Tripp Lite 93-2879 Bedienungsanleitung
- Schauen Sie die Anleitung online durch oderladen Sie diese herunter
- 224 Seiten
- 6.24 mb
Zur Seite of
Ähnliche Gebrauchsanleitungen
-
Network Card
Tripp Lite 12-Port Cat5e Wall Mount Patch Panel N050-012
2 Seiten 0.11 mb -
Network Cables
Tripp Lite N318-05M
2 Seiten 0.09 mb -
Network Cables
Tripp Lite N002-001-BL
2 Seiten 0.09 mb -
Power Supply
Tripp Lite OMNIVSINT800
32 Seiten 0.5 mb -
Power Supply
Tripp Lite SU12000RT4U
7 Seiten 0.14 mb -
Network Cables
Tripp Lite N320-07M
2 Seiten 0.11 mb -
Surge Protector
Tripp Lite ULTRACOPY
12 Seiten 0.19 mb -
Power Supply
Tripp Lite SM2200RMNAFTA
5 Seiten 0.1 mb
Richtige Gebrauchsanleitung
Die Vorschriften verpflichten den Verkäufer zur Übertragung der Gebrauchsanleitung Tripp Lite 93-2879 an den Erwerber, zusammen mit der Ware. Eine fehlende Anleitung oder falsche Informationen, die dem Verbraucher übertragen werden, bilden eine Grundlage für eine Reklamation aufgrund Unstimmigkeit des Geräts mit dem Vertrag. Rechtsmäßig lässt man das Anfügen einer Gebrauchsanleitung in anderer Form als Papierform zu, was letztens sehr oft genutzt wird, indem man eine grafische oder elektronische Anleitung von Tripp Lite 93-2879, sowie Anleitungsvideos für Nutzer beifügt. Die Bedingung ist, dass ihre Form leserlich und verständlich ist.
Was ist eine Gebrauchsanleitung?
Das Wort kommt vom lateinischen „instructio”, d.h. ordnen. Demnach kann man in der Anleitung Tripp Lite 93-2879 die Beschreibung der Etappen der Vorgehensweisen finden. Das Ziel der Anleitung ist die Belehrung, Vereinfachung des Starts, der Nutzung des Geräts oder auch der Ausführung bestimmter Tätigkeiten. Die Anleitung ist eine Sammlung von Informationen über ein Gegenstand/eine Dienstleistung, ein Hinweis.
Leider widmen nicht viele Nutzer ihre Zeit der Gebrauchsanleitung Tripp Lite 93-2879. Eine gute Gebrauchsanleitung erlaubt nicht nur eine Reihe zusätzlicher Funktionen des gekauften Geräts kennenzulernen, sondern hilft dabei viele Fehler zu vermeiden.
Was sollte also eine ideale Gebrauchsanleitung beinhalten?
Die Gebrauchsanleitung Tripp Lite 93-2879 sollte vor allem folgendes enthalten:
- Informationen über technische Daten des Geräts Tripp Lite 93-2879
- Den Namen des Produzenten und das Produktionsjahr des Geräts Tripp Lite 93-2879
- Grundsätze der Bedienung, Regulierung und Wartung des Geräts Tripp Lite 93-2879
- Sicherheitszeichen und Zertifikate, die die Übereinstimmung mit entsprechenden Normen bestätigen
Warum lesen wir keine Gebrauchsanleitungen?
Der Grund dafür ist die fehlende Zeit und die Sicherheit, was die bestimmten Funktionen der gekauften Geräte angeht. Leider ist das Anschließen und Starten von Tripp Lite 93-2879 zu wenig. Eine Anleitung beinhaltet eine Reihe von Hinweisen bezüglich bestimmter Funktionen, Sicherheitsgrundsätze, Wartungsarten (sogar das, welche Mittel man benutzen sollte), eventueller Fehler von Tripp Lite 93-2879 und Lösungsarten für Probleme, die während der Nutzung auftreten könnten. Immerhin kann man in der Gebrauchsanleitung die Kontaktnummer zum Service Tripp Lite finden, wenn die vorgeschlagenen Lösungen nicht wirksam sind. Aktuell erfreuen sich Anleitungen in Form von interessanten Animationen oder Videoanleitungen an Popularität, die den Nutzer besser ansprechen als eine Broschüre. Diese Art von Anleitung gibt garantiert, dass der Nutzer sich das ganze Video anschaut, ohne die spezifizierten und komplizierten technischen Beschreibungen von Tripp Lite 93-2879 zu überspringen, wie es bei der Papierform passiert.
Warum sollte man Gebrauchsanleitungen lesen?
In der Gebrauchsanleitung finden wir vor allem die Antwort über den Bau sowie die Möglichkeiten des Geräts Tripp Lite 93-2879, über die Nutzung bestimmter Accessoires und eine Reihe von Informationen, die erlauben, jegliche Funktionen und Bequemlichkeiten zu nutzen.
Nach dem gelungenen Kauf des Geräts, sollte man einige Zeit für das Kennenlernen jedes Teils der Anleitung von Tripp Lite 93-2879 widmen. Aktuell sind sie genau vorbereitet oder übersetzt, damit sie nicht nur verständlich für die Nutzer sind, aber auch ihre grundliegende Hilfs-Informations-Funktion erfüllen.
Inhaltsverzeichnis der Gebrauchsanleitungen
-
Seite 1
1 Owner’ s Man ual W arranty Registration: register online today f or a chance to win a FREE T ripp Lite product—www .tripplite.com/warr anty Console Server Management Switch Models: B096-016 / B096-048 & Console Server with P o werAler t Model: B092-016 T ripp Lite W orld Headquar ter s 1111 W . 35th Street, Chicago, IL 60609 USA (773) 869[...]
-
Seite 2
2 IND EX 1. I NTRODUCTI ON 9 2. INSTALLA TION 14 2.1 Mode ls 14 2.1. 1 Kit c omponen ts: B096-048 and B096-016 Con s ol e Serve r Ma nag eme n t S wit ch 14 2.1. 2 Ki t c omponen ts: B092- 016 C on s ol e Serv er with PowerAl ert 15 2.2 Powe r connec tion 15 2.2. 1 Po wer: Consol e Serv er Man agement Swi tc h 15 2.2. 2 Po wer: Consol e Se rver wit[...]
-
Seite 3
3 4.1. 3 SDT M ode 39 4.1. 4 Devic e (RPC, UPS, EM D) Mode 39 4.1. 5 Termi nal Server Mode 39 4.1. 6 Ser ial Br id ging Mod e 40 4.1. 7 Syslog 41 4.2 A dd/Edit Use rs 41 4.3 Authenti cation 4 4 4.4 Ne twork Hosts 44 4.5 T rusted Ne tworks 46 4.6 Serial P ort Cascadi ng 47 4.6 .1 Autom atic ally ge nerate and up load SSH keys 47 4.6 .2 Manu al ly ge[...]
-
Seite 4
4 6.2. 9 Ch oosin g an al terna te SSH cli e n t (e .g. Pu TTY) 70 6.3 SDT C onnector to Mana geme nt Console 75 6.4 SDT C onnector - Te lnet or S SH connec t to seria lly atta ched de vice s 76 6.5 Using SDT C onnector f or out-of -band conne ction to the gateway 77 6.6 Importing (and e xporting) pre fere nces 79 6.7 SDT C onnector Publ ic Key Aut[...]
-
Seite 5
5 8.1. 4 User p ower mana gement 105 8.2 Uninte rruptible P ower Supply Control (UPS) 106 8.2. 1 Ma nage d U PS c on nect i ons 106 8.2. 2 Con fi gure UP S po wer ing the C onsole Ser ver 109 8.2. 3 Con fi guri ng power ed c om puter s to mo nit or a Ma nage d UPS 110 8.2. 4 UPS alerts 111 8.2. 5 UPS s t at us 111 8.2. 6 Ove rvie w of N etw ork UPS[...]
-
Seite 6
6 10.4. 2 Bas ic N agi os pl ug -i ns 138 10.4. 3 Addi ti on al p lug- ins 138 11. SY STEM MANA GEMENT 140 11.1 Syste m Administrat ion and Re set 140 11.2 U pgrade Firmware 141 11.3 Conf igure Date and Time 142 12. STATU S REPORT S 143 12.1 Port Acc ess and Activ e Use rs 143 12.2 St atistics 143 12.3 Support Re ports 144 12.4 Sy slog 144 13. MA N[...]
-
Seite 7
7 Ale rt C onfi gurat ion 163 14.7 SDT H ost Configur ation 163 SDT H ost TCP Ports 163 14.8 Conf iguration backup and re store 165 14.9 Gene ral Linux com mand usage 166 15. A DVANCED CONFIGUR ATION 168 15.1 Adv anced Portmanager 169 15.2 External Sc ripts an d Alert s 171 15.3 Raw Ac cess to Se rial Ports 173 15.4 IP- Filter ing 174 15.5 Modify i[...]
-
Seite 8
8 16.1. 4 Con nect- SSH 206 16.1. 5 Con nect- IP MI 207 16.1. 6 Con nect- Remote D esktop (RDP) 208 16.1. 7 Con nect- Citrix ICA 209 16.1. 8 Conn ect- PowerAl ert 209 16.2 Adv anced Control Pane l 210 16.2. 1 System: Termi nal 210 16.2. 2 Sy stem: S h utdow n / R eboot 211 16.2. 3 Sys tem : L o gout 211 16.2. 4 Custom 211 16.2. 5 Stat us 211 16.2. [...]
-
Seite 9
9 1. I NTROD UCTI ON This Ma nual This U ser Manual is prov ided to hel p you ge t the most from your B 096-016 / B0 96-048 C onsole Se rver Manag ement Swi tch or B092- 016 Console Server w ith PowerAle rt product. These products are re ferred to gene rica lly in t his ma nua l as Console Serve rs . Once co nfig ured, you will be able to use your [...]
-
Seite 10
10 Pleas e ta ke care t o fo llo w th e s afety pre caut ions below when ins tallin g and opera ting th e Console Server: Do not rem ove th e m etal cov ers. T her e ar e no o p erato r-s er vice able components inside. O pen ing or removing the cover m ay expose you to dang erous volt age wh ich m ay caus e fir e or el ectri c sh ock. R efer a[...]
-
Seite 11
11 10 . Nagios Int egrat ion Set tin g Nagios cen t ral manag e ment wi th SDT extensi ons and configuri ng the Console Serv er as a distributed Nagios se rver 11. System Management C overs access to and config uration of servi ces to be ru n on the C onsole Server 12. Status Repor ts View t he status and log s of serial and network connect ed devi[...]
-
Seite 12
12 location, to configure the Consol e Ser ver, set up Users, c onfig ure the ports and c onnected hosts, and set up logg ing and al erts . An authorized U ser can use the Management C onso l e to acc ess and cont rol c onfigured dev ices, rev iew port logs, use the in-built java terminal to access serially attached c onsoles and control powe r t o[...]
-
Seite 13
13 Text presente d like this highlights important issues and it is essential you read and t a ke h eed o f t hes e war n ings Text presented wi th an arrow head i ndent indicates an act ion y ou should take as part of the procedure. Bold text indicates text that y ou t ype, or the name of a screen object ( e.g . a menu or button) on the Managem[...]
-
Seite 14
14 2. INSTA LL A TIO N Introd uction This chapter describes the physical i nstallation of the Consol e Server hardware and c onnection t o controlled dev ices 2.1 Model s There are a numbe r of Console Serve r models, each with a di fferent number of network, USB and serial ports and power suppl ies: Seri al Ports Network Ports Con sole Port USB Po[...]
-
Seite 15
15 If y ou a re in st allin g you r Co nso le Se rver M an age ment Sw itc h in a rac k yo u will nee d t o at ta ch the r ack moun ting bracke ts su ppli ed wi th the uni t, an d i nstal l the unit i n the rack . Tak e car e to head the Safe ty Pre cautions Connect your Consol e Server Manage ment Switch to t he network, to the seri al por[...]
-
Seite 16
16 2.2.2 Power: Console S erver with PowerA lert The standard B092-01 6 Console Serv er has a built-in universal auto-swi tc hing AC powe r supply. This power supply acce pts AC i nput vol tage betw een 100 a nd 240 VAC with a f requency of 50 or 60 Hz and the power consumption is l ess than 40W. The A C powe r socket is locate d at the rear of th [...]
-
Seite 17
17 The Cons ole Server als o has a DB9 LOCAL (Cons ole/ Modem) port. This DB-9 connector i s on the rear panel of the B092-016 C onsole Se r ver, a nd on the front panel of the B096-048/016 C onsole Ser ver Manag ement Swi tch. 2.5 USB Por t Conne ction The B096-0 48/016 C onsole Server Ma nageme nt Switch has one U SB port on the fr ont panel . Ex[...]
-
Seite 18
18 3. INI T I A L SYSTEM CONFIGUR A TION Introd uction Th is c hap te r pr ovid es st ep -by- st ep in st ruct ion s fo r the init ia l co nf igura tio n of you r Co nso le Se rver a nd connecting i t t o your managem ent or operational net work. Thi s invol v es the Adm inistrator: Activ ating the Manag ement Consol e Changi n g the Admi n[...]
-
Seite 19
19 o IP addre ss: 192.168.0.1 00 o Subnet mask: 255 .255.255. 0 If you wi sh to reta in you r exi sting IP s etting s for th is ne twork conne cti on, cl ick Advance d and Add t he above as a seco ndary I P connection. If it i s not co nve nient to c hange your computer ne twor k address, you can use the ARP-Pi ng command to reset the Conso[...]
-
Seite 20
20 Y ou will be p ro mpt ed t o lo g in. E nt er the def ault admini strat ion use rname and administration password: User nam e: root Password: de faul t Th e ab ove scr een , wh ich list s fo ur init ial ins tal lat ion co nf igura tio n st eps , w ill be d ispl aye d: 1. Change the de faul t admi nist rati on passw ord o n the S ys tem /Admi[...]
-
Seite 21
21 3.1.3 In itial B092- 016 conne cti on Fo r t he in itial c on figu rat ion of t he B092 -0 16 Con so le Ser ver, yo u will n eed t o c o nne ct a c onso le (keyboard, mouse and display) or a K VM switch dire c tl y to its mouse, key board and VGA ports. When you i nitiall y power on the B 092-016, you w ill be p romp te d on you r direc t ly co [...]
-
Seite 22
22 Select Syst em: Admin istrati on Enter a new S ystem Passwo rd then re-ent er it in Con firm Sy stem Pa ssword. This is th e new password for root , th e main ad minist ra tiv e us er a cc ount , s o it is imp or tan t th at you ch oo se a complex passw ord, and keep i t safe You may now wi sh t o en ter a Syste m Nam e and Syst em D[...]
-
Seite 23
23 If yo u sele ct DHCP , the Con sole S erve r will loo k fo r c onfigu rat ion det ails f rom a DHC P se rver o n your manag ement LAN. This selection automatical ly disables any st atic address. The Console Server MAC address can be found on a label on the base pl ate Note In it s factor y de f ault stat e (w it h no Confi guration Method se[...]
-
Seite 24
24 Y ou w ill th en ne ed t o con figur e th e IPv6 p ara mete rs on eac h in ter fac e pa ge 3.4 Sys tem S ervices The Admini strat or has a selection of acc ess proto c ols t hat c an be used to a c cess the Console Serv er. The factory default enable s HTT PS and SSH ac cess to the C onsole Server and disables HTTP and Telnet. T he User can [...]
-
Seite 25
25 Select Syst em: Se rvic es . T hen select /d eselect th e service t o be enabled /d isabled. The following access proto col options are avai lable : HTTPS Ensures sec ure browser access to al l the M anagem ent Console m enus. It also allows appropriately c onfigure d Users secure browser access t o sele c ted Manageme nt Con so le Ma nage m[...]
-
Seite 26
26 There are also a num ber of related servi ce options that can be c onfig ured at this stage: SNMP Enabl es netsnm p in t he Co nso le Se rver whic h wi ll ke ep a re mot e log o f all p ost ed informati on. S NMP i s disabled by de fau lt. To modify the default SN MP s ettings, the Admi n istrator must make the edits at the co mmand l ine as[...]
-
Seite 27
27 Cl ick Appl y . As you app ly yo ur s ervic es s ele ct ion s, t he s cre en w ill be updated with a co nfirma tion message: Message C hanges t o config uration s ucce eded. 3.5 Commu nication s S oftwa re You need to co nfigure the access protocols that the comm unications software on the Admi nistrator and Use r Computer will use when conn[...]
-
Seite 28
28 To use PuTTY for an SSH terminal session from a Windows cli ent, en ter the Conso le Server’s IP address as the ‘Host N ame (or IP address)’ To ac cess th e Console Server c ommand line, select ‘SSH’ as the protocol and use th e defaul t IP Port 22 Click ‘Open’ and the Console Serv er l o g in pro mpt will ap pea r. ( Y[...]
-
Seite 29
29 A me ss age may appear about t he host key finge rpr int. Yo u will n eed to sele ct ‘Y es’ o r ‘Alwa ys’ to con tin ue. The next step is password au thentication. You wi ll be prompted for your usernam e and password from the rem ote sys tem. You will then be l ogg ed on to the C ons ole Server 3.6 Ma nagement Net work Co nfigur[...]
-
Seite 30
30 Note T he second Et hernet port on the B096- 048/016 can be confi gured as ei ther a Manage m ent LAN gateway port or it can be configur ed as an OoB / F ailover port - but not bot h. So be sure t hat you did not a ll ocate Ma nage me nt LA N as the F ailo ver Interface when y ou confi gured the principal Netwo rk connecti on on the System: IP m[...]
-
Seite 31
31 To c onfigure th e D HCP server fo r the Ma nagement LAN: Enter the Ga teway addr ess that i s to be i ssued to the DHCP clients. If thi s fie ld is l eft bl ank, the IP address of the B096-048/ 016 w ill b e us ed Enter the Pri mary D NS and Secondar y DNS address to issue the DH CP cli ents. Ag a in if thi s field is left bl ank, the I[...]
-
Seite 32
32 Once DHCP has i nitially al located hosts addresses, it is recommended to copy th ese into the pre- ass igned l ist so the same IP a ddr ess will b e rea lloca ted in t he eve nt of a reboo t. 3. 6.3 Configur e Man agem ent Sw itc h for F ail over or Broadb and Oo B The Manag ement Swi tch in the B0 96-048/ 016 Consol e Server can be confi gured[...]
-
Seite 33
33 4. SE RI A L P ORT A ND NE T W ORK HOST Introd uction The Console Se rver enables access and c ontrol of serially-attached devices and network -at tached devices ( hosts ). The Administrat or must conf ig u re access privileges for each of t hese devices, and spec ify the services that can be used to co ntrol the devices. The Admini st rator can[...]
-
Seite 34
34 When you have configure d the common settings and t he mode for each port , set up any remote syslog ( Cha pter 4. 1.7 ), the n c lick Apply If the Console Server has been config ured with distributed Nag ios monitoring enabled then you will al so be presented with Nagios Settings options to e nable nomina ted ser v ice s on the H ost to[...]
-
Seite 35
35 4.1.2 Co nsole S erver Mode Select Console S erver Mode to enabl e rem ote man agemen t access to t he se rial console that is attached to the se rial port: Log ging Level Th is sp ecif ies t he leve l of inf orma tio n to be lo gged a nd mo nit ore d (r efer t o Chapte r 7 - Alert s and L og ging)[...]
-
Seite 36
36 Telne t Check to enab l e Te lnet ac cess to t he ser ial port . When enab led, a Telnet client on a User or Adm inistr ator’s comp uter can con nect to a se rial devi ce atta ched to this s eria l port on the Consol e Server. The de fau lt por t addre ss is IP Addre s s _ Por t (2000 + seri a l por t # ) i.e. 2001 – 2048 Telnet communi c at[...]
-
Seite 37
37 Pu TTY can be dow nloaded at http:/ /www . tucows.c om/ p revi ew /195286. html SSH It is recommended that the User or Administrator use s SSH as the protocol for connecting to serial consoles att ached t o the Conso le Server when commun icating over the Int ernet or any other publi c network. This will prov ide an authenti c ated, encrypted co[...]
-
Seite 38
38 This syntax enables users to set up SSH tunnels t o all serial ports with only a singl e I P port 22 having to be o pened in their firewall/gateway . TCP RA W TC P allows connections directly to a TCP sock et. C o mmunications prog ra ms such as Pu TTY also support RAW TC P, howeve r, this protocol would usual ly b e used by a custom appli catio[...]
-
Seite 39
39 4.1.3 S DT Mod e This setting all ows port forw arding of LAN protocol s su ch as RDP , VNC , HTPP , H TTPS, SSH an d Tel net through to compute rs which are c onnec t ed l oc al ly to the C onsole Serve r by their seri a l COM port. However su ch po rt fo rward ing requires a PPP lin k to be set up o ver this serial por t. Re f er t o Chapter 6[...]
-
Seite 40
40 The g etty will then configure the port and wa it for a co nnection to be made. A n active c onnection on a serial dev ice i s usually indicated by the Data Carrier Detec t (DCD) pi n on the serial device being raised. When a connection is dete cted, the g etty program issues a logi n: prompt, and then invok es the login program to handl e the a[...]
-
Seite 41
41 You may secure the communi c ations over the local Ethernet by enabling SSH however you will need to ge nerate and upload keys (refer to Chapt er 14 – Adva nced C onf igu rati on ) 4.1.7 S yslog In addi t ion to bui lt-in log ging and monitori ng (which can be appli ed to serial-attached and ne twork- attache d mana gem ent acces ses, as c[...]
-
Seite 42
42 User s c an be authorized to acc ess spe cified C onsole Server serial ports and specifi ed network-attached hosts. These users can also be gi ven full A d ministrator stat us (with ful l configuration and manag ement and access privil eges). To simpl ify user setup, they can be configured as mem bers of Groups. There are two Groups set up by de[...]
-
Seite 43
43 Select Seria l & Netwo rk: Users & Gro ups t o displ ay the confi gured Groups and User s Cl ick Add G roup to add a new Group Add a Gr oup name and Descrip tion for each new Grou p, then nom inate A ccessible H osts and Accessible Po rts to speci fy the serial ports and hosts you wi sh any users in this new Group to be able [...]
-
Seite 44
44 Add a Username and a c onfirm ed Passwo rd for each new U ser. You ma y also incl ude information rel at ed to the user ( e.g. conta ct deta ils ) in th e Desc ription field No minat e Accessible Ho sts and Access ible Port s to specify w hich serial ports and whi ch LAN connec ted hosts you wi sh t he user to have access to S pec if[...]
-
Seite 45
45 S elec ting Seria l & Network: Netwo rk H osts pr esents a ll the ne twork conne cted Hos ts that hav e been enabled for access, and the related access TCP ports/services Cl ick Add Hos t to enable access t o a new H o st (or sel ec t Edit to update t he setting s for exi sting Host ) Enter the IP Addre ss or DNS Name of the new [...]
-
Seite 46
46 4.5 Trusted Net works The Truste d Netw ork s fa cilit y gives yo u t he opt ion to nomin at e sp ecif ic IP a ddr esse s th at use rs (Admi n istrators and Use rs) must be located at in orde r to have access to Console Serv er serial ports: Select Seri al & Network: Trusted N etworks To add a new trusted network, select Add Rule [...]
-
Seite 47
47 Netw ork IP Address 204.15. 5.0 Subnet Mask 255.255. 255.255 If ho wever you wan t t o allo w all t he u sers ope rat ing fr om wit hin a spec ific ran ge of IP addres ses (sa y any of the thirty a ddresses from 2 04.15. 5.129 to 204.15.5. 158) to be permi tt ed connection to the nomi nated port: Host / Subnet Addres s 204.15. 5.128 Subnet M[...]
-
Seite 48
48 Now sel ect whether to generate the keys usi ng RSA and/or DSA (if unsure, select only RSA ). Generating eac h se t o f keys wil l req uire a ppr oxima te ly t wo min ut es and th e new keys w ill dest ro y any old k eys o f that type that may prev iously bee n uploaded. Also w hi l e the new gene rat ion i s under way on the master, functions r[...]
-
Seite 49
49 Next, you must register t he Public Key as an Aut horized Key o n the S lave. I n t he simple case with only one M aster with multiple Slaves, yo u need o nly upload th e one RSA or DSA public key for eac h Slave. Note T he use of key pairs can be conf us i ng because in many cases one f ile (Publi c Key) fulfill s two rol es – Publi c Key and[...]
-
Seite 50
50 4.6.3 Co nfig ure the S laves and their serial p orts You can now beg in setting up the Slaves and config uring Slav e serial ports from the Master C onsole Server : Select Seria l & Netwo rk: Casca ded Po rts on the Mas ter’s Manag ement Consol e To add clustering support select Add Slave Note Y ou w il l be prevent ed from adding[...]
-
Seite 51
51 4.6.4 Ma nagin g the S la ves The Ma ster is in control of the Slave serial po rts. So, for example, if you ch ange a U ser’ s access p rivi leges or edit any se rial port setting on the Master, the u pdated configurati on files will be sent out to each Slav e in p aral l e l. E ac h Sla ve wil l th en a ut omat ica lly ma ke c ha nges t o t h[...]
-
Seite 52
52 5. F A IL OVER A ND OUT-OF-BA N D A C CESS Introd uction Th e Con so le Ser ver ha s a n u mber of f a ilover and o ut -o f-b and ac ces s c apa bilit ies t o en sur e avai lab ilit y in the event there are difficulties in accessing the Conso le Server thro ugh the princ ipal network path. This chapter covers: Out-of-band (OoB) access from a[...]
-
Seite 53
53 Select the Syst em: Di al menu op tion and the port to b e configure d ( S erial DB 9 Port or Intern al Mod em Port ) Note T he Cons ole S er v er’s console/m ode m serial port i s set by default to 115200 baud, No parity, 8 data bi ts and 1 stop b i t, w i th so f tware (Xon-X of f) fl ow contr ol enabled. Y ou can modif y the baud rat e [...]
-
Seite 54
54 establi shed. Again, you can select any address for the Local IP Address but both must be in the same network rang e as the Remote IP A ddress The Defaul t Route option enabl es the dial ed PPP connection to becom e the default r out e for the Con sole Server The Custo m Modem In itializat ion op tio n al lows a cu s to m AT s trin g mod[...]
-
Seite 55
55 Select Connect to the Internet and cli c k Next On the Getti ng Read y sc reen select Set Up M y Conne ction M anual ly and click Next On the Intern et Conn ection screen select Conne ct Us ing a Di al-U p Modem and cli c k Next Enter a Conne ction N ame (any name y ou choose) and the di al-up Pho ne Number tha t will connect thr[...]
-
Seite 56
56 5. 1.5 Se t up Li nux cl ient s for di al- in The on li n e tutorial ht tp: //www.yolinu x.c om/T UTO RIAL S/Lin uxT uto rialPP P.html presents a selec tion of metho ds fo r estab lishing a dial up PPP con nect ion: - Comman d lin e PPP and ma nual c onf igurat ion (whic h works wit h an y Linux distrib utio n) - Usin g the Linuxco nf co nfig ur[...]
-
Seite 57
57 When configuri n g the principal network connection on the S ystem: IP Netwo rk Interface m enu, select Managem ent L AN (eth1) a s the Failov er Interf ace to be use d when a fault has be en detected wi th mai n Netw ork In terface (eth0) Spec ify the P robe Addr es ses of two si tes (the Primar y and Second ary ) that the B096- 048/016[...]
-
Seite 58
58 Then configure Managem ent L AN Int erface ( eth1 ) with the s ame I P setti ng tha t you use d for the main Networ k Interface ( eth0 ) to ensure transparent r edundancy In th is mo de, Ne twork 2 (e th1) i s ava ila ble as the trans parent b ack-up p ort to Networ k 1 ( eth0) for acces sing the ma nage ment ne twork. Networ k 2 wi ll autom[...]
-
Seite 59
59[...]
-
Seite 60
60 6. SECURE TUNNE LING A ND S DT CONNECTOR Introd uction Each Console Serv er has an embedded SSH se rver and use s SSH tunneling . This enable s one Console Server to securely m anage all the system s and network devices in the data c enter, usi ng text-based console tools (such as SSH, Tel net, S oL) or graphical desktop tools (VNC, RDP , HTTPS,[...]
-
Seite 61
61 Us ing SDT C onnector to Te lnet or SSH connect to de vice s that are seri all y attach ed to th e Console Server ( Sect ion 6 .4 ) The chapter then covers more adv anced SDT Conne c tor and SDT tunneli ng topics: Usi n g SDT Connector for out of band access ( Section 6. 5 ) Automatic i mporting and exporting of configurations ( Sec [...]
-
Seite 62
62 SDT Connect or can conne ct to the C onsole Serve r usi ng an a ltern ate OoB a ccess . It can al so be configured to access the C onsole Server i tself and to access devi ces connected to seri al ports on the Console Server . 6.2.1 S DT Con nector client installa tion The SDT Connect or set up program ( SDTConne ctor Set up-1.n.exe or sdtco[...]
-
Seite 63
63 To op erate SDT Connec tor, add the new g ateways to t he client software by entering the ac c ess detai ls for each Conso le Server (refer to Secti on 6. 2.2 ). T hen let t he clie nt auto -c on figur e wit h a ll hos t a nd s eria l port c onnections fro m each Console Server (refer Se ction 6.2. 3 ). Now point-and-click to connect to the Host[...]
-
Seite 64
64 Opt ional ly, you can enter a Descrip tive Name to displa y instead of the IP or DNS address, and any Notes or a De script ion of t his g at eway (such as its firmware version, site location or anything spe c ia l about its network configuration). Cl ick OK a nd a n ic on fo r the new ga tew ay will n ow a pp ear in t he SDT Conne ctor h[...]
-
Seite 65
65 confi gure a ccess to networ k-connec ted Ho sts th at the use r is au thorize d to acce ss and set up (for each of these Host s) t he services (e.g. HTT PS, IPMI2.0) an d the related I P ports being redi rected configure access to the C onsole Server i tself (this is shown as a Local Se rvic es host) con figure access with th e enab[...]
-
Seite 66
66 No te The S DT Connect or client c an be confi gured with an u nl imited number o f G a teways. Eac h Gat ew ay can be conf igured to port f orw ard t o an unlimited num ber o f loc a lly net w orked Hosts. Simil arly t here i s no limit on the number of SD T Connect or clients who can be confi gured to access t he one Gateway. T here are a l s [...]
-
Seite 67
67 6. 2.6 M anual ly addin g new se rvi ces to the ne w hos ts To extend the rang e of services that can be used when accessi ng hosts with SD T Connect or : Select Edit: Preferen ces and click the Servi ces ta b. Click Add Enter a Service Name and clic k Add Under the Genera l tab, enter the TCP Port that t his servi c e runs on (e.g .[...]
-
Seite 68
68 The second redirection i s for the VNC servi ce that the user may choose to l aunch later from the RA C web console. I t aut omatically loads in a Ja va client served th rough the we b browser, so it does not need a loc al c lient ass oc iat ed wit h it . O n the Add S ervice screen, you can click Add as many times as nee ded t o add mul t i[...]
-
Seite 69
69 6. 2.7 Addi ng a cli ent pr ogram t o be star ted f or t he new s ervic e Clie nt s ar e loc al ap plic at ion s th at may be laun ch ed w hen a r elat ed s ervic e is c lick ed. T o a dd t o th e po ol of cli ent programs: Select Edit: Preferen ces and click the Client t ab . Clic k Add Enter a Name for the client. Enter the Pat h t o t[...]
-
Seite 70
70 Also some c lien ts a re lau nc hed in a co mmand line o r t ermin al w indo w. T he T elnet c lient is an example of th is: Cl ick OK 6. 2.8 Di al- in configur ati on If t he c lient c ompu te r is d ialin g int o Local /Console por t o n t he Co ns ole S erve r, you will ne ed t o s et u p a dial -in PPP link: Configure the C on sole S[...]
-
Seite 71
71 SDT Connect or cl ien t so ft ware th at is sup plied with th e ga tew ay. How eve r th ere is also a wide sel ect ion of commerci al and free SSH cl ient programs that are s upported: - PuTTY i s a comple t e (though not very user-fri endly:) freeware i mp le m entation of SSH for W in32 and UNIX pl at forms - SSHTerm is a useful open source SS[...]
-
Seite 72
72 specifi ed when setting up t he SD T Hosts on the Conso le Server was acc ounts .myco.i ntran et.co m , t hen specify th e Destination as acco unts.my c o.i ntranet. com:3389 If your desti nat i o n computer i s seriall y connect ed to the Consol e Server, set the De stinat ion as <po rt lab el>:3389. For example, if the Label yo u spe[...]
-
Seite 73
73 Select Local and click the Add button Cl ick Open to SSH c onne ct th e Clien t c omp ut er t o th e Cons ole S erve r . Yo u will n ow be p rom pt ed for the Username/Passwo rd for th e Console Server User you SDT enab led Note You can al so s ecure t he SDT communic at i ons fr o m local and enterprise VPN-c onnected Cli ent com puters[...]
-
Seite 74
74 Note How secure i s VNC? VNC ac cess generall y all ow s acces s to your w hole c omput er, s o securi ty i s v ery important . VNC uses a random chal lenge-response sy stem t o provi de the basic authent icati on that all ow s you to connec t to a VNC s er v er. T h is i s reasonabl y secure and the password i s not sent ov er t he network. How[...]
-
Seite 75
75 6.3 SDT C onnect or to Ma nage ment Cons ole SDT Connect or c an also be c onfig ured for brows er access to the gateway’s Manageme nt Console – and for Te lnet or SSH acce ss to the g atew ay comm and li ne . For these connecti ons to the g atewa y its elf, y ou must configure SDT C onnec to r to acces s the g ateway (its elf) b y s etting [...]
-
Seite 76
76 6.4 SDT C onnect or - Teln et or SSH co nnect t o seria lly attac hed de vices SDT Connect or can also be used to ac cess text consoles on de vices that are at ta ched to the Consol e Server’s seri al ports. For these connections, you must config ure the SD T Connec tor client software with a Ser vice th at w ill ac ces s th e t arge t gat ewa[...]
-
Seite 77
77 Cl ick Add then scr oll to th e bottom and cli ck Apply Administrators by default have g ateway and serial port ac cess priv ileges; howeve r for Users to ac ces s th e gat eway and t he s erial p ort , y ou will nee d to give t hos e User s th e req uired ac ces s privileges. Selec t Users & Group s from Ser ial & Ne twork . Cli[...]
-
Seite 78
78 cm d /c st art " Start ing Out of Ban d Conne ctio n" /wait / min ras dial net work _c onne ctio n lo gin passw or d The network_c onne cti on in the abov e is the name of the network connection as di splayed i n Cont rol Pa nel -> Ne tw ork Co nnec ti ons . Login is the di al -in use rname, and password is th e dial -in password fo[...]
-
Seite 79
79 6.6 Impor ting (an d exp orting) pr efer ences To enable the di stribution of pre-configured cli ent config files, SDT Conne ctor has an Expo rt/Imp ort fac ilit y: To save a config uration .xml f il e (for backup or for importing into other SD T Connect or clien ts ), select File -> Export Pref erences and selec t th e loc at ion t o sa [...]
-
Seite 80
80 SSH cli ent that SDT C onnector launches (e. g. Putty, OpenSSH ) and th e host's SSH server for publ ic key authentication. E ssential ly, what you are usi ng is SSH over SSH, and the t wo SSH connections are en tirely separate. 6.8 Setting up SDT f or Rem ote Deskto p Acce ss Microsoft ’s Remote Deskt op Protocol (RDP) enables the system[...]
-
Seite 81
81 To set the use r(s) w ho can remote ly a ccess the syste m w ith RD P, cli ck Add on the Rem ote Desktop Users dialog box Note If you need to set up new users f or Remote Desktop ac cess, open Us er Ac counts in the Control Panel and proceed thr ough the steps to no mi nate t he n ew u s er’ s nam e, password and account type ( Ad mi nistr[...]
-
Seite 82
82 In C ompute r , ent er the app r o priate IP Address and Port Number: Where there is a direct local or ent erprise VPN connection, enter the IP Address of th e Consol e Server, and the Port Numbe r of the SDT Secure Tunnel for t he C onsole Server ’ s serial port (the one that is atta ched to the Windows co mputer to be controll ed). F[...]
-
Seite 83
83 Note T he Re mot e Des kt op Connecti on s oft w are i s pre-installed on W indows XP. Howev er, for earl ier W indow s com puters, you will need t o dow nload t he RDP cli ent: Go t o the Micr os oft Dow nl oad Center sit e htt p://www .m ic roso f t .co m /dow nl oads /det ail s.aspx?f a mily id= 80111F21-D48D-426E- 96C2- 08AA2BD 23A49&[...]
-
Seite 84
84 Note T he rdeskt op c li ent is s uppl ied with Red Hat 9. 0: rpm -iv h rdesktop-1. 2.0-1.i386. rp m For Red Hat 8.0 or o ther di stributions of Linux; download source, unt ar, confi gure, make, make then i nstall. rdesk top currentl y runs on m os t UNI X bas ed platf orm s wit h the X W indow System and can be downloaded f r o m http:// ww[...]
-
Seite 85
85 6.9 SDT S HH Tunnel for VNC Alternatel y, w ith SDT and Virtual Network Computing (VNC), Users and Administrators can sec urely access and control Window s 98/NT/2000/ XP/2003 , Li nux, Maci ntosh, Sol aris and U NI X computers . There’s a range of popular VNC software a vailable (UltraVNC, RealV NC, TightVNC) free ly and commercially. To set [...]
-
Seite 86
86 To set up a persis t ent VNC server on Red H at Enterprise Li nux 4: o Set a password using vncpa sswd o Edi t /etc /sys config/v ncs erve rs o En ab le th e ser vice with chkcon fig v ncserver on o Start th e s ervi ce wi th service vn cserver sta rt o Edi t /hom e/ username /. vnc /xstart up if y ou want a m ore a dvanced s essi on than ju[...]
-
Seite 87
87 A. When the V iewe r computer is co nnected to the Console Server through an SSH tunnel (over the publi c Internet, or a dial-in connection, or private network connect ion), enter local hos t (or 127.0. 0.1) as the IP VNC Se rve r IP address and t he s ource port you entered when se t ting SSH tunneli ng/port forwarding (in Section 6.2. 6) e.g. [...]
-
Seite 88
88 Note F or general bac kground readi ng on Re m ote Desktop and VNC access, we recom mend the f o ll ow ing: The Mic rosoft Remot e Deskt op Ho w-To htt p://www .m ic roso f t .co m /w i ndows x p/using/m obilit y /getstart ed/rem oteintro.m spx The Illust rated Networ k Remote Desktop he lp page htt p://theill ustrat ednetw ork .mv ps .o[...]
-
Seite 89
89 Window s 2003 and Window s XP Pr ofessional all ow you to create a si mple dial-in service which c an be used for the Remote Desktop/VN C/HTTP/ X connection to t he Console Server: Open Netw ork C onnect ions in Con tr ol Pan el an d c lick t he New Conne cti on Wizar d Select Set up an ad vanced c onnec tio n and click Next On the A[...]
-
Seite 90
90 S pec ify wh ich User s wi ll be a llo wed to use this co nn ection. This sho uld be t he s ame Us ers w ho were given Remo te D eskt op ac ces s privile ges in t he ea rlier s tep . Clic k Next On the Network Con nection sc reen, select TC P/IP and cli ck Properties Select Speci fy TCP /IP addr es ses on the Inco ming TCP/ IP P rope[...]
-
Seite 91
91 Note T he abo v e not es describe set ting up an inc o ming c onnecti on for W i ndow s X P. T he s t eps are the same f or W indows 2003, ex cept that the set up s creens pr es ent sl ightly d iff erentl y : Put a c heck in the bo x f or Alw ays allow direct ly connec t ed devices such as palmt op… .. Al s o, t he option to Set up an advan ce[...]
-
Seite 92
92 On the S DT Se tting s me nu, sel ect SDT Mode (which will enabl e port forwarding and SSH tunneli ng) and enter a Username and U ser Password . Note W hen you enable SDT, this wil l o v err i de all other Configurat ion prot oco ls on that port Note If you leave the Usernam e and User Pass word fields bl ank, they default t o por tX X and p[...]
-
Seite 93
93 7. A LER T S A N D LOGGING Introd uction Th is c hap ter desc ribe s th e aler t ge nera tio n an d lo gging f eat ure s of th e Co ns ole S erver . Th e aler t f acilit y monitors the serial port s, all logins, the power status and envi ronmental monitors and probes. It sends emails, S MS, Nagios or SNM P alerts when specified trigger events o [...]
-
Seite 94
94 In the SMTP Se rver fi eld, e nter the IP addre ss of the o utgoi ng ma il Ser ver You may enter a Se nder email address which will appe ar as the “ fr om” a ddr ess in all em ail notifications sent from this C onsole Server. Many SMTP servers check t he sender’s email address wi t h the host domain name t o veri fy the addre ss as[...]
-
Seite 95
95 In the SMTP SM S Serve r field in the Alerts & Lo ggin g: SMT P &SMS menu, enter the I P address of the ou tgoing mail Serve r You may enter a Se nder email address which will appe ar as the “ fr om” a ddr ess in all em ail notifications sent from this C onsole Server. So me SMS gat eway s erv ice pro vider s on ly fo rwar d [...]
-
Seite 96
96 Note T he Console Serv ers hav e an sn mptrap dae mon t o send traps/not ific at i ons to r e m o te SNM P serv ers on de fi ned tri gger e v ents, as detail ed abo v e. The Cons ol e Ser v er s also embed t he net- snmpd daem on w hi ch accept SNMP requests f rom re mot e SNMP m anagement serv ers and provi des inform ation on network int er f [...]
-
Seite 97
97 Select Ale rts & Loggi ng: Alerts whic h w ill disp la y all t he a lert s cu rr ent ly co nf igure d. Cl ick Add Aler t 7.2.1 Ad d a n ew alert Th e fir st st ep is to sp ec ify t he a lert ser vic e th at will b e us ed t o s end not ific at ion for t his even t, wh o to notify, and what port/host/devi c e i s to be moni tored: At [...]
-
Seite 98
98 Acti vate Na gios notif icati on if it i s to be use d for t his event. In an SDT N agi os central ly m anage d env ironm ent, you ca n check the Nag ios a lert opti on. O n the tri gge r conditi on (for match ed patterns, logins, power e vents and signal chang es), an NSCA check "warni ng" result will be sent to the central Nagios[...]
-
Seite 99
99 Serial Po rt Pat tern Mat ch Alert – Th is ale rt w ill be t rig gere d if a regula r ex pr ess ion is fo und in the serial ports character stream that matches the regular expression you enter in the Pattern field . This aler t t ype w ill on ly b e ap plied ser ia l por ts UP S Pow er Status Alert - This alert will b e tr igger ed w h[...]
-
Seite 100
100 If you hav e selected A pplica ble Alarm S ensor(s) th at a re to be moni tored f or thi s ale rt eve nt, the n you ca n also set time windo ws wh en t hes e sen sor s will no t b e mon ito red ( e.g. fo r a d oor -op en s enso r, yo u may not wi sh to ac tivate the se nsor al ert moni torin g d uring the wor king day) Cl ick Appl y 7.3 Rem[...]
-
Seite 101
101 7.4 Serial P ort L ogging In Console Server mode, activity logs of al l seri a l po rt activity can be maint ained. These reco rds are stored on an off-server, or in the Console Server flash mem o ry. Specify which serial ports are to have acti viti es re corded an d to what lev el da ta is to b e log ged: Select Seria l & Netwo rk: Ser[...]
-
Seite 102
102 7.5 Network TCP or UDP Port Log ging The Console Servers can also log any access to and com munications with net work attac hed Hosts. For each Host, when y ou set up t he P ermitted Servi ces which are authorized t o be used, y ou also must set up the leve l of lo ggin g th at is t o be mainta ined for eac h se rvic e Sp ec ify t he lo[...]
-
Seite 103
103 PO W ER & EN VIRO NM ENT AL M AN AGEM ENT Introd uction The B092-016 C onsole Ser ver and B096-048/ 016 Console Server Manage m ent Sw itch products embe d software that can be used to manage connected Powe r Distribution Systems (PDU ’s), IPMI devices and Uni nt erruptibl e Power Supplies (UPS’s) supplied by a number of vendors, and so[...]
-
Seite 104
104 Cl ick Add RP C Enter a RPC Nam e and Descrip tion for t he RPC In C onnect ed Vi a , select the pre-configure d serial port or the network host address that connects to the RP C Sele ct an y sp ecif ic la bels you wish to ap ply t o s pec ific RPC Outlets (e.g. t he PD U may ha ve 20 outlets connec t ed t o 20 powered de vices [...]
-
Seite 105
105 system is unrespon s iv e. To set up I PMI power con trol, t he Ad mi nistr ator fir s t ent ers the IP address/dom ai n name of the BMC or servi ce processor (e.g. a Del l DRA C) i n Serial & Net work: Netw ork Hosts. Then i n Serial & Net work: RP C Connection s , t he Admi n istr ator specif ies the RPC T ype to be IPMI1.5 or 2.0 8.1[...]
-
Seite 106
106 The outlet status i s display ed. You can initia t e the desi red Action to be taken by sele ct in g the appropriate i con: Power ON Power OFF Power Cycle Power S tatu s Yo u will o nly be p rese nt ed wit h ic on s fo r t hose o per at ion s th at ar e s upported by the Tar get you have sel ected 8.2 Uninter ruptible P ow er Suppl y Contr [...]
-
Seite 107
107 Select UPS as the Devi ce Type i n the S erial & Network: Seria l Port menu for each port which has Master control ov er a UPS and i n th e Seria l & Net work: Network Ho sts menu for ea ch network c onnected UPS (refer to Chapte r 4) No such confi guration is requi red for USB-connected UPS hardware. Select the Ser ial & N [...]
-
Seite 108
108 Enter a UP S Na m e and Description (opt ional ) and identi fy if the UP S will be Conne cted V ia US B or over pre- c onfig ured serial port or v ia HTTP/HTTPS ov er the preconfigured ne t work H ost connection Enter the UPS l ogi n deta ils. This Us ername and Passw ord is use d by Sl aves of this U PS (i.e . other computers t hat are[...]
-
Seite 109
109 Chec k Log Sta tus and specify t he Log Rat e (i.e. mi nute s between sampl es) if you wi sh the stat us from this UPS to be l ogged. T hese logs can be v iews from the Status : UPS Status screen Chec k Enab le Nagio s to enable this U PS to be moni tored usi ng Nagios central m anageme nt Clic k Apply You can als o cust omize the u[...]
-
Seite 110
110 8. 2.3 C onfiguri n g power ed com puter s to m onitor a Man ag ed UP S Once you have added a Managed U PS, each server tha t is drawing power through the UP S should be set up to monit or th e UPS s tat us as a Slave . Th is is do ne by in sta llin g th e NUT p ac kage o n ea ch serve r, and setting up ups mon to conn ect to the Conso le Serve[...]
-
Seite 111
111 - passw ord is the Password of the Manag er UPS 8.2.4 U PS alerts You can now set U PS alerts using Ale rts & Loggi ng: Aler ts (refer to C hapter 7 ) 8.2. 5 UPS st atus You can moni t or the c urrent st atus of all your Mana ged or M onitored UPS’s, whet her they are on the network or con nected seri ally or via U SB: Select the Stat[...]
-
Seite 112
112 NU T can be config ured using the Management C onsole as described above, or you can configure the tools and manag e the UPS’s di rect ly from the comm and line. This section provi des an overvi e w of N UT. You can find ful l documentation at h ttp://www.netwo rkupstoo ls.org/doc . NU T is built on a networked m odel with a l ayered scheme o[...]
-
Seite 113
113 So NU T supports t he m ore co mpl ex power architectur es found in data centers, computer room s and NOCs w here many UPS’s from m any vendors powe r many systems wi th many cli ents and each of the larg er UPS’s power multipl e devices and many of these de vices are themsel ves dual powered. 8.3 Environm ental Monitor ing The Envi ronment[...]
-
Seite 114
114 8.3.1 Con necting the EMD The Environme nt al Moni toring Sensor (EMD) c onnec t s to any seri al port on the Console Serv er via a sp ec ial EM D Ad ap ter and standard C AT5 cable . The EMD is powered over thi s serial connection and communi c ates usi ng a custom handshake proto col. I t is not an RS2 32 device and sh ould not be conn ected [...]
-
Seite 115
115 Cl ick Add Enter a Name and Description for the EMD and sele c t pre -co nfig ured serial port that the EMD will be Conne cte d Via Provid e Labe ls for eac h of t he two al arms Chec k Log Sta tus and specify t he Log Rat e (minutes between sampl es) if you wi sh t he status from this EM D to be l ogged. T hese logs can be v ie[...]
-
Seite 116
116 Select the Status : Envi ronme ntal St atus menu and a t able wi t h the summary stat us of all co nn ec ted EMD h ard war e will b e dis pl ayed Cl ick on View Log or sel ect the Envi ronmen tal Lo gs men u an d you will be pres ent ed wit h a tab le and graphi cal plot of the log history of the select EMD[...]
-
Seite 117
117 A U TH ENTI C ATIO N Introd uction The Tripp Li t e C onsole Serve r is a dedicated Li nux co mputer, and it embodi es popular and proven Linux software modules for sec ure network ac cess (OpenSSH) and communi c ations (OpenSSL) and sophisticated user authenti c ation (PAM, RADI US, TACACS+ and LDA P). This chapter detail s how the Adminis[...]
-
Seite 118
118 Loca l TACACS /RADI US/LDA P : T ries loc al au th ent ica tio n f irst , f alling b ac k to remo te if loc al f ails TACACS /RADIUS/ LDAP Lo cal : T ries remot e au th ent icatio n f irst , fa lling ba ck t o lo ca l if remo te fails TACACS /RADIUS/ LDAP Down Local : T ries r emot e au then tic at ion f irst , f alling b ac k to loc al if t he[...]
-
Seite 119
119 admi nistrativ e cont rol o v er t he authenticati on and authorizati on process e s . T ACACS+ all ow s f or a singl e access cont rol serv er (the TACACS+ daem on) to provi de authentic at i on, authori za ti on, and account ing servi ces independentl y. Each service c an b e ti ed into it s own database to t ake adv antage of other servi ces[...]
-
Seite 120
120 logi n, and other aut henticati on mechani s m s . Fur ther inform a ti on on conf iguring rem o te RADI US serv ers can be found at t he f o l lowing sit es : htt p://www .m ic roso f t .co m / t echnet/pr odtechnol/windows s erv er 2003/ l ibrary/ DepK it /d4fe8248- eecd- 49e4-88f 6-9e304f 97fefc.m spx htt p://www .ci sco.com /en/ US /t ech /[...]
-
Seite 121
121 LD A P The Li ghtweight Dir ectory Acc es s Protoc ol (LDAP ) is bas ed on the X.500 standar d, but i s signif icant ly s im pler and m ore r eadily adapt ed to m eet custom needs . The core LDAP specif icati ons are al l def ined i n RFCs. LDAP i s a protocol us ed t o acces s inf orm a ti on s t ored in an LDAP serv er . Fur ther i n f ormati[...]
-
Seite 122
122 9.2 PAM (Plug gable Authen tication Mod ules) The Console Server supports RADIU S, T AC ACS+ and LDAP for two-fact or authentication v ia PAM (P luggab le Authe nticati on Modul es). P A M is a f lexib le me chanis m for a uthenti cating Users. Nowada ys, a number of new ways of authenticating users have become popular. The chall en ge i s that[...]
-
Seite 123
123 po rt2 = 192. 168.254. 145/po rt05 } gl ob a l = cle artex t mit } RADIUS Examp le: paul C learte xt- Pass word : = "luap" Ser vi ce-Ty pe = F ramed-U ser, Fa ll- Thro ugh = No, Fram ed-F ilter- Id= ": group_ nam e= admi n" The li st of groups may i nclude any number of e ntries s eparated by a comma. I f the admin g roup is[...]
-
Seite 124
124 When you first enable and co nnect via HTTPS, it is normal that you may receive a certificate warn ing. The default SSL certifi c ate in your Console Server is embe dded durin g testing and is not signed by a rec ogn ized th ird p art y ce rtif ica te a ut ho rity . R ath er, i t is s ign ed b y our own s ign ing au th orit y . Th ese warning s[...]
-
Seite 125
125 NA GIOS INT EGR A TION Introd uction Nag ios is a powerful , hi ghl y extensible ope n sourc e to ol for monitori ng network hosts and servi c es. The core Nagios software package will typically be install ed on a server or virtual server, the central N agios server. Tripp Li t e C onsole Server s c an operate i n conjunction with a central/ups[...]
-
Seite 126
126 10.2 Central mana gement The Nagios solut ion has three pa rts: the Central Nagios server, Distributed Con sole Servers and the S DT for Nagi os soft ware. Central N ag ios server A vanil la Na gio s 2.x or 3 .x ins talla tio n (t ypic al ly on a Lin ux s erver ) General l y runni ng on a blade, PC , vi rt ual m achine, etc. at a cen tr[...]
-
Seite 127
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 127 Yo u will a lso r equ ire a we b ser ver s uc h as Apac he t o d i s play t he Na gios w eb U I (an d t his ma y be in sta lled automaticall y as a dependency of the Nag ios packages). Al t ernati ve ly , you m ay wish to d[...]
-
Seite 128
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 128 Ch eck NSCA Ena bled , choos e an NSCA E ncrypti on Me thod and enter and confirm an NSCA Secr et . Re member th ese d etail s a s you will ne ed t hem lat er o n. Fo r NSCA In terva l , en ter 5 Cl ick Appl y . Nex[...]
-
Seite 129
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 129 Cl ick Appl y Now set t he Console Server t o send alerts to t he Nagios server Select Aler ts from the Alerts & L ogging menu and cli c k Add Alert In Descript ion enter: Adm inistr ator co nnect ion Ch[...]
-
Seite 130
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 130 Enter the Na gios Ho st Name that t he Console Server wi l l be referred to in the Nagi os c entral server – this will be generated from l oc al System Name (entered i n S ystem: A dministra tion ) if unspecifie d [...]
-
Seite 131
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 131 10.3.2 En able NR PE mon itorin g Enabling NRPE allows you to exe c ute plug -ins (such as check_tcp and c hec k_pi ng ) on the rem ote Con sole Server to monitor serial or network attached remote serv ers. This will offloa[...]
-
Seite 132
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 132 10.3.3 En able NS CA mon itoring NSC A is the mecha nism that al lows you to sen d passi ve che ck res ults fr om the rem ote Co nsole Serve r to the Nag ios daemon runni ng on the monitori ng server. To enable N SCA: S[...]
-
Seite 133
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 133 Select Enab le Nagio s , specify th e name of the device on th e upstr eam server and determine t he check to be run on this p ort. Serial Status monitors the handshaking l ines on the serial port and Check Po rt monito[...]
-
Seite 134
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 134 The Na gios Check nom inated as the ch eck- ho st- al ive check is used to de t ermine whether t he network host itsel f is up or down T ypic ally t his wi ll be Check Ping – a lth ough in so me ca ses t he hos t [...]
-
Seite 135
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 135 10.4 Adva nced D istribute d Mo nitoring Con f ig ura tion 10.4.1 Samp le Nagios co nfigura tion An ex ample configuration for Nag ios is listed be low. I t shows how to set up a remote Consol e Server to monitor a sing le [...]
-
Seite 136
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 136 serv ice_de script ion Serial St atus host _nam e se rver use gene ric -ser vice check_command check_serial_status } defin e serv ice { servic e_desc ript ion serial-s ignal s-ser ver host _nam e se rver use gene ric -ser v[...]
-
Seite 137
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 137 host _nam e t ripp lite depe nde nt_ host_ nam e serve r depe nde nt_ ser vice_ desc r ipti on Port Log serv ice_de script ion NRPE Daem on execution_failure_c riteria w,u,c } ; Ping defin e com mand{ com mand_ name chec k_[...]
-
Seite 138
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 138 use gene ric -ser vice chec k_c omm and check _co nn_ via_ tri pp lite! tc p!22 } defin e serv ice { serv ice_de script io n host -p ort-t cp-2 2- serve r ; ho st-p ort- < p roto c ol> -<por t>-<ho st> hos[...]
-
Seite 139
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 139 check_apt check_by_ssh check_clamd check_dig check_dns che ck_dummy check_fping check_ftp check_game check_hpjd che ck_h ttp check_imap chec k_ja bbe r check_ldap check_load check_mrtg che ck_mr tgtra f ch eck _na gio s che[...]
-
Seite 140
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 140 11 . SYST E M MA N A GEM EN T Introd uction This chapter describes how the Admini strat or can perf orm a range of gene ral system admi n istration and configuration tasks on t he Console Se rver, such as: Appl y ing So[...]
-
Seite 141
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 141 Th is will r es et th e Con so le Ser ver b ac k t o it s fac to ry d efault set t ings a nd c lea r t he Co nso le Se rver ’s st ore d c onf igura tio n in for mat ion. The hard erase wil l clear al l cust om settings an[...]
-
Seite 142
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 142 Spec ify the address an d name of the down loaded Firmware Upgrade File, o r Brows e t he lo ca l subnet and locate the downloaded fi le Cl ick Appl y and the Console Se rver appli anc e will undertake a soft rebo o[...]
-
Seite 143
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 143 12 . STA TUS REPO RT S Introd uction This chapter desc ribes the selection of status reports t h at are avail able for review: Port Acc ess and Ac t ive U sers Statistics Support Reports Syslog UPS Statu[...]
-
Seite 144
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 144 12.3 Support Rep orts The Support Report provi des useful status information that w ill ass ist t he Trip p L ite tec hn ica l sup po rt team to resolve any issues you may experienc e with yo ur Conso le Server. If you do e[...]
-
Seite 145
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 145 Remote System Logging The syslog record can be redirect e d to a re mote Sy slog Serve r: Ent er the remote Syslog Server address and port detail s and then cli ck Apply Loca l System Lo ggin g To view t he lo ca l Sys [...]
-
Seite 146
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 146 13. M A N A GEM ENT Introd uction The Console Server Managem ent Console has a number of reports and tool s that can be a ccessed by both Admi nistrators and Users: Access and control config ured devices View serial[...]
-
Seite 147
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 147 To display Host logs select Manage : Host L ogs and the Host to be display ed 13.3 Power Manag ement Admi n istrator and Users can access and ma nage the connected power devi c es. Sele c t Mana ge: Power 13. 4 Se r[...]
-
Seite 148
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 148 Cl ick Con nect to SDT Co n nect or to ac cess the Console Server co mmand line shell or t he serial ports via SDT Connector. This will act iv ate the SDT Co nnector clie nt on the computer you are browsing and load you[...]
-
Seite 149
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 149 To access t he Console Ser ver comman d l ine, e nter th e gateway’s T CP address (e.g. 192.168. 254.198 ) as hostname and the Usernam e (e.g. root@192. 168.254.198) . Then en ter the Password To access the Consol[...]
-
Seite 150
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 150[...]
-
Seite 151
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 151 14. B A S IC CONFI GURA TION - LI NU X COMM A NDS Introd uction For those who prefer to configur e their Co nsole Server at the Linux c ommand l in e l evel (rather tha n use a brow ser and t he Mana gem ent Console) , this[...]
-
Seite 152
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 152 14.1 The Linux C omman d line Power up the Conso le Server and connec t the “terminal ” device: o If y ou are conne cting us ing th e seria l line, p lug a s erial cab le betw een the Console Serv er local DB-9 p or[...]
-
Seite 153
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 153 Options -a –run-all Run al l reg iste red config urato rs. This pe rforms every config uratio n sy nchronizati on act ion pus hing a l l changes to the liv e sys tem -h –h elp Disp la y a bri ef usage messa ge. -v –v [...]
-
Seite 154
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 154 14.2 Adminis tration Conf igura tion System Settin gs To ch ange system setti ngs to th e f ol lowi ng val ues: Sys tem Name og. mydoma in.com System P asswo r d (r oo t acco un t) secr et Sy stem SMTP S erver 192.16 8.0. 1[...]
-
Seite 155
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 155 # /bi n/config –-set =config .aut h.serv er=192. 168.0. 32 # /bi n/config –-set =config .auth. pass word=Se cret # /bi n/config – -set= ”config .aut h.ldap.bas enode=s ome bas e node” The fo llowing com mand wi ll[...]
-
Seite 156
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 156 Time Zone To c hange the syst em ti me zone USA to Eastern St an dard T ime, you need to i ssue the followi ng commands: # /b in/conf ig –-set=c onfi g.system.ti mezone=U S/Ea stern The fo llowing com mand wi ll s ynchro [...]
-
Seite 157
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 157 IP Address : 192.16 8.1. 100 Prima ry DNS: 192.16 8.1. 254 Seconda ry DNS : 10.1. 0.254 You wo uld ne ed to issue the f ollowing com mands from the comma nd l ine: # /bi n/config - -set =config. i nte rfaces .wan. mode=s t [...]
-
Seite 158
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 158 # /bi n/config –-set =config .cons ole.fl ow=Hardw are # /b in/con fig –- set=co nfig.co nsol e.i nitstri ng=AT Q 0 V1H0 The fo llowing com mand wi ll s ynchro nize t he liv e sy ste m with the new configu ration. # /bi[...]
-
Seite 159
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 159 # /bi n/config –-del= config .serv ices. pingreply .enab led The fo llowing com mand wi ll s ynchro nize t he liv e sy ste m with the new configu ration. # /bi n/config –-run=s ervice s Note: “ /bin/ config” comman [...]
-
Seite 160
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 160 Suppo rted flow -contro l values are 'Hardware' , 'Soft ware' and 'N one'. Suppor te d Protocol Confi gurati on To ensu r e r emo te ac cess to ser ial po rt 5 i s confi gur ed a s follo ws: Te[...]
-
Seite 161
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 161 So your new Us er wi ll be t he exis ting t otal plus 1, s o if the previo us comma nd ga ve y ou 0, the n you s tart w ith user n umber 1. If y ou alre ady have 1 us er, y our new us er wi ll be n umber 2, etc. If y ou wan[...]
-
Seite 162
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 162 # /bi n/config –-set =config .porta ccess .rule2.ne tmas k=255. 255.255.0 # /bi n/config –-set =”conf ig.port access .rule2. descr iptio n=foo bar. ” # /bin/co nfig –-set =config .portacces s.rule2. port5= on # /b[...]
-
Seite 163
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 163 Al ert Configur ati on You can add an email alert to th e system fro m the co mmand line by followi ng these inst ructio ns: Determi ne the to tal numb er of existin g aler ts (if you have no exi sting al erts) yo u can ass[...]
-
Seite 164
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 164 # conf ig -s config. sdt .host s.hos t3.tcpport s.t cport3 = 3389 The ab ove assumes the con fig below: # v i /etc/c onfig /config. xml ~ < /users > </h ost1> <t otal>3< /tot al> <h ost2> < [...]
-
Seite 165
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 165 14.8 Config urati on backup a nd res tore Before backing up the config uration , yo u need to arra nge a w ay to t ransfer the back up o ff-box. Thi s co u ld be via an NFS shar e, a Samba (Windows) share to USB storage, or[...]
-
Seite 166
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 166 As SSH use s thes e ke y s to avoid m an-in-the -midd le attack s, logg ing in may be disrupt ed. 14.9 Genera l Linux comma nd usa ge The Console Server platform i s a ded icated Linux computer, optimize d t o provi de acc [...]
-
Seite 167
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 167 route open ntpd pin g portm ap pppd routed set ser ial sm tpclie nt stty st unel tc pdump tftp tip tra cerou te More detai ls on the above Li nux comm ands can found online at : http://en. tldp.org/ HOWTO/HOWTO-INDEX/howtos[...]
-
Seite 168
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 168 15. A DV A NCED CONFI GURA TION Introd uction This cha pter doc uments the em bedded por tmanager applicat ion whi ch manag es t he s erial ports on t he Cons ole Se rver an d giv es e xample s of it s us e: portm anage[...]
-
Seite 169
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 169 15.1 Ad v anc ed Port manag er pm shell The pmshell command acts si mil arly to th e standard tip or cu c ommands , but a ll se rial p ort acces s is directed v ia t he port manage r. Exa mple: To c onnect to port 8 via t h[...]
-
Seite 170
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 170 pmchat The pmchat command acts simi la rly to the stan dard chat command , but a ll se rial po rt acce ss is direct ed via the po rtmana ger. Exa mple: To run a chat script vi a the po rtmana ger: # pmchat - v - f /etc/conf[...]
-
Seite 171
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 171 Port man age r Dae mon Comm and line o ptions Ther e is normall y n o need to stop and restart the d aemon. T o restart the daemo n, just run the command: # portma nager Suppo rted comma nd l ine opt i o ns are: Force p ort[...]
-
Seite 172
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 172 When an alert occu rs on a po rt, the po rtmanag er will att empt to exe cute /etc/ confi g/sc ripts /portXX.al ert (where XX is the p ort num ber, e .g. 08) The s cript is run w ith STD IN c ontaining the dat a w hich trig[...]
-
Seite 173
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 173 fi if [ -z "$L ABEL" ]; th en ech o "W elcom e $USER, you are c onn ected to Port $PO RT" els e ech o "W elcom e $USER, you are c onne cted to Port $PO RT ($LAB EL)" fi </etc/ config/ pmshel[...]
-
Seite 174
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 174 To ove rride the s tandard modem init ializ ation s tri ng, eit her us e the M anag ement C onsole (ref er to Chapter 5 ) or the command l ine config tool (refer to Dial- In Confi gurati on Chapter 14 ). Enabl ing Boot [...]
-
Seite 175
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 175 Cus tomizin g the IP-F ilter : / etc/ config/fi lte r -custom If t he st andard sy stem firewall config urati on is not ade quate fo r you r needs, it ca n be bypass ed sa fely by cre ating a file at /e tc/co nfig/ filte r,[...]
-
Seite 176
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 176 Resour ces Ther e are many high-quality tuto rials and HOWTO s avail able via th e net filter webs ite; in par ticular, peruse th e tutori als listed on the n etfilt e r HOWTO pa ge. A list of usefu l web loca tions has bee[...]
-
Seite 177
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 177 The snmpd.conf is ex treme ly powerful a nd to o f lexible t o cov er com plete ly he re. The config urat ion f ile it self is com mente d ext ensiv ely and g ood doc ument ation is av aila ble at t he net-s nmp website h t[...]
-
Seite 178
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 178 To se t the Eng ine I D fie ld (SNM P ve rsion 3 on ly) co nfig -- set c onfig .syste m.sn mp. engin eid2=8000 0002010 984030 1 .. re pl aci ng 800 000020 109840 301 with the engine ID To set th e Username field (SN MP vers[...]
-
Seite 179
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 179 OpenSS H, the de facto open sou rce SSH a ppl ication, e ncry pts all t raffic (includ ing pas swords ) to effec tively el iminate these ri sks. Addition ally, Op en SSH provid es a myriad of secur e tunneling capabil ities[...]
-
Seite 180
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 180 G enerat ing public/ priv ate rs a ke y pair. Ente r file in wh ich t o sav e the key ( /home/use r/. ssh/id_ rsa): /home/ user/ keys /control _room Ent er pas sphras e (empt y for no pa ssphra se): Ent er sam e pass phras [...]
-
Seite 181
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 181 As suming t he use r on the Manag ement C onsole is calle d "f red"; the IP address of the Console Serv er is 19 2.168. 0.1 (de fault ); and t he public key is on the l inux/ unix comput er in ~/.s sh/ id_ds a.pub[...]
-
Seite 182
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 182 More doc ument ation on OpenS SH can be fou nd at : htt p://opens sh.org /portab le.ht ml http: // www.open bsd.o rg/c gi-bi n/man.cgi? query=ssh &sekti on =1 http :// www.op enbsd .org/ cgi-b in/man .cgi?q uery=sshd Ge[...]
-
Seite 183
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 183 OpenSSH: http :// www.op enssh .org/ OpenSSH (Windows): htt p://sshw indows. sourcef orge. net/downl oad/ For ex ample , using PuTTYg en , make s ure y ou hav e a rece nt vers ion o f the puttygen.exe (av ailable from http [...]
-
Seite 184
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 184 Cre ate a ne w file " authori zed_keys " (wit h note pad) and copy y our publ ic key data f rom the "Public key for pas ting i nto Ope nSSH auth orize d_ke ys file " sec tion of t he Pu TTY Ke y Gene[...]
-
Seite 185
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 185 The aut henticit y of h ost 're mho st (192.1 68.0. 1)' ca n' t be e stab lished. RSA key fing erprint is 8d :11:e0 :7e:8a :6f:a d:f1:94 :0f:93 :fc:7c :e6:ef :56. Are you s ure y ou want to contin ue connecti[...]
-
Seite 186
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 186 As detaile d in Cha pter 4, the Serv er gateway i s set up in Console Ser ver mode wi th either RAW or RFC221 7 enabled and the Clien t gateway is set up in Serial Br idging Mo de with th e Server Addres s, and S erv er TCP[...]
-
Seite 187
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 187 Ge nerated k eys may be one of two t ypes - RSA or D SA (and it is be yond the sc ope of t his docume nt to recomme nd o ne ove r the other). RS A key s will g o int o the files id_ rsa and id_r sa.pub . D SA key s will be [...]
-
Seite 188
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 188 Your ident ification has be en sav ed in /home/user /keys/ control_r oom Your publi c key has bee n sav ed in /home/us er/keys /control _room. pub . The key f inger print is: 28:a a:29:3 8:ba:40 :f4:11 :5e: 3f:d4:fa :e5:36 [...]
-
Seite 189
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 189 To use public key authen tication wi th SDT Conn ector, fir st you must fir st create an R SA o r DSA key pa ir (using s sh-key gen, PuTTY gen or a sim ilar tool) an d add the pu blic pa rt of your SSH key pai r to the [...]
-
Seite 190
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 190 http :// www.op enssl .or g/do cs/app s/op enssl .html http :// www.op enssl .or g/do cs/H OWTO/c erti ficates.txt 15. 8 HTTPS The Ma nagem ent Cons ole can be serv ed usi ng HT TPS by ru nning the we bserve r via ss lwra p[...]
-
Seite 191
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 191 Yo u w i ll be pro mpted to enter a lot o f inform ation. Most of i t doesn't matter, but the "Commo n Name " should be t he dom ain nam e of y our c omput er ( e.g. tes t .t ripplite .com). When yo u have en[...]
-
Seite 192
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 192 443 st ream tcp nowait root sslwrap -cert /etc /con fig/ssl_ cert. pem -key /e tc/co nfig/ss l_ke y.pe m -ex ec /b in/ht tpd /hom e/httpd " Save the fil e and signal in etd of the configura tion change . kill -HUP ` ca[...]
-
Seite 193
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 193 Targ ets conne cted to RPC's that could not be conta cted (e. g. due to network failu re) a re rep orted as stat us "unknow n". If p oss ible, output w ill be c ompres sed into h ost ranges . -n, --n ode Que [...]
-
Seite 194
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 194 Pow er on foo 0,foo 4,foo5 : powerman - -on foo[ 0, 4-5] As a remi nder to the reader, so me shells will i nterpr et brac kets ([ and ]) for p attern matching. Depe nding o n your s hell, it may be neces sary to e nclose ra[...]
-
Seite 195
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 195 Th e first i s to have scr ipts to sup port th e p articu lar RPC i nclud ed in the op en sour ce PowerMan projec t ( http:/ /sourcef orge.ne t/proje cts/power man ) . Th e PowerMan device s pecifica tions are unusua l and [...]
-
Seite 196
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 196 This v alue w ill be pas sed t o the sc ripts in the env ir onment v ariab le outlet , al lowing the s cript to addr ess the correc t outlet. There a re fo ur pos sible s cripts : on, off, cy c l e and status When a s cript[...]
-
Seite 197
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 197 [ -U < us ername >] [ -A < authty pe >] [ -L < priv lv l >] [ -a | -E | -P | -f < passw ord >] [ -o < oemtype >] < command > ipmi tool [ -c | -h | -v | -V ] -I lanpl us -H < hos tname [...]
-
Seite 198
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 198 -f < password_f il e > Spec ifies a file co ntaini ng t he remot e serv er pa ssw ord. If t his option is a bsent , or if pas sword_file is e mpty, t he pass word will defa ult to NULL. -h Get basic usa ge help fr om [...]
-
Seite 199
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 199 envir onm ents where system secur ity is n ot an issue or where th ere is a dedicated sec ure 'mana gement network ' or acces s has been prov id ed thro ugh an C onsole S erver. Fur ther, i t i s stro ngly advi se[...]
-
Seite 200
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 200 ipmi tool ch assis h elp Cha ssis Commands : sta tus, pow er, iden tify, po licy, rest art_caus e, poh, b ootdev ipmi tool chass is power help ch assis p owe r Co mman ds: statu s, on , of f, cyc le, r eset, d ia g, so ft Y[...]
-
Seite 201
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 201 - Select Stat us: Suppo rt R eport - S cro ll do wn t o Processes - Look for : /bin/ss h -M N -o Cont rol Path=/ var/r un/cas c ade/% h Slave name - These are t he Slaves that are connect ed - Note: The end of the Sl aves&a[...]
-
Seite 202
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 202 16. THI N CLIENT (B092-016) Introd uction The B092-0 16 has a sele ction of ma nagem ent clie nts (Fir efox brows er, SSH, Tel net, VNC vie wer, IC A, RDP) em bedded as well as the Tripp Lite P owerAle rt software. Wi th t [...]
-
Seite 203
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 203 F or ea ch new Host you ad d, yo u will b e ask ed t o en te r a Lab el (enter a descriptiv e name) and a Hostname (enter th e IP Add ress or DNS N ame of th e new n etwork connected Host) and possibly a User name (ent [...]
-
Seite 204
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 204 16.1.1 Conn ect- serial te rmina l Sele c t Conn ect: S erial on the control panel and cli ck on the desire d serial port. A window will be created wi th a connection to the device on t he selected seri al port: The emb[...]
-
Seite 205
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 205 The B092-0 16 provid es a powerf ul Moz illa Fir efox bro wser with a lice nsed Su n Java JR E Java and al l Jav a based trademarks and logos are trademarks or regi st ered trademarks of Sun Microsystems, Inc. in the U. S. [...]
-
Seite 206
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 206 If t he Host Name was l eft blank when the VNC serv er connection was c onfigured, then the VN C View er w ill st art wit h a r equ est fo r th e VNC ser ver. Sele ct ing Options at this stage enab les you to config[...]
-
Seite 207
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 207 The B092-0 16 SSH connection uses OpenSSH ( http:// www.openssh. com/ ) and t he termi nal connection is presented usi ng rxvt ( ouR XVT ). You can find more detail s on configuration options i n htt p://www.rxvt.o rg/manu [...]
-
Seite 208
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 208 The resulting serial charact er c onnect ion i s presented i n an rxvt (ouR XVT ) windo w. Also the Serial-Over- LAN f eat ure is on ly ap plic able t o IPM I2.0 dev ices. Select Log s: IPMI on the control panel and sel[...]
-
Seite 209
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 209 You can use Add/Del ete/Edit to custom ize the rdesktop cli ent (e.g. to include l ogin usernam e passwords). The comm and line protocol i s: rd esktop -u w i ndo ws-user-id -p windows -password -g 1200x950 ms-w indows -ter[...]
-
Seite 210
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 210 16.1.8 Conn ect- PowerAlert Select Conn ect: Po werAlert on the control panel . The P owerAlert software wi l l be launched. 16.2 Adva nced C ontrol Pa nel 16.2.1 System: Termina l Sele ct ing Sy stem: Te rminal on the [...]
-
Seite 211
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 211 16 .2. 2 System : Shutdow n / Re boot Clic kin g Sys tem : Shut down on th e co nt ro l pan el will sh ut do wn th e B0 92-0 16 s yst em. Y ou w ill nee d to cycl e the powe r to re activa te the B092-016 wi th a soft reset[...]
-
Seite 212
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 212 16.3 Remot e contr ol You can acces s the B092-01 6 local ly via a dire ctly connected ke yboard, m onitor and m ouse (or KVM swi tch). If the B092-016 i s connected to a KVMoIP infrastructur e, then this m ay also prov ide[...]
-
Seite 213
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 213 Appendix A Hardw are Specification FEA TU RE VA LUE Dime nsions B096-016 / B 096-048: 17 x 12 x 1.75 in (43.2 x 31.3. x 4 .5 cm) B092-016: 17 x 6.7 x 1.75 in (44 x 17 x 4.5 cm) Weig ht B096-016 / B 096-048: 11 .8 l bs (5 .4[...]
-
Seite 214
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 214 Appendix B Seria l Port Connec tiv ity Pinout standards ex ist for both DB 9 and DB25 connect ors, however, there are n ot pinou t standards for serial co nnectivi ty using RJ45 connectors. Many Console Serve rs and seriall[...]
-
Seite 215
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 215 Conne ctors inc luded i n Con sole Server The B092-0 16 Consol e Serve r with Pow erAl ert, and the B096-048/0 16 Console Server Ma nageme nt Switch ship w ith a “cross-over ” and a “straig ht ” RJ45-D B9 connector [...]
-
Seite 216
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 216 Appendix C End User L icense A g reement READ BEFORE US I NG T HE A CCO M PANYING SOFT WARE YOU S HOULD CAREF ULLY READ THE FO LLO W I N G T ERMS AND CO ND ITIO NS BEF O RE USING THE ACCOM PANYIN G SOFT W AR E, THE USE OF W[...]
-
Seite 217
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 217 EXPORT RESTRICTIONS. You agr ee that you w i ll not ex por t or re-export t he So ft w are, any part thereof , or any pr ocess or s erv i ce that is the di rect product o f the S o f tware in viol a t ion of any appli cable[...]
-
Seite 218
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 218 REGA RD IN G THE D EVICE OR TH E S OF T WARE, TH OSE WARRAN TIES D O NOT ORI GIN ATE FR OM , AND AR E N OT BIND ING ON, TR IPP LIT E. NO LIABILITY FOR CER TAIN DAMAG ES. EXCEPT AS PROHIBIT ED BY LA W , TRIPP LITE SH ALL HAV[...]
-
Seite 219
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 219 Eve ryone is pe rmitted to copy and d istribute ve rbat im copies of th is license docu m e nt, bu t chang ing i t is no t allowe d. GNU GENERAL PUBLI C LI CENSE TERMS AND CONDITIO NS FOR COPYING, DI STR IBUTION AND MODI F [...]
-
Seite 220
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 220 a ) Accompan y it with the co mplete co rrespond ing machine -r e adabl e source code , wh ich must be dis tri bu t e d unde r the te rms of Se cti o ns 1 and 2 abo ve on a m e d i u m c usto m a rily use d for sof tware in[...]
-
Seite 221
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 221 distribution limitation e x cludi ng those coun tri e s, so that dis tribution is per mitt e d on l y in or a mong coun tries no t thus exclude d. In such case , this Lice nse inc orporate s the limitatio n as if writte n i[...]
-
Seite 222
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 222 3. Source Code . Sof tware may co ntain sou r ce code that, unle ss ex pressly license d for o ther p urpose s, is pr ovide d solely fo r refe rence purposes pu rsuant to the ter ms of you r lic ense . Source code may no t [...]
-
Seite 223
____________ _______________ ________________ _______________ ___________ B096-016 B096-048 and B092-016 U ser Manual Page 223 Appendix D Service and Warranty Limite d War ranty Selle r war ran ts th is pr odu ct , if use d in ac co rda nce w ith all ap plic able in st ruc tio ns , to be f ree f rom orig ina l de fect s in m at eri al and workmansh[...]
-
Seite 224
T ripp Lite W orld Headquar ter s 1111 W . 35th Street, Chicago, IL 60609 USA (773) 869-1234 (USA) • 773.869.1212 (International) www .tr ipplite .com 23 20 090 3108 93 - 2879 _ EN[...]