1. Manuals
  2. Brands
  3. AirTight Manuals
  4. Server
  5. SA-250
  6. Installation manual

AirTight SA-250 Installation Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Installation Guide

SA-250 Server
339 N. Bernardo Avenue, # 200, Mountain View, CA 94043
www.airtightnetworks.com
©2003-2015 AirTight Networks, Inc. All rights reserved.

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the SA-250 and is the answer not in the manual?

Questions and answers

Summary of Contents for AirTight SA-250

  • Page 1: Installation Guide

    Installation Guide SA-250 Server ©2003-2015 AirTight Networks, Inc. All rights reserved. 339 N. Bernardo Avenue, # 200, Mountain View, CA 94043 www.airtightnetworks.com...
  • Page 2 This page is intentionally left blank.
  • Page 3 WIPS, AirTight Cloud Services, and AirTight devices under any legal theory, including but not limited to lost profits, lost data, or business interruption, even if AirTight Networks knows of or should have known of the possibility of such damages. Regardless of the cause of action or the form of action, the total cumulative liability of AirTight...

  • Page 4: About This Guide

    About this Guide The SA-250 Server Installation Guide gives an overview of the power connector and the ports on the SA-250 server and explains how to configure it. Important! Please read the EULA before installing the SA-250 server. Installing the server constitutes your acceptance of the terms and conditions of the EULA mentioned above in this document.

  • Page 5: Package Contents

    Rack mounting accessories Figure 2-2-1 SA-250 Server Package Contents If the package is not complete, please contact AirTight® Networks, Inc. Technical Support at support@airtightnetworks.com, or return the package to the vendor or dealer where you purchased the product. SA-250 Server Installation Guide...

  • Page 6: Sa-250 Server Overview

    Front panel of the SA-250 server • Rear panel of the SA-250 server The front panel of SA-250 server has a power switch, power LED, HDD activity LED, network interface LED, high availability interface LED, and temperature LED. Figure 3-1: Front Panel of SA-250 Server The following table details the behavior of the power switch.
  • Page 7 Interface The HA interface Ethernet link is down. The rear panel of the SA-250 server has a power connector to provide power supply to the server and ports to connect the server to the network and a computer. Figure 3-2: Rear Panel Ports of SA-250 Server The rear panel of SA-250 Server has a serial port (RS 232 F-F), a network interface port (RJ-45 10/100/1000 Ethernet), a high availability (HA) port (RJ-45 10/100/1000 Ethernet), and a power connector.
  • Page 8 Used to connect the server to the Network Interface RJ-45 Mbps enterprise network Protocol: Ethernet Used to connect the server to the Settings: 10/100/1000 High Availability other servers in a high availability RJ-45 Mbps Protocol: Ethernet cluster SA-250 Server Installation Guide...

  • Page 9: Installing The Sa-250 Server

    Installing the SA-250 Server You must set up the server before using it to monitor and protect your network. This chapter explains how to connect and configure the SA-250 server. Connecting the SA-250 Server Connecting the server involves mounting the server appliance, powering on the server, and connecting it to the network.

  • Page 10: Power On The Server

    Power on the Server The server appliance runs at 110-240V, 3-5A, 50-60 Hz AC power. AirTight® Networks recommends that you provide surge-free stable power to the server. Figure 4-2: SA-250 Server Power Cable To power on the server, perform the following steps: 1.

  • Page 11: Accessing The Server

    3. Open SSH on your computer and press Enter or Space on the SSH Secure Shell dialog. 4. Access the default server IP address, 192.168.1.246, as shown in the following figure: Figure 4-4: Access Default Server IP Address 5. Login using the username: config and password: config. SA-250 Server Installation Guide...

  • Page 12: Accessing The Server Using A Serial Cable

    You can also access the server using a serial RS-232 cable as shown in the following figure and then follow the steps listed below the figure. Figure 4-5: Accessing Server using Serial RS-232 Cable 1. Launch the HyperTerminal from Start > All Programs > Accessories > HyperTerminal on your system. Figure 4-6 HyperTerminal SA-250 Server Installation Guide...
  • Page 13 Select an icon to identify the new connection. c. Click OK. Figure 4-7: Connection Description 3. Specify the HyperTerminal connection details by selecting or entering the appropriate connection information and click OK. Figure 4-8: HyperTerminal Connection SA-250 Server Installation Guide...

  • Page 14: Accessing The Server Initialization And Setup Wizard

    Change the config shell password, set the time zone and date and time, set the Server ID, and then use the set ha command to configure the server in HA mode. SA-250 Server Installation Guide...

  • Page 15: Configure The Backspace Key

    Before configuring the network settings, you are prompted to map the Backspace key to work properly. Figure 4-10: Configure the Backspace Key The Server Initialization and Setup Wizard appears as shown in the following figure. Figure 4-11: Server Initialization and Setup Wizard SA-250 Server Installation Guide...

  • Page 16: Change Config Shell Password

    Change Config Shell Password As a best practice, AirTight Networks recommends that you change the config shell password. The following figure shows how to change the config shell password. Figure 4-12: Change Config Shell Password Change Network Settings The network settings of the server specify its unique IP address on the network. Sensors and access points (APs) use this IP address to identify the server.
  • Page 17 Figure 4-13: Configure Network Settings Figure 4-14: Confirm Network Settings Figure 4-15: Enable IPv6 Support SA-250 Server Installation Guide...

  • Page 18: Set Server Time Zone, Date And Time Settings

    You can change the server date and time manually or using an NTP server. To set the server date and time using an NTP server, you must specify the NTP server IP address or the DNS name of the NTP server. Figure 4-16: Set Server Time Zone, Date and Time SA-250 Server Installation Guide...

  • Page 19: Set Server Id Settings

    Figure 4-17: Set Server ID Set Server Tag An AirTight server can be assigned a tag that could be used to identify the server and specific files and objects associated with that server. By default, the server tag is blank.
  • Page 20 Config Shell prompt appears. You must reboot the server on completion of the Initialization and Setup Wizard before you access the server from the AirTight Management Console (“GUI”). Note: On the Config Shell prompt, you can type the help command to view the list of available commands.

  • Page 21: Set Up The Server Dns Entry

    Browser Google Chrome v25 or higher, Safari 6.0 or higher To launch the AirTight Management Console, perform the following steps: 1. Launch a Web browser from your computer. 2. Enter the default IP Address for the server, that is, 192.168.1.246.

  • Page 22: Activating The License

    3. Click Apply. Figure 4-21: Choose File If the license key is valid, the Login screen is displayed. Else, an error message is displayed. You can log in with user name admin and password admin. SA-250 Server Installation Guide...

  • Page 23: Server Config Shell Commands

    If the server is in FIPS 140-2 mode, the command returns ON. If the server is in get FIPS mode default mode, the command returns OFF. Displays high availability (HA) cluster configuration and service status get ha SA-250 Server Installation Guide...
  • Page 24 Displays the complete server configuration which includes the server ID, server version, server build, MAC address of the network and HA interface, server get server config mode, server time zone, date and time settings, WLSE integration settings, settings of network interfaces, and server processes SA-250 Server Installation Guide...
  • Page 25 Set a passphrase of 10-127 characters. The shared secret is derived from this set communication passphrase set communication Restores the communication key to its factory default value. key default Sets the operation mode of the server to either FIPS 140-2 validated mode or set FIPS mode default mode SA-250 Server Installation Guide...
  • Page 26 IPv6 configuration Sets IPv6 static routing configuration set ipv6 route set license Downloads license from remote server and applies it on the AirTight server. Sets the configuration of the logger set log config set log level aruba Sets the log level of Aruba Mobility Controller Adapter Module Sets the log levels of GUI modules.
  • Page 27 <IPv6 address Pings an IPv6 host. or hostname> traceroute6 <IPv6 address or Shows route to an IPv6 host. hostname> SA-250 Server Installation Guide...
  • Page 28 This cluster show status command can be executed on any server regardless of whether it is in a server cluster or not. SA-250 Server Installation Guide...

  • Page 29: Set Up And Manage Server Cluster

    The parent server retrieves aggregated data from multiple child servers in the cluster and displays it on the AirTight Management Console along with the parent server data. You can also push common policies onto multiple child servers from a parent server.

  • Page 30: Add Child Server To Server Cluster

    3. Enter a suitable name for the child server. You are prompted to enter the hostname or IP address of the child server. 4. Enter the hostname or IP address of the child server. You are prompted to enter the ‘config’ user password for the child server. SA-250 Server Installation Guide...

  • Page 31: Delete Child Server From Server Cluster

    3. Enter the ID of the child server to delete. You are prompted to confirm the deletion of the child server from the server cluster. 4. Enter y to delete the child server from the server cluster. The child server is deleted from the server cluster. SA-250 Server Installation Guide...

  • Page 32: Delete Server Cluster

    2. Execute the command cluster reset on the command line. You are prompted to confirm cluster reset. 3. Enter y to confirm cluster reset or deletion of the server cluster. The cluster is deleted. Refer to the screenshot below for the cluster reset command. Figure 6-4. cluster reset Command SA-250 Server Installation Guide...

  • Page 33: Check Server Status With Respect To Server Cluster

    2. Execute the command cluster show status on the command line. The status of the server is returned by the command. Refer to the screenshots below for different server statuses. Figure 6-5: cluster show status Command Executed on Child Server Figure 6-6: cluster show status Command Executed on Parent Server SA-250 Server Installation Guide...

  • Page 34: Custom Server Tag

    You can assign a tag on a server from the server CLI. By default, there is no tag for a server. You must explicitly set a tag for each AirTight server in your setup. This also holds true for each server in high availability mode and in a server cluster setup.

  • Page 35: Custom Prefix For Filenames

    New Name: AMC_BUILD#_Event_List_USERLOCALE.tsv Note: This file is dependent on the AMC build number and not AMC server itself • Generated Report Old Name: AMCReport_ID_21_2_RANDOM_MMDDYYYY_HH_MM_SS.pdf New Name: AMC_Srv-USeast-03_Report_ID_REPORTID_REPINSTID_YYYYMMDDHHMMSS.pdf • Archived Report Old Name: Archived_Report_1_1_RANDOMSTRING.pdf New Name: AMC_Srv-USeast-03_Archived_Report_USERID_ARCHIVEREPORTID_RANDOMUUID.pdf SA-250 Server Installation Guide...
  • Page 36 Old Name: Visibility_Analytics_MMDDYYYY_HH_MM_SS.csv New Name: AMC_Srv-USeast-03_Visib_Analytics_YYYYMMDDHHMMSS.csv • Association Analytics Old Name: Association_Analytics_MMDDYYYY_HH_MM_SS.csv New Name: AMC_Srv-USeast-03_Assoc_Analytics_YYYYMMDDHHMMSS.csv • AirTight Mobile Configuration Policy Old Name: sgc_group_profile_GROUPID.xml New Name: AMC_Srv-USeast-03_sgc_group_profile_GROUPID.xml • AirTight Mobile Client Report Old Name: ReportsRANDOMNUMBER.html New Name: AMC_Srv-USeast-03_sgc_ReportsRANDOMNUMBER.html SA-250 Server Installation Guide...

  • Page 37: Sa-250 Server Troubleshooting

    SA-250 Server Troubleshooting The following table details the SA-250 server troubleshooting tips. Table 8-1 SA-250 Server Troubleshooting Problem Solution After changing the IP address of the The subnet mask of the computer used to configure the server may not server, the computer used to be the same as that of the server.
  • Page 38 If the Current Status field shows , refer to the Sensors Troubleshooting section for the solution. Restart the console. If the problem persists, run the db clean Server response time is high. command from the Server Config Shell. SA-250 Server Installation Guide...

  • Page 39: Dedicated Management Interface

    Dedicated Management Interface Starting with the 7.1U4r1 release, AirTight server provides CLI commands that enable you to define an Ethernet interface dedicated for management traffic. Management traffic comprises traffic from the UI, API calls, database backup, etc. Other traffic, such as infrastructure /operational traffic, would then be made available only on the network interface eth0.

  • Page 40: Get Management Interface

    You can obtain the status of the management interface and the corresponding settings by running the get management interface command. The following is a sample output of this command: [config]$ get management interface Displays Management Interface settings. Management Interface: [Enabled] IP Address: [192.168.8.91] Subnet Mask: [255.255.252.0] Gateway IP Address: [192.168.11.254] SA-250 Server Installation Guide...

  • Page 41: Set Management Route

    3. If you are deleting a network, enter a comma-separated list of network IDs that are show in the CLI. 4. Specify whether you want to add or delete more networks. Figure 9-2: set management route Command SA-250 Server Installation Guide...

  • Page 42: Get Management Route

    The following is a sample output of this command: [config]$ get management route Displays networks whose traffic will be sent over Management Interface. Traffic destined to following subnets will go over Management Interface with Default gateway as : [192.168.11.254] 1.192.168.120.0/22 SA-250 Server Installation Guide...

  • Page 43: Backup And Restore Database

    10. Backup and Restore Database AirTight Networks strongly recommends that you periodically take a backup of the database on the AirTight server. This ensures that you can restore the AirTight server to a last known working state, in the case of a server failure.

  • Page 44: Back Up An Airtight Server Database

    This includes all Client devices and related data, such as probed SSIDs, and other transient data. The default option is to exclude Client data. Back up an AirTight Server Database To take a backup of the server database, perform the following steps: 1.
  • Page 45 The following figures show an example of full backup and configuration-only backup by using the db backup command. Figure 10-2: Full Backup SA-250 Server Installation Guide...
  • Page 46 Figure 10-3: Configuration-only Backup SA-250 Server Installation Guide...
  • Page 47 You can view the backup file details on the AirTight Management Console under Configuration>System Settings>System Status. The following image illustrates the backup files stored on the server as seen on the AirTight Management Console. Figure 10-4: Backup Files on AirTight Management Console...

  • Page 48: Restore The Database On An Airtight Server

    Restore the Database on an AirTight Server If you have taken a backup of the AirTight server database, you can restore the AirTight server to a last known working state, in the case of a server failure. The database restore is agnostic of the database backup type. A...
  • Page 49 Refer to the following image for the db restore command. Figure 10-5: db restore Command SA-250 Server Installation Guide...

  • Page 50: Check Database Backup Schedule Status

    You can check the status of a database backup schedule by running the get status command. The Schedule DB Backup in the command output specifies the recurrence schedule and backup type. Figure 10-6: Check Backup Schedule Status SA-250 Server Installation Guide...

  • Page 51: Appendix A Sensor-Server Mutual Authentication

    Note: When the server is backward compatible, that is, pre version 6.2 sensors can connect to a version 6.8 server. However, this is not recommended. After all sensors have been upgraded to version 6.8, the set sensor legacy authentication CLI command can be used to disable older sensors from connecting to the server. SA-250 Server Installation Guide...

Table of Contents