Avocent CPS1610 User's Manual
Contents
1. You cannot remove both the password and the SSH key from a user s definition one must remain in the user database Also you cannot remove a user s key or password if that removal would result in no valid users having USER access rights Chapter 3 Operations 23 For more information see Connecting to devices using SSH on page 16 Access rights and levels on page 23 and User Set command on page 72 To delete a user Issue a User Delete command USER DELETE lt username gt If the specified user is currently logged in a message is sent to the user indicating that access is no longer permitted and the user s Telnet session is terminated For more information see User Delete command on page 72 To display user configuration information 1 To display information about one user issue a Show User command specifying the username SHOW USER lt username gt 2 To display information about all users issue a Show User command with the All parameter SHOW USER ALL For more information see Show User command on page 67 Access rights and levels Most CPS appliance commands require the user to have access rights to use the commands The access rights for each command are listed in Table 4 4 on page 38 Table 3 3 describes the access rights a user may be given Table 3 3 Access Rights Access Right Description The Port Configuration access right allows the user to modify port settings Grant PCON REON access2. ATV1 and S0 1 Default no modem is attached to serial CLI port Number of time out minutes in the range 0 90 If no data is received or transmitted during a Telnet session for the specified period the session will time out A zero value indicates no time out This value is used for any CPS port that does not have a time out value set with the Port Set command during a Telnet session to port 23 or an SSH session to port 22 Default 15 minutes TIMEOUT lt time out gt Enables or disables authentication of serial CLI port sessions When enabled serial CLI sessions are authenticated against the local user database When AUTH ENABLE disabled serial CLI sessions are not authenticated the user is assigned the DISABLE appliance administrator level and the preemption level specified with the Preempt parameter will be used Default enabled Preemption level for serial CLI session users when authentication is disabled for PREEMPT 1 2 3 4 the serial CLI port Auth disable Default 4 Server FLASH command The Server FLASH command updates the CPS program images in FLASH memory You may wish to use this command to update the program with new features or to install a later release of the program There are two program images that you may update in the CPS FLASH The boot image file cps10bt img contains the CPS startup and self test logic The application image cps10app img contains the program that provides
3. 2 To exit CLI mode and return to the session with the attached device issue a Resume command RESUME For more information see Resume Command on page 50 To change the CLI access character Issue a Server CLI command or a Port Set command using the Char parameter to specify the CLI access character SERVER CLI CHAR lt char gt or PORT SET CHAR lt char gt If you issue a Port Set command with Char None then the CLI access character specified in the Server CLI command will be used You may use the Port Set command to override the Server CLI access character on a per port basis For more information see Server CLI command on page 51 and Port Set command on page 47 To display CLI access character information Issue a Show Server CLI command SHOW SERVER CLI For more information see Show Server CLI command on page 65 Ending Device Sessions To end your session Enter CLI mode and issue a Quit command QUIT Or Chapter 3 Operations 21 If you initiated the device session with a Connect command enter CLI mode and issue a Disconnect command DISCONNECT or Allow the port to time out due to inactivity In this case a notification message is issued and the serial CLI session returns to CLI mode This time out may occur while you are in CLI mode or For modem connections if a carrier drop occurs the serial CLI session is automatically logged off For more information see the Quit Command on page
4. Access right SMON Access level ADMIN or APPLIANCEADMIN SPC Changes SPC port settings Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN User Add Adds a new user Access right USER Access level ADMIN or APPLIANCEADMIN User Delete Deletes a user Access right USER Access level ADMIN or APPLIANCEADMIN User Logout Terminates a user s session Access right USER Access level ADMIN OR APPLIANCEADMIN An ADMIN level user may issue this command for users with any level other than APPLIANCEADMIN User Set Changes a user s configuration information Access right USER Access level ADMIN or APPLIANCEADMIN 42 CPS Installer User Guide Table 4 4 CPS Appliance Command Summary Continued Command Description Access Right and Access Level Unlocks a locked out user User Unlock Access right USER Access level ADMIN or APPLIANCEADMIN An ADMIN level user may issue this command for users with any level other than APPLIANCEADMIN 43 CPS Appliance Commands Connect Command The Connect command establishes a connection from the CPS serial over IP network appliance serial CLI port to a device attached to another port on that CPS appliance To use this command you must have previously issued a Server CLI command with the Connect On parameter For more information see Connecting to Serial Devices on page 13 Access right port specific Access level ADMIN
5. Default 0S User Commands The User command has several forms as listed in Table 5 36 Table 5 36 User Command Summary Command Description User Add Adds a new user to the user database User Delete Deletes a user from the user database User Logout Terminates a user s active session User Set Changes a user s configuration information User Unlock Unlocks a locked out user User Add command The User Add command adds a new user to the CPS user database The user database holds a maximum of 64 user definitions For more information see Managing User Accounts on page 22 and Access rights and levels on page 23 Access right USER Access level ADMIN or APPLIANCEADMIN Syntax USER ADD lt username gt PASS WORD lt pwd gt SSHKEY lt keyfile gt FTPIP lt tpadd gt KEY lt sshkey gt ACCESS lt access gt PREEMPT 1 2 3 4 Chapter 5 CPS Appliance Commands 71 Table 5 37 User Add Command Parameter Description lt username gt 3 16 alphanumeric character username Usernames are case sensitive PASSWORD lt pwa gt 3 16 alphanumeric character password Passwords are case sensitive SSHKEY lt keyfile gt Name of uuencoded public key file on an FTP server The maximum file size that may be received is 4K bytes If this parameter is specified you must also specify the FTPIP parameter FTPIP lt ftpadd gt FTP server s IP address If this
6. If the string is found the current history display line is set to the line containing the string and the unit outputs a history display page If the string is not found an error message is displayed no other information is output and the current history display line is not changed Entering the Search command with no parameters searches again for the previous string in the same direction as the previous search Top T sets the current history display line to one and outputs a history display page The following examples assume the user is in port history mode The following command searches the history buffer in the upward direction for the string Abort Process PORT The PORT HISTORY gt s u Abort Process following command searches the history buffer for the string Process ignoring case HISTORY gt s i Process For more information see Server CLI command on page 51 and Port History command on page 46 To access port history mode Issue a Port History command PORT HISTORY The PORT HISTORY gt prompt appears To control the port history buffer display when you connect Issue a Server CLI command using the History parameter to specify the Hold or Auto option SE RV ER CLI HISTORY HOLD AUTO e If Hold is specified the number of bytes in the history buffer is displayed but none of the his tory data is output In this case you must access the CLI and use the Port History command t
7. Technical specifications 75 support 86 Telnet CLI mode 20 connections to devices 13 Time out See Session time out Traps 82 U User accounts access rights and levels 23 adding 22 70 changing 22 72 deleting 23 72 displaying 23 67 User Add command 70 Index 91 User command summary 70 User Delete command 72 User Logout command 72 User Set command 72 User Unlock command 74 92 CPS Installer User Guide LIMITED WARRANTY Avocent Corporation warrants to the original retail purchaser that this product is and will be free from defects in materials and workmanship for a period of 24 months from the date of purchase Additionally all Avocent products carry an unconditional thirty day satisfaction guarantee If for any reason you are dissatisfied with the performance of this product you may return it to the point of purchase for a refund of the purchase price excluding shipping charges This guarantee does not apply to special order products and may not be available through all resellers During the warranty period purchaser must promptly call Avocent fora RETURN MATERIALS AUTHORIZATION RMA number Make sure that the RMA number appears on the packing slip proof of purchase AND ON THE OUTSIDE OF EACH SHIPPING CARTON Unauthorized returns or collect shipments will be refused Ship prepaid to Avocent Corporation 4991 Corporate Drive Huntsville AL 35805 U S A Telephone 256 430 4000 The above limited warranty
8. Port Serial port to which user is connected Username Username Duration Duration of user s session Socket Telnet socket number From Socket Telnet client IP address and socket number A Show User All command display includes the information in the following table Table 5 34 Show User All Command Display Fields Field Contents User Username Pass YES if user has a password defined NO if not Key YES if user has an SSH key defined NO if not Lock YES if user is locked out NO if not Chapter 5 CPS Appliance Commands 69 Table 5 34 Show User All Command Display Fields Continued SSS EE ES EES SSS Field Contents User s access level If a level was not configured access rights determine the level Users with SCON access gt APPLIANCEADMIN Level Users with USER or PCON but not SCON gt ADMIN Otherwise USER level is assigned Access User s access rights and preemption level SPC Command The SPC command changes settings for an SPC device and its sockets NOTE This command configures the port for use with the DSView software For standalone use of the SPC device this command should not be used and the CPS port to which the SPC is attached should be configured as TD Console Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax SPC lt port gt ALL MINLOAD lt amps gt MAXLOAD lt amps gt SOCKET lt sockef gt ALL WAKE ON OFF ONMIN lt
9. Server SNMP Command Parameter Parameter Description Enables or disables SNMP processing ENRB EIBISRBRE Default Enabled Server SNMP Community command The Server SNMP Community command defines read write and trap SNMP community strings Community names are case sensitive NOTE The default community names are public if you enable SNMP you are encouraged to change the community values to prevent access to the MIB For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON Access level APPLIANCEADMIN Chapter 5 CPS Appliance Commands 59 Syntax SERVER SNMP COMMUNITY READCOMM lt name gt WRITECOMM lt name gt TRAPCOMM lt name gt Table 5 19 Server SNMP Community Command Parameters Parameter Description 1 64 alphanumeric character read community name READCOMM name gt Default public 1 64 alphanumeric character write community name WRITECOMM lt name gt Default public 1 64 alphanumeric character trap community name If you specify this parameter TRAPCOMM lt name gt the name must be different from the read and write community names Default public Server SNMP Manager command The Server SNMP Manager command defines or deletes SNMP management entities You may define up to four management entities If you delete all SNMP managers or never add any the CPS appliance may be accessed using SNMP from any IP address For mo
10. Table 5 6 Port Alert Delete Command Parameter Parameter Description lt port gt Port number in the range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance Example The following command deletes defined alert strings from port 3 gt PORT 3 ALERT DELETE Alert strings assigned to port 3 1 The first alert string 2 The second alert string 3 The third alert string 4 The fourth alert string Select Alert string s to delete gt The alert string numbers specified at the prompt will be deleted Port Break command The Port Break command sends a serial break signal to the device to which you are attached Access right BREAK Access level ADMIN or APPLIANCEADMIN Syntax PORT BREAK Port History command The Port History command accesses a serial port s history mode while you are attached to the port When you are in history mode the PORT HISTORY gt prompt appears and you may search the port s history buffer for specified strings For more information see Managing the Port History Buffer on page 28 Chapter 5 CPS Appliance Commands 47 Access right none needed Access level all Syntax PORT HISTORY When you are in port history mode you may issue the commands listed in Table 3 4 on page 28 Examples The following command accesses the serial port s history mode gt port history In history mode the following command searches the history buffer in the downward direct
11. The Show Server PPP command displays the current PPP settings that were configured with the Server PPP command Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER PPP Show Server RADIUS command The Show Server RADIUS command displays the current CPS RADIUS settings that were configured with the Server RADIUS command Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER RADIUS Show Server Security command The Show Server Security command displays the current authentication connection and lock out settings that were configured with the Server Security and Server SSH commands Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER SECURITY Chapter 5 CPS Appliance Commands 67 Table 5 31 Show Server Security Command Display Fields Field Contents Configured authentication method s This includes the SSH authentication method Authentication configured with the Server SSH command or the default value regardless of whether SSH is enabled Encryption Configured connection methods None SSH or both ecko Configured security lock out state Enabled or Disabled If Enabled the number of hours in the lock out period is included DS Server IP 0 IP address of DSView software server number 0 DS Server IP 1 IP address of DSView software server number 1 DS Server IP 2 IP address of DSView software server number 2 DS
12. if port 7 is configured for Chapter 3 Operations 17 Telnet access on port 3007 then port 3107 will be a direct SSH connection for port 7 When SSH is enabled Telnet port 23 connections will be accepted from other clients if the Server Security command includes the Encrypt SSH None parameter which indicates that both SSH and plain text connections will be allowed Connecting to Telnet port 23 may also be tunneled through a connection to SSH port 22 Telnet DSView software and SSH clients may authenticate using a DS server SSH server keys When SSH is enabled for the first time the CPS generates an SSH server key The key generation process may take up to ten minutes The key is computed at random and is stored in the CPS configuration database In most cases the SSH server key should not be modified because most SSH clients will associate the key with the IP address of the CPS appliance During the first connection to a new SSH server the client will display the SSH server s key You will be prompted to indicate if it should be stored on the SSH client After the first connection most SSH clients will validate the key when connecting to the CPS appliance This provides an extra layer of security because the SSH client can verify the key sent by the server each time it connects When you disable SSH and later reenable it you may either use the existing server key or compute anew one If you are reenabling the same server at the same
13. local and none Multiple connection and authentication methods may operate concurrently By default authentication is performed at the local CPS user database then through the DS View software DS authentication DS authentication uses one or more DS View software servers When you specify DS authentication you may also indicate the mode by specifying either Secure or Trustall Chapter 3 Operations 25 e Secure indicates authentication will be locked to one DSView software server after a successful initial access and DSView software server and appliance credentials will be stored on the CPS appliance e Trustall indicates that any DS View software server may be used for authentication and DSView software server credentials will not be stored or validated on the CPS appliance When the secure mode is used you may clear the stored credentials used by the DS View software at any time For more information see the DS View Installer User Guide Local authentication Local authentication uses the CPS appliance internal user database to authenticate users RADIUS authentication RADIUS authentication uses an external third party RADIUS server containing a user database to authenticate CPS network appliance users The CPS appliance functioning as a RADIUS client sends usernames and passwords to the RADIUS server If a username and password do not agree with equivalent information on the RADIUS server the CPS appliance is informed and t
14. lt gt surround user supplied positional parameters and keyword parameter values In most cases choices are separated by a vertical bar The description indicates if you may specify more than one of the choices and how to separate multiple values The exception is the Server SSH command In this case the vertical bar is specified on the command line when you wish to enable the password or key method PW KEY or the key or password method KEY PW Command Summary Table 4 4 lists the CPS appliance commands including a brief description plus the required access rights and level Table 4 4 CPS Appliance Command Summary Command Description Access Right and Access Level Accesses devices from the serial CLI port Access right port specific Connect Access level ADMIN or APPLIANCEADMIN Users who do not have the ADMIN or APPLIANCEADMIN level must have the appropriate port access configured to issue this command Ends a device session initiated with Connect command Access right port specific Disconnect Access level ADMIN or APPLIANCEADMIN Users who do not have the ADMIN or APPLIANCEADMIN level must have the appropriate port access configured to issue this command Displays information about commands Help Access right none needed Access level all Adds a port alert string Port Alert Add Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Chapter 4 Using CPS Appliance Co
15. the SSH authentication method Server CLI command The Server CLI command e Specifies the CLI port type and access character Enables or disables device connection from the CLI port e Specifies a modem initialization string e Specifies port history mode operations 52 CPS Installer User Guide e Specifies a port time out value e Enables disables serial CLI port authentication e Specifies a preemption level to be used for serial CLI port sessions when authentication is dis abled on that port At least one parameter must be specified Access right SCON Access level APPLIANCEADMIN Syntax SERVER CLI PORT lt port gt TYPE lt type gt CHAR lt char gt CONNECT ON OFF HISTORY HOLD AUTO CLEAR KEEP MODEMINIT lt string gt TIMEOUT lt time out gt AUTH ENABLE DISABLE PREEMPT 1 2 3 4 Table 5 11 Server CLI Command Parameters Parameter Description CLI port number in the range 1 8 for a CPS810 appliance or 1 16 for a PORT lt port gt CPS1610 appliance Default 1 TYPE lt type gt Terminal type to be used on the CLI port The entire name of the type must be specified abbreviations are not permitted Valid types are ASCII VT52 VT100 VT102 VT220 VT320 and OFF Specifying Type Off disables the CLI Default ASCII CHAR lt char gt CLI access character in the range A through _ underscore The allowable ASCII range is 0x41 0x5F and 0x61 0x7A The CLI acc
16. write and trap community names Defining and deleting up to four SNMP management entity IP addresses e Enabling and disabling SNMP traps Defining and deleting up to four trap destination IP addresses Defining copying and deleting up to ten alert strings for each port By default SNMP is enabled but no traps are enabled and no trap destinations are defined To enable or disable SNMP processing 1 To enable SNMP processing issue a Server SNMP command with the Enable parameter This is the default setting SERVER SNMP ENABLE 2 To disable SNMP processing issue a Server SNMP command with the Disable parameter SERVER SNMP DISABLE Chapter 3 Operations 31 For more information see Server SNMP command on page 58 To specify SNMP community names Issue a Server SNMP Community command using the Readcomm Writecomm and Trapcomm parameters to specify community names NOTE The default community names are public if you enable SNMP you are encouraged to change the community values to prevent access to the MIB SERVER SNMP COMMUNITY READCOMM lt name gt WRITECOMM lt name gt TRAPCOMM lt name gt Although all three community names default to public if you specify a trap community name with this command it must be different from the read and write community names For more information see Server SNMP Community command on page 58 To add or delete SNMP management entity addresses 1 To add an SNMP management entity
17. 50 and the Disconnect Command on page 43 To end another user s session Issue a User Logout command USER LOGOUT lt username gt A message is sent and the Telnet or SSH connection is dropped For more information see User Logout command on page 72 For information about preempting a user s session see Connecting to devices using Telnet on page 13 Session time out The CPS appliance monitors data traffic when you are connected to an attached serial device You may specify a time out value with the Server CLI command You may also specify a time out value for each port with the Port Set command When no data is received from the connected user for the configured number of minutes the connection is terminated The following time out values are used For a Telnet session the Server CLI time out value is used e For a serial port session if the port s configured time out value is zero the Server CLI time out value is used even if it is also zero e For a serial port session if the port s configured time out value is non zero that value is used Preemption Configured preemption levels determine whether a user who wishes to connect to a port the connecting user may preempt another user who is already using that port the current user Preemption levels are configured for each user with the User Add or User Set commands Preemption levels range from one to four Four is the highest level and is also the default e Ift
18. Authentication Methods Continued Method Description SSH connections will be authenticated with either a username password or an SSH key If a user has only a password defined that user must authenticate an SSH session with a username password If a user has only an SSH key defined that user must authenticate an SSH session using the key If a user has both a password and an SSH key defined that user may use either a username password or the SSH key to authenticate an SSH session This method allows the administrator to define how each user will authenticate an SSH session based on information provided in the User Add Set command PW authentication will be local RADIUS or DS as specified in the Auth parameter of the Server Security command Key authentication is always local PWIKEY or KEY PW SSH connections will be authenticated using both a username password and an SSH key With this method a user s definition must include a password and SSH key PW amp KEY or KEY amp PW information for that user to authenticate an SSH session PW authentication will be local RADIUS or DS as specified in the Auth parameter of the Server Security command Key authentication is always local A user s access rights are determined from the authentication method used SSH key authentication always uses the access rights from the local user database Depending on the server authentication method specified with the Server Security command S
19. BIOS Bootstrap version date and time APP Application version that is running plus its date and time Show Server CLI command The Show Server CLI command displays the serial CLI settings Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER CLI Table 5 30 Show Server CLI Command Display Fields Field Contents CLI Port Serial CLI port number and terminal type Access Character Control character used to access CLI History Indicates whether a port s history buffer content is displayed auto or not displayed hold when a user connects to the port and whether the buffer content is cleared clear or kept keep when a session ends 66 CPS Installer User Guide Table 5 30 Show Server CLI Command Display Fields Continued Field Contents Connect Indicates whether a valid user on the serial CLI port may use the Connect command Modeminit string String used to initiate modem connections on the serial CLI port Session time out value shown in full minute or minute second form for example 3m sever SEL TIMEOUL for 3 minutes 3 30 for 3 minutes 3 seconds Local authentication Configured CLI port authentication setting Enabled or Disabled Preemption level to be used when authentication is disabled on the serial CLI port Local preemption level and that port s user attempts to connect to another serial port Show Server PPP command
20. CPS functionality You will need a TFTP server Download the latest FLASH image from Avocent Save the image file to the appropriate directory on the TFTP server Access right SCON Access level APPLIANCEADMIN Syntax SERVER FLASH BOOT APP HOSTIP lt ftp_add gt IMAGE lt host_file gt Table 5 12 Server FLASH Command Parameters Parameter Description Indicates either the boot image should be updated or the application image should BOQTJAPE be updated HOSTIP lt tftp_add gt IP address of TFTP server host 54 CPS Installer User Guide Table 5 12 Server FLASH Command Parameters Continued Parameter Description IMAGE lt host file gt Name of file on TFTP server host containing the image file Example The following command updates the boot image program using the image file name c winnt system32 drivers cps10bt img which is located on the TFTP server host located at 192 168 1 16 gt ser fla app hostip 192 168 1 16 c winnt system32 drivers ima cpsl0bt img Server Ping command The Server Ping command enables or disables response to ping requests When enabled the CPS appliance receives and responds to all ping requests When disabled ping requests are received and silently discarded Syntax SERVER PING ENABLE DISABLE Table 5 13 Ping Command Parameter Parameter Description Enables or disables response to the ping requests ENSE EIDISABRE Default Enabled Server PP
21. Each CPS port has a buffer that holds the most recent 64K bytes of online and offline serial data A separate history command mode lets you navigate within a port s current history file and conduct tailored searches Safety Precautions To avoid potential device problems when using Avocent products if the building has 3 phase AC power ensure that a computer and its monitor if used are on the same phase For best results they should be on the same circuit To avoid potentially fatal shock hazard and possible damage to equipment please observe the following precautions e Do not use a 2 wire extension cord in any Avocent product configuration Test AC outlets at the computer and monitor if used for proper polarity and grounding e Use only with grounded outlets at both the computer and monitor When using a backup Unin terruptible Power Supply UPS power the computer the monitor and the CPS appliance off the supply NOTE The AC inlet is the main disconnect Rack mount safety considerations e Elevated Ambient Temperature If installed in a closed rack assembly the operation tempera ture of the rack environment may be greater than room ambient Use care not to exceed the rated maximum ambient temperature of the unit e Reduced Airflow Installation of the equipment in a rack should be such that the amount of air flow required for safe operation of the equipment is not compromised e Mechanical Loading Mounting of the
22. None TIMEOUT lt time out gt Number of time out minutes in the range 0 90 If no data is received or transmitted during a Telnet session for the specified period the session will time out A zero value indicates no time out This value overrides the time out value set with a Server CLI command Default use value set with Server CLI command Chapter 5 CPS Appliance Commands 49 Table 5 8 Port Set Command Parameters Continued Parameter Description SOCKET lt socket gt TCP port that must be entered on the Telnet client to connect to this serial port The new value becomes effective in subsequent sessions When SSH is enabled the CPS appliance automatically adds 100 to the specified value When All is specified port 1 will be assigned the specified socket value plus 1 port 2 will be assigned the specified value plus 2 and so on When All is specified and SSH is enabled port 1 will be assigned the specified socket value plus 101 port 2 will be assigned the specified value plus 102 and so on Default 3000 plus the port number 3100 plus the port number if SSH is enabled see above for action taken if All is specified CHAR lt cli_char gt CLI access character in the range A to _ underscore or None The allowable ASCII range is 0x41 0x5F and 0x61 0x7A The CLI access character when pressed simultaneously with the Ctrl key during a session with an attached serial device will suspend the session with t
23. PC using a terminal emulation program If you connect an external modem to the serial CLI port you may also access devices through a remote terminal or PC that can dial into the external modem For information about modem connections see Connecting to devices using SSH on page 16 Configuring and using dial in connections on page 15 and Server CLI command on page 51 For more information about serial CLI port connections see Authentication of serial CLI port sessions on page 26 and Preemption on page 21 To configure a port for the serial CLI 1 Issue a Server CLI command using the Port parameter to specify the CLI port and the Type parameter to specify the terminal type SERVER CLI PORT lt port gt TY PE lt type gt 2 To disable the CLI that was previously configured on a port issue a Server CLI command indicating Type Off For more information see Server CLI command on page 51 To display CLI port information Issue a Show Server CLI command SHOW SERVER CLI The display includes the CLI port number and terminal type plus the CLI access character For more information see Show Server CLI command on page 65 To connect to a device from the serial CLI port 1 Issue a Server CLI command using the Connect parameter to enable the use of the Connect command from the serial CLI port SERVER CLI CONNECT ON 2 Chapter 3 Operations 15 Issue a Connect command to the desired port CONNECT lt port gt To end
24. Set In Out Command Parameters Parameter Description Either a port number in range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance or All which indicates that the settings that follow should be applied to all ports Default port to which you are attached lt port gt ALL ALL Indicates that the settings that follow should be applied to all ports Either In to specify translation for incoming data or Out to specify translation for INOUE outgoing data Translation to be made for carriage returns Valid values are CR CR Carriage return is treated as a carriage return CR LF Carriage return is treated as a linefeed CR STRIP Carriage return is stripped CR CRLF Carriage return is treated as a carriage return and linefeed Default CR CR CR lt cr gt Translation to be made for linefeeds Valid values are LF LF Linefeed is treated as a linefeed LF CR Linefeed is treated as a carriage return LF lt f gt CRLF CR LF STRIP Linefeed is stripped CRLF CR Linefeed is stripped only if it is preceded by a carriage return This LF setting cannot be specified with any other LF setting Default LF LF Quit Command The Quit command terminates the current CPS appliance session and terminates your Telnet comnection to the unit Access right none needed Access level all Syntax QUIT Resume Command The Resume command exits the CLI and resumes your connection to the attached serial device T
25. changed BAUD Keyword parameter which is always followed by an equal sign 57600 Keyword value indicating the baud rate value for the BAUD keyword parameter FLOW Keyword parameter which is always followed by an equal sign Chapter 4 Using CPS Appliance Commands 37 Table 4 3 Command Syntax Types in Example Command Continued Value Syntax XONXOF Keyword value Not every command will contain all syntax types For example the following command reboots the CPS appliance gt SERVER REBOOT In this case both SERVER and REBOOT are positional commands In most cases one or more spaces separate positional commands positional parameters and keyword parameters For most positional commands positional parameters or keyword parameters you only need to enter the first three characters The exceptions are e When you specify a terminal type with the Type parameter in the Server CLI command you must enter all characters e When you specify an authentication method with the Auth parameter in the Server SSH com mand you must enter all characters When you specify control signal monitoring with the Power parameter in the Port Set com mand you must enter all characters With the exception of usernames and passwords commands are not case sensitive they may be entered in uppercase lowercase or a combination For example all of the following commands are correct gt PORT 2 SET BAUD 5
26. command issued by username server name SPC location name CPS appliance port number and SPC socket number SpcSocketOff Command The Off command was issued to an SPC socket Variables command issued by username server name SPC location name CPS appliance port number and SPC socket number 84 CPS Installer User Guide Table C 1 CPS Appliance Enterprise Traps Continued Trap Description and Variable s SPCSocketReboot The Reboot command was issued to an SPC socket Variables command issued by username server name SPC location name CPS Command appliance port number and SPC socket number An SPC socket encountered an on sense failure ee eee aaa Variables server name SPC location name CPS appliance port number and SPC socket number An SPC socket encountered an off sense failure A ne Variables server name SPC location name CPS appliance port number and SPC socket number SPCTotalLoadHigh The SPC device has exceeded the total load maximum threshold Variables SPC location name and CPS appliance port number The SPC device exceeded the total load minimum load threshold fe Variables SPC location name and CPS appliance port number An SPC socket s state changed to on SPCSocketStatusOn Variables server name SPC location name CPS appliance port number and SPC socket number An SPC socket s state changed to off SPCSocketStatusOff Variables server name SP
27. ena loc 192 168 0 1 rem 192 168 0 2 mas 255 255 255 0 The following command enables the PPP server with previously configured IP and subnet mask values This form of the command would not be valid unless the IP and subnet mask values had been previously configured gt server ppp enabl Server RADIUS command The Server RADIUS command defines or deletes RADIUS parameters for the CPS RADIUS client For more information see RADIUS authentication on page 25 When you enter this command you are prompted to confirm or cancel the specified changes Access right SCON Access level APPLIANCEADMIN Syntax SERVER RADIUS PRIMARY SECONDARY IP lt radius_ip gt SECRET lt secref gt USER RIGHTS lt attr gt AUTHPORT lt udp gt TIMEOUT lt time out gt RETRIES lt retry gt or SERVER RADIUS PRIMARY SECONDARY DELETE 56 CPS Installer User Guide Table 5 15 Server RADIUS Command Parameters Parameter Description PRIMARY Indicates either the primary RADIUS server or the secondary RADIUS server is SECONDARY being defined or deleted IP lt radius_ip gt IP address of the RADIUS authentication server SECRET lt secret gt 8 24 character text string for shared secret with the RADIUS server Enclose the string in quotes if it contains spaces USER RIGHTS lt attr gt Attribute number defined on the RADIUS server in the range 1 255 AUTHPORT lt udp gt UDP port for RADIUS authentication server i
28. iiini eiin p e K E santa ati lie sde nu sit 20 DESSIONR NE OUT Ernie seen danse ed sade ca nn Bone en SR nn Ed dE tas aden AU TAA Paw Ps haste dhs 21 Preemption ierni teere aarete artie e dirait imite tee eee rude 21 Managing User ACCOUNIS re here ehna n i iin en 22 Acc ss rights and levels rrine RE E vk AiR RSI A UE te 23 Using Authentication Methods ss 24 iv CPS Installer User Guide Authentication of serial CLI port sessions cccccccceccecseeesesseeteceteseeteseeseeceeeaeecaecacesseeaesneesaeeeees 26 Authentication SUMMAFY nier 26 Using securit lock OUt ess cxcv Seuss iet das cca AE REER eed st ete ene amet 27 Managing the Port History Buffer ss 28 Using port history mode commands ss 28 Managing the CPS Appliance Using SNMP een 30 Chapter 4 Using CPS Appliance Commands eecceeeeeeeeeeeeeeeeeeeeeeeeeeeeneeeeees 35 ACCESSING the CLD ranra veo tea seed tad ts en de nn RUE AL teen 35 Entering Commands sunn laa nettes ne NE nn M ect se den net dde 35 When commands take effect sise 36 Understanding Conventions ss 36 Command Syntax nine Unes E a L A see Pi RE NRA M Re ete ste 36 SYNTAX CONVENTIONS ss teu TE ETA ee nn d ni eee ee 38 Command SUMMON eR ev aes ANR SR NT Re RS te a 38 Chapter 5 CPS Appliance Commands 2 cccccceceeeeeeseee eee eeeeeeeeeeeeeeeeeeneaeeeseeeeeeeeneees 43 Connect COMMON EE RE TR cases bee wae Coes cst Sas sa ae ee kB a ee men rein de de 43 Disconnect Command trente da
29. is voided by occurrence of any of the following events upon which the product is provided as is with all faults and with all disclaimers of warranty identified below If defect or malfunction was caused by abuse mishandling unauthorized repair or use other than intended If unauthorized modifications were made to product If unreported damages occurred in any shipment of the product If damages were due to or caused by equipment or software not provided by Avocent If the unit is used with non grounded or incorrectly polarized AC power If the product is used in contradiction to any instruction provided by any User Guide or Instruction Sheet provided to you or with the product 7 Ifthe product is damaged due to power surges water exposure or act of God including lightning past EXCEPT AS SPECIFICALLY PROVIDED ABOVE AND TO THE MAXIMUM EXTENT ALLOWED BY LAW AVOCENT CORPORATION DISCLAIMS ALL WARRANTIES AND CONDITIONS WHETHER EXPRESS IMPLIED OR STATUTORY AS TO ANY MATTER WHATSOEVER INCLUDING WITHOUT LIMITATION TITLE NON INFRINGEMENT CONDITION MERCHANTABILITY OR FITNESS FOR ANY PARTICULAR OR INTENDED PURPOSE EXCEPT AS EXPRESSLY PROVIDED ABOVE AND TO THE MAXIMUM EXTENT ALLOWED BY LAW AVOCENT CORPORATION SHALL NOT BE LIABLE FOR ANY SPECIAL INDIRECT OR CONSEQUENTIAL DAMAGES INCLUDING WITHOUT LIMITATION LOSS OF PROFIT LOSS OF BUSINESS LOSS OF INFORMATION FINANCIAL LOSS PERSONAL INJURY LOSS OF PRIVACY OR NEGLIGENCE WHICH MAY
30. levels on page 23 You may delete a user s password or key however each user must have a password or a key so you cannot remove both Also you cannot remove a user s password or key if that action would result in no users having USER access rights Access right none to change your own password USER to change anything else Access level none to change your own password ADMIN or APPLIANCEADMIN to change anything else Syntax Chapter 5 CPS Appliance Commands 73 USER SET lt username gt PASSWORD lt pwd gt SSHKEY lt keyfile gt FTPIP lt fipadd gt KEY lt sshkey gt ACCESS lt access gt PREEMPT 1 2 3 4 Table 5 40 User Set Command Parameters Parameter Description lt username gt Username PASSWORD lt pwa gt New 3 16 alphanumeric character password Passwords are case sensitive This parameter is required when changing another user s password The password is displayed on the screen For security clear your screen display after issuing this command To delete a password specify Password SSHKEY lt keyfile gt Name of uuencoded public key file on an FTP server The maximum file size that may be received is 4K bytes FTPIP lt ftpadd gt FTP server s IP address KEY lt sshkey gt Uuencoded SSH key To delete an SSH key whether it was originally specified with the SSHKEY and FTPIP parameters or with the KEY parameter specify Key ACCESS lt acc
31. only to users who need to issue the Port Set command The Server Configuration access right allows the user to change the CPS configurations SCON including setting the IP address and updating the program load in FLASH Grant SCON access only to users who need to administer the CPS appliance The Server Monitor access right allows the user to view CPS appliance status and monitor SMON serial port activity Grant SMON access only to users who need to assist other users in accessing attached serial devices The USER access right allows the user to modify the user database Grant USER access USER only to users who need to add users change user specifications or delete users At least one user must have USER access rights otherwise the user database cannot be changed The BREAK access right allows the user to send a serial break sequence to the attached BREAK serial device On certain devices this sequence has a special meaning Grant BREAK access only to users who need to use the Port Break command 24 CPS Installer User Guide Table 3 3 Access Rights Continued Access Right Description The Port access right gives a user access to one or more serial ports and the attached P serial devices You may grant Port access rights to specific ports Pn a range of ports Px y or all ports PALL Access levels When you specify a user s access rights you may either specify the individual rights or you may use a
32. parameter is specified you must also specify the SSHKEY parameter KEY lt sshkey gt Uuencoded SSH key ACCESS lt access gt Command and port access rights or level You may specify multiple access rights separated by commas or a level Valid values for access rights are P lt n gt Access to the specified port number P lt x y gt Access to the specified range of ports PALL Access to all ports USER User configuration access rights PCON Port configuration access rights SCON Configuration access rights SMON Monitor access rights BREAK Can issue Port Break command Valid values for access levels are ADMIN PALL USER SMON PCON and BREAK access rights APPLIANCEADMIN PALL USER SCON SMON PCON and BREAK access rights Default PALL SMON PREEMPT 1 2 3 4 Preemption level in the range 1 lowest 4 highest Default 4 highest Examples The following command adds the username JohnDoe with the password secretname access to ports 2 5 6 and 7 and user and monitor access rights gt user add JohnDoe password secretname access P2 5 7 user smon The following command adds the username JaneDoe with access to all ports The name of the SSH public user key file is cps_key2 pub This file is located on the FTP server at IP address 10 0 0 3 gt user add JaneDoe ssh cps_key2 pub ftp 10 0 0 3 access pall The following command adds the username JDoe and gives that user the Appliance A
33. physical port 14 of the CPS network appliance telnet 192 168 0 5 3014 If an authentication method other than None has been configured for the CPS appliance you will be prompted for a username and password Once authentication completes your connection is confirmed When you successfully connect to the serial device you will see a display similar to the following Avocent CPS Username Myname Password 14 CPS Installer User Guide Authentication Complete Connected to Port If the authentication method is configured as None you may Telnet and connect to a serial device without entering credentials however credentials are always required when connecting to the CPS CLI Data entered at the Telnet client is written to the attached serial device Any data received by the CPS appliance from the serial device is output to your Telnet client Connecting to devices from the serial CLI port By factory default port 1 of the CPS network appliance is configured with the serial CLI which prohibits the use of port 1 with an attached serial device You may configure the CLI on a different port but only one port may be configured as the serial CLI port at one time For example if you attempt to enable the CLI interface on port n and it is already active on port p then the CLI will automatically be disabled on port p You may connect to one serial device at a time through the serial CLI port using a local terminal or a local
34. shortcut that specifies an access level The APPLIANCEADMIN and ADMIN levels are equivalent to the following individual specifications The APPLIANCEADMIN level is equivalent to PALL USER SCON SMON PCON and BREAK The ADMIN level is equivalent to PALL USER SMON PCON and BREAK DSView software users also have access levels Those with administrator level rights are given all CPS access rights PCON SCON SMON USER BREAK and PALL DSView software users with user level rights may access the serial device to which they are connected They also have BREAK access for the port they are accessing See the DS View Installer User Guide for more information To manage a user s access rights levels 1 To configure a user s access rights level issue a User Add command using the Access param eter to specify the rights or a level USER ADD lt username gt ACCESS lt access gt 2 To change a user s access rights level issue a User Set command using the Access parameter to specify the rights or a level USER SET lt username gt ACCESS lt access gt 3 To display the access rights and level for one or all users issue a Show User command SHOW USER lt username gt ALL For more information see Managing User Accounts on page 22 plus User Add command on page 70 User Set command on page 72 and Show User command on page 67 Using Authentication Methods The CPS appliance supports four methods for authenticating users DS RADIUS
35. time gt OFFmin lt time gt Table 5 35 SPC Command Parameters Parameter Description lt port gt Port number in range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance ALL Indicates that the settings that follow should be applied to all ports configured as SPC Minimum load in amperes in the range 0 30 A 0 value indicates no minimum load MINLOAD lt amps gt Default 0 Maximum load in amperes in the range 0 30 A 0 value indicates no maximum load MAXLOAD lt amps gt Default 0 Either a socket number on the SPC or All which indicates that the settings that SOCKET RICE follow should be applied to all sockets on the SPC State that the socket will enter when the SPC is powered up WAKE ON OFF Default ON 70 CPS Installer User Guide Table 5 35 SPC Command Parameters Continued Parameter Description Minimum amount of time that a socket will stay on before it may be turned off The value may be specified with S for seconds M for minutes or H for hour Valid values are 0S 15S 30S 45S 60S 75S 90S 105S ONMIN lt time gt 1M 2M 3M 4M 5M 10M 15M 30M 60M 1H Default 0S OFFMIN lt time gt Minimum amount of time that a socket will stay off before it may be turned on The value may be specified with S for seconds M for minutes or H for hour Valid values are OS 15S 30S 45S 60S 75S 90S 105S 1M 2M 3M 4M 5M 10M 15M 30M 60M 1H
36. user with the APPLIANCEADMIN level A user with the APPLIANCEADMIN level may unlock all users To enable or disable security lock out 1 To enable security lock out issue a Server Security command using the Lockout parameter with a value between 1 99 2 To disable security lock out issue a Server Security command using the Lockout 0 parameter To unlock a locked out user Issue a User Unlock command with the username Managing the Port History Buffer Each CPS appliance serial port has a circular history buffer that contains the latest 64K bytes of data received from the attached serial device This information may be helpful in analyzing attached device anomalies The history buffer begins filling with received data upon completion of CPS appliance initialization even if no user is connected When you connect to a serial port the data that was received from the attached serial device prior to the connection is available in the buffer Once online new data continues to be stored in the buffer You may choose whether to display the history buffer s content automatically when you connect and whether to keep or discard the history buffer s content at the end of a session When more than 64K bytes of data are sent to the history buffer data at the top of the buffer is discarded to make room for the new data As a result the buffer always contains the most recent 64K bytes of port history Using port history mode commands
37. 267 VAC AC input current rating 0 5A AC input cable 18 AWG three wire cable with a three lead IEC 320 receptacle on the power supply end and a country dependent plug on the power resource end Frequency 50 to 60 Hz 76 CPS Installer User Guide Table A 1 CPS 810 1610 Appliance Technical Specifications Continued Item Value 0 to 40 Celsius 32 to 104 Fahrenheit operating Temperature 20 to 65 Celsius 4 to 149 Fahrenheit nonoperating Humidity 10 to 90 noncondensing Safety and EMC FCC P 15 Class A EN55022 EN61000 3 2 EN61000 3 3 EN60950 Standards EN55024 ETL UL 1950 CSA 22 2 No 950 Appendix B Device Cabling Appendices 77 Each CPS appliance serial port has an RJ 45 connector for attaching a serial device Table B 1 lists the pin assignments Table B 1 Port Pin Assignments Pin Number RS 232 Signal Direction Description 1 RTS Output Request to Send 2 DSR Input Data Set Ready 3 DCD Input Data Carrier Detect 4 RD Input Receive Data 5 TD Output Transmit Data 6 GND N A Signal Ground 7 DTR Output Data Terminal Ready 8 CTS Input Clear to Send NOTE RI Ring Indicate is not supported Modular adaptors are available from Avocent to convert RJ 45 modular jacks to standard pinout configurations Adaptors are available for use with e CAT 5 cable e Serial reversing cable Reversing adaptors and cables are recommende
38. 6 port CPS Appliance Back Panel 6 Figure B 1 CAT 5 Cable Adaptor Pin Assignments cccccccecccessetssesceseeesceseeeeeeseeseeeseeseeseenseeaeenees 78 Figure B 2 Reversing Cable Adaptor Pin Assignments 80 Figure B 3 8 wire RJ 45 Reversing Cable ss 81 viii CPS Installer User Guide ix LIST OF TABLES OF TABLES Table 2 15 EEDS And BUHONS 55 23 Ais its E RP Rte nr TR nr ETER 5 Table3 1 Default Port Seine sn ieri ie ede ine ea vein E as 11 Table 3 2 SSH Authentication Methods seen 17 Table 3 38 Acces S RINI 25 HE Ms oes i eee sii Re hatte Me eae en 23 Table 3 4 Port History Mode Commands ss 28 Table 4 1 Line Editing Operations for VT100 Compatible Devices c ccccccceccecceteteeteteseetetnstesees 35 Table 4 2 Line Editing Operations for ASCII TTY Devices us 36 Table 4 3 Command Syntax Types in Example Command 36 Table 4 4 CPS Appliance Command Summary ss 38 Table 5 1 Connect Command Parameter inner 43 Table 5 2 Help Command Parameter sise 44 Table 5 3 Port Command Summary inner 44 Table 5 4 Port Alert Add Command Parameters ecer 45 Table 5 5 Port Alert Copy Command Parameters sise 45 Table 5 6 Port Alert Delete Command Parameter ss 46 Table 5 7 Port Logout Command Parameter ss 47 Table 5 8 Port Set Command Parameters sense 48 Table 5 9 Port Set In Out Command Parameters ocenenie 50 Table 5 10 Server Command Summary ss 51 Table 5 11 Server CL
39. 7600 FLOW XON gt POR 2 SET BAU 57600 FLOW XON gt por 2 Set Baud 57600 flow xon gt port 2 set baud 57600 flow xon NOTE Usernames and passwords are case sensitive These values are stored exactly as you enter them For example the username Ann must be entered with an uppercase A and all other letters lowercase The username ANN will not be accepted as the username Ann Usernames and passwords must contain 3 16 alphanumeric characters Any syntax errors are displayed and where applicable the error is underlined In the following example the keyword parameter baud is misspelled Even if more than three characters are entered they must all be correct gt port 2 Set Baux 57600 flow xon ERR 26 SET keyword parameter invalid In the following example the keyword value 576 is not valid Numeric keyword values must be fully specified and may not be shortened to three characters 38 CPS Installer User Guide gt POR 2 SET BAUD 576 FLOW XON ERR 27 SET keyword value invalid In the following example there are spaces between BAUD the equal sign and the value 57600 Spaces are not permitted between keyword parameters and their values gt POR 2 SET BAUD 57600 FLOW XON ERR 26 SET keyword parameter invalid Syntax conventions This manual uses the following command syntax conventions e Brackets surround optional keywords and values e Angle brackets
40. APPLIANCEADMIN or others with access to port Syntax CONNECT lt port gt Table 5 1 Connect Command Parameter Parameter Description lt port gt Port number in the range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance Example The following command establishes a connection from the serial CLI port to port 6 gt connect 6 Disconnect Command The Disconnect command terminates a session with a serial device that was previously initiated with a Connect command This command frees the attached serial device and allows other users to access it Access right port specific Access level ADMIN APPLIANCEADMIN or others with access to port Syntax DISCONNECT 44 CPS Installer User Guide Help Command The Help command displays information about CPS appliance commands Access right none needed Access level none needed Syntax HELP lt command_name gt Table 5 2 Help Command Parameter Parameter Description Command name gt Scommand name Default Displays list of all commands Examples The following command displays information about the Show Server CLI command help sho ser cli The following command displays a list of all commands help Port Commands The Port command has several forms as listed in Table 5 3 Table 5 3 Port Command Summary Command Description Port Alert Add Adds a port alert string to a specified port Port Alert Copy Copies po
41. BE CAUSED BY OR RELATED TO DIRECTLY OR INDIRECTLY THE USE OF A PRODUCT OR SERVICE THE INABILITY TO USE A PRODUCT OR SERVICE INADEQUACY OF A PRODUCT OR SERVICE FOR ANY PURPOSE OR USE THEREOF OR BY ANY DEFECT OR DEFICIENCY THEREIN EVEN IF AVOCENT CORPORATION OR AN AUTHORIZED AVOCENT DEALER HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES OR LOSSES 2004 Avocent Corporation All rights reserved ON Z Avocent The Power of Being There For Technical Support Email support avocent com www avocent com Avocent Corporation 4991 Corporate Drive Huntsville Alabama 35805 6201 USA Tel 1 256 430 4000 Fax 1 256 430 4031 Avocent Asia Pacific Singapore Branch Office 100 Tras Street 15 01 Amara Corporate Tower Singapore 079027 Tel 656 227 3773 Fax 656 223 9155 Avocent Canada 50 Mural Street Unit 5 Richmond Hill Ontario L4B 1E4 Canada Tel 1 877 992 9239 Fax 1 877 524 2985 590 187 001H Avocent International Ltd Avocent House Shannon Free Zone Shannon County Clare Ireland Tel 353 61 715 292 Fax 353 61 471 871 Avocent Germany Gottlieb Daimler StraBe 2 4 D 33803 Steinhagen Germany Tel 49 5204 9134 0 Fax 49 5204 9134 99
42. C location name CPS appliance port number and SPC socket number A user account has been locked userLocked Variables client IP address locked username and reason userUnlocked A user account has been unlocked Variables client IP address command issued by username unlocked username and reason aggregatedServer StatusChg The status of one or more servers connections paths has changed The appliance always sends this trap upon bootup Thereafter it sends the trap when there is a change in connection path status and will include only those paths whose status has changed Variable s connection path s Appendices 85 Appendix D Ports Used Table D 1 lists the UDP and TCP port numbers used by the CPS appliance The values assume a default configuration some values are configurable Table D 1 Ports Used by CPS Appliance Port Type and Number Used for TCP 22 SSH2 if enabled TCP 23 Telnet UDP 161 SNMP if enabled TCP 3211 Secure protocol used by DSView software TCP 3001 3016 Telnet serial sessions with ports 1 16 TCP 3101 3116 SSH serial sessions with ports 1 16 TCP 3871 Secure protocol used by DSView software 86 CPS Installer User Guide Appendix E Technical Support Our Technical Support staff is ready to assist you with any installation or operating problems you encounter with your Avocent product If an issue should develop follow the steps b
43. Command Display Fields 68 Table 5 35 SPC Command Parameters cccccccecsesesssesenseseeseeseceescescuseseesseeneseeneeaesiessseseesenseeneats 69 Table 5 36 User Command Summary ss 70 Table 5 37 User Add Commandant ne ne Pes 71 Table 5 38 User Delete Command Parameter sise 72 Table 5 39 User Logout Command Parameter sise 72 Table 5 40 User Set Command Parameters inserer 73 Table 5 41 User Logout Command Parameter sise 74 Table A 1 CPS 810 1610 Appliance Technical Specifications ss 75 Table B 1 Port Pin Assignments seen 77 Table B 2 Adaptors for Use with CAT 5 Cable ss 77 Table B 3 Reversing Adaptors and Cables ss 79 Table C 1 CPS Appliance Enterprise Traps Table D 1 Ports Used by CPS Appliance List of Tables xi xii CPS Installer User Guide Product Overview Features and Benefits Overview The CPS serial over IP network appliance provides non blocked access and control for serial devices such as routers power management devices and firewalls This includes Avocent SPC power control devices that provide advanced power management and security You may connect up to 8 serial devices to a CPS810 appliance and 16 serial devices to a CPS1610 appliance A single 10 100 Ethernet port provides network connectivity Two CPS appliances may be mounted in 1U of vertical space in a standard 19 inch rack Serial device access options You may choose from among several available Telnet options to access the CP
44. I Command Parameters nee 52 Table 5 12 Server FLASH Command Parameters sun 53 Table 5 13 Ping Command Parameter ss 54 Table 5 14 Server PPP Command Parameters inner 55 Table 5 15 Server RADIUS Command Parameters enr 56 Table 5 16 Server Security Command Parameters sis 57 Table 5 17 Server Set Command Parameters siennes 58 x CPS Installer User Guide Table 5 18 Server SNMP Command Parameter 58 Table 5 19 Server SNMP Community Command Parameters 59 Table 5 20 Server SNMP Manager Command Parameters c cccccccccccecceeseecseeeeseensetetnseeetneeeeees 59 Table 5 21 Server SNMP Trap Command Parameter ss 60 Table 5 22 Server SNMP Trap Destination Command Parameters 61 Table 5 23 Server SSH Command Parameters ss 61 Table 5 24 Show Command Summary ses 62 Table 5 25 Show Port Command Parameter siennes 62 Table 5 26 Show Port Command Display Fields for Console Ports 63 Table 5 27 Show Port Command Display Fields for SPC Ports 63 Table 5 28 Show Port Alert Command Parameter 64 Table 5 29 Show Server Command Display Fields 64 Table 5 30 Show Server CLI Command Display Fields ss 65 Table 5 31 Show Server Security Command Display Fields ss 67 Table 5 32 Show User Command Parameter siennes 68 Table 5 33 Show User Command Display Fields 68 Table 5 34 Show User All
45. IP address it is recommended that you use the existing key as SSH clients may be using it for verification If you are moving the CPS appliance to another location and changing the IP address you may wish to generate a new SSH server key Authenticating an SSH user SSH is enabled and disabled with the Server SSH command When you enable SSH you may specify the authentication method s that will be used for SSH connections The method may be a password an SSH key or both A user s password and SSH key are specified with a User Add or User Set command All SSH keys must be RSA keys DSA keys are not supported Table 3 2 lists and describes the valid SSH authentication methods that may be specified with a Server SSH command Table 3 2 SSH Authentication Methods Method Description SSH connections will be authenticated with a username password With this method a user s definition must include a valid password in order for that user to authenticate PW default an SSH session A password may authenticate to a DSView software or RADIUS server or to the local user database SSH connections will be authenticated with an SSH key With this method a user s KEY definition must include valid SSH key information in order for that user to authenticate an SSH session Key authentication is always local RADIUS is not supported For more information see SSH user keys on page 18 18 CPS Installer User Guide Table 3 2 SSH
46. L that any DSView software server may be used for authentication and DSView software server credentials will not be stored or validated DSCLEAR Clears any stored credentials used by the DSView software including the DSMode setting Enables or disables security lock out To enable specify the number of hours in the LOCKOUT lt hours gt lock out period in the range 1 99 To disable specify a zero value Default 0 disabled Server Set command The Server Set command changes CPS appliance address information You may specify one two or all three parameters A reboot is required if you change the IP address 58 CPS Installer User Guide Access right SCON Access level APPLIANCEADMIN Syntax SERVER SET IP lt ip address gt MASK lt subnet gt GATEWAY lt gtwy gt Table 5 17 Server Set Command Parameters Parameter Description IP lt ip_address gt IP address MASK lt subnet gt Subnet mask for the subnet on which the CPS appliance resides GATEWAY lt gtwy gt IP address of default gateway for routing IP packets Server SNMP command The Server SNMP command enables or disables SNMP UDP port 161 SNMP processing When you disable SNMP processing you may still enable and disable traps with the Server SNMP Trap command For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP ENABLE DISABLE Table 5 18
47. MP Manager command seen 59 Server SNMP Trap commandite mirent r elles Ir dettes 59 Server SNMP Trap Destination command ss 60 Server SSH COMMAONG arera too n ok eR REI nine nine 61 SHOW COMMONS ER RNA ls Soak heath ag shown Tobe 62 SHOW POFE COMMON Cisereh ae Go oeis vb ae ane enne se e aiaa aaide 62 Show Port Alert command sisi 64 Show Port In Out command ses 64 ISHOWASEIVEF COMMON LEE EE RER nll ae hr al mt 64 Show Server CELT COMMON 2 5 ns res nn a tite 65 SHOW Server PPP commandar en ea eer e e e eea 66 Show Server RADIUS command 66 Show Server Security command ss 66 Show Server SNMP command iii 67 Show User command sari sonaro o a A N E E R E Et 67 SPCCommand ENEA ENTE E TEA A EAEE AIEE EN EEE EENE EE AES 69 User EO rss ire nn Re Re PEE bo SEs AE ER 70 WSer2Add COMMON aee is e a a el iss 70 User Delete Command issues uh coils cks eine bases a ei trente tnt ir av Meee 72 User Logout command ss 72 User Set Commande nd Rene eme en tan ne 72 User CNlOCRCOMMOANG RTE se Baie as eve en hs ea Sis eee Ode 74 Appendices irii ainakin aaria raaa eataa nt ot et cee met t dense late ele eiaei iian 75 Appendix A Technical Specifications ss 75 Appendix B Device Cabling ss 77 Appendix C Supported Traps usines 82 Appendix Ds POVIS Used nent entend ere nn coe due eee div 85 vi CPS Installer User Guide vii jwenepeten Figure 2 1 16 port CPS Appliance Front Panel ss 5 Figure 2 2 1
48. NTS OF CONTENTS EIStOf FIG UNOS reece secs 28e nt dade dvncancecs a saute Mana ere a Men ann ste a dette vii LisSt of Tables ecann a AE N AAAA EENAA AUNA INEA ARARA TUERI aA ix Chapter 1 Product Overview ccccceceesceeeeeeeeeeeeeeeeeeeeeneeaneaneeseeeeeeseeeeessseaseaneeseeeeeneess 1 Features and Benefitssis sement entend ge A Seg RE TG 1 Safety Precautions or cid teh ESA LE PURE A PR Se PR PRE AR e MAUR AE donne Wat eae 2 Using DSView SOpWAre shih Mirek Motel air ate nee A de eee On clten e a dde Mat LU Ta 00 3 Chapter 2 Installation and Configuration ss 5 Hardware OVer Vie ARR MR eae ecole ese uni ack an eae nent etes ca 5 Installing the CPS Network Appliance nine 6 Configuring the CPS Appliance ss 7 Configuring the network addresses ss 7 Initial CPS appliance login NE E AEA AESA AAAA AA 9 Reinitializing the CPS Network Appliance sise 10 Chapter 3 Operations nanain nanne saaara aa aiena aaaea aiaeei anaana a eiaeia saaran 11 OVERVIEW AEE EATA A BP E ST EAA tes aes eae AEN 11 Configuring Serial Port Settings ss 11 Connecting to Serial Devices 13 Connecting to devices using Telnet ss 13 Connecting to devices from the serial CLI port 14 Configuring and using dial in connections ss 15 Connecting to devices using PPP sise 15 Connecting to devices using SSH is 16 Enabling plain text Telnet and SSH connections 19 Telnet CLL modestie aes a Ua aL GREER ne GR on ER 20 Ending Device Sessions
49. Once you are in port history mode you may issue the commands listed in Table 3 4 Only the first letter of the command is required Table 3 4 Port History Mode Commands Command Description Bottom B sets the view location to the bottom of the file minus 23 history display lines if available Clear C clears the port history buffer Next N increments the current history display line by the number of lines per page and outputs a new history display page Chapter 3 Operations 29 Table 3 4 Port History Mode Commands Continued EE SSS SSS Command Description Bray P decrements the current history display line by the number of lines per page and outputs a new history display page Quit Q returns to the normal CLI R leaves port history mode and CLI mode and resumes the session with the attached serial Resume device This single command is equivalent to sequentially using the Quit and Resume commands S searches the port history buffer for a specified text string Search strings with embedded spaces must be enclosed in quotes By default the search is case sensitive To ignore case enter i before the string To specify direction type u to search up from the current line toward the top of the buffer or d to search down from the current line toward the bottom of the buffer The search direction remains in Search effect for subsequent searches until you change the search direction
50. P command The Server PPP command enables or disables the PPP server on the serial CLI port For more information see Connecting to devices using PPP on page 15 Once the PPP server has been configured with this command by specifying the required addresses and masks those values remain in the database Later if you disable the PPP server and wish to reenable it with the same addresses you don t need to specify the address values again When you enable the PPP server the serial CLI port must already be defined When you enter this command you are prompted to confirm or cancel the specified changes Access right SCON Access level APPLIANCEADMIN Chapter 5 CPS Appliance Commands 55 Syntax SERVER PPP DISABLE ENABLE LOCALIP lt local_ip gt REMOTEIP lt rem_ip gt MASK lt subnet gt Table 5 14 Server PPP Command Parameters Parameter Description DISABLE ENABLE Disables or enables the PPP server IP address to be used to connect the CPS appliance over the PPP connection Must LOCALIP lt ocal_ip gt be on same subnet as REMOTEIP address IP address to assign to the PPP client end of the PPP connection Must be on same REMOVE IPS RME subnet as LOCALIP address MASK lt subnet gt LAN subnet for the PPP dial in client Examples The following command enables the PPP server with a local IP address of 192 168 0 1 a remote IP address of 192 168 0 2 and a subnet mask of 255 255 255 0 gt ser ppp
51. S network appliance and its attached serial devices e DSView management software which offers a built in enhanced Telnet client Third party Telnet clients Access to attached serial devices is also possible through a serial Command Line Interface CLI connection a PPP Point to Point Protocol dial in connection to a serial CLI modem or from a third party Secure Shell SSH client User authentication and data security The CPS user database supports up to 64 user accounts which include usernames passwords and or keys plus specifications of access rights to CPS appliance ports and commands User definitions may be changed at any time You may choose to have user access authenticated locally at the CPS user database at one or more DSView software servers or at one or more RADIUS Remote Access Dial In User Service servers Data security may be enhanced using industry standard SSH encryption Extensive command set The CPS network appliance offers a wide range of commands that allow administrators to easily configure control and display information about the CPS appliance operating environment including its ports user accounts and active sessions The user interface also offers descriptive 2 CPS Installer User Guide error message data and built in command help information On board Trivial File Transfer Protocol TFTP support allows administrators to upload new functionality to CPS appliances in the field Port history
52. SH password authentication will use either the access rights from the local user database the DS View software server or the values returned by the RADIUS server With either of the or methods PW KEY and KEY PW the user access rights are determined from the method used to authenticate the user With either of the and methods PW amp KEY and KEY amp PW the user access rights are determined from the first method specified If PW amp KEY is specified the access rights from the password authentication will be used If KEY amp PW is specified the access rights from the key authentication will be used For more information see Using Authentication Methods on page 24 SSH user keys A user s SSH key is specified in a User Add or User Set command You may define a key even if SSH is not currently enabled The key may be specified in one of two ways e When using the SSHKEY and FTPIP keyword pair to define the network location of a user s SSH key file the SSHKEY parameter specifies the name of the uuencoded Unix to Unix encoded public key file on an FTP server The maximum file size that can be received is 4K bytes The FTPIP parameter specifies the FTP server s IP address When this method is specified the CPS appliance initiates an FTP client request to the specified IP address The CPS appliance then prompts the user for an FTP username and password for connection When connected the CPS appliance will GET the specified ke
53. SNMP traps Destination Access right SCON Access level APPLIANCEADMIN Enables disables SSH session access to the CPS appliance and specifies the SSH Server SSH authentication method Access right SCON Access level APPLIANCEADMIN Displays port configuration information and statistics Show Port Access right SMON Access level ADMIN or APPLIANCEADMIN Show Port Alert Displays a port s alert strings Access right SMON Access level ADMIN or APPLIANCEADMIN Chapter 4 Using CPS Appliance Commands 41 Table 4 4 CPS Appliance Command Summary Continued Command Description Access Right and Access Level Show Server Displays CPS appliance configuration statistics and session information Access right SMON Access level ADMIN or APPLIANCEADMIN Displays information specified with the Server CLI command Show Server CLI Access right SMON Access level ADMIN or APPLIANCEADMIN Displays PPP settings Show Server PPP Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server RADIUS Displays RADIUS settings Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server Security Displays authentication and lock out settings Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server SNMP Displays SNMP configuration information Access right SMON Access level ADMIN or APPLIANCEADMIN Show User Displays user configuration and session information
54. Server IP 3 IP address of DSView software server number 3 Preauth Certs Preauthentication certificates Fingerprint Hex SSH key MD5 hash Fingerprint BB SSH key bubble babble Ping Reply Configured ping setting Enabled or Disabled Show Server SNMP command The Show Server SNMP command displays SNMP configuration information Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER SNMP Show User command The Show User command displays information about one or all users Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW USER lt username gt ALL 68 CPS Installer User Guide Table 5 32 Show User Command Parameter Parameter Description lt username gt ALL Username or All which requests a display of all defined users Default user currently logged in The Show User command display for one user includes the information in the following table Table 5 33 Show User Command Display Fields Field Contents User Username User s access level If a level was not configured access rights determine the level evel Users with SCON access gt APPLIANCEADMIN Users with USER or PCON but not SCON gt ADMIN Otherwise USER level is assigned Access User s access rights and preemption level Locked YES if user is locked out NO if not Last Login System up time value when the user logged in
55. TE lt ip_address gt Table 5 22 Server SNMP Trap Destination Command Parameters Parameter Description ADD DELETE Defines or deletes the specified destination lt ip_address gt IP address of trap destination Server SSH command The Server SSH command enables or disables SSH session access to the CPS appliance and specifies the SSH authentication method When you enable SSH all CPS sessions will be terminated if a CPS SSH server key must be generated You must also have previously specified an authentication method other than None with the Server Security command If you enable plain text Telnet connections with a Server Security command enabling SSH session access with the Server SSH command will add that as a valid connection method both plain text and SSH connections will be allowed For more information see Connecting to devices using SSH on page 16 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SSH ENABLE DISABLE AUTH lt auth gt Table 5 23 Server SSH Command Parameters Parameter Description ENABLE DISABLE Enables or disables SSH session access to the CPS appliance SSH authentication methods You must enter the entire value abbreviations are not permitted Valid values are PW Password authentication KEY Key authentication AUTH lt auth gt PWIKEY Password or key authentication KEY PW Key or password authentication PW amp KEY Password and key authentication KEY a
56. a device session that was initiated with a Connect command issue a Disconnect command DISCONNECT For more information see Server CLI command on page 51 Connect Command on page 43 and Disconnect Command on page 43 Configuring and using dial in connections You may attach an external modem to the serial CLI port for dial in serial CLI access to the CPS appliance This may be used as a backup connection if the unit is not accessible from the network It may also be used as a primary connection at remote sites that do not have Ethernet network capability The modem must be Hayes compatible To specify a modem initialization string 1 3 Issue a Show Server CLI command to ensure that the port where the modem is connected has been defined as the serial CLI port SHOW SERVER CLI Issue a Server CLI command using the Modeminit parameter to specify the modem initializa tion string SERVER CLI MODEMINIT lt string gt The string must be enclosed in quotes and must include at least the command settings ATV1 and SO 1 which cause the modem to issue verbose response strings and auto answer the phone on the first ring For more information see Server CLI command on page 51 The modem initialization string is sent to the cabled modem when any of the following conditions occur e CPS appliance initialization e Detection of a transition of DSR from low to high e Completion of a call when DCD changes from high to low Upon succ
57. access level from User Add and User Set Access commands Access User s access rights from User Add and User Set Access commands Duration Duration of user s session Displayed only when the command specifies a single port that is currently being accessed Displayed only when the command specifies a single port that is not being accessed Table 5 27 Show Port Command Display Fields for SPC Ports Field Content ONLINE indicates the SPC device is powered on OFFLINE indicates the SPC Status mae device is powered off Version SPC firmware version Sockets Number of sockets on the SPC device Minload Minimum load amp value from SPC command Maxload Maximum load amp value from SPC command 64 CPS Installer User Guide Table 5 27 Show Port Command Display Fields for SPC Ports Continued Field Content Wake Wakeup state for socket from SPC command ON Min Minimum On time from SPC command OFF Min Minimum Off time from SPC command Show Port Alert command The Show Port Alert command displays a port s alert strings Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW PORT lt port ALERT Table 5 28 Show Port Alert Command Parameter Parameter Description lt port gt Port number in the range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance Show Port In Out command The Show Port In Out command displays the translation se
58. address issue a Server SNMP Manager command with the Add parameter and the management entity s IP address You may define up to four SNMP management entity addresses using separate commands SERVER SNMP MANAGER ADD lt ip_address gt When you define at least one SNMP manager SNMP requests are processed if they are from one of the defined SNMP managers If a request is not from one of the defined SNMP managers the SNMP request is discarded 2 To delete an SNMP management entity address issue a Server SNMP Manager command with the Delete parameter and the management entity s IP address SERVER SNMP MANAGER DELETE lt ip_address gt If no management entities are defined any SNMP manager may access the MIB For more information see Server SNMP Manager command on page 59 To enable or disable SNMP traps 1 To enable SNMP traps issue a Server SNMP Trap command with the Enable parameter SERVER SNMP TRAP ENABLE The CPS appliance will display a numbered list of traps that are currently disabled with a prompt requesting you to select trap s to enable Indicate the traps to be enabled by entering a trap s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To enable all traps type ALL To cancel the command press Enter or To enable all SNMP traps issue a Server SNMP Trap command with the Enable and All parameters In this case the number
59. alues in its configuration database You have now completed the initial login and you may enter additional commands at the CLI prompt gt To configure other CPS appliance ports see Configuring Serial Port Settings on page 11 Reinitializing the CPS Network Appliance Reinitializing the CPS appliance removes configured information This may be useful when reinstalling the unit at another location in your network The CPS appliance stores configuration information in FLASH databases During reinitialization the FLASH erase has two phases The first phase erases the configuration database which contains all nonvolatile data except the IP address The second phase erases the IP address and restores the CPS appliance to its factory default settings To reinitialize the CPS appliance 1 Locate the recessed INIT button on the front of the CPS appliance An opened paper clip may be used to depress the button 2 Insert the end of the opened paper clip in the recess then depress and hold the button The ONLINE LED will blink indicating an initialization has been requested You have approxi mately seven seconds to release the button before any action is taken After seven seconds the ONLINE LED will blink more rapidly to confirm that the CPS config uration database has been erased Continuing to hold the INIT button for a few more seconds will erase the IP address as well The ONLINE LED will blink faster to confirm the deletion If any po
60. boot 56 Server Security 57 Server Set 57 Server SNMP 58 Server SNMP Community 58 Server SNMP Manager 59 Server SNMP Trap 59 Server SNMP Trap Destination 60 Server SSH 61 Show command summary 62 Show Port 62 Show Port Alert 64 Show Port In Out 64 88 CPS Installer User Guide Show Server 64 Show Server CLI 65 Show Server PPP 66 Show Server RADIUS 66 Show Server Security 66 Show Server SNMP 67 Show User 67 SPC 69 summary 38 syntax 36 User Add 70 User command summary 70 User Delete 72 User Logout 72 User Set 72 User Unlock 74 Configuration IP address and subnet mask 7 serial port settings 12 See also Port Connect command 43 Conventions in commands 36 D Device cabling 77 Device connection methods about 13 dial in 15 ending device sessions 20 from serial CLI port 14 preemption 21 session time out 21 using PPP 15 using SSH 16 using Telnet 13 Dial in connections about 15 displaying configuration information 15 65 specifying modem initialization string 15 51 Disconnect command 43 DSView software authentication using 24 57 clearing stored credentials 57 configuring network addresses using 7 connecting to devices 13 using 3 E Encryption configuring 57 displaying configuration information 66 F FLASH updating 53 G Gateway changing 57 configuring 7 displaying 64 H Hardware installation 6 Help command 44 History buffer about 28 accessing port history mode 29 46 clearing and
61. cify the authentication method 1 For RADIUS authentication issue a Server RADIUS command SERVER RADIUS PRIMARY SECONDARY IP lt radius_ip gt SECRET lt secret gt USER RIGHTS lt attr gt AUTHPORT lt udp gt TIMEOUT lt time out gt RETRIES lt retry gt Chapter 3 Operations 27 You must specify the server s IP address the UDP port to be used and a secret to be used You must also specify a user rights attribute value that matches a value in the RADIUS server s dictionary You may also use this command to delete a RADIUS server definition SERVER RADIUS PRIMARY SECONDARY DELETE For more information see Server RADIUS command on page 55 2 Issue a Server Security command using the Authentication parameter to specify the authenti cation method Use the Encrypt parameter to enable plain text Telnet connections SSH con nections or both SERVER SECURITY AUTHENTICATION lt auth gt ENCRYPT lt conns gt When SSH session access is enabled you must specify an authentication method other than None 3 You are prompted to save the information Enter Y to confirm or N to cancel To enable or disable authentication of serial CLI port sessions Issue a Server CLI command using the Auth parameter to enable disable serial CLI port authentication and the Preempt parameter to specify the preemption level To clear stored DSView software authentication credentials Issue a Server Security command using the DSClear pa
62. command In other words enabling disabling user authentication at the serial CLI port does not apply to PPP dial in connections Authentication summary The CPS appliance allows concurrent use of multiple authentication methods This allows Telnet SSH and DSView software clients to all access a single CPS appliance as long as the appropriate authentication methods are enabled For example if you enable local and DS authentication which is the default DS View software clients will always be authenticated using DS View software servers Telnet and SSH clients will be authenticated using the CPS local user database first and DS View software second Similarly if you enable DS and RADIUS authentication DSView software clients will always be authenticated using DS View software servers Telnet and SSH clients will be authenticated using the RADIUS servers As indicated above DSView software servers will always be used for DS View software clients For Telnet and SSH clients the order in which you specify the authentication methods determines the order in which each method is used For example if you enable local and RADIUS authentication in that order authentication uses the CPS user database If that fails authentication goes to the defined RADIUS servers If you enable RADIUS and local authentication in that order authentication goes first to the defined RADIUS servers If that fails the local CPS user database is used To spe
63. ct a LAN interface cable between the Ethernet hub or switch and the CPS LAN connector If you are using a rack mount kit follow the instructions included with the kit Connect serial devices to the CPS serial ports see Device Cabling on page 77 for cable information Connect each serial device to its appropriate power source following the device s documentation Attach a 10BaseT or 100BaseT LAN interface cable to the LAN connector on the back of the CPS appliance A CAT 5 cable is required for 100BaseT operation Insert the power cord into the back of the unit Insert the other end of the power cord into a grounded electrical receptacle Check that the POWER LED is illuminated If not check the power cable to ensure that it is inserted snugly into the back of the unit The ONLINE LED will illuminate within one minute to indicate that the self test is complete If the ONLINE LED blinks contact Avocent Technical Support for assistance Check that the LINK LED is also illuminated If not check the Ethernet cable to ensure that both ends are correctly inserted into their jacks If the unit is not correctly connected to an Ethernet hub or switch you will not be able to configure the appliance for operation If the unit is connected to a 100 MB Ethernet hub the 00MBps LED will also be illuminated Once the POWER ONLINE and LINK LEDs are illuminated proceed with the configuration process If you will be configuring the network address
64. d for distances greater than 100 feet Adaptors for Use with CAT 5 Cable Table B 2 lists the adaptors available from Avocent for use with CAT 5 cables Table B 2 Adaptors for Use with CAT 5 Cable Part Number Description 210122 RJ 45 to DB 9M DTE Adaptor 210120 RJ 45 to DB 9F DCE Adaptor 210124 RJ 45 to DB 25M DTE Adaptor 210123 RJ 45 to DB 25M DCE Adaptor 210125 RJ 45 to DB 25F DTE Adaptor 210121 RJ 45 to DB 25F DCE Adaptor 78 CPS Installer User Guide Table B 2 Adaptors for Use with CAT 5 Cable Continued Part Number Description 210127 RJ 45 to RJ 45 Male Adaptor for Cisco and Sun Netra console port 750238 CAT 5 Serial Starter Kit includes all the above adaptors Figure B 1 shows the pin assignments for the adaptors listed in Table B 2 CAT 5 Cable Adaptors RJ 45 8 pin RJ 45 8 pin DB 25 DCE cts 8 CTS 4 RTS DTR 7 n DTR DCD DSR GND GND GND TD TD RD RD e RD _ TD Lin 20 DTR 5 CTS 210120 210121 and 210123 RJ 45 8 pin DB 9 DTE RJ 45 8 pin DB 25 DTE CTS 8 8 CTS cts 8 CTS DTR 4 DTR DTR 7 DTR GND GND GND GND TD o TD TD TD RD SS RD RD RD 210122 210124 and 210125 Figure B 1 CAT 5 Cable Adaptor Pin Assignments Appendices 79 Reversing Adaptors and Cables Table B 3 lists the reversing adaptors and reversing cables available from Avocent Table B 3 Reversing Adaptors a
65. dditional help with the arp command After the above arp command is entered correctly launch a Telnet client to the assigned IP address Then continue with nitial CPS appliance login on page 9 To configure the CPS appliance using the serial CLI 1 By factory default port 1 of the CPS appliance is configured for the serial CLI To access the serial CLI attach a compatible device to port 1 The compatible device types are ASCII VT52 VT100 VT102 VT220 and VT320 4 Chapter 2 Installation and Configuration 9 For cable and adaptor information see Device Cabling on page 77 You may also use any terminal emulation program that is available on your system Configure your terminal or terminal emulation program as follows Baud rate 9600 Bits per character 8 Stop bits 1 Flow control None Press the Return or Enter key until a prompt appears requesting your username If you do not receive a prompt after pressing the key five times check your cable and serial settings to be sure that they are correct Proceed to Initial CPS appliance login on page 9 After you complete the CPS appliance configuration you may reconfigure the CLI on another port or disable it completely and use port 1 with an attached device For more information see Connecting to devices from the serial CLI port on page 14 Initial CPS appliance login The CPS appliance ships with a single user defined in its user database This predefined user has the
66. diately before the cursor is erased and all text at and to the right Backspace of the cursor moves one character to the left If the cursor is not at the beginning of the line the cursor moves one character to the Left Arrow left If the cursor is at the beginning of the line no action is taken A If the cursor is not at the end of the line the cursor moves one character to the right Right Arrow i ie If the cursor is at the end of the line no action is taken The CLI maintains a buffer containing the last 16 typed command lines If there is a Up Arrow previous command line it will be output as the current command line and may be edited If there is no previous command line in the command line buffer the command line is set to blanks and you may enter a new command The next command in the CLI command line buffer is made available for edit If there Down Arrow is no next command line the command line is set to blanks and you may enter a new command The character at the cursor position is deleted and all characters to the right of the Delete sg cursor position are moved left one character 36 CPS Installer User Guide Table 4 2 lists the line editing operations for ASCII TTY devices There is no command line buffer available on an ASCII TTY device Table 4 2 Line Editing Operations for ASCII TTY Devices Operation Action Backspace Erases the last character typed Esc Erases the current command lin
67. discarding contents 30 commands in history mode 28 controlling content when session ends 30 51 controlling display at connection 29 51 displaying configuration information 65 Initial login 9 Installation configuring addresses 7 hardware 6 IP address changing 57 configuring 7 displaying 64 L LEDs 5 Line editing operations ASCII TTY devices 36 VT100 compatible devices 35 Lock out See Security lock out Login 9 Logout 47 72 Modem See Dial in connections Modular adaptors 77 P Port command summary 44 configuring settings 12 default settings 11 displaying settings 12 62 pin assignments 77 session time out 21 See also History buffer and SNMP Port Alert Add command 45 Port Alert Copy command 45 Index 89 Port Alert Delete command 46 Port alert strings See SNMP Port Break command 46 Port History command 46 Port Logout command 47 Port Set command 47 Port Set In Out command 49 Ports used by appliance 85 PPP about 15 displaying configuration information 16 66 enabling disabling server 16 54 Preemption 21 Q Quit command 50 R RADIUS about 25 configuring 26 55 57 displaying configuration information 27 66 Reinitialization 10 Resume command 50 S Security lock out about 27 enabling disabling 28 57 unlocking a user 28 74 Server CLI command 51 Server command summary 51 Server FLASH command 53 Server PPP command 54 Server RADIUS command 55 90 CPS Installer User Guide Se
68. dministrator access level which enables access to all ports and CPS appliance commands gt user add JDoe access applianceadmin 72 CPS Installer User Guide User Delete command The User Delete command removes a username entry from the CPS user database The username may no longer be used to authenticate a session with the CPS appliance If the specified user is currently logged in a message is output to the user indicating that access is no longer permitted and the Telnet session is terminated Access right USER Access level ADMIN or APPLIANCEADMIN Syntax USER DEL lt username gt Table 5 38 User Delete Command Parameter Parameter Description lt username gt Username to be deleted User Logout command The User Logout command terminates a user s active sessions on the CPS appliance If the specified user has no active sessions an error message is displayed For all active sessions that are terminated a message is sent to the Telnet client and the Telnet connection is dropped Access right USER Access level ADMIN may log out all except APPLIANCEADMIN or APPLIANCEADMIN Syntax USER LOGOUT lt username gt Table 5 39 User Logout Command Parameter Parameter Description lt username gt Username to be logged out User Set command The User Set command changes a user s configuration in the user database For more information see Managing User Accounts on page 22 and Access rights and
69. e When commands take effect Each command is completely processed before the next command may be entered Some commands prompt for confirmation before they are processed In these cases you must confirm or cancel by entering Y or N respectively If you enter a Server FLASH command or if you change the CPS appliance IP address with a Server Set command a reboot is required before the change becomes effective In these cases the CPS database is updated when you enter the command and you are prompted that the change will not take effect until the CPS appliance reboots You may choose to reboot at that time or you may decline When the unit reboots your session and all other sessions on the CPS appliance are terminated Understanding Conventions This section describes the parts of a CPS appliance command and the conventions used in this document to describe a command s syntax Command syntax A command may have four types of syntax positional commands positional parameters keyword parameters and keyword values The following examples demonstrate the syntax types The following Set Port command changes the baud rate and flow control settings for port 2 gt PORT 2 SET BAUD 57600 FLOW XONXOF Table 4 3 Command Syntax Types in Example Command Value Syntax PORT Positional command 2 Positional parameter that indicates the port number for the command SET Positional command that indicates port settings are to be
70. e has not been changed with a Port Set command the logical name is displayed For more information see Show Port command on page 62 Connecting to Serial Devices The CPS network appliance offers several methods for connecting to attached serial devices Telnet serial CLI PPP and SSH Connecting to devices using Telnet Each CPS serial port is directly addressable through a unique TCP port that provides a connection to the attached serial device You may connect using either SSH or plain text DSView management software The Avocent DSView management software offers an interface to access devices attached to Avocent digital Keyboard Video and Mouse KVM appliances and CPS network appliances The Telnet client built into the DS View software uses Windows server based authentication and authentication servers to control access Third party Telnet clients may also be supported with DSView management software For more information see the DS View Installer User Guide Standalone third party Telnet clients You may use third party Telnet clients to access the CPS appliance directly without DS View management software To connect to a device using Telnet Type telnet followed by the CPS IP address and the appropriate TCP port which by default is 3000 plus the physical port number in decimal format The TCP port number may be changed for any CPS port For example the following Telnet command connects to the serial device attached to
71. ection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correct the interference at his own expense Canadian Notification This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the Radio Interference Regulations of the Canadian Department of Communications Le pr sent appareil num rique n met pas de bruits radio lectriques d passant les limites applicables aux appareils num riques de la classe A prescrites dans le R glement sur le brouillage radio lectrique dict par le Minist re des Communications du Canada Japanese Approvals OMI HAULERS AEE AEM RA V CCI DE iz ES J TAANMEMNENMTS SOR LA R CENTS LEUR dkt E t LAANET ZORA AREA MES SLOBRKRENZILMSVET Safety and EMC Standards FCC P 15 Class A EN55022 EN61000 3 2 EN61000 3 3 EN60950 EN55024 ETL UL 1950 CSA 22 2 No 950 This document is written for use with the CPS serial over IP network appliance application version 3 0 or later References to DSView management software apply to version 3 0 or later TABLE OF CONTE
72. ed list is not displayed SERVER SNMP TRAP ENABLE ALL 32 CPS Installer User Guide To disable SNMP traps issue a Server SNMP Trap command with the Disable parameter SERVER SNMP TRAP DISABLE The CPS appliance will display a numbered list of traps that are currently enabled with a prompt requesting you to select trap s to disable Indicate the traps to be disabled by entering a trap s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To disable all traps type ALL To cancel the command press Enter or To disable all SNMP traps issue a Server SNMP Trap command with the Disable and All parameters In this case the numbered list is not displayed SERVER SNMP TRAP DISABLE ALL For more information see Server SNMP Trap command on page 59 and Supported Traps on page 82 To add or delete SNMP trap destination addresses 1 To add an SNMP trap destination address issue a Server SNMP Trap Destination command with the Add parameter and the destination s IP address You may define up to four destination addresses using separate commands SERVER SNMP TRAP DESTINATION ADD lt ip_address gt To delete an SNMP trap destination address issue a Server SNMP Trap Destination command with the Delete parameter and the destination s IP address SERVER SNMP TRAP DESTINATION DELETE lt ip_address gt For more information see Server SNMP Tra
73. elow for the fastest possible service 1 Check the pertinent section of the manual to see if the issue can be resolved by following the procedures outlined 2 Check our web site at www avocent com support to search the knowledge base or use the on line service request 3 Call Avocent Technical Support for assistance at 888 793 8763 Visit the Avocent web site at http www avocent com support and click on Support Phone Numbers for current phone support hours 87 BBR A Access rights and levels about 23 changing 24 configuring 24 displaying 24 Adaptors 77 Authentication configuring 26 57 displaying configuration information 27 66 summary 26 types 24 using DSView software 24 57 See also RADIUS B BootP 7 Buttons 5 Cc Cabling 77 CLI accessing 35 changing the access character 20 47 51 displaying access character 65 displaying the access character 20 mode Telnet CLI 20 CLI port configuring 14 51 connecting to device from 14 displaying configuration information 14 Commands Connect 43 conventions 36 Disconnect 43 Help 44 line editing for ASCH TTY devices 36 line editing for VT100 compatible devices 35 Port Alert Add 45 Port Alert Copy 45 Port Alert Delete 46 Port Break 46 Port command summary 44 Port History 46 Port Logout 47 Port Set 47 Port Set In Out 49 Quit 50 Resume 50 Server CLI 51 Server command summary 51 Server FLASH 53 Server PPP 54 Server RADIUS 55 Server Re
74. equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading e Circuit Overloading Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of circuits might have on overcurrent protection and supply wiring Consider equipment nameplate ratings for maximum current e Reliable Earthing Reliable earthing of rack mounted equipment should be maintained Pay particular attention to supply connections other than direct connections to the branch circuit for example use of power strips Chapter 1 Product Overview 3 Using DSView Software The DSView management software may be used to manage CPS appliances and access attached devices Using DSView software you may perform most of the operations that are described in this manual This manual describes how to manage a CPS appliance by entering commands using the CLI The DSView Installer User Guide describes how to manage a CPS appliance using the DSView software graphical interface 4 CPS Installer User Guide Installation and Configuration Hardware Overview Figure 2 1 shows the front panel of a 16 port CPS network appliance Figure 2 1 16 port CPS Appliance Front Panel The lower left area of the front panel contains five LEDs and two buttons which are described in Table 2 1 Table 2 1 LEDs and Buttons LED Button Description POWER The POWER LED illumina
75. erOnDetected The CPS appliance detected that a port s power on off control signal is in the state indicating power is on This trap is sent upon initialization if the condition is detected Subsequent traps are sent only if this signal changes state Variables server name and port number powerOffDetected The CPS appliance detected that a port s power on off control signal is in the state indicating power is off This trap is sent upon initialization if the condition is detected Subsequent traps are sent only if this signal changes state Variables server name and port number SPCOnline An SPC device is online This trap is sent upon initialization of the SPC device if it is online and responding Subsequent traps are sent if the SPC device changes from offline to online Variables SPC location name and CPS appliance port number SPCOffline An SPC device is offline This trap is sent upon initialization of the SPC device if it is not responding Subsequent traps are sent if the SPC device changes from online to offline Variables SPC location name and CPS appliance port number SPCLoginError An SPC device has a login error This occurs when the appliance is unable to log in to the SPC device using the username configured in the appliance Variables SPC location name CPS appliance port number username attempting to log in SPCSocketOn Command The On command was issued to an SPC socket Variables
76. ess character when pressed simultaneously with the Ctrl key during a session with an attached serial device will suspend the session with the device and place you in CLI command mode This value will be used if a port s Port Set command contains a Char None parameter Default d CONNECT ON OFF Enables or disables the ability to use the Connect command from the serial CLI port When enabled a serial CLI user may use the Connect command to establish a connection to the serial device attached to another CPS appliance serial port When disabled you cannot use the Connect command from the serial CLI port Default ON HISTORY HOLD AUTO CLEAR KEEP Port history file processing options during connection Hold or Auto and when a session ends Clear or Keep Hold Upon connection you are informed of how much data is in the history buffer but the data is not displayed Auto Upon connection you are informed of how much data is in the history buffer and it is then displayed Clear The history buffer s content is cleared when a session ends Keep The history buffer s content is retained when a session ends You cannot specify both Clear and Keep or both Hold and Auto Default HOLD CLEAR Chapter 5 CPS Appliance Commands 53 Table 5 11 Server CLI Command Parameters Continued EEE rs Parameter Description Modem initialization string enclosed in quotation marks Must contain at least MODEMINIT lt string gt
77. ess gt Command and port access rights or level You may specify multiple access rights separated by commas or a level If specifying access rights you may use one of three forms ACCESS lt access gt to specify all access rights ACCESS lt access gt to specify only access rights to be added ACCESS lt access gt to specify only access rights to be deleted Valid values for access rights are P lt n gt Access to the specified port number P lt x y gt Access to the specified range of ports PALL Access to all ports USER User configuration access rights PCON Port configuration access rights SCON Configuration access rights SMON Monitor access rights BREAK Can issue Port Break command Valid values for access levels are ADMIN PALL USER SMON PCON and BREAK access rights APPLIANCEADMIN PALL USER SCON SMON PCON and BREAK access rights Default PALL SMON PREEMPT 1 2 314 Preemption level in the range 1 lowest 4 highest Default 4 highest 74 CPS Installer User Guide Examples The following command sets the access rights for JohnDoe enabling access to all ports with configuration and monitoring access rights and specifying a preemption level of three gt user set JohnDoe access pall scon smon pre 3 The following command removes the server configuration access right for JohnDoe and leaves other access rights intact gt user set JohnDoe access SCON The following command delete
78. essful modem connection press the Enter key until the login prompt appears To display modem configuration information Issue a Show Server CLI command SHOW SERVER CLI For more information see Show Server CLI command on page 65 Connecting to devices using PPP The CPS network appliance supports remote PPP access using an auto answer modem that answers calls and establishes the PPP protocol with a dial in client 16 CPS Installer User Guide The PPP dial in may be used to access a remote CPS appliance that does not warrant a WAN Wide Area Network link to the Ethernet interface In this case the PPP connection allows a remote PC with Telnet capability to dial the CPS appliance and then establish a Telnet connection to a port The PPP dial in may also be used to access a subnet containing remote CPS devices in the event of a WAN link failure In this case the PPP provides an alternate path to one or more remote CPS devices Once the PPP connection is established you must launch an application that connects to the CPS appliance or to one of its ports The PPP connection is only a communications interface to the CPS appliance The CPS appliance implements a PPP server that uses CHAP Challenge Authentication Protocol Passwords are not accepted in the clear on PPP connections The authentication of PPP dial in connections is not affected by enabling disabling the server level CLI port authentication parameter See Preemption
79. figured as an SPC you cannot change the serial port settings However you may use the SPC command to change certain configuration values for the SPC and its individual sockets SPC lt port gt ALL MINLOAD lt amps gt MAXLOAD lt amps gt SOCKET lt socket gt ALL WAKE ON OFF ONMIN lt time gt OFFmin lt time gt For more information see Port Set command on page 47 and SPC Command on page 69 When you specify TD SPC you may configure the SPC device and control its individual sockets using DSView software Existing users who already have an SPC device and use its native command interfaces should specify TD Console To display serial port settings Issue a Show Port command SHOW PORT lt port gt ALLINAMES When you request information about a console port the display includes configuration information current power status if power status monitoring has been enabled plus transmit receive and error counts When you request information about a single console port and a user is currently accessing Chapter 3 Operations 13 that port the display also includes the username access rights and other information about the current session When you request information about a single SPC port the display includes information configured with the SPC command A Show Port All command will indicate which ports are SPC ports When you request information about port names the display includes the port numbers and names If a port s nam
80. he connecting user s preemption level is lower than the current user s preemption level the connecting user will receive an Jn Use message and the connection will be dropped e Ifthe connecting user s preemption level is equal to or higher than the owning user s preemp tion level an Jn Use by owning user message will be displayed The connecting user may then choose to preempt the current user s session If the current user s session is preempted an appropriate message is displayed 22 CPS Installer User Guide A server level preemption level may also be configured with the Server CLI command This value is used when authentication is disabled on the serial CLI port and a user on that port attempts to connect to another port that is already in use For example assume authentication has been disabled on the serial CLI port A user starts a session on the serial CLI port without having to log in with a username and password then attempts to connect to port 7 which is already in use by another user Since the CLI port user s preemption level is not known because no authentication occurred during login the configured server level preemption level is used e Ifthat preemption level is lower than the current port 7 user s preemption level the connection to port 7 will not be allowed e Ifthat preemption level is equal to or higher than the current port 7 user s preemption level the serial CLI port user may choose
81. he device and place you in CLI command mode If None is specified the value specified in the Char parameter of the Server CLI command will be used Default None TOGGLE NONE DTR When set to DTR the CPS appliance will toggle the ports DTR out signal off for 1 2 second each time a connection is made to the port This toggle is required to awaken the console port of some devices Default None POWER lt signal gt Control signal to monitor and the state that indicates the target device has power on The entire value must be specified abbreviations are not allowed The power status monitoring signal cannot also be used for flow control Valid values are None Disables power status monitoring HICTS CTS high indicates power on LOCTS CTS low indicates power on HIDCD DCD high indicates power on LODCD DCD low indicates power on HIDSR DSR high indicates power on LODSR DSR low indicates power on Default None Example The following command sets a baud rate of 57600 and enables XON XOFF flow control on port 2 gt port 2 set baud 57600 flow xonxof Port Set In Out command The Port Set In Out command specifies how carriage returns CR and linefeeds LF are treated in incoming or outgoing serial data on one or all ports Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN 50 CPS Installer User Guide Syntax PORT lt port gt ALL SET INJOUT CR lt cr gt LF lt f gt CRLF CR Table 5 9 Port
82. he history buffer contains any data received while you were in CLI mode Access right none needed Access level all Syntax RESUME Server Commands Chapter 5 CPS Appliance Commands 51 The Server command has several forms as listed in Table 5 10 Table 5 10 Server Command Summary Command Description Server CLI Specifies the serial CLI port type and access character modem initialization string port history mode operations and port time out value It also enables disables device connection from the CLI port Server FLASH Updates the units FLASH Enables disables response to ping requests Server Ping Server PPP Enables disables PPP connections to the serial CLI port Server RADIUS Specifies RADIUS server parameters Server Reboot Reboots the unit Specifies user authentication method enables disables security lock out and Server Security enables disables connection methods Server Set Changes the CCM appliance network configuration Server SNMP Enables disables UDP port 161 SNMP processing Server SNMP Community Defines read write and trap SNMP community strings Server SNMP Manager Defines deletes SNMP management entities Server SNMP Trap Enables disables SNMP traps Server SNMP Trap Destination Defines deletes destinations for enabled SNMP traps Server SSH Enables disables SSH session access to the CPS appliance and specifies
83. he user is denied CPS access If the username and password are successfully validated on the RADIUS server the RADIUS server returns an attribute that indicates the access rights defined for that username To use RADIUS authentication you must specify information about the primary RADIUS server and optionally a secondary RADIUS server to be used as a backup The RADIUS server definition values specified in CPS appliance commands must match corresponding values configured on the RADIUS server On the RADIUS server you must include CPS appliance specific information the list of valid users their access rights for the CPS appliance and their preemption levels Each user rights attribute in the RADIUS server s dictionary must be specified as a string containing the user s access rights level for the CPS appliance exactly matching the syntax used in the CPS User Add command The access rights should be followed by a space the Preempt keyword and preemption value Consult your RADIUS administrator s manual for information about specifying users and their attributes The exact process depends on the RADIUS server you are using No authentication When authentication is disabled users are not authenticated Telnet sessions to serial ports are accepted immediately and users are not prompted for a username or password In this case users are granted access only to the port to which they are connected including Break access Connections to
84. information with BootP remove power from the CPS appliance Chapter 2 Installation and Configuration 7 WARNING The CPS appliance and all attached devices should be powered down before servicing the unit Always disconnect the power cord from the wall outlet Configuring the CPS Appliance To configure the CPS network appliance you must specify a unique IP address plus other network address information This information will be stored in the CPS configuration database During initial login you will specify a password for the Admin user Configuring the network addresses You may use any of four methods to configure the network information DS View software BootP Telnet Command Line Interface CLD or the serial CLI on port 1 These methods work as documented on most Windows and UNIX systems however the actual implementation on your system may differ from the instructions provided Refer to your system administrator guide To configure the network addresses using DSView software Using the DSView software installation wizard is the easiest method to configure the CPS appliance IP address subnet mask and gateway See the DSView Installer User Guide for instructions After the network addresses are configured see nitial CPS appliance login on page 9 To configure the network addresses using BootP 1 Ensure that there is a BootP server on your network that is configured to correctly respond to a BootP request from the CPS a
85. ion for the string connected to ignoring case PORT HISTORY gt s d i connected to Port Logout command The Port Logout command terminates the CPS appliance session on a specified port Access right USER Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt LOGOUT Table 5 7 Port Logout Command Parameter Parameter Description lt port gt Port number in the range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance Port Set command The Port Set command changes serial port settings in the CPS configuration database At least one keyword parameter and value must be specified Some changes become effective upon the next connection to the port For more information see Configuring Serial Port Settings on page 11 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt ALL SET TD lt device gt NAME lt name gt BAUD lt baud gt SIZE lt size gt PARITY lt parity gt 48 CPS Installer User Guide STOP lt stopbits gt FLOW lt signal gt TIMEOUT lt time out gt SOCKET lt sockef CHAR lt cli_char gt TOGGLE NONE DTR POWER lt signal gt Table 5 8 Port Set Command Parameters Parameter Description A port number in range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance a range of ports separated by a hyphen or multiple port numbers lt port gt ALL separated by commas or All which indicates that the se
86. mand on page 45 Port Alert Copy command on page 45 and Port Alert Delete command on page 46 To display SNMP configuration information Issue a Show Server SNMP command SHOW SERVER SNMP The display includes information specified with the Server SNMP Server SNMP Community Server SNMP Manager Server SNMP Trap and Server SNMP Trap Destination commands For more information see Show Server SNMP command on page 67 To display port alert string information Issue a Show Port Alert command specifying a port number SHOW PORT lt porf gt ALERT The display lists all the port s defined alert strings For more information see Show Port Alert command on page 64 34 CPS Installer User Guide 35 Using CPS Appliance Commands Accessing the CLI You may access the CLI in three ways using the Telnet CLI using the serial CLI or entering the CLI access character during a session to a serial device When the CLI is accessed its prompt appears gt indicating you may type a command Entering Commands At the command prompt type a command and then press Return or Enter When the key is pressed the command line comprises all characters to the left of the cursor The character at the cursor and any characters to the right of the cursor are ignored Table 4 1 lists the line editing operations for VT100 compatible devices Table 4 1 Line Editing Operations for VT100 Compatible Devices Operation Action The character imme
87. mber If the upgrade was successful the two version numbers will match userAdded A new user has been added to the CPS appliance user database Variables command issued by username and new username userDeleted A user has been deleted from the CPS appliance user database Variables command issued by username and deleted username userModified A user s definition has been modified in the CPS appliance user database Variables command issued by username and modified username Appendices 83 Table C 1 CPS Appliance Enterprise Traps Continued Trap Description and Variable s userAuthentication A user failed to authenticate with the CPS appliance Failure Variable username factoryDefaultsSet The CPS appliance has received a command to set itself to factory default values The appliance sends this trap after receiving the command but before actually reverting to factory default values portAlert The CPS appliance detected a port alert string on a serial port Variables server name port number and port alert string configurationFile Loaded The CPS appliance has loaded a configuration file This trap applies to DSView software Variables command issued by username and name of loaded file userDatabaseFile Loaded The CPS appliance has loaded a user database file This trap applies to DSView software Variables command issued by username and name of loaded file pow
88. mmands 39 Table 4 4 CPS Appliance Command Summary Continued M a SSSSS A Command Description Access Right and Access Level Copies a port s alert strings to another port Port Alert Copy Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Port Alert Delete Deletes one or more port alert strings Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Port Break Sends a break signal to the attached device Access right BREAK Access level ADMIN or APPLIANCEADMIN Port History Accesses the port history buffer Access right none needed Access level all Port Logout Terminates the CPS session on a specified port Access right USER Access level ADMIN or APPLIANCEADMIN Port Set Changes port settings Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Quit Terminates the current CPS session Access right none needed Access level all Resume Resumes device connection after being in CLI mode Access right none needed Access level all Server CLI Specifies the serial CLI port port type and access character enables disables device connection from the CLI port and authentication of CLI port sessions specifies a modem initialization string specifies port history mode operations and a port time out value Access right SCON Access level APPLIANCEADMIN Server FLASH U
89. mp PW Key and password authentication Default PW 62 CPS Installer User Guide Show Commands The Show command has several forms as listed in Table 5 24 Table 5 24 Show Command Summary Command Description Show Port Displays configuration information and statistics for one or all ports Show Port Alert Displays port alert strings Show Port In Out Displays how carriage returns and linefeeds are treated Show Server Displays CPS configuration information and statistics Show Server CLI Displays CPS CLI settings Show Server PPP Displays CPS PPP settings Show Server RADIUS Displays CPS RADIUS settings Show Server Security Displays CPS authentication connection and security lock out settings Show Server SNMP Displays SNMP configuration information Show User Displays user configuration and session information Show Port command The Show Port command displays configuration and status information about one or all ports Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW PORT lt port gt ALL INAMES The SHOW PORT NAMES command display includes the port numbers and names If a port has not been given a name with a Port Set command the default name is displayed A default name contains the last three octets of the MAC address plus the port number Table 5 25 Show Port Command Parameter Parameter Descriptio
90. n Either a port number in the range 1 8 for a CPS810 appliance or 1 16 for a lt port gt CPS1610 appliance ALL to display information about all ports or NAMES to display only port names Default your port Chapter 5 CPS Appliance Commands 63 Table 5 26 and Table 5 27 list the display fields for a Show Port command that specifies one or all ports Table 5 26 Show Port Command Display Fields for Console Ports Field Content Port Port number Serial Port Settings Comma separated string of port values baud rate number of bits parity stop bits flow control socket number time out value and CLI access character from Port Set command The CLI character is preceded by POR CLI if it was defined with a Port Set command or by SER CLI if it was defined with a Server CLI command TX Bytes Number of bytes transmitted RX Bytes Number of bytes received Errors Number of TX RX parity and framing errors Bower Device power status if monitoring is enabled ON indicates the device is on OFF indicates the device is off If monitoring is disabled this field is blank Toggle Toggle value from Port Set command Power Signal Signal and state being monitored for device power status from Port Set command Logical name Logical port name which contains last three octets of MAC address plus the port number User Username from User Add command Level User s
91. n the range 1 65535 This value is usually 1645 but may be 1812 Default 1645 TIMEOUT lt time out gt Number of seconds to wait for a response from the RADIUS server in the range 1 60 Default 5 RETRIES lt retry gt Number of attempts to make to authenticate a user after a time out in the range 1 10 Default 3 DELETE Deletes the RADIUS server definition Examples The following command specifies primary RADIUS server information default values will be used for the UDP port time out and retries values gt ser radius primary ip 192 168 0 200 secret ThePrimaryRadSecret user rights 86 The following command deletes the primary RADIUS server definition gt ser radius primary del Server Reboot command The Server Reboot command reboots the CPS appliance During a reboot any active Telnet sessions including your own are terminated and all users are informed accordingly Any configuration changes that require a reboot will become effective when the reboot completes When you enter this command you are prompted to confirm or cancel the reboot Access right SCON Access level APPLIANCEADMIN Syntax SERVER REBOOT Chapter 5 CPS Appliance Commands 57 Server Security command The Server Security command specifies the authentication method enables disables access methods and enables disables security lock out For more information see Using Authentication Methods on page 24 Enabli
92. name Admin no password and has the Appliance Administrator access level The first time you connect to the CPS network appliance you are prompted for a username To log in to the CPS appliance for the first time 1 At the Username prompt type Admin There is no factory default password for the Admin user At the Password prompt press Return Avocent CPS16xx S W Version x x ASCIT Username Admin Password Authentication Complete CPS configuration is required Once authentication completes the CPS appliance prompts for any missing configuration val ues that are required for operation If you already provided the IP address subnet mask and gateway you will not be prompted for those values again If you have not already provided the network information you will be prompted for them Enter the addresses using standard dot notation CPS configuration is required Enter CPS IP address gt 192 168 0 5 Enter CPS Subnet mask gt 255 255 255 0 Enter CPS Gateway address gt 0 0 0 0 You are prompted for a new Admin password Passwords are case sensitive and must contain 3 16 alphanumeric characters You must enter the new password twice to confirm that you entered it correctly 10 CPS Installer User Guide Enter CPS New Admin Password gt Confirm New Admin Password gt After you have provided the required configuration information a confirmation message appears while the CPS appliance stores the v
93. nd Cables Part Number Description 210094 RJ 45 to DB 9M DTE Adaptor 210095 RJ 45 to DB 9F DCE Adaptor 210090 RJ 45 to DB 25M DTE Adaptor 210092 RJ 45 to DB 25M DCE Adaptor 210091 RJ 45 to DB 25F DTE Adaptor 210093 RJ 45 to DB 25F DCE Adaptor 210105 RJ 45 to RJ 45 Male Adaptor for Cisco and Sun Netra console port 690226 10 foot 8 wire Reversing Modular Cable 690227 25 foot 8 wire Reversing Modular Cable 690228 75 foot 8 wire Reversing Modular Cable 750122 Wiring Starter Kit 8 wire includes all the above adaptors and one 690226 cable Figure B 2 shows the pin assignments for the adaptors listed in Table B 3 80 CPS Installer User Guide Reversing Cable Adaptors RJ 45 8 pin DB 9 DTE RJ 45 8 pin DB 25 DTE RTS 8 RTS RTS 8 4 RTS 7 DSR 7 6 DSR DSR 7 6 DSR cD 1 CD CD 6 8 CD RD 2 RD RD 3 RD TD 3 TD TD 2 TD 5 7 4 8 210094 210090 and 210091 RJ 45 8 pin DB 9 DCE RJ 45 8 pin DB 25 DCE RTS 8 8 CTS RTS 5 CTS DSR cle 4 DTR DSR 20 DTR CD 6 DSR CD DSR RD 3 TD RD TD TD 2 RD TD RD 5 GND 1 CD 7 RTS 210095 210092 and 210093 Figure B 2 Reversing Cable Adaptor Pin Assignments If you choose to use a non Avocent reversing cable make sure the cable is reversing as shown in Figure B 3 Appendices 81 8 WIRE RTS 1 8 RTS DSR 2 7 DSR CD 3 6 CD RD 4 5 RD TD 5 4 TD GND 6 3 GND DTR 7 2 DTR CTS 8 1 CTS lt g
94. ng plain text Telnet and SSH connections on page 19 and Using security lock out on page 27 When you enter this command you are prompted to confirm or cancel the specified information Access right SCON Access level APPLIANCEADMIN Syntax SERVER SECURITY AUTHENTICATION lt auth gt ENCRYPT lt conns gt DSMODE SECURE TRUSTALL DSCLEAR LOCKOUT lt hours gt Table 5 16 Server Security Command Parameters Parameter Description Authentication method Multiple values may be specified separated by commas Valid values are DS Use DSView software server s for authentication AUTHENTICATION LOCAL Use the local CPS user database to authenticate users lt auth gt RADIUS Use the previously defined RADIUS server s to authenticate users NONE Do not authenticate users This method cannot be used when SSH access is enabled and it cannot be combined with other authentication methods Default LOCAL DS Enables disables plain text Telnet or SSH connections To enable both specify both values separated by a comma Valid values are ENCRYPT lt conns gt SSH Enables SSH connections None Enables plain text Telnet connections Default None Specifies the mode when DSView software authentication is used Secure indicates authentication will be locked to one DSView software server after initial access and DSMODFZSECURE DSView software server and appliance credentials will be stored Trustall indicates TRUSTAL
95. o L Avocent CPS Installer User Guide CPS810 CPS1610 INSTRUCTIONS This symbol is intended to alert the user to the presence of important operating and maintenance servicing instructions in the literature accompanying the appliance DANGEROUS VOLTAGE This symbol is intended to alert the user to the presence of uninsulated dangerous voltage within the products enclosure that may be of sufficient magnitude to constitute a risk of electric shock to persons POWER ON This symbol indicates the principal on off switch is in the on position POWER OFF This symbol indicates the principal on off switch is in the off position PROTECTIVE GROUNDING TERMINAL This symbol indicates a terminal which must be connected to earth ground prior to making any other connections to the equipment CPS810 1610 Installer User Guide Avocent the Avocent logo The Power of Being There and DS View are registered trademarks of Avocent Corporation All other marks are the property of their respective owners 2004 Avocent Corporation All rights reserved USA Notification Warning Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Note This equipment has been tested and found to comply with the limits for a Class A digital device pursuant to Part 15 ofthe FCC rules These limits are designed to provide reasonable prot
96. o view the port s history buffer content This is the default mode 30 CPS Installer User Guide e If Auto is specified the number of bytes in the history buffer is displayed and the entire con tent of the buffer is output to the Telnet session In this mode the history buffer s content may be reviewed in the Telnet client s scrolling window You may also use the Port History com mand to view the port s history buffer content To control the port history buffer content when you end a session Issue a Server CLI command using the History parameter to specify the Clear or Keep option SERVER CLI HISTOR Y CLEAR KEEP e If Clear is specified the port history buffer is cleared and all data is discarded at the end of a session e If Keep is specified the port history buffer s content is retained at the end of a session To clear and discard all data in a port history buffer Issue a Clear command while you are in port history mode CLEAR or Issue a Server CLI command indicating History Clear SERVER CLI HISTORY CLEAR In this case the port s history buffer is cleared at the end of each device session Managing the CPS Appliance Using SNMP The CPS serial over IP network appliance provides a set of commands that create and manage SNMP structures for use by third party network management products These commands cover the following operations e Enabling and disabling SNMP UDP port 161 SNMP processing e Defining read
97. on page 21 for more information To enable or disable a PPP server on the serial CLI port 1 To enable a PPP server on the serial CLI port issue a Show Server CLI command to ensure that a serial CLI port has been defined SHOW SERVER CLI 2 Issue a Server PPP command with the Enable parameter SERVER PPP ENABLE LOCALIP lt local_ip gt REMOTEIP lt rem_ip gt MASK lt subnet gt You must specify local and remote IP addresses to be used for the CPS appliance and client ends of the PPP connection respectively You are prompted to confirm or cancel the changes Enter Y to confirm or N to cancel 3 To disable a PPP server issue a Server PPP command with the Disable parameter SERVER PPP DISABLE For more information see Show Server CLI command on page 65 and Server PPP command on page 54 To display PPP configuration information Issue a Show Server PPP command SHOW SERVER PPP For more information see Show Server PPP command on page 66 Connecting to devices using SSH The CPS serial over IP network appliance supports version 2 of the SSH protocol SSH2 The CPS SSH server operates on the standard SSH port 22 The shell for this connection provides a CLI prompt as if you had established a Telnet connection on port 23 The shell request for this connection is for CLI access Additional CPS SSH servers operate on TCP ports that are numbered with values 100 greater than the standard 30xx Telnet ports for the CPS appliance For example
98. ovata Coen oc plan i oni a Re cine 43 Help Command fins Libs n eee er me ne nee hr Geel eased babes 44 Port Commands ss nine ERE EEN REESE RAE 44 Port AlertAdd command rss Re A EE nee E dt nu 45 Port Alert COpy command sine LR RE ne nettement aient 45 Port Alert Delete command sisi 46 Port Breakcommandi nsn re BR cots te cnrs nt tin se rhin Bo ta tn te iiaae 46 Port History command ses 46 PortLogout COMMANDE ere rs ie a entre teinte dede none green aS 47 PortSel commandite sai Mines she tre toner rails nr NT a 47 Port Set In Out command sisi 49 Quit Commandement a nn et ata nine ta Bichon tebe Ra ie 50 Res mee Command eri RS e a a a hi Bis soya be aa E e Soa ee EE Gitte ih 50 Server COMMANAS Erresrrsn ennemie Re RE RR ERNE ARRAS 51 server CLECOMMANG anner GAL Rs RARE Oho BS lel Ra hd etait tied aegis 51 Server FLASH COMMA cccecscaieseressnssentesnnssanntesdadusnsonthegstccvnsderssbenesingednavshesvacassabestacebancdvas cated 53 Server Ping COMMANd s eee tnt tn nn eee a a an a eee a EIS 54 Table of Contents v Server PPR COMMANA ea t AE e E E AA aia E EES 54 Server RADIUS command csini e LAS Rent A nd ee ot 55 Server Reboot Commander street dernier esse res en t NATE SoA ARE dde marne 56 Server Security command airs dhre th Mestre Mer Menara Sesh ee ein Mr ee ee me elles tait 57 SCE V T SEL COMMANT ME EE ER Rd de end donnee dore dt Phd 57 Server SNMP Ccommand s rss mnt indemne 58 Server SNMP Community command sense 58 Server SN
99. owing Pinging 192 168 0 5 with 32 bytes of data Request timed out Request timed out Request timed out Request timed out In this case check the addresses provided to the BootP server to confirm they are correct Verify that the Ethernet LAN adaptor cable is correctly installed on the CPS appliance and the Ethernet hub After the network addresses are configured successfully launch a Telnet session to the assigned IP address Then see nitial CPS appliance login on page 9 To configure the network addresses using a Telnet CLI 1 Ensure that your server or workstation has a Telnet client and is located on the same LAN seg ment as the CPS network appliance Use the arp command to update the server or workstation with the IP address and Ethernet MAC address The Ethernet MAC address is located on the back panel above the LAN connec tor The arp command is entered as arp s lt ip address gt lt mac_address gt For example the following command assigns the IP address 192 168 0 5 and the Ethernet MAC address 00 80 7d 54 01 54 to the CPS appliance arp s 192 168 0 5 00 80 7d 54 01 54 On a UNIX platform the MAC address may require colons instead of dashes for example 00 80 7d 54 01 54 You may verify that you entered the information correctly by using an arp command with the a option arp a This command shows all arp entries for the server or workstation See your system administrator guide if you need a
100. p Destination command on page 60 To add copy or delete port alert strings 1 To add a port alert string issue a Port Alert Add command specifying the port number and a 3 32 character string You may define up to ten strings for each port using separate commands The alert string will only generate a trap if the PortAlert trap is enabled with a Server SNMP Trap command PORT lt port gt ALERT ADD lt string gt To delete a port alert string issue a Port Alert Delete command specifying a port number PORT lt port gt ALERT DELETE The CPS appliance displays a numbered list of alert strings that have been defined for the specified port with a prompt requesting you to select alert string s to delete Indicate the alert strings to be deleted by entering an alert string s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To delete all alert strings type ALL To cancel the command press Enter To copy the defined alert strings from one port to another port issue a Port Alert Copy com mand specifying the port numbers to be copied to and from Chapter 3 Operations 33 PORT lt to_port gt ALERT COPY lt from port gt At the confirmation prompt press Y to confirm or N to cancel When the copy operation occurs all previously defined strings on the port being copied to will be replaced For more information see Port Alert Add com
101. pdates the unit s FLASH Access right SCON Access level APPLIANCEADMIN Enables disables response to ping requests Server Ping Access right SCON Access level APPLIANCEADMIN Enables disables a PPP server on the serial CLI port Server PPP Access right SCON Access level APPLIANCEADMIN 40 CPS Installer User Guide Table 4 4 CPS Appliance Command Summary Continued Command Description Access Right and Access Level Server RADIUS Specifies RADIUS server parameters Access right SCON Access level APPLIANCEADMIN Server Reboot Reboots the unit Access right SCON Access level APPLIANCEADMIN Server Security Specifies the user authentication mode enables disables security lock out and connection methods Access right SCON Access level APPLIANCEADMIN Changes the CPS appliance network configuration Server Set Access right SCON Access level APPLIANCEADMIN Enables disables UDP port 161 SNMP processing Server SNMP Access right SCON Access level APPLIANCEADMIN Server SNMP Defines read write and trap SNMP community strings Access right SCON Community Access level APPLIANCEADMIN Server SNMP Manager Defines deletes SNMP management entities Access right SCON Access level APPLIANCEADMIN Enables disables SNMP traps Server SNMP Trap Access right SCON Access level APPLIANCEADMIN Server SNMP Trap Defines deletes destinations for enabled
102. ppliance BootP servers require the Ethernet MAC address of network devices The Ethernet MAC address is located on the back panel above the LAN con nector See your BootP server s system administrator guide for information about configuring the BootP server After you have configured your network s BootP server with the CPS appliance Ethernet MAC address IP address subnet mask and gateway restore power to the CPS appliance and wait for the ONLINE LED to illuminate Once this occurs the CPS appliance has completed the BootP protocol obtained its IP address and subnet mask and stored these in FLASH You may verify that the BootP process was successful with a ping command which tests net work connectivity The ping command is entered as ping lt ip address gt For example the following command tests the network connectivity of a CPS appliance with the IP address 192 168 0 5 ping 192 168 0 5 If the CPS network appliance completes the BootP successfully you will see a display similar to the following Pinging 192 168 0 5 with 32 bytes of data 8 CPS Installer User Guide Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 If the CPS appliance did not successfully obtain its IP address with the BootP protocol you will see a display similar to the foll
103. ps are disabled The PortAlert trap must be enabled for port alert processing to be performed For more information see Managing the CPS Appliance Using SNMP on page 30 See Supported Traps on page 82 for a list of supported traps Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP TRAP ENABLE DISABLE ALL Table 5 21 Server SNMP Trap Command Parameter Parameter Description Enable generates a numbered list of currently disabled traps from which you choose ENABLE DISABLE those to enable Disable generates a numbered list of currently enabled traps from which you choose those to disable Example The following command enables the linkUp userDeleted and userLogin SNMP traps server snmp trap enable Traps now disabled 1 linkUp 4 userLogin 2 userAdded 5 imageUpgradeStarted 3 userDeleted Select trap s to enable gt 1 3 4 Server SNMP Trap Destination command The Server SNMP Trap Destination command defines or deletes destinations for enabled SNMP traps Once you define destinations for enabled SNMP traps when a trap occurs the CPS appliance will generate SNMP trap messages to each defined SNMP trap destination You may define up to four trap destinations using separate commands For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON Access level APPLIANCEADMIN Chapter 5 CPS Appliance Commands 61 Syntax SERVER SNMP TRAP DESTINATION ADD DELE
104. rameter This clears any stored credentials used by the DSView software To display authentication configuration information 1 Issue a Show Server Security command SHOW SERVER SECURITY The display includes the current CPS appliance authentication settings that were configured with the Server Security command If SSH access has been enabled the display indicates SSH2 Regardless of whether SSH is enabled the display includes the authentication method specified with the Server SSH command 2 To display CPS RADIUS settings that were configured with the Server RADIUS command issue a Show Server RADIUS command SHOW SERVER RADIUS For more information see Server Security command on page 57 Show Server Security command on page 66 Show Server RADIUS command on page 66 and Connecting to devices using SSH on page 16 Using security lock out When the security lock out feature is enabled a user will be locked out after five consecutive authentication failures A successful authentication will reset the counter to zero You may 28 CPS Installer User Guide configure a lock out period of from 1 99 hours Specifying a lock out period of 0 disables the feature that is users will not be locked out A locked out user will remain locked out until the specified time elapses the CPS appliance is power cycled or the user is unlocked by an administrator with the User Unlock command A user with the ADMIN access level may unlock all users except a
105. rate a new key Enter Y to use the existing key or N to generate a new key For more information see Server SSH command on page 61 To disable SSH session access to the CPS appliance Issue a Server SSH command with the Disable parameter SERVER SSH DISABLE When SSH is disabled the CPS appliance operates in plain text mode To display SSH information Issue a Show Server Security command SHOW SERVER SECURITY If SSH is enabled the display will include SSH2 Regardless of whether SSH is enabled the display will indicate the authentication method that was specified with the Server SSH command Enabling plain text Telnet and SSH connections Plain text non encrypted Telnet connections are enabled by default 20 CPS Installer User Guide If you enable SSH connections using the Server Security command with the Encrypt SSH parameter plain text Telnet connections will be disabled However if you enable SSH connections with the Server SSH command both plain text and SSH connections will be allowed To enable both Telnet and SSH connections Issue a Server Security command indicating Encrypt SSH None Telnet CLI mode While you are connected to an attached serial device you may enter Telnet CLI mode and enter CPS appliance commands To enter or exit CLI mode when connected to a serial device 1 To enter CLI mode type the CLI access character which is Ctrl D by default At the CLI prompt gt you may enter CPS commands
106. re information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP MANAGER ADD DELETE lt ip_address gt Table 5 20 Server SNMP Manager Command Parameters Parameter Description ADD DELETE Adds or deletes the specified SNMP management entity lt ip_address gt IP address of SNMP management entity Example The following command adds an SNMP management entity with the IP address of 192 168 0 1 server snmp manager add 192 168 0 1 Server SNMP Trap command The Server SNMP Trap command enables or disables SNMP traps When you issue this command with the Enable parameter the CPS appliance displays a numbered list of all currently disabled traps When you issue this command with the Disable parameter a numbered list of all currently enabled traps is displayed 60 CPS Installer User Guide You may indicate the traps to be enabled disabled by entering a single number several numbers separated by commas a range of numbers separated by a dash or a combinations of numbers separated by commas and dashes You may also type ALL to select all traps in the list or press Enter which cancels the operation If you specify ALL on the command line the numbered list is not displayed If you enable a trap but there is no trap destination configured for it a warning will be issued In this case issue a Server SNMP Trap Destination command NOTE By default all tra
107. rt alert strings from one port to another port Port Alert Delete Deletes one or more port alert strings from a specified port Port Break Sends a serial break signal to the attached device Port History Accesses a port s history mode Port Logout Terminates the CPS session on a specified port Port Set Changes CPS serial port settings for one or all ports Specifies how carriage returns and linefeeds are treated in incoming or outgoing Port Set In Out serial data Chapter 5 CPS Appliance Commands 45 Port Alert Add command The Port Alert Add command adds a port alert string to a specified port Each port may have up to ten port alert strings Duplicate strings are not allowed on the same port To generate a trap the Server SNMP Trap command must be issued to enable the PortAlert trap For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt ALERT ADD lt string gt Table 5 4 Port Alert Add Command Parameters Parameter Description lt port gt Port number in the range 1 8 for a CPS810 appliance or 1 16 for a CPS1610 appliance 3 32 character string If the string contains embedded spaces it must be enclosed lt string gt in quotes Port Alert Copy command The Port Alert Copy command copies the alert strings from one port from port to another to_port Any alert strings that were pre
108. rtion of FLASH is erased the CPS appliance reboots when the INIT button is released You may also use the Server FLASH command to update the CPS FLASH application or boot program For more information see Server FLASH command on page 53 11 CE Operations Overview The CPS serial over IP network appliance and its ports are easily configured and managed to meet your requirements for device connection user authentication access control power status monitoring port history information display and Simple Network Management Protocol SNMP compliance for use with third party network management products Support for SSH access using third party clients is also provided Configuring Serial Port Settings You may configure a CPS port to support one of two types of target devices TDs SPC and console The SPC power control device provides enhanced security options including password protection port specific access rights and port groupings For more information see the SPC Installer User Guide A console TD may be a router firewall server or other supported serial device By default ports are configured with the settings listed in Table 3 1 Table 3 1 Default Port Settings Parameter Value Target device Console Name xx xx xx Pn last 3 octets of MAC address plus the port number Baud rate 9600 Bits per character 8 Parity None Stop bits 1 Flow control None Time out 15 minutes CLI acce
109. rver Reboot command 56 Server Security command 57 Server Set command 57 Server SNMP command 58 Server SNMP Community command 58 Server SNMP Manager command 59 Server SNMP Trap command 59 Server SNMP Trap Destination command 60 Server SSH command 61 Session ending 20 47 50 72 preemption 21 time out 21 47 51 65 Show command summary 62 Show Port Alert command 64 Show Port command 62 Show Port In Out command 64 Show Server CLI command 65 Show Server command 64 Show Server PPP command 66 Show Server RADIUS command 66 Show Server Security command 66 Show Server SNMP command 67 Show User command 67 SNMP about 30 adding port alert strings 32 45 adding deleting management addresses 31 adding deleting trap destination addresses 60 adding deleting trap destinations 32 copying port alert strings 32 45 deleting port alert strings 32 46 displaying configuration information 33 67 displaying port alert string information 33 64 enabling disabling 30 58 enabling disabling traps 31 59 specifying community names 31 58 specifying management entity addresses 59 SPC command 69 SPC device configuring ports and settings 12 69 displaying configuration information 12 62 SSH about 16 authenticating users 17 disabling access 19 61 displaying configuration information 19 66 enabling access 19 61 server keys 17 user keys 18 Statistics network 64 port 62 Subnet mask changing 57 configuring 7 displaying 64 T
110. s the SSH key information for JohnDoe The command will complete successfully only if JohnDoe has a password configured in a previous User Add or User Set command and if there are other users with User access rights wi gt user set key User Unlock command The User Unlock command unlocks a user who was previously locked out After this command completes the user will be able to attempt login authentication again Access right USER Access level ADMIN may unlock all except APPLIANCEADMIN or APPLIANCEADMIN Syntax USER UNLOCK lt username gt Table 5 41 User Logout Command Parameter Parameter Description lt username gt Username to be unlocked 75 APPENDICES Appendix A Technical Specifications Table A 1 CPS 810 1610 Appliance Technical Specifications Item Value Device Ports Number 8 CPS810 appliance 16 CPS1610 appliance Type Serial ports Connectors Serial port RJ 45 Network Connection Number 1 Type Ethernet IEEE 802 3 10BaseT Fast Ethernet IEEE 802 3U 100BaseT Connector RJ 45 Dimensions HxWxD 4 45 x 22 23 x 20 32 cm 1U form factor 1 75 x 8 75 x 8 00 in Weight 5 Ibs 2 3 kg without cables Heat Dissipation 75 BTU hr CPS810 appliance 102 BTU hr CPS1610 appliance Airflow 2 5 cfm Power Consumption 22 W CPS810 appliance 30 W CPS1610 appliance AC input power 50 W maximum AC input maximum 90 to
111. ss character User Server CLI setting D 12 CPS Installer User Guide Table 3 1 Default Port Settings Continued Parameter Value Power None Most of these settings are standard serial port operating characteristics The CLI access character parameter specifies how you access the CLI For more information see Telnet CLI mode on page 20 The Power parameter instructs the CCM appliance to monitor the state of a specified control signal Signal transitions may be configured to trigger SNMP traps The parameter value indicates an inbound control signal CTS DCD or DSR and the state of that signal low or high When the defined signal is true the CPS appliance interprets it as a power on condition for the attached device when the signal is false a power off condition for the device is assumed The signal specified for flow control may not be used for power control and vice versa To configure serial console port settings Issue a Port Set command You may specify settings for one or all ports PORT lt port gt ALL SET TD CONSOLE NAME lt name gt BAUD lt bauad gt SIZE lt size gt PARIT Y lt parity gt STOP lt stop_bits gt FLOW lt flow_ctrl gt TIMEOUT lt time out gt SOCKET lt socket gt CHAR lt cli_char gt TOGGLE NONE DTR POWER lt signal gt To configure SPC ports and settings Issue a Port Set command with the TD SPC parameter PORT lt port gt SET TD SPC When a port is con
112. t CPS Port Modular Adaptor Figure B 3 8 wire RJ 45 Reversing Cable 82 CPS Installer User Guide Appendix C Supported Traps The CPS appliance supports the following MIB2 traps e _ authenticationFailure linkUp __ linkDown e coldStart Table C 1 lists the supported enterprise traps The Avocent web site www avocent com contains the complete trap MIB Table C 1 CPS Appliance Enterprise Traps Trap Description and Variable s rebootStarted The CPS appliance is rebooting Variable command issued by username userLogin A user logged in to the CPS appliance Variable username userLogout A user logged out of the CPS appliance Variable username serialSessionStarted serialSessionStopped A serial session has started Variables username server name and port number A serial session has stopped Variables username server name and port number serialSession Another user has terminated a serial session Variables command issued by username terminated username server name and Terminated port number The CPS appliance has started an image upgrade imageUpgradeStarted Variables command issued by username image type boot or application new version number current version number imageUpgradeResults An image upgrade has ended Variables result upgrade was initiated by username upgrade image type boot or application upgrade version number and running version nu
113. tes when the CPS appliance is connected to a power source The ONLINE LED illuminates steadily not blinking when the CPS self test and initialization ONLINE procedures complete successfully LINK The LINK LED illuminates when the CPS appliance establishes a connection to the network TRAFFIC The TRAFFIC LED blinks when there is network traffic 100MBps The 100MBps LED illuminates when the CPS appliance is connected to a 100 MBps LAN RESET The RESET button when pressed reboots the CPS appliance INIT The INIT button when pressed and held restores the CPS appliance to factory defaults for more information see Reinitializing the CPS Network Appliance on page 10 6 CPS Installer User Guide As shown in Figure 2 2 the back of the CPS appliance contains RJ 45 connectors for serial cabling 8 connectors for an 8 port CPS appliance model or 16 connectors for a 16 port CPS appliance a LAN connector for a 10BaseT or 100BaseT interface cable and a power receptacle 100 250 VAC 50 60 HZ ka e 05A 1 2 3 4 r 9 10 11 12 PN q 3 LJ t T 5 6 7 8 13 14 15 16 LAN Figure 2 2 16 port CPS Appliance Back Panel Installing the CPS Network Appliance A WARNING The power outlet should be near the equipment and easily accessible To install the CPS appliance hardware 1 Place the unit where you can connect cables between the serial devices and the CPS serial ports and where you can conne
114. the Telnet port 23 serial CLI and PPP are still authenticated using the local CPS user database even when authentication is expressly disabled Generally these communications paths are used only by administrators and authentication is enforced in order to establish appropriate access rights This method cannot be used when SSH connections are enabled nor can it be combined with any other authentication method 26 CPS Installer User Guide Authentication of serial CLI port sessions Using the Server CLI command you may enable or disable user authentication at the serial CLI port You may also configure a preemption level that will be used by a serial CLI port user when user authentication is disabled on that port By default authentication is enabled on the serial CLI port e When enabled a serial CLI port user is authenticated against the local CPS user database using the access rights level and preemption level configured for that user with the User Add User Set command e When disabled a serial CLI port user is not authenticated and will be assigned the appliance administrator access level If that CLI port user attempts to connect to another CPS port assuming connection ability is enabled and that port is already in use the preemption level configured with the Server CLI command is used For more information see Preemption on page 21 PPP sessions are always authenticated using the method specified with the Server Security
115. to preempt the current port 7 user s session NOTE Even if authentication is disabled on the CLI port PPP sessions will be authenticated using the settings configured with the Server Security command Enabling disabling serial port CLI session authentication does not apply to PPP dial in connections For more information see Authentication of serial CLI port sessions on page 26 Managing User Accounts The CPS user database can store information for up to 64 user accounts To add a user Issue a User Add command USER ADD lt username gt PASS WORD lt pwd gt SSHKEY lt keyfile gt FTPIP lt ftpada gt KEY lt sshkey gt ACCESS lt access gt You must specify a username You must also specify a password or SSH user key information or you may specify both You may also include an access level or access rights For more information see Connecting to devices using SSH on page 16 Access rights and levels on page 23 and User Add command on page 70 To change a user s configuration information Issue a User Set command USER SET lt username gt PASSWORD lt pwa gt SSHKEY lt keyfile gt FTPIP lt ftpada gt KEY lt sshkey gt ACCESS lt access gt You may change your own password at any time You must have USER access rights to change another user s password or to change any user s SSH user key information and access rights 6609 To remove an SSH user key or password specify Key or Password
116. ttings for all ports These translation settings indicate how carriage returns and linefeeds are treated in incoming and outgoing serial data Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW PORT IN OUT Show Server command The Show Server command displays CPS appliance configuration information and statistics Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER Table 5 29 Show Server Command Display Fields Field Content Server IP address from initial configuration or Server Set commana Chapter 5 CPS Appliance Commands 65 Table 5 29 Show Server Command Display Fields Continued Field Content Mask Subnet mask from initial configuration or Server Set command Gateway Gateway IP address from initial configuration or Server Set command Up Time Days hours minutes and seconds since unit was rebooted MAC Ethernet MAC address S N Serial number Port Port number Username Username from User Add command Duration Duration of session Socket Telnet socket number From Socket Telnet client IP address with socket number in parentheses IP Input and Output Network IP statistics including number of packets delivered discarded and fragments TCP Network TCP statistics including in segs out segs errors and retransmissions UDP Network UDP statistics including in out errors and no port events BOOT
117. ttings that follow should be applied to all ports Default port to which you are attached TD lt device gt Target device type Valid values are Console and SPC If SPC is specified no other port configuration values may be changed with this command Default Console NAME lt name gt Port name up to 32 characters If the name contains spaces enclose the name in double quotes To return one or all port names to default values specify Name Default last 3 octets of MAC address plus the port number BAUD lt baud gt Baud rate Valid values are 0 75 110 134 150 200 300 600 1200 2400 4800 7200 9600 14400 19200 28800 38400 57600 115200 Default 9600 SIZE lt size gt Number of data bits per character Valid values are 7 and 8 PARITY lt parity gt Default 8 Parity Valid values are None No parity Even Even parity Odd Odd parity Mark Mark parity Space Space parity Default None STOP lt stopbits gt Number of stop bits per character Valid values are 1 and 2 Default 1 FLOW lt signal gt Flow control signal For hardware flow control be sure the control signals are correctly wired or data loss may occur The flow control signal cannot also be used for power status monitoring Valid values are XONXOF Software XON XOFF flow control RTSCTS Hardware RTS CTS flow control DTRDCD Hardware DTR DCD flow control None No flow control Default
118. viously defined on the to port will be deleted When you enter this command you are prompted to confirm or cancel the copy operation For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt to_port gt ALERT COPY lt from_port gt Table 5 5 Port Alert Copy Command Parameters Parameter Description Port number where alert strings will be copied in the range 1 8 fora CPS810 Sto pone appliance or 1 16 for a CPS1610 appliance Sere Port number from which alert strings will be copied in the range 1 8 for a CPS810 _P appliance or 1 16 for a CPS1610 appliance Example The following command copies the alert strings defined on port 1 to port 7 replacing any previously defined alert strings on port 7 port 7 alert copy 1 46 CPS Installer User Guide Port Alert Delete command The Port Alert Delete command deletes one or more alert strings from a port When you issue this command a numbered list of defined alert strings is displayed from which you choose those to be deleted You may enter one or more numbers separated by commas a range of numbers separated by a hyphen or type ALL to specify all strings Pressing Enter cancels the command For more information see Managing the CPS Appliance Using SNMP on page 30 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt ALERT DELETE
119. y file Chapter 3 Operations 19 and the FTP connection will be closed The CPS appliance then stores the SSH key with the username in the CPS user database e When using the KEY keyword to specify the SSH key the KEY parameter specifies the actual uuencoded SSH key This is for configurations that do not implement an FTP server The CPS appliance stores the specified key in the CPS user database The CPS appliance processes a uuencoded SSH2 public key file with the format described in the IETF document draft ietf secshpublickeyfile 02 The key must follow all format requirements The UNIX ssh keygen2 generates this file format The CPS appliance also processes a uuencoded SSH1 public key file The UNIX ssh keygen generates this file format To enable SSH session access to the CPS network appliance 1 Issue a Show Server Security command to ensure that you are using an authentication method other than None SHOW SERVER SECURITY 2 Issue a Server SSH command with the Enable parameter You may also specify an authentica tion method SERVER SSH ENABLE AUTH lt auth gt If an authentication method is not specified the previous authentication parameter will be used The default value is AUTH PW 3 Ifyou are enabling SSH for the first time you are advised that all other CPS appliance sessions will be terminated Enter Y to continue or N to cancel 4 Ifyou are reenabling SSH you are prompted to use the existing SSH server key or gene
Download Pdf Manuals
Related Search