StarTech.com ECS0016 Manual de instrucciones

ECS0016Enhanced Console Server

Instruction Manual3Management Console ConnectionThe ECS0016 is pre-configured with a default IP Address: 192.168.0.1 and Subnet Mask: 255.255.255.0 . D

Instruction Manual93The config tool is designed to perform multiple actions from one com-mand if need be, so if necessary options can be chained togeth

Instruction Manual94 LDAP Base Node: Some base node #/bin/cong–-set=”cong.auth.ldap.basenode=somebasenode”The following command will synchr

Instruction Manual95 The following command will synchronize the live system with the new configuration: #/bin/cong–-run=timeTime ZoneTo change the

Instruction Manual96IP Configuration - StaticTo set static configuration on the LAN interface with the following at-tributes (denoted in bolded text), y

Instruction Manual97The following command will synchronize the live system with the new configuration. #/bin/cong–-run=ipcongDial-in ConfigurationT

Instruction Manual98‘115200’, and ‘230400’.Supported parity values are ‘None’, ‘Odd’, ‘Even’, ‘Mark’ and ‘Space’.Supported data-bits values are ‘8’, ‘

Instruction Manual99 Please Note: “/bin/config” commands can be combined into one com-mand for convenience.Serial Port ConfigurationSerial Port Settings

Instruction Manual100Supported stop-bits values are ‘1’, ‘1.5’ and ‘2’.Supported flow-control values are ‘Hardware’, ‘Software’ and ‘None’.Supported Pr

Instruction Manual101Note that if you see: cong.users.total it means you have 0 Users configured.So, your new User will be the exist

Instruction Manual102 cong.portaccess.total it means you have 0 rules configured. Your new rule will be the existing total plus

Instruction Manual4ARPPing IP Address AssignmentIf it is not convenient to change the PC/workstation network address, you can use the ARP-Ping command

Instruction Manual103The following command will synchronize the live system with the new configuration. #/bin/cong–-run=eventlog Please note that s

Instruction Manual104The following command will synchronize the live system with the new configuration: #/bin/cong–-run=alertsMetaConnect Host Confi

Instruction Manual105    <user1>JohnWhite</user1>   </users>   <tcpports><tcpport1>23</tcpport1></tcp

Instruction Manual106History:Typing the character sequence ‘~h’ will generate a history on the serial port.Quitpmshell:Typing the character sequence

Instruction Manual107Example:To detect which users are currently active on which serial ports: #pmusersThis command will output nothing if there are

Instruction Manual108 Change which configuration file it uses: -c/etc/cong/portmanager.confSignalsSending a SIGHUP signal to the portmanager will ca

Instruction Manual109 example: </etc/cong/pmshell-start.sh> #!/bin/sh PORT=”$1” USER=”$2” echo“Welcometoport$PORT$USER” </etc/

Instruction Manual110Raw Access to Serial PortsAccess to Serial PortsYou can tip and stty to completely bypass the portmanager and have raw access to

Instruction Manual111Modem initialization strings• To override the standard modem initialization string either use the Management Console o

Instruction Manual112The basic steps performed are as follows:a) The current iptables configuration is erased.b) If a customized IP-Filter script exist

Instruction Manual5You will be prompted to log in. Enter the default administration username and administration password: Username:

Instruction Manual113   –-matchstate–-stateESTABLISHED,RELATED–-jumpACCEPT #Explicitlyacceptanyconnectionsfromcomputerson #192.168.1

Instruction Manual114Adding more than one SNMP server To add more than one SNMP server for alert traps add the first SNMP server using the Management C

Instruction Manual115To set the Username field (SNMP version 3 only): congsetcong.system.snmp.username2=yourusername.. (replacing yourusernam

Instruction Manual116powerman - power on/off nodes Synopsispowerman [-option] [targets]pm [-option] [targets] Options-1,--on Power ON targets. -0,

Instruction Manual117-h,--help Display option summary. -L,--license Show powerman license information. -d,--destinationhost[:port] Connect to a

Instruction Manual118As a reminder to the reader, some shells will interpret brackets ([ and ]) for pattern matching. Depending on your shell, it may

Instruction Manual119Default system Power Device actions are specified in /etc/powerstrips.xml. Custom Power Devices can be added in /etc/config/powerst

Instruction Manual120 <off>script to power off</off> <cycle>script to cycle power</cycle> <status>script to wri

Instruction Manual121Glossary of Terms UsedTERM MEANINGAuthentication Authentication is the technique by which a process verifies that its communicatio

Instruction Manual122TERM MEANINGCertificate Authority A Certificate Authority is a trusted third party, which certifies public key's to truly belon

Instruction Manual6Administrator PasswordFor security reasons, only the Administrator (the administration user named root) can initially log into your

Instruction Manual123TERM MEANINGFirewall A network gateway device that protects a private network from users on other networks. A firewall is usually

Instruction Manual124TERM MEANINGKey lifetimes The length of time before keys are renegotiated LAN Local Area Network LDAP The Lightweight Directory A

Instruction Manual125TERM MEANINGNAT Network Address Translation. The translation of an IP address used on one network to an IP address on another net

Instruction Manual126TERM MEANINGRADIUS The Remote Authentication DialIn User Service (RADIUS) protocol was developed by Livingston Enterprises as an

Instruction Manual127TERM MEANINGSOL Serial Over LAN (SOL) enables servers to transparently redirect the serial character stream from the baseboard un

Instruction Manual128TERM MEANINGTelnet Telnet is a terminal protocol that provides an easytouse method of creating terminal connec-tions to a network

Instruction Manual129Technical SpecicationsFEATURE VALUE Dimensions 17 x 8.5 x 1.75 in (43.2 x 21. x 4.5 cm)Weight 3.9 kg (8.5 lbs) Ambient operatin

Instruction Manual130RJ45 Connector - PinoutWiringPin Signal Direction RS232 Signal Description1 RTS Output Request To Send2 DSR Input Data Set Ready3

Instruction Manual131Adapter (included Part # 319000) Pinout - (Straight through)Accessory (included Part # 319001) Pinout - (Crossover)Additional ad

Instruction Manual132Technical SupportStarTech.com’s lifetime technical support is an integral part of our commit-ment to provide industry-leading sol

Instruction Manual7Network IP addressYou now must enter an IP address for the principal Ethernet (LAN/Net-work/Network1) port on the ECS0016 gateway,

StarTech.com has been making “hard-to-find easy” since 1985, providing high quality solutions to a diverse IT and A/V customer base that spans m

Instruction Manual8By default the ECS0016 LAN port auto detects the Ethernet connection speed. However you can use the Media menu to lock the Ethernet

Instruction Manual9HTTPSThis ensures secure browser access to all of the Management Console menus. It also allows appropriately configured Users secure

Instruction Manual10There are also a number of related service options that can be configured at this stage: SNMPThis will enable netsnmp in the gatewa

Instruction Manual11Communications SoftwareYou have configured access protocols for the Administrator client to use when connecting to the ECS0016. Use

Instruction Manual12MetaConnect is a Java client program that couples the SSH tunneling protocol with popular access tools such as Telnet, SSH, HTTP,

FCC Compliance StatementThis equipment has been tested and found to comply with the limits for a Class B digital de-vice, pursuant to part 15 of the F

Instruction Manual13SSHTermAnother common communications package that may be useful is SSH-Term, an open source package that can be downloaded from h

Instruction Manual14Conguring Serial PortsTo configure the serial port, you must first set the protocols and the RS232 parameters that are to be used f

Instruction Manual15When you have reconfigured the common settings and the mode for • each port, you set up any remote syslog, then click Apply Comm

Instruction Manual16Before proceeding with further serial port configuration, you should • connect the ports to the serial devices they will be cont

Instruction Manual17From Win2000/XP/NT, you can run telnet from the command prompt • (cmd.exe)You can also use standard communications packages lik

Instruction Manual18SSH It is recommended that you use SSH as the protocol whereby the User or Administrator connects to the ECS0016 gateway (or conn

Instruction Manual19For a User named ‘Paul’ to access serial port 2, when setting up the SSHTerm or the PuTTY SSH client, instead of typing username =

Instruction Manual20RFC2217 also enables the serial port to be tunneled to a remote ECS0016 client gateway, so two serial port devices can be transpar

Instruction Manual21Data Carrier Detect (DCD) pin on the serial device being raised. When a connection is detected, the getty program issues a login:

Instruction Manual22can also be configured to support the remote syslog protocol on a per serial port basis.Select the Syslog Facility/Priority fields t

Instruction ManualiInstruction ManualTable of ContentsIntroduction ...

Instruction Manual23Select 1. Serial & Network: Users & Groups to display the configured Groups and Users Click 2. Add Group.Add a 3. Gro

Instruction Manual24 The Administrator can also edit the Access settings for any existing Us-ers. To do so:Select 1. Serial & Network: Users &am

Instruction Manual25Network HostsTo access a locally networked computer or appliance (referred to as a Host) you must identify the network connected H

Instruction Manual26Trusted NetworksThe Trusted Networks utility provides the option to select specific IP addresses at which users (Administrators and

Instruction Manual27 Network IP Address: 204.15.5.128 Subnet Mask: 255.255.255.224Click 6. Apply.The above Trusted Networks will limit acces

Instruction Manual28 Next, you must register the Public Key as an Authorized Key on the 5. Slave. In the simple case with only one Master with mult

Instruction Manual29The next step is to Fingerprint each new Slave-Master connection, which will authenticate you as a legitimate user for the SSH ses

Instruction Manual30 of clustered console servers and the connected devices) Enter the full number of serial ports on the Slave unit in Number of 3.

Instruction Manual31 next time the Master sends out a configuration file update. Also, while the Master is in control of all Slave serial port related

Instruction Manual32Remote Power Control (RPC) The ECS0016 Management Console monitors and controls Remote Power Control devices using the embedded Po

Instruction ManualiiSerial Port and Network Host Configuration... 13Configuring Serial Ports ...

Instruction Manual33Select the Serial & Network: RPC Connections menu. This will display 3. all the RPC connections that have already been configur

Instruction Manual34Enter the Username and Password used to login into the RPC (Note 8. that these login credentials are not related the Users and ac

Instruction Manual35Click on View Log or select the 2. RPCLogs menu and you will be presented with a table of the history and detailed graphical info

Instruction Manual36The outlet status is displayed and you can initiate the desired Action to be taken by selecting the appropriate icon: Power ON Pow

Instruction Manual37The console server may or may not be drawing power through the Managed UPS (see the Configure UPS powering the console server secti

Instruction Manual38Enter a 4. UPS Name and Description (optional) and the select if the UPS will be Connected Via USB or over pre-configured serial p

Instruction Manual39positive number, or -1. 0s are shut down first, then 1s, 2s, etc. -1s are not shut down at all. Defaults to 0Select the Driver th

Instruction Manual40If the ECS0016 is drawing power through a Managed UPS that has already been configured, select Local, enter the Managed UPS Name an

Instruction Manual41Configuring Powered Computers to Monitor a Managed UPS Once you have added a Managed UPS, each server that is drawing power through

Instruction Manual42- username is the Username of the Managed UPS- password is the Password of the Manager UPSUPS Alerts You can now set UPS alerts us

Instruction ManualiiiSetting up MetaConnect for Remote Desktop access ...61Set up MetaConnect Serial Ports on ECS0016 ...

Instruction Manual43Select UPS Logs and you will be presented with the log table of the 4. load, battery charge level. temperature and other status in

Instruction Manual44NUT is built on a networked model with a layered scheme of drivers, server and clients. The driver programs talk directly to the U

Instruction Manual45status of a UPS, writing it to a file. All these clients all run on the ECS0016 (for Management Console presentations) but they al

Instruction Manual46Using the Management Console, Administrators can view the ambient temperature and humidity and set the EMD to automatically send a

Instruction Manual47 Screw the bare wires on any smoke detector, 2. water detector, vibration sensor, open-door sensor or general purpose open/close

Instruction Manual48Enter a 5. Name and Description for the EMD and select pre-configured serial port that the EMD will be “Connected Via”.Provide 6.

Instruction Manual49Environmental Status You can monitor the current status of all of EMDs and their probesSelect the 1. Status: Environmental Status

Instruction Manual50Failover and Out-of-Band Dial AccessThe ECS0016 has a number of failover and out-of-band access capabili-ties to ensure high avail

Instruction Manual51Please note: The ECS0016 requires an external modem attached (via a serial cable) to the DB9 port (marked Local, located on the fr

Instruction Manual52Select the 6. Authentication Type to be applied to the dial-in connection.The ECS0016 uses authentication to challenge Administra

Instruction ManualivStatus Reports ... 85Port Access and Active Users ...

Instruction Manual53ECS0016 gateways also support dial-back for additional security. Check the Enable Dial Back box and enter the phone number to be c

Instruction Manual54Similarly for Windows® 98, you double-click My Computer on the Desk-top, then open Dial-Up Networking and double-click Make New Co

Instruction Manual55Command line PPP and manual configuration (which works with any • Linux distribution) Using the Linuxconf configuration tool (f

Instruction Manual56Secure Tunneling & MetaConnectTelnet or SSH connection to serially attached devices MetaConnect can also be used to access tex

Instruction Manual57 then Close and Close again Assuming you have already set up the target ECS0016 as a gateway 3. in your MetaConnect client (wi

Instruction Manual58Select 1. Users & Groups from Serial & Network.Click 2. Add User. Enter a 3. Username, Description and Password/Confirm.

Instruction Manual59To initiate a pre-configured dialup connection under Windows, use the • following Start Command: cmd /c start “Starting Out

Instruction Manual60To make the OoB connection using MetaConnect:Select the gateway from the left hand list of gateways and hosts. Under Gateway Actio

Instruction Manual61 PuTTYgen: http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html OpenSSH: http://www.openssh.org/ OpenSSH (Wind

Instruction Manual62system, reboot the machine etc. ECS0016’s Secure Tunneling uses SSH tunneling, so this RDP traffic is securely transferred through

Instruction ManualvRaw Access to Serial Ports ...110Access to Serial Ports ...

Instruction Manual63ration protocols on that portNote: If you leave the Username and User Password fields blank, they default to portXX and portXX wher

Instruction Manual64Alerts and LoggingThis chapter describes the logging and alert generation features of the console server. The Alert facility monit

Instruction Manual65SNMP alertsThe Administrator can configure the Simple Network Management Proto-col (SNMP) agent that resides on the console server,

Instruction Manual66emailed to a nominated email address, or the SNMP or Nagios server is notified. The data stream from nominated serial ports can be

Instruction Manual67disconnects from the applicable Host or Serial Port, or when a Slave con-nects or disconnects from the applicable UPS Serial Port

Instruction Manual68port activity. These records are stored on an ‘offserver’. To specify which serial ports are to have activities recorded and to wh

Instruction Manual69 when connected using MetaConnect. These IPMI controlled power switches can also be controlled using the Management Consol

Instruction Manual70Configuring Serial Port Power StripsThe Administrator can configure serially connected power strips, so both Users and Administrator

Instruction Manual71Configuring Browser Controlled Power StripsThe Administrator can configure network attached power strips, so both Users and Administ

Instruction Manual72Nagios IntegrationNagios is a powerful, highly extensible open source tool for monitoring network hosts and services. The core Nag

Instruction Manual1IntroductionThank you for purchasing a StarTech.com Conyx ECS0016 Enhanced Console Server. This innovative remote service manageme

Instruction Manual73it provides an outstanding network monitoring system. With Nagios you can: Display tables showing the status of each monitored ser

Instruction Manual74Clients Typically a client PC, laptop, etc. running Windows, Linux or Mac OS X •Runs MetaConnect •Possibly remote to the central

Instruction Manual75You will also require a web server such as Apache to display the Nagios web UI (and this may be installed automatically as a depen

Instruction Manual76The first step is to set up the Nagios features on the console server:Select 1. System: Nagios on the ECS0016 Management Console.

Instruction Manual77 Host. Enter the 2. IP Address/DNS Name of the network server, e.g.: 192.168.1.10 and enter a Description, e.g.: Windows 2003

Instruction Manual78 port attached. In Applicable Hosts, check the IP address/DNS name of the IIS server. Click 13. Connection Alert.Click 14

Instruction Manual79 upstream Nagios server will use to reach the ECS0016 – if unspecified this will default to the first network port’s IP (Network

Instruction Manual80Enable NSCA monitoringNSCA is the mechanism that allows you to send passive check results from the remote ECS0016 to the Nagios da

Instruction Manual81Select 4. Check Permitted TCP/UDP to monitor a service that you have previously added as a Permitted Service. Select 5. Check

Instruction Manual82System ManagementThis chapter describes how the Administrator can perform a range of general ECS0016 system administration and con

Instruction Manual2Initial CongurationUnpack the ECS0016 kit and verify you have all of the parts indicated in the Package Contents list shown on the

Instruction Manual83ton gently twice (within a 5 second period) while the unit is powered ON.This will reset the ECS0016 back to its factory default s

Instruction Manual84Configure Date and TimeIt is recommended that you set the local Date and Time in the ECS0016 as soon as it is configured. Features l

Instruction Manual85Status ReportsThis chapter describes the selection of status reports that are available for review:Port Access and Active Users •

Instruction Manual86StatisticsThe Statistics report provides a snapshot of the data traffic and other activities and operations of your gateway.Support

Instruction Manual87SyslogThe Linux System Logger maintains a record of all system messages and errors. To view the System Log, select Status: Syslog

Instruction Manual88ManagementThe ECS0016 has a number of Management reports and tools that can be accessed by both Administrators and Users:Access an

Instruction Manual89Serial Port Terminal ConnectionAdministrator and Users can communicate directly with the ECS0016 command line and with devices att

Instruction Manual90The alternate to using MetaConnect and your local telnet client is to download the open source jcterm Java terminal applet into yo

Instruction Manual91 Configuration) Date and Time Configuration (Manually Change Clock Settings and • Network Time Protocol Time Zone) Network Config

Instruction Manual92The config Tool:Syntax config [ ahv ] [ d id ] [ g id ] [ p path ] [ r configurator ] [ s id=value ] DescriptionThe config tool all