GarrettCom DynaStar DS2000-TS Administrator's Manual
DynaStar 2000
Secure Terminal Server
(DS2000-TS)
Administrator's
Guide
GarrettCom, Inc.
25 Commerce Way #1
North Andover, MA 01845
Phone: 978.688.8807
Fax: 978.688.8771
Part Number: 4-62-0111-00 Rev AA
$25.00 USD
ECLARATIONS
OCUMENTNOTICE
D
Copyright
Copyright 2005 by Dymec, Inc. Printed in the US. All rights reserved.
This manual may not be reproduced or disclosed in whole or in part by a ny means without the written consent of Dymec,
Inc. DynaStar is a trademark of Dymec, Inc. All other trademarks mentioned in this document are the property of their
respective owners .
This document has been prepared to assist users of equipment manufactured by Dymec, Inc., and changes are made
periodically to the information in this manual. Such changes are published in Software Re lease Notices. If you have
recently upgraded your software, carefully note those areas where new commands or procedures have been added. The
material contained in this m anual is supplied without any warranty of any kind. Dymec, Inc. therefore assumes no
responsibili ty and shall inc ur no liability ari sing from the supplying or use of this document or the material contained in it.
Rights
Except as set forth in the Software License Agreement, Dymec, Inc. makes no representation that software progr ams and
practices described herein will not infringe on existing or future patent rights, copyrights, trademarks, trade secrets or
other proprietary rights of third parties and Dymec, Inc. makes no warranties of any kind, either express or implied, and
expressly disclaims any such warranties, including but not limited to any implied warranties of merchantability or fitness
for a particular purpose and any warranties of non infringement. The descriptions contained herein do not imply the
granting o f li censes to make, use, sell, license or otherwise tran sfer Dy mec, Inc. products described herein. Dymec, Inc.
disclaims responsibility for errors which may appear in this document, and it reserves the right, in its sole discretion and
without notic e, to make substitutions and modifications in the products and practices described in this document.
Part Number Information
CD (pdf) Version Pa rt Number: 4-62-0111-00 Rev AA
Revision History
Release Date
Dec 2005 AA 7.2 New product release, Hardware and
Document
Revision
Software
Release
Change Note
Software
DS2000-TS Administrator’s Guide
i
D
ECLARATIONS
Warranty
ARRANTY
W
Dymec, Inc. warra nts equipment manufactured by it to be free from defects in material s and w orkmanship f or a peri od of
one (1) year from date of shipment. If within the warranty period the purchaser discovers such item was no t as warranted
above and promptly notifies Dymec, Inc. in writing, Dymec, Inc. shall repair or replace the items at the company's option.
This warranty shall not apply to: (a) equipment not manufactured by Dymec, Inc.; (b) equipment which shall have been
repaired or altered by anyone other than Dymec, Inc.; (c) equipment which shall have been subjected to negligence,
accident, or damage by circums tances beyond Dymec, Inc. control, or to improper operation, maintenance or stor age, or
to other than normal use or service. With respec t to equipment sold but not manufactured by Dymec, Inc., the warranty
obligation of Dymec, Inc. shall, in all aspects, conform and be limited to the warranty actually ext ended to Dymec, Inc. by
its supplier.
The fore g oing warr anties do not cover re i mbursemen t for labor, transportation, rem oval, insta l l at ion, or ot her expens es
that may be incurred in connection with repair or replacement.
THE FOREGOING WARRANTIES ARE EXCLUSIVE AND IN LIEU OF ALL OTHER EXPRESS AND
IMPLIED WARRANTIES EXCEPT WARRANTIES OF TITLE, INCLUDING, BUT NOT LIMITED TO,
IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE.
IMITATIONOFLIABILITY
L
Anything to the contrary herein contained notwithstanding, Dymec, INC., ITS CONTRACTORS AND SUPPLIERS
OF ANY TIER, SHALL NOT BE LIABLE IN CONTRACT , IN TOR T (INCLUDING NEGLIGENCE OR
STRICT LIABILITY) OR OTHERWISE FOR ANY SPECIAL, INDIRECT, INCIDENTAL OR
CONSEQUENTIAL DAMAGES WHATSOEVER. The remedies of the purchaser set forth herein are exclusive where
so stated and the total cumulative liability of Dymec , Inc. its contractors and suppliers of any tier, with respect to this
contract or anything done in connection therewith, such as the use of any product c overed by or furnished under t he
contract, whethe r in contract, in tort (including negli gence or strict li abili ty) or otherwise , shall not exceed the price of the
product or part on which such liability is based.
Unless otherwise agreed to in writing by an authorized official of Dymec, Inc., products sold hereunde r are not intended
for use in or in connection with a nuclear facility or activity. If so used, Dymec, Inc. disclaims all liabilit y for nuclear
damage , in jur y or co n tami nat ion, and purc has er shall ind emnif y Dyme c, Inc. agai nst any suc h li ab ili ty, whether a s a res ul t
of breach of contract, warranty, tort (including negli gen ce) or otherwise.
DS2000-TS Administrator’s Guide
ii
D
ECLARATIONS
Patents
ATENTS
P
As to equipment proposed and furnished by Dymec, Inc., Dymec, Inc . shall defend any suit or proceedi ng broug ht against
purchaser so far as b ased on a claim that sai d equipment constitutes an infringement of any patent of the United States, if
noti fied promptly in writing and given authority, information, and assistance at Dymec, Inc.'s expense for the defense of
the claim. In eve nt of a final award of costs and damages fro m such a suit, D ymec, Inc. shall pay such award. In event t he
use of said eq u ipment by p u rchase r i s enjoined in such a suit, Dymec, Inc. shall, at its own expense, and at its sole option
either (a) procure for purchaser the right to continue using equipment, (b) modify said equipment to render it noninfringing, (c) replace said equipment with non-infringing equipment, or (d) refund the purchase price (less depreciation)
and transportation and installation costs of said equipment. Dymec, Inc. will not be responsible for any c ompromise or
settlemen t made without its written consent. The foregoing states the entire liabilit y of Dymec, Inc. for patent
infringement, and in no event shall Dymec, Inc. be liable if the infringement charge is based on the use of Dymec, Inc.
equipment for a purpose other than that for which it was sold by Dymec, Inc. As to any equipment furnished by Dymec,
Inc. to purchaser and manufactured in accordance with designs proposed by purchaser, purchaser shall indemnify Dymec,
Inc. again st any award ma d e ag ai n s t D y mec, Inc. f o r patent, trademark, or co py r i g ht i n fringement.
ETURNOFEQUIPMENT
R
No equipment may be returned without purchaser first obtaining Dymec, Inc.'s written Return Material
Authorization (RMA).
Equipment accepte d for credit, not involving a Dymec, Inc. error, shall be subject to all the terms of the original purchase
contract and to a service cha rge. Returned equipment must be of current manufa cture, unused, and in reasonable
condition, securely packed to reach Dymec, Inc. without damage, shipped F.O.B. Dymec, Inc. facility with transportation
charges paid, and labeled with Return Material Authorization (RMA) number. Any cost incurred by Dymec, Inc. to put
equipment in f i r s t class condition will be charged to purchaser.
OMPLIANCENOTICES
C
FCC Part 15
This device complies with part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device
may not cause harmful in t e rf er ence, and ( 2 ) t his device must acc ep t any inte rference recei ved, inclu d in g i n terferenc e th at
may cause undesired operation.
Note: This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to part 15
of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the
equipment is operated in a commercial environment . This equipment generates, uses and can radiate radio frequency
energy and, if not installed and used in accordance with the instruction manual, may cause harmful interference to radio
communications. Operatio n of this equipment in a resident ial ar ea is lik ely to cause h armful interferenc e in which case the
user will be required to correct the interference at his/her own e xpense.
Changes or modifications could void the user’s authority to operate the equipment. The user is cautioned not to change or
modify this product.
DS2000-TS Administrator’s Guide
iii
D
ECLARATIONS
Safety
ACTA TIA/EIA IS-968A (Formerly FCC Part 68)
This equipment complies with ACTA TIA/EIA IS-968A rules. On the devic e is a la bel that contains, among other
information, the FCC registration number for this equipment. If requested, this information must be provided to the
telephone company. (Note: REN [Ringer Equivalence Number] does not apply to this equipment.)
The telephone company may make changes in its facilities, equipment, operations, or proce dures that could affect the
operation of this equipment. If this happens, the telephone company will provide advance notice in order for you to make
necessary modific ations to maintain uninterrupted service.
IC CS03 (Industry Canada)
This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the
interference-causing equipment entitled “Digital Apparatus”, ICE S-003 of the departm ent of Communications (Cet
appareil numérique respe cte les li mites brui ts radioél ectri ques applic abl es aux appareil s numéri ques de Class A prescrites
dans la norme sur le materiel brouilleur: “Appareils Numériques”, NMB-003 édictée par le ministre des
Communications).
EN55022
Warning: This is a C lass A product. In a domestic environment this product may cause radio interference, in which case
the user may be required to take adequate measures.
AFE
S
WARNING: Service to this unit can be made only by factory authorized personn el. Failure to observe this caution can
result in malfunction to the unit as well as electroc ution to personne l.
Avertissement: Cet appareil ne peut être exa miné ou réparé que par un employé autorisé du fabri cant. Si cette consigne
n’est pas respecté e, il y a risque de panne et d’électrocution.
Vo rs ic ht: Dieses Gerät darf nur durch das bevollmächtigte Kundendienstpersonal der fabrik ins tandgehalten werden. D ie
Nichtbeachtung dieser Vorschrift kann zu Fehlfunktionen des Gerätes führen und das Personal durch Stromschläge
gefährden.
TY
DS2000-TS Administrator’s Guide
i
v
Industry Canada Warnings Avis d’Industr ie Canada
D
ECLARATIONS
Safety
Notice:
Befor e in st alling this equi pm ent, users should en s ur e th at it is
permi ss ible to be c onnected to the facilities of the local
telecommunications company. The equipment must also be
insta lle d us in g an accepta bl e me tho d of connection. The
custom er shou ld be aware that compliance with the above
conditions may not prevent degradation of service in some
situations.
Repairs t o certified equipment should be coordinated by a
representative designated by the s up plier. Any repair s or
alterations made by the user to this equipment, or equipment
malfunctions, may give the telecommunications company
cause to request the user to disconnect the equipment.
Users should ens ure for their ow n pro t e cti on that the ele ctrical
ground connections of the power utility, telephone lines, and
internal metallic water pipe system, if present, are connected
together. The precau ti o n ma y be particula rly important in rural
areas.
Avis:
Avant d’installer ce matériel, l’utilisateur doit s’assurer qu’il est
permi s de le ra cc order aux ins tal la tions de l’entr ep ris e locale
de téléc o mm u nication. Le m atériel doit égaleme nt êtr e ins ta llé
en suivant une méthode acceptée de raccordement. L’abonné
ne doit pas ou bl ier qu’il est pos si bl e qu e la co nfo r m ité au x
conditions énoncées ci-dessus n’empêche pas la dégradation
du service dans certaines situations.
Les réparations de matériel homologué doivent être
coordonnées par un représentant désigné par le fournisseur.
L’entreprise de té lécommunications peut demander à
l’utilisateur de débrancher un appareil à la suite de réparations
ou de modifications effectuées par l’utilisateur ou à cause de
mauvais fonctionnement.
Pour sa propre protection, l’utilisateur doit s’assurer que tous
les fils de mise à la ter re de la source d’é nergie électrique, des
lignes téléph oniq ues et des canal isat ions d’eau mé tall iqu es, s’il
y en a, sont raccordés e ns e mble. Cette précaution est
particulièrement importante dans les régions rurales.
Service Personnel Warning
The D
YNASTAR
unit.
The installation of this product must comply with all applicable codes and practices sp eci fi ed b y the country , city, and
operating company in which it is installed.
1500 may be AC or DC powered. Remove all p ower connections at the circuit panel before removing the
Conformité UL (E.-U. et Canada)
Dans le cas des unités devant fonctionner sous 120 V c.a., utilisez un cordon d’alimentation homologue UL constitué au
minimum d’un cordon de calibre 14 AWG (0,83 mm
de 15 pieds muni d’une prise à lames parallèles avec mise à la terre et pouvant supporter 15 A à 125 V. Dans le cas des
unités d eva nt fonctionner sous 250 V c.a. conformément aux normes internationales, utilisez un cordon d’alimentation
homologue UL constitué au minimum d’un cordon d e c alibre 14 AWG (0,83 mm
pouvant supporter 15 A à 240 V, marqué HA R et conforme aux normes de securité en vigueur dans le pays où le materiel
doit être utilisé.
3
) de type SVT ou SJT à trois co nducteurs d’une longueur maximale
3
) muni d’une prise avec mise à la terre
Grounding
This equipment is equipped with an external grounding bolt (#10/32 UNF-2B). All units requiring grounding, use a
grounding wir e a minim um size of 14 AWG at a maximum lengt h of five fe et. The ground lug bolt should be t orqu ed to 32
inch pounds.
DS2000-TS Administrator’s Guide
v
D
ECLARATIONS
Contacting Dymec
C
By Mail:
Telephone:
Fax:
Website:
Email:
ONTACTINGDYMEC
Dymec, Inc.
25 Commerce Way #1
North Andover, MA 01845
978.688-8807
978.688-8771
www.dymec.com
support@dymec.com
Customer support representatives are available during normal business hours, 8 - 5pm EST.
DS2000-TS Administrator’s Guide
vi
D
ECLARATIONS
Document Notice .................................................................................................................................................................................. i
Copyright ................................................................................................................................................................................i
Rights ....................................................................................................................................................................................... i
Part Number Information .................................................................................................................................................... i
Revision History .................................................................................................................................................................... i
Warranty ................................................................................................................................................................................................. ii
Limitation Of Liability ......................................................................................................................................................................... ii
Patents ................................................................................................................................................................................................... iii
Return Of Equipment ......................................................................................................................................................................... iii
Compliance Notices ............................................................................................................................................................................iii
FCC Part 15 .......................................................................................................................................................................... iii
ACTA TIA/EIA IS-968A (Formerly FCC Part 68) ......................................................................................................iv
IC CS03 (Industry Canada) ................................................................................................................................................ iv
EN55022 ............................................................................................................................................................................... iv
Safety ...................................................................................................................................................................................................... iv
Service Personnel Warning ................................................................................................................................................. v
Conformité UL (E.-U. et Canada) ..................................................................................................................................... v
Grounding ............................................................................................................................................................................. v
Contacting Dymec ...............................................................................................................................................................................vi
REFACE
P
About This Manual .............................................................................................................................................................................. xi
Conventions ......................................................................................................................................................................................... xii
Related Documents ............................................................................................................................................................................ xii
Web Access .......................................................................................................................................................................................... xii
Comments ............................................................................................................................................................................................ xii
HAPTER
C
1.1 Principal Features And Benefits ..........................................................................................................................................1-1
1.2 Terminal Server Overview ...................................................................................................................................................1-2
1.3 IP Routing ..............................................................................................................................................................................1-3
1.4 DS2000-TS Management Features .....................................................................................................................................1-4
1:
1.2.1 Local Terminal Server ..........................................................................................................................................1-2
1.2.2 Reverse Terminal Server ......................................................................................................................................1-3
1.2.3 Back-to-Back Terminal Server ............................................................................................................................1-3
1.4.1 DynaStar Supervisor .............................................................................................................................................1-4
1.4.2 LEDs andAlarms .................................................................................................................................................1-4
1.4.3 SNMP and MIBs ..................................................................................................................................................1-4
1.4.4 Security ...................................................................................................................................................................1-4
YNASTAR
D
2000 S
ECURE TERMINAL SERVER
RODUCTOVERVIEW
P
DS2000-TS Administrator’s Guide
vii
C
ONTENTS
C
HAPTER
2.1 Supervisor .............................................................................................................................................................................. 2-1
2.2 Universal Commands For Supervisor Menu Navigation ............................................................................................... 2-1
2.3 Accessing the DynaStar Supervisor ................................................................................................................................... 2-3
2.4 Supervisor Menus ................................................................................................................................................................. 2-5
C
HAPTER
3.1 Terminal Server Configuration Example .......................................................................................................................... 3-1
2: S
2.2.1 Command Notation ............................................................................................................................................ 2-1
2.2.2 Navigation ............................................................................................................................................................. 2-2
2.2.3 Saving Changes..................................................................................................................................................... 2-2
2.3.1 Accessing the System Operator Console......................................................................................................... 2-3
2.3.2 Logging In ............................................................................................................................................................. 2-4
2.4.1 Port Menus ............................................................................................................................................................ 2-7
2.4.2 Network Menus ................................................................................................................................................... 2-9
2.4.3 System Menus ......... ........ ......... ........ ........ ......... ........ ........ ......... ........ ........ ......... ........ .. ........................................ 2-9
2.4.4 Security Menus ................................................................................................................................................... 2-11
3: C
3.1.1 Assigning an IP Address to the System f or Terminal Server Functionality ............................................... 3-2
3.1.2 Configure the Serial Ports for Terminal Server ............................................................................................... 3-3
UPERVISOROVERVIEW
ONFIGURATIONBASICS
C
HAPTER
4.1 Troubleshooting .................................................................................................................................................................... 4-1
4.2 Boot Process .......................................................................................................................................................................... 4-3
4.3 Initializing an IP Address .................................................................................................................................................... 4-4
4.4 Software Maintenance .......................................................................................................................................................... 4-5
PPENDIX
A
A.1 Port Menus ............................................................................................................................................................................A-2
A.2 Configuration ........................................................................................................................................................................A-5
A.3 Statistics ............................................................................................................................................................................... A-12
4: T
4.1.1 Port ......................................................................................................................................................................... 4-1
4.1.2 Network ................................................................................................................................................................. 4-2
4.1.3 Buffer Usage ......................................................................................................................................................... 4-2
4.4.1 FTP Commands ................................................................................................................................................... 4-6
4.4.2 TFTP Commands ................................................................................................................................................ 4-7
4.4.3 Creating a Compressed Configuration File...................................................................................................... 4-7
4.4.4 Placing a Compressed Configuration File on a
4.4.5 Placing a Software Load on a
4.4.6 Reinitializing the System ................................................................................................................................... 4-11
4.4.7 Deleting Files from the
A: P
A.1.1 Functions for Port n Menu ................................................................................................................................A-3
A.2.1 Ethernet Port Configuration ..............................................................................................................................A-5
A.2.2 Async Port Configuration ...................................................................................................................................A-6
A.2.3 Virtual PAD Configuration ................................................................................................................................A-9
A.2.4 Console Port Configuration ............................................................................................................................ A-10
A.3.1 Ethernet Port Statistics .................................................................................................................................... A-12
A.3.2 Serial Port Statistics .......................................................................................................................................... A-14
ROUBLESHOOTING ANDSOFTWAREMAINTENANCE
DS2000-TS
DS2000-TS
DS2000-TS
.................................................................................................... 4-10
.............................................................................................................. 4-12
........................................................................ 4-9
ORTFUNCTIONS
viii
DS2000-TS Administrator’s Guide
C
ONTENTS
A.3.3 Console Port Statistics ......................................................................................................................................A-15
A.4 Disable, Enable, Busy, And Initialize Ports ...................................................................................................................A-18
A.5 Protocol Monitoring ..........................................................................................................................................................A-19
PPENDIX
A
B.1 Networking Setup And Status Menu .................................................................................................................................B-3
B.2 Router (IP) .............................................................................................................................................................................B-4
B.3 Terminal Server ...................................................................................................................................................................B-23
B.4 Async Services .....................................................................................................................................................................B-26
A
PPENDIX
C.1 Sy stem Functions And Commands ................................................................................................................................... C-2
C.2 Code Versions ....................................................................................................................................................................... C-2
C.3 Restarting the
C.4 Event Log ..............................................................................................................................................................................C-5
C.5 Buffer Usage ..........................................................................................................................................................................C-6
C.6 Sy stem Name and Herald ...... ......... ........ ........ ......... ........ ........ ......... ........ ........ ......... ........ ....... ........................................... C-7
C.7 Date & Time .........................................................................................................................................................................C-8
C.8 SNMP .....................................................................................................................................................................................C-9
B: N
B.2.1 Assign IP Addresses And Protocols .................................................................................................................B-5
B.2.2 IP Routes Display ................................................................................................................................................B-6
B.2.3 Static Routing .......................................................................................................................................................B-6
B.2.4 IP Filters ................................................................................................................................................................ B-7
B.2.5 TCP/IP Status ....................................................................................................................................................B-10
B.2.6 DHCP ..................................................................................................................................................................B-11
B.2.7 Virtual Private Networks .................................................................................................................................. B-16
B.4.1 PAD Profiles ......................................................................................................................................................B-26
B.4.2 Logon Screen ......................................................................................................................................................B-32
C: S
C.3.1 Cold Restart ..........................................................................................................................................................C-3
C.3.2 Warm Restart ........................................................................................................................................................C-4
C.3.3 Reinitialize ............................................................................................................................................................. C-4
ETWORKCOMMANDS
YSTEMFUNCTIONS
DS2000-TS
.................................................................................................................................................C-3
A
PPENDIX
D.1 Security .................................................................................................................................................................................. D-2
D.2 Password Change ................................................................................................................................................................ D-3
D.3 Define Access Permissions ................................................................................................................................................ D-4
D.4 Security Options .................................................................................................................................................................. D-6
D: S
ECURITYCOMMANDS
DS2000-TS Administrator’s Guide
i
x
C
ONTENTS
DS2000-TS Administrator’s Guide
x
REFACE
BOUTTHIS
A
This manual provides the Administrator with ins tructions to configure, monitor and maintain the
D
YNASTAR
DS2000-TS uses, the basics of using the Supervisor application and the hierarchical menu structure, and
instructions for configuring the DS2000-TS for spec ific applications. The specific applications and
configuration cover IP Routing and Terminal Serv er operation. The Appendices define each menu option in
the Supervisor application. The chapters are presente d as f ollows:
Chapter 1, “D
specific features of the DS2000-TS.
Chapter 2, “Supervisor Overview” - This chapter describes the Supervisor a pplication menu hierarchy and
defines each of the highe r level sub-men us and how to configure, monitor, and control the DS2000-TS. This
chapter al so includes methods for navigating through the menus, Login procedure s and an overview of the
Supervisor ma in subsections.
Chapter 3, “Configuration Basi cs” - This chapte r descri bes the basic s of configu r ing th e DS2000-TS for IP
Routing and Terminal Server setup.
Chapter 4, “Troubleshooting and Software Maintenance” - This chapter explains how to check for
configuration and status information relating to the network and device. Also included are some basic
instructions for using tftp and ftp commands for software maintenance.
Appendix A, “P ort Functions” - This appendix describes the Port Menu hierarchy and, using menu screen
illustrations, defines the fields and capabilities for each.
2000 S
YNASTAR
ECURE TERMINAL SEVER
M
2000 S
ANUAL
(DS2000-TS). This manua l conta ins: a basic desc ript ion of the
ECURE TERMINAL SERVER
Product Overview” - This chapter describes the
Appendix B, “Network Commands” - This appendix describes the Network Menu hierarchy and, using
menu screen illustrations, defines the fields and capabilities for each.
Appendix C, “System Functions” - This appendix describes the Security Menu hierarchy and, using menu
screen illustrations, defines the fields and capabilities for each.
Appendix D, “Security Commands” - This appendix describes the System Menu hierarchy and, using menu
screen illustrations, defines the fields and capabilities for each.
DS2000-TS Administrator’s Guide
xi
D
ECLARATIONS
Conventions
&
&
&&
ONVENTIONS
C
One common convention used throughout the manu al is the us e of callouts intersper sed i n the text of the
document. These callouts, shown and described below, draw the use r’s attention to a condition or situation
that ma y re q u ire ac t io n o r at least awarene ss. All callout s a pp ea r im me diately before the step to which the
callout information pert ains. The callouts are listed below with descriptions of their uses and information
conte n t in th e tex t f ie lds.
NOTE: Notes are to provide the user with helpful information pertaining to an upcoming step
or action. Not following the information contained in a Note will not adversely affect the
operation of the unit but following the note may save time or increase the understanding of
the user.
CAUTION: Cautions inform the user that a condition may exist such that inaction may cause
the system to operate poorly or cause the system to cease operating.
ELATEDDOCUMENTS
R
None
•
EBACCESS
W
All of the D
www.dymec.com
OMMENTS
C
If you find an error or have a helpful tip on the layout or infor mational content of this or any other Dymec
manual please feel free to contact us via email with any problems or helpful information. All enquiries will
be responded to with a correction or whatever resolution is required. Please make all comments to
support@dymec.com or phone a support e ngineer at (877) 463-9632.
YNASTAR
2000 man uals are also available in .pdf format on the Dymec website,
.
xii
DS2000-TS Administrator’s Guide
+$37(5
DYNASTAR 2000 SECURE TERMINAL
SERVER
The D
industrial automation applications. This chapter provides an overview of the primary feature s and
benefits of the product and describes the Terminal Server networking service.
1.1 P
The D
networking platform that is purpose-built for distributed indu s t rial automation applications such as
Supervisory Control and Data Acquisition (SCADA) system s. The DS2000-TS operates effectively in
extremely hars h environm ental conditions such as those within power utility substations, pumping stations,
treatment plants and transportati on systems. This robustness is primarily due to extended range
specifications in areas such as electromagnetic interference, te mperature, and electrical surges. Most other
networking products will fail when facing these conditions.
The DS2000-TS combines the c apabilities of an Async-to-TCP/IP Terminal Server and an IP Router in a
single inte grated device. This feature set, depicted in Figure 1-1, is used primarily in a Terminal Server
application as explained in the next section.
YNASTAR
RINCIPALFEATURESANDBENEFITS
2000 S
YNASTAR
ECURE TERMINAL SERVER
2000 S
ECURE TERMINAL SERVER
DynaStar 2000 Secure Terminal Server
is a purpose -bui lt networki ng pl atfor m for d istr ib uted
(DS2000-TS) is a multi-function, multi-protocol
Ethernet Router Terminal Server
Ethernet Connection Serial Devices
DS2000-TS Administrator’s Guide
S1 Sn
Figure 1-1. DS2000-TS Functional Integration
1 - 1
S2 E0
C
HAPTER
Terminal Server Overview
D
1 -
YNASTAR
The DS2000-TS's device integration provides investment and operational savings compa red to alternative
solutions involving multiple less-integrated devices. Investment savings include both acquisition cost as
well as space allocation and engineering requirement s. Power system requirements are consolidated and
simplified, with the DS2000-TS supporting dir ect feeds from a wide range of DC power sour ces commonly
used at ind us trial s it es. Opera tio nal savings come from reduce d maintenance and administration , including
having fewer different software-based devices to coordinate for network configuration, diagnostics and
software upgrades.
2000 S
ECURE TERMINAL SERVER
Product Overview
1.2 T
The DS2000-TS Terminal Server feature is typically used to enable a host-computer application based on
TCP/IP protocol to communicate with remote industrial devices that have an Async serial network interface
(see Figure 1-2). All communication is in IP-format from the central host to/from the remote site. The
DS2000-TS Terminal Server feature at the remote site disassembles each TCP/IP packet and provides an
Async seria l stream to the remo te device. In the reverse direction, Async responses from t he device are
assembled into TCP/IP packets, appropriate ly addressed and routed to the host application. More
specifically, all traffic on a DS2000-TS seria l interface is mappe d to /from an IP address and a s pecific TCP/
IP port or socket number.
ERMINALSERVEROVERVIEW
DynaStar 2000-TS
S1
S2
S3
S6 S5
S4
S8 S7
Serial Devices
Figure 1-2. Local Terminal Server
IP addr: x.x.x.x
Socket #s, e.g.: 10101,
10102, ...10132
TCP/IP
Ethernet Host
Application
There are se veral variations of the Terminal Server application, describ ed in the following para graphs.
1.2.1 Local Terminal Server
This is the typical application involving a local IP-host, i.e., a host collocated with the serial devices and
attached to a DS2000-TS port either directly or via a Local Area Network (LA N ) . The IP host may be a
distributed application server or a PC-based HMI device at the remote site.
DS2000-TS Administrator’s Guide
1 - 2
C
HAPTER
1 -
D
YNASTAR
2000 S
ECURE TERMINAL SERVER
Product Overview
1.2.2 Reverse Terminal Server
This application has the same physical topology as the Local Terminal Server, but the communications
connection is initiated on-demand by the Serial device, rath er than by the host application. This requires
that th e DS2000-TS formulate a TCP/IP sess i on reques t to the host on behalf o f the serial device. In the
DS2000-TS, this is configured as an “Async-IP” terminal server connection, as differentiated from the more
common and default “IP-Async” terminal server connection.
1.2.3 Back-to-Back Terminal Server
This application uses two Terminal Server capabilities at both the host end an d async-device end of the
connection, providing serial interfaces to both the host system and remote device. The devices may be
attach ed to the same DS2000-TS or to different DS2000-TSs connected over a network. Back-to-Back
terminal server a llows end-to-end serial connections to be consolidated onto an al l IP -oriented network
infrastructure, keeping with the spirit of “IP Convergence,” at least at the transport layer of the network. In
this config uration , th e host end conne ction wou ld t ypical ly use an “Async-I P” con necti on ty pe, initi ating t he
TCP/IP session. T he other industrial device would be connected to a DS2000-TS using the default “IP-
Async” Terminal Server as described above.
The principal variant of Terminal Server used with the DS2000-TS is the Local Terminal Server.
Configuration guidelines for this service are provid ed in Chapter 3.
IP Routing
1.3 IP R
The DS2000-TS includes an integral IP router capability that enables a numbe r of applications and
enhancements to reliability and security.
IP Routing can be used locally within a site. Local routing is an alternative to layer-2 Ethernet switching
among Ethernet ports. IP routing provides communication among devices in different Ethernet VLANs and
can provide additional ne tw ork security using IP address filtering and IPsec encryption.
IP Routing is also us ed by the Terminal Server application described above. The Terminal Server feature
converts Async seria l communications to/from IP packet s. IP routing provides routing of these packets
either locally or rem otely.
The default mode for IP rout ing uses the RIP protocol to exch ange avail able rout e inf ormation wit h adjacent
routers. Advanced fe atures available with IP Routing include:
The Configuration Basics described in Chapter 3 d eal primarily with default IP routing using RIP,
suppor ting Terminal S er ver traffic. Other IP R outing feat ures a re described prim arily in the re f erence
sections of Appendix B.
OUTING
• IP address filtering (sel ective blocking of permitted sources a nd destinations)
• VPNs using IPsec with DES or 3DES enc ryption
Static routing (explicit next hops, not using a routing protocol like RIP)
•
DHCP client and server (automati c assignment of IP addresses)
•
DS2000-TS Administrator’s Guide
1 - 3
C
HAPTER
DS2000-TS Management Features
1 -
D
YNASTAR
2000 S
ECURE TERMINAL SERVER
Product Overview
1.4 DS2000-TS M
This s ec tion pro v id es summa ri e s of selected managemen t capabilities for all DS2000-TS services.
1.4.1
1.4.2 LEDs and Alarms
1.4.3 SNMP and MIBs
1.4.4 Security
DynaStar Supervisor
Chapter 3 provides details on the DynaStar Supervisory application. This menu-based m anagement
application supports configuration, diagnostics, performance monitoring and security functions for the
DS2000-TS. The Supervisor is accessed over the local console port or remotely via an IP network.
The DS2000-TS has a number of visual alarm and status indicators implemented as LEDs on the wiring
panel of the dev ice. The re is als o an ala rm port th at pr ovides a hard con tact sta tus i ndicat ion of major s ystem
failure.
The DS2000-TS provides an SNMP MIB interface for status, statis tic s and provisioning. Alarms may be
formatted as SNMP traps to central network management systems.
ANAGEMENTFEATURES
A number of security options are available fo r management interfaces to the DS2000-TS. Mana gement
access securit y includ es both logi cal acce ss (e.g ., IP address filt ering, IPsec/VPN), and mul ti-le vel password
protections. Management data may be encrypted using IPsec with DES or 3DES.
1 - 4
DS2000-TS Administrator’s Guide
+$37(5
UPERVISOR
This chapter provides an overview of the management application included in all DynaStars to
configure, administer, and troubleshoot the equipment and the network. The following sections
introduce the management application, describe access and login procedures, provide navigation
details and com mon commands, outline the menu hier archy, and provide an o verview of the sup erv i so r
capabilities.
This chapte r also describes a number of standard ta sks asso ciat ed with th e administration of the
D
YNASTAR
and not dependent on any particular configuration of the network or interfacing equipment.
2000 S
ECURE TERMINAL SERVER
in particular. These standard tasks are general in nature
2.1 S
The Supervisor a pplication running on the DS2000-TS manages the device. The Supervisor application is a
hierarchical menu-driven system allowing users to manag e and configure the DS2000-TS. Through the
super v is or ap p li cation, the user ca n co n f ig u r e po rt s, service s , an d fe at u r es; view sta t is t ic s ; c ar r y out
maintena nce activities and perf orm troubleshooting. The Supervis or application is accessible thr ough the
local console port or by using Telnet to connect to the DS2000-TS from the network.
2.2 U
This section describes the command notation used i n this manual and the methods for navig ation within the
Supervisor, along with how to select configuration settings, enter or modify data, and save changes.
2.2.1 Command Notation
This manual uses the following notations and conventions:
UPERVISOR
NIVERSALCOMMANDSFORSUPERVISORMENUNAVIGATION
The names of keys are bold and contained in angle brackets, for example <Enter>
•
Two keys pressed simultaneously appear in a n gle brackets separ ated by a hyphen (i.e.
•
<CTRL-D>)
Commands you must enter appear in italics
•
The names of menu fields also appear in boldface
•
Representative text in a command line appears in italics. For example, the word filename
•
indicates that an actual filename should replace the italicized word.
System messages appear in italics
•
DS2000-TS Administrator’s Guide
2 - 1
C
HAPTER
Supervisor Overview
2 -
Universal Commands For Supervisor Menu Navigation
2.2.2 Navigation
To navigate down to a submenu:
• Type the command number and press <Enter>.
- or -
• Use the cursor keys (left, right, up and down arrows) to move to the desired function, and
press <Enter>.
To return to a previous menu:
• Press the <Esc> key.
- or In m enus with no modifiable field s, press ing the left arrow will display the previous menu.
•
To navigate within a modifiable menu:
Use the cursor keys to move ar ound the fields
•
Use the <Tab> key to send the cursor to the next modifiable field.
•
Press <Tab> repe at edly to get to the Pro cess selections field. Or , while in the leftmost field
•
of the screen, press t he lef t arrow ke y. This sends the curs or to th e bo ttom ri ght corner, which
is the Process selections field. The Process selections field appears on each screen where
there are modifiabl e parameters and is used to save the changes to volatile memory.
Although selecting Y and pressing <Enter> in the Process selections field saves the
changes, the user must also save the change s to F lash memory.
To change a modifiable field:
• To modify fields containing multiple toggle options, move the c ursor with the arrow keys or
<Tab> key until it is in the field to be modified. Pressing <Enter> toggles the parameter to
the next option. Pressing the <Enter> key repeatedly cycles through all the field options.
Moving out of the field temporar ily sets t he field to the value en tered. The change will
become permanent when the user saves the changes .
• To enter information in a text or number field, place the cursor in the field and type the
desired information. Moving the cursor out of the field stops editing the data field, and
temporar ily sets the field to t h e v alue entered. Th e change will become permanent w h en t h e
user saves the changes.
To edit input
The Supervisor Console is preconfigured to use the <Backspace> and <Delete> keys for
•
editing characters.
2.2.3 Saving Changes
Before a change can be saved to Flash memory it must first be processed. This adds the information to the
system from which the Flash memory is updated. The Process selections field is in the lower right corner of
all modifiabl e menus. To proc ess the changed configuration information, move the cursor to the Pro c ess
selections field. The Process selections field should contain a <Y> but if it is <N> type in the letter <Y> an d
press the <Enter> key. If the user does not wi s h to save the changes made, either press <Esc> to go back to
the previous m enu, or type <N> in the Process selections field and press <Enter>.
2 - 2
DS2000-TS Administrator’s Guide
C
HAPTER
Accessing the DynaStar Supervisor
Once the informati on is processed, the system will display a reminder to save the changes to Flash memory
by this highlighted message : Config has changed: use <CTRL-W> to save. Pressing the <CTRL-W> saves
the system to Flash Memory. Once the save is complete, the message disappears and normal operation
resumes. If the system is re started by the Warm rest art method, or a power interruption, prior to saving the
changes to Flash memory, all unsaved change s will be lost.
Supervisor Overview
2 -
2.3 A
This section describes how to access and login to the DS2000-TS Supervisor application. The System
Operator Consol e is acces sed eithe r dire ctly fro m the consol e port on the DS2000-TS, or from a workst ation
on any connected IP device using Telnet, a ssuming that the DS2000-TS has a proper IP address assigned.
The user can manage m ultiple DS2000-TSs from a single workstation when using Telnet. All mode s of
access provide Password-based security.
2.3.1 Accessing the System Operator Console
For dir ect termi na l mode access to the console port:
For access via an IP network:
If you are connecting from a LAN, the Telnet connection screen, shown in Figure 2-1, appears before the
Login screen. Select <1> and press <Enter> for access to the Login screen. Upon direct connection via the
Console port, the Login screen displays the supervisory herald, the software version number, and a prompt
for a password as shown in Figure 2-2. You receive a prompt for the Supe rvisor’s password.
DynaStar_26 services
CCESSING THEDYNASTARSUPERVISOR
The required console terminal device is 9600 Baud, 7 bits, even parity, and 1 stop bit.
•
Telnet to the DS2000-TS's IP addre ss from a Telnet client (on standard port 23).
•
1 Console
2 Virtual Async Port
Enter service selection:
DS2000-TS Administrator’s Guide
Figure 2- 1. Telnet Screen
2 - 3
C
HAPTER
Accessing the DynaStar Supervisor
Supervisor Overview
2 -
DynaStar Supervisor
DynaStar 2000
Software Version number 7.2 (RC38)
Copyright (C) 1990-2005 Dymec, Inc. All rights reserved.
Press ESC to exit, Ctrl-W for Wyse Terminal
To return to Supervisor, type 9999 <RET>
Enter Password:
Figure 2-2. Login Screen
NOTE: If the DS2000-TS was already booted before the console device was connected, you
&
&
&&
2.3.2
may see a simple “*“ prompt and not the supervisory herald as shown above. This indicates
that the logon screen timed out, terminating the active session and switching to a pure
listening mode. Type “9999" to display the logon/supervisory herald as shown in
Figure 2-2.
Logging In
At the Enter Password prompt, type the password and press <Enter>. The password is case sensitive. The
factory default password is “secret” and a first-time login requires using the default login pass word. Type
secret and press <Enter>. If a valid password is not received in three attempts, the connection to the
Supervisor clears, and the message CLR PAD is displayed. To reconnect to the Supervisor, type in “9999”
and press <Enter>. Check the Cap s Lock setting if a password fails unexpectedly.
Instructio ns for changing the default password and establi shing multiple user levels and differ ent passwords
for each level are provided in Appendix D, “Security Commands”.
2 - 4
DS2000-TS Administrator’s Guide
C
HAPTER
Supervisor Overview
2 -
Supervisor Menus
2.4 S
UPERVISORMENUS
The Main Menu, shown in Figure 2-3, shows the four main branches of the Supervisor command hiera rchy.
The submenus in these four main areas of the Supervisor provide a full set of menu-driven commands.
The four subsections shown in the Main menu are:
• Port
• Network
• System
• Security
*** Main Menu ***
1 - Port Configuration, statistics, activation, monitoring
2 - Network TCP/IP, Bridge, Terminal Server and Frame Relay
3 - System Event log, buffer status, restart, SNMP, clock set
4 - Security Passwords, menu access and security options
__________[DynaStar_24]___________
Terminate input with <RET> Press ESC to return to previous menu
Enter command number:
Figure 2-3. Main Menu
An overview of the Supervisor application menu structure is shown in Figure 2-4. The menu structure is
divided into four se ctions: Port, Network, System and Security. The figure gives only the top level view of
the menu structure. The following subsections provide high-level descriptions of the structure and uses for
each of these four subsections. The Appendices provide an in-depth reference for each of the Main m enu
comman d areas.
DS2000-TS Administrator’s Guide
2 - 5
C
HAPTER
2 -
Supervisor Menus
Supervisor Overview
MAIN MENU
<1>
<2>
<3>
Port
<Enter>
Port Status
Network
System
<1>
<2>
<3>
<1>
<2>
<3>
<4>
Router
Terminal
Server
Async
Services
Code Versions
Restart
Event Log
Buffer Usage
<1>
<2>
<3>
<4>
Configuration
Statistics
Disable/
Enable
Protocol
Monitor
System
<5>
Parameters
<6>
Date & Time
<4>
Security
<7>
<1>
<2>
<4>
<3>
SNMP
Password
Change
Access
Security
Security
Options
Console
Monitor
Figure 2-4. Supervisor Menu Hierarchy Overview
2 - 6
DS2000-TS Administrator’s Guide
C
HAPTER
Supervisor Overview
2 -
Supervisor Menus
2.4.1 Port Menus
Selecting <1> Port on the Main menu takes you to the Port Selection menu where the user selects a port to
configure, enable/disable, view statistics, or display the current data being transferred (using the built-in
Protocol Monitor). The Port Menu (Figure 2-5) displays a list of the DS2000-TS ports listing the port
number and port name al ong with a prompt a sking the user t o spec if y a port. Entering a port number presents
the user with the Port Function menu (Figure 2-7) showing the functions that are available on t hat port.
*** Port Menu ***
Port Name
E0 Ethernet S13 SERIAL-S13 S29 SERIAL-S29
S0 Sync/Async S14 SERIAL-S14 S30 SERIAL-S30
CON Console S15 SERIAL-S15 S31 SERIAL-S31
10 Virtual PAD S16 SERIAL-S16 S32 SERIAL-S32
S1 SERIAL-S1 S17 SERIAL-S17
S2 SERIAL-S2 S18 SERIAL-S18
S3 SERIAL-S3 S19 SERIAL-S19
S4 SERIAL-S4 S20 SERIAL-S20
S5 SERIAL-S5 S21 SERIAL-S21
S6 SERIAL-S6 S22 SERIAL-S22
S7 SERIAL-S7 S23 SERIAL-S23
S8 SERIAL-S8 S24 SERIAL-S24
S9 SERIAL-S9 S25 SERIAL-S25
S10 SERIAL-S10 S26 SERIAL-S26
S11 SERIAL-S11 S27 SERIAL-S27
S12 SERIAL-S12 S28 SERIAL-S28 Enter Port Number:
_________[DynaStar_6b2c]__________
Press ESC to return to previous menu Press <RET> for port status
Figure 2-5. Port Menu
There is an advanced menu selection accessible from the Port Menu called the Port Status menu, and
shown in Figure 2-6. The advanced menu shows the current status of all ports and is reached by pressing
<Enter> while in the Port Menu. From the Port Status menu, the user may either select the port number to
jump to the Port Function screen or press <Esc> to exit to the Port Selection menu.
DS2000-TS Administrator’s Guide
2 - 7
C
HAPTER
2 -
Supervisor Menus
*** Port Status ***
DynaStar 2000 12-11-05 7:33:55
Ethernet SLOT 1 SLOT 2
Port number: E0 S1 - S16 S17 - S32
Name: Ethernet MUSART MUSART
Interface: IS-Enet
Protocol: Ethernet
State: Enabled
Status: Link Down
Sync/Async HS WAN 1 HS WAN 2 Console
Port number: S0 CON
Name: Sync/Async No board No board Console
Interface: RS-232 RS-232
Protocol: PAD Console
State: Enabled Enabled
Status: Down Up - 1
Enter slot # to view status of multiple-port module:
_________[DynaStar_6b2c]__________ Enter Port Number:
Press ESC to return to previous menu
Supervisor Overview
Figure 2-6. Port Status Menu
Selecting a port from either the Port Selection menu or the Port Status menu, displays the Port Functions
menu as shown in Figure 2-7. From the Port Functions menu the user can select to:
• Configure the port
• Obtain Statistics on the port
• Disable or Enable the por t
• Use the Protocol monitor to view the traffic being passed o n the port
Appendix A, “P ort Functions” in the rear of this manual provides details on the Port related menus.
*** Functions For Port S1 ***
1 - Configuration Configure protocol and port parameters
2 - Statistics Display port statistics
3 - Disable/Enable Disable, enable, initialize or busy
4 - Protocol Monitor Display transmitted/received data packets
Enter command number:
_________[DynaStar_6b2c]__________
Terminate input with <RET> Press ESC to return to previous menu
Figure 2-7. Port Functions Menu
DS2000-TS Administrator’s Guide
2 - 8
C
HAPTER
Supervisor Overview
2 -
Supervisor Menus
2.4.2 Network Menus
The Network menu and it s sub menus provi de the means t o conf igur e and ch eck the lo ca l area network s etup
(e.g., IP Router and Ethernet switch). Selecting the <2> Network submenu from the Main menu displays
the Networking Setup and Status menu shown in Figure 2-8.
*** Networking Setup and Status ***
1 - Router Configure and display router options
2 - Terminal Server Configure Async-TCP/IP terminal server
3 - Async Services Configure Async options
Enter command number:
_________[DynaStar_6b2c]__________
Terminate input with <RET> Press ESC to return to previous menu
Figure 2-8.Networking Setup and Status Menu
Through these setup and status menu items, the user can configure the system Router, Terminal Server, and
Async settings for all of the ports and connections to the DS2000-TS. The conf iguration options include:
• Router - Setup and Status
• IP port configuration
• IP Routes and display
• IP static route setu p
• IP filters
• TCP/IP status
• OSPF (Open Shortest Path First) (not opera tional in the DS2000-TS)
• DHCP (Dynamic Host Configuration Protocol)
• VPN (Virtual Private Network)
• VRRP (Virtual Router Redundancy Protocol) (not operational in the DS2000-TS
• TCP Multicast
• Terminal Server - Configuration
• Async - Services
• PAD ( Packet Assembler Disassembler) profile settings
• Logon screen settings
A complete re ference for the Networking Setup and Status menus is in Appendix B, “Network Commands ”.
2.4.3 System Menus
Selecting option <3> Systems from the Main menu displays the System Functions sub-menu shown in
Figure 2-9. Within these submenus, the user can:
DS2000-TS Administrator’s Guide
2 - 9
C
HAPTER
2 -
Supervisor Menus
Selecting <1> Code Versions from the Systems Funct ions menu shows the file structure held in memory,
including the configuration files. This also allows the user to delete files from memory. The file system can
hold multipl e copie s of t he Operating Syst em in th e Flash memory. The operator can delete unwante d cop ies
of the file system and free up space by enabling defragmentation of the file system.
Selecting <2> Restart from the Systems Functions menu allows the Administrator to restart the system
using a Warm restar t, Co ld re sta rt, or Reini ti aliz e (Re ini tial iz e wil l on ly appe ar i f the re is a cnfgload.cmp file
present ) . All o p t io n s wi l l r eb o ot t he sys tem an d r es t art a ctive operations; however, they differ in the source
used for the operating software and active configuration file during, and after, the restart operation.
Selecting <3> Event Log from the Systems Functions menu displays the event log for the DS2000-TS. The
event log contains status, information, and error messages with date and time stamp.
Selecting <4> Buffer Usage from the Systems Functions menu displays the Buffer Pool Status screen
containing information on the installed memory and the current buffer utilization.
Supervisor Overview
Vie w the current versions of software running and stored on the DS2000-TS
•
Restart the system with WARM and COLD start commands
•
Vie w the event log
•
Check the buffe r usage
•
Set a unique system name and screen herald
•
Configure the system clock and time
•
• Setup the SNMP pa rameters.
Selecting <5> System Parameters from the Systems Functions menu brings up a screen where the user can
set the Serv er name and Supervisor console herald.
Selecting <6> Date & Time from the Systems Functions menu to modify the on-boa rd Real Time Clock.
The time an d date are initially preset. The Real Time Clock is ba t t ery backed up so this adjustment only
needs periodic adjustments to compensate for leap years, etc.
Selecting <7> SNMP from the Systems Functions menu gives the user acces s to SNMP information and
settings including system information, read/write community strings, and SNMP trap addresses.
For a detailed description of the Supe rvisor System level hierarchy refer to Appendix C, “System
Functions”.
2 - 10
DS2000-TS Administrator’s Guide
C
HAPTER
*** System Functions ***
1 - Code Versions Display downloaded software versions
2 - Restart Restart or initialize system
3 - Event Log Display system event log
4 - Buffer Usage Display system buffer usage
5 - System Parameters Configure system-wide parameters
6 - Date & Time Set the system date and time
7 - SNMP Configure community strings, trap IP addresses
Supervisor Overview
2 -
Supervisor Menus
__________[DynaStar_24]___________
Terminate input with <RET> Press ESC to return to previous menu
Enter command number:
Figure 2-9. System Functions Menu
2.4.4 Security Menus
The Supervisor Security menu al lows the Admini strator (Roo t) to set va rious le vels of security. The security
is assigned based on the user (operator) and also by setting access levels to functions. Selecting <4>
Security from the Main Menu accesses the Security Functions menu shown in Figure 2-10.
In addition to the standard root access, the DS2000-TS supports access for up to five additional operators.
The root user defines the names and access authorizations of these operators. Three levels of access are
configurable : No Access (N), Read -Only Acce ss (R), and W rit e Access (W). No Access , bloc ks the operator
from accessing a given group of commands. Read-Only Access, allows the operator to view parameters, but
not change them. Write Access, provides the ability to read and modify parameters. The root user has Write
Access to all commands. By default, the operator settings a r e No Acce s s fo r al l g roups of commands. There
are no default pa sswords for the five operators. The root user must configure these passwords, and it is also
recommended that a new root user password be assigned once the DS2000-TS is installed.
DS2000-TS Administrator’s Guide
2 - 11
C
HAPTER
2 -
Supervisor Menus
*** Security Functions ***
1 - Password Change Set console user names & passwords
2 - Access Security Set operator menu access permissions
3 - Security Options Set validation options and methods
4 - Console Monitor Display or configure console monitor log
Enter command number:
_________[DynaStar_6b2c]__________
Terminate input with <RET> Press ESC to return to previous menu
Supervisor Overview
Figure 2-10. Security Functions Menu
To change the password of the root user or operat ors, Select <1> Password Change from the Security
Functions menu.
T o set the access security parameters for the various system login accounts (user/operators), select <2>
Access Security from the Security Functions menu. The Access Control m enu for the de signa ted operato rs
appears. T here are three types of securi ty at the s ystem level implemented on the DS2000-TS. These give
access by function and also by user password.
By selecting <3> Security Options from the Security menu the administrator can enable Enforce Secure
passwords. By selecting this method the system prompts for a user name as well as the use of minimum
length password and to use a mix of alpha and numeric characters, when new passwords are entered. To
enable the Enforce Se cure password policy, select <3> Security Options from the Security menu.
<4> Console Monitor displa ys the monitor log and lets the operator configure which events are monitored.
CAUTION: If the root password is lost the user must contact Dymec customer support. For
contact instructions refer to “Contacting Dymec” on pagevi.
Refer to Appendix D, “Security Commands” for details on setting other security options.
2 - 12
DS2000-TS Administrator’s Guide
Loading...