Avocent Cyclades ACS5048 User's Guide

CYCLADES®ACS 5000Installation/Administration/User Guide

Figure 1.2: ACS5000 Console Server ConnectorsNOTE: The number of serial ports and power supplies depends on the model.Number Description1Power connec

form to view who is logged into each port and the processes they are running. Open sessionsare displayed with their identification and statistical dat

Configuring authentication for console server loginsThe default authentication method for the console server is Local. You can either accept thedefaul

To configure a RADIUS authentication server:Perform the following procedure to configure a RADIUS authentication server when theconsole server or any

5. To specify a number of times the user can request authentication verification from theserver before sending an authentication failure message to th

• An account for admin.• If LDAP authentication is specified for the console server, accounts for all users who needto log in to the console server to

• Realm name and KDC address• Host name and IP address for the Kerberos serverAlso, work with the Kerberos server’s administrator to ensure that follo

9. Fill in the form according to your local setup of the Kerberos server.10. Click apply changes.To configure a NIS authentication server:Perform the

Custom security profileThe Custom Security Profile opens up a dialog box to allow custom configuration of individualprotocols or services.NOTE: By def

Other Services Secure Moderate Open DefaultSNMP N/A N/A Yes N/ARPC N/A N/A Yes N/AICMP N/A Yes Yes YesFTP N/A N/A N/A N/AIPSec N/A N/A N/A N/ATable 8.

• If you reconfigure the security profile and restart the web manager, you need to make surethe serial ports protocols and access methods match the se

• Connecting a server running a terminal emulation program enables an administrator to loginto the console server and either enter commands in the con

User configured digital certificateYou can generate a self-signed digital certificate. The procedures to configure a self-signeddigital certificate is

Ports Menu and Forms9103Physical PortsBy selecting Ports - Physical Ports in Expert mode, you can enable or disable ports andconfigure parameters for

4. Click apply changes.General formUnder Ports - Physical Ports in Expert Mode, if you select one or more ports from the ports listand click the Modif

Protocol Name ResultConsole (TelnetSSH)Authorized users can use Telnet and/or SSH to connect to theconsole of the connected device simultaneously. Whe

Protocol Name ResultSSHv2Dedicates a server terminal connected to the selected serial port toaccess a server using the SSHv2 protocol. When the attach

Modem and power management connection protocolsThe following table shows the connection protocols for modems or IPDUs connected to theserialports.Pro

To configure a serial port connection protocol for a Bidirectional Telnet:The following procedure assumes that the selected serial port is physically

2. Click the General tab. The General form appears with the number(s) of the selected port(s)next to the Done button at the bottom of the form and the

5. To further configure the serial port’s connection protocol:• For user access and authentication methods, see Access on page 112.• To configure mode

8. When finished, click Done.9. Click apply changes.To associate an alias to a serial port:An alias can be associated to a port when it is individuall

• A web manager user account must be defined. The admin has an account by default, andcan add regular-user accounts to grant access to the connected s

AccessUnder Ports - Physical Ports in Expert Mode, select one or more serial ports and click ModifyPort(s). Select Access form from the tabbed menu. T

2. Click the Access tab. The Access form appears.3. To restrict access to one or more users or to a group of users, enter previously defined useror gr

Authentication Type DefinitionNISDownLocal Local authentication is performed only when the NIS server is down.Radius Authentication is performed using

Field Name DefinitionDestination Location for the data files. Either Local or Remote.Mode (Local Destination)Willbe either circular or linear. In circ

Field Name DefinitionTimeout (seconds)Amount of time in seconds that the console server will try to discover thehostname. If it cannot be identified i

12. Click the radio button next to one of the following options:a. Buffer Syslog at all timesb. Buffer only when no user is connected to the port13. C

Menu Option DescriptionYes (show menu)More than two simultaneous users can connect to the same serialport.A Sniffer menu is presented to the user and

be available if there is at least one port configured as Power Mgmt or there is at least one IPMIserver configured). The Power Management form appears

Field Name DefinitionNew User/Group(available only if AllowUsers/Groups radio button isselected)Entry field to add a new user/group.Allowed Users/Grou

8. Click apply changes.NOTE: If you wish to configure IPMI power management on this port, continue to the IPMI configuration procedurebelow.To configu

Authentication Type DefinitionNone No authentication.DSView Authentication is performed with a DSView®3 server.DSView/Local DSView management software

The Other form appears.You can use this form to configure other settings. The options on this form may be lesscommon settings. The following table des

4. To change the port number for the serial port, enter another number in the TCP Port field.5. To assign a name to the port’s IP address, enter an al

10. For a dedicated terminal, enter the IP address of the desired host in the Host to Connectfield.11. Enter the type of terminal in the Terminal Type

Field Name DefinitionRemote IP The IP address of the slave.First Remote TCP Port Number The first TCP port number of the slave. The default is 7001.Pr

Ports StatusThe information in the following table is available in Ports - Ports Status in read-only form. Allusers have access to this form. The info

Expert - Ports - Hostname DiscoveryAn administrator can use the Expert - Ports - Hostname Discovery screen to configure lists ofprobe and answer strin

128 Cyclades®ACS5000 Installation/Administration/User Guide

Administration Menu and Forms10129System InformationSelecting Administration - System information in Expert mode displays a form containinginformation

Information ParametersMemory InformationMemTotalMemFreeBuffersCachedSwapCachedActiveInactiveHighTotalHighFreeLowTotalLowFreeSwapTotalSwapFreeDirtyWrit

Field Name DefinitionNotification Alarm for Data Buffering Enable by placing a checkmark in this field[unlabeled view table] List of alarm types and t

IPv6The console server is compliant with IPv4, IPv6 and dual stack protocols so that you canenable IPv4 only, IPv6 only or both protocols, with suppor

To configure a trigger for email notification for serial ports:1. Go to Administration - Notifications in Expert mode and select Email from the pull-d

To configure a trigger for pager notification for serial ports:1. Go to Administration - Notifications in Expert mode and select Pager from the pull-d

Field name DefinitionTrap NumberThe trap type as defined in the MIB. The choices are:Cold StartWarm StartLink DownLink UpAuthentication FailureEGP Nei

Serial ports alarm notificationYou can configure the notification entry form to monitor the DCD signal so that the systemwill generate an alarm in any

To configure time and date using an NTP server:NTP is disabled by default.1. Go to Administration - Time/Date in Expert mode. The Time/Date form displ

6. Click apply changes.Boot ConfigurationBoot configuration defines the location from which the console server loads the operatingsystem. The console

Field Name DefinitionFast EthernetThe speed of the Ethernet connection. Select the appropriate Ethernet setting ifyou need to change the Auto Negotiat

Backup ConfigurationSelecting Administration - Backup Config in Expert mode displays the Backup Configurationform.NOTE: Use an FTP server to save and

Upgrade FirmwareSelecting Administration - Upgrade Firmware in Expert mode displays the Upgrade Firmwareform. You can use this form to configure an a

RebootSelecting Administration - Reboot in Expert mode brings up a simple form containing only aReboot button. Clicking the Reboot button reboots the

• The view table of the Firewall Configuration form containing a list of chains.• The chains which contain the rules controlling filtering.ChainA chai

To configure the local online help path:1. Extract the files using the appropriate unzip utility for your O/S and put them into thedesired directory u

143Appendix A: Technical SpecificationsHardwareCPU MPC855T (PowerPC Dual-CPU)Memory 128MB DIMM SDRAM min./ 16MB Compact Flash min.Interfaces1 Ethernet

HardwareSafety and EMCStandards Approvals andMarkingsFCC Part 15, AICES-003C-TickVCCI Class AMIC Class ACEEN55022, Class AEN55024EN60950-1GSCBCSA/UL 6

Appendix B: Safety and environmental guidelines for rack-mounting the console serverNOTE: Each heading and its contents in this section is also provid

Mechanical loadingMounting of the equipment in the rack should be such that a hazardous condition is notachieved due to uneven mechanical loading.Sich

Sicherheitsvorkehrungen beim Betrieb des Cyclades ACS 5000 AdvancedConsole ServerBitte lesen Sie alle folgenden Sicherheitsrichtlinien um sich und Ihr

CAUTION: Do not push any objects through the openings of the Cyclades ACS 5000 advanced console server.Doing so can cause fire or electric shock by sh

Arbeiten am Cyclades ACS 5000Bitte versuchen Sie nicht den ACS 5000 selbst zu warten mit Ausnahme unter Befolgung derAnweisungen von Cyclades technisc

Apague el Cyclades ACS 5000 advanced console server. Asegurase que este tocando tierraantes de tocar cualquier otra cosa, que puede ser al tocar la pa

Appendix C: Technical SupportOur Technical Support staff is ready to assist you with any installation or operating issues youencounter with your Avoce

Flag any of the above elements with Inverted to perform target action on packets not matchingany criteria specified in that line. For example, if you

152 Cyclades®ACS5000 Installation/Administration/User Guide

590-815-501BFor Technical Support:www.avocent.com/support

SNMPThe administrator can activate the Simple Network Management Protocol (SNMP) agent thatresides on the console server so that the SNMP agent sends

São Paulo console server into the local1 facility and to aggregate messages from Fremontconsole server into the local2 facility.On syslogger the syste

• Server Technology Sentry™ family of Switched Cabinet Power Distribution Units (CDUs)and switched CDU Expansion Module (CW/CX) power devices.• Server

FCC Warning StatementThe Cyclades ACS 5000 advanced console server has been tested and found to comply withthe limits for Class A digital devices, pur

• With the IPDU ID assigned to the IPDU• With the port number to which the IPDU is connectedThe IPDU and port number are always followed by one or mor

For IPMI power management, the default hotkey is Ctrl+Shift+I. For IPDU power management,the default hotkey is Ctrl+p.Options for managing powerAuthor

NOTE: Probe string configuration requires knowledge of C-style escape sequences. Answer strings requireknowledge of POSIX extended regular expressions

Installation215Important Pre-installation RequirementsBefore installing and configuring the console server, ensure you have the following:• Root Acces

Figure 2.1: Placement of Mounting BracketsTo rack mount the console server:1. Install the brackets on to the front or back edges of the console server

Making a direct connection to configure the network parameters.On your Microsoft® Windows workstation, ensure that a terminal emulation program isinst

Turning on the console server and the connected devicesPerform the following procedures in the order shown to avoid problems with components onconnect

******************************************************************** C O N F I G U R A T I O N W I Z A R D *******************************************

NOTE: If you choose to use DHCP and have selected IPv4 enabled (option 0), the IPv4 Current Configurationverification screen will be displayed as show

• Stateless Only: The router will multicast the IPv6 prefix along with the consoleserver’s MAC address, then listen for the other devices on the local

Cyclades®ACS5000Installation/Administration/User GuideAvocent, the Avocent logo, The Power of Being There, DSView and Cyclades areregistered trademar

Selecting a security profileSelect a pre-defined security profile or define a custom profile for specific services. The profilesare:• Secured - Disab

3. Turn on the console server and connected devices.4. Enter the console server’s IP address in the browser’s address field.5. Log in to the console s

To daisy-chain PDUs to the console server:This procedure assumes that you have one Avocent PM PDU or Cyclades IPDU connected to aserial port on the co

Web Manager for Regular Users325Using the Web ManagerConsole server users perform most tasks through the web manager. The web manager runs in abrowser

Figure 3.1: Regular User FormNOTE: The form area changes according to which menu option is selected.Number Description1 Form area.2Console server info

ConnectWhen you select the Connect option, the form displayed will allow you to connect to theconsole server or its serial ports.Permission to access

Connection protocols for serial portsYou can access a server or a device connected to a serial port by using the connection protocolspecified for the

IPDU Power ManagementIPDU management allows you to manage the power outlets on power management applianceproducts. If you have permission to manage ou

• Edit current thresholds - high critical, high warning, low warning and low critical(available for some models of Avocent PM PDUs).The following tabl

Form Heading Description ExampleModel IPDU model number.Avocent CycladesPM20i/30A PDUNumber of Outlets IPDU number of outlets. 20Number of Banks IPDU

Symbols UsedNOTE: The following symbols may appear within the documentation or on the appliance.InstructionsThis symbol is intended to alert the user

Form Heading Description ExampleType (Name) Type of the sensor.Temperature-InternalCurrent information displays the actual alarm state of the current

Web Manager for Administrators433This chapter is for system administrators who use the web manager to configure the consoleserver and its users. For i

Button name Usereload page Reloads the page.Help Displays the online help.next Only appears in Wizard mode. Goes to the next form.unsaved changesThe u

Logging Into the Web ManagerThe following procedure describes the login process to the web manager and what should beexpected the first time you log i

Figure 4.2: Example of Web Manager Form in Wizard ModeExpert modeExpert is the default mode when logging in to the console server. The following is a

Figure 4.3: Example of Web Manager Form in Expert ModeChapter 4: Web Manager for Administrators 37

38 Cyclades®ACS5000 Installation/Administration/User Guide

Configuring the Console Server inWizard Mode539Step 1: Security ProfileA security profile consists of a set of parameters that can be configured in or

The following tables illustrate the properties for each of the security profiles. The enabledservices in each profile are designated.Access to console

The first step to configure your console server is to select a security profile. One of thefollowing situations is applicable when you boot the consol

T A B L E OF C ON T E N TSIntroduction 1Overview 1Connectors on the Console Server 1Accessing the Console Server and Connected Devices 2Web Manager

CAUTION: Take the required precautions to understand the potential impacts of each individual service configuredunder the Custom profile.NOTE: It is n

In Wizard mode, the system assumes that all devices will be connected to the serial ports withthe same parameter values. If you need to assign differe

Parameter Options DescriptionStop Bits 1 [Default]Options are either 1 or 2Must match the number of stop bits used by thedevices connected to all port

The Access form lists the currently defined users and features Add, Change Password andDelete buttons.In the Users list by default, there is a root ac

6. Enter comments to identify the user’s role or configuration in the Comments field(optional).7. Click OK.8. Click the apply changes button.To delete

The following table provides description for each field whether local or remote destination isselected.Field name DefinitionDestinationWhere the buff

NOTE: You can perform advanced configuration in Expert mode including the option of setting up data bufferingseparately for individual or groups of se

Before setting up syslogging, make sure a pre-configured syslog server is available on the samenetwork as the console server. From the syslog server a

50 Cyclades®ACS5000 Installation/Administration/User Guide

Applications651Configuring the Console Server in Expert ModeMost applications require that you set the web manager to Expert mode. If you are in Wizar

Performing basic network configuration using the wiz command 18Adding users and configuring ports using the web manager 22Other Methods of Accessing t

Figure 6.1: Expert Mode Screen ElementsNumber Description1Top menu. Selecting any one of the top menu items will change the left navigation menu and f

Number Description6Command buttons. The command buttons are common to all web manager screens and are used totry changes, cancel changes, apply change

1. Go to Applications - Connect in Expert mode.2. Click the Connect to ACS 5000 radio button.3. Click the Connect button. A Java applet viewer appears

• Turn outlets on and off• Cycle power• Lock outlets to prevent accidental changes in power state (Avocent PM PDUs andCyclades IPDUs only)• Unlock the

Avocent PM PDU information displayedAvocent PM PDUs will display the Outlet Name, Post On Delay, Post Off Delay, Current HighCritical Threshold, Curre

NOTE: For Avocent SPC power devices or Server Technology IPDUs, an alert window prompts you that thescreen is automatically reloaded. Click OK and wai

Form Heading Description ExampleID Either a default name or administrator-configured ID. i1AModel IPDU model number.Avocent CycladesPM20i/30ANumber of

Form Heading Description ExamplePower Factor Phase power factor. N/AEnvironmental Sensors InformationType (Name) Type of the sensor.Temperature-Intern

Shown Element Type DescriptionID: Heading Static heading shows current IPDU name and portassignment.Model: Heading Shows the make and model of IPDU a

Shown Element Type DescriptionPhases thresholds Number fieldEnter for each phase the current threshold: High Critical, HighWarning, Low Warning and Lo

Configuring the Console Server in Expert Mode 51Overview of menus and forms 51Applications Menu and Forms 53Connect 53IPDU Power Management 54Applicat

software is available and for information on how to upgrade the device.To upgrade software on a Avocent PM PDU:1. Download the new firmware in /tmp di

Specify groups of outlets using the following format:IPDU_ID[outlets]Where IPDU_ID is the name configured for the IPDU (such as ilA) and outlets are n

3. In the User field, enter the username.4. In the Outlets field, enter the group name, IPDU number and outlets that the user cancontrol.5. Click OK.O

Method DescriptionBy nameIf the outlet has been assigned a name, such as “myoutlet,” entering myoutletis sufficient and no other path name is needed.B

6. Click apply changes.66 Cyclades®ACS5000 Installation/Administration/User Guide

Network Menu and Forms767This chapter describes the Network menu and related forms. The following table provides adescription of the left menu panel.M

General host settingsThe following table describes the fields on the Network - Host Settings form.Field name Field type DescriptionMode Pull-down menu

tab will be disabled.NOTE: If services not supporting IPv6 are needed, you will have to select Dual-Stack (IPv4 and IPv6) and thoseservices will be av

Check DHCP (checked by default) to have the console server pull network parameters from theDHCP server. If this box is not checked (DHCP disabled), th

Field name Field DefinitionMethodSelect Stateless only, Static or DHCP methods from the pull-down menu forthe desired Ethernet port configuration meth

Configuring authentication for console server logins 93Security Profiles 98Security certificates 101Ports Menu and Forms 103Physical Ports 103Virtual

• SNMP• Sending SNMP trap• Remote authentication (except to NIS)• Access to hosts• Stateful and stateless packet filtering (firewall)• Static routes•

a. Enter the IP address of the console server in the Primary Address field.b. Enter the netmask in the Network Mask field.c. Enter the address of the

SyslogYou can use the Syslog form to configure how the console server handles system-loggedmessages. The Syslog form allows you to perform the followi

VPN ConnectionsVirtual Private Network (VPN) enables a secured communication between the console serverand a remote network by utilizing a gateway and

Field Name DefinitionNextHopThe router through which the console server (on the left side) or the remotehost (on the right side) sends packets to the

c. Enter the IP address of the router through which the host’s packets reach the Internet inthe NextHop fields.d. Enter the netmask for the subnet in

Field or Menu Option DescriptionCommunitySNMP v1 and v2 only. A Community defines an access environment. Thetype of access is classified under Permiss

4. For SNMP v1 or v2 configuration, enter or change the following information:a. Enter the community name in the Community field.b. Enter the source I

• Edit default chains• Delete user-added chains• Add new chains• Edit rules for chainsEdit buttonSelecting one of the default chains and pressing the

Figure 7.1: Expert - Firewall Configuration Add Rule and Edit Rule Dialog BoxesInverted checkboxesIf the Inverted checkbox is enabled for the correspo

Introduction11OverviewEach model in the Cyclades®ACS 5000 advanced console server family is a 1U applianceserving as a single access point for accessi

Numeric protocol fieldsIf Numeric is selected as the protocol when specifying a rule, a text field appears to the right ofthe menu for the desired num

ICMP protocol fieldsIf ICMP is selected as a protocol, the ICMP Type pull-down menu is displayed in the ICMPOptions Section at the bottom of the Firew

REJECT targetIf REJECT is selected from the Target pull-down menu, the following pull-down menu appears.Any Reject with option causes the input packet

NOTE: User-defined chains cannot be edited. If you wish to rename a chain you added, delete it and create a newone.1. Go to Network - Firewall Configu

Host TableThe Host Table form enables you to keep a table of hostnames and IP addresses that composeyour local network and provides information on you

Field or Menu Name DefinitionHost IPAppears only when Host route is selected. Type the IP address of thedestination host.Go to Choices are Gateway or

88 Cyclades®ACS5000 Installation/Administration/User Guide

Security Menu and Forms889Users and GroupsThe Users and Groups form allows you to perform the following tasks:• Set up user access to the console serv

Adding a UserIf you click the Add button on the Security - Users and Groups form under the Users List, theAdd User dialog box appears. The following t

2. Select the name of a user or group to delete.3. Click Delete.4. Click apply changes.To change a user’s password:1. Go to Security - Users and Group