CYCLADES™ ACS 6000 Installation/Administration/User Guide
FCC Warning Statement The Cyclades ACS 6000 advanced console server has been tested and found to comply with the limits for Class A digital devices, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment.
Cyclades™ ACS 6000 Console Server Installation/Administration/User Guide Avocent, the Avocent logo, The Power of Being There, DSView and Cyclades are trademarks or registered trademarks of Avocent Corporation or its affiliates in the U.S. and other countries. All other marks are the property of their respective owners. Internet Explorer and Windows are registered trademarks of Microsoft Corporation in the United States and/or other countries.
Symbols Used NOTE: The following symbols may appear within the documentation or on the appliance. Instructions This symbol is intended to alert the user to the presence of important operating and maintenance (servicing) instructions in the literature accompanying the appliance. Dangerous Voltage This symbol is intended to alert the user to the presence of uninsulated dangerous voltage within the product’s enclosure that may be of sufficient magnitude to constitute a risk of electric shock to persons.
ii TA B LE OF C ON TE N TS Introduction Features and Benefits 1 1 Access options 1 Web manager 2 IPv4 and IPv6 support 2 Flexible users and groups 3 Security 3 Authentication 3 VPN based on IPSec with NAT traversal 3 Packet filtering 4 SNMP 4 Data logging, notifications, alarms and data buffering 4 Power management 4 Auto discovery 4 FIPS module 5 Configuration Example Installation Getting Started 5 7 7 Supplied with the console server 7 Additional items needed 7 Rack Mou
iii Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Wizard Mode 20 Expert Mode 23 Access 23 System Tools 24 System 24 Security 24 Bootp Configuration Retrieval 26 Date and Time 27 Help and Language 28 General 28 Boot Configuration 29 Information 29 Usage 30 Network 30 Settings 30 Devices 30 IPv4 and IPv6 static routes 31 Hosts 31 Firewall 32 IPSec(VPN) 34 SNMP Configuration 35 Ports 36 Serial ports 36 Auxiliary ports 44 CAS
Table of Contents Users Accounts and User Groups iv 53 Local accounts 54 User groups 55 Event Notifications 62 Event List 62 Event Destinations 62 Data Buffering 63 Appliance logging 64 Sensors 64 Power Management 65 PDUs 65 Login 67 Outlet Groups 67 Active Sessions 68 Monitoring 68 Change Password 69 Web Manager Overview for Regular Users 69 Appendix A: Technical Specifications 73 Appendix B: Recovering a Console Server's Password 75 Appendix C: Port Information for
v Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide
1 1 Introduction The Cyclades™ ACS 6000 advanced console server is a 1U appliance that serves as a single point for access and administration of connected devices, such as target device consoles, modems and power devices. Console servers support secure remote data center management and out-ofband management of IT assets from any location worldwide. NOTE: Unless noted, references to a console server refer to all models in the 60XX series.
2 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide • Dial-up to a factory-configured internal modem (optional), a modem connected either to a serial port or the AUX port (which is only possible when an internal modem is not installed), or to a PC phone card (modem, GSM or CDMA) installed in one of the PC card slots or in the USB port. • Target device connection. An authorized user can make a Telnet, SSH v1, SSH v2 or Raw connection to a target device.
Chapter 1: Introduction • Linux kernel • Remote authentication: Radius, Tacacs+, LDAP and Kerberos servers • SNMP • SSH and Telnet access • Syslog server 3 NOTE: Remote authentication NFS, NIS and IPSec are not supported with IPv6. Flexible users and groups An account can be defined for each user on the console server or on an authentication server. The admin and root users have accounts by default, and either can add and configure other user accounts.
4 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide and other computers that have IPSec installed. ESP and AH authentication protocols, RSA Public Keys and Shared Secret are supported. For more information, see IPSec(VPN) on page 34. Packet filtering An administrator can configure a console server to filter packets like a firewall. Packet filtering is controlled by chains, which are named profiles with user-defined rules.
Chapter 1: Introduction FIPS module The 140 series of Federal Information Processing Standards (FIPS) are U.S. government computer security standards that specify requirements for cryptography modules. The console server uses an embedded FIPS 140-2 validated cryptographic module (Certificate No. 1051) running on a Linux PPC platform per FIPS 140-2 Implementation Guidance section G.5 guidelines. For more information, see FIPS module on page 25.
6 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Table 1.
7 2 Installation Getting Started Before installing your ACS 6000 console server, refer to the following list to ensure you have all items that shipped with it , as well as other items necessary for proper installation.
8 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide • A PC running a terminal emulation program Rack Mounting You can mount the console server in a rack or cabinet, or place it on a desktop or other flat surface. For rack or cabinet mounting, two mounting brackets are supplied. To rack mount a console server: 1. Install the brackets at the front or back edges of the console server with the screws provided with the mounting kit. 2.
Chapter 2: Installation Figure 2.2: Front of the Console Server (ACS 6032 Console Server Shown) Table 2.1: Connectors on the Console Server Front Number Description 1 USB connector. 2 LEDs. 3 PC card slots. Table 2.
10 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Label Description Dual LED: Yellow on top, green on bottom • Yellow - DTR/DCD activity • Green - TXD and RXD activity • Off - No activity AUX/MODEM Green • Blinks - Ready, with activity • Solid - Ready • Off - Not ready [One LED for each serial port] The following figure shows the rear connectors on the console server. Figure 2.3: Rear of the Console Server (ACS 6032 Console Server Shown) Table 2.
Chapter 2: Installation 11 for the port. An administrator can select Expert - Ports - Serial Ports - (SetCAS or SetPower) Physical to open the Physical Settings screen, then check Enable Cisco RJ Pin-Out. The following tables show serial port pinout information. Table 2.4: ACS Console Server Serial Port Pinout Pin No. Signal Name Input/Output 1 RTS OUT 2 DTR OUT 3 TxD OUT 4 GND N/A 5 CTS IN 6 RxD IN 7 DCD/DSR IN 8 Not Used N/A Table 2.5: Cisco Serial Port Pinout Pin No.
12 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 1. Make sure the devices to be connected are turned off. 2. Use CAT 5 or greater crossover cables to connect the devices to the console server, using an adaptor, if necessary. 3. To connect modems, use straight-through CAT 5 or greater cables, with an appropriate connector or adaptor (USB, DB-9 or DB-25) for the modem. NOTE: To comply with EMC requirements, use shielded cables for all port connections.
Chapter 2: Installation 13 WARNING: It is critical that the power source supports the DC power requirements of your console server. Make sure that your power source is the correct type and that your DC power cables are in good condition before proceeding. Failure to do so could result in personal injury or damage to the equipment. The following diagram shows the connector configuration for DC power. Figure 2.4: DC Power Connection Terminal Block Table 2.
14 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 9. Turn on the console server. 10. Turn on the power switches of the connected devices. Configuring a Console Server A console server may be configured at the appliance level through the command line interface accessed through the CONSOLE or Ethernet port. All terminal commands are accessed through a terminal or PC running terminal emulation software.
Chapter 2: Installation 15 To use Telnet in a shell, enter the following command: # telnet [hostname | IP_address] login: username:[portname | device_name] -or# telnet [hostname | IP_address] TCP_Port_Alias login: username -or# telnet IP_Port_Alias login: username To close a Telnet session: Enter the Telnet hotkey defined for the client. The default is Ctrl ] + q to quit, or enter the text session hotkey for the CLI prompt and then enter quit.
16 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide To close an SSH session: At the beginning of a line, enter the hotkey defined for the SSH client followed by a period. The default is ~. Or, enter the text session hotkey for the CLI prompt and then enter quit. Pluggable Devices Installation and Configuration Before pluggable devices (PC cards and/or USB devices) can be inserted and configured, pluggable device detection must be enabled. NOTE: Go to http://www.avocent.
Chapter 2: Installation 17
18 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide
19 3 Accessing the Console Server via the Web Manager Once you’ve connected your ACS 6000 console server to a network, you can access the console server with its web manager. The web manager provides direct access to the console server via a graphical user interface instead of a command-based interface. NOTE: For instructions on accessing the console server via the CLI or DSView 3 software see the Cyclades ACS 6000 Command Reference Guide or the DSView 3 Installer/User Guide.
20 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Figure 3.1: Administrator Web Manager Screen Table 3.1: Web Manager Screen Areas Number Description 1 Top option bar. The name of the appliance and of the logged in user appear on the left side. Refresh, Print, Logout and Help buttons appear on the right. 2 Tab bar. Displays whether the admin is in Expert or Wizard mode. 3 Side navigation bar.
Chapter 3: Accessing the Console Server via the Web Manager 21 By default, the first time an administrator accesses the console server through the web manager, the Wizard will be displayed. Subsequent log-ins will open in Expert mode, and once the console server has been configured, Expert mode becomes the default mode. An administrator can toggle between Expert and Wizard modes by clicking the tab bar on the web manager administrator screen. Figure 3.
22 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 5. Click Next to configure the Network or click the Network, Ports or Users link to open the appropriate screen. To configure network parameters: 1. Select the Network link in the content area. 2. Enter the Hostname, Primary DNS and Domain in the appropriate fields. 3. Select the IPv4 or IPv6 method for the ETH0 interface. If using Static, enter the Address, Mask and Gateway in the appropriate fields. 4.
Chapter 3: Accessing the Console Server via the Web Manager 5. (Optional) Configure account expiration and password expiration. 6. Click Next. 7. Repeat steps 3-7 as needed to configure new user accounts and assign them to default groups. 23 NOTE: By default, all configured users can access all enabled ports. Additional configuration is needed if your site security policy requires you to restrict user access to ports. 8. Click Save, then click Finish.
24 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide System Tools Click System Tools to display icons which can be clicked to reboot or shut down the console server, upgrade the console server’s firmware, save or restore its configuration or open a terminal session with the console server. System Click System to display information about the console server and allow an administrator to configure the console server’s system parameters.
Chapter 3: Accessing the Console Server via the Web Manager 25 NOTE: This value applies to any user session to the appliance via HTTP, HTTPS, SSH, Telnet or CONSOLE port. The new idle time-out will be applied to new sessions only. 3. Under the Enabled Services section, enable or disable the RCP checkbox. 4. Under the Serial Devices heading, enable or disable the Port access is controlled by authorizations assigned to user groups checkbox. 5.
26 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide The console server will automatically reboot. During the reboot, the console server will erase SSH keys, update the configuration of HTTPD, SSHD, ADSAP2d and SNMPD files and test the integrity of the FIPS Object Module. Once the reboot is complete, the console server will accept SSH and HTTPS connections using only FIPS-approved ciphers.
Chapter 3: Accessing the Console Server via the Web Manager 27 To reconfigure a console server with bootp: 1. Click System - Security - Security Profile. Under the Bootp Configuration Retrieval heading, ensure the box next to Enabled is checked. 2. Uncheck the box next to Enable Live Configuration. The saved configuration will be retrieved and applied on the next reboot. -orEnsure the box next to Enable Live Configuration is checked.
28 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 3. Enter the Time Zone Name and Standard Time Acronym of your choice. 4. Enter the GMT Offset. 5. Select Enable daylight savings time if needed. 6. Select or enter the required values for daylight savings time settings and click Save. Help and Language Click System - Help And Language and use the drop-down menu to select the console server’s language. Enter the full URL of the online help, ending in /index.
Chapter 3: Accessing the Console Server via the Web Manager 29 Boot Configuration Boot configuration defines the location from which the console server loads the operating system. The console server can boot from its internal firmware or from the network. By default, the console server boots from Flash memory. Clicking System- Boot Configuration will display the Boot Configuration screen.
30 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Usage Click System - Usage to view memory and Flash usage. Network Click Network to view and configure the network options for Hostname, DNS, IPv6, Bonding, IPv4 and IPv6 static routes, Hosts, Firewall, IPSec (VPN) and SNMP. Settings Click Network - Settings to make changes to the configured network settings: Hostname, DNS, Bonding, IPv4 Multiple Routing Table.
Chapter 3: Accessing the Console Server via the Web Manager 31 NOTE: The MAC Address for the device will be displayed after this option. NOTE: The following step is only active for mounted Ethernet PC cards. 7. Enter the following Wireless LAN information: a. Select MyPrivateNet (ESSID) to enter the unique identifier for the wireless access point. b. Select Channel to enter the communication channel with the access point. c. Select Encrypted to enable data encryption during transmission. d.
32 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 3. Enter a new hostname and alias, as applicable, then click Save. Firewall Administrators can configure the console server to act as a firewall. By default, three built-in chains accept all INPUT, FORWARD and OUTPUT packets. Select the Add, Delete or Change Policy buttons to add a user chain, delete user-added chains and to change the built-in chains policy.
Chapter 3: Accessing the Console Server via the Web Manager 33 Table 3.3: Firewall Configuration - TCP and UDP Options Fields Field/Menu Option Definition Source Port - or - Destination Port A single IP address or a range of IP addresses. TCP Flags [TCP only] SYN (synchronize), ACK (acknowledge), FIN (finish), RST (reset), URG (urgent) and PSH (push). The conditions in the pull-down menu for each flag are: Any, Set or Unset.
34 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 2. Select either IPv4 Filter Table or IPv6 Filter Table as needed. 3. From the chain list, click the name of the chain you want to add a rule to. 4. Click Add and configure the rule as needed, then click Save. To edit a rule: 1. Select Network - Firewall. 2. Select either IPv4 Filter Table or IPv6 Filter Table as needed. 3. From the chain list, click the name of the chain with the rule you want to edit. 4.
Chapter 3: Accessing the Console Server via the Web Manager 35 The following table describes the fields and options on the IPSec(VPN) - Add screen. The information must match exactly on both ends for local and remote. Table 3.4: Field and Menu Options for Configuring IPSec(VPN) Field Name Definition Connection Name Any descriptive name you wish to use to identify this connection.
36 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide a. Enter the SysContact information (email address of the console server’s administrator, for example, acs6000_admin@avocent.com). b. Enter the SysLocation information (physical location of the console server, for example, Cyclades_ACS6000), then click Save to go back to the SNMP screen. 3. Click Add to add a new community or v3 user. 4.
Chapter 3: Accessing the Console Server via the Web Manager 37 To configure or edit one or more serial ports with the CAS Profile: 1. Select Ports - Serial Ports. 2. Click the checkbox for each port you want to configure. 3. Click the Set CAS button. 4. a. To change the default pinout when a Cisco cable is connected to the selected port(s), select the Enable Cisco from the RJ-45 pinout checkbox. b.
38 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 6. Click Next or click the Alerts link. a. Click Enable Alerts to enable detection of alerts. b. Click Add to add an alert string. Enter the string in the Alerts String field and click Next to return to the Alerts screen. c. Check the box next to an existing alert and click Delete to delete the string. d. Click Delete Any to delete all strings whether selected or not.
Chapter 3: Accessing the Console Server via the Web Manager Parameter Description Port Name Name associated with the serial port (as an alias). Default: -p-. Enable Auto Discovery The target name will be discovered and will be associated with this serial port. If it fails, the Port Name will be used. Default: Disabled. Enable Speed Auto Detection Tries to discover the speed of the serial port.
40 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Parameter Description Enable Auto Answer When the input data matches one input string configured in Auto Answer, the output string will be transmitted to the serial port. Default: Disabled. DTR Mode DTR Mode can be set to the following: Always On. Normal - the DTR status will depend on the existence of a CAS session. Off Interval when the a CAS session is closed, the DTR will stay down during this interval.
Chapter 3: Accessing the Console Server via the Web Manager Parameter Description Log-in/out Message Includes special notification for logins and logouts in data buffering. Default: Disabled. Serial Session Logging Enabled - stores data at all times. Disabled - stores data when a CAS session is not opened. Default: Enabled. Alerts Status A special event notification will be generated when input data matches one of the alert strings. Default: Disabled.
42 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Parameter Description Uses the radio button to select: none, PAP, CHAP or EAP. • None - no authentication. • PAP - use PAP protocol and the authentication type configured in the PPP authentication type (it is configured in the Authentication / Unit Authentication page). • PPP Authentication Protocol CHAP - use CHAP protocol.
Chapter 3: Accessing the Console Server via the Web Manager d. 5. For Avocent/Cyclades PDUs, enter the power cycle interval and then use the dropdown menus to enable or disable Syslog, Buzzer and SW Overcurrent Protection. Click Save. Table 3.7: Power Parameters Parameter Description Physical Enable Cisco RJ-45 Pin-Out Defines the serial port pinout. Default: Disabled. Status Defines the status of the serial port as either enabled or disabled. Default: Disabled.
44 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Parameter Description Power Cycle Interval The interval in seconds between Off and On actions for the power cycle command. Default: 15. Syslog When enabled, the PDU will send syslog messages to the appliance. Default: Enabled. Buzzer Enables or disables the PDU’s buzzer. Default: Enabled. SW Overcurrent Protection When enabled, the software’s overcurrent protection is on. Default: Disabled.
Chapter 3: Accessing the Console Server via the Web Manager 2. Click the Set Power button and use the drop-down menus to configure the physical settings. 3. Click Next or click the Power link. 4. a. Use the drop-down menu to select the PDU type. b. Check the box to enable speed auto detection. c. Configure the polling rate. d. For Avocent/Cyclades PDUs, enter the power cycle interval and then use the dropdown menus to enable or disable Syslog, Buzzer and SW Overcurrent Protection.
46 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide NOTE: The auto discovery process starts when there is variation in the DCD signal from OFF to ON (disconnect/connect the target's cable, turn off/on the target) and when the configuration of the serial port goes from disabled to enabled and there is a target connected in the port. The probe strings will be used to stimulate the server (such as “\n”: a single newline).
Chapter 3: Accessing the Console Server via the Web Manager 47 To configure the input/output strings used by auto answer: 1. Select Ports - CAS Profile - Auto Answer. 2. To add an auto answer input and output string, click Add. Enter a new string in the Input String or Output String fields and click Save. -orTo delete an auto input and output string, select the checkbox next to the string you want to delete. Click Delete, then click Save.
48 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Table 3.8: Pool of CAS Ports Parameters Parameter Pool Name Description The name of the pool. The pool name is mandatory and should follow hostname guidelines, not exceed 64 character TCP Port Alias The TCP Port Alias where the pool responds. This parameter is optional. Pool IPv4 Alias The IPv4 address used by the pool. This parameter is optional. Pool IPv4 Alias Interface The interface used by the IPv4 Alias.
Chapter 3: Accessing the Console Server via the Web Manager 49 5. When the PAP authentication protocol is configured for the port, select the authentication type from the PPP/PAP Authentication menu. 6. Click Save. To configure callback users and phone numbers for ports with the Dial-in Profile: 1. Select Ports - Dial-In Profile - Secure Dial-In - Callback Users. 2. Click Add. 3. Enter the name and phone number used to perform the callback in the appropriate fields and click Save.
50 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Pluggable Devices To manage pluggable devices: 1. If Pluggable Device Detection is enabled, select Pluggable Devices. -orIf it is disabled, click Enable Pluggable Device Detection. 2. Select the checkbox next to the pluggable device you want to configure, or select the checkbox above the list of pluggable devices to select them all. 3. Click Insert All, Eject or Rename. 4.
Chapter 3: Accessing the Console Server via the Web Manager 51 An administrator can configure authentication using the CLI utility and the web manager. The default authentication method for the console server and the serial ports is Local. Any authentication method that is configured for the console server or the ports is used for authentication of any user who attempts to log in through Telnet, SSH or the web manager.
52 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 4. Enter your secret word or passphrase in the Secret field (applies to both first and second authentication and accounting servers), then re-enter the secret word or passphrase in the Confirm Secret field. 5. Enter the desired number of seconds for server time-out in the Timeout field. 6. Enter the desired number of retries in the Retries field. 7.
Chapter 3: Accessing the Console Server via the Web Manager 53 6. Enter your Database Password, then re-type the database password in the Confirm Password field. 7. Enter your desired Login Attributes. 8. Click Save. To configure a Kerberos authentication server: 1. Select Authentication - Authentication Servers - Kerberos. 2. Enter the IP address (Realm) of the server. 3. Enter the Realm Domain Name (example: avocent.com). 4. Enter the Domain Name (example: avocent.com). 5. Click Save.
54 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Local accounts The admin and root are equivalent users but named differently to address users familiar with either Avocent equipment or the Cyclades families of console servers. Regular users can be granted permissions by administrators at any time. The console server has two local user accounts by factory default. • admin: Performs the initial network configuration. The factory default password for admin is avocent.
Chapter 3: Accessing the Console Server via the Web Manager 8. 55 Click Save. To configure password rules: 1. Click Users - Local Accounts - Password Rules. 2. If password complexity is desired (recommended), make sure Check Password Complexity is selected. 3. If password complexity is enabled, enter the desired values for password complexity. 4. Enter the desired values for Default Expiration. 5. Click Save.
56 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 2. Click on admin under the Group Name heading. The content area will display the Members screen listing all members belonging to the admin group (default members are admin and root users). NOTE: When any Group Name is selected, both the content area and side navigation bar change. The side navigation bar will display specific menu options for Members and Access Rights (which include Serial, Power and Appliance rights).
Chapter 3: Accessing the Console Server via the Web Manager 57 user group Members of the user group have access to target devices unless they are restricted by an administrator but have no access rights for the console server. Administrators can add appliance access rights and permissions and can add users to custom user groups to add permissions and access rights as needed. By default, all selections on the Appliance Access Rights screen will be disabled.
58 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 6. Click Save. To remove members from a user group: 1. Click Users - Authorization - Groups. 2. Click the user group name. 3. Check the box(es) of the member(s) you want to remove. Click Delete to delete the selected members. To configure a session idle time-out and/or login profile for a user group: 1. Click Users - Authorization - Groups. 2.
Chapter 3: Accessing the Console Server via the Web Manager Command Description -e <[^]char> Escape character used to close the target session. Default value: Ctrl-X -l Sorted lists ports and exit -ro Read-Only mode Connect directly to a serial port -t Idle time-out in seconds to choose the target 59 To add access to serial ports for a user group: 1. Click Users - Authorization - Groups. 2. Click the new user group name. 3. In the side navigation bar, click Access Rights. 4.
60 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 4. In the content area, click Add. The PDU Assignment screen appears with the list of available PDUs in the left box. 5. Move PDU devices from the Available PDU box on the left to the box on the right by double-clicking on the PDU name, or by selecting the PDU and clicking the Add button.
Chapter 3: Accessing the Console Server via the Web Manager 61 To configure a group in a TACACS+ authentication server: 1. On the server, add raccess service to the user configuration. 2. Define which group(s) the user belongs to in the raccess service following this syntax: group_name = [,]; For example: In the console server, configure a new authorization group TACACS_1 , and configure the access rights for this group.
62 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide During the authentication phase, the console server will receive the attribute FramedFilterID from the RADIUS server. The user regina belongs to authorization group RADIUS_1 and RADIUS_2. and the user special belongs to authorization group admin. To configure group an LDAP authentication server: On the LDAP server, edit the info attribute for the user and add the following syntax. info: group_name=[,,...
Chapter 3: Accessing the Console Server via the Web Manager 3. 63 Select Remote Server - IPv4 to enable syslog messages to be sent to one or more remote IPv4 syslog servers, and enter the IPv4 Address or Hostname. Separate multiple server addresses by commas. -orSelect Remote Server - IPv6 to enable syslog messages to be sent to one or more remote IPv6 syslog servers, and enter the IPv6 Address or Hostname. Separate multiple server address by commas. 4.
64 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 4. To configure data buffer storage on a syslog server in the Syslog Data Buffering Settings section; select a facility number from the drop-down menu: Log Local 0, Log Local 1, Log Local 2, Log Local 3, Log Local 4 or Log Local 5. 5. Click Save. Appliance logging To configure appliance logging: 1. Click Enable appliance session data logging. a.
Chapter 3: Accessing the Console Server via the Web Manager 5. In the Minimum Temperature Threshold field, enter the temperature threshold in degrees Celsius above the minimum temperature. 6. Click Save. 65 Power Management Connected power devices can be used for remote power management. The console server enables users who are authorized for power management to turn power on, turn power off and reset devices that are plugged into a connected PDU.
66 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide 2. Select the checkbox next to the PDU you want to manage. 3. Click On, Off, Cycle, Reboot PDU, Reset HW Overcurrent Protection or Factory Defaults if desired. A confirmation appears. Click OK. NOTE: The power controls (On, Off and Cycle) will be applied to all outlets of the PDU. 4. To change the PDU ID, click Rename and enter the name in the New PDU ID field. 5. Click Save. To upgrade firmware: 1.
Chapter 3: Accessing the Console Server via the Web Manager 67 To configure a PDU: 1. Click Settings to expand the side navigation bar. 2. Click Outlets. 3. Click on an outlet number to change its settings. Click Save, then click Close. -orCheck two or more boxes next to the outlets for which you want to change settings. Click Edit to change the settings for the outlets you selected. Click Save. 4. Click PDU to view and configure PDU settings. Click Save when finished. 5. Click Phases or Banks.
68 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide -or4. Click Add to add an outlet group. The Add Group screen appears. Enter the name in the Group Name field. 5. Click Save. To view and change outlet group information: 1. Select Power Management - Outlet Groups. 2. Click the name of the outlet group you want to view or manage. 3. To add outlets, click Add to add a new outlet to the group.
Chapter 3: Accessing the Console Server via the Web Manager Table 3.10: Monitoring Screens Screen Name Definition Network - Devices Shows Ethernet ports and PC card Device Name, Status (enabled/disabled), IPv4 Address, IPv4 Mask and IPv6 Address. Network - IPv4 Routing Table Shows Destination, Gateway, Genmask, Flags, Metric, Ref, Use and lface. Network - IPv6 Routing Table Shows Destination, NextHop, Flags, Metric, Ref, Use and lface.
70 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Figure 3.3: Web Manager Regular User Screen Table 3.11: Web Manager Regular Users Screen Functional Areas Number Description 1 Top option bar. The name of the appliance and the name of the logged in user appears on the left side and Refresh, Print, Logout and Help buttons appear on the right. 2 Side navigation bar. Menu options appear that are available for regular users. 3 Content area.
Chapter 3: Accessing the Console Server via the Web Manager Menu Option Description Power Management PDUs Outlet Groups Click PDUs to turn on, turn off, cycle, reboot, reset the HW overcurrent protection, returnt to factory defaults or rename PDUs connected to the console server. Click Outlet Groups to manage groups of outlets on connected PDUs. Change Password Change your own password.
72 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide
Appendices Appendix A: Technical Specifications Table A.1: Technical Specifications for the ACS 6000 Console Server Hardware General Information CPU PPC440EPx @ 533 MHz (PowerPC with Security Acceleration Engine) Memory 256 MB DDR-2 / 128 MB NAND Flash (embedded ICs on motherboard) 2 Ethernet 10/100/1000BT on RJ-45 1 RS232 Console on RJ-45 1 AUX RS232 on RJ-45 or internal MODEM V.92 on RJ-45 (RJ11 compatible) Interfaces RS232 Serial Ports on RJ-45 1 USB 2.
74 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Operating Temperature 32 oF to 122 oF (0o C to 50o C) Storage Temperature -4 oF to 158 oF (-20o C to 70o C) Humidity 20% to 80% relative humidity (non-condensing) across the operating temperature range Dimensions 1.715 x 17.250 x 9.50 in Height x Width x Depth (4.3561 x 43.815 x 24.13 cm) Weight 6-7 pounds (2.722- 3.
Appendices Appendix B: Recovering a Console Server's Password To recover the console server's root password: 1. Connect directly to the console server’s CONSOLE port. 2. Turn the console server off, then on again. 3. Press the Spacebar to access the uboot prompt. 4. Type hw_boot single and press Enter. 5. The console server will boot into single-user mode. Type passwd and press Enter. 6. Enter the new password and confirm. 7. Type reboot and let the console server boot normally.
Appendices 76 Appendix C: Port Information for Communication with the DSView 3 Software The following ports on an ACS 6000 advanced console server can accept connections from the DSView 3 management software: • TCP port 3502 (https) • TCP port 3871 (adsap2) • UDP port 3211 (aidp) • TCP port 22 (sshd) The following ports in the DSView 3 software can accept connections from the ACS 6000 advanced console server: • TCP port 4122 (default: SSH server) • TCP port 4514 (default: data logging or Syslog
Appendices 77 Appendix D: Accessing a Console Server with a DSView 3 Software Installation via Dial-up When a DSView 3 software user establishes a serial session, the following events occur: • The user selects a serial port to access. • A viewer is downloaded from the DSView 3 server to the user's workstation. • The DSView 3 software passes information to the viewer, such as an authorization key, the console server's IP address and serial port.
78 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Configuring dial-up for a console server To configure dial-up to a console server within the DSView 3 software: 1. In a Units view window containing appliances, select the ACS 6000 console server you want to configure.
Appendices NOTE: The following step is only required if CHAP was selected in the PPP Auth Protocol field in the DSView 3 software Settings Dial-up window. 4. Log in to the console server’s CLI and access the Linux shell.
Appendices 80 Appendix E: Internal Modem Some models of the ACS 6000 console server come equipped with an internal modem. This modem is used to originate and answer phone calls and establish communication with other modems to transmit data. Controlling the modem’s functions is done by using the “AT” commands. These commands are used to instruct the modem to perform functions such as dialing or answering calls and are normally automatically issued by communication software.
81 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Command Description ATB0 CCITT operation at 300 or 1200 bps. ATB1 Bell operation at 300 or 1200 bps (default). ATD Dial. ATD0-9 Dial the DTMF digits 0 to 9. ATDA-D Dial the DTMF digits A, B, C and D. ATDP Select pulse dialing; effects current and subsequent dialing. ATDT Select tone dialing; effects current and subsequent dialing. ATD! Flash: go on-hook by time defined by S29.
Appendices Command Description ATM1 Speaker is on during call establishment but goes off when carrier is detected (default). ATM2 Speaker is always on. ATM3 Speaker if off during dialing and when receiving carrier but on during answering. ATQ0 Enables result codes to the DTE (default). ATQ1 Disables result codes to the DTE. ATSr Establishes S-register “r” as the default register. ATSr=n Sets S-register “r” to the value “n.” ATSr? Reports the value of S-register “r.
83 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Command Description ATX4 Enables monitoring of busy tones. Sends all messages (default). ATZ0 Soft reset. AT&C0 DCD remains on at all times. AT&C1 DCD follows the state of the carrier (default). AT&D0 Ignores DTR. AT&D1 Enters the escape mode when ON-to-OFF transition is detected on DTR. AT&D2 Hangs up, assumes command state and disables auto answer upon detecting ON-to-OFF transition of DTR (default).
Appendices Command Description AT%C0 Disables data compression. AT%C1 Enables MNP 5 data compression. AT%C2 Enables V.42 bis data compression (sets S46 bit 1). AT%C3 Enables V.42 bis and MNP 5 data compression (default). AT%E0 Disables line quality monitor and auto-retrain. AT%E1 Enables line quality monitor and auto-retrain. AT%E2 Enables line quality monitor and fallback/fall-forward (default). AT%L Line signal level. Returns a value that indicates the received signal level.
85 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Possible Minimum, Maximum, Receive and Transmit Modulation Carrier V.22 bis V22 2400 or 1200 V.23 V23C 1200rx/75tx or 75rx/1200tx V.32 V32 9600 or 4800 V.32 bis V32B 14400, 12000, 9600, 7200 or 4800 V.34 V34 V.
Appendices 86 If the line is in use and the modem receives an ATDT command to dial out, the modem will not go off hook and will display the “LINE-IN-USE” result code. If the modem is off hook and the extension is picked up, the modem will drop the connection and display the “OFF-HOOK INTRUSION” result code. AT S registers The S registers use the following format: ATSr=n where the “r” is the S register number and “n” is the parameter to set it to.
87 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide Basic modem result codes There are basic codes the modem will issue in response to processing an AT command. Result codes may be displayed either in word (V1) or numeric (V0) format by using the Vn command. The Qn command controls if result codes are issued (Q0) or not issued (Q1).
Appendices Numeric 18 Verbose CONNECT 57600 88 Description Line speed or DTE connection at 57600bps. Digital line guard The modem has an optional Digital Line Guard Circuit that automatically detects an over current situation on the Tip and Ring pins. When the modem goes off hook, it will immediately check the current on the Tip and Ring pins. If the current exceeds 150 mA, the modem will display the “DIGITAL LINE DETECTED” result code and then go back on hook.
89 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide When the modem detects the escape sequence, the OK result Result code will be displayed and the modem is in the On Line Command State. The ATH or ATZ command can now be issued to disconnect the call. Selecting country codes Setting the modem’s country code is done by with the +GCI command. To change to one of the 30 available countries, issue the AT+GCI=n command where “n” is one of the two digit country codes.
Appendices Country Code United States B5 Country United Kingdom Code Country 90 Code B4 Using caller ID The modem can be used to display certain information about incoming telephone calls. The modem can inform you of the date, time, telephone number and name associated with incoming calls. When the CID option is enabled, information will be displayed between the first and second incoming “RING.
Appendices 91 Appendix F: Technical Support Our Technical Support staff is ready to assist you with any installation or operational issues you encounter with your Avocent product. If an issue should develop, follow the steps below for the fastest possible service. To resolve an issue: 1. Check the pertinent section of this manual to see if the issue can be resolved by following the procedures outlined. 2. Visit www.avocent.
For Technical Support: www.avocent.
