Black Box LS1008A, LS1016A, LS1032A, LS1048A User Manual

Download

Page 1

BLACK BOX®

Advanced Console Server

Installation, Administration, and User’s Guide

Software Version 2.6.0

BLACK BOX® Corporation

1000 Park Drive Lawrence, PA 15055-1018 877-877-2269

http://www.blackbox.com

Release Date: December 2005

Page 2

States and other countries. All trademarks, trade names, logos and service marks referenced herein, even when not

specifically marked as such, belong to their respective companies and are not to be considered unprotected by law.

Page 3

Contents

Before You Begin ......................................................1

Audience .............................................................................................. 1

Document Organization ....................................................................... 1

Related Documents ..............................................................................3

BLACK BOX® firmware Upgrades ................................................ 4

Chapter 1: Introduction.............................................7

Overview .............................................................................................. 8

Product Models and Configurations ..................................................... 8

Connectors on the BLACK BOX® CS .............................................. 10

Accessing CS and Connected Devices ............................................... 10

Web Manager ..................................................................................... 11

Prerequisites for Using the Web Manager ......................................... 11

Types of Users .................................................................................... 12

Security .............................................................................................. 12

Authentication .................................................................................... 13

VPN .................................................................................................... 15

Packet Filtering on CS ....................................................................... 15

Structure of IP Filtering .................................................................. 15

Chain ........................................................................................... 16

Rule ............................................................................................. 16

Add Rule and Edit Rule Options .................................................... 17

SNMP ................................................................................................. 22

Notifications, Alarms, and Data Buffering ........................................ 23

Page 4

Contents

Syslog Servers ................................................................................ 23

Prerequisites for Logging to Syslog Servers ............................... 23

Administering Users of Connected Devices ...................................... 24

Planning Access to Connected Devices ......................................... 24

Configuring Access to Connected Devices .................................... 25

CS and Power Management ............................................................... 25

Configuring Power Management ................................................... 26

Configuring Ports for Power Management by Authorized Users 27

Configuring Ports for Power Management Using the CLI ......... 27

Options for Managing Power ......................................................... 28

Power Management Through the Web Manager ........................ 28

Power Management from the CS Command Line ...................... 28

Chapter 2: Installation and Configuration.............29

Shipping Box Contents ...................................................................... 30

Important Pre-installation Requirements ...........................................34

Java Plug-In Requirement for Serial Port Access .......................... 35

Basic Installation Procedures ............................................................. 36

Mounting the CS ............................................................................. 37

Making an Ethernet Connection ..................................................... 37

Connecting Servers and Other Devices to CS ................................ 38

Making a Direct Connection to Configure the Network Parameters.

......................................................................................................... 39

Powering on the CS and the Connected Devices ........................... 39

Configuring the Network Parameters ............................................. 40

Performing Basic Network Configuration Using the wiz Command

...................................................................................................... 40

Selecting A Security Profile Using the Web Manager ...............45

Adding Users and Configuring Ports Using the Web Manager ..... 46

Enabling Ports and Assigning Users. .......................................... 46

Other Methods of Accessing the Web Manager ................................ 47

Installing PCMCIA Cards .................................................................. 48

Connecting AlterPath PM IPDUs ......................................................49

Page 5

Chapter 3: Web Manager for Regular Users..........51

Using the Web Manager ..................................................................... 51

Features of Regular User Forms ........................................................ 53

Connect .............................................................................................. 54

Connect to CS ................................................................................. 55

Connect to Serial Ports ................................................................... 56

Port Access Requirements ..........................................................56

Connection Protocols for Serial Ports ............................................56

TCP Port Numbers for Serial Ports ............................................. 57

IPDU Power Mgmt. ........................................................................... 58

Outlets Manager ............................................................................. 59

View IPDUs Info ............................................................................ 61

IPDU Multi-Outlet Ctrl ...................................................................... 62

Security .............................................................................................. 65

Chapter 4: Web Manager for Administrators ........67

BLACK BOX® Web Manager .......................................................... 68

Prerequisites for Using the Web Manager ...................................... 68

Common Tasks for CS Administrators .............................................. 69

Common Features of Administrator Forms .......................................70

Buttons and CS Information ........................................................... 70

Logging Into the Web Manager ......................................................... 72

Overview of Administrative Modes ................................................... 75

Wizard Mode .................................................................................. 76

Expert Mode ................................................................................... 76

Chapter 5: Configuring CS in Wizard Mode ..........79

Step 1: Security Profile ................................................................... 79

Pre-defined Security Profiles ...................................................... 79

Default Security Profile .............................................................. 80

Custom Security Profile .............................................................. 80

Serial Port Settings and Security Profiles ................................... 83

Step 2: Network Settings ................................................................ 87

BLACK BOX® CS Installation, Administration, and User’s Guide v

Page 6

Contents

Step 3: Port Profile ......................................................................... 90

Step 4: Access ................................................................................. 93

Step 5: Data Buffering .................................................................... 98

Step 6: System Log ....................................................................... 103

Chapter 6: Configuring the CS in Expert Mode...107

Overview of Menus and Forms ........................................................ 107

Mapping of the Expert Mode Menus and Forms ............................. 109

Description of Forms in Expert Mode ............................................. 110

Chapter 7: Applications Menu & Forms...............117

Applications ..................................................................................... 118

Connect ......................................................................................... 118

IPDU Power Mgmt. ...................................................................... 122

Outlets Manager ........................................................................ 123

View IPDUs Info ......................................................................126

Users Manager .......................................................................... 129

Configuration ............................................................................ 131

Software Upgrade [for the AlterPath PM] ................................ 133

IPDU Multi-Outlet Ctrl ................................................................ 135

Prerequisites for Multi-Outlet Control ...................................... 137

Power Management Icons ......................................................... 137

IPMI Power Management ............................................................. 141

Terminal Profile Menu ................................................................. 148

Chapter 8: Network Menu & Forms......................153

Network ............................................................................................ 154

Host Settings ................................................................................. 154

Syslog ........................................................................................... 159

PCMCIA Management ................................................................. 160

Configuring a Modem PCMCIA Card ...................................... 163

Configuring an ISDN PCMCIA Card ....................................... 166

Configuring a GSM PCMCIA Card ......................................... 168

Page 7

Configuring an Ethernet PCMCIA Card ................................... 171

Configuring a PCMCIA Compact Flash Card or a PCMCIA Hard

Disk Drive ................................................................................. 172

Configuring a Wireless LAN PCMCIA Card ........................... 174

Configuring a CDMA PCMCIA Card ...................................... 176

Ejecting a PCMCIA Card .........................................................178

VPN Connections ......................................................................... 178

SNMP ........................................................................................... 183

Firewall Configuration ................................................................. 188

Host Table .................................................................................... 203

Static Routes ................................................................................. 204

Chapter 9: Security Menu & Forms......................209

Users and Groups ......................................................................... 210

Adding a User ........................................................................... 211

Adding a Group ......................................................................... 212

Active Ports Sessions ................................................................... 214

Authentication .............................................................................. 216

Configuring Authentication for CS Logins ............................... 217

Configuring Authentication Servers for Logins to CS

and Connected Devices ............................................................. 218

Group Authorization on TACACS+ ......................................... 222

Security Profiles ........................................................................... 228

Pre-defined Security Profiles ................................................... 229

Default Security Profile ............................................................ 229

Custom Security Profile ............................................................ 229

Serial Port Settings and Security Profiles ................................. 232

Security Certificates ..................................................................... 238

Certificate for HTTP Security ................................................... 238

User Configured Digital Certificate .......................................... 238

X.509 Certificate on SSH ......................................................... 238

Chapter 10: Ports Menu & Forms.........................239

Physical Ports ............................................................................... 241

BLACK BOX® CS Installation, Administration, and User’s Guide vii

Page 8

Contents

General ...................................................................................... 243

Connection Profiles ................................................................... 244

Console Access Server (CAS) Profile Connection Protocols ... 245

Terminal Server (TS) Profile Connection Protocols ................. 245

Bidirectional Telnet Protocol .................................................... 247

Modem and Power Management Connection Protocols ........... 248

Access ....................................................................................... 261

Authentication Methods and Fallback Mechanism ................... 263

Data Buffering .......................................................................... 266

Multi User ................................................................................. 270

Power Management .................................................................. 273

Other ......................................................................................... 279

Virtual Ports .................................................................................. 283

Ports Status ................................................................................... 289

Ports Statistics .............................................................................. 290

Chapter 11: Administration Menu & Forms.........293

System Information ...................................................................... 294

Notifications ................................................................................. 297

Email Notifications Entry ......................................................... 299

Pager Notifications Entry .......................................................... 302

SNMP Trap Notifications Entry ...............................................304

Serial Ports Alarm Notification ................................................ 306

Time/Date ..................................................................................... 307

Setting Time and Date with NTP .............................................. 308

Boot Configuration ....................................................................... 309

Backup Configuration .................................................................. 312

Upgrade Firmware ........................................................................ 315

Reboot ........................................................................................... 318

Online Help .................................................................................. 319

Appendix A: Technical Specifications.................321

Appendix B: Safety, Regulatory, and Compliance In-

viii

Page 9

formation ................................................................323

Safety Guidelines for Rack-Mounting the CS ................................. 323

Safety Precautions for Operating the Advanced Console Server ..... 324

Working inside the Advanced Console Server ................................326

Replacing the Battery ....................................................................... 326

FCC Warning Statement .................................................................. 327

Notice About FCC Compliance for all Advanced Console Server

Models .............................................................................................. 327

Canadian DOC Notice ...................................................................... 327

Aviso de Precaución S-Mark Argentina .......................................... 328

Trabajar dentro del Advanced Console Server ................................329

Batería .............................................................................................. 329

Appendix C: Supported PCMCIA Cards ..............331

Glossary .................................................................335

Index .......................................................................353

BLACK BOX® CS Installation, Administration, and User’s Guide ix

Page 10

Contents

Page 11

Tables

Table v-1: Typographic Conventions................................................ 3

Table v-2: Other Terms and Conventions......................................... 4

Table 1-1: Model Numbers and Configuration Options................... 8

Table 1-2: CS Supported Authentication Methods......................... 13

Table 1-3: Filter Options for Packet Filtering Rules....................... 17

Table 1-4: TCP Protocol Packet Filtering Options......................... 18

Table 1-5: UDP Protocol Packet Filtering Options ........................ 19

Table 1-6: LOG Target Action Options.......................................... 21

Table 1-7: Tasks for Configuring Access to Connected Devices ... 25

Table 1-8: Tasks for Configuring Power Management................... 27

Table 1-9: Power Management Options in the Web Manager........ 28

Table 2-1: Shipping Box Contents for LS1004A - LS1048A ........ 30

Table 2-2: Shipping Box Contents for LS1001A............................ 33

Table 2-3: CS Basic Installation Tasks ...........................................36

Table 2-4: Tasks Related to Connecting AlterPath PMs................. 50

Table 3-1: Common Screen Information ........................................ 53

Table 3-2: Java Applet Buttons......................................................55

Table 3-3: Serial Ports Connection Protocols................................. 57

Table 3-4: Regular User > Outlet Management Buttons ................60

Table 3-5: Regular User > Information on the V iew IPDUs Info Form

....................................................................................... 61

Table 3-6: Regular User > IPDU Multi-Outlet Ctrl. Form Icons.... 64

Table 3-7: Regular User > Password Management Form............... 65

Table 4-1: Administrator > Common Administrative Tasks .......... 69

Page 12

Tables

Table 4-2: Administrator > Web Manager Buttons......................... 70

Table 4-3: Administrator > Options for Trying, Saving, and Restoring

Configuration Changes.................................................. 71

Table 4-4: Administrator > Logout Button and Other Information in

the Upper Right ............................................................. 72

Table 4-5: Administrator > CS Configuration and Expert Menus

Chapters......................................................................... 77

Table 5-1: Wizard > Enabled services to access the CS under each

security profile............................................................... 81

Table 5-2: Wizard > Enabled services to access the serial ports under

each security profile. ..................................................... 81

Table 5-3: Wizard > Enabled protocols for each security profile

shown with a check mark. ............................................. 82

Table 5-4: Wizard > Serial Port Profile Parameters and Usage...... 91

Table 5-5: Wizard > Add User Dialog: Field Names and Definitions

....................................................................................... 95

Table 5-6: Wizard > Data Buffering Field Names and Definitions. ...

..................................................................................... 100

Table 5-7: Wizard > Differences Between Remote and Local

Buffering...................................................................... 101

Table 5-8: CS Configuration and Expert Menus Chapters........... 105

Table 6-1: Expert Mode Menu and Forms.................................... 109

Table 6-2: Expert > Applications................................................. 110

Table 6-3: Expert > Network.........................................................111

Table 6-4: Expert > Security......................................................... 112

Table 6-5: Expert > Ports.............................................................. 112

Table 6-6: Administration............................................................. 113

Table 7-1: Expert > Applications Menu ....................................... 117

Table 7-2: Expert > Outlets Manager Icons Description.............. 124

Table 7-3: Expert > View IPDUs General Information................ 127

Table 7-4: Expert > View IPDUs Unit Information...................... 128

Table 7-5: Expert > IPDU Multi-Outlet Ctrl form icons.............. 138

Table 7-6: Expert > IPMI Information.......................................... 143

Table 7-7: Expert > IPMI Power Mgmt. Form Icons ................... 143

Table 8-1: Expert > Network Menu ............................................. 153

xii

Page 13

Table 8-2: Expert > Host Settings Form Fields ............................155

Table 8-3: Expert > Form Fields for a Modem Card.................... 164

Table 8-4: Expert > Form Fields for an ISDN Card..................... 167

Table 8-5: Expert > Form Fields For a GSM Card....................... 170

Table 8-6: Expert > Form Fields for an Ethernet Card................. 171

Table 8-7: Expert > Form Fields for a Compact Flash/Hard Disk 173

Table 8-8: Expert > Form Fields for a Wireless LAN Card. ........175

Table 8-9: Expert > Form Fields for a CDMA Card..................... 176

Table 8-10: Expert > Field and Menu Options for Configuring a VPN

Connection................................................................... 181

Table 8-11: Expert > Fields and Menu Options for SNMP

Configuration............................................................... 185

Table 8-12: Expert > Tasks for Configuring SNMP....................... 188

Table 8-13: Expert > TCP Options Fields ...................................... 195

Table 8-14: Expert > UDP Options Fields...................................... 196

Table 8-15: Expert > Firewall Configuration Input and Output

Interface, and Fragments Fields Definitions. .............. 198

Table 8-16: Expert > Target LOG Options Selection Fields........... 199

Table 8-17: Expert > Reject Options Sections............................... 200

Table 8-18: Expert > Fields and Menus for Configuring Static Routes

..................................................................................... 207

Table 9-1: Expert > Security Menu............................................... 209

Table 9-2: Expert > Add User Dialog Field Names and Definitions...

..................................................................................... 211

Table 9-3: Expert > Active Ports Sessions Information. .............. 215

Table 9-4: Tasks for Setting up Authentication Servers. ..............219

Table 9-5: Expert > Enabled services to access the CS under each

security profile............................................................. 230

Table 9-6: Expert > Enabled services to access the serial ports under

each security profile. ................................................... 230

Table 9-7: Expert > Enabled protocols for each security profile

shown with a check mark. ........................................... 231

Table 9-8: Configuring CS in Expert Mode.................................. 237

Table 10-1: Expert > Ports Menu.................................................... 239

BLACK BOX® CS Installation, Administration, and User’s Guide xiii

Page 14

Tables

Table 10-2: Expert > Console Connection Protocols...................... 245

Table 10-3: Expert > Terminal Server (TS) Connected Protocols.. 246 Table 10-4: Expert > Protocols for Serial Ports Connected to

Modems or IPDUs....................................................... 248

Table 10-5: Expert > Access Form Fields ...................................... 262

Table 10-6: Expert > Authentication Methods ............................... 264

Table 10-7: Expert > Procedures to Configure an Authentication

Server........................................................................... 266

Table 10-8: Expert > Data Buffering Form Fields.......................... 267

Table 10-9: Expert > Multi User Form Fields ................................271

Table 10-10:Expert > Options on the “Allow Multiple Sessions” Menu

..................................................................................... 272

Table 10-11: Expert > Power Management Form Fields.................274

Table 10-12:Expert > Ports > Physical Ports > Other Form Fields. 280

Table 10-13:Expert > New/Modify Port Dialog Box Fields............ 285

Table 10-14:Expert > Port Status Read-Only Form......................... 290

Table 10-15:Expert > Ports>Port Status Read-Only Form.............. 291

Table 11-1: Expert > Administration Menu.................................... 293

Table 11-2: System Information ..................................................... 296

Table 11-3: Expert > Notifications Form Fields............................. 298

Table 11-4: Expert > Email Notifications Dialog Box Fields ........ 300

Table 11-5: Expert > Pager Notifications Dialog Box.................... 303

Table 11-6: Expert > SNMP Trap Notifications Dialog Box .........305

Table 11-7: Expert > Boot Configuration Form Fields................... 310

Table 11-8: Expert > Backup Config Type FTP Form Fields and

Buttons......................................................................... 313

Table 11-9: Expert > Backup Config Type Storage Device Form..314

Table 11-10: Expert > Upgrade Firmware Form Fields ................... 316

Table C-1: Supported PCMCIA Cards.......................................... 331

xiv

Page 15

Figures

Figure 1-1: CS Front with PCMCIA Card Slots.............................. 8

Figure 1-2: CS Back with Connectors .............................................8

Figure 1-3: BLACK BOX® CS family of Advanced Console .........

Figure 1-4: CS Connectors............................................................. 10

Figure 1-5: IPDU Integration With CS.......................................... 26

Servers........................................................................... 9

Figure 2-1: CS Setup Example ...................................................... 30

Figure 2-2: Security Advisory Console Message .......................... 42

Figure 2-3: Front Panel PCMCIA Card Slots................................ 48

Figure 2-4: PCMCIA Eject Button in Web Manager.....................49

Figure 2-5: AlterPath PMs Connected to the CS........................... 50

Figure 3-1: Regular User > Web Manager Login form ................. 52

Figure 3-2: Regular User Form...................................................... 53

Figure 3-3: Regular User > Connect Form .................................... 54

Figure 3-4: Java Applet.................................................................. 55

Figure 3-5: Regular User > IPDU Power Mgmt. Forms................58

Figure 3-6: Regular User > Outlets Manager (no permissions)..... 59

Figure 3-7: Regular User > Outlets Manager (with permissions).. 59

Figure 3-8: Regular User > View IPDUs Info ............................... 61

Figure 3-9: Regular User > IPDU Multi-Outlet (no permissions). 63

Figure 3-10: Regular User > IPDU Multi-Outlet (wit permissions)......

Page 16

Figures

..................................................................................... 64

Figure 4-1: Administrator > Web Manager Buttons...................... 70

Figure 4-2: Administrator > Web Manager Login Form ...............73

Figure 4-3: Administrator > Multi Administrator Login Message 74

Figure 4-4: Administrator > Security Advisory Message.............. 75

Figure 4-5: Example of Web Manager Form in Wizard Mode...... 76

Figure 4-6: Example of Web Manager Form in Expert Mode....... 77

Figure 5-1: Administrator > Physical Ports Factory Settings........ 83

Figure 5-2: Security and Serial Ports Configuration Alert ............ 83

Figure 5-3: Security Advisory Dialog Box.................................... 84

Figure 5-4: Wizard > Step 1: Security Profile Form...................... 85

Figure 5-5: Custom Security Profile Dialog Box .......................... 86

Figure 5-6: Wizard > Step 2: Network Settings - DHCP disabled. 88 Figure 5-7: Wizard > Step 2: Network Settings - DHCP enabled. 89

Figure 5-8: Wizard > Step 3: Port Profile...................................... 90

Figure 5-9: Wizard > Step 4:Access .............................................. 94

Figure 5-10: Wizard > Step 4: Access Add User Dialog Box ......... 95

Figure 5-11: Wizard > Step 4: Change Password Dialog Box......... 96

Figure 5-12: Wizard > Step 5: Data Buffering [Inactive]................ 98

Figure 5-13: Wizard > Step 5: Data Buffering [Local].................... 99

Figure 5-14: Wizard > Step 5: Data Buffering [Remote]............... 100

Figure 5-15: Wizard > Step 6: System Log ................................... 104

Figure 6-1: Expert Mode Screen Elements.................................. 108

Figure 7-1: Expert > Applications Menu Options ....................... 118

Figure 7-2: Expert > Applications > Connect Form.................... 119

Figure 7-3: Expert > SSH session Java Applet............................ 120

Figure 7-4: Expert > Serial Port Java Applet............................... 121

Figure 7-5: Expert > IPDU Power Mgmt. Tab Options............... 122

Figure 7-6: Expert > Applications > IPDU Power Mgmt. > Outlets

xvi

Page 17

Manager..................................................................... 124

Figure 7-7: Expert > Outlets Manager Icons ............................... 125

Figure 7-8: Expert > Edit Outlets Dialog Box............................. 125

Figure 7-9: IPDU Power Mgmt. > View IPDUs Info .................. 126

Figure 7-10: IPDU Power Mgmt> Users Manager....................... 129

Figure 7-11: Expert > IPDU Power Mgmt. > Users Manager > Add

User........................................................................... 129

Figure 7-12: Expert > Applications > IPDU Power Mgmt. >

Configuration ............................................................132

Figure 7-13: Expert > Applications > IPDU Power Mgmt. > Software

Upgrade..................................................................... 133

Figure 7-14: Expert > Applications > IPDU Multi-Outlet Ctrl ....136

Figure 7-15: Expert > Applications > Multi-Outlet Ctrl [not

configured]................................................................ 137

Figure 7-16: Expert > Applications > Multi-Outlet Control Icons138

Figure 7-17: Expert > Applications > IPMI Power Mgmt............. 141

Figure 7-18: Expert > IPMI Power Mgmt. “Add/Edit IPMI Device”

Dialog Boxes............................................................. 142

Figure 7-19: Expert > IPMI Power Mgmt. Device Entry Example142 Figure 7-20: Expert > Serial Port > Power Management > Enable

Power Management................................................... 146

Figure 7-21: Expert > Power Management Add Outlet Dialog Box ..

................................................................................... 146

Figure 7-22: Expert > Serial Port > Power Management > User

Permissions ............................................................... 147

Figure 7-23: Expert > Serial Port > Power Management > Enable

IPMI ..........................................................................148

Figure 7-24: Expert > Applications > Terminal Profile Menu ...... 149

Figure 7-25: Expert >Terminal Profile Menu “Add Option” Dialog

BLACK BOX® CS Installation, Administration, and User’s Guide xvii

Page 18

Figures

Box............................................................................ 149

Figure 7-26: Expert > Terminal Profile Menu Example................ 150

Figure 8-1: Expert > Network > Host Settings [DHCP Enabled] 154 Figure 8-2: Expert > Network > Host Settings [DHCP Disabled]155

Figure 8-3: Expert > Network > Syslog....................................... 159

Figure 8-4: Expert > Network > PCMCIA Management ............161

Figure 8-5: Expert > PCMCIA Modem Card Configuration Dialog

Box............................................................................ 164

Figure 8-6: Expert > PCMCIA Modem Card Configuration Dialog

Box -PPP................................................................... 165

Figure 8-7: Expert > Modem PCMCIA Card Configuration Dialog

Box - Call Back......................................................... 165

Figure 8-8: Expert > ISDN PCMCIA Card Configuration Dialog

Box............................................................................ 167

Figure 8-9: Expert > GSM PCMCIA Card Configuration Dialog

Box............................................................................ 169

Figure 8-10: Expert > GSM PCMCIA Card Configuration Dialog

Box - Call Back......................................................... 169

Figure 8-11: Expert > Ethernet PCMCIA Card Configuration Dialog

Box............................................................................ 171

Figure 8-12: Expert > PCMCIA Compact Flash/Hard Disk

Configuration Dialog Box....................................... 173

Figure 8-13: Expert > PCMCIA Wireless LAN Card Configuration

Dialog Box................................................................ 174

Figure 8-14: Expert > PCMCIA CDMA Card Configuration Dialog

Box............................................................................ 176

Figure 8-15: Expert > Network > VPN Connections..................... 179

Figure 8-16: Expert > VPN “New/Modify Connection” Dialog Box..

Figure 8-17: Expert > Network > SNMP...................................... 184

xviii

................................................................................... 180

Page 19

Figure 8-18: Expert > “New/Mod SNMP v1 v2 Configuration”

Dialog Box................................................................ 186

Figure 8-19: Expert > “New/Mod SNMP v3 Configuration” Dialog

Box............................................................................ 186

Figure 8-20: Expert > Network > Firewall Configuration............. 188

Figure 8-21: Expert > Firewall Configuration “Edit Chain” Dialog

Box............................................................................ 189

Figure 8-22: Firewall Configuration “User-defined Chain” Message.

................................................................................... 190

Figure 8-23: Firewall Configuration “Delete Default Chain” Message

................................................................................... 190

Figure 8-24: Expert > Firewall Configuration “Add Chain” Dialog

Box............................................................................ 191

Figure 8-25: Firewall Configuration “Edit Rules for chain_name”

Form.......................................................................... 191

Figure 8-26: Firewall Configuration “Edit Rules for chain_name”

Buttons ......................................................................192

Figure 8-27: Expert > Firewall Configuration “Add Rule” and “Edit

Rule” Dialog Boxes .................................................. 192

Figure 8-28: Firewall Configuration “Add Rule” and “Edit Rule” ....

Target Menu Options................................................. 193

Figure 8-29: Firewall Configuration “Add Rule” and “Edit Rule”

Source and Destination IP and Mask Fields ............. 193

Figure 8-30: Firewall Configuration “Add Rule” and “Edit Rule”

Protocol Menu Options............................................. 194

Figure 8-31: Firewall Configuration “Add Rule” and “Edit Rule”

Numeric Protocol Fields ........................................... 194

Figure 8-32: Firewall Configuration “Add Rule” and “Edit Rule”

BLACK BOX® CS Installation, Administration, and User’s Guide xix

TCP Protocol Fields and Menu Options ................... 195

Page 20

Figures

Figure 8-33: Firewall Configuration “Add Rule” and “Edit Rule”

UDP Protocol Fields ................................................. 196

Figure 8-34: Firewall Configuration “Add Rule” and “Edit Rule”

ICMP Type Menu Options........................................ 197

Figure 8-35: Firewall Configuration Input and Output Interface Fields

and Fragments Menu Options................................... 198

Figure 8-36: Firewall Configuration “Add Rule” and “Edit Rule”

LOG Target Fields..................................................... 199

Figure 8-37: Firewall Configuration “Add Rule” and “Edit Rule”

REJECT Target Menu Options ................................. 200

Figure 8-38: Expert > Network > Host Tables............................... 204

Figure 8-39: Expert > Network > Static Routes ............................ 205

Figure 8-40: Expert > Static Routes “Add” and “Edit” Dialog Boxes -

Default Route............................................................ 205

Figure 8-41: Expert > Static Routes “Add” and “Edit” Dialog Boxes

- Network Route........................................................ 206

Figure 8-42: Expert > Static Routes “Add” and “Edit” Dialog Boxes

- Host Route ..............................................................207

Figure 9-1: Expert > Security > Users and Groups Form............ 210

Figure 9-2: Expert > Security > Users and Groups > “Add User”

Dialog Box................................................................ 211

Figure 9-3: Expert > Security > Users and Groups > “Add Group”

Dialog Box................................................................ 212

Figure 9-4: Expert > Security > Active Ports Sessions................ 215

Figure 9-5: Expert > Security > Authentication .......................... 217

Figure 9-6: Expert > Security > Authentication > AuthType Form...

Figure 9-7: Expert > Security > Authentication > Radius........... 220

Figure 9-8: Expert > Security > Authentication > TACACS+ .... 221

Figure 9-9: Expert > Security > Authentication > LDAP............ 224

................................................................................... 218

Page 21

Figure 9-10: Expert > Administration > Time/Date..................... 226

Figure 9-11: Expert > Security > Authentication > Kerberos........ 227

Figure 9-12: Expert > Security > Authentication > NIS................ 228

Figure 9-13: Expert > Security > Security Profile........................ 228

Figure 9-14: Expert > Physical Ports Default Factory Settings.... 232

Figure 9-15: Security Profile and Serial Ports Configuration Alert232

Figure 9-16: Serial Ports Protocol Incompatibility Dialog Box .... 233

Figure 9-17: Security Advisory Dialog Box................................. 234

Figure 9-18: Wizard > Step 1: Security Profile Form.................... 235

Figure 9-19: Custom Security Profile Dialog Box ....................... 236

Figure 10-1: Expert > Ports........................................................... 240

Figure 10-2: Expert > Ports > Physical Ports................................ 241

Figure 10-3: Expert > Ports > Physical Ports > “Modify .... Ports ”

Tab Options............................................................... 242

Figure 10-4: Expert > Ports > Physical Ports > General Form..... 244

Figure 10-5: Expert > Ports > Physical Ports > Console Connection

Active Tabs................................................................ 249

Figure 10-6: Expert > Ports > Physical Ports > Console Connection.

................................................................................... 249

Figure 10-7: Connection Protocols > Console............................... 250

Figure 10-8: Expert > Ports > Physical Ports > Bidirectional Telnet

Active Tabs................................................................ 250

Figure 10-9: Expert > Ports > Physical Ports > Bidirectional Telnet

Connection ................................................................251

Figure 10-10: Connection Protocols > Bidirectional Telnet........... 251

Figure 10-11: Expert > Ports > Physical Ports > T erminal Server Active

Tabs ........................................................................... 252

Figure 10-12: Expert > Ports > Physical Ports > Terminal Server

BLACK BOX® CS Installation, Administration, and User’s Guide xxi

Connection ................................................................253

Page 22

Figures

Figure 10-13: Connection Protocols > Terminal Server.................. 253

Figure 10-14: Expert > Ports > Physical Ports > Modem Connection

Active Tabs................................................................ 254

Figure 10-15: Expert > Ports > Physical Ports > Modem Connection .

................................................................................... 255

Figure 10-16: Connection Protocols > Modem .............................. 255

Figure 10-17: Expert > Ports > Physical Ports > Power Management

Active Tabs................................................................ 256

Figure 10-18: Expert > Ports > Physical Ports > Power Management

Connection ................................................................257

Figure 10-19: Connection Protocols > Power Management............ 257

Figure 10-20: Access > Authentication Types................................. 258

Figure 10-21: Expert > Ports > Physical Ports > Serial Port Settings ...

................................................................................... 260

Figure 10-22: Expert > Ports > Physical Ports > Access Form ....... 261

Figure 10-23: Expert > Ports > Physical Ports > Data Buffering.... 266

Figure 10-24: Expert > Ports > Physical Ports > Data Buffering.... 267

Figure 10-25: Expert > Port > Physical Ports >Multi User ............. 271

Figure 10-26: Expert > Ports > Physical Ports > Power Management..

................................................................................... 273

Figure 10-27: Expert > Ports > Physical Ports > Power Management.

................................................................................... 274

Figure 10-28: Expert > Ports > Physical Ports > Power Management >

Add Outlets Dialog Box............................................ 276

Figure 10-29: Expert > Ports > Physical Ports > Power

Management>Allow All Users ................................. 278

Figure 10-30: Expert > Ports > Physical Ports >Power Management

Figure 10-31: Expert > Ports > Physical Ports > Other Form.......... 279

Figure 10-32: Expert > Ports > Virtual Ports.................................. 284

xxii

>Allow Users/ Groups .............................................. 278

Page 23

Figure 10-33: Expert > Ports > Virtual Ports > New/Modify Port

Dialog Box................................................................ 285

Figure 10-34: Expert > Applications > Connect > Serial pull-down

menu.......................................................................... 287

Figure 10-35: Expert > Ports > Virtual Ports > New/Modify Port

Dialog Box................................................................ 287

Figure 10-36: Expert > Ports > Virtual Ports > New/Modify > Port

Names Dialog box..................................................... 289

Figure 10-37: Expert > Ports > Ports Status (Read-Only)............... 290

Figure 10-38: Expert > Ports > Port Statistics (Read-Only)............ 291

Figure 11-1: Expert > Administration > System Information ....... 295

Figure 11-2: Expert > Administration > Notifications .................. 298

Figure 11-3: Expert > Administration > Notifications > Email > Add/

Edit Dialog box......................................................... 300

Figure 11-4: Expert > Administration > Notifications > Pager > Add/

Edit Dialog box......................................................... 302

Figure 11-5: Expert > Administration > Notifications > SNMP Trap >

Add/Edit Dialog box................................................. 305

Figure 11-6: Expert > Administration > Time/Date ...................... 307

Figure 11-7: Expert > Administration > Time/Date > NTP Enable308

Figure 11-8: Expert > Administration > Boot Configuration........ 309

Figure 11-9: Expert > Administration > Backup Config............... 312

Figure 11-10: Expert > Administration > Backup Config > Storage

Device ....................................................................... 314

Figure 11-11: Expert > Administration > Upgrade Firmware......... 316

Figure 11-12: Expert > Administration > Reboot............................ 318

Figure 11-13: Expert > Administration > Online Help.................... 319

BLACK BOX® CS Installation, Administration, and User’s Guide xxiii

Page 24

Figures

xxiv

Page 25

Procedures

To check Java Plug-in Support in the Browser..........................................35

To Install JRE Version 1.4.2 or later and Register the Plug-in..................35

To rack-mount CS, perform the following steps:......................................37

To Make an Ethernet Connection..............................................................38

To Connect Devices to Serial Ports...........................................................38

To Connect to the Console Port............................................... ..... .............39

To Power on the CS...................................................................................39

To Turn Power On Connected Devices.....................................................40

To Log Into CS Through the Console........................................................40

To Change the root password ....................................................................41

To Use the wiz Command to Configure Network Parameters ..................42

To Select a Security Profile .......................................................................45

To Use a Dynamic IP Address to Access the Web Manager.....................47

To Use the Default IP Address to Access the Web Manager....................47

To Install a PCMCIA Card........................................................................48

To Remove a PCMCIA Card.....................................................................48

To Configure a PCMCIA Card..................................................................49

To Daisy-Chain AlterPath PMs to the CS .................................................50

Logging in to the Web Manager...............................................................52

To Use Telnet to Connect to a Device Through a Serial Port ...................57

To Close a Telnet Session..........................................................................57

To Use SSH to Connect to a Device Through a Serial Port......................58

To Close an SSH Session...........................................................................58

To Change Your Password ........................................................................65

Page 26

Procedures

To Log Into the Web Manager...................................................................72

To Select or Configure a Security Profile..................................................84

To configure the Network Settings............................................................89

To Set Parameters for All Serial Ports.......................................................92

To Add a User............................................................................................96

To Delete a User ........................................................................................97

To Change a Password...............................................................................97

To Configure Data Buffering...................................................................102

To Add a Syslog Server...........................................................................104

To Delete a Syslog Server........................................................................105

To Connect to the CS...............................................................................121

To Connect to a Device Through a Serial Port........................................122

To View Status, Lock, Unlock, Rename, or Cycle Power Outlets..........125

To View and Reset IPDU Information ....................................................128

To Configure Users to Manage Power Outlets on IPDUs.......................130

To Specify Names, Alarms, Syslogging, and Over Current Protection for

IPDUs.......................................................................................................132

To Download AlterPath PM Software From BLACK BOX®................134

To Upgrade Software on an AlterPath PM..............................................135

To Power On or Power Off a Group of Outlets in the Same Power State139

To Power On or Power Off a Group of Outlets in Different Power States ...

..................................................................................................................139

To Lock or Unlock a Group of Outlets in the Same Power State............140

To Lock or Unlock a Group of Outlets in Different Lock States ............140

To Turn the Power of a Group of Outlets Off and On Again..................140

To Delete, Add, or Edit an IPMI Device to Enable or Disable IPMI Power

Management.............................................................................................144

To Manage Power on an IPMI Device ....................................................145

To Configure a Serial Port for IPDU or IPMI Power Management........145

To Configure a User for IPDU Power Management While Connected To a

Serial Port.................................................................................................147

To enable IPMI Power Management of an IPMI device connected to the

currently-selected port .............................................................................148

To Create a Menu for a Local Computer Terminal .................................150

xxvi

Page 27

To Configure Host Settings [Expert].......................................................157

To Configure Syslogging for Serial Ports and Specify Message Filtering ....

..................................................................................................................160

To Configure a PCMCIA Card................................................................162

To Configure a Modem PCMCIA Card...................................................166

To Configure an ISDN PCMCIA Card...................................................167

To Configure a GSM PCMCIA Card ......................................................170

To Configure an Ethernet PCMCIA Card ...............................................172

To Configure a Compact Flash PCMCIA Card or a PCMCIA Hard Disk

Drive ........................................................................................................173

To Configure a Wireless LAN PCMCIA Card........................................175

To Configure a CDMA PCMCIA Card...................................................177

To Eject a PCMCIA Card From the Card Slot........................................178

To Configure VPN...................................................................................182

To Configure SNMP................................................................................186

To Add a Chain........................................................................................201

To Edit a Chain........................................................................................201

To Add a Rule..........................................................................................202

To Edit a Rule..........................................................................................203

To Define the CS’s IP Address and Hostname........................................204

To Configure Static Routes [Expert] .......................................................207

To Add a User..........................................................................................212

To Delete a User or Group.......................................................................213

To Change a User’s Password .................................................................213

To Add a Group.......................................................................................213

To Modify a Group..................................................................................214

To View, Kill, or Refresh Active User Sessions .....................................216

To Configure the CS Login Authentication Method...............................218

To Configure a RADIUS Authentication Server.....................................220

To Configure a TACACS+ Authentication Server..................................221

To Configure an LDAP Authentication Server .......................................223

To Configure a Kerberos Authentication Server.....................................225

To Configure a NIS Authentication Server .............................................227

To Select or Configure a Security Profile................................................233

BLACK BOX® CS Installation, Administration, and User’s Guide xxvii

Page 28

Procedures

To Select One or More Serial Ports.........................................................242

To Enable or Disable Serial Ports...........................................................243

To Configure a Serial Port Connection Protocol for a Console Connection.

..................................................................................................................248

To Configure a Serial Port Connection Protocol for a Bidirectional Telnet..

..................................................................................................................250

To Configure a Serial Port Connection Protocol for a Terminal Server..252

To Configure a Serial Port Connection Protocol for an External Modem. ....

..................................................................................................................254

To Configure a Power Management Protocol for an IPDU.....................256

To Associate an Alias to a Serial Port .....................................................259

To Configure Serial Port Settings to Match the connected devices.........259

To Configure User Access to Serial Ports ...............................................263

To Configure a Serial Port Login Authentication Method ......................265

To Configure Data Buffering for Serial Ports..........................................269

To Configure Multiple Sessions and Port Sniffing for One or More Serial

Ports .........................................................................................................272

To Configure a Serial Port for IPDU or IPMI Power Management........276

To Configure a User for IPDU Power Management While Connected To a

Serial Port.................................................................................................278

To Configure TCP Port Number, STTY Options, Break Interval, and the

To Configure Terminal Server Connection Options................................282

To Cluster CS Units or Modify Cluster Configuration............................287

To Assign Names to Slave ports in the Cluster .......................................288

To View System Information...................................................................297

To Choose a Method for Sending Notifications for Serial Port

Data Buffering Events..............................................................................299

To Configure a Trigger for Email Notification for Serial Ports ..............301

To Configure a Trigger for Pager Notification for Serial Ports...............303

To Configure a Trigger for SNMP Trap Notification for Serial Ports ....306

To Configure a Trigger for Serial Port Alarm Notification.....................306

To Manually Set the Time and Date........................................................308

To Configure Time and Date Using an NTP Server ................................308

To Configure CS Boot.............................................................................311

xxviii

Page 29

To Back Up or Restore the Configuration Files using an FTP Server.....314

To Back Up or Restore the Configuration Files using a Storage Device 315

To Upgrade the CS’s firmware................................................................317

To Reboot the CS.....................................................................................318

To Configure the Online Help Path.........................................................319

BLACK BOX® CS Installation, Administration, and User’s Guide xxix

Page 30

Procedures

xxx

Page 31

Before You Begin

This installation, administration, and user’s guide provides background information and procedures for installing, configuring, and administering the BLACK BOX® Advanced Console Server and for accessing connected servers and other connected devices.

Audience

This manual is intended for installers and system administrators of the CS and for users who may be authorized to connect to devices, to manage power through the CS, and to monitor the CS’s temperature.

This document describes configuration, administration, and use of the CS only. It does not describe how to set up and administer other external services or servers that the CS may access for authentication, system logging, IPMI control, SNMP notifications, data logging, file sharing, or other purposes. This document assumes that users who are authorized to connect to servers and other devices through the CS alread y know how to use the connected devices.

Document Organization

The document contains the following chapters:

1: Introduction An overview of the features of the Advanced Console

Server and necessary prerequisite information for understanding the rest of the information in this guide.

2: Installation and Configuration

A list of tasks for installing and configuring the Advanced Console Server and connecting devices, with pointers to the needed background information and procedures.

Page 32

Before You Begin

3: Web Manager for Regular Users

Describes how authorized users use the Web Manager to access devices that are connected to ports on the CS.

4: Web Manager for Administrators

Explains how the CS administrator uses the Web Manager to add and delete users, define port access, and perform other common administration tasks.

5: Configuring CS in Wizard Mode

Describes the 6-step procedure to configure the Advanced Console Server in Wizard mode. Selecting a Security Profile, configure network settings, configure serial ports and access, and configure settings such as data buffering and system logging.

6: Configuring the CS in Expert Mode

Provides an introduction to the Expert mode. Describes the forms in each section, and provides a mapping to each form with a link to the desired section.

7: Applications Menu & Forms

Provides an overview of each form associated with the “Applications” menu, describes the functionality of the individual elements in each form, and provides step-by-step configuration procedures.

8: Network Menu & Forms

Provides an overview of each form associated with the “Network” menu, describes the functionality of the individual elements in each form, and provides step-by-step configuration procedures.

9: Security Menu & Forms

Provides an overview of each form associated with the “Security” menu, describes the functionality of the individual elements in each form, and provides step-by-step configuration procedures.

Page 33

Related Documents

The following document for the BLACK BOX® Advanced Console Server is shipped with the product.

• Advanced Console Server Quick Start Guide (hard-copy)

Typographic and Other Conventions

The following table describes the typographic conventions used in BLACK BOX® manuals.

Table v-1: Typographic Conventions

Typeface Meaning Example

Links

Hypertext links or URLs Go to:

BLACK BOX® CS Installation, Administration, and User’s Guide 3

http:// www.blackbox.com

Page 34

Before You Begin

Table v-1: Typographic Conventions

Typeface Meaning Example

Emphasis Titles, emphasized or new words or

terms

See the Advanced Console Server Quick Start.

Filename or Command

Names of commands, files, and directories; onscreen computer

Edit the pslave.conf file.

output.

User type What you type in an example,

compared to what the computer

[root] ifconfig

eth0

displays

The following table describes other terms and conventions.

Table v-2: Other Terms and Conventions

Term or Convention Meaning Examples

Hot keys • When hot keys are shown

with a plus (+) between two or three keys means

• Pressing Ctrl+p brings up the IPMI power management.

that they must be pressed at the same time.

Navigation shortcuts Shortcuts use the “greater

than” symbol (>) to indicate how to navigate to Web Manager forms.

BLACK BOX® firmware Upgrades

BLACK BOX® offers periodic firmware upgrades for the Advanced Console Server. These upgrades are available free of charge to current BLACK BOX® customers. Visit ftp://ftp.blackbox.com/lan/Term-Servers/ latest firmware.

See “Upgrade Firmware” on page 313 for instructions on how to upgrade the firmware on your Advanced Console Server.

Go to Port > Physical Ports> Modify Selected Ports > Power Management

to download the

Page 35

Introduction

This chapter introduces the Advanced Console Server family of advanced console servers, provides an overview of its features, and briefly describes the features for understanding the information and procedures in the rest of this manual.

Overview Page 6 Advanced Console Server Models and Configurations Page 6 Connectors on the Advanced Console Server Page 8 Methods of Accessing CS and Connected Devices Page 8 Web Manager Page 9 Prerequisites for Using the Web Manager Page 9 Types of Users Page 10 Security Features Page 10 Authentication Page 11 VPN Page 13 Packet Filtering Page 13 SNMP Page 20 Notifications, Alarms, and Data Buffering Page 21

Page 36

Introduction

Administering Users of Connected Devices Page 22 Power Management Page 23

Overview

The Advanced Console Server is a 1U device that serves as a single access point for using and administering servers and other devices. The following figure shows the front of the CS with its two PCMCIA card slots, and the back of a LS1032A with its Serial, Ethernet, and Console ports.

Figure 1-1: LS1032A Front and back with PCMCIA Card Slots

Product Models and Configurations

The following table shows the available configurations. See Appendix A for hardware specifications.

Table 1-1: Model Numbers and Configuration Options

Model Number Serial Ports LS1001A LS1004A

Page 37

Product Models and Configurations

Table 1-1: Model Numbers and Configuration Options

Model Number Serial Ports LS1008A LS1016A LS1032A LS1048A

The following figure illustrates the BLACK BOX® family of advanced console servers.

Figure 1-2: BLACK BOX® CS family of Advanced Console Servers

BLACK BOX® CS Installation, Administration, and User’s Guide 7

Page 38

Introduction

Connectors on the BLACK BOX® CS

The following figure depicts the connectors on the back of a LS1008A.

Serial Ports

Power Supply

Ethernet Port

Figure 1-3: LS1008A Connectors The number of serial ports and power supplies depends on the model, see

table 1-1 for model numbers and configurations options.

Accessing CS and Connected Devices

You can access CS and the connected servers or devices locally or remotely using any of the following methods.

• Using the Web Manager through LAN/WAN IP networks.

• Using a modem, ISDN, GSM, or CDMA optional PCMCIA card.

• Using the Web Manager you can login and launch a console session such as T elnet or SSH to connect to the console of devices that are connected to the CS’s serial ports.

Console Port

• By connecting a computer running a terminal emulation program, an CS administrator can log into the CS box and enter commands in the CS shell or use the Command Line Interface (CLI) tool.

Note: Only one user logged in as “root” or “admin” can have an active CLI or Web

Manager session. A second user who connects through the CLI or the Web Manager as the “root” or “admin” has a choice to abort the session or close the other user’s session.

Page 39

Web Manager

Note: If there are cron jobs running through automated scripts, a “root” or “admin”

user login can cause the automated cron jobs to fail. Make sure that the users with administrative privileges are aware of this.

Web Manager

CS administrators perform most tasks through the W eb Manager either locally or from a remote location. The Web Manager runs in a browser and provides a real-time view of all the equipment that is connected to the CS.

The CS administrator can use the Web Manager to configure users and ports. An authorized user can access connected devices through the Web Manager to troubleshoot, maintain, recycle power, and reboot connected devices.

Access to the Web Manager is through one of the following ways:

• Through the IP Network.

• Through a dial-in or callback connection with one of the following:

• An optional external modem connected to one of the serial ports.

• A modem on an optional PCMCIA modem card.

• An optional CDMA, GSM, or ISDN card.

Prerequisites for Using the Web Manager

The prerequisites described in this section must be complete before anyone can access the W eb Manager . If you have questions about any of the following prerequisites, contact your system or network administrator.

• Basic network parameters must be defined on the CS so the Web Manager can be launched over the network.

See “Performing Basic Network Configuration Using the wiz Command” on page 38.

• The IP address of the CS must be known.

When DHCP is enabled, a leased IP address is assigned to CS. The leased

IP address may change every time CS reboots. Therefore, an additional step needs to be taken to find out the dynamically-assigned IP address before the Web Manager can be accessed through the browser. Following are three ways to find out the dynamically-assigned IP address:

BLACK BOX® CS Installation, Administration, and User’s Guide 9

Page 40

Introduction

• Make an inquiry to the DHCP server on the subnet that the CS resides,

using the MAC address (The MAC address is labeled at the bottom of the CS).

• Connect to CS remotely using Telnet or SSH and use the ifconfig

command.

• Connect directly to the CS and use the ifconfig command through

a terminal emulator application.

• A user account must be defined on the Web Manager.

By default, the “admin” has an account on the Web Manager. An

administrator can add regular user accounts to grant access to the connected servers or devices using the Web Manager.

Types of Users

CS supports the following user account types:

Note: It is strongly recommended to change the default password “bb” before

Security

• The “root” user who can manage the CS and its connected devices. The “root” user performs the initial network configuration. Access privileges are full read/write and management.

setting up the CS for secure access to the connected servers or devices.

• Users who can be part of an “Admin” group with administrative privileges. This may be a regular user who can perform the same tasks as an administrator.

• Regular users who can access the connected devices through the serial ports they are authorized for. Regular users have limited access to the Web Manager features.

The Advanced Console Server includes a set of security profiles that consists of predefined parameters to control access to CS and its serial ports. This feature provides more contro l over the services that are active at any one time. As an additional security measure, all serial ports are disabled by default, which allows the administrator to enable and assign individual ports to users. See “Security Profiles” on page 226 for detailed information and procedures.

Page 41

Authentication

CS supports a number of authentication methods that can help the administrator with the user management. Authentication can be performed locally or with a remote server, such as RADIUS, TACACS+, LDAP, or Kerberos. An authentication security fallback mechanism is also employed, should the negotiation process with the authentication server fails. In such situations, the CS follows an alternate defined rule when authentication server is down or does not authenticate the user.

The following table lists the supported authentication methods.

Table 1-2: CS Supported Authentication Methods

Authentication Type Definition None Kerberos

Kerberos/Local

KerberosDownLocal

LDAP

LDAP/Local

LDAPDownLocal

Local

No authentication.

Authentication is performed using a Kerberos server.

Kerberos authentication is tried first, switching to Local if unsuccessful.

Local authentication is performed only when the Kerberos server is down.

Authentication is performed against an LDAP database using an LDAP server.

LDAP authentication is tried first, switching to Local if unsuccessful.

Local authentication is performed only when the LDAP server is down.

Authentication is performed locally. For example using the /etc/passwd file.

Local/Radius

BLACK BOX® CS Installation, Administration, and User’s Guide 11

Authentication is performed locally first, switching to Radius if unsuccessful.

Page 42

Introduction

Authentication Type Definition Local/TACACS+

Local/NIS

NIS NIS/Local

NISDownLocal

Radius

Radius/Local

RadiusDownLocal

Authentication is performed locally first, switching to TACACS+ if unsuccessful.

Authentication is performed locally first, switching to NIS if unsuccessful.

NIS authentication is performed.

NIS authentication is tried first, switching to Local if unsuccessful.

Local authentication is performed only when the NIS server is down.

Authentication is performed using a Radius authentication server.

Radius authentication is tried first, switching to Local if unsuccessful.

Local authentication is performed only when the Radius server is down.

TACACS+

TACACS+/Local

TACACS+DownLocal

Authentication is performed using a TACACS+ authentication server.

TACACS+ authentication is tried first, switching to Local if unsuccessful.

Local authentication is tried only when the TACACS+ server is down.

Page 43

VPN

The CS administrator can set up VPN connections to establish an encrypted communications between the CS and a host on a remote network. The encryption creates a security tunnel for a dedicated communications.

You ca n use the VPN features on CS to create the following types of connections:

• A secure tunnel between CS and a gateway at a remote location so every machine on the subnet at the remo te location has a secure connection with CS.

• Create a secure tunnel between CS and a single remote host

To set up a security gateway, you can install IPSec on any machine that does networking over IP, including routers, firewall machines, application servers, and end-user machines.

The ESP and AH authentication protocols are supported. RSA Public Keys and Shared Secret are also supported.

For detailed information and procedures to configure a VPN connection, see “VPN Connections” on page 176.

Packet Filtering on CS

The CS administrator can configure the box to filter packets like a firewall. IP filtering is controlled by chains and rules.

Structure of IP Filtering

The Firewall Configuration form in the Web Manager is structured on two levels:

• The view table of the “Firewall Configuration” form which contains a list of chains.

• The chains which contain the rules that control filtering.

BLACK BOX® CS Installation, Administration, and User’s Guide 13

Page 44

Introduction

Chain

A chain is a named profile that includes one or more rules that define the following:

• A set of characteristics to look for in a packet

• What to do with any packet that has all the defined characteristics

The CS filter table contains a number of built-in chains. The CS administrator can define additional chains and can edit the built-in chains. The built-in chains are referenced according to the type of packet they handle as shown in the following list:

• INPUT - For incoming packets.

• FORWARD - For packets being routed through CS.

• OUTPUT - For outgoing packets.

As defined in the rules for the default chains, all input and output packets, and packets being forwarded are accepted.

Rule

Each chain can have one or more rules that define the following:

• The packet characteristics being filtered. The packet is checked for characteristics defined in the rule. For example,

a specific IP header, input and output interfaces, TCP flags and protocol.

• What to do when the packet matches the rule. The packet can be handled according to a specified target policy such as

accepted, dropped, returned, logged, or rejected.

When a packet is filtered, its characteristics are compared against the rules one-by-one. All defined characteristics must match. If no rules are found then the default action for that chain is applied.

Administrators can do the following to specify packet filtering:

• Add a new chain and specify rules for that chain

• Add new rules to existing chains

• Edit a built-in chain or delete the built-in chain rules

Page 45

Packet Filtering on CS

Add Rule and Edit Rule Options

When you add or edit a rule you can define any of the options described in the following table.

Table 1-3: Filter Options for Packet Filtering Rules

Filter Options Description Source IP and Mask

Destination IP and Mask

Protocol

Input Interface Output Interface

If you specify a source IP, incoming packets are filtered for the specified IP address. If you specify a destination IP, outgoing packets are filtered for the specified IP address.

If you fill in a source or destination mask, incoming or outgoing packets are filtered for IP addresses from the subnetwork in the specified netmask.

You can select a protocol for filtering from one of the following options:

•ALL

• Numeric Protocol Options

• TCP Protocol Options

• UDP Protocol Options

• ICMP Protocol Options The input interface (ethN) used by the incoming packet.

The output interface (ethN) used by the outgoing packet.

Fragments

You can flag any of the above elements with inverted so that the target action is performed on packets that do not match any of the criteria specified in that line. For example, if you select DROP as the target action, specify “Inverted” for a source IP address, and do not specify any other criteria in the rule, any

BLACK BOX® CS Installation, Administration, and User’s Guide 15

The types of packets to be filtered:

• All packets

• 2nd, 3rd... fragmented packets

• Non-fragmented and 1st fragmented packets

Page 46

Introduction

packets arriving from any other source IP address than the one specified are dropped.

Numeric Protocol Options

If you select Numeric as the protocol when specifying a rule, you need to specify the desired number.

TCP Protocol Options

If you select TCP as the protocol when specifying a rule, you can define the following options.

Table 1-4: TCP Protocol Packet Filtering Options

Field/Menu Option Definition Source Port

- OR - Destination Port

TCP Flags

You can specify a source or destination port number for filtering in the “Source Port” or “Destination Port” field. You can also specify a range so that TCP packets are filtered for any port number within the range.

Specifying any of the flags: “SYN” (synchronize), “ACK” (acknowledge), “FIN” (finish), “RST” (reset), “URG” (urgent), “PSH” (push), and one of the “Any,” “Set,” or “Unset” conditions, filters TCP packets for the specified flag and the selected condition.

Page 47

Packet Filtering on CS

UDP Protocol Options

When you select UDP as a protocol when specifying a rule, you can select the UDP options defined in the following table.

Table 1-5: UDP Protocol Packet Filtering Options

Field Definition Source Port

- OR - Destination Port

ICMP Protocol Options

When you select ICMP as a protocol when specifying a rule, you can select the following ICMP options.

•all

• echo-reply

• destination-unreachable

• network-unreachable

• host-unreachable

• protocol-unreachable

• port-unreachable

Specify a source or destination port number for filtering in the “Source Port” or “Destination Port” field.

You can specify a source or destination port number for filtering in the “Source Port” field. You ca n also specify a second number so that UDP packets are filtered for any port number within the range.

• fragmentation-needed

• source-route-failed

• network-unknown

• host-unknown

• network-prohibited

• host-prohibited

• TOS-network-unreachable

• TOS-host-unreachable

• communication-prohibited

• host-precedence violation

BLACK BOX® CS Installation, Administration, and User’s Guide 17

Page 48

Introduction

• precedence-cutoff

• source-quench

•redirect

• network-redirect

• host-redirect

• TOS-network-redirect

• TOS-host-redirect

• echo-request

• router-advertisement

• router-solicitation

• time-exceeded

• ttl-zero-during-transit

• ttl-zero-during-reassembly

• parameter-problem

• ip-header-bad

• required-option-missing

• timestamp-request

• timestamp-reply

• address-mask-request

• address-mask-reply

Target Actions

The “T ar get” is the action to be performed on an IP packet that matches all the criteria specified in a rule. The target actions are:

• ACCEPT

•DROP

• RETURN

•LOG

•REJECT

Page 49

Packet Filtering on CS

If the “LOG” and “REJECT” targets are selected, additional options are available.

The following table describes the options for the “LOG” Target.

Table 1-6: LOG Target Action Options

Options Definition Log Level

Log Prefix TCP Sequence TCP Options IP Options

emerg alert crit err warning notice info debug

The prefix to use in the log entry.

Includes the TCP sequence in the log.

Includes TCP options in the log.

Includes IP options in the log.

The following list shows the options for the REJECT Target:

• icmp-net-unreachable

• icmp-host-unreachable

• icmp-port-unreachable

• icmp-proto-unreachable

• icmp-net-prohibited

• icmp-host-prohibited

• echo-reply

• tcp-reset

BLACK BOX® CS Installation, Administration, and User’s Guide 19

Page 50

Introduction

Firewall Configuration Procedures

The following table has links to the procedures for defining packet filtering using the Web Manager.

To Add a Chain Page 199 To Edit a Chain Page 199 To Add a Rule Page 200 To Edit a Rule Page 201

SNMP

The CS administrator can activate Simple Network Management Protocol (SNMP) agent that resides on the CS so that the SNMP agent sends notifications about significant events or traps to an SNMP management application. The CS SNMP agent supports SNMP v1/v2 and v3.

The following table shows the tasks related to administering SNMP on the CS and provides links to where they are documented.

To Configure SNMP See “To Configure SNMP”

on page 184.

To configure one or more serial ports to send SNMP traps.

See “SNMP Trap Notifications Entry” on page 302

Page 51

Notifications, Alarms, and Data Buffering

The CS administrator can setup logging, notifications, and alarms to alert administrators about problems. System generated messages on CS and the connected servers or devices can be sent to syslog servers for handling. The administrator can also configure data buffering to store data from communication on serial ports for monitoring.

Data from communication with serial-connected consoles can be stored:

• Locally in the CS’s flash memory, or

• Remotely either on an NFS server or a syslog server.

Syslog Servers

Messages about the CS and connected servers or devices can be sent to a central logging servers, called syslog servers. Console data from devices connected to serial ports can be stored in data buffer files on syslog servers. By default logging and data buffering are not done.

Prerequisites for Logging to Syslog Servers

Before configuring syslogging, the CS administrator must ensure that syslog server is pre-configured with a public IP address, and it is accessible from CS. The CS administrator must be able to obtain the following information from the syslog server’s administrator.

• The IP address of the syslog server

• The facility number for messages coming from the CS. Facility numbers are used on the syslog server for handling messages

generated by multiple devices.

Facility Numbers for Syslog Messages

Each syslog server has seven local facility numbers available for its administrator to assign to different devices or groups of devices at different locations. The available facility numbers are Local0 through Local7.

BLACK BOX® CS Installation, Administration, and User’s Guide 21

Page 52

Introduction

An Example of Using Facility Numbers

The syslog system administrator sets up a server called “syslogger” to handle log messages from two CS boxes. One CS is located in São Paulo, Brazil, and the other in Fremont, California. The syslog server’s administrator wants to aggregate messages from the São Paulo CS into the

local1 facility, and to

aggregate messages from Fremont CS into the On “syslogger” the system administrator has configured the system logging

utility to write messages from the

saopaulo-config var/log/fremont-config

syslog server using the Web Manager, according to this example, you would select the facility number Local2 from the “Facility Number” pull-down menu on the Syslog form.

file and the messages from the local2 facility to the /

local1 facility to the /var/log/

file. If you were in Fremont and identifying the

local2 facility.

Administering Users of Connected Devices

This sections provides a list of task that an CS administrator can perform to enable access to connected devices.

Planning Access to Connected Devices

The CS administrator needs to perform specific tasks to setup and configure user access to the connected servers, IPDUs, or other devices. An advanced planning can minimize issues that may arise during software configuration.

Some of the planning steps includes the following:

• Create a list of servers or devices to connect to the serial ports.

• Create a list of users with the type of access each user requires.

• Create a matrix of users and required access to each connected server or device.

• Create meaningful aliases to assign to port numbers.

• List all devices that need to be connected to IPDUs and the users who need to access them.

Page 53

CS and Power Management

Configuring Access to Connected Devices

During hardware installation of CS, the installer connects the servers, devices, and any IPDUs to the serial ports.

During software configuration, the CS administrator performs the common tasks listed in the following table.

Table 1-7: Tasks for Configuring Access to Connected Devices

Task Where documented

Configure a serial port connection protocol for a console connection

Configure user access to serial ports. Page 261 Configure a serial port for IPDU or IPMI

power management Configure a user for IPDU power

management

Page 246

Page 274

Page 276

CS and Power Management

CS enables users who have power management permissions to power off, power on, and reboot devices. The CS offers the following power management options:

• Remote power management of servers that have IPMI controllers. The CS's implementation of the Intelligent Platform Management Interface (IPMI) protocol lets authorized users manage power for servers that have embedded IPMI controllers. IPMI servers do not need to be connected to the CS because their IPMI controllers respond to out-of-band IPMI

BLACK BOX® CS Installation, Administration, and User’s Guide 23

Page 54

Introduction

commands. Authorized users can also perform IPMI power management of serially-connected devices. The CS uses IPMI V1.5.

• Remote power management of devices that are plugged into an IPDU that is connected to CS

• The intelligent power distribution unit (IPDU) can be an AlterPath PM connected to any serial port. Up to 128 IPDU outlets can be daisychained.

• The diagram below shows a typical setup of the CS and an AlterPath PM unit.

Figure 1-4: IPDU Integration With CS

Configuring Power Management

Administrators commonly perform power management through the Web Manager, to assign power management permissions to users, configure IPMI devices, and configure ports for power management.

Page 55

CS and Power Management

The following table list the tasks for power management and where they are described.

Table 1-8: Tasks for Configuring Power Management

Task Where Documented

Configure users to manage power on IPDUs “To Configure a User for IPDU Power

Management While Connected To a Serial Port” on page 276

Identify servers for IPMI power management

Configure ports for power management by authorized users

Configuring Ports for Power Management by Authorized Users

Administrators of connected devices who have power management permissions can do power management while connected by using a “hot key” that brings up a power management screen.

For IPMI power management the default hot key is Ctrl+p. For IPDU power management the default hot key is Ctrl+Shift+I.

Configuring Ports for Power Management Using the CLI

CS administrators can use the CLI command with the config ipmi options to manage power on IPMI devices while logged into the CS with administrative rights. The ipmitool command is documented in the

BLACK BOX® Advanced Console Server Command Reference Guide.

“T o Delete, Add, or Edit an IPMI Device to Enable or Disable IPMI Power Management” on page 142

“To Configure a Serial Port for IPDU or IPMI Power Management” on page 274.

BLACK BOX® CS Installation, Administration, and User’s Guide 25

Page 56

Introduction

Options for Managing Power

The sections listed below describe the different ways that the authorized users can perform power management through CS.

• From forms in the Web Manager

• From a power management screen while logged into a device

• From the command line while logged into CS

An authorized user with administrative privileges can perform IPDU and IPMI power management. A Regular User with permissions to the connec ted devices can perform IPDU power management.

Power Management Through the Web Manager

Users with power management permissions can perform power management through the Web Manager. The Web Manager menu includes the two power management options listed in the following table, with links to where each is documented.

Table 1-9: Power Management Options in the Web Manager

Form Name Where Documented

IPDU Power Mgmt • “IPDU Power Mgmt.” on page 120

• “To View Status, Lock, Unlock, Rename, or Cycle Power Outlets” on page 123

IPMI Power Mgmt • “IPMI Power Management” on page 139

• “To Delete, Add, or Edit an IPMI Device to Enable or Disable IPMI Power Management” on page 142

• “To Manage Power on an IPMI Device” on page 143

Power Management from the CS Command Line

CS administrators can use the ipmitool command to manage power on IPMI devices while logged into the CS with administrative rights. The

ipmitool command is documented in the BLACK BOX® Advanced Console Server Command Reference Guide.

Page 57

Chapter 2 Installation and Configuration

This chapter covers the topics listed in the following table.

Shipping Box Contents Page 28 Important Pre-Installation Requirements Page 32 Basic Installation Procedures Page 34 Other Methods of Accessing the Web Manager Page 45 Installing PCMCIA Cards Page 46 Connecting AlterPath PM IPDUs Page 47

The following figure illustrates an example of an CS configured with connected devices.

Page 58

Installation and Configuration

Figure 2-1: CS Setup Example

Shipping Box Contents

The shipping box contains the CS along with the items shown in Table 2-1 and T able 2-2 for CS4 through CS48, and CS1 respectively . The entry for each part provides an illustration, its part number, description, and purpose. You can use checkboxes to check off each item, and you can use the part numbers from this table to reorder any of the parts.

The list is numbered for internal cross-referencing among descriptions within this table.

Table 2-1: Shipping Box Contents for LS1004A - LS1048A

R Item Description Purpose

Documentation CD PDF copies of this guide.

Page 59

Shipping Box Contents

R Item Description Purpose

Power cable. To connect the CS to a power source.

RJ45 to DB25F crossover adapter

RJ45 to DB25M crossover adapter

RJ45 to DB9F crossover adapter

T o connect the console port to a computer that has a DB-25 male connector.

T o connect the console port to a computer that has a DB-25 female connector.

T o connect the console port to a computer that has a DB-9 connector.

Sun/Netra crossover adapter

RJ45 to RJ45 7ft. CAT5 cable

T o connect the console port to a Sun Netra server, or other devices with the same pinout configuration.

Use for the following:

• To connect a device or an IPDU to a serial port.

• To connect an Ethernet port to the LAN.

• To connect a terminal to a console port.

BLACK BOX® CS Installation, Administration, and User’s Guide 29

Page 60

Installation and Configuration

R Item Description Purpose

10.

11.

RJ45 to DB25M

Use for modems and other DCE devices.

straight-thru cable

DB25F Loopback Use to test and diagnose serial ports.

2 - Mounting

Use to mount the CS to a rack or cabinet. brackets with 10 - screws (2 spares)

Page 61

Shipping Box Contents

Table 2-2: Shipping Box Contents for LS1001A

R Item Description Purpose

Documentation CD PDF copies of this guide.

RJ45 to DB9F crossover adapter

To connect the console port to a computer that has a DB-9 connector.

DB25F Loopback Use to test and diagnose serial ports.

3.5mm Block Plug Use to establish RS-485 connection.

DB9F to DB25M

Use to convert serial port connectors.

adapter

Bumpon Protect

Adhesive pads to protect and stabilize CS1.

Pads

BLACK BOX® CS Installation, Administration, and User’s Guide 31

Page 62

Installation and Configuration

10.

RJ45 to RJ45 7ft. CAT5 cable

DB9F to DB25F crossover cable

Power Supply +5V/2.5A

Use for the following:

• To connect a device or an IPDU to a serial port.

• To connect an Ethernet port to the LAN.

• To connect a terminal to a console port.

To connect the RS-232 serial port to a computer that has a DB-25 male connector.

Power supply.

11.

Power Cable

To connect the CS to a power source.

6ft. 2-Pin

Important Pre-installation Requirements

Before installing and configuring CS, ensure that you have the following:

• Root Access on your local UNIX machine in order to use the serial ports.

• An appropriate Terminal application for your operating system.

• IP address, DNS, Network Mask, and Gateway addresses of your server or terminal, the CS, and the machine that CS is connected to.

• A web browser that supports the CS Web Manager, such as Netscape, Internet Explorer 6.0, Firefox, or Mozilla.

• Java 2 Runtime Environment (JRE) version 1.4.2 or later. J2RE can be downloaded from http://java.com

Page 63

Important Pre-installation Requirements

Java Plug-In Requirement for Serial Port Access

The JRE version 1.4.2 or later must be installed for a user to be able to access a serial port using the Java applet viewing window. After you download and install J2RE version 1.4.2 or later, check your browser configuration to see if the Java plug-in is configured with your browser.

T To check Java Plug-in Support in the Browser

1. To check Internet Explorer on Windows, do the following steps. a. Go to Tools > Internet Options > Advanced b. Scroll down and look for a section on Java.

c. There should be a check box that says “Use Java 2 v1.4.2...." As

shown in the following figure.

d. If an option similar to the above figure does not appear, it means that

JRE is not installed on your system. Or, if the option appears, but the checkbox is not enabled, this means your browser is not activated to use the Java plug-in that came with JRE.

2. To check Netscape or Mozilla on Windows, do the following steps. a. Go to Edit > Preferences >Advanced. b. Check the “Enable Java” checkbox. c. To see what version of the Java plug-in is registered, do the following

steps. i. Go to Help > About Plug-ins.

ii. Scroll to the Java Plug-in section. iii. Check whether the registered Java plug-in is the same as the

version you installed.

T To Install JRE Version 1.4.2 or later and Register the Plug-in

1. Make sure that JRE 1.4.2 or later is installed on the computer.

BLACK BOX® CS Installation, Administration, and User’s Guide 33

Page 64

Installation and Configuration

If needed, download the JRE from http://java.com. The web site automatically checks your configuration and installs the latest version of JRE if one is not available.

2. If JRE is already installed on your system and you just want to activate your browser, do the following steps.

a. Go to your system's Control Panel > Java Plug-in > Browser b. Enable the browser(s) for Java Plug-in. c. Test your browser(s) to see if the correct Java Plug-in is being used.

Basic Installation Procedures

The following table lists the basic installation tasks in the order in which they should be performed and shows the page numbers where the tasks are described in more detail.

Table 2-3: CS Basic Installation Tasks

Task Where Documented

Mount the CS “Mounting the CS” on page 35 Make an Ethernet connection “Making an Ethernet Connection” on page 35 Connect servers and other devices to be

managed through the CS Make a direct (terminal) connection to

prepare CS for basic network configuration

“Connecting Servers and Other Devices to CS” on page 36

“Making a Direct Connection to Configure the Network Parameters.” on page 37

Power on the CS and the connected devices “Powering on the CS and the Connected

Devices” on page 37

Perform basic network configuration “Performing Basic Network Configuration

Using the wiz Command” on page 38

Select a security profile using the web manager

“Selecting A Security Profile Using the Web Manager” on page 43

Page 65

Basic Installation Procedures

Mounting the CS

You can mount the CS on a wall, rack, or cabinet, or place it on a desktop or other flat surface. T wo brackets are supplied with six hex screws for attaching the brackets to CS for mounting. See item 14 in the shipping content section.

• If you are not mounting the CS, place the unit on a desk or table.

• If you are rack-mounting the CS, obtain a hex screwdriver and appropriate nuts and bolts before starting the following procedure.

T To rack-mount CS, perform the following steps:

1. Install the brackets on to the front or back edges of the box using a screw driver and the screws provided with the mounting kit.

brackets

2. Mount the CS box in a secure position.

Note: To ensure safety refer to Appendix B: Safety Guidelines.

Making an Ethernet Connection

You can use the RJ-45 straight-through cable and the appropriate adapter provided in the product box to assemble a console cable. All adapters have an RJ-45 connector on one end and either a DB25 or DB9 male or female connector on the other end.

BLACK BOX® CS Installation, Administration, and User’s Guide 35

Page 66

Installation and Configuration

To Make an Ethernet Connection

1. Connect the RJ-45 end of the cable to the port labeled “Console” on the CS.

2. Connect the adapter end of the cable to the console port of your server or device.

3. Connect a patch cable from the CS port labeled 10/100Base-T to an Ethernet hub or switch.

Connecting Servers and Other Devices to CS

The following sections describes the recommended preparation for connecting servers or devices to CS.

• Make sure the configuration on servers or devices to be connected are completed.

• Work with the administrator of the servers or devices to ensure all the following prerequisites are met:

• All devices are installed and fully configured.

• User accounts exist for the users who need access to the server or

device.

• If a device is to use remote authentication, make sure that the

authentication servers are installed and fully configured

• You have obtained from the server’s administrator the information (IP

address and other method-specific information), which you need to configure the authentication server on the CS.

T To Connect Devices to Serial Ports

Using patch cables with RJ-45 connectors and DB-9 console adapters assemble crossover cables to connect the CS serial ports to the device’s console port.

Note: After CS is installed make sure to specify the desired authentication method to

CS and the serial ports that each device is connected to. See “Authentication” on page 214 for more information on configuring authentication to CS, and “Physical Ports” on page 239 for detail information on configuring the serial ports.

Page 67

Basic Installation Procedures

Making a Direct Connection to Configure the Network Parameters.

Perform the following steps to connect a terminal or a computer to the console port of the CS. This procedure assumes you know how to use a terminal or terminal emulation program.

On a PC, ensure that HyperT erminal or another terminal emulation prog ram is installed on the Windows operating system. On a computer running a UNIXbased operating system, such as Solaris or Linux, make sure that a compatible terminal emulator such as Kermit or Minicom is installed.

T To Connect to the Console Port

1. Install and launch your serial communication software on a terminal or a computer. For example, if you are using a PC, use HyperTerminal to perform the initial configuration of the CS directly through your PC’s COM port.

2. Open HyperTerminal. Start > All Programs > Accessories > Communications > HyperTerminal

3. Start a New Connection session, select an available COM port, and enter the following console parameters.

• Bits per second: 9600 bps

• Data bits: 8 bits

• Parity: None

• Stop bit: 1

• Flow control: None

Powering on the CS and the Connected Devices

Do the following procedures in the order shown to avoid problems with components on connected devices.

T To Power on the CS

1. Make sure the CS’s power switch is off.

2. Plug in the power cable.

3. Turn the CS’s power switch(es) on.

BLACK BOX® CS Installation, Administration, and User’s Guide 37

Page 68

Installation and Configuration

Note: If your CS model is equipped with dual power supplies, make sure you turn

both power switches on. After system initialization, a beep sound may warn if one of the power supplies is off.

T To Turn Power On Connected Devices

• Turn on the power switches of the connected devices only after you have completed the physical connection to CS.

Configuring the Network Parameters

In preparation to make CS available on the network, collect the following information from your system administrator and proceed with the network configuration procedure.

• Hostname

• An IP address for CS

• Domain name

• DNS IP address

• Gateway IP address

• Network mask

• NTP server’s IP address (if you are using a time/date server)

Performing Basic Network Configuration Using the wiz Command

The following procedure assumes that a hardware connection is made between the CS’s console port and the COM port of a computer.

T To Log Into CS Through the Console

From your terminal emulation application, log into the console port as root.

CS login: root Password: bb

Page 69

Basic Installation Procedures

Note: It is strongly recommended to change the default password “bb” before

setting up the CS for secure access to the connected servers or devices.

T To Change the root password

1. Enter the passwd command.

[root@CAS root]# passwd

d. Enter a new password when prompted.

New password: new_password Re-enter new password: new_password Password changed

The following Security Advisory appears the first time CS is powered on, or when the unit is reset to factory default parameters.

BLACK BOX® CS Installation, Administration, and User’s Guide 39

Page 70

Installation and Configuration

Figure 2-2: Security Advisory Console Message

Important - Security Advisory!

Console Management provides critical access to management features of attached equipment. Please take the required precautions to understand the potential impacts this device may have to your SECURITY policies.

From factory, this device is configured as follows:

- single password for ROOT;

- all serial port DISABLED;

- DHCP, Telnet, SSHv1 & SSHv2 and HTTP & HTTPS enabled. The following actions are STRONGLY recommended:

1. To change the ROOT user's password before setting up the device.

2. That you SELECT A SECURITY PROFILE to complete the INITIAL SETUP.

Security is dependent on Policy and is Configurable to fit in environments with varying levels of Security. This device provides three pre-set

Security Levels: SECURED, MODERATE and OPEN, and in addition, the ability to set a CUSTOM Security Profile.

3. Do not leave the equipment idle WITHOUT selecting a SECURITY PROFILE.

4. To ENABLE Serial Ports and CONFIGURE them using Web UI or CLI.

Refer to the Quick Start Guide or the User's Guide for Security Profile selection details and Serial Port configuration.

T To Use the wiz Command to Configure Network Parameters

1. Launch the Configuration Wizard by entering the wiz command.

[root@CAS root]# wiz

Page 71

Basic Installation Procedures

As shown in the sample screen below, the system brings up the configuration wizard banner and begins running the wizard.

2. At the prompt, enter n to change the defaults.

Set to defaults (y/n)[n]: n

3. Press Enter to accept the default hostname, otherwise enter your own hostname.

Hostname [CAS]: fremont_branch_CS

4. Press Enter to keep DHCP enabled, or enter “n” to specify a static IP address for CS. By default, CS uses the IP address provided by the DHCP server. If your network does not use DHCP, then CS will default to

192.168.160.10.

Do you want to use DHCP to automatically assign an IP for your system? (y/n)[y] :

BLACK BOX® CS Installation, Administration, and User’s Guide 41

Page 72

Installation and Configuration

5. To change the default static IP address, see your network administrator to obtain a valid IP address.

System IP[192.168.160.10]: CS_IP_address

6. Enter the domain name.

Domain name[blackbox.com]: domain_name

7. Enter the IP address for the Primary DNS (domain name) server.

Primary DNS Server[192.168.44.21] :

DNS_server_IP_address

8. Enter the IP address for the gateway.

Gateway IP[eth0] : gateway_IP_address

9. Enter the netmask for the subnetwork.

Network Mask[#] : netmask

The network configuration parameters appear.

10. Enter y after the prompts shown in the following screen example.

Are all these parameters correct? (y/n)[n]: y Do you want to activate your configurations

now? (y/n)[y]: y Do you want to save your configuration to

Flash? (y/n)[n]: y

11. To confirm the configuration, enter the ifconfig command.

12. After the initial configuration proceed to the Web Manager to select a

security profile.

Page 73

Basic Installation Procedures

Note: To use the Web Man a ger, ask your system administrator for the CS’s IP

address. CS may be set up with a static IP address at your site. By default, CS uses the IP address provided by the DHCP server. If your network does not use DHCP, then CS defaults to 192.168.160.10.

Selecting A Security Profile Using the Web Manager

After the initial configuration, connect to the Web Manager by entering the IP address of the CS in a supported browser.

Note: Once you login to the Web Manager, a Security Profile must be selected in

order to further configure CS using the Web Manager. For this reason your browser redirects to Wizard > Step1: Security Profiles.

T To Select a Security Profile

Select a pre-defined Security Profile, or define a Custom profile for specific services. The profiles are:

• Secured: Disables all protocols except SSHv2, HTTPS, and SSH to

Serial Ports.

• Moderate: Enables SSHv1, SSHv2, HTTP, HTTPS, Telnet, SSH and

Raw connections to Serial Ports, ICMP, and HTTP redirection to HTTPS.

• Open: Enables all services, Telnet, SSHv1, SSHv2, HTTP, HTTPS,

SNMP, RPC, ICMP and Telnet, SSH and Raw connections to Serial Ports.

• Default: Sets the profile to the same configuration as Moderate.

• Custom: Enable or disable individual protocols and services, and

configure access to ports.

For detailed information on Security Profiles see “Security Profiles” on page

226.

The administrator can perform the following tasks using the Web Manager.

• Administer CS and its connected devices.

• Configure user and group permissions.

BLACK BOX® CS Installation, Administration, and User’s Guide 43

Page 74

Installation and Configuration

• Access the serial ports and the connected devices.

Adding Users and Configuring Ports Using the Web Manager

Enabling Ports and Assigning Users.

Note: From the factory, CS is configured with all serial ports disabled.

• The administrator can add users, enable or disable the serial ports, and select and assign specific users to individual ports. For detailed information on managing users and ports see Appendix 9, “Security Menu & Forms" and Appendix 10, “Ports Menu & Forms".

For additional configuration and administration options, and other important related information, see the chapters in the CS user manual that are listed in the following table.

Topic Where Documented

Installation and Configuration Process. Appendix 2, “Installation and

Configuration"

For Regular Users - How to use the Web Manager to access servers and connected devices.

Web Manager in Wizard Mode. Appendix 5, “Configuring CS in Wizard

Web Manager in Expert Mode. Appendix 6, “Configuring the CS in

Appendix 3, “Web Manager for Regular Users"

Mode"

Expert Mode"

Page 75

Other Methods of Accessing the Web Manager

You ca n access the Web Manager using one of the following methods.

Note: The following methods require additional setup and configuration, which

could be specific to your site’s network configuration.

• Using DHCP

• Using the default IP address

T To Use a Dynamic IP Address to Access the

Web Manager

This procedure assumes that DHCP is enabled, and that you are able to obtain the dynamic IP address that is currently assigned to CS.

1. Mount the BLACK BOX® CS.

2. Connect computers and other devices to be managed through the CS.

3. Power on the CS and connected devices.

4. Obtain the CS’s current IP address.

5. Enter the CS’s IP address in the browser’s Address window.

6. Login to the CS and finish configuring users and other settings using the

Web Manager.

T To Use the Default IP Address to Access the Web

Manager

The default IP address for the CS is 192.168.160.10. This procedure assumes that you are able to temporarily change the IP address of a computer that is on the same subnet as the CS.

1. On a computer that resides on the same subnet as the CS, change the network portion of the IP address of that computer to 192.168.160.

For example, you could change the computer’s IP address to

192.168.160.44. For the host portion of the IP address, you can use any number except 10, 0, or 255.

BLACK BOX® CS Installation, Administration, and User’s Guide 45

Page 76

Installation and Configuration

2. Bring up a browser on the computer whose address you changed, enter the CS’s default IP address, http://192.168.160.10 to bring up the Web Manager, and log in.

Installing PCMCIA Cards

The front panel of the CS has two PCMCIA card slots as shown in the following figure. You can insert and configure one card in each of the slots. See Appendix C, “Supported PCMCIA Cards".

PCMCIA Slots

Figure 2-3: Front Panel PCMCIA Card Slots

T To Install a PCMCIA Card

1. Insert the PCMCIA card into slot 1 or slot 2.

2. Use the Web Manager to configure the PCMCIA card.

Note: A hard disk PCMCIA card is automatically mounted once it is inserted, and it

needs no configuration.

T To Remove a PCMCIA Card

Caution: A lways use the Web Manager to eject a PCMCIA card. Any other method

may cause a kernel panic.

1. Eject the card by using the Eject button on the Web Manager’s PCMCIA Management form, Expert > Network > PCMCIA Management > Eject

Page 77

Connecting AlterPath PM IPDUs

Figure 2-4: PCMCIA Eject Button in Web Manager

2. Physically remove the card from the slot.

T To Configure a PCMCIA Card

See Chapter 8, “To Configure a PCMCIA Card”, and the sections related to the type of card you need to configure.

Connecting AlterPath PM IPDUs

You can connect AlterPath Power Management (PM) intelligent power distribution units (IPDUs) to the serial ports on the CS using an RJ-45 to RJ45 UTP cable. AlterPath PM includes two RS-232 outlets for serial management and daisy-chaining. Any co mbination of Alter PM models up to 128 outlets can be daisy-chained into a single virtual power distribution unit.

The following figure shows an CS and two AlterPath PM8 IPDUs daisychained. One PM is connected to a serial port on CS configured for power management, and a second PM is daisy-chained from the first PM.

BLACK BOX® CS Installation, Administration, and User’s Guide 47

Page 78

Installation and Configuration

Figure 2-5: AlterPath PMs Connected to the CS The following table lists the related tasks on connecting IPDU units and

managing power.

Table 2-4: Tasks Related to Connecting AlterPath PMs

Task Where Documented

Configure serial ports for power management protocol.

How the administrators perform IPDU power management using the Web Manager

How the regular users manager power outlets using the Web Manager

Connect the AlterPath PM to the CS unit, and daisy-chain multiple PM units.

Configure users for IPDU power management

Configure servers for IPMI power management while connected.

T To Daisy-Chain AlterPath PMs to the CS

“To Configure a Serial Port for IPDU or IPMI Power Management” on page 274

“IPDU Power Mgmt.” on page 120

“To Close an SSH Session” on page 56

“To Daisy-Chain AlterPath PMs to the CS” on page 48

“To Configure Users to Manage Power Outlets on IPDUs” on page 128

“To Delete, Add, or Edit an IPMI Device to Enable or Disable IPMI Power Management” on page 142

This procedure assumes that you have one AlterPath PM connected to a serial port on the CS.

1. Connect one end of a UTP cable with RJ-45 connectors to the “OUT” port of the AlterPath PM that is connected to the serial port on CS.

2. Connect the other end of the cable to the “IN” port of the next AlterPath PM.

3. Repeat Steps 1 and 2 until you have connected the desired number of AlterPath PMs.

Page 79

Chapter 3 Web Manager for Regular Users

This chapter describes the requirements and the procedures for “Regular Users” to use the W eb Manager. Regular users are those who have configured accounts on the CS with limited access rights.

Regular users can perform the following tasks using the Web Manager.

• Access computers and devices that are connected to the serial ports on the CS.

• Perform IPDU power management.

• Change their current password.

This chapter contains the following sections.

Using the Web Manager Features of Regular User Forms

Connect Form Page 52

IPDU Power Management

IPDU Multi-Outlet Control Page 60 Security Page 63

Using the Web Manager

CS users perform most tasks through the Web Manager. The Web Manager runs in a browser and provides a real-time view of all the equipment that is connected to the CS.

Page 49 Page 51

Page 56

Page 80

Web Manager for Regular Users

T Logging in to the Web Manager

1. Connect your web browser to CS by typing in the Console Access Server’s IP address (e.g., https://10.10.10.10) provided to you by your system administrator in your internet browser.

Note: Refer to Chapter 2, “ for the requirements to start with the Web Manager.

Press Enter. The system brings up the CS Web Manager Login form.

2. Type in your username and password as provided to you by your system administrator.

Figure 3-1: Regular User > Web Manager Login form

Page 81

Features of Regular User Forms

The following figure shows features of the Web Manager when regular users log in.

Form area

Logout button and CS information area

Figure 3-2: Regular User Form The form in the middle changes according to which menu option is selected. The following table illustrates the functions that are common to all the forms.

Table 3-1: Common Screen Information

Form Area Purpose

BLACK BOX® CS Installation, Administration, and User’s Guide 51

Click this button to log out.

Page 82

Web Manager for Regular Users

Table 3-1: Common Screen Information (Continued)

Form Area Purpose

Displays the hostname and IP address assigned during initial configuration, and the model number of the CS.

Brings up the online help.

Connect

When you select the “Connect” option, the following form appears.

Figure 3-3: Regular User > Connect Form You can use this form to connect to the CS console, or to one of the serial

ports as described in the following sections.

• “Connect to CS” on page 53

• “Connect to Serial Ports” on page 54

Permission to access a port or perform power management is granted by the CS administrator when your user account is created. Contact your administrator to gain authorization to access the serial port that the server or devices is connected to.

Page 83

Connect

Connect to CS

When you click the “Connect to CS” radio button on the “Connect” form, a Java applet viewer appears running an SSH session on the CS. The following figure shows the Java applet when you connect to the CS. Note in the “Connected to” message in the below figure at the top of the screen the IP address of the CS followed by the session type, in this case “SSH”.

Figure 3-4: Java Applet The following table describes the available buttons in the Java applet:

Table 3-2: Java Applet Buttons

Button Purpose

BLACK BOX® CS Installation, Administration, and User’s Guide 53

To send a break to the terminal

Page 84

Web Manager for Regular Users

Table 3-2: (Continued)Java Applet Buttons

Button Purpose

To disconnect from the Java applet

Select the left icon to reconnect to the server or device; or select the right icon to end the session and disconnect from the Java applet.

Connect to Serial Ports

The list of serial ports includes the port names or administrator-defined aliases only for ports you have permission to access. If the list is empty or does not include a port you need to access, contact the CS system administrator.

Port Access Requirements

When you connect to a serial port to access a server or another device, access rights to the specific serial port on CS is required. Your system administrator can help with authorization to specific CS ports that your server or device is connected to.

Note: If an authentication server is setup in your network, an authentication met hod

and the related parameters should be setup to allow access to the connected devices. Consult your system administrator for configuring the authentication method.

When you select a port from the Serial pull-down list and click the Connect button, a Java applet viewer appears. A “Connected to” message in a gray area at the top of the screen shows the IP address of the CS followed by the TCP port number. See an example of the Java applet in Figure 3-4

Connection Protocols for Serial Ports

You can access a server or a device connected to a serial port by using the connection protocol specified for the port. There are a number of connection protocols for the serial ports, which your system administrator can setup

Page 85

Connect

depending on your requirements. The following table shows the pro t ocols the CS administrator can choose for the serial ports.

Table 3-3: Serial Ports Connection Protocols

Connection Type Protocol

Console Access Server (CAS) Telnet, SSH, Te lnet&SSH, Raw Terminal Server (TS) Telnet, SSHv1, SSHv2, Local Terminal,

Raw Socket Dial-up PPP-No Auth., PPP, SLIP, CSLIP Other Power Management, Bi-directional

Telnet

TCP Port Numbers for Serial Ports

The TCP port numbers by default start at 7001 for serial port 1 and increments up to the number of serial ports that your CS unit has. For example, an CS with 8 serial ports have TCP ports 7001 through 7008. The CS administrator may change the default port numbers, so if you use the defaults and they fail, check with the administrator to find which port numbers to use.

T To Use Telnet to Connect to a Device Through a Serial Port

For this procedure, you need the hostname of the CS or its IP address and the TCP port number for the serial port to which the device is connected.

• To use Telnet in a shell, enter the following command: telnet hostname | IP_address TCP_port_number

T To Close a Telnet Session

Enter the Telnet hotkey defined for the client. The default is “Ctrl ]” and “q” to quit.

BLACK BOX® CS Installation, Administration, and User’s Guide 55

Page 86

Web Manager for Regular Users

To Use SSH to Connect to a Device Through a Serial Port

For this procedure, you need the username configured to access the serial port, the TCP port number, and the hostname of the CS or its IP address.

• To use SSH in a shell, enter the following command:

ssh -l username:TCP_port_number CS_IP_address

T To Close an SSH Session

Enter the hotkey defined for the SSH client followed by a dot “.”. The default is “~.”

Note: Make sure you enter the escape character followed by a “.” at the beginning of

a line to close the SSH session.

IPDU Power Mgmt.

IPDU or “Intelligent Power Distribution Units” management allows you to manage the power outlets on the AlterPath PM products. When you select the “IPDU Power Mgmt.” option, if you have permission to manage outlets on an AlterPath PM, two tabs appear at the top of the form, as shown in the following figure, “Outlets Manager” and “View IPDUs Info”.

Figure 3-5: Regular User > IPDU Power Mgmt. Forms You can access the forms under IPDU Power Mgmt. menu to manage outlets,

or view IPDUs information:

Page 87

IPDU Power Mgmt.

Outlets Manager

When you go to IPDU Power Mgmt.>Outlets Manager tab, the message shown in the following figure appears if,

1- You do not have permission to manage power on any of the AlterPath PM outlets or ,

2- CS cannot detect an AlterPath PM that has been configured for power management.

Contact the CS administrator for help, if you see this message.

Figure 3-6: Regular User > Outlets Manager (no permissions) The following form appears if you have permission to manage power on one

or more outlets of the AlterPath PM.

Figure 3-7: Regular User > Outlets Manager (with permissions)

BLACK BOX® CS Installation, Administration, and User’s Guide 57

Page 88

Web Manager for Regular Users

The form shows separate entries for each serial port configured for power management, a name for the configured serial port if one is defined by the administrator, and the number of IPDUs connected. The matrix displays a line item for each outlet you are authorized to manage.

The authorized user can do the following for any listed outlet:

• Edit the outlet name.

Enter a name to identify the server or device plugged into the outlet.

• Edit the power up interval.

The power up interval is the time interval (in seconds) that the system

waits between turning on the currently-selected outlet and the next outlet. The default is set at 30 seconds.

• Cycle - Turn power briefly off and on again.

• Turn the power On/Off to the outlet.

• Lock or unlock the outlet to prevent accidental changes to the power state.

The following table describe the corresponding buttons to do the above operations:

Button Purpose

Opens a dialog box to Edit an Outlet name, and the

Power Up Interval.

Turn power briefly off and then on again.

Turn power On/Off.

Lock or unlock the outlet.

Table 3-4: Regular User > Outlet Management Buttons

Page 89

IPDU Power Mgmt.

View IPDUs Info

When you go to IPDU Power Mgmt.>View IPDUs Info, the form appears as shown in the following figure.

Figure 3-8: Regular User > View IPDUs Info The following information is displayed for each port that is configured for

power management.

Table 3-5: Regular User > Information on the View IPDUs Info Form

Description Example

Name

Either a default name or administrator-configured name.

Number of Units

The number of IPDUs connected to the port. The first IPDU is referred to as the master. Any other IPDUs daisy-chained off the first IPDU are referred to as slaves.

Syslog

Whether syslogging has been configured for messages from this IPDU.

Buzzer

Whether a buzzer has been configured to sound when a specified alarm threshold is exceeded.

Number of

Total number of outlets on all connected IPDUs. 8

Outlets

BLACK BOX® CS Installation, Administration, and User’s Guide 59

Page 90

Web Manager for Regular Users

Table 3-5: Regular User > Information on the View IPDUs Info Form

Description Example

Over Current Protection

Model Software Version Alarm Threshold

Current Maximum

Detected

Whether over current protection is enabled (to prevent

OFF outlets from being turned on if the current on the IPDU exceeds the specified threshold).

Description Example

AlterPath PM model number PM8 15A

PM firmware version 1.5.0

Number of amperes that triggers an alarm or syslog

15.0A

message if it is reached Current level on the IPDU 0.0A

Maximum current detected 0.4A

Use this button to refresh the currently displayed maximum detected temperature.

Temperature

Temperature on the AlterPath PM (Availab le onl y on selected models that have temperature sensors)

Maximum Detected

Maximum temperature detected (Available only on selected models that have temperature sensors)

Use this button to refresh the currently displayed maximum detected current.

IPDU Multi-Outlet Ctrl

Selecting IPDU Multi-Outlet Control form allows you to view and manage the power on a group of outlets that provide power to a multi power supply server or device connected to a serial port. Whether the outlets that the multi

Page 91

IPDU Multi-Outlet Ctrl

power supply device is connected to are on the same PM or not, the outlets can be grouped together and managed simultaneously from this form.

When you select IPDU Multi-Outlet Ctrl form, the following figure appears if,

1. There is no multi-outlet device defined.

2. Power Management is not enabled for the serial port the device is

connected to.

3. CS cannot detect an AlterPath PM that has been configured for power

management.

Contact the CS administrator for help, if you see this message.

Figure 3-9: Regular User > IPDU Multi-Outlet (no permissions) The following form appears if you have permission to view and control the

outlets that a multi power supply server or device is connected to.

BLACK BOX® CS Installation, Administration, and User’s Guide 61

Page 92

Web Manager for Regular Users

Figure 3-10: Regular User > IPDU Multi-Outlet (with permissions) Notice in the above figure that the first line of each group, the light bulb, the

lock icon, and the Cycle button operate over the entire group. The light bulb and lock icons next to the individual outlets are used to display the status of each outlet but cannot be used to control the individual outlets.

The following table describes the icons in the first line of each group.

Table 3-6: Regular User > IPDU Multi-Outlet Ctrl. Form Icons

Button Purpose

A grey light bulb icon indicates that the group is off. A yellow light bulb indicates that the group is on. Clicking the light bulb icon changes the power status of

all of the outlets in the group. A grey and open lock icon indicates that the outlets are

unlocked and can be powered on or off. A full-color and closed lock icon indicates that the

outlet is locked and cannot be turned on or off. Clicking the lock icon changes the lock status of all of

the icons in the group. Turn power briefly off and on again

Note: Only one outlet needs to be powered on or unlocked in order for the entire

group to be considered on or unlocked respectively. In this case, it takes two clicks to turn the power off or to l ock the entire group instead of the one click, when all of the outlets are in the same state. The first click turns the other outlets on or unlocks them so that all the outlets are in the same state; the second click turns all of the outlets off or locks them.

The Cycle button operates only if all outlets of a group are turned on.

Note: The “PU (Power Up) interval" parameter configured for each outlet plays an

important role in the power up sequence of multi-outlet devices. The next

Page 93

Security

outlet in the group turns on only after the power up interval specified for the current outlet has elapsed. This parameter can be configured through the IPDU Power Mgmt. form. See “To Close an SSH Session” on page 56.

Security

When you select the “Security” menu option, the following form appears.

. Table 3-7: Regular User > Password Management Form

T To Change Your Password

1. Select the “Security” option from the menu panel.

The “Security” form appears.

2. Enter your current password in the “Current Password” field.

3. Enter the new password in the “New Password” and the “Repeat New

Password” fields.

4. Click OK.

5. Log out and log in using your new password to verify your password

change.

BLACK BOX® CS Installation, Administration, and User’s Guide 63

Page 94

Web Manager for Regular Users

Page 95

Chapter 4 Web Manager for Administrators

Overview

This chapter is for system administrators who use the Web Manager to configure the CS and its users. For information on how to configure CS using vi or Command Line Interface (CLI), please consult the BLACK BOX® CS Installation, Administration, and User’s Guide.

The CS Web Manager for administrators describes two modes of operation, Wizard and Expert.

This chapter provides an overview of the Web Manager forms. The subsequent chapters describe the menus, forms, and the configuration procedures of the Web Manager in Wizard and Expert modes. If you are a regular user see Chapter 3, “Web Manager for Regular Users”.

The sections listed in the following table provides background information related to CS administrators’ use of the Web Manager, including explanations of the types of information to be entered in each of the forms, and links to all the procedures performed in each mode.

BLACK BOX® Web Manager Page 66 Common Tasks for CS Administrators Page 67 Common Features of Administrators’ forms Page 68 Logging into the Web Manager Page 70 Overview of Administrative Modes Page 73

Page 96

Web Manager for Administrators

BLACK BOX® Web Manager

CS administrators perform most tasks through the BLACK BOX® Web Manager either locally or from a remote location. The Web Manager provides a real-time view of the equipment that is connected to the CS.

Access to the Web Manager can be through any of the following methods:

• Through an Ethernet protocol network.

• Through a dial-up protocol such as:

• An optional modem connected to one of the serial ports.

• An optional modem card inserted into one of the PCMCIA slots.

• An optional CDMA wireless, GSM, or ISDN card.

Prerequisites for Using the Web Manager

The prerequisites described in this section must be completed before anyone can access the W eb Manager . If you have questions about any of the following prerequisites, contact your system or network administrator.

• Basic network parameters must be defined on the CS so the Web Manager can be launched over the network.

• The IP address of the CS must be known.

Note: If DHCP is enabled on CS, the IP address is not fixed. Anyone wanting to

access the CS must find out the currently-assigned IP address each time. If DHCP is enabled and you do not know how to find out the current IP address of the CS, contact your system administrator for help.

• A user account must be defined on the Web Manager.

By default, the “root” has an account on the Web Manager. An

administrator with “root” access can add regular user accounts to access connected devices.

Page 97

Common Tasks for CS Administrators

The following table shows some of the common tasks that are performed by an administrator and links to the process and procedure for performing the task.

Table 4-1: Administrator > Common Administrative Tasks

Task Where Documented

Set up users and groups to access connected devices.

Set up user authentication to access serial ports.

Configure serial ports for power management.

Assign users permissions to manage outlets on connected AlterPath PMs.

Set up local or remote data buffering, and specify alarms for one or more serial ports.

Set up logging of system messages to a syslog server.

“Users and Groups” on page 208

“Access” on page 259

“To Configure a Power Management Protocol for an IPDU” on page 254

“To Configure Users to Manage Power Outlets on IPDUs” on page 128

“To Configure Data Buffering for Serial Ports” on page 267

“To Choose a Method for Sending Notifications for Serial Port Data Buffering Events” on page 297

“To Specify Names, Alarms, Syslogging, and Over Current Protection for IPDUs” on page 130

Configure devices for IPMI power management.

Select an authentication method for accessing connected devices.

Configure packet filtering. “Firewall Configuration” on page 186

BLACK BOX® CS Installation, Administration, and User’s Guide 67

“To Configure Syslogging for Serial Ports and Specify Message Filtering” on page 158“

“IPMI Power Management” on page 139

“Authentication” on page 214

Page 98

Web Manager for Administrators

Common Features of Administrator Forms

The common features of all Web Manager forms for CS administrators are described in the following sections.

• Buttons and CS Information

• Getting more information

Buttons and CS Information

The following figure shows the control buttons that display at the bottom of the form when the logged in user is an administrator.

Figure 4-1: Administrator > Web Manager Buttons The following table describes the uses for each control button.

Table 4-2: Administrator > Web Manager Buttons

Button Name Use

back Only appears in Wizard mode. Returns the

previous form.

try changes Tests the changes entered on the current form

without saving them. cancel changes Cancels all unsaved changes. apply changes Applies all unsaved changes. reload page Reloads the page. Help Brings up the online help. next Only appears in Wizard mode. Goes to the

next form.

Page 99

Common Features of Administrator Forms

Table 4-2: Administrator > Web Manager Buttons

Button Name Use

The unsaved changes button appears on the

lower right hand corner of the Web Manager

and a graphical LED blinks red whenever the

current user has made any changes and has not

yet saved the changes.

The no unsaved changes button appears and a

graphical LED appears in green when no

changes have been made that need to be saved.

The various Web Manager actions for trying, saving, and restoring configuration changes are summarized in the following table.

T able 4-3: Administrator > Optio ns for Trying, Saving, and Restoring Co nfiguration Changes

Task Action Result

try changes Click the “try changes”

button”

Updates the appropriate configuration files. Changes are preserved if you log in and log out, and even if you restart the system. Changes stay in effect unless the “cancel changes” button is clicked. The changes can be restored at any time until the “apply changes” button is clicked.

cancel changes Click the “cancel

changes” button

Restores the configuration files from the backup that was created the last time changes were applied.

apply changes Click the “apply changes”

button

If “try changes” has not been previously clicked, updates the appropriate configuration files. Overwrites the backed up copy of the configuration files.

BLACK BOX® CS Installation, Administration, and User’s Guide 69

Page 100

Web Manager for Administrators

The following table illustrates the information that displays in the upper right corner of all Web Manager forms.

Table 4-4: Administrator > Logout Button and Other Information in the Upper Right

Form Area Purpose

Click this button to log out.

Displays the hostname, IP address assigned during initial configuration, and the model number of the Advanced Console Server.

Logging Into the Web Manager

The following procedure describes the login process to the W eb Manager, and what should be expected the first time you login to CS.

TTo Log Into the Web Manager

1 To bring up the Web Manager, enter the IP address of the CS in the address

field of your browser. For example, http://192.168.48.11

Note: Devices such as CS are usually assigned a static IP addresses. If DHCP is

enabled, you must find out the dynamically-assigned IP address each time you need to run the Web Manager. Finding a dynamically-assigned IP address requires making an inquiry to the DHCP server using the MAC address (a 12digit hexadecimal number , wh ich is on a label on CS). Check with the system administrator who configured the basic network parameters on the assigned IP address. If there is no DHCP server, use the default static IP address

192.168.160.10 that is pre-configured in the CS.

a. If DHCP is disabled, use a static IP address assigned by the administra tor. b. If DHCP is enabled, enter the dynamically-assigned IP address. The Login page appears.

Black Box LS1008A, LS1016A, LS1032A, LS1048A User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual