KVM On the NETTM CN8000 User Manual www.aten.
CN8000 User Manual FCC Information This is an FCC Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures. This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
CN8000 User Manual User Information Online Registration Be sure to register your product at our online support center: International http://support.aten.com North America http://www.aten-usa.
CN8000 User Manual Package Contents The basic CN8000 package consists of: 1 CN8000 2 Custom KVM Cable Sets 1 Custom Console Cable Set 1 USB 2.0 Virtual Media Cable 1 Power Adapter 1 Rack Mount Kit 1 Software CD 1 User Manual* 1 Quick Start Guide Check to make sure that all the components are present and that nothing got damaged in shipping. If you encounter a problem, contact your dealer.
CN8000 User Manual Contents FCC Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii RoHS. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii SJ/T 11364-2006. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . ii User Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .iii Online Registration . . . . . . . . . . .
CN8000 User Manual 4. Administration Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 27 Device Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 28 Network. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 Service Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 29 IP Address. . . . . . . . . . . . . . .
CN8000 User Manual Date/Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Time Zone . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60 Date . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Network Time . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Maintenance . . . . . . . . . . . . . . . . . . . . . . . . . .
CN8000 User Manual Zoom . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107 The On-Screen Keyboard . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 Mouse Pointer Type . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108 Mouse DynaSync Mode . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 Control Panel Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 7.
CN8000 User Manual 10.LDAP Server Configuration Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139 Install the Windows 2003 Support Tools. . . . . . . . . . . . . . . . . . . . . . . . . 139 Install the Active Directory Schema Snap-in . . . . . . . . . . . . . . . . . . . . . . 140 Create a Start Menu Shortcut Entry . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140 Extend and Update the Active Directory Schema . . . . . . . . . . . . . .
CN8000 User Manual Self-Signed Private Certificates . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Examples . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Importing the Files. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175 Troubleshooting . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176 General Operation. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
CN8000 User Manual About this Manual This User Manual is provided to help you get the most from your c/c system. It covers all aspects of installation, configuration and operation. An overview of the information found in the manual is provided below. Overview Chapter 1, Introduction, introduces you to the CN8000 System. Its purpose, features and benefits are presented, and its front and back panel components are described.
CN8000 User Manual Conventions This manual uses the following conventions: Monospaced [] Indicates text that you should key in. Indicates keys you should press. For example, [Enter] means to press the Enter key. If keys need to be chorded, they appear together in the same bracket with a plus sign between them: [Ctrl+Alt]. 1. Numbered lists represent procedures with sequential steps. ♦ Bullet lists provide information, but do not involve sequential steps.
CN8000 User Manual Terminology Throughout the manual we make reference to the terms Local and Remote in regard to the operators and equipment deployed in a CN8000 installation. Depending on the point of view, users and servers can be considered Local under some circumstances, and Remote under others: Switch’s Point of View Remote users – We refer to a user as a Remote user when we think of him as someone who logs into the switch over the net from a location that is remote from the switch.
CN8000 User Manual Product Information For information about all ATEN products and how they can help you connect without limits, visit ATEN on the Web or contact an ATEN Authorized Reseller. Visit ATEN on the Web for a list of locations and telephone numbers: International http://www.aten.com North America http://www.aten-usa.
Chapter 1 Introduction Overview The CN8000 is a control unit that provides “over-IP” capability to KVM switches that do not have built in over-IP functionality. It allows operators to monitor and access their computers from remote locations using a standard Internet browser or Windows and Java based application programs. The CN8000 connects to the Internet, an Intranet, LAN, or WAN using industry standard Cat 5e cable, then uses a custom KVM cable to connect to a local KVM switch or server.
CN8000 User Manual With its advanced security features, the CN8000 is the fastest, most reliable, most cost effective way to remotely access and manage widely distributed multiple computer installations. The Administrator and Client software included with the CN8000 make it easy to install, maintain, and operate.
1. Introduction Features and Benefits The features and benefits provided by a CN8000 deployment are described in the following table: Features Over-IP Capability for Legacy KVM Switches Benefits Protects your original KVM switch investment. No need to purchase new KVM switches to achieve the benefits of over-IP connectivity. Configuration and An easy-to-navigate graphical user interface makes for convenient, Operation Ease intuitive configuration and operation.
CN8000 User Manual Features Benefits On-Screen Keyboard The CN8000 supports multiple keyboard language input – including English, French, German, Italian, Spanish, Japanese, Korean, and Traditional Chinese. There is no need to have a separate keyboard for each language – you can input key data in any of these languages with the CN8000's convenient on-screen keyboard. Multi-Users / Multi-Logins The CN8000 supports up to 64 user accounts, and allows up to 32 concurrent user logins for single-bus access.
1. Introduction Features Remote Power Control Benefits You can add a PON (Power Over the NET™) power management unit and remotely control the power status of devices on your installation, including monitoring their current status, as well as turning servers On, Off and Rebooting them. Mouse DynaSync No need to re-sync your mouse – Mouse DynaSync provides automatic locked-in synching of the remote and local mouse pointers – eliminating the need to constantly resync the two movements.
CN8000 User Manual System Requirements Remote User Computers Remote user computers (also referred to as client computers) are the ones the users log into the switch with from remote locations over the internet (see Terminology, page xiii). The following equipment must be installed on these computers: For best results we recommend that the computers used to access the switch have at least a P III 1 GHz processor, with their screen resolution set to 1024 x 768.
1. Introduction Cables Two custom KVM cable sets (1 USB; 1 PS/2) to link the CN8000 to a server or KVM switch are provided with this package. Custom KVM cable sets are available in various lengths, as shown in the table below: Cable Type PS/2 USB Length CS Part Number 1.2 m 2L-5201P 1.8 m 2L-5202P 1.8 m 2L-5702P 3.0 m 2L-5203P 6.0 m 2L-5206P 1.2 m 2L-5201U 1.8 m 2L-5202U 3.0 m 2L-5203U 5.0 m 2L-5205U To purchase additional cable sets, contact your dealer.
CN8000 User Manual Video Only the following non-interlaced video signals are supported: Resolution 640 x 480 Refresh Rates 60, 72, 75, 85, 90, 100, 120 720 x 400 70 800 x 600 56, 60, 72, 75, 85, 90, 100, 120 1024 x 768 60, 70, 75, 85, 90, 100 1152 x 864 60, 70, 75, 85 1280 x 720 60 1280 x 1024 60, 70, 75, 85 1600 x 1200 60 Operating Systems Supported operating systems for remote user computers that log into the CN8000 include Windows 2000 and higher, and other systems capable of running S
1. Introduction Browsers Supported browsers for users that log into the CN8000 include the following: Browser Version IE 6 and higher Firefox 1.5 and higher Mozilla 1.7 and higher Safari* 2.0 and higher Opera 9.0 and higher Netscape 8.1 and higher * See Mac Systems, page 180, for further information regarding Safari.
CN8000 User Manual Components Front View 1 2 3 4 5 No. Component Description 1 LAN Port The Cat 5e cable that connects the CN8000 to the LAN, WAN, or Internet plugs in here. 2 Firmware Upgrade/Reset Switch 1. Pressing and releasing this switch performs a CN8000 system reset. (See Erratic operation, page 176.) 2. Pressing and holding this switch for more than three seconds returns the CN8000 to its factory default configuration settings. 3.
1. Introduction Rear View 1 2 No. Component 3 4 5 6 Description 1 Power Jack The power adapter cable plugs in here. 2 Virtual Media Port The cable that connects the CN8000 to a USB port on your server or KVM switch plugs in here. See Virtual Media, page 85, for virtual media details. 3 PC/KVM Port The KVM cable (supplied with this package) that links the CN8000 to your server or KVM switch plugs in here.
CN8000 User Manual Custom KVM Cables 1 2 No. Description 1 For use with PS/2 configuration servers or KVM switches. 2 For use with USB configuration servers or KVM switches. Note: The advantage of using a USB cable is that it allows automatic lockedin mouse synchronization. See Mouse DynaSync Mode, page 92, for details. Custom Console Cable USB Keyboard USB Mouse Video PS/2 Keyboard PS/2 Mouse Note: You can use any combination of keyboard and mouse connections.
Chapter 2 Hardware Setup 1. Important safety information regarding the placement of this device is provided on page 159. Please review it before proceeding. 2. Make sure that the power to any device that you connect to the installation has been turned off. You must unplug the power cords of any computers that have the Keyboard Power On function. Mounting Rack Mounting For convenience and flexibility, the CN8000 can be mounted on a system rack. To rack mount the unit do the following: 1.
CN8000 User Manual 3. Screw the bracket into any convenient location on the rack. Note: Rack screws are not provided. Use screws that are appropriate for your rack. DIN Rail Mounting To mount the CN8000 on a DIN rail: 1. Screw the mounting bracket to the back of the CN8000 as described in steps 1 and 2 of the wall mounting procedure. 2. Use the larger screws supplied with the Rack Mount Kit to screw the DIN rail brackets to the mounting bracket – as shown in the diagram, below: 3.
2. Hardware Setup Installation To install the CN8000, refer to the installation diagrams on the next two pages (the numbers correspond to the numbers of the steps), and do the following: 1. Use the Console cable provided with this package to connect the CN8000’s Console port, to the local console keyboard, monitor and mouse. Note: 1. The Console cable comes with connectors for both PS/2 and USB mice and keyboards – use the ones appropriate for your installation. 2.
CN8000 User Manual 5. (Optional) If you want to connect a serial console device or modem, plug its cable into the RS-232 port. 6. Plug the LAN or WAN cable into the CN8000's LAN port. 7. Plug the power adapter cable into the CN8000's power jack, then plug the power adapter into an AC power source. This completes the hardware installation, and you are ready to start up. Note: When starting up, be sure to first power on the CN8000, then power on the server or KVM switch.
2.
CN8000 User Manual This Page Intentionally Left Blank 18
Chapter 3 Browser Login The CN8000 can be accessed either from an internet type browser, via Windows and Java application (AP) program, or by PPP modem dial-in. The next several chapters describe browser-based operations; AP access is discussed in Chapter 9; PPP modem login is discussed on page 169. Logging In To operate the CN8000 from an Internet browser, begin by logging in: 1. Open your browser and specify the IP address of the CN8000 you want to access in the browser's URL location bar. Note: 1.
CN8000 User Manual (Continued from previous page.) 2. A Security Alert dialog box appears. Accept the certificate – it can be trusted. (See Trusted Certificates, page 171, for details.) If a second certificate appears, accept it as well.
3. Browser Login 3. Provide a valid Username and Password (set by the CN8000 administrator), then click Login to continue. Note: 1. If you are the administrator, and are logging in for the first time, use the default Username: administrator; and the default Password: password. For security purposes, we strongly recommend you remove these and give yourself a unique Username and Password (see User Management, page 49). 2.
CN8000 User Manual Main Webpage Elements The Main page consists of user access icons arranged vertically down the left side; administrative function icons arranged across the top; a Remote Console Preview window with an icon to launch the Java or WinClient Viewer displayed in the center; and an Exit Macro list box just below the Remote Console Preview Note: If a user doesn’t have permission to perform a particular activity, the icon for that activity doesn’t appear.
3. Browser Login Remote Console Preview The main portion of the panel shows a snapshot of the server’s display. Clicking Refresh updates the snapshot of the remote display. The links that appear below the Refresh button depend on the browser you are using, and your User Preferences Viewer choice (see page 25): If you are logging in with a browser other than Windows Internet Explorer, a Java Applet Viewer icon (a steaming cup of coffee), and the link words “Open Viewer” display.
CN8000 User Manual Exit Macro The Exit Macro panel contains a dropdown listbox of user created System macros: You can select a macro from the list that will execute when exiting the remote server. See System Macros, page 77, for details on creating exit macros.
3. Browser Login User Preferences The User Preferences page allows the user to set three parameters: Viewer, Language, and Password: The page settings are explained in the following table: Setting Viewer Function You can choose which viewer is used when accessing a server: Auto Detect will select the appropriate viewer based on the web browser used; WinClient for Windows Internet Explorer; Java Client for other web browsers (Firefox, etc.).
CN8000 User Manual This Page Intentionally Left Blank 26
Chapter 4 Administration Introduction The administration utilities, represented by the icons located across the top of the CN8000 web page, are used to configure the CN8000’s operating environment. This chapter discusses each of them in turn. Note: 1. As you make your configuration changes in each dialog box, click Apply to save them. 2. Some configuration changes only take effect after a CN8000 reset. For those changes, a check is automatically put in the Reset on Exit box (see Customization, page 58).
CN8000 User Manual Device Information The Device Information page is the first of the Administration pages, and provides information about the CN8000's status. An explanation of each of the fields is given in the table below: Field Explanation Device Name: To make it easier to manage installations that have more than one CN8000, each one can be given a name. To assign a name for the CN8000, key in one of your choosing here (16 characters max.), then click Apply.
4. Administration Network The Network dialog is used to specify the CN8000's network environment. Service Ports If a firewall is being used, the Administrator can specify the port numbers that the firewall will allow (and set the firewall accordingly). If a port other than the default is set, users must specify the port number as part of the IP address when they log in. If not, an invalid port number (or no port number) is specified, the CN8000 will not be found. (Continues on next page.
CN8000 User Manual (Continued from previous page.) An explanation of the fields is given in the table below: Field HTTP Explanation The port number for a browser login. The default is 80. HTTPS The port number for a secure browser login. The default is 443. Telnet Port The port for Telnet access. The default is 23. Program This is the port number for connecting to the CN8000 from the Windows Client and Java Applet Viewers, and from the Windows and Java AP programs. The default is 9000.
4. Administration DNS Server The CN8000 can either have its DNS server address assigned automatically, or a fixed address can be specified. For automatic DNS Server address assignment, select the Obtain DNS server address automatically, radio button. To specify a fixed address, select the Use the following DNS server address, radio button and fill in the required information. Note: Specifying at the alternate DNS Server address is optional.
CN8000 User Manual ANMS The Advanced Network Management Settings page allows you to set up login authentication and authorization management from external sources. It is divided into several sections, each of which is described in the sections that follow. IP Installer The IP Installer is an external Windows-based utility for assigning IP addresses to the CN8000. Click one of the radio buttons to select Enable, View Only, or Disable for the IP Installer utility. See page 163for IP Installer details.
4. Administration SMTP Settings To have the CN8000 email reports from the SMTP server to you, do the following: 1. Enable the Enable report from the following SMTP server, and key in the IP address of your SMTP server. 2. If your server requires authentication, put a check in the Server requires authentication checkbox, and key in the appropriate account information in the Account Name and Password fields. 3. Key in the email address of where the report is being sent from in the From field. Note: 1.
CN8000 User Manual Log Server Important transactions that occur on the CN8000, such as logins and internal status messages, are kept in an automatically generated log file Specify the MAC address of the computer that the Log Server runs on in the MAC address field. Specify the port used by the computer that the Log Server runs on to listen for log details in the Port field. The valid port range is 1–65535. The default port number is 9001.
4. Administration Syslog Server To record all the events that take place on the CN8000 and write them to a Syslog server, do the following: 1. Check Enable. 2. Key in the IP address and the port number of the Syslog server. The valid port range is 1-65535. DDNS DDNS allows the mapping of a dynamic IP address assigned by a DHCP server to a hostname. To provide DDNS capability for the CN8000, do the following: 1. Check Enable. 2. Enter the hostname that you registered with your DDNS service provider. 3.
CN8000 User Manual Disable Local Authentication Selecting this option will disable login authentication locally on the CN8000. The switch can only be accessed using LDAP, LDAPS, MS Active Directory, RADIUS or CC Management authentication. RADIUS Settings To allow authentication and authorization for the CN8000 through a RADIUS server, do the following: 1. Check Enable. 2. Fill in the IP addresses and port numbers for the Preferred and Alternate RADIUS servers. 3.
4. Administration 6. On the RADIUS server, set the access rights for each user according to the information in the table, below: Character Meaning c Grants the user administrator privileges, allowing the user to configure the system. w Allows the user to access the system via the Windows Client program. j Allows the user to access the system via the Java applet. p Allows the user to Power On/Off, Reset devices via an attached PN0108.
CN8000 User Manual LDAP Settings To allow authentication and authorization for the CN8000 via LDAP / LDAPS, refer to the information in the table, below: Item Action Enable Put a check in the Enable checkbox to allow LDAP / LDAPS authentication and authorization. LDAP / LDAPS Click a radio button to specify whether to use LDAP or LDAPS. Enable Authorization Select whether to enable Enable Authorization, or not. 1.
4. Administration Item Action LDAP Administrator Password Key in the LDAP administrator’s password. Search DN Set the distinguished name of the search base. This is the domain name where the search starts for user names. Note: If Enable Authorization is not checked, this field must include the entry where the CN8000 Admin Group is created. Consult the LDAP / LDAPS administrator to ascertain the appropriate value. CN8000 Admin Group Key in the Group Name for CN8000 administrator users.
CN8000 User Manual Security The Security page controls access to the CN8000. User Station Filters If any filters have been configured, they appear in the IP Filter and/or MAC Filter list boxes. IP and MAC Filters control access to the CN8000 based on the IP and/or MAC addresses of the computers attempting to connect. A maximum of 100 IP filters and 100 MAC filters are allowed. To enable IP and/or MAC filtering, Click to put a check mark in the IP Filter Enable and/or MAC Filter Enable checkbox.
4. Administration Adding Filters To add an IP filter, do the following: 1. Click Add. A dialog box similar to the one below appears: 2. Key the address you want to filter in the From: field. To filter a single IP address, key the same address in the To: field. To filter a continuous range of addresses, key in the end number of the range in the To: field. 3. After filling in the address, click OK. 4. Repeat these steps for any additional IP addresses you want to filter.
CN8000 User Manual In other word’s, if either filter blocks a computer, then the computer is blocked, no matter what the other filter is set to. Modifying Filters To modify a filter, select it in the IP Filter or MAC Filter list box and click Modify. The Modify dialog box is similar to the Add dialog box. When it comes up, simply delete the old address(es) and replace it with the new one(s). Deleting Filters To delete a filter, select it in the IP Filter or MAC Filter list box and click Delete.
4. Administration Account Policy In the Account Policy section, system administrators can set policies governing usernames and passwords. The meanings of the Account Policy entries are explained in the table below: Entry Explanation Minimum Username Length Sets the minimum number of characters required for a username. Acceptable values are from 1–16. The default is 6. Minimum Password Length Sets the minimum number of characters required for a password. Acceptable values are from 0–16.
CN8000 User Manual Login Failures For increased security, the Login Failures section allows administrators to set policies governing what happens when a user fails to log in successfully. To set the Login Failures policies, check the Enable checkbox (the default is for Login Failures to be enabled). The meanings of the entries are explained in the table below: Entry Explanation Allowed Sets the number of consecutive failed login attempts that are permitted from a remote computer.
4. Administration Encryption These flexible encryption alternatives for keyboard/mouse, video, and virtual media data let you choose any combination of DES; 3DES; AES; RC4; or a Random cycle of any or all of them. Enabling encryption will affect system performance – no encryption offers the best performance; the greater the encryption the greater the adverse effect.
CN8000 User Manual Virtual Media The CN8000’s Virtual Media feature allows a drive, folder, image file, removable disk, or smart card reader on a user’s system to appear and act as if it were installed on the remote server. Read Only refers to the redirected device being able to send data to the remote server, but not to have data from the remote server written to it. If Read Only is selected, even users with Read/Write permissions will only be able to read – they will not be able to write.
4. Administration Private Certificate When logging in over a secure (SSL) connection, a signed certificate is used to verify that the user is logging in to the intended site. For enhanced security, the Private Certificate section allows you to use your own private encryption key and signed certificate, rather than the default ATEN certificate.
CN8000 User Manual Others Browser Service allows the administrator to limit the scope of browser access to the CN8000. Put a check in the checkbox to enable this function, then select the browser limitation in the drop down list box. Choices are explained in the following table: Item Explanation Disable Browser If this is selected, the CN8000 cannot be accessed via a browser. It can only be accessed from the AP programs (see AP Operation, page 121).
4. Administration User Management The User Management page is used to create and manage user profiles. Up to 64 user profiles can be established. To add a user profile, fill in the information asked for in the right panel, then click Add. The new user’s name appears in the left panel. To delete a user profile, select it from the names displayed in the left panel, and click Remove. The user’s name is removed from the panel.
CN8000 User Manual An explanation of the profile items is given in the table below: Item Explanation Username From 1 to16 characters are allowed depending on the Account Policy settings. See Account Policy, page 43. Password From 0 to16 characters are allowed depending on the Account Policy settings. See Account Policy, page 43. Confirm Password To be sure there is no mistake in the password you are asked to enter it again. The two entries must match.
4. Administration Console Management The Console Management page consists of two sub-pages – Serial Console and OOBC – that are used to set up the operating parameters for the CN8000's RS232 (serial) port. An explanation of the parameters and how to set them are given in the sections that follow. Note: Only one of these functions can be active at a time. Selecting one automatically disables the other.
CN8000 User Manual To set up the serial communications parameters, put a check in the Enable checkbox, and make your parameter selections according to the information provided in the table below. Port Property Settings The meanings of the property settings are given in the following table: Setting Meaning Baud Rate This sets the port’s data transfer speed. Choices are from 300— 115200 (drop down the list to see them all). Set this to match the baud rate setting of the connected device.
4. Administration Port Alert Settings The Port Alert Settings dialog box provides a way for you to be informed about events that occur on the devices connected to the CN8000's ports. You can specify up to 10 types of events (e.g., Power On) in the Alert String fields. When a specified alert occurs during the serial console session, the CN8000 writes the event information to the log file.
CN8000 User Manual OOBC In case the CN8000 cannot be accessed with the usual LAN-based methods, it can be accessed with an external modem via the switch’s RS-232 port. To enable support for PPP (modem) operation, click to put a checkmark in the Enable Out of Band Access checkbox. Note: Enabling out of band access automatically enables Dial In operation. See PPP Modem Operation, page 169, for set up and operation details.
4. Administration Enable Dial Out For the dial out function, you must establish an account with an ISP (Internet Service Provider), and then use a modem to dial up to your ISP account. An explanation of the items in the Enable Dial Back section is given in the table below: Item ISP Settings Action Specify the telephone number, account name (username), and password that you use to connect to your ISP.
CN8000 User Manual Item Action Dial Out Schedule This entry sets up the times you want the CN8000 to dial out over the ISP connection. Every provides a listing of fixed times from every hour to every four hours. If you select Every two hours (for example), the CN8000 will start dialing out every two hours beginning at the next complete hour (if it is now 13:10, it will start dialling at 14:00). If you don't want the CN8000 to dial out on a fixed schedule, select Never from the list.
4. Administration Sessions The Session page lets the administrator see at a glance all the users currently logged into the CN8000, and provides information about each of their sessions. The meanings of the headings at the top of the page are fairly straightforward. The Client IP heading refers to the IP address that the user has logged in from. The Service heading refers to the means the user employed to connect to the CN8000 (Browser, WinClient AP, JavaClient AP, etc.).
CN8000 User Manual Customization The Customization page allows the Administrator to set Timeout, Login failure, and Working mode parameters. An explanation of the Customization parameters is given in the table below: Parameter Timeout Working Mode 58 Explanation If there is no user input for the amount of time specified here, the user is automatically logged out, and must log in again before the CN8000 can be accessed. The default is 3 minutes.
4. Administration Parameter USB IO Settings Explanation OS Specifies the operating system that the server on the connected port is using. Choices are Win, Mac, Sun, and Other. The default is Win. Language Specifies the OS language being used by the server on the connected port. Drop down the list to see the available choices. The default is English US.
CN8000 User Manual Date/Time The Date/Time dialog page sets the CN8000 time parameters: Set the parameters according to the information below. Time Zone To establish the time zone that the CN8000 is located in, drop down the Time Zone list and choose the city that most closely corresponds to where it is at. If your country or region employs Daylight Saving Time (Summer Time), check the corresponding checkbox.
4. Administration Date Select the month from the dropdown listbox. Click < or > to move backward or forward by one year increments. In the calendar, click on the day. To set the time, key in the numbers using the 24 hour HH:MM:SS format. Click Set to save your settings. Network Time To have the time automatically synchronized to a network time server, do the following: 1. Check the Enable auto adjustment checkbox. 2.
CN8000 User Manual Maintenance The Maintenance page allows the Administrator to upgrade the CN8000’s firmware, and to backup and restore the CN8000’s configuration settings and user profile information. Firmware Upgrade As new versions of the CN8000 firmware become available, they can be downloaded from our website. Check the website regularly to find the latest information and packages. To upgrade the firmware, do the following: 1. Download the new firmware file to your computer. 2.
4. Administration Backup The Backup section of the page gives you the ability to back up the CN8000’s configuration and user profile information. To perform a backup, do the following: 1. (Optional) In the Password field, key in a password for the file. Note: If you set a password, make a note of it, since you will need it to be able to perform restore operations with the file. 2. Click Backup. 3.
CN8000 User Manual Restore Backed up User Account and Configuration information can be restored with the Restore section of the page. Information currently configured on the CN8000 will be replaced with the information that you restore. To restore a previous backup, do the following: 1. If a password was set when the backup was made, key the same password that you used to save the backup file in the Password field. If a password wasn’t set, you can leave this field blank.‘ 2.
Chapter 5 The WinClient Viewer Starting Up The WinClient Viewer is only available when you log in using the Microsoft Internet Explorer (IE) browser. After you log in (see Logging In, page 19), click the Open Windows Client link on the Remote Console Preview panel. Note: The links that appear below the Refresh button depend on the browser you are using, and your User Preferences Viewer choice.
CN8000 User Manual A second or two after you click the Open Windows Client link, the remote server’s display appears as a window on your desktop: Navigation You can work on the remote system via the screen display on your monitor just as if it were your local system. You can maximize the window, drag the borders to resize the window; or use the scrollbars to move around the screen. You can switch between your local and remote programs with [Alt + Tab]. Note: 1.
5. The WinClient Viewer The WinClient Control Panel The WinClient control panel is hidden at the upper or lower center of the screen (the default is up). It becomes visible when you move the mouse pointer over it: Note: 1. The above image shows the complete Control Panel. The icons that appear can be customized. See Control Panel Configuration, page 94, for details. 2. To move the Control Panel to a different location on the screen, place the mouse pointer over the text bar area, then click and drag.
CN8000 User Manual Control Panel Functions The Control Panel functions are described in the table below. Note: Clicking the T button at the top right of the dialog boxes that appear for the control panel functions brings up a slider to adjust the transparency of the dialog box. After making your adjustment, click anywhere in the dialog box to dismiss the slider. Icon Function This is a toggle. Click to make the Control Panel persistent – i.e., it always displays on top of other screen elements.
5. The WinClient Viewer Icon Function Click to bring up the Virtual Media dialog box. The icon changes when a virtual media device is started on the port. See Virtual Media, page 85, for specific details. Note: This icon displays in gray when the function is disabled or not available to the user. Click to zoom the remote display window. Note: This feature is only available in windowed mode (Full Screen Mode is off). See Zoom, page 89, for details.
CN8000 User Manual Icon Function These icons show the Num Lock, Caps Lock, and Scroll Lock status of the remote computer. When the lock state is On, the LED is bright green and the lock hasp is closed. When the lock state is Off, the LED is dull green and the lock hasp is open. Click on the icon to toggle the status. Note: These icons and your local keyboard icons are in sync. Clicking an icon causes the corresponding LED on your keyboard to change accordingly.
5. The WinClient Viewer Macros The Macros icon provides access to three functions found in the Macros dialog box: Hotkeys, User Macros, and System Macros. Each of these functions is described in the following sections. Hotkeys Various actions, corresponding to clicking the Control Panel icons, can be accomplished directly from the keyboard with hotkeys. Selecting the Hotkeys radio button lets you configure which hotkeys perform the actions.
CN8000 User Manual An explanation of the Hotkey actions is given in the table below: Action Explanation Exit remote location Exits the remote view and goes back to the web browser Main Page. This is equivalent to clicking the Exit icon on the Control Panel. The default keys are F2, F3, F4. Adjust Video Brings up the Video Settings dialog box. This is equivalent to clicking the Video Settings icon on the Control Panel. The default keys are F5, F6, F7. Toggle OSD Toggles the Control Panel Off and On.
5. The WinClient Viewer User Macros User Macros are used to perform specific actions on the remote server. To create the macro, do the following: 1. Select the User Macros radio button, then click Add. 2.
CN8000 User Manual 3. Click Record. The dialog box disappears, and a small panel appears at the top left of the screen: 4. Press the keys for the macro. To pause macro recording, click Pause. To resume, click Pause again. Clicking Show brings up a dialog box that lists each keystroke that you make, together with the amount of time each one takes: Clicking Cancel cancels all keystrokes. When you have finished, click Stop. This is the equivalent of clicking Done in Step 5. Note: 1.
5. The WinClient Viewer 5. If you haven’t brought up the Show dialog, click Done when you have finished recording your macro. You return to the Macros dialog box with your system macro key presses displayed in the Macro column: 6. If you want to change any of the keystrokes, select the macro and click Edit. This brings up a dialog box similar to the one for Show. You can change the content of your keystrokes, change their order, etc. 7. Repeat the procedure for any other macros you wish to create.
CN8000 User Manual After creating your macros, you can run them in any of three ways: 1. By using the hotkey (if one was assigned). 2. By opening the Macro List on the Control Panel and clicking the one you want (see Macro List, page 69). 3. By opening this dialog box and clicking Play. If you run the macro from this dialog box, you have the option of specifying how the macro runs. If you choose Play Without Wait, the macro runs the keypresses one after another with no time delay between them.
5. The WinClient Viewer Search Search, at the bottom of the dialog box, lets you filter the list of macros that appear in the large upper panel for you to play or edit. Click a radio button to choose whether you want to search by name or by key; key in a string for the search; then click Search. All instances that match your search string appear in the upper panel. System Macros System Macros are used to create exit macros for when you close a session.
CN8000 User Manual 3. Click Record. The dialog box disappears, and a small panel appears at the top left of the screen: 4. Press the keys for the macro. To pause macro recording, click Pause. To resume, click Pause again. Clicking Show brings up a dialog box that lists each keystroke that you make, together with the amount of time each one takes (see page 78). Note: 1. Case is not considered – typing A or a has the same effect. 2. When recording the macro the focus must be on the remote screen.
5. The WinClient Viewer 7. Repeat the procedure for any other macros you wish to create. Once the system macros have been created, you can choose to run any one them upon logging out of the CN8000 (see Exit Macro, page 24, for details). Note: 1. Information about the Search function is given on page 77. 2.
CN8000 User Manual Video Settings The Video Settings dialog box allows you to adjust the placement and picture quality of the remote screen display on your monitor. The meanings of the adjustment options are given in the table below: Option Usage Screen Position Adjust the horizontal and vertical position of the remote computer window by Clicking the Arrow buttons.
5. The WinClient Viewer Option RGB Usage Drag the slider bars to adjust the RGB (Red, Green, Blue) values. When an RGB value is increased, the RGB component of the image is correspondingly increased. If you enable Set to Grayscale, the remote video display is changed to grayscale. Gamma This section allows you to adjust the video display's gamma level. This function is discussed in detail in the next section, Gamma Adjustment.
CN8000 User Manual Gamma Adjustment If it is necessary to correct the gamma level for the remote video display, use the Gamma function of the Video Adjustment dialog box. Under Basic configuration, there are ten preset and four user-defined levels to choose from. Drop down the list box and choose the most suitable one.
5. The WinClient Viewer The Message Board To alleviate the possibility of access conflicts resulting from multiple user logins, the CN8000 provides a message board that allows users to communicate with each other: The Button Bar The buttons on the Button Bar are toggles. Their actions are described in the table below: Button Action Enable/Disable Chat. When disabled, messages posted to the board are not displayed. The button is shadowed when Chat is disabled.
CN8000 User Manual Message Display Panel Messages that users post to the board - as well as system messages - display in this panel. If you disable Chat, however, messages that get posted to the board won't appear. Compose Panel Key in the messages that you want to post to the board in this panel. Click Send, or press [Enter] to post the message to the board. User List Panel The names of all the logged in users are listed in this panel. Your name appears in blue; other users' names appear in black.
5. The WinClient Viewer Virtual Media The Virtual Media feature allows a drive, folder, image file, or removable disk on a local client computer to appear and act as if it were installed on the remote server. Virtual Media also supports a smart card reader function that allows a reader plugged into a local client computer to appear as if it were plugged into the remote server.
CN8000 User Manual Depending on your selection, additional dialog boxes appear enabling you to select the drive, file, folder, or removable disk you desire. See Virtual Media Support, page 183 for details about mounting these media types. 3. To add additional media sources, click Add, and select the source as many times as you require. Up to three virtual media choices can be mounted. The top three in the list are the ones that are selected.
5. The WinClient Viewer 3. To remove an entry from the list, select it and click Remove. 4. After you have made your media source selections, click Mount. The dialog box closes. The virtual media devices that you have selected are redirected to the remote system, where they show up as drives, files and folders on the remote system’s file system.
CN8000 User Manual Smart Card Reader The smart card reader function allows a reader plugged into a local client computer’s USB port to be redirected, and appear as if it were plugged into the remote server. One purpose of smart cards (Common Access Cards, for example), is to allow authentication to the remote server from the local client.
5. The WinClient Viewer Zoom The Zoom icon controls the zoom factor for the remote view window. Settings are as follows: Setting Description 100% Sizes and displays the remote view window at 100%. 75% Sizes and displays the remote view window at 75%. 50% Sizes and displays the remote view window at 50%. 25% Sizes and displays the remote view window at 25%. 1:1 Sizes and displays the remote view window at 100%.
CN8000 User Manual The On-Screen Keyboard The CN8000 supports an on-screen keyboard, available in multiple languages, with all the standard keys for each supported language. Click this icon to pop up the on-screen keyboard: One of the major advantages of the on-screen keyboard is that if the keyboard languages of the remote and local systems aren’t the same, you don’t have to change the configuration settings for either system.
5. The WinClient Viewer To display/hide the expanded keyboard keys, click the arrow to the right of the language list arrow.
CN8000 User Manual Mouse Pointer Type The CN8000 offers a number of mouse pointer options when working in the remote display. Click this icon to select the type that you would like to work with: Note: The icon on the Control Panel changes to match your choice. Mouse DynaSync Mode Clicking this icon selects whether synchronization of the local and remote mouse pointers is accomplished either automatically or manually.
5. The WinClient Viewer Mac and Linux Considerations For Mac systems, there is a second DynaSync setting to choose from. If the default synchronization result is not satisfactory, you can try the Mac 2 setting. To select Mac 2, right click in the text area of the Control Panel and select Mouse Sync Mode → Automatic for Mac 2: There is also an additional setting for Linux on the Mouse Sync Mode menu. If the default synchronization result is not satisfactory, you can try the Redhat AS3.0 setting.
CN8000 User Manual Control Panel Configuration Clicking the Control Panel icon brings up a dialog box that allows you to configure the items that appear on the Control Panel, as well as its graphical settings: The dialog box is organized into six main sections as described in the table, below: Item Description Customize Control Panel Allows you to select which icons display in the Control Panel Control Panel Style Enabling Transparent makes the Control Panel semi-transparent, so that you can see th
5. The WinClient Viewer Item Screen Options Description If Full Screen Mode is enabled, the remote display fills the entire screen. If Full Screen Mode is not enabled, the remote display appears as a window on the local desktop. If the remote screen is larger than what is able to fit in the window, scrollbars will appear. If Keep Screen Size is enabled, the remote screen is not resized.
CN8000 User Manual This Page Intentionally Left Blank 96
Chapter 6 The JavaClient Viewer Introduction The JavaClient Viewer makes the CN8000 accessible to all platforms that have the Java Runtime Environment (JRE) installed. (See System Requirements, page 6, for the required JRE version.) The JRE is available for free download from the Java web site (http://java.com). To run the JavaClient Viewer, after you log in (see Logging In, page 19), Click the Open Java Applet link on the Remote Console Preview panel.
CN8000 User Manual A second or two after you click the Open Java Applet (or Open Viewer) link, the remote server’s display appears as a window on your desktop: Navigation You can work on the remote system via the screen display on your monitor just as if it were your local system. You can maximize the window, drag the borders to resize the window; or use the scrollbars to move around the screen. You can switch between your local and remote programs with [Alt + Tab]. Note: 1.
6. The JavaClient Viewer The JavaClient Control Panel The JavaClient control panel is hidden at the top center of the screen. It becomes visible when you move the mouse pointer into that area: Note: 1. The above image shows the complete Control Panel. The icons that appear can be customized. See Control Panel Configuration, page 109, for details. 2. To place the control panel anywhere on the screen, move the mouse pointer over the text bar area and drag the panel to the new position.
CN8000 User Manual Control Panel Functions The Control Panel functions are described in the table below: Icon Function This is a toggle. Click to make the Control Panel persistent – i.e., it always displays on top of other screen elements. Click again to have it display normally. Click to bring up the Macros dialog box (see Macros, page 102 for details). Click to bring up the Video settings dialog box. Right-click to perform a quick Auto Sync (see Video Settings, page 104, for details).
6. The JavaClient Viewer Icon Function Click to select the mouse pointer type. Note: This icon changes depending on which mouse pointer type is selected (see Mouse Pointer Type, page 108). Click to toggle Automatic or Manual mouse sync. When the selection is Automatic, a green √ appears on the icon. When the selection is Manual, a red X appears on the icon. See Mouse DynaSync Mode, page 92 for a complete explanation of this feature. Click to display a dropdown list of User macros.
CN8000 User Manual Macros The Macros icon provides access to three functions found in the Macros dialog box: Hotkeys, User Macros, and System Macros. Each of these functions is described in the following sections. Hotkeys Various actions related to manipulating the remote server can be accomplished with hotkeys. Selecting the Hotkeys radio button lets you configure which hotkeys perform the actions. Hotkey operation is the same under the JavaClient as it is under the WinClient.
6. The JavaClient Viewer User Macros User Macros are used to perform specific actions on the remote server. To create the macro, do the following: 1. Select the User Macros radio button, then click Add. User Macro operation is the same under the JavaClient as it is under the WinClient. See User Macros, page 73, for details. System Macros System Macros are used to create exit macros for when you close a session.
CN8000 User Manual Search Search allows you to find previously created macros and have them listed in the large upper panel for you to play or edit. The Search operation is the same under the JavaClient as it is under the WinClient. See Search, page 77, for details. Video Settings The Video settings dialog box allows you to adjust the placement and picture quality of the remote screen display on your monitor. Video Settings operation is the same under the JavaClient as it is under the WinClient.
6. The JavaClient Viewer Message Board The CN8000 supports multiple user logins, which can possibly give rise to access conflicts. To alleviate this problem, a message board feature, similar to an internet chat program, allows users to communicate with each other: The buttons on the Button Bar are toggles. Their actions are described in the table below: Enable/Disable Chat. When disabled, messages posted to the board are not displayed. The button is shadowed when Chat is disabled.
CN8000 User Manual The names of all the logged in users appear in the User List panel. Select the users that you want to post to before sending your message. Users that aren’t selected won’t see the message. To Hide/Unhide the User List panel, click on the arrows in the panel separator. If a user has disabled Chat, the Disabled Chat icon displays before the user's name to indicate so. If a user has occupied the KVM or the KM, the corresponding icon displays before the user's name to indicate so.
6. The JavaClient Viewer Virtual Media The Virtual Media feature allows a folder or image file on a local client computer to appear and act as if it were installed on the remote server. Virtual Media also supports a smart card reader function that allows a reader plugged into a local client computer to appear as if it were plugged into the remote server. To implement this redirection feature, do the following: 1.
CN8000 User Manual The On-Screen Keyboard The CN8000 supports an on-screen keyboard, available in multiple languages, with all the standard keys for each supported language. Click this icon to pop up the on-screen keyboard: On-Screen Keyboard operation is the same under the JavaClient as it is under the WinClient. See The On-Screen Keyboard, page 90, for details. Mouse Pointer Type The CN8000 offers a number of mouse pointer options when working in the remote display.
6. The JavaClient Viewer Mouse DynaSync Mode Clicking this icon selects whether synchronization of the local and remote mouse pointers is accomplished either automatically or manually. DynaSync operation is the same under the JavaClient as it is under the WinClient. See Mouse DynaSync Mode, page 92, for details.
CN8000 User Manual This Page Intentionally Left Blank 110
Chapter 7 The Log File The Log File Screen The CN8000 logs all the events that take place on it. Following a reset, it writes them to a log file, which is a searchable database. To view the contents of the log file, click the Log icon at the lower left of the page. A screen similar to the one below appears: A maximum of 512 events are kept in the log file. As new events are recorded, they are placed at the bottom of the list.
CN8000 User Manual This Page Intentionally Left Blank 112
Chapter 8 The Log Server The Log Server is a Windows-based administrative utility that records all the events that take place on selected CN8000 units and writes them to a searchable database. This chapter describes how to install and configure the Log Server. Installation 1. With Windows running, put the CN8000 software CD that came with this product into the CD (DVD) drive. 2. Navigate to the Log Server AP Installer folder on the CD. 3. Click the Log Server icon to execute LogServerSetup.
CN8000 User Manual Starting Up To bring up the Log Server, either double click the program icon, or key in the full path to the program on the command line. The first time you run it, a screen similar to the one below appears: Note: 1. The MAC address of the Log Server computer must be specified in theANMS settings – see Log Server, page 34 for details. 2. The Log Server requires the Microsoft Jet OLEDB 4.0 driver. See The Log Server program does not run., page 180 if the program doesn’t start.
8. The Log Server The Menu Bar The Menu bar consists of four items: Configure Events Options Help These are discussed in the sections that follow. Note: If the Menu Bar appears to be disabled, click in the CN8000 List window to enable it. Configure The Configure menu contains three items: Add, Edit, and Delete. They are used to add new CN8000 units to the CN8000 List, edit the information for units already on the list, or delete CN8000 units from the list.
CN8000 User Manual A description of the fields is given in the table, below: Field Explanation Address This can either be the IP address of the CN8000 or its DNS name (if the network administrator has assigned it a DNS name). Key in the value specified for the CN8000 in the ANMS settings (see ANMS, page 32). Port Key in the port number that was specified for the Log Server’s Service Port in the ANMS settings (see Log Server, page 34).
8. The Log Server A description of the items is given in the table below: Item Explanation New search This is one of three radio buttons that define the scope of the search. If it is selected, the search is performed on all the events in the database for the selected CN8000. Search last results This is a secondary search performed on the events that resulted from the last search.
CN8000 User Manual Options Network Retry allows you to set the number of seconds that the Log Server should wait before attempting to connect if the previous attempt to connect failed. When you click this item, a dialog box, similar to the one below appears: Key in the number of seconds, then click OK to finish. Help From the Help Menu, click Contents to access the online Windows Help file. The help file contains instructions about how to setup, operation and troubleshoot the Log Server.
8. The Log Server The Log Server Main Screen Overview The Log Server Main Screen is divided into two main panels. The upper (List) panel lists the CN8000 units that have been selected for the Log Server to track (see Configure, page 115). The lower (Event) panel displays the log events for the currently selected CN8000 (the highlighted one - if there are more than one). To select a CN8000 unit in the list, simply click on it.
CN8000 User Manual The List Panel The List panel contains six fields: Field Recording Explanation Determines whether the Log Server records log events for this CN8000 or not. If the Recording check box is checked, the field displays Recording, and log events are recorded. If the Recording check box is not checked, the field displays Paused, and log events are not recorded.
Chapter 9 AP Operation Introduction In addition to the browser based client viewers, the CN8000 also provides stand-alone Windows and Java applications that can be used without a browser. The applications can be found on the CN8000 software CD. The Windows Client AP is called CN8000winclient.exe; the Java Client AP is called iClientJ.jar. The Windows Client AP Installation To install the stand-alone Windows Client program, do the following: 1. Copy CN8000winclient.
CN8000 User Manual (Continued from previous page.) Starting Up To connect to the CN8000, either click its icon on the desktop or click its entry on the Start menu. If this is the first time that you are running the utility, a dialog box appears requesting you to input your serial number. The serial number can be found on the CN8000's CD case. Key in the serial number - 5 characters per box - then click OK to bring up the CN8000 Connection Screen. Note: 1.
9. AP Operation The Windows Client Connection Screen A description of the Connection Screen is given in the following table: Item Description Server List Each time the CN8000 iClient program is run, it searches the user's local LAN segment for CN8000 units, and lists whichever ones it finds in this box. If you want to connect to one of these units, select it, then click Login. When you have finished with your session, Click Logout to end the connection.
CN8000 User Manual Logging In Once the CN8000 connects to the unit you specified, a login window appears: Provide a valid Username and Password, then Click OK to continue. Note: The default Username is administrator; the default Password is password. For security, we strongly recommend that you change these to something unique (see User Management, page 130, for details). (Continues on next page.
9. AP Operation (Continued from previous page.) After you have successfully logged in, the Connection screen reappears: At this time there are five active buttons, as described in the table, below: Button Action Logout Breaks the connection to the CN8000. Remote View In some cases, administrator’s do not wish to have users connect to the CN8000 with a browser. Remote View solves this problem.
CN8000 User Manual The Administrator Utility The Administrator Utility appears as a tabbed notebook. Each tab represents a different administrative function. A description of the functions and how to configure their settings is provided in the sections that follow. Device Information The Settings notebook opens with the Device Info page displayed: This page is essentially the same as the browser-based version. See Device Information, page 28, for details.
9. AP Operation Network This page is used to specify the CN8000's network environment. This page is essentially the same as the browser-based version. See Network, page 29, for details.
CN8000 User Manual ANMS The Advanced Network Management Settings dialog box allows you to set up login authorization management from a external sources. The settings on this page are essentially the same as that of the browser-based version. See ANMS, page 32, for details.
9. AP Operation Security The Security page is used to control access to the CN8000. The settings on this page are essentially the same as that of the browser-based version. See Security, page 40, for details.
CN8000 User Manual User Management This page is used to set up and manage user profiles. It defines the access rights of each user. Up to 64 user profiles can be established The settings on this page are essentially the same as that of the browser-based version. See User Management, page 49, for details.
9. AP Operation Console Management This page is used to set up the operating parameters for the CN8000's RS-232 (serial) port. Serial Console The settings on this page are essentially the same as that of the browser-based version. See Serial Console, page 51, for details.
CN8000 User Manual OOBC The settings on this page are essentially the same as that of the browser-based version. See OOBC, page 54, for details.
9. AP Operation Customization This page allows the Administrator to upgrade the firmware and to set to set Timeout, Login failure, and Working mode parameters. The settings on this page are essentially the same as that of the browser-based version. See Customization, page 58, for details.
CN8000 User Manual Date/Time This page sets the CN8000 time parameters: The settings on this page are essentially the same as that of the browser-based version. See Date/Time, page 60, for details.
9. AP Operation Maintenance This page allows the Administrator to upgrade the CN8000’s firmware, and to backup and restore the CN8000’s configuration settings and user profile information. The settings on this page are essentially the same as that of the browser-based version. See Maintenance, page 62, for details.
CN8000 User Manual The Java Client AP The Java Client AP is provided to make the CN8000 accessible to all platforms. Systems that have JRE 6 Update 3 or higher installed can connect. If you don't already have Java, it is available for free download from Sun's Java web site (http://java.sun.com). Starting Up To connect to the CN8000 with the stand-alone Java Client program, copy iClientJ.
9. AP Operation The Java Client Connection Screen To connect to the CN8000 1. Key in its IP address in the Server field. 2. If the port number shown isn’t correct, key in the correct number. 3. Click Connect. Logging In Once the CN8000 connects to the unit you specified, a login window appears: Provide a valid Username and Password, then Click OK. Note: The default Username is administrator; the default Password is password.
CN8000 User Manual After you have successfully logged in, the Connection screen reappears – this time with 5 active buttons: These function the same way as the ones described in the Windows Client AP section. See page 125 for details. Java Client AP operation is essentially the same as Windows Client AP operation. Refer to the relevant Windows Client AP sections for operation details.
Chapter 10 LDAP Server Configuration Introduction The CN8000 allows log in authentication and authorization through external programs. This chapter describes how to configure Active Directory and OpenLDAP for CN8000 authentication and authorization. To allow authentication and authorization for the CN8000 via LDAP or LDAPS, the Active Directory’s LDAP Schema must be extended so that an extended attribute name for the CN8000 – permission – is added as an optional attribute to the person class.
CN8000 User Manual Install the Active Directory Schema Snap-in To install the Active Directory Schema Snap-in, do the following: 1. Open a Command Prompt. 2. Key in: regsvr32 schmmgmt.dll to register schmmgmt.dll on your computer. 3. Open the Start menu; click Run; key in: mmc /a; click OK. 4. On the File menu of the screen that appears, click Add/Remove Snap-in; then click Add. 5. Under Available Standalone Snap-ins, double click Active Directory Schema; click Close; click OK. 6.
10. LDAP Server Configuration Extend and Update the Active Directory Schema To extend and update the Active Directory Schema, you must do the following 3 procedures: 1) create a new attribute; 2) extend the object class with the new attribute; and 3) edit the Active Directory users with the extended schema.
CN8000 User Manual Note: The Unique X500 Object ID uses periods, not commas. Extending the Object Class With the New Attribute To extend the object class with the new attribute, do the following: 1. Open the Control Panel → Administrative Tools → Active Directory Schema. 2. In the left panel of the screen that comes up, select Classes. 3.
10. LDAP Server Configuration 4. Select Properties; the person Properties dialog box comes up with the General page displayed. Click the Attributes tab. 5.
CN8000 User Manual 6. In the list that comes up, select permission, then click OK to complete step 2 of the procedure. Editing Active Directory Users Type 1 For Type 1 users, both authentication and authorization parameter settings are supported on the LDAP server. To edit a Type 1 Active Directory user do the following: 1. Run ADSI Edit. (Installed as part of the Support Tools.) 2. Open domain, and navigate to the cn=users dc=aten dc=com node.
10. LDAP Server Configuration 3. Locate the user you wish to edit. (Our example uses jason.) 4. Right-click on the user’s name and select properties. 5. On the Attribute Editor page of the dialog box that appears, select permission from the list.
CN8000 User Manual 6. Click Edit to bring up the String Attribute Editor: 7. Key in the desired CN8000 permission attribute values (see The Permission Attribute Value, page 148 for details).
10. LDAP Server Configuration 8. Click OK. When you return to the Attribute Editor page, the permission entry now reflects the new permissions: a) Click Apply to save the change and complete the procedure. b) Repeat the Editing Active Directory Users procedure for any other Type 1 users you wish to add.
CN8000 User Manual The Permission Attribute Value The attribute value for permission is made up of two parts: 1) the IP address of the CN8000 a user will access; and 2) a string that indicates the access rights the user has on the CN8000 at that IP address. For example: 192.168.0.80&c,w,j;192.168.0.188&v,l The makeup of the permission entry is as follows: An ampersand (&) connects the CN8000’s IP with the access rights string.
10. LDAP Server Configuration Permission Examples Access rights examples are given in the table, below: User User1 String 10.0.0.166&w,v Meaning 1. User has Windows Client and View Only rights on a CN8000 with an IP address of 10.0.0.166. 2. User has no rights on any other CN8000 units administered by the LDAP server. User2 10.0.0.164&p,s;10.0.0.166&j,c 1. User has PON and Virtual Media rights on a CN8000 with an IP address of 10.0.0.164. 2.
CN8000 User Manual Type 2 For Type 2 users, authentication takes place on the LDAP server, but authorization is via the CN8000’s user database. To edit a Type 2 user, do the following: 1. Follow Steps 1 – 6 of Editing a Type 1 user (beginning on page 144) 2. In the String Attribute Editor, key in the values shown in the screenshot, below: Note: Where user represents the Username of a CN8000 user whose permissions reflect the permissions you want Jason to have. 3. Click OK.
10. LDAP Server Configuration c) Click Apply to save the change and complete the procedure. Jason now has the same permissions as user. d) Repeat the Editing Active Directory Users procedure for any other users you wish to add. OpenLDAP OpenLDAP is an Open source LDAP server designed for Unix platforms. A Windows version can be downloaded from: http://download.bergmans.us/openldap/openldap-2.2.29/ openldap-2.2.29-db-4.3.29-openssl-0.9.8awin32_Setup.exe.
CN8000 User Manual OpenLDAP Server Configuration The main OpenLDAP configuration file, slapd.conf, has to be customized before launching the server. The modifications to the configuration file will do the following: Specify the Unicode data directory. The default is ./ucdata. Choose the required LDAP schemas. The core schema is mandatory. Configure the path for the OpenLDAP pid and args start up files. The first contains the server pid, the second includes command line arguments.
10. LDAP Server Configuration Starting the OpenLDAP Server To start the OpenLDAP Server, run slapd (the OpenLDAP Server executable file) from the command line. slapd supports a number of command line options, the most important option is the d switch that triggers debug information. For example, a command of: slapd -d 256 would start OpenLDAP with a debug level of 256, as shown in the following screenshot: Note: For details about slapd options and their meanings, refer to the OpenLDAP documentation.
CN8000 User Manual Customizing the OpenLDAP Schema The schema that slapd uses may be extended to support additional syntaxes, matching rules, attribute types, and object classes. In the case of the CN8000, the CN8000User class and the permission attribute are extended to define a new schema.
10. LDAP Server Configuration LDAP DIT Design and LDIF File LDAP Data Structure An LDAP Directory stores information in a tree structure known as the Directory Information Tree (DIT). The nodes in the tree are directory entries, and each entry contains information in attribute-value form. An example of the LDAP directory tree for the CN8000 is shown in the figure, below: (Continues on next page.
CN8000 User Manual (Continued from previous page.) DIT Creation The LDAP Data Interchange Format (LDIF) is used to represent LDAP entries in a simple text format (please refer to RFC 2849). The figure below illustrates an LDIF file that creates the DIT for the CN8000 directory tree (shown in the figure, above). Note: The example above shows the permissions for a Type 1 Schema. For a Type 2 Schema, change the permissions line to su/user.
10. LDAP Server Configuration The following figure illustrates an LDIF file that defines the OpenLDAP group for the CN8000. (Continues on next page.
CN8000 User Manual (Continued from previous page.) Using the New Schema To use the new schema, do the following: 1. Save the new schema file (e.g., cn8000.schema) in the /OpenLDAP/ schema/ directory. 2. Add the new schema to the slapd.conf file, as shown in the figure, below: 3. Restart the LDAP server. 4. Write the LDIF file and create the database entries in init.ldif with the ldapadd command, as shown in the following example: ldapadd -f init.
Appendix Safety Instructions General Read all of these instructions. Save them for future reference. Follow all warnings and instructions marked on the device. Do not place the device on any unstable surface (cart, stand, table, etc.). If the device falls, serious damage will result. Do not use the device near water. Do not place the device near, or over, radiators or heat registers. The device cabinet is provided with slots and openings to allow for adequate ventilation.
CN8000 User Manual extension cord ampere rating. Make sure that the total of all products plugged into the wall outlet does not exceed 15 amperes. To help protect your system from sudden, transient increases and decreases in electrical power, use a surge suppressor, line conditioner, or un-interruptible power supply (UPS). Position system cables and power cables carefully; Be sure that nothing rests on any cables.
Appendix Rack Mounting Before working on the rack, make sure that the stabilizers are secured to the rack, extended to the floor, and that the full weight of the rack rests on the floor. Install front and side stabilizers on a single rack or front stabilizers for joined multiple racks before working on the rack. Always load the rack from the bottom up, and load the heaviest item in the rack first. Make sure that the rack is level and stable before extending a device from the rack.
CN8000 User Manual Technical Support International For online technical support – including troubleshooting, documentation, and software updates: http://support.aten.com For telephone support, see Telephone Support, page iii. North America Email Support Online Technical Support support@aten-usa.com Troubleshooting Documentation Software Updates Telephone Support http://www.aten-usa.
Appendix IP Address Determination If you are an administrator logging in for the first time, you need to access the CN8000 in order to give it an IP address that users can connect to. There are three methods to choose from. In each case, your computer must be on the same network segment as the CN8000. After you have connected and logged in you can give the CN8000 its fixed network address. (See Network, page 29.
CN8000 User Manual 3. Select either Obtain an IP address automatically (DHCP), or Specify an IP address. If you chose the latter, fill the IP Address, Subnet Mask, and Gateway fields with the information appropriate to your network. 4. Click Set IP. 5. After the IP address shows up in the Device List, click Exit. Browser 1. Set your computer's IP address to 192.168.0.XXX Where XXX represents any number or numbers except 60. (192.168.0.60 is the default address of the CN8000.) 2.
Appendix IPv6 At present, the CN8000 supports two IPv6 address protocols: Link Local IPv6 Address, and IPv6 Stateless Autoconfiguration Link Local IPv6 Address At power on, the CN8000 is automatically configured with a Link Local IPv6 Address (for example, fe80::210:74ff:fe61:1ef). To find out what the Link Local IPv6 Address is, log in with the CN8000’s IPv4 address and click the Device Information icon. The address is displayed at the bottom of the Device Information page (see page 28).
CN8000 User Manual IPv6 Stateless Autoconfiguration If the CN8000’s network environment contains a device (such as a router) that supports the IPv6 Stateless Autoconfiguration function, the CN8000 can obtain its prefix information from that device in order to generate its IPv6 address. For example, 2001::74ff:fe6e:59. As above, the address is displayed at the bottom of the Device Information page.
Appendix Port Forwarding For devices located behind a router, port forwarding allows the router to pass data coming in over a specific port to a specific device. By setting the port forwarding parameters, you tell the router which device to send the data coming in over a particular port to. For example, if the CN8000 connected to a particular router has an IP address of 192.168.1.
CN8000 User Manual Keyboard Emulation The PC compatible (101/104 key) keyboard can emulate the functions of the Sun and Mac keyboards. The emulation mappings are listed in the table below.
Appendix PPP Modem Operation Basic Setup In addition to the browser and AP methods, the CN8000 can also be accessed through its RS-232 port using a PPP dial-in connection, as follows: 1. Set up your hardware configuration to match the diagram, below: : Serial Modem Cable Serial Modem Cable Phone Line Remote Operator Modem Modem 2. From your computer, use your modem terminal program to dial into the CN8000’s modem. Note: 1.
CN8000 User Manual Connection Setup Example (Windows XP) To set up a dial-in connection to the CN8000 under Windows XP, do the following: 1. From the Start menu, select Control Panel → Network Connections → Create a New Connection. 2. When the Welcome to the New Connection Wizard dialog box appears, click Next to move on. 3. In the Network Connection Type dialog box, select Connect to the network at my workplace, then click Next. 4.
Appendix Trusted Certificates Overview When you try to log in to the device from your browser, a Security Alert message appears to inform you that the device’s certificate is not trusted, and asks if you want to proceed. The certificate can be trusted, but the alert is triggered because the certificate’s name is not found on Microsoft’s list of Trusted Authorities.
CN8000 User Manual Installing the Certificate To install the certificate, do the following: 9. In the Security Alert dialog box, click View Certificate. The Certificate Information dialog box appears: Note: There is a red and white X logo over the certificate to indicate that it is not trusted. 10. Click Install Certificate. 11. Follow the Installation Wizard to complete the installation. Unless you have a specific reason to choose otherwise, accept the default options. 12.
Appendix 13. Next, click Finish to complete the installation; then click OK to close the dialog box.
CN8000 User Manual Mismatch Considerations If the site name or IP address used for generating the certificate no longer matches the current address of the CN8000 a mismatch warning occurs: You can click Yes to go on, or you can disable mismatch checking. To disable mismatch checking, do the following: 1. After the page you are logging in to comes up open the browser’s Tools menu; Select Internet Options → Advanced. 2. Scroll to the bottom of the list and uncheck Warn about trusted certificates: 3.
Appendix Self-Signed Private Certificates If you wish to create your own self-signed encryption key and certificate, a free utility – openssl.exe – is available for download over the web at www.openssl.org. To create your private key and certificate do the following: 1. Go to the directory where you downloaded and extracted openssl.exe to. 2. Run openssl.exe with the following parameters: openssl req -new -newkey rsa:1024 -days 3653 -nodes -x509 -keyout CA.key -out CA.cer -config openssl.cnf Note: 1.
CN8000 User Manual Troubleshooting General Operation Problem Erratic operation Resolution The CN8000 needs to be started before the KVM switch 1. If the CN8000 is connected to a KVM switch, make sure to power it on before powering on the switch. 2. If the KVM switch was started before the CN8000, reset or restart the KVM switch. The CN8000 needs to be reset (see Firmware Upgrade/ Reset Switch, page 10, point 1).
Appendix Windows Problem Resolution When I log in, the browser 1. The certificate’s name is not found on Microsoft’s list of generates a CA Root Trusted Authorities. The certificate can be trusted. certificate is not trusted, See Trusted Certificates, page 171, for details. or a Certificate Error 2. You can eliminate this message by importing a certificate response. issued by a recognized third party certificate authority (see Obtaining a CA Signed SSL Server Certificate, page 47).
CN8000 User Manual Java For mouse synchronization problems, see Macros, page 102, Mouse DynaSync Mode, page 109, and Sun / Linux, page 182. For other problems, see the table below: Problem Java Applet won't connect to the CN8000 Resolution 1. Java 6 Update 3 or higher must be installed on your computer. 2. Make sure to include the correct login string when you specify the CN8000's IP address. 3. Close the Java Applet, reopen it, and try again.
Appendix Sun Systems Problem Resolution The display resolution should be set to 1024 x 768: Video display problems with HDB15 interface systems (e.g., Under Text Mode: Sun Blade 1000 servers).1 1. Go to OK mode and issue the following commands: setenv output-device screen:r1024x768x60 reset-all Under XWindow: 1. Open a console and issue the following command: m64config -res 1024x768x60 2. Log out 3. Log in Video display problems with 13W3 interface systems (e.g., Sun Ultra servers).
CN8000 User Manual Mac Systems Problem Resolution The local and remote mouse pointers do not sync. There are two USB I/O settings for the Mac: Mac 1, and Mac 2 (see Customization, page 58). In general, Mac 1 works with older operating system versions, whereas Mac 2 works with the newer ones. In some cases, however, the reverse is true. If you experience pointer sync problems, try selecting the other mode. When I log in to the switch with my Safari browser, it hangs when I use the Snapshot feature.
Appendix Additional Mouse Synchronization Procedures If the mouse synchronization procedures mentioned in the manual fail to resolve mouse pointer problems for particular computers, try the following: Windows: Note: In order for the local and remote mice to synchronize, you must use the generic mouse driver supplied with the MS operating system. If you have a third party driver installed - such as one supplied by the mouse manufacturer - you must remove it. 1.
CN8000 User Manual b) Click the Pointer Options tab c) Set the mouse speed to the middle position (6 units in from the left) d) Disable Enhance Pointer Precision 3. Windows ME: Set the mouse speed to the middle position; disable mouse acceleration (click Advanced to get the dialog box for this). 4. Windows NT / Windows 98 / Windows 95: Set the mouse speed to the slowest position.
Appendix Supported KVM Switches The KVM switches that can be used in a cascaded installation are as follows: ACS1208A CS1316 CS1754 CS428 CS9138 KH1516 ACS1216A CS1708A CS1758 CS88A KH0116 KH2508 CS1308 CS1716A CS228 CS9134 KH1508 KH2516 Note: 1. Some of the CN8000’s features may not be supported, depending on the functionality of the cascaded KVM switch. (For example, some switches do not support virtual media.) 2.
CN8000 User Manual Administrator Login Failure If you are unable to perform an Administrator login (because the Username and Password information has become corrupted, or you have forgotten it, for example), there is a procedure you can use to clear the login information. To clear the login information do the following: 1. Power off the CN8000 and remove its housing. 2. Use a jumper cap to short the jumper on the mainboard labeled J6. 3. Power on the switch. 4.
Appendix Specifications Function Connectors Specification Console 1 x SPHD-18 Male (Yellow) KVM (Computer) 1 x SPHD-18 Female (Yellow) PON1 1 x DB-9 Male (Black) Modem 1 x DB-9 Male (Black) LAN 1 x RJ-45 Female Power 1 x DC Jack Virtual Media 1 x USB Mini-B Female (Black) Switches Reset 1 x Semi-recessed pushbutton LEDs Power 1 (Orange) Link 1 (Green) 10/100 Mbps 1 (Orange/Green) Keyboard/Mouse USB; PS/2 Emulation Video 1600 x 1200 @ 60 Hz; DDC2B Power Consumption DC5.3V; 6.
CN8000 User Manual About SPHD Connectors This product uses SPHD connectors for its KVM and/or Console ports. We have specifically modified the shape of these connectors so that only KVM cables that we have designed to work with this product can be connected. Limited Warranty ALTUSEN warrants this product against defects in material or workmanship for a period of one (1) year from the date of purchase.
Index A Access Ports, 29 Account Policy, 43 Administration, 27 ANMS, 32 Customization, 58 Firmware upgrading, 62 Network, 29 Administration Page Date/Time, 60 Administrator Login Failure, 184 Administrator Utility, 126 ANMS, 128 console management, 131 customization, 133 Date/Time, 134 device information, 126 network, 127 user management, 130 ANMS, 32, 128 AP Operation, 121 Java Client, 136 Windows Client, 121 Authentication external, 32 B Backup Configuration / User Accounts, 63 Benefits, 3 C Cables, 7 c
CN8000 User Manual H Hardware Setup, 15 Hotkeys, 71, 102 Windows Client, 71 I Installation, 15 Invalid login, 21 IP Address, 30 Address determination, 163 Installer, 32 J Java Applet Navigation, 98 Java Client AP, 136 K Keyboard On-Screen, 90, 108 Keyboard Emulation, 168 Mac, 168 L LDAP Permission attributes, 148 Permission examples, 149 LDAP Settings, 38 Log file, 111 Log Server Configure, 115 Events, 116 Installation, 113 Main Screen, 114, 119 Maintenance, 117 Menu Bar, 115 Options, 118 188 Search,
Index Network Transfer Rate, 31 O Online Registration, iii On-Screen Keyboard, 90, 108 OOBC, 54, 132 OpenLDAP Server Configuration, 152 Server Installation, 151 Overview, 1 P Port Access Sessions, 57 Port Alert Settings, 53 Port Forwarding, 167 Port Property Settings, 52 PPP, 169 Private Certificates, 175 Macros, 77, 104 Security, 40 Administrator Utility security, 129 Login string, 42 Self-signed certificates, 175 Serial Console, 51, 131 Serial number, 136 serial number, 122 Sessions, 57 SJ/T 11364-200
CN8000 User Manual User Accounts backup, 63 restore, 64 User Macros, 73, 103 User Management, 49, 130 User Notice, iii User Preferences, 25 User Station Filters, 40 V Video Settings JavaClient Viewer, 104 Windows Client, 80 190 Virtual Media JavaClient, 107 WinClient, 85 Virtual Media Support, 183 W WinClient Viewer, 65 Windows Client Installation, 121 Message Board, 83 Starting up, 65 Windows Client AP, 121