manualshive.com logo in svg

Raritan DOMINION DSX-0N-E, User Manual

The Raritan DOMINION DSX-0N-E is a powerful 1-port secure remote access device for IT professionals. Easily control servers, switches, routers and more with this user-friendly product. Need help setting it up? Download the free User Manual from manualshive.com for step-by-step instructions.

Share
Download
background image

C

HAPTER 

12:

 

C

OMMAND 

L

INE 

I

NTERFACE

 149 

 

Securityprofiles Commands 

The 

securityprofiles 

command menu provides access to the commands used to configure and 

control security profiles. The securityprofiles commands are listed in the table below. 

Table 69 Securityprofiles Commands 

C

OMMAND

 

D

ESCRIPTION

 

profiledata 

View or modify a Security Profile. 

securityprofiles 

Enable and select a Security Profile. 

 

Profiledata Command 

The 

profiledata 

command is used to modify or view a security profile. The Dominion SX 

provides the ability to define security profiles which simplify the assigning of permissions to 
users and groups. There are three types of profiles: 

 

Two are predefined and are standard and secure.  

 

The third allows definition of custom profiles to allow assignment of all permissions by 
assigning one security profile.  
Multiple custom security profiles may be defined.  

The syntax of the profiledata command is: 

profiledata [name <Standard|Secure|Custom>] [telnet <true|false>] 
[strongpass <true|false>] [timeout <true|false>] [single 
<true|false>] [redirect <true|false>] [tls_required <true|false>] 

The profiledata command options are described in Table 70. 

Table 70 Profiledata Command 

C

OMMAND 

O

PTION

 

D

ESCRIPTION

 

[name <Standard|Secure|Custom>]

 

Specifies the type of security profile. 

[telnet <true|false>]

 

Enable/Disable telnet. 

[strongpass <true|false>] 

Enable/Disable strong password. 

[timeout <true|false>]  

Enable/Disable idle timeout. 

[single <true|false>]  

Enable/Disable single login per user. 

[redirect <true|false>]  

Enable/Disable redirection from HTTP to 
HTTPS. 

[tls_required <true|false>] 

Enable/Disable forcing of Transport Layer 
Security (TLS) on HTTPS. 

 

Profiledata Command Example 

The following example defines the custom security profile with telnet disabled, strong passwords 
required, idle timeout enabled, multiple logins allowed, HTTP to HTTPS redirection disabled, 
and the forcing of Transport Layer Security (TLS) on HTTPS. 

admin > Security > SecurityProfiles > profiledata name Custom 
telnet false strongpass true timeout true single false redirect 
false tls_required true 

 

 

 

 

 

Summary of Contents for DOMINION DSX-0N-E

Page 1: ...Dominion SX User Guide Release 3 1 Copyright 2007 Raritan Inc DSX 0N E September 2007 255 60 2000 00...

Page 2: ...This page intentionally left blank...

Page 3: ...e FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial installation This equipment generates uses and can radiate radio frequency energy an...

Page 4: ...ines In Raritan products that require rack mounting follow these precautions Operation temperature in a closed rack environment may be greater than room temperature Do not exceed the rated maximum amb...

Page 5: ...Network Configuration 13 Deployment 14 LAN Connection 14 Modem Connection Optional 14 Chapter 4 Network Settings and Services 15 Configuring the Basic Network Settings 15 Give the DSX a Name 15 Config...

Page 6: ...Handling 60 Strong Password Settings 61 Configure Kerberos 61 Certificates 61 Generate a Certificate Signing Request 62 Install a User Key 63 Install a User Certificate 63 SSL Client Certificate 64 En...

Page 7: ...ine Interface Overview 91 Accessing the Dominion SX Using CLI 94 SSH Connection to the Dominion SX 94 SSH Access from a Windows PC 94 SSH Access from a UNIX Workstation 94 Telnet Connection to the Dom...

Page 8: ...iguring NFS 116 Configuring Ports 117 Ports Configuration Menu 117 Ports Config Command 117 Ports Keywordadd Command 119 Ports Keyworddelete Command 119 Configuring Services 120 dpa Command 120 Encryp...

Page 9: ...Port Power Associations 155 Create a Port Power Association 155 Delete a Port Power Association 156 Power Strip Configuration 156 Power Association Groups 157 Power Control 157 Associations Power Con...

Page 10: ...ape Navigator 188 Remove an Accepted Certificate 188 Install a Third Party Root Certificate 189 Installing a Third Party Root Certificate to Internet Explorer 189 Installing a Third Party Root Certifi...

Page 11: ...Panel 29 Figure 25 Port Keywords Screen 31 Figure 26 Port Configuration Screen 32 Figure 27 Edit Port Screen 33 Figure 28 Direct Port Access Mode Field 34 Figure 29 Port Access Screen 35 Figure 30 Jav...

Page 12: ...n Panel 78 Figure 75 Event Log 79 Figure 76 Send Event Log Screen 80 Figure 77 Backup Screen 81 Figure 78 Restore Screen 82 Figure 79 Firmware Version 83 Figure 80 Firmware Upgrade Screen 84 Figure 81...

Page 13: ...igure 109 Phone Number to Dial 205 Figure 110 Connection Availability 205 Figure 111 Network Connection Type 206 Figure 112 Device Selection 206 Figure 113 Internet Connection 207 Figure 114 Connectio...

Page 14: ...le 21 Routeadd Command 115 Table 22 Routedelete Command 116 Table 23 NFS Command 116 Table 24 Port Configuration Command 117 Table 25 Port Keywordadd Command 119 Table 26 Port Keyworddelete Command 11...

Page 15: ...X Specifications 175 Table 72 Dominion SX Dimensions and Weight 176 Table 73 Dominion SX Requirements 177 Table 74 Browser Requirements 177 Table 75 Connectivity 178 Table 76 Dominion SX RJ 45 Serial...

Page 16: ...Line Interface CSC Common Socket Connection DPA Direct Port Access HTTP Hypertext Transfer protocol HTTPS HTTP Secure over SSL LAN Local Area Network LDAP Lightweight Directory Access Protocol LDAP S...

Page 17: ...ual Private Network Notices Important cautionary information that warns of possible affects on the users corruption risks and actions that may affect warranty and service coverage Note general informa...

Page 18: ......

Page 19: ...SX Provides a non intrusive solution for managing network elements and does not require any installation of software agents on the target device Connects to any networking device servers firewalls loa...

Page 20: ...ers Three Levels of User Access o Administrator Has read and write access to the console window can modify the configuration of unit o Operator Has read and write access to the console window cannot m...

Page 21: ...ome units 1 Raritan Dominion SX User Guide CD ROM which contains the installation and operations information for the Dominion SX 1 Printed Dominion SX Quick Setup Guide 1 Power cord 1 Release Notes 1...

Page 22: ...4 DOMINION SX USER GUIDE This page intentionally left blank...

Page 23: ...y 5000 Username admin all lowercase Password raritan all lowercase Pre Installation Ensure that you have the correct cabling ready to connect to the serial consoles of the target server s or other ser...

Page 24: ...Connect the male end of the external power cord to the power supply outlet 7 Power ON the Dominion SX unit Note The unit will perform a hardware and firmware self test then start the software boot seq...

Page 25: ...ESS Example route add 192 168 0 192 15 128 122 12 UNIX including Sun Solaris system route add 192 168 0 192 CLIENT_HOST IP ADDRESS interface Example route add 192 168 0 192 15 128 122 12 interface 3 T...

Page 26: ...Service Agreement Screen appears Figure 5 Restricted Service Agreement Screen Note Once you click Accept after login the Dominion SX prompts you to change the default password A Change Password screen...

Page 27: ...IP address 192 168 0 192 2 To check the route table in Windows type the command route print in a Command window on the installation computer If 192 168 0 192 is on the gateway list proceed to step 3...

Page 28: ...re group name is the name of the group and class type is Op for operator Ob for observer n1 n2 n3 is a list of port numbers this group has access to separated by comas and no spaces You could configur...

Page 29: ...ee Chapter 12 Command Line Interface for CLI information Dominion SX Initial Software Configuration 1 Log on to the Dominion SX using your new password A Port Access screen appears according to your u...

Page 30: ...ddress of a Network Time Protocol NTP server in the Primary Time Server If you have a backup NTP server enter its IP address in the Secondary Time Server field 4 Type the Interface Name in the Interfa...

Page 31: ...here this unit will reside Gateway IP Gateway Default gateway for this unit 3 Select the Mode from the Mode drop down menu 4 Type the Domain Name in the Domain field 5 Type your Unit Name in the Unit...

Page 32: ...connection LAN 2 4 Perform a quick connectivity check by connecting to the device using the Web browser 5 Enter https IPAddress in the address line where IPAddress is the IP address of the unit as pre...

Page 33: ...and then click Network The Network Basic Settings and Ports screen appears Figure 12 Figure 12 Network Basic Settings and Ports Screen Give the DSX a Name To give the DSX unit a name to help identify...

Page 34: ...the various network access services Service Default Setting HTTP Enabled The default port is 80 This can be changed HTTPS redirect is enabled by default If HTTPS is also enabled all HTTP requests are...

Page 35: ...7 To change any of these network service settings 1 Click the Setup tab and then click Services The Network Service Settings screen appears Figure 13 Network Service Settings 2 Make any necessary chan...

Page 36: ...efault is 10 0 0 2 5 If you want to enable modem dialback click the Enable Modem Dial Back checkbox 6 Click OK Modem access is enabled Configuring IP Forwarding and Static Routes You can enable IP for...

Page 37: ...ace field On a DSX with two LAN interfaces select the one you want from the drop down menu In the Interface field LAN1 eth0 LAN2 eth1 4 Type the IP address subnet mask and gateway of the destination h...

Page 38: ...en click Static Routes The Static Routes screen appears It consists of an Enable IP Forwarding panel and a Static Routes List 2 Go the Static Routes List and click the checkbox next to the route you w...

Page 39: ...many other user profiles as necessary You can create individual user profiles for each person who will be logging into the DSX or you can create a limited number of profiles and allow more than one p...

Page 40: ...ne number in the Dialback field This field is optional 6 Type any comments about the user profile in the Information field This field is to help you identify the profile It is optional 7 Type the pass...

Page 41: ...ot displayed To change the profile s password type a new password in the Password and Confirm Password fields If you leave these fields as is the password is unchanged 5 Click OK when finished The use...

Page 42: ...ck User Group List The Group List screen appears Figure 20 2 Click Add New User Group The New Group screen appears Figure 21 New Group Screen 3 Type a group name in the Group Name field You can enter...

Page 43: ...ick the User Management tab and then click User Group List The Group List screen appears Figure 20 2 Click the Group Name of the group you want to edit The Edit Group screen appears It looks exactly l...

Page 44: ...26 DOMINION SX USER GUIDE...

Page 45: ...d out or the DSX because you can always be authenticated locally Configuring RADIUS You can use Remote Dial In User Service RADIUS to authenticate DSX users instead of local authentication To configur...

Page 46: ...ses Secret 5 Type the root point to bind to the server in the Base DN field This is the same as Directory Manager DN for example BaseDn cn Directory Manager 6 Type a string in the Query field Make sur...

Page 47: ...e Remote Authentication screen appears It contains a TACACS panel Figure 24 TACACS Panel 2 In the TACACS panel click the TACACS button to enable TACACS authentication 3 Under Primary TACACS type the I...

Page 48: ...30 DOMINION SX USER GUIDE...

Page 49: ...ort keywords work as a filter If a keyword is detected then and only then will a corresponding message be logged in a local NFS port log A corresponding event will be sent via SMTP if configured and c...

Page 50: ...rt Configuration screen appears Figure 26 Port Configuration Screen 2 Select the port s you want to configure You can select one port or several ports so long as the port configurations are all the sa...

Page 51: ...s is 9600 Select the Parity Bits from the Parity Bits drop down menu Select the Flow Control from the Flow Control drop down menu 4 In the Detect field indicate whether you want the Dominion SX to det...

Page 52: ...Mode Field 2 Go to the Direct Port Access Mode field The default is Normal which means disabled To enable DPA select either IP or TCP Port from the drop down menu 3 Click OK to save this information...

Page 53: ...erver from the drop down menu in the Class field 7 Select the ports for which you want anonymous port access in the Port Access field 8 Click OK Important The Dominion SX unit must be rebooted to appl...

Page 54: ...n highly recommends that Java Applet Caching be disabled and that you perform the following steps to make sure that Java does not create problems for the system s memory Java Applets and Memory Consid...

Page 55: ...reases the default size to 2M Append the letter m or M to indicate megabytes and k or K to indicate kilobytes Xmx Size in bytes Sets the maximum size to which the Java heap can grow 64M The server fla...

Page 56: ...that provide the user with the ability to Modify emulation settings such as fonts and window size Manage the history of the session Request Write Access to the port Get a Write Lock on the port Send...

Page 57: ...e Timeout setting 2 Click on the Emulator drop down menu to display a list of topics Figure 32 Emulator Drop Down Menu IMPORTANT You must change the default user Idle Timeout setting on the Dominion S...

Page 58: ...2 Accept the Main Menu Shortcut default of None or choose one of the following from the Main Menu Shortcut drop down menu F10 Alt 3 Accept the Show Confirmation Dialog on Exit default or uncheck it 4...

Page 59: ...ings Then click Ok to close the Display Settings window however if you want to change the settings perform the following steps 3 Accept the Terminal Font Properties default of Arial or choose a font f...

Page 60: ...the following from the Encoding drop down menu US ASCII ISO 8859 1 ISO 8859 15 UTF 8 9 Choose one of the following from the Language drop down menu English Japanese Korean Chinese 10 Click Ok to close...

Page 61: ...ong users working in the Raritan Serial Client via the Get Write Access command 10 To enable Write Access click Get Write Access on the Emulator menu You now have Write Access to the target device Whe...

Page 62: ...sers to view the connected users on the Emulator menu Figure 37 Connected Users Window 11 A check mark appears in the Write Access column after the name of the User who has Write Access to the console...

Page 63: ...r at the location where you want to paste the text 4 Click once to make that location active 5 Click Paste on the Edit menu Note Here are keyboard shortcuts that you can use to highlight copy and past...

Page 64: ...46 DOMINION SX USER GUIDE Tools 1 Click on the Tools drop down menu to display a list of topics Figure 39 Tools Menu...

Page 65: ...ar indicates whether logging is on or off 1 On the Tools menu click Start Logging 2 Choose an existing file or provide a new file name in the Save RSC Log dialog box When an existing file is selected...

Page 66: ...og box it sends whatever file you selected directly to the port If there is a loopback plug inserted you see the file displayed If there is currently no target connected then nothing will be visible o...

Page 67: ...al Console and release information about Raritan Serial Console Help Topics To Access Help Topics 1 Click Help Topics on the Help menu 2 Use the navigation bar on the right side of Table of Contents w...

Page 68: ...nd then is connected The steps in this section install the standalone Raritan Serial Client RSC Standalone Raritan Serial Client Requirements The following requirements must be met to support the Rari...

Page 69: ...led The path information will be used later Setting Windows OS Variables 1 Open the Start menu and then open the Control Panel and choose System 2 Go to Advanced and open Environment Variables Figure...

Page 70: ...lick OK Figure 45 Windows OS New System Variable 6 Select the PATH variable and click Edit 7 Add JAVA_HOME bin to the end of the current Variable value Ensure a semicolon separates the new value from...

Page 71: ...ows OS Edit System Variable 9 Select the CLASSPATH variable and click Edit Ensure the CLASSPATH Variable value is configured properly that is its value must have a period in it If for any reason there...

Page 72: ...ER The currently installed version of Java Runtime Environment JRE appears If your path variable is not set to where the java binaries have been installed you may not be able to see the JRE version To...

Page 73: ...r installation file 3 Double click on the executable file to start the installer program The splash screen appears 4 Click Next The installation path screen appears 5 Change the path if desired 6 Clic...

Page 74: ...esired Program Group for the Shortcut 9 Click Next The installation finished screen appears 10 Click Done Launching RSC on Windows Systems 1 Double click on the shortcut or use Start Programs to launc...

Page 75: ...support please try changing the font to Courier New Go to Emulator Settings Display and select Courier New for Terminal Font Properties or GUI Font Properties Installing RSC for Sun Solaris You must...

Page 76: ...n is complete The final screen indicates where you will find an uninstaller program and allows the option of generating an automatic installation script e Click Done to close the Installation window L...

Page 77: ...In some cases this data is required for compliance with governmental or company regulations Encryption of port data log sent to a remote nfs server Security profile Man in the Middle The Security fun...

Page 78: ...pt the system defaults or type your own Login Handling 1 Go to the Login Handling panel and enter a value in the User Idle Timeout minutes field This is the length of inactive time after which the use...

Page 79: ...field or click on the Browse drop down menu and select your file 3 Type the name of the file you want for your Kerberos Configuration File in the Kerberos Configuration File field or click on the Bro...

Page 80: ...e 56 Certificate Signing Request 2 Click the checkbox labeled Generate a Certificate Signing Request 3 Click on the drop down menu in the Bits field Keep the 1024 default or change it to 512 4 Type th...

Page 81: ...labeled Install User Key 3 Type the following information in the corresponding fields The IP address of the host with the key A login and password on the host The path and name of the file containing...

Page 82: ...e certificate 4 Click OK SSL Client Certificate SSL Security certificates are used in browser access to ensure that the device that you are attached to is the device that is authorized to be connected...

Page 83: ...CHAPTER 8 SECURITY 65 Figure 59 SSL Client Certificate Screen...

Page 84: ...n the CA Name field type the name of the CA you want to view 3 Click OK to retrieve the list of CAs Managing the Client Certificate Revocation List CRL The DSX comes with VeriSign and Thawte CA certif...

Page 85: ...onsent banner that forces the user to accept the stated conditions prior to advancing into operation of the console server Figure 60 Banner Screen 1 Check one of the following fields Display Restricte...

Page 86: ...ges If a profile is disabled the features in the profile keep the states they had when the profile was enabled For example if the default TLS Required feature is unchecked and you enable the Secure pr...

Page 87: ...he Edit Custom Security Profile screen appears Figure 62 Edit Custom Security Profile Screen 3 Check one or all of the following fields Telnet Access Strong Password Required Single Login Per User Tim...

Page 88: ...between LAN interfaces Add an IPTables Rule To add an IPTables rule 1 Click the Security tab and then click Firewall The Firewall Screen appears The firewall screen displays the default IPTables rules...

Page 89: ...aximum file size is reached Your choices are Wrap This causes the log file to circle around to the beginning when the end of the file is reached Flat This causes logging to stop when the end of the fi...

Page 90: ...Prefix field 3 Type the maximum file size allowed in the Size field Once this size is reached a new file is created to store the port log data If you enter a value of 0 the DSX will not create a new f...

Page 91: ...Name No Name 1 Port1 U 2 Port2 U 3 Port3 U 4 Port4 U 5 Port5 U 6 Port6 U 7 Port7 U 8 Port8 U 9 Port9 U 10 Port10 U 11 Port11 U 12 Port12 U 13 Port13 U 14 Port14 U 15 Port15 U 16 Port16 U 17 Port17 U 1...

Page 92: ...r this checkbox Figure 68 Input Port Logging Panel 2 Type a directory for input in the In Directory field 3 Click OK Configuring Encryption To configure encryption 1 Go to the Encryption panel and cli...

Page 93: ...the Enable SMTP Server checkbox to enable SMTP logging Figure 70 SMTP Settings Panel 2 Type the IP address of the SMTP server in the SMTP Server IP Address field 3 Type the username and password in t...

Page 94: ...so that the Dominion SX unit can send messages using that SMTP server To verify that the information is correct and working 1 Send a test email by selecting an event such as event amp notice port con...

Page 95: ...NFS Settings Screen 2 Click the Enable NFS checkbox to enable NFS logging 3 Type the IP address of the NFS server in the Primary IP field and then enter the path to the log file in the Primary Directo...

Page 96: ...ty determines which SNMP management stations receive SNMP alerts 4 Click OK Create a New SNMP Destination SNMP destinations determine which SNMP management stations receive SNMP traps To create a new...

Page 97: ...log is displayed Figure 75 shows a typical event log Figure 75 Event Log Note If the number of events in the log exceeds the size of one screen a Next link is added under Event Log at the top of the s...

Page 98: ...FTP server 4 Enter the path to the location where the event log will be stored in the Remote Path field 5 Enter the name of the file to store the event log in the Remote File field 6 Click Send Displ...

Page 99: ...then click Backup The Backup screen appears Figure 77 Backup Screen 2 In the IP Address field type the IP address of the target FTP server where the backup will be written 3 In the Login field type th...

Page 100: ...which the restore data will be retrieved 3 In the Login field type the login name of the account on the system where the restore data will be stored 4 In the Password field type the password of the ac...

Page 101: ...s For example cert_pact tgz on the FTP server 4 Obtain a user account Optional if anonymous access to the FTP server is not supported The Firmware Upgrade feature allows you to upgrade the Dominion SX...

Page 102: ...e the upgrade is initiated the upgrade status message indicates the progress of the upgrade The files are copied and the unit is reset You receive the following message Upgrade is Complete The unit is...

Page 103: ...hange your mind click No Note In case you are not aware of the administrative password to log in the DSX GUI to perform a factory reset you may want to try resetting from the DSX hardware To do so ins...

Page 104: ......

Page 105: ...ure 82 Diagnostics Screen Network Infrastructure Tools Network infrastructure tools allow you to view the status of the active network interfaces and important network statistics You can also perform...

Page 106: ...system displays network statistics Figure 84 Network Statistics 2 By default all statistics are shown To show specific statistics select an entry from the drop down menu in the Options field Your choi...

Page 107: ...Ping The screen displays the results of the ping Trace Route to Host Figure 86 Trace Route to Host 1 Click Trace Route to Host on the Diagnostics screen The Trace Route to Host screen appears 2 Type...

Page 108: ...SX USER GUIDE Administrator Tools Process Status 1 Click Process Status in the Diagnostics Screen The screen displays the results of your request Figure 87 Process Status 2 Click Refresh to update the...

Page 109: ...supports all serial devices such as Command Line Interface Overview Chapter 12 Command Line Interface Note The following figures describe an overview of the CLI commands See CLI Commands for a list of...

Page 110: ...dem events smtp add delete dialback dialin ethernetfailover interface ipforwarding name cleareventlog eventlogfile eventsyslog portlog sendeventlog vieweventlog nfs config keywordadd keyworddelete dpa...

Page 111: ...re sendeventlog upgrade upgradehistory reboot cleareventlog upgradestatus vieweventlog ipmi writelock writeunlock port sub menu reached using escape key sequence ipmidiscover ipmitool password banner...

Page 112: ...ault Use any SSH client that supports SSHv2 to connect to it Note For security reasons SSH V1 connections are not supported by the DSX Specific information about configuring particular SSH clients is...

Page 113: ...g the following command admin Config Services telnet enable true port preferred port number 2 Reboot the system Browser GUI Enable Telnet access in the Setup Services menu Accessing the DSX Unit Once...

Page 114: ...e Stop bits 1 Flow Control None Connection To make a local port connection 1 Open a HyperTerminal application or equivalent 2 Ensure the HyperTerminal is configured to communicate with the port that i...

Page 115: ...Current Time Wed Sep 20 16 17 15 2006 admin Figure 88 Sample Administrator Login 5 login as Janet 6 Password 7 Authentication successful 8 Welcome to the DominionSX Model SX4 UnitName DominionSX Firmw...

Page 116: ...ditional text to make the entry unique and the Tab key to complete the entry CLI Syntax Tips and Shortcuts Tips Commands are listed in alphabetical order Commands are not case sensitive Parameter name...

Page 117: ...tp lpa ssh telnet snmp ntp users groups idletimeout events all Command Example The following command shows the general settings of the SX unit admin show Dominion SX4 64Mb Serial WACEA00008 Current ti...

Page 118: ...ttings Date 2006 09 20 23 20 24 Timezone 13 Use the following steps to set the user date and time 1 admin Config Time timezonelist 2 admin Config Time clock tz 21 datetime 2006 09 23 13 22 33 Setting...

Page 119: ...ory settings firmware System command to display the versions of the firmware help Display an overview of the CLI syntax history Display the current session s command line history http Enable http conn...

Page 120: ...led by default SSH and HTTPS by definition support 128 bit encryption of the traffic between the two ends of the link To accept unencrypted connections the user must manually enable the HTTP and Telne...

Page 121: ...rts Logout Password Target Connections and the CLI The purpose of the Dominion SX unit is to let authorized users establish connections to various targeted devices using the connect command Before con...

Page 122: ...ied in real time if they have Write access or Read Only access at any point during the port sharing session Users can request Write permission to a port Administering the Dominion SX Console Server Co...

Page 123: ...format for the user on the server should contain the name of a group configured on the DSX If you use older SX 2 5 and older release formats of op 1 2 4 or a the system will allow you to log in and w...

Page 124: ...ius menu provides access to commands used to configure access to a RADIUS server The syntax of the radius menu commands are primaryraduius RADIUS Command Example admin Config Authentication radius pri...

Page 125: ...entlogfile command controls and configures the logging of events to the local log The syntax of the eventlogfile command is eventlogfile enable true false size value style wrap flat The eventlogfile c...

Page 126: ...lowing table Table 10 nfsget Command COMMAND OPTION DESCRIPTION type rc4 aes128 Type of encryption key used for encryption rc4 or aes128 nfsgetkey Command Example admin Config Log nfsgetkey type aes12...

Page 127: ...Maximum Size in bytes for the log file timestamp interval Time interval in seconds between two timestamps in the log file A value of 0 will disable timestamp logging The max value is 99999 update int...

Page 128: ...cation is stored 4 Copy the encrypted portlog file to the same directory 5 Decrypt the file using the command decrypt f portlogfile e keyfilename o outputfile The decrypted file should be saved in out...

Page 129: ...ds COMMAND DESCRIPTION dialback Enable Disable the modem dial back Modem must be enabled for this to work dialin Enable Disable Modem and PPP settings enable disable server IP client IP Modem Menu Com...

Page 130: ...the SX device admin Config Authentication RADIUS primaryradius RADIUS Server Settings Primary Server Enabled true IP Address 10 0 0 188 Port 1812 Secret qaz1wsx On the Remote Radius Server the user s...

Page 131: ...Configuring Network The network menu commands are used to configure the SX network adapter Table 15 Configuration Network Commands COMMANDS DESCRIPTION ethernetfailover Enable Disable network failove...

Page 132: ...et Mask obtained from the IP administrator gw ipaddress Gateway IP Address obtained from the IP administrator mode auto 100fdx Set Ethernet Mode to auto detect or force 100Mbps full duplex 100fdx Inte...

Page 133: ...RIPTION Ports Command Example The following command admin Config Network ports Route Command The route command is used to view the kernel routing table The syntax of the command is route The command o...

Page 134: ...mand enables all keystrokes echoed from the target device to be logged to a remote NFS server located within the network The logs can be reviewed at a later time admin Config NFS nfs The syntax of the...

Page 135: ...et when an idle timeout occurs By sending the exit string the port is disconnected from the DSX and the next user logging into the port will have to log into the target as well Cisco router example lo...

Page 136: ...ort TCP Port assigned for direct port access via Telnet ssh port TCP Port assigned for direct port access via ssh Command Example admin ports config port 1 name ld1 bps 115000 parity odd flowcontrol h...

Page 137: ...specified then a block of contiguous port numbers will be used The given value of base_tcpport is used as starting value For individual port configuration the port portnumber command can be used Port...

Page 138: ...ng tcp port is ssh l sx_user p tcp_port_N sx_ip_addr sx_user sx_ip_addr s password prompted by ssh telnet l sx_user sx_ip_addr tcp_port_N Password prompted by telnet The syntax for accessing a port di...

Page 139: ...successful DPA connection the following appears ssh admin 10 0 13 240 Password Authentication successful Starting DPA for port 1 Authentication successful Escape Sequence is Control You are now master...

Page 140: ...y blank ssh l Anonymous 10 0 13 240 Password Authentication successful Starting DPA for port 1 Authentication successful Escape Sequence is Control You are now master for the port Encryption Command T...

Page 141: ...ble 29 HTTP Command COMMAND OPTION DESCRIPTION enable true false Enable Disable HTTP access port value HTTP server default listen port tcp redirect true false Enable Disable redirection from HTTP to H...

Page 142: ...The lpa command is used to display and set the local port access configuration Dominion SX units have one or two local ports depending on the model Insert reference to App B for the pinouts for DB9 M...

Page 143: ...options are described in the following table Table 32 Telnet Command COMMAND OPTION DESCRIPTION enable true false Enable or disable Telnet access port value Telnet server tcp listen port Telnet Comman...

Page 144: ...he same IP address The syntax of the SNMP delete command is delete dest ipaddress The SNMP delete command options are described in Table 34 Table 34 SNMP Delete Command COMMAND OPTION DESCRIPTION dest...

Page 145: ...sets the Dominion SX date and time to 12 Jul 06 09 22 33 AM in time zone 21 admin Config Time clock tz 21 datetime 2006 07 12 09 22 33 NTP Command The ntp command lets the administrator determine if a...

Page 146: ...erver ports number range Port s assigned to the group Single port or range of ports 1 n or 1 3 4 or for all ports Command Example admin Config User addgroup name unixgroup class op ports 1 3 Adduser C...

Page 147: ...40 Deletegroup Command COMMAND OPTION DESCRIPTION name groupname Group name Command Example admin Config User deletegroup name unixgroup Deleteuser Command The deleteuser command is used to remove a...

Page 148: ...password info user information active true false The edituser command options are described in Table 43 Table 43 Edituser Command COMMAND OPTION DESCRIPTION user loginname Login Name Required fullnam...

Page 149: ...nd a break to the connected target writelock Lock write access to this port writeunlock Unlock write access to this port Diagnostics Commands The diagnostic commands provide a means to gather informat...

Page 150: ...ipmidiscover t 20 10 0 22 1 10 0 22 10 Discovering IPMI Devices IPMI IP 10 0 22 2 IPMI IP 10 0 22 7 It is possible for the IP address range to span different subnets IPMITOOL This command lets you man...

Page 151: ...password a Prompt for the remote server password E The remote server password is specified by the environment variable IPMI_PASSWORD P password Remote server password is specified on the command line...

Page 152: ...figure Management Controller users channel Configure Management Controller channels session Print session information firewall Configure firmware firewall IPMIv2 0 sunoem OEM Commands for Sun servers...

Page 153: ...on the Dominion SX firmware The following commands are system commands backup cleareventlog factoryreset firmware logoff password reboot restore sendeventlog upgrade upgradehistory upgradestatus user...

Page 154: ...stem backup ip 10 0 0 188 login sx password qaz1wsx path home ceci file Bac Cleareventlog Command The cleareventlog command clears the contents of the local event log The syntax of the cleareventlog c...

Page 155: ...ble 51 Password Command COMMAND DESCRIPTION password Sets the current user s password For example the user is logged in and wants to change the current password Reboot Command The reboot command resta...

Page 156: ...he name of the file in which the backup data was saved Restore Command Example In the example below the console server data is being retrieved from a system at IP address 192 168 51 220 The guest acco...

Page 157: ...of FTP Server login login FTP Server login name password password FTP Server password path pathname FTP server path For example ftphome UpgradePack Pack1of1 upgrade Command Example admin Maintenance...

Page 158: ...e false audit true false The banner command options are described in Table 55 Table 55 Banner Command COMMAND OPTION DESCRIPTION display true false Enable Disable banner display audit true false Enabl...

Page 159: ...y created by the MS Server The client command options are described in Table 57 Table 57 Certificate Client Commands COMMAND DESCRIPTION add Install a User Certificate addcrl Install a CA s CRL client...

Page 160: ...aces IPtables Command The iptables command is an administration tool for IPv4 packet filtering and Network Address Translation NAT The iptables command provides an interface to the linux iptables The...

Page 161: ...ict access to the SX from a specific IP address 192 168 1 100 admin Security firewall iptables A INPUT t filter j DROP s 192 168 1 100 Logging a message when IP Address connects To send a syslog messa...

Page 162: ...k mutual authentication and symmetric a k a private secret key cryptography can be achieved in the CLI and GUI of the DSX for remote user authentication See the MIT Kerberos website for information ab...

Page 163: ...ation Kerberos Command Example 1 admin Security Kerberos getkrbconfig ip 192 168 52 197 login vijay password vijayv path home vijay krb5 conf Success 2 kadmin addprinc host dsx 182 domain com REALM ka...

Page 164: ...dloginretries Command The invalidloginretries command specifies the number of failed invalid login attempts before the account is deactivated The syntax of the invalidloginretries command is invalidlo...

Page 165: ...admin Security LoginSettings singleloginperuser enable true Strongpassword Command The Dominion SX server supports both standard and strong passwords Standard passwords have no rules associated with...

Page 166: ...allow to be repeated after 5 passwords have been set Until then there will be no repeats allowed Passwords must be at least 8 and not more than 16 characters admin Security LoginSettings strongpasswor...

Page 167: ...rofiledata name Standard Secure Custom telnet true false strongpass true false timeout true false single true false redirect true false tls_required true false The profiledata command options are desc...

Page 168: ...150 DOMINION SX USER GUIDE...

Page 169: ...s To discover IPMI servers on the network 1 Click the IPMI tab and then click Discover IPMI Devices The Discover IPMI Devices screen appears Figure 91 Discover IPMI Devices Screen 1 You can leave the...

Page 170: ...ostname Remote host name for LAN interface p port Remote RMCP port default 623 U username Remote session username f file Read remote session password from file S sdr Use local file for remote SDR cach...

Page 171: ...ent Filtering PEF sol Configure and connect IPMIv2 0 Serial over LAN tsol Configure and connect with Tyan IPMIv1 5 Serial over LAN isol Configure IPMIv1 5 Serial over LAN user Configure Management Con...

Page 172: ...154 DOMINION SX USER GUIDE...

Page 173: ...up tab and then click Port Power Association List 2 Click Add The Port Power Association screen appears Figure 93 Port Power Association Screen 3 Select the port from the drop down menu in the Port fi...

Page 174: ...Port Power Association screen appears 3 Select the association in the Outlet Association list 4 Click Delete Power Strip Configuration To configure a power strip 1 Click the Setup tab and then click...

Page 175: ...d The Power Association Groups screen appears Figure 95 Power Association Group Screen 17 Type a name and description in the Group Name and Description fields 18 Select the number of outlets from the...

Page 176: ...nimum amount of time to operate If power cycle is selected all associated outlets will be powered off sequentially and then powered on sequentially The cycle delay time reacted here determines the min...

Page 177: ...CHAPTER 14 POWER CONTROL 159 Power Strip Power Control Click Power Strip Power Control on the Power Control menu to access the tool to manage power strips Figure 98 Power Strip Power Control...

Page 178: ...cally connected to DSX named PowerStr1 User is in power menu Action 1 Type command 2 Press Enter CLI Input Command associate port 1 powerstrip PowerStr1 outlet 1 Scenario 2 Port Power Association Asso...

Page 179: ...n 1 Enter command 2 Press enter CLI Input associate port 1 powerstrip PowerStr1 outlet 1 associate port 2 powerstrip PowerStr1 outlet 1 Scenario 5 Port Power Association Associate all available Outlet...

Page 180: ...2 Press Enter CLI Input outlet name PowerStr1 outlet 1 newname TestName Remove Port Power Association Description Power Control Menu Remove a power outlet association from a DSX port Scenario 1 Remove...

Page 181: ...I Input Command addpowergroup name Test Group description Test group Scenario 2 Add a port to a power group Pre condition Administrator user is logged in via CLI Power strip device DPX named PowerStr1...

Page 182: ...is logged in via CLI Power Strip device DPX named PowerStr1 is physically connected to Port1 of DSX Administrator is in power menu Action 1 Enter Command 2 Press Enter CLI Input on powerstrip PowerSt...

Page 183: ...ged in via CLI Power Strip device DPX named PowerStr1 is physically connected to Port1 of DSX Administrator is in power menu Action 1 Enter command to set sequence and power recycle interval 2 Press E...

Page 184: ...ociation named Target2 is already created and available in the list Outle1 of PowerStr1 is associated to Target2 Administrator is in Power Control Associations Power Control menu Action 1 Select Port...

Page 185: ...up Association Pre condition Administrator user is logged in via CLI Administrator is in power menu Group Association named Group1 shown in Fg 1 is already created Action 1 Enter Command 2 Press Enter...

Page 186: ...1 Enter Command 2 Press Enter CLI Input powerdelay sequence 2 cycle 5 on port 3 nodegroup Group1 Scenario 8 Turn OFF Group and Port Association simultaneously Pre condition Administrator user is logg...

Page 187: ...Outlet status Pre condition Administrator user is logged in via CLI Power strip device DPX named PowerStr1 is physically connected to Port1 of DSX Action 1 Check the current status of outlets outlet1...

Page 188: ...Port1 of DSX Group association named Group1 is created Outlet1 and Outlet2 are with status ON Administrator is in Power menu Action 1 Check the current status of outlets outlet1 is turn on 2 Remove Gr...

Page 189: ...y to make sure Maintenance Firmware Upgrade History 6 Refer to Upgrading the DSX Firmware section in Chapter 10 for details Case 2 Configuring and Using Direct Port Access via SSH 1 Purpose To allow u...

Page 190: ...SX port connected to the dual powered server device that you wish to associate outlets with from the drop down menu of Port and enter a description for it such as Internal Web Server Pronto see Port...

Page 191: ...or details Case 8 Accessing Port Access on DSX via RSC 1 Purpose To access a DSX serial target through Raritan Serial Client RSC 2 Log in SX via a web browser with your login username and password suc...

Page 192: ...ol and closed bracket key h To exit the target serial console session enter the letter q to quit You will be re directed back to the SX console and the port serial console session is now closed 3 SSH...

Page 193: ...ODEM LOCAL PORTS ETHERNET PORTS POWER SUPPLY DSX4 4 No 2 1 Single AC DSXB 4 M 4 Yes 1 1 Single AC DSXB 4 DC 4 Yes 2 1 Single DC DSXB 4 DCM 4 Yes 1 1 Single DC DSX8 8 No 1 1 Single AC DSXA 8 8 Yes 1 1...

Page 194: ...x 44mm 5 00 lbs 2 25kg DSX16 11 34 x 10 7 x 1 75 288 x 270 x 44mm 9 61 lbs 4 35kg DSXA 16 17 32 x 11 41 x 1 75 440 x 290 x 44mm 8 20 lbs 3 69kg DSXA 16 DC 17 32 x 11 41 x 1 75 440 x 290 x 44mm 7 8lbs...

Page 195: ...Port many models Integrated 56K V 92 RJ11 port Protocols Optional TCP IP RADIUS SNMP SMTP PAP TACACS NFS HTTP HTTPS SSL SSH PPP NTP LDAP LDAP S and KerberosV5 Browser Requirements Supported The follow...

Page 196: ...connecting a terminal port RJ 45 Connector type of Dominion SX 48 models that have this connector to another Dominion SX Cisco Router DB25F ASCSDB25M adapter and a CAT 5 cable Hewlett Packard UNIX Se...

Page 197: ...ons The following tables list the RJ 45 pinouts for the RJ 45 connector which is on the back of the DSX Table 76 Dominion SX RJ 45 Serial Pinouts and Signals RJ 45 PIN SIGNAL 1 RTS 2 DTR 3 TxD 4 GND 5...

Page 198: ...8 4 DB25M Nulling Serial Adapter Pinouts Table 80 DB25M Nulling Serial Adapter Pinouts RJ 45 FEMALE DB25 MALE 1 5 2 6 8 3 3 4 1 5 7 6 2 7 20 8 4 Dominion SX Terminal Ports All Dominion SX models exce...

Page 199: ...disabled by default Models with two terminal ports support an external modem on only the port with the RI signal On models with only one serial port a modem is built in The externally accessible seria...

Page 200: ...ation about the Dominion SX16 and SX32 Terminal Ports Pins 1 and 9 are used to factory reset units shipped after August 2004 Units shipped prior to August 2004 have the DB9M port labeled RESERVED not...

Page 201: ...255 255 255 0 CSC Port Address TCP 5000 Port address for CC discovery UDP 5000 Factory default username admin Factory default password raritan GENERAL SETTINGS Direct Port Access DPA Normal Mode Off T...

Page 202: ...TCP port 23 needs to be open Both RADIUS TCP port 1812 needs to be open Outgoing LDAP Port 389 needs to be open Outgoing SNMP Port 162 needs to be open Outgoing TACACS Port 49 needs to be open Outgoin...

Page 203: ...browser as Trusted CA Default SX Certificate Authority Settings The Server Certificate generated in the Dominion SX unit must be installed in the browser in order for the browser to trust the Server...

Page 204: ...or cancel the viewing of the certificate Select save and add the file extension cer e g CA_ROOT cer 6 Open the CA_ROOT cer file by double clicking on it This will open the certificate 7 Click on the...

Page 205: ...e certificate to be deleted The Certificate will normally be installed in the Other People tab and will be identified by the name which should be the IP address of the Dominion SX 4 Click Remove A mes...

Page 206: ...Netscape Navigator 1 Launch Netscape Navigator and connect to the IP address of the Dominion SX unit The Web Site Certified by an Unknown Authority window appears 2 Select Accept this certificate perm...

Page 207: ...e CA that provided you with a certificate will have a root certificate available for download Root certificates are available on the CA web site click on the links to download Some of the popular CAs...

Page 208: ...e as the certificate you are trying to install 10 Click Delete and then click OK 11 Return to the CA s Web site and try to download the root certificate again and follow steps 1 through 5 again Genera...

Page 209: ...ertificate of the CA that signed the Client Certificates must be installed on the SX unit with the following steps 1 Retrieve CA s Root certificate used to sign the client certificates and place it on...

Page 210: ...192 DOMINION SX USER GUIDE...

Page 211: ...tallation Note If the IAS setup already exists these instructions may not apply exactly as shown Enable IAS on the Server 1 On the IAS server go to the Control Panel and launch Add or Remove Programs...

Page 212: ...ck Next The Profile dialog appears 9 Click the Edit Profile button 10 Select the Authentication tab Remove other checkmarks and add a checkmark to enable Unencrypted authentication PAP SPAP Note This...

Page 213: ...he User Management tab on DSX screen 2 Go to the Configuration section 3 Select the User Group List 4 Click on Add New User Group You can define port access and user class operator or observer This us...

Page 214: ...an G Admin D 1234567890 if using dial back feature where 1234567890 is the phone number for dial back The value Raritan G Admin must match with the local group on the Dominion SX unit The Dominion SX...

Page 215: ...s the user group name that matches with local group on Dominion SX Group name specified for this attribute on TACACS Must exactly case sensitive match with group name on Dominion SX unit or else authe...

Page 216: ...NION SX USER GUIDE 2 Select Interface Configuration Figure 101 Cisco ACS Interface Configuration 3 Select TACACS Cisco IOS 4 Add dominionsx service under the heading New Services Figure 102 TACACS Pro...

Page 217: ...Custom Attributes check boxes Add the attributes user type and the appropriate values to the text box Note The value for the user group attribute is case sensitive so ensure that it matches exactly t...

Page 218: ...200 DOMINION SX USER GUIDE...

Page 219: ...ine PPP network as the Dominion SX After the dial up connection is established connecting to a Dominion SX is achieved by pointing the web browser to the PPP Server IP Modem installation guidelines ar...

Page 220: ...attached to the Dominion SX unit o Dial using Modem being used to connect to Dominion SX if there is no entry here there is no modem installed in your workstation 4 Click on the Security tab The Secu...

Page 221: ...s 2000 Dial Up Networking Configuration 1 Select Start Programs Accessories Communications Network and Dial Up Connections 2 Double click on the Make New Connection icon when the Network and Dial Up C...

Page 222: ...pe 5 Select the check box before the modem that you want to use to connect to the Dominion SX unit and then click Next Figure 108 Device Selection 6 Type the Area code and Phone number you wish to dia...

Page 223: ...ty screen 2 Click Next Figure 110 Connection Availability The Network Connection has been created 3 Type the name of the Dial up connection 4 Click Finish 5 Click Dial to connect to the remote machine...

Page 224: ...New Connection Wizard 2 Click Next and follow the steps in the New Connection Wizard to create custom dialup network profiles 3 Click the Connect to the Internet radio button and click Next Figure 111...

Page 225: ...207 5 Click on the radio button before Connect using a dial up modem and click Next Figure 113 Internet Connection 6 Type a name to identify this particular connection in the ISP Name field and click...

Page 226: ...the appropriate fields and retype the password to confirm it 9 Click on the checkbox before the appropriate option below the fields and click Next Figure 116 Internet Account Information 10 Click Fin...

Page 227: ...perly connected to a network 3 Ping the unit from a computer on the same network to ensure that network communication with the unit occurs Should the ping fail contact your network administrator There...

Page 228: ...ttp and 443 for https for the unit to operate through a firewall Contact your system administrator and request port 80 and 443 or other custom configured ports for access Login Failure Firewalls must...

Page 229: ...t will not allow the user to log on until the unit receives the result of the authentication request from the RADIUS server Authentication may take up to 20 seconds Be patient and wait until either th...

Page 230: ...rade package is in the correct directory and confirm the upgrade path and IP address of the FTP server If the upgrade still fails reinstall the upgrade package and begin again Insufficient Partition S...

Page 231: ...e The unit supports Web browser access through the modem at connection speeds of 28 8K bps or greater If the baud rate is insufficient the user may be unable to log on to the unit via the modem 28 8K...

Page 232: ...214 DOMINION SX USER GUIDE...

Page 233: ...europe raritan com GuangZhou Monday Friday 9 a m 6 p m local time Phone 86 20 8755 5561 Japan Monday Friday 9 30 a m 5 30 p m local time Phone 81 3 3523 5994 Email support japan raritan com Shanghai...

Reviews:

No comments

Related manuals for DOMINION DSX-0N-E

3Com TokenLink 3C359B Release Note preview
TokenLink 3C359B
Brand: 3Com Pages: 4
3Com TokenLink 3C359B Quick Start Manual preview
TokenLink 3C359B
Brand: 3Com Pages: 8
3Com TokenLink 3C339 Release Note preview
TokenLink 3C339
Brand: 3Com Pages: 2
3Com EtherLink 3C985B-SX Installation And User Manual preview
EtherLink 3C985B-SX
Brand: 3Com Pages: 44
3Com 3CR990 Administration Manual preview
3CR990
Brand: 3Com Pages: 88
3Com 3C16080 Important Information preview
3C16080
Brand: 3Com Pages: 2
3Com 3C905C-TX-M User Manual preview
3C905C-TX-M
Brand: 3Com Pages: 111
3Com TokenLink 3C359 Release Note preview
TokenLink 3C359
Brand: 3Com Pages: 4
3Com 3C421600A Quick Setup Manual preview
3C421600A
Brand: 3Com Pages: 74
3Com 3C421600A Installation Manual preview
3C421600A
Brand: 3Com Pages: 6
LaCie 5big Network 2 Datasheet preview
5big Network 2
Brand: LaCie Pages: 4
LaCie d2 Network 2 Datasheet preview
d2 Network 2
Brand: LaCie Pages: 4
TP-Link TD-8817 Specifications preview
TD-8817
Brand: TP-Link Pages: 3
process-informatik CONNECT Series Operation Quick Start Manual preview
CONNECT Series
Brand: process-informatik Pages: 8
ROE EVISON HD101 User Manual preview
EVISON HD101
Brand: ROE Pages: 41
Juniper EX2500 Quick Start preview
EX2500
Brand: Juniper Pages: 2
Balluff Easy Tool-ID BSG TID-05-T30-00-005 Installation And Operation Manual preview
Easy Tool-ID BSG TID-05-T30-00-005
Brand: Balluff Pages: 46
MEMON memonizerWORKSTATION Quick Start Manual preview
memonizerWORKSTATION
Brand: MEMON Pages: 2

Brands by name

Popular brands

Load more brands