Avocent CCM4850 User Manual

CCM4850
Installer/User Guide
INSTRUCTIONS
This symbol is intended to alert the user to the presence of important operating and maintenance (servicing) instructions in the literature accompanying the appliance.
DANGEROUS VOLTAGE
This symbol is intended to alert the user to the presence of uninsulated dan­gerous voltage within the product’s enclosure that may be of sufficient magni­tude to constitute a risk of electric shock to persons.
POWER ON
This symbol indicates the principal on/off switch is in the on position.
POWER OFF
This symbol indicates the principal on/off switch is in the off position.
PROTECTIVE GROUNDING TERMINAL
This symbol indicates a terminal which must be connected to earth ground prior to making any other connections to the equipment.

CCM4850

Installer/User Guide
Avocent, AVWorks and Equinox are registered trademarks of Avocent Corporation or its affiliates. All other marks are the property of their respective owners.
© 2004 Avocent Corporation. All rights reserved.
USA Notification
WARNING: Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user’s authority to operate the equipment.
NOTE: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense.
Canadian Notification
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the Radio Interference Regulations of the Canadian Department of Communications.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux appareils numériques de la classe A prescrites dans le Règlement sur le brouillage radioélectrique édicté par le Ministère des Communications du Canada.
Japanese Approvals
European Union
WARNING: This is a Class A product. In a domestic environment, this product may cause radio interference in which case the user may be required to take adequate measures.
Taiwanese Notification
.

TABLE OF CONTENTS

Table of Contents
List of Figures ................................................................................................................ vii
List of Tables ................................................................................................................... ix
Chapter 1: Product Overview.......................................................................................... 1
Features and Benefits ........................................................................................................................1
Safety Precautions .............................................................................................................................2
Rack mount safety considerations ..............................................................................................2
Using AVWorks Software...................................................................................................................3
Chapter 2: Installation and Configuration ..................................................................... 5
Hardware Overview........................................................................................................................... 5
Installing the CCM Appliance ...........................................................................................................6
Configuring the CCM Appliance ....................................................................................................... 7
Configuring the network address settings .................................................................................. 7
Initial CCM appliance login....................................................................................................... 9
Reinitializing the CCM Appliance .....................................................................................................9
iii
Chapter 3: Operations ................................................................................................... 11
Overview .......................................................................................................................................... 11
Configuring Serial Port Settings......................................................................................................11
Connecting to Serial Devices...........................................................................................................12
Connecting to devices using Telnet ..........................................................................................12
Connecting to devices from the console port............................................................................13
Configuring and using dial-in connections ..............................................................................14
Connecting to devices using PPP.............................................................................................15
Connecting to devices using SSH .............................................................................................15
Enabling plain text Telnet and SSH connections......................................................................18
CLI mode..........................................................................................................................................19
Ending Device Sessions ...................................................................................................................19
Session time-out........................................................................................................................ 20
Preemption................................................................................................................................20
Managing User Accounts.................................................................................................................20
Access rights and levels............................................................................................................21
iv CCM4850 Installer/User Guide
Using Authentication Methods......................................................................................................... 23
Authentication summary ...........................................................................................................24
Using security lock-out.............................................................................................................25
Managing the Port History Buffer ...................................................................................................26
Using port history mode commands .........................................................................................26
Managing the CCM Appliance Using SNMP ..................................................................................28
Chapter 4: Using CCM Appliance Commands ............................................................ 33
Accessing the CLI ............................................................................................................................ 33
Entering Commands ........................................................................................................................33
When commands take effect......................................................................................................34
Understanding Conventions ............................................................................................................ 34
Command syntax....................................................................................................................... 34
Syntax conventions....................................................................................................................36
Command Summary.........................................................................................................................36
Chapter 5: CCM Appliance Commands ....................................................................... 41
Connect Command...........................................................................................................................41
Disconnect Command ......................................................................................................................41
Help Command ................................................................................................................................42
Port Commands ...............................................................................................................................42
Port Alert Add command ..........................................................................................................43
Port Alert Copy command ........................................................................................................ 43
Port Alert Delete command ......................................................................................................44
Port Break command ................................................................................................................44
Port History command.............................................................................................................. 44
Port Logout command ..............................................................................................................45
Port Set command..................................................................................................................... 45
Quit Command.................................................................................................................................48
Resume Command............................................................................................................................48
Server Commands ............................................................................................................................ 48
Server CLI command ................................................................................................................49
Server FLASH command ..........................................................................................................50
Server PPP command...............................................................................................................51
Server RADIUS command ........................................................................................................52
Table of Contents v
Server Reboot command ...........................................................................................................53
Server Security command .........................................................................................................53
Server Set command .................................................................................................................54
Server SNMP command............................................................................................................ 55
Server SNMP Community command ........................................................................................ 55
Server SNMP Manager command ............................................................................................56
Server SNMP Trap command ...................................................................................................56
Server SNMP Trap Destination command ...............................................................................57
Server SSH command ...............................................................................................................57
Show Commands..............................................................................................................................58
Show Port command................................................................................................................. 59
Show Port Alert command ........................................................................................................60
Show Server command..............................................................................................................60
Show Server CLI command ......................................................................................................61
Show Server PPP command .....................................................................................................62
Show Server RADIUS command...............................................................................................62
Show Server Security command................................................................................................62
Show Server SNMP command ..................................................................................................63
Show User command ................................................................................................................ 63
SPC Command.................................................................................................................................64
User Commands............................................................................................................................... 65
User Add command...................................................................................................................65
User Delete command...............................................................................................................66
User Logout command..............................................................................................................67
User Set command ....................................................................................................................67
User Unlock command .............................................................................................................68
Appendices..................................................................................................................... 71
Appendix A: Technical Specifications .............................................................................................71
Appendix B: Device Cabling............................................................................................................73
Appendix C: Supported Traps..........................................................................................................78
Appendix D: Ports Used ..................................................................................................................80
Appendix E: Technical Support .......................................................................................................81
Index................................................................................................................................ 83
vi CCM4850 Installer/User Guide

LIST OF FIGURES

List of Figures
Figure 2.1: CCM4850 Appliance Front Panel .................................................................................. 5
Figure 2.2: CCM4850 Appliance Back Panel ................................................................................... 6
Figure B.1: CAT 5 and CAT 6 Cable Adaptor Pin Assignments.....................................................74
Figure B.2: Reversing Cable Adaptor Pin Assignments..................................................................76
Figure B.3: 8-wire RJ-45 Reversing Cable .....................................................................................77
vii
viii CCM4850 Installer/User Guide

LIST OF TABLES

List of Tables
Table 2.1: LAN LED Values .............................................................................................................. 5
Table 3.1: Default Port Settings .....................................................................................................11
Table 3.2: SSH Authentication Methods..........................................................................................16
Table 3.3: Access Rights .................................................................................................................. 22
Table 3.4: Authentication Method Summary ................................................................................... 24
Table 3.5: Port History Mode Commands.......................................................................................26
Table 4.1: Line Editing Operations for VT100 Compatible Devices .............................................. 33
Table 4.2: Line Editing Operations for ASCII TTY Devices ........................................................... 34
Table 4.3: Command Syntax Types in Example Command ............................................................. 34
Table 4.4: CCM Appliance Command Summary.............................................................................36
Table 5.1: Connect Command Parameter .......................................................................................41
Table 5.2: Help Command Parameter............................................................................................. 42
ix
Table 5.3: Port Command Summary ...............................................................................................42
Table 5.4: Port Alert Add Command Parameters ...........................................................................43
Table 5.5: Port Alert Copy Command Parameters .........................................................................43
Table 5.6: Port Alert Delete Command Parameter .........................................................................44
Table 5.7: Port Logout Command Parameter ................................................................................. 45
Table 5.8: Port Set Command Parameters......................................................................................46
Table 5.9: Server Command Summary............................................................................................48
Table 5.10: Server CLI Command Parameters ...............................................................................49
Table 5.11: Server FLASH Command Parameters .........................................................................51
Table 5.12: Server PPP Command Parameters ..............................................................................51
Table 5.13: Server RADIUS Command Parameters ....................................................................... 52
Table 5.14: Server Security Command Parameters ........................................................................54
Table 5.15: Server Set Command Parameters................................................................................. 54
Table 5.16: Server SNMP Command Parameter............................................................................. 55
x CCM4850 Installer/User Guide
Table 5.17: Server SNMP Community Command Parameters........................................................55
Table 5.18: Server SNMP Manager Command Parameters ...........................................................56
Table 5.19: Server SNMP Trap Command Parameter.................................................................... 57
Table 5.20: Server SNMP Trap Destination Command Parameters...............................................57
Table 5.21: Server SSH Command Parameters............................................................................... 58
Table 5.22: Show Command Summary............................................................................................58
Table 5.23: Show Port Command Parameter..................................................................................59
Table 5.24: Show Port Command Display Fields ...........................................................................59
Table 5.25: Show Port Alert Command Parameter.........................................................................60
Table 5.26: Show Server Command Display Fields ........................................................................61
Table 5.27: Show Server CLI Command Display Fields................................................................. 61
Table 5.28: Show Server Security Command Display Fields .......................................................... 63
Table 5.29: Show User Command Parameter .................................................................................63
Table 5.30: Show User Command Display Fields...........................................................................64
Table 5.31: Show User All Command Display Fields .....................................................................64
Table 5.32: User Command Summary............................................................................................. 65
Table 5.33: User Add Command .....................................................................................................65
Table 5.34: User Delete Command Parameter ............................................................................... 66
Table 5.35: User Logout Command Parameter ..............................................................................67
Table 5.36: User Set Command Parameters ................................................................................... 67
Table 5.37: User Logout Command Parameter ..............................................................................69
Table A.1: CCM4850 Appliance Technical Specifications .............................................................71
Table B.1: Port Pin Assignments.....................................................................................................73
Table B.2: Adaptors for Use with CAT 5 and CAT 6 Cable............................................................ 73
Table B.3: Reversing Adaptors and Cables ....................................................................................75
Table C.1: CCM4850 Appliance Enterprise Traps .........................................................................78
Table D.1: Ports Used by CCM Appliance......................................................................................80
CHAPTER

Product Overview

1

Features and Benefits

Overview
The CCM console management appliance provides non-blocked access and control for serial devices such as serial-managed Linux (or other UNIX) servers, routers, power management devices and firewalls. You may connect up to 48 serial devices to a CCM4850 appliance.
A single 10/100/1000 Ethernet port provides network connectivity on each CCM4850 appliance. The unit also has a console port that uses a Command Line Interface (CLI) for configuration, management and optionally, connection to other ports.
A CCM4850 appliance may be mounted in 1U of vertical space in a standard 19 inch rack.
1
Serial device access options
You may choose from among several available Telnet options to access the CCM appliance and its attached serial devices:
The AVWorks client and a Secure Shell (SSH) client
Third party Telnet clients
Third party SSH clients
Access to attached serial devices is also possible through the appliance serial CLI, plus PPP (Point to Point Protocol) and other types of dial-in connections to a modem on the console port.
User authentication and data security
The CCM user database supports up to 64 user accounts, which include usernames, passwords and/ or keys, plus specifications of access rights to CCM appliance ports and commands. User definitions may be changed at any time. You may choose to have user access authenticated locally at the CCM user database or at one or more RADIUS (Remote Access Dial-In User Service) servers. Data security may be enhanced using industry-standard SSH encryption.
®
cross-platform management application that offers a built-in enhanced Telnet
2 CCM4850 Installer/User Guide
Extensive command set
The CCM appliance offers a wide range of commands that allow administrators to easily configure, control and display information about the CCM appliance operating environment, including its ports, user accounts and active sessions. The serial CLI is always available on the unit’s console port, and may be easily accessed during a session with an attached serial device.
The user interface also offers descriptive error message data and built-in command help information. On-board Trivial File Transfer Protocol (TFTP) support allows administrators to upload new functionality to CCM appliances in the field.
Port history
Each CCM port has a buffer that holds the most recent 64K bytes of online and offline serial data. A separate history command mode lets you navigate within a port’s current history file and conduct tailored searches.

Safety Precautions

To avoid potential device problems, if the building has 3-phase AC power, ensure that a computer and its monitor (if used) are on the same phase. For best results, they should be on the same circuit.
To avoid potentially fatal shock hazard and possible damage to equipment, please observe the following precautions:
Do not use a 2-wire extension cord in any Equinox product configuration.
Test AC outlets at the computer and monitor (if used) for proper polarity and grounding.
Use only with grounded outlets at both the computer and monitor. When using a backup Unin­terruptible Power Supply (UPS), power the computer, the monitor and the CCM appliance off the supply.

Rack mount safety considerations

Elevated Ambient Temperature: If installed in a closed rack assembly, the operation tempera­ture of the rack environment may be greater than room ambient. Use care not to exceed the rated maximum ambient temperature of the unit.
Reduced Airflow: Installation of the equipment in a rack should be such that the amount of air­flow required for safe operation of the equipment is not compromised.
Mechanical Loading: Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading.
Circuit Overloading: Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of circuits might have on overcurrent protection and supply wiring. Consider equipment nameplate ratings for maximum current.
Reliable Earthing: Reliable earthing of rack mounted equipment should be maintained. Pay particular attention to supply connections other than direct connections to the branch circuit (for example, use of power strips).

Using AVWorks Software

The AVWorks cross-platform management application may be used to manage CCM4850 appliances and access attached devices. Using AVWorks software, you may perform most of the operations that are described in this manual. This manual describes how to manage a CCM4850 appliance by entering commands using the CLI. The AVWorks Installer/User Guide describes how to manage a CCM4850 appliance using the graphic interface.
Chapter 1: Product Overview 3
4 CCM4850 Installer/User Guide
CHAPTER

Installation and Configuration

2

Hardware Overview

Figure 2.1 shows the front panel of a CCM4850 appliance.
Figure 2.1: CCM4850 Appliance Front Panel
5
The front panel contains the 48 serial port connectors. The lower left area of the front panel contains the following LEDs, buttons and connectors:
The ONLINE LED illuminates steadily (not blinking) when the CCM self-test and initializa­tion procedures complete successfully.
The POWER LED illuminates when the CCM appliance is connected to a power source and the power switch is on (|).
The RESET button reboots the CCM appliance when pressed.
The INIT button restores the CCM factory defaults when pressed and held. See Reinitializing the CCM Appliance on page 9.
A console device may be connected to the RJ-45 CONSOLE PORT.
A 10BaseT, 100BaseT or 1000BaseT interface cable may be connected to the LAN PORT.
Two LEDs adjacent to the LAN PORT (SPEED and LINK/TRAFFIC) indicate the link speed and whether there is traffic on the link. Table 2.1 describes the possible values.
Table 2.1: LAN LED Values
SPEED LED LINK/TRAFFIC LED Description
Off Off No link
Off On Link at 10 Mbps
6 CCM4850 Installer/User Guide
Table 2.1: LAN LED Values (Continued)
SPEED LED LINK/TRAFFIC LED Description
Green On Link at 100 Mbps
Orange On Link at 1000 Mbps
Off Flashing Traffic at 10 Mbps
Green Flashing Traffic at 100 Mbps
Orange Flashing Traffic at 1000 Mbps
Figure 2.2 shows the back panel of a CCM4850 appliance.
Figure 2.2: CCM4850 Appliance Back Panel
The back panel contains:
The AC line cord connector.
On/off switch (
O = off, | = on).
Outflow openings for the two internal fans.
A DB-9 DEBUG PORT connector. This port should be used only on the advice and with the guidance of Equinox Technical Support.

Installing the CCM Appliance

WARNING: This unit is not user serviceable. To avoid electrical shock, do not attempt to open the unit or operate
with the cover off. Do not attempt to make any repairs. See Appendix E on page 81 for information.
WARNING: The power outlet should be near the equipment and easily accessible.
To install the CCM appliance hardware:
1. Place the unit where you can connect cables between the serial devices and the CCM serial ports, and where you can connect a LAN interface cable between the Ethernet hub or switch and the CCM LAN PORT connector.
2. Connect serial devices to the CCM serial ports; see Device Cabling on page 73 for cable infor­mation. Connect each serial device to its appropriate power source, following the device’s documentation.
3. Attach a 10BaseT, 100BaseT or 1000BaseT LAN interface cable to the LAN PORT connector on the back of the CCM appliance. A CAT 5 cable is required for 100BaseT operation. A CAT 6 cable is required for 1000BaseT operation.
4. Insert the power cord into the back of the unit. Insert the other end of the power cord into a grounded electrical receptacle. Toggle the power switch on the back of the unit to the on position ( | ).
5. Check that the POWER LED on the front of the unit is illuminated. If not, check the power cable to ensure that it is inserted snugly into the back of the unit. The ONLINE LED will illu­minate within two to three minutes to indicate that the self-test is complete. If the ONLINE LED blinks, contact Equinox Technical Support for assistance.
6. Check that the LAN port LEDs indicate that a 10, 100 or 1000 Mbps link exists. If not, check the Ethernet cable to ensure that both ends are correctly inserted into their jacks. If the unit is connected to a 100 MB Ethernet hub, the 100MBps LED will also be illuminated.
7. Once the POWER and ONLINE LEDs and a valid LAN LED link sequence are illuminated, proceed with the configuration process (if you will be using BootP, remove power from the CCM appliance).

Configuring the CCM Appliance

To configure the CCM appliance, you must specify a unique IP address, plus other network address information. This information will be stored in the CCM configuration database. During initial login, you will specify a password for the Admin user.
Chapter 2: Installation and Configuration 7

Configuring the network address settings

You may configure the CCM appliance network address settings using AVWorks software, BootP or the serial CLI on the console port.
To configure the network address settings using AVWorks software:
Using the AVWorks New Appliance Wizard is the easiest method to configure the CCM appliance network address settings. See the AVWorks Installer/User Guide for instructions. After the network address settings are configured, see Initial CCM appliance login on page 9.
To configure the network address settings using BootP:
1. Ensure that there is a BootP server on your network that is configured to correctly respond to a BootP request from the CCM appliance. BootP servers require the Ethernet MAC address of network devices. The Ethernet MAC address is located on the back of the unit. See your BootP server’s system administrator guide for information about configuring the BootP server.
2. After you have configured your network’s BootP server with the CCM appliance Ethernet MAC address, IP address, subnet mask and gateway, restore power to the CCM appliance and wait for the ONLINE LED to illuminate. Once this occurs, the CCM appliance has completed the BootP protocol, obtained its network address information and stored these in FLASH.
8 CCM4850 Installer/User Guide
3. You may verify that the BootP process was successful with a ping command, which tests net­work connectivity. The ping command is entered as:
ping <ip_address>
For example, the following command tests the network connectivity of a CCM appliance with the IP address 192.168.0.5.
ping 192.168.0.5
4. If the CCM appliance completes the BootP successfully, you will see a display similar to the following.
Pinging 192.168.0.5 with 32 bytes of data: Reply from 192.168.0.5: bytes=32 time<10ms TTL=128 Reply from 192.168.0.5: bytes=32 time<10ms TTL=128 Reply from 192.168.0.5: bytes=32 time<10ms TTL=128 Reply from 192.168.0.5: bytes=32 time<10ms TTL=128
If the CCM appliance did not successfully obtain its IP address with the BootP protocol, you will see a display similar to the following.
Pinging 192.168.0.5 with 32 bytes of data Request timed out. Request timed out. Request timed out. Request timed out.
In this case, check the address information provided to the BootP server to confirm they are correct. Verify that the Ethernet LAN adaptor cable is correctly installed on the CCM appliance and the Ethernet hub.
After the network address settings are configured successfully, launch a Telnet session to the assigned IP address. Then, see Initial CCM appliance login on page 9.
To configure the CCM appliance using the serial CLI:
1. Attach a compatible device to the console port. The compatible device types are: ASCII, VT52, VT100, VT102, VT220 and VT320.
For cable and adaptor information, see Device Cabling on page 73. You may use any terminal emulation program that is available on your system.
2. Configure your terminal or terminal emulation program as follows.
Baud rate 9600 Bits per character 8 Stop bits 1 Flow control None
3. Press the
Return or Enter key until a prompt appears, requesting your username. If you do not
receive a prompt after pressing the key five times, check your cable and serial settings to be sure that they are correct.
4. Proceed to Initial CCM appliance login on page 9.

Initial CCM appliance login

The CCM appliance ships with a single user defined in its user database. The first time you connect to the CCM appliance, you are prompted for a username.
To log in to the CCM appliance for the first time:
Chapter 2: Installation and Configuration 9
1. At the Username prompt, type user. At the Password prompt, press
Username: Admin Password: Authentication Complete CCM configuration is required.
Admin. There is no factory default password for the Admin
Return.
2. Once authentication completes, the CCM appliance prompts for any missing configuration val­ues that are required for operation.
If you already provided the IP address, subnet mask and gateway, you will not be prompted for those values again.
If you have not already provided the network information, you will be prompted for them. Enter the addresses using standard dot notation.
CCM configuration is required Enter CCM IP address > 192.168.0.5 Enter CCM Subnet mask > 255.255.255.0 Enter CCM Gateway address > 0.0.0.0
3. You are prompted for a new Admin password. Passwords are case sensitive and must contain 3-16 alphanumeric characters. You must enter the new password twice to confirm that you entered it correctly.
Enter CCM New Admin Password > ***** Confirm New Admin Password > *****
After you have provided the required configuration information, a confirmation message appears while the CCM appliance stores the values in its configuration database.
You have now completed the initial login, and you may enter additional commands at the CLI prompt (>). To configure other CCM appliance ports, see Configuring Serial Port Settings on page 11.

Reinitializing the CCM Appliance

Reinitializing the CCM appliance removes configured information. This may be useful when reinstalling the unit at another location in your network.
The CCM appliance stores configuration information in FLASH databases. During reinitialization, the FLASH erase has two phases. The first phase erases the configuration database, which contains all nonvolatile data except the IP address. The second phase erases the IP address and restores the CCM appliance to its factory default settings.
10 CCM4850 Installer/User Guide
To reinitialize the CCM appliance:
1. Locate the recessed INIT button on the front of the CCM appliance. An opened paper clip may be used to depress the button.
2. Insert the end of the opened paper clip in the recess, then depress and hold the button. The ONLINE LED will blink, indicating an initialization has been requested. You have approxi­mately seven seconds to release the button before any action is taken.
After seven seconds, the ONLINE LED will blink more rapidly to confirm that the CCM configuration database has been erased. Continuing to hold the INIT button for a few more seconds will erase the IP address as well. The ONLINE LED will blink faster to confirm the deletion.
If any portion of FLASH is erased, the CCM appliance reboots when the INIT button is released.
You may also use the Server FLASH command to update the CCM FLASH application or boot program. For more information, see Server FLASH command on page 50.
CHAPTER

Operations

3

Overview

The CCM console management appliance and its ports are easily configured and managed to meet your requirements for device connection, user authentication, access control, power status monitoring, port history information display and Simple Network Management Protocol (SNMP) compliance for use with third party network management products.

Configuring Serial Port Settings

By default, ports are configured with the settings listed in Table 3.1.
11
Table 3.1: Default Port Settings
Parameter Value
Target device Console
Name xx-xx-xx Pn (last 3 octets of MAC address plus the port number)
Baud rate 9600
Bits per character 8
Parity None
Stop bits 1
Flow control None
Time-out 15 minutes
CLI access character Use Server CLI setting (^D)
Power None
Most of these settings are standard serial port operating characteristics.
The CLI access character parameter specifies how you access the CLI. For more information, see CLI mode on page 19.
12 CCM4850 Installer/User Guide
The Power parameter instructs the CCM appliance to monitor the state of a specified control signal. Signal transitions may be configured to trigger SNMP traps. The parameter value indicates an inbound control signal (CTS, DCD or DSR) and the state of that signal (low or high). When the defined signal is true, the CCM appliance interprets it as a power on condition for the attached device; when the signal is false, a power off condition for the device is assumed. The signal specified for flow control may not be used for power control, and vice versa.
To configure serial port settings:
Issue a Port Set command. You may specify settings for one or all ports.
PORT [<port>|ALL] SET [NAME=<name>] [BAUD=<baud>] [SIZE=<size>] [PARITY=<parity>] [STOP=<stop_bits>] [FLOW=<flow_ctrl>] [TIMEOUT=<time-out>] [SOCKET=<socket>] [CHAR=^<cli_char>] [TOGGLE=NONE|DTR] [POWER=<signal>]
For more information and descriptions of all valid parameters, see Port Set command on page 45.
To display serial port settings:
Issue a Show Port command.
SHOW PORT [<port>|ALL|NAMES]
The display includes configuration information, current power status (if power status monitoring has been enabled), plus transmit, receive and error counts. When you request information about a single port and a user is currently accessing that port, the display also includes the username, access rights and other information about the current session.
When you request information about port names, the display includes the port numbers and names. If a port’s name has not been changed with a Port Set command, the logical name is displayed.
For more information, see Show Port command on page 59.

Connecting to Serial Devices

The CCM appliance offers several methods for connecting to attached serial devices: Telnet, serial CLI, PPP and SSH.

Connecting to devices using Telnet

Each CCM serial port is directly addressable through a unique TCP port that provides a connection to the attached serial device.
Plain text (non-encrypted) Telnet connections are enabled by default. For information about enabling both plain text Telnet and SSH connections, Enabling plain text Telnet and SSH connections on page 18 and Server Security command on page 53.
You may access the CCM appliance and its ports using Equinox-provided or third party Telnet client applications. Third party Telnet applications may be used in combination with AVWorks software or standalone.
Chapter 3: Operations 13
AVWorks software Telnet client
Each CCM appliance is shipped with the AVWorks cross-platform management application. AVWorks software provides a convenient way to select a CCM appliance or an attached device and launch a Telnet session to manage it.
AVWorks software includes a built-in Serial Console Viewer Telnet application that offers several features not found in other Telnet clients. For maximum flexibility, AVWorks software allows you to associate a unique Telnet client with each CCM port. AVWorks software also provides built-in support for SSH2.
You may specify the built-in Telnet client or a third party Telnet client. For more information, see the AVWorks Installer/User Guide.
Standalone third party Telnet clients
You may use third party Telnet clients to access the CCM appliance directly without AVWorks software.
To connect to a device using Telnet:
Type
telnet, followed by the CCM IP address and the appropriate TCP port, which by default is
3000 plus the physical port number, in decimal format. (The TCP port number may be changed for any CCM port.)
For example, the following Telnet command connects to the serial device attached to physical port 24 of the CCM appliance.
telnet 192.168.0.5 3024
If an authentication method other than None has been configured for the CCM appliance, you will be prompted for a username and password. Once authentication completes, your connection is confirmed. When you successfully connect to the serial device, you will see a display similar to the following.
Username: Myname Password: ****** Authentication Complete Connected to Port: 7 9600,8,N,1,XON/XOFF
If the authentication method is configured as None, you may Telnet and connect to a serial device without entering credentials; however, credentials are always required when connecting to the CCM CLI.
NOTE: When using AVWorks software, the configuration of the credential caching feature may affect whether you are prompted for a username and password. See the AVWorks Installer/User Guide for more information.
Data entered at the Telnet client is written to the attached serial device. Any data received by the CCM appliance from the serial device is output to your Telnet client.

Connecting to devices from the console port

You may connect to one serial device at a time from the console port, using a local terminal or a local PC using a terminal emulation program. If you connect an external modem to the console
14 CCM4850 Installer/User Guide
port, you may also access devices through a remote terminal or PC that can dial into the external modem. For information about modem connections, see Configuring and using dial-in connections on page 14 and Server CLI command on page 49.
To connect to a device from the console port:
1. Issue a Server CLI command, using the Connect parameter to enable the use of the Connect command from the console port.
SERVER CLI CONNECT=ON
2. Issue a Connect command to the desired port.
CONNECT <port>
3. To end a device session that was initiated with a Connect command, issue a Disconnect command.
DISCONNECT
For more information, see Server CLI command on page 49, Connect Command on page 41 and Disconnect Command on page 41.

Configuring and using dial-in connections

You may attach an external modem to the console port for dial-in serial CLI access to the CCM appliance. This may be used as a backup connection if the unit is not accessible from the network. It may also be used as a primary connection at remote sites that do not have Ethernet network capability. The modem must be Hayes compatible.
To specify a modem initialization string:
1. Issue a Server CLI command, using the Modeminit parameter to specify the modem initializa­tion string.
SERVER CLI MODEMINIT=“<string>”
The string must be enclosed in quotes and must include at least the command settings ATV1 and SO=1, which cause the modem to issue verbose response strings and autoanswer the phone on the first ring. For more information, see Server CLI command on page 49.
The modem initialization string is sent to the cabled modem when any of the following conditions occur:
CCM appliance initialization
Detection of a transition of DSR from low to high
Completion of a call when DCD changes from high to low
2. Upon successful modem connection, press the
Enter key until the login prompt appears.
To display modem configuration information:
Issue a Show Server CLI command.
SHOW SERVER CLI
For more information, see Show Server CLI command on page 61.

Connecting to devices using PPP

The CCM appliance supports remote PPP access using an autoanswer modem that answers calls and establishes the PPP protocol with a dial-in client. You may establish Telnet or SSH connections over PPP.
PPP dial-in may be used to access a remote CCM appliance that does not warrant a WAN (Wide Area Network) link to the Ethernet interface. The PPP dial-in may also be used to access a subnet containing remote devices in the event of a WAN link failure. In this case, the PPP provides an alternate path to one or more remote devices.
To use PPP, you must configure a modem in autoanswer mode on the console port; see Configuring and using dial-in connections on page 14. Once the PPP connection is established, you must launch an application that connects to the CCM appliance or to one of its ports. The PPP connection is only a communications interface to the CCM appliance.
The CCM appliance implements a PPP server that uses CHAP (Challenge Authentication Protocol). Passwords are not accepted in the clear on PPP connections.
To enable or disable a PPP server on the console port:
1. To enable a PPP server on the console port, issue a Server PPP command with the Enable parameter.
SERVER PPP ENABLE LOCALIP=<local_ip> REMOTEIP=<rem_ip> [MASK=<subnet>]
You must specify local and remote IP addresses to be used for the CCM appliance and client ends of the PPP connection respectively. You are prompted to confirm or cancel the changes. Enter
Y to confirm or N to cancel.
2. To disable a PPP server, issue a Server PPP command with the Disable parameter.
SERVER PPP DISABLE
For more information, see Server PPP command on page 51.
Chapter 3: Operations 15
To display PPP configuration information:
Issue a Show Server PPP command.
SHOW SERVER PPP
For more information, see Show Server PPP command on page 62.

Connecting to devices using SSH

The CCM console management appliance supports version 2 of the SSH protocol (SSH2). The CCM SSH server operates on the standard SSH port 22. The shell for this connection provides a CLI prompt as if you had established a Telnet connection on port 23. The shell request for this connection is for CLI access.
Additional CCM SSH servers operate on TCP ports that are numbered with values 100 greater than the standard 30xx Telnet ports for the CCM appliance. For example, if port 7 is configured for Telnet access on port 3007, then port 3107 will be a direct SSH connection for port 7. When SSH is enabled, Telnet port 23 connections will be accepted from other clients if the Server Security
16 CCM4850 Installer/User Guide
command includes the Encrypt=SSH,None parameter, which indicates that both SSH and plain text connections will be allowed. Connecting to Telnet port 23 may also be tunneled through a connection to SSH port 22.
SSH server keys
When SSH is enabled for the first time, all sessions are terminated and the CCM appliance generates an SSH server key. The key generation process may take up to three minutes. The key is computed at random and is stored in the CCM configuration database.
In most cases, the SSH server key should not be modified because most SSH clients will associate the key with the IP address of the CCM appliance. During the first connection to a new SSH server, the client will display the SSH server’s key. You will be prompted to indicate if it should be stored on the SSH client. After the first connection, most SSH clients will validate the key when connecting to the CCM appliance. This provides an extra layer of security because the SSH client can verify the key sent by the server each time it connects.
When you disable SSH and later reenable it, you may either use the existing server key or compute a new one. If you are reenabling the same server at the same IP address, it is recommended that you use the existing key, as SSH clients may be using it for verification. If you are moving the CCM appliance to another location and changing the IP address, you may wish to generate a new SSH server key.
Authenticating an SSH user
SSH is enabled and disabled with the Server SSH command. When you enable SSH, you may specify the authentication method(s) that will be used for SSH connections. The method may be a password, an SSH key or both. A user’s password and SSH key are specified with a User Add or User Set command. All SSH keys must be RSA keys. DSA keys are not supported.
Table 3.2 lists and describes the valid SSH authentication methods that may be specified with a Server SSH command.
Table 3.2: SSH Authentication Methods
Method Description
SSH connections will be authenticated with a username/password. With this method,
PW (default)
KEY
a user’s definition must include a valid password in order for that user to authenticate an SSH session.
SSH connections will be authenticated with an SSH key. With this method, a user’s definition must include valid SSH key information in order for that user to authenticate an SSH session. Key authentication is always local; RADIUS is not supported. For more information, see SSH user keys on page 17.
Chapter 3: Operations 17
Table 3.2: SSH Authentication Methods (Continued)
Method Description
SSH connections will be authenticated with either a username/password or an SSH key. If a user has only a password defined, that user must authenticate an SSH session with a username/password. If a user has only an SSH key defined, that user must authenticate an SSH session using the key. If a user has both a password and
PW|KEY or KEY|PW
PW&KEY or KEY&PW
an SSH key defined, that user may use either a username/password or the SSH key to authenticate an SSH session. This method allows the administrator to define how each user will authenticate an SSH session based on information provided in the User Add/Set command. PW authentication will be local or RADIUS as specified in the Auth parameter of the Server Security command. Key authentication is always local.
SSH connections will be authenticated using both a username/password and an SSH key. With this method, a user’s definition must include a password and SSH key information for that user to authenticate an SSH session. PW authentication will be local or RADIUS as specified in the Auth parameter of the Server Security command. Key authentication is always local.
A user’s access rights are determined from the authentication method used. SSH key authentication always uses the access rights from the local user database. Depending on the server authentication mode specified with the Server Security command, SSH password authentication will use either the access rights from the local user database or the values returned by the RADIUS server.
With either of the “or” methods (PW|KEY and KEY|PW), the user access rights are determined from the method used to authenticate the user.
With either of the “and” methods (PW&KEY and KEY&PW), the user access rights are determined from the first method specified. If PW&KEY is specified, the access rights from the password authentication will be used. If KEY&PW is specified, the access rights from the key authentication will be used.
For more information, see Using Authentication Methods on page 23.
SSH user keys
A user’s SSH key is specified in a User Add or User Set command. You may define a key even if SSH is not currently enabled. The key may be specified in one of two ways:
When using the SSHKEY and FTPIP keyword pair to define the network location of a user’s SSH key file, the SSHKEY parameter specifies the name of the uuencoded (Unix to Unix encoded) public key file on an FTP server. The maximum file size that can be received is 4K bytes. The FTPIP parameter specifies the FTP server’s IP address.
When this method is specified, the CCM appliance initiates an FTP client request to the specified IP address. The CCM appliance then prompts the user for an FTP username and password for connection. When connected, the CCM appliance will GET the specified key file and the FTP connection will be closed. The CCM appliance then stores the SSH key with the username in the CCM user database.
18 CCM4850 Installer/User Guide
When using the KEY keyword to specify the SSH key, the KEY parameter specifies the actual uuencoded SSH key. This is for configurations that do not implement an FTP server. The CCM appliance stores the specified key in the CCM user database.
The CCM appliance processes a uuencoded SSH2 public key file with the format described in the IETF document draft-ietf-secshpublickeyfile-02. The key must follow all format requirements. The UNIX ssh-keygen2 generates this file format. The CCM appliance also processes a uuencoded SSH1 public key file. The UNIX ssh-keygen generates this file format.
To enable SSH session access to the CCM appliance:
1. Issue a Show Server Security command to ensure that you are using an authentication method other than None.
SHOW SERVER SECURITY
2. Issue a Server SSH command with the Enable parameter. You may also specify an authentica­tion method.
SERVER SSH ENABLE AUTH=<auth>
If an authentication method is not specified, the previous authentication parameter will be used. The default value is AUTH=PW.
3. If you are enabling SSH for the first time, you are advised that all other CCM appliance sessions will be terminated. Enter
4. If you are reenabling SSH, you are prompted to use the existing SSH server key or generate a new key. Enter
Y to use the existing key or N to generate a new key.
For more information, see Server SSH command on page 57.
Y to continue or N to cancel.
To disable SSH session access to the CCM appliance:
Issue a Server SSH command with the Disable parameter.
SERVER SSH DISABLE
When SSH is disabled, the CCM appliance operates in plain text mode.
To display SSH information:
Issue a Show Server Security command.
SHOW SERVER SECURITY
If SSH is enabled, the display will include SSH2. Regardless of whether SSH is enabled, the display will indicate the authentication method that was specified with the Server SSH command.

Enabling plain text Telnet and SSH connections

Plain text (non-encrypted) Telnet connections are enabled by default.
If you enable SSH connections using the Server Security command and the Encrypt=SSH parameter, plain text Telnet connections will be disabled. However, if you enable SSH connections with the Server SSH command, both plain text and SSH connections will be allowed.
Loading...
+ 70 hidden pages