Dominion SX ® User Guide Release 3.1 Copyright © 2007 Raritan, Inc.
This page intentionally left blank.
Copyright and Trademark Information This document contains proprietary information that is protected by copyright. All rights reserved. No part of this document may be photocopied, reproduced, or translated into another language without express prior written consent of Raritan, Inc. © Copyright 2007 Raritan, CommandCenter, RaritanConsole, Dominion, and the Raritan company logo are trademarks or registered trademarks of Raritan, Inc. All rights reserved.
Safety Guidelines To avoid potentially fatal shock hazard and possible damage to Raritan equipment: • Do not use a 2-wire power cord in any product configuration. • Test AC outlets at your computer and monitor for proper polarity and grounding. • Use only with grounded outlets at both the computer and monitor. • When using a backup UPS, power the computer, monitor and appliance off the supply.
CONTENTS i Contents Preface.............................................................................................................................. xii Audience ....................................................................................................................xii Conventions ...............................................................................................................xii Acronyms .......................................................................................
ii DOMINION SX USER GUIDE Chapter 7: Port Configuration and Port Access Application......................................31 Port Keywords........................................................................................................... 31 Port Configuration ..................................................................................................... 32 Direct Port Access.....................................................................................................
CONTENTS iii Test the SMTP Logging ...................................................................................................................76 Configuring NFS Logging.......................................................................................... 76 Configuring SNMP Logging....................................................................................... 78 Enable SNMP Logging .......................................................................................................
iv DOMINION SX USER GUIDE Remote Services ...........................................................................................................................105 LDAP Configuration Menu .............................................................................................................106 RADIUS Command........................................................................................................................107 TACACSPLUS Command ................................................
CONTENTS v Logoff Command ...........................................................................................................................138 Password Command .....................................................................................................................138 Reboot Command..........................................................................................................................139 Restore Command................................................................
vi DOMINION SX USER GUIDE DB25M Nulling Serial Adapter Pinouts ..........................................................................................172 Dominion SX Terminal Ports ................................................................................... 172 Dominion SX16 and SX32 Terminal Ports .............................................................. 174 Appendix B: System Defaults .......................................................................................
FIGURES VII Figures Figure 1 Dominion SX16 Unit....................................................................................................................... 1 Figure 2 Rear Panel of the DSXA-32 ........................................................................................................... 6 Figure 5 Certificate Information.................................................................................................................... 7 Figure 6 DSX Login Screen ...................
viii DOMINION SX USER GUIDE Figure 63 Standalone RSC Login Screen .................................................................................................. 56 Figure 64 Standalone RSC Connected to Port Window............................................................................. 57 Figure 67 Security Settings Screen............................................................................................................ 59 Figure 68 Login Settings Screen...................................
FIGURES Figure 118 New Phone Entry Display ...................................................................................................... 196 Figure 119 Dial-Up Security Display ........................................................................................................ 197 Figure 120 Windows 2000 Network and Dial-Up Connections................................................................. 197 Figure 122 Network Connection Type..........................................................
DOMINION SX USER GUIDE x Tables Table 1 Factory Default Network Settings.................................................................................................... 5 Table 2 Java Runtime Parameters............................................................................................................. 37 Table 3 Commands Common to All CLI Levels ......................................................................................... 99 Table 4 Available CLI Commands..........................
TABLES Table 52 Restore Command .................................................................................................................... 139 Table 53 Sendeventlog Command........................................................................................................... 140 Table 54 Upgrade Command................................................................................................................... 140 Table 55 Banner Command ..................................................
DOMINION SX USER GUIDE xii Preface The Dominion SX User Guide provides the information needed to install, set up and configure, access devices such as routers, servers, switches, VPNs, and power strips, manage users and security, and maintain and diagnose the Dominion SX secure console server. Audience The primary audiences for this guide are infrastructure administrators and installers who are responsible for installing and setting up devices such as secure console servers.
PREFACE ACRONYM VPN XIII MEANING Virtual Private Network Notices Important: cautionary information that warns of possible affects on the users, corruption risks, and actions that may affect warranty and service coverage. Note: general information that is supplemental to the text.
This page intentionally left blank.
CHAPTER 1: INTRODUCTION 1 Chapter 1: Introduction Dominion SX Overview The Dominion SX Series of Serial over IP Console Servers offers convenient and secure, remote access and control through LAN/WAN, Internet, or Dial-up modem to all networking devices. The Dominion SX: • Provides a non-intrusive solution for managing network elements and does not require any installation of software agents on the target device.
DOMINION SX USER GUIDE 2 Product Features Comprehensive Console Management • • • • • • • • • • • • • • • Remote Management: Access, monitor, administer, and troubleshoot up to 48 target devices (depending on the model) via Secure Socket Shell (SSH), Telnet, Local Port or Web browser with only one IP address. Direct Port Access via TCP/IP address per port; or one IP address and TCP Port numbers. Notification: Create notification messages by email alerts.
CHAPTER 1: INTRODUCTION Package Contents Each Dominion SX ships with the following: • (1) Dominion SX unit with mounting kit (Rack-mount kit is optional on some units) • (1) Raritan Dominion SX User Guide CD-ROM, which contains the installation and operations information for the Dominion SX • (1) Printed Dominion SX Quick Setup Guide • (1) Power cord • (1) Release Notes • (1) Packing List page • (1) RJ45 serial loop-back plug • A DB9 Factory Reset Adapter for some units (Other units have a reset switch and
DOMINION SX USER GUIDE 4 This page intentionally left blank.
CHAPTER 2: INSTALLATION 5 Chapter 2: Installation There are two ways of completing the initial network installation of the Dominion SX: • Using a serial cable with a VT100/equivalent, such as a PC with HyperTerminal. • Using Ethernet (with an installation computer). This section describes the steps necessary to configure Dominion SX for use on a local area network (LAN). The following table describes the factory default network settings that come with the Dominion SX.
DOMINION SX USER GUIDE 6 Hardware Installation Figure 2 Rear Panel of the DSXA-32 Physical Installation of Dominion SX for Initial Configuration 1. Use a computer with a network card and crossover network cable. This computer will be referred to as the ‘installation computer.’ 2. Physically mount the unit in an ergonomically sound manner. The unit is designed to be easily rack-mounted, and rack mounting is recommended. 3.
CHAPTER 2: INSTALLATION 7 Initial Configuration Using the Graphical User Interface (GUI) To initially configure the Dominion SX unit from the Graphical User Interface, follow the steps below. Network Access 1. Ensure that the installation computer has the route for 192.168.0.192 and that it can communicate with IP address 192.168.0.192. 2. To check the route table in Windows, type the command route print in a Command window on the installation computer. If 192.168.0.
DOMINION SX USER GUIDE 8 The login screen appears after you finish viewing the security alerts and the Certification Information screen. Figure 4 DSX Login Screen 7. Log in with the default username admin and password raritan. Use all lowercase letters. A Restricted Service Agreement Screen appears: Figure 5 Restricted Service Agreement Screen Note: Once you click Accept after login, the Dominion SX prompts you to change the default password.
CHAPTER 2: INSTALLATION 9 Initial Configuration Using the Command Line Interface To initially configure the Dominion SX unit from the Command Line Interface, follow the steps below. 1. Connect the serial port of your Installation Computer to the Terminal serial port on your Dominion SX. This port is a DB9-Male port on most models, except ALL dual-power dualLAN models, including DSXA-48, which have an RJ45 connector for a terminal port. 2.
DOMINION SX USER GUIDE 10 1. Type Configuration to change the unit’s configuration. 2. Type Network to select the network configuration. 3. Type: admin > Config > Network > interface enable true if lan1 ip 192.16.151.12 mask 255.255.255 gw 192.168.51.12 .Upon successfully entering the data, a report will display the new network configuration and you will be prompted to reboot the unit. 4. Type yes to reboot the Dominion SX. 5. You can now remove the serial cable. 6.
CHAPTER 3: INITIAL SOFTWARE CONFIGURATION 11 Chapter 3: Initial Software Configuration After the hardware installation, perform the initial software configuration. Do this by logging onto the Dominion SX from either a browser or through a Command Line Interface (See Chapter 12: Command Line Interface for CLI information.) Dominion SX Initial Software Configuration 1. Log on to the Dominion SX using your new password.
DOMINION SX USER GUIDE 12 Important: After you complete each configuration task, you must return to the Setup tab to perform the next configuration task. Date / Time Configuration 1. Click the Date / Time in the Configuration section of the Setup Screen. The Date / Time Configuration screen appears. Figure 10 Date / Time Configuration Screen 2. Select the correct time zone from the UTC Offset drop-down menu. 3.
CHAPTER 3: INITIAL SOFTWARE CONFIGURATION 13 Network Configuration 1. Click Network in the Configuration section of the Setup screen. The Network Configuration Screen appears. Note: If you have a dual LAN model, there is an Eth Failover checkbox that is selected by default, but can be turned off. The screen below represents a single LAN model and does not show this checkbox.
DOMINION SX USER GUIDE 14 Deployment 1. You can remotely access the Dominion SX through a: LAN connection or a modem connection (optional). 2. The Dominion SX can access target devices only through a serial connection. LAN Connection After the initial software configuration phase, configure the DSX unit for operation on the LAN. 1. Ensure that you have an Ethernet cable connected to the network for use with the unit. 2. Physically mount the unit in an ergonomically sound manner. 3.
CHAPTER 4: NETWORK SETTINGS AND SERVICES 15 Chapter 4: Network Settings and Services This chapter explains how to configure the basic network settings for the DSX, and how to configure the various access protocols (SSH, telnet, etc.) It also explains how to configure the DSX for modem access, and how to enable IP forwarding and create static routes. Configuring the Basic Network Settings To configure the basic network settings and discovery ports, click the Setup tab, and then click Network.
DOMINION SX USER GUIDE 16 Change the Discovery Ports The DSX has two discovery ports: • TCP 5000 Common Socket Connection (CSC) discovery • UDP 5000 Command Center (CC) discovery If either of these ports is used by another application, you can change the discovery port number in the DSX in the appropriate field and click OK.
CHAPTER 4: NETWORK SETTINGS AND SERVICES To change any of these network service settings: 1. Click the Setup tab, and then click Services. The Network Service Settings screen appears. Figure 13 Network Service Settings 2. Make any necessary changes to the appropriate fields. 3. Click OK.
DOMINION SX USER GUIDE 18 Configuring Modem Access You can access the DSX via a modem. To set this up: 1. Click the Setup tab, and then click Modem. The Modem Settings screen appears. Figure 14 Modem Settings Screen 2. Click the checkbox labeled Enable Modem to enable modem access. 3. Type the IP addresses of the Point-to-Point (PPP) server in the PPP Server IP field. The default is 10.0.0.1 4. Type the IP address of the PPP client in the PPP Client IP field. The default is 10.0.0.2. 5.
CHAPTER 4: NETWORK SETTINGS AND SERVICES 19 Add a New Static Route To add a new Static Route: 1. Click the Setup tab, and then click Static Routes. The Static Routes screen appears. It consists of an Enable IP Forwarding panel and a Static Routes List. Figure 16 Static Routes List 2. Go to the Static Routes List and click Add New Route. The Static Route screen appears. Figure 17 Static Route Screen 3. On a DSX with one LAN interface, LAN1 appears automatically in the Interface field.
DOMINION SX USER GUIDE 20 Delete a Static Route To delete a static route: 1. Click the Setup tab, and then click Static Routes. The Static Routes screen appears. It consists of an Enable IP Forwarding panel and a Static Routes List. 2. Go the Static Routes List and click the checkbox next to the route you want to delete. 3. Click Delete. You are prompted to confirm the deletion. 4. Click OK. The route is deleted.
CHAPTER 5: USER PROFILES AND GROUPS 21 Chapter 5: User Profiles and Groups This chapter explains how to create and manage user profiles and user groups. Managing User Profiles User profiles serve two purposes: • To provide users with a username and password to log into the DSX • To associate the user with a user group. The user group determines which system functions and ports the user can access. The DSX is shipped with one user profile built in. This is the admin user.
22 DOMINION SX USER GUIDE 2. Click Add New User. The New User screen appears. Figure 19 New User Screen 3. Type a login name in the Username field. This is the name the user enters to log into the DSX. This field is required. • You can enter any number of characters up to a maximum of 255. • You can enter any printable character except “ > < • The user name is case sensitive. 4. Type the user’s full name in the Full Name field. This field is required. 5.
CHAPTER 5: USER PROFILES AND GROUPS 23 Tip: If the user group you want has not yet been created, you can create it and then return to the user profile and select it. For now, keep the default. 9. Decide whether or not to activate this profile immediately. By default, the Active checkbox is selected. To deactivate this account, clear this checkbox. You can return at any time and activate the user when necessary. 10. Click OK. The user profile is created. It should appear in the User List screen.
24 DOMINION SX USER GUIDE Display a List of User Groups To display a list of existing user groups, click the User Management tab, and then click User Group List. The Group List screen appears (Figure 20). Figure 20 Group List Screen The Group List screen shows every user group created to date, and for each one gives the group’s name and class. Create a User Group To create a new user group: 1. Click the User Management tab, and then click User Group List. The Group List screen appears (Figure 20). 2.
CHAPTER 5: USER PROFILES AND GROUPS • 25 Observer Users associated with the Observer class have read-only access to the console window, and cannot change any system configuration parameters except their own password. 5. Select the ports that the users associated with this group are permitted to access. You can select all ports, or you can select any combination of individual ports. 6. Click OK. The user group is created. It should appear in the User List screen.
26 DOMINION SX USER GUIDE
CHAPTER 6: REMOTE AUTHENTICATION 27 Chapter 6: Remote Authentication This chapter explains how to configure RADIUS, LDAP, and TACACS+ authentication. Tip: If you are setting up remote authentication, it is a good idea to still keep local authentication enabled. When an authentication request reaches the DSX, it looks to authenticate the user remotely first, and then looks to authenticate the user locally.
28 DOMINION SX USER GUIDE Configuring LDAP You can use the Lightweight Directory Access Protocol (LDAP) to authenticate DSX users instead of local authentication. To configure LDAP: 1. Click the Setup tab, and then click Remote Authentication. The Remote Authentication screen appears. It contains an LDAP panel. Figure 23 LDAP Panel 2. In the LDAP panel, click the LDAP button to enable LDAP authentication. 3.
CHAPTER 6: REMOTE AUTHENTICATION 29 8. If you are using a modem to connect to the LDAP server, type a dialback string in the Dialback Query String field. 9. If you have a backup LDAP server, enter the same information in the Secondary LDAP fields. 10. Click OK. LDAP authentication is enabled. Configuring TACACS+ You can use the Terminal Access Controller Access-Control System Plus (TACACS+) to authenticate DSX users instead of local authentication. To configure TACACS+: 1.
30 DOMINION SX USER GUIDE
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 31 Chapter 7: Port Configuration and Port Access Application Port configuration allows Administrators to define the serial/console port settings in order to communicate with remote target devices. Note: You can access the Raritan Serial Console (RSC) from the Port screen. See the Raritan Serial Console section of this chapter for RSC information.
32 DOMINION SX USER GUIDE Port Configuration To configure one or more ports: 1. Click the Setup tab, and then click Port Configuration. The Port Configuration screen appears. Figure 26 Port Configuration Screen 2. Select the port(s) you want to configure. You can select one port or several ports, so long as the port configurations are all the same. • To select specific ports, click the checkboxes to the left of the port numbers and then click Edit. • To select all ports, click Select All.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 33 The Edit Port screen appears. Figure 27 Edit Port Screen 3. Make sure the port values match the target system’s serial port configuration for the first three values. • Select the Baud Rate from the Baud Rate drop-down menu. Note: The minimum baud rate supported for local port access is 9600. • • Select the Parity Bits from the Parity Bits drop-down menu. Select the Flow Control from the Flow Control drop-down menu. 4.
34 DOMINION SX USER GUIDE 6. Select the escape mode. The default is None. Change as follows: • • Select Control from the drop-down menu in the Escape Mode field. Type the Escape Character. The default for the Dominion SX is ] (closed bracket ). 7. Select the terminal emulation type from the drop-down menu in the Emulation field. The choices are: • VT100 • VT220 • VT320 • ANSI 8.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 35 Anonymous Port Access Anonymous port access allows users to access DPA configured ports without entering a password. To enable the feature: 1. Click the Security tab, and then click Login Settings. The Login Settings screen appears (Figure 54). 2. Make sure the Anonymous Port Access checkbox at the bottom of the screen is checked. 3. Click the User Management tab, and the click User Group List. The Group List appears (Figure 20).
36 DOMINION SX USER GUIDE Raritan Serial Client Requirements for Java The Raritan Serial Client (RSC) requires a minimum 1 GHz PC with 512 MB RAM. Java must be installed to access targets (managed devices) before you can use the RSC. Java Runtime Environment (JRE) The RSC will function with JRE version 1.4.2_05 or later (except for JRE version 1.5.0_02) . However, for optimum performance, Raritan recommends using JRE 1.5.0 (except, of course for 1.5.0_02).
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 37 Table 2 Java Runtime Parameters VALUES -SYNTAX -Xms in bytes DESCRIPTION Sets the initial size of the Java heap. DEFAULT / COMMENTS 2097152 (2MB) • • • -Xmn in bytes -Xmx in bytes Sets the initial Java heap size for the Eden generation. Sets the maximum size to which the Java heap can grow. The -server flag increases the default size to 32M. The values must be a multiple of, and greater than, 1024 bytes (1KB).
38 DOMINION SX USER GUIDE Raritan Serial Client Interface Important: The Raritan Serial Client (Console) Screen usually opens in a separate window in back of the Port Screen. With some versions of Java on Windows, the screen opens in front of the Port Screen. Minimize the Port Access screen to access the Raritan Serial Console screen. The RSC contains drop-down menus that provide the user with the ability to: • Modify emulation settings such as fonts and window size. • Manage the history of the session.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 39 Emulator 1. Change the default user Idle Timeout setting before launching the RSC for the first time or it will timeout in 10 minutes and display a host termination message. See the Security section of the Dominion SX User Guide for changing the Idle Timeout setting.. 2. Click on the Emulator drop-down menu to display a list of topics.
40 DOMINION SX USER GUIDE Note: If the RSC Idletimeout expires, the Dominion SX Idletimeout period begins. Settings Note: Terminal emulation settings are set with the port by an Administrator using the Setup->Port Configuration menu. 1. On the Emulator menu, click Settings. The Settings screen displays the General tab with the default settings. Figure 34 General Settings Window 2. Accept the Main Menu Shortcut: default of None or choose one of the following from the Main Menu Shortcut: drop-down menu.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 41 Display Settings 1. Return to the Emulator menu, select Settings and then click the Display tab. Figure 35 Display Settings Window 2. Click Default to accept the Default settings. Then click Ok to close the Display Settings window; however, if you want to change the settings, perform the following steps: 3. Accept the Terminal Font Properties default of Arial or choose a font from the Terminal Font Properties scrolling list. 4.
42 DOMINION SX USER GUIDE 6. Click on the GUI Font Properties tab and accept the default of Monospaced or choose a font from the GUI Font Properties scrolling list. Figure 36 Display Settings: GUI Font Properties 7. Choose the following from their drop-down menus: • Foreground Color • Background Color 8. Choose one of the following from the Encoding drop-down menu: • US-ASCII • ISO-8859-1 • ISO-8859-15 • UTF-8 9.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 43 Get History History information can be useful when debugging, troubleshooting, or administering a target device. The Get History feature: • Allows you to view the recent history of console sessions by displaying the console messages to and from the target device. • Displays up to 256 KB (64KB only on models with 64MB SDRAM; 256KB available on 128MB SDRAM Models) of recent console message history.
44 DOMINION SX USER GUIDE Connected Users The Connected Users command allows you to view a list of other users who are currently connected on the same port. 1. Click Connected Users to view the connected users on the Emulator menu. Figure 37 Connected Users Window 11. A check mark appears in the Write Access column after the name of the User who has Write Access to the console. 2. Click Close to close the Connected Users window. Exit 1.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION Edit Use the Copy, Paste, and Select All text commands to relocate and/or re-use important text. Figure 38 Edit Commands - Copy, Paste, and Select All Text Copy and Paste All Text: 1. 2. 3. 4. 5. Click Select All on the Edit menu. Click Copy on the Edit menu. Position the cursor at the location where you want to paste the text. Click once to make that location active. Click Paste on the Edit menu.
46 DOMINION SX USER GUIDE Tools 1. Click on the Tools drop-down menu to display a list of topics.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 47 Start Logging The Start Logging function allows you to collect raw console data from the target device and save it to a file in your computer. When you start the RSC, the Logging indicator on the status bar indicates whether logging is on or off. 1. On the Tools menu, click Start Logging. 2. Choose an existing file or provide a new file name in the Save RSC Log dialog box.
48 DOMINION SX USER GUIDE Send Keystroke 1. On the Tools menu, click Send Keystroke. A Send Keystroke screen appears: Figure 41 Send Keystroke 2. Enter the keystroke combinations that you want and select a Key Code name from the dropdown menu. 3. Send the keystroke combinations. Send Text File 1. On the Tools menu, click Send Text File. A Send Text File screen appears: 2. Open the directory of the Text file. 3. Click on or enter the File Name of the Text file. 4. Click Open.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 49 To use Chat: 1. Click Chat on the Chat menu. Figure 42 SecureChat Command and User Chat Window 2. Type a message in the Message text field. 3. Click Send or press ENTER to send the message. 4. Click Clear to delete the typed text, or click Close to exit and close the Message window. Help Help Topics include on-line assistance for operating the Raritan Serial Console, and release information about Raritan Serial Console.
50 DOMINION SX USER GUIDE To Access ‘About’ Information: 1. Click About Raritan Serial Console on the Help menu. An About Raritan Serial Console message appears on top of the Raritan Serial Console drop-down menu: Figure 43 Sample of the About Raritan Serial Console Window 2. Click OK to close the About Raritan Serial Console window. Standalone Raritan Serial Console Installation Note: You can download the Standalone Raritan Serial Client from the Raritan support Web site: http://www.raritan.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION • 51 Ensure that Java can be started from the command line. To do this, environment variables must be configured. Make a note of the exact path where Java was installed. (The path information will be used later.) Setting Windows OS Variables 1. Open the Start menu, and then open the Control Panel and choose System. 2. Go to Advanced and open Environment Variables. Figure 44 Windows OS: System Properties 3.
52 DOMINION SX USER GUIDE 5. Click OK. Figure 45 Windows OS: New System Variable 6. Select the PATH variable and click Edit. 7. Add %JAVA_HOME%\bin to the end of the current Variable value. Ensure a semicolon (;) separates the new value from the last value in the string.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 53 8. Click OK. Figure 46 Windows OS: Edit System Variable 9. Select the CLASSPATH variable and click Edit. Ensure the CLASSPATH Variable value is configured properly; that is, its value must have a period(.) in it. If, for any reason, there is no CLASSPATH variable defined, create one.
54 DOMINION SX USER GUIDE Setting Linux OS Variables If you want to set Java for this user only, open and edit .profile file located in the /home/Username folder. If you want to set Java for all users, open .profile file in your /etc folder 1. Find the line where you set your PATH Example: export PATH=$PATH:/home/username/somefolder 2. Before that line you must set your JAVA_HOME and then modify your PATH to include it. To achieve this, add the following lines: export JAVA_HOME=/home/username/j2sdk1.4.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 55 Installing Standalone RSC for Windows You must have administrative privileges to install RSC. 1. 2. 3. 4. 5. 6. Log on to a Windows machine. Download, or copy from a known location, the RSC-installer.jar installation file. Double-click on the executable file to start the installer program. The splash screen appears. Click Next. The installation path screen appears. Change the path, if desired. Click Next.
56 DOMINION SX USER GUIDE 7. Click Next. The Windows shortcut screen appears. Figure 50 RSC Windows Shortcut Screen 8. Specify the desired Program Group for the Shortcut. 9. Click Next. The installation finished screen appears. 10. Click Done. Launching RSC on Windows Systems 1. Double-click on the shortcut or use Start Programs to launch the standalone RSC. The Raritan Serial Console Login connection properties window appears.
CHAPTER 7: PORT CONFIGURATION AND PORT ACCESS APPLICATION 57 2. Enter the Dominion SX IP address, account information, and the desired target (port). 3. Click Start. The RSC opens with a connection to the port. Figure 52 Standalone RSC Connected to Port Window Note: In case of unrecognized characters or blurry screens that might appear in RSC window due to localization support, please try changing the font to Courier New.
58 DOMINION SX USER GUIDE 6. The Set Installation Path screen appears. a) b) c) d) Select the directory where you want to install RSC and click Next. Click Browse to navigate to a non-default directory. Click Next when the installation is complete. Click Next again. The installation is complete. The final screen indicates where you will find an uninstaller program, and allows the option of generating an automatic installation script. e) Click Done to close the Installation window.
CHAPTER 8: SECURITY 59 Chapter 8: Security There are a number of elements to consider when addressing security for console servers. The following are some of the Security aspects: • Encrypting the data traffic sent between the operator console and the DSX unit. • Providing authentication and authorization for users. • Logging data relevant to the operation so it can later be viewed for auditing purposes. In some cases, this data is required for compliance with governmental or company regulations.
60 DOMINION SX USER GUIDE Login Settings Click Login Settings on the Security Settings screen to access the Login Settings screen, which contains the Local Authentication, Login Handling, and Strong Password Settings panels.. Figure 54 Login Settings Screen Local Authentication 1. Go to the Local Authentication panel and click the Enable Local Authentication checkbox. 2.
CHAPTER 8: SECURITY 61 Strong Password Settings To enable strong passwords, go to the Strong Password panel and select the requirements for a strong password. This includes maximum and minimum length and special character requirements. Configure Kerberos Figure 55 Kerberos Settings 1. Click Enable Kerberos. 2. Type the name of the file you want for your Hosts File in the Hosts File field or click on the Browse drop-down menu and select your file. 3.
62 DOMINION SX USER GUIDE Generate a Certificate Signing Request To generate a Certificate Signing Request (CSR): 1. Click the Security tab, and then click Certificate. The Certificate screen appears. Figure 56 Certificate Signing Request 2. Click the checkbox labeled Generate a Certificate Signing Request. 3. Click on the drop-down menu in the Bits field. Keep the 1024 default or change it to 512. 4.
CHAPTER 8: SECURITY 63 Install a User Key To install a user key on the DSX: 1. Click the Security tab, and then click Certificate. The Certificate screen appears. Figure 57 Install User Key 2. Click the checkbox labeled Install User Key. 3. Type the following information in the corresponding fields: • The IP address of the host with the key • A login and password on the host • The path and name of the file containing the key 6. Click OK.
64 DOMINION SX USER GUIDE 2. Click the checkbox labeled Install User Certificate. 3. Type the following information in the corresponding fields: • • • The IP address of the host with the certificate A login and password on the host The path and name of the file containing the certificate 4. Click OK. SSL Client Certificate SSL Security certificates are used in browser access to ensure that the device that you are attached to is the device that is authorized to be connected.
CHAPTER 8: SECURITY 65 Figure 59 SSL Client Certificate Screen
66 DOMINION SX USER GUIDE Enabling Client Certificate Authentication: To enable Client Certificate Authentication: 1. Click Enable SSL Client Certification. 2. Click OK to enable the Client Certificate authentication. Installing a New Trusted Certificate Authority To install a new trusted Certificate Authority (CA) to the DSX, the CA certificate must be on an accessible FTP server. 1. Click Install Certificate Authority. 2. Fill in the data needed to retrieve the certificate from the FTP server. 3.
CHAPTER 8: SECURITY 67 Viewing a Certificate Revocation List To view a CRL: 1. Click View Certificate Revocation List. 2. Click OK to retrieve the list of CRLs. Banner Dominion SX optionally supports a customizable (maximum 5000 words, 8 words per row) welcome banner that is displayed after login. The banner identifies where the user has logged into.
68 DOMINION SX USER GUIDE Security Profiles The DSX provides three security profiles that you can use. They simplify the assigning of permissions to users and groups by defining basic permissions that automatically apply to all users.
CHAPTER 8: SECURITY 69 2. Click the Edit Custom Profile link. The Edit Custom Security Profile screen appears. Figure 62 Edit Custom Security Profile Screen 3. Check one or all of the following fields. • • • • • • Telnet Access Strong Password Required Single Login Per User Timeout Required TLS Required Redirect HTTP to HTTPS 4. Click OK.
70 DOMINION SX USER GUIDE Firewall The DSX provides a firewall function to provide protection for the IP network and to control access between the internal router and the LAN 1, LAN 2 and the dial modem interfaces. Enable the Firewall To enable the firewall: 1. Click the Security tab, and then click Firewall. The Firewall Screen appears. The Firewall screen displays the existing IPTables rules. Figure 63 Firewall Screen 2. Click the check box labeled Enable Firewall. 3. Click OK.
CHAPTER 9: LOGGING 71 Chapter 9: Logging This chapter explains how to enable and configure the various DSX logs. Configuring Local Event Logging To configure the local log settings, click the Setup tab, and then click Log. The Log Settings screen appears. It contains a number of individual logging panels. Enable the Event Log File This feature enables event log messages to be stored locally on the DSX unit. To set this feature up: 1.
72 DOMINION SX USER GUIDE 4. Click OK. Enable Port Logging You need to configure port logging after you have enabled NFS logging (see “Configuring NFS Logging” below). This feature enables port data to be logged to a Network File System (NFS) server. This allows you to save and access the log files over a network. NFS supports file sharing, which means you can store the files on the network that you want other people to access, while keeping your secure files on the DSX unit.
CHAPTER 9: LOGGING 73 Mon Nov 06-2006 13:46:20 -------- admin connected to port-------Mon Nov 06-2006 13:46:21 -------- admin got write access -------Password: Authentication failure. Username: admin Password: Authentication successful. ---------------------------------------------------------------------Welcome to the DominionSX. [Model: SX32] UnitName:sx181 FirmwareVersion:3.0.1.5.1 Serial:WAOF300029 IP Address:192.168.51.181 UserIdletimeout:5min Port Port No.
74 DOMINION SX USER GUIDE Configure Input Port Logging To enable input port logging: 1. Go to the Input Port Logging panel and click the Enable Input Port Logging checkbox. (To turn this feature off, clear this checkbox.) Figure 68 Input Port Logging Panel 2. Type a directory for input in the In Directory field. 3. Click OK. Configuring Encryption To configure encryption: 1. Go to the Encryption panel and click the Encryption checkbox. (To turn this feature off, clear this checkbox.
CHAPTER 9: LOGGING 75 Configuring SMTP Logging To configure SMTP logging, click the Setup tab, and then click Events. The SMTP Logging screen appears. This screen contains and SMTP Settings panel and a New SMTP Event panel. Enable SMTP Logging To enable SMTP logging: 1. Go to the SMTP Settings panel and click the Enable SMTP Server checkbox to enable SMTP logging. Figure 70 SMTP Settings Panel 2. Type the IP address of the SMTP server in the SMTP Server IP Address field. 3.
76 DOMINION SX USER GUIDE Available events include: • event.amp.notice.port.connection • event.amp.notice.user.logoff • event.amp.notice.backup • event.amp.notice.restore • event.amp.notice.config.directaccesslockout • event.amp.notice.reboot • event.amp.notice.boot • event.amp.notice.config.datacom • event.amp.notice.config • event.amp.notice.upgrade • event.amp.keyword • event.amp.strongpasssword • event.amp.banner • event.amp.firewall • event.amp.iptablesaved • event.amp.
CHAPTER 9: LOGGING 77 Note: The NFS server must have the exported directory with write permission for the port logging to work. To configure NFS Logging: 1. Click the Setup tab, and then click NFS. The NFS Settings screen appears. Figure 72 NFS Settings Screen 2. Click the Enable NFS checkbox to enable NFS logging. 3. Type the IP address of the NFS server in the Primary IP field, and then enter the path to the log file in the Primary Directory field. 4.
78 DOMINION SX USER GUIDE Configuring SNMP Logging The DSX supports Simple Network Management Protocol (SNMP) traps and logging. Enable SNMP Logging To enable SNMP logging: 1. Click the Setup tab, and then click SNMP. The SNMP screen appears. 2. Go to the SNMP Setting panel and click the Enable SNMP checkbox to enable the SNMP feature. Figure 73 SNMP Settings Panel 3. Type an SNMP public community in the Public Community field. The default is Public.
CHAPTER 10: MAINTENANCE 79 Chapter 10: Maintenance The Dominion SX maintenance features presented in this chapter allow the administrator perform the following tasks: • Manage event logs. • View configuration report. • Backup and restore the SX unit settings. • Upgrade firmware and track upgrade history. • Reset to factory default settings. • Reboot the unit.
80 DOMINION SX USER GUIDE Send the Event Log To send the contents of the event log to a remote FTP server: 1. Click the Maintenance tab, and then click Send Event Log. The Send Event Log screen appears. Figure 76 Send Event Log Screen 2. Enter the IP address of the FTP server in the IP address field. 3. Enter a login name and password on the FTP server in the Login and Password fields. This is necessary to access the FTP server. 4.
CHAPTER 10: MAINTENANCE 81 Backing Up and Restoring the DSX When you back up the DSX, the system makes a copy of the DSX configuration (without network settings) and writes the copy to an FTP server. The file can be recovered using a Restore operation, if necessary. Backing Up the DSX To back up the DSX unit: 1. Click the Maintenance tab, and then click Backup. The Backup screen appears. Figure 77 Backup Screen 2.
82 DOMINION SX USER GUIDE Restoring the DSX Restoring the DSX retrieves a copy of the DSX configuration from the FTP server where it has been backed up and writes the file to the DSX. To perform a restore operation 1. Click the Maintenance tab, and then click Restore. The Restore screen appears. Figure 78 Restore Screen 2. In the IP Address field, type the IP address of the source FTP server system from which the restore data will be retrieved. 3.
CHAPTER 10: MAINTENANCE 83 Display the Current Firmware Version To display the current version of firmware running on a DSX unit, click the Maintenance tab, and then click Firmware Version. The Firmware Version screen appears. This screen shows the firmware version, RSC, kernel, and PMON. Figure 79 Firmware Version Upgrade the Firmware Before you perform a firmware upgrade, you must: 1. Download the upgrades file(s), which are in WinZip format onto a folder on the local FTP server. 2.
84 DOMINION SX USER GUIDE To perform the upgrade: 1. Click the Maintenance tab, and then click Firmware Upgrade. The Firmware Upgrade screen appears. Figure 80 Firmware Upgrade Screen 2. Type the IP Address of the FTP server in the IP Address field. 3. Type your login name in the Login field. 4. Type your password in the Password field. 5. Type the path to the firmware file in the File /home/downloads/firmware/UpgradePack_2.5.6_3.1.0.5.2/Pack1of1). Path field (e.g. 6. Click Upgrade.
CHAPTER 10: MAINTENANCE 85 Performing a Factory Reset on the DSX Performing a factory Reset returns the DSX unit to its default factory settings. Be very careful when doing this, because it will erase all the data and settings on the DSX unit and return it to the state in which it was originally shipped. To perform a factory reset, click the Maintenance tab, and then click Factory Reset. You will be prompted to confirm the reset. Click Yes to proceed. If you change your mind, click No.
86 DOMINION SX USER GUIDE
CHAPTER 11: DIAGNOSTICS 87 Chapter 11: Diagnostics The Diagnostics function provides the administrator with the tools to test the network and monitor processes. Select the Diagnostics tab to display the Diagnostics screen. It provides links to Network Infrastructure Tools and Administrator Tools. Figure 82 Diagnostics Screen Network Infrastructure Tools Network infrastructure tools allow you to view the status of the active network interfaces and important network statistics.
88 DOMINION SX USER GUIDE Network Statistics 1. Click Network Statistics on the Diagnostics screen. The system displays network statistics. Figure 84 Network Statistics 2. By default, all statistics are shown. To show specific statistics, select an entry from the dropdown menu in the Options field. Your choices are: o Route o Interfaces o Groups o Statistics o Program 3. Click Refresh to update the information.
CHAPTER 11: DIAGNOSTICS 89 Ping Host 1. Click Ping Host on the Diagnostics screen. The Ping Host screen appears. Figure 85 Ping Host 2. Type the IP address of the host to be pinged in the IP Address field. 3. Click Ping. The screen displays the results of the ping. Trace Route to Host Figure 86 Trace Route to Host 1. Click Trace Route to Host on the Diagnostics screen. The Trace Route to Host screen appears. 2. Type the IP address of the host in the IP Address field. 3.
90 DOMINION SX USER GUIDE Administrator Tools ─ Process Status 1. Click Process Status in the Diagnostics Screen. The screen displays the results of your request. Figure 87 Process Status 2. Click Refresh to update the information.
CHAPTER 12: COMMAND LINE INTERFACE 91 Chapter 12: Command Line Interface Command Line Interface Overview The Dominion SX Serial Console supports all serial devices such as: • Servers, including Windows Server 2003 when using the Emergency Management Console (EMS-) Special Administration Console, or SAC with BIOS redirection in the server BIOS. • Routers • Layer 2 switches • Firewalls • Power strips • Other user equipment.
92 DOMINION SX USER GUIDE CLI Command Overview – Part 1 configuration authentication network events ldap ldaps getservercert removeservercert add ethernetfailover delete interface smtp ipforwarding ports cleareventlog route primaryldap eventlogfile secondaryldap eventsyslog routeadd nfsgetkey routedelete radius nfssetkey modem primarytacacs secondarytacacs add nfs sendeventlog vieweventlog tacacsplus snmp nfs portlog primaryradius secondaryradius dpa encryption http https log
93 CLI Command Overview – Part 2 Diagnostics Connect (port sub-menu, reached using escape key sequence) history ipmi getwrite ipmitool ps traceroute backup ipmidiscover clearhistory gethistory show Security (available in all menus) ifconfig netstat close Maintenance listports cleareventlog factoryreset firmware logoff return password sendbreak reboot writelock restore writeunlock sendeventlog upgrade upgradehistory upgradestatus userlist vieweventlog banner banner ftpgetbanner certi
94 DOMINION SX USER GUIDE The following common commands can be used from all levels of the CLI to the preceding figure: top, history, logout, quit, show, and help.
CHAPTER 12: COMMAND LINE INTERFACE 95 Telnet Connection to the Dominion SX Due to the lack of security, username, password and all traffic is in clear-text on the wire, Telnet access is disabled by default. Enabling Telnet If you wish to use Telnet to access the DSX, first access the DSX from the CLI or a browser. CLI 1. Use the following command: admin > Config > Services > telnet enable true The system returns the following message: The system will need to be rebooted for changes to take effect.
96 DOMINION SX USER GUIDE Local Port Connection to the Dominion SX The local port of the Dominion SX must be connected to the COM port of a computer system, a terminal, or some other serial capable device using a null modem cable with DB-9F null on both ends. If there is an RJ 45 interface, a special cable (CRLVR) is used with an ASCSDB9F connector on the client machine.
CHAPTER 12: COMMAND LINE INTERFACE 97 The welcome message displays. You are now logged in as an Administrator. login as: admin Password: Authentication successful. ----------------------------------------------------------------Welcome to the DominionSX UnitName:DominionSX IP Address:192.168.51.194 [Model: SX4] FirmwareVersion:3.0.0.5.1 UserIdletimeout:99min Serial:WACEA00008 ----------------------------------------------------------------Port No. 1 3 - Port Name Port1 [U] Port3 [U] Port No.
98 DOMINION SX USER GUIDE Navigation of the CLI Before using the CLI, it is important to understand CLI navigation and syntax; additionally, there are combinations of keystrokes that simplify CLI use. Completion of Command The CLI supports the completion of partially entered commands. After entering the first few characters of an entry, hit the Tab key; if the characters form a unique match, the CLI will complete the entry. • If no match is found, the CLI displays the valid entries for that level.
CHAPTER 12: COMMAND LINE INTERFACE 99 Common Commands for all Command Line Interface Levels Table 3 lists the commands that are available at all CLI levels. These commands also help navigate through the CLI. Table 3 Commands Common to All CLI Levels COMMANDS top history show help quit logout DESCRIPTION Return to the top level of the CLI hierarchy, or the “username” prompt. Display the last 200 commands the user entered into the DSX CLI.
100 DOMINION SX USER GUIDE Once the preceding parameters are set, the following areas can be configured from either the local console port or over the network: • service • security • users • serial ports Setting Parameters To set parameters the user must be logged in with administrative privileges. At the top level the user will see the “Username” > prompt, which for initial configuration is “admin” >. If the user has logged in with a different user name, that user name will appear instead of admin.
CHAPTER 12: COMMAND LINE INTERFACE 101 CLI Prompts The Command Line Interface prompt indicates the current command level. The root portion of the prompt is the login name; admin is the root portion in the following command: admin > Config > Port > CLI Commands Table 4 lists and describes all available CLI commands.
102 security sendeventlog show tacacsplus telnet top traceroute upgrade upgradehistory userlist vieweventlog DOMINION SX USER GUIDE Switch to the security menu. Sends the local event log to a remote FTP server. Show configuration options. Switch to the TACACS+ Configuration Menu. Enable telnet communication and specify the port. Return to the root menu. Print the route to a remote system System command to upgrade the firmware. System command to show the upgrade history. List users.
CHAPTER 12: COMMAND LINE INTERFACE 103 Configuring Logging and Alerts As part of the security capabilities of the Dominion SX, facilities are provided to log data and to provide alerts based on activities between the users, Dominion SX and the target device. These facilities provide an audit trail allowing the authority responsible to review what has happened in the system and determine who implemented what action and when. Among the facilities provides are event logging and SNMP traps.
104 DOMINION SX USER GUIDE Set Escape Sequence To set the Escape sequence, ensure that the default Escape sequence set on the Dominion SX server does not conflict with a key sequence required by either the Access Client or the host operating system. The Escape key sequence is user-configurable. Console sub-mode should be displayed when the default escape key sequence ^] (programmable) is pressed.
CHAPTER 12: COMMAND LINE INTERFACE 105 Configuring Authorization and Authentication (AA) Services Dominion SX supports both local and remote authentication and authorization (AA) services. Local databases for AA are maintained in an encrypted format to prevent unauthorized access. Remote Services For remote services, Dominion SX supports LDAP, Active Directory, TACACS+ and Kerberos.
106 DOMINION SX USER GUIDE Note: When configuring the LDAP server, the query string format on the server should contain the name of a group configured on the SX. When configuring the Radius server, the Filter-ID format for the users on the server should have the following format “raritan:G{GroupOnSX}:D{DialbackNumber}“. When configuring the TACACS+ server, the user-group format for the user on the server should contain the name of a group configured on the DSX. If you use older (SX 2.
CHAPTER 12: COMMAND LINE INTERFACE 107 RADIUS Command The radius menu provides access to commands used to configure access to a RADIUS server. The syntax of the radius menu commands are: primaryraduius <> RADIUS Command Example admin > Config > Authentication > radius > primaryradius TACACSPLUS Command The tacacsplus menu provides access to commands used to configure access to a TACACS+.
108 DOMINION SX USER GUIDE Cleareventlog Command The cleareventlog command clears the contents of the local event log. The syntax of the cleareventlog command is: cleareventlog Cleareventlog Command Example admin > Config > Log > cleareventlog Eventlogfile Command The eventlogfile command controls and configures the logging of events to the local log.
CHAPTER 12: COMMAND LINE INTERFACE 109 nfsget Command The nfsget command gets an NFS encryption key to be used for encrypting port log data. Use the key value as input to the nfssetkey command. The syntax of the nfsget command is: nfsgetkey [type ] The nfsget command options are described in the following table.
110 DOMINION SX USER GUIDE Portlog Command The portlog command enables and configures the logging of port data. The syntax of the portlog command is: portlog [enable ] [prefix name] [size value] [timestamp interval] [update interval] [inputlog ] [indir name] [outdir name] [encrypt ] The portlog command options are described in Table 12.
CHAPTER 12: COMMAND LINE INTERFACE 111 Sendeventlog Command The sendeventlog command sends the local logfile to a remote FTP server. The syntax of the sendeventlog command is: sendeventlog [ip ipaddress] [login login] [password [path pathname] [file filename] The sendeventlog command options are described in Table 13.
112 DOMINION SX USER GUIDE Modem Menu Command Examples admin > Config > modem > dialin enable true serverip 10.0.13.211 clientip 10.0.13.212 admin > Config > modem > dialback enable true admin > Config> Modem > show modem Modem Settings: Dialin Enabled: 1 Server IP : 10.0.13.211 Client IP : 10.0.13.212 Dialback : Enabled Dialback with local user. Before a modem connection can be established, the local user that is going to be used for dialin authentication should be configured.
CHAPTER 12: COMMAND LINE INTERFACE 113 On the Remote Radius Server, the user’s configuration should contain the following line: Filter-Id = "raritan:G{}:D{}" Dialback with remote LDAP user. (OpenLdap v.2 & v.3) Dialin and Dialback should be enabled on the device used for modem communication.
114 DOMINION SX USER GUIDE Configuring Network The network menu commands are used to configure the SX network adapter. Table 15 Configuration: Network Commands COMMANDS ethernetfailover interface ipfowarding name ports route routeadd routedelete DESCRIPTION Enable/Disable network failover Configure the SX unit network interface.
CHAPTER 12: COMMAND LINE INTERFACE 115 Interface Command Example The following command enables the interface number 1, sets the IP address, mask, and gateway addresses, and sets the mode to auto detect. admin > Config > Network > interface enable true if lan1 ip 192.16.151.12 mask 255.255.255 gw 192.168.51.12 mode auto IPForwarding Command The ipforwarding command is used to configure the ability to forward between two networks.
116 DOMINION SX USER GUIDE Ports Command Example The following command : admin > Config > Network > ports Route Command The route command is used to view the kernel routing table. The syntax of the command is: route <> The command options are described in Table 20.
CHAPTER 12: COMMAND LINE INTERFACE 117 Routedelete Command Example The following command remove a route from the route table: admin > Config > Network > routedelete Configuring NFS The nfs command enables all keystrokes echoed from the target device to be logged to a remote NFS server located within the network. The logs can be reviewed at a later time.
118 DOMINION SX USER GUIDE Configuring Ports Ports Configuration Menu Target serial ports are configured from the CLI using the ports menu. In addition to the description of the physical nature of the ports, other services may also be defined. Those services are: • The escape sequence used to disconnect from the port to access the emulator to send breaks or control multi user functions. (Example: Ctrl a) • Set the exit string that is to be sent to the target when an idle timeout occurs.
CHAPTER 12: COMMAND LINE INTERFACE 119 Command Example admin > ports config port 1 name ld1 bps 115000 parity odd flowcontrol hw detect true escapemode none emulation VT100 The following command displays the current settings for port 1: admin > Config > Port > config port 1 Port number 1: Name: Port1 BPS: 115200 Parity: 0 Flow control: 0 RSC Terminal Emulation: VT100 Disconnect: Disabled Application: RaritanConsole Exit String: show strongpassword Escape: Control-] DPA: IP: 0.0.0.
120 DOMINION SX USER GUIDE config For configuring all ports using a block of contiguous port numbers, command can be used. If port_range is specified, then a block of contiguous port numbers will be used. The given value of base_tcpport is used as starting value. For individual port configuration, the command can be used. Ports Keywordadd Command Keywords can be configured per port.
CHAPTER 12: COMMAND LINE INTERFACE 121 dpa Command The permitted TCP Port Range is 1024-65535. When run without the mode parameter, the system displays the current dpa type.
122 DOMINION SX USER GUIDE Starting DPA for port 1 Authentication successful. Escape Sequence is: Control-] You are now master for the port. Enabling unauthorizedportaccess to a set of ports assigned to 'Anonymous' group. Unauthorized port access is only available for configured DPA methods.
CHAPTER 12: COMMAND LINE INTERFACE 123 Authentication successful. Escape Sequence is: Control-] You are now master for the port. Encryption Command The encryption command sets the type of encryption for HTTPS. Note: The factory default value of this protocol is SSL. The syntax of the encryption command is: encryption [prot ] The encryption command options are described in Table 28.
124 DOMINION SX USER GUIDE HTTPS Command The https command is used to control https access and define the port. The syntax of the https command is: https [enable ] [port value] The https command options are described in the following table.
CHAPTER 12: COMMAND LINE INTERFACE 125 SSH Command The syntax of the ssh command is: ssh [enable ] [port value] The ssh command options are described in Table 31. Table 31 SSH Command COMMAND OPTION enable port value DESCRIPTION Enable or disable SSH access.
126 DOMINION SX USER GUIDE Configuring SNMP The Dominion SX server supports sending SNMP alerts to a predefined SNMP server. The Raritan SNMP MIB may be obtained from the FAQs in the support section of the Raritan web site. (http://www.raritan.com/_downloads/SX-MIB.txt). The following commands configure the SNMP features: • add • delete • snmp SMNP Add Command The add command adds trap recipients. A recipient is an IP address with an optional spaceseparated port number.
CHAPTER 12: COMMAND LINE INTERFACE 127 SNMP Command The SNMP command controls SNMP traps and specifies the community name used to send traps. The syntax of the snmp command is: snmp [enable ] [public community-string] The snmp command options are described in Table 35.
128 DOMINION SX USER GUIDE NTP Command The ntp command lets the administrator determine if a Network Time Protocol (NTP) server should be used to synchronize the SX clock to a reference. The syntax of the command is: ntp [enable ] [primaryntpip] [secondaryntpip] The command options are described in Table 36. Table 37 ntp Command COMMAND OPTION enable primaryntpip secondaryntpip DESCRIPTION Enable or disable the use of NTP. The NTP server to use first.
CHAPTER 12: COMMAND LINE INTERFACE 129 Addgroup Command The addgroup command creates a group with common permissions. The syntax of the addgroup command is: addgroup [name groupname] [class ] [ports ] The addgroup command options are described in Table 38. Table 38 Addgroup Command COMMAND OPTION name groupname class ports DESCRIPTION Group name Group user class erator or server Port(s) assigned to the group.
130 DOMINION SX USER GUIDE Deletegroup Command The deletegroup command deletes an existing group. The syntax of the deletegroup command is: deletegroup [name groupname] The deletegroup command options are described in Table 40. Table 40 Deletegroup Command COMMAND OPTION DESCRIPTION Group name name groupname Command Example admin > Config > User > deletegroup name unixgroup Deleteuser Command The deleteuser command is used to remove a specified user.
CHAPTER 12: COMMAND LINE INTERFACE 131 Edituser Command The edituser command is used to manage information about a specified user. The syntax of the edituser command is: edituser [user loginname] [fullname user's-fullname] [group name] [dialback phonenumber] [password password] [info userinformation] [active ] The edituser command options are described in Table 43.
132 DOMINION SX USER GUIDE Connect Commands The connect commands provide a means to access ports and their history.. Table 44 Connect Commands COMMAND connect clearhistory close gethistory getwrite return sendbreak writelock writeunlock DESCRIPTION Connect to a port. The port sub-menu, reached using escape key sequence. Clear history buffer for this port. Close this target connection. Display the history buffer for this port. Get write access for the port. Return to the target session.
CHAPTER 12: COMMAND LINE INTERFACE 133 IPMIDISCOVER The ipmidiscover tool is user to discover Intelligent Platform Management Interface (IPMI) servers in the network. • The IP address range can be set using startIP and endIP. • Only users belonging to the Administrator group are able to configure the support of IPMI. The supported IPMI version 2.0. The ipmidiscover tool syntax is: ipmidiscover [OPTIONS] startIP endIP All discovered targets supporting IPMI version 2.
134 DOMINION SX USER GUIDE IPMITOOL This command lets you manage the IPMI functions of a remote system. These functions include printing FRU information, LAN configuration, sensor readings, and remote chassis power control. The ipmitool command controls IPMI-enabled devices. The user name to access the IPMI device is ADMIN, password ADMIN.
CHAPTER 12: COMMAND LINE INTERFACE 135 raw – Send a RAW IPMI request and print response i2c – Send an I2C Master Write-Read command and print response lan – Configure LAN Channels chassis – Get chassis status and set power state power – Shortcut to chassis power commands event – Send pre-defined events to MC mc – Management Controller status and global enables sdr – Print Sensor Data Repository entries and readings sensor – Print detailed sensor information fru – Print built-in FRU and scan SDR
136 DOMINION SX USER GUIDE Listports Command Table 48 Listports Command Command listports Description List accessible ports. admin > listports Port Port No. Name 1 - Port1 [U] 3 - Port3 [U] Port No. 2 4 - Port Name Port2 [U] Port4 [U] Port names up to 23 characters are displayed. Longer portnames are truncated to 22 characters, with a $ sign at the end The letter after the port name describes the state of each port.
CHAPTER 12: COMMAND LINE INTERFACE 137 Backup Command The backup command makes a copy of the Dominion SX configuration and writes the backup onto an ftp server. The current SX device configuration is saved to the computer with the IP set in the command parameters in an encrypted format. All device settings are stored in the file EXCEPT network settings. The file can recovered if a Restore operation becomes necessary.
138 DOMINION SX USER GUIDE Command Example admin > Maintenance > factoryreset Network Settings: Name: DominionSX Domain : raritan.com CSC Port: 5000 Discover Port: 5000 IP: 192.168.0.192 Net Mask : 255.255.255.0 Gateway : 192.168.0.192 Failover : true Do you wish to commit these settings (no/yes) (default: no) Firmware Command The firmware command provides the versions of the firmware.
CHAPTER 12: COMMAND LINE INTERFACE 139 Reboot Command The reboot command restarts the Dominion SX console server. This command is only available to users with administrative privileges. All user sessions will be terminated without warning, and no confirmation will be required. It is highly recommended that you ask all users to log off before you reboot the unit. The userlist command can be used to display a list of connected users and sessions.
140 DOMINION SX USER GUIDE Sendeventlog Command The sendeventlog command sends the local logfile to a remote FTP server.
CHAPTER 12: COMMAND LINE INTERFACE 141 Upgradehistory Command The upgradehistory command provides information about the last time you upgraded the system. The syntax of the upgradehistory command is: upgradehistory Command Example admin > Maintenance > upgradehistory Overall Upgrade History: 3.0.0.1.15 Wed Sep 13 19:07:38 2006 Userlist Command The userlist command displays a list of all users who are logged in, their source IP Addresses and any ports to which they are connected.
142 DOMINION SX USER GUIDE Banner Command The banner command controls the display of a security banner immediately after login.. The syntax of the banner command is: banner [display ] [audit ] The banner command options are described in Table 55.
CHAPTER 12: COMMAND LINE INTERFACE 143 Certificate Command Menu The certificate command menu provides the client and server commands to create and manage security certificates. The syntax of the certificate command is: certificate <> Note: For a description of how to enable LDAP over SSL with a third-party certification authority, refer to http://support.microsoft.com/default.aspx?scid=kb;en-us;321051. Document requires the exchange of certificate of authority created by the MS Server.
144 DOMINION SX USER GUIDE Firewall Command The firewall command provides control for the turning on or off the firewall. The syntax of the firewall command is: firewall [enable ] The firewall command options are described in the following table. Table 59 Firewall Command COMMAND OPTION DESCRIPTION enable Enable/Disable firewall with true or false Command Example admin > Security > Firewall > firewall enable true Note: Use the following when working with the Firewall.
CHAPTER 12: COMMAND LINE INTERFACE -save --state NEW -t filter 145 Save the IP Tables. iptables Command Examples Iptables can be configured in a plethora of ways that is outside the scope of this document. The examples below show some simple configuration options created with iptables.
146 DOMINION SX USER GUIDE Clear the iptables rules To clear the iptables rules. admin > Security >firewall >iptables --flush Save the configured settings To save the iptables rules into the local database. admin > Security >firewall >iptables-save Execute this command once you have configured all the settings. Kerberos Command The kerberos command menu provides access to the commands used to configure the Kerberos network authentication protocol. The Kerberos commands are listed in the table below.
CHAPTER 12: COMMAND LINE INTERFACE 147 • The above 3 machines should be pingable by FQDN. Get the hosts file using gethostnamefile from the Kerberos menu. • Use klist to check the ticket expiration. Most of the kadmin error messages are associated with ticket expiration • Kadmin: -List principal and add missing principal if it doesn’t already exist in the KDC database. • Browser rule : Do not include the REALM part when the browser prompts for principal.
148 DOMINION SX USER GUIDE idletimeout time [number value] idletimeout Command Example admin > Security > LoginSettings > idletimeout time 99 Inactiveloginexpiry Command The inactiveloginexpiry command sets the number of days before an account will expire due to inactivity. The syntax of the inactiveloginexpiry command is: inactiveloginexpiry [days value] The inactiveloginexpiry command options are described in Table 63.
CHAPTER 12: COMMAND LINE INTERFACE 149 The lockoutperiod command options are described in Table 65. Table 65 Lockoutperiod Command COMMAND OPTION time time DESCRIPTION Period of time (in minutes) for which the user cannot login after account deactivation. Command Example admin > Security > LoginSettings > lockoutperiod time 120 Singleloginperuser Command The singleloginperuser command enables or disables multiple logins per user..
150 DOMINION SX USER GUIDE Table 67 Strongpassword Command COMMAND OPTION StrongPasswordRulesEnable PWUppercaseRequired PWLowercaseRequired PWNumberRequired PWSymbolRequired PasswordValidityPeriod PasswordHistoryDepth MinPasswordLength MaxPasswordLength DESCRIPTION true/false true/false true/false true/false true/false Number of days before expiration Number of Passwords until repeat allowed Minimum password length Maximum password length is Strongpassword Command Example The following example sets the
CHAPTER 12: COMMAND LINE INTERFACE 151 Securityprofiles Commands The securityprofiles command menu provides access to the commands used to configure and control security profiles. The securityprofiles commands are listed in the table below. Table 69 Securityprofiles Commands COMMAND profiledata securityprofiles DESCRIPTION View or modify a Security Profile. Enable and select a Security Profile. Profiledata Command The profiledata command is used to modify or view a security profile.
152 DOMINION SX USER GUIDE
CHAPTER 13: INTELLIGENT PLATFORM MANAGEMENT INTERFACE 153 Chapter 13: Intelligent Platform Management Interface The Intelligent Platform Management Interface (IPMI lets you manage the IPMI functions of a remote system. The following topics are covered in this chapter: • Discover IPMI Devices • IPMI Configuration (thoroug The Intelligent Platform Management Interface (IPMI) lets you manage the IPMI functions of a remote system.
154 DOMINION SX USER GUIDE IPMI Configuration IPMI configuration lets you manage the IPMI functions of a remote system. These functions include printing FRU information, LAN configuration, sensor readings, and remote chassis power control. 1. Click on the IPMI Configuration section of the IPMI screen to get IPMI configuration information. Figure 92 IPMI Configuration 2. Click on the Help button to get IPMI configuration information, which appears on the IPMI Configuration screen.
CHAPTER 13: INTELLIGENT PLATFORM MANAGEMENT INTERFACE Interfaces: open imb lan Commands: raw i2c response lan chassis power event mc sdr sensor fru sel pef sol tsol over-LAN isol user channel session firewall sunoem picmg fwum Manager shell exec set 3. 4. 5. 6. 7. 8. 155 Linux OpenIPMI Interface [default] Intel IMB Interface IPMI v1.
156 DOMINION SX USER GUIDE
CHAPTER 14: POWER CONTROL 157 Chapter 14: Power Control Power Control lets you manage the power functions. The following topics are covered in this chapter: • Power Control • Associations Power Control • Power Strip Power Control • Power Strip Status Port Power Associations You can associate one or more outlets on a powerstrip connected to the DSX to specific DSX ports. Create a Port Power Association To create a port power association: 1.
158 DOMINION SX USER GUIDE Delete a Port Power Association To delete a port power association: 1. 2. 3. 4. Click the Setup tab, and then click Port Power Association List. Click Add. The Port Power Association screen appears. Select the association in the Outlet Association list. Click Delete. Power Strip Configuration To configure a power strip: 1. Click the Setup tab, and then click Power Strip Configuration. 2. Click Add. The Power Strip Configuration screen appears.
CHAPTER 14: POWER CONTROL 159 Power Association Groups To create a power associations group: 1. Click the Setup tab, and then click Power Association Groups List. 2. Click Add. The Power Association Groups screen appears. Figure 95 Power Association Group Screen 3. Type a name and description in the Group Name and Description fields. 4. Select the number of outlets from the drop-down menu in the Number of Outlets field. 5. Click OK.
160 DOMINION SX USER GUIDE Associations Power Control Click Associations Power Control on the Power Control menu to access the tool to manage power control associations. Figure 97 Associations Power Control Note: When executing power on/off operation, about ~5 seconds are added to the configured sequential interval, resulting in an operational delay time (minimum amount of time to operate).
CHAPTER 14: POWER CONTROL 161 Power Strip Power Control Click Power Strip Power Control on the Power Control menu to access the tool to manage power strips.
162 DOMINION SX USER GUIDE Power Strip Status Click Power Strip Status on the Power Control menu to check power strip status.
CHAPTER 15: POWER CONTROL 163 Chapter 15: Top-10 Use Cases This chapter includes 10 of the mostly common cases to help familiarize users quickly with practical operation on DSX unit. Please note that data entered in the case are created as examples, and could vary upon different situations. Case 1. Upgrading DSX Firmware via Web Browser 1. Purpose: To upgrade DSX firmware version for enhanced features or service patches. 2.
164 DOMINION SX USER GUIDE RSC). The icon on status line will display Write Access (Lock) now, meaning now all users can only view the port connection. 6. Log in the device connected to the port, and try interacting with the device using the RSC panel. 7. Refer to: Get Write Access section in Chapter 7 for details. 8.
CHAPTER 15: POWER CONTROL 165 3. Select Maintenance Æ Factory Reset. You will be prompted to confirm your decision. 4. Do not power off DSX unit as it reboots with default configuration. 5. You will be re-directed to the login page after the unit is rebooted. If you try to log in for the first time after reset, you’ll be advised on the screen that you’re now in the factory default mode, and promoted for changing password after logging in with default username and password. 6.
166 DOMINION SX USER GUIDE Case 10. CLI / SSH Connection to SX Port 1. 2. 3. 4. Purpose: To access SX unit itself and SX ports using text-based command lines. SSH access from a Windows PC a. Launch the SSH client software (such as Plink or PuTTY). b. Enter IP address of DSX server (e.g. 192.168.0.192) and the TCP port if applicable. c. Select SSH (using default configuration port 22), and click the Open button. d.
APPENDIX A: SPECIFICATIONS 167 Appendix A: Specifications This appendix contains sections describing: • DSX models and specifications • Requirements and tested browser requirements • DSX hardware for connecting DSX to common vendor models • DSX Serial RJ-45 pinouts • DB9 and DB25 Nulling Serial Adapter Pinouts • DSX Terminal ports Dominion SX Models and Specifications The following table lists the Dominion SX models by the number of ports (4 – 48) in the unit.
168 DOMINION SX USER GUIDE The following table lists the Dominion SX models, their dimensions, and weight. Table 72 Dominion SX Dimensions and Weight MODEL DSX4 DSXB-4-M DSXB-4-DC DSXB-4-DCM DSX8 DSXA-8 DSXB-8-M DSXB-8-DC DSXB-8-DCM DSX16 DSXA-16 DSXA-16-DC DSXA-16-DL DSXA-16-DLM DSX32 DSXA-32 DSXA-32-AC DSXA-32-DC DSXA-32-DL DSXA-32-DLM DSXA-48 DSXA-48-AC DSXA-48-DC DIMENSIONS (W) x (D) x (H) 11.41"x 10.7"x 1.75"; 290x 270 x 44mm 11.41"x 10.7"x 1.75"; 290x 270 x 44mm 11.41"x 10.7"x 1.
APPENDIX A: SPECIFICATIONS 169 Requirements The following table lists the requirements for the DSX.
170 DOMINION SX USER GUIDE Connectivity The following table lists the necessary Dominion SX hardware (adapters and/or cables) for connecting the DSX to common Vendor/Model combinations.
APPENDIX A: SPECIFICATIONS 171 Dominion SX Serial RJ-45 Pinouts To provide maximum port density and to enable simple UTP (Category 5) cabling, Dominion SX provides its serial connections via compact RJ-45 ports. However, no widely adopted industrystandard exists for sending serial data over RJ-45 connections. The following tables list the RJ-45 pinouts for the RJ-45 connector, which is on the back of the DSX.
172 DOMINION SX USER GUIDE DB9M Nulling Serial Adapter Pinouts Table 78 DB9M Nulling Serial Adapter Pinouts RJ-45 (FEMALE) 1 2 3 4 5 6 7 8 DB9 (MALE) 8 1, 6 2 SHELL 5 3 4 7 DB25F Nulling Serial Adapter Pinouts Table 79 DB25F Nulling Serial Adapter Pinouts RJ-45 (FEMALE) 1 2 3 4 5 6 7 8 DB25 (FEMALE) 5 6, 8 3 1 7 2 20 4 DB25M Nulling Serial Adapter Pinouts Table 80 DB25M Nulling Serial Adapter Pinouts RJ-45 (FEMALE) 1 2 3 4 5 6 7 8 DB25 (MALE) 5 6, 8 3 1 7 2 20 4 Dominion SX Terminal Ports All Dom
APPENDIX A: SPECIFICATIONS 173 serial port. The DSX16 and DSX32 models have only one external DB9M serial port (labeled TERMINAL). Both ports support a VT100 terminal or equivalent (PC running VT100 emulation software, for example, HyperTerminal, or Linux Minicom). Local port access must be enabled and set to the same speed as the managed device for it to work. Local port access can be enabled or disabled from the GUI and the CLI using the lpa command through SSH or Telnet, if it is enabled.
174 DOMINION SX USER GUIDE Dominion SX16 and SX32 Terminal Ports A modem should not be connected to the DSX16 and DSX32 terminal port because the Ring Indicator (RI) signal is not present. These models have a built-in modem that can be enabled or disabled. The modem is disabled by default.
APPENDIX B: SYSTEM DEFAULTS 175 Appendix B: System Defaults This appendix contains the system defaults and directions for port access. Table 84 Dominion SX System Defaults ITEM DEFAULT IP Address 192.168.0.192 Subnet Mask 255.255.255.
176 DOMINION SX USER GUIDE Use the following information for initiating port access: Table 85 Initiating Port Access INITIATE PORT ACCESS USING HTTP HTTPS SSL(S) only SSH Telnet RADIUS LDAP SNMP TACACS+ Notes; For FTP Upgrades For syslog PORTS KEPT OPEN OR CLOSED Ports 80, 443 and 5000 must be kept open in the firewall for the unit to operate. Port 5000 can be configured.
APPENDIX C: CERTIFICATES 177 Appendix C: Certificates This appendix contains sections describing Certificates and Certificate Authority and provides directions about how to: • Install Dominion SX CA Certificate to a Browser Certificate • Install SX Server Certificate for IE Browsers • Install SX Server Certificate for Netscape Navigator • Install a Third Party Root Certificate In Browsers • **Generate a CSR for a Third Party CA to sign. • **Install Third Party Certificate to SX.
178 Install the Dominion SX Server Certificate section that follows.
APPENDIX C: CERTIFICATES 179 Install the Dominion SX Server Certificate In Internet Explorer By installing the Dominion SX Server certificate in IE, you can prevent the Security Alert window from appearing whenever you access the Dominion SX Unit. This step will have to be performed for each SX unit that you wish to access. 1. Launch IE and connect to the Dominion SX unit. 2. The “Security Alert” message will be displayed. Select “Yes”. 3. Type Username and Password when prompted, and log on to the unit.
180 DOMINION SX USER GUIDE Remove an Accepted Certificate In Internet Explorer Removing a certificate that you have previously accepted from the unit is the same process whether removing a Raritan default certificate or a user-installed third-party certificate. 1. Launch IE and on the Tools menu, click Internet Options. The Internet Options window appears. 2. Click the Content tab and click Certificates. The Certificates Manager window appears. 3. 4. 5. 6. 7.
APPENDIX C: CERTIFICATES 181 Accept a Certificate (Session-Based) On initially connecting to a Dominion SX unit will be presented with a certificate warning screen. This certificate by default will be signed by the local SX unit's CA as described above and you will have to accept this certificate to continue. To eliminate the appearance of this window for this Dominion SX unit permanently, you must install the server certificate in your browser.
182 DOMINION SX USER GUIDE 4. Select the Web Sites tab and select the certificate name that is the common name of the IP address of the Dominion SX, and select the Delete button. 5. Click OK on the “Delete Web Site Certificates” window to confirm the deletion of the certificate. On the left side of this window, locate Certificates and click Web Sites. Click OK on the Options Advanced Window. 6. 7.
APPENDIX C: CERTIFICATES 183 Installing a Third-Party Root Certificate to Netscape Navigator 1. On the CA Web site, click on the root certificate link and the New Certificate Authority window will appear. Click Next, and Next in the following screen. 2. The Certificate Fingerprint will appear, providing information about the CA and the root certificate you are downloading. It will look similar to the following window. Record the Signed by information and click Next. 3.
184 3. 4. 5. 6. 7. 8. 9. DOMINION SX USER GUIDE Select the Install User Key radio button. Insert the ftp parameters to retrieve the CA Public key file. Click OK. The SX will show “User Key Installed” at top of pane. Select the Install User Certificate radio button. Fill in the ftp parameters to retrieve the CA signed Certificate. Click OK. The SX will show “User Certificate Installed” at top of pane. Restart the SX device for the settings to take place. Install Client Root Certificate into the SX.
APPENDIX C: CERTIFICATES 185
186 DOMINION SX USER GUIDE
APPENDIX D: SERVER CONFIGURATION 187 Appendix D: Server Configuration This appendix contains sections describing the steps to configure Dominion SX units and authentication servers for the following authentication protocols: • Microsoft Internet Authentication Service (IAS) RADIUS Server • Cisco Access Control Server (ACS) Radius Server • TACACS+ (Terminal Access Controller Access-Control System Plus) Microsoft IAS RADIUS Server The Internet Authentication Service (IAS) is a Microsoft implementation of t
188 DOMINION SX USER GUIDE Create an IAS Policy The following section describes the steps to create a policy to allow Radius users to access the Dominion SX.
APPENDIX D: SERVER CONFIGURATION 189 15. Move the new policy so it appears as the first (top) policy in the Policy List. Note: If required, create a policy to allow dialup access to all users that are members of a group (Windows may already have a default Policy in place to permit access by any user with Dial In enabled, so this new policy would be optional. If you want to use a new Policy, ensure that it appears above the default policy). 16. Ensure that the service is started. 17.
190 DOMINION SX USER GUIDE 11. To add new users and configure RADIUS (IETF) attributes, click User Setup in the left panel of the screen. 12. Type the user’s name and click Add/Edit. 13. To edit existing users, click User Setup in the left panel of the screen and click List All Users. 14. Select a user from the list. 15. Once you have selected a user, on the user properties page, scroll down to the IETF RADIUS Attribute section. 16.
APPENDIX D: SERVER CONFIGURATION 191 TACACS+ Server Configuration The Dominion SX unit has the capability to use Terminal Access Controller Access-Control System Plus (TACACS+) for authentication services. The Dominion SX requires a new service to be added and two argument-value pairs to be returned by the server. The new service is called dominionsx. The valid authorization parameter is user-group. If this user is to have a modem dialback, the valid dialback parameter is userdialback.
192 DOMINION SX USER GUIDE 2. Select Interface Configuration. Figure 101 Cisco ACS Interface Configuration 3. Select TACACS+ (Cisco IOS). 4. Add dominionsx service under the heading New Services.
APPENDIX D: SERVER CONFIGURATION 193 5. When adding or editing a user or group, the dominionsx service will appear under the heading TACACS+ Settings. The service can be enabled per user or per group by selecting the dominionsx and Custom Attributes check boxes. Add the attributes (usertype) and the appropriate values to the text box. Note: The value for the user-group attribute is case sensitive so ensure that it matches exactly the same as the local group name on Dominion SX unit.
194 DOMINION SX USER GUIDE
APPENDIX E: MODEM CONFIGURATION 195 Appendix E: Modem Configuration Client Dial-Up Networking Configuration Configuring Microsoft Windows Dial-Up Networking for use with Dominion SX allows configuration of a PC to reside on the same (Define?)PPP network as the Dominion SX. After the dial-up connection is established, connecting to a Dominion SX is achieved by pointing the web browser to the PPP Server IP.
196 DOMINION SX USER GUIDE The New Phonebook Entry window allows you to configure the details of this connection. Figure 104 New Phone Entry Display 3. Click on the Basic tab and complete the following fields: o Entry name: Name of the Dominion SX connection o Phone number: Phone number of the line attached to the Dominion SX unit o Dial using: Modem being used to connect to Dominion SX; if there is no entry here, there is no modem installed in your workstation 4. Click on the Security tab.
APPENDIX E: MODEM CONFIGURATION 197 6. Click OK to return to the main Dial screen. Figure 105 Dial-Up Security Display 7. Click Dial. See the Windows NT Users Guide if you receive any error message. Windows 2000 Dial-Up Networking Configuration 1. Select Start → Programs → Accessories → Communications → Network and Dial-Up Connections. 2. Double-click on the Make New Connection icon when the Network and Dial-Up Connections window appears. 7. Figure 106 Windows 2000 Network and Dial-Up Connections 3.
198 DOMINION SX USER GUIDE 4. Click the Dial-up to private network radio button and click Next. Figure 107 Network Connection Type 5. Select the check box before the modem that you want to use to connect to the Dominion SX unit and then click Next. Figure 108 Device Selection 6. Type the Area code and Phone number you wish to dial in the appropriate fields. 7. Click on the Country/region code drop-down arrow and select the country or region from the list.
APPENDIX E: MODEM CONFIGURATION 199 8. Click Next. Figure 109 Phone Number to Dial The Connection Availability Screen appears. 1. Click on the Only for myself radio button in the Connection Availability screen. 2. Click Next. Figure 110 Connection Availability The Network Connection has been created 3. Type the name of the Dial-up connection. 4. Click Finish. 5. Click Dial to connect to the remote machine when the Dial Window appears.
200 DOMINION SX USER GUIDE Windows XP Dial-Up Networking Configuration 1. Select Start → Programs → Accessories → Communications → New Connection Wizard. 2. Click Next and follow the steps in the New Connection Wizard to create custom dialup network profiles. 3. Click the Connect to the Internet radio button and click Next. Figure 111 Network Connection Type 4. Click the Set up my connection manually radio button and click Next.
APPENDIX E: MODEM CONFIGURATION 201 5. Click on the radio button before Connect using a dial-up modem and click Next. Figure 113 Internet Connection 6. Type a name to identify this particular connection in the ISP Name field and click Next.
202 DOMINION SX USER GUIDE 7. Type the phone number of this connection in the Phone number field and click Next. Figure 115 Phone Number to Dial 8. Type your ISP information; type the User name and Password in the appropriate fields, and retype the password to confirm it. 9. Click on the checkbox before the appropriate option below the fields and click Next. Figure 116 Internet Account Information 10. Click Finish. 11. Click Dial to connect to the remote machine when the Dial Window appears.
APPENDIX F: TROUBLESHOOTING 203 Appendix F: Troubleshooting The following tables describe problems and suggested solutions for the problems. Page Access Table 86 Troubleshooting Page Access PROBLEM Cannot login – what are factory defaults? (only for Dominion SX units running firmware version 2.5 or higher) SOLUTION username: admin (all lower case) password: raritan (all lower case) Cannot login – non defaults. 1. Check multiple login per user status.
204 PROBLEM Number of Users Exceeded DOMINION SX USER GUIDE SOLUTION The unit has a security measure that allows only a specific number of login pages to be authenticated at any given time. Should this number be reached when attempting to login to the unit, a pop-up window displays indicating that the maximum number of users is exceeded. This is normal behavior for the unit. Wait for a few minutes and attempt to login again. You may need to refresh or your browser to successfully log on.
APPENDIX F: TROUBLESHOOTING 205 Login Table 88 Troubleshooting Login PROBLEM Login Failure SOLUTION To provide additional security, the unit login screen expires after three minutes. Therefore, all login attempts after this time period will fail. Reload the browser to reset this timer. Hold down the SHIFT key and click Reload in your browser. This will refresh the login screen from the unit itself (not from a local cache) and allow login to the unit.
206 DOMINION SX USER GUIDE Upgrade Table 90 Troubleshooting Upgrade PROBLEM FTP - Server Unreachable FTP - File Not Found SOLUTION If FTP server specified in the upgrade panel is unreachable or incorrect, the upgrade process halts until a response is received from the FTP server or until a timeout occurs. Wait and allow the FTP Server Unreachable message to appear. The unit requires a package of upgrade files to be in the directory specified by the upgrade path.
APPENDIX F: TROUBLESHOOTING 255-60-2000-00 207
World Headquarters Raritan Japan European Headquarters Raritan, Inc. 400 Cottontail Lane Somerset, NJ 08873 USA Tel. (732) 764-8886 Fax. (732) 764-8887 Email: sales@raritan.com Web: raritan.com 4th Floor, Shinkawa NS Building 1-26-2 Shinkawa, Chuo-ku, Tokyo 1040033 Tel. (81) 03-3523-5991 Fax. (81) 03-3523-5992 Email: sales@raritan.co.jp Web: raritan.co.jp Raritan America Raritan Osaka 3rd Floor, Osaka Kagaku Sen’l Kaikan Bldg. 4-6-8 Kawara-machi, Chuo-ku, Osaka 541-0048 Tel. (81) 03-3523-5953 Fax.
