CPI KVM IP Console User Manual Version 1.0 November 2011 800-834-4969 techsupport@chatsworth.com www.chatsworth.com ©2011 Chatsworth Products, Inc. All rights reserved. CPI, CPI Passive Cooling, MegaFrame, Saf-T-Grip, Seismic Frame, SlimFrame, TeraFrame, GlobalFrame, Cube-iT Plus, Evolution, OnTrac, QuadraRack and Velocity are federally registered trademarks of Chatsworth Products, Inc. Simply Efficient is a trademarks of Chatsworth Products, Inc. All other trademarks belong to their respective companies.
Table of Contents Legal Information............................................................................................................................. 4 Warranty .......................................................................................................................................... 4 Introduction ..................................................................................................................... 5 Product Features ................................................
.6 Device Settings........................................................................................................................ 47 3.6.1 Network .............................................................................................................................. 47 3.6.2 Dynamic DNS ..................................................................................................................... 49 3.6.3 Security........................................................................
Chatsworth Products, Inc. 9353 Winnetka Avenue Chatsworth, CA 91311 800-834-4969 KVM IP Console User Manual ©2011 Chatsworth Products, Inc. All rights reserved. Legal Information The information contained in this guide is subject to change without notice. Chatsworth Products, Inc.
Introduction This document is the User’s Manual for the IP console on IP KVM Switches from Chatsworth Products, Inc. (CPI). It provides detailed setup instructions for the KVM IP console on the following IP KVM Switches.
Configuration 1.1 Initial IP Configuration In factory default, DHCP mode is disabled (IP auto configuration = None), and the IP settings are as below: IP address 1: 192.168.1.22 (Single IP Console) IP Address 2: 192.168.1.23 (Second IP Console) Subnet mask: 255.255.255.0 Gateway: None 1.2 Using The IP Configuration Setup Tool If this initial configuration does not meet your local requirements, use the KVM IP Console Setup Software to change the configurations to your needs. Download: http://www.
1.2.2 To Use DHCP or BOOTP 1. 2. 3. 4. Run KVMIPsetup.exe. The screen below will display. Under Network Configuration, select DHCP or BOOTP for IP auto configuration Enter Super user login and password for Authentication (default : super/pass) Click Setup Device. If super login was authenticated, it will show Successfully configured device; otherwise it will show Permission Denied.
1.2.3 To Change Authentication To adjust the authentication settings, enter your login as a super user, and change your password. Super user login Enter the login name of the super user. The initial value is “super”. All characters are in lower case. Super user password Enter the current password for the super user. This initial value is “pass”. All characters are in lower case. New super user password Enter the new password for the super user.
1.3 Keyboard, Mouse and Video configuration Between the IP console and the host, there are two interfaces available for transmitting keyboard and mouse data: USB and PS/2. The correct operation of the remote mouse depends on several settings which will be discussed in the following subsections. 1.3.1 IP Console Keyboard Settings The IP console settings for the host's keyboard type have to be corrected in order to make the remote keyboard work properly. Check the settings in the IP console Web front-end.
1.3.4 Host system mouse settings The host’s operating system knows various settings from the mouse driver. Warning! The following limitations do not apply in case of USB and Mouse Type “Windows >= 2000, MacOSX.
1.3.7 Video Modes The IP console recognizes a limited number of common video modes. When running X11 on the host system, please do not use any custom mode lines with special video modes. If you do, the IP console may not be able to detect them. We recommend using any of the standard VESA video modes, instead. The table below lists the video modes IP console supports. Please don’t use other custom video settings besides these. If you do so, IP console may not be able to detect them.
Usage 2.1 Prerequisites The IP console features an embedded operating system and applications offering a variety of standardized interfaces. This chapter will describe both these interfaces, and the way to use them in a more detailed manner. The interfaces are accessed using the TCP/IP protocol family, thus they can be accessed using the LAN port of the device. The following interfaces are supported: • HTTP/HTTPS: Full access is provided by the embedded web server.
In order to access the remote host system using a securely encrypted connection (HTTPS), you need a browser that supports the HTTPS protocol. Strong security is only assured by using a key length of 128 Bit. Some of the old browsers do not have a strong 128 Bit encryption algorithm. Using Internet Explorer, open the menu entry “?” and “Info” to read about the key length that is currently activated.
2.2 Accessing The IP KVM Switch 2.2.1 Login Into The IP Console Launch your web browser. Direct it to the address of your IP console, which you configured during the installation process. The address used might be an IP address or a domain name, in the case where you have given your IP console a symbolic name in the DNS.
2.2.1.2 Navigation Having logged into the IP console successfully, the main page of the IP console appears, see the figure below. This page consists of three parts; each of them contains specific information. The buttons on the upper side allow you to navigate within the front end, see the table below for details. Within the right frame, task-specific information is displayed that depends on the section you have chosen before. Return to the main page of the IP console.
2.3 The Remote Console The Remote Console is the redirected screen, keyboard and mouse of the remote host system that IP console controls. See the figure below. The Remote Console window is a Java Applet that tries to establish its own TCP connection to the IP console. The protocol that is run over this connection is neither HTTP nor HTTPS, but RFB (Remote Frame Buffer Protocol). As default, RFB tries to establish a connection to TCP port number 443.
The Remote Console window (see Section 2.3) always tries to show the remote screen with its optimal size. That means it will adapt its size to the size of the remote screen initially and after the screen resolution of the remote screen has been changed. However, you can always resize the Remote Console window in your local window system as usual. Warning! In difference to the remote host system, the Remote Console window on your local window system is just one window among others.
Options – To open the Options menu, click on the button “Options.” Remote Console Options Menu A short description of the options follows. • Monitor Only: Toggles the Monitor only filter on or off. If the filter is switched on, no remote • Exclusive Access: If a user has the appropriate permission, he or she can force the Remote console interaction is possible, and monitoring is possible. Consoles of all other users to close.
• Scaling: Allows you to scale down the Remote Console. You can still use both mouse and keyboard, however the scaling algorithm will not preserve all display details. Remote Console Options Menu: Scaling When you designate 25%, 50%, or 100% scaling, the size of Remote Console window is calculated according to the remote host video setting with scaling algorithm execution. When you designate “Scale to fit,” the remote video displaying is scaled to fit the size of Remote Console window.
• Local Cursor: Offers a list of different cursor shapes to choose from for the local mouse pointer. The selected shape will be saved for the current user and activated the next time this user opens the Remote Console. The number of available shapes depends on the Java Virtual Machine; a version of 1.4.2 or above offers the full list. Remote Console Options Menu: Cursor • Video Settings: Opens a panel for changing the IP console video settings.
o Video Settings through the remote console: allows you to make adjustments manually. The panel is shown in the figure below and explanations follow. Video Settings Panel • Brightness: Controls the brightness of the picture Contrast: Controls the contrast of the picture Clock: Defines the horizontal frequency for a video line and depends on the video mode. Different video card types may require different values here.
• Soft Keyboard: Opens up the Menu for the Soft Keyboard. o Show: Pops up the Soft-Keyboard as shown in the figure below. The Soft-Keyboard is necessary in case your host system runs a completely different language and country mapping than your administration machine. Soft Keyboard o Mapping: Used for choosing the specific language and country mapping of the SoftKeyboard.
• Hotkeys: Opens a list of hotkeys defined before. Choose one entry, the command will be sent to the host system. A confirmation dialog can be added that will be displayed before sending the selected command to the remote host. Select “OK” to execute the command on the remote host. Remote Console Configuration Dialog • Encoding: These options are used to adjust the encoding level in terms of compression and color depth.
The most suitable compression level should always be seen as a compromise between the network bandwidth that is available, on your video picture to be transferred, and on the number of changes between two single video pictures. We recommend using a higher compression level if the network bandwidth is low. The higher the compression level the more time is needed to pack and unpack the video data on either side of the connection. The compression quality depends on the video picture itself, e.g.
2.4.2 Remote Console Status Line The Remote Console status line, displayed at the bottom of the Remote Console screen (see section 2.3), shows both console and the connection state. The size of the remote screen is displayed. The figure below was taken from a Remote Console with a resolution of 800x600 pixels. The value in brackets describes the connection to the Remote Console. “Norm” means a standard connection without encryption, “SSL” means a secure connection.
Menu Options 3.1 Remote Control The Remote Control menu provides access to attached servers through the KVM Console and to an optional serial connection through the Telnet Console. 3.1.1 KVM Console To open the KVM console, either click on the menu entry on the left, or on the console picture on the right. To refresh the picture, click on the button “Refresh.
3.1.2 Telnet Console The IP module firmware features a Telnet server that enables a user to connect via a standard Telnet client. In case the Telnet program is using a VT 100, VT 102 or VT 220 terminal or an according emulation, it is even possible to perform a console redirection as long as the IP console host machine is using a text mode screen resolution. Connecting to the IP console is done as usual and as required by the Telnet client, for instance in a UNIX shell: telnet 192.168.1.
The following list shows the according command mode command syntax and their usage. • • • • • help – Displays the list of possible commands cls – Clears the screen quit – Exists the current session and disconnects from the client version – Displays the release information terminal – Starts the terminal passthrough mode for serial port 1. The key sequence esc exit switches back to the command mode. 3.
A certain (floppy) image can be built up in two steps. • Click “Browse” button and select the image file. • Click “Upload” button to upload the chosen image file into the IP console’s onboard memory. This image file is kept in the onboard memory of the IP console until the end of the current session, as you logged out, or initiated a reboot of the IP console. The maximum image size is limited to 1.44MB. For a larger image please see CD-ROM Image section below. 3.3.
Under Image on Windows Share, the following information has to be given to mount the image properly: o Share host: The server name or its IP address. o Share folder name: The name of the share folder to be used. o Image file name: The name of the image file on the share folder. o User name: If necessary, specify the user name for the share named in advance. If unspecified, and a guest account is activated, this guest account information will be used as your login.
• For Windows 2000/XP: Open Windows Explorer, navigate to the directory (or share), and press the right mouse button to open the context menu. Explorer Context Menu Select “Sharing” to open the configuration dialog. Share Configuration Dialog Box Adjust the settings for the selected directory. o Activate the selected directory as a share. Select “Sharing this folder.” o Choose an appropriate name for the share. You may also add a short description for this folder (input field “Comment”).
• Creating a Floppy Image: o Floppy Images for UNIX and UNIX-like OS: To create an image file, make use of “dd”. This is one of the original UNIX utilities and is included in every UNIX-like OS (UNIX, Sun Solaris, and Linux). To create a floppy image file, copy the contents of a floppy to a file. You can use the following command: dd [ if=/dev/fd0 ] [ of=/tmp/floppy.image ] dd reads the entire disc from the device /dev/fd0, and saves the output in the specified output file /tmp/floppy.image.
• Creating a CD ROM/ISO Image o CD-ROM/ISO Images For UNIX and UNIX-like OS: To create an image file, make use of “dd.” This is one of the original UNIX utilities and is included in every UNIX-like OS (UNIX, Sun Solaris, and Linux). To create a CDROM image file, copy the contents of the CDROM to a file. You can use the following command: dd [ if=/dev/cdrom ] [ of=/tmp/cdrom.image ] dd reads the entire disc from the device /dev/cdrom, and saves the output in the specified output file /tmp/cdrom.image.
3.3.3. Drive Redirection The Drive Redirection is another possibility to use a virtual disc drive on the remote computer. With Drive Redirection you do not have to use an image file but may work with a drive from your local computer on the remote machine. The drive is hereby shared over a TCP network connection. Devices such as floppy drives, hard discs, CD ROMs and other removable devices like USB sticks can be redirected.
Under the Drive Redirection menu, there are two setup options: • Disable Drive Redirection – If enabled the Drive Redirection is switched off. • Force read-only connections – If enabled the Write Support for the Drive Redirection is switched off. It is not possible to write on a redirected device. Select the desired options and click “Apply” to submit your changes. The Drive Redirection Setup Wizard will open so you can install drivers.
3.3.3.1 Installing The Drive Redirection Drivers On first use, you will need to install drivers for the drive redirection software. Please follow the Drive Redirection Setup Wizard step by step to install the driver from the included CD ROM.
3.3.3.2 Setup Drive Redirection Start Drive Redirection to display the Drive Redirection dialog. Drive Redirection Dialog Under Connections Parameters, designate the drive to redirect. • Device – This is the address (either the DNS name or the IP address) of the IP console you would like to connect to. • Drive – The local drive you want to share with the remote computer, which could be Floppy disc, CD-ROMs, USB-Sticks and hard drives. Select the drive you would like to redirect.
• Secure Connection – Enable this box to establish a secure connection via SSL. This will maximize the security but may reduce the connection speed. • Enable Write Support – Enable write support means that the remote computer is allowed to write on your local drive. As you can imagine, this is very dangerous. If both the remote and the local system try to write data on the same device, this will certainly destroy the file system on the drive. Please use this only when you exactly know what you are doing.
Using the Hide to Tray button the application is hidden, but not terminated completely. That means that an active connection will be kept active until it is closed explicitly. You can access the software by its tray icon. The tray icon also shows whether a connection is established or not. A double click on the icon shows the application window, or with a right click you may access a small menu. Tray Icon and Menu for Drive Redirection 3.3.
3.4 User Management The User Management button allows you to change passwords and create/edit individual user accounts. 3.4.1 Change Password To change your password, enter the new password in the upper entry field. Retype the password in the field below. Click “Apply” to submit your changes.
3.4.2 Users and Groups The IP console comes with one pre-configured user account that has fixed permissions. The account “super” has all possible rights to configure the device and to use all functions the IP console offers. Set User Dialog Upon delivery, the account “super” has the password “pass”. Make sure to change password immediately after you have installed and on initial access of your IP console.
3.5 KVM Settings 3.5.1 User Console The following settings are user specific. That means, the super user can customize these settings for every user separately. Changing the settings for one user does not affect the settings for the other users. User Console Settings • Remote Console Settings for User: This selection box displays the user ID for which the values are shown and for which the changes will take effect. You may change the settings of other users if you have the required privileges.
Note: The standard color depth is 16 Bit (65536 colors). The other color depths are intended for slower network connections in order to allow a faster transmission of data. Therefore compression level 0 (no compression) uses only 16 Bit color depth. At lower bandwidths only 4 Bit (16 colors) and 2 Bit (4 gray scales) are recommended for typical desktop interfaces. Photo-like pictures have best results with 4 Bit (16 gray scales).
o Start in Exclusive Access Mode: Enables the exclusive access mode immediately at Remote Console startup. This forces the Remote Consoles of all other users to close. No one can open the Remote Console at the same time again until this user disables the exclusive access or logs off. • Mouse hotkey: Specifies a hotkey combination which starts either the mouse synchronization process if pressed in the Remote Console, or is used to leave the single mouse mode.
• Host Interface - Enables a certain interface the mouse is connected to. You can choose between “Auto” for automatic detection, “USB” for an USB mouse, and “PS/2” for a PS/2 mouse. Warning! To use the USB and/or PS/2 interface you need the correct cabling between the managed host and the managing device. If the managed host has no USB keyboard support in the BIOS and you have connected the USB cable only, then you will have no remote keyboard access during the boot process of the host.
3.5.3 Video Under KVM Settings, select Video to change the video settings. Video Settings • Miscellaneous Video Settings o Noise filter: This option defines how the IP console reacts to small changes in the video input signal. Turning on the noise filter can help reduce video flickering that is often caused by distortions, as well as lowering unnecessary bandwidth consumption.
3.6 Device Settings 3.6.1 Network The Network Settings panel as shown in the figure below allows changing network related parameters. Each parameter will be explained below. Once applied the new network settings will immediately come into effect. Network Settings Warning! The initial IP configuration is usually done directly at the host system using the special procedure described in Section 1.2 Using The IP Configuration Setup Tool.
o o • Primary DNS Server IP Address: IP address of the primary Domain Name Server in dot notation. This option may be left empty, however the IP console will not be able to perform name resolution. Secondary DNS Server IP Address: IP address of the secondary Domain Name Server in dot notation. It will be used in case the Primary DNS Server cannot be contacted.
3.6.2 Dynamic DNS The IP console is reachable via the IP address of the DSL router, which is dynamically assigned by the provider. Since the administrator does not know the IP address assigned by the provider, the IP console connects to a special dynamic DNS server in regular intervals and registers its IP address there. The administrator may contact this server as well and pick up the same IP address belonging to his card. Dynamic DNS Scenario A freely available Dynamic DNS service (www.dyn.
You have to perform the following steps in order to enable Dynamic DNS: • Make sure that the LAN interface of the IP console is properly configured. • Enter the Dynamic DNS Settings configuration dialog as shown in the figure below. Dynamic DNS Dialog • Enable Dynamic DNS and change the settings according to your needs (see below). o Enable Dynamic DNS: This enables the Dynamic DNS service. This requires a configured DNS server IP address.
3.6.3 Security Under Device Settings, select Security to change the security settings. Device Security Dialog • Encryption Settings: o Force HTTPS: If this option is enabled access to the web front-end is only possible using an HTTPS connection. The IP console will not listen on the HTTP port for incoming connections. In case you want to create your own SSL certificate that is used to identify the IP console refer to section 3.6.4 Certificate.
3.6.4 Certificate The IP console uses the Secure Socket Layer (SSL) protocol for any encrypted network traffic between itself and a connected client. During the connection establishment the IP console has to expose its identity to a client using a cryptographic certificate. The default certificate that comes with the IP console upon delivery is for testing purposes only. The system administrator should not rely on this default certificate as the secured global access mechanism through Internet.
• • • • • • • Locality/City: The city where the organization is located. State/Province: The state or province where the organization is located. Country (ISO code): The country where the organization is located. This is the twoletter ISO code, e.g. DE for Germany, or US for the USA. (Note: the country code has to be entered in CAPITAL LETTERS.) Challenge Password: Some certification authorities require a challenge password to authorize later changes on the certificate (e.g.
Example CSR String 4. Upload the certificate to the IP console using the “Upload” button as shown in the figure below. After completing these four steps, the IP console has its own certificate that is used for identifying the card to its clients. Warning! If you destroy the CSR on the IP console there is no way to get it back! In case you deleted it by mistake, you have to repeat the four steps as described above.
3.6.5 Serial Port The IP console’s Device Settings for the Serial Port allows you to specify what device is connected to the serial port and how to use it. Device Settings for the Serial Port • Serial Port Settings: o Configuration or console login: Select this option if you will not be using the serial port for Passthrough access via Telnet. o Modem: This feature is not available on the CPI IP KVM Switch.
3.6.6 Date And Time This link refers to a page, where the internal real-time clock of the IP console can be set up (see the figure below). Device Settings for Date and Time You have the possibility to adjust the clock manually, or to use a NTP timeserver. Without a timeserver, your time setting will not be persistent, so you have to adjust it again, after IP console loses power for more than a few minutes.
3.6.7 Event Log Important events like a login failure or a firmware update are logged to a selection of logging destinations (see the figure below). Each of those events belongs to an event group, which can be activated separately. Device Settings for Event Log The common way to log events is to use the internal log list of the IP console. To show the log list, click on “Event Log” on the “Maintenance” page. In the Event Log Settings you can choose how many log entries are shown on each page.
• NFS Logging enabled: Define a NFS server, where a directory or a static link have to be exported, to write all logging data to a file that is located there. To write logging data from more than one IP console device to only one NFS share, you have to define a file name that is unique for each device. When you change the NFS settings and press the button “Apply,” the NFS share will be mounted immediately.
3.7 Maintenance 3.7.1 Device Information This section contains a summary with various information about this IP console and its current firmware and allows you to reset the card. Device Information The link View the data file for support allows you to download the IP console data file with specific support information. This is an XML file with certain customized support information like the serial number, etc. You may send us this information together with a support request.
3.7.2 Event log The Maintenance Event Log displays the list of events that are logged by the IP console. Event Log List 3.7.3 Update Firmware The IP console is a complete standalone computer. The software it runs is called firmware. The firmware of the IP console can be updated remotely in order to install new functionality or special features. A new firmware update is a binary file which you can download from the CPI website: http://www.chatsworth.com/Support-and-Downloads/Downloads/Software/.
1. The new firmware file is uploaded onto the IP console. In order to do that you need to select the file on your local system using the button “Browse” of the Upload Firmware panel. Once the firmware file has been uploaded, it is checked whether it is a valid firmware file and whether there were any transmission errors. In case of any error the Upload Firmware function will be aborted. Update Firmware 2. If everything went well, you see the Update Firmware panel.
3.7.4 Unit Reset This section allows you to reset specific parts of the device. This involves the keyboard and mouse, the video engine and the IP console. To reset a certain IP console functionality click on the button Reset as displayed in the figure below. Unit Reset Resetting the switch (Reset Device) is mainly needed to activate a newly updated firmware. It will close all current connections to the administration console and to the Remote Console. The whole process will take about half a minute.
Troubleshooting guide 1. The remote mouse doesn’t work or is not synchronous. • • Make sure the mouse settings in IP console match the mouse model. There are some circumstances where the mouse synchronization process could behave incorrectly, refer to section 3.5.2 Keyboard/Mouse under KVM Settings and section 2.4.1 Remote Console Control Bar under Usage for further explanation. 2. The video quality is bad or the picture is grainy.
7. In the browser the IP console pages are inconsistent or chaotic. • Make sure your browser cache settings are feasible. Especially make sure the cache settings are not set to something like ”never check for newer pages.” Otherwise IP console pages may be loaded from your browser cache and not from the card. 8. Windows XP doesn’t awake from standby mode. • This is possibly a Windows XP problem. Try not to move the mouse while XP goes in standby mode. 9. Can’t upload the signed certificate in MacOS X.
FAQ Q. The color of remote console displaying a pinkish tint. A. If you are experiencing the remote control screen displaying a pinkish tint with some graphic cards, please try adjusting the brightness of the remote console by following steps below. 1. Click Video Settings in Options menu of the remote console. 2. Adjust the Brightness setting until the pinkish tint is reduced or eliminated. Q. Is any software required on servers which connect to the IP KVM Switch through the IP console? A.
Q. Which browsers does the IP console support? A. The IP console supports Microsoft Internet Explorer version 6.0 or higher, Netscape 7.0 and Mozilla 1.6. Q. How many letters can the username and password be on the IP console? A. The IP console accepts 32 letters of username and password. Q. How many bits of connection encryption does IP console provide? A. The IP console provides AES 256 bits connection encrypted. Q. Local mouse and remote mouse didn’t sync after doing mouse Intelligent Sync. A.
Appendices A. Key Codes The table below shows the key codes used to define keystrokes or hotkeys for several functions. Please note that these key codes do not represent necessarily key characters that are used on international keyboards. They name a key on a standard 104-key PC keyboard with an US English language mapping. The layout for this keyboard is shown in the figure below.
B. User Role Permissions The table below lists the user role permissions granted for three user role groups: “Superuser,” “Administrator,” and “User.
D. Bandwidth Consumption The preconfigured network speed selection simply results in a different Compression and Color Depth configuration in order to match the different bandwidth limitations of the network type (UMTS, ISDN, etc.). The following suggested network bandwidth planning table for IP console installation is from the test results with 3D-Labyrinth screen saver at Resolution 800x600, the worst case consuming the highest network bandwidth.
