Raritan DSX-0N-E - Manual - manualsarea.com

Page 2 - This page intentionally left blank.

Page 3 - regional Raritan office contact information.

Copyright and Trademark Information This document contains proprietary information that is protected by copyright. All rights reserved. No part of this document may be photocopied, reproduced, or translated into another language without express prior written consent of Raritan, Inc. © Copyright 2007...

Page 4 - Safety Guidelines; Do not use a 2-wire power cord in any product configuration.; Rack Mount Safety Guidelines; Appendix A: Specifications; Ensure sufficient airflow through the rack environment.

Safety Guidelines To avoid potentially fatal shock hazard and possible damage to Raritan equipment: • Do not use a 2-wire power cord in any product configuration. • Test AC outlets at your computer and monitor for proper polarity and grounding. • Use only with grounded outlets at both the computer a...

Page 5 - Contents

C ONTENTS i Contents Preface.............................................................................................................................. xii Audience .................................................................................................................... xii Conventions...

Page 6 - SX

ii D OMINION SX U SER G UIDE Chapter 7: Port Configuration and Port Access Application ......................................31 Port Keywords ........................................................................................................... 31 Port Configuration ...............................

Page 7 - Administrator Tools

C ONTENTS iii Test the SMTP Logging ...................................................................................................................76 Configuring NFS Logging .......................................................................................... 76 Configuring SNMP Logging.......

Page 9 - Invalidloginretries

C ONTENTS v Factoryreset Command ................................................................................................................. 136 Firmware Command ...................................................................................................................... 137 Logoff Co...

Page 11 - Figures; Figure 27 Edit

F IGURES VII Figures Figure 1 Dominion SX16 Unit....................................................................................................................... 1 Figure 2 Rear Panel of the DSXA-32 ..................................................................................................

Page 14 - Tables

x D OMINION SX U SER G UIDE Tables Table 1 Factory Default Network Settings .................................................................................................... 5 Table 2 Java Runtime Parameters.............................................................................................

Page 16 - Preface; Audience; CRONYM; Enter

xii D OMINION SX U SER G UIDE Preface The Dominion SX User Guide provides the information needed to install, set up and configure, access devices such as routers, servers, switches, VPNs, and power strips, manage users and security, and maintain and diagnose the Dominion SX secure console server. Au...

Page 17 - VPN; Notices; Note: general information that is supplemental to the text.

P REFACE XIII A CRONYM M EANING VPN Virtual Private Network Notices Important: cautionary information that warns of possible affects on the users, corruption risks, and actions that may affect warranty and service coverage. Note: general information that is supplemental to the text.

Page 19 - Chapter 1: Introduction; Dominion SX Overview

C HAPTER 1: I NTRODUCTION 1 Chapter 1: Introduction Dominion SX Overview The Dominion SX Series of Serial over IP Console Servers offers convenient and secure, remote access and control through LAN/WAN, Internet, or Dial-up modem to all networking devices. The Dominion SX: • Provides a non-intrusive...

Page 20 - Product Features; Comprehensive Console Management

2 D OMINION SX U SER G UIDE Product Features Comprehensive Console Management • Remote Management: Access, monitor, administer, and troubleshoot up to 48 target devices (depending on the model) via Secure Socket Shell (SSH), Telnet, Local Port or Web browser with only one IP address. • Direct Port A...

Page 21 - Package Contents; Each Dominion SX ships with the following:; Dominion SX User Guide; CD-ROM, which contains the installation and; Dominion SX Quick Setup Guide

C HAPTER 1: I NTRODUCTION 3 Package Contents Each Dominion SX ships with the following: • (1) Dominion SX unit with mounting kit (Rack-mount kit is optional on some units) • (1) Raritan Dominion SX User Guide CD-ROM, which contains the installation and operations information for the Dominion SX • (1...

Page 23 - Chapter 2: Installation; EFAULT; Client Configuration; Proxies

C HAPTER 2: I NSTALLATION 5 Chapter 2: Installation There are two ways of completing the initial network installation of the Dominion SX: • Using a serial cable with a VT100/equivalent, such as a PC with HyperTerminal. • Using Ethernet (with an installation computer). This section describes the step...

Page 24 - Hardware Installation; Physical Installation of Dominion SX for Initial Configuration; Power ON the Dominion SX unit.; LED State; Ethernet packets are received or transmitted.

6 D OMINION SX U SER G UIDE Hardware Installation Figure 2 Rear Panel of the DSXA-32 Physical Installation of Dominion SX for Initial Configuration 1. Use a computer with a network card and crossover network cable. This computer will be referred to as the ‘installation computer.’ 2. Physically mount...

Page 25 - Initial Configuration Using the Graphical User Interface (GUI); Network Access; route print; Appendix C: Certificates

C HAPTER 2: I NSTALLATION 7 Initial Configuration Using the Graphical User Interface (GUI) To initially configure the Dominion SX unit from the Graphical User Interface, follow the steps below. Network Access 1. Ensure that the installation computer has the route for 192.168.0.192 and that it can co...

Page 26 - admin; Exit

8 D OMINION SX U SER G UIDE The login screen appears after you finish viewing the security alerts and the Certification Information screen. Figure 4 DSX Login Screen 7. Log in with the default username admin and password raritan. Use all lowercase letters. A Restricted Service Agreement Screen appea...

Page 27 - Initial Configuration Using the Command Line Interface; Set Date and Time; Configuration; clock

C HAPTER 2: I NSTALLATION 9 Initial Configuration Using the Command Line Interface To initially configure the Dominion SX unit from the Command Line Interface, follow the steps below. 1. Connect the serial port of your Installation Computer to the Terminal serial port on your Dominion SX. This port ...

Page 28 - User Configuration; To add a user group; top

10 D OMINION SX U SER G UIDE 1. Type Configuration to change the unit’s configuration. 2. Type Network to select the network configuration. 3. Type: admin > Config > Network > interface enable true if lan1 ip 192.16.151.12 mask 255.255.255 gw 192.168.51.12 .Upon successfully entering the da...

Page 29 - Chapter 3: Initial Software Configuration; Chapter; Dominion SX Initial Software Configuration; Click the; Setup

C HAPTER 3: I NITIAL S OFTWARE C ONFIGURATION 11 Chapter 3: Initial Software Configuration After the hardware installation, perform the initial software configuration. Do this by logging onto the Dominion SX from either a browser or through a Command Line Interface (See Chapter 12: Command Line Inte...

Page 30 - perform the next configuration task.; Date / Time Configuration; Date / Time Settings successfully applied.

12 D OMINION SX U SER G UIDE Important: After you complete each configuration task, you must return to the Setup tab to perform the next configuration task. Date / Time Configuration 1. Click the Date / Time in the Configuration section of the Setup Screen. The Date / Time Configuration screen appea...

Page 31 - Network Configuration

C HAPTER 3: I NITIAL S OFTWARE C ONFIGURATION 13 Network Configuration 1. Click Network in the Configuration section of the Setup screen. The Network Configuration Screen appears. Note: If you have a dual LAN model, there is an Eth Failover checkbox that is selected by default, but can be turned off...

Page 32 - Deployment; LAN Connection; IPAddress

14 D OMINION SX U SER G UIDE Deployment 1. You can remotely access the Dominion SX through a: LAN connection or a modem connection (optional). 2. The Dominion SX can access target devices only through a serial connection. LAN Connection After the initial software configuration phase, configure the D...

Page 33 - Chapter 4: Network Settings and Services; Configuring the Basic Network Settings; Give the DSX a Name

C HAPTER 4: N ETWORK S ETTINGS AND S ERVICES 15 Chapter 4: Network Settings and Services This chapter explains how to configure the basic network settings for the DSX, and how to configure the various access protocols (SSH, telnet, etc.) It also explains how to configure the DSX for modem access, an...

Page 34 - Change the Discovery Ports; OK; Configuring the Network Service Settings; Service

16 D OMINION SX U SER G UIDE Change the Discovery Ports The DSX has two discovery ports: • TCP 5000 Common Socket Connection (CSC) discovery • UDP 5000 Command Center (CC) discovery If either of these ports is used by another application, you can change the discovery port number in the DSX in the ap...

Page 35 - To change any of these network service settings:; tab, and then click; Services; . The Network Service Settings screen appears.; Make any necessary changes to the appropriate fields.

C HAPTER 4: N ETWORK S ETTINGS AND S ERVICES 17 To change any of these network service settings: 1. Click the Setup tab, and then click Services . The Network Service Settings screen appears. Figure 13 Network Service Settings 2. Make any necessary changes to the appropriate fields. 3. Click OK .

Page 36 - Configuring Modem Access; Configuring IP Forwarding and Static Routes; Enable IP Forwarding

18 D OMINION SX U SER G UIDE Configuring Modem Access You can access the DSX via a modem. To set this up: 1. Click the Setup tab, and then click Modem . The Modem Settings screen appears. Figure 14 Modem Settings Screen 2. Click the checkbox labeled Enable Modem to enable modem access. 3. Type the I...

Page 37 - Add a New Static Route

C HAPTER 4: N ETWORK S ETTINGS AND S ERVICES 19 Add a New Static Route To add a new Static Route: 1. Click the Setup tab, and then click Static Routes . The Static Routes screen appears. It consists of an Enable IP Forwarding panel and a Static Routes List. Figure 16 Static Routes List 2. Go to the ...

Page 38 - Delete a Static Route

20 D OMINION SX U SER G UIDE Delete a Static Route To delete a static route: 1. Click the Setup tab, and then click Static Routes . The Static Routes screen appears. It consists of an Enable IP Forwarding panel and a Static Routes List. 2. Go the Static Routes List and click the checkbox next to the...

Page 39 - Chapter 5: User Profiles and Groups; Managing User Profiles; Display a List of User Profiles; Create a User Profile

C HAPTER 5: U SER P ROFILES AND G ROUPS 21 Chapter 5: User Profiles and Groups This chapter explains how to create and manage user profiles and user groups. Managing User Profiles User profiles serve two purposes: • To provide users with a username and password to log into the DSX • To associate the...

Page 41 - Modify a User Profile; Managing User Groups

C HAPTER 5: U SER P ROFILES AND G ROUPS 23 Tip: If the user group you want has not yet been created, you can create it and then return to the user profile and select it. For now, keep the default. 9. Decide whether or not to activate this profile immediately. By default, the Active checkbox is selec...

Page 42 - Display a List of User Groups; Create a User Group

24 D OMINION SX U SER G UIDE Display a List of User Groups To display a list of existing user groups, click the User Management tab, and then click User Group List . The Group List screen appears (Figure 20). Figure 20 Group List Screen The Group List screen shows every user group created to date, a...

Page 43 - Modify a User Group

C HAPTER 5: U SER P ROFILES AND G ROUPS 25 • Observer Users associated with the Observer class have read-only access to the console window, and cannot change any system configuration parameters except their own password. 5. Select the ports that the users associated with this group are permitted to ...

Page 45 - Chapter 6: Remote Authentication; Configuring RADIUS

C HAPTER 6: R EMOTE A UTHENTICATION 27 Chapter 6: Remote Authentication This chapter explains how to configure RADIUS, LDAP, and TACACS+ authentication. Tip: If you are setting up remote authentication, it is a good idea to still keep local authentication enabled. When an authentication request reac...

Page 46 - Configuring LDAP

28 D OMINION SX U SER G UIDE Configuring LDAP You can use the Lightweight Directory Access Protocol (LDAP) to authenticate DSX users instead of local authentication. To configure LDAP: 1. Click the Setup tab, and then click Remote Authentication . The Remote Authentication screen appears. It contain...

Page 49 - Port Keywords; Keyword

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 31 Chapter 7: Port Configuration and Port Access Application Port configuration allows Administrators to define the serial/console port settings in order to communicate with remote target devices. Note: You can access the Raritan Serial...

Page 50 - Port Configuration; Edit

32 D OMINION SX U SER G UIDE Port Configuration To configure one or more ports: 1. Click the Setup tab, and then click Port Configuration . The Port Configuration screen appears. Figure 26 Port Configuration Screen 2. Select the port(s) you want to configure. You can select one port or several ports...

Page 51 - Note: The minimum baud rate supported for local port access is 9600.

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 33 The Edit Port screen appears. Figure 27 Edit Port Screen 3. Make sure the port values match the target system’s serial port configuration for the first three values. • Select the Baud Rate from the Baud Rate drop-down menu. Note: The...

Page 52 - Direct Port Access; The system will need to be rebooted for changes to take effect.

34 D OMINION SX U SER G UIDE 6. Select the escape mode. The default is None . Change as follows: • Select Control from the drop-down menu in the Escape Mode field. • Type the Escape Character. The default for the Dominion SX is ] (closed bracket ). 7. Select the terminal emulation type from the drop...

Page 53 - Use the following steps to launch the Raritan Serial Client (RSC).

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 35 Anonymous Port Access Anonymous port access allows users to access DPA configured ports without entering a password. To enable the feature: 1. Click the Security tab, and then click Login Settings . The Login Settings screen appears ...

Page 54 - Raritan Serial Client Requirements for Java; The RSC will function with; JRE version; Java Applets and Memory Considerations; Change the; Runtime; settings for Java Applets.; Advanced Tab; Locate; Java Runtime Settings.

36 D OMINION SX U SER G UIDE Raritan Serial Client Requirements for Java The Raritan Serial Client (RSC) requires a PC of minimum 1.0 GHz CPU speed with 512 MB RAM. Java must be installed to access targets (managed devices) before you can use the RSC. Java Runtime Environment (JRE) The RSC will func...

Page 55 - ALUES

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 37 Table 2 Java Runtime Parameters -Xms<Size> in bytes Sets the initial size of the Java heap. 2097152 (2MB) • The -server flag increases the default size to 32M. • The values must be a multiple of, and greater than, 1024 bytes (1...

Page 56 - Raritan Serial Client Interface; Important: The Raritan Serial Client (Console) Screen usually; opens in a separate; With some versions of Java on Windows, the; Port Access

38 D OMINION SX U SER G UIDE Raritan Serial Client Interface Important: The Raritan Serial Client (Console) Screen usually opens in a separate window in back of the Port Screen. With some versions of Java on Windows, the screen opens in front of the Port Screen. Minimize the Port Access screen to ac...

Page 57 - Click on the; Emulator; drop-down menu to display a list of topics.; Change the default; Idletimeout; setting and then launch the RSC.

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 39 Emulator 1. Change the default user Idle Timeout setting before launching the RSC for the first time or it will timeout in 10 minutes and display a host termination message. See the Security section of the Dominion SX User Guide for ...

Page 58 - Settings

40 D OMINION SX U SER G UIDE Note: If the RSC Idletimeout expires, the Dominion SX Idletimeout period begins. Settings Note: Terminal emulation settings are set with the port by an Administrator using the Setup->Port Configuration menu. 1. On the Emulator menu, click Settings. The Settings screen...

Page 59 - Display Settings

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 41 Display Settings 1. Return to the Emulator menu, select Settings and then click the Display tab. Figure 35 Display Settings Window 2. Click Default to accept the Default settings. Then click Ok to close the Display Settings window ; ...

Page 62 - Connected Users

44 D OMINION SX U SER G UIDE Connected Users The Connected Users command allows you to view a list of other users who are currently connected on the same port. 1. Click Connected Users to view the connected users on the Emulator menu. Figure 37 Connected Users Window 11. A check mark appears in the ...

Page 63 - Copy and Paste All Text:

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 45 Edit Use the Copy, Paste , and Select All text commands to relocate and/or re-use important text. Figure 38 Edit Commands - Copy, Paste, and Select All Text Copy and Paste All Text: 1. Click Select All on the Edit menu. 2. Click Copy...

Page 64 - Tools

46 D OMINION SX U SER G UIDE Tools 1. Click on the Tools drop-down menu to display a list of topics. Figure 39 Tools Menu

Page 65 - Start Logging; Stop Logging

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 47 Start Logging The Start Logging function allows you to collect raw console data from the target device and save it to a file in your computer. When you start the RSC, the Logging indicator on the status bar indicates whether logging ...

Page 66 - Send Keystroke; Send Text File; Chat

48 D OMINION SX U SER G UIDE Send Keystroke 1. On the T ools menu, click Send Keystroke. A Send Keystroke screen appears: Figure 41 Send Keystroke 2. Enter the keystroke combinations that you want and select a Key Code name from the drop-down menu. 3. Send the keystroke combinations. Send Text File ...

Page 67 - Help; Help Topics

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 49 To use Chat: 1. Click Chat on the Chat menu . Figure 42 SecureChat Command and User Chat Window 2. Type a message in the Message text field. 3. Click Send or press ENTER to send the message. 4. Click Clear to delete the typed text, o...

Page 68 - To Access ‘About’ Information:; About Raritan Serial Console; Figure; Standalone Raritan Serial Console Installation

50 D OMINION SX U SER G UIDE To Access ‘About’ Information: 1. Click About Raritan Serial Console on the Help menu. An About Raritan Serial Console message appears on top of the Raritan Serial Console drop-down menu: Figure 43 Sample of the About Raritan Serial Console Window 2. Click OK to close th...

Page 69 - Setting Windows OS Variables; Open the Start menu, and then open the Control Panel and choose; System; Go to; Advanced; and open; Environment Variables; New

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 51 • Ensure that Java can be started from the command line. To do this, environment variables must be configured. Make a note of the exact path where Java was installed. (The path information will be used later.) Setting Windows OS Vari...

Page 70 - Click

52 D OMINION SX U SER G UIDE 5. Click OK . Figure 45 Windows OS: New System Variable 6. Select the PATH variable and click Edit. 7. Add %JAVA_HOME%\bin to the end of the current Variable value. Ensure a semicolon (;) separates the new value from the last value in the string.

Page 72 - Setting Linux OS Variables; java –version

54 D OMINION SX U SER G UIDE Setting Linux OS Variables If you want to set Java for this user only, open and edit .profile file located in the /home/Username folder. If you want to set Java for all users, open .profile file in your /etc folder 1. Find the line where you set your PATH Example: export...

Page 73 - Installing Standalone RSC for Windows; You must have administrative privileges to install RSC.; Next; . The installation progress screen appears.

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 55 Installing Standalone RSC for Windows You must have administrative privileges to install RSC. 1. Log on to a Windows machine. 2. Download, or copy from a known location, the RSC-installer.jar installation file. 3. Double-click on the...

Page 74 - Launching RSC on Windows Systems; shortcut

56 D OMINION SX U SER G UIDE 7. Click Next. The Windows shortcut screen appears. Figure 50 RSC Windows Shortcut Screen 8. Specify the desired Program Group for the Shortcut. 9. Click Next . The installation finished screen appears. 10. Click Done . Launching RSC on Windows Systems 1. Double-click on...

Page 75 - Installing RSC for Sun Solaris

C HAPTER 7: P ORT C ONFIGURATION AND P ORT A CCESS A PPLICATION 57 2. Enter the Dominion SX IP address, account information, and the desired target (port). 3. Click Start. The RSC opens with a connection to the port. Figure 52 Standalone RSC Connected to Port Window Note: In case of unrecognized cha...

Page 76 - Launching RSC on Sun Solaris

58 D OMINION SX U SER G UIDE 6. The Set Installation Path screen appears. a) Select the directory where you want to install RSC and click Next . b) Click Browse to navigate to a non-default directory. c) Click Next when the installation is complete. d) Click Next again. The installation is complete....

Page 77 - Security Settings; Security

C HAPTER 8: S ECURITY 59 Chapter 8: Security There are a number of elements to consider when addressing security for console servers. The following are some of the Security aspects: • Encrypting the data traffic sent between the operator console and the DSX unit. • Providing authentication and autho...

Page 78 - Login Settings; Local Authentication

60 D OMINION SX U SER G UIDE Login Settings Click Login Settings on the Security Settings screen to access the Login Settings screen, which contains the Local Authentication, Login Handling, and Strong Password Settings panels.. Figure 54 Login Settings Screen Local Authentication 1. Go to the Local...

Page 79 - Strong Password Settings; Certificates

C HAPTER 8: S ECURITY 61 Strong Password Settings To enable strong passwords, go to the Strong Password panel and select the requirements for a strong password. This includes maximum and minimum length and special character requirements. Configure Kerberos Figure 55 Kerberos Settings 1. Click Enable...

Page 80 - Generate a Certificate Signing Request

62 D OMINION SX U SER G UIDE Generate a Certificate Signing Request To generate a Certificate Signing Request (CSR): 1. Click the Security tab, and then click Certificate . The Certificate screen appears. Figure 56 Certificate Signing Request 2. Click the checkbox labeled Generate a Certificate Sign...

Page 81 - Install a User Key; Install a User Certificate

C HAPTER 8: S ECURITY 63 Install a User Key To install a user key on the DSX: 1. Click the Security tab, and then click Certificate . The Certificate screen appears. Figure 57 Install User Key 2. Click the checkbox labeled Install User Key . 3. Type the following information in the corresponding fie...

Page 82 - Install User Certificate; SSL Client Certificate

64 D OMINION SX U SER G UIDE 2. Click the checkbox labeled Install User Certificate . 3. Type the following information in the corresponding fields: • The IP address of the host with the certificate • A login and password on the host • The path and name of the file containing the certificate 4. Clic...

Page 84 - Enable SSL Client Certification; Certificate Authority; Install Certificate Authority

66 D OMINION SX U SER G UIDE Enabling Client Certificate Authentication: To enable Client Certificate Authentication: 1. Click Enable SSL Client Certification . 2. Click OK to enable the Client Certificate authentication. Installing a New Trusted Certificate Authority To install a new trusted Certif...

Page 85 - Viewing a Certificate Revocation List; Banner

C HAPTER 8: S ECURITY 67 Viewing a Certificate Revocation List To view a CRL: 1. Click View Certificate Revocation Lis t. 2. Click OK to retrieve the list of CRLs. Banner Dominion SX optionally supports a customizable (maximum 5000 words, 8 words per row) welcome banner that is displayed after login...

Page 86 - Security Profiles; About Security Profiles; Edit the Custom Profile

68 D OMINION SX U SER G UIDE Security Profiles The DSX provides three security profiles that you can use. They simplify the assigning of permissions to users and groups by defining basic permissions that automatically apply to all users. About Security Profiles The three security profiles are: • Sta...

Page 87 - Edit Custom Profile; link. The Edit Custom Security Profile screen appears.; Check one or all of the following fields.

C HAPTER 8: S ECURITY 69 2. Click the Edit Custom Profile link. The Edit Custom Security Profile screen appears. Figure 62 Edit Custom Security Profile Screen 3. Check one or all of the following fields. • Telnet Access • Strong Password Required • Single Login Per User • Timeout Required • TLS Requ...

Page 88 - Firewall; Enable the Firewall; Add an IPTables Rule

70 D OMINION SX U SER G UIDE Firewall The DSX provides a firewall function to provide protection for the IP network and to control access between the internal router and the LAN 1, LAN 2 and the dial modem interfaces. Enable the Firewall To enable the firewall: 1. Click the Security tab, and then cl...

Page 89 - Configuring Local Event Logging; Enable the Event Log File; Enable System Logging

C HAPTER 9: L OGGING 71 Chapter 9: Logging This chapter explains how to enable and configure the various DSX logs. Configuring Local Event Logging To configure the local log settings, click the Setup tab, and then click Log . The Log Settings screen appears. It contains a number of individual loggin...

Page 90 - Enable Port Logging

72 D OMINION SX U SER G UIDE 4. Click OK . Enable Port Logging You need to configure port logging after you have enabled NFS logging (see “Configuring NFS Logging” below). This feature enables port data to be logged to a Network File System (NFS) server. This allows you to save and access the log fi...

Page 91 - Authentication failure.

C HAPTER 9: L OGGING 73 Mon Nov 06-2006 13:46:20 -------- admin connected to port-------- Mon Nov 06-2006 13:46:21 -------- admin got write access -------- Password: Authentication failure. Username: admin Password: Authentication successful. ---------------------------------------------------------...

Page 92 - Configure Input Port Logging; Configuring Encryption

74 D OMINION SX U SER G UIDE Configure Input Port Logging To enable input port logging: 1. Go to the Input Port Logging panel and click the Enable Input Port Logging checkbox. (To turn this feature off, clear this checkbox.) Figure 68 Input Port Logging Panel 2. Type a directory for input in the In ...

Page 93 - Configuring SMTP Logging; Enable SMTP Logging; Select a New SMTP Event

C HAPTER 9: L OGGING 75 Configuring SMTP Logging To configure SMTP logging, click the Setup tab, and then click Events . The SMTP Logging screen appears. This screen contains and SMTP Settings panel and a New SMTP Event panel. Enable SMTP Logging To enable SMTP logging: 1. Go to the SMTP Settings pa...

Page 94 - Available events include:; Destination; Test the SMTP Logging; Configuring NFS Logging; Input

76 D OMINION SX U SER G UIDE Available events include: • event.amp.notice.port.connection • event.amp.notice.user.logoff • event.amp.notice.backup • event.amp.notice.restore • event.amp.notice.config.directaccesslockout • event.amp.notice.reboot • event.amp.notice.boot • event.amp.notice.config.data...

Page 96 - Configuring SNMP Logging; Enable SNMP Logging; Create a New SNMP Destination

78 D OMINION SX U SER G UIDE Configuring SNMP Logging The DSX supports Simple Network Management Protocol (SNMP) traps and logging. Enable SNMP Logging To enable SNMP logging: 1. Click the Setup tab, and then click SNMP . The SNMP screen appears. 2. Go to the SNMP Setting panel and click the Enable ...

Page 97 - Chapter 10: Maintenance; Managing the Local Event Log; Display the Local Event Log; Feb 5 12:55:25 DominionSX DomSX: DominionSX notice SXSystemReady; Clear the Event Log

C HAPTER 10: M AINTENANCE 79 Chapter 10: Maintenance The Dominion SX maintenance features presented in this chapter allow the administrator perform the following tasks: • Manage event logs. • View configuration report. • Backup and restore the SX unit settings. • Upgrade firmware and track upgrade h...

Page 98 - Send the Event Log; Displaying a Configuration Report

80 D OMINION SX U SER G UIDE Send the Event Log To send the contents of the event log to a remote FTP server: 1. Click the Maintenance tab, and then click Send Event Log. The Send Event Log screen appears. Figure 76 Send Event Log Screen 2. Enter the IP address of the FTP server in the IP address fi...

Page 99 - Backing Up and Restoring the DSX; Backing Up the DSX

C HAPTER 10: M AINTENANCE 81 Backing Up and Restoring the DSX When you back up the DSX, the system makes a copy of the DSX configuration (without network settings) and writes the copy to an FTP server. The file can be recovered using a Restore operation, if necessary. Backing Up the DSX To back up t...

Page 100 - Restoring the DSX; Upgrading the DSX Firmware

82 D OMINION SX U SER G UIDE Restoring the DSX Restoring the DSX retrieves a copy of the DSX configuration from the FTP server where it has been backed up and writes the file to the DSX. To perform a restore operation 1. Click the Maintenance tab, and then click Restore . The Restore screen appears....

Page 101 - Display the Current Firmware Version; Maintenance; and then click; Firmware Version; . The Firmware Version screen appears. This screen shows the; Upgrade the Firmware; Before you perform a firmware upgrade, you must:

C HAPTER 10: M AINTENANCE 83 Display the Current Firmware Version To display the current version of firmware running on a DSX unit, click the Maintenance tab, and then click Firmware Version . The Firmware Version screen appears. This screen shows the firmware version, RSC, kernel, and PMON. Figure ...

Page 102 - Upgrade is Complete, The unit is now resetting.; Display a Firmware Upgrade History

84 D OMINION SX U SER G UIDE To perform the upgrade: 1. Click the Maintenance tab, and then click Firmware Upgrade . The Firmware Upgrade screen appears. Figure 80 Firmware Upgrade Screen 2. Type the IP Address of the FTP server in the IP Address field. 3. Type your login name in the Login field. 4....

Page 103 - Performing a Factory Reset on the DSX

C HAPTER 10: M AINTENANCE 85 Performing a Factory Reset on the DSX Performing a factory Reset returns the DSX unit to its default factory settings. Be very careful when doing this, because it will erase all the data and settings on the DSX unit and return it to the state in which it was originally s...

Page 105 - Chapter 11: Diagnostics; Diagnostics; Network Infrastructure Tools; Status of Active Network Interfaces; Refresh

C HAPTER 11: D IAGNOSTICS 87 Chapter 11: Diagnostics The Diagnostics function provides the administrator with the tools to test the network and monitor processes. Select the Diagnostics tab to display the Diagnostics screen. It provides links to Network Infrastructure Tools and Administrator Tools. ...

Page 106 - Network Statistics; Options

88 D OMINION SX U SER G UIDE Network Statistics 1. Click Network Statistics on the Diagnostics screen. The system displays network statistics. Figure 84 Network Statistics 2. By default, all statistics are shown. To show specific statistics, select an entry from the drop-down menu in the Options fie...

Page 107 - Ping Host; Trace Route to Host

C HAPTER 11: D IAGNOSTICS 89 Ping Host 1. Click Ping Host on the Diagnostics screen. The Ping Host screen appears. Figure 85 Ping Host 2. Type the IP address of the host to be pinged in the IP Address field. 3. Click Ping . The screen displays the results of the ping. Trace Route to Host Figure 86 T...

Page 108 - Process Status; in the Diagnostics Screen. The screen displays the results of your; to update the information.

90 D OMINION SX U SER G UIDE Administrator Tools ─ Process Status 1. Click Process Status in the Diagnostics Screen. The screen displays the results of your request. Figure 87 Process Status 2. Click Refresh to update the information.

Page 109 - Command Line Interface Overview; Chapter 12: Command Line Interface; Other user equipment.

C HAPTER 12: C OMMAND L INE I NTERFACE 91 The Dominion SX allows an Administrator or User to access, control, and manage multiple serial devices. You can use the Command Line Interface (CLI) to configure the Dominion SX or to connect to target devices. The RS-232 interface may operate at all standar...

Page 110 - CLI Command Overview – Part 1

92 D OMINION SX U SER G UIDE primaryradius secondaryradius log nfs ports services snmp time users ldap radius tacacsplus primaryldap secondaryldap ldaps getservercert removeservercert viewservercert primarytacacs secondarytacacs network modem events smtp adddelete dialbackdialin ethernetfailoverinte...

Page 111 - CLI Command Overview – Part 2

93 CLI Command Overview – Part 2 Diagnostics Security ifconfignetstat ps traceroute banner certificate firewall listports logoff history clearhistory close gethistory getwrite return sendbreak userlist kerberos loginsettings securityprofiles top userlist Maintenance backup restore factoryreset firmw...

Page 112 - Accessing the Dominion SX Using CLI; SSH Access from a Windows PC; SSH; SSH Access from a UNIX Workstation; Login

94 D OMINION SX U SER G UIDE The following common commands can be used from all levels of the CLI to the preceding figure: top, history, logout, quit, show, and help. Accessing the Dominion SX Using CLI Access the Dominion SX by using one of the following methods: • Telnet via IP connection • HTTP a...

Page 113 - Telnet Connection to the Dominion SX; Enabling Telnet; CLI; Accessing the DSX Unit; Telnet Access from a Windows PC; Run; Microsoft Telnet> open; Connecting To

C HAPTER 12: C OMMAND L INE I NTERFACE 95 Telnet Connection to the Dominion SX Due to the lack of security, username, password and all traffic is in clear-text on the wire, Telnet access is disabled by default. Enabling Telnet If you wish to use Telnet to access the DSX, first access the DSX from th...

Page 114 - Local Port Connection to the Dominion SX; Port Settings; To Change the Local Port Parameters:

96 D OMINION SX U SER G UIDE Local Port Connection to the Dominion SX The local port of the Dominion SX must be connected to the COM port of a computer system, a terminal, or some other serial capable device using a null modem cable with DB-9F null on both ends. If there is an RJ 45 interface, a spe...

Page 115 - After reviewing the following; Navigation of the CLI; section, perform the

C HAPTER 12: C OMMAND L INE I NTERFACE 97 The welcome message displays. You are now logged in as an Administrator. login as: admin Password: Authentication successful . ----------------------------------------------------------------- Welcome to the DominionSX [Model: SX4] UnitName:DominionSX Firmwa...

Page 116 - Completion of Command; Tips; Backspace

98 D OMINION SX U SER G UIDE Navigation of the CLI Before using the CLI, it is important to understand CLI navigation and syntax; additionally, there are combinations of keystrokes that simplify CLI use. Completion of Command The CLI supports the completion of partially entered commands. After enter...

Page 117 - Common Commands for all Command Line Interface Levels; Table 3; OMMANDS; Show Command; show; The following command shows the general settings of the SX unit:; Timezone : 13; Initial Configuration; imperative

C HAPTER 12: C OMMAND L INE I NTERFACE 99 Common Commands for all Command Line Interface Levels Table 3 lists the commands that are available at all CLI levels. These commands also help navigate through the CLI. Table 3 Commands Common to All CLI Levels C OMMANDS D ESCRIPTION top Return to the top l...

Page 118 - Setting Parameters; Date and Time Configuration; Setting Network Parameters; interface

100 D OMINION SX U SER G UIDE Once the preceding parameters are set, the following areas can be configured from either the local console port or over the network: • service • security • users • serial ports Setting Parameters To set parameters the user must be logged in with administrative privilege...

Page 119 - CLI Prompts; is the root portion in the following command:; CLI Commands; Table 4; lists and describes all available CLI commands.; OMMAND; ESCRIPTION

C HAPTER 12: C OMMAND L INE I NTERFACE 101 CLI Prompts The Command Line Interface prompt indicates the current command level. The root portion of the prompt is the login name; admin is the root portion in the following command: admin > Config > Port > CLI Commands Table 4 lists and describe...

Page 120 - security; Security Issues; Providing authentication and authorization for users.

102 D OMINION SX U SER G UIDE security Switch to the security menu. sendeventlog Sends the local event log to a remote FTP server. show Show configuration options. tacacsplus Switch to the TACACS+ Configuration Menu. telnet Enable telnet communication and specify the port. top Return to the root men...

Page 121 - Configuring Logging and Alerts; Configuring Users and Groups; Administrators; Target Connections and the CLI; Set Emulation on Target

C HAPTER 12: C OMMAND L INE I NTERFACE 103 Configuring Logging and Alerts As part of the security capabilities of the Dominion SX, facilities are provided to log data and to provide alerts based on activities between the users, Dominion SX and the target device. These facilities provide an audit tra...

Page 122 - Set Escape Sequence

104 D OMINION SX U SER G UIDE Set Escape Sequence To set the Escape sequence, ensure that the default Escape sequence set on the Dominion SX server does not conflict with a key sequence required by either the Access Client or the host operating system. The Escape key sequence is user-configurable. C...

Page 123 - Command Description; Error: Cannot get group information; LDAP Configuration Menu; ldap

C HAPTER 12: C OMMAND L INE I NTERFACE 105 • Idle time out for inactive users • User defined certificates • Security profiles. Table 5 Configuration: Authentication Commands: ldap Command Description ldaps getservercert removecert viewcert primaryldap secondaryldap radius primaryradius secondaryradi...

Page 124 - RADIUS Command; primaryraduius; TACACSPLUS Command; Configuring Events

106 D OMINION SX U SER G UIDE ldaps Switches to the ldaps menu which includes the following commands: getservercert – FTP Retrieval of ldap certificate removecert – Remove LDAPS Certificate viewcert – View LDAPS Certificate primaryldap Used to configure the primary ldap settings. secondaryldap Used ...

Page 125 - Configuring Log; Cleareventlog Command; cleareventlog; Eventlogfile Command; size value; admin > Config > Log > eventlogfile enable true size 256000 style wrap; Eventsyslog Command

C HAPTER 12: C OMMAND L INE I NTERFACE 107 Events Menu Command Examples admin > Config > events admin > Config > events > add admin > Config > events > smtp Configuring Log Configuration log command provides the administrator with the following commands to manage the logging ...

Page 126 - Eventsyslog Command Example; nfsgetkey Command; nfsgetkey; nfsgetkey Command Example; nfssetkey Command; nfssetkey

108 D OMINION SX U SER G UIDE eventsyslog [enable <true|false>] [] [secondary ip <ip>] The eventsyslog command options are described in Table 9. Table 9 Eventsyslog Command C OMMAND O PTION D ESCRIPTION enable <true|false> Enable or disable the system event log logging. primary ip ...

Page 127 - Command Example; NFS Encryption Enable Command; Portlog Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 109 Note: aes128 is not supported in 3.0. Command Example admin > Config > Log > nfssetkey type aes128 key D2F05B5ED6144138CAB920CD NFS Encryption Enable Command Enable port logging and encryption of data: admin > Config > Log > portlog enable...

Page 128 - Decrypting Encrypted Log on Linux-based NFS Server; sendeventlog; Sendeventlog Command Example

110 D OMINION SX U SER G UIDE Portlog Settings : Enable : false File Prefix: domSX-NFS File Size : 65535 UpdateFrequency : 20 TimestampFrequency : 20 Input Log Enable : false Input Log Directory: input Output Log Directory: output Encrypted : false Decrypting Encrypted Log on Linux-based NFS Server ...

Page 129 - Vieweventlog Command; vieweventfile; Configuring Modem; The

C HAPTER 12: C OMMAND L INE I NTERFACE 111 Vieweventlog Command The vieweventlog command displays the local log file. The syntax of the vieweventlog command is: vieweventfile Vieweventlog Command Example admin > Config > Log > vieweventlog Configuring Modem The modem menu provides access to...

Page 131 - Configuring Network; Enable/Disable network failover; Ethernetfailover Command; ethernetfailover

C HAPTER 12: C OMMAND L INE I NTERFACE 113 The Remote LDAP Server user’s configuration should be: Dialback with remote TACACS user. (Tacacs+ v.4.0.3a) Dialin and Dialback should be enabled on the device used for modem communication. Primary (or/and Secondary) Tacacs Server Settings should be configu...

Page 132 - Interface Command; ip ipaddress; Interface Command Example; IPForwarding Command; ipforwarding; Ipforwarding Command Example; Name Command; name

114 D OMINION SX U SER G UIDE Interface Command The interface command is used to configure the Dominion SX network interface. When the command is accepted, the unit will automatically reboot and drop the connection. You must then reconnect using the new IP address and the username admin and password...

Page 133 - Ports Command; Route Command; Routeadd Command

C HAPTER 12: C OMMAND L INE I NTERFACE 115 Table 18 name Command C OMMAND O PTION D ESCRIPTION name Command Example The following command sets the network name: admin > Config > Network > name Ports Command The ports command is used to configure the network ports. The syntax of the ports is...

Page 134 - Routeadd Command Example; Routedelete Command; routedelete; Routedelete Command Example; Configuring NFS; nfs; option option

116 D OMINION SX U SER G UIDE C OMMAND O PTION D ESCRIPTION Routeadd Command Example The following command adds a route to the route table: admin > Config > Network > routeadd Routedelete Command The routedelete command is used to remove a route from the kernel routing table. The syntax of ...

Page 135 - Configuring Ports; Ports Configuration Menu; Direct Port Addressing; Ports Config Command; name string

C HAPTER 12: C OMMAND L INE I NTERFACE 117 Command Example The following command displays the current NFS settings: admin > Config > NFS > nfs NFS Settings : Enable : 0 Primary IP : 0.0.0.0 Pimary Directory: /export/domSX/ Secondary IP : 0.0.0.0 Secondary Directory: /export/domSXLog/ Use th...

Page 136 - Enable/Disable detection of port connection

118 D OMINION SX U SER G UIDE flowcontrol <none|hw|sw> Port flowcontrol type hw = hardware flow control sw =X on / X off) detect <true|false> Enable/Disable detection of port connection escapemode <none|control> Use Ctrl-key (escapemode=control) or single key (escapemode=none) as e...

Page 137 - Port 1: Configuration Saved; Other DPA TCPPort options; Ports Keywordadd Command; keywordadd; The command options are described in Table 25.; Ports Keyworddelete Command; keyworddelete; The command options are described in Table 26.

C HAPTER 12: C OMMAND L INE I NTERFACE 119 1. The following example configures DPA port settings when the Administrator chooses DPA mode TCPPort. The Administrator needs to set the SSH or Telnet port value assigned for direct port access: admin > Config > Port > config port 1 ssh 7700 telne...

Page 138 - Configuring Services; dpa Command

120 D OMINION SX U SER G UIDE Command Example admin > ports > keywordadd Configuring Services The following commands provide the ability to configure the Dominion SX server services: • DPA • Encryption • HTTP • HTTPS • Logout • LPA • SSH • Telnet dpa Command The permitted TCP Port Range is 102...

Page 139 - dpa Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 121 ssh/telnet. port_range A block of contiguous IP addresses. base_dpaip Sstarting value for the block of contiguous IP addresses. IP address If IP Address = 0.0.0.0 is specified for a port, then the IP access is disabled for that particular port. It is the sa...

Page 140 - Group Anonymous: Configuration Saved; DPA Anonymous access:; Authentication successful.; Encryption Command; The encryption command sets the type of encryption for HTTPS.; Select TLS or SSL encryption; Encryption Command Example; The following example sets SSL encryption for HTTPS.; HTTP Command

122 D OMINION SX U SER G UIDE admin > Config > User > editgroup name Anonymous class op ports 1,2,3,4,5 Editing group... Group Anonymous: Configuration Saved The 'Anonymous' group is successfully configured. DPA Anonymous access: The DPA is already configured. (See the DPA configuration set...

Page 141 - Enable/Disable HTTP access; HTTP Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 123 The syntax of the http command is: http [enable <true|false>] [port value] [redirect <true|false>] The http command options are described in Table 29. Table 29 HTTP Command C OMMAND O PTION D ESCRIPTION enable <true|false> Enable/Disable H...

Page 142 - HTTPS Command Example; Enabled : true; Logout Command; The lpa command options are described in Table 30.; none; enable Enable/Disable Local Port access; LPA Command Example

124 D OMINION SX U SER G UIDE HTTPS Command The https command is used to control https access and define the port. The syntax of the https command is: https [enable <true|false>] [port value] The https command options are described in the following table. HTTPS Command C OMMAND O PTION D ESCRI...

Page 143 - SSH Command; SSH Command Example:; Telnet Command; port value; Telnet Command Example; Configuring SNMP; SMNP Add Command

C HAPTER 12: C OMMAND L INE I NTERFACE 125 SSH Command The syntax of the ssh command is: ssh [enable <true|false>] [port value] The ssh command options are described in Table 31. Table 31 SSH Command C OMMAND O PTION D ESCRIPTION enable <true|false> Enable or disable SSH access. port val...

Page 144 - SNMP Add Command Example; SNMP Delete Command; dest ipaddress; SNMP Delete Command Example; SNMP Command; SNMP Command Example; Configuring Time

126 D OMINION SX U SER G UIDE The syntax of the add command is: add [dest ipaddress] [port value] The add command options are described in Table 33. Table 33 SNMP Add Command C OMMAND O PTION D ESCRIPTION dest ipaddress SNMP destination IP address port value SNMP destination port SNMP Add Command Ex...

Page 145 - Clock Command; NTP Command; ntp; Timezonelist Command; timezonelist

C HAPTER 12: C OMMAND L INE I NTERFACE 127 • clock • ntp • timezonelist Clock Command The clock command lets the administrator set the time and date for the server. The syntax of the clock command is: clock [tz tz] [datetime datetime] [timezonelist] The clock command options are described in Table 3...

Page 146 - Configuring Users; Addgroup Command; addgroup; name groupname; Adduser Command; adduser; loginname

128 D OMINION SX U SER G UIDE The syntax of the command is: timezonelist Configuring Users The following commands provided the administrators with the ability to manager users: • addgroup • adduser • deletegroup • deleteuser • editgroup • edituser • groups • users Addgroup Command The addgroup comma...

Page 147 - password; Adduser Command Example; Deletegroup Command; Deleteuser Command; deleteuser; user; Deleteuser Command Example; Editgroup Command; editgroup

C HAPTER 12: C OMMAND L INE I NTERFACE 129 password info user- information Miscellaneous user information active <true|false> Activate/Deactivate user account Adduser Command Example The following example shows how to add a user. admin > Config > User > adduser user jjones fullname Jo...

Page 148 - Edituser Command; edituser; Edituser Command Example; Groups Command; groups

130 D OMINION SX U SER G UIDE Table 42 Editgroup Command C OMMAND O PTION D ESCRIPTION name groupname Group name class <op|ob> Group user class <op>erator or <ob>server ports <number|range|*> Port(s) assigned to the group. Single port or range of ports (1-n or 1,3,4 or * for ...

Page 149 - Users Command; users; Connect Commands; Diagnostics Commands; IPMI Commands; IPMIDISCOVER; Intelligent Platform Management Interface (IPMI)

C HAPTER 12: C OMMAND L INE I NTERFACE 131 Users Command The users command shows the details of existing users. The syntax of the users command is: users Users Command Example admin > Config > User > users Connect Commands The connect commands provide a means to access ports and their histo...

Page 150 - Administrator; startIP; Discovering IPMI Devices :; IPMITOOL; syntax

132 D OMINION SX U SER G UIDE • Only users belonging to the Administrator group are able to configure the support of IPMI. The supported IPMI version 2.0. The ipmidiscover tool syntax is: ipmidiscover [OPTIONS] startIP endIP All discovered targets supporting IPMI version 2.0 will be listed, allowing...

Page 151 - Display version information.

C HAPTER 12: C OMMAND L INE I NTERFACE 133 -v Increase verbose output level. This option may be specified multiple times to increase the level of debug output. If given three times you will get hexdumps of all incoming and outgoing packets. -V Display version information. -I <interface> Select...

Page 152 - command

134 D OMINION SX U SER G UIDE < command > raw – Send a RAW IPMI request and print response i2c – Send an I2C Master Write-Read command and print response lan – Configure LAN Channels chassis – Get chassis status and set power state power – Shortcut to chassis power commands event – Send pre-de...

Page 153 - Listports Command; listports; Maintenance Commands; maintenance; Backup Command; backup

C HAPTER 12: C OMMAND L INE I NTERFACE 135 Listports Command Table 48 Listports Command Command Description listports List accessible ports. admin > listports Port Port Port Port No. Name No. Name 1 - Port1 [U] 2 - Port2 [U] 3 - Port3 [U] 4 - Port4 [U] Port names up to 23 characters are displayed...

Page 154 - Backup Command Example; Factoryreset Command; factoryreset

136 D OMINION SX U SER G UIDE Table 49 Backup Command C OMMAND O PTION D ESCRIPTION [ip IP] IP address of the target system where the backup will be written. <login LOGIN> Username of the account on the system where the backup will be stored. <passwd PASSWD> Password of the account on th...

Page 155 - Firmware Command; Firmware Command Example; Logoff Command; Password Command; Reboot Command; reboot; Reboot Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 137 Gateway : 192.168.0.192 Failover : true Do you wish to commit these settings (no/yes) (default: no) Firmware Command The firmware command provides the versions of the firmware. The syntax of the firmware command is: firmware Firmware Command Example admin &...

Page 156 - Restore Command; restore; Restore Command Example; Sendeventlog Command

138 D OMINION SX U SER G UIDE Do you want to proceed with the reboot? (no/yes) (default: no) yes Restore Command The restore command retrieves a copy of the Dominion SX system from a system and writes the file to the Dominion SX server. The syntax of the restore command is: restore [ip IP] <login...

Page 157 - Upgrade Command; login login; Upgradehistory Command; upgradehistory; Userlist Command; userlist

C HAPTER 12: C OMMAND L INE I NTERFACE 139 Sendeventlog Command Example admin > Config > Log > sendeventlog 72.236.162.187 login acy password pasraritansword path sxlogfile file log 32 Upgrade Command Note: in order to perform an upgrade, there should be a configured remote ftp server. The ...

Page 158 - vieweventlog; Vieweventlog Command Example; Security Commands; Banner Command; banner; Banner Command Example; ftpgetbanner Command; ftpgetbanner

140 D OMINION SX U SER G UIDE The vieweventlog command displays the local log file. The syntax of the vieweventlog command is: vieweventfile Vieweventlog Command Example admin > Config > Log > vieweventlog Security Commands Dominion SX controls the ability to hack into the system by using r...

Page 159 - Certificate Command Menu; certificate; Client Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 141 password password FTP Server password path pathname FTP server path for the banner file banner.txt. for example,/ftphome/banner.txt Command Example admin > Security > Banner> ftpgetbanner ip 72.236.162.171 login raritan password acy path /ftphome/b...

Page 160 - Server Command Example; Firewall Command; firewall; Note: Use the following when working with the Firewall.; target prot opt source destination; IPtables Command; iptables

142 D OMINION SX U SER G UIDE Server Command Example admin > Security > certificate > server Firewall Command The firewall command provides control for the turning on or off the firewall. The syntax of the firewall command is: firewall [enable <true|false>] The firewall command option...

Page 162 - Clear the iptables rules; Kerberos Command; kerberos; Kerberos and DSX

144 D OMINION SX U SER G UIDE To view the current iptables ruleset admin > Security >firewall >iptables –list Clear the iptables rules To clear the iptables rules. admin > Security >firewall >iptables --flush Save the configured settings To save the iptables rules into the local da...

Page 163 - Kerberos Command Example; Success; Loginsettings Commands; loginsettings; idletimeout Command; idletimeout

C HAPTER 12: C OMMAND L INE I NTERFACE 145 • The above 3 machines should be pingable by FQDN. Get the hosts file using gethostnamefile from the Kerberos menu. • Use klist to check the ticket expiration. Most of the kadmin error messages are associated with ticket expiration • Kadmin: -List principal...

Page 164 - time; idletimeout Command Example; Command not yet implemented; lockoutperiod

146 D OMINION SX U SER G UIDE idletimeout time [number value] idletimeout Command Example admin > Security > LoginSettings > idletimeout time 99 Inactiveloginexpiry Command The inactiveloginexpiry command sets the number of days before an account will expire due to inactivity. The syntax of...

Page 165 - time time; Singleloginperuser; singleloginperuser; Security > LoginSettings > singleloginperuser enable true; Strongpassword Command

C HAPTER 12: C OMMAND L INE I NTERFACE 147 The lockoutperiod command options are described in Table 65. Table 65 Lockoutperiod Command C OMMAND O PTION D ESCRIPTION time time Period of time (in minutes) for which the user cannot login after account deactivation. Command Example admin > Security &...

Page 166 - Strongpassword Command Example; Unauthorizedportaccess Command; Unauthorizedportaccess Command Example

148 D OMINION SX U SER G UIDE Table 67 Strongpassword Command C OMMAND O PTION D ESCRIPTION StrongPasswordRulesEnable true/false PWUppercaseRequired true/false PWLowercaseRequired true/false PWNumberRequired true/false PWSymbolRequired true/false PasswordValidityPeriod Number of days before expirati...

Page 167 - Securityprofiles Commands; securityprofiles; Profiledata Command; profiledata; Profiledata Command Example

C HAPTER 12: C OMMAND L INE I NTERFACE 149 Securityprofiles Commands The securityprofiles command menu provides access to the commands used to configure and control security profiles. The securityprofiles commands are listed in the table below. Table 69 Securityprofiles Commands C OMMAND D ESCRIPTIO...

Page 169 - Discover IPMI Devices; IPMI; Example; Option

C HAPTER 13: I NTELLIGENT P LATFORM M ANAGEMENT I NTERFACE 151 Chapter 13: Intelligent Platform Management Interface The Intelligent Platform Management Interface (IPMI lets you manage the IPMI functions of a remote system. The following topics are covered in this chapter: • Discover IPMI Devices • ...

Page 170 - IPMI Configuration; section of the IPMI screen to get IPMI configuration

152 D OMINION SX U SER G UIDE IPMI Configuration IPMI configuration lets you manage the IPMI functions of a remote system. These functions include printing FRU information, LAN configuration, sensor readings, and remote chassis power control. 1. Click on the IPMI Configuration section of the IPMI sc...

Page 171 - Type the IP address in the IP Address field.

C HAPTER 13: I NTELLIGENT P LATFORM M ANAGEMENT I NTERFACE 153 Interfaces: open Linux OpenIPMI Interface [default] imb Intel IMB Interface lan IPMI v1.5 LAN Interface Commands: raw Send a RAW IPMI request and print response i2c Send an I2C Master Write-Read command and print response lan Configure L...

Page 173 - Chapter 14: Power Control; Port Power Associations; Create a Port Power Association

C HAPTER 14: P OWER C ONTROL 155 Chapter 14: Power Control Power Control lets you manage the power functions. The following topics are covered in this chapter: • Power Control • Associations Power Control • Power Strip Power Control • Power Strip Status Port Power Associations You can associate one ...

Page 174 - locked from any control.; Delete a Port Power Association; Power Strip Configuration

156 D OMINION SX U SER G UIDE locked from any control. Note: Power control is not supported on the last port of the DSX unit. The last port of the unit can be used for non-power control device. Delete a Port Power Association To delete a port power association: 1. Click the Setup tab, and then click...

Page 175 - Power Association Groups; Power Control

C HAPTER 14: P OWER C ONTROL 157 Power Association Groups To create a power associations group: 1. Click the Setup tab, and then click Power Association Groups List . 16. Click Add . The Power Association Groups screen appears. Figure 95 Power Association Group Screen 17. Type a name and description...

Page 176 - Associations Power Control; on the; menu to access the tool to manage

158 D OMINION SX U SER G UIDE Associations Power Control Click Associations Power Control on the Power Control menu to access the tool to manage power control associations. Figure 97 Associations Power Control Note: When executing power on/off operation, about ~5 seconds are added to the configured ...

Page 177 - Power Strip Power Control

C HAPTER 14: P OWER C ONTROL 159 Power Strip Power Control Click Power Strip Power Control on the Power Control menu to access the tool to manage power strips. Figure 98 Power Strip Power Control

Page 178 - Power Strip Status; CLI Command for Power Control; CLI Port Power Association

160 D OMINION SX U SER G UIDE Power Strip Status Click Power Strip Status on the Power Control menu to check power strip status. Figure 99 Power Strip Status CLI Command for Power Control CLI Port Power Association Description: Power Control menu – Associate a power strip outlet to a DSX port Scenar...

Page 180 - Remove Port Power Association

162 D OMINION SX U SER G UIDE Pre-condition Administrator user is logged in via CLI. 6 Power Strip devices (DPX) are physically connected and configured to DSX. User is in power menu. Action 1. Enter Command to associate Port1 to Outlet1 of PowerStr1. 2. Press Enter. 3. Repeat steps 1 and 2 to assoc...

Page 181 - CLI Power Association Group

C HAPTER 14: P OWER C ONTROL 163 Administrator is in power menu. Action 1. Enter command. 2. Press Enter. CLI Input setpowerport name PowerStr1 type DPCS12 port 1 Scenario #3 Power Strip Configuration after factory reset Pre-condition Power strip device (DPX) named PowerStr1 is physically connected ...

Page 182 - CLI Power Strip Power Control

164 D OMINION SX U SER G UIDE Scenario #5 Delete Power Group Pre-condition Administrator user is logged in via CLI. Power strip device (DPX) named PowerStr1 is physically connected to Port1 of DSX. Administrator is in Power Æ PowerGroups menu. Action 1. Enter Command. 2. Press Enter. CLI Input Comma...

Page 183 - CLI Association Power Control – Port Association

C HAPTER 14: P OWER C ONTROL 165 Power Strip device (DPX) named PowerStr1 is physically connected to Port1 of DSX. Administrator is in power menu. Action 1. Enter command to set sequence interval. 2. Press Enter. 3. Enter command to switch off group of outlets. 4. Press Enter. CLI Input ⋅ powerdelay...

Page 184 - CLI Association Power Control – Group Association

166 D OMINION SX U SER G UIDE Scenario #2 Association Power Control – Recycle Port Association (Target is associated to Two Outlets from one Power Strip) Pre-condition Administrator user is logged in via CLI. Power Strip device (DPX) named PowerStr1 is physically connected to Port1 of DSX. Port Powe...

Page 186 - CLI Power Strip Status

168 D OMINION SX U SER G UIDE CLI Input ⋅ powerdelay sequence 2 cycle 5 ⋅ cycle nodegroup Group1 Scenario #6 Recycle Group Association (outlets in association are with different statuses) Pre-condition Administrator user is logged in via CLI. Administrator is in power menu. Group Association named G...

Page 189 - Case 1. Upgrading DSX Firmware via Web Browser; Case 2. Configuring and Using Direct Port Access via SSH; Case 3. Using Exclusive Write Access via RSC

C HAPTER 15: P OWER C ONTROL 171 Chapter 15: Top-10 Use Cases This chapter includes 10 of the mostly common cases to help familiarize users quickly with practical operation on DSX unit. Please note that data entered in the case are created as examples, and could vary upon different situations. Case ...

Page 190 - Case 4. Configuring LDAP

172 D OMINION SX U SER G UIDE RSC). The icon on status line will display Write Access (Lock) now, meaning now all users can only view the port connection. 6. Log in the device connected to the port, and try interacting with the device using the RSC panel. 7. Refer to: Get Write Access section in Cha...

Page 191 - Case 7. Managing User Profiles on DSX

C HAPTER 15: P OWER C ONTROL 173 3. Select Maintenance Æ Factory Reset. You will be prompted to confirm your decision. 4. Do not power off DSX unit as it reboots with default configuration. 5. You will be re-directed to the login page after the unit is rebooted. If you try to log in for the first ti...

Page 192 - Case 10. CLI / SSH Connection to SX Port; Open; SSH Connection to the Dominion SX

174 D OMINION SX U SER G UIDE Case 10. CLI / SSH Connection to SX Port 1. Purpose: To access SX unit itself and SX ports using text-based command lines. 2. SSH access from a Windows PC a. Launch the SSH client software (such as Plink or PuTTY). b. Enter IP address of DSX server (e.g. 192.168.0.192) ...

Page 193 - Dominion SX Models and Specifications

A PPENDIX A: S PECIFICATIONS 175 Appendix A: Specifications This appendix contains sections describing: • DSX models and specifications • Requirements and tested browser requirements • DSX hardware for connecting DSX to common vendor models • DSX Serial RJ-45 pinouts • DB9 and DB25 Nulling Serial Ad...

Page 194 - MODEL

176 D OMINION SX U SER G UIDE The following table lists the Dominion SX models, their dimensions, and weight. Table 72 Dominion SX Dimensions and Weight MODEL DIMENSIONS (W) x (D) x (H) WEIGHT DSX4 11.41"x 10.7"x 1.75"; 290x 270 x 44mm 4.61 lbs; 2.08kg DSXB-4-M 11.41"x 10.7"x 1.7...

Page 195 - Requirements; EQUIREMENTS; Browser Requirements – Supported; PLATFORM

A PPENDIX A: S PECIFICATIONS 177 Requirements The following table lists the requirements for the DSX. Table 73 Dominion SX Requirements R EQUIREMENTS D ESCRIPTION Power 110/220V auto-switching: 50-60 Hz or -36 to -72V DC for DC-powered models Operating Temperature 32° to 104° F (0° to 40° C) Operati...

Page 196 - Connectivity

178 D OMINION SX U SER G UIDE Connectivity The following table lists the necessary Dominion SX hardware (adapters and/or cables) for connecting the DSX to common Vendor/Model combinations. Table 75 Connectivity VENDOR DEVICE CONSOLE CONNECTOR SERIAL CONNECTION Checkpoint Firewall Cisco PIX Firewall ...

Page 197 - Dominion SX Serial RJ-45 Pinouts; PIN; GND; DB9F Nulling Serial Adapter Pinouts; EMALE

A PPENDIX A: S PECIFICATIONS 179 Dominion SX Serial RJ-45 Pinouts To provide maximum port density and to enable simple UTP (Category 5) cabling, Dominion SX provides its serial connections via compact RJ-45 ports. However, no widely adopted industry-standard exists for sending serial data over RJ-45...

Page 198 - DB9M Nulling Serial Adapter Pinouts; DB25F Nulling Serial Adapter Pinouts; DB25M Nulling Serial Adapter Pinouts; Dominion SX Terminal Ports

180 D OMINION SX U SER G UIDE DB9M Nulling Serial Adapter Pinouts Table 78 DB9M Nulling Serial Adapter Pinouts RJ-45 (F EMALE ) DB9 (M ALE ) 1 8 2 1, 6 3 2 4 SHELL 5 5 6 3 7 4 8 7 DB25F Nulling Serial Adapter Pinouts Table 79 DB25F Nulling Serial Adapter Pinouts RJ-45 (F EMALE ) DB25 (F EMALE ) 1 5 ...

Page 200 - Dominion SX16 and SX32 Terminal Ports; OLOR; SIGNAL

182 D OMINION SX U SER G UIDE Dominion SX16 and SX32 Terminal Ports A modem should not be connected to the DSX16 and DSX32 terminal port because the Ring Indicator (RI) signal is not present. These models have a built-in modem that can be enabled or disabled. The modem is disabled by default. Table ...

Page 201 - Appendix B: System Defaults; TCP

A PPENDIX B: S YSTEM D EFAULTS 183 Appendix B: System Defaults This appendix contains the system defaults and directions for port access. Table 84 Dominion SX System Defaults I TEM D EFAULT IP Address 192.168.0.192 Subnet Mask 255.255.255.0 CSC Port Address ( TCP ) 5000 Port address for CC discovery...

Page 203 - A Certificate authority; ) is an entity which issues digital certificates for use by; Default SX Certificate Authority Settings; Server Certificate; Install CA Root for IE Browsers

A PPENDIX C: C ERTIFICATES 185 Appendix C: Certificates This appendix contains sections describing Certificates and Certificate Authority and provides directions about how to: • Install Dominion SX CA Certificate to a Browser Certificate • Install SX Server Certificate for IE Browsers • Install SX S...

Page 204 - Install the Dominion SX Server Certificate In Internet Explorer

186 D OMINION SX U SER G UIDE Install the Dominion SX Server Certificate In Internet Explorer By installing the Dominion SX Server certificate in IE, you can prevent the Security Alert window from appearing whenever you access the Dominion SX Unit. This step will have to be performed for each SX uni...

Page 205 - Remove an Accepted Certificate In Internet Explorer

A PPENDIX C: C ERTIFICATES 187 Remove an Accepted Certificate In Internet Explorer Removing a certificate that you have previously accepted from the unit is the same process whether removing a Raritan default certificate or a user-installed third-party certificate. 1. Launch IE and on the Tools menu...

Page 206 - Install the Dominion SX Server Certificate; section that follows.; Remove an Accepted Certificate

188 D OMINION SX U SER G UIDE Accept a Certificate (Session-Based) On initially connecting to a Dominion SX unit will be presented with a certificate warning screen. This certificate by default will be signed by the local SX unit's CA as described above and you will have to accept this certificate t...

Page 207 - Install a Third-Party Root Certificate; Installing a Third-Party Root Certificate to Internet Explorer; Install the Dominion SX Server

A PPENDIX C: C ERTIFICATES 189 4. Select the Web Sites tab and select the certificate name that is the common name of the IP address of the Dominion SX, and select the Delete button. 5. Click OK on the “Delete Web Site Certificates” window to confirm the deletion of the certificate. 6. On the left s...

Page 208 - Installing a Third-Party Root Certificate to Netscape Navigator

190 D OMINION SX U SER G UIDE Installing a Third-Party Root Certificate to Netscape Navigator 1. On the CA Web site, click on the root certificate link and the New Certificate Authority window will appear. Click Next , and Next in the following screen. 2. The Certificate Fingerprint will appear, pro...

Page 209 - Install Client Root Certificate into the SX.

A PPENDIX C: C ERTIFICATES 191 3. Select the Install User Key radio button. 4. Insert the ftp parameters to retrieve the CA Public key file. 5. Click OK. The SX will show “User Key Installed” at top of pane. 6. Select the Install User Certificate radio button. 7. Fill in the ftp parameters to retrie...

Page 211 - Appendix D: Server Configuration; Microsoft IAS RADIUS Server; Configure the Dominion SX to Use an IAS RADIUS Server; Enable IAS on the Server

A PPENDIX D: S ERVER C ONFIGURATION 193 Appendix D: Server Configuration This appendix contains sections describing the steps to configure Dominion SX units and authentication servers for the following authentication protocols: • Microsoft Internet Authentication Service (IAS) RADIUS Server • Cisco ...

Page 212 - Create an IAS Policy

194 D OMINION SX U SER G UIDE Create an IAS Policy The following section describes the steps to create a policy to allow Radius users to access the Dominion SX. The example in this section requires two conditions, the client source IP address of the Dominion SX and the UserID is a member of the SX U...

Page 213 - Cisco ACS RADIUS Server; Configure the Dominion SX to use a Cisco ACS Server

A PPENDIX D: S ERVER C ONFIGURATION 195 15. Move the new policy so it appears as the first (top) policy in the Policy List. Note: If required, create a policy to allow dialup access to all users that are members of a group (Windows may already have a default Policy in place to permit access by any u...

Page 215 - TACACS+ Server Configuration; dominionsx; CiscoSecure ACS

A PPENDIX D: S ERVER C ONFIGURATION 197 TACACS+ Server Configuration The Dominion SX unit has the capability to use Terminal Access Controller Access-Control System Plus (TACACS+) for authentication services. The Dominion SX requires a new service to be added and two argument-value pairs to be retur...

Page 216 - Interface Configuration; Select; service under the heading; New Services

198 D OMINION SX U SER G UIDE 2. Select Interface Configuration . Figure 101 Cisco ACS Interface Configuration 3. Select TACACS+ (Cisco IOS) . 4. Add dominionsx service under the heading New Services . Figure 102 TACACS+ Properties

Page 217 - Active Directory

A PPENDIX D: S ERVER C ONFIGURATION 199 5. When adding or editing a user or group, the dominionsx service will appear under the heading TACACS+ Settings . The service can be enabled per user or per group by selecting the dominionsx and Custom Attributes check boxes. Add the attributes (user- type) a...

Page 219 - Appendix E: Modem Configuration; Client Dial-Up Networking Configuration

A PPENDIX E: M ODEM C ONFIGURATION 201 Appendix E: Modem Configuration Client Dial-Up Networking Configuration Configuring Microsoft Windows Dial-Up Networking for use with Dominion SX allows configuration of a PC to reside on the same (Define?)PPP network as the Dominion SX. After the dial-up conne...

Page 221 - Windows 2000 Dial-Up Networking Configuration; Make New Connection

A PPENDIX E: M ODEM C ONFIGURATION 203 6. Click OK to return to the main Dial screen. Figure 105 Dial-Up Security Display 7. Click Dial. See the Windows NT Users Guide if you receive any error message. Windows 2000 Dial-Up Networking Configuration 1. Select Start → Programs → Accessories → Communica...

Page 222 - Dial-up to private network; Area code

204 D OMINION SX U SER G UIDE 4. Click the Dial-up to private network radio button and click Next. Figure 107 Network Connection Type 5. Select the check box before the modem that you want to use to connect to the Dominion SX unit and then click Next. Figure 108 Device Selection 6. Type the Area cod...

Page 223 - Connection Availability Screen appears.; Only for myself radio button; Finish

A PPENDIX E: M ODEM C ONFIGURATION 205 8. Click Next. Figure 109 Phone Number to Dial The Connection Availability Screen appears. 1. Click on the Only for myself radio button in the Connection Availability screen. 2. Click Next. Figure 110 Connection Availability The Network Connection has been crea...

Page 224 - Windows XP Dial-Up Networking Configuration; Set up my connection manually

206 D OMINION SX U SER G UIDE Windows XP Dial-Up Networking Configuration 1. Select Start → Programs → Accessories → Communications → New Connection Wizard. 2. Click Next and follow the steps in the New Connection Wizard to create custom dialup network profiles. 3. Click the Connect to the Internet ...

Page 225 - Click on the radio button before; Connect using a dial-up modem; and click; Type a name to identify this particular connection in the; ISP Name; field and click

A PPENDIX E: M ODEM C ONFIGURATION 207 5. Click on the radio button before Connect using a dial-up modem and click Next. Figure 113 Internet Connection 6. Type a name to identify this particular connection in the ISP Name field and click Next. Figure 114 Connection Name

Page 226 - Type the phone number of this connection in the; Phone number; Dial; to connect to the remote machine when the Dial Window appears.

208 D OMINION SX U SER G UIDE 7. Type the phone number of this connection in the Phone number field and click Next. Figure 115 Phone Number to Dial 8. Type your ISP information; type the User name and Password in the appropriate fields, and retype the password to confirm it. 9. Click on the checkbox...

Page 227 - Appendix F: Troubleshooting; Page Access; ROBLEM; ping

A PPENDIX F: T ROUBLESHOOTING 209 Appendix F: Troubleshooting The following tables describe problems and suggested solutions for the problems. Page Access Table 86 Troubleshooting Page Access P ROBLEM S OLUTION Cannot login – what are factory defaults? (only for Dominion SX units running firmware ve...

Page 228 - Login Failure

210 D OMINION SX U SER G UIDE P ROBLEM S OLUTION Number of Users Exceeded The unit has a security measure that allows only a specific number of login pages to be authenticated at any given time. Should this number be reached when attempting to login to the unit, a pop-up window displays indicating t...

Page 229 - SHIFT; Authentication Denied

A PPENDIX F: T ROUBLESHOOTING 211 Login Table 88 Troubleshooting Login P ROBLEM S OLUTION Login Failure To provide additional security, the unit login screen expires after three minutes. Therefore, all login attempts after this time period will fail. Reload the browser to reset this timer. Hold down...

Page 230 - Upgrade; FTP - Server Unreachable; Please note; that the attempt to upgrade firmware to the latest

212 D OMINION SX U SER G UIDE Upgrade Table 90 Troubleshooting Upgrade P ROBLEM S OLUTION FTP - Server Unreachable If FTP server specified in the upgrade panel is unreachable or incorrect, the upgrade process halts until a response is received from the FTP server or until a timeout occurs. Wait and ...

Page 231 - Modem

A PPENDIX F: T ROUBLESHOOTING 213 Figure 118 Firmware Upgrade – Connection Fail Figure 119 Firmware Upgrade – Auto Logout Modem Table 91 Troubleshooting Modem P ROBLEM S OLUTION Login Failure The unit supports Web-browser access through the modem at connection speeds of 28.8K bps or greater. If the ...

Raritan DSX-0N-E - Manual

Table of Contents:

Summary

Other Raritan Models