Tripp Lite 93-2879 - Manual

11 10. Nagios Integration Setting Nagios central management with SDT extensions and configuring the Console Server as a distributed Nagios server 11. System Management Covers access to and configuration of services to be run on the Console Server 12. Status Reports View the status and logs of serial...

12 location, to configure the Console Server, set up Users, configure the ports and connected hosts, and set up logging and alerts. An authorized User can use the Management Console to access and control configured devices, review port logs, use the in-built java terminal to access serially attached...

13 Text presented like this highlights important issues and it is essential you read and take heed of these warnings Text presented with an arrow head indent indicates an action you should take as part of the procedure. Bold text indicates text that you type, or the name of a screen object ( e.g. a ...

14 2. INSTALLATION Introduction This chapter describes the physical installation of the Console Server hardware and connection to controlled devices 2.1 Models There are a number of Console Server models, each with a different number of network, USB and serial ports and power supplies: Serial Ports ...

15 If you are installing your Console Server Management Switch in a rack you will need to attach the rack mounting brackets supplied with the unit, and install the unit in the rack. Take care to head the Safety Precautions Connect your Console Server Management Switch to the network, to the serial p...

16 2.2.2 Power: Console Server with PowerAlert The standard B092-016 Console Server has a built-in universal auto-switching AC power supply. This power supply accepts AC input voltage between 100 and 240 VAC with a frequency of 50 or 60 Hz and the power consumption is less than 40W. The AC power soc...

17 The Console Server also has a DB9 LOCAL (Console/Modem) port. This DB-9 connector is on the rear panel of the B092-016 Console Server, and on the front panel of the B096-048/016 Console Server Management Switch. 2.5 USB Port Connection The B096-048/016 Console Server Management Switch has one USB...

18 3. INITIAL SYSTEM CONFIGURATION Introduction This chapter provides step-by-step instructions for the initial configuration of your Console Server and connecting it to your management or operational network. This involves the Administrator: Activating the Management Console Changing the Administra...

20 You will be prompted to log in. Enter the default administration username and administration password: Username: root Password: default The above screen, which lists four initial installation configuration steps, will be displayed: 1. Change the default administration password on the System/Admin...

21 3.1.3 Initial B092-016 connection For the initial configuration of the B092-016 Console Server, you will need to connect a console (keyboard, mouse and display) or a KVM switch directly to its mouse, keyboard and VGA ports. When you initially power on the B092-016, you will be prompted on your di...

22 Select System: Administration Enter a new System Password then re-enter it in Confirm System Password. This is the new password for root , the main administrative user account, so it is important that you choose a complex password, and keep it safe You may now wish to enter a System Name and Syst...

23 If you select DHCP , the Console Server will look for configuration details from a DHCP server on your management LAN. This selection automatically disables any static address. The Console Server MAC address can be found on a label on the base plate Note In its factory default state (with no Conf...

24 You will then need to configure the IPv6 parameters on each interface page 3.4 System Services The Administrator has a selection of access protocols that can be used to access the Console Server. The factory default enables HTTPS and SSH access to the Console Server and disables HTTP and Telnet. ...

25 Select System: Services . Then select /deselect the service to be enabled /disabled. The following access protocol options are available: HTTPS Ensures secure browser access to all the Management Console menus. It also allows appropriately configured Users secure browser access to selected Manage...

26 There are also a number of related service options that can be configured at this stage: SNMP Enables netsnmp in the Console Server which will keep a remote log of all posted information. SNMP is disabled by default. To modify the default SNMP settings, the Administrator must make the edits at th...

27 Click Apply . As you apply your services selections, the screen will be updated with a confirmation message: Message Changes to configuration succeeded. 3.5 Communications Software You need to configure the access protocols that the communications software on the Administrator and User Computer w...

28 To use PuTTY for an SSH terminal session from a Windows client, enter the Console Server’s IP address as the ‘Host Name (or IP address)’ To access the Console Server command line, select ‘SSH’ as the protocol and use the default IP Port 22 Click ‘Open’ and the Console Server login prompt will app...

30 Note T he second Ethernet port on the B096-048/016 can be configured as either a Management LAN gateway port or it can be configured as an OoB/Failover port - but not both. So be sure that you did not allocate Management LAN as the Failover Interface when you configured the principal Network conn...

32 Once DHCP has initially allocated hosts addresses, it is recommended to copy these into the pre-assigned list so the same IP address will be reallocated in the event of a reboot. 3.6.3 Configure Management Switch for Failover or Broadband OoB The Management Switch in the B096-048/016 Console Serv...

33 4. SERIAL PORT AND NETWORK HOST Introduction The Console Server enables access and control of serially-attached devices and network-attached devices ( hosts ). The Administrator must configure access privileges for each of these devices, and specify the services that can be used to control the de...

35 4.1.2 Console Server Mode Select Console Server Mode to enable remote management access to the serial console that is attached to the serial port: Logging Level This specifies the level of information to be logged and monitored (refer to Chapter 7 - Alerts and Logging)

36 Telnet Check to enable Telnet access to the serial port. When enabled, a Telnet client on a User or Administrator’s computer can connect to a serial device attached to this serial port on the Console Server. The default port address is IP Address _ Port (2000 + serial port #) i.e. 2001 – 2048 Tel...

37 PuTTY can be downloaded at http://www.tucows.com/preview/195286.html SSH It is recommended that the User or Administrator uses SSH as the protocol for connecting to serial consoles attached to the Console Server when communicating over the Internet or any other public network. This will provide a...

38 This syntax enables users to set up SSH tunnels to all serial ports with only a single IP port 22 having to be opened in their firewall/gateway. TCP RAW TCP allows connections directly to a TCP socket. Communications programs such as PuTTY also support RAW TCP, however, this protocol would usuall...

39 4.1.3 SDT Mode This setting allows port forwarding of LAN protocols such as RDP, VNC, HTPP, HTTPS, SSH and Telnet through to computers which are connected locally to the Console Server by their serial COM port. However such port forwarding requires a PPP link to be set up over this serial port. R...

40 The getty will then configure the port and wait for a connection to be made. An active connection on a serial device is usually indicated by the Data Carrier Detect (DCD) pin on the serial device being raised. When a connection is detected, the getty program issues a login: prompt, and then invok...

41 You may secure the communications over the local Ethernet by enabling SSH however you will need to generate and upload keys (refer to Chapter 14 – Advanced Configuration ) 4.1.7 Syslog In addition to built-in logging and monitoring (which can be applied to serial-attached and network-attached man...

42 Users can be authorized to access specified Console Server serial ports and specified network-attached hosts. These users can also be given full Administrator status (with full configuration and management and access privileges). To simplify user setup, they can be configured as members of Groups...

44 Add a Username and a confirmed Password for each new User. You may also include information related to the user ( e.g. contact details) in the Description field Nominate Accessible Hosts and Accessible Ports to specify which serial ports and which LAN connected hosts you wish the user to have acc...

46 4.5 Trusted Networks The Trusted Networks facility gives you the option to nominate specific IP addresses that users (Administrators and Users) must be located at in order to have access to Console Server serial ports: Select Serial & Network: Trusted Networks To add a new trusted network, se...

47 Network IP Address 204.15.5.0 Subnet Mask 255.255.255.255 If however you want to allow all the users operating from within a specific range of IP addresses (say any of the thirty addresses from 204.15.5.129 to 204.15.5.158) to be permitted connection to the nominated port: Host /Subnet Address 20...

49 Next, you must register the Public Key as an Authorized Key on the Slave. In the simple case with only one Master with multiple Slaves, you need only upload the one RSA or DSA public key for each Slave. Note The use of key pairs can be confusing because in many cases one file (Public Key) fulfill...

52 5. FAILOVER AND OUT-OF-BAND ACCESS Introduction The Console Server has a number of failover and out-of-band access capabilities to ensure availability in the event there are difficulties in accessing the Console Server through the principal network path. This chapter covers: Out-of-band (OoB) acc...

54 established. Again, you can select any address for the Local IP Address but both must be in the same network range as the Remote IP Address The Default Route option enables the dialed PPP connection to become the default route for the Console Server The Custom Modem Initialization option allows a...

56 5.1.5 Set up Linux clients for dial-in The online tutorial http://www.yolinux.com/TUTORIALS/LinuxTutorialPPP.html presents a selection of methods for establishing a dial up PPP connection: - Command line PPP and manual configuration (which works with any Linux distribution) - Using the Linuxconf ...

57 When configuring the principal network connection on the System: IP Network Interface menu, select Management LAN (eth1) as the Failover Interface to be used when a fault has been detected with main Network Interface (eth0) Specify the Probe Addresses of two sites (the Primary and Secondary ) tha...

58 Then configure Management LAN Interface ( eth1 ) with the same IP setting that you used for the main Network Interface ( eth0 ) to ensure transparent redundancy In this mode, Network 2 (eth1) is available as the transparent back-up port to Network 1 (eth0) for accessing the management network. Ne...

60 6. SECURE TUNNELING AND SDT CONNECTOR Introduction Each Console Server has an embedded SSH server and uses SSH tunneling. This enables one Console Server to securely manage all the systems and network devices in the data center, using text-based console tools (such as SSH, Telnet, SoL) or graphic...

61 Using SDT Connector to Telnet or SSH connect to devices that are serially attached to the Console Server ( Section 6.4 ) The chapter then covers more advanced SDT Connector and SDT tunneling topics: Using SDT Connector for out of band access ( Section 6.5 ) Automatic importing and exporting of co...

62 SDT Connector can connect to the Console Server using an alternate OoB access. It can also be configured to access the Console Server itself and to access devices connected to serial ports on the Console Server. 6.2.1 SDT Connector client installation The SDT Connector set up program ( SDTConnect...

63 To operate SDT Connector, add the new gateways to the client software by entering the access details for each Console Server (refer to Section 6.2.2 ). Then let the client auto-configure with all host and serial port connections from each Console Server (refer Section 6.2.3 ). Now point-and-click...

64 Optionally, you can enter a Descriptive Name to display instead of the IP or DNS address, and any Notes or a Description of this gateway (such as its firmware version, site location or anything special about its network configuration). Click OK and an icon for the new gateway will now appear in t...

65 configure access to network-connected Hosts that the user is authorized to access and set up (for each of these Hosts) the services (e.g. HTTPS, IPMI2.0) and the related IP ports being redirected configure access to the Console Server itself (this is shown as a Local Services host) configure acce...

68 The second redirection is for the VNC service that the user may choose to launch later from the RAC web console. It automatically loads in a Java client served through the web browser, so it does not need a local client associated with it. On the Add Service screen, you can click Add as many time...

70 Also some clients are launched in a command line or terminal window. The Telnet client is an example of this: Click OK 6.2.8 Dial-in configuration If the client computer is dialing into Local/Console port on the Console Server, you will need to set up a dial-in PPP link: Configure the Console Ser...

72 specified when setting up the SDT Hosts on the Console Server was accounts.myco.intranet.com , then specify the Destination as accounts.myco.intranet.com:3389 If your destination computer is serially connected to the Console Server, set the Destination as <port label>:3389. For example, if ...

73 Select Local and click the Add button Click Open to SSH connect the Client computer to the Console Server. You will now be prompted for the Username/Password for the Console Server User you SDT enabled Note You can also secure the SDT communications from local and enterprise VPN-connected Client ...

75 6.3 SDT Connector to Management Console SDT Connector can also be configured for browser access to the gateway’s Management Console – and for Telnet or SSH access to the gateway command line. For these connections to the gateway itself, you must configure SDT Connector to access the gateway (itse...

76 6.4 SDT Connector - Telnet or SSH connect to serially attached devices SDT Connector can also be used to access text consoles on devices that are attached to the Console Server’s serial ports. For these connections, you must configure the SDT Connector client software with a Service that will acc...

77 Click Add then scroll to the bottom and click Apply Administrators by default have gateway and serial port access privileges; however for Users to access the gateway and the serial port, you will need to give those Users the required access privileges. Select Users & Groups from Serial & ...

78 cmd /c start "Starting Out of Band Connection" /wait /min rasdial network_connection login password The network_connection in the above is the name of the network connection as displayed in Control Panel -> Network Connections . Login is the dial-in username, and password is the dial-i...

79 6.6 Importing (and exporting) preferences To enable the distribution of pre-configured client config files, SDT Connector has an Export/Import facility: To save a configuration .xml file (for backup or for importing into other SDT Connector clients), select File -> Export Preferences and selec...

80 SSH client that SDT Connector launches (e.g. Putty, OpenSSH) and the host's SSH server for public key authentication. Essentially, what you are using is SSH over SSH, and the two SSH connections are entirely separate. 6.8 Setting up SDT for Remote Desktop Access Microsoft’s Remote Desktop Protoco...

81 To set the user(s) who can remotely access the system with RDP, click Add on the Remote Desktop Users dialog box Note If you need to set up new users for Remote Desktop access, open User Accounts in the Control Panel and proceed through the steps to nominate the new user’s name, password and acco...

82 In Computer , enter the appropriate IP Address and Port Number: Where there is a direct local or enterprise VPN connection, enter the IP Address of the Console Server, and the Port Number of the SDT Secure Tunnel for the Console Server’s serial port (the one that is attached to the Windows comput...

83 Note The Remote Desktop Connection software is pre-installed on Windows XP. However, for earlier Windows computers, you will need to download the RDP client: Go to the Microsoft Download Center site http://www.microsoft.com/downloads/details.aspx?familyid=80111F21-D48D-426E-96C2- 08AA2BD23A49&...

84 Note The rdesktop client is supplied with Red Hat 9.0: rpm -ivh rdesktop-1.2.0-1.i386.rpm For Red Hat 8.0 or other distributions of Linux; download source, untar, configure, make, make then install. rdesktop currently runs on most UNIX based platforms with the X Window System and can be downloade...

85 6.9 SDT SHH Tunnel for VNC Alternately, with SDT and Virtual Network Computing (VNC), Users and Administrators can securely access and control Windows 98/NT/2000/XP/2003, Linux, Macintosh, Solaris and UNIX computers. There’s a range of popular VNC software available (UltraVNC, RealVNC, TightVNC) ...

86 To set up a persistent VNC server on Red Hat Enterprise Linux 4: o Set a password using vncpasswd o Edit /etc/sysconfig/vncservers o Enable the service with chkconfig vncserver on o Start the service with service vncserver start o Edit /home/ username /.vnc/xstartup if you want a more advanced se...

88 Note For general background reading on Remote Desktop and VNC access, we recommend the following: The Microsoft Remote Desktop How-To http://www.microsoft.com/windowsxp/using/mobility/getstarted/remoteintro.mspx The Illustrated Network Remote Desktop help page http://theillustratednetwork.mvps.or...

91 Note The above notes describe setting up an incoming connection for Windows XP. The steps are the same for Windows 2003, except that the setup screens present slightly differently: Put a check in the box for Always allow directly connected devices such as palmtop….. Also, the option to Set up an ...

92 On the SDT Settings menu, select SDT Mode (which will enable port forwarding and SSH tunneling) and enter a Username and User Password. Note When you enable SDT, this will override all other Configuration protocols on that port Note If you leave the Username and User Password fields blank, they d...

93 7. ALERTS AND LOGGING Introduction This chapter describes the alert generation and logging features of the Console Server. The alert facility monitors the serial ports, all logins, the power status and environmental monitors and probes. It sends emails, SMS, Nagios or SNMP alerts when specified t...

94 In the SMTP Server field, enter the IP address of the outgoing mail Server You may enter a Sender email address which will appear as the “ from” address in all email notifications sent from this Console Server. Many SMTP servers check the sender’s email address with the host domain name to verify...

96 Note The Console Servers have an snmptrap daemon to send traps/notifications to remote SNMP servers on defined trigger events, as detailed above. The Console Servers also embed the net- snmpd daemon which accept SNMP requests from remote SNMP management servers and provides information on network...

99 Serial Port Pattern Match Alert – This alert will be triggered if a regular expression is found in the serial ports character stream that matches the regular expression you enter in the Pattern field. This alert type will only be applied serial ports UPS Power Status Alert - This alert will be tr...

100 If you have selected Applicable Alarm Sensor(s) that are to be monitored for this alert event, then you can also set time windows when these sensors will not be monitored (e.g. for a door-open sensor, you may not wish to activate the sensor alert monitoring during the working day) Click Apply 7....

101 7.4 Serial Port Logging In Console Server mode, activity logs of all serial port activity can be maintained. These records are stored on an off-server, or in the Console Server flash memory. Specify which serial ports are to have activities recorded and to what level data is to be logged: Select...

102 7.5 Network TCP or UDP Port Logging The Console Servers can also log any access to and communications with network attached Hosts. For each Host, when you set up the Permitted Services which are authorized to be used, you also must set up the level of logging that is to be maintained for each se...

103 POWER & ENVIRONMENTAL MANAGEMENT Introduction The B092-016 Console Server and B096-048/016 Console Server Management Switch products embed software that can be used to manage connected Power Distribution Systems (PDU’s), IPMI devices and Uninterruptible Power Supplies (UPS’s) supplied by a n...

105 system is unresponsive. To set up IPMI power control, the Administrator first enters the IP address/domain name of the BMC or service processor (e.g. a Dell DRAC) in Serial & Network: Network Hosts. Then in Serial & Network: RPC Connections, the Administrator specifies the RPC Type to be...

106 The outlet status is displayed. You can initiate the desired Action to be taken by selecting the appropriate icon: Power ON Power OFF Power Cycle Power Status You will only be presented with icons for those operations that are supported by the Target you have selected 8.2 Uninterruptible Power S...

110 8.2.3 Configuring powered computers to monitor a Managed UPS Once you have added a Managed UPS, each server that is drawing power through the UPS should be setup to monitor the UPS status as a Slave. This is done by installing the NUT package on each server, and setting up upsmon to connect to t...

111 - password is the Password of the Manager UPS 8.2.4 UPS alerts You can now set UPS alerts using Alerts & Logging: Alerts (refer to Chapter 7 ) 8.2.5 UPS status You can monitor the current status of all your Managed or Monitored UPS’s, whether they are on the network or connected serially or ...

112 NUT can be configured using the Management Console as described above, or you can configure the tools and manage the UPS’s directly from the command line. This section provides an overview of NUT. You can find full documentation at http://www.networkupstools.org/doc . NUT is built on a networked...

113 So NUT supports the more complex power architectures found in data centers, computer rooms and NOCs where many UPS’s from many vendors power many systems with many clients and each of the larger UPS’s power multiple devices and many of these devices are themselves dual powered. 8.3 Environmental...

117 AUTHENTICATION Introduction The Tripp Lite Console Server is a dedicated Linux computer, and it embodies popular and proven Linux software modules for secure network access (OpenSSH) and communications (OpenSSL) and sophisticated user authentication (PAM, RADIUS, TACACS+ and LDAP). This chapter ...

119 administrative control over the authentication and authorization processes. TACACS+ allows for a single access control server (the TACACS+ daemon) to provide authentication, authorization, and accounting services independently. Each service can be tied into its own database to take advantage of ...

121 LDAP The Lightweight Directory Access Protocol (LDAP) is based on the X.500 standard, but is significantly simpler and more readily adapted to meet custom needs. The core LDAP specifications are all defined in RFCs. LDAP is a protocol used to access information stored in an LDAP server. Further ...

123 port2 = 192.168.254.145/port05 } global = cleartext mit } RADIUS Example: paul Cleartext-Password := "luap" Service-Type = Framed-User, Fall-Through = No, Framed-Filter-Id=":group_name=admin" The list of groups may include any number of entries separated by a comma. If the admin ...

125 NAGIOS INTEGRATION Introduction Nagios is a powerful, highly extensible open source tool for monitoring network hosts and services. The core Nagios software package will typically be installed on a server or virtual server, the central Nagios server. Tripp Lite Console Servers can operate in con...

126 10.2 Central management The Nagios solution has three parts: the Central Nagios server, Distributed Console Servers and the SDT for Nagios software. Central Nagios server A vanilla Nagios 2.x or 3.x installation (typically on a Linux server) Generally running on a blade, PC, virtual machine, etc...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 129 Click Apply Now set the Console Server to send alerts to the Nagios server Select Alerts from the Alerts & Logging menu and click Add Alert In Description enter: Administrato...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 131 10.3.2 Enable NRPE monitoring Enabling NRPE allows you to execute plug-ins (such as check_tcp and check_ping ) on the remote Console Server to monitor serial or network attached ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 135 10.4 Advanced Distributed Monitoring Configuration 10.4.1 Sample Nagios configuration An example configuration for Nagios is listed below. It shows how to set up a remote Console...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 139 check_apt check_by_ssh check_clamd check_dig check_dns check_dummy check_fping check_ftp check_game check_hpjd check_http check_imap check_jabber check_ldap check_load check_mrtg...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 140 11. SYSTEM MANAGEMENT Introduction This chapter describes how the Administrator can perform a range of general system administration and configuration tasks on the Console Server...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 141 This will reset the Console Server back to its factory default settings and clear the Console Server’s stored configuration information. The hard erase will clear all custom sett...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 142 Specify the address and name of the downloaded Firmware Upgrade File, or Browse the local subnet and locate the downloaded file Click Apply and the Console Server appliance will ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 143 12. STATUS REPORTS Introduction This chapter describes the selection of status reports that are available for review: Port Access and Active Users Statistics Support Reports Sysl...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 144 12.3 Support Reports The Support Report provides useful status information that will assist the Tripp Lite technical support team to resolve any issues you may experience with yo...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 145 Remote System Logging The syslog record can be redirected to a remote Syslog Server: Enter the remote Syslog Server address and port details and then click Apply Local System Log...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 146 13. MANAGEMENT Introduction The Console Server Management Console has a number of reports and tools that can be accessed by both Administrators and Users: Access and control conf...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 147 To display Host logs select Manage: Host Logs and the Host to be displayed 13.3 Power Management Administrator and Users can access and manage the connected power devices. Select...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 148 Click Connect to SDT Connector to access the Console Server command line shell or the serial ports via SDT Connector. This will activate the SDT Connector client on the computer ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 149 To access the Console Server command line, enter the gateway’s TCP address (e.g. 192.168.254.198 ) as hostname and the Username (e.g. [email protected]). Then enter the Passwo...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 151 14. BASIC CONFIGURATION - LINUX COMMANDS Introduction For those who prefer to configure their Console Server at the Linux command line level (rather than use a browser and the Ma...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 152 14.1 The Linux Command line Power up the Console Server and connect the “terminal” device: o If you are connecting using the serial line, plug a serial cable between the Console ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 153 Options -a –run-all Run all registered configurators. This performs every configuration synchronization action pushing all changes to the live system -h –help Display a brief usa...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 154 14.2 Administration Configuration System Settings To change system settings to the following values: System Name og.mydomain.com System Password (root account) secret System SMTP...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 155 # /bin/config –-set=config.auth.server=192.168.0.32 # /bin/config –-set=config.auth.password=Secret # /bin/config –-set=”config.auth.ldap.basenode=some base node” The following c...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 156 Time Zone To change the system time zone USA to Eastern Standard Time, you need to issue the following commands: # /bin/config –-set=config.system.timezone=US/Eastern The followi...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 157 IP Address: 192.168.1.100 Primary DNS: 192.168.1.254 Secondary DNS: 10.1.0.254 You would need to issue the following commands from the command line: # /bin/config --set=config.in...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 158 # /bin/config –-set=config.console.flow=Hardware # /bin/config –-set=config.console.initstring=ATQ0V1H0 The following command will synchronize the live system with the new config...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 159 # /bin/config –-del=config.services.pingreply.enabled The following command will synchronize the live system with the new configuration. # /bin/config –-run=services Note: “/bin/...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 160 Supported flow-control values are 'Hardware', 'Software' and 'None'. Supported Protocol Configuration To ensure remote access to serial port 5 is configured as follows: Telnet Ac...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 161 So your new User will be the existing total plus 1, so if the previous command gave you 0, then you start with user number 1. If you already have 1 user, your new user will be nu...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 162 # /bin/config –-set=config.portaccess.rule2.netmask=255.255.255.0 # /bin/config –-set=”config.portaccess.rule2.description=foo bar.” # /bin/config –-set=config.portaccess.rule2.p...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 163 Alert Configuration You can add an email alert to the system from the command line by following these instructions: Determine the total number of existing alerts (if you have no ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 164 # config -s config.sdt.hosts.host3.tcpports.tcport3 = 3389 The above assumes the config below: # vi /etc/config/config.xml ~ </users> </host1> <total>3</tota...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 165 14.8 Configuration backup and restore Before backing up the configuration, you need to arrange a way to transfer the backup off-box. This could be via an NFS share, a Samba (Wind...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 166 As SSH uses these keys to avoid man-in-the-middle attacks, logging in may be disrupted. 14.9 General Linux command usage The Console Server platform is a dedicated Linux computer...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 168 15. ADVANCED CONFIGURATION Introduction This chapter documents the embedded portmanager application which manages the serial ports on the Console Server and gives examples of its...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 169 15.1 Advanced Portmanager pmshell The pmshell command acts similarly to the standard tip or cu commands, but all serial port access is directed via the portmanager. Example: To c...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 170 pmchat The pmchat command acts similarly to the standard chat command, but all serial port access is directed via the portmanager. Example: To run a chat script via the portmanag...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 171 Portmanager Daemon Command line options There is normally no need to stop and restart the daemon. To restart the daemon, just run the command: # portmanager Supported command lin...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 173 fi if [ -z "$LABEL" ]; then echo "Welcome $USER, you are connected to Port $PORT" else echo "Welcome $USER, you are connected to Port $PORT ($LABEL)" fi &...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 176 Resources There are many high-quality tutorials and HOWTOs available via the netfilter website; in particular, peruse the tutorials listed on the netfilter HOWTO page. A list of ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 177 The snmpd.conf is extremely powerful and too flexible to cover completely here. The configuration file itself is commented extensively and good documentation is available at the ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 178 To set the Engine ID field (SNMP version 3 only) config --set config.system.snmp.engineid2=800000020109840301 .. replacing 800000020109840301 with the engine ID To set the Userna...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 179 OpenSSH, the de facto open source SSH application, encrypts all traffic (including passwords) to effectively eliminate these risks. Additionally, OpenSSH provides a myriad of sec...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 180 Generating public/private rsa key pair. Enter file in which to save the key (/home/user/.ssh/id_rsa): /home/user/keys/control_room Enter passphrase (empty for no passphrase): Ent...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 184 Create a new file " authorized_keys " (with notepad) and copy your public key data from the "Public key for pasting into OpenSSH authorized_keys file" section of ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 185 The authenticity of host 'remhost (192.168.0.1)' can't be established. RSA key fingerprint is 8d:11:e0:7e:8a:6f:ad:f1:94:0f:93:fc:7c:e6:ef:56. Are you sure you want to continue c...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 186 As detailed in Chapter 4, the Server gateway is set up in Console Server mode with either RAW or RFC2217 enabled and the Client gateway is set up in Serial Bridging Mode with the...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 190 http://www.openssl.org/docs/apps/openssl.html http://www.openssl.org/docs/HOWTO/certificates.txt 15.8 HTTPS The Management Console can be served using HTTPS by running the webser...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 191 You will be prompted to enter a lot of information. Most of it doesn't matter, but the "Common Name" should be the domain name of your computer ( e.g. test.tripplite.com)...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 192 443 stream tcp nowait root sslwrap -cert /etc/config/ssl_cert.pem -key /etc/config/ssl_key.pem -exec /bin/httpd /home/httpd" Save the file and signal inetd of the configurati...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 196 This value will be passed to the scripts in the environment variable outlet , allowing the script to address the correct outlet. There are four possible scripts: on, off, cycle a...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 198 -f < password_file > Specifies a file containing the remote server password. If this option is absent, or if password_file is empty, the password will default to NULL. -h G...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 199 environments where system security is not an issue or where there is a dedicated secure 'management network' or access has been provided through an Console Server. Further, it is...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 200 ipmitool chassis help Chassis Commands: status, power, identify, policy, restart_cause, poh, bootdev ipmitool chassis power help chassis power Commands: status, on, off, cycle, r...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 202 16. THIN CLIENT (B092-016) Introduction The B092-016 has a selection of management clients (Firefox browser, SSH, Telnet, VNC viewer, ICA, RDP) embedded as well as the Tripp Lite...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 204 16.1.1 Connect- serial terminal Select Connect: Serial on the control panel and click on the desired serial port. A window will be created with a connection to the device on the ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 205 The B092-016 provides a powerful Mozilla Firefox browser with a licensed Sun Java JRE Java and all Java based trademarks and logos are trademarks or registered trademarks of Sun ...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 206 If the HostName was left blank when the VNC server connection was configured, then the VNC Viewer will start with a request for the VNC server. Selecting Options at this stage en...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 207 The B092-016 SSH connection uses OpenSSH ( http://www.openssh.com/ ) and the terminal connection is presented using rxvt ( ouR XVT ). You can find more details on configuration o...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 209 You can use Add/Delete/Edit to customize the rdesktop client (e.g. to include login username passwords). The command line protocol is: rdesktop -u windows-user-id -p windows-pass...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 210 16.1.8 Connect- PowerAlert Select Connect: PowerAlert on the control panel. The PowerAlert software will be launched. 16.2 Advanced Control Panel 16.2.1 System: Terminal Selectin...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 211 16.2.2 System: Shutdown / Reboot Clicking System: Shutdown on the control panel will shut down the B092-016 system. You will need to cycle the power to reactivate the B092-016 wi...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 212 16.3 Remote control You can access the B092-016 locally via a directly connected keyboard, monitor and mouse (or KVM switch). If the B092-016 is connected to a KVMoIP infrastruct...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 213 Appendix A Hardware Specification FEATURE VALUE Dimensions B096-016 / B096-048: 17 x 12 x 1.75 in (43.2 x 31.3. x 4.5 cm) B092-016: 17 x 6.7 x 1.75 in (44 x 17 x 4.5 cm) Weight B...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 214 Appendix B Serial Port Connectivity Pinout standards exist for both DB9 and DB25 connectors, however, there are not pinout standards for serial connectivity using RJ45 connectors...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 215 Connectors included in Console Server The B092-016 Console Server with PowerAlert, and the B096-048/016 Console Server Management Switch ship with a “cross-over” and a “straight”...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 216 Appendix C End User License Agreement READ BEFORE USING THE ACCOMPANYING SOFTWARE YOU SHOULD CAREFULLY READ THE FOLLOWING TERMS AND CONDITIONS BEFORE USING THE ACCOMPANYING SOFTW...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 218 REGARDING THE DEVICE OR THE SOFTWARE, THOSE WARRANTIES DO NOT ORIGINATE FROM, AND ARE NOT BINDING ON, TRIPP LITE. NO LIABILITY FOR CERTAIN DAMAGES. EXCEPT AS PROHIBITED BY LAW, T...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 221 distribution limitation excluding those countries, so that distribution is permitted only in or among countries not thus excluded. In such case, this License incorporates the lim...

_____________________________________________________________________ B096-016 B096-048 and B092-016 User Manual Page 223 Appendix D Service and Warranty Limited Warranty Seller warrants this product, if used in accordance with all applicable instructions, to be free from original defects in materia...