Ports Menu and Forms : Physical Ports

Physical Ports
When Physical Ports is selected under Ports - Physical Ports in Expert mode, the following form appears.
Ports - Physical Ports
Using this form you can enable or disable ports and configure parameters for individual or a group of serial ports.
You can select contiguous serial ports on the form by using the Shift key or non-contiguous ports by using the Ctrl key on your keyboard. You can Enable Selected Ports or Disable Selected Ports by pressing the corresponding button.
You can select the Modify All Ports button to specify the same parameters for all the serial ports or you can select Modify Selected Ports button and set values for an individual or a group of ports.
To select one or more serial ports:
1.
Go to Ports - Physical Ports in Expert mode The Physical Ports form appears.
2.
a.
b.
c.
3.
To enable or disable serial ports:
1.
Go to Ports - Physical Ports and select a port or ports to modify.
2.
To enable selected ports, click the Enable Selected Ports button.
3.
To disable selected ports, click the Disable Selected Ports button.
NOTE: By default, all Serial Ports are disabled from the factory. The Administrator can activate and assign specific users to individual physical ports.
4.
Click apply changes.
General form
Under Ports - Physical Ports in Expert Mode, if you select one or more ports from the ports list and click the Modify button, the General form appears as shown in the following form.
Ports - Physical Ports - General Form
The General form allows you to define general port settings, connect to an IPDU port and select the connection type to a serial port (SSH, Telnet or both).
The number of the selected port or ports displays next to the Done button at the bottom of the form in the format: Selected ports #:N, where N stands for the port number.
Connection profiles
The following sections describe the available connection protocols for each connection to the serial ports.
Console Access Server (CAS) profile connection protocols
When a serial port is connected to the console port on a device, a CAS profile must be defined for the serial port.
Selecting the appropriate connection protocol on the Ports - Physical Ports - General is part of defining the CAS profile.
The CAS connection protocols apply in the following cases:
When a user access the serial port through the Web Manager, the session automatically uses the specified protocol to connect to the console of the connected device.
When a user logs in remotely to the serial port, access is allowed only for the selected protocol. If another protocol is used then access is denied. For example, if you specify the Console (SSH) protocol, the user can use SSH but cannot use Telnet to access the serial port.
The following table shows the options from the list of connection protocols when the console server serial port is connected to the console port of a server or a device.
Authorized users can use Telnet and/or SSH to connect to the console of the connected device simultaneously. When multiple sessions feature is configured, simultaneous Telnet and/or SSH sessions are allowed through the serial port.
Terminal Server (TS) profile connection protocols
When a server terminal is connected to the console port on a device, a TS profile must be defined for the serial port.
Selecting the appropriate connection protocol on the Ports - Physical Ports - General form is part of defining the TS profile.
When configuring serial ports to support server terminals, you can:
The TS profile must specify the TCP port number, the terminal type and the IP address for the remote host on the Ports - Physical Ports - Other form.
The following table describes the connection protocols that can be selected if a terminal is connected to the selected serial port.
Dedicates a server terminal connected to a serial port to access a server using the Telnet protocol. When the attached terminal is powered on, the console server opens a Telnet session on the server. The server’s IP address should be specified on the Other form, Ports - Physical Ports - Other.
Dedicates a server terminal connected to the selected serial port to access a server using the SSHv1 protocol. When the attached terminal is powered on, the console server opens an SSHv1 session on the server. The server’s IP address should be specified on the Other form, Ports - Physical Ports - Other.
Dedicates a server terminal connected to the selected serial port to access a server using the SSHv2 protocol. When the attached terminal is powered on, the console server opens a SSHv2 session on the server. The server’s IP address should be specified on the Other form, Ports - Physical Ports - Other.
Dedicates a server terminal connected to the selected serial port for connecting to the console server. When the attached terminal is powered on, the console server opens a Telnet session on itself. The user then can use any of the console server’s Linux commands. You can also create a terminal profile menu, Applications - Terminal Profile Menu that enables the user to quickly launch sessions on any number of remote hosts.
Dedicates a server terminal connected to the selected serial port to access a specific remote host using the Raw Socket protocol. When the attached terminal is powered on, the console server opens a Raw Socket session on the host using an IP address and TCP port number specified on the Other form, Ports - Physical Ports - Other.
Bidirectional Telnet protocol
Bidirectional Telnet protocol can be selected from the Ports - Physical Ports - General from.
Bidirectional Telnet supports both a CAS profile Telnet connection and a TS profile menu shell. Both connection protocols are supported on one port, however, connections cannot be opened simultaneously.
NOTE: The console profile features such as data buffering, multiple users and event notifications are not available under this protocol.
When the attached terminal is powered on and the Enter key is pressed, a login banner and a login prompt is displayed.
NOTE: If the user does not log in within a configurable timeframe, the serial port returns to an idle state. The timeout period can be configured through the Web Manager Ports - Physical Ports - Access form.
The administrator can build custom menus using the Terminal Profile Menu form accessible from Web Manager, Applications - Terminal Profile Menu or from a terminal window using the menush_cfg command. You should specify the bidirectional shell command, /bin/menush in the Web Manager, Ports - Physical Ports - Access form.
Modem and power management connection protocols
The following table shows the connection protocols for modems or IPDUs connected to the serial ports.
Starts a PPP session without interactive authentication required. Assumes the specified console server serial port is connected to an external modem.
Starts a PPP session with authentication required. Assumes the specified console server serial port is connected to an external modem.
To configure a serial port connection protocol for a console connection:
This procedure assumes that the selected serial port is physically connected to a console port on a device.
1.
Go to Ports - Physical Ports in Expert mode, select a port or ports to modify, click the appropriate Modify Ports button. The General form appears.
2.
Click the General tab. The General form appears with the number(s) of the selected port(s) next to the Done button at the bottom of the form. All active tabs are yellow.
3.
To change the connection protocol, select one of the options from the Connection Protocol pull-down menu: Console (Telnet), Console (SSH), Console (Telnet & SSH) or Console (Raw). The default is Console (Telnet).
4.
5.
To configure a serial port connection protocol for a Bidirectional Telnet:
The following procedure assumes that the selected serial port is physically connected to a terminal. For more information on Bidirectional Telnet connection protocol see Bidirectional Telnet protocol.
1.
Go to Ports - Physical Ports in Expert mode, select a port or ports to modify, click the appropriate Modify Ports button. The General form appears.
2.
Click the General tab. The General form appears with the number(s) of the selected port(s) next to the Done button at the bottom of the form and the active tabs are yellow.
3.
4.
5.
Go to the Access tab and configure the following settings:
a.
b.
c.
In the BidirectionLogin Timeout field enter the time for the serial port to return to idle state. When the user name is not entered in the terminal window after the login banner is displayed, the serial port returns to an idle state. The default timeout value is 60 seconds.
d.
6.
To configure a serial port connection protocol for a terminal server:
This procedure assumes that the selected serial port is physically connected to a terminal. For more information on Terminal Server connection protocols see Terminal Server (TS) profile connection protocols.
1.
Go to Ports - Physical Ports in Expert mode, select a port or ports to modify, click the appropriate Modify Ports button.The General form appears.
2.
Click the General tab. The General form appears with the number(s) of the selected port(s) next to the Done button at the bottom of the form and the active tabs are in yellow.
3.
To change the connection protocol, select a Terminal Server connection from the Connection Protocol pull-down menu, Telnet, SSHv1, SSHv2, Local Terminal or Raw Socket.
4.
a.
Select Local Terminal from the Connection Protocol pull-down menu.
b.
5.
a.
Select Telnet, SSHv1, SSHv2 or Raw Socket from the Connection Protocol pull-down menu.
b.
c.
Specify the TCP Port number, the IP address of the remote host and the terminal type using the Other form. The Other form is located at Ports - Physical Ports - Modify Selected Ports - Other.
6.
7.
Click apply changes.
To configure a serial port connection protocol for an external modem:
This procedure assumes that the selected serial port is physically connected to an external modem.
1.
Go to Ports - Physical Ports in Expert mode, select a port or ports to modify, click the appropriate Modify Ports button. The General form appears.
2.
Click the General tab. The General form appears with the number(s) of the selected port(s) next to the Done button at the bottom of the form and the active tabs are in yellow.
3.
4.
5.
6.
7.
Click apply changes.
To configure a power management protocol for an IPDU:
This procedure assumes that an IPDU is physically connected to the selected serial port.
1.
Go to Ports - Physical Ports in Expert mode, select a port or ports to modify, click the appropriate Modify Ports button. The General form appears.
2.
Click the General tab. The General form appears with the number(s) of the selected port(s) next to the Done button at the bottom of the form.
3.
4.
5.
Select an access method for the IPDU from the Allow Access by pull-down menu. The options are SSH, Telnet or SSH and Telnet. Selecting an access option activates the Access and Other tabs.
6.
Go to the Access tab.
a.
b.
NOTE: Authentication type None is not a valid option when the serial port is configured for Power Management connection protocol. The system defaults to Local if no authentication type is selected.
NOTE: Configuration for One Time Password (OTP) and OTP/Local is documented in the Cyclades ACS Advanced Console Server Command Reference Guide.
7.
Go to the Other tab.
a.
b.
Enable Biometric Authentication Required if you are using Cyclades biometric authentication.
NOTE: Biometric Authentication Required field is available when the selected access method is SSH or SSH and Telnet.
8.
9.
Click apply changes.
To associate an alias to a serial port:
An alias can be associated to a port when it is individually selected for modification. To associate an alias to a port perform the following steps.
1.
Go to Ports - Physical Ports in Expert mode, select a port to modify and click the Modify Ports button.
2.
3.
Click Done.
4.
Click apply changes.
NOTE: The Alias field cannot be set if you select the Modify All Ports.
To configure serial port settings to match the connected devices:
The settings for a serial port must match the connection settings on the connected device.
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify. The General form appears.
2.
3.
4.
5.
6.
7.
8.
Click Done.
9.
Click apply changes.
Access
Under Ports - Physical Ports in Expert Mode, select one or more serial ports and click the Modify Port(s), select the Access form from the tabbed menu. The Access form appears.
The following table describes the menu and fields on the Access form.
You can deny access to one or more users or groups by entering an exclamation point (!) before the user or group name.
For example, to explicitly deny access to a user called noadmin and enable access only to a single user called johnd you would enter the following:
!noadmin,johnd. Successive names are separated by a comma.
NOTE: Authentication type None is not a valid option when the serial port is configured for Power Management connection protocol. The system defaults to Local if no authentication type is selected.
Configure the time for the serial port to return to idle state, if the user name is not typed in the terminal after the login banner is displayed. The default timeout value is 60 seconds.
Specify the menu shell command in this field, for example, /bin/menush and build a custom menu for the TS profile using Web Manager - Applications - Terminal Profile Menu form.
To configure user access to serial ports:
Use this procedure if you wish to specify a list of authorized users or groups.
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify.
2.
Click the Access tab. The Access form appears.
3.
To restrict access to one or more users or to a group of users, enter previously defined user or group names in the Authorized Users/Groups field, with names separated by commas.
4.
5.
Click Done.
6.
Click apply changes.
Authentication methods and fallback mechanism
The following table provides a brief description of the authentication methods. When an authentication method is configured to be performed by an authentication server such as Kerberos, LDAP, RADIUS or TACACS+, the user can get access denial if either the authentication server is down or it does not authenticate. An authentication fallback mechanism can be defined in case the first authentication level fails. The following table describes the authentication methods and fallback mechanisms.
To configure a serial port login authentication method:
This procedure configures an authentication method that applies to logins to devices connected to serial ports. You can select different methods for individual ports or for groups of ports.
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify.
2.
Click the Access tab.
3.
4.
Click Done.
5.
Click apply changes. The changes are stored in the /etc/portSlave/pSlave.conf file on the console server.
6.
The following table lists the procedures that apply to each authentication method.
Data Buffering
Under Ports - Physical Ports in Expert Mode, after you select one or more serial ports and click the Modify Port(s), you can select the Data Buffering form from the tabbed menu. The Data Buffering form appears.
There are different fields on this form depending on whether one or both options are enabled. The form displays Enable Data Buffering and Buffer to Syslog options.
If Enable Data Buffering is active, the form displays different fields depending on whether Local or Remote are selected from the Destination menu.
Ports - Physical Ports - Data Buffering Enabled
If Buffer to Syslog is checked, data buffer files are sent to the syslog server.
NOTE: Go to Wizard - Step 5:System Log or Expert - Network - Syslog to set up a syslog server.
The following figure shows both checkboxes (Enable Data Buffering and Buffer to Syslog) and the Local destination selected.
The following table describes the fields available in the data buffering form.
Will be either circular or linear. In circular mode, data is written into the specified local data file until the upper limit on the file size is reached; then the data is overwritten starting from the top of the file as additional data comes in. Circular buffering requires the administrator to set up processes to examine the data during the timeframe before the data is overwritten by new data.
NOTE: The NFS server must already be configured with the mount point shared (exported) and the shared directory from the NFS server must be mounted on the console server.
Choose a facility number to assign to the console server. Obtain the facility number for the console server from the system administrator of the syslog server. The facility number is included in any syslog message generated from the console server. The server’s administrator can use facility numbers to isolate logs from individual devices into individual files.
Buffer SysLog only when nobody is connected to the port
To configure data buffering for serial ports:
Perform this procedure if you wish to configure data buffering. Obtain the facility number for the console server from the system administrator of the syslog server. Options range from Local0 to Local7.
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify.
2.
3.
4.
From the Destination pull-down menu, choose Local or Remote to specify whether the data buffer files are stored locally or remotely on a file server.
5.
a.
b.
6.
If you chose Remote from the Destination pull-down menu, enter the NFS mount point for the directory where data buffer file is to be stored in the NFS File Path field.
NOTE: If you are configuring data buffer files to be stored remotely, make sure that a system administrator has already configured an NFS server and shared the mount point.
7.
8.
9.
10.
11.
12.
a.
b.
13.
Click Done.
14.
Click apply changes.
To configure alarm notifications to be sent based on the type of buffered data, use the Notifications form, Expert - Administration - Notifications.
Multi User
Under Ports - Physical Ports in Expert Mode, after you select one or more serial ports and click the Modify Port(s), you can select the Multi User form from the tabbed menu. The Multi User form appears.
The Multi User form enables you to open more than one session from the same serial port. Multiple users can connect simultaneously to a serial port. To connect to a port or start a shared session, the user must have permission to access the port. If you allow multiple sessions through Allow Multiple Sessions pull-down menu, the Privilege Users field should be populated with the user names who have access rights.
The following table describes the available fields on the Multi User form.
The following table describes the options from the Allow Multiple Sessions pull-down menu.
Do not allow multiple sessions. Only two users can connect to the same port simultaneously. One shared session and one normal session are allowed.
To configure multiple sessions and port sniffing for one or more serial ports:
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify.
2.
Click the Multi User tab.
3.
To allow or to prevent multiple sessions, select an option from the Allow Multiple Sessions pull-down menu. The options are: No, Yes (show menu), Read/Write (do not show menu), ReadOnly.
4.
5.
a.
b.
c.
6.
Click Done.
7.
Click apply changes.
Power Management
Under Ports - Physical Ports in Expert Mode, after you select one or more serial ports and click the Modify Port(s), you can select the Power Management form from the tabbed menu. The Power Management form appears.
You can use this form to make it possible for a user who is connected to a device through the selected serial port to perform power management. While connected to the device, the user displays a power management menu or dialog box by entering a hotkey.
NOTE: Enable power management on this form refers to IPDU power management, Applications - IPDU Power Mgmt.
Additional fields appear on the form if Enable Power management on this port and Enable IPMI on this port are checked, as shown in the following figure.
Ports - Physical Ports - Power Management, Enable IPMI Checked
The following table describes the available fields in the power management form.
Power management while connected to a port is possible only when one or both of the following conditions are true.
The device connected to the console server is a server with an IPMI controller and the server is added to the IPMI device list. To see the list of previously configured IPMI devices or to add a new IPMI device, go to Applications - IPMI Power Mgmt.
If you click Enable power management and click the Add button, the Add Outlet dialog box appears. In this dialog box, you can specify the IPDU and the outlet number(s) into which the device is plugged.
The PM on the Power Management Alias pull-down menu in the example figure indicates that a serial port is configured for power management and an IPDU is connected to the configured port. Separate outlet numbers with commas, as in 1,2,3,4.
To configure a serial port for IPDU power management:
1.
Go to Ports - Physical Ports, select a port or ports to modify, click the appropriate Modify Ports button and the Power Management tab.
2.
To enable Power Management of a device connected to the current port and plugged into a connected IPDU, click Enable Power Management on this port.
3.
4.
5.
Click OK. The power management port and the specified outlet numbers are displayed on the PowerMgmt Port list.
6.
Enter the power management hotkey in the Power Management Key field. Enter a caret (^) for the escape key, as in ^p. The caret stands for the Ctrl key.
7.
Click Done.
8.
Click apply changes.
NOTE: If you wish to configure IPMI power management on this port, continue to the IPMI configuration procedure below.
To configure a serial port for IPMI power management:
This procedure assumes you have added the connected IPMI device in the Applications - IPMI Power Mgmt. form.
1.
a.
Click the Enable IPMI on this port checkbox. The IPMI key and IPMI Server fields appear.
b.
Enter a key in the IPMI key field. Enter the key combination in the IPMI key field with ^, as in ^i. The caret (^) stands for the Ctrl key. The administrator of the device connected to this serial port uses this hotkey to bring up the IPMI power management screen.
c.
2.
Click Done.
3.
Click apply changes.
To configure a user for IPDU power management while connected to a serial port:
Perform this procedure to allow a user to perform power management on a device while connected to it through one of the console server’s serial ports.
1.
2.
Ports - Physical Ports - Power Management-Allow All Users
3.
Ports - Physical Ports -Power Management -Allow Users and Groups
4.
5.
Click Done.
6.
Click apply changes.
Other
Under Ports - Physical Ports in Expert Mode, after you select one or more serial ports and click Modify Port(s), you can select the Other form from the tabbed menu to configure other options. The Other form appears.
You can use this form to configure other settings. The options on this form may be less common settings. The following table describes the available fields in the Other form.
The TCP Port number for a serial port. The TCP port numbers by default start from 7001 and increment by +1 up to the number of serial ports that the console server unit has. For example, a console server unit with 8 serial ports have TCP port numbers 7001 through 7008.
A name (alias) for the IP of the selected port. A port IP alias field appear when a console (CAS) profile is selected from the Connection Protocol pull-down menu on the General form.
Checkbox to enable Windows EMS (Emergency Management Services). Appears only when a console (CAS) profile is selected from the Connection Protocol pull-down menu on the General form.
Adds another layer of security by using the Cyclades Bio authentication scanner. This option is available when a Console (SSH) or a Console (TelnetSSH) profile is selected from the Connection Protocol pull-down menu on the General form.
This field should be populated with the IP address of the device you are connecting to. The field is displayed when a terminal server (TS) profile is selected from the Connection Protocol pull-down menu on the General form.
This field should be populated with the terminal type when connecting to a host system. The field is displayed when a terminal server (TS) profile is selected from the Connection Protocol pull-down menu on the General form.
To configure TCP port number, STTY options, break interval and the login banner for a serial port connected to a console:
1.
Go to Ports - Physical Ports in Expert mode and select a port or ports to modify.
2.
Select the Other tab.
3.
4.
5.
If connecting to a Microsoft Windows Server 2003 operating system through the Emergency Management Services (EMS) console, enable the Windows EMS console connection protocol only.
6.
If using Cyclades biometric authentication for an additional layer of security, enable Biometric Authentication Required field console SSH connection protocol only.
7.
8.
9.
10.
11.
12.
13.
Click Done.
14.
Click apply changes.
To configure terminal server connection options:
Perform this procedure if you have connected a server terminal to a serial port.
1.
2.
Click the Other tab. The Other form displays.
3.
4.
5.
6.
7.
8.
9.
10.
11.
12.
Click Done.
13.
Click apply changes.