Raritan ASMI G4 Module User Manual
Raritan ASMI G4 Module User Manual
Table of Contents Preface .................................................................................................................................................... viii Copyright........................................................................................................................................ viii Document Version.......................................................................................................................... viii Trademarks...........................
Resetting the ASMI module to its Factory Settings.........................................................................17 Using the KiraTool .................................................................................................................17 5. ASMI Module Usage............................................................................................................................18 Prerequisites ...........................................................................................
UNIX and UNIX-like OS ..........................................................................45 MS Windows .............................................................................................45 CD ROM/ISO 9660 Images ................................................................................46 UNIX and UNIX-like OS ..........................................................................46 MS Windows ..........................................................................................
A. Frequently Asked Questions ..............................................................................................................89 B. Glossary................................................................................................................................................91 C. Configuring the RADIUS server .......................................................................................................93 Prerequisites ..........................................................
List of Tables 1-1. Initial Network Configuration ..............................................................................................................1 1-2. Login Settings.......................................................................................................................................2 2-1. Hardware failures .................................................................................................................................5 2-2.
Preface Copyright Copyright 2004-2007 Raritan Corp. All rights reserved. Document Version Version: 1.8 Date: Tuesday, February 27, 2007 Trademarks This publication contains proprietary information which is protected by copyright. No part of this publication may be reproduced, transcribed, stored in a retrieval system, translated into any language or computer language, or transmitted in any form whatsoever without the prior written consent of the publisher, Raritan. Raritan Corp.
Preface About the ASMI G4 Module The ASMI module (ASMI G4) provides remote server management capabilities: you can use the ASMI add-on card to manage and monitor components in your servers. The ASMI G4 offers a comprehensive hardware solution for server management. Limited Warranty The buyer agrees that if this product proves to be defective, Raritan is only obligated to repair or replace this product at Raritan’s discretion according to the terms and conditions of Raritan’s general trading conditions.
Chapter 1. The Quick Start Guide About the Raritan ASMI G4 Remote Management Card Figure 1-1. Front View of the ASMI G4 Module The ASMI G4 add-on card provides remote server management capabilities. You can use the ASMI G4 add-on card to manage and monitor components in your servers through the WAN/LAN. The ASMI G4 add-on card offers a comprehensive hardware solution for server management.
Chapter 1. The Quick Start Guide Table 1-1. Initial Network Configuration Parameter Value IP auto configuration DHCP IP address - Netmask - Gateway - Warning If the DHCP connection fails on boot up, the ASMI module will not have an IP address and will not function on the network. If this initial configuration does not meet your local requirements, adjust the values to your needs. To retrieve the IP address of the ASMI add-on card, you could look into the records on the DHCP server.
Chapter 1. The Quick Start Guide The Remote Console will behave exactly the same way as if you were sitting directly in front of the screen of your remote system. That means that both the keyboard and mouse can be used in the usual way. Open the console by choosing the appropriate link in the navigation frame of the HTML frontend. Figure 1-2 shows the top of the Remote Console. Figure 1-2.
Chapter 2. Introduction General Information The ASMI module is an integrated solution for your server system. Based on an embedded operating system, the ASMI G4 add-on card provides both exceptional stability and permanent availability even when your server is down or powered off. As a system administrator, you can use the ASMI Module to gain location-independent remote access to respond to critical incidents and to undertake necessary maintenance. Figure 2-1.
Chapter 2. Introduction • Sophisticated mouse tracking and synchronization • Local Mouse suppression (only when using SUNs Java Virtual Machine) • Works independently from the remote host OS. You can access the remote host even in its pre-boot phases like POST and BIOS setup ASMI add-on Card System Components The ASMI add-on card is an add-on card with the following dimensions: 70mm (L) x 67.
Chapter 2. Introduction Category Probability CPU fan failure 8% RAM failure 4% Using the ASMI module, administrators can determine which kind of serious hardware failure has occurred (see Table 2-2). Table 2-2. Host system failures and how they are detected Type of failure Detected by Hard disk failure Console screen, CMOS set-up information Power cable detached, power supply failure Server remains in power off state after power on command has been given.
Chapter 3. ASMI Installation Guide About the ASMI Add-On Card The ASMI add-on card redirects local keyboard, mouse and video data to a remote administration console. All data is transmitted using the TCP/IP protocol family. The ASMI add-on card is especially useful in a multi-administrator environment. Figure 3-1.
Chapter 3. ASMI Installation Guide Connecting the Ethernet The ASMI add-on card has a dedicated RJ45 Ethernet connector - this has to be provided by the native system. The connector may be used either as a 100 Mbps 100Base-TX connection or as a 10 Mbps 10BASE-T connection. The adapter can sense the connection speed and will automatically adjust to it. 10 Mbps Connection For 10BASE-T Ethernet networks the Fast Ethernet adapter uses category 3, 4, or 5 UTP cable.
Chapter 4. ASMI G4 Module Configuration Initial Configuration The ASMI module’s communication interfaces are all based on TCP/IP. It comes pre-configured with the IP configuration listed in Table 4-1. Additionally you can do some simple configuration using the serial interface. Table 4-1. Initial network configuration Parameter Value IP auto configuration DHCP IP address - Netmask - Gateway - Warning If the DHCP connection fails on boot up, the ASMI module will not have obtained an IP address.
Chapter 4. ASMI G4 Module Configuration Using the Psetup Tool via Graphical User Interface After invoking psetup a window opens as shown in Figure 4-1 (Windows Version) and Figure 4-2 (Linux Version). Figure 4-1. Psetup Tool (Windows Version) Figure 4-2. Psetup Tool (Linux Version) On startup, the psetup tool automatically auto-detects all ASMI modules in the local host and on the network subnet. The MAC addresses of all detected modules are available as a drop down list.
Chapter 4. ASMI G4 Module Configuration After selecting a device, the "Device Type" should show "Raritan ASMI G4". You may now query the current network settings of that device using "Query Device". In order to change the network settings or to assign a new super-user password, you have to authenticate as the super-user. See the Section called Authentication.
Chapter 4. ASMI G4 Module Configuration Changing the network settings test@teststation:~# /home/test/psetup --mac 00:0D:5D:00:65:78 --ipacp none --ip 192.168.5.55 --gateway 192.168.5.1 --netmask 255.255.255.0 --login super --pw pass Device configured successfully. MAC Address Detection Using the Psetup Tool for Windows The MAC address of the ASMI module is displayed in the top left hand corner. In order to manually detect the MAC address, press "Refresh Devices".
Chapter 4. ASMI G4 Module Configuration New super-user password Enter the new password for the super-user. New password (confirm) Re-type the new password for the super-user. Press the "OK" button to accept the changes and close the window. If you wish to abandon the changes, press the "Cancel" button (on Windows). On a Linux system simply close the window by clicking the required button of the window frame.
Chapter 4. ASMI G4 Module Configuration Mouse and Keyboard Configuration Three Blind Mice, See How They Run... The proper configuration of a remote mouse is somewhat difficult to understand unless you know some underlying concepts. Basically mice transmit their movement using two methods: either absolute or relative mode. Absolute mode means that the mouse transmits absolute co-ordinates to the ASMI module. This is information like: "I am moving to screen co-ordinates X,Y".
Chapter 4. ASMI G4 Module Configuration Auto Mouse Speed and Mouse Synchronization The automatic mouse speed mode performs the speed detection during mouse synchronization. Whenever the mouse does not behave correctly, there are two ways for re-synchronizing local and remote mouse: Fast Sync The fast synchronization is used to correct a temporary but fixed skew. Choose this option from the Remote Console Options menu (entry: Mouse Handling).
Chapter 4. ASMI G4 Module Configuration While the ASMI module works with accelerated mice and is able to synchronize the local with the remote mouse pointer, there are some limitations which may prevent this synchronization from working properly: Special Mouse Driver There are mouse drivers which influence the synchronization process and lead to unsynchronized mouse pointers. If this happens, make sure you do not use a special vendor-specific mouse driver on your host system.
Chapter 4. ASMI G4 Module Configuration SUN Solaris Adjust the mouse settings either via "xset m 1" or use the CDE Control Panel to set the mouse to "1:1, no acceleration". As an alternative you may also use the Single Mouse Mode. MAC OS X We recommend using the Single Mouse Mode. Linux First choose the option "Other Operating Systems" from the Mouse Type selection box. Then choose the option Auto Mouse Speed. This applies to both USB and PS/2 mice.
Chapter 5. ASMI Module Usage Prerequisites The ASMI module features an embedded operating system and applications offering a variety of standardized interfaces. This chapter will describe these interfaces and the way to use them in a more detailed manner. The interfaces are accessed using the TCP/IP protocol family, thus they can be accessed using the built-in Ethernet adapter. The following interfaces are supported: HTTP/HTTPS Full access is provided by the embedded web server.
Chapter 5. ASMI Module Usage In order to access the remote host system using a securely encrypted connection, you need a browser that supports the HTTPS protocol. Strong security is only assured by using a key length of 128 Bit. Some old browsers do not offer a strong 128 Bit encryption algorithm. For security reasons you should use a modern browser that supports proper encryption. Using the Internet Explorer, open the menu entry "?" and "Info" to find out about the key length that is currently activated.
Chapter 5. ASMI Module Usage Figure 5-2. Login screen Note: Your web browser has to accept cookies or else login is not possible. The ASMI module has a built-in super-user that has all the permissions to administrate your ASMI module. See the following table for the default settings. Table 5-1. Default User Settings Parameter Value Login super Password pass Navigation After a successful login to the ASMI module, the main page of the ASMI module appears (see Figure 5-3).
Chapter 5. ASMI Module Usage Figure 5-3. Main Page Table 5-2. Front End Buttons Return to the main page of the ASMI module. Open the ASMI module Remote Console. Exit from the ASMI module front end. Logging out of the ASMI module This link logs out the current user and presents a new login screen. Please note that an automatic logout will be performed in case there is no activity for half an hour.
Chapter 5. ASMI Module Usage Note: If there is no activity for half an hour, the ASMI module will log you out from the Web session automatically. A click on one of the links will bring you back to the login screen. If there is a KVM session active, the Web session will not expire. The Remote Console General Description The Remote Console is the redirected screen, keyboard and mouse of the remote host system that is controlled by the ASMI module. Figure 5-4.
Chapter 5. ASMI Module Usage very unlikely to be able to establish a connection. This is because today’s web proxies are not capable of relaying this KVM protocol. In case of problems, please consult your network administrator in order to provide a working network environment. Main Window Starting the Remote Console opens an additional window. It displays the screen content of your remote host system.
Chapter 5. ASMI Module Usage Warning Please note that some of these options are only visible and usable when you have selected the operating system type "Other Operating Systems". Drive Redirection Opens the virtual media Drive Redirection menu for the Remote Console. Figure 5-6. Remote Console Applet Drive Redirection Menu This menu allows you to select a local drive you wish to redirect (only available under Windows): Figure 5-7.
Chapter 5. ASMI Module Usage Figure 5-8. Successful Redirection of a Local Drive This menu shows you an established drive redirection (the second drive is not redirected): Sync Mouse Choose this option in order to synchronize the local with the remote mouse cursor. This is especially necessary when using accelerated mouse settings on the host system. In general, there is no need to change mouse settings there.
Chapter 5. ASMI Module Usage Remote Console Options To open the Options menu click on the button "Options". Figure 5-9. Remote Console Options Menu A description of the options follows. Monitor Only Toggles the Monitor Only filter on or off. If the filter is switched on no remote console interaction is possible. The remote screen can be viewed, only. Mouse and keyboard inputs are ignored.
Chapter 5. ASMI Module Usage Scaling Allows you to scale down the Remote Console. You can still use both mouse and keyboard, however the scaling algorithm will not preserve all display details. Figure 5-10. Remote Console Options Menu: Scaling Mouse Handling Note: This menu is only available when you have selected the option "Other Operating System".
Chapter 5. ASMI Module Usage • Intelligent Sync Use this option if the fast sync does not work or the mouse settings have been changed on the remote host system. Local Cursor Offers a list of different cursor shapes to choose from for the local mouse pointer. The selected shape will be saved for the current user and activated the next time this user opens the Remote Console. The number of available shapes depends on the Java Virtual Machine, a version of 1.2 or higher offers the full list. Figure 5-12.
Chapter 5. ASMI Module Usage Soft Keyboard The Soft Keyboard simulates an entire keyboard that is connected to the remote system. It is necessary in case your remote system runs with a completely different language and country mapping to your administration machine. By selecting the appropriate button(s) you can send key codes and also key sequences to the remote system and act as if you would work with a keyboard that is directly connected to the remote system.
Chapter 5. ASMI Module Usage Figure 5-15. Soft Keyboard Mapping Local Keyboard Used to change the language mapping of your browser machine running the Remote Console Applet. Normally, the applet determines the correct value for this automatically. However, depending on your particular JVM and your browser settings this is not always possible. A typical example is a German localized system that uses a US-English keyboard mapping.
Chapter 5. ASMI Module Usage Hotkeys Opens a list of previously defined hotkeys. In order to send a pre-defined command to the host system simply choose the appropriate entry. A confirmation dialog will be displayed before sending the selected command to the remote host. Choose "OK" to perform the command on the remote host. For a detailed description see the Section called Remote Console Button Keys in Chapter 6. Figure 5-17.
Chapter 5. ASMI Module Usage Figure 5-18. Remote Console Options: Encoding compression The next two options allow you to set the compression level to a predefined level OR to set a level for "lossy" compression. This compresses well, but leads to a degradation in image quality. Figure 5-19.
Chapter 5. ASMI Module Usage Figure 5-20. Remote Console Options: Lossy Compression • Color Depth: set the desired color depth. You may select between 8 or 16 bit for compression level 0 or between 1 and 8 bit for compression levels 1 to 9. The higher the color depth, the more video information has to be captured and to be transmitted. Figure 5-21. Remote Console Options: Color Depth Remote Console Status Line The status line shows both console and the connection state.
Chapter 5. ASMI Module Usage Remote Console. "Norm" means a standard connection without encryption, "SSL" indicates a secure connection using the Secure Socket Layer (SSL). Figure 5-22. Status line The status line displays the number of frame buffer updates ("Fps") per second as well as the incoming ("In:") and the outgoing ("Out:") network traffic in KB per second. A low value of the network traffic is recommended and can be achieved as described in the Section called Optimizing the Video Picture.
Chapter 5. ASMI Module Usage the Section called Remote Console Control Bar. Optimizing the Video Picture The ASMI module detects the video mode with 8 bits (256 colors) automatically. To improve the picture quality you may select 16 bit (True Color) from the Options Menu of the Remote Console, sub menu "Encoding", entry "Color Depth" (see the Section called Encoding for details).
Chapter 6. Menu Options Remote Control KVM Console Figure 6-1. KVM Console Remote Console Preview You can open the KVM console by clicking either on the menu entry on the left or on the console picture on the right. If you need to refresh the picture click on the "Refresh" button.
Chapter 6. Menu Options Remote Power Figure 6-2. Remote Control via IPMI On this screen you will find buttons which allow you to power cycle or reset the remote server. This does not affect the ASMI module! In order to control the ASMI module please consult the section under "Device Settings".
Chapter 6. Menu Options Virtual Media Floppy Disk Figure 6-3. Virtual Floppy Area Dual Floppies As you can tell from the previous screen, you can actually redirect two virtual floppies using the pop-up.
Chapter 6. Menu Options Figure 6-4. Two Virtual Floppies Upload a Floppy Image With two small working steps a (floppy) image can be uploaded. 1. Specify the path of the images. You can pecify up to two images. You can do that either manually or by using the file selection dialog of your web browser. To open the file selection dialog click on the button "Browse" and select the desired image file. Figure 6-5. Select Image File The maximum image size is limited to 1.44MB.
Chapter 6. Menu Options Drive Redirection The Drive Redirection is another possibility to use a local disc drive on the remote computer. With Drive Redirection you do not have to use an image file but may work with a drive from your local computer on the remote machine. The drive is then shared over the TCP/IP network connection. Local devices such as floppy drives, hard discs, CD ROMs and other removable devices like USB sticks can be redirected.
Chapter 6. Menu Options Drive Redirection Options As shown in Figure 6-6 the following options may be enabled: Disable Drive Redirection If enabled the Drive Redirection is switched off. Force read-only connections If enabled the Write Support for the Drive Redirection is switched off. It is not possible to write to the redirected device. Click "Apply" to submit your changes.
Chapter 6. Menu Options Specify the parameters of the network connection (see Figure 6-7). Device This is the address (either the DNS name or the IP address) of the ASMI module you would like to connect to. Port This is the network port. By default the ASMI module uses the remote console port (#443) here. You need to change this value if you have changed the remote console port in your ASMI module’s network settings. Secure Connection Enable this box to establish a secure connection via SSL.
Chapter 6. Menu Options Select the drive you would like to redirect. All available devices (drive letters) are shown here. Please note that the whole drive is shared with the remote computer, not only one partition. If you have a hard disc with more than one partition all drive letters that belong to this disc will be redirected. The Refresh button may be used to regenerate the list of drive letters, especially for a USB stick. Write Support Figure 6-9.
Chapter 6. Menu Options Device Authentication Figure 6-10. Device Authentication You have to authenticate on the ASMI module using a valid username and password in order to use Drive Redirection. You also need permission to change the virtual disc configuration. Navigation Buttons Connect/Disconnect To establish the drive redirection press the "Connect" button once. If all the settings are correct the status bar shows that the connection has been established.
Chapter 6. Menu Options Exit/Hide When the "Exit" button is pressed, the Drive Redirection software is closed. If a Drive Redirection connection is active, the connection will be properly closed before the application terminates. Using the "Hide to Tray" button the application is hidden, but not terminated completely. This means that an active connection will be kept alive until it is explicitly closed. You can access the software by clicking its tray icon.
Chapter 6. Menu Options Figure 6-12. RawWrite for Windows selection dialog Select the tab "Read" from the menu. Enter (or choose) the name of the file in which you would like to save the floppy content. Click on the button "Copy" to initiate the image creation process. For related tools you may have a look at the homepage of the fdos project (http://www.fdos.org/ripcord/rawrite/). CD ROM/ISO 9660 Images UNIX and UNIX-like OS To create an image file make use of "dd".
Chapter 6. Menu Options MS Windows Create the image file using your favorite CD imaging tool to copy the whole contents of the disc into one single ISO image file on your harddisk. For example with "Nero" you choose "Copy and Backup". Then, navigate to the "Copy Disc" section. Select the CD ROM or DVD drive you would like to create an ISO image from. Specify the filename of the ISO image and save the CD ROM content in that file. Figure 6-13.
Chapter 6. Menu Options Chassis Control Figure 6-14.
Chapter 6. Menu Options Monitor Sensors Figure 6-15. Monitoring Remote Sensors Screen 1 On this screen you can see some of the remote hosts sensors and their values or state.
Chapter 6. Menu Options Figure 6-16.
Chapter 6. Menu Options System Event Log Figure 6-17. System Event Log Screen 1 You can browse the System Event Logs here. Note: these logs are for IPMI events. These are different to the ASMI module’s own system logs.
Chapter 6. Menu Options Figure 6-18. System Event Log Screen 2 User Management The ASMI module comes with a pre-configured user account for the administrator also referred as the super-user. The super-user has the default login name "super" and a fixed set of permissions. This user has all possible rights needed to configure the device and to access all of the functions of the ASMI module. Upon delivery of the ASMI module the account for the super-user "super" has the password "pass".
Chapter 6. Menu Options Note: Even acting as the super-user you cannot delete any of the pre-defined groups. You may create and delete other groups as you wish. Change Password Figure 6-19. Set password Change your password by entering the new password in the upper entry field. Retype the password in the field below in order to confirm it. Click "Apply" to submit your changes.
Chapter 6. Menu Options Users And Groups Figure 6-20. Set User List of Available Options A full list of available options follows. This list can only be seen by the super-user. Existing users Select an existing user for modification. Once a user has been selected, click the "Lookup" button to see the user information. New User Name The new user login name for the account currently selected or being created.
Chapter 6. Menu Options Password The password for the login name. It must be at least four characters long. Confirm password Confirmation of the password above. Email address This is optional. Mobile number This information may be optionally provided. User Group Each user can be a member of one group. This can be one of the built-in groups or a newly created one. A group defines a set of privilege levels (see there) for the user.
Chapter 6. Menu Options Permissions Figure 6-21. Set Permissions Only one permission set per user is allowed. Either the user inherits permissions from his/her group or if the user does not belong to a group, the permissions can be set individually for this user. This page allows you to set these permissions for each group or group-less user. First select the item (group or group-less user) from the drop-down lists. All changes you make then affect the permission set of the selected entity.
Chapter 6. Menu Options Each entry allows or denies the usage of a certain functionality. The fields labelled "RC Settings" pertain to the settings of the Remote Console. KVM Settings User Console The following settings are user specific. That means the super-user can customize these settings for every user. Changing the settings for one user does not affect the settings of other users. Figure 6-22.
Chapter 6. Menu Options Transmission Encoding The Transmission Encoding setting allows changing the image-encoding algorithm that is used to transmit the video data to the Remote Console window. It is possible to optimize the speed of the remote screen depending on the number of users working at the same time and the bandwidth of the network connection (Modem, ISDN, DSL, LAN, etc.).
Chapter 6. Menu Options Figure 6-23. User Console Settings (Part 2) Remote Console Type Specifies which Remote Console Viewer to use. Default Java Virtual Machine (JVM) Uses the default JVM of your web browser. This may be the Microsoft JVM for the Internet Explorer or the Sun JVM if it is configured this way. Use of the Sun JVM may also be forced (see below). Sun Microsystems Java Browser Plugin Instructs the web browser of your administration system to use the JVM of Sun Microsystems.
Chapter 6. Menu Options However, in order to make the installation possible you still have to answer the required dialogs with "yes". The download volume is around 11 Mbytes. The advantage of downloading Sun’s JVM is the usage of a stable and identical JVM across different platforms. The Remote Console software is optimized for this JVM version and offers a wider range of functionality when run in SUN’s JVM.
Chapter 6. Menu Options The "keycode" is the key to be sent. Multiple key codes can be concatenated with either a plus, a minus, or an ">" sign. The plus sign builds key combinations - all the keys will be pressed until a minus sign or the end of the combination is encountered. In this case all pressed keys will be released in reversed sequence. So, the minus sign builds single, separate keypresses and keyreleases. The ">" sign releases the last key only.
Chapter 6. Menu Options Key Release Timeout This is an important option if you are accessing the ASMI module over a slow or congested network. In such a situation you transmit a network packet containing the key PRESS to the ASMI module. When you release the key, then the ASMI module will receive a corresponding RELEASE packet. When the network is slow then it take too long for the RELEASE packet to arrive.
Chapter 6. Menu Options Figure 6-25. Network Settings Warning The initial IP configuration is usually done directly on the host system using the special procedure described in Table 4-1 in Chapter 4. Warning Changing the network settings of the ASMI module might result in losing the connection to it. In case you change the settings remotely make sure that all the values are correct and you still have a way to access the ASMI module.
Chapter 6. Menu Options Basic Network Settings IP auto configuration With this option you can define whether the ASMI module should fetch its network settings from a DHCP or BOOTP server. For DHCP select "dhcp" and for BOOTP select "bootp" accordingly. If you choose "none" then IP auto configuration is disabled. In this case the IP address and netmask have to be configured manually. If necessary, gateway and DNS server IP addresses have to be set as well.
Chapter 6. Menu Options SSH port Port number at which the ASMI module’s SSH (Secure Shell) server is listening. If left empty the default value (port 22) will be used. Bandwidth Limit The maximum network traffic generated through the ASMI module Ethernet device. Value in Kbit/s. Enable Telnet This enables the Telnet client mode. Enable SSH This enables the SSH (Secure Shell) client mode. Disable Setup Protocol Enable this option to exclude the ASMI module from the setup protocol.
Chapter 6. Menu Options Dynamic DNS Figure 6-26. Dynamic DNS A freely available Dynamic DNS service (dyndns.
Chapter 6. Menu Options Figure 6-27. Dynamic DNS Scenario The ASMI module is reachable via the IP address of the DSL router which is dynamically assigned by the provider. Since the administrator does not know the IP address assigned by the provider, the ASMI module connects to a special dynamic DNS server in regular intervals and registers its IP address there. The administrator may contact this server as well and pick up the same IP address belonging to his card.
Chapter 6. Menu Options the abbreviated hostname. Username You have registered this username during your manual registration with the Dynamic DNS Server. Spaces are not allowed in the Nickname. Password You have used this password during your manual registration with the Dynamic DNS Server. Check time The ASMI module card registers itself with the Dynamic DNS server at this time. Check interval This is the report interval to the Dynamic DNS server by the ASMI module.
Chapter 6. Menu Options Security Figure 6-28. Device Security KVM Encryption If this option is enabled, access to the web front-end is only possible using a HTTPS connection. The ASMI module will not listen on the HTTP port for incoming connections. In case you want to create your own SSL certificate that is used to identify the ASMI module refer to the Section called Certificate. KVM Encryption This option controls the encryption of the KVM protocol.
Chapter 6. Menu Options IP Access Control This section contains settings for the ASMI module’s built-in firewall. The firewall can be enabled or disabled. When enabled the firewall allows you to explicitly block or allow connections from certain client IP addresses. If the default policy is set to DROP, a list of IP addresses or address ranges can be configured to be exceptionally ACCEPTed.
Chapter 6. Menu Options Certificate Figure 6-29. Certificate Settings The ASMI module uses the Secure Socket Layer (SSL) protocol for any encrypted network traffic between itself and a connected client. During the connection establishment the ASMI module has to expose its identity to a client using a cryptographic certificate.
Chapter 6. Menu Options 1. Create a SSL Certificate Signing Request using the panel shown in Figure 6-29. You need to fill out a number of fields that are explained below. Once this is done, click on the button "Create" which will initiate the Certificate Signing Request generation. The CSR can be downloaded to your administration machine with the "Download CSR" button (see Figure 6-30). 2. Send the saved CSR to a CA for certification.
Chapter 6. Menu Options Common name This is the network name of the ASMI module once it is installed in the user’s network (usually the fully qualified domain name). It is identical to the name that is used to access the ASMI module with a web browser but without the prefix "http://". In case the name given here and the actual network name differ, the browser will pop up a security warning when the ASMI module is accessed using HTTPS.
Chapter 6. Menu Options Date And Time Figure 6-31. Date and Time This link refers to a page where the internal realtime clock of the ASMI module can be set up (see Figure 6-31). You have the possibility to adjust the clock manually or to use an NTP time server. Without a time server your time setting will not be persistent, so you have to adjust it again after the ASMI module loses power for more than a few minutes.
Chapter 6. Menu Options Authentication Settings Figure 6-32. LDAP and other Authentication Settings On this screen you can specify where the ASMI module will look in order to authenticate the users. You can either use "Local Authentication", this means you need to have created the user account on the ASMI module and the user/group information residing on the ASMI module will be used for authentication. The other options allow you to specify an LDAP or RADIUS Server to use for the login authentication.
Chapter 6. Menu Options on the ASMI module before this user can login via LDAP. Also, all privilege configurations have to be done within the ASMI user management (see the Section called User Management). In order to configure the LDAP access, you can set the following options: • User LDAP Server: Here you should enter the name or IP address of the LDAP server containing the user entries. If you choose a name instead of an IP address you need to configure a DNS server in the network settings e.g.: 192.168.
Chapter 6. Menu Options Remote Console. If there is no activity for half an hour your connection to the ASMI module will be terminated and closed. • Server: enter either the IP address or the hostname of the RADIUS Server to connect to. If you use the hostname DNS has to be configured and enabled. • Shared Secret: a shared secret is a text string that serves as a password between the RADIUS client and RADIUS server. In this case the ASMI module acts as a RADIUS client.
Chapter 6. Menu Options Event Log Figure 6-33. Event Log Screen Part 1 ASMI internal events (like a login failure or a firmware update) are logged to a selection of logging destinations (see Figure 6-33 and Figure 6-34). Each of those events belong to an event group which can be activated separately. For a detailed specification of the existing event groups and the log events belonging to them, use the "help" link in the HTML frontend.
Chapter 6. Menu Options Figure 6-34. Event Log Screen Part 2 The common way to log events is to use the internal log list of the ASMI module. To show the log list click on the item "Event Log" from the section "Maintenance". In the Event Log Settings you can choose how many log entries are shown on each page. You can also clear the log file here. Event Log Targets List logging enabled If you wish to log events you may use the internal log list of the ASMI module.
Chapter 6. Menu Options Warning If the reset button on the HTML frontend is used to restart the ASMI module, all logging information is saved permanently and is available after the ASMI module has been started. If the ASMI module loses power or a hard reset is performed all logging data will be lost. In order to avoid this use one of the log methods described below.
Chapter 6. Menu Options SNMP Figure 6-35.
Chapter 6. Menu Options The following events are reported by the ASMI module via SNMP: • Login attempt to the ASMI module failed. • Login attempt to the ASMI module succeeded. • Denying access to a particular action. • Server was reset. • Server was powered on/off. The SNMP settings panel as shown in Figure 6-35 is described below. It allows you to change SNMP related parameters. Enable SNMP Agent If this option is checked the ASMI module will reply to SNMP requests.
Chapter 6. Menu Options Maintenance Device Information Figure 6-36. Device Information This section contains a summary of various information about this ASMI module and its current firmware and allows you to reset the card. You may have a look at Figure 6-36 for an example. The data file for support allows you to download the ASMI module data file with specific support information. This is an XML file with specifically customized support information like the serial number etc.
Chapter 6. Menu Options Figure 6-37. Connected Users Figure 6-37 displays the ASMI module activity. From left to right the connected user(s), its IP address (from which host the user comes from) and their activity status is displayed. "RC" indicates that the Remote Console is open. If the Remote Console is opened in "exclusive mode" the term "(exclusive)" is added. For more information about this option see the Section called Remote Console Control Bar in Chapter 5.
Chapter 6. Menu Options Event Log Figure 6-38. Event Log List Figure 6-38 displays the Event Log list. It includes the events that are kept by the ASMI module extended by the event date, a short event description and the IP address that the request was sent from. You may use the text buttons "Prev" and "Next" to browse within the data. The button "Prev" displays the previous page with older log information whereas the button "Next" switches to the following page with newer log information.
Chapter 6. Menu Options Update Firmware Figure 6-39. Update Firmware The ASMI module is a complete standalone computer. The software it runs is called the firmware. The firmware of the ASMI module can be updated remotely in order to install new functionality, bug fixes or special features. New releases of the ASMI G4 module firmware are available from http://support.raritan.com by searching for Raritan ASMI G4 Module. If the firmware file is a compressed file with suffix .
Chapter 6. Menu Options file and whether there were any transmission errors. In case of any error the Upload Firmware function will be aborted and the current firmware is left in place. No update will take place. 2. Then, if everything in step 1 went well, you will see the Update Firmware panel. The panel shows you the version number of the currently running firmware and the version number of the newly uploaded firmware.
Chapter 6. Menu Options Unit Reset Figure 6-40. Unit Reset This section allows you to reset specific parts of the device. This involves the both keyboard and mouse, the video engine and the ASMI module itself. Resetting the card itself is mainly needed to activate a newly updated firmware. It will close all current connections to the administration console and to the Remote Console. The whole process takes about half a minute. Resetting subdevices (e.g.
Appendix A. Frequently Asked Questions 1. The mouse does not react correctly in the applet screen. The mouse is not in sync with the mouse of the host. Navigate your mouse pointer into the upper left corner of the applet screen and move it slightly forth and back. Thus the mouse will be resynchronized. If resynchronizing fails, disable the mouse acceleration and repeat the procedure. 2. I have a crazy mouse. Verify your mouse settings. Disable the mouse acceleration.
Appendix A. Frequently Asked Questions 8. The ASMI G4 module web pages are not displayed correctly. Check your browser’s cache settings. Make sure the cache settings are not set to something like "never check for newer pages". Otherwise the ASMI G4 module pages may be loaded from your browser cache and not from the card. 9. Windows XP does not awake from standby mode. This is possibly a Windows XP problem. Try not to move the mouse pointer while XP switches into standby mode. 10.
Appendix B. Glossary ACPI Advanced Configuration and Power Interface A specification that enables the operating system to implement power management and system configuration. ATX Advanced Technology Extended A particular specification that covers the style of motherboards and enclosure introduced by Raritan in 1995. DHCP Dynamic Host Configuration Protocol A protocol for dynamically assigning IP configurations to host names, especially used in a local network.
Appendix B. Glossary PS/2 Personal System/2 IBM’s second generation of personal computers, which was released to the public in 1987. Today, PS/2 is known as a device interface for mouse and keyboard. SNMP Simple Network Management Protocol A widely used network monitoring and control protocol. SSH Secure Shell An encrypted network protocol providing a secure replacement for Telnet. SSL Secure Socket Layer An encryption technology for the Internet used to provide secured data transmissions.
Appendix C. Configuring the RADIUS server This appendix describes the necessary steps to configure a RADIUS server in order to be able to use remote authentication on the ASMI G4 module. This is shown for a Windows 2003 Server Standard Edition system with Active Directory enabled. Prerequisites 1. Please check if Active Directory is enabled. If not, got to Start -> Run and type "dcpromo" to enable Active Directory function. Follow the instructions to enable AD. 2.
Appendix C. Configuring the RADIUS server Type the share secret that will be used between this RADIUS server and ASMI module. (Note: please memorize this secret, as the same secret will be requested for the configuration of RADIUS function on ASMI module). Select Finish after this is done. A new RADIUS client will now be shown on the display window. Setup a custom remote access policy This step explicitly allows the group configured above to login remotely.
Appendix D. Key Codes Table D-1 shows the key codes used to define the key strokes or hotkeys for several functions. Please note that these key codes do not necessarily represent the key characters that are used on international keyboards. A key on a standard 104 key PC keyboard with a US English language mapping is named. The layout for this keyboard is shown in Figure D-1.
Appendix D.
Appendix D.
Appendix E. Specifications Sizes and Weight Table E-1. ASMI G4 Specification Attribute Value Height 13mm Width 173.4mm Depth 64.4mm Weight 110g (w/o replicator cable) Power Consumption up to 1A Environment Temperature Table E-2. Temperature Attribute Value Operating Temperature Range 0 degree C to 55 degree C (32 degree F to 131 degree F) Storage Temperature Range -18 degree C to 70 degree C (-0.4 degree F to 158 degree F) Humidity Range Table E-3.
Appendix F. Raritan Corp. Warranty Information Limited Warranty Raritan Corp. manufactures its hardware products from parts and components that are new or equivalent to new in accordance with industry-standard practices. Raritan warrants that the hardware products including the firmware will be free from defects in materials and workmanship under normal use. Any implied warranties on the Raritan firmware and hardware are limited to 24 months, respectively, beginning on the date of invoice.
Appendix F. Raritan Corp. Warranty Information inability to use this product, even if Raritan has been advised of the possibility of such damages. In any case, Raritan’s entire liability under any provision of this agreement shall be limited to the amount actually paid by you for the firmware and/or hardware. Because some states/jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.
Appendix G. GNU General Public License (GPL) Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA Everyone is permitted to copy and distribute verbatim copies of this license document, but changing it is not allowed. Preamble The licenses for most software are designed to take away your freedom to share and change it.
Appendix G. GNU General Public License (GPL) Activities other than copying, distribution and modification are not covered by this License; they are outside its scope. The act of running the Program is not restricted, and the output from the Program is covered only if its contents constitute a work based on the Program (independent of having been made by running the Program). Whether that is true depends on what the Program does. 1.
Appendix G. GNU General Public License (GPL) a. Accompany it with the complete corresponding machine-readable source code, which must be distributed under the terms of Sections 1 and 2 above on a medium customarily used for software interchange; or, b.
Appendix G. GNU General Public License (GPL) If any portion of this section is held invalid or unenforceable under any particular circumstance, the balance of the section is intended to apply and the section as a whole is intended to apply in other circumstances.
Appendix G. GNU General Public License (GPL) BUT NOT LIMITED TO LOSS OF DATA OR DATA BEING RENDERED INACCURATE OR LOSSES SUSTAINED BY YOU OR THIRD PARTIES OR A FAILURE OF THE PROGRAM TO OPERATE WITH ANY OTHER PROGRAMS), EVEN IF SUCH HOLDER OR OTHER PARTY HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES.
Appendix H. The OpenLDAP Public License Version 2.8, 17 August 2003 Redistribution and use of this software and associated documentation ("Software"), with or without modification, are permitted provided that the following conditions are met: 1. Redistributions in source form must retain copyright statements and notices, 2.