Value-Line and Advanced Console Servers User’s Manual
Securely manage data center and network
equipment from anywhere in the world.
Customer
Support
Information
Order toll-free in the U.S.: Call 877-877-BBOX (outside U.S. call 724-746-5500)
FREE technical support 24 hours a day, 7 days a week: Call 724-746-5500 or fax 724-746-0746
Mailing address: Black Box Corporation, 1000 Park Drive, Lawrence, PA 15055-1018
Web site: w ww.blackbox.com • E-mail : info@blackbox.com
724-746-5500 | blackbox.com
Value-Line and Advanced Console Servers Manual
Trademarks Used in this Manual
Black Box and the Double Diamond logo are registered trademarks of BB Technologies, Inc.
Cisco is a registered trademark of Cisco Technology, Inc.
Mac is a registered trademark of Apple Computers, Inc.
Linux is a registered trademark of Linus Torvalds.
Internet Explorer, Windows, Windows Me, Windows NT, and Windows Vista are a registered trademarks of Microsoft Corporation.
Nagios is a registered trademark of Nagios Enterprises LLC.
Java and Solaris are trademarks of Sun Microsystems, Inc.
Unix is a registered trademark of X/Open Company Ltd.
Any other trademarks mentioned in this manual are acknowledged to be the property of the trademark owners.
Page 2
724-746-5500 | blackbox.com
Value-Line and Advanced Console Servers Manual
We‘re here to help! If you have any questions about your application
or our products, contact Black Box Tech Support at 724-746-5500
or go to blackbox.com and click on “Talk to Black Box.”
You’ll be live with one of our technical experts in less than 30 seconds.
724-746-5500 | blackbox.com
Page 3
724-746-5500 | blackbox.com
Value-Line and Advanced Console Servers Manual
Federal Communications Commission and Industry Canada Radio Frequency Interference
Statements
This equipment generates, uses, and can radiate radio-frequency energy, and if not installed and used properly, that is, in strict
accordance with the manufacturer’s instructions, may cause inter ference to radio communication. It has been tested and found to
comply with the limits for a Class A computing device in accordance with the specifications in Subpart B of Part 15 of FCC rules,
which are designed to provide reasonable protection against such interference when the equipment is operated in a commercial
environment. Operation of this equipment in a residential area is likely to cause interference, in which case the user at his own
expense will be required to take whatever measures may be necessary to correct the interference.
Changes or modifications not expressly approved by the party responsible for compliance could void the user’s authority to
operate the equipment.
This digital apparatus does not exceed the Class A limits for radio noise emis sion from digital apparatus set out in the Radio
Interference Regulation of Industry Canada.
Le présent appareil numérique n’émet pas de bruits radioélectriques dépassant les limites applicables aux appareils numériques de
la classe A prescrites dans le Règlement sur le brouillage radioélectrique publié par Industrie Canada.
Page 4
724-746-5500 | blackbox.com
Value-Line and Advanced Console Servers Manual
Instrucciones de Seguridad
(Normas Oficiales Mexicanas Electrical Safety Statement)
1. Todas las instrucciones de seguridad y operación deberán ser leídas antes de que el aparato eléctrico sea operado.
2. Las instrucciones de seguridad y operación deberán ser guardadas para referencia futura.
3. Todas las advertencias en el aparato eléctrico y en sus instrucciones de operación deben ser respetadas.
4. Todas las instrucciones de operación y uso deben ser seguidas.
5. El aparato eléctrico no deberá ser usado cerca del agua—por ejemplo, cerca de la tina de baño, lavabo, sótano mojado o cerca
de una alberca, etc..
6. El aparato eléctrico debe ser usado únicamente con carritos o pedestales que sean recomendados por el fabricante.
7. El aparato eléctrico debe ser montado a la pared o al techo sólo como sea recomendado por el fabricante.
8. Servicio—El usuario no debe intentar dar servicio al equipo eléctrico más allá a lo descrito en las instrucciones de operación.
Todo otro servicio deberá ser referido a personal de servicio calificado.
9. El aparato eléctrico debe ser situado de tal manera que su posición no interfiera su uso. La colocación del aparato eléctrico
sobre una cama, sofá, alfombra o superficie similar puede bloquea la ventilación, no se debe colocar en libreros o gabinetes
que impidan el flujo de aire por los orificios de ventilación.
10. El equipo eléctrico deber ser situado fuera del alcance de fuentes de calor como radiadores, registros de calor, estufas u otros
aparatos (incluyendo amplificadores) que producen calor.
11. El aparato eléctrico deberá ser connectado a una fuente de poder sólo del tipo descrito en el instructivo de operación, o como
se indique en el aparato.
12. Precaución debe ser tomada de tal manera que la tierra fisica y la polarización del equipo no sea eliminada.
13. Los cables de la fuente de poder deben ser guiados de tal manera que no sean pisados ni pellizcados por objetos colocados
sobre o contra ellos, poniendo particular atención a los contactos y receptáculos donde salen del aparato.
14. El equipo eléctrico debe ser limpiado únicamente de acuerdo a las recomendaciones del fabricante.
15. En caso de existir, una antena externa deberá ser localizada lejos de las lineas de energia.
16. El cable de corriente deberá ser desconectado del cuando el equipo no sea usado por un largo periodo de tiempo.
17. Cuidado debe ser tomado de tal manera que objectos liquidos no sean derramados sobre la cubierta u orificios de ventilación.
18. Servicio por personal calificado deberá ser provisto cuando:
A: El cable de poder o el contacto ha sido dañado; u
B: Objectos han caído o líquido ha sido derramado dentro del aparato; o
C: El aparato ha sido expuesto a la lluvia; o
D: El aparato parece no operar normalmente o muestra un cambio en su desempeño; o
E: El aparato ha sido tirado o su cubierta ha sido dañada.
This User’s Manual walks you through installing and configuring your Black Box Console Server
(LES1108A, LES1116A, LES1132A, LES1148A, LES1508A) or Advanced Console Server (LES1208A-R2,
LES1216A-R2, LES1232A, LES1248A-R2, LES1308A, LES1316A, LES1332A, LES1348A, LES1408A, LES1416A,
LES1432A, LES1448A). Each of these products is referred to generically in this manual as a “console server.”
Once configured, you will be able to use your console server to securely monitor access and control the
computers, networking devices, telecommunications equipment, power-supplies, and operating
environments in your data room or communications centers. This manual guides you in managing this
infrastructure locally (across your operations or management LAN or through the local serial console
port), and remotely (across the Internet, private network, or via dial up).
Manual Organization
This manual contains the following chapters:
1. Introduction An overview of the features of console server and information on this
manual.
2. Installation Physical installation of the console server and how to interconnect
controlled devices.
3. System Configuration Describes the initial installation and configuration using the
Management Console. Covers configuration of the console server on the
network and the services that will be supported.
4. Serial & Network Covers configuring serial ports and connected network hosts, and
setting up Users and Groups.
5. Firewall, Failover & OoB Describes setting up the high availability access features of the console server.
6. Secure Tunneling (SDT) Covers secure remote access using SSH and configuring for RDP, VNC,
HTTP, HTTPS, etc. access to network and serially connected devices.
7. Auto-response & Logging Explains how to set up local and remote event/data logs, how to trigger
SNMP and email alerts
events.
8. Power & Environment Describes how to manage USB, serial, and network attached power
strips and UPS supplies including Network UPS Tool (NUT) operation,
IPMI power control, and EMD environmental sensor configuration.
and configuring auto-response actions to trigger
9. Authentication Access to the console server requires usernames and passwords that are
locally or externally authenticated.
10. Nagios Integration Describes how to set Nagios central management with SDT extensions
and configure the console server as a distributed Nagios server.
11. System Management Covers access to and configuration of services that will run on the
console server.
12. Status Reports View a dashboard summary and detailed status and logs of serial and
network connected devices (ports, hosts, power, and environment)
13. Management Includes port controls that Users can access.
14 Basic Configuration Command line installation and configuration using the config command.
15. Advanced Config More advanced command line configuration activities where you will
need to use Linux commands.
The latest update of this manual can be found online at www.blackbox.com
Types of users
The console server supports two classes of users:
I. First, there are the administrative users who will be authorized to configure and control the console
server; and to access and control all the connected devices. These administrative users will be set up
as members of the admin user group and any user in this class is referred to generically in this
manual as the Administrator. An Administrator can access and control the console server using the
config utility, the Linux command line, or the browser-based Management Console. By default, the
Administrator has access to all services and ports to control all the serial connected devices and network connected devices (hosts).
II. The second class of users are those who have been set up by the Administrator with specific limits of
their access and control authority. These users are set up as members of the users user group (or
some other user groups the Administrator may have added). They are only authorized to perform
specified controls on specific connected devices and are referred to as Users. These Users (when
authorized) can access serial or network connected devices; and control these devices using the
specified services (for example, Telnet, HHTPS, RDP, IPMI, Serial over LAN, Power Control). An
authorized User also has a limited view of the Management Console and can only access authorized
configured devices and review port logs.
In this manual, when the term user (lower case) is used, it refers to both the above classes of users. This
document also uses the term remote users to describe users who are not on the same LAN segment as
the console server. These remote users may be Users, who are on the road connecting to managed
devices over the public Internet, or it may be an Administrator in another office connecting to the
console server itself over the enterprise VPN, or the remote user may be in the same room or the same
office but connected on a separate
VLAN than the console server.
Management Console
The Management Console provides a view of the console server and all the connected devices.
Administrators can use any browser to log into the Management Console either locally or from a remote location. They can then use Management Console to manage the console server, the users, the serial
ports and serially connected devices, network connected hosts, and connected power devices; and to
view associated logs and configure alerts.
A User can also use the Management Console, but has limited menu access to control select devices,
review their logs and access them using the built-in java terminal or control power to them.
The console server runs an embedded Linux operating system, and experienced Linux® and UNIX® users
may prefer to configure it at the command line. To get command line access, connect through a terminal
emulator or communications program to the console serial port; connect via ssh or telnet through the
LAN; or connect through an SSH tunneling to the console server.
Manual Conventions
This manual uses different fonts and typefaces to show specific actions:
Note Text presented like this indicates issue s t o note.
Text presented like this highlights important information. Make sure you read
and follow these warnings.
Text presented with an arrow head indent indicates an action you should take as part of the
procedure.
Bold text indicates text that you type, or the name of a screen object (for example, a menu or button)
on the Management Console.
Italic text indicates a text command you enter at the command line level.
Information in this document is subject to change without notice and does not represent a commitment
on the part of Black Box. Black Box provides this document “as is,” without warranty of any kind, either
expressed or implied, including, but not limited to, the implied warranties of fitness or merchantability
for a particular purpose.
Black Box may make improvements and/or changes in this manual or in the product(s) and/or the
program(s) described in this manual at any time. This manual could include technical inaccuracies or
typographical errors. Changes are periodically made to the information herein; these changes may be
incorporated in new editions of the publication.
Notice to Users
Use proper back-up systems and necessary safety devices to protect against injury, death, or property
damage caused by system failure. This protection is the user’s responsibility.
This device is not approved for use as a life-support or medical system.
Any changes or modifications made to this device without the explicit approval or consent of Black Box
will void Black Box of any liability or responsibility of injury or loss caused by any malfunction.
This equipment is for indoor use and all the communication wirings are limited to the inside of the
building.
5-VDC, 2.0A, Power Supply with IEC Socket and AC power cable
2.1.4 Kit components LES1116A, LES1132A and LES1148A Console Servers
LES1116A, LES1132A or LES1148A Console Server
(2) UTP CAT5 blue cables
DB9F-RJ45S straight and DB9F-RJ45S cross-over connectors
IEC AC power cord
Printed Quick Start Guide and User’s Manual on CD-ROM
2.1.5 Kit components LES1108A Console Server
LES1108A Console Server
(2) UTP CAT5 blue cables
DB9F-RJ45S straight and DB9F-RJ45S cross-over connectors
Printed Quick Start Guide and this User‘s Manual on CD-ROM
2.2 Power connection
2.2.1 LES1508A power
The LES1508A includes an external DC power supply unit. This unit accepts an AC input voltage between
100 and 250 VAC with a frequency of 50Hz or 60Hz. The DC power supply comes with a selection of wall
socket adapters for each geographic region (North American, Europe, UK, Japan or Australia). The 12-
VDC connector from the power supply plugs into the 12VDC (PWR) power socket on the side of the
LES1508A.
2.2.2 LES1408A - LES1448A, LES1308A- LES1348A and LES1208A - LES1248A power
The Advanced Console Server models (LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2, LES1308A,
LES1316A, LES1332A, LES1348A, LES1408A, LES1416A, LES1432A and LES1448A) all have dual universal
AC power supplies with auto failover built in. These power supplies each accept AC input voltage
between 100 and 240 VAC with a frequency of 50 or 60 Hz. The total power consumption per console server is less than 30W. Two IEC AC power sockets are located at the rear of the metal case, and these
IEC power inlets use conventional IEC AC power cords.
Power cords for various regions are available, although the North American power cord is provided by
default. There is a warning notice printed on the back of each unit.
To avoid electrical shock, connect the power cord grounding conductor to
ground!
2.2.2 LES1116A, LES1132A and LES1148A power
The LES1116A, LES1132A and LES1148A models have a built-in universal auto-switching AC power
supply. This power supply accepts AC input voltage between 100 and 240 VAC with a frequency of 50 or
60 Hz. The power consumption is less than 20W.
The LES1116A, LES1132A and LES1148A models have an IEC AC power socket located in the rear of the
metal case. This IEC power inlet uses a conventional IEC AC power cord, and the power cords for various
regions are available. Call Black Box Technical Support for details at 724-746-5500. (The North American
power cord is provided by default.) There is a warning notice printed on the back of each unit.
To avoid electrical shock, connect the power cord grounding conductor to
ground.
The LES1108A includes an external DC power supply unit. This unit accepts an AC input voltage between
100 and 250 VAC with a frequency of 50Hz or 60Hz. The DC power supply has an IEC AC power socket,
which accepts a conventional IEC AC power cord. The power cord for North America is included in the
kit. The 5-VDC connector from the power supply plugs into the 5VDC power socket on the rear of the
LES1108A.
2.3 Network connection
The RJ-45 LAN ports are located on the rear panel of the LES1108A and LES1508A, and on the front
panel of the rack-mount console servers. Use industry standard Cat5 cabling and connectors. Make sure
that you only connect the LAN port to an Ethernet network that supports 10BASE-T/100BASE-T. To
initially configure the console server, you must connect a PC or workstation to the console server’s
principal network port (labeled NETWORK1 or LAN).
2.4 Serial Port connection
The RJ-45 serial ports are located on the rear panel of the LES1108A and on the front panel of the
LES1508A and rackmount console servers.
The LES1508A Console Server has a Cisco RJ-45 pinout shown below:
The LES1108A, LES1116A, LES1132A and LES1148A Console Servers have the Black Box Classic RJ-45
pinout shown below:
The LES1208A-R2, LES1216A-R2, LES1232A, LES1248A-R2, LES1308A, LES1316A, LES1332A, LES1348A,
LES1408A, LES1416A, LES1432A and LES1448A Advanced Console Servers have the Cyclades RJ-45
pinout shown next:
The rackmount console servers also have a DB9 LOCAL (Console/Modem) port on front panel. The
LE1108A has a DB9 LOCAL (Console/Modem) port on rear panel. With the LES1508, Serial Port 1 is
configured by default in Local Console (modem) mod e.
Conventional CAT5 cabling with RJ-45 jacks is used for serial connections. Before connecting an external
device’s console port to the console server serial port, confirm that the device supports the standard
RS-232C (EIA-232).
Black Box supplies a range of cables and adapters that may be required to connect to the more popular
servers and network appliances. Call Technical Support at 724-746-5500 for details.
2.5 USB Port Connection
The LES1208A-R2, LES1216A-R2, LES1232A and LES1248A-R2 console servers each also have one
USB1.1 port on the front face and two additional USB 2.0 ports at the rear face (adjacent to modem jack).
The LES1308A, LES1316A, LES1332A, LES1348A, LES1408A, LES1416A, LES1432A and LES1448A
console servers each also have one USB1.1 port on the f ront face and one additional USB 2.0 ports at
the rear face. This USB2.0 port is adjacent to antenna con nector and conne cts using the micro-AB USB
cable.
The LES1508A console server has twoUSB 2.0 ports on the front face.
This chapter provides step-by-step instructions for the console server’s initial configuration, and for
connecting it to the Management or Operational LAN. The Administrator must:
Activate the Management Console.
Change the Administrator password.
Set the IP address console server’s principal LAN port.
Select the network services that will be supported.
This chapter also discusses the communications software tools that the Administrator may use to access
the console server.
3.1 Management console connection
Your console server is configured with a default IP Address 192.168.0.1 Subnet Mask 255.255.255.0
Directly connect a PC or workstation to the console server.
NoteFor initial configuration we recommend that you connect the console server directly to a single PC
or workstation. However, if you choose to connect your LAN before completing the initial setup
steps, it is important that:
you make sure that there are no other devices on the LAN with an address of 192.168.0.1
the console server and the PC/workstation are o n the same LAN segment, with no interposed
3.1.1 Connected PC/workstation set up
To configure the console server with a browser, the connected PC/workstation should have an IP
address in the same range as the console server (e.g. 192.168.0.100):
router appliances.
To configure the IP Address of your Linux or Unix PC/workstation simply run ifconfig
For Windows PCs (Win9x/Me/2000/XP/ Vista/ 7/NT):
Click Start -> (Settings ->) Control Panel and double click Network Connections (for
95/98/Me, double click Network).
Right click on Local Area Connection and select Properties.
Select Internet Protocol (TCP/IP) and click Properties.
Select Use the following IP address and enter the following details:
If you want to retain your existing IP settings for this network connection, click Advanced
and Add the above as a secondary IP connection.
If it is not convenient to change your PC/workstation network address, you can use the ARP-Ping
command to reset the console server IP address. To do this from a Windows PC:
Click Start -> Run (or select All Programs then Accessories then Run).
Type cmd and click OK to bring up the command line.
Type arp –d to flush the ARP cache.
Type arp –a to view the current ARP cache (this should be empty).
Now add a static entry to the ARP table and ping the console server to assign the IP address to
the console server. In the example below, a console server has a MAC Address 00:13:C6:00:02:0F
(designated on the label on the bottom of the unit) and we are setting its IP address to
192.168.100.23. Also the PC/workstation issuing the arp command must be on the same
network segment as the console server (that is, have an IP address of 192.168.100.xxx)
Type arp -s 192.168.100.23 00-13-C6-00-02-0F (Note for UNIX the syntax is: arp -s
192.168.100.23 00:13:C6:00:02:0F).
Type ping -t 192.18.100.23 to start a continuous ping to the new IP Address.
Turn on the console server and wait for it to configure itself with the new IP address. It will
start replying to the ping at this point.
Type arp –d to flush the ARP cache again.
3.1.2 Browser connection
Activate your preferred browser on the connected PC/workstation and enter
https://192.168.0.1 The Management Console supports all current versions of the popular
browsers (Internet Explorer, Mozilla Firefox, Chrome, and more).
After completing each of the above steps, you can return to the configuration list by clicking in the top
left corner of the screen on the Black Box logo.
NoteIf you are not able to connect to the Manageme nt Console at 192.168.0.1 or if the default
Username/Password were not accepted, then reset your console server (refer to Chapter 11).
3.2 Administrator Password
For security reasons, only the administrator user named root can initially log into your console server.
Only people who know the root password can access and reconfigure the console server itself. However,
anyone who correctly guesses the root password could gain access (and the default root password is
default). To avoid this, enter and confirm a new root password before giving the console server any
access to, or control of, your computers and network appliances.
The system password can be changed by editing the root user on the S erial & Network: Users
& Groups form
Select Change default administration password on the Welcome screen which will take you to
Serial & Network: Users & Groups where you can a dd a new confirmed Password for the user
root
Enter a new Password then re-enter it in Confirm . This is the new password for root, the main
administrative user account, so choose a complex password, and keep it safe.
NoteThere are no restrictions on the characters that can be used in the Password. It can contain up to
254 characters. However, only the first eight System Password characters are used to make the
password hash.
Click Apply. Since you have changed the password you will be prompted to log in again. This
time, use the new password.
NoteIf you are not confident that your console server has the current firmware release, you can
upgrade. Refer to Upgrade Firmware—Chapter 10.
3.2.1 Set up new administrator
It is also recommended that you set up a new Administrator user as soon as convenient and log-in as
this new user for all ongoing administration functions (rather than root).
This Administrator can be configured in the admin group with full access privileges through the Serial &
Network: Users & Groups menu (refer Chapter 4 for details)
3.2.2 Name the console server
It is also recommended that you set up a System Name for your console server to make it simple to
identify.
Select System: Administration
console server to give it a unique ID.
and enter a System Name and System Description for the
NoteThe System Name can contain from 1 to 64 alphanumeric characters (however you can also use
the special characters “-”, “_”, and “.”)
There are no restrictions on the characters t hat can be used in the System Description or the
System Password (each can contain up to 254 characters). However, only the first eight System
Password characters are used to make the password hash.
The MOTD Banner can be used to display a “message of the day” text to users
Click Apply