Avocent Cyclades ACS User's Guide

CYCLADES™ ACS 6000Installation/Administration/User Guide

• Dial-up to a factory-configured internal modem (optional), a modem connected either to aserial port or the AUX port (which is only possible when an

590-767-501EFor Technical Support:www.avocent.com/support

• Linux kernel• Remote authentication: Radius, Tacacs+, LDAP and Kerberos servers• SNMP• SSH and Telnet access• Syslog serverNOTE: Remote authenticati

and other computers that have IPSec installed. ESP and AH authentication protocols, RSAPublic Keys and Shared Secret aresupported. For more informati

FIPS moduleThe 140 series of Federal Information Processing Standards (FIPS) are U.S. governmentcomputer security standards that specify requirements

Number Description Number Description1 ACS 6000 advanced console server 8 Phone line2 Target devices 9 Remote dial-in client3 PDU (one or more) 10 Loc

Installation27Getting StartedBefore installing your ACS 6000 console server, refer to the following list to ensure you have allitems that shipped with

• A PC running a terminal emulation programRack MountingYou can mount the console server in a rack or cabinet, or place it on a desktop or other flats

Figure 2.2: Front of the Console Server (ACS 6032 Console Server Shown)Number Description1 USB connector.2 LEDs.3 PC card slots.Table 2.1: Connectors

Label DescriptionAUX/MODEMDual LED: Yellow on top, green on bottom• Yellow - DTR/DCD activity• Green - TXD and RXD activity• Off - No activity[One LED

for the port. An administrator can select Expert - Ports - Serial Ports - (SetCAS or SetPower) -Physical to open the Physical Settings screen, then ch

FCC Warning StatementThe Cyclades ACS 6000 advanced console server has been tested and found to comply withthe limits for Class A digital devices, pur

1. Make sure the devices to be connected are turned off.2. Use CAT 5 or greater crossover cables to connect the devices to the console server, usingan

WARNING: It is critical that the power source supports the DC power requirements of your console server. Makesure that your power source is the correc

9. Turn on the console server.10. Turn on the power switches of the connected devices.Configuring a Console ServerA console server may be configured a

To use Telnet in a shell, enter the following command:# telnet [hostname | IP_address]login: username:[portname | device_name]-or-# telnet [hostname |

To close an SSH session:At the beginning of a line, enter the hotkey defined for the SSH client followed by a period.The default is ~. Or, enter the t

Chapter 2: Installation 17

18 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide

Accessing the Console Server viathe Web Manager319Once you’ve connected your ACS 6000 console server to a network, you can access the consoleserver wi

Figure 3.1: Administrator Web Manager ScreenNumberDescription1Top option bar. The name of the appliance and of the logged in user appear onthe left si

By default, the first time an administrator accesses the console server through the web manager,the Wizard will be displayed. Subsequent log-ins will

Cyclades™ ACS6000Console ServerInstallation/Administration/User GuideAvocent, the Avocent logo, The Power of Being There, DSView and Cyclades aretrad

5. Click Next to configure the Network or click the Network, Ports or Users link to open theappropriate screen.To configure network parameters:1. Sele

5. (Optional) Configure account expiration and password expiration.6. Click Next.7. Repeat steps 3-7 as needed to configure new user accounts and assi

System ToolsClick System Tools to display icons which can be clicked to reboot or shut down the consoleserver, upgrade the console server’s firmware,

NOTE: This value applies to any user session to the appliance via HTTP, HTTPS, SSH, Telnet or CONSOLE port.The new idle time-out will be applied to ne

The console server will automatically reboot. During the reboot, the console server will eraseSSHkeys, update the configuration of HTTPD, SSHD, ADSAP

To reconfigure a console server with bootp:1. Click System - Security - Security Profile. Under the Bootp Configuration Retrievalheading, ensure the

3. Enter the Time Zone Name and Standard Time Acronym of your choice.4. Enter the GMT Offset.5. Select Enable daylight savings time if needed.6. Selec

Boot ConfigurationBoot configuration defines the location from which the console server loads the operatingsystem. The console server can boot from it

UsageClick System - Usage to view memory and Flash usage.NetworkClick Network to view and configure the network options for Hostname, DNS, IPv6, Bondi

NOTE: The MAC Address for the device will be displayed after this option.NOTE: The following step is only active for mounted Ethernet PC cards.7. Ente

Symbols UsedNOTE: The following symbols may appear within the documentation or on the appliance.InstructionsThis symbol is intended to alert the user

3. Enter a new hostname and alias, as applicable, then click Save.FirewallAdministrators can configure the console server to act as a firewall. By def

Field/Menu Option DefinitionSource Port - or - Des-tination PortA single IP address or a range of IP addresses.TCP Flags[TCP only] SYN (synchronize),

2. Select either IPv4 Filter Table or IPv6 Filter Table as needed.3. From the chain list, click the name of the chain you want to add a rule to.4. Cli

The following table describes the fields and options on the IPSec(VPN) - Add screen. Theinformation must match exactly on both ends for local and remo

a. Enter the SysContact information (email address of the console server’s administrator,for example, [email protected]).b. Enter the SysLocat

To configure or edit one or more serial ports with the CAS Profile:1. Select Ports - Serial Ports.2. Click the checkbox for each port you want to conf

6. Click Next or click the Alerts link.a. Click Enable Alerts to enable detection of alerts.b. Click Add to add an alert string. Enter the string in t

Parameter DescriptionPort NameName associated with the serial port (as an alias). Default: <appliancemac address>-p-<port number>.Enable A

Parameter DescriptionEnable Auto AnswerWhen the input data matches one input string configured in AutoAnswer, the output string will be transmitted to

Parameter DescriptionLog-in/out MessageIncludes special notification for logins and logouts in data buffering.Default: Disabled.Serial Session Logging

T A B L E  OF  C ON T E N T SIntroduction 1Features and Benefits 1Access options 1Web manager 2IPv4 and IPv6 support 2Flexible users and groups 3Sec

Parameter DescriptionPPP Authentication Pro-tocolUses the radio button to select: none, PAP, CHAP or EAP.• None - no authentication.• PAP - use PAP pr

d. For Avocent/Cyclades PDUs, enter the power cycle interval and then use the drop-down menus to enable or disable Syslog, Buzzer and SW Overcurrent P

Parameter DescriptionPower Cycle IntervalThe interval in seconds between Off and On actions for the power cyclecommand. Default: 15.SyslogWhen enabled

2. Click the Set Power button and use the drop-down menus to configure the physicalsettings.3. Click Next or click the Power link.a. Use the drop-down

NOTE: The auto discovery process starts when there is variation in the DCD signal from OFF to ON(disconnect/connect the target's cable, turn off/

To configure the input/output strings used by auto answer:1. Select Ports - CAS Profile - Auto Answer.2. To add an auto answer input and output string

ParameterDescriptionPool NameThe name of the pool. The pool name is mandatory and should follow hostname guidelines, not exceed 64 characters and star

5. When the PAP authentication protocol is configured for the port, select the authenticationtype from the PPP/PAP Authentication menu.6. Click Save.T

Pluggable DevicesTo manage pluggable devices:1. If Pluggable Device Detection is enabled, select Pluggable Devices.-or-If it is disabled, click Enable

An administrator can configure authentication using the CLI utility and the web manager. Thedefault authentication method for the console server and t

Wizard Mode 20Expert Mode 23Access 23System Tools 24System 24Security 24Bootp Configuration Retrieval 26Date and Time 27Help and Language 28General 28

4. Enter your secret word or passphrase in the Secret field (applies to both first and secondauthentication and accounting servers), then re-enter the

6. Enter your Database Password, then re-type the database password in the Confirm Passwordfield.7. Enter your desired Login Attributes.8. Click Save.

Local accountsThe admin and root are equivalent users but named differently to address users familiar witheither Avocent equipment or the Cyclades fam

8. Click Save.To configure password rules:1. Click Users - Local Accounts - Password Rules.2. If password complexity is desired (recommended), make su

2. Click on admin under the Group Name heading. The content area will display theMembers screen listing all members belonging to the admin group (defa

user groupMembers of the user group have access to target devices unless they are restricted by anadministrator but have no access rights for the cons

6. Click Save.To remove members from a user group:1. Click Users - Authorization - Groups.2. Click the user group name.3. Check the box(es) of the mem

Command Description-e <[^]char>Escape character used to close the target session. Defaultvalue: Ctrl-X-l Sorted lists ports and exit-ro Read-Onl

4. In the content area, click Add. The PDU Assignment screen appears with the list ofavailable PDUs in the left box.5. Move PDU devices from the Avail

To configure a group in a TACACS+ authentication server:1. On the server, add raccess service to the user configuration.2. Define which group(s) the u

Users Accounts and User Groups 53Local accounts 54User groups 55Event Notifications 62Event List 62Event Destinations 62Data Buffering 63Appliance log

During the authentication phase, the console server will receive the attribute FramedFilterIDfrom the RADIUS server. The user regina belongs to author

3. Select Remote Server - IPv4 to enable syslog messages to be sent to one or more remoteIPv4 syslog servers, and enter the IPv4 Address or Hostname.

4. To configure data buffer storage on a syslog server in the Syslog Data Buffering Settingssection; select a facility number from the drop-down menu:

5. In the Minimum Temperature Threshold field, enter the temperature threshold in degreesCelsius above the minimum temperature.6. Click Save.Power Man

2. Select the checkbox next to the PDU you want to manage.3. Click On, Off, Cycle, Reboot PDU, Reset HW Overcurrent Protection or Factory Defaultsif d

To configure a PDU:1. Click Settings to expand the side navigation bar.2. Click Outlets.3. Click on an outlet number to change its settings. Click Sav

-or-4. Click Add to add an outlet group. The Add Group screen appears. Enter the name in theGroup Name field.5. Click Save.To view and change outlet g

Screen Name DefinitionNetwork - DevicesShows Ethernet ports and PC card Device Name, Status (enabled/disabled),IPv4 Address, IPv4 Mask and IPv6 Addres

Figure 3.3: Web Manager Regular User ScreenNumber Description1Top option bar. The name of the appliance and the name of the logged in user appears on

Menu Option DescriptionPower ManagementPDUs Outlet GroupsClick PDUs to turn on, turn off, cycle, reboot, reset the HW overcurrent protection,returnt t

v Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide

72 Cyclades™ ACS 6000 Advanced Console Server Installation/Administration/User Guide

Appendix A: Technical SpecificationsGeneral InformationCPU PPC440EPx @ 533 MHz (PowerPC with Security Acceleration Engine)Memory 256 MB DDR-2 / 128 MB

Operating Temperature 32oF to 122oF (0oC to 50oC)Storage Temperature -4oF to 158oF (-20oC to 70oC)Humidity 20% to 80% relative humidity (non-condensin

Appendix B: Recovering a Console Server's PasswordTo recover the console server's root password:1. Connect directly to the console server’s

Appendix C: Port Information for Communication with theDSView 3 SoftwareThe following ports on an ACS 6000 advanced console server can accept connecti

Appendix D: Accessing a Console Server with a DSView 3Software Installation via Dial-upWhen a DSView 3 software user establishes a serial session, the

Configuring dial-up for a console serverTo configure dial-up to a console server within the DSView 3 software:1. In a Units view window containing app

NOTE: The following step is only required if CHAP was selected in the PPP Auth Protocol field in the DSView 3software Settings Dial-up window.4. Log i

Appendix E: Internal ModemSome models of the ACS 6000 console server come equipped with an internal modem. Thismodem is used to originate and answer p

Command DescriptionATB0 CCITT operation at 300 or 1200 bps.ATB1 Bell operation at 300 or 1200 bps (default).ATD Dial.ATD0-9 Dial the DTMF digits 0 to

Introduction11The Cyclades™ ACS 6000 advanced console server is a 1U appliance that serves as a singlepoint for access and administration of connected

Command DescriptionATM1Speaker is on during call establishment but goes off when carrier is detected(default).ATM2 Speaker is always on.ATM3 Speaker i

Command DescriptionATX4 Enables monitoring of busy tones. Sends all messages (default).ATZ0 Soft reset.AT&C0 DCD remains on at all times.AT&C1

Command DescriptionAT%C0 Disables data compression.AT%C1 Enables MNP 5 data compression.AT%C2 Enables V.42 bis data compression (sets S46 bit 1).AT%C3

Modulation CarrierPossible Minimum, Maximum, Receive and TransmitRatesV.22 bis V22 2400 or 1200V.23 V23C 1200rx/75tx or 75rx/1200txV.32 V32 9600 or 48

If the line is in use and the modem receives an ATDT command to dial out, the modem willnot go off hook and will display the “LINE-IN-USE” result code

Basic modem result codesThere are basic codes the modem will issue in response to processing an AT command. Resultcodes may be displayed either in wor

Numeric Verbose Description18CONNECT57600Line speed or DTE connection at 57600bps.Digital line guardThe modem has an optional Digital Line Guard Circu

When the modem detects the escape sequence, the OK result Result code will be displayedand the modem is in the On Line Command State. The ATH or ATZ c

Country Code Country Code Country CodeUnited States B5UnitedKingdomB4Using caller IDThe modem can be used to display certain information about incomin

Appendix F: Technical SupportOur Technical Support staff is ready to assist you with any installation or operational issuesyou encounter with your Avo