CCM
Installer/User Guide
USA Notification
Warning: Changes or modifications to this unit not expressly approved by the party responsible for compliance
could void the user’s authority to operate the equipment.
Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant
to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful
interference when the equipment is operated in a commercial environment. This equipment generates, uses and
can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may
cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to
cause harmful interference in which case the user will be required to correct the interference at his own expense.
Canadian Notification
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out
in the Radio Interference Regulations of the Canadian Department of Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux
appareils numériques de la classe A prescrites dans le Règlement sur le brouillage radioélectrique édicté par le
Ministère des Communications du Canada.
Japanese Approvals
European Union
Warning: This is a Class A product. In a domestic environment, this product may cause radio interference in
which case the user may be required to take adequate measures.
Taiwanese Notification
avocent.book Page i Tuesday, March 14, 2006 12:33 PM
CCM
Installer/User Guide
Avocent, the Avocent logo, The Power of Being There, DSView and
AVWorks are registered trademarks of Avocent Corporation or its
affiliates. All other marks are the property of their respective owners.
© 2006 Avocent Corporation. All rights reserved. 590-434-501E
avocent.book Page ii Tuesday, March 14, 2006 12:33 PM
Instructions
This symbol is intended to alert the user to the presence of important operating and maintenance
(servicing) instructions in the literature accompanying the appliance.
avocent.book Page iii Tuesday, March 14, 2006 12:33 PM
TABLE OF CONTENTS
Table of Contents
List of Figures .................................................................................................................ix
List of Tables ................................................................................................................... xi
Chapter 1: Product Overview.......................................................................................... 1
Features and Benefits ........................................................................................................................ 1
Safety Precautions ............................................................................................................................. 4
Rack mount safety considerations ..............................................................................................4
Chapter 2: Installation and Configuration ..................................................................... 5
iii
Hardware Overview........................................................................................................................... 5
CCM850 and 1650 appliance hardware ....................................................................................5
CCM485x appliance hardware................................................................................................... 6
Installing the CCM Appliance ........................................................................................................... 7
Configuring the CCM Appliance ....................................................................................................... 8
Configuring the network address settings ..................................................................................8
Initial CCM appliance login.....................................................................................................10
Rebooting and Reinitializing the CCM Appliance........................................................................... 11
Rebooting..................................................................................................................................11
Reinitializing............................................................................................................................. 11
Configuring the Appliance for AV Operation or DS Operation...................................................... 12
Chapter 3: Operations ................................................................................................... 13
Overview .......................................................................................................................................... 13
Configuring Global Settings ............................................................................................................13
Updating the Appliance Clock......................................................................................................... 14
Configuring Port Settings ................................................................................................................15
Physical port settings................................................................................................................ 15
Port access................................................................................................................................17
Managing groups...................................................................................................................... 18
Virtual port settings ..................................................................................................................19
Displaying port settings............................................................................................................ 20
Connecting to Serial Devices........................................................................................................... 21
Connecting to devices using Telnet ..........................................................................................21
avocent.book Page iv Tuesday, March 14, 2006 12:33 PM
iv CCM Installer/User Guide
Connecting to devices from the console port............................................................................22
Configuring and using dial-in connections ..............................................................................23
Using PPP ................................................................................................................................ 23
Using SSH.................................................................................................................................24
Enabling plain text Telnet and SSH connections...................................................................... 27
Session sharing and preemption............................................................................................... 27
CLI Mode ......................................................................................................................................... 30
Ending Device Sessions ................................................................................................................... 31
Session time-out........................................................................................................................ 31
Managing User Accounts.................................................................................................................32
Access levels and rights............................................................................................................33
Using Authentication Methods......................................................................................................... 34
Console port session and connection authentication ...............................................................36
Authentication summary ...........................................................................................................38
Using security lock-out............................................................................................................. 40
Managing Port History .................................................................................................................... 40
Using the local history buffer ................................................................................................... 41
NFS history files ....................................................................................................................... 43
Managing the CCM Appliance Using SNMP ..................................................................................46
Chapter 4: Using CCM Appliance Commands ............................................................ 51
Accessing the CLI ............................................................................................................................ 51
Entering Commands ........................................................................................................................51
When commands take effect......................................................................................................52
Understanding Conventions ............................................................................................................ 52
Command syntax....................................................................................................................... 52
Syntax conventions....................................................................................................................54
Command Summary......................................................................................................................... 55
Chapter 5: CCM Appliance Commands ....................................................................... 61
Connect Command........................................................................................................................... 61
Disconnect Command ......................................................................................................................62
Group Commands ............................................................................................................................ 63
Group Add command................................................................................................................ 63
Group Delete command............................................................................................................64
avocent.book Page v Tuesday, March 14, 2006 12:33 PM
Group Set command .................................................................................................................64
Help Command ................................................................................................................................ 65
IPMI Command................................................................................................................................65
NFS Command................................................................................................................................. 66
NTP Command................................................................................................................................. 67
Port Commands ............................................................................................................................... 68
Port Add command ................................................................................................................... 69
Port Alert Add command ..........................................................................................................70
Port Alert Copy command ........................................................................................................ 71
Port Alert Delete command ...................................................................................................... 71
Port Break command ................................................................................................................72
Port Delete command ............................................................................................................... 72
Port History command.............................................................................................................. 73
Port Logout command .............................................................................................................. 73
Port NFS command...................................................................................................................73
Port Refresh command ............................................................................................................. 75
Port Set command..................................................................................................................... 75
Port Set In/Out command .........................................................................................................79
Quit Command.................................................................................................................................80
Resume Command............................................................................................................................80
Server Commands ............................................................................................................................ 81
Server CLI command ................................................................................................................81
Server Flash command .............................................................................................................83
Server Init command................................................................................................................. 84
Server LDAP Auth command.................................................................................................... 85
Server LDAP Primary|Secondary command ............................................................................85
Server LDAP Query command .................................................................................................86
Server LDAP Search command ................................................................................................ 87
Server Ping command............................................................................................................... 87
Server PPP command............................................................................................................... 88
Server RADIUS command ........................................................................................................89
Server Reboot command ...........................................................................................................90
Server Security command .........................................................................................................90
Server Set command .................................................................................................................92
Server Share command ............................................................................................................. 92
Table of Contents v
avocent.book Page vi Tuesday, March 14, 2006 12:33 PM
vi CCM Installer/User Guide
Server SNMP command............................................................................................................ 93
Server SNMP Community command ........................................................................................ 93
Server SNMP Manager command ............................................................................................ 94
Server SNMP Trap command ................................................................................................... 94
Server SNMP Trap Destination command ............................................................................... 95
Server SSH command ...............................................................................................................96
Show Commands..............................................................................................................................97
Show Group command..............................................................................................................97
Show NFS command................................................................................................................. 98
Show NTP command.................................................................................................................98
Show Port command................................................................................................................. 99
Show Port In/Out command.................................................................................................... 103
Show Server command............................................................................................................ 104
Show Server CLI command ....................................................................................................105
Show Server LDAP command................................................................................................. 105
Show Server PPP command ................................................................................................... 106
Show Server RADIUS command............................................................................................. 106
Show Server Security command.............................................................................................. 106
Show Server SNMP command ................................................................................................ 107
Show User command .............................................................................................................. 107
SPC Command...............................................................................................................................109
SPC Socket Command ................................................................................................................... 110
User Commands............................................................................................................................. 111
User Add command................................................................................................................. 112
User Delete command.............................................................................................................113
User Logout command............................................................................................................ 113
User Set command ..................................................................................................................114
User Unlock command ...........................................................................................................116
Appendices................................................................................................................... 117
Appendix A: Technical Specifications ...........................................................................................117
Appendix B: Device Cabling.......................................................................................................... 119
Appendix C: Supported Traps........................................................................................................ 125
Appendix D: NFS Error Codes and Port Status............................................................................131
Appendix E: Using the BMU .........................................................................................................138
avocent.book Page vii Tuesday, March 14, 2006 12:33 PM
Appendix F: Ports Used................................................................................................................. 147
Appendix G: Technical Support.....................................................................................................148
Index.............................................................................................................................. 149
Table of Contents vii
avocent.book Page viii Tuesday, March 14, 2006 12:33 PM
viii CCM Installer/User Guide
avocent.book Page ix Tuesday, March 14, 2006 12:33 PM
LIST OF FIGURES
List of Figures
Figure 2.1: CCM1650 Appliance Front Panel .................................................................................. 5
Figure 2.2: CCM1650 Appliance Back Panel ...................................................................................6
Figure 2.3: CCM485x Appliance Front Panel .................................................................................. 6
Figure 2.4: CCM485x Appliance Back Panel ...................................................................................7
Figure B.1: CAT 5 and CAT 6 Cable Adaptor Pin Assignments................................................... 121
Figure B.2: Reversing Cable Adaptor Pin Assignments................................................................123
Figure B.3: 8-wire RJ-45 Reversing Cable ...................................................................................124
ix
avocent.book Page x Tuesday, March 14, 2006 12:33 PM
x CCM Installer/User Guide
avocent.book Page xi Tuesday, March 14, 2006 12:33 PM
LIST OF TABLES
List of Tables
Table 2.1: CCM485x Appliance LAN LED Values............................................................................7
Table 3.1: Appliance Feature Reference ......................................................................................... 14
Table 3.2: Default Physical Port Settings ......................................................................................15
Table 3.3: Default Virtual Port Settings..........................................................................................19
Table 3.4: SSH Authentication Methods.......................................................................................... 25
Table 3.5: Access Rights .................................................................................................................. 33
Table 3.6: Port History Mode Commands.......................................................................................41
xi
Table 3.7: Substitution Strings in NFS Filename Specification ...................................................... 44
Table 4.1: Line Editing Operations for VT100 Compatible Devices .............................................. 51
Table 4.2: Line Editing Operations for ASCII TTY Devices ...........................................................52
Table 4.3: Command Syntax Types in Example Command .............................................................52
Table 4.4: CCM Appliance Command Summary.............................................................................55
Table 5.1: Connect Command Parameters......................................................................................61
Table 5.2: Group Command Summary ...........................................................................................63
Table 5.3: Group Add Command Parameters ................................................................................. 63
Table 5.4: Group Delete Command Parameter...............................................................................64
Table 5.5: Group Set Command Parameters...................................................................................64
Table 5.6: Help Command Parameter.............................................................................................65
Table 5.7: IPMI Command Parameter ............................................................................................ 66
Table 5.8: NFS Command Parameters............................................................................................ 66
Table 5.9: NTP Command Parameters............................................................................................67
Table 5.10: Port Command Summary ............................................................................................68
Table 5.11: Port Add Command Parameters .................................................................................. 69
Table 5.12: Port Alert Add Command Parameters ......................................................................... 71
Table 5.13: Port Alert Copy Command Parameters ....................................................................... 71
Table 5.14: Port Alert Delete Command Parameter .......................................................................72
avocent.book Page xii Tuesday, March 14, 2006 12:33 PM
xii CCM Installer/User Guide
Table 5.15: Port Delete Command Parameter................................................................................72
Table 5.16: Port Logout Command Parameter ............................................................................... 73
Table 5.17: Port NFS Command Parameters..................................................................................74
Table 5.18: Port Refresh Command Parameter .............................................................................. 75
Table 5.19: Port Set Command Parameters ....................................................................................76
Table 5.20: Port Set In/Out Command Parameters ........................................................................ 80
Table 5.21: Server Command Summary ..........................................................................................81
Table 5.22: Server CLI Command Parameters ...............................................................................82
Table 5.23: Server Flash Command Parameters ............................................................................ 84
Table 5.24: Server Init Command Parameter ................................................................................. 84
Table 5.25: Server LDAP Auth Command Parameter ....................................................................85
Table 5.26: Server LDAP Primary|Secondary Command Parameters ........................................... 85
Table 5.27: Server LDAP Query Command Parameters ................................................................86
Table 5.28: Server LDAP Search Command Parameters ............................................................... 87
Table 5.29: Ping Command Parameter...........................................................................................88
Table 5.30: Server PPP Command Parameters .............................................................................. 88
Table 5.31: Server RADIUS Command Parameters .......................................................................89
Table 5.32: Server Security Command Parameters ........................................................................ 91
Table 5.33: Server Set Command Parameters.................................................................................92
Table 5.34: Server Share Command Parameter.............................................................................. 92
Table 5.35: Server SNMP Command Parameter............................................................................. 93
Table 5.36: Server SNMP Community Command Parameters........................................................ 93
Table 5.37: Server SNMP Manager Command Parameters ...........................................................94
Table 5.38: Server SNMP Trap Command Parameter....................................................................95
Table 5.39: Server SNMP Trap Destination Command Parameters...............................................96
Table 5.40: Server SSH Command Parameters...............................................................................96
Table 5.41: Show Command Summary............................................................................................ 97
Table 5.42: Show Group Command Parameter ..............................................................................97
avocent.book Page xiii Tuesday, March 14, 2006 12:33 PM
Table 5.43: Show NFS Command Display Fields ...........................................................................98
Table 5.44: Show NTP Command Display Fields ........................................................................... 99
Table 5.45: Show Port Command Parameter..................................................................................99
Table 5.46: Show Port Command Display Fields for a Physical Port with TD=Console ............100
Table 5.47: Show Port Command Display Fields for a Virtual Port ............................................101
Table 5.48: Show Port Command Display Fields for TD=SPC.................................................... 103
Table 5.49: Show Server Command Display Fields ......................................................................104
Table 5.50: Show Server CLI Command Display Fields............................................................... 105
Table 5.51: Show Server Security Command Display Fields ........................................................106
Table 5.52: Show Server SNMP Command Display Fields........................................................... 107
List of Tables xiii
Table 5.53: Show User Command Parameter ...............................................................................108
Table 5.54: Show User Command Display Fields.........................................................................108
Table 5.55: Show User All Command Display Fields ...................................................................109
Table 5.56: SPC Command Parameters........................................................................................ 110
Table 5.57: SPC Socket Command Parameters ............................................................................ 110
Table 5.58: User Command Summary...........................................................................................111
Table 5.59: User Add Command Parameters................................................................................112
Table 5.60: User Delete Command Parameter .............................................................................113
Table 5.61: User Logout Command Parameter ............................................................................ 114
Table 5.62: User Set Command Parameters .................................................................................114
Table 5.63: User Unlock Command Parameter ............................................................................ 116
Table A.1: CCM Appliance Technical Specifications ...................................................................117
Table B.1: Port Pin Assignments................................................................................................... 119
Table B.2: Adaptors for Use with CAT 5 and CAT 6 Cable.......................................................... 119
Table B.3: Reversing Adaptors and Cables ..................................................................................122
Table C.1: CCM Appliance Enterprise Traps ...............................................................................125
Table D.1: NFS Error Codes......................................................................................................... 131
Table D.2: NFS Port Status Values ...............................................................................................137
Table E.1: IPMI Shortcut and BMU Command Summary ............................................................138
avocent.book Page xiv Tuesday, March 14, 2006 12:33 PM
Table E.2: IPMI Shortcut and BMU Alert Command Parameters................................................ 140
Table E.3: BMU Help Command Parameter................................................................................. 140
Table E.4: IPMI Shortcut and BMU Identify Command Parameters............................................140
Table E.5: IPMI Shortcut and BMU Pet Command Parameters .................................................. 141
Table E.6: IPMI Shortcut and BMU Power Command Parameters .............................................142
Table E.7: IPMI Shortcut and BMU Sel Command Parameters ...................................................143
Table E.8: IPMI Shortcut and BMU Sensor Command Parameters ............................................. 143
Table E.9: IPMI Shortcut and BMU Sol Command Parameters................................................... 144
Table E.10: IPMI Shortcut and BMU Sysinfo Command Parameters ..........................................145
Table E.11: IPMI Shortcut and BMU User Command Parameters .............................................. 146
List of Tables xiv
Table F.1: Ports Used by CCM Appliance .................................................................................... 147
avocent.book Page 1 Tuesday, March 14, 2006 12:33 PM
CHAPTER
Product Overview
1
Features and Benefits
Overview
1
The CCM console management appliance provides non-blocked access and control for devices
(also called target devices) such as serial-managed Linux (or other UNIX) servers, routers, power
management devices and firewalls. This includes Avocent SPC power control devices that provide
advanced power
• The CCM850 appliance has 8 serial ports. A single 10/100 Mbps Ethernet port provides network connectivity on each appliance. Two CCM850 appliances may be mounted in 1U of vertical space in a standard 19 inch rack.
• The CCM1650 appliance has 16 serial ports. A single 10/100 Mbps Ethernet port provides network connectivity on each appliance. Two CCM1650 appliances may be mounted in 1U of
vertical space in a standard 19 inch rack.
• The CCM485x appliance has 48 serial ports. A single 10/100/1000 Mbps Ethernet port provides network connectivity on each CCM appliance. One CCM485x appliance may be
mounted in 1U of vertical space in a standard 19 inch rack.
Each appliance has a console port that uses a Command Line Interface (CLI) for configuration,
management and optionally, connection to other ports.
In addition to the physical serial ports, you may configure and use up to 16 virtual serial ports on
each CCM appliance. Once a virtual port is established, it functions in a similar manner as a
physical port, except there is no need for physical cabling. A virtual port is accessed through the
Baseboard Management Controller (BMC) on a target device. The CCM appliance acts as an
Intelligent Platform Management Interface (IPMI) management console that allows users to
retrieve BMC-based status, statistics, logs and tracking information. If a target device experiences a
system failure, CCM appliance users may issue BMC Management Utility (BMU) commands to
virtual serial ports to determine the cause of the failure and reboot the device if necessary, even
when the device’s operating system and keyboard are not
management.
available.
AV or DS operation
The CCM appliance supports two separate Flash application images: one for AV operation and one
for DS
operation.
avocent.book Page 2 Tuesday, March 14, 2006 12:33 PM
2 CCM Installer/User Guide
AV operation - CCM appliances are Flash loaded at the factory with an image that supports
standalone operation and the Avocent AVWorks
AVWorks software is bundled with the CCM appliance and may be used to simplify installation,
configuration and subsequent session launching. When using this image, user authentication
requires user accounts to be maintained within the CCM appliance or within external authentication
servers which it can
access.
DS operation - CCM appliances may be Flash loaded with an image that supports standalone
operation and the DSView
includes user accounts maintained within the DSView 3 software server or within external
authentication servers which it can access. The CCM may be configured with other authentication
methods, if
desired.
See Configuring the Appliance for AV Operation or DS Operation on page 12 for
more information.
®
cross-platform management application. The
®
3 management software. When using this image, user authentication
NOTE: Hereafter, the phrase AV operation or DS operation will be used to identify features and commands that
are supported only when the CCM appliance is Flashed with an application image that supports that operation.
Whether the appliance is Flashed for AV or DS operation, you may perform most of the operations
that are described in this manual. This manual describes how to manage a CCM appliance by
entering commands using the CLI.
• The AVWorks Installer/User Guide describes how to manage a CCM appliance using the
AVWorks software graphic interface.
• The DSView Installer/User Guide describes how to manage a CCM appliance using the
DSView 3 software graphic interface.
NOTE: DSView 2 software is not supported on the CCM850, 1650 or 485x appliances. References to DSView
software and DS operation always refer to DSView 3 management software.
Serial device access options for physical ports
The CCM appliance and its attached devices are accessible over in-band, LAN-based connections
using Telnet and SSH (Secure Shell) client software. The CCM appliance and its attached devices
are also accessible over out-of-band, serial-based connections using the CCM appliance’s console
port. Out-of-band connectivity includes: terminal access (using supported terminal types such as
VT100), terminal emulation programs (such as HyperTerminal) and IP-based clients such as SSH
and Telnet. The console port offers modem handling, including a PPP (Point to Point Protocol)
communications interface that will accept a third party application that connects to the
appliance.
CCM
• The AVWorks software offers a built-in enhanced Telnet client and an SSH client application
• The DSView 3 software offers a built-in enhanced Telnet/SSH client applet
• Third party Telnet clients and third party SSH clients may be used during standalone operation
• When the CCM appliance is Flashed for AV operation, third party Telnet and third party SSH
clients may be configured and used from within the AVWorks software
avocent.book Page 3 Tuesday, March 14, 2006 12:33 PM
When session sharing is enabled, the CCM appliance supports multiple concurrent sessions.
Preemption criteria is based upon configured user access levels (for AV operation) or configured
preemption levels (for DS
Device access using virtual ports
Target devices with onboard BMCs may be configured through their Basic Input/Out System
(BIOS) to redirect serial console data from the local COM port to the serial interface on the BMC.
The BMC is further configurable for transferring this serial information to remote clients using the
Remote Management Control Protocol (RMCP). Transfer of RMCP messages between the BMC
and the RMCP client is called Serial over LAN (SoL). The CCM appliance contains an RMCP
client that supports a proprietary version of the IPMI 1.5 SoL
The CCM appliance serves as a gateway, allowing RMCP serial data to securely traverse nonsecure networks to remote clients over SSH sessions. Administrators may use its BMU interface to
monitor target device status, obtain information or reboot the device. See
page 138.
The features that are available for physical ports, such as share mode, offline buffering of history
data and port alerts are also supported for virtual
One SoL connection per BMC is allowed; up to four IPMI connections may be established to
BMC.
each
Chapter 1: Product Overview 3
operation).
protocol.
Using the BMU on
ports.
User authentication and data security
The CCM user database supports up to 64 user accounts, which include usernames, passwords and/
or keys, plus specifications of access rights/levels to CCM appliance ports and commands. User
definitions may be changed at any
time.
You may choose to have user access authenticated using the following methods.
• Locally at the CCM user database
• At a RADIUS (Remote Access Dial-In User Service) server
• At an LDAP (Lightweight Directory Access Protocol) server
• Through the DSView 3 software internal authentication service or external authentication
servers configured in the DSView 3 software (for DS operation)
Data security may be enhanced using industry-standard SSH encryption.
Extensive command set
The CCM appliance offers a wide range of commands that allow administrators to easily configure,
control and display information about the CCM appliance operating environment, including its
ports, user accounts and active sessions. The serial CLI is always available on the unit’s console
port, and may be easily accessed during a session with an attached serial
device.
The user interface also offers descriptive error message data and built-in command help
information. On-board Trivial File Transfer Protocol (TFTP) support allows administrators to
upload new functionality to CCM appliances in the field.
avocent.book Page 4 Tuesday, March 14, 2006 12:33 PM
4 CCM Installer/User Guide
Port history
Each CCM physical and virtual port has a buffer that holds the most recent 64K bytes of online and
offline serial data. A separate history command mode lets you navigate within a port’s current
history file and conduct tailored
You may also configure the appliance to write serial port data to a file on an NFS (Network File
System) server, thus preventing data loss due to overflow of the history
Safety Precautions
To avoid potential device problems, if the building has 3-phase AC power, ensure that a computer
and its monitor (if used) are on the same phase. For best results, they should be on the same
To avoid potentially fatal shock hazard and possible damage to equipment, please observe the
following
• Do not use a 2-wire extension cord in any product configuration containing this appliance.
• Test AC outlets at the computer and monitor (if used) for proper polarity and grounding.
• Use only with grounded outlets at both the computer and monitor. When using a backup Unin-
precautions:
terruptible Power Supply (UPS), power the computer, the monitor and the CCM appliance off
supply.
the
searches.
buffer.
circuit.
NOTE: The AC inlet is the main disconnect.
Rack mount safety considerations
• Elevated Ambient Temperature: If installed in a closed rack assembly, the operation temperature of the rack environment may be greater than room ambient. Use care not to exceed the
rated maximum ambient temperature of the
• Reduced Airflow: Installation of the equipment in a rack should be such that the amount of airflow required for safe operation of the equipment is not compromised.
• Mechanical Loading: Mounting of the equipment in the rack should be such that a hazardous
condition is not achieved due to uneven mechanical loading.
• Circuit Overloading: Consideration should be given to the connection of the equipment to the
supply circuit and the effect that overloading of circuits might have on overcurrent protection
and supply wiring. Consider equipment nameplate ratings for maximum current.
• Reliable Earthing: Reliable earthing of rack mounted equipment should be maintained. Pay
particular attention to supply connections other than direct connections to the branch circuit
(for example, use of power
strips).
unit.
avocent.book Page 5 Tuesday, March 14, 2006 12:33 PM
CHAPTER
Installation and Configuration
2
Hardware Overview
This section describes the CCM appliance LEDs, buttons and connectors.
5
CCM850 and 1650 appliance hardware
Figure 2.1 shows the front panel of a CCM1650 appliance. (The front panels of the CCM850
appliance and the CCM1650 appliance contain the same LEDs and buttons.)
Figure 2.1: CCM1650 Appliance Front Panel
The lower left area of the front panel contains the following LEDs and buttons:
• The POWER LED illuminates when the CCM appliance is connected to a power source.
• The ONLINE LED illuminates steadily (not blinking) when the CCM appliance self-test and
initialization procedures complete successfully.
• The LINK LED illuminates when the CCM appliance establishes a connection to the network.
• The TRAFFIC LED blinks when there is network traffic.
• The 100Mbps LED illuminates when the CCM appliance is connected to a 100 Mbps LAN.
• The RESET button, when pressed, reboots the CCM appliance. See Rebooting on page 11.
• The INIT button, when pressed and held, restores the CCM factory default values. See
Reinitializing on page 11.
Figure 2.2 shows the back panel of a CCM1650 appliance.
avocent.book Page 6 Tuesday, March 14, 2006 12:33 PM
6 CCM Installer/User Guide
Figure 2.2: CCM1650 Appliance Back Panel
The back panel contains:
• RJ-45 port connectors for serial cabling (the CCM850 appliance has 8 port connectors, the
CCM1650 appliance has 16 port connectors). The port number is adjacent to each connector.
• A LAN connector for a 10BaseT or 100BaseT interface cable.
• An RJ-45 CONSOLE PORT connector for a serial cable.
• Outflow opening for the internal fan.
• The AC line cord connector.
CCM485x appliance hardware
Figure 2.3 shows the front panel of a CCM485x network appliance.
Figure 2.3: CCM485x Appliance Front Panel
The front panel contains 48 serial port connectors. The lower left area of the front panel contains
the following LEDs, buttons and connectors.
The ONLINE LED illuminates steadily (not blinking) when the CCM self-test and initialization
procedures complete successfully.
The POWER LED illuminates when the CCM appliance is connected to a power source and the
power switch is on (|).
The RESET button reboots the CCM appliance when pressed. See Rebooting on page 11.
The INIT button restores the CCM factory defaults when pressed and held. See Reinitializing on
page 11.
A console device may be connected to the RJ-45 CONSOLE PORT.
A 10BaseT, 100BaseT or 1000BaseT interface cable may be connected to the LAN PORT.
Two LEDs adjacent to the LAN PORT (SPEED and LINK/TRAFFIC) indicate the link speed and
whether there is traffic on the link.
Table 2.1 describes the possible values.
avocent.book Page 7 Tuesday, March 14, 2006 12:33 PM
Table 2.1: CCM485x Appliance LAN LED Values
SPEED LED LINK/TRAFFIC LED Description
Off Off No link
Off On Link at 10 Mbps
Green On Link at 100 Mbps
Orange On Link at 1000 Mbps
Off Flashing Traffic at 10 Mbps
Green Flashing Traffic at 100 Mbps
Orange Flashing Traffic at 1000 Mbps
Chapter 2: Installation and Configuration 7
Figure 2.4 shows the back panel of a CCM485x appliance.
Figure 2.4: CCM485x Appliance Back Panel
The back panel contains:
• The AC line cord connector.
• Outflow openings for the two internal fans.
• A DB-9 DEBUG PORT connector. This port should be used only on the advice and with the
guidance of Technical Support.
Installing the CCM Appliance
WARNING: This unit is not user serviceable. To avoid electrical shock, do not attempt to open the unit or operate
with the cover off. Do not attempt to make any repairs. See Technical Support on page 148 for information.
WARNING: The power outlet should be near the equipment and easily accessible.
To install the CCM appliance hardware:
1. Place the unit where you can connect cables between the serial devices and the CCM serial
ports, and where you can connect a LAN interface cable between the Ethernet hub or switch
and the CCM LAN
2. Connect devices to the CCM serial ports; see Device Cabling on page 119 for cable information.
Connect each serial device to its appropriate power source, following the device’s documentation.
connector.
avocent.book Page 8 Tuesday, March 14, 2006 12:33 PM
8 CCM Installer/User Guide
3. Attach a LAN interface cable to the LAN connector on the CCM appliance. A CAT 5 cable is
required for 100BaseT operation. For CCM485x appliances, a CAT 6 cable is required for
1000BaseT
operation.
4. Insert the power cord into the back of the CCM appliance. Insert the other end of the power
cord into a grounded electrical receptor.
5. Check that the POWER LED on the front of the unit is illuminated. If not, check the power
cable to ensure that it is inserted snugly into the back of the unit. The ONLINE LED will illu
minate within two to three minutes to indicate that the self-test is complete. If the ONLINE
LED blinks, contact Technical Support for assistance.
6. For CCM850/1650 appliances, check that the LINK LED is illuminated.
For CCM485x appliances, check that the LAN port LEDs indicate that a 10, 100 or 1000 Mbps
exists.
link
If there is no link, check the Ethernet cable to ensure that both ends are correctly inserted into
jacks.
their
7. Once the POWER, ONLINE and appropriate LEDs are illuminated, proceed with the configuration process (if you will be using BootP, remove power from the appliance).
-
Configuring the CCM Appliance
To configure the CCM appliance, you must specify a unique IP address, plus other network address
information. This information will be stored in the CCM configuration database. During initial
login, you will specify a password for the Admin
Configuring the network address settings
For a CCM appliance that is Flashed for DS operation, you may configure the CCM appliance
network address settings using the DSView 3 software, BootP or the serial CLI. When the
appliance is Flashed for AV operation, you may configure the network address settings using the
AVWorks software, BootP or the serial CLI on the console
To configure the network address settings using DSView 3 software:
When the CCM appliance is Flashed for DS operation, the DSView 3 software New Appliance
Wizard is the easiest method to configure the network address settings. When you add a CCM
appliance that was Flashed for AV operation, you must migrate it to the DSView 3 software system
after it is added. See the DSView Installer/User Guide for instructions. After the network address
settings are configured, see
To configure the network address settings using AVWorks software:
When the CCM appliance is Flashed for AV operation, the AVWorks software New Appliance
Wizard is the easiest method to configure the network address settings. See the AVWorks Installer/
User Guide for instructions. After the network address settings are configured, see
appliance login on page 10 of this manual.
Initial CCM appliance login on page 10 of this manual.
user.
port.
Initial CCM
avocent.book Page 9 Tuesday, March 14, 2006 12:33 PM
To configure the network address settings using BootP:
1. Ensure that there is a BootP server on your network that is configured to correctly respond to a
BootP request from the CCM appliance. BootP servers require the Ethernet MAC address of
network devices. The Ethernet MAC address is printed on a label affixed to the appliance. See your
BootP server’s system administrator guide for information about configuring the BootP
2. After you have configured your network’s BootP server with the CCM appliance Ethernet
MAC address, IP address, subnet mask and gateway, restore power to the CCM appliance and
wait for the ONLINE LED to illuminate. Once this occurs, the CCM appliance has completed
the BootP protocol, obtained its network address information and stored these in
3. You may verify that the BootP process was successful with a ping command, which tests network connectivity. The ping command is entered as:
ping <ip_address>
For example, the following command tests the network connectivity of a CCM appliance with
the IP address
ping 192.168.0.5
192.168.0.5.
4. If the CCM appliance completes the BootP successfully, you will see a display similar to
following.
the
Pinging 192.168.0.5 with 32 bytes of data:
Reply from 192.168.0.5: bytes=32 time<10ms TTL=128
Reply from 192.168.0.5: bytes=32 time<10ms TTL=128
Reply from 192.168.0.5: bytes=32 time<10ms TTL=128
Reply from 192.168.0.5: bytes=32 time<10ms TTL=128
If the CCM appliance did not successfully obtain its IP address with the BootP protocol, you
will see a display similar to the
Pinging 192.168.0.5 with 32 bytes of data
Request timed out.
Request timed out.
Request timed out.
Request timed out.
In this case, check the address information provided to the BootP server to confirm it is correct.
Verify that the Ethernet LAN adaptor cable is correctly installed on the CCM appliance and the
Ethernet
hub.
After the network address settings are configured successfully, launch a Telnet session to the
assigned IP address. Then, see
Chapter 2: Installation and Configuration 9
server.
Flash.
following.
Initial CCM appliance login on page 10.
To configure the CCM appliance using the serial CLI:
1. Attach a compatible device to the console port. The compatible device types are: ASCII,
VT52, VT100, VT102, VT220 and
For cable and adaptor information, see Device Cabling on page 119. You may use any terminal
emulation program that is available on your system.
VT320.
avocent.book Page 10 Tuesday, March 14, 2006 12:33 PM
10 CCM Installer/User Guide
2. Configure your terminal or terminal emulation program as follows.
Baud rate 9600
Bits per character 8
Stop bits 1
Flow control None
3. Press the Return or Enter key until a prompt appears, requesting your username. If you do not
receive a prompt after pressing the key five times, check your cable and serial settings to be
sure that they are
correct.
4. Proceed to Initial CCM appliance login on page 10.
Initial CCM appliance login
The CCM appliance ships with a single user defined in its user database, named Admin. This
predefined user has no factory default password. The Admin user has the APPLIANCEADMIN
access level and a preemption level of 4 (see
sharing and preemption on page 27 for more information).
The first time you connect to the appliance, you are prompted for a username.
Access levels and rights on page 33 and Session
To log in to the CCM appliance for the first time:
1. At the Username prompt, type Admin. At the Password prompt, press Return.
Username: Admin
Password:
Authentication Complete
CCM configuration is required.
2. Once authentication completes, the CCM appliance prompts for any missing configuration values that are required for operation.
If you already provided the IP address, subnet mask and gateway, you will not be prompted for
those values
again.
If you have not already provided the network information, you will be prompted for them.
Enter the addresses using standard dot
CCM configuration is required
Enter CCM IP address > 192.168.0.5
Enter CCM Subnet mask > 255.255.255.0
Enter CCM Gateway address > 0.0.0.0
notation.
3. You are prompted for a new Admin password. Passwords are case sensitive and must contain
3-16 alphanumeric or hyphen characters. You must enter the new password twice to confirm
that you entered it
Enter CCM New Admin Password > *****
Confirm New Admin Password > *****
correctly.
After you have provided the required configuration information, a confirmation message appears
while the CCM appliance stores the values in its configuration database.
avocent.book Page 11 Tuesday, March 14, 2006 12:33 PM
You have now completed the initial login, and you may enter additional commands at the CLI
prompt (>). To configure other CCM appliance ports, see
Rebooting and Reinitializing the CCM Appliance
You may reboot or reinitialize the CCM appliance by pressing a recessed button on the appliance
front panel or by issuing a command.
Rebooting
During a reboot, any active Telnet sessions, including your own, are terminated. Any configuration
changes that require a reboot will become effective when the reboot completes.
To reboot the appliance in hardware:
1. Locate the recessed RESET button on the front of the CCM appliance. An opened paper clip
may be used to depress the button.
2. Insert the opened paper clip in the recess, then depress the button.
Chapter 2: Installation and Configuration 11
Configuring Port Settings on page 15.
To reboot the appliance with a command:
Issue a Server Reboot command.
Reinitializing
Reinitializing the CCM appliance removes configured information. This may be useful when
reinstalling the unit at another location in your network.You may erase the configuration database,
which contains all nonvolatile data except the IP address, subnet mask and gateway. You may also
erase both the configuration database and the network address information.
To reinitialize the CCM appliance in hardware:
1. Locate the recessed INIT button on the front of the CCM appliance. An opened paper clip may
be used to depress the button.
2. Insert the end of the opened paper clip in the recess, then depress and hold the button. The
ONLINE LED will blink, indicating an initialization has been requested. You have approxi
mately seven seconds to release the button before any action is taken.
After seven seconds, the ONLINE LED will blink more rapidly to confirm that the CCM
configuration database has been erased. Continuing to hold the INIT button for a few more seconds
will erase the IP address as well. The ONLINE LED will blink faster to confirm the deletion.
If any portion of Flash is erased, the CCM appliance reboots when the INIT button is released.
To reinitialize the CCM appliance with a command:
-
1. Issue a Server Init command with the Config parameter if you wish to erase the configuration database but retain the network address information.
-or-
Use the All parameter if you wish to erase the configuration database and the network
address
information.
avocent.book Page 12 Tuesday, March 14, 2006 12:33 PM
12 CCM Installer/User Guide
2. You are prompted to confirm or cancel the operation.
The appliance reboots after initializing the database and copying it to the configuration Flash.
Configuring the Appliance for AV Operation or DS Operation
The CCM appliance ships with a Flash application firmware image that supports AV operation (see
AV or DS operation on page 1).
If you wish to use DSView 3 software to manage the CCM appliance, you must load an appropriate
application image onto the appliance, using DSView 3 software. In other words, you cannot load a
DS operation application image from the CCM appliance
However, if you enable DS operation on the CCM appliance by loading an application firmware
image that supports DSView 3 software and later wish to return to AV operation, you may load an
application image that supports AV operation using the CCM appliance
CLI.
CLI.
To load a DS operation application image on a CCM appliance that currently uses
an AV operation
image:
This procedure begins by verifying that the CCM appliance has the proper boot and application
image versions. Then, from the DSView 3 software, the appliance is added and migrated. See the
CCM Migration document on the Avocent web site for complete
information.
To load an AV operation image on a CCM appliance that currently uses a DS
operation
image:
1. Go to the Avocent web site, www.avocent.com/support, to locate and download the proper AV
operation application
image.
2. Issue a Server Security command to ensure that DS authentication is not enabled on the appliance and that no DSView 3 software server certificates are stored.
a. Use the Auth parameter to specify any authentication methods you wish to use, other than
DS (that is, DS must not be included in the authentication method
specification).
b. Use the DSClear parameter to clear any stored DSView 3 software server certificates.
SERVER SECURITY AUTHENTICATION=<auth> DSCLEAR
3. Issue a Server Flash command to update the appliance with the image that supports the
AV Wo r k s
software.
SERVER FLASH APP HOSTIP=<tftp_add> IMAGE=<host_file>
Alternatively, you may reinitialize the CCM appliance (using the INIT button on the front panel or
by issuing a Server Init command) to clear the database. This will clear any stored DSView 3
software server certificates. You may then issue the Server Security command to specify
authentication methods other than DS, followed by a Server Flash command to load the AV
operation application
image.
avocent.book Page 13 Tuesday, March 14, 2006 12:33 PM
CHAPTER
Operations
3
Overview
The CCM console management appliance and its ports are easily configured and managed to meet
your requirements for device connection, user authentication, access control, power status
monitoring, port history information display and Simple Network Management Protocol (SNMP)
compliance for use with third party network management
13
products.
Configuring Global Settings
Generally, the CCM appliance-level commands affect console port operations, configure/initiate
physical operations and enable/disable
Console port settings
The Server CLI command includes parameters that configure the console port:
• The terminal type to be used
• Enabling/disabling connections to devices from the console port - see Connecting to devices
from the console port on page 22
• The modem initialization character - see Configuring and using dial-in connections on page 23
This command also covers the following:
• The CLI access character that will suspend a device session and place you in CLI command
mode (this value may be overridden at the port level) - see
• Local port history file processing options during connection and when a session ends - see
Managing Port History on page 40
• The session time-out value, which indicates the period of inactivity that must occur before a
session is ended (this value may be overridden at the port level) - see
page 31
Network settings, updating firmware and rebooting/reinitializing the appliance
features.
CLI Mode on page 30
Session time-out on
To change the CCM appliance IP, gateway or subnet addresses, use the Server Set command
page 92).
(
avocent.book Page 14 Tuesday, March 14, 2006 12:33 PM
14 CCM Installer/User Guide
To update the boot or application firmware on the appliance, use the Server Flash command,
described on
page 83. If you wish to change the application firmware to a version that supports a
different operation (that is, from AV operation to DS operation or vice versa), see Configuring the
Appliance for AV Operation or DS Operation on page 12.
The appliance may be rebooted or reinitialized by pressing a button on the appliance or by issuing a
command; see
Rebooting and Reinitializing the CCM Appliance on page 11.
Enabling/disabling features
Table 3.1: Appliance Feature Reference
For information about using this feature See this section
Accessing a Network Time Protocol (NTP) server to
update the
Using an NFS server to store device session data NFS history files on page 43
PPP Using PPP on page 23
Using a RADIUS server for user authentication RADIUS authentication on page 35
Security lock-out Using security lock-out on page 40
Session sharing Session sharing and preemption on page 27
SNMP Managing the CCM Appliance Using SNMP on page 46
SSH Using SSH on page 24
Response to ping requests (DS operation only) Server Ping command on page 87
time
Updating the Appliance Clock
The CCM appliance supports the NTP protocol. When NTP is enabled, the real time clock on the
CCM appliance will be updated immediately after NTP is enabled, each time the appliance reboots
and optionally, at specified
You may specify one or two NTP servers to provide the time. An NTP server may be external or an
internal server that you supply. The primary server will be queried for the time first. If it does not
respond with a valid time, the secondary server will be queried for the time. (The second server will
also be queried for status even if a valid time was obtained from the primary
intervals.
Updating the Appliance Clock on page 14
server.)
To enable or disable NTP:
To enable NTP, issue an NTP command with the Enable parameter.
NTP ENABLE [IP=<prim_add>[,<sec_addr>]] [UPDATE=<hours>]
If this is the first time NTP is being enabled, you must specify at least one NTP server address.
avocent.book Page 15 Tuesday, March 14, 2006 12:33 PM
If you want the time to be updated periodically, specify an update interval of up to 99 hours. If you
specify a zero interval value (which is the default), the time will be updated only when the CCM
appliance
reboots.
When you enable NTP, you are prompted to confirm or cancel the operation.
To disable NTP, issue an NTP command with the Disable parameter.
NTP DISABLE
See NTP Command on page 67 for more information.
To display NTP information:
Issue a Show NTP command.
See Show NTP command on page 98 for more information.
Configuring Port Settings
Chapter 3: Operations 15
A CCM appliance contains physical serial ports (8, 16 or 48 plus the console port) that ship with
default values. You may change these values as needed for your system configuration.
You may also add up to 16 virtual ports on a CCM appliance, in addition to the physical ports.
Physical port settings
You may configure a CCM physical port to support one of two types of target devices (TDs): SPC
console.
or
A console TD may be a serial-managed Linux (or other Unix) server, router, firewall or other
supported serial
By default, CCM appliance physical ports are configured with the settings listed in Table 3.2.
Table 3.2: Default Physical Port Settings
Parameter Value
Target device Console
Name xx-xx-xx Pn (last 3 octets of MAC address plus the port number)
Baud rate 9600
Bits per character 8
Parity None
device.
Stop bits 1
Flow control None
Time-out User Server CLI setting (15 minutes)
CLI access character Use Server CLI setting (^D)
avocent.book Page 16 Tuesday, March 14, 2006 12:33 PM
16 CCM Installer/User Guide
Table 3.2: Default Physical Port Settings (Continued)
Parameter Value
Power None
Most of these settings are standard serial port operating characteristics.
The CLI access character parameter specifies how you access the CLI. For more information, see
CLI Mode on page 30.
The CCM appliance is able to generate SNMP traps in response to specified transitions of RS-232
control signals. The intent of these traps is to indicate critical target device failures such as power
loss or cabling issues. The Power parameter is used to configure this function. The parameter value
indicates an inbound control signal (CTS, DCD or DSR) and the state of that signal (low or high).
When power status monitoring is enabled and the defined signal transitions from false to true, the
CCM appliance sends a power-on trap; conversely, when the condition transitions from true to
false, a power-off trap is sent. Flow control signals may not be used for power status monitoring,
and power status monitoring signals may not be used for flow
control.
SPC devices and sockets
For more information about SPC power control devices, see the SPC Installer/User Guide.
To configure TD=console physical serial port settings:
Issue a Port Set command. You may specify settings for one port, multiple ports or all ports.
PORT [<port>|ALL] SET TD=CONSOLE [NAME=<name>] [BAUD=<baud>]
[SIZE=<size>] [PARITY=<parity>] [STOP=<stop_bits>] [FLOW=<flow_ctrl>]
[TIMEOUT=<time-out>] [SOCKET=<socket>] [CHAR=^<cli_char>]
[TOGGLE=NONE|DTR] [POWER=<signal>] [GROUP=<group>]
For more information and descriptions of all valid parameters, see Port Set command on page 75.
To configure TD=SPC physical ports and settings:
Issue a Port Set command with the TD=SPC parameter.
PORT <device> SET TD=SPC [NAME=<name>]
When a port is configured for an SPC power control device, you may specify only the Name
parameter; no other serial port settings may be specified with the Port Set command. However, you
may use the SPC command to change certain configuration values for the SPC device.
SPC <device>|ALL [NAME=<name>] [MINLOAD=<amps>] [MAXLOAD=<amps>]
Use an SPC Socket command to configure or control the state of the sockets on the SPC device.
SPC <device>|ALL [SOCKET <socket>] [WAKE=ON|OFF] [ONMIN=<time>]
[OFFMIN=<time>] [POWER=ON|OFF|REBOOT]
For more information, see SPC Command on page 109 and SPC Socket Command on page 110.
NOTE: Users who wish to use the native command interfaces of the SPC device should specify TD=console.
avocent.book Page 17 Tuesday, March 14, 2006 12:33 PM
Port access
The port access control method can be either by port or by group.
The port access method may affect the listing of available ports when using the Connect command.
For example, if a user’s access is by group, the list of available ports will only include valid groups
of which that user is a member.
Access by port
When access is by port, the user account may contain port access rights. For physical ports, this can
be specified with specific port numbers or PALL, which grants access to all ports. If the user’s
account contains access levels rather than rights, the ADMIN and APPLIANCEADMIN levels
include PALL access. For virtual ports, the PALL access right is required. For more information,
Access levels and rights on page 33.
see
Access by group
Chapter 3: Operations 17
Access control groups allow a user account to be granted access to a group of ports using a single
specification. Using port groups also simplifies access control when using external RADIUS or
LDAP servers or when moving a user database from one CCM appliance to another. Group based
access can be used on both physical and virtual
ports.
Group settings are stored as a list of strings for each user and for each port. Each user has a list of
groups that they can access and each port has a list of groups to which it belongs. These are
separate
lists.
When access is by group, the right to access a port is determined by whether that username is a
member of a group that has been granted access to the port. However, even when access is by
group, a user with PALL access rights can still access all
ports.
For example, assume that physical ports 1, 2, 3 and 4 are assigned to a port group named LINUX.
Physical ports 5, 6, 7 and 8 are assigned to a port group named
ROUTERS.
Users who must be able to access all Linux devices can be granted this right by being assigned to
the LINUX group of users (using a Group Add/Set command) or by having the LINUX group
specified in each of their user accounts (using a User Add/Set command). Those users will be able
to access the devices connected to ports 1, 2, 3 and
4.
Users who must be able to access Linux and router devices can be granted this right by being
assigned to both the LINUX and ROUTERS group of users or by having both the LINUX and the
ROUTERS groups specified in their user accounts. Those users will be able to access the devices
connected to ports 1 through
8.
Although unlikely, it is possible for a user to have access to an empty port group (a group to which
no ports belong). When all ports are removed from a group, the group no longer exists; however,
users on this CCM appliance will remain in that group. A warning message will be displayed if you
issue a User Add/Set command and use the Group parameter to specify a group that doesn’t have
ports assigned to
it.
Although also unlikely, it is possible for a port to belong to a group that no users can access.
avocent.book Page 18 Tuesday, March 14, 2006 12:33 PM
18 CCM Installer/User Guide
Each port may belong to up to 8 groups. Multiple ports may belong to the same port group. Up to 8
port groups may then be specified in a user account.
Up to 8 port groups may be specified for a CCM850 appliance user, up to 16 port groups for a
CCM1650 appliance user and up to 48 port groups for a CCM485x appliance user.
Managing groups
The most convenient way to add, modify and delete groups is with the Group commands.
Alternatively, you may use the Group parameter in Port Add, Port Set, User Add and User Set
commands to add or change group membership; however, the Group commands provide an easier,
centralized
To specify the access control method:
Issue a Server Security command with the Access parameter.
method.
SERVER SECURITY . . . ACCESS=BYPORT|BYGROUP
To add a group:
To add a group to one or more ports, issue a Group Add command with the Port parameter and a
comma-delimited list of port names/numbers.
GROUP <group> ADD PORT=<port>
To add a group to one or more users, issue a Group Add command with the User parameter and a
comma-delimited list of
usernames.
GROUP <group> ADD USER=<user>
For more information, see Group Add command on page 63.
(Alternately, you may specify groups using the Group parameter in a Port Add, Port Set, User Add
or User Set
command.)
To change a group’s membership:
To change the membership of a group of ports, use the Group Set command with the Port
parameter and a comma-delimited list of port names/numbers to add, remove or
replace.
GROUP <group> SET PORT=<port>
To change the membership of a group of users, use the Group Set command with the User
parameter and a comma-delimited list of usernames to add, remove or
replace.
GROUP <group> SET USER=<user>
You may add, remove or replace membership with a Group Set command. For more information,
Group Set command on page 64.
see
(Alternately, you may specify groups using the Group parameter in a Port Add, Port Set, User Add
or User Set
command.)
To display group information:
To display one or more groups and their membership, issue a Show Group command
avocent.book Page 19 Tuesday, March 14, 2006 12:33 PM
SHOW GROUP [<group>]
To display a list of all local users and their group membership, issue a Show User command with
the Group
parameter.
SHOW USER GROUP
To display port group information, issue a Show Port command with the Groups parameter.
SHOW PORT GROUPS
For more information, see Show Group command on page 97, Show User command on page 107
and Show Port command on page 99.
To delete all members in a group:
Issue a Group Delete command.
GROUP <group> DELETE
For more information, see Group Delete command on page 64.
Chapter 3: Operations 19
Virtual port settings
You may configure up to 16 virtual ports on a CCM appliance, in addition to the physical ports.
Once a virtual port is added, you may change the port settings.
A virtual port must be given a name. This name is used in all commands issued for that port
(numbers are not used for virtual ports). A virtual port’s definition must also include the IP address
of the BMC and a socket that may be used for direct Telnet access. If login credentials are required
to access the BMC on the target device, they may also be configured on the CCM appliance to
facilitate
Group names may be assigned to virtual ports in the same manner as physical ports; see Port access
on page 17 for more information.
When a virtual port is created, its state is unconnected, but an SoL connection is immediately
attempted. If an SoL connection is established to the target BMC, the state changes to connected. If
an SoL connection cannot be established, the state remains unconnected and two more connection
attempts will be made. If no connection can be established after those attempts, the state changes
failed.
to
You may connect to a virtual port that has a state of unconnected or failed, but no data will come
through. In this case, the Refresh command may be used to attempt a connection.
After a port has connected, you may access the target device using SoL or you may access the
BMU and issue BMU commands. See
By default, CCM appliance virtual ports are configured with the settings listed in Table 3.3.
access.
Using the BMU on page 138 for more information.
Table 3.3: Default Virtual Port Settings
Parameter Value
Username Null
avocent.book Page 20 Tuesday, March 14, 2006 12:33 PM
20 CCM Installer/User Guide
Table 3.3: Default Virtual Port Settings (Continued)
Parameter Value
Password Null
Time-out 15 minutes
CLI access character Use Server CLI setting (15 minutes)
To create and configure a virtual port:
Issue a Port Add command.
PORT <port_name> ADD SOCKET=<socket> IP=<address> [USERNAME=<username>]
[PASSWORD=<password>] [TIMEOUT=<time-out>] [CHAR=^<cli_char>]
[GROUP=<group>]
For more information and descriptions of all valid parameters, see Port Add command on page 69.
To change the settings for a virtual port:
Issue a Port Set command.
PORT [<port>|ALL] SET [NAME=<name>] [TIMEOUT=<time-out>] [SOCKET=<socket>]
[CHAR=^<cli_char>] [GROUP=<group>] [USERNAME=<username>]
[PASSWORD=<password>]
If you use the ALL parameter, the changes will affect all physical ports, plus all virtual ports that
have been
added.
For more information and descriptions of all valid parameters, see Port Set command on page 75.
To attempt connection to a virtual port with an unconnected/failed state:
Issue a Show Port command with the virtual port’s name.
SHOW PORT <port>
If the port’s State field indicates Unconnected or Failed, issue a Port Refresh command.
PORT <port_name> REFRESH
Issue another Show Port command to check the state.
To delete a virtual port:
Issue a Port Delete command. For more information, see Port Delete command on page 72.
PORT <port_name> DELETE
Displaying port settings
To display port settings:
Issue a Show Port command.
SHOW PORT [<port>|ALL|NAMES|GROUPS]
avocent.book Page 21 Tuesday, March 14, 2006 12:33 PM
You may request configuration and status information about a single physical or virtual port or all
physical and virtual ports. You may also request information about port names and port
For more information, see Show Port command on page 99.
Connecting to Serial Devices
The CCM appliance offers several methods for connecting to serial devices: Telnet, serial CLI ,
PPP and
You may use the session sharing feature to permit multiple concurrent connections to a physical or
virtual port. See
Connecting to devices using Telnet
Each CCM physical or virtual port is directly addressable through a unique TCP port that provides
a connection to the attached serial
Plain text (non-encrypted) Telnet connections are enabled by default. For information about
enabling both plain text Telnet and SSH connections,
connections on page 27 and Server Security command on page 90.
When the CCM appliance is Flashed for DS operation, you may access the appliance and its ports
using the DSView 3 software Telnet/SSH applet client.
When the CCM appliance is Flashed for AV operation, you may access the appliance and its ports
using the AVWorks software Telnet
applications from within the AVWorks software.
Regardless of the Flash image (DS or AV), when the CCM appliance is being used in standalone
mode, you may use third party Telnet and SSH applications.
When using Telnet/SSH through a CCM appliance virtual port to access a device’s BMC, the
username and password credentials configured for the virtual port (Port Add/Set command) will be
used to validate device
SSH.
Session sharing and preemption on page 27 for more information.
access.
Chapter 3: Operations 21
groups.
device.
Enabling plain text Telnet and SSH
client. You may also specify and use third party Telnet
DSView 3 software and AVWorks software Telnet clients
These proprietary Telnet/SSH clients provide features unavailable in many other Telnet programs.
These include configurable session properties tailored for each device and configurable user
preferences for all sessions. Additionally, both clients offer a separate history mode to review
session data, a choice of connection modes to CCM appliances, a login scripting function and a
logging function. Both clients provide built-in support for SSH2.
See the DSView Installer/User Guide and the AVWorks Installer/User Guide for more information.
To connect to a device using Telnet:
Type telnet, followed by the CCM appliance IP address and the appropriate TCP port, which by
default is 3000 plus the physical port number, in decimal format. (The TCP port number may be
changed for any CCM
port.)
avocent.book Page 22 Tuesday, March 14, 2006 12:33 PM
22 CCM Installer/User Guide
For example, the following Telnet command connects to the serial device attached to physical port
4 of the CCM
telnet 192.168.0.5 3004
appliance.
If an authentication method other than None has been configured for the CCM appliance, you will
be prompted for a username and password. Once authentication completes, your connection is
confirmed. When you successfully connect to the serial device, you will see a display similar to
following.
the
Username: Myname
Password: ******
Authentication Complete
Connected to Port: 7 9600,8,N,1,XON/XOFF
If the authentication method is configured as None, you may Telnet and connect to a serial device
without entering credentials; however, credentials are always required when connecting to the
CLI.
CCM
NOTE: When using AVWorks software, the configuration of the credential caching feature may affect whether
you are prompted for a username and password. See the AVWorks Installer/User Guide for more information.
Data entered at the Telnet client is written to the serial device. Any data received by the CCM
appliance from the serial device is output to your Telnet client.
Connecting to devices from the console port
You may connect to a serial device from the console port, using a local terminal or a local PC using
a terminal emulation program. If you connect an external modem to the console port, you may also
access devices through a remote terminal or PC that can dial into the external modem. For
information about modem connections, see
and Server CLI command on page 81.
To connect to a device from the console port:
1. Issue a Server CLI command, using the Connect parameter to enable the use of the Connect
command from the console port. (This need only be done one time.)
SERVER CLI CONNECT=ON
2. Issue a Connect command to the desired port.
CONNECT [<port>] [EXCLUSIVE]
The optional Exclusive parameter requests exclusive access to the port. This is valid only if the
port is not currently in use. See
Session sharing and preemption on page 27 for
more information.
If you do not specify a port, a menu will be displayed, listing the ports that are available for
serial connection. Enter a port number or name, or press
valid port is specified, a message Connected to port ... appears. This message includes the port
name plus the configured settings for baud, data bits, parity, stop bits and flow control.
3. To end a device session that was initiated with a Connect command, issue a Disconnect command.
Configuring and using dial-in connections on page 23
Enter to cancel the command. If a
avocent.book Page 23 Tuesday, March 14, 2006 12:33 PM
DISCONNECT
For more information, see Server CLI command on page 81, Connect Command on page 61 and
Disconnect Command on page 62.
Configuring and using dial-in connections
You may attach an external modem to the console port for dial-in serial CLI access to the CCM
appliance. This may be used as a backup connection if the appliance is not accessible from the
network. It may also be used as a primary connection at remote sites that do not have Ethernet
network capability. The modem must be Hayes compatible.
To specify a modem initialization string:
1. Issue a Server CLI command, using the Modeminit parameter to specify the modem
initialization
SERVER CLI MODEMINIT=“<string>”
The string must be enclosed in quotes and must include at least the command settings ATV1
and S0=1, which cause the modem to issue verbose response strings and autoanswer the phone
on the first ring. For more information, see
The modem initialization string is sent to the cabled modem when any of the following
conditions
• CCM appliance initialization
• Detection of a transition of DSR from low to high
• Completion of a call when DCD changes from high to low
2. Upon successful modem connection, press the Enter key until the login prompt appears.
string.
occur:
Chapter 3: Operations 23
Server CLI command on page 81.
To display modem configuration information:
Issue a Show Server CLI command.
For more information, see Show Server CLI command on page 105.
Using PPP
The CCM appliance supports remote PPP access using an autoanswer modem that answers calls
and establishes the PPP protocol with a dial-in client. You may establish Telnet or SSH
connections over
PPP dial-in may be used to access a remote CCM appliance that does not warrant a WAN (Wide
Area Network) link to the Ethernet interface. The PPP dial-in may also be used to access a subnet
containing remote devices in the event of a WAN link failure. In this case, the PPP provides an
alternate path to one or more remote
To use PPP, you must configure a modem in autoanswer mode on the console port; see Configuring
and using dial-in connections on page 23. Once the PPP connection is established, you must launch
SHOW SERVER CLI
PPP.
devices.
avocent.book Page 24 Tuesday, March 14, 2006 12:33 PM
24 CCM Installer/User Guide
an application that connects to the CCM appliance or to one of its ports. The PPP connection is
only a communications interface to the CCM
The CCM appliance implements a PPP server that uses CHAP (Challenge Authentication
Protocol). Passwords are not accepted in the clear on PPP
To enable or disable a PPP server on the console port:
1. To enable a PPP server on the console port, issue a Server PPP command with the Enable parameter.
SERVER PPP ENABLE LOCALIP=<local_ip> REMOTEIP=<rem_ip>
[MASK=<subnet>]
You must specify local and remote IP addresses to be used for the CCM appliance and client
ends of the PPP connection respectively. You are prompted to confirm or cancel the changes.
2. To disable a PPP server, issue a Server PPP command with the Disable parameter.
SERVER PPP DISABLE
For more information, see Server PPP command on page 88.
appliance.
connections.
To display PPP configuration information:
Issue a Show Server PPP command.
SHOW SERVER PPP
For more information, see Show Server PPP command on page 106.
Using SSH
The CCM console management appliance supports version 2 of the SSH protocol (SSH2). The
CCM SSH server operates on the standard SSH port 22. The shell for this connection provides a
CLI prompt as if you had established a Telnet connection on port 23. The shell request for this
connection is for CLI
SSH connections to specific serial ports may be made on TCP ports that are numbered with values
100 greater than the standard 30xx Telnet ports for the CCM appliance. For example, if port 7 is
configured for Telnet access on port 3007, then port 3107 will be a direct SSH connection for port
7. When SSH is enabled, Telnet port 23 connections will be accepted from other clients if the
Server Security command includes the Encrypt=SSH,None parameter, which indicates that both
SSH and plain text connections will be allowed. Connecting to Telnet port 23 may also be tunneled
through a connection to SSH port
SSH server keys
When SSH is enabled for the first time, all sessions are terminated and the CCM appliance
generates an SSH server key. The key generation process may take up to three minutes. The key is
computed at random and is stored in the CCM configuration
In most cases, the SSH server key should not be modified because most SSH clients will associate
the key with the IP address of the CCM appliance. During the first connection to a new SSH server,
the client will display the SSH server’s key. You will be prompted to indicate if it should be stored
on the SSH client. After the first connection, most SSH clients will validate the key when
access.
22.
database.
avocent.book Page 25 Tuesday, March 14, 2006 12:33 PM
connecting to the CCM appliance. This provides an extra layer of security because the SSH client
can verify the key sent by the server each time it
When you disable SSH and later reenable it, you may either use the existing server key or compute
a new one. If you are reenabling the same server at the same IP address, it is recommended that you
use the existing key, as SSH clients may be using it for verification. If you are moving the CCM
appliance to another location and changing the IP address, you may wish to generate a new SSH
key.
server
Authenticating an SSH user
SSH is enabled and disabled with the Server SSH command. When you enable SSH, you may
specify the authentication method(s) that will be used for SSH connections. The method may be a
password, an SSH key or both. A user’s password and SSH key are specified with a User Add or
User Set command. All SSH keys must be RSA keys. DSA keys are not
Table 3.4 lists and describes the valid SSH authentication methods that may be specified with a
Server SSH command.
Table 3.4: SSH Authentication Methods
Chapter 3: Operations 25
connects.
supported.
Method Description
SSH connections will be authenticated with a username/password. With this method,
PW (default)
KEY
PW|KEY or KEY|PW
PW&KEY or KEY&PW
a user’s definition must include a valid password in order for that user to authenticate
an SSH session.
SSH connections will be authenticated with an SSH key. With this method, a user’s
definition must include valid SSH key information in order for that user to
authenticate an SSH session. Key authentication is always local; RADIUS and LDAP
are not supported. For more information, see
SSH connections will be authenticated with either a username/password or an SSH
key. If a user has only a password defined, that user must authenticate an SSH
session with a username/password. If a user has only an SSH key defined, that user
must authenticate an SSH session using the key. If a user has both a password and
an SSH key defined, that user may use either a username/password or the SSH key
to authenticate an SSH session. This method allows the administrator to define how
each user will authenticate an SSH session based on information provided in the
User Add/Set
PW authentication will be local, RADIUS, LDAP or downlocal as specified in the Auth
parameter of the Server Security command. Key authentication is always
SSH connections will be authenticated using both a username/password and an
SSH key. With this method, a user’s definition must include a password and SSH key
information for that user to authenticate an SSH session.
PW authentication will be local, RADIUS, LDAP or downlocal as specified in the Auth
parameter of the Server Security command. Key authentication is always local.
SSH user keys on page 26.
command.
local.
SSH key authentication always uses the access rights from the local user database. Depending on
the server authentication method specified with the Server Security command, SSH password
authentication will use the access rights from the local user database or the values returned by the
avocent.book Page 26 Tuesday, March 14, 2006 12:33 PM
26 CCM Installer/User Guide
RADIUS or LDAP server. When the CCM appliance is Flashed for DS operation, SSH password
authentication will use the access rights returned by the authentication service used by the DSView
software.
3
With either of the “or” methods (PW|KEY and KEY|PW), the user access rights are determined
from the method used to authenticate the user.
With either of the “and” methods (PW&KEY and KEY&PW), the user access rights are
determined from the first method specified. If PW&KEY is specified, the access rights from the
password authentication will be used. If KEY&PW is specified, the access rights from the key
authentication will be
used.
For more information, see Using Authentication Methods on page 34.
SSH user keys
A user’s SSH key is specified in a User Add or User Set command. You may define a key even if
SSH is not currently enabled. The key may be specified in one of two
• When using the SSHKEY and FTPIP keyword pair to define the network location of a user’s
SSH key file, the SSHKEY parameter specifies the name of the uuencoded (Unix to Unix
encoded) public key file on an FTP server. The maximum file size that can be received is 4K
bytes. The FTPIP parameter specifies the FTP server’s IP
When this method is specified, the CCM appliance initiates an FTP client request to the
specified IP address. The CCM appliance then prompts the user for an FTP username and
password for connection. When connected, the CCM appliance will GET the specified key file
and the FTP connection will be closed. The CCM appliance then stores the SSH key with the
username in the CCM user
• When using the KEY keyword to specify the SSH key, the KEY parameter specifies the actual
uuencoded SSH key. This is for configurations that do not implement an FTP server. The CCM
appliance stores the specified key in the CCM user
The CCM appliance processes a uuencoded SSH2 public key file with the format described in the
IETF document draft-ietf-secshpublickeyfile-02. The key must follow all format requirements. The
UNIX ssh-keygen2 generates this file format. The CCM appliance also processes a uuencoded
SSH1 public key file. The UNIX ssh-keygen generates this file
ways:
address.
database.
database.
format.
To enable SSH session access to the CCM appliance:
1. Issue a Show Server Security command to ensure that you are using an authentication method
other than
None.
SHOW SERVER SECURITY
2. Issue a Server SSH command with the Enable parameter. You may also specify an
authentication
method.
SERVER SSH ENABLE AUTH=<auth>
If an authentication method is not specified, the previous authentication parameter will be
used. The default value is
AUTH=PW.
avocent.book Page 27 Tuesday, March 14, 2006 12:33 PM
3. If you are enabling SSH for the first time, you are advised that all other CCM appliance
sessions will be terminated. Enter
4. If you are reenabling SSH, you are prompted to use the existing SSH server key or generate a
new key. Enter
Y to use the existing key or N to generate a new key.
For more information, see Server SSH command on page 96.
To disable SSH session access to the CCM appliance:
Issue a Server SSH command with the Disable parameter.
SERVER SSH DISABLE
When SSH is disabled, the CCM appliance operates in plain text mode.
To display SSH information:
Issue a Show Server Security command.
SHOW SERVER SECURITY
If SSH is enabled, the display will include SSH2. Regardless of whether SSH is enabled, the
display will indicate the authentication method that was specified with the Server SSH
Chapter 3: Operations 27
Y to continue or N to cancel.
command.
Enabling plain text Telnet and SSH connections
Plain text (non-encrypted) Telnet connections are enabled by default.
If you enable SSH connections using the Server Security command and the Encrypt=SSH
parameter, plain text Telnet connections will be disabled. However, if you enable SSH connections
with the Server SSH command, both plain text and SSH connections will be
To enable both Telnet and SSH connections:
Issue a Server Security command, indicating Encrypt=SSH,None.
Session sharing and preemption
Session sharing allows multiple concurrent sessions to the same attached device.
• The maximum number of concurrent sessions allowed on a CCM appliance is based on the
following
(2 x Number of Physical Ports) + (2 x Number of Configured Virtual Ports)
• A maximum of four concurrent sessions are allowed per port (physical or virtual).
For example, if you have 7 virtual ports configured on a CCM1650 appliance, the maximum
number of concurrent sessions on the appliance is 46 (2 x 16 physical ports = 32; 2 x 7 configured
virtual ports = 14; 32 + 14 = 46). However, at any given time, only four concurrent sessions will be
allowed on any single physical or virtual
One SoL connection per BMC is allowed. Up to four IPMI connections may be established to
BMC.
each
You may:
• Disable sharing. In this case, only one session per port may be active at a time.
calculation:
port.
allowed.
avocent.book Page 28 Tuesday, March 14, 2006 12:33 PM
28 CCM Installer/User Guide
• Enable automatic session sharing. In this case, a user will automatically be connected to a port
even if it is in use (with restrictions noted in the following
• Enable session sharing with the query option. In this case, when a port is in use, the session
originator (the user who initiated the first session) must grant permission before other users are
able to join a session on that
Session sharing and the preemption of device sessions are also affected by a user’s configured
access level or preemption level (which is configured with the User Add/Set
• When the CCM appliance is Flashed for AV operation, the user’s configured access level is
used for session sharing and preemption. There are three access levels, with the following hier
archy (highest to lowest):
APPLIANCEADMIN > ADMIN > USER
See Access levels and rights on page 33 for more information.
• When the CCM appliance is Flashed for DS operation, the user’s configured preemption level
is used for session sharing preemption. There are four preemption levels, with the following
hierarchy (highest to
4 > 3 > 2 > 1
For example, assume user A is currently accessing a device, and user B wishes to access the same
device. If user B’s access/preemption level is equal to or higher than user A’s access/preemption
level, then user B may be allowed to preempt user A’s device
Any user may also request exclusive access to a port if there is no other existing connection to that
port. This is done on the login screen by adding the E parameter after the username or by adding the
Exclusive parameter with the Connect
The following examples show the interaction between share mode and access/preemption levels.
examples).
port.
commands).
-
lowest):
session.
command.
Session sharing examples
These examples illustrate session sharing and preemption for one port and two users. Assume this
port is currently in use by the session originator (SO). Another user, the requesting user (RU),
wants to connect to the same port. For simplicity, also assume that if RU is allowed to connect, it
will not exceed the maximum allowable number of sessions per port or sessions per
Example 1 - SO’s access/preemption level is higher than RU’s access/preemption level
appliance.
Share mode = Query
SO is connected non-exclusively
SO will be prompted to approve sharing the connection.
If SO approves, then RU will be connected to the port.
If SO does not approve, then RU will not be connected to the port.
Share mode = Query
SO is connected exclusively
RU will not be connected to the port.
Share mode = Disabled or Auto
avocent.book Page 29 Tuesday, March 14, 2006 12:33 PM
RU will not be connected to the port. (In this case, it does not matter whether SO is connected
exclusively or non-exclusively.)
Example 2 - RU’s access/preemption level is equal to or higher than SO’s access/
preemption level
Share mode = Disabled
-orSO is connected exclusively
RU is prompted with preemption choices E, N and D.
If RU replies with E, then SO will be preempted/disconnected and RU will be connected
exclusively to the port.
If RU replies with N, then SO will be preempted/disconnected and RU will be connected
non-exclusively to the port.
If RU replies with D, SO will remain connected and RU will not be connected to the port.
Share mode = Auto or Query
SO is connected non-exclusively
RU is prompted with preemption choices E, N, S and D.
If RU replies with E, then SO will be preempted/disconnected and RU will be connected
exclusively to the port.
If RU replies with N, then SO will be preempted/disconnected and RU will be connected
non-exclusively to the port.
If RU replies with S and Share Mode = Auto, SO will remain connected and RU will be
connected to the port.
If RU replies with S and Share Mode = Query, SO will be prompted to approve sharing
the connection.
If SO approves, RU will be connected to the port.
If SO does not approve, RU will not be connected to the port.
If RU replies with D, SO will remain connected and RU will not be connected to the port.
Example 3 - Ending shared sessions
In a shared session, if the SO quits the session, the next user sharing the session will become the
SO. If the SO is logged out by another user, all sessions that are shared with the SO will be
terminated, as well as the SO’s session.
Chapter 3: Operations 29
To configure criteria to be used for session sharing and preemption:
Issue a User Add or User Set command.
• If the CCM appliance is Flashed for AV operation, include the Access parameter, indicating
the desired access level or rights.
• If the CCM appliance is Flashed for DS operation, include the Preempt parameter, indicating
the desired preemption level.
avocent.book Page 30 Tuesday, March 14, 2006 12:33 PM
30 CCM Installer/User Guide
To enable/disable session sharing:
To disable session sharing, issue a Server Share command with the Disable parameter.
To enable automatic sharing, specify the Auto parameter.
To enable sharing only with the permission of the session originator, specify the Query parameter.
This is the default value.
To initiate a device session with exclusive access:
At the Username: prompt, enter your username, followed by an E or e.
-orIf device connections from the console port are enabled, enter a Connect command, followed by a
port number or name, then the Exclusive parameter.
NOTE: A request for an exclusive connection is valid only when there are no other users currently using the port.
To display share mode information:
Issue a Show Server command. The display will indicate the share mode.
CLI Mode
While you are connected to an attached serial device, you may enter CLI mode and enter CCM
appliance
To enter or exit CLI mode when connected to a serial device:
1. To enter CLI mode, type the CLI access character, which is Ctrl-D by default. At the CLI
prompt (>), you may enter CCM commands.
2. To exit CLI mode and return to the session with the attached device, issue a Resume command.
For more information, see Resume Command on page 80.
To change the CLI access character:
Issue a Server CLI command or a Port Set command (or Port Add command for a virtual port),
using the Char parameter to specify the CLI access
SERVER CLI CHAR=^<char>
PORT SET CHAR=^<char>
For a physical port, if you issue a Port Set command with Char=None, then the CLI access
character specified in the Server CLI command will be used.
For a virtual port, the character specified with the Port Add command is used. For a direct Telnet
connection, or if None is specified in the Port Add command, the value specified in the Char
parameter of the Server CLI command will be
You may use the Port Set command to override the Server CLI access character on an individual
physical or virtual port basis.
commands.
RESUME
character.
used.
avocent.book Page 31 Tuesday, March 14, 2006 12:33 PM
For more information, see Port Add command on page 69, Port Set command on page 75 and
Server CLI command on page 81.
To display CLI access character information:
Issue a Show Server CLI or a Show Port command.
SHOW SERVER CLI
SHOW PORT
For more information, see Show Server CLI command on page 105 and Show Port command on
page 99.
Ending Device Sessions
To end your session:
Enter CLI mode and issue a Quit command.
-or-
If you initiated the device session with a Connect command, enter CLI mode and issue a
Disconnect
-or-
Allow the port to time-out due to inactivity (if port time-out is enabled). In this case, a notification
message is issued and the serial CLI session returns to CLI mode. This time-out may occur while
you are in CLI
-or-
For modem connections, if a carrier drop occurs, the serial CLI session is automatically logged off.
If you end a shared session and you were the session originator, the next user sharing the session
becomes the session
For more information, see Quit Command on page 80 and Disconnect Command on page 62.
command.
mode.
originator.
Chapter 3: Operations 31
To end another user’s session:
Issue a User Logout command, specifying the name of the user to be logged out.
A message is sent and the connection is dropped.
If you are logged out by another user during a shared session and you are the session originator, all
the sessions that share with you will also be logged out.
For more information, see User Logout command on page 113. For information about session
sharing, see Session sharing and preemption on page 27.
Session time-out
The CCM console management appliance monitors data traffic when you are connected to an
attached serial device. You may specify a time-out value with the Server CLI command. You may
also specify a time-out value for each port with the Port Set command (or Port Add for virtual
ports). The value indicates the number of idle minutes the CCM appliance will wait before
avocent.book Page 32 Tuesday, March 14, 2006 12:33 PM
32 CCM Installer/User Guide
dropping a connection to that port. When a Port Set/Add time-out value is omitted or set to zero, the
port will use the value specified in the Server CLI command. To completely disable port time-outs,
the Server CLI time-out and the Port Set/Add time-out values must both be zero.
Managing User Accounts
The CCM user database can store information for up to 64 user accounts.
To add a user:
Issue a User Add command.
USER <username> ADD [PASSWORD=<pwd>] [SSHKEY=<keyfile>] [FTPIP=<ftpadd>]
[KEY=<sshkey>] [ACCESS=<access>] [GROUP=<group>] [PREEMPT=1|2|3|4]
You must specify a username. You must also specify a password or SSH user key information, or
you may specify both. You may also include an access level/access rights and group names. The
Preempt parameter is valid only when the CCM appliance is Flashed for DS operation.
For more information, see Using SSH on page 24, Access levels and rights on page 33, User Add
command on page 112 and Managing groups on page 18.
To change a user’s configuration information:
Issue a User Set command.
USER <username> SET [PASSWORD=<pwd>] [SSHKEY=<keyfile>] [FTPIP=<ftpadd>]
[KEY=<sshkey>] [ACCESS=<access>] [GROUP=<group>] [PREEMPT=1|2|3|4]
You may change your own password at any time. You must have USER access rights to change
another user’s password or to change any user’s SSH user key information, access rights or
preemption level. The Preempt parameter is valid only when the CCM appliance is Flashed for
operation.
DS
To remove an SSH user key or password, specify Key=“” or Password=“”. You cannot remove
both the password and the SSH key from a user’s definition; one must remain in the user database.
Also, you cannot remove a user’s key or password if that removal would result in no valid users
having USER access
rights.
For more information, see Using SSH on page 24, Access levels and rights on page 33, User Set
command on page 114 and Managing groups on page 18.
To delete a user:
Issue a User Delete command.
USER <username> DELETE
For more information, see User Delete command on page 113.
To display user configuration information:
1. To display information about one user, issue a Show User command, specifying the username.
SHOW USER <username>
avocent.book Page 33 Tuesday, March 14, 2006 12:33 PM
2. To display information about all users, issue a Show User command with the All parameter.
SHOW USER ALL
3. To display information about group membership, issue a Show User command with the
parameter.
Group
SHOW USER GROUP
For more information, see Show User command on page 107.
Access levels and rights
Most CCM appliance commands require the user to have the appropriate permission to issue them.
Permissions are expressed as access levels or access rights.
There are three predefined access levels: APPLIANCEADMIN, ADMIN or USER. Each access
level has associated rights, which are described in
• The APPLIANCEADMIN level has the access rights PALL, USER, SCON, SMON, PCON
BREAK
and
• The ADMIN level has the access rights PALL, USER, SMON, PCON and BREAK
• The USER access level has no port access rights by default (this level cannot be expressly
configured for a user account; it is assigned based on the criteria described in
page 34)
Chapter 3: Operations 33
Table 3.5.
Access rights on
Table 3.5: Access Rights
Access Right Description
PCON
SCON
SMON
USER
BREAK
Pn, Px-y or
PAL L
The Port Configuration access right allows the user to modify port settings. Grant PCON
access only to users who need to issue the Port Set command.
The Server Configuration access right allows the user to change the CCM configurations,
including setting the IP address and updating the program load in Flash. Grant SCON
access only to users who need to administer the CCM appliance.
The Server Monitor access right allows the user to view CCM appliance status and
monitor serial port activity. Grant SMON access only to users who need to assist other
users in accessing attached serial devices.
The USER access right allows the user to modify the user database. Grant USER access
only to users who need to add users, change user specifications or delete users.
If local user authentication will be used, at least one user must have USER access rights;
otherwise, the user database cannot be changed.
Do not confuse this access right with the predefined USER access level.
The BREAK access right allows the user to send a serial break sequence to the attached
serial device. On certain devices, this sequence has a special meaning. Grant BREAK
access only to users who need to use the Port Break command.
The Port access right gives a user access to one or more serial ports and the attached
serial devices. You may grant access to specific physical ports (Pn), a range of physical
ports (Px-y) or all physical and virtual serial ports (PALL).
avocent.book Page 34 Tuesday, March 14, 2006 12:33 PM
34 CCM Installer/User Guide
The access levels and rights for each command are listed in Table 4.4 on page 55.
When the CCM appliance is Flashed for AV operation, session sharing preemption uses access
levels. See
Session sharing and preemption on page 27 for more information.
When the CCM appliance is Flashed for DS operation, other access levels may control a user’s
permission to perform operations. See the DSView Installer/User Guide for more
Access rights
You may fine-tune the predefined access levels in a user account by adding or subtracting granular
access rights with a User Set command.
When you create a user account, you may optionally specify individual access rights rather than a
predefined access level. In this case, an access level is assigned, based on the access
specification:
rights
• If the user account is created with a user rights specification that includes SCON, the
APPLIANCEADMIN access level is assigned.
• If the user account is created with a user rights specification that includes USER (but not
SCON), the ADMIN access level is assigned.
• If the user account is created with a user rights specification that does not include either SCON
or USER, the USER access level is assigned.
information
To manage a user’s access level/rights:
1. To configure a user’s access level/rights, issue a User Add command, using the Access param-
eter to specify a level or rights. (When you create a user account, you must also specify other
parameters; see
Managing User Accounts on page 32 for more information.)
USER <username> ADD ACCESS=<access>
2. To change a user’s access level/rights, issue a User Set command, using the Access parameter
to specify a level or rights.
USER <username> SET ACCESS=<access>
3. To display the access level and rights for one or all users, issue a Show User command.
SHOW USER <username>|ALL
For more information, see User Add command on page 112, User Set command on page 114 and
Show User command on page 107.
Using Authentication Methods
The CCM appliance supports several methods for authenticating users: DS, local, RADIUS,
LDAP, downlocal and none. Multiple connection and authentication methods may
operate
NOTE: DS authentication is enabled only when the CCM appliance is Flashed for DS operation.
concurrently (except local and downlocal, which cannot both be specified).
avocent.book Page 35 Tuesday, March 14, 2006 12:33 PM
When the CCM appliance is Flashed for DS operation, local and DS authentication are enabled by
default. When the CCM appliance is Flashed for AV operation, local authentication is enabled
default.
by
DS authentication
DS authentication uses either the internal DSView 3 software authentication service or an external
authentication service configured in the DSView 3 software. When you specify DS authentication,
you may also indicate the authentication mode.
• Secure mode indicates that authentication will be locked to one DSView 3 software server
after a successful initial access, and the DSView 3 software server and appliance credentials
will be stored on the CCM
• Trustall mode indicates that any DSView 3 software server may be used for authentication,
and the DSView 3 software server credentials will not be stored or validated on the
appliance.
CCM
When the secure mode is used, you may clear the stored credentials used by the DSView 3 software
at any time. Reinitializing the CCM appliance also clears any stored credentials.
For more information, see the DSView Installer/User Guide.
Chapter 3: Operations 35
appliance.
Local authentication
Local authentication uses the CCM appliance internal user database to authenticate users. You may
optionally specify both local and another authentication method, in any order. In this case,
authentication will be attempted initially on the first method specified. If that fails, the second
method will be used for authentication, and so on. Local and downlocal authentication cannot both
specified.
be
Downlocal authentication
Downlocal authentication uses the CCM appliance internal user database to authenticate users if
the configured external authentication services cannot be used due to lack of connection to the
external servers. Local and downlocal authentication cannot both be specified.
RADIUS authentication
RADIUS authentication uses an external third party RADIUS server containing a user database to
authenticate CCM appliance users. The CCM appliance, functioning as a RADIUS client, sends
usernames and passwords to the RADIUS server. If a username and password do not agree with
equivalent information on the RADIUS server, the CCM appliance is informed and the user is denied
CCM access. If the username and password are successfully validated on the RADIUS server, the
RADIUS server returns an attribute that indicates the access rights defined for that username.
To use RADIUS authentication, you must specify information about the primary RADIUS server
and optionally, a secondary RADIUS server to be used as a backup.
The RADIUS server definition values specified in CCM appliance commands must match
corresponding values configured on the RADIUS server. On the RADIUS server, you must include
CCM appliance-specific information: the list of valid users and their access rights/level for the
avocent.book Page 36 Tuesday, March 14, 2006 12:33 PM
36 CCM Installer/User Guide
CCM appliance and any group assignments. Each user-rights attribute in the RADIUS server’s
dictionary must be specified as a string containing the user’s access rights/level and any group
assignments for the CCM appliance, exactly matching the syntax used in the CCM User Add/User
command.
Set
A user-rights attribute in the RADIUS server’s dictionary may also contain a preemption value,
following the syntax used in the CCM User Add/User Set command. When this value appears in a
RADIUS attribute string, the authenticated user will have the specified preemption level. If the
attribute string does not contain the preempt keyword and value, the default Server CLI preemption
value will be used (see
Console port session and connection authentication on page 36).
Consult your RADIUS administrator’s manual for information about specifying users and their
attributes. The exact process depends on the RADIUS server you are using.
When port group names are used, the CCM appliance will parse group names coming from a
RADIUS server, and allow access according to group content.
LDAP authentication
LDAP authentication uses an external third party LDAP server containing a user database to
authenticate CCM appliance users. The CCM appliance functions as an LDAP client.
To use LDAP authentication, you must specify information about the primary LDAP server and
optionally, a secondary LDAP server to be used as a backup. You must also supply search and
query information, and whether the LDAP server will be used just for authentication or for both
authentication and
authorization. The LDAP configuration values specified in CCM appliance
commands must match corresponding values configured on the LDAP server(s).
Consult your LDAP administrator’s manual for information about specifying users, search and
query specifications. The exact process depends on the LDAP server you are using.
When port group names are used, the CCM appliance will parse group names coming from an
LDAP server, and allow access according to group content.
When using LDAP authentication on the CCM appliance, any port names containing spaces must
be changed to remove the spaces.
No authentication
When authentication is disabled, users are not authenticated. Telnet sessions to serial ports are
accepted immediately, and users are not prompted for a username or password. In this case, users
are granted access only to the port to which they are connected, including Break access.
Connections to the Telnet port (23), serial CLI and PPP are still authenticated using the local CCM
user database, even when authentication is expressly disabled. Generally, these communications
paths are used only by administrators, and authentication is enforced in order to establish
appropriate access rights.
Authentication may not be disabled when SSH session access is enabled.
Console port session and connection authentication
By default, user sessions at the console port are authenticated.
avocent.book Page 37 Tuesday, March 14, 2006 12:33 PM
When the CCM appliance is Flashed for AV operation, console port session access is always
authenticated using the configured access level for the user in the CCM appliance local user
database (APPLIANCEADMIN, ADMIN, USER).
When the CCM appliance is Flashed for DS operation, user authentication at the console port may
be enabled or disabled. You may also configure a preemption level that will be used for a console
port user when user authentication is disabled on that port.
Enabling and disabling console port authentication
NOTE: Console port authentication may be enabled/disabled only when the CCM appliance is Flashed for
DS operation.
Console port authentication may be enabled/disabled with the Server CLI command, using the
parameter.
Auth
• When console port authentication is enabled for a CCM appliance that is Flashed for DS
operation, the user is authenticated using the methods specified with the Server Security
command (DS, LOCAL, LDAP, RADIUS and/or DOWNLOCAL).
However, if the configured methods include DS, LDAP or RADIUS, but not LOCAL or
DOWNLOCAL, and a negative response is not received from the DS, LDAP or RADIUS
authentication servers, local authentication will be used. This ensures that the console port
remains usable when remote authentication services cannot be contacted.
When local authentication is used, console port connections are authenticated against the local
CCM user
database.
• When console port authentication is disabled, a console port user is not authenticated. If that
console port user attempts to connect to another CCM port (assuming connection ability is
enabled), and that port is already in use, a server level preemption level is used. This level is
configured with the Server CLI command.
Chapter 3: Operations 37
NOTE: PPP sessions are always authenticated using the method specified with the Server Security command.
In other words, enabling/disabling user authentication at the console port does not apply to PPP dialin connections.
For example, assume authentication has been disabled on the console port and that session sharing
is also disabled. A user starts a session on the console port (without having to log in with a
username and password), then attempts to connect to port 7, which is already in use by another
user. Since the console port’s preemption level is not known (because no authentication occurred
during login), the configured server-level preemption value is used.
• If that preemption level is lower than the current port 7 user’s preemption level, the connection
to port 7 will not be allowed.
• If that preemption level is equal to or higher than the current port 7 user’s preemption level, the
serial CLI port user may choose to preempt the current port 7 user’s session.
avocent.book Page 38 Tuesday, March 14, 2006 12:33 PM
38 CCM Installer/User Guide
Authentication summary
The CCM appliance allows concurrent use of multiple authentication methods (except local and
downlocal). This includes DS authentication, if the CCM appliance is Flashed for DS operation.
Examples when Flashed for AV operation
If you enable local and RADIUS authentication (in that order), authentication first uses the CCM
user database. If that fails, authentication goes to the defined RADIUS servers. If you enable
RADIUS and local authentication (in that order), authentication goes first to the defined RADIUS
servers. If that fails, the local CCM user database is used. Local is the default method.
Examples when Flashed for DS operation
If you enable local and DS authentication (which is the default), DSView 3 software clients will
always be authenticated using DSView 3 software internal or external authentication services.
Third party Telnet and SSH clients will be authenticated using the CCM local user database first,
and DSView 3 software
Similarly, if you enable DS and RADIUS authentication, DSView 3 software clients will always be
authenticated using the DSView 3 software internal or external authentication services. Third party
Telnet and SSH clients will be authenticated using the RADIUS servers.
As indicated above, the DSView 3 software internal or external authentication services will always
be used for the DSView 3 software clients. For third party Telnet and SSH clients, the order in
which you specify other authentication methods determines the order in which each method is used.
second.
To specify the authentication method:
1. For RADIUS authentication, issue a Server RADIUS command.
SERVER RADIUS PRIMARY|SECONDARY IP=<radius_ip> SECRET=<secret>
USER-RIGHTS=<attr> [AUTHPORT=<udp>] [TIMEOUT=<time-out>]
[RETRIES=<retry>]
You must specify the server’s IP address, the UDP port to be used and a “secret” to be used.
You must also specify a user-rights attribute value that matches a value in the RADIUS
server’s
dictionary.
You may also use this command to delete a RADIUS server definition.
SERVER RADIUS PRIMARY|SECONDARY DELETE
For more information, see Server RADIUS command on page 89.
2. For LDAP authentication, issue Server LDAP Primary|Secondary, Server LDAP Auth, Server
LDAP Query and Server LDAP Search commands.
SERVER LDAP PRIMARY|SECONDARY [IP=<address>] [ACCESS=LDAP|LDAPS]
[PORT=<port>]
SERVER LDAP AUTH=AO|AA
SERVER LDAP QUERY [CSMODE=<csmode>] [TDMODE=<tdmode>]
[GROUP=<group>] [GMASK=<gmask>] [TMASK=<tmask>] [ACATTR=<acattr>]
avocent.book Page 39 Tuesday, March 14, 2006 12:33 PM
SERVER LDAP SEARCH [SDN=<cn>] [SPASS=<spass>] [SBASE=<sbase>]
[UIDMASK=<umask>]
You may also use the LDAP Primary|Secondary command to delete an LDAP
definition.
server
SERVER LDAP PRIMARY|SECONDARY DELETE
3. Issue a Server Security command, using the Authentication parameter to specify the
authentication method. Use the Encrypt parameter to enable plain text Telnet connections,
SSH connections or
SERVER SECURITY AUTHENTICATION=<auth> ENCRYPT=<conns>
When the CCM appliance is Flashed for AV operation, you may not specify DS authentication.
When the CCM appliance is Flashed for DS operation, DS authentication is automatically
appended to any other previously configured authentication
You cannot specify both local and downlocal. If you specify downlocal, it should be the last
authentication method specified.
If you specify None, you cannot specify any other method. When SSH session access is
enabled, you must specify an authentication method other than None.
4. You are prompted to save the information. Enter Y to confirm or N to cancel.
Chapter 3: Operations 39
both.
methods.
To enable or disable authentication of console port sessions:
NOTE: This procedure is valid only when the CCM appliance is Flashed for DS operation.
Issue a Server CLI command, using the Auth parameter to indicate Enable or Disable. Use the
Preempt parameter with a value from 1-4 (lowest to highest) to configure a preemption value to be
used when console port authentication is disabled.
To clear stored DSView 3 software authentication credentials:
NOTE: This procedure is valid only when the CCM appliance is Flashed for DS operation.
Issue a Server Security command, using the DSClear parameter. This clears any stored credentials
used by the DSView 3 software.
To display authentication configuration information:
1. Issue a Show Server Security command.
SHOW SERVER SECURITY
The display includes the current CCM appliance authentication settings that were configured
with the Server Security command. If SSH access has been enabled, the display indicates
SSH2. Regardless of whether SSH is enabled, the display includes the authentication method
specified with the Server SSH command.
2. To display CCM RADIUS settings that were configured with the Server RADIUS command,
issue a Show Server RADIUS command.
SHOW SERVER RADIUS
avocent.book Page 40 Tuesday, March 14, 2006 12:33 PM
40 CCM Installer/User Guide
3. To display CCM LDAP settings that were configured with the Server LDAP commands, issue
a Show Server LDAP command.
SHOW SERVER LDAP
For more information, see:
• Server RADIUS command on page 89
• Server LDAP Auth command on page 85, Server LDAP Primary|Secondary command on
page 85, Server LDAP Query command on page 86 and Server LDAP Search command on
page 87
• Server Security command on page 90
• Server CLI command on page 81
• Show Server Security command on page 106
• Show Server RADIUS command on page 106
• Using SSH on page 24.
Using security lock-out
When the security lock-out feature is enabled, a user account will be locked-out after five
consecutive authentication failures. A successful authentication will reset the counter to zero. You
may configure a lock-out period of 1-999 hours. A lock-out period of zero disables the feature; that
is, user accounts will not be locked-out.
A locked account will remain locked until the specified time elapses, the CCM appliance is powercycled or the account is unlocked by an administrator with the User Unlock command. A user with
the ADMIN access level may unlock all users except a user with the APPLIANCEADMIN level. A
user with the APPLIANCEADMIN level may unlock all users.
To enable or disable security lock-out:
1. To enable security lock-out, issue a Server Security command, using the Lockout parameter
with a value between 1-999.
2. To disable security lock-out, issue a Server Security command, using the Lockout=0 parameter.
To unlock a locked-out user:
Issue a User Unlock command with the username.
Managing Port History
Each CCM appliance physical port and virtual port has a circular history buffer that contains the
latest 64K bytes of data received from the attached serial device. You may enable the NFS feature,
which will write buffered data to a file on an NFS server. Port history information may be useful
for auditing and
troubleshooting.
avocent.book Page 41 Tuesday, March 14, 2006 12:33 PM
Using the local history buffer
The history buffer begins filling with data received from attached devices upon completion of
CCM appliance initialization, even if no user is connected. When you connect to a serial port, the
data that was received from the device prior to the connection is available in the buffer. Once
online, new data continues to be stored in the buffer. You may choose whether to display the
history buffer’s content automatically when you connect and whether to keep or discard the history
buffer’s content at the end of a session.
When more than 64K bytes of data are sent to the history buffer, data at the top of the buffer is
discarded to make room for the new data. As a result, the buffer always contains the most recent
64K bytes of port history.
Using port history mode commands
Once you are in port history mode, you may issue the commands listed in Table 3.6. Only the first
letter of the command is required.
Chapter 3: Operations 41
Table 3.6: Port History Mode Commands
Command Description
Bottom B sets the view location to the bottom of the file minus 23 history display lines, if available.
Clear C clears the port history buffer.
Help H displays a summary of the port history commands.
Next
Prev
Quit Q returns to the normal CLI.
Resume
Search
N increments the current history display line by the number of lines per page and outputs a
new history display page.
P decrements the current history display line by the number of lines per page and outputs a
new history display page.
R leaves port history mode and CLI mode and resumes the session with the attached serial device.
This single command is equivalent to sequentially using the Quit and Resume commands.
S searches the port history buffer for a specified text string. Search strings with embedded
spaces must be enclosed in quotes.
By default, the search is case sensitive. To ignore case, enter -i before the string. To specify
direction, type
down from the current line toward the bottom of the buffer. The search direction remains in
effect for subsequent searches until you change the search direction.
If the string is found, the current history display line is set to the line containing the string, and
the unit outputs a history display page. If the string is not found, an error message is displayed,
no other information is output and the current history display line is not changed.
Entering the Search command with no parameters searches again for the previous string in the
same direction as the previous search.
-u to search up from the current line toward the top of the buffer or -d to search
Top T sets the current history display line to one and outputs a history display page.
avocent.book Page 42 Tuesday, March 14, 2006 12:33 PM
42 CCM Installer/User Guide
The following examples assume the user is in port history mode.
The following command searches the history buffer in the upward direction for the string
Abort Process.
PORT HISTORY> s -u “Abort Process”
The following command searches the history buffer for the string Process, ignoring case.
PORT HISTORY> s -i Process
For more information, see Server CLI command on page 81 and Port History command on page 73.
To access port history mode:
Issue a Port History command.
PORT HISTORY
The PORT HISTORY > prompt appears.
To control the port history buffer display when you connect:
Issue a Server CLI command, using the History parameter to specify the Hold or Auto option:
SERVER CLI HISTORY=HOLD|AUTO
• If Hold is specified, the number of bytes in the history buffer is displayed, but none of the his-
tory data is output. In this case, you must access the CLI and use the Port History command to
view the port’s history buffer content. This is the default mode.
• If Auto is specified, the number of bytes in the history buffer is displayed and the entire con-
tent of the buffer is output to the Telnet session. In this mode, the history buffer’s content may
be reviewed in the Telnet client’s scrolling window. You may also use the Port History com
-
mand to view the port’s history buffer content.
To control the port history buffer content when you end a session:
Issue a Server CLI command, using the History parameter to specify the Clear or Keep option:
SERVER CLI HISTORY=CLEAR|KEEP
• If Clear is specified, the port history buffer is cleared and all data is discarded at the end of
session.
a
• If Keep is specified, the port history buffer’s content is retained at the end of a session.
To clear and discard all data in a port history buffer:
Issue a Clear command while you are in port history mode.
CLEAR
- or -
Issue a Server CLI command, indicating History=Clear.
SERVER CLI HISTORY=CLEAR
In this case, the port’s history buffer is cleared at the end of each device session.
avocent.book Page 43 Tuesday, March 14, 2006 12:33 PM
NFS history files
When the NFS feature is enabled on the CCM appliance and on a port, port history data is written
to a file on an NFS server, in addition to the local history buffer on the CCM appliance. Each
physical and virtual port has its own file(s) on the NFS server where data is written. The NFS
server must support NFSv3
Timestamps
Timestamps are written to the history file in the format: YYYY-MM-DD HH:MM:SS, where the
hour (HH) is in 24-hour format. Each timestamp is preceded and followed by a carriage return and
linefeed (
assumed to be UTC (Universal Coordinated Time). You may display the current time on the CCM
appliance at any time by entering a Show Server command.
A timestamp is inserted at the beginning of the file and whenever the file is opened for data to be
written, but not more frequently than once every second.
If the CCM appliance is unable to send incoming data to the NFS server file quickly enough (for
example, due to network load or server speed), an overrun may occur in the history accumulation
buffer, and older data will be discarded to accommodate new incoming data. If this occurs, the
location in the history file where the data was lost will indicate <<data lost due to overrun>>
appended to the timestamp.
CR+LF). The timestamp date/time uses the current time on the CCM appliance, which is
Chapter 3: Operations 43
(RFC1813).
Enabling NFS on the CCM appliance
To use NFS, you must first enable NFS on the CCM appliance by identifying the address and
mount point of the NFS server, plus the file type and the protocol.
NOTE: The NFS server’s system administrator must make the appropriate configuration changes to allow the
CCM appliance to access a specific subdirectory in the NFS server’s file system (the mount point). This may or
may not allow the CCM appliance to access and/or create subdirectories within the mounted subdirectory. This
will affect what may be specified in the Port NFS command’s file parameter.
The valid file types are:
• Linear - A file will be opened for writing at the end (appended); this is the default
• Daily - A new file will be created every midnight
By default, the TCP network protocol is used for communications between the CCM appliance and
the NFS server. You may use the Protocol parameter to specify the UDP or TCP protocol.
To enable/disable NFS on the CCM appliance:
1. To enable NFS on the appliance, issue an NFS command with the Enable parameter.
NFS ENABLE [IP=<nfs_server>] [MOUNT=<mount>] [FTYPE=LINEAR|DAILY]
[PROTOCOL=TCP|UDP]
If this is the first time you are enabling NFS on the appliance, you must include the IP address
of the NFS server and a valid mount point. You may also specify the file type and protocol.
You may also use the NFS Enable command to change the current IP address, mount point, file
type or
protocol.
avocent.book Page 44 Tuesday, March 14, 2006 12:33 PM
44 CCM Installer/User Guide
The values will be displayed and you will be prompted to confirm.
If a mount operation is not immediately successful, it will be retried every 60 seconds for
approximately 15 minutes. If an existing mount is lost, the CCM appliance will automatically
attempt to restore it.
If an error occurs, the display may include a numeric value and a text message. See NFS Error
Codes and Port Status on page 131 for descriptions.
2. To disable NFS, issue an NFS command with the Disable parameter.
NFS DISABLE
If you later enable NFS again on the appliance, the server address, mount point, file type and
protocol values at the time of disabling will be used if new values are not specified with the
enable command.
For more information, see NFS Command on page 66.
To check the NFS mount status:
Issue a Show NFS command. (You may also issue the NFS Enable command without additional
parameters to verify an existing mount.)
Enabling NFS on the CCM appliance ports
After NFS is successfully enabled on the CCM appliance, you may enable and configure NFS on
the individual
ports.
If an error occurs, it may include a numeric value and a text message. See NFS Error Codes and
Port Status on page 131 for descriptions.
NFS filenames
When you enable NFS on one or all ports, you may specify a filename, which must be unique for
each port. If the daily file type was configured with the NFS Enable command, the filename must
also be unique for each day. You may use the substitution strings listed in
Table 3.7 as part of the
filename specification, regardless of the file type.
Table 3.7: Substitution Strings in NFS Filename Specification
2-Character String Substituted Value
%d Day of month (01-31) 08
%D Same as %m-%d-%y 01-08-04
Example (Port number 7, named Sales7,
on January 8, 2004)
%F
%j Julian day of year (001-366) 008
%m Month (01-12) 01
%y Year without century (00-99) 04
Same as %Y-%m-%d
(this is the ISO 8601 date format)
2004-01-08
avocent.book Page 45 Tuesday, March 14, 2006 12:33 PM
Table 3.7: Substitution Strings in NFS Filename Specification (Continued)
Chapter 3: Operations 45
2-Character String Substituted Value
%Y Year with century (2004-9999) 2004
%# Port number (01-nn) 07
%n Port name Sales7
%% % %
Example (Port number 7, named Sales7,
on January 8, 2004)
If you do not specify a filename, the default is interpreted according to the configured file type:
• If the file type is linear, the default is equivalent to P%#.hst for physical ports and P%n.hst for
virtual ports. The resulting filename for each physical port will include the port number; the
filename for each virtual port will include the port name.
• If the file type is daily, the default is equivalent to P%#_%F.hst for physical ports and
P%n_%F.hst for virtual ports. The resulting daily filename for each port will include the port
number or name and the date.
Using the default filenames is the most convenient way to ensure that all filenames will be unique
for each port (and for each day, if the file type is daily).
However, if you choose to specify a filename rather than use the defaults, it must meet the
following
criteria:
• The filename must be different from the filename specified for any other port on the CCM
appliance. Using the port number substitution string (%#) or the port name substitution string
(%n) in the filename specification is one way to accomplish this.
If you are enabling NFS on all ports by including the All parameter, and you also include the
File parameter with a nondefault specification (that is, a specification other than File=), the
filename specification must explicitly include the %# port number or the %n port name
substitution string.
• If the file type is daily, the filename specification must also include one or more of the date
substitution strings so that the resulting filename is different each day.
If you specify a nondefault filename, and later wish to use the default filename, you may change it
by issuing a Port NFS Enable command with a File= or File=”” parameter.
If you specify a nondefault filename, and later attempt to change the file type from linear to daily,
the request will be rejected if the filename specification does not include a date substitution string.
When writes will occur
When you enable NFS on a port, you may configure a buffer size and a time interval, which will be
used to determine when accumulated data is written to the NFS server file.
• If you configure a buffer size of zero bytes and a time interval of zero seconds, data will be
written to the file as soon as the data is available (not to exceed one write per second).
avocent.book Page 46 Tuesday, March 14, 2006 12:33 PM
46 CCM Installer/User Guide
• If you configure a buffer size of zero bytes and a non-zero time interval, accumulated data will
be written to the file each time the specified interval elapses (unless 3584 or more bytes accu
mulate in the buffer before an interval elapses, in which case the data will be written then).
• If you configure a non-zero buffer size and a time interval of zero seconds, data will be written
when the specified number of bytes has accumulated, regardless of elapsed time. (If you con
figure a size value larger than 3584, the data will be written whenever 3584 or more unwritten
accumulate.)
bytes
To display NFS configuration information and mount status:
Issue a Show NFS command. The display will include the status of the mount operation. For more
information, see
Show NFS command on page 98.
SHOW NFS
To enable/disable and configure NFS on a port:
-
-
1. To enable NFS on one or all ports, issue a Port NFS command with the Enable parameter.
PORT <port>|ALL NFS ENABLE [FILE=<file>] [SIZE=<bytes>] [TIME=<sec>]
You may specify a filename or use default values; see NFS filenames on page 44.You may also
configure size and time thresholds; see When writes will occur on page 45.
2. To disable NFS on one or all ports, issue a Port NFS command with the Disable parameter.
PORT NFS DISABLE
For more information, see Port NFS command on page 73.
To display NFS port history file information:
Issue a Show Port command. The display includes the current port NFS status, which covers the
most recent 15 minutes or since NFS history was most recently enabled for that port.
SHOW PORT
-or-
Issue a Show NFS command. In addition to displaying the current NFS mount status, this command
will also show any port error status other than No Recent Errors Detected.
SHOW NFS
NFS Error Codes and Port Status on page 131 describes the error codes that may be displayed.
Managing the CCM Appliance Using SNMP
The CCM console management appliance provides a set of commands that create and manage
SNMP structures for use by third party network management products. These commands cover the
following
operations:
• Enabling and disabling SNMP UDP port 161 SNMP processing
• Defining read, write and trap community names
• Defining and deleting up to four SNMP management entity IP addresses
avocent.book Page 47 Tuesday, March 14, 2006 12:33 PM
• Enabling and disabling SNMP traps
• Defining and deleting up to four trap destination IP addresses
• Defining, copying and deleting up to ten alert strings for each port
By default, SNMP is enabled but no traps are enabled and no trap destinations are defined.
To enable or disable SNMP processing:
1. To enable SNMP processing, issue a Server SNMP command with the Enable parameter. This
is the default setting.
SERVER SNMP ENABLE
2. To disable SNMP processing, issue a Server SNMP command with the Disable parameter.
SERVER SNMP DISABLE
For more information, see Server SNMP command on page 93.
Chapter 3: Operations 47
To specify SNMP community names:
Issue a Server SNMP Community command, using the Readcomm, Writecomm and Trapcomm
parameters to specify community names.
NOTE: The default community names are “public”; if you enable SNMP, you are encouraged to change the
community values to prevent access to the MIB.
SERVER SNMP COMMUNITY READCOMM=<name> WRITECOMM=<name>
TRAPCOMM=<name>
Although all three community names default to public, if you specify a trap community name with
this command, it must be different from the read and write community names.
For more information, see Server SNMP Community command on page 93.
To add or delete SNMP management entity addresses:
1. To add an SNMP management entity address, issue a Server SNMP Manager command with
the Add parameter and the management entity’s IP address. You may define up to four SNMP
management entity addresses, using separate commands.
SERVER SNMP MANAGER ADD <ip_address>
When you define at least one SNMP manager, SNMP requests are processed if they are from
one of the defined SNMP managers. If a request is not from one of the defined SNMP
managers, the SNMP request is discarded.
2. To delete an SNMP management entity address, issue a Server SNMP Manager command with
the Delete parameter and the management entity’s IP address.
SERVER SNMP MANAGER DELETE <ip_address>
If no management entities are defined, any SNMP manager may access the MIB. For more
information, see
Server SNMP Manager command on page 94.
avocent.book Page 48 Tuesday, March 14, 2006 12:33 PM
48 CCM Installer/User Guide
To enable or disable SNMP traps:
1. To enable SNMP traps, issue a Server SNMP Trap command with the Enable parameter.
SERVER SNMP TRAP ENABLE
The CCM appliance will display a numbered list of traps that are currently disabled with a
prompt requesting you to select trap(s) to enable. Indicate the traps to be enabled by entering a
trap’s list number, several numbers separated by commas, a range of numbers separated by a
dash or a combination of numbers with commas and dashes. To enable all traps, type
cancel the command, press
- or To enable all SNMP traps, issue a Server SNMP Trap command with the Enable and All
parameters. In this case, the numbered list is not displayed.
SERVER SNMP TRAP ENABLE ALL
2. To disable SNMP traps, issue a Server SNMP Trap command with the Disable parameter.
SERVER SNMP TRAP DISABLE
The CCM appliance will display a numbered list of traps that are currently enabled with a
prompt requesting you to select trap(s) to disable. Indicate the traps to be disabled by entering
a trap’s list number, several numbers separated by commas, a range of numbers separated by a
dash or a combination of numbers with commas and dashes. To disable all traps, type
cancel the command, press
- or To disable all SNMP traps, issue a Server SNMP Trap command with the Disable and All
parameters. In this case, the numbered list is not displayed.
SERVER SNMP TRAP DISABLE ALL
For more information, see Server SNMP Trap command on page 94 and Supported Traps on
page 125.
ALL. To
Enter.
ALL. To
Enter.
To add or delete SNMP trap destination addresses:
1. To add an SNMP trap destination address, issue a Server SNMP Trap Destination command
with the Add parameter and the destination’s IP address. You may define up to four destination
addresses, using separate commands.
SERVER SNMP TRAP DESTINATION ADD <ip_address>
2. To delete an SNMP trap destination address, issue a Server SNMP Trap Destination command
with the Delete parameter and the destination’s IP address.
SERVER SNMP TRAP DESTINATION DELETE <ip_address>
For more information, see Server SNMP Trap Destination command on page 95.
To add, copy or delete port alert strings:
1. To add a port alert string, issue a Port Alert Add command, specifying the port and a 3-32
character string. You may define up to ten strings for each port, using separate commands.
avocent.book Page 49 Tuesday, March 14, 2006 12:33 PM
The alert string will only generate a trap if the PortAlert trap is enabled with a Server SNMP
command.
Trap
PORT <port> ALERT ADD “<string>”
2. To delete a port alert string, issue a Port Alert Delete command, specifying a port.
PORT <port> ALERT DELETE
The CCM appliance displays a numbered list of alert strings that have been defined for the
specified port with a prompt requesting you to select alert string(s) to delete. Indicate the alert
strings to be deleted by entering an alert string’s list number, several numbers separated by
commas, a range of numbers separated by a dash or a combination of numbers with commas
and dashes. To delete all alert strings, type
3. To copy the defined alert strings from one port to another port, issue a Port Alert Copy com-
mand, specifying the ports to be copied to and from.
PORT <to_port> ALERT COPY <from_port>
At the confirmation prompt, press Y to confirm or N to cancel. When the copy operation
occurs, all previously defined strings on the port being copied to will be replaced.
For more information, see Port Alert Add command on page 70, Port Alert Copy command on
page 71 and Port Alert Delete command on page 71.
Chapter 3: Operations 49
ALL. To cancel the command, press Enter.
To display SNMP configuration information:
Issue a Show Server SNMP command.
SHOW SERVER SNMP
The display includes information specified with the Server SNMP, Server SNMP Community,
Server SNMP Manager, Server SNMP Trap and Server SNMP Trap Destination commands.
For more information, see Show Server SNMP command on page 107.
To display port alert string information:
Issue a Show Port Alert command, specifying a port.
SHOW PORT <port> ALERT
The display lists all the port’s defined alert strings.
For more information, see Show Port command on page 99.
avocent.book Page 50 Tuesday, March 14, 2006 12:33 PM
50 CCM Installer/User Guide
avocent.book Page 51 Tuesday, March 14, 2006 12:33 PM
CHAPTER
Using CCM Appliance Commands
4
Accessing the CLI
You may access the CLI in three ways: using the Telnet CLI, using the console port or entering the
CLI access character during a session to a serial device. When the CLI is accessed, its prompt
appears (>), indicating you may type a command.
51
Entering Commands
At the command prompt, type a command and then press Return or Enter. When the key is
pressed, the command line comprises all characters to the left of the cursor. The character at the
cursor and any characters to the right of the cursor are ignored.
operations for VT100 compatible devices.
Table 4.1: Line Editing Operations for VT100 Compatible Devices
Operation Action
Backspace
Left Arrow
Right Arrow
Up Arrow
Down Arrow
The character immediately before the cursor is erased and all text at and to the right of the
cursor moves one character to the left.
If the cursor is not at the beginning of the line, the cursor moves one character to the left. If
the cursor is at the beginning of the line, no action is taken.
If the cursor is not at the end of the line, the cursor moves one character to the right. If the
cursor is at the end of the line, no action is taken.
The CLI maintains a buffer containing the last 16 typed command lines. If there is a
previous command line, it will be output as the current command line and may be edited. If
there is no previous command line in the command line buffer, the command line is set to
blanks and you may enter a new command.
The next command in the CLI command line buffer is made available for edit. If there is no
next command line, the command line is set to blanks and you may enter a new command.
Table 4.1 lists the line editing
Delete
The character at the cursor position is deleted and all characters to the right of the cursor
position are moved left one character.
avocent.book Page 52 Tuesday, March 14, 2006 12:33 PM
52 CCM Installer/User Guide
Table 4.2 lists the line editing operations for ASCII TTY devices. There is no command line buffer
available on an ASCII TTY device.
Table 4.2: Line Editing Operations for ASCII TTY Devices
Operation Action
Backspace Erases the last character typed.
Esc Erases the current command line.
When commands take effect
Each command is completely processed before the next command may be entered. Some
commands prompt for confirmation before they are processed. In these cases, you must confirm or
cancel by entering
If you enter a Server Flash command or if you change the CCM appliance IP address with a Server
Set command, a reboot is required before the change becomes effective. In these cases, the CCM
database is updated when you enter the command and you are prompted that the change will not
take effect until the CCM appliance reboots. You may choose to reboot at that time, or you may
decline. When the unit reboots, your session and all other sessions on the CCM appliance
terminated.
are
Y or N respectively.
Understanding Conventions
This section describes the parts of a CCM appliance command and the conventions used in this
document to describe a command’s syntax.
Command syntax
A command may have four types of syntax: positional commands, positional parameters, keyword
parameters and keyword values. The following examples demonstrate the syntax types.
The following Set Port command changes the baud rate and flow control settings for port 2.
> PORT 2 SET BAUD=57600 FLOW=XONXOF
Table 4.3: Command Syntax Types in Example Command
Value Syntax
PORT Positional command.
2 Positional parameter that indicates the port number for the command.
SET Positional command that indicates port settings are to be changed.
BAUD Keyword parameter, which is always followed by an equal (=) sign.
57600 Keyword value indicating the baud rate value for the BAUD keyword parameter.
avocent.book Page 53 Tuesday, March 14, 2006 12:33 PM
Table 4.3: Command Syntax Types in Example Command (Continued)
Value Syntax
FLOW Keyword parameter, which is always followed by an equal (=) sign.
XONXOF Keyword value.
Not every command will contain all syntax types. For example, the following command reboots the
appliance.
CCM
>SERVER REBOOT
In this case, both SERVER and REBOOT are positional commands.
In most cases, one or more spaces separate positional commands, positional parameters and
keyword
parameters.
Chapter 4: Using CCM Appliance Commands 53
Using abbreviations
For most positional commands, positional parameters or keyword parameters, you only need to
enter the first three characters. The exceptions are:
• When you specify the terminal type with the Type parameter in the Server CLI command, you
must enter all characters.
• When you specify an authentication method with the Auth parameter in the Server SSH
command, you must enter all characters.
• When you specify control signal monitoring with the Power parameter in the Port Set
command, you must enter all characters.
• When you specify the console port in commands such as Port Set and Show Port, you must
enter the capitalized abbreviation
CON.
• The IPMI command keyword may be abbreviated to IPM; however, when you issue any BMU
commands, or if you use any of the IPMI shortcut commands, none of the parameters may be
abbreviated. All BMU command keywords and parameters must be entered in their entirety.
Using the BMU on page 138 for more information.
See
Specifying port names
Port names may contain up to 32 alphanumeric or hyphen characters, and must be unique; two
ports on the same appliance cannot have the same name. Port names are case sensitive. The name
cannot begin with a number or a space, nor can it contain a double quote (“) or comma (,). The
name cannot be Alert, All, Break, History, Logout, Names, NFS or Set (in any case or any
shortened form). If the name contains spaces, enclose the name in double quotes whenever it is
used in commands.
When using LDAP authentication on a CCM appliance, if any port names contain spaces, they
must be changed to remove the spaces.
avocent.book Page 54 Tuesday, March 14, 2006 12:33 PM
54 CCM Installer/User Guide
Case sensitivity
With the exception of usernames, passwords, port names and group names, commands are not case
sensitive; they may be entered in uppercase, lowercase or a combination. For example, all of the
following commands are correct.
> PORT 2 SET BAUD=57600 FLOW=XON
> POR 2 SET BAU=57600 FLOW=XON
> por 2 Set Baud=57600 flow=xon
> port 2 set baud=57600 flow=xon
NOTE: Usernames and passwords are case sensitive. These values are stored exactly as you enter them. For
example, the username “Ann” must be entered with an uppercase “A” and all other letters lowercase. The
username “ANN” will not be accepted as the username “Ann.” Usernames and passwords must contain 3-16
alphanumeric or hyphen characters.
Syntax errors
Any syntax errors are displayed, and where applicable, the error is underlined.
In the following example, the keyword parameter “baud” is misspelled. Even if more than three
characters are entered, they must all be correct.
> port 2 Set Baux=57600 flow=xon
---ERR 26 - SET keyword parameter invalid
In the following example, the keyword value “576” is not valid. Numeric keyword values must be
fully specified and may not be shortened to three characters.
> POR 2 SET BAUD=576 FLOW=XON
--ERR 27 - SET keyword value invalid
In the following example, there are spaces between BAUD, the equal sign and the value 57600.
Spaces are not permitted between keyword parameters and their values.
> POR 2 SET BAUD = 57600 FLOW=XON
-----------ERR 26 - SET keyword parameter invalid
Syntax conventions
This manual uses the following command syntax conventions:
• Brackets [ ] surround optional keywords and values.
• Angle brackets < > surround user-supplied positional parameters and keyword parameter values.
• In most cases, choices are separated by a vertical bar |. The description indicates if you may
specify more than one of the choices and how to separate multiple values. The exception is
the Server SSH command. In this case, the vertical bar is specified on the command line
when you wish to enable the “password or key” method (PW|KEY) or the “key or password”
method
(KEY|PW).
avocent.book Page 55 Tuesday, March 14, 2006 12:33 PM
Command Summary
Table 4.4 lists the CCM appliance commands, including a brief description plus the required access
rights and level. (For information about BMU commands, see page 138.)
Table 4.4: CCM Appliance Command Summary
Command Description, Access Right and Access Level
Accesses devices from the console port.
Connect
Disconnect
Access right: port-specific
Access level: ADMIN, APPLIANCEADMIN or appropriate port access rights
Ends a device session initiated with Connect command.
Access right: port-specific
Access level: ADMIN, APPLIANCEADMIN or appropriate port access rights
Chapter 4: Using CCM Appliance Commands 55
Help
IPMI
NFS
NTP
Port Add
Port Alert Add
Port Alert Copy
Displays information about commands.
Access right: none needed
Access level: all
Accesses the BMU.
Access right: PCON or SCON
Access level: ADMIN or APPLIANCEADMIN
Enables/disables using an NFS server to hold device session data.
Access right: SCON
Access level: APPLIANCEADMIN
Enables/disables using an NTP server to update the time on the appliance.
Access right: SCON
Access level: APPLIANCEADMIN
Adds a virtual port.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Adds a port alert string.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Copies a port’s alert strings to another port.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Port Alert Delete
Port Break
Deletes one or more port alert strings.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Sends a break signal to the attached device.
Access right: BREAK
Access level: ADMIN or APPLIANCEADMIN
avocent.book Page 56 Tuesday, March 14, 2006 12:33 PM
56 CCM Installer/User Guide
Table 4.4: CCM Appliance Command Summary (Continued)
Command Description, Access Right and Access Level
Deletes one or all virtual ports.
Port Delete
Port History
Port Logout
Port NFS
Access right: PCON or SCON
Access level: ADMIN or APPLIANCEADMIN
Accesses the port history buffer.
Access right: none needed
Access level: all
Terminates the CCM session on a specified port.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN
Enables/disables the NFS feature on a port.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Port Refresh
Port Set
Port Set In/Out
Quit
Resume
Server CLI
Attempts to connect to one or all virtual ports that have Unconnected or
Failed
status.
Access right: SCON, PCON or PALL
Access level: ADMIN, APPLIANCEADMIN or user with access to that port (whether
PALL or group access); to issue Port All Refresh, user must have PALL rights or
group access to all defined virtual ports
Changes port settings.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Specifies how carriage returns and linefeeds are treated in incoming or outgoing
data.
serial
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Terminates the current CCM session.
Access right: none needed
Access level: all
Resumes the device connection after being in CLI mode.
Access right: none needed
Access level: all
Specifies the console port type, CLI access character, modem initialization string,
port history mode operations and port time-out value.
For DS operation only: Also enables/disables device connection from the console
port and authentication of console port sessions.
Access right: SCON
Access level: APPLIANCEADMIN
Server Flash
Updates the unit’s Flash.
Access right: SCON
Access level: APPLIANCEADMIN
avocent.book Page 57 Tuesday, March 14, 2006 12:33 PM
Table 4.4: CCM Appliance Command Summary (Continued)
Command Description, Access Right and Access Level
Reinitializes the CCM appliance.
Server Init
Access right: SCON
Access level: APPLIANCEADMIN
Sets the LDAP service to only authenticate or authenticate and authorize.
Server LDAP Auth
Access right: SCON
Access level: APPLIANCEADMIN
Chapter 4: Using CCM Appliance Commands 57
Server LDAP
Primary|Secondary
Server LDAP Query
Server LDAP Search
Server Ping
Server PPP
Server RADIUS
Server Reboot
Defines or deletes a primary or secondary LDAP server.
Access right: SCON
Access level: APPLIANCEADMIN
Configures the LDAP query parameters.
Access right: SCON
Access level: APPLIANCEADMIN
Configures the LDAP search parameters.
Access right: SCON
Access level: APPLIANCEADMIN
For DS operation only: Enables/disables response to ping requests.
Access right: SCON
Access level: APPLIANCEADMIN
Enables/disables a PPP server on the console port.
Access right: SCON
Access level: APPLIANCEADMIN
Specifies RADIUS server parameters.
Access right: SCON
Access level: APPLIANCEADMIN
Reboots the appliance.
Access right: SCON
Access level: APPLIANCEADMIN
Server Security
Server Set
Server Share
Specifies the user authentication method, access method, security lock-out setting
and connection
methods.
For DS operation only: Clears stored DSView 3 software credentials
Access right: SCON
Access level: APPLIANCEADMIN
Changes the CCM appliance network configuration.
Access right: SCON
Access level: APPLIANCEADMIN
Enables/disables session sharing on the appliance.
Access right: SCON
Access level: APPLIANCEADMIN
avocent.book Page 58 Tuesday, March 14, 2006 12:33 PM
58 CCM Installer/User Guide
Table 4.4: CCM Appliance Command Summary (Continued)
Command Description, Access Right and Access Level
Enables/disables UDP port 161 SNMP processing.
Server SNMP
Access right: SCON
Access level: APPLIANCEADMIN
Server SNMP
Community
Server SNMP Manager
Server SNMP Trap
Server SNMP Trap
Destination
Server SSH
Show Group
Show NFS
Defines read, write and trap SNMP community strings.
Access right: SCON
Access level: APPLIANCEADMIN
Defines/deletes SNMP management entities.
Access right: SCON
Access level: APPLIANCEADMIN
Enables/disables SNMP traps.
Access right: SCON
Access level: APPLIANCEADMIN
Defines/deletes destinations for enabled SNMP traps.
Access right: SCON
Access level: APPLIANCEADMIN
Enables/disables SSH session access to the CCM appliance and specifies the SSH
authentication
method.
Access right: SCON
Access level: APPLIANCEADMIN
Displays the membership of one or all groups.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays NFS configuration information and mount status.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Show NTP
Show Port
Show Port In|Out
Show Server
Displays NTP configuration information.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays port configuration information and statistics.
Access right: none needed if no parameters are specified; otherwise, SMON
or
PCON
Access level: ADMIN or APPLIANCEADMIN
Displays how carriage returns and linefeeds are treated.
Access right: SMON or PCON
Access level: ADMIN or APPLIANCEADMIN
Displays CCM appliance configuration, statistics and session information.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
avocent.book Page 59 Tuesday, March 14, 2006 12:33 PM
Table 4.4: CCM Appliance Command Summary (Continued)
Command Description, Access Right and Access Level
Displays information specified with the Server CLI command.
Show Server CLI
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays LDAP settings.
Show Server LDAP
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays PPP settings.
Show Server PPP
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays RADIUS settings.
Show Server RADIUS
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Chapter 4: Using CCM Appliance Commands 59
Show Server Security
Show Server SNMP
Show User
SPC
SPC Socket
User Add
User Delete
Displays authentication and lock-out settings.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays SNMP configuration information.
Access right: SMON
Access level: ADMIN or APPLIANCEADMIN
Displays user configuration and session information.
Access right: SMON or USER if no parameter is specified; otherwise, USER
Access level: ADMIN or APPLIANCEADMIN
Changes SPC port settings.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Changes SPC socket settings or states.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Adds a new user.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN
Deletes a user.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN
User Logout
Terminates a user’s session.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN (An ADMIN level user may issue this
command for users with any level other than APPLIANCEADMIN.)
avocent.book Page 60 Tuesday, March 14, 2006 12:33 PM
60 CCM Installer/User Guide
Table 4.4: CCM Appliance Command Summary (Continued)
Command Description, Access Right and Access Level
Changes a user’s configuration information.
User Set
User Unlock
Access right: USER
Access level: ADMIN or APPLIANCEADMIN
Unlocks a locked-out user.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN (An ADMIN level user may issue this
command for users with any level other than APPLIANCEADMIN.)
avocent.book Page 61 Tuesday, March 14, 2006 12:33 PM
CHAPTER
CCM Appliance Commands
5
Connect Command
The Connect command establishes a connection from the console port of the CCM appliance to a
device attached to a serial port on that CCM appliance. To use this command, you must have
previously issued a Server CLI command with the Connect=On parameter. For more information,
Connecting to Serial Devices on page 21.
see
Your ability to connect to another port is also affected by session sharing and port access method.
For more information, see
When the connect completes successfully, the message Connected to port x: will be displayed,
followed by the values for port_number,baud,bits_per_character,parity,stop_bits,flow_control.
Access right: port-specific
Access level: ADMIN, APPLIANCEADMIN or users with access to port
Syntax
CONNECT [<port>] [EXCLUSIVE]
61
Session sharing and preemption on page 27 and Port access on page 17.
Table 5.1: Connect Command Parameters
Parameter Description
Port number (physical ports only) or name. You may specify an asterisk (*) as a
wildcard character, with or without other characters.
If the port specification is omitted, a menu will be displayed, listing all physical and
virtual ports that are available for serial connection (this excludes SPC ports, ports to
which you are already connected and ports you do not have permission to access).
If a port specification contains a wildcard, a menu will be displayed, listing all
<port>
EXCLUSIVE
physical and virtual ports that match the specification.
The menu will include your username plus the port access - if access is by port, Pall
will be displayed; if access is by group, the group names will be displayed. The
available ports will then be listed with their names, number (physical ports only) and
group (for group access only).
At the prompt, enter a port name or number. You may press Enter to cancel
command.
the
Requests exclusive access to the port. This will initially be accommodated only if the
port is not currently in use.
avocent.book Page 62 Tuesday, March 14, 2006 12:33 PM
62 CCM Installer/User Guide
Example
The following command establishes a connection from the CCM appliance console port to port 6.
>connect 6
The following command displays a subset of available ports - those beginning with the letter A and
to which the user has access.
>con A*
If access is by PALL, the following display appears.
>con A*
User: Admin
Access: Pall
Available Connections
Port Name Port #
--------- ------
Alpha 2
“Another Port”
Apple
>
If access is by groups, the following display appears.
> con A*
User: Admin
Access: group1, group2, groupVP
Available Connections
Port Name Port # Group
--------- ------ -----
Alpha 2 group1
“Another Port” groupVP
>
Disconnect Command
The Disconnect command terminates a session with a serial device that was previously initiated
with a Connect command.
Access right: port-specific
Access level: ADMIN, APPLIANCEADMIN or others with access to port
avocent.book Page 63 Tuesday, March 14, 2006 12:33 PM
Syntax
DISCONNECT
Group Commands
The Group command has several forms, as listed in Table 5.2.
Table 5.2: Group Command Summary
Command Description
Group Add Adds a new group.
Group Delete Removes all members of a group.
Group Set Changes the membership of a group.
Chapter 5: CCM Appliance Commands 63
Group Add command
The Group Add command adds a group containing one or more ports or a group containing one or
more users. For more information, see
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
GROUP <group> ADD PORT=<port>
-or-
GROUP <group> ADD USER=<user>
Table 5.3: Group Add Command Parameters
Parameter Description
<group>
PORT=<port>
USER=<user>
Managing groups on page 18.
Group name (1-8 characters). Group names are case sensitive and must be unique.
If the name contains spaces, enclose the name in double quotes.
Port name or number. Separate multiple ports with commas. If an invalid port name/
number is specified, the entire command will fail.
Username. Separate multiple usernames with commas. If an invalid username is
specified, the entire command will fail.
Example
The following command adds a group named mine, containing port numbers 1 and 3, and the ports
named PORT-2 and ACME.
group mine add port=1,3,PORT-2,ACME
avocent.book Page 64 Tuesday, March 14, 2006 12:33 PM
64 CCM Installer/User Guide
Group Delete command
The Group Delete command removes all ports/users from a group.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
GROUP <group> DELETE
Table 5.4: Group Delete Command Parameter
Parameter Description
<group>
Group Set command
The Group Set command modifies a group’s membership. For more information, see Managing
groups on page 18.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
GROUP <group> SET PORT=<port>
-or-
GROUP <group> SET USER=<user>
Table 5.5: Group Set Command Parameters
Parameter Description
<group>
PORT=<port>
Group name. Group names are case sensitive. If the name contains spaces, enclose
the name in double quotes.
Group name (1-8 characters). Group names are case sensitive. If the name contains
spaces, enclose the name in double quotes.
Port name or number. if an invalid port name/number is specified, the entire
command will fail.
You may use one of three forms (separate multiple ports with commas):
PORT=<port> to replace the entire group membership to the specified ports.
PORT=+<port> to add the group to the group settings for the specified ports.
PORT=–<port> to remove the group from the group settings for the specified ports.
USER=<user>
Username. If an invalid username is specified, the entire command will fail.
You may use one of three forms (separate multiple ports with commas):
USER=<user> to replace the entire group membership with the specified users.
USER=+<user> to add this group to the group settings for the specified users.
USER=–<user> to remove this group from the group settings for the specified users.
avocent.book Page 65 Tuesday, March 14, 2006 12:33 PM
Help Command
The Help command displays information about CCM appliance commands. For displays that span
more than one screen, -More- will appear on the last line of all screens but the last one. You may:
Press the Spacebar to see the next screen.
-orEnter Ctrl-J, Ctrl-M or press Enter to see the next line.
-orEnter q to quit.
Access right: none needed
Access level: none needed
Syntax
HELP [<command_name>]
Chapter 5: CCM Appliance Commands 65
Table 5.6: Help Command Parameter
Parameter Description
<command_name>
Examples
The following command displays information about the Show Server CLI command.
>help sho ser cli
The following command displays a list of all commands.
>help
The following command displays a list of all commands that begin with Server.
>help server
IPMI Command
The IPMI command accesses the BMU.
If no SoL connection is established, or if no virtual port name is specified with the command, you
will be prompted for server login information, including the IP address, username and password. If
you issue the IPMI command with a valid virtual port name and the configured login credentials are
correct, an IPMI session will be established to the specified
If you are serially connected to a valid virtual port, typing IPMI at the command prompt will
establish an IPMI session to that port. Typing
the specified
After you have accessed the BMU, you may issue BMU commands. See Using the BMU on
page 138 for more information.
port.
Command name.
Default: Displays list of all commands
BMC.
IPMI <port_name> will establish an IPMI session to
avocent.book Page 66 Tuesday, March 14, 2006 12:33 PM
66 CCM Installer/User Guide
NOTE: You may also use IPMI “shortcut commands” that access the BMU, issue a BMU command and then
return to the CCM appliance CLI. See Using the BMU on page 138 for details.
Access right: PCON or SCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
IPMI [<port_name>]
Table 5.7: IPMI Command Parameter
Parameter Description
<port_name> Virtual port name.
NFS Command
The NFS command enables or disables use of the NFS feature on the CCM appliance, and specifies
the location of the NFS server, its mount point, the type of files that will be created and the protocol
to be used. For more information, see
NFS history files on page 43.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
NFS ENABLE [IP=<nfs_server>] [MOUNT=<mount>] [FTYPE=LINEAR|DAILY]
[PROTOCOL=TCP|UDP]
-orNFS DISABLE
Table 5.8: NFS Command Parameters
Parameter Description
ENABLE Enables NFS on the appliance.
IP address of the NFS server, in IP dot notation. The NFS server must support
IP=<nfs_server>
MOUNT=<mount>
NFSv3 (RFC1813). This parameter is required if NFS is being enabled for the
time.
first
Mount point (subdirectory location) on the NFS server. This parameter is required if
NFS is being enabled for the first time. The NFS server must be configured to allow
the CCM appliance to access this file system location.
FTYPE=LINEAR|DAILY
Linear indicates a file will be opened on the NFS server for writing at the end
(appended). Daily indicates a new file will be created on the NFS server
midnight.
every
For either file type, if the file being opened does not already exist, it will be created. If
the file already exists, it will be opened for writing at the end (appended).
Default = Linear
avocent.book Page 67 Tuesday, March 14, 2006 12:33 PM
Table 5.8: NFS Command Parameters (Continued)
Parameter Description
Specifies the network protocol to be used between the CCM appliance and the
PROTOCOL=TCP|UDP
DISABLE Disables NFS on the appliance.
NFS
Default = TCP
Examples
The following command enables the use of the NFS on the CCM appliance. The NFS server is
located at IP address 192.168.52.50, and files will be created under the subdirectory c/ccm_history
midnight.
every
>nfs enable ip=192.168.52.50 mount=c/ccm_history ftype=daily
The following command disables using the NFS feature on the CCM appliance. If NFS is later
enabled again without additional parameters, the previously configured values will be used.
>nfs disable
Chapter 5: CCM Appliance Commands 67
server.
NTP Command
The NTP command enables or disables use of the Network Time Protocol on the CCM appliance,
and specifies the location of the NTP server that will supply the time to the CCM appliance. For
more information, see
When you enable NTP, you are prompted to confirm or cancel the operation.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
NTP ENABLE [IP=<prim_add>[,<sec_addr>]] [UPDATE=<hours>]
-orNTP DISABLE
Table 5.9: NTP Command Parameters
Parameter Description
ENABLE Enables NTP on the appliance.
IP=<prim_add>
,<sec_addr>
Updating the Appliance Clock on page 14.
IP address of the first NTP server to contact to obtain the time and optionally, the IP
address of the second NTP server. At least a primary address is required if NTP is
being enabled for the first time.
If a second server is specified, it will be contacted to obtain either the time (if the time
was not obtained from the first server) or the second server’s status (if the time was
successfully obtained from the first server).
avocent.book Page 68 Tuesday, March 14, 2006 12:33 PM
68 CCM Installer/User Guide
Table 5.9: NTP Command Parameters (Continued)
Parameter Description
Interval for sending a time request to the NTP server and then updating the clock.
Valid values are 0-99 hours. A zero value indicates that the time should be requested
UPDATE=<hours>
DISABLE Disables NTP on the appliance.
and the clock updated when the CCM appliance reboots.
Regardless of this parameter’s value, the clock is updated immediately when the
NTP Enable command is issued.
Default = 0 (update immediately and then only upon reboot)
Example
The following command enables use of NTP on the CCM appliance. The time requests will first be
made to the NTP server at IP address 192.168.50.200. The secondary NTP server at
192.168.50.220 will then be contacted to obtain either the time (if it was not provided by the
primary server) or the secondary server’s status. The time will be updated immediately and then
every two
hours.
>ntp enable ip=192.168.50.200,192.168.50.220 upd=2
Port Commands
The Port command has several forms, as listed in Table 5.10.
Table 5.10: Port Command Summary
Command Description
Port Add Adds a virtual port.
Port Alert Add Adds a port alert string to a specified port.
Port Alert Copy Copies port alert strings from one port to another port.
Port Alert Delete Deletes one or more port alert strings from a specified port.
Port Break Sends a serial break signal to the attached device.
Port Delete Deletes a virtual port.
Port History Accesses a port’s history mode.
Port Logout Terminates the CCM session on a specified port.
Port NFS Enables or disables using the NFS feature on a port.
Port Refresh Attempts to connect to a virtual port that is in an unconnected or failed state.
Port Set Changes CCM serial port settings for one or all ports.
avocent.book Page 69 Tuesday, March 14, 2006 12:33 PM
Table 5.10: Port Command Summary (Continued)
Command Description
Chapter 5: CCM Appliance Commands 69
Port Set In/Out
Port Add command
The Port Add command adds a virtual port. Up to 16 virtual ports may be added. For more
information, see
To change a virtual port’s parameters after this command is issued, use a Port Set command.
This command is not valid for physical ports.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT <port_name> ADD SOCKET=<socket> IP=<address> [USERNAME=<username>]
[PASSWORD=<password>] [TIMEOUT=<time-out>] [CHAR=^<cli_char>]
[GROUP=<group>]
Table 5.11: Port Add Command Parameters
Parameter Description
<port_name>
Virtual port settings on page 19.
Specifies how carriage returns and linefeeds are treated in incoming or outgoing
data.
serial
1-32 character port name. The name cannot be Alert, All, Break, History,
Logout, Names, NFS or Set (in any case or any shortened form), CON or null
(““). The name must be unique; two ports cannot have the same name. Port
names are case sensitive. The name cannot begin with a number or a space,
nor can it contain a double quote (“), a comma (,) or an asterisk (*). If the name
contains spaces, enclose the name in double quotes.
If you are using LDAP authentication on the CCM appliance, the port name
cannot contain spaces.
SOCKET=<socket>
IP=<address>
USERNAME=<username>
TCP port that must be entered on the Telnet client to connect to this serial
port. The new value becomes effective in subsequent sessions.
The valid range is 3000-5999 and 6064-65000 (6000-6063 should not
be
used).
When SSH is enabled, the CCM appliance automatically adds 100 to the
specified
enabled, the +100 value will not appear in displays.
IP address of the BMC, in standard dot notation. This value cannot be all
zeros, or a local loopback, broadcast or multicast (224.0.0.0-
239.255.255.255)
Username. This should match the username configured on the BMC.
Default = NULL
value. When both plain text Telnet and SSH connections are
address.
avocent.book Page 70 Tuesday, March 14, 2006 12:33 PM
70 CCM Installer/User Guide
Table 5.11: Port Add Command Parameters (Continued)
Parameter Description
PASSWORD=<password>
TIMEOUT=<time-out>
CHAR=^<cli_char>
GROUP = <group>
Password. This should match the password configured on the BMC.
Default = NULL
Number of idle minutes, in the range 1-90, that the CCM appliance will wait
before dropping a connection to the port. If the value is zero or omitted, the
port will use the time-out value specified in the Server CLI command. (To
completely disable port time-outs, the time-out values in the Port Add/Set and
Server CLI commands must both be zero.)
The new value does not affect an active session; it takes effect in
subsequent
Default = 0 (use value from Server CLI command)
CLI access character in the range A to _ (underscore) or None. (The allowable
ASCII range is 0x41-0x5F and 0x61-0x7A.) The CLI access character, when
pressed simultaneously with the
device, will suspend the session with the device and place you in CLI
command mode.
If an IPMI connection is made through a CCM appliance virtual port, this value
is used. For a direct Telnet connection, or if None is specified, the value
specified in the Char parameter of the Server CLI command will be
Default = None
Group name(s), up to 8 characters each. Group names are case sensitive. If
the name contains spaces, enclose the name in double quotes. A port may
belong to up to eight groups; separate multiple groups with commas.
sessions.
Ctrl key during a session with a target
used.
Example
The following command adds a virtual port named VP1. The IP address of the BMC is
192.168.70.15 and socket 5001 is assigned.
>port VP1 add socket=5001 ip=192.168.70.15 username=user1
password=pword1
Port Alert Add command
The Port Alert Add command adds a port alert string to a specified port. Each port may have up to
ten port alert strings. Duplicate strings are not allowed on the same port. To generate a trap, the
Server SNMP Trap command must be issued to enable the PortAlert trap. For more information,
Managing the CCM Appliance Using SNMP on page 46.
see
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT <port> ALERT ADD “<string>”
avocent.book Page 71 Tuesday, March 14, 2006 12:33 PM
Table 5.12: Port Alert Add Command Parameters
Parameter Description
<port> Port number or name.
Chapter 5: CCM Appliance Commands 71
<string>
3-32 character string. If the string contains embedded spaces, it must be enclosed
quotes.
in
Port Alert Copy command
The Port Alert Copy command copies the alert strings from one port (from_port) to another
(to_port). Any alert strings that were previously defined on the to_port will be deleted. When you
enter this command, you are prompted to confirm or cancel the copy operation.
For more information, see Managing the CCM Appliance Using SNMP on page 46.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT <to_port> ALERT COPY <from_port>
Table 5.13: Port Alert Copy Command Parameters
Parameter Description
<to_port> Port number or name where alert strings will be copied.
<from_port> Port number or name from which alert strings will be copied.
Example
The following command copies the alert strings defined on physical port 1 to physical port 17,
replacing any previously defined alert strings on port 17.
>port 17 alert copy 1
Port Alert Delete command
The Port Alert Delete command deletes one or more alert strings from a port. When you issue this
command, a numbered list of defined alert strings is displayed, from which you choose those to be
deleted. You may enter one or more numbers separated by commas, a range of numbers separated
by a hyphen or type
For more information, see Managing the CCM Appliance Using SNMP on page 46.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT <port> ALERT DELETE
ALL to specify all strings. Pressing Enter cancels the command.
avocent.book Page 72 Tuesday, March 14, 2006 12:33 PM
72 CCM Installer/User Guide
Table 5.14: Port Alert Delete Command Parameter
Parameter Description
<port> Port number or name.
Example
The following command deletes defined alert strings from physical port 26.
>PORT 26 ALERT DELETE
Alert-strings assigned to port 26:
1) The first alert string
2) The second alert string
3) The third alert string
4) The fourth alert string
Select Alert-string(s) to delete>
The alert string numbers specified at the prompt will be deleted.
Port Break command
The Port Break command sends a serial break signal to the device to which you are attached.
Access right: BREAK
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT BREAK
Port Delete command
The Port Delete command deletes one or all virtual ports. This command is not valid for
physical
If a virtual port has an active connection, the port will be deleted from the database but will remain
an active port as long as the connection remains active (however, you may not change any port
characteristics with a Port Set command). Once the connection is terminated, the port will
be
Access right: PCON or SCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
Table 5.15: Port Delete Command Parameter
ports.
deleted.
PORT <port_name>|ALL DELETE
Parameter Description
<port_name> Port name.
ALL Indicates that all virtual ports should be deleted.
avocent.book Page 73 Tuesday, March 14, 2006 12:33 PM
Port History command
The Port History command accesses a serial port’s history mode while you are attached to the port.
When you are in history mode, the PORT HISTORY> prompt appears, and you may search the
port’s history buffer for specified strings.
For more information, see Managing Port History on page 40.
Access right: none needed
Access level: all
Syntax
PORT HISTORY
When you are in port history mode, you may issue the commands listed in Table 3.6 on page 41.
Examples
The following command accesses the serial port’s history mode.
>port history
In history mode, the following command searches the history buffer in the downward direction for
the string “connected to,” ignoring case.
PORT HISTORY>s -d -i “connected to”
Chapter 5: CCM Appliance Commands 73
Port Logout command
The Port Logout command terminates the CCM appliance session on a specified port. If more than
one session is active on the port, all sessions are logged out.
Access right: USER
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT <port> LOGOUT
Table 5.16: Port Logout Command Parameter
Parameter Description
<port> Port number or name.
Port NFS command
The Port NFS command enables or disables using the NFS feature on a port, and specifies NFS
parameters. For more information, see
NOTE: If you are enabling NFS on a port, an NFS Enable command must have successfully completed before
the Port NFS command will be accepted.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
NFS history files on page 43.
avocent.book Page 74 Tuesday, March 14, 2006 12:33 PM
74 CCM Installer/User Guide
Syntax
PORT [<port>|ALL] NFS ENABLE [FILE=<file>] [SIZE=<bytes>] [TIME=<sec>]
-orPORT [<port>|ALL] NFS DISABLE
Table 5.17: Port NFS Command Parameters
Parameter Description
ENABLE Enables NFS on the specified port.
port
ALL Indicates that the following parameters should be applied to all ports.
FILE=<file>
SIZE=<bytes>
TIME=<sec>
DISABLE Disables NFS on the specified port.
Port name or number. If a port name, number or ALL is omitted, the action is
performed on the port to which you are connected.
Filename specification, up to 32 characters. This must result in a unique filename for
the port (and a unique daily port file if the file type is daily). Substitution strings may
be used; see
Default = ““ (For physical ports: P%#.hst if the file type is linear, P%#_%F.hst if the
file type is daily. For virtual ports: P%n.hst if the file type is linear, P%n_%F.hst if the
file type is daily.)
Number of bytes that will be buffered on the CCM appliance before being written to
the NFS server file. This threshold is used with the Time value to determine when
accumulated data will be written. Valid values are 0-3584 bytes.
Default = 0 bytes
Maximum number of seconds that will be allowed to elapse before buffered data will
be written to the NFS server file. This threshold is used with the Size value to
determine when accumulated data will be written. Valid values are 0-65536 seconds.
Default = 1 second
Table 3.7 on page 44.
Examples
The following command enables NFS on physical port 3, using the default filename specification,
and setting a size threshold of 20 bytes and a time threshold of zero. With this configuration, data
will be buffered according to the non-zero threshold value, 20 bytes, then it will be written to the
NFS history file. The history file will be named P03.hst if the file type is linear, or P03_<4-digit
year>-<2-digit_month>-<2-digit_day> if the file type is daily.
>port 3 nfs ena size=20 time=0 file=
The following command enables NFS on the virtual port named linux3, using the default filename
specification, and the same size and time thresholds as the previous example. In this case, the
history file will be named Plinux3.hst if the file type is linear, or Plinux3_<4-digit year>-<2digit_month>-<2-digit_day> if the file type is daily.
>port linux3 nfs ena size=20 time=0 file=
avocent.book Page 75 Tuesday, March 14, 2006 12:33 PM
The following command enables NFS on physical port 7, using a substitution string within the
filename specification, and setting zero thresholds for both size and time. (This configuration will
not be acceptable if the file type is daily, because the file specification does not include a date
substitution string that would make each daily file uniquely named.) Assuming the file type is
linear, data will be written to the NFS server file named ccm_1_P07 as soon as it is available,
because both thresholds are
>port 7 nfs ena size=0 time=0 file=ccm_1_%#
Port Refresh command
The Port Refresh command attempts to connect to one or all virtual ports that are in an unconnected
or failed state. To verify a port’s state, use the Show Port command.
Access right: PCON, SCON or PALL
Access level: ADMIN, APPLIANCEADMIN or user with access to that port (whether PALL or
group access); to issue Port All Refresh, user must have PALL rights or group access to all defined
ports
virtual
Syntax
PORT <port_name>|ALL REFRESH
Chapter 5: CCM Appliance Commands 75
zero.
Table 5.18: Port Refresh Command Parameter
Parameter Description
<port_name> Virtual port name.
ALL
Port Set command
The Port Set command changes physical serial port and/or virtual port settings in the CCM
configuration database. At least one keyword parameter and value must be specified.
If you wish to change port settings for a virtual port, the port must have been previously defined
with a Port Add command.
Some parameters apply to both physical and virtual ports; others apply to only physical ports or
only virtual ports. These are noted accordingly.
In most cases, new values become effective in subsequent sessions.
For more information, see Configuring Port Settings on page 15.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Indicates that connection should be attempted to all virtual ports that are not
connected.
already
avocent.book Page 76 Tuesday, March 14, 2006 12:33 PM
76 CCM Installer/User Guide
Syntax
PORT [<port>|ALL] SET
[TD=<device>] [NAME=<name>] [BAUD=<baud>] [SIZE=<size>] [PARITY=<parity>]
[STOP=<stopbits>] [FLOW=<signal>] [TIMEOUT=<time-out>] [SOCKET=<socket>]
[CHAR=^<cli_char>] [TOGGLE=NONE|DTR] [POWER=<signal>] [GROUP=<group>]
[IP=<address>] [USERNAME=<username>] [PASSWORD=<password>]
Table 5.19: Port Set Command Parameters
Parameter Description
<port>
A port number (physical port), port name (physical or virtual port) or CON.
If you are connected to a port and this parameter is omitted, the settings are
applied to the port for this connection; otherwise, this parameter must be
specified. This parameter is required when changing console port
settings.
(CON)
ALL
TD=<device>
NAME=<name>
BAUD=<baud>
Indicates that the port settings that follow should be applied to all ports, except
the console
If you have created virtual ports with Port Add commands, and you issue a Port
All Set command with a parameter that is valid for a virtual port, the specified
change will be applied to all virtual ports as well as all physical ports.
Target device type. Valid values are Console and SPC. If SPC is specified, only
the Name and Group parameters may be specified with this command.
This parameter is not valid for the console port or for virtual ports.
Default = Console
1-32 character port name. The name cannot be Alert, All, Break, History, Logout,
Names, NFS or Set (in any case or any shortened form) or CON. The name must
be unique; two ports cannot have the same name. Port names are case
sensitive. The name cannot begin with a number or a space, nor can it contain a
double quote (“), a comma (,) or an asterisk (*). If the name contains spaces,
enclose the name in double quotes.
To return a physical port name to its default value, specify Name=“” (you cannot
do this for a virtual port, because a virtual port does not have a default name).
This parameter is not valid for the console port.
You may not rename a virtual port when it has an active connection.
If you are using LDAP authentication on the CCM appliance, the port name
cannot contain spaces.
Default (physical ports only) = last 3 octets of MAC address, followed by P and
the port
Baud rate. Valid values are: 50, 75, 110, 134, 150, 200. 300, 600, 1200, 2400,
4800, 9600, 19200, 38400, 57600 and 115200.
This parameter is not valid for virtual ports.
Default = 9600
port.
number
SIZE=<size>
Number of data bits per character. Valid values are 7 and 8.
This parameter is not valid for virtual ports.
Default = 8
avocent.book Page 77 Tuesday, March 14, 2006 12:33 PM
Table 5.19: Port Set Command Parameters (Continued)
Parameter Description
PAR I TY=<parity>
STOP=<stopbits>
FLOW=<signal>
Chapter 5: CCM Appliance Commands 77
Parity. Valid values are:
None No parity.
Even Even parity.
Odd Odd parity.
Mark Mark parity.
Space Space parity.
This parameter is not valid for virtual ports.
Default = None
Number of stop bits per character. Valid values are 1 and 2.
This parameter is not valid for virtual ports.
Default = 1
Flow control signal. For hardware flow control, be sure the control signals are
correctly wired, or data loss may occur. The flow control signal cannot also be
used for power status monitoring. Valid values are:
XONXOF Software XON/XOFF flow control.
RTSCTS Hardware RTS/CTS flow control.
DTRDCD Hardware DTR/DCD flow control.
None No flow control.
This parameter is not valid for virtual ports.
Default = None
TIMEOUT=<time-out>
Number of idle minutes, in the range 1-90, that the CCM appliance will wait
before dropping a connection to the port. If the value is zero or omitted, the port
will use the time-out value specified in the Server CLI command. (To completely
disable port time-outs, the time-out values in the Port Set and Server CLI
commands must both be zero.)
The new value does not affect an active session; it takes effect in
subsequent
sessions.
Default = 0 (use value from Server CLI command)
avocent.book Page 78 Tuesday, March 14, 2006 12:33 PM
78 CCM Installer/User Guide
Table 5.19: Port Set Command Parameters (Continued)
Parameter Description
SOCKET=<socket>
TCP port that must be entered on the Telnet client to connect to this port. The
new value becomes effective in subsequent sessions.
The valid range is 3000-5999 and 6064-65000 (6000-6063 should not be used).
When SSH is enabled, the CCM appliance automatically adds 100 to the
specified
When All is specified, port 1 will be assigned the specified socket value plus 1,
port 2 will be assigned the specified value plus 2, and so on. After physical ports
are assigned values, any virtual ports (sorted in ASCII order) will be assigned
values in sequence.
When All is specified and SSH is enabled, port 1 will be assigned the specified
socket value plus 101, port 2 will be assigned the specified value plus 102, and
so on. Any virtual ports will be assigned values after the physical ports.
When both plain text Telnet and SSH connections are enabled, the +100 value
will not appear in displays.
This parameter is not valid for the console port.
Default = 3000 plus the port number, 3100 plus the port number if SSH is
enabled; see above for action taken if All is specified and when virtual ports
are
value.
configured
CHAR=^<cli_char>
TOGGLE=NONE|DTR
POWER=<signal>
CLI access character in the range A to _ (underscore) or None. (The allowable
ASCII range is 0x41-0x5F and 0x61-0x7A.) The CLI access character, when
pressed simultaneously with the
will suspend the session with the device and place you in CLI command mode.
If an IPMI connection is made through a CCM appliance virtual port, this value is
used. For a direct Telnet connection, or if None is specified, the value specified in
the Char parameter of the Server CLI command will be
Default = None
When set to DTR, the CCM appliance will toggle the port’s DTR-out signal off for
1/2 second each time a connection is made to the port. This toggle is required to
awaken the console port of some devices.
This parameter is not valid for the console port or for virtual ports.
Default = None
Control signal and state that indicates the target device has power on. The entire
value must be specified; abbreviations are not allowed. The specified signal
cannot also be used for flow control.
This parameter is not valid for the console port or for virtual ports.
Valid values are:
None Disables power status monitoring.
HICTS CTS high indicates power on.
LOCTS CTS low indicates power on.
HIDCD DCD high indicates power on.
LODCD DCD low indicates power on.
HIDSR DSR high indicates power on.
LODSR DSR low indicates power on.
Default = None
Ctrl key during a session with a target device,
used.
avocent.book Page 79 Tuesday, March 14, 2006 12:33 PM
Table 5.19: Port Set Command Parameters (Continued)
Parameter Description
GROUP=<group>
IP=<address>
Chapter 5: CCM Appliance Commands 79
Group name(s), up to eight characters each. Group names are case sensitive. If
the name contains spaces, enclose the name in double quotes.
A port may belong to up to eight groups.
If you are specifying settings for a single port, you may use one of three forms
(separate multiple groups with commas):
GROUP=<access> to specify all port groups.
GROUP=+<access> to specify only groups to be added.
GROUP=–<access> to specify only groups to be deleted.
If you are specifying settings for all ports, you must use the following form:
GROUP=<access> to specify all port groups.
To delete all previously defined groups for the port, specify GROUP=””.
This parameter is not valid for the console port.
IP address of the BMC, in standard dot notation. This value cannot be all zeros,
or a local loopback, broadcast or multicast (224.0.0.0-239.255.255.255) address.
This parameter is valid only for virtual ports and cannot be used with the
parameter.
All
USERNAME=<username>
PASSWORD=<password>
Examples
The following command sets a baud rate of 57600 and enables XON/XOFF flow control on
physical port
>port 2 set baud=57600 flow=xonxof
2.
The following command adds a group named acctg3 to the configuration for virtual port VP1
(which was previously configured with a Port Add command).
>port VP1 set group=+acctg3
Port Set In/Out command
The Port Set In/Out command specifies how carriage returns (CR) and linefeeds (LF) are treated in
incoming or outgoing serial data on one or all ports.
Access right: SCON or PCON
Access level: ADMIN or APPLIANCEADMIN
Syntax
PORT [<port>|ALL] SET IN|OUT [CR=<cr>] [LF=<lf>|CRLF=CR]
Username. This should match the username configured on the BMC.
This parameter is valid only for virtual ports.
Default = NULL
Password. This should match the password configured on the BMC.
This parameter is valid only for virtual ports.
Default = NULL
avocent.book Page 80 Tuesday, March 14, 2006 12:33 PM
80 CCM Installer/User Guide
Table 5.20: Port Set In/Out Command Parameters
Parameter Description
<port>
ALL
IN|OUT
CR=<cr>
LF=<lf>|CRLF=CR
Quit Command
Port number or name.
Default = port to which you are attached
Indicates that the port settings that follow should be applied to all ports except the
console port.
Either IN to specify translation for incoming data or OUT to specify translation for
outgoing
Translation to be made for carriage returns. Valid values are:
CR=CR Carriage return is treated as a carriage return.
CR=LF Carriage return is treated as a linefeed.
CR=STRIP Carriage return is stripped.
CR=CRLF Carriage return is treated as a carriage return and linefeed.
Default = CR=CR
Translation to be made for linefeeds. Valid values are:
LF=LF Linefeed is treated as a linefeed.
LF=CR Linefeed is treated as a carriage return.
LF=STRIP Linefeed is stripped.
LF=CRLF Linefeed is treated as a carriage return and linefeed.
CRLF=CR Linefeed is stripped only if it is preceded by a carriage return.
Default = LF=LF
data.
This LF setting cannot be specified with any other LF setting.
The Quit command terminates the current CCM appliance session and terminates your Telnet
connection to the unit.
Access right: none needed
Access level: all
Syntax
QUIT
Resume Command
The Resume command exits the CLI and resumes your connection to the device. The history buffer
contains any data received while you were in CLI mode.
Access right: none needed
Access level: all
Syntax
RESUME
avocent.book Page 81 Tuesday, March 14, 2006 12:33 PM
Server Commands
The Server command has several forms, as listed in Table 5.21.
Table 5.21: Server Command Summary
Command Description
Server CLI
Server Flash Updates the unit’s Flash.
Server Init Reinitializes the CCM appliance.
Chapter 5: CCM Appliance Commands 81
Specifies the console port type, CLI access character, modem initialization
string, port history mode operations and port time-out value. You may also
enable/disable device connection from the console port.
For DS operation only: Also enables/disables authentication of console
sessions and specifies a preemption level to be used when console port
port
authentication is
disabled.
Server Ping For DS operation only: Enables/disables response to ping requests.
Server PPP Enables/disables PPP connections to the console port.
Server RADIUS Specifies RADIUS server parameters.
Server Reboot Reboots the unit.
Server Security
Server Set Changes the CCM appliance network configuration.
Server Share Specifies session sharing settings.
Server SNMP Enables/disables UDP port 161 SNMP processing.
Server SNMP Community Defines read, write and trap SNMP community strings.
Server SNMP Manager Defines/deletes SNMP management entities.
Server SNMP Trap Enables/disables SNMP traps.
Server SNMP Trap Destination Defines/deletes destinations for enabled SNMP traps.
Server SSH
Specifies user authentication method, enables/disables security lock-out and
enables/disables connection methods.
Enables/disables SSH session access to the CCM appliance and specifies
the SSH authentication method.
Server CLI command
The Server CLI command:
• Specifies the console port type
• Specifies the CLI access character
• Enables or disables device connection from the console port
avocent.book Page 82 Tuesday, March 14, 2006 12:33 PM
82 CCM Installer/User Guide
• Specifies a modem initialization string
• Specifies port history mode operations
• Specifies a port time-out value
• For DS operation only: Enables or disables console port authentication
• For DS operation only: Specifies a preemption level to be used for console port sessions when
authentication is disabled on that port
At least one parameter must be specified.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
SERVER CLI [TYPE=<type>] [CHAR=^<char>] [CONNECT=ON|OFF]
[HISTORY=HOLD|AUTO,CLEAR|KEEP] [MODEMINIT=“<string>”]
[TIMEOUT=<time-out>] [AUTH=ENABLE|DISABLE] [PREEMPT=1|2|3|4]
Table 5.22: Server CLI Command Parameters
Parameter Description
Terminal type to be used on the console port. The entire name of the type must
TYPE=<type>
CHAR=^<char>
CONNECT=ON|OFF
be specified; abbreviations are not permitted. Valid types are: ASCII, VT52,
VT100, VT102, VT220 and VT320.
Default: ASCII
CLI access character in the range A through _ (underscore). (The allowable
ASCII range is 0x41-0x5F and 0x61-0x7A.) The CLI access character, when
pressed simultaneously with the
serial device, will suspend the session with the device and place you in CLI
command mode. This value will be used if a port’s Port Set command (or a
virtual port’s Port Add command) contains a Char=None parameter.
Default = ^D
Enables or disables the ability to use the Connect command from the console
port. When enabled, a console port user may use the Connect command to
establish a connection to the serial device attached to another CCM appliance
serial port. When disabled, you cannot use the Connect command from the
console
Default = ON
port.
Ctrl key during a session with an attached
avocent.book Page 83 Tuesday, March 14, 2006 12:33 PM
Table 5.22: Server CLI Command Parameters (Continued)
Parameter Description
HISTORY=HOLD|AUTO
,CLEAR|KEEP
MODEMINIT=“<string>”
Chapter 5: CCM Appliance Commands 83
Port history file processing options during connection (Hold or Auto) and when a
session ends (Clear or Keep):
Hold Upon connection you are informed of how much data is in the history
buffer, but the data is not displayed.
Auto Upon connection you are informed of how much data is in the history
buffer, and it is then displayed.
Clear The history buffer’s content is cleared when a session ends.
Keep The history buffer’s content is retained when a session ends.
You cannot specify both Clear and Keep or both Hold and Auto.
Default = HOLD,CLEAR
Modem initialization string, enclosed in quotation marks. Must contain at least
ATV1 and S0=1.
Default = “” (no modem is attached to the console port)
TIMEOUT=<time-out>
AUTH=ENABLE|
DISABLE
PREEMPT=1|2|3|4
Server Flash command
The Server Flash command updates the CCM appliance program images in Flash memory. You
may wish to use this command to update the program with new features or to install a later release
of the program.
NOTE: This command may be used to update the CCM appliance with an application image that supports AV
operation. If you wish to update the appliance with a DS operation application image, you must do so from within
the DSView 3 software. See
more information.
Number of idle minutes, in the range 1-90, the CCM appliance will wait before
dropping a connection to a port. A zero value indicates no time-out. This value is
used for any CCM appliance port that has a zero time-out value or no time-out
value in its Port Set command (or Port Add command for a virtual
To completely disable port time-outs, the time-out values in the Port Add/Set and
Server CLI commands must both be zero.
Default = 15 minutes
For DS operation only: Enables or disables authentication of console port
sessions. When enabled, console port sessions are authenticated against the
local user database. When disabled, console port sessions are not
authenticated, the user is assigned the APPLIANCEADMIN access level and the
preemption level specified with the Preempt parameter will be used.
Default = ENABLE
For DS operation only: Preemption level for console port session users when
authentication is disabled for the console port (Auth=disable).
Default = 4
Configuring the Appliance for AV Operation or DS Operation on page 12 for
port).
There are two program images that you may update in the CCM appliance Flash. The boot image
file (ccm50bt.img) contains the CCM appliance startup and self-test logic. The application image
(ccm50app.img) contains the program that provides CCM appliance functionality.
avocent.book Page 84 Tuesday, March 14, 2006 12:33 PM
84 CCM Installer/User Guide
You will need a TFTP server. Download the latest Flash image from the Avocent web site
(www.avocent.com), and save the image file to the appropriate directory on the TFTP server.
NOTE: Powering down a system in the middle of a boot Flash update may render the unit inoperable. To update
the bootstrap, it is recommended that the unit be placed on a UPS under controlled conditions to avoid
interruption of the boot Flash update process.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
SERVER FLASH BOOT|APP HOSTIP=<tftp_add> IMAGE=<host_file>
Table 5.23: Server Flash Command Parameters
Parameter Description
BOOT|APP
HOSTIP=<tftp_add> IP address of TFTP server host.
IMAGE=<host_file> Name of file on TFTP server host containing the image file.
Example
The following command updates the boot image program using the image filename
c:\winnt\system32\drivers\ccm50bt.img, which is located on the TFTP server host located
192.168.1.16.
at
>ser fla app hos=192.168.1.16 ima=c:\winnt\system32\drivers\ccm50bt.img
Server Init command
The Server Init command reinitializes the CCM appliance configuration database, that is, restores it
to default values. You may choose to retain only the network address information. When you enter
this command, you are prompted to confirm or cancel the reinitialization.
You may also reinitialize the CCM appliance in hardware. See Reinitializing on page 11 for
more information.
Access right: SCON
Access level: APPLIANCEADMIN
Syntax
SERVER INIT CONFIG|ALL
Indicates either the boot image should be updated or the application image should
be updated.
Table 5.24: Server Init Command Parameter
Parameter Description
CONFIG Reinitializes the appliance but retains the IP address, subnet mask and gateway.
ALL Reinitializes the appliance, including the network address information.
Loading...