Eaton Network-M2 User Manual Download | Manualshive

Page: 159 / 268

background image

Configuring/Commissioning/Testing LDAP

Servicing the Network Management Module – 159

1.

2.

3.

4.

a.

b.

5.

6.

7.

1.

2.

3.

4 Servicing the Network Management Module

4.1 Configuring/Commissioning/Testing LDAP

4.1.1 Commissioning

Refer to the section

Contextual help>>>Settings>>>Local users

to get help on the configuration.

4.1.1.1 Configuring connection to LDAP database

This step configures the LDAP client of the network module to request data from an LDAP base.

Activate LDAP.

Define security parameters according to LDAP servers' requirements.

Configure primary server (and optionally a secondary one).

If security configuration needs server certificate verification, import your LDAP server certificate.
Refer to the section to get help on certificate import.

In case LDAP server certificate is self-signed, import the self-signed certificate in the

Trusted remote certificate list

for

LDAP service.

in case LDAP server certificate has been signed by a CA, import the corresponding CA in the

Certificate authorities

(CA) list for LDAP service.

Configure credentials to bind with the LDAP server or select

anonymous if no credentials are required.

Configure the

Search base DN.

Configure the request parameters (see examples below).

4.1.1.1.1 Typical request parameters

Parameter

OpenLDAP

Active Directory™ with POSIX
account activated

Active Directory™

User base DN

ou=users, dc=example, dc=com

ou=users, dc=example, dc=com

ou=users, dc=example, dc=com

User name attribute

uid

uid

sAMAccountName

UID attribute

uidNumber

uidNumber

objectSid:S-1-5-xx-yy-zz (domain SID)

Group base DN

ou=groups, dc=example, dc=com

ou=groups, dc=example, dc=com

ou=groups, dc=example, dc=com

Group name attribute

gid

gid

sAMAccountName

GID attribute

gidNumber

gidNumber

objectSid:S-1-5-xx-yy-zz (domain SID)

4.1.1.2 Testing connection to LDAP database

Refer to the section

Information>>>CLI>>>ldap-test

to get help on the CLI command.

To test connection to the LDAP database:

Connect to the CLI.

Launch

ldap-test --checkusername command.

In case of error, use the

verbose option of the command to investigate the reason.

4.1.1.3 Map remote users to profile

This step is mandatory and configures the Network module to give permissions to the LDAP users.
Users not belonging to a group mapped on a profile will be rejected.

«
...
157
158
159
160
161
...
»

Summary of Contents for Network-M2

Page 1: ...UPS Network Management Card Network M2 User s Guide English 10 15 2020 2 0 5 ...

Page 2: ......

Page 3: ...t Corporation in the United States and or other countries UNIX is a registered trademark of The Open Group Linux is the registered trademark of Linus Torvalds in the U S and other countries VMware is a registered trademark or trademark of VMware Inc in the United States and or other jurisdictions Google is a trademark of Google Inc All other trademarks are properties of their respective companies ...

Page 4: ...ing Modbus 22 2 5 1 Configuring the communication parameters 22 2 5 2 Available maps 22 2 5 3 Modbus communication monitoring tool 23 2 5 4 Example of supported Modbus mapping 23 2 6 Configuring the Network Module settings 27 2 6 1 Menu structure 27 3 CONTEXTUAL HELP OF THE WEB INTERFACE 29 3 1 Login page 29 3 1 1 Logging in for the first time 29 3 1 2 Troubleshooting 30 3 2 Home 30 3 2 1 Informat...

Page 5: ...3 9 Legal information 149 3 9 1 Component 149 3 9 2 Availability of source code 149 3 9 3 Notice for proprietary elements 150 3 9 4 Access rights per profiles 150 3 10 Alarms 151 3 10 1 Alarm sorting 151 3 10 2 Active alarm counter 151 3 10 3 Alarm details 151 3 10 4 Alarm paging 151 3 10 5 Export 152 3 10 6 Clear 152 3 10 7 Alarms list with codes 152 3 10 8 Access rights per profiles 152 3 11 Use...

Page 6: ...her users 174 4 11 2 Resetting its own password 174 4 12 Recovering main administrator password 174 4 13 Switching to static IP Manual Changing IP address of the Network Module 175 4 14 Reading device information in a simple way 176 4 14 1 Web page 176 4 15 Subscribing to a set of alarms for email notification 176 4 15 1 Example 1 subscribing only to one alarm load unprotected 176 4 15 2 Example 2...

Page 7: ... 209 7 INFORMATION 210 7 1 Front panel connectors and LED indicators 210 7 2 Specifications Technical characteristics 211 7 3 Default settings and possible parameters 212 7 3 1 Settings 212 7 3 2 Meters 219 7 3 3 Sensors alarm configuration 219 7 3 4 User profile 220 7 4 Access rights per profiles 221 7 4 1 Home 221 7 4 2 Meters 221 7 4 3 Controls 221 7 4 4 Protection 221 7 4 5 Environment 221 7 4...

Page 8: ...abbreviations 259 8 TROUBLESHOOTING 262 8 1 Action not allowed in Control Schedule Power outage policy 262 8 1 1 Symptom 262 8 1 2 Possible Cause 262 8 1 3 Action 262 8 2 Card wrong timestamp leads to Full acquisition has failed error message on Software 262 8 2 1 Symptoms 262 8 2 2 Possible cause 262 8 2 3 Action 262 8 3 Client server is not restarting 262 8 3 1 Symptom 262 8 3 2 Possible Cause 2...

Page 9: ...6 8 9 3 Cause 266 8 9 4 Action 266 8 10 The alarm list has been cleared after an upgrade 266 8 10 1 Symptom 266 8 10 2 Action 266 8 11 The Network Module fails to boot after upgrading the firmware 266 8 11 1 Possible Cause 266 8 11 2 Action 267 8 12 Web user interface is not up to date after a FW upgrade 267 8 12 1 Symptom 267 ...

Page 10: ...dule using the two screws 2 3 Wiring the RS 485 Modbus RTU terminal The Modbus Network Module provides an easy path for integrating an EatonUPS into an RS 485 Modbus network and also provides isolation of the communication between the UPS and the RS 485 Modbus network Use the terminal strip on the Modbus Network Module to wire into a two wire network Packing materials must be disposed of in compli...

Page 11: ...shield caused by ground potential differences 2 3 3 Two wire networks Interconnect R with T and R with T on the Modbus Network Module terminal strip Connect the RS 485 network signal to the R or T on the Modbus Network Module terminal strip Connect the RS 485 network signal to the R or T on the Modbus Network Module terminal strip 2 3 4 Four wire networks All four RS 485 network signals including ...

Page 12: ...ode to the impedance of the transmission line being used When impedances are mismatched the transmitted signal is not completely absorbed by the load and a portion is reflected into the transmission line To enable the on board termination resistor 120Ω Locate the termination switch that is located on the top of the Modbus Network Module Belden 9843 24AWG or equivalent cabling 3 twisted pair shield...

Page 13: ... the Network Management Module 13 2 3 Peel off the protection Change the position of the termination switch according to your needs Switch position No termination default Termination for two wire networks One of the two position below can be used or ...

Page 14: ...ars STEP 4 Enter the user name in the User Name field The default user name is admin STEP 5 Enter the password in the Password field The default password is admin STEP 6 The password must be changed at first login STEP 7 Click Login The Network Module web interface appears 2 4 2 Finding and setting the IP address 2 4 2 1 Your network is equipped with a BOOTP DHCP server default 2 4 2 1 1 Read from...

Page 15: ...ettings 2 4 2 2 Your network is not equipped with a BOOTP DHCP server 2 4 2 2 1 Define from the configuration port The IP address can be defined by accessing the web interface through RNDIS To access web interface through RNDIS see the Accessing the web interface through RNDIS section Define the IP settings Navigate to Contextual help Settings Network Protocol IPV4 Select Manual Static IP Input th...

Page 16: ...area connection STEP 2 Right click on the RNDIS local area connection and select Properties STEP 3 Select Internet Protocol Version 4 TCP IPv4 and press the Properties button RNDIS driver is used to emulate a network connection from USB After the card is connected to the PC Windows OS will automatically search for the RNDIS driver On some computers the OS can find the RNDIS driver then configurati...

Page 17: ...Accessing the Network Module Installing the Network Management Module 17 STEP 4 Then enter the configuration as below and validate IP 169 254 0 150 and mask 255 255 0 0 click OK then click on Close ...

Page 18: ...work Management Module Accessing the Network Module Modifying the Proxy exception list section in the full documentation STEP 4 Launch a supported browser the browser window appears STEP 5 In the Address Location field enter https 169 254 0 1 the static IP address of the Network Module for RNDIS The log in screen appears STEP 6 Enter the user name in the User Name field The default user name is ad...

Page 19: ...llow exclamation mark implying that driver has not been installed follow the steps 4 5 6 7 otherwise configuration is OK STEP 4 Right click on it and select Update Driver Software When prompted to choose how to search for device driver software choose Browse my computer for driver software Select Let me pick from a list of device drivers on my computer STEP 5 Select the folder where you have previ...

Page 20: ... For more details refer to Information CLI section 2 4 5 Modifying the Proxy exception list To connect to the Network Module via a USB cable and your system uses a Proxy server to connect to the internet the proxy settings can reject the IP address 169 254 0 1 The 169 254 Sequence is used to set up communication with devices via a physical connection To activate this connection exceptions will hav...

Page 21: ...Accessing the Network Module Installing the Network Management Module 21 Select the Connections tab Press LAN Settings Press ADVANCED Add the address 169 254 ...

Page 22: ...ress the Supported MAPs button to download the MAPs 2 5 2 1 Mapping table content address hex register address in hexadecimal address 1 base register address in 1 base format For Modbus RTU configuration refer to the section Contextual help Settings Modbus Modbus RTU For Modbus TCP configuration refer to the section Contextual help Settings Modbus Modbus TCP File is generated in real time and will...

Page 23: ...ter on current device 2 5 3 Modbus communication monitoring tool Access the CLI through SSH or the Serial terminal emulation Get available commands by typing in the CLI CLI commands can be used to retrieve Modbus communication statistics see Information CLI modbus_statistics section fo r more details 2 5 4 Example of supported Modbus mapping The following table is an example of the mapping informa...

Page 24: ...Configuring Modbus Installing the Network Management Module 24 ...

Page 25: ...Configuring Modbus Installing the Network Management Module 25 ...

Page 26: ...Configuring Modbus Installing the Network Management Module 26 ...

Page 27: ...work Management Module 27 2 6 Configuring the Network Module settings Use the web interface to configure the Network Module The main web interface menus are described below 2 6 1 Menu structure Home Overview and status of the Device Active alarms Outlet status ...

Page 28: ... Environment Commissioning Status Alarm configuration Information Settings Network Module settings Maintenance Firmware Services Resources System logs Legal Legal information Availability of source code Notice for proprietary elements Profile Displays user profile password change account information and logout Help Opens full documentation in a separate browser page Alarms Open alarm page and disp...

Page 29: ...assword As you are logging into the Network Module for the first time you must enter the factory set default username and password Username admin Password admin 3 1 1 2 2 Change default password Changing the default password is mandatory and requested in a dedicated window Enter your current password first and then enter the new password twice Follow the password format recommendations on the tool...

Page 30: ...ator password Web user interface is not up to date after a FW upgrade Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed Possible causes The browser is displaying the Web interface through the cache that contains previous FW data Action Empty the cache of your browser using F5 or CTRL F5 3 1 2 1 For other issues 3 2 Home The Home screen provid...

Page 31: ...led in the section Contextual help Maintenance System information Date and time Displays local time but not the UTC time Device status Displays if the device status Output power Provides output power status information Battery status Provides battery status information 3 2 2 Menu structure Home Overview and status of the Device Active alarms Outlet status Meters Power quality meters and logs ...

Page 32: ...m configuration Information Settings Network Module settings Maintenance Firmware Services Resources System logs Legal Legal information Availability of source code Notice for proprietary elements Profile Displays user profile password change account information and logout Help Opens full documentation in a separate browser page Alarms Open alarm page and displays the number of active alarms ...

Page 33: ...Home Contextual help of the web interface 33 3 2 3 Energy flow diagram 3 2 3 1 Line interactive UPS 3 2 3 2 Online UPS 3 2 3 3 ATS ...

Page 34: ...through an AVR device Normal mode Buck mode Boost mode In overload Rectifier Rectifier convert AC power to DC power Normal HE mode ready ESS mode ready In overload In short circuit In fault Battery Charger Battery and internal battery charger Battery OK Charger Charging Floating Resting Off Battery End of life Battery In fault Charger In fault Not present Inverter Inverter convert DC power to AC p...

Page 35: ... Unknown 3 2 3 5 Details To access the device details press the icon This view provides a summary of device identification information and nominal values Name Model P N S N Location Firmware version Input Voltage Input Frequency Output Voltage Output Frequency The COPY TO CLIPBOARD button will copy the information to your clipboard For example you can copy and paste information into an email 3 2 3...

Page 36: ...cted Not powered Load level W availability depending on the UPS model Note To access Controls menu press the icon 3 2 5 Active Alarms Only active alarms are displayed the Alarms icon will also display the number of active alarms Alarms are sorted by date alert level time and description Note To see the alarm history press the icon 3 2 6 Environment Sensor status and data are displayed if available...

Page 37: ...Home Contextual help of the web interface 37 3 2 7 Energy flow diagram examples 3 2 7 1 Line interactive UPS 3 2 7 1 1 Normal mode 3 2 7 1 2 Buck Boost mode ...

Page 38: ...Home Contextual help of the web interface 38 3 2 7 1 3 Battery mode 3 2 7 1 4 Off mode ...

Page 39: ...Home Contextual help of the web interface 39 3 2 7 2 Online UPS with single input source 3 2 7 2 1 Online mode 3 2 7 2 2 Bypass mode ...

Page 40: ...Home Contextual help of the web interface 40 3 2 7 2 3 Battery mode 3 2 7 2 4 Off mode ...

Page 41: ...Home Contextual help of the web interface 41 3 2 7 2 5 HE mode ESS mode 3 2 7 3 Online UPS with dual inputs sources and Maintenance bypass 3 2 7 3 1 Online mode ...

Page 42: ...Home Contextual help of the web interface 42 3 2 7 3 2 Bypass mode 3 2 7 3 3 Battery mode ...

Page 43: ...Home Contextual help of the web interface 43 3 2 7 3 4 HE mode ESS mode 3 2 7 3 5 Maintenance bypass mode ...

Page 44: ...3 2 7 4 ATS 3 2 7 4 1 Normal mode 3 2 7 4 2 Prefered source missing 3 2 8 Access rights per profiles Administrator Operator Viewer Home 3 2 8 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 45: ...ers 3 3 1 Main utility input Displays the product main utility measures Current A Voltage V 3 3 2 Second utility input if available Gauge color code Green Value inside thresholds Orange Red Value outside thresholds Grey No thresholds provided by the device ...

Page 46: ...f presents displays the product second utility measures Current A Voltage V 3 3 3 Output Voltage V Power W Current A 3 3 4 Battery status Battery status section is an overview of the battery information The information displayed depends on the device ...

Page 47: ...ate 3 3 5 Battery health Battery health section provides status of the battery and allow to launch a battery test The status reflects the last completed battery test result as well as its critical status color and completion time Pass Warning Fail Unknown 3 3 5 1 Commands Launch test button is disabled if a battery test is already in progress or scheduled The Abort test button is enabled only when...

Page 48: ...ut Frequency Hz Bypass Voltage V Bypass Frequency Hz Output Voltage V Output Frequency Hz Output Current A Output Apparent Power VA Output Active Power W Output Power Factor Output Percent Load Battery Voltage V Battery Capacity Battery Remaining Time s 3 3 7 Default settings and possible parameters Meters Default setting Possible parameters Meters Logs Log measures every 60s Log measures every 36...

Page 49: ...splays UPS status the associated commands on off and the pending action 3 4 1 1 Status Reflects the current mode of the UPS The following is a list of potential table values that are displayed based on the UPS topology On Protected Not protected Off Not powered Not protected 3 4 1 2 Commands A set of commands are available and activated when one of the following buttons is pressed A confirmation w...

Page 50: ... startup 3 4 2 Outlets Group 1 Group 2 Load segmentations allow battery runtime to remain on essential equipment and automatically power down non priority equipment during an extended power outage This feature is also used for remote reboot and the sequential start of servers to restrict inrush currents 3 4 2 1 Status It reflects the current outlet status On Protected Not protected Off Not powered...

Page 51: ...ge policy Symptom Below message is displayed when you access the Control Schedule or Power outage policy page This action is not allowed by the UPS To enable it please refer to the user manual of the UPS and its instructions on how to configure the UPS settings and allow remote commands Possible Cause 1 Remote commands are not allowed due to the UPS configuration see the action below 2 The UPS doe...

Page 52: ...matically trusted and accepted After automatic acceptance make sure that all listed agents belong to your infrastructure If not access may be revoked using the Delete button For maximum security Eaton recommend following one of the two methods on the certificate settings page Import client certificates manually Generate trusted certificate for both clients and Network Module using your own PKI 3 5...

Page 53: ... Actions 3 5 1 3 1 Delete When communication with the agent is lost agent can be deleted by using the Delete button Select an agent and press the Delete button to delete the agent 3 5 1 4 Access rights per profiles Administrator Operator Viewer Protection Agent list 3 5 1 4 1 For other access rights When the agent is connected the Delete function will not work correctly because the agent will keep...

Page 54: ...shows the error message The full data acquisition has failed even if the credentials are correct Possible cause The Network module timestamp is not correct Probably the MQTT certificate is not valid at Network module date Action Set the right date time and timezone If possible use a NTP server refer to Contextual help Settings General System details Time date settings section ...

Page 55: ...tatic IP address of the Network Module The log in screen appears Enter the user name in the User Name field Enter the password in the Password field Click Login The Network Module web interface appears STEP 2 Navigate to Settings Certificates page STEP 3 In the Trusted remote certificates section check the status of the Protected applications MQTT If it is Valid go to Action 2 STEP 2 if it is Not ...

Page 56: ...agent IPP IPM while the time to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls Client server is not restarting Symptom Utility power has been restored the UPS and its load segments are powered on but the Client server does not restart Possible Cause The Automatic Power ...

Page 57: ...les by power sources Primary Group 1 Group 2 The local agent setting is used for setting for example a minimum shutdown duration or a power down delay for a load segment that has no registered shutdown agents One use case would be a load segment that powers network equipment that needs to stay on while servers and storage perform their orderly shutdown The tables include the following details ...

Page 58: ...directly change the setting in the table and then Save 3 5 2 2 2 Set OS shutdown duration Select and directly change the setting in the table and then Save 3 5 2 3 Examples Examples below show the impact of agent settings on the shutdown sequence for a shutdown or an immediate shutdown 3 5 2 3 1 Example 1 Shutdown time 210s Immediate shutdown time 120s ...

Page 59: ...Protection Contextual help of the web interface 59 3 5 2 3 2 Example 2 Shutdown time 180s Immediate shutdown time 180s ...

Page 60: ...they will be triggered before the corresponding outlets are turned off as configured in shutdown settings 3 5 3 1 Scheduled shutdown table The table displays the scheduled shutdowns and includes the following details Recurrence Once Every day Every week Load segment Primary Group 1 Group 2 Shutdown time Date Time Restart time Date Time Active Yes No 3 5 3 2 Actions 3 5 3 2 1 New Press the New butt...

Page 61: ...ts instructions on how to configure the UPS settings and allow remote commands Possible Cause 1 Remote commands are not allowed due to the UPS configuration see the action below 2 The UPS does not support remote commands Action Refer to the UPS user manual and its instruction on how to configure the UPS settings and allow remote commands Example UPS menu Settings ON OFF settings Remote command Ena...

Page 62: ... UPS 3 5 4 1 1 Shutdown criteria selection The available criteria for shutdown are listed below a Maximize availability default To end the shutdown sequence 30s before the end of backup time b Immediate OFF To initiate the shutdown sequence when on battery for 10 seconds c Custom Several conditions can be set to define shutdown criteria To initiate the shutdown sequence when on battery for 10 seco...

Page 63: ...ere are several conditions to start the shutdown sequence the shutdown sequence will start as soon as one of the condition is reached d Settings examples All the following examples are using below agent s settings Shutdown time 210s Example 1 Maximize availability When primary shuts OFF both group1 and group 2 shut OFF immediately So if Primary is set to Immediate OFF groups policies should be res...

Page 64: ...Protection Contextual help of the web interface 64 Example 2 Immediate OFF Example 4 Custom ...

Page 65: ...Protection Contextual help of the web interface 65 Settings 1 ...

Page 66: ...d battery the capacity is much lower than anticipated The UPS gives a Low battery warning when there is 2 3 minutes of estimated runtime left depending on the UPS and its settings This time is typically enough for shutting down a server but does not allow sophisticated sequential shutdown schemes The Low battery policy is intended for these cases ...

Page 67: ...ayer when needed A sequential startup will also help avoid a peak power draw in the beginning a Options Keep shutdown sequence running until the end and then restart forced reboot Wait until UPS battery capacity exceeds a set percentage value in and then automatically restart the UPS Then restart Group 1 after a set time in s Then restart Group 2 after a set time in s b Enable Disable Each option ...

Page 68: ...n Refer to the UPS user manual and its instruction on how to configure the UPS settings and allow remote commands Example UPS menu Settings ON OFF settings Remote command Enable Client server is not restarting Symptom Utility power has been restored the UPS and its load segments are powered on but the Client server does not restart Possible Cause The Automatic Power ON server setup setting might b...

Page 69: ...1 in K 1 decimal digit Humidity of sensor_1 in 1 decimal digit Temperature of sensor_2 in K 1 decimal digit Humidity of sensor_2 in 1 decimal digit Temperature of sensor_3 in K 1 decimal digit Humidity of sensor_3 in RH 1 decimal digit 3 6 1 2 2 Discover At first the table is empty press the Discover button to launch the sensor discovery process If sensors are discovered the table is populated acc...

Page 70: ...es and humidity will be updated accordingly 5 Press the Save button when done 3 6 1 2 5 Edit Press the pen logo to edit sensor communication information You will get access to the following information and settings Product reference Part number Serial number Name Location Temperature and humidity Active Yes No Dry contacts Active Yes No Name Polarity Normally open Normally closed Deactivated humid...

Page 71: ...s not normal because it is configured as normally open Press Save after modifications 3 6 1 3 Note 3 6 1 4 Access rights per profiles Administrator Operator Viewer Environment Commissioning Environment Status 3 6 1 4 1 For other access rights Deactivated dry contacts are not displayed and replaced by this icon If the UPS provides temperature compensated battery charging option see the Servicing th...

Page 72: ... Disconnect and reconnect the USB to RS485 cable 3 Launch the discovery if it is still not ok go to Action 1 3 Action 1 3 1 Reboot the Network module 2 Launch the discovery Symptom 2 The EMPs orange RJ45 LEDs are not blinking Possible causes C 1 the EMP address switches are all set to 0 C 2 the EMPs are daisy chained the Modbus address is the same on the missing EMPs Action 2 1 1 Change the addres...

Page 73: ... measured by the sensor 3 6 2 1 1 Actions a Set Enabled Select and directly change the setting in the table and then Save When disabled no alarm will be sent b Set alarm threshold Enable the alarm first and then change the setting in the table and then Save When a warning threshold is reached an alarm will be sent with a warning level When a critical threshold is reached an alarm will be sent with...

Page 74: ...al update Live reading MIN MAX shows the minimal and maximal humidity measured by the sensor 3 6 2 2 1 Actions a Set Enabled Select and directly change the setting in the table and then Save When disabled no alarm will be sent b Set alarm threshold Enable the alarm first and then change the setting in the table and then Save When a warning threshold is reached an alarm will be sent with a warning ...

Page 75: ...sabled no alarm will be sent b Set alarm severity Enable the alarm first and then change the setting in the table and then Save When the dry contacts is not in a normal position an alarm will be sent at the selected level The dry contact is open and this is not normal because it is configured as normally close The dry contact is close and this is not normal because it is configured as normally ope...

Page 76: ...g high warning high critical 100 Dry contacts Enabled No Alarm severity Warning Enabled No Yes Alarm severity Info Warning Critical 3 6 2 4 1 For other settings 3 6 2 5 Access rights per profiles Administrator Operator Viewer Environment Alarm configuration 3 6 2 5 1 For other access rights 3 6 3 Information Sensor information is an overview of all the sensors information connected to the Network ...

Page 77: ... Vendor Part number Firmware version UUID Serial number Location 3 6 3 1 Access rights per profiles Administrator Operator Viewer Environment Information 3 6 3 1 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 78: ...Text field that is used to provide the system name information Card system information is updated to show the system name 3 7 1 1 4 Time date settings The current date and time appears in the footer at the bottom of the screen You can set the time either manually or automatically a Manual Manually entering the date and time 1 Select the time zone for your geographic area from the time zone pull do...

Page 79: ...tails Configuration name Email address Notification updates Displays Events notification Periodic report icons when active Status Active Inactive In delegation 3 7 1 2 2 Actions a Add Press the New button to create a new email sending configuration b Remove Select an email sending configuration and press the Delete button to remove it DST is managed based on the time zone For examples on email sen...

Page 80: ...owing settings Custom name Email address Status Active Inactive Hide the IP address from the email body Disabled Enabled This setting will be forced to Enabled if Enabled in the SMTP settings Schedule report Active Recurrence Starting Topic selection Card Devices Alarm notifications Severity level Attach logs Exceptions on events notification ...

Page 81: ...Settings Contextual help of the web interface 81 3 7 1 3 SMTP settings SMTP is an internet standard for electronic email transmission The following SMTP settings are configurable ...

Page 82: ...ty SMTP server authentication Username Password Select the SMTP server authentication checkbox to require a user name and a password for SNMP authentication enter the Username and the Password Save and test server configuration 3 7 1 4 Default settings and possible parameters General Default setting Possible parameters System details Location empty Contact empty System name empty Time date setting...

Page 83: ... events with code Schedule report Active No Yes Recurrence Every day Every week Every month Starting Date and time Card events Subscribe Attach logs Device events Subscribe Attach measures Attach logs SMTP settings Server IP Hostname blank SMTP server authentication disabled Port 25 Default sender address device networkcard com Hide IP address from the email body disabled Secure SMTP connection en...

Page 84: ...ands email test Description mail test sends test email to troubleshoot SMTP issues Help Usage email test command Test SMTP configuration Commands email test h help Display help page email test r recipient recipient_address Send test email to the recipient_address Email address of the recipient For other access rights see the Information Access rights per profiles section ...

Page 85: ... format s set mode Mode values set date and time format YYYYMMDDhhmmss manual date and time set preferred and alternate NTP servers ntpmanual preferred server alternate server automatically set date and time ntpauto Examples of usage Set date 2017 11 08 and time 22 00 time set manual 201711082200 Set preferred and alternate NTP servers time set ntpmanual fr pool ntp org de pool ntp org Examples of...

Page 86: ...ew button to create up to ten new users b Remove Select a user and press the Delete button to remove it c Edit Press the pen logo to edit user information You will get access to the following settings Active Profile Username Full name Email Phone Organization Notify by email about account modification Password Reset password Generate randomly Enter manually Force password to be changed on next log...

Page 87: ... Password settings To set the password strength rules apply the following restrictions Minimum length Minimum upper case Minimum lower case Minimum digit Special character Password expiration To set the password expiration rules apply the following restrictions Number of days until password expires ...

Page 88: ...nable 0 32 disable Password expiration Number of days until password expires disabled Main administrator password never expires disabled Number of days until password expires disable enable 1 99999 Main administrator password never expires disable enable Lock account Lock account after xx invalid tries disabled Main administrator account never blocks disabled Lock account after xx invalid tries di...

Page 89: ...imum Phone 64 characters maximum Organization 128 characters maximum 3 7 2 2 1 For other settings 3 7 2 3 Access rights per profiles Administrator Operator Viewer Local users 3 7 2 3 1 For other access rights 3 7 2 4 CLI commands whoami Description whoami displays current user information Username Profile Realm logout Description Logout the current user Help logout cr logout the user For other set...

Page 90: ...nually by following steps described in the Servicing the Network Management Module Recovering main administrator password 3 7 2 5 1 For other issues 3 7 3 Remote users 3 7 3 1 LDAP The table shows all the supported severs and includes the following details Name Address Port Security Certificate Status Status could take following values Unreachable Active See the CLI commands in the Information CLI...

Page 91: ...Settings Contextual help of the web interface 91 3 7 3 1 1 Actions a Configure 1 Press Configure to access the following LDAP settings Active Base access ...

Page 92: ...se Search base DN Request parameters User base DN User name attribute UID attribute Group base DN Group name attribute GID attribute 2 Click Save b Profile mapping 1 Press Profile mapping to map remote groups to local profiles 2 Click Save c Users preferences For the list of access rights per profile refer to the section Full documentation Information Access rights per profiles All users preferenc...

Page 93: ...references that will apply to all LDAP users Language Temperature Date format Time format 2 Click Save 3 7 3 2 RADIUS The table shows all the supported severs and includes the following details Radius is not a secured protocol for a maximum security it is recomended to use LDAP over TLS ...

Page 94: ...hared secret between the client and the RADIUS server Address hostname or IP address for the RADIUS server UDP port the UDP port for the RADIUS server 1812 by default Time out s length of time the client waits for a response from the RADIUS server Secondary server Name descriptive name for the RADIUS server Secret a shared secret between the client and the RADIUS server Address hostname or IP addr...

Page 95: ...al profiles 2 Click Save c Users preferences 1 Press Users preferences to define preferences that will apply to all LDAP users Language For the list of access rights per profile refer to the section Full documentation Information Access rights per profiles All users preferences will apply to all remote users LDAP RADIUS ...

Page 96: ...onfigure Active No yes Security SSL None Start TLS SSL Verify server certificate disabled enabled Primary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Secondary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Credentials Anonymous search bind disabled enabled Search user DN 1024 characters maximum Password 128 characters maximum Search...

Page 97: ... characters maximum UDP port 1 to 65535 Time out 3 to 60 Secondary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Users preferences Language English French German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Temperature unit C Celsius Date format MM DD YYYY Time format hh mm ss 24h 3 7 ...

Page 98: ...login to the card username Remote username to test p primary Force the test to use primary server optional s secondary Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional ldap test checkmappedgroups primary secondary v Check LDAP mapping p primary Force the test to use primary server optional s secondary Force the test to use secondary server opt...

Page 99: ... Ask your administrator for password initialization If you are the main administrator your password can be reset manually by following steps described in the Servicing the Network Management Module Recovering main administrator password LDAP configuration commissioning is not working Refer to the section Servicing the Network Management Module Commissioning Testing LDAP 3 7 3 6 1 For other issues ...

Page 100: ... interface 100 3 7 4 Network Protocol 3 7 4 1 Network 3 7 4 1 1 IPv4 Press the Edit button to configure the network settings select either the Manual or DHCP settings option Any modifications are applied after the Network Module reboots ...

Page 101: ...The gateway address allows connections to devices or hosts attached to different network segments b DHCP Select dynamic DHCP to configure network parameters by a BootP or DHCP server If a response is not received from the server the Network Module boots with the last saved parameters from the most recent power up After each power up the Network Module makes five attempts to recover the network par...

Page 102: ...Settings Contextual help of the web interface 102 a Current configuration Address Gateway b Address settings Enabled Mode Manual DHCP Address Prefix Gateway ...

Page 103: ...ources connected to the Internet or a private network Press the Edit button to configure the network settings select either the Static or Dynamic settings a Manual Enter the Network Module Hostname Enter the Network Module Domain name Primary DNS server Enter the IP address of the DNS server that provides the translation of the domain name to the IP address ...

Page 104: ...rnet A LAN is a computer network that interconnects computers within a limited area The available values for LAN configuration are listed below Auto negotiation 10Mbps Half duplex 10Mbps Full duplex 100Mbps Half duplex 100Mbps Full duplex 1 0 Gbps Full duplex Any modifications are applied after the next Network Module reboot 3 7 4 2 Protocol This tab contains settings for communication protocols u...

Page 105: ... https is 443 For additional security the ports can be changed on this page Press Save after modifications 3 7 4 2 2 Syslog a Settings This screen allows an administrator to configure up to two syslog servers To configure the syslog server settings 1 Enable syslog Since only https is available port 80 is not supported ...

Page 106: ...Unicode BOM if needed Press Save after modifications 3 7 4 3 Default settings and possible parameters Network Protocol Default setting Possible parameters IPV4 Mode DHCP Mode DHCP Manual Address Netmask Gateway IPV6 Enable checked Mode DHCP Enabled Active Inactive Mode DHCP Manual Address Prefix Gateway DNS DHCP Hostname device MAC address Mode DHCP Hostname 128 characters maximum Mode DHCP Manual...

Page 107: ...stname 128 characters maximum Port x xxx Protocol UDP TCP Message transfer method Non transparent framing Using unicode byte order mask BOM disable enable Server 2 Name 128 characters maximum Status Disabled Enabled Hostname 128 characters maximum Port x xxx Protocol UDP TCP Message transfer method in TCP Octet counting Non transparent framing Using unicode byte order mask BOM disable enable 3 7 4...

Page 108: ... Viewer and Operator profiles netconf h Usage netconf OPTION Display network information and change configuration h help display help page l lan display Link status and MAC address 4 ipv4 display IPv4 Mode Address Netmask and Gateway 6 ipv6 display IPv6 Mode Addresses and Gateway d domain display Domain mode FQDN Primary and Secondary DNS For Administrator profile ...

Page 109: ...Mode values set custom Network address Netmask and Gateway manual domain name primary DNS secondary DNS automatically set Domain name Primary and Secondary DNS dhcp i set ipv4 mode Mode values set custom Network address Netmask and Gateway manual network mask gateway automatically set Network address Netmask and Gateway dhcp x set ipv6 status Status values enable IPv6 enable disable IPv6 disable x...

Page 110: ... elicit an ICMP ECHO_RESPONSE from a host or gateway ECHO_REQUEST datagrams pings have an IP and ICMP header followed by a struct timeval and then an arbitrary number of pad bytes used to fill out the packet c Specify the number of echo requests to be sent h Specify maximum number of hops Hostname or IP Host name or IP address ping6 The ping6 utility uses the ICMP protocol s mandatory ECHO_REQUEST...

Page 111: ...IPv6 address IPv6 address 3 7 4 5 1 For other CLI commands 3 7 5 SNMP This tab contains settings for SNMP protocols used for network management systems 3 7 5 1 SNMP tables See the CLI commands in the Information CLI section Changes to authentication settings need to be confirmed by entering a valid password for the active user account The default port for SNMP is 161 and normally this should not b...

Page 112: ...ndard IETF UPS MIB RFC 1628 Sensor MIB Press the Supported MIBs button to download the MIBs 3 7 5 1 1 Settings This screen allows an administrator to configure SNMP settings for computers that use the MIB to request information from the Network Module Default ports for SNMP are 161 SNMP v1 and v3 set get and 162 traps These ports can be changed on the settings screen for additional security To con...

Page 113: ...n either Read Only or Read Write account to access settings 2 Enter the SNMP Community Read Only string The Network Module and the clients must share the same community name to communicate 3 Select Active in the Enabled drop down list to activate the account 4 Access level is set to display information only ...

Page 114: ...vate the account 4 Select access level Read only The user does not use authentication and privacy to access SNMP variables Read Write The user must use authentication but not privacy to access SNMP variables 5 Select the communication security mechanism Auth Priv Communication with authentication and privacy Auth No Priv Communication with authentication and without privacy No Auth No Priv Communi...

Page 115: ...n security mechanism select the Privacy algorithms AES fill in password and privacy keys The password can be between 8 and 24 characters and use a combination of alphanumeric and the following special characters _ AES192 fill in password and privacy keys The password can be between 8 and 24 characters and use a combination of alphanumeric and the following special characters _ AES256 fill in passw...

Page 116: ...3 3 Press the SAVE button b Remove Select a trap receiver and press the Delete button to remove it c Edit Press the pen icon to edit trap receiver information and access to its settings d Test trap Press the Test trap button to send the trap test to all trap receivers Separate window provides the test status with following values In progress Request successfully sent invalid type For details on SN...

Page 117: ... x xxx SNMP V1 disable enable Community 1 128 characters maximum Enabled Inactive Active Access Read only Community 2 128 characters maximum Enabled Inactive Active Access Read Write SNMP V3 disable enable User 1 32 characters maximum Enabled Inactive Active Access Read only Read Write Authentication Auth SHA 1 None Password 128 characters maximum Confirm password 128 characters maximum Privacy Se...

Page 118: ...ty is not properly working after a restore settings on a 1 7 0 version or above Cause The SNMPv3 was configured prior to 1 7 0 In that case SNMPv3 configuration is not well managed by the Save and by the Restore settings Action Reconfigure your SNMPv3 users and passwords on versions 1 7 0 or above and Save the settings The SNMPv3 configuration can then be Restored 3 7 5 6 1 For other issues 3 7 6 ...

Page 119: ...g Modbus TCP settings are configurable Enable Port This section is only for the Modbus Network ModuleINDGW For instructions on connecting Modbus RTU see the section Installing the Network Management Module Wiring the RS 485 Modbus RTU terminal Configuring the termination For instructions on configuring Modbus see the section Installing the Network Management Module Configuring Modbus ...

Page 120: ...ess the New button to create new mapping configuration b Remove Select a mapping configuration and press the Delete button to remove it c Edit Press the pen logo to edit mapping configuration You will get access to the following settings Name Map Transport Device ID Access Illegal read behaviour Coil register base address shift d Supported MAPs Press the Supported MAPs button to download the MAPs ...

Page 121: ...abled Inactive Baud rate bps 19200 Parity Even Stop bits 1 Enabled Inactive Active Baud rate bps 1200 2400 4800 9600 19200 38400 57600 115200 Parity None Even Odd Stop bits 1 2 Modbus TCP Enabled Inactive Port 502 Enabled Inactive Active Port x xxx Mapping configuration No mapping Name 128 characters maximum Map Eaton ModbusMS compatible Transport RTU TCP Device ID from 1 to 247 Access None Read o...

Page 122: ...ssage_display restarts the server and displays Modbus message This command allow you to verifiy that Modbus server is working as expected Help modbus_message_display help Restart server and display modbus message h Restart server and display modbus message For other settings see the Information Default settings parameters section For other access rights see the Information Access rights per profil...

Page 123: ...ge count CRC error count Incoming message count Discarded message count Processed message count Success returned count Exception returned count Help modbus_statistics Display modbus server statistics h help Display the help page r reset Reset modbus server statistics The counter from A1 1 to A1 4 are reset only at startup of the server 3 7 6 6 1 For other CLI commands This section is only for the ...

Page 124: ...icate 3 7 7 1 Pairing with clients During the selected timeframe new connections to the Network Module are automatically trusted and accepted Refer to the section Servicing the Network Management Module Configuring Modbus to get configuration and testings information For details on other issues see the Troubleshooting section For details on pairing instructions follow the link pairing instructions...

Page 125: ...rk Module using your own PKI 3 7 7 1 1 Actions a Start Starts the pairing window during the selected timeframe or until it is stopped Time countdown is displayed b Stop Stops the pairing window 3 7 7 2 Local certificates Manage local certificates by Generating CSR and import certificates signed by the CA Generating new self signed certificates 3 7 7 2 1 Local certificates table The table shows the...

Page 126: ... State or Province ST City or Locality L Organization name O Organization unit OU Contact email address Press Save button d Edit Press the pen logo You will get access to the following Certificate summary Revoke will replace current certificate by a new self signed certificate This may disconnect connected applications Web browsers Shutdown application Monitoring application The certificate that i...

Page 127: ... browser shutdown application or monitoring application This operation cannot be recovered f Create new certificates g CSR Press Generate Signing Request button in the in the certificate edition The CSR is automatically downloaded CSR must be signed with the CA which is managed outside the card h Import certificate When the CSR is signed by the CA it can be imported into the Network Module When th...

Page 128: ... Actions a Import When importing the CA you must select the associated service and then upload process can begin through the OS browser window b Revoke Select the certificate to revoke and then press the Revoke button A confirmation window appears press Continue to proceed this operation cannot be recovered Export Exports the selected certificate on your OS browser window c Edit Press the pen logo...

Page 129: ...n and associated certificates Status valid expires soon or expired 3 7 7 4 1 Actions a Import When importing the client certificate you must select the associated service and then upload process can begin through the OS browser window b Revoke Select the certificate to revoke and then press the Revoke button A confirmation window appears press Continue to proceed this operation cannot be recovered...

Page 130: ... code State or Province 64 characters maximum City or Locality 64 characters maximum Organization name 64 characters maximum Organization unit 64 characters maximum Contact email address 64 characters maximum 3 7 7 5 1 For other settings 3 7 7 6 Access rights per profiles Administrator Operator Viewer Certificate 3 7 7 6 1 For other access rights For other settings see the Information Default sett...

Page 131: ...ates local export SERVICE_NAME import over SSH cat FILE sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local import SERVICE_NAME csr over SSH sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local csr mqtt From a Windows host plink tools from putty is required print over SSH plink USER CARD_ADDRESS pw PASSWORD batch certificates local print SERVICE_NAME revoke over SSH plink USER CARD_...

Page 132: ...Settings Contextual help of the web interface 132 3 7 7 7 1 For other CLI commands See the CLI commands in the Information CLI section ...

Page 133: ...on field enter https xxx xxx xxx xxx where xxx xxx xxx xxx is the static IP address of the Network Module The log in screen appears Enter the user name in the User Name field Enter the password in the Password field Click Login The Network Module web interface appears STEP 2 Navigate to Settings Certificates page STEP 3 In the Trusted remote certificates section check the status of the Protected a...

Page 134: ...me to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls Card wrong timestamp leads to Full acquisition has failed error message on Software Symptoms IPP IPM shows the error message The full data acquisition has failed even if the credentials are correct Possible cause The ...

Page 135: ...t the transfer mode between sources Standard by default with no additional break even if sources are no synchronized Gap with additional break during transfer if sources are not synchronized Nominal voltage To set voltage thresholds 3 7 8 1 Specifics 3 7 8 2 Access rights per profiles Administrator Operator Viewer ATS 3 7 8 2 1 For other access rights 3 8 Maintenance This section is only for the A...

Page 136: ...hysical name Vendor UUID Part number Serial number Hardware version Location Contact MAC address 3 8 1 2 Firmware information Version SHA Build date Installation date Activation date Bootloader version 3 8 1 3 Access rights per profiles Administrator Operator Viewer System information 3 8 1 3 1 For other access rights 3 8 2 Firmware 3 8 2 1 Update firmware Monitors the information for the two embe...

Page 137: ... Module does not monitor the Device status To upgrade the firmware 1 Download the latest firmware version from the website For more information see the Servicing the Network Management Module Accessing to the latest Network Module firmware driver section 2 Click Upload 3 Click Choose file and select the firmware package by navigating to the folder where you saved the downloaded firmware 4 Click Up...

Page 138: ...umber 3 8 2 4 1 For other CLI commands Do not close the web browser or interrupt the operation Depending on your network configuration the Network Module may restart with a different IP address Refresh the browser after the Network module reboot time to get access to the login page Press F5 or CTRL F5 to empty the browser to get all the new features displayed on the Web user interface Communicatio...

Page 139: ...on Web user interface is not up to date after a FW upgrade Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed Possible causes The browser is displaying the Web interface through the cache that contains previous FW data Action Empty the cache of your browser using F5 or CTRL F5 3 8 2 5 1 For other issues 3 8 3 Services 3 8 3 1 Service options 3...

Page 140: ...reboot the Network Module Click Reboot A confirmation message displays click Reboot to confirm the reboot time will take approximately less than 2min Depending on your network configuration the Network Module may restart with a different IP address Only main administrator user will remain with default login and password Refresh the browser after the Network module reboot time to get access to the ...

Page 141: ...ork configuration the Network Module may restart with a different IP address Refresh the browser after the Network module reboot time to get access to the login page Communication Lost and Communication recovered may appear in the Alarm section For more details navigate to Servicing the Network Management Module Saving Restoring Duplicating section ...

Page 142: ...e data 3 Click on Save 3 8 3 1 5 Restore To restore the Network module settings 1 Click on Restore 2 Select to include the Network settings if needed 3 Enter the passphrase used when the file was saved 4 Click on Choose file and select the JSON file Below settings are not saved Local users other than the main administratorSensor settings commissioning alarm configuration Restoring settings may res...

Page 143: ...e It is not intended for the user which is why the file is protected by a password To download the maintenance report file Click Download report A confirmation message displays Maintenance report file successfully downloaded 3 8 3 2 Access rights per profiles Administrator Operator Viewer Services 3 8 3 2 1 For other access rights For other access rights see the Information Access rights per profi...

Page 144: ...a maintenance report file which may be handed to the technical support Help maintenance cr Create maintenance report file h help Display help page reboot Description Tool to Reboot the card Help Usage reboot OPTION cr Reboot the card help Display help withoutconfirmation Reboot the card without confirmation ...

Page 145: ... p PASSWORD ssh USER CARD_ADDRESS save_configuration p PASSPHRASE FILE Restore over SSH cat FILE sshpass p PASSWORD ssh USER CARD_ADDRESS restore_configuration p PASSPHRASE From a Windows host Save over SSH plink USER CARD_ADDRESS pw PASSWORD batch save_configuration p PASSPHRASE FILE Restore over SSH type FILE plink USER CARD_ADDRESS pw PASSWORD batch restore_configuration p PASSPHRASE Require pl...

Page 146: ...d without confirmation cr Do factory reset of the card 3 8 3 3 1 For other CLI commands 3 8 4 Resources Card resources is an overview of the Network Module processor memory and storage information The COPY TO CLIPBOARD button will copy the information to your clipboard so that it can be past For example you can copy and paste information into an email 3 8 4 1 Processor Used in Up since date See th...

Page 147: ...147 3 8 4 2 Memory Total size in MB Available size in MB Application size in MB Temporary files size in MB 3 8 4 3 Storage Total size in MB Available size in MB Used size in MB 3 8 4 4 Access rights per profiles Administrator Operator Viewer Resources ...

Page 148: ...ed MB tmpfs temporary files usage MB Flash user data total MB free MB used MB Help systeminfo_statistics Display systeminfo statistics h help Display the help page 3 8 4 5 1 For other CLI commands 3 8 5 System logs 3 8 5 1 System logs There are 4 types of logs available Update Account Session System Select the log files to download and press the download icon For other access rights see the Inform...

Page 149: ...der various open source license or under a proprietary license 3 9 1 Component All the open source components included in the Network Module are listed with their licenses 3 9 2 Availability of source code Provides the way to obtain the source code of open source components that are made available by their licensors For the list of system logs see the Information System Logs codes section For othe...

Page 150: ...proprietary elements Provides notice for our proprietary i e non Open source elements 3 9 4 Access rights per profiles Administrator Operator Viewer Legal information 3 9 4 1 For other access rights For other access rights see the Information Access rights per profiles section ...

Page 151: ... alarms are displayed and sorted by date with alert level time description and status Info Warning Critical logo Alarm description text Active In color In bold with Active label Opened In color Closed Greyed 3 10 4 Alarm paging The number of alarms per page can be changed 10 15 25 50 100 Alarms with a severity set as Good are not taken into account into the counter of active alarms ...

Page 152: ...han a specified date and up to a defined severity 3 10 7 Alarms list with codes To get access to the Alarm log codes or the System log codes for email subscription see sections below System log codes UPS HID alarm log codes 9130 UPS XCP alarm log codes ATS alarm log codes EMP alarm log codes Network module alarm log codes 3 10 8 Access rights per profiles Administrator Operator Viewer Alarm list E...

Page 153: ...cess the user profile window 3 11 2 User profile This page displays the current username with its realm local remote and allows to Change passwords Edit account and Log out This page is in read only mode when connected through LDAP and it displays the preferences applied to all LDAP users as configured in the Contextual help Settings Remote users LDAP section ...

Page 154: ...e web interface 154 3 11 2 1 Change password Click on Change password to change the password In some cases it is not possible to change the password if it has already been changed within a day period Refer to the troubleshooting section ...

Page 155: ... Edit account to edit user profile and update the following information Account details Full name Email Phone Organization Preferences Language Date format Time format Temperature 3 11 2 3 Edit account Click Log out to close the session 3 11 3 Default settings and possible parameters User profile Default setting Possible parameters ...

Page 156: ...rench German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Date format MM DD YYYY YYY MM DD DD MM YYY DD MM YYY DD MM YYY DD MM YYYY Time format hh mm ss 24h hh mm ss 12h Temperature C Celsius F Fahrenheit 3 11 3 1 For other settings 3 11 4 Access rights per profiles Administrator Operator Viewer User profile 3 11 4 1 For other access rights 3 11 5 CLI commands logout Des...

Page 157: ...als when I try to change my password in My profile menu Possible cause The password has already been changed once within a day period Action Let one day between your last password change and retry 3 11 6 1 For other issues 3 12 Documentation 3 12 1 Access to the embedded documentation Press the icon on the top right side of the page to access the documentation in a new window See the CLI commands ...

Page 158: ...ent Module How to install and use the Network module Securing the Network Management Module How to secure the Network module Information General information of the Network Module and Devices Troubleshooting How to troubleshoot the Network Module 3 12 2 Access rights per profiles Administrator Operator Viewer Contextual help Full documentation 3 12 2 1 For other access rights Search feature is inde...

Page 159: ...figure credentials to bind with the LDAP server or select anonymous if no credentials are required Configure the Search base DN Configure the request parameters see examples below 4 1 1 1 1 Typical request parameters Parameter OpenLDAP Active Directory with POSIX account activated Active Directory User base DN ou users dc example dc com ou users dc example dc com ou users dc example dc com User na...

Page 160: ...d will display its local profile In case of error use the verbose option of the command to investigate the reason 4 1 3 Limitations If the same username exists in both local and LDAP databases the behavior is undefined If a user belongs to multiple LDAP groups mapped to different profiles the behavior is undefined No client certificate provided It is not possible for the server to verify the clien...

Page 161: ...he agent 2 Detect the UPS Network Module with a Quick scan Range scan or an Address es scan 3 Right click on the UPS Network Module when discovered and then Set as power source Configure it and Save it STEP 3 Action on the Network Module 1 Make sure all listed agents in the card Contextual help Protection Agents list belong to your infrastructure if not access may be revoked using the Delete butto...

Page 162: ...Target Powering down applications first when on battery for 30s database servers next 3min after the applications and storage last as late as possible 4 3 1 2 Step 1 Installation setup 4 3 1 2 1 Objective Use load segmentation provided by the UPS to independently control the power supply of each IT equipment categories Applications Database servers Storage It also allows IT equipment to sequential...

Page 163: ...ation to the time needed for your server to shutdown gracefully This will make sure IPP shutdowns your servers before the load segment is powered down As a result it will define the overall shutdown sequence duration for each load segments 4 3 1 4 Step 3 Power outage policy settings 4 3 1 4 1 Objective Use load segment policies to define shutdown sequencing 4 3 1 4 2 Resulting setup 1 Navigate to ...

Page 164: ...ty is maximized and its shutdown will end 30s before the end of backup time 3 Set Group 1 and Group 2 to Custom Applications must shutdown first so Group 1 has been set to start shutdown when on battery for 30s Servers must shutdown second so Group 2 has been set to start shutdown when on battery for 210s so 3min after the applications ...

Page 165: ...ical equipment Powering down critical equipment 3min before the end of backup time 4 3 2 2 Step 1 Installation setup 4 3 2 2 1 Objective Use load segmentation provided by the UPS to independently control the power supply of each IT equipment categories Applications Database servers Storage Load segmentation also allows IT equipment to restart sequentially on utility recovery Restart sequentially t...

Page 166: ...tion Agent shutdown sequencing page 4 Set the OS shutdown duration to the time needed for your server to shutdown gracefully This will make sure IPP shutdowns your servers before the load segment is powered down As a result it will define the overall shutdown sequence duration for each load segments 4 3 2 4 Step 3 Power outage policy settings 4 3 2 4 1 Objective Use load segment policies to define...

Page 167: ...examples Servicing the Network Management Module 167 Critical equipment is the last one to power down their availability will be maximized and their shutdown will end 180s before the end of backup time 3 Set Group 2 to Immediate off ...

Page 168: ...ially the IT equipment on utility recovery 4 3 3 1 Target Restart the storage first right after utility recovery database servers next 2min after utility recovery and applications last 3min after utility recovery 4 3 3 2 Step 1 Installation setup 4 3 3 2 1 Objective Use load segmentation provided by the UPS to independently control the power supply of each IT equipment categories Applications Data...

Page 169: ...ot 3 Enable the Automatically restart the UPS when battery capacity exceeds and set it to 0 The storage will restart first right after utility recovery without waiting the battery capacity to exceed a limit 4 Set Then Group 1 after to 120s The database servers will restart 120s after the utility recovery 5 Set Then Group 2 after to 60s The database servers will restart 180s after the utility recov...

Page 170: ...ll script executable chmod 700 install_updatePackage sh 4 6 2 2 Procedure To upgrade the Network module using Open a shell terminal on your computer Linux or cygwin meaning real or emulated Linux operating system Use the shell script install_updatePackage sh Usage install_updatePackage sh options Upgrade tool Mandatory arguments are f i u and p h show help f path path of the upgrade file u usernam...

Page 171: ... upgrade inProgress 61 Uncompress and flash upgrade inProgress 78 Uncompress and flash upgrade inProgress 92 Uncompress and flash upgrade inProgress 100 Uncompress and flash upgrade inProgress 100 Uncompress and flash upgrade Executing post post_upgrade sh script upgrade Upgrade done Warning Permanently added X X X X ECDSA to the list of known hosts Rebooting res Y Update OK 4 7 Changing the RTC b...

Page 172: ... battery cell the positive mark should be visible when inserting it 6 Replace the Network Module and secure the screw reconnect the Network cable if it was unplugged during the operation 7 Connect the Network Module and set the date and time For more information see the Date Time section ...

Page 173: ... local time is synchronized with the Network Module 4 9 1 2 If the Network Module time is lost The Network Module and the UPS time is synchronized with the oldest time between the last know Network Module time and the UPS time 4 9 2 Manual time synchronization 4 9 2 1 From the Network Module On the Network Module navigate to Contextual help Settings General System details Time date settings sectio...

Page 174: ... 4 Press Submit to save the changes 4 12 Recovering main administrator password To recover the main administrator password ask another administrator to initialize the password If it is not possible proceed to the card sanitization Access the Network Module disconnect the Network cable if needed Unscrew the Network Module and remove it from the slot Locate the SANITIZATION switch that is located on...

Page 175: ...needed Connect the Network Module by using the default credentials of the main administrator admin admin You will be forced to change the password accordingly to the current password strength rules 4 13 Switching to static IP Manual Changing IP address of the Network Module Administrators can switch to static IP in the Settings menu and change the IP address of the Network Module Navigate to Conte...

Page 176: ...h the button on the top of the diagram 4 15 Subscribing to a set of alarms for email notification 4 15 1 Example 1 subscribing only to one alarm load unprotected Follow the steps below 1 Navigate to Contextual help Settings General Email notification settings 2 Press the button New to create a new configuration 3 Select Active Yes Configuration name Load unprotected notification Email address myad...

Page 177: ...s for email notification Servicing the Network Management Module 177 4 Press Save the table will show the new configuration Logs will be attached by default in that example even if there is no subscription on card or device events ...

Page 178: ...l Email notification settings 2 Press the button New to create a new configuration 3 Select Active Yes Configuration name ALL Critical and User account Warning notification Email address myaddress mycompany com Notify on events Active Subscribe to Critical card events and Critical device events Always notify events with code 0800700 0800900 User account password expired User account locked 4 Press...

Page 179: ...tion settings Servicing the Network Management Module 179 4 16 Saving Restoring Duplicating Network module configuration settings 4 16 1 Modifying the JSON configuration settings file 4 16 1 1 JSON file structure The JSON file is structured into 3 blocks ...

Page 180: ... a Data block Data block cannot be modified this is the mandatory structure of the JSON file b Value block If some values inside the Value block need to be kept Value block structure cannot be modified this is the mandatory structure of the JSON file If it is removed from the JSON file these values will not be updated restored c Values Values can be kept as is modified or removed Removed values wi...

Page 181: ...l users is not yet available only the predefined account main administrator can be modified 4 16 1 3 3 Modifying SNMP settings Original file Modified file SNMP disabled SNMP enabled on port 161 SNMPv1 disabled SNMPv3 enabled 2 x accounts 1 x read only user enabled with Auth Priv security level and passwords 1x read write user enabled with Auth Priv security level and passwords 1 x active trap When...

Page 182: ...ng the Network Management Module 182 Original file Modified file 4 16 1 3 4 Making a partial update restoration a Example Updating Restoring only LDAP settings If you restore below JSON content only LDAP settings will be updated restored everything else will remain unchanged ...

Page 183: ...xx OU xxxx OU xxxx DC xxxx DC xxxx password plaintext null searchBase searchBaseDN DC xxx DC xxx DC xxx requestParameters userBaseDN OU xxxx DC xxxx userNameAttribute xxxx uidAttribute objectSid x x x xx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx groupBaseDN OU xxxx DC xxxx groupNameAttribute xx gidAttribute objectSid x x x xx xxxxxxxxxx xxxxxxxxxx xxxxxxxxxx profileMapping remoteGroup xxxxxxxxxxxxxx profil...

Page 184: ...YYYY MM DD d m Y DD MM YYYY d m Y DD MM YYYY d m Y DD MM YYYY m d Y MM DD YYYY d m Y DD MM YYYY preferences timeFormat 1 24h 0 12h preferences temperatureUnit 1 C 2 F Data Values example Card Data Values example Date timeZone Europe Paris Africa Johannesburg America New_York Asia Shanghai Refer to the Web interface for the full list Data Values example email periodicReport periodicity Every day Ev...

Page 185: ...k_card Card System Information modbus_ms Eaton ModbusMS compatible mapping configurations transportFilter Access to all xx xxx xx xx yy yyy yy yy Access to a list of IP address mapping configurations deviceID 1 to 247 mapping configurations access 0 None 1 Read only 3 Read Write mapping configurations illegalReadBehavior 1 Return exception 2 return zeros rtu configuration baudrate 1 1200pbs 2 2400...

Page 186: ...portFilter Access to all xx xxx xx xx yy yyy yy yy Access to a list of IP address mapping configurations deviceID 1 to 247 mapping configurations access 0 None 1 Read only 3 Read Write mapping configurations illegalReadBehavior 1 Return exception 2 return zeros Data Values example MQTT Data Values example Power outage policy id 1 Primary 2 Group 1 3 Group 2 Data Values example Remote user preferen...

Page 187: ...ta Values example Schedule scheduler 1 Primary 2 Group 1 3 Group 2 recurrence 0 once 1 every day 2 every week shutdownTimeStamp timestamp unix restartTimeStamp timestamp unix Data Values example SMTP Data Values example SNMP traps receivers protocol 1 SNMP v1 3 SNMP v2 traps receivers user User configuration cannot be duplicated without manual configuration through the Web interface Data Values ex...

Page 188: ...through the CLI Navigate to Information CLI save_configuration restore_configuration section to get example on how to save and restore settings through the CLI 4 16 3 Saving Restoring Duplicating settings through the Web interface Navigate to Contextual help Maintenance Services section to get information on how to save and restore settings through the Web interface ...

Page 189: ...reasing concern regarding cybersecurity across industries where companies are steadily integrating field devices into enterprise wide information systems This occurs in discrete manufacturing and process industrial environments a wide range of general and specific purpose commercial buildings and even utility networks Traditionally electrical systems were controlled through serial devices connecte...

Page 190: ...ograms and provides access to that device Worm a device program that spreads without user interaction and affects the stability and performance of the ICS network Spyware a device program that changes the configuration of a device 5 1 5 Defense in depth While there are differences between traditional IT systems and ICS the fundamental concept of defense in depth is applicable to both Defense in de...

Page 191: ...ll protection methods that hide and protect individual devices and computers in a control network These firewalls communicate at the application layer and can provide better inspection capabilities Because they collect extensive log data application level proxy firewalls can negatively impact the performance of an ICS network Stateful inspection firewalls These firewalls work at the network sessio...

Page 192: ...ontrol both physical and logical should be defined and implemented The key consideration when designing access control is defining the required interactions both within a given zone and between zones These interactions should be mapped out clearly and prioritized based on need It is important to realize that every hole poked in a firewall and each non essential functionality that provides access o...

Page 193: ...andards 5 1 7 1 Understanding an ICS network Creating an inventory of all the devices applications and services that are hosted in a network can establish an initial baseline for what to monitor Once those components are identified and understood control ownership and operational consideration can be developed 5 1 7 2 Log and event management It is important to understand what is happening within ...

Page 194: ...ice Extensive testing needs to be conducted before deployment to minimize this impact 5 1 7 5 Continuous assessment and security training It is critical that ICS network administrators and regular users be properly trained to ensure the security of the ICS and the safety of the people who operate and depend on it Ongoing vulnerability assessments are critical to identify issues and understand the ...

Page 195: ... To protect important assets all organizations must take cybersecurity threats seriously and meet them proactively with a system wide defensive approach specific to organizational needs There is no protection method that is completely secure A defense mechanism that is effective today may not be effective tomorrow the ways and means of cyber attacks constantly change It is critical ICS administrat...

Page 196: ...t gov sites default files FactSheets NCCIC 20ICS_FactSheet_Defense_in_Depth_Strategies_S508C pdf 2 NIST SP 800 82 Guide to Industrial Control Systems ICS Security June 2011 http csrc nist gov publications nistpubs 800 82 SP800 82 final pdf 3 NIST SP 800 94 Guide to Intrusion Detection and Prevention Systems IDPS Feb 2007 http csrc nist gov publications nistpubs 800 94 SP800 94 pdf 4 Common Cyberse...

Page 197: ...ers that can be referenced at www eaton com cybersecurity 5 2 2 Secure configuration guidelines 5 2 2 1 Asset identification and Inventory Keeping track of all the devices in the system is a prerequisite for effective management of Cybersecurity of a system Ensure you maintain an inventory of all the components in your system in a manner in which you uniquely identify each component To facilitate ...

Page 198: ...d such as locks card readers and or guards etc Network module supports the following physical access ports controller mode switches and USB ports RJ45 USB A USB Micro B Access to them need to be restricted Do not connect unauthorized USB device or SD card for any operation e g Firmware upgrade Configuration change and Boot application change Before connecting any portable device through USB or SD ...

Page 199: ...or instructions on how to edit a user account Server and client certificate configuration Navigate to Contextual help Settings Certificate Follow embedded help for instructions on how to configure it 5 2 2 4 Deactivate unused features Network module provides multiple options to upgrade firmware change configurations set power schedules etc The device also provide multiple options to connect with t...

Page 200: ...nd when required or released Navigate in the help to Contextual help Maintenance Services to get information on how to upgrade the Network Module Eaton also has a robust vulnerability response process In the event of any security vulnerability getting discovered in its products Eaton patches the vulnerability and releases information bulletin through its cybersecurity web site http eaton com cyber...

Page 201: ...e Refer to the section Contextual help Settings Local users in the settings 5 4 Decommissioning the Network Management module With the increased frequency of reported data breaches it s becoming more and more necessary for companies to implement effective and reliable decommissioning policies and procedures In order to protect the data stored on retired IT equipment from falling into the wrong han...

Page 202: ... device or to the loads that are connected to it The EMP monitors temperature and humidity information to help you protect critical equipment The EMP measures temperatures from 0 C to 70 C with an accuracy of 2 C The EMP measures relative humidity from 10 to 90 with an accuracy of 5 The EMP can be located some distance away from the device with a CAT5 network cable up to 50m 165 ft long The EMP mo...

Page 203: ...l the other EMPs 6 3 1 1 1 Example manual addressing of 3 EMPs connected to the Device 6 3 2 Mounting the EMP The EMP includes magnets cable ties slots and keyholes to enable multiple ways of mounting it on your installation Address must be defined before the EMP power up otherwise the changes won t be taken into account Do not set Modbus address to 0 otherwise the EMP will not be detected Green L...

Page 204: ...tener Side mounting magnets tie wraps 6 3 2 1 Rack mounting with keyhole example To mount the EMP on the rack use the supplied screw washer and nut Then mount the EMP on the screw and tighten it 6 3 2 2 Rack mounting with tie wraps example To mount the EMP on the door of the rack use the supplied cable ties ...

Page 205: ...and tighten it 6 3 2 4 Wall mounting with nylon fastener example To mount the EMP within the enclosure environment attach one nylon fastener to the EMP and the other nylon fastener to an enclosure rail post Then press the two nylon strips together to secure the EMP to the rail post Cut nylon fastener and stick it on the EMP bottom on the location highlighted below this will prevent to interfere wi...

Page 206: ...P RJ45 female female connector supplied in EMP accessories USB to RS485 converter cable supplied in EMP accessories Ethernet cable not supplied Device 6 3 3 2 2 Connection steps STEP 1 Connect the USB to RS485 converter cable to the USB port of the Device Address must be defined before the EMP power up otherwise the changes won t be taken into account Do not set Modbus address to 0 otherwise the E...

Page 207: ... EMPs 2 x Ethernet cable not supplied Device 6 3 4 2 Steps STEP 5 Connect the Ethernet cable to the TO SENSORS port of the first EMP and to the FROM DEVICE port of the second EMP STEP 6 Connect the Ethernet cable to the TO SENSORS port of the second EMP and to the FROM DEVICE port of the third EMP 6 3 5 Connecting an external contact device Use the supplied tie wraps to secure the RS485 to USB cab...

Page 208: ...ck Discover The EMP connected to the Network module appears in the table Press the pen logo to edit EMP information and access its settings Click Define offsets to define temperature or humidity offsets if needed STEP 4 Define alarm configuration refer to the contextual help for details Contextual help Environment Alarm configuration Select the Alarm configuration page Enable or disable alarms Def...

Page 209: ...MP Refer to the section Contextual help Environment Commissioning Status 6 5 3 Enabling temperature compensated battery charging in the UPS To enable the temperature compensated battery charging refer to the UPS user manual The temperature compensated battery charging feature needs to be enabled in the UPS ...

Page 210: ...he network Solid yellow UPS Network Module is connected to the network but no activity detected Flashing yellow UPS Network Module is connected to the network and sending or receiving data AUX connector For Network Module accessories only Restart button Ball point pen or equivalent will be needed to restart Short press 6s Safe software restart firmware safely shutdown before restart Long press 9s ...

Page 211: ...put power 5V 5 200mA Date Time backup CR1220 battery coin cell The RTC is able to keep the date and the time when Network Module is OFF Functions Languages English French German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Alarms Log Email SNMP trap web interface Log on events Network Gigabit ETHERNET 10 100 1000Mb s auto negotiation HTTP 1 1 SNMP V1 SNMP V3 NTP SMTP DHC...

Page 212: ...cters maximum Hide IP address from the email body enable disabled Status Active Inactive Alarm notifications Active No Yes All card events Subscribe Attach logs Critical alarm Subscribe Attach logs Warning alarm Subscribe Attach logs Info alarm Subscribe Attach logs All device events Subscribe Attach measures Attach logs Critical alarm Subscribe Attach measures Attach logs Warning alarm Subscribe ...

Page 213: ...nable 0 32 disable Minimum lower case enable 0 32 disable Minimum digit enable 0 32 disable Special character enable 0 32 disable Password expiration Number of days until password expires disabled Main administrator password never expires disabled Number of days until password expires disable enable 1 99999 Main administrator password never expires disable enable Lock account Lock account after xx...

Page 214: ...ecurity SSL None Start TLS SSL Verify server certificate disabled enabled Primary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Secondary server Name 128 characters maximum Hostname 128 characters maximum Port x xxx Credentials Anonymous search bind disabled enabled Search user DN 1024 characters maximum Password 128 characters maximum Search base Search base DN 102...

Page 215: ...e format hh mm ss 24h Configure Active Yes No Retry number 0 to 128 Primary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Secondary server Name 128 characters maximum Address 128 characters maximum Secret 128 characters maximum UDP port 1 to 65535 Time out 3 to 60 Users preferences Language English French German...

Page 216: ...l duplex HTTPS Port 443 Port x xxx Syslog Inactive Server 1 Name Primary Status Disabled Hostname empty Port 514 Protocol UDP Message transfer method Non transparent framing Using unicode byte order mask BOM disabled Server 2 Name empty Status Disabled Hostname empty Port 514 Protocol UDP Message transfer method DIsabled in UDP Using unicode byte order mask BOM disabled Inactive Active Server 1 Na...

Page 217: ...xxx SNMP V1 disable enable Community 1 128 characters maximum Enabled Inactive Active Access Read only Community 2 128 characters maximum Enabled Inactive Active Access Read Write SNMP V3 disable enable User 1 32 characters maximum Enabled Inactive Active Access Read only Read Write Authentication Auth SHA 1 None Password 128 characters maximum Confirm password 128 characters maximum Privacy Secur...

Page 218: ...Device ID from 1 to 247 Access None Read only Read Write Illegal read behaviour Return exception Return zeros Coil register base address shift No shift Shift by 1 JBUS Default settings and possible parameters Certificate Default setting Possible parameters Local certificates Common name Service Hostname selfsigned Country FR State or Province 38 City or Locality Grenoble Organization name Eaton Or...

Page 219: ...ronment Alarm configuration Default setting Possible parameters Temperature Enabled No Low critical 0 C 32 F Low warning 10 C 50 F High warning 70 C 158 F High critical 80 C 176 F Enabled No Yes low critical low warning high warning high critical Humidity Enabled No Low critical 10 Low warning 20 High warning 80 High critical 90 Enabled No Yes 0 low critical low warning high warning high critical ...

Page 220: ...nglish Date format MM DD YYYY Time format hh mm ss 24h Temperature C Celsius Account details Full name 128 characters maximum Email 128 characters maximum Phone 64 characters maximum Organization 128 characters maximum Preferences Language English French German Italian Japanese Russian Simplified Chinese Spanish Traditional Chinese Date format MM DD YYYY YYY MM DD DD MM YYY DD MM YYY DD MM YYY DD ...

Page 221: ...tor Operator Viewer Control 7 4 4 Protection Administrator Operator Viewer Protection Scheduled shutdowns Administrator Operator Viewer Protection Agent list Administrator Operator Viewer Protection Agent settings Administrator Operator Viewer Protection Sequence 7 4 5 Environment Administrator Operator Viewer Environment Commissioning Environment Status Administrator Operator Viewer Environment A...

Page 222: ...perator Viewer Network Protocols Administrator Operator Viewer SNMP Administrator Operator Viewer Modbus for INDGW only Administrator Operator Viewer Certificate Administrator Operator Viewer ATS 7 4 7 Maintenance Administrator Operator Viewer System information Administrator Operator Viewer Firmware Administrator Operator Viewer Services Administrator Operator Viewer Resources Administrator Opera...

Page 223: ...iewer User profile 7 4 11 Contextual help Administrator Operator Viewer Contextual help Full documentation 7 4 12 CLI commands Administrator Operator Viewer get release info Administrator Operator Viewer history Administrator Operator Viewer ldap test Administrator Operator Viewer logout Administrator Operator Viewer maintenance Administrator Operator Viewer modbus_message_display for INDGW only A...

Page 224: ...erator Viewer sanitize Administrator Operator Viewer ssh keygen Administrator Operator Viewer time read only read only Administrator Operator Viewer traceroute traceroute6 Administrator Operator Viewer whoami Administrator Operator Viewer email test Administrator Operator Viewer systeminfo_statistics Administrator Operator Viewer certificates 7 5 List of event codes To get access to the Alarm log ...

Page 225: ...rated imported for service server logSystem csv 0E00300 Warning The self PKI signed certificate of the service server will expires in X days logSystem csv 0800700 Warning User account password expired logAccount csv 0800900 Warning User account locked logAccount csv 0C00100 Warning Unable to send email Smtp server is unknown logSystem csv 0C00200 Warning Unable to send email Authentication method ...

Page 226: ...00600 Info Notice Error Debug Script execution log message logSystem csv 0800100 Notice User account created user account id logAccount csv 0800200 Notice User account deleted user account id logAccount csv 0800400 Notice User account name changed user account id logAccount csv 0800600 Notice User account password changed logAccount csv 0800800 Notice User account password reset user account id lo...

Page 227: ...zzz logUpdate csv 0B00300 Info Time with NTP synchronized logSystem csv 0B00600 Info Time settings changed logSystem csv 0B01100 Info Time reset to last known date date logSystem csv 0C00F00 Info Test email 1000100 Info Settings saving requested logSystem csv 1000200 Info feature settings saved logSystem csv 1000A00 Info Settings restoration requested logSystem csv 1000E00 Info feature settings re...

Page 228: ...ry voltage high critical Battery voltage OK Check battery 62D Critical Battery charge current low critical Battery charge current OK Check battery 62F Critical Battery charge current high critical Battery charge current OK Check battery 631 Critical Battery discharge current low critical Battery discharge current OK Check battery 633 Critical Battery discharge current high critical Battery dischar...

Page 229: ...nput AC voltage in range 109 Warning Input AC voltage out of range Input AC voltage in range 110 Warning Building alarm through dry contact Building alarm OK 11F Warning Building alarm through Network module Building alarm OK 10A Warning Input AC unbalanced End of input AC unbalanced 200 Warning Bypass phase out range Bypass phase in range 201 Warning Bypass not available Bypass available Service ...

Page 230: ...eck battery 62E Warning Battery charge current high warning Battery charge current OK Check battery 630 Warning Battery discharge current low warning Battery discharge current OK Check battery 632 Warning Battery discharge current high warning Battery discharge current OK Check battery 634 Warning Battery temperature low warning Battery temperature OK Check battery 636 Warning Battery temperature ...

Page 231: ...Warning Batteries are aging Consider replacement Batteries aging condition cleared 7 5 2 3 Info Code Severity Active message Non active message Advice 005 Info Communication lost with UPS Communication recovered with UPS Service required 009 Info On high efficiency On ESS mode High efficiency disabled ESS disabled 013 Info Upgrading limited communication End of upgrade mode 101 Info On AVR Boost E...

Page 232: ... thermal overload No power overload 2112 Critical DCDC converter failure DCDC converter OK 2132 Critical Parallel UPS protection lost Parallel UPS protection OK 2143 Critical Maintenance bypass Not on maintenance bypass 2188 Critical Bypass AC module failure Bypass AC module OK 2191 Critical Battery fault Battery OK Check battery 2192 Critical Fuse fault Fuse OK 2193 Critical Fan fault Fan OK 2199...

Page 233: ...K 2011 Warning Output frequency out of range Output frequency in range 2021 Warning Charger temperature alarm Charger temperature OK 2023 Warning Max charger voltage Charger voltage OK 2025 Warning Power overload No power overload 2027 Warning Output over current No output over current 2028 Warning DC bus too high DC bus voltage OK 2029 Warning DC bus too low DC bus voltage OK 2032 Warning Battery...

Page 234: ...er closed 2326 Warning Bypass phase out range Bypass phase in range 2327 Warning Bypass voltage out of range Bypass voltage in range 2366 Warning Bypass bad wiring Bypass wiring OK 7 5 3 3 Info Code Severity Active message Non active message Advice 2063 Info Communication lost Communication recovered 2196 Info On AVR Buck End of AVR Buck 2197 Info On AVR Boost End of AVR Boost 2227 Info On high ef...

Page 235: ...nge F02 Warning Out of range In range F04 Warning Voltage in derated range Voltage in normal range F06 Warning Frequency out of range Frequency in range F07 Warning Not in range In range F09 Warning Voltage in derated range Voltage in normal range F0C Warning In overload Not in overload F0F Warning Internal configuration failure Internal configuration OK F12 Warning Overload Fault No overload faul...

Page 236: ...essage Advice F05 Good Source 1 used to power the load Source 1 not used to power the load F0A Good Source 2 used to power the load Source 2 not used to power the load F19 Good On preferred source Alarms with a severity set as Good are not taken into account into the counter of active alarms ...

Page 237: ...ation lost Communication recovered 1202 Warning Temperature is low Temperature is back to normal 1203 Warning Temperature is high Temperature is back to normal 1212 Warning Humidity is low Humidity is back to normal 1213 Warning Humidity is high Humidity is back to normal 7 5 5 3 With settable severity Code Severity Active message Non active message Advice 1221 Settable Contact is active Contact i...

Page 238: ...otection sequential shutdown in progress Protection sequential shutdown completed 1054 Info Protection agent is in unknown state Protection agent is in service 1055 Info Protection agent is starting Protection agent is in service 1056 Info Protection agent is stopping Protection agent is in service 1057 Info Protection agent is stopped Protection agent is in service 1100 Info Schedule shutdown dat...

Page 239: ...les in the table below Alarm oid at 1 3 6 1 2 1 33 1 6 3 x Description when trap 3 Description when trap 4 1 3 6 1 2 1 33 1 6 3 1 Battery test failed Battery test OK 1 3 6 1 2 1 33 1 6 3 2 Battery discharging End of UPS battery discharge 1 3 6 1 2 1 33 1 6 3 3 Low battery Battery OK 1 3 6 1 2 1 33 1 6 3 5 Temperature alarm Temperature OK 1 3 6 1 2 1 33 1 6 3 6 Input AC not present Input AC present...

Page 240: ... 4 1 534 1 11 4 1 0 13 Load not powered 1 3 6 1 4 1 534 1 11 4 1 0 14 On battery 1 3 6 1 4 1 534 1 11 4 1 0 15 Building alarm through input dry contact 1 3 6 1 4 1 534 1 11 4 1 0 16 Shutdown imminent 1 3 6 1 4 1 534 1 11 4 1 0 17 No more on bypass 1 3 6 1 4 1 534 1 11 4 1 0 20 Breaker open 1 3 6 1 4 1 534 1 11 4 1 0 23 Battery test failed 1 3 6 1 4 1 534 1 11 4 1 0 26 Communication lost 1 3 6 1 4 ...

Page 241: ...0 20 Remote temperature low 1 3 6 1 4 1 534 10 2 10 21 Remote temperature high 1 3 6 1 4 1 534 10 2 10 22 Remote temperature normal 1 3 6 1 4 1 534 10 2 10 23 Remote humidity low 1 3 6 1 4 1 534 10 2 10 24 Remote humidity high 1 3 6 1 4 1 534 10 2 10 25 Remote humidity normal 1 3 6 1 4 1 534 10 2 10 26 Contact 1 active 1 3 6 1 4 1 534 10 2 10 27 Contact 1 inactive 1 3 6 1 4 1 534 10 2 10 28 Contac...

Page 242: ...etwork and time settings of the network card It can also be used for troubleshooting and remote reboot reset of the network interface in case the web user interface is not accessible Warning Changing network parameters may cause the card to become unavailable remotely If this happens it can only be reconfigured locally through USB 7 7 1 Commands available You can see this list anytime by typing in...

Page 243: ...start of the line CTRL E Move to the end of the line up Move to the previous command line held in history down Move to the next command line held in history left Move the insertion point left one character right Move the insertion point right one character DELETION KEYS CTRL C Delete and abort the current line CTRL D Delete the character to the right on the insertion point CTRL K Delete all the ch...

Page 244: ...p history cr Display the current session s command line history by default display last 10 commands Unsigned integer Set the size of history list zero means unbounded Example history 6 display the 6 last command 7 7 4 3 Specifics 7 7 4 4 Access rights per profiles Administrator Operator Viewer history 7 7 5 ldap test 7 7 5 1 Description Ldap test help to troubleshoot LDAP configuration issues or w...

Page 245: ...ry Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional ldap test checkmappedgroups primary secondary v Check LDAP mapping p primary Force the test to use primary server optional s secondary Force the test to use secondary server optional v verbose Print the exchanges with LDAP server optional Quick guide for testing In case of issue with LDAP con...

Page 246: ...iewer logout 7 7 7 maintenance 7 7 7 1 Description Creates a maintenance report file which may be handed to the technical support 7 7 7 2 Help maintenance cr Create maintenance report file h help Display help page 7 7 7 3 Specifics 7 7 7 4 Access rights per profiles Administrator Operator Viewer maintenance 7 7 8 modbus_message_display This section is only for the Modbus Network Module INDGW ...

Page 247: ...9 modbus_statistics 7 7 9 1 Description modbus_statistics displays Modbus RTU and TCP status and server statistics Bus character overrun count Bus frame error count Bus parity error count Buffer overrun count Bus message count Valid message count CRC error count Incoming message count Discarded message count Processed message count Success returned count Exception returned count 7 7 9 2 Help modbu...

Page 248: ...k configuration of the card 7 7 10 2 Help For Viewer and Operator profiles netconf h Usage netconf OPTION Display network information and change configuration h help display help page l lan display Link status and MAC address 4 ipv4 display IPv4 Mode Address Netmask and Gateway 6 ipv6 display IPv6 Mode Addresses and Gateway d domain display Domain mode FQDN Primary and Secondary DNS For Administra...

Page 249: ...alues set custom Network address Netmask and Gateway manual domain name primary DNS secondary DNS automatically set Domain name Primary and Secondary DNS dhcp i set ipv4 mode Mode values set custom Network address Netmask and Gateway manual network mask gateway automatically set Network address Netmask and Gateway dhcp x set ipv6 status Status values enable IPv6 enable disable IPv6 disable x set i...

Page 250: ...utility uses the ICMP protocol s mandatory ECHO_REQUEST datagram to elicit an ICMP ECHO_RESPONSE from a host or gateway ECHO_REQUEST datagrams pings have an IP and ICMP header followed by a struct timeval and then an arbitrary number of pad bytes used to fill out the packet c Specify the number of echo requests to be sent h Specify maximum number of hops Hostname or IP Host name or IP address ping...

Page 251: ...pecifics 7 7 12 4 Access rights per profiles Administrator Operator Viewer reboot 7 7 13 save_configuration restore_configuration 7 7 13 1 Description Save_configuration and restore_configuration are using JSON format to save and restore certain part of the configuration of the card 7 7 13 2 Help save_configuration h save_configuration print the card configuration in JSON format to standard output...

Page 252: ...he user shall have administrator profile PASSWORD is the user password PASSPHRASE is any passphrase to encrypt decrypt sensible data CARD_ADDRESS is IP or hostname of the card FILE is a path to the JSON file on your host computer where the configuration is saved or restored 7 7 13 4 Specifics 7 7 13 5 Access rights per profiles Administrator Operator Viewer save_configuration restore_configuration...

Page 253: ... 3 Specifics 7 7 15 4 Access rights per profiles Administrator Operator Viewer ssh keygen 7 7 16 time 7 7 16 1 Description Command used to display or change time and date 7 7 16 2 Help For Viewer and Operator profiles time h Usage time OPTION Display time and date h help display help page p print display date and time in YYYYMMDDhhmmss format For Administrator profile ...

Page 254: ...d alternate NTP servers time set ntpmanual fr pool ntp org de pool ntp org 7 7 16 3 Examples of usage Set date 2017 11 08 and time 22 00 time set manual 201711082200 Set preferred and alternate NTP servers time set ntpmanual fr pool ntp org de pool ntp org 7 7 16 4 Specifics 7 7 16 5 Access rights per profiles Administrator Operator Viewer time read only read only 7 7 17 traceroute and traceroute6...

Page 255: ...file Realm 7 7 18 2 Specifics 7 7 18 3 Access rights per profiles Administrator Operator Viewer whoami 7 7 19 email test 7 7 19 1 Description mail test sends test email to troubleshoot SMTP issues 7 7 19 2 Help Usage email test command Test SMTP configuration Commands email test h help Display help page email test r recipient recipient_address Send test email to the recipient_address Email address...

Page 256: ...age CPU usage upSince date since the system started Ram total MB free MB used MB tmpfs temporary files usage MB Flash user data total MB free MB used MB 7 7 20 2 Help systeminfo_statistics Display systeminfo statistics h help Display the help page 7 7 20 3 Specifics 7 7 20 4 Access rights per profiles Administrator Operator Viewer systeminfo_statistics 7 7 21 certificates 7 7 21 1 Description Allo...

Page 257: ...tes local import SERVICE_NAME csr over SSH sshpass p PASSWORD ssh USER CARD_ADDRESS certificates local csr mqtt 7 7 21 3 2 From a Windows host plink tools from putty is required print over SSH plink USER CARD_ADDRESS pw PASSWORD batch certificates local print SERVICE_NAME revoke over SSH plink USER CARD_ADDRESS pw PASSWORD batch certificates local revoke SERVICE_NAME export over SSH plink USER CAR...

Page 258: ...l org This product includes cryptographic software written by Eric Young eay cryptsoft com This product includes software released under MIT license and developed by various projects peoples and entities such as but not limited to Google Inc the AngularUI Team Lucas Galfasó nerv Angular Konstantin Skipor Filippo Oretti Dario Andrei The angular translate team and Pascal Precht Twitter Inc Zeno Roch...

Page 259: ...ext Transfer Protocol HTTP within a connection encrypted by Transport Layer Security TLS IPP Intelligent Power Protector is a web based application that enables administrators to manage an Devices from a browser based management console Administrators can monitor manage and control a single Device UPS ATS ePDU locally and remotely A familiar browser interface provides secure access to the Device A...

Page 260: ...ting and organizing information about managed devices on IP networks and for modifying that information to change device behavior SSH Secure Shell is a cryptographic network protocol for operating network services securely over an unsecured network SSL Secure Sockets Layer is a cryptographic protocol used for network traffic TCP Transmission Control Protocol TLS Transport Layer Security is cryptog...

Page 261: ...Acronyms and abbreviations Information 261 ...

Page 262: ...onfigure the UPS settings and allow remote commands Example UPS menu Settings ON OFF settings Remote command Enable 8 2 Card wrong timestamp leads to Full acquisition has failed error message on Software 8 2 1 Symptoms IPP IPM shows the error message The full data acquisition has failed even if the credentials are correct 8 2 2 Possible cause The Network module timestamp is not correct Probably th...

Page 263: ...ice and Servicing the EMP Installing the EMP Daisy chaining 3 EMPs 2 Disconnect and reconnect the USB to RS485 cable 3 Launch the discovery if it is still not ok go to Action 1 3 8 4 1 4 Action 1 3 1 Reboot the Network module 2 Launch the discovery 8 4 2 Symptom 2 The EMPs orange RJ45 LEDs are not blinking 8 4 2 1 Possible causes C 1 the EMP address switches are all set to 0 C 2 the EMPs are daisy...

Page 264: ...rk Module Certificates of IPP IPM and the Network Module are not matching so that authentication and encryption of connections between the Network Module and the shutdown agents is not working 8 6 3 Setup IPP IPM is started Network module is connected to the UPS and to the network 8 6 4 Action 1 Check if the IPP IPM certificate validity for the Network Module STEP 1 Connect to the Network Module O...

Page 265: ...nnections to the Network Module are automatically trusted and accepted STEP 4 Action on the agent IPP IPM while the time to accepts new agents is running on the Network Module Remove the Network module certificate file s 0 that is are located in the folder Eaton IntelligentPowerProtector configs tls 8 7 LDAP configuration commissioning is not working Refer to the section Servicing the Network Mana...

Page 266: ...list has been cleared and is now empty 8 10 2 Action The alarm list has been saved on a csv file and can be retrieved using Rest API calls 8 10 2 1 Authenticate curl location request POST https domain rest mbdetnrs 1 0 oauth2 token header Content Type application json data raw username admin password supersecretpassword grant_type password scope GUIAccess 8 10 2 2 Get Alarm Log Backup curl locatio...

Page 267: ... Module Finding and setting the IP address section 8 12 Web user interface is not up to date after a FW upgrade 8 12 1 Symptom After an upgrade The Web interface is not up to date New features of the new FW are not displayed 8 12 1 1 Possible causes The browser is displaying the Web interface through the cache that contains previous FW data 8 12 1 2 Action Empty the cache of your browser using F5 ...

Page 268: ......

Reviews:

No comments

Related manuals for Network-M2

Brand: CAME Pages: 19

Brand: ADTRAN Pages: 9

Brand: ForeScout Pages: 28

Storagelibrary T24

Brand: Tandberg Data Pages: 28

Brand: Genie Pages: 15

Brand: Qixiang Technology Pages: 16

Compact NVR-AS 4000

Brand: IndigoVision Pages: 38

Brand: CAME Pages: 32

IMS LANTIME M1000

Brand: Meinberg Pages: 134

Brand: Intellinet Pages: 12

Brand: Socket Pages: 18

Brand: TRENDnet Pages: 2

Brand: M-Audio Pages: 67

Brand: NAUTICAST Pages: 20

ExtremeCloud Appliance E3120

Brand: Extreme Networks Pages: 27

Brand: Alcatel-Lucent Pages: 8

Brand: Cisco Pages: 160

CCR1009-7G-1C-1S+

Brand: MikroTik Pages: 9

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands