background image

 

Chapter 12: Command Line Interface (CLI) 

 

 

231

 

 

login as: Janet

 

Password:

 

Authentication successful.

 

 
----------------------------------------------------
------------

 

Welcome to the KSX II  [Model: KSX2]

 

UnitName:KSX II        FirmwareVersion:3.0.0.5.1  
Serial:WACEA00008

 

IP Address:192.168.51.194  UserIdletimeout:99min

 

----------------------------------------------------
-------------

 

Port Port                          Port Port

 

No.  Name                          No.  Name

 

1  - Port1 [U]                     2  - Port2 [U]

 

3  - Port3 [U]                     4  - Port4 [U]

 

Current Time: Wed Sep 20 16:05:50 2006

 

Janet >

 

 

 

Navigation of the CLI 

Before using the CLI, it is important to understand CLI navigation and 
syntax. There are also some keystroke combinations that simplify CLI 
use. 

 

Completion of Commands 

The CLI supports the completion of partially-entered commands. After 
entering the first few characters of an entry, press the Tab key. If the 
characters form a unique match, the CLI will complete the entry. 

 

If no match is found, the CLI displays the valid entries for that level. 

 

If multiple matches are found, the CLI displays all valid entries. 

Enter additional text to make the entry unique and press the Tab key to 
complete the entry. 

 

Summary of Contents for DOMINION KSX II

Page 1: ...Copyright 2010 Raritan Inc DKSXII v2 3 0 0D E December 2010 255 62 4030 00 Dominion KSX II User Guide Release 2 3 0 ...

Page 2: ...ss A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference in a commercial installation This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instructions may cause harmful interference to radio communications Operation of this equipment in a res...

Page 3: ...nfigure Network Firewall Settings 24 Step 3 Connect the Equipment 25 Step 4 Configure the KSX II 30 Valid Special Characters for Target Names 33 Step 5 Optional Configure Keyboard Language 37 Chapter 3 Working with Target Servers 38 Interfaces 38 KSX II Local Console KSX II Devices 39 KSX II Remote Console Interface 40 Proxy Server Configuration for use with KSX II MPC VKC and AKC 52 Virtual KVM C...

Page 4: ...Outlets On Off and Cycling Power 87 Chapter 5 Virtual Media 90 Overview 91 Prerequisites for Using Virtual Media 94 Using Virtual Media via VKC and AKC in a Windows Environment 95 Using Virtual Media 96 File Server Setup File Server ISO Images Only 98 Connecting to Virtual Media 100 Local Drives 100 Conditions when Read Write is Not Available 101 CD ROM DVD ROM ISO Images 101 Disconnecting Virtual...

Page 5: ...s 138 Device Services 140 Enabling Telnet 140 Enabling SSH 140 HTTP and HTTPS Port Settings 141 Entering the Discovery Port 141 Enabling Serial Console Access 141 Enabling Direct Port Access via URL 142 Configuring Direct Port Access via Telnet IP Address or SSH 143 Enabling the AKC Download Server Certificate Validation 146 Configuring Modem Settings 147 Configuring Date Time Settings 148 Event M...

Page 6: ...Network Statistics Page 219 Ping Host Page 221 Trace Route to Host Page 222 Device Diagnostics 223 Chapter 12 Command Line Interface CLI 225 Overview 226 Accessing the KSX II Using CLI 227 SSH Connection to the KSX II 227 SSH Access from a Windows PC 227 SSH Access from a UNIX Linux Workstation 227 Telnet Connection to the KSX II 228 Enabling Telnet 228 Accessing Telnet from a Windows PC 228 Local...

Page 7: ...I Local Console 240 Simultaneous Users 240 KSX II Local Console Interface 241 Security and Authentication 241 Local Console Smart Card Access 242 Local Console USB Profile Options 243 Available Resolutions 244 Port Access Page Local Console Server Display 245 Server Display 246 Hot Keys and Connect Keys 247 Connect Key Examples 247 Supported Keyboard Languages 248 Special Sun Key Combinations 249 ...

Page 8: ...276 KSX II to Paragon II Guidelines 277 Supported Video Resolutions 279 KSX II Local Console Support Languages 280 TCP and UDP Ports Used 280 Smart Card Readers 282 Supported and Unsupported Smart Card Readers 282 Minimum System Requirements 283 Environmental Requirements 285 Emergency Connectivity 285 Electrical Specifications 286 Remote Connection 286 KVM Properties 286 Ports Used 286 Target Ser...

Page 9: ... to Fedora Servers 308 Resolving Issues with Firefox Freezing when Using Fedora 308 USB Ports and Profiles 309 VM CIMs and DL360 USB Ports 309 Help for Choosing USB Profiles 309 Changing a USB Profile when Using a Smart Card Reader 311 SUSE VESA Video Modes 311 CIMs 311 Windows 3 Button Mouse on Linux Targets 311 Virtual Media 312 Dell OptiPlex and Dimension Computers 312 Accessing Virtual Media o...

Page 10: ... Media 322 USB Profiles 323 IPv6 Networking 325 Remote Access 326 Ethernet and IP Networking 328 Servers 332 Blade Servers 332 Installation 335 Local Port 337 Power Control 339 Scalability 340 Security 341 Smart Cards and CAC Authentication 343 Managability 344 Miscellaneous 345 Index 347 ...

Page 11: ...KSX II Overview 2 What s New in Help 4 KSX II Help 5 KSX II Client Applications 5 Virtual Media 6 Product Photos 6 Product Features 7 External Product Overview 8 Terminology 11 Package Contents 13 Chapter 1 Introduction ...

Page 12: ...apabilities of the KSX II provide full access and control of your servers from a web browser KSX II is easily installed using standard UTP Cat 5 5e 6 cabling Its advanced features include virtual media up to 256 bit encryption remote power control dual Ethernet LDAP RADIUS Active Directory Syslog integration and web management These features enable you to deliver higher uptime better productivity ...

Page 13: ...duction 3 Diagram key Cat5 cable Remote virtual media USB drive s Computer Interface Module CIM Rack PDU power strip KSX II Local access Remote KVM and serial devices IP LAN WAN Modem access PSTN Remote network access ...

Page 14: ...nnections to different KVM switches See Supported Paragon CIMS and Configurations on page 275 A Direct Port Access feature that allows you to connect directly to targets from your browser has been added to the KSX II See Device Services on page 140 Active KVM Client is now supported by the KSX II See Active KVM Client AKC on page 80 USB profiles are now supported by the KSX II See USB Profiles on ...

Page 15: ...entation The KSX II help is accompanied by a KSX II Device Quick Setup Guide which can be found on the Raritan Firmware and Documentation page http www raritan com support firmware and documentation of Raritan s website Installation requirements and instructions for client applications used with the KSX II can be found in the KVM and Serial Access Clients Guide also found on the Raritan website Wh...

Page 16: ...te drives and images Unlike other solutions the KSX II supports virtual media access of hard drives and remotely mounted images for added flexibility and productivity The new D2CIM VUSB and D2CIM DVUSB CIMs computer interface module support virtual media sessions to KVM target servers supporting the USB 2 0 interface This new CIM also supports Absolute Mouse Synchronization as well as remote firmw...

Page 17: ...Field upgradeable Local KVM port for in rack access PS 2 keyboard mouse ports One front and three back panel USB 2 0 ports for supported USB devices Fully concurrent with remote user access Local Graphical User Interface GUI for administration Both KVM and serial targets can be connected using KVM local port Local serial port RS232 for CLI based administration and serial target access Integrated p...

Page 18: ...tion and authorization DHCP or fixed IP addressing Smart card CAC authentication SNMP and Syslog management IPv4 and IPv6 support Power control associated directly with servers to prevent mistakes Integration with Raritan s CommandCenter Secure Gateway CC SG management unit CC Unmanage feature to remove the device from CC SG control External Product Overview The following diagram indicates the ext...

Page 19: ...Chapter 1 Introduction 9 Item Description USB port Remote indicator light LAN1 and LAN2 indicator lights Power indicator light ...

Page 20: ... for additional information External modem port See Modem Configuration on page 256 for additional information Reset button See Resetting the KSX II Using the Reset Button on page 254 for additional information Local port See Step 3 Connect the Equipment on page 25 for additional information KVM ports See Step 3 Connect the Equipment on page 25 for additional information Power Ctrl 1 and Power Ctr...

Page 21: ...Chapter 1 Introduction 11 Terminology This manual uses the following terminology for the components of a typical KSX II configuration ...

Page 22: ...he Local Administrator port requires the use of a standard null modem cable Remote PC Networked computers used to access and control KVM target servers and serial targets connected to the KSX II Refer to Supported Operating Systems Clients for a list of the Operating Systems supported by the KSX II remotely CIMs Dongles that connect to each target server Available for all of the supported Operatin...

Page 23: ...s a fully configured stand alone product in a standard 1U 19 rackmount chassis Each KSX II device ships with the following contents Amount included Item 1 Dominion KSX II device 1 Dominion KSX II Quick Setup Guide 1 Rackmount Kit 1 AC Power Cord 1 Cat5 Network Cable 1 Cat5 Network Crossover Cable 1 Set of 4 Rubber Feet for desktop use 1 Application Note 1 Warranty Card 1 Phone Line Cable 1 Loopbac...

Page 24: ...tion See Default Login Information on page 14 Default Login Information Default Value User name The default user name is admin This user has administrative privileges Password The default password is raritan Passwords are case sensitive and must be entered in the exact case combination in which they were created For example the default password raritan must be entered entirely in lowercase letters...

Page 25: ...adients might degrade performance Mouse Settings The KSX II operates in several mouse modes Absolute Mouse Mode D2CIM VUSB only Intelligent Mouse Mode do not use an animated mouse Standard Mouse Mode Mouse parameters do not have to be altered for Absolute Mouse Synchronization but D2CIM VUSB or D2CIM DVUSB is required for this mode For both the Standard and Intelligent mouse modes mouse parameters...

Page 26: ...se the following transition effect for menus and tooltips option 3 Click OK and close the Control Panel Note For KVM target servers running Windows XP Windows 2000 or Windows 2008 you may wish to create a user name that will be used only for remote connections through the KSX II This will enable you to keep the target server s slow mouse pointer motion acceleration settings exclusive to the KSX II...

Page 27: ...l Panel b Select Performance Information then Tools Advanced Tools Adjust to adjust the appearance and performance of Windows c Click the Advanced tab d Click the Settings button in the Performance group to open the Performance Options dialog e Under Custom options deselect the following checkboxes Animation options Animate controls and elements inside windows Animate windows when minimizing and m...

Page 28: ...m options deselect the following checkboxes Animation options Animate controls and elements inside windows Animate windows when minimizing and maximizing Fade options Fade or slide menus into view Fade or slide ToolTips into view Fade out menu items after clicking 3 Click OK and Close the Control Panel Windows 2000 Settings To configure KVM target servers running Microsoft Windows 2000 operating s...

Page 29: ...nsitivity towards low e Within the Drag Drop group set the Threshold towards small f Close the Mouse Preferences dialog Note If these steps do not work issue the xset mouse 1 1 command as described in the Linux command line instructions 2 Configure the screen resolution a Choose Main Menu System Settings Display The Display Settings dialog appears b On the Settings tab select a Resolution supporte...

Page 30: ...o 1 Choose Desktop Preferences Graphics Card and Monitor The Card and Monitor Properties dialog appears 2 Verify that a Resolution and Refresh Rate is in use that is supported by the KSX II See Supported Video Resolutions on page 279 for more information Note If you change the video resolution you must log out of the target server and log back in for the video settings to take effect Make Linux Se...

Page 31: ...IBM AIX and the specific version in use 1 Choose Style Manager Startup The Style Manager Startup dialog appears 2 On the Logout Confirmation dialog select the On option This option prompts you to save your current session when you log out Sun Solaris Settings To configure KVM target servers running Sun Solaris 1 Set the mouse acceleration value to exactly 1 and the threshold to exactly 1 This can ...

Page 32: ...reboot the server You can also contact your Raritan representative to purchase a video output adapter If you have Use this video output adapter Sun 13W3 with composite sync output APSSUN II Guardian converter Sun HD15 with composite sync output 1396C converter to convert from HD15 to 13W3 and an APSSUN II Guardian converter to support composite sync Sun HD15 with separate sync output APKMSUN Guard...

Page 33: ...oot eeprom output device To change POST resolution 1 Run eeprom output device screen r1024x768x75 2 Log out or restart computer Video Settings GUI The GUI resolution can be checked and set using different commands depending on the video card in use Run these commands from the command line Note 1024x768x75 is used as an example here substitute the resolution and refresh rate you are using Card To c...

Page 34: ...ed 6 Select a resolution and refresh rate supported by the KSX II See Supported Video Resolutions on page 279 for more information Note If you change the video resolution you must log out of the target server and log back in for the video settings to take effect Apple Macintosh Settings For KVM target servers running an Apple Macintosh operating system the preferred method is to use the D2CIM VUSB...

Page 35: ...mon http xxx xxx xxx xxx can be used instead of https xxx xxx xxx xxx Port 80 standard TCP port for HTTP communication See Network Settings on page 135 for additional information about designating another discovery port Step 3 Connect the Equipment Connect the KSX II to the power supply network local PC KVM target servers and serial targets A AC Power To connect the power supply 1 Attach the inclu...

Page 36: ...thernet cable from the network port labeled LAN2 to an Ethernet switch hub or router Enable Automatic Failover on the Network Configuration page Note Use both network ports only if you want to use one as a failover port C Local User Port Local PC and Local Admin Port For convenient access to KVM target servers and serial devices while at the rack use the KSX II Local Access port While the local po...

Page 37: ...to Supported Operating Systems and CIMs KVM Target Servers on page 271 for more information about the CIMs to use with each operating system 2 Attach the HD15 video connector of your CIM to the video port of your KVM target server Ensure that your target server s video has already been configured to a supported resolution and refresh rate For Sun servers also ensure that your target server s video...

Page 38: ...orts on the back of the KSX II 3 Attach an AC power cord to the target server and an available rack PDU outlet 4 Connect the rack PDU to an AC power source 5 Power on the KSX II device Important When using CC SG the power ports should be inactive before attaching rack PDUs that were swapped between the power ports If this is not done there is a possibility that the number of power outlets will not...

Page 39: ...onnecting the KSX II to common vendor model combinations Vendor Device Console connector Serial connection Checkpoint Firewall DB9M ASCSDB9F adapter and a CAT 5 cable Cisco PIX Firewall Cisco Catalyst RJ 45 CRLVR 15 rollover cable or CRLVR 1 adapter cable and a CAT5 cable CRLVR 1 cable for connecting a terminal port RJ 45 Connector type of KSX II 48 models that have this connector to another KSX I...

Page 40: ...et servers Changing the Default Password The KSX II ships with a default password The first time you start the KSX II you are required to change that password To change the default password 1 Power on the KSX II using the power switch s at the back of the unit Wait for the KSX II unit to boot A beep signals that the boot is complete 2 Once the unit has booted the KSX II Local Console is visible on...

Page 41: ...c network settings a Enter the IP Address if needed The default IP address is 192 168 0 192 b Enter the Subnet Mask The default subnet mask is 255 255 255 0 c Enter the Default Gateway if None is selected from the IP Auto Configuration drop down d Enter the Preferred DHCP Host Name if DHCP is selected from the IP Auto Configuration drop down e Select the IP Auto Configuration The following options...

Page 42: ... Global Unique IP Address Prefix Length and Gateway IP Address allowing you to manually set the IP configuration Router Discovery Use this option to automatically assign IPv6 addresses that have Global or Unique Local significance beyond that of the Link Local which only applies to a directly connected subnet 5 Select Obtain DNS Server Address Automatically if DHCP is selected and Obtain DNS Serve...

Page 43: ...vers if you have not already done so See Step 3 Connect the Equipment for a description of connecting the equipment 2 Using the KSX II Local Console choose Device Settings Port Configuration The Port Configuration page opens 3 Click the Port Name of the target server you want to rename The Port Page opens 4 Assign a name to identify the server connected to that port The name can be up to 32 charac...

Page 44: ... used for SSH and Telnet in the appropriate fields for each serial target Note that leaving all three fields blank will disable direct port access for the serial target To enable direct port access you must do one of the following Enable global Telnet or SSH access Input a valid IP address or TCP port in at least one of the three fields Important It is not recommended that more than one of these f...

Page 45: ...I device IP address p 7888 3 Click OK to save this information Once you have created the direct port access it can be connected in a client application such as PuTTY Following is an example of how the direct port access information would appear in PuTTY Note that PuTTY is not the only client application that can be used It is used here for sample purposes only ...

Page 46: ... user database or the remote authentication server LDAP LDAPS or RADIUS configured on the KSX II They will not be authenticated against the CC SG user database For additional information about CC SG authentication see the CommandCenter Secure Gateway User Guide Administrator Guide or Deployment Guide which can be downloaded from the Support section of the Raritan website http www raritan com Suppo...

Page 47: ... language In addition the keyboard language for the client machine and the KVM target servers has to match Consult the documentation for your operating system for additional information about changing the keyboard layout Changing the Keyboard Layout Code Sun Targets Use this procedure if you are using a DCIM SUSB and would like the keyboard layout changed to another language To change the keyboard...

Page 48: ... in the KSX II providing you with easy access any time anywhere The following table identifies these interfaces and their use of target server access and administration locally and remotely User interface Local Remote Access Admin Access Admin KSX II Local Console KSX II Remote Console Virtual KVM Client VKC Active KVM Client AKC Multi Platform Client MPC Raritan Serial Console RSC Command Line In...

Page 49: ...3 Command Line Interface CLI on page 225 KSX II Local Console KSX II Devices When you are located at the server rack the KSX II provides standard KVM management and administration via the KSX II Local Console The KSX II Local Console provides a direct KVM analog connection to your connected servers the performance is exactly as if you were directly connected to the server s keyboard mouse and vide...

Page 50: ...are noted in the user manual The following options are available in the KSX II Remote Console but not the KSX II Local Console Virtual Media Favorites Backup Restore Firmware Upgrade Upgrade Report SSL Certificates Note If you are using Internet Explorer 7 you may run into permission issues when trying to connect to a target server To avoid this do the following 1 In Internet Explorer click Tools ...

Page 51: ...ox 3 Type the following URL http IP ADDRESS where IP ADDRESS is the IP address assigned to your KSX II You can also use https the DNS name of the KSX II assigned by the administrator provided that a DNS server has been configured or just simply type the IP address in the browser KSX II always redirects the IP address from HTTP to HTTPS The Login page opens 4 Type your user name and password If thi...

Page 52: ...t and selection The options are organized into various tabs After successful login the Port Access page opens listing all ports along with their status and availability Three tabs are provided on the page allowing you to view by port view by group or view by search You can sort by Port Number Port Name Status Up and Down and Availability Idle Connected Busy Unavailable and Connecting by clicking o...

Page 53: ... tracks and displays the time the session has been idle Always Your IP The IP address used to access the KSX II Always Last Login The last login date and time Always Under CC SG Management The IP address of the CC SG device managing the KSX II When the KSX II is being managed by CC SG Device Information Information specific to the KSX II you are using Always Device Name Name assigned to the device...

Page 54: ... The users identified by their username and IP address who are currently connected to the KSX II Always Online Help User Guide Links to online help Always Favorite Devices See Managing Favorites on page 48 Always FIPS Mode FIPS Mode EnabledSSL Certificate FIPS Mode Compliant When FIPS is enabled ...

Page 55: ...is in a hierarchal order blade chassis subtypes must be configured for the blade server chassis By default the View by Port tab will be displayed on the Port Access page The View by Group tab displays port groups and can be expandable to display ports that are assigned to the port group The View by Search tab allows you to search by port name The search feature supports the use of an asterisk as a...

Page 56: ...nect Creates a new connection to the target server For the KSX II Remote Console a new Virtual KVM Client see Virtual KVM Client VKC on page 53 page appears For the KSX II Local Console the display switches to the target server and switches away from the local user interface On the local port the KSX II Local Console interface must be visible in order to perform the switch Hot key switching is als...

Page 57: ...through the associated outlets This option is visible only when there are one or more power associations to the target when the target power is on port status is up and when user has permission to operate this service Power Cycle Power cycles the target server through the associated outlets This option is visible only when there are one or more power associations to the target and when the user ha...

Page 58: ...kly access frequently used devices List your favorites either by Device Name IP Address or DNS hostname Discover KSX II devices on its subnet before and after login Retrieve discovered KSX II devices from the connected KX device after login To access a favorite KSX II device Click the device name listed beneath Favorite Devices A new browser opens to that device To display favorites by name Click ...

Page 59: ...n add edit and delete devices from your list of favorites To open the Favorites List page Choose Manage Favorites List The Favorites List page opens Discovering Devices on the Local Subnet This option discovers the devices on your local subnet which is the subnet where the KSX II Remote Console is running These devices can be accessed directly from this page or you can add them to your list of fav...

Page 60: ... from this the Subnet page or add them to your list of favorites See Favorites List Page on page 49 This feature allows multiple KSX II devices to interoperate and scale automatically The KSX II Remote Console automatically discovers the KSX II devices and any other Raritan device in the subnet of the KSX II To discover devices on the device subnet 1 Choose Manage Discover Devices KSX II Subnet Th...

Page 61: ...II device 2 Click the Edit button The Edit page appears 3 Update the fields as necessary Description IP Address Host Name Type the IP address of the KSX II device Port if necessary Product Type 4 Click OK To delete a favorite Important Exercise caution in the removal of favorites You are not prompted to confirm their deletion 1 Select the checkbox next to the appropriate KSX II device 2 Click the ...

Page 62: ...ll protocols Note The default port for a SOCKS proxy 1080 is different from HTTP proxy 3128 2 Click OK at each dialog to apply the settings 3 Next configure the proxies for Java applets by selecting Control Panel Java e On the General tab click Network Settings The Network Settings dialog opens f Select Use Proxy Server g Click Advanced The Advanced Network Settings dialog opens h Configure the pr...

Page 63: ... each target server connected These windows can be accessed via the Windows task bar Virtual KVM Client windows can be minimized maximized and moved around your computer desktop Note Refreshing your HTML browser will close the Virtual KVM Client connection so exercise caution Note If you are using Firefox 3 0 3 you may experience problems launching the application If this occurs clear the browser ...

Page 64: ...get server and save it to a file of your choosing Synchronize Mouse In dual mouse mode forces realignment of the target server mouse pointer with the mouse pointer Refresh Screen Forces a refresh of the video screen Auto sense Video Settings Forces a refresh of the video settings resolution refresh rate Smart Card Opens a dialog that allows you to select from a list of smart card readers connected...

Page 65: ...t Access page 2 Click the port name of the target you want to access The Port Action menu appears 3 Choose Switch From in the Port Action menu The Virtual KVM Client window switches to the new target server you selected Power Controlling a Target Server Note These features are available only when you have made power associations To power cycle a KVM target server 1 From the KSX II Remote Console c...

Page 66: ... To disconnect a target server 1 Click the port name of the target you want to disconnect The Port Action menu appears 2 Choose Disconnect Tip You can also close the Virtual KVM Client window by selecting Connection Exit from the Virtual KVM menu Choosing USB Profiles When you connect to a KVM target server for the first time as described in Connecting to a KVM Target Server on page 53 the preferr...

Page 67: ...r use with the connected target server based on your operational requirements However all profiles are available to be selected via the Other Profiles option on the USB Profile menu To choose a USB profile 1 Connect to a KVM target server as described in Connecting to a KVM Target Server on page 53 2 In VKC choose a USB profile from the USB Profile menu The name of the profile indicates the operat...

Page 68: ...ce they are set and saved Note VKC for the KX II 101 uses an icon set that differs from the icon set used in VKC for other Dominion KX products See VKC Toolbar for the KX II 101 for additional information To set the connection properties 1 Choose Connection Properties or click the Connection Properties button in the toolbar The Properties dialog appears Note KX II 101 does not support 1G Ethernet ...

Page 69: ...st The device can dynamically adapt the color depth transmitted to remote users in order to maximize usability in all bandwidths 15 bit RGB Color 8 bit RGB Color 4 bit Color 4 bit Gray 3 bit Gray 2 bit Gray Black and White Important For most administrative tasks server monitoring reconfiguring and so on the full 24 bit or 32 bit color spectrum made available by most modern video graphics cards is ...

Page 70: ...ften the screen is refreshed Protocol Version RFB Protocol version To copy this information Click Copy to Clipboard The information is available to be pasted into the program of your choice Keyboard Options Keyboard Macros Keyboard macros ensure that keystroke combinations intended for the target server are sent to and interpreted only by the target server Otherwise they might be interpreted by th...

Page 71: ...ter each selection select Add Key As each key is selected it will appear in the Macro Sequence field and a Release Key command will automatically be added after each selection 6 To use the Send Text to Target function for the macro click the Construct Macro from Text button 7 For example create a macro to close a window by selecting Left Ctrl Esc This will appear in the Macro Sequence box as follo...

Page 72: ...r When you create a macro it appears under the Keyboard menu Execute the keyboard macro by clicking on it in the Keyboard menu Run a Macro Using a Keyboard Combination If you assigned a keyboard combination to a macro when building it you can execute the macro by pressing its assigned keystrokes For example press the keys Ctrl Alt 0 simultaneously to minimize all windows on a Windows target server...

Page 73: ...the language and mouse settings 4 Exit the menu to return to normal CIM functionality Video Properties Refresh Screen The Refresh Screen command forces a refresh of the video screen Video settings can be refreshed automatically in several ways The Refresh Screen command forces a refresh of the video screen The Auto sense Video Settings command automatically detects the target server s video settin...

Page 74: ... Use the Calibrate Color command to optimize the color levels hue brightness saturation of the transmitted video images The color settings are on a target server basis Note The Calibrate Color command applies to the current connection only Note The KX II 101 does support color calibration To calibrate the color do the following Choose Video Calibrate Color or click the Calibrate Color button in th...

Page 75: ...est video image for the active target server c Brightness Use this setting to adjust the brightness of the target server display d Brightness Red Controls the brightness of the target server display for the red signal e Brightness Green Controls the brightness of the green signal f Brightness Blue Controls the brightness of the blue signal g Contrast Red Controls the red signal contrast h Contrast...

Page 76: ...brates the video for the best image quality Quick sense video mode With this option the device will use a quick video Auto Sense in order to show the target s video sooner This option is especially useful for entering a target server s BIOS configuration right after a reboot 5 Click OK to apply the settings and close the dialog Click Apply to apply the settings without closing the dialog ...

Page 77: ...ot center precisely on certain Sun servers Use a different background or place a lighter colored icon in the upper left corner of the screen Note VKC for the KX II 101 uses an icon set that differs from the icon set used in VKC for other Dominion KX products See VKC Toolbar for the KX II 101 for additional information ...

Page 78: ...of your choosing as a bitmap JPEG or PNG file Note The Screenshot from Target function is not available for the KX II 101 To take a screenshot of the target server 1 Select Video Screenshot from Target or click the Screenshot from Target button on the toolbar 2 In the Save dialog choose the location to save the file name the file and select a file format from the Files of type drop down 3 Click Sa...

Page 79: ...the Plug and Play dialog 2 Click on the Monitor tab 3 Set the Screen refresh rate 4 Click OK and then OK again to apply the setting Mouse Options When controlling a target server the Remote Console displays two mouse cursors one belonging to your client workstation and the other belonging to the target server You can operate in either single mouse mode or dual mouse mode When in dual mouse mode an...

Page 80: ...an icon set that differs from the icon set used in VKC for other Dominion KX products See VKC Toolbar for the KX II 101 for additional information Mouse Synchronization Tips Be sure to follow these steps when configuring mouse synchronization 1 Verify that the selected video resolution and refresh rate are among those supported by the device The Virtual KVM Client Connection Info dialog displays t...

Page 81: ...server mouse pointer with Virtual KVM Client mouse pointer To synchronize the mouse do one of the following Choose Mouse Synchronize Mouse or click the Synchronize Mouse button in the toolbar Note This option is available only in Standard and Intelligent mouse modes Standard Mouse Mode Standard Mouse mode uses a standard mouse synchronization algorithm using relative mouse positions Standard Mouse...

Page 82: ...shape should be normal and not animated The target mouse speeds should not be set to very slow or very high values Advanced mouse properties such as Enhanced pointer precision or Snap mouse to default button in dialogs should be disabled Choose Best Possible Video Mode in the Video Settings window The edges of the target video should be clearly visible that is a black border should be visible betw...

Page 83: ...ouse Absolute Note The absolute mouse setting requires a USB target system and is the recommended mouse setting for KX II 101 Note Absolute Mouse Synchronization is available for use with the virtual media enabled USB CIM D2CIM VUSB and D2CIM DVUSB only Single Mouse Cursor Single Mouse mode uses only the target server mouse cursor and the local mouse pointer no longer appears onscreen While in sin...

Page 84: ...e Double Mouse Cursor button in the toolbar To exit single mouse mode 1 Press Ctrl Alt O on your keyboard to exit single mouse mode VKC Virtual Media See the chapter on Virtual Media on page 90 for complete information about setting up and using virtual media ...

Page 85: ...ing In addition if you join a shared session on a target server the smart card reader mounting will be disabled until exclusive access to the target server becomes available After a KVM session is established to the target server a Smart Card menu and button are available in the Virtual KVM Client VKC Active KVM Client AKC and Multi Platform Client MPC Once the menu is opened or the Smart Card but...

Page 86: ...mount button Smart card reader mounting is also supported from the Local Console See Local Console Smart Card Access on page 242 Tool Options From the Tools menu you can specify certain options for use with the Virtual KVM Client including logging setting the keyboard type and defining hot keys for exiting Full Screen mode and Single Cursor mode To set the tools options 1 Choose Tools Options The ...

Page 87: ...reen and acquires the same resolution as the target server This is the hot key used for exiting this mode 5 Exit Single Cursor Mode Hotkey When you enter single cursor mode only the target server mouse cursor is visible This is the hot key used to exit single cursor mode and bring back the client mouse cursor Click OK 6 Client Launch Settings 7 Select the Client Launch Settings tab a To configure ...

Page 88: ...e to a JRE limitation Language Configuration on Linux Because the Sun JRE on Linux has problems generating the correct Key Events for foreign language keyboards configured using System Preferences Raritan recommends that you configure foreign keyboards using the methods described in the following table Language Configuration method US Intl Default French Keyboard Indicator German System Settings C...

Page 89: ...lution When you enter Full Screen mode the target s full screen is displayed and acquires the same resolution as the target server The hot key used for exiting this mode is specified in the Options dialog the default is Ctrl Alt M While in Full Screen mode moving your mouse to the top of the screen will display the Full Screen mode menu bar To enter full screen mode Choose View Full Screen To exit...

Page 90: ...to run Raritan s Virtual KVM and Multi Platform clients AKC also works with CC SG AKC and VKC share similar features with the exception of the following Minimum system requirements Supported operating systems and browsers Keyboard macros created in AKC cannot be used in VKC See the Virtual KVM Client see Virtual KVM Client VKC on page 53 section for information on using the available features of t...

Page 91: ...t Windows 7 operating system up to 64 bit Note You must be using Windows 7 if WINDOWS PC FIPs is turned on and you are accessing a target using AKC and a smartcard Since NET is required to run AKC if you do not have NET installed or you have an unsupported version of NET installed you will receive a message instructing you to check the NET version Browser Internet Explorer 6 or later If you attemp...

Page 92: ...tificate to the Trusted Root CA store in their browser When launching AKC from the CC SG Admin Client you must have JRE 1 6 0_10 or above Multi Platform Client MPC Raritan Multi Platform Client MPC is a graphical user interface for the Raritan product lines providing remote access to target servers connected to Raritan KVM over IP devices For details on using MPC see the KVM and Serial Access Clie...

Page 93: ... Description specify a Connection Type add the device IP address and click OK These specifications can be edited later 3 In the Navigator panel on the left of the page double click the icon that corresponds to your Raritan device to connect to it Note Depending on your browser and browser security settings you may see various security and certificate check and warning messages It is necessary to a...

Page 94: ... Console from the Port page Note If you click Always you will not receive the security page for future access The Raritan Serial Console window appears If you re using Dominion KSX or KX Click Connect to start connecting to the target port for RSC and the Raritan Serial Console window appears The Raritan Serial Console window appears Note You can download the standalone Raritan Serial Console from...

Page 95: ...gs Display and select Courier New for Terminal Font Properties or GUI Font Properties Note When RSC connects to a serial target hitting Ctrl _ or Ctrl _ does not cause information to be sent However hitting the Ctrl Shift _ or the Ctrl Shift will cause information to be sent To open RSC on Sun Solaris 1 Open a terminal window and change to the directory where you installed the RSC 2 Type start sh ...

Page 96: ...er has been granted appropriate port access permissions Note For information on setting up a PX see the Dominion PX User Guide From the Powerstrip page you are able to turn the outlets on and off as well as cycle their power You are also able to view the following power strip and outlet information Powerstrip Device Information Name Model Temperature Current Amps Maximum Amps Voltage Power in Watt...

Page 97: ...ntly selected power strip is displayed If no power strips are connected to the KSX II a message stating No powerstrips found will be displayed in the Powerstrip Device section of the page Turning Outlets On Off and Cycling Power To turn an outlet on 1 Click the Power menu to access the Powerstrip page 2 From the Powerstrip drop down select the PX rack PDU power strip you want to turn on 3 Click Re...

Page 98: ...urned on and its state will be displayed as on To turn an outlet off 1 Click Off 2 Click OK on the Power Off dialog 3 Click OK on the Power Off confirmation dialog The outlet will be turned off and its state will be displayed as off To cycle the power of an outlet 1 Click the Cycle button The Power Cycle Port dialog opens ...

Page 99: ...apter 4 Rack PDU Power Strip Outlet Control 89 2 Click OK The outlet will then cycle note that this may take a few seconds 3 Once the cycling is complete the dialog will open Click OK to close the dialog ...

Page 100: ...r Using Virtual Media 94 Using Virtual Media via VKC and AKC in a Windows Environment 95 Using Virtual Media 96 File Server Setup File Server ISO Images Only 98 Connecting to Virtual Media 100 Disconnecting Virtual Media 103 Chapter 5 Virtual Media ...

Page 101: ...ile support via virtual media files are supported by virtual media via a USB connection Virtual media can include internal and USB mounted CD and DVD drives USB mass storage devices PC hard drives and ISO images disk images Note ISO9660 is the standard supported by Raritan However other ISO standards can be used Virtual media provides the ability to perform additional tasks remotely such as Transf...

Page 102: ...Chapter 5 Virtual Media 92 ...

Page 103: ...Chapter 5 Virtual Media 93 Diagram key Desktop PC CD DVD drive KSX II USB mass storage device CIM PC hard drive Target server Remote file server ISO images ...

Page 104: ...ion Device For users requiring access to virtual media the device permissions must be set to allow access to the relevant ports as well as virtual media access VM Access port permission for those ports Port permissions are set at the group level A USB connection must exist between the device and the target server If you want to use PC Share Security Settings on page 189 must also be enabled in the...

Page 105: ... Microsoft help for additional information on these features and how to use them Following is a list virtual media types users can access via VKC and AKC when running in a Windows environment The features are broken down by client and the virtual media features that are accessible to each Windows user role Windows XP If you are running VKC and AKC in a Windows XP environment users must have Admini...

Page 106: ... media KSX II For users requiring access to virtual media KSX II permissions must be set to allow access to the relevant ports as well as virtual media access VM Access port permission for those ports Port permissions are set at the group level refer to Setting Port Permissions in the device user guide for more information A USB connection must exist between the KSX II device and the target server...

Page 107: ...s may also work 3 Open a KVM session with the appropriate target server a Open the Port Access page from the KSX II Remote Console b Connect to the target server from the Port Access page Click the Port Name for the appropriate server Choose the Connect command from the Port Action menu The target server opens in a Virtual KVM Client see Virtual KVM Client VKC on page 53 window 4 Connect to the vi...

Page 108: ...drop down lists in the Map Virtual Media CD ISO Image dialog See CD ROM DVD ROM ISO Images To designate file server ISO images for virtual media access 1 Choose Virtual Media from the Remote Console The File Server Setup page opens 2 Check the Selected checkbox for all media that you want accessible as virtual media 3 Enter information about the file server ISO images that you want to access IP Ad...

Page 109: ... the by the KX KSX or KX101 G2 device Note If you are connecting to a Windows 2003 server and attempt to load an ISO image from the server you may receive an error stating Virtual Media mounting on port failed Unable to connect to the file server or incorrect File Server username and password If this occurs disable Microsoft Network Server Digitally Sign Communications ...

Page 110: ...r virtual media device If other users are connected to the same target server they must also close their connections to the target server Note In the KSX II 2 3 0 and above when you mount an external drive such as a floppy drive the LED light on the drive will remain on because the device is checking the drive every 500 milliseconds to verify the drive is still mounted To access a drive on the cli...

Page 111: ...al media Read Write is not available in the following situations For all hard drives When the drive is write protected When the user does not have Read Write permission Port Permission Access is set to None or View Port Permission VM Access is set to Read Only or Deny CD ROM DVD ROM ISO Images This option mounts CD ROM DVD ROM and ISO images Note ISO9660 format is the standard supported by Raritan...

Page 112: ...er Setup page will be in the drop down list c File Server Username User name required for access to the file server The name can include the domain name such as mydomain username d File Server Password Password required for access to the file server field is masked as you type e Click Connect The media will be mounted on the target server virtually You can access the media just like any other driv...

Page 113: ...rives For local drives choose Virtual Media Disconnect Drive For CD ROM DVD ROM and ISO images choose Virtual Media Disconnect CD ROM ISO Image Note In addition to disconnecting the virtual media using the Disconnect command simply closing the KVM connection closes the virtual media as well ...

Page 114: ...en operating at the BIOS level USB profiles are configured on the Device Settings Port Configuration Port page of the KSX II Remote and Local Consoles A device administrator can configure the port with the profiles that best meet the needs of the user and the target server configuration A user connecting to a KVM target server chooses among these preselected profiles in the Virtual KVM Client see ...

Page 115: ...g CIMs on page 211 See Computer Interface Modules CIM Specifications see Computer Interface Modules CIMs on page 274 for additional information Available USB Profiles The current release of the KSX II comes with the selection of USB profiles described in the following table New profiles are included with each firmware upgrade provided by Raritan As new profiles are added they will be documented in...

Page 116: ... drives as a bootable device PowerEdge 750 850 860 1850 2850 SC1425 BIOS requires D2CIM DVUSB with Generic profile to support virtual media Use BIOS Dell PowerEdge 1950 2950 2970 6950 R200 or Generic profile for PowerEdge 1950 2950 2970 6950 R200 when operating in the BIOS Restrictions USB bus speed limited to full speed 12 MBit s Absolute mouse synchronization not supported No virtual media suppo...

Page 117: ...xBIOS during OS installation Restrictions USB bus speed limited to full speed 12 MBit s BIOS HP Compaq DC7100 DC7600 BIOS HP Compaq DC7100 DC7600 Use this profile to boot the HP Compaq DC7100 DC7600 series desktops from virtual media Restrictions Virtual CD ROM and disk drives cannot be used simultaneously BIOS IBM ThinkCentre Lenovo IBM Thinkcentre Lenovo BIOS Use this profile for the IBM Thinkce...

Page 118: ...tion not supported Virtual CD ROM and disk drives cannot be used simultaneously Generic The generic USB profile resembles the behavior of the original KX2 release Use this for Windows 2000 operating system Windows XP operating system Windows Vista operating system and later Restrictions None HP Proliant DL360 DL380 G4 HP SmartStart CD HP Proliant DL360 DL380 G4 HP SmartStart CD Use this profile fo...

Page 119: ... and later This profile compensates the scaling of mouse coordinates introduced in recent versions of Mac OS X Select this if the remote and local mouse positions get out of sync near the desktop borders Restrictions Virtual CD ROM and disk drives cannot be used simultaneously RUBY Industrial Mainboard AwardBIOS RUBY Industrial Mainboard AwardBIOS Use this profile for the RUBY 9715VG2A series indu...

Page 120: ...imited to full speed 12 MBit s Virtual CD ROM and disk drives cannot be used simultaneously WARNING USB enumeration will trigger whenever virtual media is connected or disconnected Troubleshooting 2 Troubleshooting Profile 2 Keyboard and Mouse Type 2 first Mass Storage USB bus speed limited to full speed 12 MBit s Virtual CD ROM and disk drives cannot be used simultaneously WARNING USB enumeration...

Page 121: ...based on the characteristics of the KVM target server it connects to You assign USB profiles to a KVM port in the Device Settings Port Configuration Port page in either the KSX II Remote or Local Console It is the administrator that designates the profiles that are most likely to be needed for a specific target These profiles are then available for selection via MPC AKC and VKC If a profile has no...

Page 122: ...nfigure the mouse to work at the Boot menu 1 Reboot the Mac and press the Option key during the reboot to open the Boot menu The mouse will not respond at this point 2 Select Intelligent Mouse mode and then select Single Mouse mode The mouse will respond Note Mouse speed may be slow while in Single Mouse mode 3 Once you are out of the Boot menu and have booted to the operating system exit Single M...

Page 123: ...rative privileges The original factory default user is a member of this group and has the complete set of system privileges In addition the Admin user must be a member of the Admin group Unknown This is the default group for users who are authenticated externally using LDAP LDAPS or RADIUS or who are unknown to the system If the external LDAP LDAPS or RADIUS server does not identify a valid user g...

Page 124: ... List page opens Relationship Between Users and Groups Users belong to a group and groups have privileges Organizing the various users of your KSX II into groups saves time by allowing you to manage permissions for all users in a group at once instead of managing permissions on a user by user basis You may also choose not to associate specific users with groups In this case you can classify the us...

Page 125: ...P ACL This feature limits access to the KSX II device by specifying IP addresses It applies only to users belonging to a specific group unlike the IP Access Control list feature that applies to all access attempts to the device and takes priority See Group Based IP ACL Access Control List on page 118 6 Click OK Note Several administrative functions are available within MPC and from the KSX II Loca...

Page 126: ...le Remote Console MPC VKC and AKC When a device is accessed directly while it is under CC SG management access and connection activity is logged on the KSX II User authentication is performed based on KSX II authentication settings Note The Admin user group has this permission by default Device Settings Network settings date time settings port configuration channel names power associations event m...

Page 127: ... server Control must be assigned to the group if VM and power control access will also be granted VM access Option Description Deny Virtual media permission is denied altogether for the port Read Only Virtual media access is limited to read access only Read Write Complete access read write to virtual media Power control access Option Description Deny Deny power control to the target server Access ...

Page 128: ...the KSX II Local Port and cannot be blocked Use the IP ACL section of the Group page to add insert replace and delete IP access control rules on a group level basis To add append rules 1 Type the starting IP address in the Starting IP field 2 Type the ending IP address in the Ending IP field 3 Choose the action from the available options Accept IP addresses set to Accept are allowed access to the ...

Page 129: ...order in which they are listed For instance in the example shown here if the two ACL rules were reversed Dominion would accept no communication at all Tip The rule numbers allow you to have more control over the order in which the rules are created Modifying an Existing User Group Note All permissions are enabled and cannot be changed for the Admin group To modify an existing user group 1 From the...

Page 130: ...m among those listed by checking the checkbox to the left of the Group Name 2 Click Delete 3 When prompted to confirm the deletion click OK Users Users must be granted user names and passwords to gain access to the KSX II This information is used to authenticate users attempting to access your KSX II User List The User List page displays a list of all users including their user name full name and ...

Page 131: ...rs 3 Type the person s full name in the Full Name field up to 64 characters 4 Type a password in the Password field and retype the password in the Confirm Password field up to 64 characters 5 If there is a dialback number type it in the Dialback Number field Dialback numbers cannot contain any of the following characters or the log on will fail when it is attempted double quote single quote semico...

Page 132: ...g a User Off Force Logoff If you are an administrator you are able to log off another locally authenticated user who is logged on to the KSX II To log off a user 1 Open the User List page by choosing User Management User List or click the Connected User link in the left panel of the page 2 Locate the user from among those listed on the User List page and select the checkbox next to their name 3 Cl...

Page 133: ...ed To configure authentication 1 Choose User Management Authentication Settings The Authentication Settings page opens 2 Choose the option for the authentication protocol you want to use Local Authentication LDAP LDAPS or RADIUS Choosing the LDAP option enables the remaining LDAP fields selecting the RADIUS option enables the remaining RADIUS fields 3 If you choose Local Authentication proceed to ...

Page 134: ...e IP address or DNS name of your LDAP LDAPS remote authentication server up to 256 characters When the Enable Secure LDAP option is selected and the Enable LDAPS Server Certificate Validation option is selected the DNS name must be used to match the CN of LDAP server certificate 5 In the Secondary LDAP Server field type the IP address or DNS name of your backup LDAP LDAPS server up to 256 characte...

Page 135: ...ntication server administrator for the appropriate values to type into this field An example DN of Administrative User value might be cn Administrator cn Users dc testradius dc com Optional 11 In the Dialback Query String field type the dialback query string Optional If you are using Microsoft Active Directory you must enter the following string msRADIUSCallbackNumber If you are not using Microsof...

Page 136: ...t CA certificate file leave this checkbox deselected Disabling this function is the equivalent of accepting a certificate that has been signed by an unknown certifying authority This checkbox is only available when the Enable Secure LDAP checkbox has been enabled Note When the Enable LDAPS Server Certificate Validation option is selected in addition to using the Root CA certificate for validation ...

Page 137: ...om Active Directory Server The KSX II supports user authentication to Active Directory AD without requiring that users be defined locally on the KSX II This allows Active Directory user accounts and passwords to be maintained exclusively on the AD server Authorization and AD user privileges are controlled and administered through the standard KSX II policies and user group privileges that are appl...

Page 138: ...ation Remote Authentication Dial in User Service RADIUS is an AAA authentication authorization and accounting protocol for network access applications To use the RADIUS authentication protocol 1 Click User Management Authentication Settings to open the Authentication Settings page 2 Click the RADIUS radio button to enable the RADIUS section of the page 3 Click the icon to expand the RADIUS section...

Page 139: ...uest 9 The default number of retries is 3 Retries This is the number of times the KSX II will send an authentication request to the RADIUS server 10 Choose the Global Authentication Type from among the options in the drop down list PAP With PAP passwords are sent as plain text PAP is not interactive The user name and password are sent as one data package once a connection is established rather tha...

Page 140: ...Chapter 7 User Management 130 CHAP With CHAP authentication can be requested by the server at any time CHAP provides more security than PAP ...

Page 141: ...belongs and Dial Back Number is the number associated with the user account that the KSX II modem will use to dial back to the user account RADIUS Communication Exchange Specifications The KSX II sends the following RADIUS attributes to your RADIUS server Attribute Data Log in Access Request 1 NAS Port Type 61 VIRTUAL 5 for network connections NAS IP Address 4 The IP address for the KSX II User Na...

Page 142: ...quest 4 Acct Status 40 Stop 2 Stops the accounting NAS Port Type 61 VIRTUAL 5 for network connections NAS Port 5 Always 0 NAS IP Address 4 The IP address for the KSX II User Name 1 The user name entered at the login screen Acct Session ID 44 Session ID for accounting ...

Page 143: ...Chapter 7 User Management 133 User Authentication Process Remote authentication follows the process specified in the flowchart below ...

Page 144: ...ew password in the Confirm New Password field Passwords can be up to 64 characters in length and can consist of English alphanumeric characters and special characters 4 Click OK 5 You will receive confirmation that the password was successfully changed Click OK Note If strong passwords are in use this page displays information about the format required for the passwords For more information about ...

Page 145: ... the KSX II is part of your network infrastructure you most likely do not want its IP address to change frequently This option allows you to set the network parameters DHCP With this option the IP address is automatically assigned by a DHCP server To change the network configuration 1 Choose Device Settings Network The Network Settings page opens 2 Update the Network Basic Settings See Network Bas...

Page 146: ...the Preferred DHCP Host Name if DHCP is selected from the IP Auto Configuration drop down e Select the IP Auto Configuration The following options are available None Static IP This option requires that you manually specify the network parameters This is the recommended option because the KSX II is an infrastructure device and its IP address should not change DHCP Dynamic Host Configuration Protoco...

Page 147: ...r Discovery Use this option to automatically assign IPv6 addresses that have Global or Unique Local significance beyond that of the Link Local which only applies to a directly connected subnet 5 Select Obtain DNS Server Address Automatically if DHCP is selected and Obtain DNS Server Address is enabled When Obtain DNS Server Address Automatically the DNS information provided by the DHCP server will...

Page 148: ...the network parameters which results in network issues In these instances setting the KSX II LAN Interface Speed Duplex field to 100 Mbps Full Duplex or whatever option is appropriate to your network addresses the issue See the Network Settings on page 135 page for more information LAN Interface Settings 1 The current parameter settings are identified in the Current LAN interface parameters field ...

Page 149: ...ort fails Note Because a failover port is not activated until after a failover has actually occurred Raritan recommends that you not monitor the port or monitor it only after a failover occurs When this option is enabled the following two fields are used Ping Interval seconds Ping interval determines how often the KSX II checks the status of the network path to the designated gateway The default p...

Page 150: ...rom the CLI or a browser To enable Telnet 1 Select Device Settings Device Services and then select the Enable TELNET Access checkbox 2 Enter the Telnet port 3 Click OK Once Telnet access is enabled you can use it to access the KSX II and set up the remaining parameters Enabling SSH Enable SSH access to allow administrators to access the KSX II via the SSH v2 application To enable SSH access 1 Choo...

Page 151: ...t The KSX II discovery occurs over a single configurable TCP Port The default is Port 5000 but you can configure it to use any TCP port except 80 and 443 To access the KSX II from beyond a firewall your firewall settings must enable two way communication through the default Port 5000 or a non default port configured here To enable the discovery port 1 Choose Device Settings Device Services The Dev...

Page 152: ...name username password passwo rd port port number client akc Where Username and password are optional If they are not provided a login dialog will be displayed and after being authenticated the user will be directly connected to the target The port may be a port number or port name If you are using a port name the name must be unique or an error is reported If the port is omitted altogether an err...

Page 153: ...e the IP address and ports used for SSH and Telnet in the appropriate fields for each serial target Note that leaving all three fields blank will disable direct port access for the serial target To enable direct port access you must do one of the following Enable global Telnet or SSH access Input a valid IP address or TCP port in at least one of the three fields Important It is not recommended tha...

Page 154: ...connection to the target can be done using telnet KSX II device IP address 7770 Direct Port Access via SSH Port Configure the SSH TCP port as 7888 Once this is done connection to the target can be done by using ssh l login KSX II device IP address p 7888 3 Click OK to save this information ...

Page 155: ...port access it can be connected in a client application such as PuTTY Following is an example of how the direct port access information would appear in PuTTY Note that PuTTY is not the only client application that can be used It is used here for sample purposes only ...

Page 156: ...dministrators must upload a valid certificate to the device or generate a self signed certificate on the device The certificate must have a valid host designation Each user must add the CA certificate or a copy of self signed certificate to the Trusted Root CA store in their browser To install the self signed certificate when using Windows Vista operating system and Windows 7 operating system 1 In...

Page 157: ...et address the KSX II assigns to remove the client when a connection is established via dial up Required Note The PPP server IP address and PPP Client IP address must be different and cannot conflict with the network addresses used by the server or the client 5 Check Enable Modem Dialback if needed Note If dial back is enabled each user accessing the KSX II via modem must have a call back number d...

Page 158: ...3 To adjust for daylight savings time check the Adjust for daylight savings time checkbox 4 Choose the method you would like to use to set the date and time User Specified Time Choose this option to input the date and time manually For the User Specified Time option enter the date and time For the time use the hh mm format using a 24 hour clock Synchronize with NTP Server Choose this option to syn...

Page 159: ...X II Event Management feature allows you enable and disable the distribution of system events to SNMP Managers the Syslog and the audit log These events are categorized and for each event you can determine whether you want the event sent to one or several destinations ...

Page 160: ...h Event Management To configure SNMP enable SNMP logging 1 Choose Device Settings Event Management Settings The Event Management Settings page opens 2 Choose the Enable SNMP Logging option This enables the remaining SNMP fields 3 In the Name Contact and Location fields type the SNMP agent s name that is the device s name as it appears in the KSX II Console interface a contact name related to this ...

Page 161: ...ure up to five SNMP managers by specifying their Destination IP Port and Community 7 Click the Click here to view the Dominion SNMP MIB link to access the SNMP Management Information Base 8 Click OK Syslog Configuration To configure the Syslog enable Syslog forwarding 1 Choose the Enable Syslog Forwarding option to log the device s messages to a remote Syslog server 2 Type the IP Address of your S...

Page 162: ...ns are in the Event Management Settings page See Event Management Settings see Configuring Event Management Settings on page 150 To select events and their destinations 1 Choose Device Settings Event Management Destinations The Event Management Destinations page opens System events are categorized by Device Operation Device Management Security User Activity and User Group Administration 2 Check th...

Page 163: ...UpdateFailed Device update has failed deviceUpgradeCompleted The KSX II has completed update via an RFP file deviceUpgradeStarted The KSX II has begun update via an RFP file ethernetFailover An Ethernet failover was detected and restored on a new Ethernet interface factoryReset The device has been reset to factory defaults firmwareFileDiscarded Firmware file was discarded firmwareUpdateFailed Firm...

Page 164: ...ion rebootCompleted The KSX II has completed its reboot rebootStarted The KSX II has begun to reboot either through cycling power to the system or by a warm reboot from the OS securityViolation Security violation startCCManagement The device has been put under CommandCenter Management securityBannerChanged The security banner has changed securityBannerAction User Acceptance Rejection of Security B...

Page 165: ...ither a device or image on the target using Virtual Media For every attempt on device image mapping mounting this event is generated vmImageDisconnected User attempted to unmount a device or image on the target using Virtual Media Configuring Ports The Port Configuration page displays a list of the KSX II ports Ports connected to KVM target servers blades and standard servers and rack PDUs power s...

Page 166: ...CIM Dominion CIM Not Available No CIM connected PCIM Paragon CIM PowerStrip rack PDU Power strip connected VM Virtual media CIM D2CIM VUSB and D2CIM DVUSB Blade Chassis Blade chassis and the blades associated with that chassis displayed in a hierarchical order 2 Click the Port Name for the port you want to edit For KVM ports the Port page for KVM and blade chassis ports is opened For rack PDUs the...

Page 167: ...Chapter 8 Device Management 157 For serial ports the Port page for serial ports is opened ...

Page 168: ...ions and change the port name to something more descriptive A server can have up to four 4 power associates and you can associate a different rack PDU power strip with each From this page you can define those associations so that you can power on power off and power cycle the server from the Port page See E Power Strip see E Rack PDU Power Strip on page 28 of this guide for information on the phys...

Page 169: ... Outlet 3 Click OK Associating KVM and Serial Target Servers to Outlets Port Page A server can have up to four power plugs and you can associate a different rack PDU power strip with each From the Port page you can define those associations so that you can power on power off and power cycle the server The KVM and serial Port pages are different from each other with the exception of the Name and Po...

Page 170: ...ist select None 4 Click OK The rack PDU outlet association is removed and a confirmation message is displayed Target Settings To define target settings 1 In the Target Settings section select 720x400 Compensation if you are experiencing display issues when the target is using this resolution 2 Select Use international keyboard for scan code set 3 if connecting to the target with a DCIM PS2 and req...

Page 171: ...are able to configure for a blade server will depend on the brand of blade server you are working with For specific information on each of these supported blade chassis see their corresponding topics in this section of the help The following blade chassis are supported IBM BladeCenter Models E and H Dell PowerEdge 1855 1955 and M1000e A Generic option allows you to configure a blade chassis that i...

Page 172: ... Platform Client MPC and CC SG Managing blade severs via VKC AKC and MPC is the same as managing standard target servers See Working with Target Servers and the CC SG Administrators Guide for more information Any changes made to the blade chassis configuration in will be propagated to these client applications Important When the CIM connecting the blade chassis to the Dominion device is powered do...

Page 173: ... Indicate the blades that are installed in the blade chassis by checking the Installed checkbox next to each slot that has a blade installed Alternatively use the Select All checkbox If needed change the blade server names 9 In the Blade Chassis Managed Links section of the page you are able to configure the connection to a blade chassis web browser interface if one is available Click the Blade Ch...

Page 174: ...n the target is using this resolution 12 Select Use international keyboard for scan code set 3 if connecting to the target with a DCIM PS2 and require the use of scan code set 3 with an international keyboard 13 Click OK to save the configuration Dell Blade Chassis Configuration See Supported Blade Chassis Models on page 175 Supported CIMs for Blade Chassis on page 176 and Required and Recommended...

Page 175: ...er the username used to access the blade chassis Required for auto discovery mode f Password Enter the password used to access the blade chassis Required for auto discovery mode 2 If you want the KSX II to auto discover the chassis blades select the Blade Auto Discovery checkbox and then click the Discover Blades on Chassis Now button Once the blades are discovered they will be displayed on the pa...

Page 176: ...applications or the connection will fail e The Username Field and Password Field which are both optional contain the labels that are expected to be associated with the username and password entries It is in these fields you should enter the field names for the username and password fields used on the login screen for the web application You can view the HTML source of the login screen to find the ...

Page 177: ...nd the section on the page The first URL link is intended for use to connect to the blade chassis Administration Module GUI Note Access to the URL links entered in this section of the page is governed by the blade chassis port permissions a Active To activate the link once it is configured select the Active checkbox Leave the checkbox deselected to keep the link inactive Entering information into ...

Page 178: ...evice Settings Port Configuration to open the Port Configuration page 3 On the Port Configuration page click on the name of the blade chassis you want to configure The Port page will open 4 Select the Blade Chassis radio button The page will then display the necessary fields to configure a blade chassis 5 Select the IBM blade chassis model from the Blade Server Chassis Model drop down To configure...

Page 179: ...eckbox If needed change the blade server names If operating in Auto discovery mode the Installed box will display the slots containing blades during discovery 5 In the Blade Chassis Managed Links section of the page you are able to configure the connection to a blade chassis web browser interface if one is available Click the Blade Chassis Managed Links icon to expand the section on the page The f...

Page 180: ...USB Profiles Port Page on page 181 7 Click OK to save the configuration To configure a IBM BladeCenter Other 1 If you selected IBM BladeCenter Other auto discovery is not available Configure the blade chassis as applicable a Switch Hot Key Sequence Select the hot key sequence that will be used to switch from KVM to the blade server b Administrative Module Primary IP Address Host Name Enter the pri...

Page 181: ...for sample configurations for the IBM BladeCenter c Username Enter the username used to access the interface d Password Enter the password used to access the interface Note Leave the username and password fields blank for DRAC ILO and RSA web applications or the connection will fail e The Username Field and Password Field which are both optional contain the labels that are expected to be associate...

Page 182: ...t which the web application expects to read the username and password Follow these examples for correct formats http s 192 168 1 1 login asp http s www example com cgi login http s example com home html 3 Enter the username and password that will allow access to this interface Optional 4 If username and password were entered in the Username Field and Password Field type the field names for the use...

Page 183: ...up Ports connected to integrated KVM modules in a blade chassis are configured as blade chassis subtypes These ports are eligible to be included in port groups When KSX II ports are connected to integrated KVM modules in a blade chassis and not to individual blades the ports are configured as blade chassis subtypes These ports are not eligible to be included in port groups and will not appear in t...

Page 184: ... is especially important to CC SG users who want HP blades to be organized on a chassis basis although each blade has its own connection to a port on the KSX II 5 Click on a port in the Available box in the Select Ports for Group section Click Add to add the port to the group The port will be moved to the Selected box 6 Click OK to add the port group To edit port group information 1 On the Port Gr...

Page 185: ...be selected on the Port Configuration page from the Blade Server Chassis Model drop down which appears when the Blade Chassis radio button is selected For details on how to configure each blade chassis model see their corresponding topics in this section of the help Blade chassis model KSX II Profile Dell PowerEdge 1855 1955 Dell PowerEdge 1855 1955 Dell PowerEdge M1000e Dell PowerEdge M1000e IBM ...

Page 186: ... the Virtual Media menu is disabled on the client DCIM PS2 DCIM USBG2 Dell PowerEdge 1855 Includes one of the three KVM modules Analog KVM Ethernet switch module standard Digital Access KVM switch module optional KVM switch module standard on systems sold prior to April 2005 These switches provide a custom connector that allows two PS 2 and one video device to be connected to the system Source Del...

Page 187: ...tic procedures by connecting video and USB devices directly to the server blade Source HP ProLiant BL480c Server Blade Maintenance and Service Guide DCIM USBG2 D2CIM VUSB D2CIM DVUSB for standard KVM port operation IBM BladeCenter S The Advanced Management Module AMM provides system management functions and keyboard video mouse KVM multiplexing for all blade chassis The AMM connections include a s...

Page 188: ...ssis as well as providing the local KVM function Source IBM BladeCenter Products and Technology DCIM USBG2 Note In order to support Auto discovery IBM BladeCenter Models H and E must use AMM with firmware version BPET36K or later Note In the case of IBM Blade Center Models E and H the KSX II only supports auto discovery for AMM 1 as the acting primary management module Required and Recommended Bla...

Page 189: ...ng the iKVM GUI display upon connecting to the blade chassis set the Screen Delay Time to 8 seconds Recommend that Timed and Displayed be selected during iKVM GUI Flag Setup This will allow you to visually confirm the connection to the desired blade slot Dell PowerEdge 1855 1955 Disable the iKVM GUI screensaver An Authorize dialog will appear if this is not done and will prevent the iKVM from oper...

Page 190: ... of the unit This will require a USB extension cable Note All IBM BladeCenters that use AMM must use AMM firmware version BPET36K or later to work with the KSX II Note In the case of IBM Blade Center Models E and H the KSX II only supports auto discovery for AMM 1 as the acting primary management module Blade Chassis Sample URL Formats This table contains sample URL formats for blade chassis being...

Page 191: ...left The profiles selected for use with a port appear in the Selected list on the right When you select a profile in either list a description of the profile and its use appears in the Profile Description field In addition to selecting a set of profiles to make available for a KVM port you can also specify the preferred profile for the port and apply the settings set for one port other KVM ports N...

Page 192: ...cting the available profiles for a port choose one from the Preferred Profile for Port menu The default is Generic The selected profile will be used when connecting to the KVM target server You can change to any other USB profile as necessary To remove selected USB profiles 1 In the Select USB Profiles for Port section select one or more profiles from the Selected list Shift Click and drag to sele...

Page 193: ...l user interface resolution settings and local user authentication Further you can change a USB profile from the local port To configure the local port settings Note Some changes you make to the settings on the Local Port Settings page will restart the browser you are working in If a browser restart will occur when a setting is changed it is noted in the steps provider here 1 Choose Device Setting...

Page 194: ... Num Lock key twice quickly Double Click Caps Lock Press Caps Lock key twice quickly Double Click Left Alt key Press the left Alt key twice quickly Double Click Left Shift key Press the left Shift key twice quickly Double Click Left Ctrl key Press the left Ctrl key twice quickly 5 Select the Local Port Connect key Use a connect key sequence to connect to a target and switch to another target You c...

Page 195: ...r authentication Local LDAP RADIUS This is the recommended option For more information about authentication see Remote Authentication on page 36 None There is no authentication for Local Console access This option is recommended for secure environments only Select the Ignore CC managed mode on local port checkbox if you would like local user access to the KSX II even when the device is under CC SG...

Page 196: ...ges that contain those keywords are logged for the local port You can create port keywords and associate them with Syslog Audit log SNMP traps To define keywords and associate them with a port 1 Choose Device Settings Port Keyword List Keyword The Port Keyword List page will open If no keywords have been created yet the page will contain the message There are no port keywords defined If port keywo...

Page 197: ...owing the same steps if needed 4 In the Ports section of the page in the Available selection box click the port or ports you want to associate with that keyword and click Add The port associated with the keyword will then be moved to the Selected selection box Continue adding ports as needed 5 Click OK To remove ports from the selected list 1 On the Add Keyword page click the port in the Selected ...

Page 198: ...Chapter 8 Device Management 188 Port Group Management This function is specific to HP blade chassis configuration See HP Blade Chassis Configuration Port Group Management on page 173 ...

Page 199: ...elf signed Java applet certificates are signed by a VeriSign certificate Encryption guarantees that your information is safe from eavesdropping and these certificates ensure that you can trust that the entity is Raritan Inc To configure the security settings 1 Choose Security Security Settings The Security Settings page opens 2 Update the Login Limitations on page 190 settings as appropriate 3 Upd...

Page 200: ...ly one login per user name is allowed at any time When deselected a given user name password combination can be connected into the device from several client workstations simultaneously Enable password aging When selected all users are required to change their passwords periodically based on the number of days specified in Password Aging Interval field This field is enabled and required when the E...

Page 201: ...sword history retention Strong passwords require user created passwords to have a minimum of 8 characters with at least one alphabetical character and one nonalphabetical character punctuation character or number In addition the first four characters of the password and the user name cannot match When selected strong password rules are enforced Users with passwords not meeting strong password crit...

Page 202: ...his field represents the password history depth That is the number of prior passwords that cannot be repeated The range is 1 12 and the default is 5 User Blocking The User Blocking options specify the criteria by which users are blocked from accessing the system after the specified number of unsuccessful login attempts The three options are mutually exclusive Option Description Disabled The defaul...

Page 203: ...e user s User ID will be deactivated This field is enabled when the Deactivate User ID option is selected The valid range is 1 10 When a user ID is deactivated after the specified number of failed attempts the administrator must change the user password and activate the user account by selecting the Active checkbox on the User page Encryption Share Using the Encryption Share settings you can speci...

Page 204: ...andard AES is a National Institute of Standards and Technology specification for the encryption of electronic data 128 is the key length When AES 128 is specified be certain that your browser supports it otherwise you will not be able to connect See Checking Your Browser for AES Encryption on page 196 for more information AES 256 The Advanced Encryption Standard AES is a National Institute of Stan...

Page 205: ... however note that uneven control will occur if one user does not stop typing or moving the mouse 5 If needed select VM Share Mode This option is enabled only when PC Share mode is enabled When selected this option permits the sharing of virtual media among multiple users that is several users can access the same virtual media session The default is disabled 6 If needed select Local Device Reset M...

Page 206: ... the following link JRE1 6 http java sun com javase downloads index_jdk5 jsp Enabling FIPS 140 2 For government and other high security environments enabling FIPS 140 2 mode may be desirable The KSX II uses an embedded FIPS 140 2 validated cryptographic module running on a Linux platform per FIPS 140 2 Implementation Guidance section G 5 guidelines Once this mode is enabled the private key used to...

Page 207: ...ion algorithms This allows an SSL server and client to successfully negotiate the cipher suite used for the encrypted session when a client is configured for FIPS 140 2 only mode Following are the recommendations for using FIPS 140 2 with the KSX II KSX II Set the Encryption Share to Auto on the Security Settings page See Encryption Share Microsoft Client FIPS 140 2 should be enabled on the client...

Page 208: ...IP Access Control The IP Access Control page opens 2 Select the Enable IP Access Control checkbox to enable IP access control and the remaining fields on the page 3 Choose the Default Policy This is the action taken for IP addresses that are not within the ranges you specify Accept IP addresses are allowed access to the KSX II device Drop IP addresses are denied access to the KSX II device Note Bo...

Page 209: ...control over the order in which the rules are created To replace a rule 1 Specify the rule you want to replace 2 Type the IP address and subnet mask in the IPv4 Mask or IPv6 Prefix Length field 3 Choose the Policy from the drop down list 4 Click Replace Your new rule replaces the original rule with the same rule To delete a rule 1 Specify the rule you want to delete 2 Click Delete 3 You are prompt...

Page 210: ...fied domain name It is identical to the name that is used to access the KSX II with a web browser but without the prefix http In case the name given here and the actual network name differ the browser will pop up a security warning when the KSX II is accessed using HTTPS b Organizational unit This field is used for specifying to which department within an organization the KSX II belongs c Organiza...

Page 211: ...ivate key files 2 Send the saved CSR to a CA for certification You will get the new certificate from the CA To upload a CSR 1 Upload the certificate to the KSX II by clicking the Upload button Note The CSR and the private key file are a matched set and should be treated accordingly If the signed certificate is not matched with the private key used to generate the original CSR the certificate will ...

Page 212: ...age 2 Select Display Restricted Service Banner to enable the feature 3 If you want to require users to acknowledge the banner prior to continuing the login process select Require Acceptance of Restricted Service Banner In order to acknowledge the banner users will select a checkbox If you do not enable this setting the security banner will only be displayed after the user logs in and will not requ...

Page 213: ...Chapter 9 Security Management 203 Note You cannot upload a text file from the local port ...

Page 214: ...orted by date and time Device Information View information about the Dominion KSX II and its CIMs Backup Restore Backup and restore the KSX II configuration USB Profile Management Upload custom profiles provided by Raritan tech support CIM Firmware Upgrade Upgrade your CIMs using the firmware versions stored in the Dominion KSX II memory Firmware Upgrade Upgrade your Dominion KSX II firmware Facto...

Page 215: ... that the event occurred based on a 24 hour clock Event The event name as listed in the Event Management page Description Detailed description of the event To save the audit log Note Saving the audit log is available only on the KSX II Remote Console not on the Local Console 1 Click Save to File A Save File dialog appears 2 Choose the desired file name and location and click Save The audit log is ...

Page 216: ...tan Technical Support To view information about your Dominion KSX II and CIMs Choose Maintenance Device Information The Device Information page opens The following information is provided about the KSX II Model Hardware Revision Firmware Version Serial Number MAC Address The following information is provided about the CIMs in use Port number Name Type of CIM Power Strip or VM Firmware Version Seri...

Page 217: ...w KSX II You can also set up one KSX II and copy its configuration to multiple KSX II devices To access the Backup Restore page Choose Maintenance Backup Restore The Backup Restore page opens Note Backups are always complete system backups Restores can be complete or partial depending on your selection If you are using Firefox or Internet Explorer 5 or lower to backup your KSX II 1 Click Backup A ...

Page 218: ...tion specified b Once saved locate the file and right click on it Select properties c In general tab click Change and select WordPad To restore your KSX II WARNING Exercise caution when restoring your KSX II to an earlier version Usernames and password in place at the time of the backup will be restored If you do not remember the old administrative usernames and passwords you will be locked out of...

Page 219: ...e This option includes only user and group information This option does not restore the certificate and the private key files Use this option to quickly set up users on a different KSX II Device Settings Restore This option includes only device settings such as power associations USB profiles blade chassis related configuration parameters and Port Group assignments Use this option to quickly copy ...

Page 220: ...t page opens To upload a custom profile to your KSX II 1 Click the Browse button A Choose File dialog appears 2 Navigate to and select the appropriate custom profile file and click Open The file selected is listed in the USB Profile File field 3 Click Upload The custom profile will be uploaded and displayed in the Profile table Note If an error or warning is displayed during the upload process for...

Page 221: ... CIMs using the firmware versions stored in the memory of your KSX II device In general all CIMs are upgraded when you upgrade the device firmware using the Firmware Upgrade page In order to make use of USB profiles you must use a D2CIM VUSB or D2CIM DVUSB with updated firmware A VM CIM that has not had its firmware upgraded will support a broad range of configurations Windows Keyboard Mouse CD RO...

Page 222: ...age to the device or CIMs To upgrade your KSX II 1 Locate the appropriate Raritan firmware distribution file RFP found on the Raritan Firmware Upgrades webpage http www raritan com support firmwareupgrades and download the file 2 Unzip the file Read all instructions included in the firmware ZIP files carefully before upgrading 3 Copy the firmware update file to a local PC before uploading Do not l...

Page 223: ...review CIM information that information is displayed as well Note At this point connected users are logged off and new login attempts are blocked 8 Click Upgrade and wait for the upgrade to complete Status information and progress bars are displayed during the upgrade Upon completion of the upgrade the device reboots 1 beep sounds to signal the reboot ...

Page 224: ...wait approximately 5 minutes before logging on to the KSX II again Upgrade History The KSX II provides information about upgrades performed on the KSX II and attached CIMS To view the upgrade history Choose Maintenance Upgrade History The Upgrade History page opens ...

Page 225: ...n provided is Port The port where the CIM is connected Name The name of the CIM Type The type of CIM Previous Version Previous version of the CIM Upgrade Version Current version of the CIM Result The result of the upgrade success or fail Rebooting The Reboot page provides a safe and controlled way to reboot your KSX II This is the recommended method for rebooting Important All KVM and serial conne...

Page 226: ...action Click Yes to proceed with the reboot CC Unmanage When a KSX II device is under CommandCenter Secure Gateway control and you attempt to access the device directly using the KSX II Remote Console the following message appears after entry of a valid user name and password ...

Page 227: ...must have the appropriate permissions to end CC SG management of the KSX II Additionally the Stop CC SG Management option will not be provided unless you are currently using CC SG to manage the KSX II To stop CC SG management of a KSX II 1 Click Maintenance Stop CC SG Management A message indicating that the device is being managed by CC SG will be displayed An option to remove the device from CC ...

Page 228: ...Chapter 10 Maintenance 218 3 Click Yes to remove the device CC SG management Once CC SG management has ended a confirmation will be displayed ...

Page 229: ...o Host Page 222 Device Diagnostics 223 Network Interface Page The KSX II provides information about the status of your network interface To view information about your network interface Choose Diagnostics Network Interface The Network Interface page opens The following information is displayed Whether the Ethernet interface is up or down Whether the gateway is pingable or not The LAN port that is ...

Page 230: ...Chapter 11 Diagnostics 220 Statistics Produces a page similar to the one displayed here Interfaces Produces a page similar to the one displayed here ...

Page 231: ...ost Page Ping is a network tool used to test whether a particular host or IP address is reachable across an IP network Using the Ping Host page you can determine if a target server or another KSX II is accessible To ping the host 1 Choose Diagnostics Ping Host The Ping Host page opens 2 Type either the hostname or IP address into the Hostname or IP Address field ...

Page 232: ... Choose Diagnostics Trace Route to Host The Trace Route to Host page opens 2 Type either the IP address or host name into the IP Address Host Name field Note The host name cannot exceed 232 characters in length 3 Choose the maximum hops from the drop down list 5 to 50 in increments of 5 4 Click Trace Route The trace route command is executed for the given hostname or IP address and the maximum hop...

Page 233: ...e button Device Diagnostic Log Download the snapshot of diagnostics messages from the KSX II to the client This encrypted file is then sent to Raritan Technical Support only Raritan can interpret this file Note This page is accessible only by users with administrative privileges To run the KSX II system diagnostics 1 Choose Diagnostics Device Diagnostics The Device Diagnostics page opens 2 To exec...

Page 234: ...ile to send to Raritan Technical Support a Click the Save to File button The File Download dialog appears b Click Save The Save As dialog appears c Navigate to the desired directory and click Save 4 Email this file as directed by Raritan Technical Support ...

Page 235: ...X II 228 Local Serial Port Connection to the KSX II 228 Logging On 229 Navigation of the CLI 231 Initial Configuration Using CLI 233 CLI Prompts 234 CLI Commands 234 Target Connections and the CLI 235 Administering the KSX II Console Server Configuration Commands 236 Configuring Network 236 Chapter 12 Command Line Interface CLI ...

Page 236: ...l devices You can use the Command Line Interface CLI to configure the KSX II or to connect to target devices The RS 232 interface may operate at all standard rates from 1200 bps to 115 2 kbps The default settings are 9600 bps 8 data bits no parity bit one stop bit and no flow control The following figures describe an overview of the CLI commands See CLI Commands on page 234 for a list of all the c...

Page 237: ...Client www openssh org http www openssh org SSH Connection to the KSX II Use any SSH client that supports SSHv2 to connect to the KSX II You must enable SSH access from the Devices Services page Note For security reasons SSH V1 connections are not supported by the KSX II SSH Access from a Windows PC To open an SSH session from a Windows PC 1 Launch the SSH client software 2 Enter the IP address of...

Page 238: ...oose Startup Run 2 Type Telnet in the Open text box 3 Click OK The Telnet page opens 4 At the prompt enter the following command Microsoft Telnet open IP address where IP address is the KSX II IP address 5 Press the Enter key The following message appears Connecting To IP address The login as prompt appears Local Serial Port Connection to the KSX II The local serial port of the KSX II must be conn...

Page 239: ...ters are configured as follows Data bits 8 Parity None Stop bits 1 Flow Control None Bits per second 9600 Logging On To log in enter the user name admin as shown 1 Log in as admin 2 The Password prompt appears Enter the default password raritan The welcome message displays You are now logged on as an administrator ...

Page 240: ... Type Status Availability 1 Dominion_KSX2_Port1 Not Available down idle 2 Dominion_KSX2_Port3 Not Available down idle 3 Dominion_KSX2_Port4 Not Available down idle 4 Dominion_KSX2_Port5 Not Available down idle 5 YongFedora7 VM up idle 6 Yong Laptop XP Not Available down idle 7 Dominion_KSX2_Port8 Not Available down idle 8 Serial Port 1 Serial up idle 9 Serial Port 2 Serial up idle 10 Serial Port 3...

Page 241: ...sing the CLI it is important to understand CLI navigation and syntax There are also some keystroke combinations that simplify CLI use Completion of Commands The CLI supports the completion of partially entered commands After entering the first few characters of an entry press the Tab key If the characters form a unique match the CLI will complete the entry If no match is found the CLI displays the...

Page 242: ... delete the last character typed Press Ctrl C to terminate a command or cancel a command if you typed the wrong parameters Press Enter to execute the command Press Tab to complete a command For example Admin Port Conf The system then displays the Admin Port Config prompt Common Commands for All Command Line Interface Levels Following are the commands that are available at all CLI levels These comm...

Page 243: ...ss Setting Parameters To set parameters you must be logged on with administrative privileges At the top level you will see the Username prompt which for the initial configuration is admin Enter the top command to return to the top menu level Note If you have logged on with a different user name that user name will appear instead of admin Setting Network Parameters Network parameters are configured...

Page 244: ...n application Admin Port is the root portion of a command admin For TELNET SSH admin is the root portion of the command admin config network 0 CLI Commands The table below lists and describes all available CLI commands Command Description config Port configuration command Switch to the Configuration menu connect Connect to a port diagnostics Switch to diagnostic commands menu help Display an overv...

Page 245: ...t emulation on the target Ensure that the encoding in use on the host matches the encoding configured for the target device that is if the character set setting on a Sun Solaris server is set to ISO8859 1 the target device should also be set to ISO8859 1 Note ISO9660 format is the standard supported by Raritan However other CD ROM extensions may also work Ensure that the terminal emulation on the ...

Page 246: ...ly access at any point during the port sharing session Users who have Write permissions can request Write access to a port Administering the KSX II Console Server Configuration Commands Note CLI commands are the same for SSH Telnet and Local Port access sessions The Network command can be accessed in the Configuration menu for the KSX II Configuring Network The network menu commands are used to co...

Page 247: ...0fdx Interface Command Example The following command enables the interface number 1 sets the IP address mask and gateway addresses and sets the mode to auto detect Admin Config Network interface ipauto none ip 192 16 151 12 mask 255 255 255 0 gw 192 168 51 12 mode auto Note Both IPv4 and IPv6 addresses are supported Name Command The name command is used to configure the network name The syntax of ...

Page 248: ... who only have Read Only permissions help Display an overview of the commands history Display the current session s command line history powerstatus Quersy the Power Status port Not available to users who do not have power permission powertoggle Toggle power on and off for the port Not available to users who do not have power permission Operational for power associated serial targets only quit Clo...

Page 249: ...Chapter 12 Command Line Interface CLI 239 IPv6 Command Use the IPv6_command to set IPv6 network parameters and retrieve existing IPv6 parameters ...

Page 250: ...h features a browser based graphical user interface for quick convenient switching between servers The KSX II Local Console provides a direct analog connection to your connected servers the performance is as if you were directly connected to the server s keyboard mouse and video ports The KSX II Local Console provides the same administrative functionality as the KSX II Remote Console Using the KSX...

Page 251: ...nd Authentication In order to use the KSX II Local Console you must first authenticate with a valid username and password The KSX II provides a fully integrated authentication and security scheme whether your access is via the network or the local port In either case the KSX II allows access only to those servers to which a user has access permissions See User Management for additional information...

Page 252: ...be logged out depending on how the card removal policy has been setup on the target server OS When the KVM session is terminated either because it has been closed or because you switch to a new target the smart card reader will be automatically unmounted from the target server To mount a smart card reader onto a target via the KSX II Local console 1 Plug a USB smart card reader into the KSX II usi...

Page 253: ...available USB profiles for a local port The ports that can be assigned profiles are displayed in the Port Name field and the profiles that are available for a port appear in the Select Profile To Use field after the port is selected The profiles selected for use with a port appear in the Profile In Use field To apply a USB profile to a local console port 1 In the Port Name field select the port yo...

Page 254: ...applied to the local port and will appear in the Profile In Use field Available Resolutions The KSX II Local Console provides the following resolutions to support various monitors 800x600 1024x768 1280x1024 Each of these resolutions supports a refresh rate of 60Hz and 75Hz ...

Page 255: ...to the port group To use the Port Access page 1 Log in to the Local Console The KVM target servers are initially sorted by Port Number You can change the display to sort on any of the columns Port Number Numbered from 1 to the total number of ports available for the KSX II device Port Name The name of the KSX II port Initially this is set to Dominion KX2 Port but you can change the name to somethi...

Page 256: ...sole the Port Access page opens This page lists all of the KSX II ports KVM target servers and serial servers and their status and availability The KVM and serial target servers are initially sorted by Port Number you can change the display to sort on any of the columns Port Number Numbered from 1 to the total number of ports available for the KSX II Port Name The name of the KSX II port Initially...

Page 257: ...but you can designate another key combination available in the Local Port Settings page as the hot key See KSX II Local Console Local Port Settings on page 251 for more information Connect Key Examples Standard servers Connect key action Key sequence example Access a port from the local port GUI Access port 5 from the local port GUI Press Left ALT Press and Release 5 Release Left ALT Switch betwee...

Page 258: ...r display only local language input is not supported at this time for the KSX II Local Console functions For more information about non US keyboards see Informational Notes Note Raritan strongly recommends that you use system config keyboard to change languages if you are working in a Linux environment Language Regions Keyboard layout US English United States of America and most of English speakin...

Page 259: ...talian Italy Italian Spanish Spain and most Spanish speaking countries Spanish Portuguese Portugal Portuguese Special Sun Key Combinations The following key combinations for Sun Microsystems server s special keys operate on the local port These special are available from the Keyboard menu when you connect to a Sun target server Sun key Local port key combination Again Ctrl Alt F2 Props Ctrl Alt F3...

Page 260: ...sole default hot key is to press the Scroll Lock key twice rapidly This key combination can be changed in the Local Port Settings page See KSX II Local Console Local Port Settings on page 251 To return to the KSX II Local Console from the target server Press the hot key twice rapidly the default hot key is Scroll Lock The video display switches from the target server interface to the KSX II Local ...

Page 261: ...International United Kingdom French France German Germany JIS Japanese Industry Standard Simplified Chinese Traditional Chinese Dubeolsik Hangul Korean German Switzerland Norwegian Norway Swedish Sweden Danish Denmark Belgian Belgium Note Keyboard use for Chinese Japanese and Korean is for display only Local language input is not supported at this time for KSX II Local Console functions 3 Choose t...

Page 262: ...ated 6 Choose the resolution for the KSX II Local Console from the drop down list 800x600 1024x768 1280x1024 7 Choose the refresh rate from the drop down list 60 Hz 75 Hz 8 Choose the type of local user authentication Local LDAP RADIUS This is the recommended option For more information about authentication see Remote Authentication on page 36 None There is no authentication for Local Console acce...

Page 263: ...Local Console user interface Note It is recommended that you save the audit log prior to performing a factory reset The audit log is deleted when a factory reset is performed and the reset event is not logged in the audit log For more information about saving the audit log see Audit Log on page 205 To perform a factory reset 1 Choose Maintenance Factory Reset The Factory Reset page opens 2 Choose ...

Page 264: ... interval seconds Timeout seconds 1 Click Reset to continue You will be prompted to confirm the factory reset because all network settings will be permanently lost 2 Click OK button proceed Upon completion the KSX II device is automatically restarted Resetting the KSX II Using the Reset Button On the back panel of the device there is a Reset button It is recessed to prevent accidental resets you w...

Page 265: ...pointed object to press and hold the Reset button 3 While continuing to hold the Reset button power the KSX II device back on 4 Continue holding the Reset button for 10 seconds Once the device has been reset two short beeps signal its completion ...

Page 266: ...ng Configuration 261 Windows XP Dial Up Networking Configuration 262 Certified Modems for UNIX Linux and MPC Following is a list of modems that are certified to work for UNIX Linux and MPC US Robotics Courier 56K Business Modem Model 3453B Zoom Fax Modem 56Kx Dualmode Model 2949 Zoom 56k v 92 v 90 Modem Model 3049 US Robotics v 92 56k Fax Modem Model 5686 US Robotics 56k SportSter Modem Chapter 14...

Page 267: ... display is updated much quicker improving the overall usability of the connection Noise filter Select Video Video Settings The Noise Filter should be set to 7 the highest value At this setting less bandwidth will be used for target screen changes resulting in improved local and remote mouse synchronization Note Setting the color depth to low and the noise filter to high will cause a degradation i...

Page 268: ... the dial up connection is established connecting to a KSX II is achieved by pointing the web browser to the PPP Server IP Modem installation guidelines are provided for the following client based systems Windows 7 Windows XP operating system Windows Vista Windows 2000 Dial Up Networking Configuration 1 Choose Start Programs Accessories Communications Network and Dial Up Connections 2 Double click...

Page 269: ...he steps in the Network Connection Wizard dialog to create custom dial up network profiles 4 Click the Dial up to private network radio button and click Next 5 Select the checkbox before the modem that you want to use to connect to the KSX II and then click Next ...

Page 270: ...60 6 Type the area code and phone number you wish to dial in the appropriate fields 7 Click the Country region code drop down arrow and select the country or region from the list 8 Click Next The Connection Availability dialog appears ...

Page 271: ...cessful connection has been established will appear Consult the Windows 2000 Dial up Networking Help if you receive any error messages Windows Vista Dial Up Networking Configuration 1 Click Start and then click Network The Network window opens 2 Select Network and Sharing Center at the top of the window The Network and Sharing Center window opens 3 Select Set up a Connection or Network 4 Select Se...

Page 272: ...rname and password cannot use a backslash 7 Click Connect Windows XP Dial Up Networking Configuration 1 Choose Start Programs Accessories Communications New Connection Wizard 2 Click Next and follow the steps in the New Connection Wizard to create custom dial up network profiles ...

Page 273: ...Chapter 14 Modem Configuration 263 3 Click the Connect to the Internet radio button and click Next ...

Page 274: ...Chapter 14 Modem Configuration 264 4 Click the Set up my connection manually radio button and click Next ...

Page 275: ...Chapter 14 Modem Configuration 265 5 Click the Connect using a dial up modem radio button and click Next ...

Page 276: ...Chapter 14 Modem Configuration 266 6 Type a name to identify this particular connection in the ISP Name field and click Next ...

Page 277: ...figuration 267 7 Type the phone number for the connection in the Phone number field and click Next 8 Type your ISP information Type the user name and password in the appropriate fields and retype the password to confirm it ...

Page 278: ...10 Click Finish 11 Click Dial to connect to the remote machine when the Dial dialog appears A dialog indicating that you connected successfully appears If you get any errors consult Windows XP Dial up Networking Help Note The maximum modem speed connecting to the KSX II is 33 600 bps as it is a Linux default limitation ...

Page 279: ...s for Serial Devices 288 Network Speed Settings 289 Connectivity 290 KSX II Serial RJ 45 Pinouts 291 Physical Specifications Part number Line item description UPC code Power Weight Product dimensions WxDxH Shipping weight Shipping dimensions WxDxH KSX2144 4 KVM and 4 Serial Port KSX II with multiple user network access and local port virtual media 78581365005 4 100 240 V 50 60 Hz 0 6A 27 Watts 8 6...

Page 280: ...II Red Hat Desktop 4 0 Yes Locally held ISO image Remote File Server mounting directly from KSX II Open SUSE 10 11 Yes Locally held ISO image Remote File Server mounting directly from KSX II Fedora 8 11 Yes Locally held ISO image Remote File Server mounting directly from KSX II Mac OS No Solaris No The JRE plug in is available for the Windows 32 bit and 64 bit operating systems MPC and VKC can be ...

Page 281: ...rnet Explorer 6 0 SP1 7 0 or 8 0 Firefox 1 06 3 64bit mode 64bit browsers Internet Explorer 7 0 or 8 0 Windows XP Professional Windows XP Tablet Windows Vista Windows Server 2003 Windows Server 2008 Windows 7 Supported Operating Systems and CIMs KVM Target Servers In addition to the new D2CIMs most Dominion CIMs are supported The following table displays the supported target server operating syste...

Page 282: ...000 Server Windows 2003 Server Windows Vista operating system D2CIM VUSB Windows XP operating system Windows 2000 operating system Windows 2000 Server Windows 2003 Server Windows Vista operating system Target server Supported CIMs Mouse modes Dominion DCIMs D2CIMs VM AM IM SM Windows XP operating system Windows 2000 operating system Windows 2000 Server Windows 2003 Server Windows Vista operating s...

Page 283: ...2 HP UX DCIM USB DCIM USB G2 DCIM PS2 Serial Devices Serial device support does not require a CIM Legend VM Virtual Media D2CIM VUSB only AM Absolute Mouse Synchronization D2CIM VUSB only IM Intelligent Mouse Mode SM Standard Mouse Mode Supported The DCIM USB G2 provides a small slide switch on the back of the CIM Move the switch to P for PC based USB KVM target servers move the switch to S for Su...

Page 284: ... Modules CIMs Part number Line item description UPC code Weight Product dimensions WxDxH Shipping weight Shipping dimensions WxDxH D2CIM VUS B KSX II Computer Interface Module USB port with virtual media 78581333200 4 0 2 lbs 1 3 x 3 0 x 0 6 0 2 lbs 7 2 x 9 x 0 6 DCIM SUN KSX II Computer Interface Module Sun port HD15 video 78581333854 9 0 2 lbs 1 3 x 3 0 x 0 6 0 2 lbs 7 2 x 9 x 0 6 ...

Page 285: ...ervers with IBM PS 2 type keyboard and mouse ports Automatic skew compensation when the CIMs are connected to Paragon II not from a KSX II Intelligent Mouse mode Standard Mouse mode Virtual media Smart cards Absolute Mouse mode Use with blade chassis Cascaded KVM configurations P2CIM AUSBDUAL Servers with USB or Sun USB type keyboard and mouse ports Automatic skew compensation when the CIMs are co...

Page 286: ... KSX II CIM Name Updates The P2CIM APS2 and P2CIM AUSB names are stored within the CIM s memory There are two memory locations provided to accommodate the Paragon naming convention 12 characters and the KSX II naming convention 32 characters When first connected to a KSX II the Paragon name will be retrieved from memory and written into the CIM memory location used by KSX II Subsequent queries for...

Page 287: ...for Private mode when a second connection is attempted the user is notified that they cannot connect and access is denied When a port name change is initiated via the CC SG Port Profile pane the changed name is pushed to the managed KSX II The corresponding port name of the other KSX II will not be updated in CC SG until a connection is attempted to the target port via the other KSX II s oob kvm i...

Page 288: ... is accessing a server or other device on a specific channel port other users can select that channel port and view the video output from that device However only the first user will have keyboard and mouse control until they disconnect or switch away Not supported This mode cannot be used when connecting the CIM to a Paragon II and the KSX II The Paragon II uses Yellow to indicate it is in P View...

Page 289: ...Hz 1024x768 75Hz 640x350 85Hz 1024x768 90Hz 640x400 56Hz 1024x768 100Hz 640x400 84Hz 1152x864 60Hz 640x400 85Hz 1152x864 70Hz 640x480 60Hz 1152x864 75Hz 640x480 66 6Hz 1152x864 85Hz 640x480 72Hz 1152x870 75 1Hz 640x480 75Hz 1152x900 66Hz 640x480 85Hz 1152x900 76Hz 720x400 70Hz 1280x720 60Hz 720x400 84Hz 1280x960 60Hz 720x400 85Hz 1280x960 85Hz 800x600 56Hz 1280x1024 60Hz 800x600 60Hz 1280x1024 75H...

Page 290: ...are not displayed but are supported by the target server s graphics adapter card a DDC 1440 or DDC 1680 adapter may be required KSX II Local Console Support Languages The KSX II Local Console supports the following language keyboards US English UK English German French Japanese Korean Simplified Chinese and Traditional Chinese Note Keyboard use for Chinese Japanese and Korean is for display only l...

Page 291: ...ty to synchronize its internal clock to a central time server This function requires the use of UDP Port 123 the standard for SNTP but can also be configured to use any port of your designation Optional LDAP LDAPS on Configurable Ports 389 or 636 If the KSX II is configured to remotely authenticate user logons via the LDAP LDAPS protocol ports 389 or 636 will be used but the system can also be con...

Page 292: ...local and remote USB Gemalto GemPC USB SW Verified on local and remote USB Keyboard Card reader Combo Dell USB Smart Card Reader Keyboard Verified on local and remote USB Keyboard Card reader Combo Cherry GmbH G83 6744 SmartBoard Verified on local and remote USB reader for SIM sized cards Omnikey 6121 Verified on local and remote Integrated Dell Latitude D620 O2Micro OZ776 Remote only PCMCIA Activ...

Page 293: ...ry implementation Minimum System Requirements Local Port Requirements The basic interoperability requirement for local port attachment to the KSX II is All devices smart card reader or token that are locally attached must be USB CCID compliant Target Server Requirements When using smart card readers the basic requirements for interoperability at the target server are The IFD smart card reader Hand...

Page 294: ...rements RHEL 5 ccid 1 3 8 1 el5 SuSE 11 pcsc ccid 1 3 8 3 12 Fedora Core 10 ccid 1 3 8 1 fc10 i386 Remote Client Requirements The basic requirements for interoperability at the remote client are The IFD smart card reader Handler must be a PC SC compliant device driver The ICC smart card Resource Manager must be available and be PC SC compliant The JRE 1 6 x with smart card API must be available fo...

Page 295: ...restarted restart the browser and MPC too Environmental Requirements Operating Temperature 0 C 40 C 32 F 104 F Humidity 20 85 RH Altitude N A Vibration 5 55 5 HZ 0 38mm 1 minutes per cycle 30 minutes for each axis X Y Z Shock N A Non Operating Temperature 0 C 50 C 32 F 122 F Humidity 10 90 RH Altitude N A Vibration 5 55 5 HZ 0 38mm 1 minutes per cycle 30 minutes for each axis X Y Z Shock N A Emerg...

Page 296: ...Current AC RMS 0 6A max AC Operating Range 100 to 240 VAC 10 47 to 63 Hz Remote Connection Remote connection Details Network 10BASE T 100BASE T and 1000BASE T Gigabit Ethernet Protocols TCP IP UDP SNTP HTTP HTTPS RADIUS LDAP LDAPS KVM Properties Keyboard PS 2 or USB Mouse PS 2 or USB Video VGA Ports Used Port Description HTTP Port 80 All requests received by KSX II via HTTP port 80 are automatical...

Page 297: ...ion LDAP LDAPS on Configurable Ports 389 and 636 Optional If the KSX II is configured to remotely authenticate user logins via the LDAP LDAPS protocol ports 389 and 636 will be used but the system can also be configured to use any port of your designation RADIUS on Configurable Port 1812 Optional If the KSX II is configured to remotely authenticate user logins via the RADIUS protocol either port 1...

Page 298: ...ce for various video resolutions and refresh rates Video resolution Refresh rate Maximum distance 1600x1200 60 50 ft 15 m 1280x1024 60 100 ft 30 m 1024x768 60 150 ft 45 m Note Due to the multiplicity of server manufacturers and types OS versions video drivers and so forth and the subjective nature of video quality Raritan cannot guarantee performance across all distances in all environments See th...

Page 299: ...on No Communicat ion 100 Full KSX II 100 Half Switch 100 Full KSX II 100 Half Switch 100 Full 100 Full KSX II 100 Half Switch 100 Full No Communica tion No Communicat ion 100 Half 100 Half 100 Half KSX II 100 Full Switch 100 Half 100 Half No Communica tion No Communicat ion 10 Full KSX II 10 Half Switch 10 Full No Communica tion No Communica tion No Communicat ion 10 Full KSX II 10 Half Switch 10 ...

Page 300: ...mended or set both to a fixed speed duplex such as 100MB s Full Connectivity The following table lists the necessary KSX II hardware adapters and or cables for connecting the KSX II to common vendor model combinations Vendor Device Console connector Serial connection Checkpoint Firewall DB9M ASCSDB9F adapter and a CAT 5 cable Cisco PIX Firewall Cisco Catalyst RJ 45 CRLVR 15 rollover cable or CRLVR...

Page 301: ... commonly used cables and adapters KSX II Serial RJ 45 Pinouts To provide maximum port density and to enable simple UTP Category 5 cabling The KSX II provides its serial connections via compact RJ 45 ports However no widely adopted industry standard exists for sending serial data over RJ 45 connections The following tables list the RJ 45 pinouts for the RJ 45 connector RJ 45 PIN SIGNAL 1 RTS 2 DTR...

Page 302: ...ale DB9 female 1 8 2 1 6 3 2 4 SHELL 5 5 6 3 7 4 8 7 DB9M Nulling Serial Adapter Pinouts RJ 45 female DB9 male 1 8 2 1 6 3 2 4 SHELL 5 5 6 3 7 4 8 7 DB25F Nulling Serial Adapter Pinouts RJ 45 female DB25 female 1 5 2 6 8 3 3 4 1 5 7 6 2 7 20 ...

Page 303: ...Appendix A Specifications 293 RJ 45 female DB25 female 8 4 DB25M Nulling Serial Adapter Pinouts RJ 45 female DB25 male 1 5 2 6 8 3 3 4 1 5 7 6 2 7 20 8 4 ...

Page 304: ...roup Your remote LDAP server can provide these user group names by returning an attribute named as follows rciusergroup attribute type string This may require a schema extension on your LDAP LDAPS server Consult your authentication server administrator to enable this attribute In addition for Microsoft Active Directory the standard LDAP memberOf is used From Microsoft Active Directory Note This sh...

Page 305: ...schema 1 Right click the Active Directory Schema root node in the left pane of the window and then click Operations Master The Change Schema Master dialog appears 2 Select the Schema can be modified on this Domain Controller checkbox Optional 3 Click OK Creating a New Attribute To create new attributes for the rciusergroup class 1 Click the symbol before Active Directory Schema in the left pane of...

Page 306: ... the LDAP Display Name field 6 Type 1 3 6 1 4 1 13742 50 in the Unique x5000 Object ID field 7 Type a meaningful description in the Description field 8 Click the Syntax drop down arrow and choose Case Insensitive String from the list 9 Type 1 in the Minimum field 10 Type 24 in the Maximum field 11 Click OK to create the new attribute Adding Attributes to the Class To add attributes to the class 1 ...

Page 307: ...dating the LDAP LDAPS Schema 297 2 Scroll to the user class in the right pane and right click it 3 Choose Properties from the menu The user Properties dialog appears 4 Click the Attributes tab to open it 5 Click Add ...

Page 308: ...Attributes for User Members To run the Active Directory script on a Windows 2003 server use the script provided by Microsoft available on the Windows 2003 server installation CD These scripts are loaded onto your system with a Microsoft Windows 2003 installation ADSI Active Directory Service Interface acts as a low level editor for Active Directory allowing you to perform common administrative tas...

Page 309: ...dating the LDAP LDAPS Schema 299 3 Go to the directory where the support tools were installed Run adsiedit msc The ADSI Edit window opens 4 Open the Domain 5 In the left pane of the window select the CN Users folder ...

Page 310: ...in the right pane Right click the user name and select Properties 7 Click the Attribute Editor tab if it is not already open Choose rciusergroup from the Attributes list 8 Click Edit The String Attribute Editor dialog appears 9 Type the user group created in the KSX II in the Edit Attribute field Click OK ...

Page 311: ...age Future updates will be documented and available online through the Help link in the KSX II Remote Console interface Java AES 256 Prerequisites and Supported Configurations for Java Applications Prerequisites Supported Standalone MPC Requires installation of Java Cryptography Extension JCE Unlimited Strength Jurisdiction Policy Files Yes Standalone RSC Requires installation of Java Cryptography...

Page 312: ...yptography Extension JCE Unlimited Strength Jurisdiction Policy Files Browser Supported Firefox 2 0 0 7 Yes Firefox 3 0 x Yes Internet Explorer 6 No Internet Explorer 7 Yes Internet Explorer 8 Yes Jurisdiction files for various JREs are available in the Other Downloads on the Java Sun site JRE Link JRE1 6 http java sun com javase downloads index jsp In addition IE6 does not support AES 128 Java Ru...

Page 313: ...x kernel 2 1 2 and higher kernel 2 4 0 and higher recommended for better IPv6 support Windows XP SP1 and Windows 2003 Windows Vista operating systems The following IPv6 configurations are not supported by Java J2SE 1 4 does not support IPv6 on Microsoft Windows Linux It is recommended that Linux kernel 2 4 0 or higher is used when using IPv6 An IPv6 enabled kernel will need to be installed or the ...

Page 314: ...Release Right Alt Note These procedures do not apply to the circumflex accent above vowels In all cases the key to the right of the P key works on French keyboards to create the circumflex accent when used in combination with another character Accent Symbol Windows XP Operating System Clients Only From the Virtual KVM Client and the Multi Platform Client the key combination of Alt Gr 7 results in ...

Page 315: ...ards configured using System Preferences Raritan recommends that you configure foreign keyboards using the methods described in the following table Language Configuration method US Intl Default UK System Settings Control Center French Keyboard Indicator German Keyboard Indicator Hungarian System Settings Control Center Spanish System Settings Control Center Swiss German System Settings Control Cen...

Page 316: ...ask Bar and choose Add to Panel 2 In the Add to Panel dialog right click the Keyboard Indicator and from the menu choose Open Keyboard Preferences 3 In the Keyboard Preferences dialog click the Layouts tab 4 Add and remove languages as necessary Key Combinations and the Java Runtime Environment JRE Because of a limitation in the Java Runtime Environment JRE Fedora Linux and Solaris clients receive...

Page 317: ... As a result the Virtual KVM Client and the Multi Platform Client MPC are unable to process these keys from a Mac client s keyboard Dell Chassis Cable Lengths and Video Resolutions In order to maintain video quality Raritan recommends using the following cable lengths and video resolutions when you are connecting to Dell blade chassis from the KSX II Cable length Video resolution 50 ft 1024x768x60...

Page 318: ...e SeaMonkey formerly Mozilla browser to work with the Java plug in Mouse Pointer Synchronization Fedora When connected in dual mouse mode to a target server running Fedora 7 If the target and local mouse pointers lose synchronization changing the mouse mode from or to Intelligent or Standard may improve synchronization Single mouse mode may also provide for better control To resynchronize the mous...

Page 319: ...cannot be used at the same time Therefore a dual VM CIM cannot be used on DL360 servers However as a workaround a USB2 hub can be attached to the USB port on the back of the device and a dual VM CIM can be attached to the hub Help for Choosing USB Profiles When you are connected to a KVM target server in VKC you can view information about USB profiles via the Help on USB Profiles command on the US...

Page 320: ...ple when operating at the BIOS level Add Other Profiles provides access to other profiles available on the system Profiles selected from this list will be added to the USB Profile Menu This includes a set of trouble shooting profiles intended to help identify configuration limitations The USB Profile Menu selections are configurable via the Console Device Settings Port Configuration page Should no...

Page 321: ...entries in the X org configuration file These video modes do not correspond exactly with VESA video mode timing even when a VESA monitor is selected The KSX II on the other hand relies on exact VESA mode timing for proper synchronization This disparity can result in black borders missing sections of the picture and noise To configure the SUSE video display 1 The generated configuration file etc X1...

Page 322: ...ed After a virtual media drive has been mounted if you add a file s to that drive those files may not be immediately visible on the target server Disconnect and then reconnect the virtual media connection Target BIOS Boot Time with Virtual Media The BIOS for certain targets may take longer to boot if media is mounted virtually at the target To shorten the boot time 1 Close the Virtual KVM Client t...

Page 323: ...r CC SG Control Via VKC Using Firefox When using Firefox to connect to a KSX II target under CC SG control using DCIM PS2 or DCIM USBG2 if you change to Single Mouse Mode in the Virtual KVM Client the VKC window will no longer be the focus window and the mouse will not respond If this occurs left click on the mouse or press Alt Tab to return the focus to the VKC window Moving Between Ports of the ...

Page 324: ...22 USB Profiles 323 IPv6 Networking 325 Remote Access 326 Ethernet and IP Networking 328 Servers 332 Blade Servers 332 Installation 335 Local Port 337 Power Control 339 Scalability 340 Security 341 Smart Cards and CAC Authentication 343 Managability 344 Miscellaneous 345 Appendix D FAQs ...

Page 325: ...h However because the KSX II is not a software but a hardware solution it s much more powerful Specifically OS and hardware independent The KSX II can be used to manage servers running many popular operating systems including Intel Sun PowerPC running Windows Linux Solaris etc State Independent Agentless The KSX II does not require the managed server s operating system to be up and running nor doe...

Page 326: ... Platform Client MPC both support KSX I and KSX II switches seamlessly What CIMs are supported for the KSX II switch Refer to Supported Operating Systems and CIMs KVM Target Servers on page 271 Can the KSX II be rack mounted Yes The KSX II ships standard with 19 rack mount brackets It can also be reverse rack mounted so the server ports face forward How large is the KSX II The KSX II is only 1U hi...

Page 327: ...re I have a Dominion KSX II installed Raritan s CommandCenter is designed specifically to provide centralized management It is the ideal solution if you are looking to consolidate management of devices such as Dominion KSX II and other Raritan network based products Is the Ethernet port on the KSX II device 10 100 1000 Mbps auto sensing The KSX II supports two 10 100 1000 speed Ethernet interfaces...

Page 328: ...lution with Raritan s CommandCenter Hundreds of Dominion KSX II units can be managed via CommandCenter Is the modem used only for administering the Dominion KSX II itself No Unlike other products in its category Dominion KSX II offers modem access to administer the box AND get to the target servers Is a modem standard on any Dominion KSX II models Yes a built in modem is standard on KSX II models ...

Page 329: ...on 2 2 or higher port 51000 or other port between 1024 65536 On software releases PRIOR to firmware 2 2 2 0Bx or 2 1 x either port 23 or a user designated port between 2000 and 2400 When using SSH port 22 needs to be open How do I get access to the operating system of the KSX II Dominion KSX II is a secure device Therefore NO access is possible to the operating system I have a few serial devices l...

Page 330: ...Dominion KSX II supports enabling of the telnet daemon on the Dominion KSX II unit Because telnet sends all information in the clear enabling telnet is at the customers own discretion and telnet is disabled by default when the unit ships from the factory Raritan strongly suggests the use of SSH as a safer alternative to telnet since all data is encrypted including the login sequence Can I send an ...

Page 331: ...rd VPNs Can I get the buffered off line data from a serial port when using a Java enabled web browser Yes Does Dominion KSX II support local direct port access for crash cart applications in a data center Yes What are the pin outs of the Dominion KSX II serial ports To provide maximum port density and to enable simple UTP Category 5 cabling The KSX II provides its serial connections via compact RJ...

Page 332: ...gh Raritan s CommandCenter Secure Gateway Raritan s centralized management unit What types of virtual media does the KSX II support The KSX II supports the following types of media internal and USB connected CD DVD drives USB mass storage devices PC hard drives and ISO images What is required for virtual media A KSX II virtual media CIM is required There are two of these CIMs the D2CIM VUSB and th...

Page 333: ...e Not choosing the right USB profile for a KVM target server can prevent a mass storage device mouse or keyboard from working optimally or working at all Do I always need to set a USB profile when I use virtual media No in many cases the default USB Profile is sufficient when using virtual media at the OS level or operating at the BIOS level without accessing virtual media What profiles are availa...

Page 334: ...must use a D2CIM VUSB or D2CIM DVUSB with updated firmware Will Raritan provide USB profiles for other target server configurations Raritan will provide new USB profiles to suit customer needs As these profiles become available they will be included in firmware upgrades ...

Page 335: ...stack is the ability to simultaneously support both IPv4 and IPv6 protocols Given the gradual transition from IPv4 to IPv6 dual stack is a fundamental requirement for IPv6 support How do I enable IPv6 on the KSX II Use the Network Settings page available from the Device Settings menu in KSX II Enable IPv6 addressing and choose manual or auto configuration You must also enable it in MPC What if I h...

Page 336: ...s used for access The browser does have to be Java enabled though The KSX II can be accessed through major web browsers including Internet Explorer Mozilla and Firefox The KSX II can now be accessed on Windows Linux Sun Solaris and Macintosh desktops via Raritan s Java based Multi Platform Client MPC RSC and the new Virtual KVM Client When using an SSH client the customer has to provide an SSH cli...

Page 337: ...gardless of the network condition Do you have a non Windows client Yes The Virtual KVM Client Raritan Serial Console RSC and the Multi Platform Client MPC allow non Windows users to connect to KVM target servers through the KSX II switches MPC can be run via web browsers and standalone Sometimes during a Virtual KVM Client session the Alt key appears to get stuck What should I do This usually occu...

Page 338: ...e KSX II through a dial up modem connection video transmissions can be scaled to grayscale allowing users to be fully productive while ensuring high performance With that in mind the following data refers to the KSX II at its default video settings again these settings can be tailored to a specific environment They can be increased to provide even higher quality video color depth or decreased to o...

Page 339: ...D FAQs 329 Use case Required bandwidth Idle Windows Desktop 0 Mbps Move Static 400x600 Window Dialog 0 35Mbps Navigate Start Menu 0 49Mbps Scroll an Entire Page of Text 1 23Mbps Run 3D Maze Screensaver 1 55Mbps ...

Page 340: ...KVM over IP technology can accommodate the connection How many TCP ports must be open on my firewall in order to enable network access to the KSX II Are these ports configurable Only one The KSX II protects network security by only requiring access to a single TCP port to operate This port is completely configurable for additional security Note that of course to use the KSX II s optional web brows...

Page 341: ...ively with a fixed IP address I m having problems connecting to the KSX II over my IP network What could be the problem The KSX II relies on your LAN WAN network Some possible problems include Ethernet autonegotiation On some networks 10 100 autonegotiation does not work properly and the KSX II unit must be set to 100MB full duplex or the appropriate choice for its network Duplicate IP address If ...

Page 342: ...web browser and authentication capabilities completely built in What software do I have to install in order to access the KSX II from a particular workstation None The KSX II can be accessed completely via a web browser However there is an optional installed client provided on Raritan s website www raritan com which is required for modem connections A Java based client is now available for non Win...

Page 343: ...he KSX II or from CC SG If configured one click access is available How many blade servers can I connect to a KSX II For performance and reliability reasons you can connect up to 8 blade chassis to a KX II regardless of model or up to 4 for a KSX II For KX II s Raritan recommends connecting up to two times the number of remote connections supported by the device For example with a KX2 216 with two...

Page 344: ...ernal KVM switches inside the blade chassis typically do not support absolute mouse technology For HP Blade and some Dell blade servers the CIM is connected to each blade so absolute mouse is supported if the underlying OS running on the blade does Is blade access secure Yes blade access uses all of the standard KSX II security features such as 128 bit or 256 bit encryption In addition there are b...

Page 345: ...page 288 and Target Server Connection Distance and Video Resolution on page 288 For the new D2CIM VUSB and D2CIM DVUSB CIMs that support virtual media and Absolute Mouse Synchronization a 100 30 m foot range is recommended Some operating systems lock up when I disconnect a keyboard or mouse during operation What prevents servers connected to the KSX II from locking up when I switch away from them ...

Page 346: ...nt port on the same KSX II device The KSX II will automatically update the server port names when servers are moved from port to port This automatic update does not just affect the local access port but propagates to all remote clients and the optional CommandCenter Secure Gateway management device Both serial and KVM ports can be moved without encountering problems However once disconnected the n...

Page 347: ...sed interface for at the rack access the KSX II s local port uses the same interface for local and remote access Moreover most administrative functions are available at the rack How do I select between servers while using the local port The local port displays the connected servers using the same user interface as the remote client Connect to a server with a simple click of the mouse How do I ensu...

Page 348: ...name of a connected server does that change propagate to the local port as well Yes The local port presentation is identical and completely in sync with remote access clients To be clear if the name of a server via the KSX II onscreen display is changed this updates all remote clients and external management servers in real time Sometimes I see shadows on the local port user interface Why does tha...

Page 349: ...upport multiple power supplies connected to multiple power strips Two 2 power strips can be connected to a KSX II device Four power supplies can be connected per target server to multiple power strips Does remote power control require any special server configuration Some servers ship with default BIOS settings such that the server does not automatically restart after losing and regaining power Fo...

Page 350: ...s sophisticated server sorting permissions and access If deployment of Raritan s CC SG management unit isn t an option multiple KSX II devices still interoperate and scale automatically The KSX II s remote user interface and the Multi Platform Client will automatically discover KSX II devices Non discovered KSX II devices can be accessed via a user created profile Can I connect an existing analog ...

Page 351: ...y the National Institute of Standards and Technology NIST in the FIPS Standard 197 Does the KSX II allow encryption of video data Or does it only encrypt keyboard and mouse data Unlike competing solutions which only encrypt keyboard and mouse data the KSX II does not compromise security it allows encryption of keyboard mouse and video data How does the KSX II integrate with external authentication...

Page 352: ...happen Java unlimited strength policy files have to be loaded on the client machine Once this is enabled the encryption level that is auto negotiated when the mode is set to AUTO is as Browser Encryption Level Internet Explorer 6 7 and 8 AES 128 Firefox 1 5 2 0 3 x AES 256 Safari 2 0 4 AES 256 Does the KSX II support a configurable security banner Yes For government military and other security con...

Page 353: ...deral government What CIMs support smart cards CAC The D2CIM DVUSB is required This CIM must be upgraded with the release 2 1 10 and later of the firmware and KSX II 2 3 0 and later What firmware version is required The KX II release 2 1 10 and later or and KSX II 2 3 0 and later are required What smart card readers are supported The required reader standards are USB CCID and PC SC See Supported a...

Page 354: ...rk or via the Remote Console What auditing or logging does the KSX II offer For complete accountability the KSX II logs all major user and system events with a date and time stamp For instance reported events include but are not limited to user login user log off user access of a particular server unsuccessful login configuration changes and so forth Can the KSX II integrate with Syslog Yes In add...

Page 355: ...The KSX II contains a hardware reset button that can be used to factory reset the device which will reset the administrative password on the device I am logged into the KSX II using Firefox and I opened another Firefox browser I am automatically logged into the same KSX II with the second Firefox browser Is this right Yes this is correct behavior and is the direct result of how browsers and cookie...

Page 356: ......

Page 357: ... CD ROM DVD ROM ISO Images 97 101 Certified Modems for UNIX Linux and MPC 256 Changing a Password 134 Changing a USB Profile when Using a Smart Card Reader 311 Changing the Default Password 30 Changing the Keyboard Layout Code Sun Targets 37 Changing the Maximum Refresh Rate 69 Checking Your Browser for AES Encryption 194 196 Choosing USB Profiles 56 CIM Compatibility 105 CIMs 311 CLI Commands 226...

Page 358: ...ertificate Validation 80 146 Encryption Share 4 193 Entering the Discovery Port 141 Environmental Requirements 285 Ethernet and IP Networking 328 Event Management 149 External Product Overview 8 F F Serial Target Ports 29 FAQs 314 Favorites List Page 49 50 Fedora 308 File Server Setup File Server ISO Images Only 97 98 FIPS 140 2 Support Requirements 197 French Keyboard 304 From LDAP LDAPS 294 From...

Page 359: ...190 Low Bandwidth KVM Settings 257 M Macintosh Keyboard 307 Maintenance 204 Maintenance Features Local Remote Console 204 Make Linux Settings Permanent 20 Make UNIX Settings Permanent 21 Managability 344 Manage Favorites Page 49 Managing Favorites 44 48 Minimum System Requirements 242 283 Miscellaneous 345 Modem Configuration 10 256 Modifying an Existing User 122 Modifying an Existing User Group 1...

Page 360: ...cro 62 S Scalability 340 Security 341 Security and Authentication 241 Security Banner 4 202 Security Issues 235 Security Management 189 Security Settings 94 96 121 189 Selecting Profiles for a KVM Port 111 Serial Access 317 Server Display 246 Servers 332 Setting CIM Keyboard Mouse Options 63 Setting Emulation on a Target 235 Setting Network Parameters 233 Setting Parameters 233 Setting Permissions...

Page 361: ...g CIMs 105 211 Upgrading Firmware 212 USB Ports and Profiles 309 USB Profile Management 210 211 USB Profiles 4 57 104 181 323 User Authentication Process 133 User Blocking 189 192 User Group List 114 User Groups 113 User List 120 User Management 113 Users 120 Using Screenshot from Target 68 Using the KSX II Local Console 240 Using Virtual Media 96 Using Virtual Media via VKC and AKC in a Windows E...

Page 362: ... India Monday Friday 9 a m 6 p m local time Phone 91 124 410 7881 Japan Monday Friday 9 30 a m 5 30 p m local time Phone 81 3 3523 5991 Email support japan raritan com Europe Europe Monday Friday 8 30 a m 5 p m GMT 1 CET Phone 31 10 2844040 Email tech europe raritan com United Kingdom Monday Friday 8 30 a m to 5 p m GMT Phone 44 0 20 7090 1390 France Monday Friday 8 30 a m 5 p m GMT 1 CET Phone 33...

Reviews: