Black Box LS1016A, LS1032A User Manual

Download

Page 1

SEPTEMBER 2003 LS1016A LS1032A

BLACK BOX®Advanced Console Server

Version 2.1.4 Revision 1a

- User Guide

CUSTOMER SUPPORT INFORMATION

Black Box Corporation - 1000 Park Drive - Lawrence, PA 15055-1018 Tech Support and Ordering: 724-746-5500 (1-877-877-BBOX) - Fax: 724-746-0746 To contact us about Black Box products or services: info@blackbox.com

Page 2

BLACK BO X® Adv ance d Console Server User Guide Version 2.1.4 Revis ion 1a

September, 2003

responsibility, financial or otherwise, for any consequences of the use of this product or manual. This manual is publishe d by Black Box Co rporation, which reserves the r ight to make improvements or changes in the products described in this manu al as well as to revise this publication at any time and without notice to any per son of such revision or change. The operating system covered in this manual is v2.1.4. All brand and product names mentioned in this pu blication are trademarks or register ed trademarks of thei r respecti ve holders.

Black Box, BLACK BOX ® Advanced Console Server, LS1032A, LS1016A are registered trademark of Black Box Corporation. Microsoft, Windows 95, 98, XP, ME, NT, and 2K are trademarks of Microsoft Corporation. UNIX is a tradem ark of UN IX System Laboratories, Inc. Linux is a registered trademark of Linus Torvalds.

Black Box Corporation, 2003

This document contains pro prietary information of Black Box and is not to be disclosed or used except in accordance with applicable contracts or agreements.

All rights reserved. This document may not, in whole or part, be copied, photocopied, reproduced, translated, or converted to any electronic or machine-readable form without the prior written consent of Black Box.

Black Box, 2003

Product Version 2. 1. 4 Revision 1a Document Number 2.1.4-Draft 27a

Page 3

Tabl e of Contents

Preface

Purpose . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Audience and User Levels . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

New Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

Power Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13

How to use this Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14

Conventions and Symbols . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Fonts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Hypertext Links. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15

Glossary Entries. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Quick Steps . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Parameter Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16

Note Box Icons . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Chapter 1 - Introduction and Overview

The BLACK BOX® Advanced Conso le Server. . . . . . . . . . . . . . . . . . . . . . . . . . 19

What’s in the box. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20

Safety Instructions . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23

Battery. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25

FCC Warning Sta tement . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Aviso de Precaución S-Ma rk Argentina . . . . . . . . . . . . . . . . . . . . . . . . . . 26

Traba j ar de n tr o de l B LA C K BO X ® Ad vanced Console Server. . . . . . . . 28

Batería . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29

Chapter 2 - Installation, Configuration, and Usage

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

System Require m ents. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31

Default Configura tio n Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 32

Pre-Install Checklist . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33

Task List . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

The Wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 34

Quick Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Configuration using a Console . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 36

Configuration using a Web browser . . . . . . . . . . . . . . . . . . . . . . . . . . . . 39

Configuration using Telnet . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 46

The Installation and Conf iguration Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49

User Guide 3

Page 4

Tabl e of Contents

Task 1: Connect the BLACK BOX ® Advanced Console Server

to the Network and other Dev i ces . . . . . . . . . . . . . . . . . . . . . . . . . . . . .49

Task 2: Configure the COM Port Connection and L og In . . . . . . . . . . . .52

Task 3: Modify the System Files . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .54

Task 4: Edit the pslave.conf file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .57

Task 5: Activate the changes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Task 6: Test the configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .60

Task 7: Save the cha nges . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .61

Task 8: Reboot the BLACK BOX ® Advanced Console Server . . . . . . . .61

Accessing the Seria l Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .62

Opening and closing a telnet session to a serial port . . . . . . . . . . . . . . .62

Opening and closing an SSH session to a serial port . . . . . . . . . . . . . . . .62

Accessi ng Serial Ports using “ts_menu”. . . . . . . . . . . . . . . . . . . . . . . . . .63

Accessing Serial Po rts using the Web Interface. . . . . . . . . . . . . . . . . . . . 64

Chapter 3 - Additional Features

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6 5

Configuration Wiz ard - Basic Wizard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66

Using the Wizard through your Browser. . . . . . . . . . . . . . . . . . . . . . . . .72

Access Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

Configuration for CAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .73

Configuration for TS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .88

Configuration for Dial-in Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .96

Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .100

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .100

Configuration for CAS, TS, and Dial -in Access. . . . . . . . . . . . . . . . . . . . . 102

NIS Client . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112

NIS Client Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .112

How to Test the Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113

nsswitch.conf file format. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .114

Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 114

CAS Port Pool . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .115

How to Configure it. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .116

Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .118

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .119

Centralized Management - the Inc l ude File . . . . . . . . . . . . . . . . . . . . . . .122

Enhanced Clustering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .125

CronD . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .134

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .134

4 BLACK BOX ® Adva n ced Console S erver

Page 5

Tabl e of Contents

Configuration for CAS, TS, and Dial -in Access . . . . . . . . . . . . . . . . . . . . 135

Data Buffering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137

Linear vs. Circular Bu ffering . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138

Parameters Invo lved and Passed Values . . . . . . . . . . . . . . . . . . . . . . . . . 138

Configuration for CAS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140

DHCP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150

Parameter In volved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . . 150

Configuration for CAS, TS, and Dial -in Access . . . . . . . . . . . . . . . . . . . . 152

Dual Power Management. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Parameters Invo lved and Passed Values . . . . . . . . . . . . . . . . . . . . . . . . . 154

Configuration for CAS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154

Configuration for TS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Configuration for Dial-in Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155

Filters and Network Address Translation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Structure of the iptables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156

Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 157

Parameters Invo lved and Passed Values . . . . . . . . . . . . . . . . . . . . . . . . . 166

Configuration for CAS, TS, and Dial -in Access . . . . . . . . . . . . . . . . . . . . 166

Generating Alarms . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 172

Port Slave Parameters Involved w ith Generating Alarms . . . . . . . . . . . . 172

Configuration for CAS, TS, and Dial -in Access . . . . . . . . . . . . . . . . . . . . 172

Syslog-ng Configura tio n to use with Alarm Feature . . . . . . . . . . . . . . . . 179

Alarm, Sendm ail, Se ndsms and Snmpt rap. . . . . . . . . . . . . . . . . . . . . . . . 181

Help . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Help Wizard Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188

Help Command Line Interface Information . . . . . . . . . . . . . . . . . . . . . . 189

NTP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 195

Parameters Invo lved and Passed Values . . . . . . . . . . . . . . . . . . . . . . . . . 195

Configuration for CAS, TS, and Dial -in Access . . . . . . . . . . . . . . . . . . . . 196

PCMCIA . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

Supported Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

Tools for Configuring and Monitoring PCM CIA Devices . . . . . . . . . . . . 197

Ejecting Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197

PCMCIA Net work Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198

Wireless LAN PC Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199

Modem PC Ca rds. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200

Establishing a Callback with you r Modem PC Card . . . . . . . . . . . . . . . . 202

ISDN PC Cards . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206

User Guide 5

Page 6

Tabl e of Contents

Establishing a Callback w ith your ISDN PC Card. . . . . . . . . . . . . . . . . . . 208

Establishing a Callback with your ISDN PC Card (2nd way). . . . . . . . . .210

Ports Configured as Terminal Serve rs. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213

TS Setup Wizard. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .213

Serial Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .219

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .219

Configuration for CAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .220

CLI Method . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .228

Configuration for TS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .229

Configuration for Dial-in Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .233

Session Sniffing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235

Versions 2.1.0 and later . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .235

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .237

Configuration for CAS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .238

SNMP . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .246

Configuration for CAS, TS, and Dial -in Access. . . . . . . . . . . . . . . . . . . . . 248

Syslog . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .249

Port Slave Parameters Involved with syslog-ng . . . . . . . . . . . . . . . . . . . . 250

Configuration for CAS, TS, and Dial -in Access. . . . . . . . . . . . . . . . . . . . . 250

The Syslog Functions. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .256

Terminal Appe arance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .271

Parameters Invo lved and Passed Values. . . . . . . . . . . . . . . . . . . . . . . . . .271

Configuration for CAS, TS, and Dial -in Access. . . . . . . . . . . . . . . . . . . . . 272

Time Zone. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .280

How to set Date and Time. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .281

Appendi x A - New User B ackgro und Infor m ation

Users and Passw ords. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .283

How to show who is logged in and what they are doing. . . . . . . . . . . . . . . . . .283

Linux File Structure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .284

Basic File Manipulation C ommands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .285

The vi Editor . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .286

The Routing Table . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288

Secure Shell Sess ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .289

The Process Table. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .293

TS Menu Script . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294

6 BLACK BOX ® Adva n ced Console S erver

Page 7

Tabl e of Contents

Appendix B - Cabling, Hardware, and Electrical Specifications

General Hardw are Specifications. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297

Rear Panel LED s . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

Ethernet Connector. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

Console Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

Serial Connector . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299

The RS-232 Standard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300

Cable Length . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301

Connectors. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302

Straight-Through vs. Crossover Cables . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

Which cable should be used? . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303

Cable Diagrams . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304

Appendix C - The pslave Configuration File

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

Configuration Para meters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311

CAS, TS, and D i al-in Common Parameters . . . . . . . . . . . . . . . . . . . . . . . 311

CAS Parameters. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321

TS Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331

Dial-in Access Parameters . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333

Appendi x D - Linux-PAM

Introduction. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337

The Linux-PAM Configuration File. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

Configuration File Syntax . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339

Newest Syntax. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342

Module Path. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343

Arguments. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346

Directory-based Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347

Default Policy. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348

Reference. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 356

User Guide 7

Page 8

Tabl e of Contents

Appendi x E - Sof t ware Upg rades an d Troubleshooting

Upgrades. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357

The Upgrade P rocess. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .357

Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Flash Memory Loss . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .359

Hardware Test . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362

Port Test. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .362

Port Conversation . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363

Test Signals Manua lly . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .363

Single User Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .364

Troubleshooting the Web Configuration Manager . . . . . . . . . . . . . . . . . . .366

What to do when the initial Web page doe s not appear. . . . . . . . . . . . .366

How to restore the Default Configuration of the

Web Configuration Manager . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366

Using a different speed for the Serial Console . . . . . . . . . . . . . . . . . . . . . . .366

CPU LED . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .368

Appendix F - Certificate for HTTP Security

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369

Procedure . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .369

Appendi x G - IPSEC

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .373

Basic IPsec Knowledge. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .373

Using IPsec to create a VPN . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374

The Authentication . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .374

The Encryption . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .374

The software parts . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375

IPSec Configurat ion . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375

The configuratio n file . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375

General comments on ipsec.conf . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .375

The setup section o f ipsec.conf. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .376

Connection defaults. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .378

Editing a connec tio n description. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .379

Example file for BLACK BOX ® Advanced Console Server-to-network

connection. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382

8 BLACK BOX ® Adva n ced Console S erver

Page 9

Tabl e of Contents

IPsec Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384

The IPsec Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384

Adding and Rem ov ing a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384

Starting and Stopping a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385

Generating the RSA key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385

Generating an RSA key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386

Debugging Commands . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386

IPsec look . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386

IPsec whack . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387

IPsec and Road Warriors . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

IPsec, Security for the Internet P rotocol . . . . . . . . . . . . . . . . . . . . . . . . . . . 388

Applications of IPse c. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389

Configuration. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

Before you Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

Set up and test networking. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

Enabling IPsec. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

Quick Start . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

“Road Warrior” remote access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390

BLACK BOX ® Advanced Console Se rver-to -network VPN . . . . . . . . . . 393

Setting up RSA authentication keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394

Generating an RSA key pair . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395

Exchanging authentication keys . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395

The Configuration F ile . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396

Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396

Conn Sections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398

Config Sections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402

Recommended Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403

IPsec Usage . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403

The IPsec Daemon . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

Adding and Rem ov ing a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

Starting and Stopping a Connection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404

User Guide 9

Page 10

Tabl e of Contents

Appendix H- Web User Management

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .405

Default Configuratio n for Web Use r Management . . . . . . . . . . . . . . . . . . . . . . .405

How Web User Management w orks. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .407

Task 1: Check the URL in the Access Li mit List. . . . . . . . . . . . . . . . . . . . 407

Task 2: Read the Username and the Password . . . . . . . . . . . . . . . . . . . . 408

Task 3: Look for th e gro up retrieved in the user groups list . . . . . . . . . .408

Web User Mana gement Configur at ion - Getting Started. . . . . . . . . . . . . . . . . . . 408

Changing the Root Password. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409

Adding and Delet ing Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409

Adding a User. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .409

Deleting a User. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .410

Adding and Deleting User Groups . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

Adding a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

Deleting a group . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .411

Adding and Delet ing Access Limits. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412

Adding an Acces s Limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .412

Deleting an access limit . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .413

Appendix I - Co nnect to Serial Ports from Web

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415

Tested Environm ent . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .415

On Windows. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .416

From Internet E xplorer . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .416

From Netscap e o r Mozilla . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .416

Step-by-Step Process . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .417

Appendi x J - Examples for Co nfiguration Testi ng

Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Console Acces s Server . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .419

Terminal Server. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422

Dial-in Access . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .424

10 BLACK BOX ® Adva nced Console Server

Page 11

Tabl e of Contents

Appendix K - Wiz Appl ication Pa r ameters

Basic Parameters (wiz). . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 427

Access Metho d Parameters (wiz --ac <type>) . . . . . . . . . . . . . . . . . . . . . . . . . . 427

Alarm Parame ter (wiz --al) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428

Authentication Parameters (wiz - -auth) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 428

Data Buffering Parameters (wiz --db) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429

Power Mana gement Parameters (wiz --pm) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 429

Serial Settings Para meters (wiz --sset <type>) . . . . . . . . . . . . . . . . . . . . . . . . . . 430

Sniffing Paramet ers (wiz --snf) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

Syslog Parameters (wiz --sl) . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

Terminal Appearance Paramete rs (wiz --tl) . . . . . . . . . . . . . . . . . . . . . . . . . . . . 431

Terminal Server Profile Other Pa rameters (wiz --tso) . . . . . . . . . . . . . . . . . . . . 432

Appendix L - Copyri ghts

References . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 433

List of Figures . . . . . . . . . . . . . . . . . . . . . . . . . . .437

List of Tables. . . . . . . . . . . . . . . . . . . . . . . . . . . .441

Glossary. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .443

Index . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .447

User Guide 11

Page 12

Tabl e of Contents

This page has been left intentionally blank.

12 BLACK BOX ® Adva nced Console Server

Page 13

Preface

Purpose

The purpose of this guide is to provide instruction for users to independently install, configure, and maintain the BLACK BOX ® Advanced Console Server. This manual should be read in the order written, with exceptions given in the text. Whether or not you are a UNIX user,

we strongly recommend that you follow the steps given in this manual.

Audience and User Levels

This guide is intended for the user who is respons ible for the d eployment and day-to-day operation and mainte nance of the BLACK BOX ® Advanced Consol e Server. It assumes that the r e a de r u nd ers ta n ds ne tworking ba si c s a nd i s famil ia r w ith the te rm s and conc ep t s u se d i n Local and Wide Area Networking. UNIX and Linux u sers will find the configu ration process very familiar. It is not necessary to be a UNIX exper t, however, to get the BLACK BOX ® Advanced Console Server up and running. There are two audiences or user levels for this manual:

New Users

These are users new to Linux and/or U NIX with a primarily PC/Microsoft background. You might want to brush up on such things a s common Linux/UNIX commands and how to use the vi editor prior to attempting installation and conf iguration. This essential background information appears in Appendix A - New User Background Information that N e w Use rs con fi g u r e th e BLACK BOX ® Advanced Conso le Server using a Web browser, however, New Users can also configure the BLACK BOX ® Advanced Console Server with vi, the Wizard or the Command Line Interface (CLI).

. It is recommended

Power Users

These are UNIX/Linux experts who will use this manual mostly for reference. Power Users can choose b etween configur ing the BLACK BOX ® Advanced Console Server via Web browser, vi, Wizard, or CLI.

User Guide 13

Page 14

Preface

Each configuration task will be separated into a section (a clicka ble link on t he PDF file) for each user type. Users then can skip to the appropriate level tha t matches their expertise and comfort level.

How to use this Guide

This guide is organized into the following sections:

• Chapter 1 - Introduction and Overview

default CAS setup. It also includes safety guidelines to be followed.

• Chapter 2 - Installation, Configuration, and Usage

Advanced Console Server should be connected and what each cable is used for. It describes the basic configuration process to get the BLACK BOX ® Advanced Console Server up and running for its most common uses.

• Chapter 3 - Additional Features

tures of the BLACK BOX ® Advanced Console Se rver. It provides configu ration instructions for syslog, data buffers, authentication, filters, DHCP, NTP, SNMP, clusterin g , and sniffing.

• Appendix A - New User Background Information

new to Linux/UNIX.

• Appendix B - Cabling, Hard ware, and Electrical Spe cificatio ns

and pinout d iagrams for cables used with the BLACK BOX ® Advanced Console Server.

• Appendix C - The pslave Co nfiguration File

urations as well as the master file.

is dedicated to users wanting to explore all available fea-

contains an explanation of the product and its

explains how the BLACK BOX ®

contains information for those w ho are

has detailed information

contains example files for the various config-

• Appendix D - Linux-P AM

ticate users.

• Appendix E - Software Upgrades and Troubleshooting

dures for typical problems.

• Appendix F - Certificate for HTTP Security

enable you to obtain a Signed Digital Certificate.

• Appendix G - IPSEC

Protocol) level of the network protocol stack.

14 BLACK BOX ® A dvanced Console Server

enables the local system administrator to choose how to authen-

provides encryption and authentication services at the IP (Internet

includes solutions and test proce-

provides configuration information that will

Page 15

Preface

• Appendix H- Web User Management covers default and optional configuration, and the

addition/deletion of users, groups, and access limits.

• Appendix I - Connect to Serial Ports from Web

serial port is configured.

• Appendix J - Examples for Con figuration Testing

Advanced Secure Console Port Server after configuratio n.

• Appendix K - Wiz Application Parameters

ters.

• Appendix L - Copyrights

product.

• The Glossary

provides definitions for commonly-use d terms in this manual.

lists details about ap plica tions that were incorporated into th e

enables this process, based on how the

provides exampl es for tes ting the

contains all basic and custom wizard parame-

Convent ions an d Symbols

This section explains the significance of each of the various fonts, formatting, and icons that appear throughout this guide.

Fonts

This guide uses a regular text font for most o f the body text and Courier for da ta that you would input, such as a com mand line ins t ruction, or data that you would receive back, such as an error message. An example of this wo uld be:

telnet 200.200.200.1 7001

Hypertext Links

References to another section of this manual are hyp ertext links that are underlined (and are also blue in the PDF version of the manual). When you click on them in the PDF version of the manual, you will be taken to that section.

User Guide 15

Page 16

Preface

Glossary En tr ies

Terms that can be found in the glossary are underlined and slightly larger than the rest of the text. These terms have a hypertext link to the glossary.

Quick Steps

Step-by-step instructions for installing and c onfiguring the BLACK BOX ® Advanced Console Ser v er are numbered with a summarized description o f the step for quick referen ce. Und erneath the quick step is a more detailed description. Steps are numbered 1, 2, 3, etc. Additionally, if there are sub-steps to a step, they are indicated as Step A, B, C, and are nested within the St ep 1, 2 , 3, etc. For example:

Step 1: Modify files.

You will mo dify four Linux files to let the BLACK BOX ® Advanced Console Server know about it s local environment.

Step A: Modify pslave.conf.

Open the file plsave.conf and add the following lines . . .

Parameter Syntax

This manua l uses standard Linux command syntaxes and conventions for the parameters described within it.

Brackets and Hyphens (dashes)

The brackets ([])indicate that the parameter inside t hem is optional, meaning that t he command will be accepted if the parameter is not defined. When the text inside the brackets starts with a dash (-) and/or indicates a list of characters, the parameter can be one of the letters listed within the brackets.

Example:

iptables [-ADC] chain rule-specification [options]

Ellipses

Ellipses (...) indicate that the latest parameter can be repeated as many times as needed. Usually this is used to describe a list of subjects.

16 BLACK BOX ® A dvanced Console Server

Page 17

Preface

Example:

ls [OPTION]... [FILE]...

Pipes

The pipe (|) indicates that one of the words separated by this character should be used in the command.

Example:

netstat {--statistics|-s} [--tcp|-t] [--udp|-u] [--raw|-w]

When a config uration parameter is d ef ined, the Linu x co mmand syntax conventions will be also used, with a difference.

Greater-than and Less-than signs

When the text is encapsulated with the “<>” characters , the meaning of the text will be considered, not the literal text. When the text is not encapsulated, the literal text will be considered.

Spacing and Separators

The list of users in the following example must be separated by semicolons (;); the outlets should be separated by commas (,) to indicate a list or with dashes (-) to indicate range; there should not be any sp aces between the values.

sXX.pmusers: The user access list. For example: jan e:1,2;j ohn:3,4. The format of this field is:

[<username>:<outlet list>][;<username>:<outlet list>...]

where <outlet list>'s format is:

[<outlet number>|<outlet start>-<outlet end>][,<outlet number>|<outlet start>-<outlet end>]...

User Guide 17

Page 18

Preface

Note Box Icons

Note boxes contain instructional or cautionary information that the read er especially needs to bear in mind. The re are five levels of note b ox icons:

Tip. An informational tip or tool that explains and /or expedite s th e use of the BLACK BOX ® Advanced Console Server.

Important! An important tip that

should be read. Review all of these notes for critical infor m ation.

Wa rning! A very important type of

tip or warning. Do not ignore this information.

DANGER! Indicates a dir ect danger

which, if not avoided, may result in personal injury or damage to the system.

Security Issue. Indicates securityrelated information where it is relevant.

18 BLACK BOX ® A dvanced Console Server

Page 19

Introduction and Overview

Chapter 1 - Introduction and Overview

The BLACK BOX® Advanced Console Server

The BLACK BOX ® Advanced Console Server is line of Console Access Servers that allow both lo ca l an d dial-in acce s s f or in - ban d an d out -of- band netwo r k man ag em e nt. run an embedded version of the L inux operating system. Configuration of the is done by editing a few plain - text files, and then up dating the versions of the files o n the BLACK BOX ® Advanced Console Server. The fil es can b e edited usi ng the vi editor provided or on anothe r comp uter with the env i ron men t an d t ext editor of your ch oic e. T he default “profile” of the BLACK BOX ® Advanced Console Server is that of a Console Access Server.

You can access the BLACK BOX ® Advanced Console Server via three methods:

• A console directly connected to the B LACK BOX ® Advanced Console Server

• Telnet/ssh over a network

• A browser

And configure it with any of the following four options:

• vi

• Wizard

• Browser

• Command Line Interface (CLI) - only for certain configuration parameters

With the BLACK BOX ® Advanced Console Server set up as a Console Access Server, you can access a server conn ected to the BLACK B OX ® Adva nc ed Co nsol e Ser ver throug h the server’s serial console port from a workstation on th e LAN or WAN. There is no authentication by default, but the system can be configured for authentication to be performed by a Radius server, a TacacsPlus server, or even by a local database. Eith er t elnet or ssh (a secure shell session) can be used. See Appendix A - New Us er Background Information information about ssh. The instructions in Chapter 2 - Installation, Configuration, and Usage will set up a fully-functional, default CA S environment. More o ptions can be added after the initial setup, as illustrated in Chapter 3 - Additional Features

for more

User Guide 19

Page 20

Introduction and Overview

What’s in the box

Ther e are sev e r al m ode l s o f the BLACK BOX ® Advanc ed Cons o l e S erver. Bl ack Box wi ll shi p eithe r Cable Package #1 or #2 with the product according to current ava ilability.

RJ-45 straightthrough cable

Black Box/Sun Netra

cable

RJ-45 to DB-9 F

adapter

RJ-45 to DB- 25 Male adapter

Figur e 1: Cabl e Package #1

RJ-45 to DB- 25

Male crossover cable

Black Box/Sun Netra adapter

RJ-45 to DB-25

Female adapter

RJ-45 to DB-9

Femalecrossover cable

The following figures show the main units and accessories included in package.

20 BLACK BOX ® A dvanced Console Server

RJ-45 to DB-25

Female crossover cable

Figur e 2: Cabl e Package #2

Page 21

Introduction and Overview

Note: Although some BLACK BOX ® Advanced Console Server units in the figures are shown with a dual power supply (A/C or -48VDC), some models may have single power supply. The single power units will have just one power cable.

Back View of the 32-Port

Modem Cable

Manual

SEPTEMBER 2003 LS1016A LS1032A

BLACK BOX®Advanced Console Server

Version2.1.4 Revision 1a

- User Guide

Loop-back

CUSTOMER

Black Box Corporation - 1000 Park Drive - Lawrence, PA 15055-1018

SUPPORT

Tech Support and Ordering: 724-746-5500 (1-877-877-BBOX) - Fax: 724-746-0746

INFORMATION

To contact us about Black Box products or services: info@blackbox.com

Connector

Cable Package #1

Cable Package #2

Manual

Figure 3: The BLACK BOX ® Advance d Conso le Ser ver 32 -Port, its cables, connectors and

other box contents

22 BLACK BOX ® A dvanced Console Server

Page 23

Introduction and Overview

Safety Instructions

Read all the follo wing safety guidelin es to protect y ourself and your BLACK BOX ® Advanced Console Server.

DANGER! In order to a voi d sh orti ng o ut your BLACK BOX ® Advanced Console

Server when disconnecting the network cable, first unplug the cable from the and then fro m the network jack. When reconnec ting a network cable to the, first plug the cable into the network jack, and then into the.

Important! To help protect the BLACK BOX ® Advanced C onsole Server from

electrical power fluctuations, use a surge suppressor, line conditione r, or uninterruptible power supply.

Important! Be sure that nothing rests o n the cables of the BLACK BOX ®

Advanced Console Server and that they are not located where they can be stepped on or tripped over.

Important! Do not spill food or liquids on the BLACK BOX ® Advanced

Console Server. If it gets wet, contact Black Box.

DANGER! Do not push any objects th r ough the openin gs of th e BLACK BOX ® Advanced Console Server. Doing so can cause fire or electric shock by shorting out interior components.

User Guide 23

Page 24

Introduction and Overview

Important! Keep your BLACK BOX ® Advanced C onsole Server away from

heat so urces an d do n ot block cooling vents.

Important! The BLACK BOX ® Advanced Console Server product (DC version) is only intended to be installed in restricted access areas (Ded icated Equipment Rooms, Equipment Closets or the like) in accordance with Articles 110-18, 110-26 and 110-27 of the National Electrical Code, ANSI/NFPA 701, 1999 Edition.

Use 18 AWG or 0.75 mm2 or above cable to connect the DC configured unit to the Centralized D.C. Power Systems.

Install the required double-pole, single-throw, DC rated UL Listed circuit breaker between the power source and the BLACK BOX ® Adva nced Co nsol e Server DC version. Minimum Bre aker Rating: 2A. Required conductor size: 18 AWG.

Working inside the BLACK BOX ® Advanced Co n s ole Server

Do not a tt empt t o se rvice th e BLACK B OX ® Advanced Console Server yourself, except when following instructions from Black Box Technical Support personnel. In the latter case, first take the following precautions:

• Turn the BLACK BOX ® Advanced Console Server off.

• Ground yourself by touching an unpainted m etal surface on the back of the equipment

before touching anything inside it.

• Ground yourself by touching an unpainted m etal surface on the back of the equ ipment before touching anything inside it.

24 BLACK BOX ® A dvanced Console Server

Page 25

Introduction and Overview

Battery

WAR NI NG: There is the danger of explosion if the battery is replaced incorrectly. Replace the battery only with the same or eq uivale nt type recomm ended by the manufacturer. Dispose of used ba tteries acc ording to the manufacturer's instructions.

WAR NUNG: Bei Einsetzen einer falschen Batte rie besteht Explosi onsgefahr. Ersetzen Sie die Batterie nur durch den gleichen ode r vom Hersteller empfohlenen Batterietyp . Entsorgen S ie die benutzten Ba tterien nach den Anweisungen des Herstellers.

User Guide 25

Page 26

Introduction and Overview

FCC Warning Statement

The BLACK BOX ® Advanced Console Server has been tested and found to comply with the limits for Class A digital devices, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment gen erates, uses, an d can radiate radio frequency energy and, if not installed and used in accordance with the Installation & Service Manual, may cause harmful interference to radio communications . Operation of this equipment in a reside ntia l area is likely to cause harmful int erference in which case the user is required to correct the problem at his or her own expense.

Canadian DOC Notice

The BLACK BOX ® Adv anced Co nsole Server does not exceed the Class A l imits for radio noise emissions from digital apparatus se t out in the Ra dio Interference Regula tions of the Canadian Department of Communications.

Le BLACK BOX ® Adva nc ed Con so le S erv er n’émete pas de bruits radioélectrique s dépassant les limites applicables aux appareils numériques de la classe A prescrites d ans le règlement sur le brouillage radioélectrique edicté par le Ministère des Communications du Canada.

Aviso de Precaución S-Mark Argentina

Por favor de leer todos los avisos de preca ución como medida pr eventiva para el operador y el BLACK BOX ® Advanc ed Co nsole Ser ver.

¡Peligro! No hacer funcionar el BLACK BOX ® Advanced Console Server con la tapa abierta.

¡Pel igro! Para prevenir un corto circuito en el BLACK BOX ® Advanced Console Server al desconectarlo de la red, primero desconectar el cable del equipo y luego el cable que conecta a la red . Para conectar el equi po a la red, primero conectar el ca ble a la red y l uego al equipo.

26 BLACK BOX ® A dvanced Console Server

Page 27

Introduction and Overview

¡Pel igro! Asegurarse que el equipo este conectado a tierra, para prevenir un shock eléctrico. El cable eléctrico del equipo viene con tres clavijas para cone ctar asegur ar conexión a tierra. No use adaptadores o quite la clavija de tierra. Si se tiene que utilizar una extensión, utilice una que tenga tres cables con clavija para conexión a tierra.

¡Importante! Para proteg er al BLACK BOX ® Advanced Console Server de fluc-

tuaciones en corriente eléctrica, utilice una fuente eléctrica de respaldo.

¡Importante ! Asegurarse de que nada descanse sobre los cables del BLACK BOX ® Advanced Console Server, y qu e los cables no obstruyan el paso.

¡Importante ! As egurarse de no de jar ca er alimentos o bebidas en el BLACK BOX ® Ad vanced Console Server. Si esto ocurre, avise a Black Box.

¡Peligro! No empuje ningún tipo de objeto en los compartimientos del BLACK BOX ® Advanced Console Server. Hacer esto p odría ocasionar un ince ndio o causar un corto circuito dentro del equipo.

User Guide 27

Page 28

Introduction and Overview

¡Importante ! Mantenga el BLACK BOX ® Ad vanc ed C on sol e Server fuera del alcancé de calentadores, y asegurarse de no tapar la ventilación del eq uipo.

¡Importante! El BLACK BOX ® Advanced Console Server con alimentación de corriente directa (CD) solo debe ser instalado en áreas con restricción y de acuerdo a los artículos 110-18, 110-26, y 110-27 del Na tiona l Electrical Code, ANSI/NFPA 701, Edición 1999.

Para conectar la corriente directa (CD) al sistema, utilice cable de 0.75 mm (18 AWG).

Instalar el interruptor corriente di recta (CD) aprobado por UL entre la fuente de alim entaci ón y el BLACK BOX ® Advanced Console Server. El limite mínimo del interruptor deberá ser 2 amperes, con conduct or de 0.75 mm (18 AWG).

Trabajar dentro del BLAC K BOX ® Advanced Co n s ole S erver

No intente dar servicio al BLACK BOX ® Advan ced Console Se rver, solo que este bajo la dirección de Soporte Técnico de Black Box. Si este es el caso, tome las s iguientes precauciones:

Apague el BLACK BO X ® Advanced Console Server. Asegurase que este tocando tierra antes de tocar cualquier otra cosa, que puede ser al tocar la parte trasera del equipo.

28 BLACK BOX ® A dvanced Console Server

Page 29

Introduction and Overview

Batería

¡Peligro! Una batería nuev a puede explot ar, si n o e s ta ins t alada corre ct am ent e. Remplace la batería cuando sea necesario solo con el mismo tipo recomendado por el fabricante de la batería. Deshacerse de la batería de acue rdo a las ins t rucciones del fabricante de la batería.

User Guide 29

Page 30

Introduction and Overview

This page has been left intentionally blank.

30 BLACK BOX ® A dvanced Console Server

Page 31

Chapter 2 - Inst allation, Configuration, Usage

Chapter 2 - Installation, Configuration, and Usage

Introduction

This chapter will allow you to install and configure the BLACK BOX ® Advanc ed Console Server as the default CAS configu ration. Please read the entire chapter before beginning. A basic installation and configuration should take a half hour a t the most, either done manual ly or with the Wizard.

The BLACK BO X ® Advanced C on sole Serve r o pe r at i ng sys tem is embedded Li nu x. I f y ou a r e fairly new to Linux, you will want to brush up prior to proceeding with this chapter with the essential background information presented in Appendix A - New User Background Informa-

tion. E ve n if y ou ar e a UNIX user and f ind th e tools and f iles famil iar, do not conf i gure t his

product as you would a regular Linux s erver.

The chapter is divided into the following sections:

• System Requ irements

• Default Configuration Parameters

• Pre-Install Checklist

• Task List

• The Wiz ard

• Quick Start

• The Installation and Configuration Process

System Requirements

Black Box recomm ends either of the following specifications for configuration of the BLACK BOX ® Advanced Conso l e Serv e r:

• A workstation with a console s erial port, or

• A workstation with Ethernet and TCP/IP topology

User Guide 31

Page 32

Chapter 2 - Inst allation, Configuration, Usage

The following table shows the different hardware required for various configuration methods:

Table 1: Hardware vs. Configuration Methods

Hardware Conf igurati on Me th od

Console, Console Cable (constructed from

RJ-45 straight-through cable + adapter)

Workstation, Hub, Ethernet C ables vi, Wizard, CLI, or brow ser

If you will be using vi, the files that need to be changed are discussed in Co nfiguration using

Telnet in t his c h apt er. If you will be us ing t he W iz ar d , bas ic W iz ar d ac cess c an be f o un d unde r Configuration Wizard - Basic Wizard

method are discussed under the appropriate optio n title in the same chapter. If you choose the browser method, the Quick Start needed for this configuration mode. If you choose the CLI (Command Line Interface) method, this allows you to con figure certain parameters for a spe cified serial port or some network-related parameters. Specifics of this method are discussed under the appropriate option title in Chapter 3 - Additional Features

in Chapter 3 - Add itional Features and specifics of this

in this chapter shows the screen flow and input values

vi, Wizard, or CLI

Default Configuration Parameters

• DHCP enabled (if there is no DHC P Server, IP for Ethernet is 192.168.160.10 with a Netmask of 255.255.255.0)

• CAS configuration

• socket_ server in all ports (access method is telnet)

• 9600 bps, 8N1

• No Auth entication

32 BLACK BOX ® A dvanced Console Server

Page 33

Chapter 2 - Inst allation, Configuration, Usage

Pre-Install Checklist

There are several things you will need to confirm prior to installing and configuring the BLACK BOX ® Advanced Conso l e Serv e r:

Root Access You will need Root Access on your loc al UNIX machine in order

to use the serial port.

HyperTerminal, Ke rmi t, or Mi nicom

IP Address of: PC or terminal, BLACK BOX ® Advanced Con sol e Server, Name Server, and Gateway

Network Acc ess You will need to have a NIC card installed in your PC to provide

If y ou are u s ing a PC , you wi ll n e ed to en sure that Hyper Terminal is set up on your Windows o perating system. If you have a UNIX operating system, you will be using Kermit or Minicom.

You will need t o locate the IP address of you r PC or wo rkstation, the BLACK BOX ® Advanced Console Server, and the machine that resolves names on your network. Your Network Administrator can supply you w ith these. If there is outsid e access to the LAN that the BLA CK BOX ® Advanced Consol e Server will be connected with, you will need the gateway IP address as well.

an Ethernet port, and have network access.

User Guide 33

Page 34

Chapter 2 - Inst allation, Configuration, Usage

Task List

There are eight key tasks that you will need to perform to install and configure the BLACK BOX ® Advanced Conso l e Serv e r:

Task 1: Connect the BLACK BOX ® Advanced Console Server to the Net work and other

Devices. Task 2: Configure the COM Port Connection and Log In. Task 3: Modify the System Files. Task 4: Edit the pslave.conf file. Task 5 : Activate the changes. Task 6: Test the configuration. Task 7: Save the changes. Task 8: Reboot the BLACK BOX ® Advanced Console Server

The Wizard

The eight key tasks can also be done through a wizard in th e 2.1 plus versions of the BLACK BOX ® Advanced Console Server.

Basic Wizard

The Basic Wizard will configure the fol lowing param eters:

• Hostname

• DHCP enabled/disabled

• System IP (if DHCP is disabled)

• Netmask (if DHCP is disabled)

• Default Gateway

• DNS S erver

34 BLACK BOX ® A dvanced Console Server

Page 35

Chapter 2 - Inst allation, Configuration, Usage

• Domain Basic Wizard access is covered in the Quick Start in this chapter and also in Configuration

Wizard - Basic Wizard in Chapter 3 - Additional Features.

Cust o m Wi z ard

Further configuration of the BLACK BOX ® Advanced Console Server can be done through one of several customized w izards. These pr ocedures are explained under their respective topic heading in Chapter 3 - Additional Features optional configurations:

• Access Method

• Generating Alarms

• Authentication

• Data Buffering

. There are custom wizards for the following

• Help

• Serial Settings

• Session Sniff ing

• Syslog

• Terminal Appearance

User Guide 35

Page 36

Chapter 2 - Inst allation, Configuration, Usage

Quick Start

This Quick Start gives you all the necessary information to quickly configure and star t using the BLACK BOX ®Advanced Console Server as a Console Access Server (CAS). The complete version of this process is listed later in this chapter under The Installation and Co nfiguration

Process. New Users may wish to follow the latter instruction set, as th is Quick S tart d oes not

con ta in a lot of ass ume d kn ow le dg e. You can c onf i gu re t he BLAC K BOX ® Advanced Con sol e Server by any one of four methods:

• Console

• Browser

• Telnet

• CLI (Command Line Interface)

If you have a serial por t that you can use as a console port, use the Console metho d. If you have access to telnet, you can use this method, while New Users method for its user-friendliness.

Important! Take care when changing the IP address of the BLACK BOX ® Advanced Console Server. Confirm the address you are changing it to. (You may want to write it down.)

may prefer the Browser

Configuration using a Console

Step 1: Connect the console cable.

Connect the console cable (created from the RJ-45 straight-through cable and the appropriate console adapter) to the port la beled “Console” on the BLACK BOX ® Advanced Console Server with the RJ-45 connector end, and to your PC’s availabl e COM port with the serial port end.

36 BLACK BOX ® A dvanced Console Server

Page 37

Chapter 2 - Inst allation, Configuration, Usage

Step 2: Power on the BLACK BOX ® Adv anced Console Server.

After the BLACK BOX ® Ad vanced Console Server finishes booting, you will see a login prompt on the console screen.

Step 3: Ente r root as login name and tslinux as password.

Step 4: Type wiz and press En ter.

A configuration wizard screen will appear in your Hyperterminal session, asking yo u a series of questions.

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

INSTRUCTIONS for using the Wizard: You can:

1) Enter the appropriate information for your system and press ENTER or

2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or

3) Press ESC if you want to exit. NOTE: For some parameters, if there is nothing within the brackets, it will continue to ask for a value. In that case, you must enter a valid value or # if you do not wish to configure the value.

Press ENTER to continue...

You will want to configure the following settings:

• Hostname

• DHCP enabled/disabled

• System IP (if DH CP is disabled)

• Domain Name

• Primary DNS Server

User Guide 37

Page 38

Chapter 2 - Inst allation, Configuration, Usage

• Gateway IP

• Network Mask (if DHCP is disabled)

After you input th e requested parameters you will receive a confirmation screen:

Current configuration: Hostname : CAS DHCP : enabled Domain name : mycompany.com Primary DNS Server : 197.168.160.200 Gateway IP : 192.168.160.1

If the parameters are correct, “y” should be typed; otherwise, type “n” and then “c” when asked to change the pa rameters or quit the program. After the parameters are confirmed, the next question will be whethe r to save the configuration to flash. Select “y” to make the new configuratio n permanent in n on-volatile memory.

After you confirm and save the basic parameters, you will be presented with the shell promp t. From th er e , ei t h er se lect to co n ti nue conf ig ur at i on us i n g th e v i edi t o r or us e the browser or CLI method (if appropriate).

The BLACK BOX ® Advanc ed Console Server is now configured a s a CAS with its new IP address, with no authentication, and accepting telnet to the serial po rts. You can telnet the CAS IP + serial port 1 with the following command:

telnet <IP assigned by DHCP Server or by you> 7001

Note. Serial port 1 is configured as 9600, 8N1 by default. The server connected to this serial port has to have the same configuration for its serial port.

To explore the BLACK BOX ® Advanced Console Server features, either continue configuration using the vi editor from the console or use a browser from a workstation and point to the BLACK BOX ® Advanc ed C onso le Ser ver.

38 BLACK BOX ® A dvanced Console Server

Page 39

Chapter 2 - Inst allation, Configuration, Usage

Confi guration using a Web browse r

The BLACK BOX ® Advanced Console Server comes with DHCP client enabled. If you have a DHCP Server installed on your LAN, you can skip Step 2 below. If not, the DHCP request will fail and an IP address pre-configured on the Console server’s Ethernet interface (192.168.160.10) will be used instead. To access the using your browser:

Step 1: Connect Hub to workstation and BLACK BOX ® Advanced Console Server.

Your workstation and your BLACK BOX ® Advanced Console Ser ve r must b e on the same physical LAN. Connect one RJ-45 cable from the Ethernet port of the BLACK BOX ® Advanced Console Server to a spare port from a hub, and another cable from another spare port of that same hub to the works tation used to mana ge the servers.

Step 2: If you do not have a DHCP Ser ver in your LAN, add a route pointing to the BLACK

BOX ® Advanced Console Server IP.

From the workstation, issue a command to add a route pointing to the network IP address of the BLACK BOX ® Advanced Conso l e Server (192.168.160.0) accessed through the wo rkstation’s Ethernet interface.

For Linux, the command would be:

route add -net 192.168.160.0/24 gw <IP address assigned to the workstation’s Ethernet interface>

Example: if the workstation has IP address 200.246.93.150 the command would be :

route add -net 192.168.160.0/24 gw 200.246.93.150

For Windows, the command would be:

route add 192.168.160.0 mask 255.255.255.0 <IP address assigned to the workstation’s Ethernet interface>

Example: if the workstation has IP address 200.246.93.150 the command would be :

route add 192.168.160.0 mask 255.255.255.0 200.246.93.150

Step 3: Point your browser to the IP address assigned by the DHCP Server (or to

192.168.160.10 if there is no DHCP Server in your LAN).

The login p age shown in the following figure will appear.

User Guide 39

Page 40

Chapter 2 - Inst allation, Configuration, Usage

Need new screen shot with new product # in Red (LS1032A)

Figure 5: Login page of the Web Configuration Manager

Step 4: Ente r root as login name and tslinux as password.

Step 5: Click the Submit button.

This will take you to the C onfiguration & Admini stration Menu page, shown in the following figure:

Link fo r changing password

Fi g ure 6: Configur a tion & Adminis tra t ion Menu page

40 BLACK BOX ® A dvanced Console Server

Page 41

Chapter 2 - Inst allation, Configuration, Usage

This page gives a brief description of all menu options. A menu of links is provided along the left side of the page. A summary of what each link leads to is shown on Tab le 3: Configuration

Section through Table 6: Information Section.

Security Issue. Change the password of the Web root user as soon as possible. The user database for the Web Configuration Manager is different than the system user database, so the root p assword can be different. See Changing the

Root Password in Appendix H- Web User Management.

Step 6: Click on the General link.

Step 7: Conf i gure pa rame ters presented in the fields.

Step 8: Click on the Submit button.

Step 9: Make the cha nges effecti ve.

User Guide 41

Figu re 7: Genera l pa g e

Page 42

Chapter 2 - Inst allation, Configuration, Usage

Click on the Administration > Run Configuration link, check the Serial Ports/ Ethernet/Static Routes box and click on the Activate Configuration button. If you disabled DHCP and changed your Ethernet IP, you will lose your connection. You will need to use your browser to connect to the new IP.

Step 10: Click on the Save Configuration to Flash button.

The configuration was saved in flas h. The new configuration will be valid a nd running. The BLACK BOX ® Advanc ed Co ns ole Server is n o w co nf i g ur e d as a CA S wi t h its ass ig n ed (b y DHC P S erv er or you) IP address, w i th no a uthentication, and accepting telnet to the serial ports. You can telnet the CAS IP + serial port 1 with the following command:

telnet <IP assigned> 7001

Note. Serial port 1 is configured as 9600, 8N1 by default. The server connected to this serial port has to have the same configuration for its serial port.

To explore the BLACK BOX ® Advanced Console Server features, either continue configuration using browser, use the vi editor from the console, or use CLI, if appropriate. A description of each of the links on the five sections of the Configuration and Administration menu page is provided on the following five tables:

Table 2: Applications Section

Link Name Description of Page Contents

Logout Exits the Web Mana gement Service Connect to

Serial Ports

Telnet/SSH connection to Portsl ave

42 BLACK BOX ® A dvanced Console Server

Page 43

Chapter 2 - Inst allation, Configuration, Usage

Table 3: Configuration Section

Link Name Description of Page Contents

Configuration This section contains the configuration tools

General Unit Description, Ethernet, DNS, Name Service Access, Dat a Buffering

Syslog Configuration for the syslog-ng

SNMP Configuration for the SNMP server

Serial Ports Configuration of Portslave package

Serial Port

Groups

Host Table Table of hosts in /etc/hosts

Static Ro ut es Static routes defined in /etc/network/st_routes

IPsec IPsec connections configuration

IP Tables Static IPTables Filter in /etc/network/firewall

Boot

Configuration

Edit Text File Tool to edit a configuration file System Users Managemen t of syst em users defined in /etc/password

System Groups Management of system grou ps defined in /etc/groups

Configuration of User Groups for Serial Ports

Configuration of parameters used in the boot process

User Guide 43

Page 44

Chapter 2 - Inst allation, Configuration, Usage

Table 4: Administration Section

Link Name Description of Page Contents

Reboot Resets the equipm ent

Download/

Upload Image

Load/Save

Configuration

Run

Configuration Set Date/Time Set the BLACK BOX ® Advanc ed C onso le Ser ver ’s date and t ime

Active

Sessions

CAS Sess ions

Process Status Shows the running processes and al lo ws the a dminist rator to kill the m

Restart

Processes

PCMCIA Allows the admi nistrator to insert an d eject PCMCIA cards

Uses an FTP server to load/save a kernel image

Uses fl ash memory or an FTP server to load or save the BLACK BOX ® Advanced Co nsole Server’s configuration

Makes the configuration changes effective

Shows the active sess ions

Shows the CA S session s

Allows the administra tor to start o r stop some specific processes

Table 5: Web Us er Man agement Section

Link Name Description of Page Contents

Users List of user s allowed to access the Web server

Groups List of possible access groups

Access Limits List of access limits for specific URLs

Load/Save

Configuration

44 BLACK BOX ® A dvanced Console Server

Load/Save Configuration in /etc/websum.conf

Page 45

Chapter 2 - Inst allation, Configuration, Usage

Table 6: Informa tio n Sec tio n

Link Name Description of Page Contents

Interface

Statistics

DHCP client Shows host information from DHCP

Serial Ports Shows the s tatus of all se rial ports

Routing Table Shows the routing table and allows the administrator to add or delete

ARP Cache Shows the A RP cache

IP Statistics Shows IP protocol statistics

ICMP

Statistics

TCP Stat istic s Shows TCP protocol statistics

UDP Statistics Shows U DP protocol statistics

RAM Disk

Usage

Shows statistics for all active interfaces

routes

Shows ICMP protocol statistics

Shows the BLACK BOX ® Advanced Consol e Server File S ystem status

System

Information

Note: The link Connect to Serial Ports is on ly available for all BLACK BOX ®

Advanced Console Server models. See “Appendix I - Connect to Serial Ports

from Web” on page 415.

User Guide 45

Shows information about the kernel, time, CPU, and memory

Page 46

Chapter 2 - Inst allation, Configuration, Usage

Configuration using Telnet

Step 1: Connect Hub to workstation and BLACK BOX ® Advanced Console Server.

Step 2: If you do not have a DHCP Ser ver in your LAN, add a route pointing to the BLACK

BOX ® Advanced Console Server IP.

From the workstation issue a command to add a route pointing to the network IP address of the BLACK BOX ® Advanced Console Se rver (192.168.160.0) accessed through the wo rkstation’s Ethernet interface.

For Linux, the command would be:

route add -net 192.168.160.0/24 gw <IP address assigned to the workstation’s Ethernet interface>

Example: if the workstation has IP address 200.246.93.150 the command would be :

route add -net 192.168.160.0/24 gw 200.246.93.150

For Windows, the command would be:

route add 192.168.160.0 mask 255.255.255.0 <IP address assigned to the workstation’s Ethernet interface>

Example: if the workstation has IP address 200.246.93.150 the command would be :

route add 192.168.160.0 mask 255.255.255.0 200.246.93.150

Step 3: Telnet to <IP assigned by DHCP Server or 192.168.160.10 if there is no DHCP

Server>.

46 BLACK BOX ® A dvanced Console Server

Page 47

Chapter 2 - Inst allation, Configuration, Usage

Step 4: Ente r root as login name and tslinux as password.

Step 5: Type wiz and press Enter.

A Configuration Wizard screen will appe ar on your telnet screen, asking you a series of questions.

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

INSTRUCTIONS for using the Wizard: You can:

1) Enter the appropriate information for your system and press ENTER. Enter '#' if you want to deactivate that parameter or

2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or

3) Press ESC if you want to exit.

NOTE: For some parameters, if there is nothing within the brackets, it will continue to ask for a value. In that case, you must enter a valid value or # if you do not wish to configure the value.

Press ENTER to continue...

After you input th e requested parameters you will receive a confirmation screen:

Current configuration: Hostname : CAS DHCP: disabled System IP : 192.168.160.10 Domain name : mycompany.com Primary DNS Server : 197.168.160.200

User Guide 47

Page 48

Chapter 2 - Inst allation, Configuration, Usage

Gateway : eth0 Network Mask : 255.255.255.0

At this point you may lose your connection when saving the changes, if you disabled DHCP and as sig ne d an I P ad dr ess . Don’t worry! The new configura tion will be valid. The BLACK BOX ® Advanc ed Console Server is now configured a s a CAS with its assigned (by DHCP or you) IP address, with no authentication, and accepting telnet to the serial ports. You can telnet the CAS IP + serial port 1 with the following command:

telnet <IP assigned> 7001

Note. Serial port 1 is configured as 9600, 8N1 by default. The server connected to this serial port has to have the same configuration for its serial port.

Afte r yo u con f irm t he b asi c p ar ameters, y o u w i ll be p r e se n te d w i th th e s hell pr om pt. From there, either select to continue configuration using the vi editor or continue using a browser. For additional configuration, see Chapter 3 - Additional Features this guide.

48 BLACK BOX ® A dvanced Console Server

Page 49

Chapter 2 - Inst allation, Configuration, Usage

The Installation and Configuration Process

Task 1: Connect the BLACK BOX ® Advanced Con sole Server to the Network and other Devices

Power Users

Connect a PC or te rminal to the BL ACK BOX ® Advanced Console Server using the console cable. If you are using a PC, HyperTerminal can be used in the Windows operating system and Kermit or Minicom in the UNIX operating system. When the BLACK BOX ® Advanced Console Server boots properly, a login banner will appear. Log in as root (default password is linux). A new password should be cre at ed as soon as possible. The ter minal parameters should be set as follows:

• Serial Speed: 9600 bps

• Data Length: 8 bits

• Parity: None

• Stop Bits: 1 stop bit

• Flow Control: none

• ANSI emulation

You may now skip to Task 4: Edit the pslave.conf file

Important! Any configuration change must be saved in flash once validated.

To save in vate a configuration, run signal_ras hup (see Task 5: Activate the changes

Note: If your terminal does not have ANSI emulation, select vt100 ; then, on theBLACK BOX ® Ad va nced Console Server, log in as root and switch to vt100 by typing:

Flash run saveconf (see Task 7: Save the changes). To validate/acti-

TERM=vt100;export TERM

User Guide 49

Page 50

Chapter 2 - Inst allation, Configuration, Usage

Tip. We strongly recommend to use 9 600 bps console speed. In cas e you need to use another speed please check Appendix E - Software Upgrades and Trou-

bleshooting.

Important! Always complete ALL the steps for your chosen configuration

before testing or switching to another configuration.

New User s

If you are using a PC, you will be using HyperTerminal to perform the initial configuration of the BLACK BOX ® Advanc ed C on s ol e Se rv er directly thr ough yo ur PC’s COM port connected with the BLACK B O X ® Advanced Console Server console port. HyperTerminal, which comes with Windows 95, 98, Me, NT, 2K, and XP is often loca ted under Start > Program > Accessories. HyperTermina l emu l ates a dumb terminal when your PC connects to the ser i al port (console por t) of the BLACK BOX ® Advanced Conso le Server.

After the initial configuration through the HyperTerminal connection, you will be connecting your PC (or another terminal) to the BLACK BOX ® Advanced C on so l e S e rv er via an Eth ernet connecti on in or der to m anage the BL ACK B OX ®Advanced Conso le Serv er . Th e wo rks t atio n used to access the BLACK BOX ® Advanced Conso le Server t hrough telnet or ssh uses a LAN connection.

These events can be summ arized as follows:

• PC (Hy p er te rm i na l) : COM po rt connects via se ri al c a bl e to t he BL ACK B O X ® Advanced Console Server’s console port.

• PC (Ethernet): Ethernet port connects via hub to the BLA CK BOX ® Advanced Console Server’s Ethernet port.

• Use the HyperTerminal to configure the box.

• Use th e PC Ethernet to access the box as client (telnet/ssh).

50 BLACK BOX ® A dvanced Console Server

Page 51

Chapter 2 - Inst allation, Configuration, Usage

Step 1: Plug the power cable into the BLACK BOX ® Advanced Console Server.

Insert the female end of the black power cable into the power socket on the BLACK BOX ® Advanced Con sole Server and t h e three-pron g end into a wall outlet.

DANGER! To help prevent electric shock, plug the BLACK BOX ® Advanced

Console Server into a properly grounded power source. The cable is equ ipped with a 3-prong plug to help ensure proper grounding. Do not use adapter plugs or remove the grounding prong from the cable. If you use an extension cable, use a 3-wire cable with properly grounded plugs.

Step 2: Connect the console cable.

You will be constructing a Conso le Cable out o f the RJ-45 s trai ght-through cable and the appropriate adapter provided in the product box. (There are four options: all adapters have an RJ-45 connector on one end, and either a DB25 or DB9 connector on the other end, male or female). Connect this cable to the por t labeled “Console” on the BLACK BO X ® Ad vanced Console S erver with the RJ-45 connector end, and conn ect the adapter end to your PC’s available COM port. For more detailed information on cables, see Appendix B - Cabling, Hardware, and Elec trical

Specifications.

Note: The modem cable is not necessary for a standard installation and config-

uration. Use it when the configuration is comp lete and you want to access the box re motely through a serial por t.

Step 3: Connect Hub to PC and the BLACK BOX ® Advanced Console Server.

Your workstation and BLACK BOX ® Advanced Consol e Server must be on the same physical LAN. Connect one RJ-45 ca ble from the Ethernet port of the BLACK BOX ® Advanced Console Server to the hub, and another from the hub to the workstation used to manage the servers.

Step 4: Install and launch HyperTerminal, Kermit or Minicom if not already installed.

You can obtain the latest update to Hyp erTerminal from:

http://www.hilgraeve.com/htpe/downlo ad.html

User Guide 51

Page 52

Chapter 2 - Inst allation, Configuration, Usage

Task 2: Configure the COM Port Connection and Log In

Step 1: Select available COM port.

In HyperTerminal (Start > Program > Accesso ries), select File > Properties, and click the Connect To tab. Select the available COM port number from the Connectio n dropdown.

Figure 8: Choose a free COM port

Step 2: Configure COM port.

Click the Configure button (hidden by the dropdown menu in the above figure). Y our PC, considered here to be a “dumb terminal,” should be configured to use 9600 bps, 8 data bits, no parity, 1 stop bit, and no flow c ontrol (as shown in the following figure).

52 BLACK BOX ® A dvanced Console Server

Page 53

Chapter 2 - Inst allation, Configuration, Usage

9600

Figure 9: Port Settings

Step 3: Power on the BLACK BOX ® Adv anced Console Server.

Step 4: Click OK on the Properties window.

You w ill see the BLACK BOX ® Advanced Console Server booting on your screen. After it finishes booting, you will see a login prompt.

User Guide 53

Page 54

Chapter 2 - Inst allation, Configuration, Usage

Task 3: Modify the Sys tem Files

When the BLACK BOX ® Advanced C onsol e Serve r finishe s boot i ng, a promp t will appea r (a flashing underline cursor) in your HyperTerminal window. You will modify the following Linux files to let the BLACK BOX ® A dvanced Console Server know about its loc al environment:

/etc/hostname /etc/hosts /etc/resolv.conf /etc/network/st_routes

The Linux files must b e modifie d to identify t he BLACK BOX ® Advanced Console Server and other devices it will be communicating with. The operating system provides the vi editor, which is described in Appendix A - New User Background Information The BLACK BOX ® Advanced Console Server runs Linux, a UNIX-like operating system, and those not familiar with it will want to refer to Append ix A.

for the uninitiated.

Step 1: Type root and press Enter.

Step 2: At the password prompt, type tslinux.

Press Enter.

Step 3: Modify /etc/hostname.

In HyperTerminal, type “vi /etc/hostname” (without the quotes) and press Enter. Arrow over the existing text in the file, type “r” (for replace) and type the first number of the model of your BLACK BOX ® Ad vanced Console Server. (Or, you can replace the default naming convention with anything you’d like for your hostname.) When finished, press the Esc key, (to retur n to command mo de), then type “:” (colon) , an d then “wq” and press Enter. This will save the file. (The only entry in this file should be the hostname of the BLACK B OX ® Advanced Console Server.) An example is shown in the following figure. (The HyperTerminal screen is shown in this first example for clarity, however, for the other Linux files we will modify, only the command line text will be shown.)

54 BLACK BOX ® A dvanced Console Server

Page 55

Chapter 2 - Inst allation, Configuration, Usage

LES2800A-16

Figure 10: The /etc/hostname file with hostname typed in

Step 4: Modify /etc/hosts.

This file should contain the IP address for the Ethernet interface and the same hostname that you entered in the /etc/hostname file. It may also contain IP addresses and host names for other hosts in the network. Modify the file using the vi as you did in Step 1.

Obtain IP address from your System Administrator

Step 5: Modify /etc/resolv.conf.

This file must contain the domain name and nameserver information for the network. Obtain the nameserver IP address from your Network Administrator. The default contents of this fi le are:

domain mycompany.com nameserver 200.200.200.2

127.0.0.1 localhost

192.168.160.10 LS1016A

129.6.15.28 ntphost

Figure 11: Contents of the /etc/hosts file

Replace to match hostname from previous step

User Guide 55

Page 56

Chapter 2 - Inst allation, Configuration, Usage

Step 6: Modify /etc/network/st_routes.

The fourth file defines static rout es. In the console server example in the router is a gateway router and thus its IP address is configured in this file to be the default gateway. Other static routes are also configured in this file. If you will be managing servers through a LAN, you don’t need to alter this file. If you will be managing via Internet, you will be connecting through a router, and thus need to modify this file. You would get the IP address from your Network Administrator. The default contents of this file are:

route add default dev eth0

Step 7: Change password for root and new users.

The default /etc/passwd file has the user “root” with password “tslinux”. You should chan g e t h e p as s word for us er root as so on as poss ib l e. B e f or e c ha ngin g any pass w o rd or adding new users y ou should also activate shadow password, if it is needed. The BLACK BOX ® Advanced Console Server has support for sh adow password, but it is not active by default. To activate shadow password follow the steps listed below:

Step A: Create an empty file called /etc/shadow.

# cd /etc # touch shadow

Step B: Add a temporary user to the system. It will be removed later.

# adduser boo

Step C: Edit the file shadow.

For each user in passwd file, create a copy of the line that begins with “boo:” in the shadow file, then replace “boo” with t he user name. The line beginning with “root” must be the first line in the fil e /etc/shadow.

Step D: Edit the passwd file.

Replace the password in all password fields with an “x”. The root’s line will look like this:

“root:x:0:0:root:/root:/bin/sh”

^ ^ password field

56 BLACK BOX ® A dvanced Console Server

Page 57

Chapter 2 - Inst allation, Configuration, Usage

Tip. Using the vi editor, put the cursor in the first byte after “root:”, then type

“ct:x” plus <ESC>.

Step E: Remove the temporary user boo.

# deluser boo

Step F: Change the password for all users and add the new ones needed.

# passwd <username> or # adduser <username>

Step G: Edit /etc/config_files and add a line with “/etc/shadow.”

Task 4: Edit the pslave.conf file

This is the main configuration file (/etc/portslave/pslave.conf) that contains most product parameter s and defines the functio nality of the BLACK BOX ® Advanc ed Cons ole Server. Only three parameters need to be modified or confirmed for a bas ic configuration:

• conf.eth_ip (if you disabled DHCP)

• all.authtype

• all.protocol

Tip. You can do a fin d f or e ac h of thes e par a mete rs i n vi , on ce you open t his f i le by typing / <your string> to search the file downward for the string specified after the /.

A listing of the pslave.conf file with all possible parameters, as well as the files used to create other configurations from paramete rs in this file, is provided in Appendix C - The pslave Con-

figurat ion File. Additional, optional modifications made to this file will depend on the config-

urat ion desired.

User Guide 57

Page 58

Chapter 2 - Inst allation, Configuration, Usage

There are three basic types of parameters in this file:

• conf.* parameters ar e global or apply to the Ethernet interfac e.

• all.* param eters are used to set default parame ters for all ports.

• s#.* parameters change the default port parameters for individual ports.

An all.* parameter can be overridden by a s#.* parameter appearing later in the pslave.conf file (or vi ce-ver sa).

Power Users: To find out what to input for these three parameters so that yo u can configur e what you need, go the appropriate appendix, where y ou will find a complete table with an explanation for each parameter. You can use the templates from that same Appendix (pslave.conf.cas, etc.) as reference.

conf.eth_ip This is the IP addres s of the Ethernet i nterface. Use it if you don’t have

DHCP Server in your LAN. An example value would be:

200.200.200.1

58 BLACK BOX ® A dvanced Console Server

Page 59

Chapter 2 - Inst allation, Configuration, Usage

all.authtype This parameter controls the authe nticati on requi r ed by the BLACK BOX

® Advanced Console Server. The authentication required by the device to which the user is connecting is controlled separately. There are several authentica tion type options:

• none (no au thenti cation)

• local (aut hentication is performed us ing the /etc/passwd file)

• remote (This is for a terminal profile only. The unit takes in a user-

name but does not use it for authentication. Instead it passes it to the remote serve r where it is then used for authentication.)

• radius (authentication is performe d using a Radius authentication server)

• TacacsPlus (authentication is performe d using a TacacsPlus authenti- cation server)

• ldap (authentication is performed against an ldap database using an ldap server. The IP address and oth er details of the ldap server are defined in the file /etc/ldap.conf)

• local/radius (authentication is performed locally first, switching to Radius if unsuccessful)

• radius/local (the opposite of the previous option)

• local/TacacsPlus (authentication is performed locally first, switching

to TacacsPlus if unsuccessful)

• TacacsPlus/local (the opposite of the previous option)

• RadiusDownLocal (local authentication is tried only when the Radius server is down)

• TacacsPlusDownLocal (local authentication is tried only when the TacacsPlus server i s down)

An example value would be:

radius

User Guide 59

Page 60

Chapter 2 - Inst allation, Configuration, Usage

all.protocol For the console server configuration, the possibl e protocols are:

• socket_server (when telnet is u sed)

• socket_ssh (when ssh version o ne or two is used)

• raw_data (to exchange data in transparent mode – simila r to

socket_server mode, but without telnet negotiation, breaks to serial ports, etc.)

An example value would be:

socket_server

The Authen tication featur e

See Authentication in Chapter 3 - Additional Features.

Task 5: Ac tivate the chan ges

Execute the following command in HyperTerminal to activate the changes:

signal_ras hup

Task 6 : Te st the configurati on

Now you will want to m ak e sure that the por ts have been set up properly.

Step 1: Ping the BLACK BOX ® Advanced Console Server from a DOS prompt.

Open a DOS window, type in the following, and then press Enter:

ping <IP assigned to the BLACK BOX ® Advanced Console Server by DHCP or you>

An example would be:

ping 192.168.160.10

If you receive a reply, your BLACK BOX ® Advanced Console Server connection is OK. If there is n o reply see Appendi x E - Software Upgrades a nd Troubleshooting

Step 2: Telnet to the server connected to the first port of the BLACK BOX ® Advanced

Console Server.

(This will only work if you selected socket_server as your all.protocol parameter.)

60 BLACK BOX ® A dvanced Console Server

Page 61

Chapter 2 - Inst allation, Configuration, Usage

While still in the DOS window, type the following and then press Enter:

telnet <IP assigned to the BLACK BOX ® Advanced Console Server by DHCP or you> 7001

An example would be:

telnet 192.168.160.10 7001

If everythin g is configured correctly, a telnet session should open on the server connected to port 1. If not, check the configura tion, follow the above steps again, and check Appendix E - Software Upgrades and Troubleshooting

Task 7: Save the changes

Execute the following command in HyperTerminal to save the configuration:

saveconf

Task 8: Reboot the BLACK BOX ® Advanced Console Server

After rebooting, the initial configuration is complete.

Note: restoreconf does the opposite of saveconf, copying the contents of the /proc/flash/script file to the corresponding files in the ramdisk. The files on the

ramdisk are overwritten. Restoreconf is r un automatically ea ch time the

BLACK BOX ® Advanced Console Server is booted.

User Guide 61

Page 62

Chapter 2 - Inst allation, Configuration, Usage

Accessing the Serial Por ts

There are four ways to access the serial ports, depending on the protocol you configured for that serial port (all.protocol being socket_server for telnet access, socket_ss h for ssh access, etc). One can access the serial port by statically addressing it (using TCP port number, alias name or IP address) or just access the next free serial port available from an existent pool (by using the pool's TCP port number, alias or IP address). For details on configuration to access using telne t or ssh please see Access Method

Opening and closing a telnet session to a serial port

To open a t elnet s es si on to a s eri al port or t he fi rs t fre e serial p ort b e l on g i ng t o a pool of s eri al ports, issue the co mma nd:

, Configuration for CAS in Chapter 3.

telnet <CAS hostname> <TCP port number>

<CAS hostname> is the hostname configured in the workstation whe re t he telnet client will run (through /etc/ho sts or DNS table). It can also be just the IP address of the BLACK BOX ® Advanced Console Server (Ethernet's interface) configured by the user or learned from DHCP.

<TCP port number> is the number associated to the serial port or pool of serial ports. From factory, 7001 corresponds to serial port 1, 7002 to serial port 2 and so forth, and 3000 is a pool with all serial ports.

To close the telnet session, just press the telnet hot key configured in telnet client application (usually it's "Ctrl ]") and "q" to quit.

Opening and closing an SSH session to a serial port

To open a ssh ses sio n to a serial port or the next free serial port from a po ol, issue the command:

ssh -l <Username>:<Server> <CAS hostname>

<Username> is the user configured to access that seria l port. It is prese nt either in the local

62 BLACK BOX ® A dvanced Console Server

Page 63

Chapter 2 - Inst allation, Configuration, Usage

CAS database or in a Radius/Tacacs/LDAP/Kerberos, etc database. <Server> can be just the TCP port number assigned for that serial port (7001, 7002, etc), pool

of ports (3000, etc), the alias for the server connected to that serial port or the alias of a pool of po rts.

<CAS hostname> is the hostname configured in the workstation where the ssh client will run (through /etc/hosts or DNS table ). It c an also be just the IP address of the BLACK BOX ® Adva n ced Console Serv e r (Et h ern et ' s i n te r face) co nfigur ed by t he user or le arn ed from DHCP.

To exit the ssh session, press the hot ke y config ured for that ssh cl ient (usually "~ ."). Secure Console Port Server

Acce ssing Serial Ports using “ts_menu”

To acce ss the serial port (telnet or ssh) using ts_menu, login to the CAS unit and, after receiving the shell prompt, run ts_menu. The servers (aliases) or serial ports will be shown as option to start a connection (telnet/ssh). After typing ts_menu, you will see something similar to the followin g:

Serial Console Server Connection Menu for your Master Terminal Server

1 ttyS1 2 ttyS2 3 ttyS3 4 ttyS4 5 ttyS5 6 ttyS6 7 ttyS7 8 ttyS8

Type 'q' to quit, a valid option[1-8], or anything else to refresh:

How to close the session from ts_menu (from the console of y ou r uni t)

Step 1: Ente r the e scape character.

The escape character is shown when you first connect to the port. In character/text Mode, the Escape character i s ^]

After entering the escape character, the following is shown:

Console escape. Commands are:

l go to line mode c go to character mode

User Guide 63

Page 64

Chapter 2 - Inst allation, Configuration, Usage

z suspend telnet b send break t toggle binary e exit telnet

Step 2: Press “e” to exi t from the session and return to the origina l menu.

Select the exit option and you will ret urn to the shell prompt.

How to clo s e the sessi o n fro m ts_menu (fro m a tel n e t session to yo ur uni t)

You have to be sure that a dif ferent esc ape character is used for exiting your telnet session; otherwise, i f y ou were to ex it from the session cre ated through the ts_menu, you will close your entire telnet session to your unit. To do this, when you first telnet to your unit, use the “-e” option. So for example, t o set Ctrl-? as the escape character, type:

telnet -e ^? 192.168.160.10

To exit from the session created through the ts_menu, just follow Step 1 from above. To exit from the entire telnet session to your uni t, type the esc ape character yo u had set.

Acce ssing Serial P orts using the Web Interface

From the Web, there's a “Connect to Serial Port” option that has to be selected. A serial port is chosen and a Java window will open on the user's screen. F or a telnet session, just log in and provide the p assword (whenever necessary). For ssh, enter

as log in name and provide the password (whenever necessary) . To exit the session, select “Disconnect” f r om th e Java win dow. See the Step-by-Step Process

nect to Serial Ports from Web for m ore details.

secti on of Appendix I - Con-

64 BLACK BOX ® A dvanced Console Server

Page 65

Chapter 3 - Additional Features

Introduction

After the Configuration Wizard section in this chapter, each of the following sections is listed alphabetically and sh ows how to configure the option using vi, the c ustom Wizard (when available), browser, where appropriate, and the Command Line Interface (CLI), when avail able. This chapt e r con tains the following sections:

• Configuration Wizard - Basic Wizard

• Access Method

• Authentication

• CAS Port Pool

• Clustering

• CronD

• Data Buffering

• DHCP

• Dual Power Management

• Filters and Network Address Translation

• Generating Alarms

• Help

• NTP

• PCMCIAPorts Configured as Terminal ServersSerial Settings

• Session Sniff ing

• SNMP

• Syslog

• Terminal Appearance

• Time Zone

User Guide 65

Page 66

Configuration Wizard - Basic Wizard

The configuration wi za rd application is a quicker a nd easier way to configure the BLACK BOX ® Advanced Console Server. It is recom mended that you use t his application if you are not familiar with the vi edito r or if you just want to do a quick installation of the BLACK BOX ® Advanced Conso l e Serv e r.

The command wiz gets you started with some basic configuration. After executing this c ommand, you can continue the configuration of the BLACK BOX ® Advanced Console Server using any browser or by editing system files with the vi editor. What follows are the basic parameters to get you quickly started. The files that will be eventually modified if you decide to save to flash at the e n d of thi s applicatio n are:

1. /etc/hostname

2. /etc/hosts

3. /etc/resolv.conf

4. /etc/network/st_routes

5. /etc/network/ifcfg_eth0

6. /etc/portslave/pslave.conf

Step 1: Ente r the comm and wiz.

At the command prompt type “wiz” in your terminal to bring up the wizard. You will receive an initial instruction s creen.

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

INSTRUCTIONS for using the Wizard: You can:

1) Enter the appropriate information for your system and press ENTER or

2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or

66 BLACK BOX ® A dvanced Console Server

Page 67

Chapter 3 - Additional Features

Press ENTER to continue...

Step 2: Press Enter to continue with the wizard.

You will see the current configurations and have the choice of setting them to default values, or not.

************************************************************ *********CONFIGURATION WIZARD********** ************************************************************

Current configuration:

Hostname: CAS DHCP: enabled Domain name: # Primary DNS Server: # Gateway IP: eth0

Set to defaults? (y/n) [n] :

Step 3: Press Enter or type n or y.

The default answ er or value to any question is in the brackets. You can take one of three actions:

• Either just press the ENTER key to execute whatever is in between the brackets, or

• Type n to NOT reset the curr ent configurations to the Black Box defaults, or

• Type y to re set to Black Box default config urations.

User Guide 67

Page 68

Configuration Wizard - Basic Wizard

Tip. On most of the following configuration screens, the default or current value of the parameter is displayed inside brackets. Just press the ENTER key if you are satisfie d with the value in the brackets. If not, enter the a ppropriate parameter and press ENTER.

If at any time af ter choo sing whether to set your configurations to default or not, you want to exit the wizard or skip the rest of the config urations, press ESC. This will immediately display a summary of the current conf igurations for your verification before exiting the application. This w ill not work if you did not enter a valid choice for the parame ter you are currently on.

For some parameters, if there is nothing within the brackets, it will continue to

ask f or a v a l ue. In t hat c as e, you must ente r a v alid valu e or # if you do not w i sh to configure the value.

Step 4: Ente r Hostnam e a nd then press the Enter key.

This is an alias for your BLACK BOX ® Advanced Console Server that allows you to refer to the BLACK BOX ® A dvanced Console Server by this name rather than its IP address. Enter hostn ame after the prompt:

Hostname[CAS]:

Step 5: Type y, n, or press Enter to enable or disable DHCP client.

Type y or press En ter if there is a DHCP Se rver in your LAN, to have the Dynamic Host Configuration Protocol (DHCP) automatically assign an IP address for your BLACK BOX ® Advanced Console Server. Type n to manually assign an IP address.

Do you want to use dhcp to automatically assign an IP for your system (y/n) [y]:

Note: Ty ping y omit s Steps 6 and Step 10.

68 BLACK BOX ® A dvanced Console Server

Page 69

Chapter 3 - Additional Features

Step 6: If DHCP client is disabled, enter IP Address of your BLACK BOX ® Advanced Console

Server an d then press t h e Ente r key.

If the DHCP client is ena b led , sk ip this step. This question will only appear if DHCP client is disabled. This is the IP address of the BLACK B O X ® Advanced Console Ser ver wi thin your network. See your network administrator to ob tain a vali d IP address for the BLACK BOX ® Advanced Co nsole Server .

IP of your system[]: 192.168.160.10

Step 7: Ente r D omain name and then press Enter.

Domai n name locates or identifies your organi zation within the Inter net.

Domain name[#]: mycompany.com

Step 8: Enter IP address of Domain Name Server and press Enter.

At the prompt, ente r the IP address o f the server that resolves domain names. Your domain name is alphabetical so that it is easier to remem b er. Every time you see the domain name, it is a ctually being translated into an IP address by the domain name server. See your network administrator to obtain this IP address for the domain name server.

Domain Name Server[#]: 192.168.160.200

Step 9: Ente r Gateway IP address and press Ent er.

The Gateway is a node on a network that serves as an entrance point into another network. See your network admini strato r to find out your organization's gateway address.

Gateway IP[eth0]: 192.168.160.1

Step 10: If D HCP cli en t is d is abled, enter Netmask and press En ter.

If the DHCP client is enabled, skip this step. This question will appear only if DHCP client is disabled. The Netm as k is a string of 0s and 1s that mask or screen out the host part of an IP address so that only the network part of th e address remains.

Netmask[#]: 255.255.255.0

Step 11: Revi ew configurati on para meters.

You will now have the parameters you just configured displayed back to you. If you entered y in Step 5:

User Guide 69

Page 70

Configuration Wizard - Basic Wizard

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

Current configuration:

Hostname: CAS DHCP: enabled Domain name: mycompany.com Primary DNS Server: 197.168.160.200 Gateway IP: 192.168.160.1

Are all these parameters correct (Y)es or (N)o [N]:

If you entered n in Step 5:

Current configuration:

Hostname: CAS DHCP: disabled System IP: 192.168.160.10 Domain name: mycompany.com Primary DNS Server: 192.168.160.200 Gateway IP: 192.168.160.1 Network Mask: 255.255.255.0

Are all these parameters correct (y/n) [y]:

Step 12: Type y, or n, or press Enter.

Type y if all parameters are correct. Type n or just press ENTER if not a l l the parameters are correc t and you want to go bac k and red o them.

Step 13: If you typed n in Step 11, type c or q.

As directed by the prom pt, type c to go back to very beginning of this application to change the parameters. Type q to exit.

Step 14: If you typed y in Step 11, choose whether to activate your configurations.

70 BLACK BOX ® A dvanced Console Server

Page 71

Chapter 3 - Additional Features

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

You can now use the browser to finish your system configurations, but before that, please read below.

(Note: If you are NOT connected to this unit through a console, and you have just reconfigured the IP of this unit, activating the new configurations may cause you to lose connection. In that case, please reconnect to the unit by the new IP address, and manually issue a saveconf to save your configurations to flash.)

Do you want to activate your configurations now? (y/n) [y] :

Step 15: Choose whether to save to flash.

Flash is a type of memory that will maintain the information saved on it even after the BLACK BOX ® Adva nced Console Server is turned off. Once it is turne d on again, t he sav ed in format ion can be rec ov ere d. If y is entered, the screen will display an explanation of what saving to flash means:

Flash refers to a type of memory that can be erased and reprogrammed in units of memory known as blocks rather than one byte at a time, thus making updating to memory easier.

If you choose to save to flash, your configurations thus far will still be in the memory of the BLACK BOX ® Advanced Console Server even after you reboot it. If you don't save to flash and if you were to reboot the system, all your new configurations will be lost and you will have to reconfigure the BLACK BOX ® Advanced Console Server.

Do you want to save your configurations to flash? (y/n) [n]:

Step 16: Type 'y' if you want to save to flash. Type 'n' if you don't want to save to flash.

You can now continue BLACK BOX ® Advanced Console Server conf igurations using the Web browser by typing in the IP address of the BLACK BOX ® Advanced Console Server.

User Guide 71

Page 72

Configuration Wizard - Basic Wizard

Using the Wizar d through yo ur Browser

The Web interface supports wizards for serial ports configuration. The wizard is a useful tool that simplifies configuration of seria l por ts. The Web interface will access the following wizard files:

• /etc/portslave/psl ave.wiz.cas (C AS)

• /etc/portslave/psl ave.wiz .ts (TS)

• /etc/portslave/pslave.wiz.ras (Dial-in Access)

The step-by-step proce ss to configuring ports for a specific profile appear in the following secti ons, and the exact screen flow begins with.

To summarize the process, the wizard configuration is started by first selecting the desired port(s) on the Port Selection page (Figure 13: Port Selection pa ge selecting either the CAS, TS, or RAS profile buttons on the subsequent Serial Port C onfiguration Page. Change the appropriate parameters, and then click the Submit button on the Serial Port Configuration Page. For most applications , the parameters to be changed are:

), clicking Submit, and then

For CAS:

• Port Speed

• First RADIUS/Tacacs Plus Authentication Server

• First Accounting Server

• RADIUS/TacacsPlus secret

• Protocol (if the pro tocol is Socket SSH, Soc ket Telnet, or Socket Raw)

• Socket Port (keep the “Incremented” option on)

72 BLACK BOX ® A dvanced Console Server

Page 73

Chapter 3 - Additional Features

For TS:

• Port Speed

• First RADIUS/TacacsPlus Authen tica t ion Server

• First Accounting Server

• RADIUS/TacacsPlus secret

• Protocol (if the protocol is Login, Rlogin, SSH, or Socket Client)

• Socket Port (write the TCP port for the protocol selected; keep the “incremented” opti on

off)

For Dial-in access:

• First RADIUS/TacacsPlus Authen tica t ion Server

• First Accounting Server

• RADIUS/TacacsPlus secret

• Remote IP Address (keep the “Incremented” option on)

Access Method

Access method is how a us er accesses a serv er connected to one of the serial ports on the BLACK BOX ® Advanced Co nsole Se rver ( CAS p r of i l e ) o r ho w a use r co nn ec ted to o ne o f th e serial ports accesses a server in the network (TS profile or Dial-In profile).

Configuration for CAS

Parameters Involved and Passed Values

The parameter s involved in configu ring Access Method for CAS are as follows:

User Guide 73

Page 74

Access Method

all.ipno This is the default IP a ddress of the BLACK BOX ® Advanced

Console Server's serial ports. Any host can access a port using its IP address as long as a path to the address exists in the host's routing table. An example value would be 192.168.1.101+. The “+” indicates that the first port should be addressed as 192.168.1.101 and the following ports should have consecutive values.

all.socket_port In th e CAS pro fi l e , th i s d efines a n a l te rn at i v e labeli n g sy s t em for the

BLACK BOX ® Advanced Console Server ports. An example value would be 7001+. The “+” after the nu meri c a l value cause s th e serial interfaces to be numbered consecutively. In this example, serial interface 1 is assigned the port value 7001, serial interface 2 is assigned the port value 7002, etc. One example on how this could be used is in the case of all.protocol or s<n>.protocol socket_ssh and the port value (7001, 7002, etc), if supplied by the ssh client like username:port value, the ssh client will be directly connected with the serial interface.

all.protocol The possible protocols are telnet, ssh1/ssh2 or raw data:

socket_server = telnet protocol, socket_ssh = ssh1/ssh2 protocol, raw_data = used to exchange data in transparent mode . Raw_data

is simi lar to socket_server mode b ut without telnet n egotiation breaks to serial ports. An examp le value would be so cket_ser ver.

all.users Restricts access to ports by user name (only the users listed can

access the port or , using the character “!,” all but the users listed can acces s the port .) A si ngle comma and spaces/tabs m ay be used between names. A comma may not appear between the “!” and the first user name. The users may be local, Radiu s o r TacacsPlus. User groups (defined with the parameter conf.group) can be used in combination with user names in the param eter list. Notice that these are common u sers, not admin istrators. Example: all.users ! joe, mark, user_group . In this example, the use rs joe, mark, and members of user_grou p cannot access the p ort.

74 BLACK BOX ® A dvanced Console Server

Page 75

Chapter 3 - Additional Features

all.poll_interval Valid only for protocols socket_server and raw_data. When not set

to zer o, th is par amet er se ts th e wai t f or a TCP co nne cti on kee p-a liv e timer. If no traff ic passes through the BLACK BOX ® Advanced Consol e Se rver f or t his perio d of ti me , th e BLACK BOX ® Advanced Console Server will sen d a line status m essage to the remote device to see if the connection is still up. If not configured, 1000 ms is assumed (the unit for this parameter is ms). If set to zero, line status messages will not be sent to the socket client.

all.tx_interval Valid for protocols socket_server and raw_data. Defines the delay

(in milli seconds) before tra n smissio n to the Ethernet of data received through a serial port. If not configured, 100ms is assumed. If set to zero or a value above 1000, no buffering will take place .

all.idletimeout Valid only for the CAS configuratio n (protocols socket_server,

socket_ssh, and raw_data). Specifies h ow long (in minutes) a connection can remain inactive before it is cut off. If set to zero (the default), the connection will not time out.

conf.group Used to group users to simplify configuration of the parameter

all.users later on. This parameter can be used to de fine more than one group. The forma t is: <group name>:<user1>{,<user2>[,<user3>]] Example: conf.group group_name: user1, user2.

s<n>.serverfarm Alias name given to the server connected to the serial p ort.

Server_con nected. Example: s 1.serverfarm Server_conn ected_ser ial1.

vi Method

The parameters described above must be changed by directly editing the /etc/p ortslave/pl s ave.conf file.

Browser Met hod

To configure Access Method with your browser:

Step 1: Point your browser to the Console Server.

In the address or locatio n field of your browser type the Console Access Server’s IP address. For example:

http://10.0.0.0

User Guide 75

Page 76

Access Method

Step 2: Log in as root and type the Web root password configured by the Web server.

This will take you to the Configuration and Administration page.

Serial Ports

links

Link

Panel

Figure 12: Configuration and Adminis tration pa ge

Step 3: Select the Serial Ports link.

Click on the Serial Ports link on the Link Panel to the left of the pa ge or in the Configuration section of the page. This will take you to the Port Selection page.

Figure 13: Port Selection page

Step 4: Select port(s).

On the P or t Se le ct ion p ag e, c h oos e all ports or an in div i dua l po rt fr o m th e d r opdo wn menu. This will take you to the Serial Port C onfiguration page.

76 BLACK BOX ® A dvanced Console Server

Page 77

Chapter 3 - Additional Features

Step 5: Click the CAS profile button.

Click the CAS profile button in the wizards section. The default CAS profile parameters are now loaded.

Step 6: Scroll down to the Profile section.

You can change the settings for all.ipno, all.socket_port, and all.protocol in this section.

Figure 14: Profile Section of Ser ia l Port Configuration pa ge

Step 7: Scroll to the Authentication Section.

You can configure the parameter all.users here under Access Restriction on Use rs.

Step 8: Scroll to Console Access Server Section.

You can configure the following paramet ers here:

• all.sttyCmd

• all.poll_interval

• all.tx_interval

• all.idletimeout

Step 9: Configure s<n>.serverfarm.

This parameter will not appear on the configuration page when “All ports” is selected. Scroll to the SSH section. Each port can be named after the server or device connected to it. Th is makes the process of associating what is connecting to which port easier.

Step 10: Click the Submit button.

This will take you back to the Port Selec tio n page. At this point, the co nfiguration file is written in the RAMdisk.

User Guide 77

Page 78

Step 11: Click on the Serial Port Groups link on the Link Panel.

Click the Add Group button that appears. A Se rial Ports - Users Group Table Entry page appears.

Figure 15: Serial P orts - Users Group Table Entry page

Access Method

Step 12: Configure conf.group.

Fill in the Group Name and Users fields to configure the group.

Step 13: Click the Submit button.

At this point, the con figuration file is written in the RAMdisk.

Step 14: Make the changes effective.

Click on the Administration > Run Configuration link, check the Serial Ports/ Ethernet/Static Routes box and click on the Activate Configuration button.

Step 15: Save it in the flash.

Go to the link Adm inistration > Load/Save Con figuratio n and click the Save to Flash button.

Wizard Method

Step 1: Bring up the wizard.

At the command prompt, type the followi ng to bring up the Access Method c ustom wizard:

wiz --ac cas

78 BLACK BOX ® A dvanced Console Server

Page 79

Chapter 3 - Additional Features

This will bring up Screen 1:

Screen 1:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

INSTRUCTIONS for using the Wizard: You can:

1) Enter the appropriate information for your system and press ENTER. Enter '#' if you want to deactivate that parameter or

2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or

3) Press ESC if you want to exit.

NOTE: For some parameters, if there is nothing within the brackets, it will continue to ask for a value. In that case, you must enter a valid value or # if you do not wish to configure the value.

Press ENTER to continue...

Screen 2:

*********************************************************** *********CONFIGURATIONWIZARD********* ***********************************************************

Current configuration: (The ones with the '#' means it's not activated.)

all.ipno : # all.socket_port : 7001+ all.protocol : socket_server all.users : #

User Guide 79

Page 80

Access Method

all.poll_interval : # all.tx_interval : # all.idletimeout : # conf.group : #

Set to defaults? (y/n) [n] :

Screen 3:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

ALL.IPNO - This is the default IP address of the system's serial ports. If configured as 192.168.1.101+, the '+' indicates that the first port should be addressed as

192.168.1.101 and the following ports should have consecutive values. Any host can access a port using its IP address as long as a path to the address exists in the host's routing table.

all.ipno[#] :

ALL.SOCKET_PORT - This defines an alternative labeling system for the system ports. The '+' after the numerical value causes the interfaces (or ports) to be numbered consecutively. (e.g. interface 1 of your system is assigned port 7001, interface 2 has the value 7002, etc.)

all.socket_port[7001+] :

80 BLACK BOX ® A dvanced Console Server

Page 81

Chapter 3 - Additional Features

Screen 4:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

ALL.PROTOCOL - The possible protocols are telnet, ssh1/ssh2, or raw data. (e.g. socket_server -telnet protocol, socket_ssh -ssh1/ssh2 protocol, raw_data -used to exchange data in transparent mode; similar to socket_server mode but without telnet negotiation breaks to serial ports.)

all.protocol[socket_server] :

ALL.USERS - Restricts access to ports by user name. Only the users listed can access the port, or using a '!', all but the users listed can access the port. A single comma and spaces/tabs may be used between names. A comma may NOT appear between the '!' and the first user name. The users may be local, Radius or TacacsPlus. User groups (defined with the parameter conf.group) can be used in combination with user names in the parameter list. Notice that these are common users, not administrators. (e.g. !joe, mark, grp1 -the users, Joe, Mark, and members of grp1, cannot access the port.)

all.users[#] :

Screen 5:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

ALL.POLL_INTERVAL - Valid for protocols socket_server and raw_data. When not set to 0, this parameter sets the wait for a TCP connection keep-alive timer. If no traffic passes through the system for this period of time, the system will send a line status message to the remote device to see if

User Guide 81

Page 82

Access Method

the connection is still up. If not configured, default is 1000ms. If set to 0, line status messages will not be sent to the socket client.

all.poll_interval[#] :

ALL.TX_INTERVAL - Valid for protocols socket_server and raw_data. This parameter defines the delay (in milliseconds) before transmission to the Ethernet of data received through a serial port. If not configured, 100ms is assumed. If set to 0 or a value above 1000, no buffering will take place.

all.tx_interval[#] :

Screen 6:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

ALL.IDLETIMEOUT - This parameter specifies how long (in minutes) a connection can remain inactive before it is cut off. If set to 0 (the default), the connection will not time out.

all.idletimeout[#] : CONF.GROUP - Used to combine users into a group. This

simplifies the parameter, all.users. You can define more than one group. (e.g. groupName: user1, user2)

conf.group[#] :sales: john, jane

Would you like to create another group? (y/n) [n] :

82 BLACK BOX ® A dvanced Console Server

Page 83

Chapter 3 - Additional Features

Screen 7:

*********************************************************** *********CONFIGURATION WIZARD********* ************************************************************

Current configuration: (The ones with the '#' means it's not activated.)

all.ipno : # all.socket_port : 7001+ all.protocol : socket_server all.users : # all.poll_interval : # all.tx_interval : # all.idletimeout : # conf.group : #

Are these configuration(s) all correct? (y/n) [n]:

If you type 'n':

Type 'c' to go back and CORRECT these parameters or 'q' to QUIT :

Typing 'c' repeats the application, typing 'q' exits the entire wiz application. If you type 'y':

Discard previous port-specific parameters? (y/n) [n] :

Note: Answering yes to this question will dis card only the pa rameter(s) which you are currently configuring if they were configured for a specific port in a previous session. For instance, if you are currently configuring parameter, all.x, and there was a specific po rt, s2.x, configured; then, answering yes to this question will discard s2.x.

Type 'c' to CONTINUE to set these parameters for specific ports or 'q' to QUIT :

Typing 'c' leads to Screen 8, typ i ng 'q ' lea ds to Screen 9.

User Guide 83

Page 84

Access Method

Screen 8:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

You have 8 available ports on this system.

Type 'q' to quit, a valid port number[1-8], or anything else to refresh :

Note: The number of available ports depends on the system you are on. Typing in a valid port number repeats this program except this time it's configuring for the port number you have chosen. For “wiz --ac cas,” an additional parameter is asked: serverfarm. Typing 'q' leads to Screen 9.

Screen 9:

*********************************************************** *********CONFIGURATIONWIZARD********* ***********************************************************

Do you want to activate your configurations now? (y/n) [y] :

84 BLACK BOX ® A dvanced Console Server

Page 85

Chapter 3 - Additional Features

Screen 10:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

Flash refers to a type of memory that can be erased and reprogrammed in units of memory known as blocks rather than one byte at a time; thus, making updating to memory easier.

If you choose to save to flash, your configurations thus far will still be in the memory of the system even after you reboot it. If you don't save to flash and if you were to reboot the system, all your new configurations will be lost and you will have to reconfigure the system.

Do you want to save your configurations to flash? (y/n) [n] :

User Guide 85

Page 86

Access Method

CLI Method

To configure certain parameters for a specific serial port:

Step 1: At the command prompt, type in the appropriate command to configure desired

parameters.

To activate the serial port. <string> should be ttyS<serial port number> :

config configure line <serial port number> tty <string>

To configure the ipno:

config configure line <serial port number> ipno <string>

To configure the socket_port:

config configure line <serial port number> socket <number>

To configure the protocol. <string> i s the type of protocol desired:

config configure line <serial port number> protocol <string>

To configure modbus_smode:

config configure line <serial port number> modbus <string>

To configure users:

config configure line <serial port number> users <string>

To configure the poll_interval:

config configure line <serial port number> pollinterval <number>

To configure tx_interval:

config configure line <serial port number> txinterval <number>

86 BLACK BOX ® A dvanced Console Server

Page 87

Chapter 3 - Additional Features

To configure idletimeout:

config configure line <serial port number> idletimeout <number>

To configure conf.group:

config configure conf group <string>

Tip. You can configure all the parameters for a serial port in one line.

config configure line <serial port number> tty <string> ipno <string> socket <number> protocol <string> modbus <string> users <string> pollinterval <number> txinterval <number> idletimeout <number>

Step 2 : Activate and Save.

To activate your new configurations a nd save them to flash, type:

config write

(This is essentially typing signal_ras hup and saveconf from the normal terminal prompt.)

User Guide 87

Page 88

Access Method

Configuration for TS

Parameters and Passe d Va lues

For TS configuration , you will need to configure the following parameters:

all.host The IP address of the host to which the terminals will connect. all.protocol For the terminal server configuration, the possible protocols are

login (which requests username and password ), rlogin (receive s usernam e f r om th e BLACK BOX ® Advanced Con so l e S e rver an d requests a pas sword), telnet, ssh, ssh2, or socket _client. If the protocol is configured as telnet or socket_client, the parameter socket_port needs to be configured.

all.socket_port This parameter is valid only if all.protocol is configured as

socket_client or telnet. The socket_port is the TC P port number of the application th at will ac ce pt conn ec tio ns r eque s te d by this serial port.

all.telnet_client_mode When the protocol is TELNET, this parameter configured as

BINARY (1) causes an attempt to negotiate the TELNET BINARY option on bot h input and output with the Telnet se rver. So it puts the telnet client in binary mode. The acceptable values are "0" or “1”, where “0” is text mode (default) and “1” is a binar y mode.

all.userauto (unique to TS)

Username used when c onnected to a UNIX server from the user’s seria l ter mi na l.

vi Method

The p arameters described above must be chan ged by di rectly editing the /etc/portslave/pslave.conf file.

88 BLACK BOX ® A dvanced Console Server

Page 89

Chapter 3 - Additional Features

Browser Met hod

Step 1: Follow the steps 1 to 4 in the section titled Configuratio n f or CAS, “Browse r

Method” on page 75.

Step 2: Click the TS Profile button in the Wizard section.

Configure the following parameters:

Profile section: Protocol (telnet, ssh, rlogin or socket client)

Socket port (23 for telnet, 22 for ssh, 513 for rlogin)

Terminal Server section: Host (the name or the IP address of the host)

Automatic User

Step 3: Click the S ubm it button.

At this point, the configuration file is written in the RAMdisk.

Step 4: Make c hanges effective.

Click on the Administration > Run Configuration link, check the Serial Ports/ Ethernet/Static Routes box and click on the Activate Configuration button.

Step 5: Save it in the flash.

Go to the link Admini stration > Loa d/Save Configuration and click the Sa ve to Fla sh button.

Wizard Method

Step 1: Bring up the wizard.

At the command prompt, type the followi ng to bring up the Access Method c ustom wizard:

wiz --ac ts

This will bring up Screen 1:

User Guide 89

Page 90

Access Method

Screen 1:

*********************************************************** *********CONFIGURATIONWIZARD********* ***********************************************************

INSTRUCTIONS for using the Wizard: You can:

1) Enter the appropriate information for your system and press ENTER. Enter '#' if you want to deactivate that parameter or

2) Press ENTER if you are satisfied with the value within the brackets [ ] and want to go on to the next parameter or

3) Press ESC if you want to exit.

NOTE: For some parameters, if there is nothing within the brackets, it will continue to ask for a value. In that case, you must enter a valid value or # if you do not wish to configure the value.

Press ENTER to continue...

Screen 2:

*********************************************************** *********CONFIGURATIONWIZARD********* ***********************************************************

Current configuration: (The ones with the '#' means it's not activated.)

all.protocol : rlogin all.socket_port : 23 all.telnet_client_mode : 0 all.userauto : #

Set to defaults? (y/n) [n] :

90 BLACK BOX ® A dvanced Console Server

Page 91

Chapter 3 - Additional Features

Screen 3:

*********************************************************** *********CONFIGURATIONWIZARD********* ***********************************************************

ALL.PROTOCOL - Users can access the servers through the serial port using ssh, ssh2, telnet, login, rlogin, or socket_client. (e.g. login -requests username and password, rlogin receives username from the system and requests a password, etc.)

all.protocol[rlogin] :

ALL.SOCKET_PORT - This defines the port(s) to be used by the protocols telnet and socket_client. For these two protocols a default value of 23 is used when no value is configured.

all.socket_port[23] :

Screen 4:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

ALL.TELNET_CLIENT_MODE - This parameter only applies if the current protocol configured is telnet. Configuring as binary (1) causes an attempt to negotiate the TELNET BINARY option on both input and output with the Telnet server. Thus, it puts the telnet client in binary mode. The default is 0 which represents text mode.

all.telnet_client_mode[0] :

User Guide 91

Page 92

Access Method

ALL.USERAUTO - Username used when connected to a Unix server from the user's serial terminal.

all.userauto[#] :

Note: all.host is configured under th e wiz - - tso.

Screen 5:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

Current configuration: (The ones with the '#' means it's not activated.)

all.protocol : rlogin all.socket_port : 23 all.telnet_client_mode : 0 all.userauto : # Are these configuration(s) all correct? (y/n) [n]:

If you type 'n'

Type 'c' to go back and CORRECT these parameters or 'q' to QUIT :

Typing 'c' repeats the application, typing 'q' exits the entire wiz application If you type 'y'

Discard previous port-specific parameters? (y/n) [n] :

92 BLACK BOX ® A dvanced Console Server

Page 93

Chapter 3 - Additional Features

Type 'c' to CONTINUE to set these parameters for specific ports or 'q' to QUIT :

Typing 'c' leads to Screen 6, typ i ng 'q ' lea ds to Screen 7.

Screen 6:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

You have 8 available ports on this system.

Type 'q' to quit, a valid port number[1-8], or anything else to refresh :

User Guide 93

Page 94

Access Method

Screen 7:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

Do you want to activate your configurations now? (y/n) [y] :

Screen 8:

*********************************************************** *********CONFIGURATION WIZARD********* ***********************************************************

Flash refers to a type of memory that can be erased and reprogrammed in units of memory known as blocks rather than one byte at a time; thus, making updating to memory easier.

Do you want to save your configurations to flash? (y/n) [n] :

94 BLACK BOX ® A dvanced Console Server

Page 95

Chapter 3 - Additional Features

CLI Method

To configure certain parameters for a specific serial port:

Step 1: At the command prompt, type in the appropriate command to configure desired

parameters.

To activate the serial port. <string> should be ttyS<serial port number> :

config configure line <serial port number> tty <string>

To configure the protocol (<string> is the type of protocol desired):

config configure line <serial port number> protocol <string>

To configure the socket_port:

config configure line <serial port number> socket <number>

To configure the telnet_client_mode:

config configure line <serial port number> telnetclientmode <number>

To configure userauto:

config configure line <serial port number> userauto <string>

Tip. You can configure all the parameters for a serial port in one line.

config configure line <serial port number> tty <string> protocol <string> socket <number> telnetclientmode <number> userauto <string>

Step 2 : Activate and Save.

To activate your new configurations a nd save them to flash, type:

config write

(This is essentially typing signal_ras hup and saveconf from the normal terminal prompt.)

User Guide 95

Page 96

Access Method

Confi guration for Dial-in Access

Parameters and Passe d Va lues

The parameters that ne ed to be configu red are shown in the following list. Note: The character “\” at the end of a line mea ns th a t the str ing continu es on the next line.

conf.pppd Location of the ppp daem on wi th Radius. Default value:

/usr/local/sbin/pppd.

all.ipno This is the default IP address of the BLACK BOX ® Ad vanced Console

Server's serial ports. Any host can access a port using its IP address as long as a path to the address exist s in the host's routing table. An example value would be 192.168.1.101+. The “+” indicates that the first port should be addressed as 192.168.1.101 and t he following por ts should have consecutive values.

all.initchat Modem initialization st ring. Example value:

TIMEOUT 10 "" \d\l\dATZ \OK\r\n-ATZ-OK\r\n “” \“” ATMO OK\R\N “”\ TIMEOUT 3600 RING “” \ STATUS Incoming %p:I.HANDSHAKE “” ATA\ TIMEOUT 60 CONNECT@ “” \ STATUS Connected %p:I.HANDSHAKE

all.autoppp O ptions to auto-dete ct a ppp session . The cb-script parameter defines the

file used for callback and enables negotiation with the callback server. Callback is available in combination with Radius Server authentication. When a r e gi st ered use r ca l ls the BLACK B OX ® Advanced C onso le Serv er, it will disconnect the user, then cal l the user back. The fo llowing three parameters must be configured in th e Ra dius Server.

• attribute Service_type(6): Callback Framed;

• attribute Framed_Protocol(7): PPP;

• attribute Callback_Numbe r(19): the dial number (example: 50903300).

96 BLACK BOX ® A dvanced Console Server

Page 97

Chapter 3 - Additional Features

Example value: %j novj \ proxyarp modem asyn cmap 000A0000 \ noipx noccp lo gin auth require-pap refusechap\ mtu %t mru %t \ cb-script /etc/portslave/cb_script \ plugin /usr/lib/li bpsr.so

all.pppopt PPP options when user has already been authenticated.

Example value: %i:%j novj \ proxyarp modem asyn cmap 000A0000 \ noipx noccp mtu %t mru %t netmask%m \ idle %I maxconnect %T \ plugin /usr/lib/li bpsr.so

all.protocol For the Dial-in configuration, the available protocols are PPP, SLIP and CSLIP.

Tip. Documentation about PPP options can be found on the Linux pppd m an

page.

vi Method

The p arameters described above must be changed by directly editing the /etc/portslave / pslave.conf file.

Browser Met hod

For the serial ports you would have all the parameters described above but conf.*. To configure Access Method with your browser:

Step 1: Follow the steps 1 to 4 in the section titled Configuratio n f or CAS, “Browse r

Method” on page 75.

Step 2: Click the Dial in Profile button in the Wizard section.

User Guide 97

Page 98

Step 3: Scroll down to the Profile section.

You can change the settings for all.ipno and all.protocol in this section.

Step 4: Scroll to the modem Section.

You can configure the parameter all.initchat here.

Step 5: Scroll to the PPP Secti on.

You can configure the parameter a ll.autop pp a n d all.pppo pt here.

Step 6: Click the Submit button.

At this point, the con figuration file is written in the RAMdisk.

Step 7: Make the cha nges effecti ve.

Click on the Administration > Run Configuration link, check the Serial Ports/ Ethernet/Static Routes box and click on the Activate Configuration button.

Access Method

Step 8: Save it in the flash.

Go to the link Admini stration > Loa d/Save Configuration and click the Sa ve to Fla sh button.

98 BLACK BOX ® A dvanced Console Server

Page 99

Chapter 3 - Additional Features

CLI Method

To configure certain parameters for a specific serial port:

Step 1: At the command prompt, type in the appropriate command to configure desired

parameters.

To activate the serial port. <string> should be ttyS<serial port number> :

config configure line <serial port number> tty <string>

To configure the protocol. <string> is the type of protocol desired:

config configure line <serial port number> protocol <string>

To configure ipno:

config configure line <serial port number> ipno <string>

Tip. You can configure all the parameters for a serial port in one line.

config configure line <serial port number> tty <string> protocol <string> ipno <string>

Step 2 : Activate and Save.

To activate your new configurations a nd save them to flash, type:

config write

(This is essentially typing signal_ras hup and saveconf from the normal terminal prompt.)

User Guide 99

Page 100

Authentication

Authentication is the process of identifying an individual, usually based on a username and password. In security systems, authentication is distinct from authorization, which is the process of giving individuals access to sys tem objects based on their identity. Authentication merely ensures that th e individual is who he or she claims to be, bu t says nothing about the access righ ts of the individual. With the BLACK BOX ® Advanced Console Server, authentication can be performed locally, or with a remo te Radius, Tacacs, or ldap database, or kerbe ros.

Parameters Invol ved and Passed Values

The authentication feature utiliz es the following parameter s:

all.authtype Type of authentication used. There a r e several authentication type

options:

• none (no au thentication)

• local (authentication is performed using the /etc/passwd file)

• remote (This is for a terminal profile only. The unit takes in a us er-

name but does not use it for authentication. Instead it passes it to the rem ote server where it is then used for authentication.)

• radius (authentication is performed usin g a Radius authentication server)

• TacacsPlus (authentication is performe d using a TacacsPlus authen- ticati on server)

• ldap (authentication is performed against an ldap database using an ldap server. The IP address and other details of the ldap server are defined in the file /etc/ldap.conf)

100 BLACK BOX ® A dvanced Console Server

Black Box LS1016A, LS1032A User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual