PCMCIA slot on the front of the CS and Click the Insert button for the slot in which you installed the PCMCIA card The following dialog box appears 3 Click OK The card information appears under the Card Type column as shown in the following figure 4 Click the Configure button 5 The Slot dialog box appears ...

Page 191: ... enable a remote user to call into the CS through an installed modem PCMCIA card When you select Modem from the pull down menu the dialog box shown in the following figure appears Configuring a Modem PCMCIA Card Page 164 Configuring an ISDN PCMCIA Card Page 165 Configuring a GSM PCMCIA Card Page 168 Configuring an Ethernet PCMCIA Card Page 170 Configuring a PCMCIA Compact Flash Card or a PCMCIA Ha...

Page 192: ...ll Back checkbox appear as shown in the following figure Table 8 3 Expert Form Fields for a Modem Card Field Name Definition PCMCIA Card Pull down menu to select the type of PCMCIA card that you are using PPP Check box to enable point to point protocol Local IP The local IP address of the PCMCIA card Remote IP The remote IP address of the PCMCIA card Call Back Check box to enable the callback secu...

Page 193: ... 163 Network Figure 8 6 Expert PCMCIA Modem Card Configuration Dialog Box PPP If you enable Call Back the Phone Number field appears on the Slot dialog box as shown in the following figure Figure 8 7 Expert Modem PCMCIA Card Configuration Dialog Box Call Back ...

Page 194: ...o so d In the Remote IP field specify the IP address to assign to the other end of the PPP connection if desired By default the IP address 10 0 0 1 is assigned Only change the IP address if you have a specific reason to do so 3 To enable call back do the following a Check the Call Back check box The Phone Number field appears on the Slot dialog box b Enter a number to use to call back the modem 4 ...

Page 195: ... select ISDN from the pull down menu on the PCMCIA Management form The Local IP and Remote IP fields and the Call Back check box appear on the Slot dialog box Table 8 4 Expert Form Fields for an ISDN Card Field Name Definition PCMCIA Card Select ISDN from the pull down menu Local IP The local IP address of the PCMCIA card Remote IP The remote IP address of the PCMCIA card Call Back Check box to en...

Page 196: ...ly change the IP address if you have a specific reason to do so 4 To enable call back do the following a Check the Call Back check box The Phone Number field appears on the Slot dialog box b Enter a number for CS to use to call back modem 5 Click OK 6 Click apply changes Configuring a GSM PCMCIA Card You can use the PCMCIA Management form under Network to enable a remote user to call into the CS t...

Page 197: ...s Guide 167 Network Figure 8 9 Expert GSM PCMCIA Card Configuration Dialog Box When the Call Back checkbox is checked the Phone Number field appears as shown in the following figure Figure 8 10 Expert GSM PCMCIA Card Configuration Dialog Box Call Back ...

Page 198: ...ic reason to do so 3 In the Remote IP field specify the IP address to assign to the other end of the PPP connection if desired By default the IP address 10 0 0 1 is assigned Only change the IP address if you have a specific reason to do so 4 Enter a personal identification number known to the owner of the GSM card in the PIN Number field 5 To enable call back do the following Field Name Definition...

Page 199: ...IA Management form under Network to configure an Ethernet PCMCIA card When you select Ethernet from the pull down menu the dialog box shown in the following figure appears Figure 8 11 Expert Ethernet PCMCIA Card Configuration Dialog Box The following table provides a brief description of the fields available in the Ethernet dialog box Table 8 6 Expert Form Fields for an Ethernet Card Field Name De...

Page 200: ... Ethernet port 3 In the Network Mask field enter the netmask to assign to the subnet 4 Click OK 5 Click apply changes Configuring a PCMCIA Compact Flash Card or a PCMCIA Hard Disk Drive You can use the PCMCIA Management form under Network to configure a PCMCIA Compact Flash card or a PCMCIA Hard Disk Drive When you select Compact Flash Hard Disk from the pull down menu the dialog box shown in the ...

Page 201: ...ert Form Fields for a Compact Flash Hard Disk T To Configure a Compact Flash PCMCIA Card or a PCMCIA Hard Disk Drive 1 Install the compact flash card or the hard disk drive and select Compact Flash Hard Disk from the pull down menu on the PCMCIA Management form Field Name Definition PCMCIA Card Select Compact Flash Hard Disk from the Pull down menu Enable Check box to enable the storage device Use...

Page 202: ... 4 Click OK 5 Click apply changes Configuring a Wireless LAN PCMCIA Card You can use the PCMCIA Management form under Network to configure a Wireless LAN PCMCIA card When you select Wireless LAN from the pull down menu the dialog box shown in the following figure appears Figure 8 13 Expert PCMCIA Wireless LAN Card Configuration Dialog Box The following table provides a brief description of the fie...

Page 203: ... your network 5 In the Channel field enter a channel number 6 Click the Encrypted checkbox if an encrypted data communication is required 7 Enter a unique key for decoding the encrypted data 8 Click OK 9 Click apply changes Field Name Definition PCMCIA Card Pull down box to select the type of PCMCIA card that you are using IP Address The local IP address of the Ethernet Network Mask The network ad...

Page 204: ...odem cards that makes it possible for CS to receive a dial in connection and support callback feature using the ppp protocol The following table provides a brief description of the fields available in the CDMA dialog box Table 8 9 Expert Form Fields for a CDMA Card Field Name Definition PCMCIA Card Pull down box to select the type of PCMCIA card that you are using Local IP The local IP address of ...

Page 205: ...g a Check the Call Back check box The Phone Number field appears on the Slot dialog box b Enter a number for the CS to use to call back the CDMA card 7 Click OK 8 Click apply changes Speed The speed used by CS to access the card Additional Initialization Additional initialization parameter to be sent to the card CDMA configuration has a default command sequence to initialize the card but if additi...

Page 206: ...e card type clears under the Card Type column 3 Click apply changes 4 Physically remove the card from the PCMCIA slot on the front of the CS VPN Connections VPN or Virtual Private Network enables a secured communication between CS and a remote network by utilizing a gateway and creating a secured tunnel between CS and the gateway IPSec is the protocol used to construct the secure tunnel IPSec prov...

Page 207: ...nnections You can use the form to add a VPN connection or edit one that is already in the list When you click the Edit or Add buttons a New Modify Connection form appears as shown in the following figure The form displays different fields depending on whether RSA Public Keys or Shared Secret are selected ...

Page 208: ...gateway running IPSec sends packets when delivering them to the left host The next hop for the left host is the IP address of the router to which the CS sends packets to for delivery to the right host A Fully Qualified Domain Name in the ID fields for both the Local Left host and the Remote Right host where the IPSec negotiation takes place should be indicated The following table describes the fie...

Page 209: ...Name preceded by For example hostname xyz com IP Address The IP address of the host NextHop The router through which the CS on the left side or the remote host on the right side sends packets to the host on the other side Subnet The netmask of the subnetwork where the host resides Note Use CIDR notation The IP number followed by a slash and the number of one bits in the binary notation of the netm...

Page 210: ...nu 6 Select Shared Secret or RSA Public Keys from the Authentication Method pull down menu 7 Set up the right and left hosts by doing the following steps a Enter the fully qualified domain name of the hosts in the ID fields These are the hostnames where the IPSec negotiation and authentication happens For example hostname xyz com b Enter the IP address of the host in the IP Address fields c Enter ...

Page 211: ... or Simple Network Management Protocol is a set of protocols for managing complex networks SNMP works by sending messages called protocol data units PDUs to different parts of a network SNMP compliant devices agents store data about themselves in Management Information Bases MIBs and return this data to the SNMP requesters The CS SNMP agent supports SNMPv1 v2 and v3 To use SNMP v1 or v2 you need t...

Page 212: ...rm to enable notifications about significant events or traps from CS to an SNMP management application such as HP Openview Novell NMS IBM NetView or Sun Net Manager The following table explains the required parameters to complete the SNMP form and the associated dialog boxes ...

Page 213: ...ommunity defines an access environment The type of access is classified under Permission either read only or read write The most common community is public Take caution in using a public community name as it is commonly known By default the public community cannot access SNMP information on the CS Source SNMP v1 and v2 only Valid entries are default or a subnet address for example 193 168 44 0 24 ...

Page 214: ... box as shown in the following figure Figure 8 19 Expert New Mod SNMP v3 Configuration Dialog Box T To Configure SNMP 1 Go to Networks SNMP The SNMP form appears 2 To enable any version of SNMP do the following To add an SNMPv1 SNMPv2 entry press the Add button under the SNMPv1 SNMPv2 Configuration table To add an SNMPv3 entry press the Add button at the bottom of the SNMPv3 Configuration table ...

Page 215: ...y name in the Community field b Enter the source IP address or range of IP addresses in the Source field 5 For SNMP v3 configuration enter or change the following information a Enter the user name in the User name field b Enter the password in the Password field Note The SNMPv3 password must be less than 31 characters 6 For any version of SNMP do the following steps a Enter the unique object ident...

Page 216: ... the packets that could potentially harm the network system or generate unnecessary traffic in the network Selecting Network Firewall Configuration brings up the form shown in the following figure Figure 8 20 Expert Network Firewall Configuration You can use the Firewall Configuration form to enable firewall on CS You can define rules to allow or disallow packets and configure filtering of packets...

Page 217: ...form to do the following to configure packet filtering Edit default chains Delete user added chains Add new chains Edit rules for chains Edit Button Selecting one of the default chains and pressing the Edit button the Edit Chain dialog box shown in the following figure appears Figure 8 21 Expert Firewall Configuration Edit Chain Dialog Box Only the policy can be edited for a default chain The opti...

Page 218: ... is pressed the chain is deleted Note Default chains cannot be deleted If one of the default chains is selected and the Delete button is pressed the message shown in the following figure appears Figure 8 23 Firewall Configuration Delete Default Chain Message Add Button If the Add button is pressed under the Add Chain dialog box shown in the following figure appears ...

Page 219: ... be configured for the chain after it is added to the list of chains Edit Rules Button If the Edit Rules button is pressed a form appears with a list of headings like the one shown in the following figure The example shows the OUTPUT chain selected for editing Figure 8 25 Firewall Configuration Edit Rules for chain_name Form The buttons shown in the following figure appear at the bottom of the for...

Page 220: ... Down buttons moves the rule up and down the list Options on the Add Rule and Edit Rule Dialog Boxes The Add Rule and Edit Rule dialog boxes have the fields and options shown in the following figure Figure 8 27 Expert Firewall Configuration Add Rule and Edit Rule Dialog Boxes Inverted Checkboxes If the Inverted checkbox is enabled for the corresponding option the target action is performed on pack...

Page 221: ...g the source or the destination IP address or sending the packet to another user defined chain The default target pull down menu is shown in the following figure Figure 8 28 Firewall Configuration Add Rule and Edit Rule Target Menu Options Source or Destination IP and Mask If you add a value in the Source IP field incoming packets are filtered for the specified IP address and if you add a value in...

Page 222: ... explained in the following sections Numeric Protocol Fields If Numeric is selected as the protocol when specifying a rule a text field appears to the right of the menu for the desired number as shown in the following figure Figure 8 31 Firewall Configuration Add Rule and Edit Rule Numeric Protocol Fields TCP Protocol Fields If TCP is selected as the protocol when specifying a rule the additional ...

Page 223: ...ion Source Port OR Destination Port AND to A port number for filtering in the Source Port or Destination Port field A range of IP address can be specified by adding a second port number in the to field TCP packets are filtered for for the range of specified IP addresses TCP Flags The TCP flags cause packets to be filtered for the specified flag and the selected condition The flags are SYN synchron...

Page 224: ...on form The following figure shows the options Table 8 14 Expert UDP Options Fields Field Definition Source Port OR Destination Port AND to A port number for filtering in the Source Port or Destination Port field A range of IP address can be specified by adding a second port number in the to field TCP packets are filtered for for the range of specified IP addresses Inverted By checking this box Th...

Page 225: ...BLACK BOX CS Installation Administration and User s Guide 195 Network Figure 8 34 Firewall Configuration Add Rule and Edit Rule ICMP Type Menu Options ...

Page 226: ... down menu Figure 8 35 Firewall Configuration Input and Output Interface Fields and Fragments Menu Options The following table defines the fields in the above figure Table 8 15 Expert Firewall Configuration Input and Output Interface and Fragments Fields Definitions Field Definition Input Interface The input interface ethN for the packet Output Interface The output interface ethN for the packet In...

Page 227: ...nfiguration Add Rule and Edit Rule LOG Target Fields The following table defines the menu options and fields in the LOG Options Section Table 8 16 Expert Target LOG Options Selection Fields Field or Menu Name Definition Log Level One of the options in the pull down menu Log Prefix The prefix is included in the log entry TCP Sequence Includes the TCP sequence in the log TCP Options Includes TCP opt...

Page 228: ...and a reply packet of the specified type to be sent Table 8 17 Expert Reject Options Sections Field Name Definition Reject with Reject with means that the filter will drop the input packet and send back a reply packet according to any of the reject types listed below icmp net unreachable ICMP network unreachable alias icmp host unreachable ICMP host unreachable alias icmp port unreachable ICMP por...

Page 229: ...ears 3 Enter the name of the chain to be added in the Name field and then click OK Note Spaces are not allowed in the chain name The name of the new chain appears in the list 4 Finish defining the chain by adding one or more rules as described in To Add a Rule T To Edit a Chain Perform this procedure if you want to change the policy for a default chain icmp net prohibited ICMP network prohibited a...

Page 230: ...m Chain list and then click the Edit button If you select a user defined chain the dialog box shown in the following figure appears If you select one of the default chains the Edit Chain dialog box appears 3 Select the desired policy from the Policy pull down menu and then click OK 4 Click apply changes 5 To edit any rules for this chain go to To Edit a Rule T To Add a Rule 1 Go to Network Firewal...

Page 231: ...iguration 2 Select the chain that you want to edit from the list and click the Edit Rules button The Edit Rules form appears 3 Select the rule to be edited from the Rules list and then click the Edit button The Edit Rule dialog box appears 4 Modify the rule as desired For definitions of the fields in this form see Firewall Configuration on page 186 5 Click OK 6 Click apply changes Host Table The H...

Page 232: ...og box appears 4 Enter the new or modified host address in the IP Address field and the host name in the Name field and then click OK 5 To delete a host select the host you wish to delete and click Delete 6 Click apply changes Static Routes The Static Routes form allows you to manually add routes The Routing Table defines which interface should transmit an IP packet based on destination IP informa...

Page 233: ...twork Static Routes Clicking the Edit or Add buttons brings up a form shown in the following figure Figure 8 40 Expert Static Routes Add and Edit Dialog Boxes Default Route The example shows the fields and menus that appear when the Default route type is selected from the Route pull down menu ...

Page 234: ... appear when the Network route type is selected from the Route pull down menu Figure 8 41 Expert Static Routes Add and Edit Dialog Boxes Network Route The following figure shows the fields and menus that appear when the Host route type is selected from the Route pull down menu ...

Page 235: ...the Add button from the form The system invokes the New Modify Route dialog box 2 Choose Default Network or Host from the Route pull down menu Table 8 18 Expert Fields and Menus for Configuring Static Routes Field or Menu Name Definition Route Choices are Default Network or Host Network IP Appears only when Network route is selected Type the IP address of the destination network Network Mask Appea...

Page 236: ...IP field b Enter the netmask of the destination network in the Network Mask field 4 If you selected Host type the IP address of the destination host in the Host IP field 5 Select Gateway or Interface from the Go to pull down menu and enter the address of the gateway or the name of the interface in the adjacent field 6 Click apply changes ...

Page 237: ... menu to Where Documented Users and Groups Create or edit users and groups establish or change their passwords and access rights and privileges Page 208 Active Port Sessions Show the active sessions as well as their identifications features and usage statistics Page 212 Authentication Enter the authentication method used to access CS Page 214 Security Profiles Select a pre defined Security Profile...

Page 238: ...ccess Regular User Limited Read Write Access Caution There is only one root user for the initial setup of the CS by the administrator The username is root and the default password is bb For security purposes make sure you change this default password as soon as possible Selecting Security Users Groups in Expert mode brings up the form shown in the following figure Figure 9 1 Expert Security Users ...

Page 239: ...rt Security Users and Groups Add User Dialog Box The following table describes the fields in the Add User dialog box Table 9 2 Expert Add User Dialog Field Names and Definitions Field Name Definition User Name Name of the user to be added Password The password associated with the user name Group On the Group pull down menu select Regular User Default or Admin Note To configure a user to be able to...

Page 240: ... new group by entering a group name and a comma separated list of users T To Add a User 1 Go to Security Users and Groups The Users and Groups form displays 2 Click Add The Add User dialog box displays Shell Optional The default shell is bin sh when the user makes an SSH or Telnet connection Comments Optional notes about the user s role or configuration Table 9 2 Expert Add User Dialog Field Names...

Page 241: ...Delete a User or Group 1 Go to Security Users and Groups The Users Groups form displays 2 Select the name of a user or group to delete 3 Click Delete 4 Click apply changes T To Change a User s Password 1 Go to Security Users and Groups The Users and Groups form displays 2 Select the name of the user whose password you want to change 3 Click Change Password The Change User Password dialog box displ...

Page 242: ...rated user names in the Users field 5 Click OK 6 Click apply changes T To Modify a Group 1 Go to Security Users and Groups The Users and Groups form displays 2 Select the name of a group to modify 3 Click Edit The Edit Group form displays 4 Add or delete users from the group as desired 5 Click OK 6 Click apply changes Active Ports Sessions Selecting Security Active Ports Sessions brings up the for...

Page 243: ...statistical data the related data such as CPU usage for a specific client JCPU processes and PCPU processing time The Kill Sessions and Refresh buttons either end or refresh the selected session The following table defines the active ports sessions form fields Table 9 3 Expert Active Ports Sessions Information Field Name Definition User First eight characters of the username TTY Connection method ...

Page 244: ...information you are done 3 To kill a session select the desired session and click the Kill Sessions button Authentication Selecting Security Authentication brings up the form shown in the following figure which is comprised of six tabs JCPU The amount of CPU time consumed by all active processes including currently running background jobs PCPU The amount of CPU time consumed by the current process...

Page 245: ...hod for authenticating logins to CS Identify authentication servers that are configured for logins to CS or to the serial ports Configuring Authentication for CS Logins The default authentication method for CS is Local You can either accept the default or select another authentication method from the Unit Authentication pull down menu on the AuthType form ...

Page 246: ...ty Authentication The AuthType form displays as shown in the figure 9 6 2 To specify an authentication method for login to CS select a method from the Unit Authentication pull down menu 3 Click apply changes 4 Make sure an authentication server is specified for the selected authentication type Configuring Authentication Servers for Logins to CS and Connected Devices If you are configuring any auth...

Page 247: ...tup on CS for both types of authentication servers The administrator completes the appropriate form through the Web Manger Expert Security Authentication to setup an authentication server for every authentication method to be used by CS and its ports The following table lists the procedures that apply to each authentication method Table 9 4 Tasks for Setting up Authentication Servers Method Variat...

Page 248: ...Local 1 Go to Security Authentication RADIUS in Expert mode The RADIUS form displays as shown in the following figure Figure 9 7 Expert Security Authentication Radius 2 Fill in the form according to your local RADIUS server configuration 3 Click apply changes The changes are stored in etc raddb server on CS NIS NIS Local NIS NIS Local or NISDownLocal See To Configure a NIS Authentication Server on...

Page 249: ... procedures for a RADIUS authentication server refer to the CS Command Reference Guide Chapter 3 Section 3 4 Group Authorization T To Configure a TACACS Authentication Server Perform the following procedure to configure a TACACS authentication server when CS or any of its ports are configured to use TACACS authentication method or any of its variations Local TACACS TACACS Local or TACACS DownLocal...

Page 250: ... user can request authentication verification from the server before sending an authentication failure message to the user enter a number in the Retries field 6 Click apply changes The changes are stored in etc tacplus conf on the CS Group Authorization on TACACS Using an authorization method in addition to authentication provides an extra level of system security Selecting Security Authentication...

Page 251: ...LDAP The authentication server s IP address You can enter information in the following fields but an entry is not required LDAP User Name LDAP Password LDAP Login Attribute Work with the LDAP server administrator to ensure that the following types of accounts are set up on the LDAP server and that the administrators of the CS and the connected devices know the passwords assigned to the accounts An...

Page 252: ...ase field with o as in o value o value 4 Replace the default base name with the name of your LDAP domain For example for the LDAP domain name blackbox com the correct entry is dc blackbox dc com 5 Enable Secure LDAP if required 6 Enter optional information in LDAP User Name LDAP Password and LDAP Login Attribute fields 7 Click apply changes The changes are stored in etc ldap conf on the CS Group A...

Page 253: ...eros server Also work with the Kerberos server s administrator to ensure that following types of accounts are set up on the Kerberos server and that the administrators of the CS and connected devices know the passwords assigned to the accounts An account for admin If Kerberos authentication is specified for CS accounts for all users who need to log into the CS to administer connected devices If Ke...

Page 254: ...ver see To Configure Time and Date Using an NTP Server on page 306 b To manually set the time and date on the CS see To Manually Set the Time and Date on page 306 c Work with the Kerberos authentication server administrator to synchronize the time and date between CS and the Kerberos server 3 Set the timezone on CS by going to Administration Time Date in Expert mode as per the following figure The...

Page 255: ...ver 6 Click apply changes T To Configure a NIS Authentication Server Perform the following procedure to configure a NIS authentication server when CS or any of its ports is configured to use NIS authentication method or any of its variations Local NIS NIS Local or NISDownLocal 1 Go to Security Authentication NIS in Expert mode The NIS form displays as shown in the following figure ...

Page 256: ...thentication NIS 2 Fill in the form according to your configuration of the NIS server 3 Click apply changes Security Profiles Selecting Security Security Profile brings up the form shown in the following figure Figure 9 13 Expert Security Security Profile ...

Page 257: ...nded security level This profile enables SSHv1 SSHv2 HTTP HTTPS Telnet SSH and Raw connections to the Serial Ports In addition ICMP and HTTP redirection to HTTPS are enabled Authentication to access the serial ports is not required 3 Open The Open profile enables all services such as Telnet SSHv1 SSHv2 HTTP HTTPS SNMP RPC ICMP and Telnet SSH and Raw connections to the Serial Ports Authentication t...

Page 258: ...xpert Enabled services to access the serial ports under each security profile 1 The Default security profile parameters is the same as Moderate profile Access to CS Secure Moderate Open Default1 Custom Telnet 3 SSHv1 3 3 3 SSHv2 3 3 3 3 Allow SSH root access 3 3 3 HTTP 3 3 3 HTTPS 3 3 3 3 HTTP redirection to HTTPS 3 3 Access to Serial Ports Secure Moderate Open Default1 Custom Console Telnet 3 3 3...

Page 259: ...to Step1 Security Profile in the Wizard mode Further navigation to other sections of the Web Manager is not possible without selecting or configuring a Security Profile Once you select or configure a Security Profile and save the changes CS restarts 2 CS firmware is upgraded and the system is restarting with the new firmware In this situation the CS was already in use and certain configuration par...

Page 260: ...ctory settings of serial ports Figure 9 14 Expert Physical Ports Default Factory Settings The following situations apply to serial ports when you modify or change a security profile If you reconfigure the security profile and restart the Web manager you need to make sure the serial ports protocols and access methods match the selected security profile The following reminder dialog box appears when...

Page 261: ...to access Expert Ports Physical Ports Figure 9 16 Serial Ports Protocol Incompatibility Dialog Box T To Select or Configure a Security Profile The following procedure assumes you have installed a new CS at your site or you have reset the unit to factory default 1 Enter the assigned IP address of the CS in your browser and login as an administrator The following security warning dialog box appears ...

Page 262: ...ry Dialog Box Note Your browser s pop up blocker should be disabled for this dialog box to appear 2 Review the Security Advisory and click the Close button 3 The Web Manager is redirected to Wizard Step 1 Security Profile The following form is displayed ...

Page 263: ...ide 233 Figure 9 18 Wizard Step 1 Security Profile Form 4 Select a pre defined Security Profile by pressing one of the Secured Moderate Open or Default profiles or create a Custom profile The following dialog box appears when you select the Custom profile ...

Page 264: ...utions to understand the potential impacts of each individual service configured under the Custom profile Refer to Table 9 5 on page 228 and the subsequent tables for a comparison of the available services in each security profile Refer to the Glossary for a definition on some of the available services ...

Page 265: ...rder for the changes to take effect The following dialog box appears 6 Select apply changes to save the configuration to Flash CS Web Manager restarts 7 Login after Web Manager restarts 8 The Web Manager defaults to Ports Ports Status page Proceed to the desired forms and the related tasks outlined in the table below Table 9 8 Configuring CS in Expert Mode Configure Users and Groups Users and Grou...

Page 266: ...n 3 7 Certificate for HTTP Security User Configured Digital Certificate You can generate a self signed digital certificate It is highly recommended that you use the openssl tool to generate a self signed certificate and replace the CS generated certificate The procedures to configure a self signed digital certificate is documented in the CS Command Reference Guide Chapter 3 Authentication Section ...

Page 267: ...ctivate the serial ports Set the parameters for each or all ports Configure specific parameters for the serial ports where IPDU devices are connected Page 239 Virtual Ports Perform Clustering This section shows how to define and configure slaves One CS can be used as a Master to control other CS slaves units All ports of the slave unit appear as if they are part of the master unit Page 281 Port St...

Page 268: ...atus Allows you to view ports connection status Ports Statistics Allows you to view serial ports connection statistics Selecting Ports in Expert mode brings up the form shown in the following figure Figure 10 1 Expert Ports Ports Statistics View information on the data reception Rx bytes and transmission Tx bytes on each physical port View current CAS user s Baud rate frame parity break and overru...

Page 269: ...re parameters for individual or a group of serial ports You can select contiguous serial ports on the form by using the Shift key or non contiguous ports by using the Ctrl key on your keyboard You can Enable Selected Ports or Disable Selected Ports by pressing the corresponding button You can select the Modify All Ports button to specify the same parameters for all the serial ports or you can sele...

Page 270: ... multiple ports in a range click the first port in the list and then hold down the Shift key while selecting another port or ports To select multiple ports that are not in a range click the first port in the list and then hold down the Ctrl key while selecting another port 3 Go to the desired procedure from the following list To Configure a Serial Port Connection Protocol for a Console Connection ...

Page 271: ...sers to individual physical ports 4 Click apply changes General Under Ports Physical Ports in Expert Mode if you select one or more ports from the ports list and click the Modify button the General form appears as shown in the following form To Configure Multiple Sessions and Port Sniffing for One or More Serial Ports Page 270 To Configure a Serial Port for IPDU or IPMI Power Management Page 274 T...

Page 272: ... number s of the selected port s displays next to the Done button at the bottom of the form in the format Selected ports N where N stands for the port number Connection Profiles The following sections describe the available connection protocols for each connection profile to the serial ports Console Access Server CAS Page 243 Terminal Server TS Page 243 Bidirectional Telnet Page 245 Modem RAS Page...

Page 273: ... can use SSH but cannot use Telnet to access the serial port The following table shows the options from the list of connection protocols when CS serial port is connected to the console port of a server or a device Terminal Server TS Profile Connection Protocols When a computer terminal is connected to the console port on a device a Terminal Server TS profile must be defined for the serial port Tab...

Page 274: ...cted Protocols Protocol Name Result Telnet Dedicates a computer terminal that is connected to a serial port to access a server using the Telnet protocol When the attached terminal is powered on CS opens a Telnet session on the server The server s IP address should be specified on the Other form Ports Physical Ports Other SSHv1 Dedicates a computer terminal that is connected to the selected serial ...

Page 275: ...orts Physical Ports Access form The administrator can build custom menus using the Terminal Profile Menu form accessible from Web Manager Applications Terminal Profile Menu or Local Terminal Dedicates a computer terminal that is connected to the selected serial port for connecting to CS When the attached terminal is powered on CS opens a Telnet session on itself The user then can use any of the CS...

Page 276: ...ify Ports button The General form appears The port configuration section includes six forms in tabbed format as shown in the following figure Table 10 4 Expert Protocols for Serial Ports Connected to Modems or IPDUs Protocol Name Result PPP No Auth Starts a PPP session without interactive authentication required Assumes the specified CS serial port is connected to an external modem PPP Starts a PP...

Page 277: ...s with the number s of the selected port s next to the Done button at the bottom of the form and all the active tabs in yellow Figure 10 6 Expert Ports Physical Ports Console Connection 3 To change the connection protocol select one of the options from the Connection Protocol pull down menu Console Telnet Console SSH Console Telnet SSH or Console Raw The default is Console Telnet ...

Page 278: ... T To Configure a Serial Port Connection Protocol for a Bidirectional Telnet This procedure assumes that the selected serial port is physically connected to a terminal For more information on Bidirectional Telnet connection protocol see Bidirectional Telnet Protocol on page 245 1 Go to Ports Physical Ports in Expert mode select a port or ports to modify click the appropriate Modify Ports button Th...

Page 279: ...s next to the Done button at the bottom of the form and the active tabs highlighted in yellow Figure 10 9 Expert Ports Physical Ports Bidirectional Telnet Connection 3 To change the connection protocol select Bidirectional Telnet from the Connection Protocol pull down men Figure 10 10 Connection Protocols Bidirectional Telnet ...

Page 280: ... In the BidirectionShell Command field enter the menu shell command for example bin menush to build a custom menu for the TS profile 6 To customize a menu shell go to Web Manager Applications Terminal Profile Menu form For more information on configuring a menu shell see Terminal Profile Menu on page 146 T To Configure a Serial Port Connection Protocol for a Terminal Server This procedure assumes ...

Page 281: ...on at the bottom of the form and the active tabs highlighted in yellow Figure 10 12 Expert Ports Physical Ports Terminal Server Connection 3 To change the connection protocol select a Terminal Server connection from the Connection Protocol pull down men Telnet SSHv1 SSHv2 Local Terminal or Raw Socket Figure 10 13 Connection Protocols Terminal Server ...

Page 282: ...ify the TCP Port number the IP address of the remote host and the terminal type using the Other form The Other form is located at Ports Physical Ports Modify Selected Ports Other 6 If you are finished click Done 7 Click apply changes T To Configure a Serial Port Connection Protocol for an External Modem This procedure assumes that the selected serial port is physically connected to an external mod...

Page 283: ...s next to the Done button at the bottom of the form and the active tabs highlighted in yellow Figure 10 15 Expert Ports Physical Ports Modem Connection 3 To change the connection protocol select one of the options from the Connection Protocol pull down menu PPP No Auth PPP SLIP or CSLIP Figure 10 16 Connection Protocols Modem ...

Page 284: ...one 7 Click apply changes T To Configure a Power Management Protocol for an IPDU This procedure assumes that an IPDU is physically connected to the selected serial port 1 Go to Ports Physical Ports in Expert mode select a port or ports to modify click the appropriate Modify Ports button The General form appears The port configuration section includes six forms in tabbed format as shown in the foll...

Page 285: ...10 18 Expert Ports Physical Ports Power Management Connection 3 To change the connection protocol select Power Management from the Connection Protocol pull down menu Figure 10 19 Connection Protocols Power Management 4 Enter a desired name for the IPDU in the Alias field ...

Page 286: ...ure 10 20 Access Authentication Types Note Authentication type None is not a valid option when the serial port is configured for Power Management connection protocol The system defaults to Local if no authentication type is selected 7 Go to Other tab a A default TCP port number is displayed in the TCP Port field Enter an alternate port number if you are overriding the default b Enable Biometric Au...

Page 287: ...Go to Ports Physical Ports in Expert mode select a port to modify and click the Modify Ports button 2 Enter the desired string in the Alias field 3 Click Done 4 Click apply changes Note The Alias field cannot be set if you select the Modify All Ports T To Configure Serial Port Settings to Match the connected devices The settings for a serial port must match the connection settings on the connected...

Page 288: ...e for serially managed devices 3 To change the flow control select None Hardware or Software from the Flow Control pull down menu The default is None 4 To change the parity select None Odd or Even from the Parity pull down menu The default is None 5 To change the data size select an option from 5 to 8 from the Data pull down menu The default is 8 6 To change the stop bits select 1 or 2 from the st...

Page 289: ...garded or not select either Disregard or Regard 8 Click Done 9 Click apply changes Access Under Ports Physical Ports in Expert Mode after you select one or more serial ports and click the Modify Port s select the Access form from the tabbed menu The following form appears Figure 10 22 Expert Ports Physical Ports Access Form ...

Page 290: ...oadmin johnd Note that the names are separated by a comma Type Select an authentication type for the serial port from the pull down list The default is no authentication Type None Note Authentication type None is not a valid option when the serial port is configured for Power Management connection protocol The system defaults to Local if no authentication type is selected BidirectionLogin Timeout ...

Page 291: ...ne 6 Click apply changes Authentication Methods and Fallback Mechanism The following table provides a brief description of the authentication methods When an authentication method is configured to be performed by an authentication server such as Kerberos LDAP RADIUS or TACACS the user can get access denial if either the authentication server is down or it does not authenticate him her An authentic...

Page 292: ...entication is performed against an LDAP database using an LDAP server LDAP Local LDAP authentication is tried first switching to Local if unsuccessful LDAPDownLocal Local authentication is performed only when the LDAP server is down Local Authentication is performed locally For example using the etc passwd file Local Radius Authentication is performed locally first switching to Radius if unsuccess...

Page 293: ...ges are stored in etc portslave pslave conf on CS 6 Make sure that an authentication server is specified for the selected authentication type NISDownLocal Local authentication is performed only when the NIS server is down Radius Authentication is performed using a Radius authentication server Radius Local Radius authentication is tried first switching to Local if unsuccessful RadiusDownLocal Local...

Page 294: ...res to Configure an Authentication Server Authentication Method Where Documented Kerberos Kerberos Local or Kerberos DownLocal To Configure a Kerberos Authentication Server on page 223 LDAP LDAP Local or LDAP DownLocal To Configure an LDAP Authentication Server on page 221 NIS Local NIS NIS Local or NIS DownLocal To Configure a NIS Authentication Server on page 225 RADIUS Local RADIUS RADIUS Local...

Page 295: ...nation menu If Buffer to Syslog is checked data buffer files are sent to the syslog server Note Go to Wizard Step 5 System Log or Expert Network Syslog to set up a syslog server The following form shows both checkboxes Enable Data Buffering and Buffer to Syslog and the Local destination selected Figure 10 24 Expert Ports Physical Ports Data Buffering The following table describes the fields availa...

Page 296: ...figured with the mount point shared exported and the shared directory from the NFS server must be mounted on the CS Record the timestamp Save a timestamp with the data in the data buffer file Show Menu Options for the buffer file Syslog Server The IP address for the preconfigured Syslog server Facility Number Choose a facility number to assign to CS Obtain the facility number for CS from the syste...

Page 297: ...iles are stored locally or remotely on a file server b If you chose Local from the Destination pull down menu do the following i Choose Circular or Linear from the Mode pull down menu ii Enter a size larger than 0 in the File Size Bytes field c If you chose Remote from the Destination pull down menu enter the NFS mount point for the directory where data buffer file is to be stored in the NFS File ...

Page 298: ...7 c Enter the maximum size of the buffer in the Syslog Buffer Size field d Click the radio button next to one of the following options Buffer Syslog at all times Buffer only when nobody is connected to the port 5 Click Done 6 Click apply changes To configure alarm notifications to be sent based on the type of buffered data use the Notifications form Expert Administration Notifications Multi User U...

Page 299: ... Allow Multiple Sessions drop down menu the Privilege Users field should be populated with the usernames who have access rights The following table describes the available fields on the Multi User Form Table 10 9 Expert Multi User Form Fields Field Name Definition Allow Multiple Sessions Options are No Yes show menu Read Write do not show menu and ReadOnly do not show menu See Table 10 9 for more ...

Page 300: ...tion No Do not allow multiple sessions Only two users can connect to the same port simultaneously One shared session and one normal session are allowed Yes show menu More than two simultaneous users can connect to the same serial port A Sniffer menu is presented to the user and they can choose to Open a sniff session Open a read write session Cancel a connection Send a message to other users conne...

Page 301: ...llowed multiple sessions complete the following fields a Add usernames to the Privilege Users field b Enter a hot key in the Menu Hotkey field to display the sniffer menu on the monitor The default shown is z The caret stands for the Ctrl key c Enable the Notify Users field if desired 6 Click Done 7 Click apply changes Power Management Under Ports Physical Ports in Expert Mode after you select one...

Page 302: ...fers to IPDU power management Applications IPDU Power Mgmt Additional fields appear on the form if Enable Power management on this port and Enable IPMI on this port are checked as shown in the following figure Figure 10 27 Expert Ports Physical Ports Power Management The following table describes the available fields in the power management form Table 10 11 Expert Power Management Form Fields Fiel...

Page 303: ...orts and the assigned outlet numbers Power Management Key The key sequence which the authorized user s can use to perform power management The default for IPDU power management is Ctrl p p Allow All Users Radio button to allow all users to perform power management on the configured port Allow Users Groups Radio button to allow only selected users or groups to perform power management on the config...

Page 304: ...et dialog box appears as shown in the following figure In this dialog box you can specify the AlterPath PM IPDU and the outlet number s into which the device is plugged Figure 10 28 Expert Ports Physical Ports Power Management Add Outlets Dialog Box The PM on the Power Management Alias pull down menu in the example figure indicates that a serial port is configured for power management and an IPDU ...

Page 305: ...d Enter a caret for the escape key as in p The caret stands for the Ctrl key If you want to configure IPMI power management on this port continue to Step 3 If you are done go to Step 4 3 To enable IPMI Power Management of an IPMI device connected to the currently selected port do the following steps This procedure assumes you have added the connected IPMI device in the Applications IPMI Power Mgmt...

Page 306: ... ports 1 Configure a serial port for IPDU power management as described in the previous section 2 To permit everyone to perform power management on this port click the Allow All Users radio button Figure 10 29 Expert Ports Physical Ports Power Management Allow All Users 3 To restrict power management on this port to a set of users authorized to access this port click the Allow Users Groups Figure ...

Page 307: ...n Expert Mode after you select one or more serial ports and click the Modify Port s you can select the Other form from the tabbed menu to configure other options The following form appears Figure 10 31 Expert Ports Physical Ports Other Form You can use this form to configure other settings The options on this form may be less common settings The following table describes the available fields in th...

Page 308: ...n menu on the General form Windows EMS Checkbox to enable Windows EMS Emergency Management Services Appears only when a console CAS profile is selected from the Connection Protocol drop down menu on the General form Biometric Authentication Required Adds another layer of security by using the AlterPath Bio authentication scanner This option is available when a Console SSH or a Console TelnetSSH pr...

Page 309: ...e Break Sequence Usually a character sequence break Ctrl b Login Banner Enter the text you wish to appear as a login banner when logging into a terminal Host to Connect This field should be populated with the IP address of the device you are connecting to The field is displayed when a terminal server TS profile is selected from the Connection Protocol drop down menu on the General form Terminal Ty...

Page 310: ...terval enter another number in the TCP Keep alive Interval field 8 To change the idle timeout interval enter another value in the Idle Timeout field 9 Specify stty options if desired in the STTY Options field 10 To change the break interval enter a new number in the Break Interval field 11 To change the break sequence enter a new sequence in the Break Sequence field 12 To change the content of the...

Page 311: ...d in the STTY Options field 7 To change the break interval enter a new number in the Break Interval field 8 To change the break sequence enter a new sequence in the Break Sequence field 9 To change the content of the login banner enter new text in the Login Banner field 10 For a dedicated terminal enter the IP address of the desired host in the Host to Connect field 11 Enter the type of terminal i...

Page 312: ...or ports that are configured as CAS profile You can use one CS as the master unit to control other CS units as slaves The ports on the slave unit s appears as if they are part of the master unit Note Multiple IPDUs should only be connected and daisy chained through the serial port of the master CS unit when you are configuring a cluster This section shows you how to define and configure the slaves...

Page 313: ...0 13 Expert New Modify Port Dialog Box Fields Field Name Definition Number of Ports Number of ports on each slave unit Choices are 1 4 8 16 32 and 48 First Local Port Number The first unallocated port number for the slave For example if the master unit has 16 ports ports 1 16 are allocated The First Local Port Number is then 17 Local IP The IP address for the master CS or it can be the global IP a...

Page 314: ...irst Local TCP Port No The first TCP port number for the slave For example if the master unit has 16 ports the allocated TCP port numbers to the master are 7001 7016 The First Local TCP Port No is then 7017 This is a virtual TCP port number Remote IP The IP address of the slave First Remote TCP Port Number The first TCP port number of the slave The default is 7001 Protocol The communication protoc...

Page 315: ...d be connected individually to an IP network The units should not be cascaded 1 Go to Ports Virtual Ports in Expert mode and click the Add button to add new slave ports or click the Edit button to edit a slave port The New Modify Port dialog box appears Figure 10 35 Expert Ports Virtual Ports New Modify Port Dialog Box 2 From the drop down menu select the number of ports that you want to assign as...

Page 316: ...ber on the master 6 Enter the Remote IP address This is the IP address of the slave 7 Enter the First Remote TCP Port Number This is the first TCP port number of the slave The default is 7001 8 Select the communication protocol between the master and the slave from the Protocol pull down menu The options are Telnet or SSH T To Assign Names to Slave ports in the Cluster Pressing the Port Names butt...

Page 317: ...box Use this form to assign a name or alias to the slave ports in the cluster Use a naming convention for effective management of the CS units and the connected devices on your network Ports Status Selecting Ports Port Status in Expert mode brings up the following read only form which displays tabular serial port status information ...

Page 318: ... you click the Refresh button Table 10 14 Expert Port Status Read Only Form Ports Statistics Selecting Ports Port Statistics in Expert mode brings up the following read only form Column Name Description Port The serial port number Alias Displays the name alias for the serial port if one is assigned by the administrator RS232 Signal Status Serial Communication Signal Status Current User s Displays ...

Page 319: ...on this page gets updated when you click the Refresh button Table 10 15 Expert Ports Port Status Read Only Form Column Name Description Port The serial port number Alias Displays the name alias for the serial port if one is assigned by the administrator Baud Rate The measure of how fast data is moving between devices Tx Bytes Data transmitted Rx Bytes Data received Frame A formatted packet of data...

Page 320: ...used but can be odd or even A None parity means that data has not exchanged Break An out of band signal on an RS 232 serial port that involves making the Tx data line active for more than two whole character times or about 2ms on a 9600bps line Overrun The amount of time it takes for the new data to overwrite the older unread data Column Name Description ...

Page 321: ...lection Use this menu to Where Documented System Information View information on the system hardware version file system and PCMCIA cards loaded Page 292 Notifications Configure the alarm strings and the destination of the notification CS can send notification by email pager or SNMP trap in the occurrence of any system warnings and alarms Page 295 Time Date Set the timezone and configure the syste...

Page 322: ...stem in the event that the CS fails to boot successfully CS can boot from its internal firmware or from the network Page 307 Backup Config Configure an FTP server to save and retrieve your CS configuration or choose a storage device to store your configuration Page 310 Upgrade Firmware Upload or upgrade to a new firmware Page 313 Reboot Reboot the CS Page 316 Online Help Configure a path to a loca...

Page 323: ...BLACK BOX CS Installation Administration and User s Guide 293 Figure 11 1 Expert Administration System Information You can use the form to view the information shown in the following table ...

Page 324: ... Current Date Up Time Power Supply State CPU CPU Type Clock Speed Revision Bogomips Memory MemTotal MemFree Buffers Cached SwapCached Active Inactive HighTotal HighFree LowTotal LowFree SwapTotal SwapFree Dirty Writeback Mapped Slab CommitLimit Committed_AS PageTables VmallocTotal VmallocUsed VmallocChunk ...

Page 325: ...m Information form appears 2 To view all the information scroll down the form Notifications Selecting Administration Notifications in Expert mode brings up the following form PCMCIA Socket 0 and Socket 1 Identification Configuration and Status RAMDisk Usage Filesystem 1k blocks Used Available Use Mounted Table 11 2 System Information Information Parameters ...

Page 326: ...erial ports You can configure notifications to be sent to users through email pager or SNMP traps The following table describes the available fields in the Notifications form Table 11 3 Expert Notifications Form Fields Field Name Definition Notification Alarm for Data Buffering Enable by placing a checkmark in this field unlabeled view table List of alarm types and triggers unlabeled dropdown list...

Page 327: ...ministration Notifications in Expert mode The Notifications form appears 2 Enable Notification Alarm for Data Buffering by clicking the checkbox 3 Select Email Pager or SNMP trap from the pull down menu 4 To create a new entry for an event to trigger an alarm or notification click the Add button 5 To edit a previously configured trigger click the Edit button 6 Depending on your notification method...

Page 328: ...fications Email Add Edit Dialog box The following table describes the available fields in the email notification entry dialog box Table 11 4 Expert Email Notifications Dialog Box Fields Field Name Definition Alarm Trigger The trigger expression used to generate an alarm ...

Page 329: ... proceed 4 Enter or change the recipient for the notification email in the To field 5 Enter or change the sender email address in the From field 6 Enter or change the subject in the Subject field 7 Enter or edit the text message in the Body field 8 Enter or change the SMTP server s IP address in the SMTP Server field 9 Enter or change the SMTP port number in the SMTP Port field 10 Click OK 11 Clic...

Page 330: ...otifications Entry When you go to Administration Notifications select Pager from the pull down menu and click on Add or Edit button the following dialog box appears Figure 11 4 Expert Administration Notifications Pager Add Edit Dialog box ...

Page 331: ...er field 3 If you need to edit an existing notification select it from the drop down list and proceed 4 Enter or change the pager number in the Pager Number field 5 Enter or edit the text that describes the event in the Text field Table 11 5 Expert Pager Notifications Dialog Box Field Name Definition Alarm Trigger The trigger expression used to generate an alarm untitled dropdown field The first t...

Page 332: ...ess or name and the SMS port number in the SMS User Name SMS Server and SMS Port fields respectively 7 Click OK 8 Click apply changes SNMP Trap Notifications Entry When you go to Administration Notifications select SNMP Trap from the pull down menu and click on Add or Edit button the following dialog box appears ...

Page 333: ... trap notification entry dialog box Table 11 6 Expert SNMP Trap Notifications Dialog Box Field Name Definition Alarm Trigger The trigger expression used to generate an SNMP trap untitled dropdown field The first time you specify an alarm trigger the pull down menu is empty A new trigger gets listed in the menu after it is created OID Type Value The value that uniquely identifies an object to the S...

Page 334: ...Accept the trap number or select a new one from the Trap Number pull down menu 6 Enter a community in the Community field 7 Enter the IP address of the SMTP Server 8 Enter a message in the Body text area 9 Click OK 10 Click apply changes Serial Ports Alarm Notification You can configure the notification entry form to monitor the DCD signal such that the system will generate an alarm in any of the ...

Page 335: ...Date in Expert mode brings up the form shown in the following figure Figure 11 6 Expert Administration Time Date You can use the Time Date form in Expert mode to set the CS s time and date in one of the following two methods Manual configuration by entering the time and date in the form Set up using the NTP server Enabling Network Time Protocol NTP synchronizes the CS s system clock with an NTP se...

Page 336: ...anually Set the Time and Date 1 Go to Administration Time Date in Expert mode The Time Date form appears 2 Select a timezone from the Timezone pull down list 3 Select Disable from the Network Time Protocol menu 4 Type the date and time in the fields provided 5 Click apply changes T To Configure Time and Date Using an NTP Server 1 Go to Administration Time Date in Expert mode The Time Date form app...

Page 337: ...ation Boot configuration defines the location from where CS loads the operating system The CS can boot from its internal firmware or from the network By default CS boots from flash memory If you need to boot from the network you need to make sure the following prerequisites are met A TFTP or BOOTP server must be available on the network An upgraded CS boot image file must be available on the TFTP ...

Page 338: ...oot Type Select to boot from a TFTP server a BOOTP server or both Boot File Name Filename of the boot program Server s IP Address The IP address of the TFTP or the BOOTP server Console Speed An alternative console speed from 4800 to 115200 9600 is the default Flash Test Select to test boot from the Flash card You can Skip this test or do a Full test RAM Test Select to test boot from RAM You can Sk...

Page 339: ...s a Enter the IP address of the TFTP or BOOTP server in the Server s IP Address field b Select a console speed from the Console Speed pull down menu to match the speed of the terminal you are using on the console port of the CS c Select Skip or Full from the Flash Test pull down menu to bypass or run a test on the flash memory at boot time d Select Skip Quick or Full from the RAM Test pull down me...

Page 340: ... pull down menu options on this form are FTP and Storage Device The storage device can be either a compact flash or an IDE PCMCIA drive Use an FTP server to save and retrieve your CS configuration For the backup configuration to work the FTP server must be on the same subnet Ensure that it is accessible from CS by pinging the FTP server Use a storage device such as a compact flash or an IDE PCMCIA...

Page 341: ...inging the FTP server Path and Filename Path of a directory on the FTP server where you have write access for saving the backup copy of the configuration file Specify a filename if you want to save the file under another name For example to save the configuration file zvmppcbb 0720 bb in a directory called upload on the FTP server you would enter the following in the Path and Filename field upload...

Page 342: ...rs 2 Select FTP from the Type pull down menu 3 Enter the IP address of the FTP server in the Server IP field 4 Enter the directory path on the FTP server where you have write permissions in the Path and Filename field Enter the filename after the Field Name Definition Default Configuration The system saves the configuration in the storage device but does not override the internal flash configurati...

Page 343: ...elect Default Configuration and press the Save button 3 To restore a copy of the configuration files saved on the storage device without replacing the internal flash configuration select Default Configuration and press the Load button 4 Click apply changes 5 Reboot the system See Administration Reboot for details if needed 6 To replace the configuration saved on the storage device previously selec...

Page 344: ...rectly through BLACK BOX FTP site at ftp ftp blackbox com lan Term Servers or download the new firmware to a local FTP server and upgrade from there Note Check the file name for the upgrade version and read the upgrade instructions carefully Distinct procedures are required depending on the version you are upgrading from The following table describes the fields in the Upgrade Firmware form Table 1...

Page 345: ...server in the Password field 6 Enter the pathname of the file on the ftp server in the Path and Filename field 7 Click the Upgrade Now button 8 Click cancel changes if you need to restore the backed up configuration files FTP Site The URL of the FTP server where the firmware is located This can be a local FTP server or the BLACK BOX FTP site at ftp ftp blackbox com lan Term Servers Username Userna...

Page 346: ...ert mode brings up the form shown in the following figure Figure 11 12 Expert Administration Reboot Clicking the Reboot button reboots the CS T To Reboot the CS 1 Go to Administration Reboot in Expert mode 2 Click the Reboot button A confirmation dialog box appears 3 Click OK ...

Page 347: ...ny form in the Web Manager pressing the Help button opens a new window and redirect its content to the configured path for the online help documentation The CS administrator can download the online help and reconfigure the path to a local server where the online help can be stored The CS firmware stores the new link in flash and accesses the online help files whenever the help button is clicked T ...

Page 348: ...re the path to the location of the documenation on your local server Note When a directory path is ended with a the firmware appends the product name and verison For example http www myserver com online help would be http www myserver com online help cs firmware version ...

Page 349: ...32 Serial Ports on RJ45 PCMCIA slots supporting Secondary Ethernet Wireless networking CDMA GPRS GSM V 90 modems ISDN Power Internal 100 240VAC 50 60 Hz Optional Dual entry redundant power supplies 48VDC option available Operating Temperature 50 F to 112 F 10 C to 44 C Storage Temperature 40 F to 185 F 40 C to 85 C Humidity 5 to 90 non condensating Dimensions CS1 6 3 x 4 0 x 1 5 in 16 x 10 x 3 8 c...

Page 350: ...Technical Specifications 320 Certification FCC Part 15 A EN55022 A CE EN55024 UL 1950 Solaris Ready ...

Page 351: ...mounting the Advanced Console Server Safety Guidelines for Rack Mounting the CS Page 321 Safety Precautions for Operating the CS Page 322 Working inside the BLACK BOX CS Page 324 Replacing the Battery Page 324 FCC Warning Statement Page 325 Notice About FCC Compliance for all Advanced Console Server Models Page 325 Canadian DOC Notice Page 325 Aviso de Precaución S Mark Argentina Page 326 Trabajar...

Page 352: ...uipment is not compromised Mechanical Loading Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading Circuit Overloading Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of circuits might have on overcurrent protection and supply wiring Appropriate conside...

Page 353: ...ve the grounding prong from the cable If you have to use an extension cable use a three wire cable with properly grounded plugs Caution To help protect the Advanced Console Server from electrical power fluctuations use a surge suppressor line conditioner or uninterruptible power supply Be sure that nothing rests on the cables of the CS and that they are not located where they can be stepped on or ...

Page 354: ... unpainted metal surface on the back of the equipment before touching anything inside the unit Electrostatic Discharge ESD Precautions When handling any electronic component or assembly you must observe the following antistatic precautions to prevent damage Always wear a grounded wrist strap when working around printed circuit boards Treat all assemblies components and interface connections as sta...

Page 355: ...e harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user is required to correct the problem at his or her own expense Notice About FCC Compliance for all Advanced Console Server Models To comply with FCC standards the Advanced Console Server requires the use of a shielded CAT 5 cable for the Ethe...

Page 356: ...lice una que tenga tres cables con clavija para conexión a tierra Para proteger al Advanced Console Server de fluctuaciones en corriente eléctrica utilice una fuente eléctrica de respaldo Asegurarse de que nada descanse sobre los cables del Advanced Console Server y que los cables no obstruyan el paso Asegurarse de no dejar caer alimentos o bebidas en el BLACK BOX CS Installation Administration an...

Page 357: ...Advanced Console Server No intente dar servicio al Advanced Console Server solo que este bajo la dirección de Soporte Técnico de BLACK BOX Si este es el caso tome las siguientes precauciones Apague el Advanced Console Server Asegurase que este tocando tierra antes de tocar cualquier otra cosa que puede ser al tocar la parte trasera del equipo Batería Caution Una batería nueva puede explotar si no ...

Page 358: ...Safety Regulatory and Compliance Information 328 ...

Page 359: ... Cards Brand Model 10BT Ethernet 3Com Megahertz 10Mbps LAN Card Model 3CCE589ET Discontinued 10 100BT Ethernet Linksys3 EtherFast 10 100 PC Card Model PCM100 v2 FCC ID MQ4FE1KMX Linksys3 EtherFast 10 100 PC Card Model PCM100 v2 FCC ID MQ4FE1KAX Linksys3 EtherFast 10 100 PC Card Model PCM100 v2 FCC ID MQ4FE1500A Linksys3 EtherFast 10 100 PC Card Model PCM100 v2 FCC ID MQ4FE1500C Xircom XE2000NA 10 ...

Page 360: ...Fiber Optic Danpex 1300C FX100BT SC Danpex 1300C FX100BT ST V 90 56k Modem Xircom XM5600 56K Modem PC Card Zoom Modem V 92 PC Card Plus Model 3075 ISDN AVM Fritz Card v2 0 Sedlbauer Sedlbauer Speed Star II ISDN card CDMA Growell iCARD800 CDMA 1XRTT GSM GPRS Sierra Wireless1 AirCard 750 GSM Sierra Wireless1 AirCard 750 GPRS Novatel Wireless Merlin G201 Discontinued Option Wireless Globe Trotter Uni...

Page 361: ... v3 cards have specific FCC ID numbers on the PCMCIA card The cards with specific FCC ID that are supported are listed above Note the FCC ID before purchase Compact Flash2 SanDisk 64MB CF Memory Adapter Discontinued St Micro 128MB CF Memory Adapter Kingston 128MB CF Memory Adapter Kingston 256MB CF Memory Adapter Kingston 512MB CF Memory Adapter Other Most other adapters and compact flash should a...

Page 362: ...Supported PCMCIA Cards 332 ...

Page 363: ...scan for viruses causing problems for some installation programs Baud Rate The baud rate is a measure of the number of symbols characters transmitted per unit of time Each symbol will normally consist of a number of bits so the baud rate will only be the same as the bit rate when there is one bit per symbol The term originated as a measure for the transmission of telegraph characters It has little...

Page 364: ... be booted either by turning its power on Cold Boot or by pressing Ctrl Alt Del Warm Boot Break Signal A break signal is a logical zero on a TXD or RXD lines for a period of time usually 250 to 500 milliseconds Normally a receive or transmit data signal stays at the mark on 1 voltage until the next character is transferred A Break is sometimes used to reset the communications line or change the op...

Page 365: ...t a time using the keyboard BLACK BOX products run the Linux operating system Administrators type CLI on the command line of the Linux shell The BLACK BOX CLI tool provides many commands and nested parameters in a format called the CLI parameter tree Cluster A cluster is a group of one or more computers working as a group to execute a certain task From the user standpoint a cluster acts as a large...

Page 366: ...rs until they request the information The overall purpose of this is to reduce the work necessary to administer a large IP network The most significant piece of information distributed in this manner is the IP address DNS Server Domain Name Server The computer you use to access the DNS to allow you to contact other computers on the Internet The server keeps a database of host computers and their I...

Page 367: ...this is not universally true An escape sequence is commonly used when the computer and the peripheral have only a single channel in which to send information back and forth If the device in question is dumb and can only do one thing with the information being sent to it for instance print it then there is no need for an escape sequence However most devices have more than one capability and thus ne...

Page 368: ...pages from a server to a user s browser FTP uses the Internet s TCP IP protocols to enable data transfer Hot Swap Ability to remove and add hardware to a computer system without powering off the system ICMP Internet Control Message Protocol is an Internet protocol sent in response to errors in TCP IP messages It is an error reporting protocol between a host and a gateway ICMP uses Internet Protoco...

Page 369: ... that provides encrypted security services These services enable authentication as well as for access and trustwothiness control IPsec provides similar services as SSL but it works on a network layer Through IPsec you can create encrypted tunnels VPN or encrypt traffic between two hosts ISDN A set of communications standards allowing a single wire or optical fibre to carry voice digital network se...

Page 370: ...IC Network Interface Card which interfaces the node to the LAN Masquerading Where a system acts on behalf of other systems such as when an ISP server accesses network services on behalf of a dial up user MTU Short for Maximum Transmission Unit the largest physical packet size measured in bytes that a network can transmit Any messages larger than the MTU are divided into smaller packets before bein...

Page 371: ...ndable during both normal and abnormal conditions Tests address heat release surface temperature fire resistance electomagnetic compatibility electrical safety and manufacturing component characteristics among other attributes Network Mask A 32 bit number used to group IP addresses together or to indicate the range of IP addresses on a single IP network subnet supernet There is a group of addresse...

Page 372: ...D The SNMP manager or the management application uses a well defined naming syntax to specify the variables to the SNMP agent Object names in this syntax are called Object Identifiers Object IDs or OIDs OIDs are series of numbers that uniquely identify an object to an SNMP agent OIDs are arranged in a hierarchical inverted tree structure The OID tree begins with the root and expands into branches ...

Page 373: ...tion from one computer to another The maximum length of a packet depends on the communication medium As an example in Ethernet networks the maximum length is1500 bytes A data packet can be divided into two parts the header part and the data part The header contains information needed for communication between nodes the data is the body of the packet that is ultimately received by the application P...

Page 374: ...d to differentiate among them This is what port numbers are used for Thus a port number may be seen as an address of an application within the computer PPP Point to Point Protocol This protocol is a way to connect your computer to the Internet over telephone lines PPP is replacing an older protocol SLIP as it is more stable and has more error checking features PPP has been a widely used Internet s...

Page 375: ...ines which interface should transmit an IP packet based on destination IP information RPC Short for Remote Procedure Call A type of protocol that allows a program on one computer to execute a program on a server Using RPC a system developer do not need to develop specific procedures for the server The client program sends a message to the server with appropriate arguments and the server returns a ...

Page 376: ...ined in these are essentially identical The major difference between the two message formats is in identifying the events Stop Bit A bit which signals the end of a unit of transmission on a serial line A stop bit may be transmitted after the end of each byte or character Subnet Mask A bit mask used to select bits from an Internet address for subnet addressing Also known as Address Mask SSH Secure ...

Page 377: ...dic polling of all inactive TCP IP connections checking that the client processes really are still there After a certain period of inactivity on an established connection the server s TCP IP software will begin to send test packets to the client which must be acknowledged After a preset number of probe packets has been ignored by the client the server assumes the worst and the connection is closed...

Page 378: ...a standard rack is measured in units of height U One U is 1 75 inches A device that has a height of 3 5 inches takes 2U of rack space VPN Virtual Private Networking allows local area networks to communicate across wide area networks typically over an encrypted channel See also IPsec Watchdog Timer A watchdog timer WDT is a device or electronic card that performs a specific operation after a certai...

Page 379: ...er s Guide 349 The timer can also be used for other purposes for example to actuate the refresh or reload button in a Web browser if a Web site does not fully load after a certain length of time following the entry of a Uniform Resource Locator URL ...

Page 380: ...Glossary 350 ...

Page 381: ...stration menu forms 291 administrative modes overview of 73 administrator forms common features of 68 administrators web manager for 65 Advanced Console Server working inside 324 alarm notification 304 notification serial ports 304 threshold 60 126 trigger 298 alarms 21 alias 289 alias port IP 278 allow multiple sessions 269 SSH root access 79 228 AltherPath PM IPDUs connecting 47 applications men...

Page 382: ... break sequence 279 break signal 334 buffer size syslog 266 buffering data 21 264 off line data 343 bumpon protect pads 31 buzzer 59 125 bytes RX 289 bytes TX 289 C cable straight thru 30 call back 162 Canadian doc notice 325 CAS console access server 242 335 profile console access server 243 cat5 29 CD documentation 28 CDMA 8 CDMA PCMCIA cards configuring 174 Certificate for HTTP Security 236 cer...

Page 383: ...vers to CS 36 connection protocol 54 89 protocol modem 246 protocol power management 246 protocols terminal server TS profile 243 connection name 179 connection profiles 242 connections vpn 176 connectors on the Black Box CS 8 console 336 access server CAS 242 335 access server CAS profile 243 banner 154 raw 243 SSH 243 Telnet 243 TelnetSSH 243 contents shipping box 28 CPU usage 213 crossover adap...

Page 384: ...ervice 278 EMS windows 278 enabling ports 44 encrypted 173 escape sequence 337 ESSID 173 Ethernet 308 337 Ethernet PCMCIA cards configuring 169 events data buffering 297 Expert mode 74 configuring CS in 105 menus and forms mapping 107 F facility numbers 21 266 fallback mechanism 261 FCC compliance 325 FCC warning statement 325 file path NFS 266 filtering IP packet 339 filtering structure of IP 13 ...

Page 385: ...ons power management 135 IDE 310 IDE hard disk 159 IDE timeout 278 identifiers OID object 342 info view IPDUs 59 124 input interface 15 196 installation and configuration 27 installation procedures basic 34 installing PCMCIA cards 46 inverted checkbox 190 IP gateway 154 local 162 283 packet filtering 339 primary 154 remote 162 284 IP alias port 278 IP filtering structure of 13 IPaddress default 45...

Page 386: ...ring authentication for CS 215 M MAC 340 management information base MIB 181 303 management IPDU power 56 120 mapping Expert mode menus and forms 107 masquerading 340 master 282 maximum detected 126 menu forms administration 291 applications 115 network 151 ports 237 security 207 menus and forms mapping Expert mode 107 methods of accessing the web manager other 45 MIB 181 303 management informatio...

Page 387: ...entifiers OID 342 off line data buffering 343 OID 183 343 OID object identifiers 342 Online Help 317 OOBI 343 open security profile 43 79 228 OpenSSH 236 OpenSSL 236 options for managing power 26 options stty 279 options TCP 197 other methods of accessing the web manager 45 outlets manager 57 121 output interface 15 196 over current protection 60 125 overrun 290 overview of administrative modes 73...

Page 388: ...IPMI 139 key 273 through the web manager 26 using CLI configuring ports for 25 power options for managing 26 powermgmt port 273 ppp 162 246 344 ppp no auth 246 pre installation requirements 32 prerequisites for logging to syslog servers 21 multi outlet control 135 using the web manager 9 66 pre shared secret 179 primary IP 154 privilege users 269 product models and configurations 6 profiles connec...

Page 389: ...H 346 secured security profile 43 79 228 security profile custom 43 profile default 43 profile moderate 43 79 228 profile open 43 79 228 profile secured 43 79 228 profile selecting 43 security advisory 40 72 82 security menu forms 207 security profiles 226 security profiles and serial port settings 81 230 selecting a security profile 43 serial port authentication 79 228 serial port settings and se...

Page 390: ...erequisites for logging 21 system information 292 system information to view 295 T table host 201 table routing 345 TACACS 347 TACACS 217 263 347 TACACS downlocal 217 TACACS local 12 217 263 TACACS downlocal 12 263 TCP flags 16 193 keep alive interval 278 347 options 197 port 278 port number local 284 port number remote 284 port numbers 55 sequence 197 Telnet 79 228 244 347 Telnet bidirectional 24...

Page 391: ...ning 44 privilege 269 types of 10 users and groups 208 users manager 127 users groups authorized 260 using a storage device 313 using an FTP server 312 using an NTP server 306 using the web manager prerequisites for 9 66 V view IPDUs info 59 124 view system information 295 virtual 237 virtual ports 281 vpn 13 348 vpn connections 176 W watchdog timer 308 348 web manager 9 logging into 70 other meth...

Page 392: ...Index 362 X X 509 Cerfiticate on SSH 236 ...

Reviews:

No comments

Related manuals for Advanced Console Server

Brand: Aastra Pages: 592

Brand: IBM Pages: 56

System x3350 Type 4192

Brand: IBM Pages: 84

Brand: IESC Pages: 109

Brand: NEC Pages: 408

Netfinity 1000-8477 21Y

Brand: IBM Pages: 268

Brand: Cabletron Systems Pages: 100

Brand: TYAN Pages: 81

HP ProLiant DL360P Gen8

Brand: Honeywell Pages: 67

Proliant BL480c

Brand: HP Pages: 65

ProLiant BL420c

Brand: HP Pages: 88

Brand: HP Pages: 34

ProLiant BL685c G5

Brand: HP Pages: 23

ProLiant BL660c Gen 9

Brand: HP Pages: 3

ProLiant BL460c G7

Brand: HP Pages: 74

ProLiant BL495c G6

Brand: HP Pages: 90

ProLiant BL685c G7

Brand: HP Pages: 67

ProLiant BL280c Generation 6 (G6)

Brand: HP Pages: 36

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands