1. Manuals
  2. Brands
  3. Cyclades Manuals
  4. Server
  5. AlterPath E2000
  6. Installation, configuration and user manual

Cyclades AlterPath E2000 Installation, Configuration And User Manual

Hide thumbs
Table of Contents

Advertisement

Quick Links

Download this manual
AlterPath
Manager E2000, 2500, and
5000 Installation, Configuration, and
User's Guide
Software Version 1.4.0
Cyclades Corporation
3541 Gateway Boulevard
Fremont, CA 94538 USA
1.888.CYCLADES (292.5233)
1.510.771.6100
1.510.771.6200 (fax)
http://www.cyclades.com
Release Date: December 2005
Part Number: PAC0380

Advertisement

Table of Contents
loading
Need help?

Need help?

Do you have a question about the AlterPath E2000 and is the answer not in the manual?

Questions and answers

Related Manuals for Cyclades AlterPath E2000

Summary of Contents for Cyclades AlterPath E2000

  • Page 1 AlterPath Manager E2000, 2500, and ™ 5000 Installation, Configuration, and User’s Guide Software Version 1.4.0 Cyclades Corporation 3541 Gateway Boulevard Fremont, CA 94538 USA 1.888.CYCLADES (292.5233) 1.510.771.6100 1.510.771.6200 (fax) http://www.cyclades.com Release Date: December 2005 Part Number: PAC0380...
  • Page 2 ©2005 Cyclades Corporation This document contains proprietary information of Cyclades Corporation and is not to be disclosed or used except in accordance with applicable contracts or agreements. Information in this document is subject to change without notice. All trademarks, trade names, logos and service marks referenced herein, even when not specifically marked as such, belong to their respective companies and are not to be considered unprotected by law.

  • Page 3: Table Of Contents

    Audience ..................xxiii Document Organization ..............xxiii Typographic and Other Conventions ..........xxv Linux Shell Syntax .................xxvii Additional Resources ..............xxviii Cyclades Technical Training Available ........xxviii Cyclades Firmware Upgrades ............xxix Cyclades Technical Support ............xxix Chapter 1: Introduction..........1 Connectivity and Capacity ..............1 Key Features ..................3...
  • Page 4 Command Line Interface (CLI) ............15 Interoperability, Integration, and Compatibility ......15 APM E2000, 2500, and 5000 Database Compatibility ....15 Interoperability with Routers and Ethernet Switches ....15 Interoperability with Cyclades Devices ........16 Interoperability and Compatibility with Modem Vendors ..16 Power Management Support ............16 KVM/net Support ................17 Typical Configuration of AlterPath Manager and KVM ....17...
  • Page 5 Safety Considerations When Rack Mounting ........28 Pre-Configuration Requirements ............30 Web Browser Requirements ............32 IPMI and Blade Module Options ............38 Verifying your Current IPMI and Blade Capability ......39 Verifying your MAC Address ............40 Chapter 3: User Level Web Access......43 User Interface Overview ..............43 General Screen Features ..............46 Sorting a List Form by Column/Field Name .......47 Search and Filter Functions ............47...
  • Page 6 Chapter 4: Configuration and Administration..85 Operational Modes ................86 Configuration Process Flow ..............87 First Time Configuration Wizard ............88 First Time Configuration Wizard: An Example ......93 Setting the Authentication Method ..........96 Configuring Active Directory ............97 Limitation of TACACS Plus in ACS Console Access ....97 Hostname Configuration Must Follow RFC Standard ....97 Multiport Ethernet Card Configuration ........98 Disabling HTTP to Use Only HTTPS .........98...
  • Page 7 Difference between Auto Upload and Manual Upload .....131 Modem Dialing Capability for Remote Access to Devices ..131 Modem Management via Command Line Interface ....133 Console Wizard ................134 Summary of Console Wizard Forms .........135 Device Discovery (Auto Discover) ..........142 Multiple Auto Discover .............145 Deleting a Device Group ............148 KVM/net Device Configuration ............149 Alarm Trigger ...................156...
  • Page 8 Blade Management Module ..............206 Forms Used to Configure the Blade Module ........207 Devices ..................210 Proxies ...................214 Two Methods of Blade Configuration ..........217 Running the Blade Wizard ............217 Configuring the Blades and Switches ...........222 Consoles List Form ..............223 Security Rules ...................225 Security Rule List ................226 Security Rules: Network Intf .............231 Security Rule: Date/Time Configuration ........232...
  • Page 9 setserial - Examine the Serial Port Parameters ......273 setsmtp - Set the Email Server’s IP Address......273 date - Set the Date and Time ............273 Changing the Escape Sequence .............273 Re-defining the Interrupt Key ............274 Ethernet Bonding ................278 Example Ethernet Bonding Configuration ........279 Configuration of DHCP Client in APM ...........280 Example DHCP Configuration ............280 Ethernet Port Configuration ..............281...
  • Page 10 Backup and Restore Commands ..........297 Managing Log Files ................297 Where Log Files are Archived ...........297 Backing Up Log Files to a Remote Server ........298 System Recovery Guidelines ............298 Root Password Recovery ..............299 Changing the Database Configuration ..........300 Restoring Your Configuration ............301 More About Importing Certificates ...........305 Appendix A: Technical Specifications....
  • Page 11 Figures APM E2000, Front View ..........1 Figure 1-1: APM E2000, Back View..........2 Figure 1-2: APM 2500, Front View..........2 Figure 1-3: APM 2500, Back View ..........3 Figure 1-4: APM 5000, Front View..........3 Figure 1-5: APM 5000, Back View ..........3 Figure 1-6: Configuration Example of APM and KVM/net..
  • Page 12 KVM Viewer Launch Initialization Window....63 Figure 3-13: KVM Console List Control Page........ 64 Figure 3-14: KVM/net Web Control Page ........65 Figure 3-15: IPMI Sensors form............. 66 Figure 3-16: Log Selection Form ........... 68 Figure 3-17: Access Logs Form ............. 69 Figure 3-18: Event Logs Form ............
  • Page 13 Console Wizard Warning Message......137 Figure 4-17: Console Wizard Defaults Form ........138 Figure 4-18: Console Wizard Access Form ........138 Figure 4-19: Console Wizard Notification Form ......139 Figure 4-20: Unconfigured Consoles List ........140 Figure 4-21: Edit Console Settings Form - Page 1......140 Figure 4-22: Edit Console Settings Form - Page 2......141 Figure 4-23:...
  • Page 14 KVM Console Groups Form........179 Figure 4-47: Users List Form ............184 Figure 4-48: User Detail Form ............. 185 Figure 4-49: User Consoles Form..........188 Figure 4-50: User Devices Form ........... 189 Figure 4-51: User Groups Form ........... 190 Figure 4-52: User Security Rule Form .........
  • Page 15 Security Rule Day / Time Form........233 Figure 4-78: Security Rule Authorized Actions Form ....234 Figure 4-79: IPDU Details Form............236 Figure 4-80: IPDU Create/Device Details Form ......239 Figure 4-81: Connecting 2 APMs in a Redundant Configuration..241 Figure 4-82: APM Heartbeat Configuration Form......242 Figure 4-83: Detailed View - APM Heartbeat Form for Primary ..243 Figure 4-84:...
  • Page 16 AlterPath Manager Installation, Configuration, and User’s Guide...
  • Page 17 Tables Typographic Conventions ......... xxv Table P-1: Other Terms and Conventions ........xxv Table P-2: Naming conventions ..........xxvi Table P-3: Linux Shell Syntax..........xxvii Table P-4: User Interface Main Menu .......... 44 Table 3-1: Alarms List Form............49 Table 3-2: Alarms Detail Form ............
  • Page 18 Modem Mode Choices..........133 Table 4-10: PPP Settings .............. 133 Table 4-11: Health Monitor Pull-down List Options ....134 Table 4-12: Summary of Console Wizard Forms......135 Table 4-13: Forms Used to Configure KVM/net ......149 Table 4-14: Device KVM Viewer Form........152 Table 4-15: Pre-existing Alarm Trigger Entries......
  • Page 19 Security Rules, Network Intf ........231 Table 4-40: Security Rules Date/Time Form ........233 Table 4-41: Security Rule Actions..........235 Table 4-42: IPDU Device Details ..........236 Table 4-43: Heartbeat Form Fields and Meanings......244 Table 4-45: Definitions Used in Fault Tolerant APMs ....244 Table 4-44: Synchronization Form Fields and Meanings .....247 Table 4-46: CLI Specific Commands ...........258...
  • Page 20 xviii AlterPath Manager Installation, Configuration, and User’s Guide...
  • Page 21 Procedures To Bracket Mount an APM ..............24 To Rail Mount an APM 2500 or 5000 ..........24 To Connect the APM Cables .............. 25 To Configure the COM Port Connection and Log In ......31 To Enable ActiveX on Internet Explorer ..........32 To Enable ActiveX on Netscape 7.x...........
  • Page 22 To Add a Device ................110 To Configure the Web Proxy............116 To Verify your Proxy Setting ............117 To Configure Dial Up / Dial Back............ 119 To Enable the OTP Authentication for Dialup ......... 123 To Configure KVM Ports ..............125 To Configure OnSite Ports ...............
  • Page 23 To Initiate Log Rotate (Manual Operation)........181 To Set Log Rotation in Auto Mode ...........181 To Add an IPMI Console from Console Detail Form .......182 To Activate IPMI................182 To Add a User..................184 To Select Consoles for a User ............187 To Select Devices for a User .............188 To Select User Groups for a User............189 To Set a User’s Security Rule............191 To Delete a User ................191...
  • Page 24 To Configure a PM Device ............... 238 To Set Up a Fault Tolerant APM Configuration ......247 To Upgrade Firmware on Redundant APMs ........252 To Log Into the Serial Console Port ..........256 To Do a Windows SSH Login ............257 To Do a Linux or UNIX SSH Login..........

  • Page 25: Before You Begin

    Before You Begin The AlterPath Manager serves as the command and control center for the AlterPath system of products. It provides consolidation of control, added security, and flexibility to very large server and server management configurations. This manual provides the information needed for you or your system administrator to install, configure, administer, and operate the AlterPath E2000, and 2500, and 5000 as well as to guide you in the operation of these products.

  • Page 26: Specifications

    Document Organization Chapter Number and Title Description Explains the procedure for installing the 2: AlterPath Manager Installation AlterPath Manager and preparing it for web configuration and access. Explains the standard user interface. This 3: User Level Web Access chapter is particularly designed for regular users (as distinguished from system administrators) of the AlterPath Manager.

  • Page 27: Typographic And Other Conventions

    Document Organization Typographic and Other Conventions The following table describes the typographic conventions used in Cyclades manuals. Table P-1: Typographic Conventions Typeface Meaning Example Links Hypertext links or URLs Go to: http://www.cyclades.com Emphasis Titles, emphasized or new words or terms See the AlterPath Manager Quick Start.

  • Page 28: Table P-3: Naming Conventions

    Document Organization Table P-2: Other Terms and Conventions Term or Convention Meaning Examples Navigation shortcuts Shortcuts use the “greater Go to Configuration>KVM> than” symbol (>) to indicate General >IP Users in Expert how to navigate to Web mode. Manager forms. Table P-3: Naming conventions Name Convention...

  • Page 29: Linux Shell Syntax

    Linux Shell Syntax Linux Shell Syntax While this manual is primarily designed for using the E2000, 2500, and 5000 web interface, some special features show you how to configure the AlterPath Manager using the Serial Console Interface. The Serial Console configuration is discussed in Chapter 5 (“Advanced Configuration”) of the manual.

  • Page 30: Additional Resources

    [<outlet number>|<outlet start>- <outlet end>][,<outlet number>|<outlet start>-<outlet end>]... Additional Resources Cyclades Technical Training Available Cyclades offers a suite of technical courses to increase your knowledge of the AlterPath Manager. • AlterPath Manager I: Accessing and Monitoring Your out-of-band Infrastructure. •...

  • Page 31: Cyclades Firmware Upgrades

    See “To Upgrade the APM Firmware” on page 295 for instructions on upgrading the firmware on your AlterPath Manager. Cyclades Technical Support Cyclades offers free technical support. To find out how to contact the support center in your region, go to: http://www.cyclades.com/support/technical_support.php.
  • Page 32 Additional Resources APM Installation, Configuration, and User’s Guide...

  • Page 33: Chapter 1 Introduction

    Chapter 1 Introduction The AlterPath Manager E2000, 2500, and 5000 are a family of feature-rich, out-of-band (OOB) managers designed to provide out-of-band infrastructure (OOBI) users and administrators a centralized and convenient way to remotely access target devices and perform all their system fault management work from a single user interface.

  • Page 34: Figure 1-2: Apm E2000, Back View

    Connectivity and Capacity Caution: On the APM hardware, Eth0 is labeled “Eth1,” and Eth1 is labeled as “Eth2.” Power USB port 1 AUX serial port switch Eth1 Eth0 Expansion slots Reset Console port connector USB port 2 Figure 1-2: APM E2000, Back View The AlterPath 2500 and 5000 each have a base DLS or simultaneous connection capacity of 64.

  • Page 35: Key Features

    Key Features Eth0 Eth1 Console connector Figure 1-4: APM 2500, Back View Press and hold for 1 second to power on the system. Press and hold for 4 seconds to reset the system. LCD panel Press and hold for 10 seconds to shut down the system. Figure 1-5: APM 5000, Front View Fans Redundant...
  • Page 36 Key Features Consolidated Views and Console Page 6 Access Access Control List (ACL) for Page 6 Devices Centralized Data Logging System Page 6 Log File Compression and Rotation Page 7 Other Alarm Features Page 8 Modem Support for Remote Sites Page 8 Dial Back Support for ACS Page 8...

  • Page 37: Single Point Security Gateway

    Key Features Blade Module Page 13 Backup, Restore, and Replicate User Page 13 Data Change and Configuration Page 14 Management Exhaustive Reporting Page 14 Simple and Easy Web User Interface Page 14 Fault Tolerant Configuration Page 14 Support Command Line Interface (CLI) Page 15 Interoperability, Integration, and Page 15...

  • Page 38: Consolidated Views And Console Access

    Key Features Consolidated Views and Console Access From the AlterPath Manager web interface, you can view a list of all consoles to which you have authorized access. Information about each console includes console name, port, location, description, and status. The Access Control List (ACL), which is defined by the administrator, defines which user has access to which port.

  • Page 39: Log File Compression And Rotation

    64. This capacity can be expanded (through a DLS feature activation option from Cyclades) to up to 512 DLSs for the APM 2500 and up to 2048 DLSs for the APM 5000. The APM 2500 and the APM 5000 are also available at the time of purchase, with additional, installable DLS activation.

  • Page 40: Other Alarm Features

    Key Features text, based on how the trigger was configured by the administrator, it will do the following: • Send an email to a user list • Create a prioritized alarm entry in the Alarm database • Write a log message to the AlterPath Manager logging system to acknowledge the trigger.

  • Page 41: Multiport Ethernet

    Key Features OTP method of authentication prevents passwords from being intercepted over a phone line and reused, even if the phone line is tapped. OTP authentication during dialup is transparent to the user (the user does not notice the authentication). Multiport Ethernet The AlterPath Manager E2000 supports up to two multiport PCI Ethernet cards for secure networks that use multiple network segments.

  • Page 42: Ethernet Bonding

    Key Features Ethernet Bonding Ethernet bonding is a method of providing redundancy to an Ethernet connection. When Ethernet bonding is enabled, the primary Ethernet port operates under normal circumstances. If the primary Ethernet port fails, a backup (or redundant) Ethernet port takes over. This is called a failover condition (e.g., the primary Ethernet port fails over to the secondary Ethernet port).

  • Page 43: Console Wizard

    Device Discovery The Device Discovery feature enables the AlterPath Manager to recognize the current configuration of a Cyclades TS, ACS, or KVM/net and, through the use of a wizard, auto populate the console parameters based on the values used by the Cyclades TS, ACS, or KVM/net.

  • Page 44: Kvm/Net Fw Upgrade Support

    Key Features control page that replaces the OSD for KVM over IP sessions. The KVN/net Plus also features the capability to connect to RDP servers via an in band connection. The RDP capability can be configured and controlled from the APM.

  • Page 45: Support For Hp Openview Nnm

    Key Features Support for HP OpenView NNM With the optional HP OpenView NNM Integration, the administrator can access remote systems using both in-band and out of band techniques from a common HP OpenView network node manager (NNM) view. Device, Console, and User Group Management Devices, consoles, and users can be grouped to further simplify the organization and management of these system components.

  • Page 46: Change And Configuration Management

    Key Features Change and Configuration Management Change and Configuration Management feature of the AlterPath Manager is designed such that any number of change management procedures can be configured through the AlterPath Manager rather than through the target devices or software. •...

  • Page 47: Command Line Interface (Cli)

    Key Features As a user you can only view and access those consoles you are assigned. This customization adds security to the system since users cannot view or access any console that does not concern them. Command Line Interface (CLI) For emergency access situations, the AlterPath Manager can provide you with a command line interface by making a regular Secure Shell connection to the AlterPath Manager.

  • Page 48: Interoperability With Cyclades Devices

    Key Features Note: Gigabit Ethernet is available on the APM 2500 and APM 5000 only. Interoperability with Cyclades Devices The APM firmware 1.4.0 interoperates with the latest versions of the AlterPath Console Server, the AlterPath KVM/net, the AlterPath Terminal Server, and the AlterPath OnSite.

  • Page 49: Kvm/Net Support

    KVM/net Support KVM/net Support The AlterPath KVM/net is a Cyclades stand-alone networking device similar in concept to a console server. The user connects through a program over an IP connection and the KVM/net switch routes the application to one of its ports to connect directly to the keyboard, video, and mouse ports of a target server.

  • Page 50: Alterpath Manager Features Unsupported By Kvm/Net

    OnSite Support In the diagram, if KVM/net 2 is a 16-port device and the two analog switches are also 16-port devices, then KVM/net 2 will have 44 ports available to the user; 32 ports from the two analog switches and 12 ports from KVM/net 2. The four ports in KVM/net 2 are used to connect to the slave units.

  • Page 51: Example Configuration Of An Apm And An Onsite

    OnSite Support Example Configuration of an APM and an OnSite The following configuration diagram shows an example of an APM connected to an OnSite with KVM servers and console servers. One server can be accessed through both types of connection. AlterPath Manager Ethernet OnSite...
  • Page 52 OnSite Support APM Installation, Configuration, and User’s Guide...

  • Page 53: Chapter 2: Alterpath Manager Installation

    Chapter 2 AlterPath Manager Installation This section discusses the procedures and requirements for installing the AlterPath Manager E2000, 2500, and 5000. The section is organized as follows: Product Installation Checklist Page 21 Rack Mounting the AlterPath Page 23 Manager Deploying the AlterPath Manager Page 25 Safety Considerations When Rack Page 28...
  • Page 54 Product Installation Checklist Check Item Part Description Purpose Number PAC0381 Quick Start Guide A quick installation and configuration guide to get you started with your APM right away See below Power cable Main power cable for for country- AlterPath Manager specific part E2000, 2500, and 5000 numbers.

  • Page 55: Rack Mounting The Alterpath Manager

    Rack Mounting the AlterPath Manager Check Item Part Description Purpose Number HAR0550 Mounting Kit Hardware for rack mounting the AlterPath Mounting brackets, Manager E2000. necessary screws for APM E2000 HAR0017 Mounting rail kit Hardware for rack mounting the AlterPath HAR0018 Mounting brackets, Manager 2500.

  • Page 56: To Bracket Mount An Apm

    Rack Mounting the AlterPath Manager To Bracket Mount an APM 1. Attach the mounting brackets to the sides of the APM E2000 towards the front of the box. Use a screwdriver to firmly tighten the mounting brackets (already attached to the APM 2500 and APM 5000). 2.

  • Page 57: Deploying The Alterpath Manager

    Deploying the AlterPath Manager Note: To help prevent electric shock, plug the AlterPath Manager into a properly grounded power source. The cable is equipped with a 3-prong plug to help ensure proper grounding. Do not use adapter plugs or remove the grounding prong from the cable.

  • Page 58: Single Network Topology

    Deploying the AlterPath Manager management network comprises all fault management equipment (i.e., TS, ACS, KVM/net, OnSite), devices, and infrastructure used to manage the public network. Equipped with its own Ethernet switches, the management network is physically separate from the public network. Because any AlterPath Manager user who needs to access serial or KVM console ports must pass through the AlterPath Manager, this is the most secure way to deploy the AlterPath Manager (see Figure 2-1).

  • Page 59: Private Network Diagram

    Deploying the AlterPath Manager Private Network Diagram The diagram below depicts how the AlterPath Manager AlterPath Manager may be set up in a private network structure. Workstation Public LAN (Web User Interface) Ethernet Eth0 AlterPath Manager Private LAN Eth1 Ethernet KVM/net ACS or TS KVM ports...

  • Page 60: Single Network Diagram

    Safety Considerations When Rack Mounting Single Network Diagram The diagram below depicts how the AlterPath Manager AlterPath Manager may be set up in a single network structure. AlterPath Manager Workstation (Web User Interface) Public LAN Eth0 Ethernet Ethernet cable KVM/net ACS or TS Serial ports KVM ports...

  • Page 61: Mechanical Loading

    Safety Considerations When Rack Mounting Elevated operating ambient temperature If you install the AlterPath Manager in a closed or multi-rack assembly, the operating ambient temperature of the rack environment may be greater than the room ambient temperature. Ensure that you install the equipment in an environment compatible with the manufacturer’s maximum rated ambient temperature.

  • Page 62: Pre-Configuration Requirements

    Pre-Configuration Requirements Pre-Configuration Requirements Before configuring AlterPath Manager, ensure that you have a local system with the following system set up and information ready: Requirement Description HyperTerminal, If you are using a PC, ensure that HyperTerminal Kermit, or Minicom is installed on your Windows operating system. If you are using the UNIX operating system, use Kermit or Minicom.

  • Page 63: To Configure The Com Port Connection And Log In

    Pre-Configuration Requirements Note: For a list of internet browsers and Cyclades device firmware versions supported by the AlterPath Manager, refer to Appendix A, “Technical Specifications.” To Configure the COM Port Connection and Log In The console port is used for the initial configuration (also known as First Time Configuration in this document) which is performed using the Console Interface via serial console connection.

  • Page 64: Web Browser Requirements

    Pre-Configuration Requirements You will see the AlterPath Manager booting on your screen. After it finishes booting, you should see the configuration screen. Web Browser Requirements You will need a local Windows workstation running a web browser that supports the following: •...

  • Page 65: Figure 2-3: Options To Enable For Activex

    Pre-Configuration Requirements 3. Make sure you enable the selections shown as enabled in Figure 2-3, “Options to Enable for ActiveX.” Figure 2-3: Options to Enable for ActiveX To Enable ActiveX on Netscape 7.x Note: This applies to Netscape 7.x where x > 1. 1.

  • Page 66: Figure 2-4: "Tools" Pull-Down Menu With "Options" Selected

    Pre-Configuration Requirements Note: This path can vary if Netscape 7.x was installed in a directory other than the default. 2. Locate the file named “activex.js” and edit it. 3. In the editor, change the following line from: pref("security.classID.allowByDefault", false); pref("security.classID.allowByDefault", true); 4.

  • Page 67: Figure 2-5: Netscape 8 Options Window

    Pre-Configuration Requirements An “Options” window appears. Figure 2-5: Netscape 8 Options Window 4. Click on “Site Controls” in the left column of the window. The window that appears has the button to enable ActiveX. Installation...

  • Page 68: Figure 2-6: "Site Controls" Option Selection

    Pre-Configuration Requirements Figure 2-6: “Site Controls” Option Selection 5. Select “Internet Explorer” in the “Rendering Engine” box in the lower right of the window. 6. Select “Enable ActiveX” in the “Web Features” box. 7. Click the “OK” button. 8. Enter the IP address of your APM in the URL entry field of your Netscape browser.

  • Page 69: Figure 2-7: Location Of Shield Icon And Url Entry Field

    Pre-Configuration Requirements URL entry field Shield icon Figure 2-7: Location of Shield Icon and URL Entry Field 9. Click on the Shield Icon. A “Trust Settings” dialog box appears. Installation...

  • Page 70: Ipmi And Blade Module Options

    IPMI • Blade Module You can purchase the IPMI and Blade Module options from your Cyclades sales team, or Cyclades partners. Cyclades customer service will need the MAC (Ethernet hardware) address of Eth0 (the first Ethernet controller in your APM) to generate the license file which will activate your new features.

  • Page 71: Verifying Your Current Ipmi And Blade Capability

    Pre-Configuration Requirements Verifying your Current IPMI and Blade Capability Log on to the Web User Interface and click on the “About” link in the upper left corner of the display. A window that shows IPMI, blade, and any other licenses and their status appears: Figure 2-9: Feature Window You can also log on to the CLI (on the serial console port) as root or as admin and run the following command:...

  • Page 72: Verifying Your Mac Address

    Name=APM_B_IPMI, version=1.0.1, type=null, feature=IPMI, device=APM, owner=paulo, customer_id=gregg, expiry_date=2005-12-28, expiry_time=00:00, info=null, VALID=true FEATURE= DLS Name=APM_B_DLS_256, version=1.0.1, type=standard, feature=DLS, device=APM, owner=Cyclades Corporation, customer_id=cyclades, expiry_date=9999-01-31, expiry_time=00:00, info=e2000 base license, VALID=true FEATURE= NNM Name=APM_B_NNM, version=1.0.1, type=null, feature=NNM, device=APM, owner=paulo, customer_id=gregg, expiry_date=2005-12-28, expiry_time=00:00, info=null, VALID=true...

  • Page 73: To Activate The Blade Module

    Pre-Configuration Requirements A display similar to the following will appear: eth0 Link encap:Ethernet HWaddr 00:90:FB:81:57:17 inet addr:192.168.48.162 Bcast:192.168.51.255 Mask:255.255.252.0 UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1 RX packets:9691587 errors:133 dropped:0 overruns:0 frame:133 TX packets:5726282 errors:0 dropped:0 overruns:0 carrier:0 collisions:1038728 txqueuelen:1000 RX bytes:685270715 (653.5 Mb) TX bytes:548308906 (522.9 Mb) Interrupt:10 Base address:0xc000 Memory:e5020000-e5020038 eth1...
  • Page 74 Pre-Configuration Requirements APM Installation, Configuration, and User’s Guide...

  • Page 75: Chapter 3: User Level Web Access

    Chapter 3 User Level Web Access The web interface provides two modes for using the AlterPath Manager E2000, 2500, and 5000 based on the type of user: Access (for operation by regular users) and Admin (for configuration by system administrators). This chapter explains the procedures for operating the AlterPath Manager web interface in Access mode.

  • Page 76: Table 3-1: User Interface Main Menu

    User Interface Overview Table 3-1: User Interface Main Menu Menu Selection Description Alarms The Alarms list form is the first form that you see (or the default form) when you log in. Use this form to view alarms, update the status of an alarm or close an alarm after resolving it Consoles / Devices List form to view a list of devices assigned to you.

  • Page 77: Figure 3-1: Apm Login Screen

    AlterPath Manager administrator. The IP address works for both encrypted (https) and non-encrypted (http) versions. Cyclades recommends that you use the encrypted version. Note: See “To Disable HTTP to Use Only HTTPS” on page 294 (Chapter 5) for the procedure on how to configure the encrypted version.

  • Page 78: General Screen Features

    User Interface Overview General Screen Features The diagram below shows the general features of the AlterPath Manager Web Management Interface (WMI). The sample form is for illustration only; it is not the first form that you see when you log in as a regular user. “Access”...

  • Page 79: Sorting A List Form By Column/Field Name

    User Interface Overview The “Admin” tab (not visible in the example above) is visible only to users with admin rights. Be sure to select the “Logout” button on the top right hand corner after you finish your session. Sorting a List Form by Column/Field Name Most list forms provide sort, search, and filter functions.

  • Page 80: Alarms

    Alarms Alarms The Alarms List form is the default form of the AlterPath Manager Web Interface in “Access” mode. An alarm is a brief message alerting you of a possible problem that requires an action. When AlterPath Manager detects an alarm, it sends the alarm along with a ticket number to the user’s Alarms List form.

  • Page 81: Alarms List Form

    Alarms Alarms List Form When you first log in to the AlterPath Manager as a regular user or select “Alarms” from the menu, the Alarms List form is the first form that you will see. Use this form to view the list of alarms, to connect to a console, and to view console logs.

  • Page 82: To View The Alarms Detail Form

    Alarms Table 3-2: Alarms List Form Element Definition Console Console from which the alarm originated. Click on the console name to enable a console session according to the type of configured device and console. For example, a serial console will establish a text-based session; a KVM console will launch the KVM viewer, and an IPMI console will launch the SSH applet and connect to the IPMI SOL console.

  • Page 83: Figure 3-4: Alarms Detail (Or Ticket Info) Form

    Alarms Figure 3-4: Alarms Detail (or Ticket Info) Form Table 3-3: Alarms Detail Form Element Definition Assigned Users Dropdown box that lists all the assigned users for the current alarm. Select a user to assign or re- assign ticket to another individual user. Status Dropdown box to select the status of the ticket.

  • Page 84: Figure 3-5: Logs Form

    Alarms To View Alarm or Console Logs You can view the console log for a particular alarm or ticket from the Alarms List form. To view the console log, follow the step below: 1. From the Alarms List form, under the “Console Log” column heading, select the corresponding view link for the console log you wish to view.

  • Page 85: Web Access For Users

    Web Access for Users 4. If applicable, type in your notes or comments in the “Notes” text entry box. 5. Select “Save” to complete your entry. Web Access for Users Consoles/Devices Users can access consoles and devices when they have been granted permission to do so by the AlterPath Manager admin user.

  • Page 86: Figure 3-6: Selecting A Device: "View" Or "Cli

    Web Access for Users Figure 3-6: Selecting a Device: “View” or “CLI” a. Select the “VIEW” button, and you will see a read only view of the Device Detail or Console Detail form, which is the default of a series of tabbed forms.

  • Page 87: Consoles

    Web Access for Users • Notify • Groups • Proxies • Dial-Up • Log Rotate All the forms are read only forms. b. Select the “CLI” button, and a CLI viewer will be launched. Figure 3-8: Device CLI Viewer Consoles Selecting “Consoles”...

  • Page 88: To View The Consoles List

    Web Access for Users To “connect to a target console” means that depending on the type of configured device and console, selecting a console from the Console List form may: • Open a command line console session (for TS, ACS, or OnSite). •...

  • Page 89: Figure 3-9: Consoles List Form

    Web Access for Users Figure 3-9: Consoles List Form To Connect to a Console To connect to a console: 1. From the Console List form, select the console you wish to connect to by selecting the console name. Note: If a modem is connected to a remote site, you will experience a slight delay before connecting to a console.

  • Page 90: Multiple Users And Read/Write Access

    Web Access for Users Multiple Users and Read/Write Access Because the AlterPath Manager supports multiple connections to the same port, this makes it possible for multiple users to view the same form. Note, however, that only the first user to connect to that port can have full Read and Write (R/W) access to the Console panel while the rest can have Read only (R) access.

  • Page 91: Figure 3-10:Consoles Detail Form

    Web Access for Users Figure 3-10:Consoles Detail Form Table 3-5: Consoles, Details Form Field Meaning Details Tab to display the Console Detail form. Notify Tab to tell you if you are on the notification list. Groups Tab to tell you if any groups are assigned to the console.
  • Page 92 Web Access for Users Table 3-5: Consoles, Details Form Field Meaning Port Drop-down field for selecting the physical KVM port number of the console. This field also has an “RDP Only” selection that allows you to configure an RDP port without associating it with a physical KVM port.

  • Page 93: Figure 3-11: Consoles Notify Form

    Web Access for Users Table 3-5: Consoles, Details Form Field Meaning Back Button to return to the previous page or form. Caution: Be sure to turn off your web browser’s popup blocker before attempting to make an RDP connection. An RDP connection will fail if you have your browser’s popup blocker turned on.

  • Page 94: Kvm/Net Plus Web Control Page

    Web Access for Users To View the Consoles Groups Form The Console Groups form shows the group(s) to which the current console belongs. To view the Consoles Group form: 1. From the Consoles Detail form, click on the “Groups” tab. The system displays the Consoles Group form: Figure 3-12: Consoles Group Form KVM/net Plus Web Control Page...

  • Page 95: Figure 3-13:Kvm Viewer Launch Initialization Window

    Web Access for Users Figure 3-13:KVM Viewer Launch Initialization Window After the KVM viewer appears, the launch window is replaced (in the background) by a console list control window. 2. After the KVM viewer appears, bring the console list control window to the foreground.

  • Page 96: Figure 3-14:Kvm Console List Control Page

    Web Access for Users Figure 3-14:KVM Console List Control Page A web control page window similar to the window shown in Figure 3-15 appears. APM Installation, Configuration, and User’s Guide...

  • Page 97: Figure 3-15:Kvm/Net Web Control Page

    Web Access for Users Figure 3-15:KVM/net Web Control Page The web control page allows viewing of the status of the port on which you are connected. It also allows you to: 1. Reset the mouse and keyboard associated with the console you are accessing.

  • Page 98: Ipmi

    IPMI IPMI IPMI is a paid-for added feature of AlterPath Manager, which is available only to IPMI users. To View IPMI Sensors The IPMI Sensor form is used to view IPMI-based servers. IPMI (Intelligent Platform Management Interface) is the open standard for machine health and control (including remote control).

  • Page 99: Logs

    Logs Logs The Logs option of the menu allows you to select and view three types of logs pertaining to the console assigned to you: Table 3-6: Log Types Log Type Definition Access Log Logs that provide logging information (i.e., who accessed the console, when and for how long, etc.) about a particular console.

  • Page 100: Figure 3-17: Log Selection Form

    Logs Figure 3-17: Log Selection Form Table 3-7: Log Selection Form Element Definition Console/Device Drop down list to select a console or device that will be the basis of the log(s) to be retrieved. Date From Drop down list to select the starting date of the log(s) to be viewed.

  • Page 101: Access Logs

    Logs 2. From the Console drop down list, select the console from which you want to view the logs. Note: You can only view or access the logs of consoles to which you have authorized access. 3. Select a range of dates from which to base your logs by selecting from the “Date from”...

  • Page 102: Event Logs

    Logs Table 3-8: Access Logs Form Element Definition Date Date in which the event occurred. Time Time of the event. User User who connected to the console. Action What the user did in response to the alarm. Status Status of the console (Enable / Disable). Connection Type of connection (e.g., SSH, Web);...

  • Page 103: Data Buffer

    Logs Table 3-9: Event Logs Form Element Definition Date Date of the event. Time Time of the event. Ticket Ticket number associated with the event. Pattern Trigger Expression Action Action taken to resolve event. Data Buffer Use the Data Buffer browser to view the contents of the data buffer generated by a target console.

  • Page 104: Power Management

    Power Management Power Management If you have been given access to one or more power management devices by your system administrator, you will be able to access some of the PM control functions. Figure 3-21 shows an example of a user PM device detail form. Figure 3-21:PM Device Viewer Detail Form Table 3-10: IPDU Viewer Details Form Element...
  • Page 105 A name you can give to the PM device to help you remember where it is and what it controls. Type Fixed at “IPDU” Vendor Fixed at Cyclades Model The model and output current capacity of the PM device. Connection A pull-down list allowing you to select either “ssh,”...

  • Page 106: To View Pm Device Parameters

    Power Management Table 3-10: IPDU Viewer Details Form Element Definition Buzzer If selected, sounds a buzzer if the alarm threshold is exceeded. Syslog If selected, allows PM device alarm events to be logged. Back Button that allows you to go back to the previous form without saving any configuration parameters.

  • Page 107: User's Profile

    User’s Profile Figure 3-22:PM Device Outlet Control Form For any outlet to which you have access, you can power on, power off, toggle, lock, or unlock. After you check the appropriate box(es), click on the “Execute Operations” button. User’s Profile The User’s Profile forms allow you to view your profile or contact information and modify a limited number of fields.

  • Page 108: Figure 3-23: User's Profile Details Form

    User’s Profile Figure 3-23: User’s Profile Details Form Table 3-11: User’s Profile Details Form Element Definition Details Default tab displays the User’s Profile Detail form. Consoles Tab displays the selected consoles assigned to the current user and the consoles accessed by the user through group association.
  • Page 109 User’s Profile Table 3-11: User’s Profile Details Form Element Definition User Name The user name used to log into the AlterPath Manager. Admin User If “YES,” indicates that the user has Admin privileges, and also belongs to the Admin user group.

  • Page 110: Viewing The User's Profile Consoles Form

    User’s Profile Table 3-11: User’s Profile Details Form Element Definition Status Indicates whether the user’s access is enabled or disabled. GUI Theme A pull-down field that lets the user select a choice of colors for the APM WMI. Save Button to save the user’s configuration changes.

  • Page 111: Viewing The User's Profile Devices Form

    User’s Profile Figure 3-24:User’s Profile Consoles Form Table 3-12: User’s Profile Consoles Form Element Definition Consoles Tab or button to select the current form. Select consoles for user List box from which to select a possible list of access user consoles assignable to the current user. Button to add a selected user console (left list box) to the “Selected consoles”...

  • Page 112: Viewing The User's Profile Groups Form

    User’s Profile Figure 3-25:User’s Profile Devices Form Table 3-13: User’s Profile Devices Form Field Definition Devices Tab or button to select the current form. Select devices for user List box from which to select a possible list of access user devices assignable to the current user. Button to add a selected user device (left list box) to the “Selected devices”...

  • Page 113: Figure 3-26: User's Profile Groups Form

    User’s Profile From the User’s Profile Detail form, click on the “Groups” tab. The system displays the User’s Profile Groups form: Figure 3-26: User’s Profile Groups Form Table 3-14: User’s Profile Groups Form Element Definition Groups Tab or button to select the current form. Select groups for the user List box from which to select a possible list of user groups assignable to the current user.

  • Page 114: Viewing The User's Profile Security Form

    User’s Profile Viewing the User’s Profile Security Form The Security form shows the current security rule assigned to you (as well as any other rules to which you have access). A security rule defines a user’s access control to a device as well as through which user group that rule is assigned.
  • Page 115 User’s Profile Table 3-15: User’s Profile Security Form Element Definition Delete Button to delete a selected security rule (right list box) and return it to the “Select security rule” list box. Selected security rules The list box that shows the Security Rule assigned to the current user.
  • Page 116 User’s Profile APM Installation, Configuration, and User’s Guide...

  • Page 117: Chapter 4: Configuration And Administration

    Chapter 4 Configuration and Administration This chapter presents the procedures for configuring the AlterPath Manager E2000, 2500, or 5000 through the web interface. Addressed to the E2000/ 2500/5000 administrator who must use the AlterPath Manager web interface in Admin Mode, the chapter is organized as follows: Operational Modes Page 86 Configuration Process Flow...

  • Page 118: Operational Modes

    Operational Modes Operational Modes The AlterPath Manager provides two operating modes for configuration: • First Time Configuration (Linux shell on the serial console) • Admin Mode (GUI-based) Before you can use the AlterPath Manager Web Management Interface (WMI) you must first run the First Time Configuration wizard. The admin user, by default, is the system administrator of the AlterPath Manager web interface and runs the application in Admin mode.

  • Page 119: Configuration Process Flow

    Configuration Process Flow Configuration Process Flow The entire configuration process through the serial console and through the WMI is as follows: Connect to serial console Perform First Time Configuration Reset system to default reboot factory settings successful? Log on to AlterPath Manager as Admin Alarm Security...

  • Page 120: First Time Configuration Wizard

    First Time Configuration Wizard You must perform the First Time Configuration process (see Configuration Flow Diagram) using the Linux shell through the serial console interface. Once completed, you may perform the rest of the configuration process and all daily administration procedures through the AlterPath Manager web interface.

  • Page 121: To Use The First Time Configuration Wizard

    Boot information will scroll up on the screen for a short time until the system is ready for initial configuration input data. Welcome to Cyclades-APM! Since this is the first time you are booting your APM, you need to answer some basic configuration questions. Once this is done, the other APM configuration parameters can be set through its Web Management Interface (WMI).
  • Page 122 First Time Configuration Wizard • Select a time zone • Enter a new system date and time (format is MM/DD/YY) Note: You must type a date, even if it is the same as the date displayed, in order to change the time. •...
  • Page 123 First Time Configuration Wizard • Choose the correct operation mode from the following: 1) Auto-negotiation 2) 10 Mbps, full duplex 3) 10 Mbps, half duplex 4) 100 Mbps, full duplex 5) 100 Mbps, half duplex 6) 1000 Mbps, full duplex 7) 1000 Mbps, half duplex Note: Gigabit Ethernet (1000 MBps speed) is available on the APM 2500 and APM 5000 only.

  • Page 124: To Change Individual Parameters

    First Time Configuration Wizard To Change Individual Parameters Note: If you make changes to any of the foregoing configuration steps, you can adjust most configuration parameters by running one of the following commands as required. 1. Choose the appropriate command from the list below: •...

  • Page 125: First Time Configuration Wizard: An Example

    The First Time Configuration sample session shown below shows the portion of the command line data where the user configuration begins. This is commenced by the heading, “Welcome to Cyclades-APM!” Before the Welcome heading appears, the system will prompt you for the following: Caution: Be sure you answer “n”...
  • Page 126 Do you want to re-create the Configuration file system? (y/n)[n] The screen scrolls to the “Welcome” heading. Welcome to Cyclades-APM! Since this is the first time you are booting your APM, you need to answer some basic configuration questions. Once this is done, the other APM configuration parameters can be set through its Web Management Interface (WMI).
  • Page 127 First Time Configuration Wizard After configuring your root and admin passwords, you are prompted to enter your time zone. Please choose the time zone where this machine is located. 1) Africa 18) Eire 35) Jamaica 52) ROC 2) America 19) Etc 36) Japan 53) ROK 3) Antarctica...

  • Page 128: Setting The Authentication Method

    (max 60 chars) [localdomain]: cyclades.com Enter the Primary Nameserver's IP address [none]: 192.168.44.21 Enter the Secondary Nameserver's IP address [none]: Enter the NTP server: Enter the email (SMTP) server: smtp.cyclades.com Choose the desirable authentication method (local/radius/tacacs+/ldap/kerberos/nis/active_directory) [local]: Saving configuration files to flash (/flash/config/config.tgz)... done.

  • Page 129: Configuring Active Directory

    First Time Configuration Wizard for the TACACS+ server IP address, the shared secret, and the available service (system). If you select NIS, the system will prompt you for the NIS Domain Name and the NIS Server. For the NIS Domain Name, the system will accept localdomain, or you may leave the field blank.

  • Page 130: Multiport Ethernet Card Configuration

    First Time Configuration Wizard Multiport Ethernet Card Configuration The AlterPath Manager supports up to two multiport Ethernet cards to allow connection to network segments. The First Time Configuration Wizard will detect any multiport Ethernet card that is installed in the AlterPath Manager and will prompt you for network information.

  • Page 131: Alterpath Manager Web Interface: Admin Mode

    AlterPath Manager Web Interface: Admin Mode Note: See “To Disable HTTP to Use Only HTTPS” on page 294 of Chapter 5, “Advanced Configuration” for the procedure on how to configure the encrypted version. AlterPath Manager Web Interface: Admin Mode Once you have completed the First Time Configuration procedure, you may login to the AlterPath Manager web interface and use the system in Admin Mode.

  • Page 132: Figure 4-3: Logging In As Admin

    AlterPath Manager Web Interface: Admin Mode To Log Into the APM Web Interface 1. Type “admin” or the name of another user with administrator privileges in the “username” field. 2. Type the password for the admin user in the “password” field. 3.

  • Page 133: Parts Of The Web Management Interface

    AlterPath Manager Web Interface: Admin Mode Parts of the Web Management Interface Before proceeding to the web configuration process, familiarize yourself with the graphical user interface. Shown below are the basic features of the AlterPath Manager Web Management Interface in Admin Mode. The form example shows the Users List form, the first form to appear in the web interface.

  • Page 134: Relocating Online Help

    2. Log onto the console as root and edit the file: /var/apm/apm.properties 3. Go to the following line: online_help_url=http://www.cyclades.com/online-help/ apm/<apm_model>/<sw_version>/ 4. Modify this line to reference the new location of the online help file. Sorting, Filtering, and Saving a List Form An underscored column heading on any of the list forms indicates that the list may be sorted based on that column heading.

  • Page 135: Using The Form Input Fields

    AlterPath Manager Web Interface: Admin Mode Figure 4-5: Console List Form Sorted by Console The Console List form shown above is sorted by Console in ascending order. You can also sort this form by Type, Device, Location, and Status. To filter your list by group, use the “Filter by” pull-down. The list generated by selecting the “Filter by”...

  • Page 136: Verifying Error Messages

    AlterPath Manager Web Interface: Admin Mode Verifying Error Messages To verify an error message, you can view the form or screen in question by clicking on the error message. This feature allows you to verify or check the error message against the form. Figure 4-6: Device Configuration Error Message Clicking the error message, generates the form in error: Figure 4-7: Form in Error...

  • Page 137: Devices

    Devices Devices Note: For Device forms associated with the Blade Module, see “Blade Management Module” on page 206 The “Devices” option allows you to perform device management operations as summarized by the table below: Table 4-1: Summary of Devices Forms Form Function Form(s) Used Add and configure new...
  • Page 138 Devices Table 4-1: Summary of Devices Forms Form Function Form(s) Used Search, sort, and save list Devices List form. of devices. Assign type of web Proxies form. proxy to access a target device through the web. Configure modem user, Dial Up password and related parameters to enable dial up / dial out functions.

  • Page 139: Device List Form

    Devices Device List Form The Devices List form, which is the default devices form, allows you to view a list of devices that are configured in the AlterPath Manager. From this form, you can add, modify, or delete devices. Figure 4-8: Devices List Form Table 4-2: Device List Form Element Definition...
  • Page 140 Devices Table 4-2: Device List Form Element Definition Config The device configuration. Click on “Edit” to display the Device Detail form for selected device record or line. Upload This column indicates if the device requires a firmware or configuration upload. If required, then select the checkbox adjacent to the device name and click on the “Upload”...

  • Page 141: Supported Devices

    Note: IPMI Activation. IPMI is a paid-for option for AlterPath Manager users. The feature is hidden from users who do not need it. To activate IPMI: Copy the IPMI license file that you purchased from Cyclades into the following directory on your APM:...

  • Page 142: Figure 4-9: Select Device Type Form

    Devices To Add a Device To add any of these devices, follow the steps below: 1. From the menu panel select “Devices” The system displays the Device List form. 2. From the Device List form, click on “Add” located at the bottom of the form.

  • Page 143: Figure 4-10: Device Detail Form

    Devices Figure 4-10: Device Detail Form 4. Complete the Detail form, as necessary, using the table below as a guide. Note: n all the forms, the required fields are printed in red. Table 4-3: Devices, Detail Form Element Definition Details Currently selected tab.
  • Page 144 Devices Table 4-3: Devices, Detail Form Element Definition Log Rotate Tab to display the Log Rotation form, used to set log rotation by configurable size or by selected time interval (available for ACS and TS devices and consoles as well as KVM devices).
  • Page 145 Devices Table 4-3: Devices, Detail Form Element Definition MAC Address The MAC address is required if the selected IP mode is “int_dhcp.” IP Address The IP address of the device is required if the IP mode is “int_dhcp” or “static.” Netmask As indicated, in dotted notation.
  • Page 146 Devices Table 4-3: Devices, Detail Form Element Definition Firmware/Boot Dropdown list to select any firmware or bootcode to upload. You select the firmware to upload, and then when you upload the configuration for the device, you can select the checkbox to upload the firmware as well. Available on KVM/net, KVM/net Plus, ACS, and TS.

  • Page 147: Proxies

    Devices Proxies The AlterPath Manager includes a web proxy server so that connections to the native web interface of any supported device go through the AlterPath Manager. This feature enables the AlterPath Manager to: • Connect users through the AlterPath Manager to remote servers that it controls (e.g., IBM Blade, KVM/net switches, OnSite units, ACS/TS units, and other servers) in connection with any web interface.

  • Page 148: To Configure The Web Proxy

    Devices Table 4-4: Types of Web Proxy Proxy Type Function Forward Proxy using Proxy ARP is the technique in which one host ARP (Address answers ARP requests intended for another Resolution Protocol) machine. By assuming its identity, the router accepts responsibility for routing packets to the intended destination.

  • Page 149: Figure 4-11: Device Proxies Form

    Devices 3. From the Device Edit form, select the “Proxies” tab. The system displays the Device Proxies form. Figure 4-11: Device Proxies Form 4. From the Device Proxies form select the type of web proxy you wish to assign for the current device. Note: If you select Forward Proxy, then you must set your PC’s default gateway and the device’s default gateway to the IP addresses of the AlterPath Manager if your PC and the device are in different networks.

  • Page 150: Disabling The Proxy

    Devices Disabling the Proxy Setting “Proxy type” to “none enabled” will prevent any admin user from accessing the selected device’s web user interface. Direct Access To enable the AlterPath Manager to forward any http(s) data from any client workstation to the target web server (such as the IBM Blade Center Management Module), select the checkbox for “Allow Direct Access”.

  • Page 151: Figure 4-12: Device Dial Up Form

    Devices Call back connections are included in the log messages. Note: For dial back to work, you must configure it from the web interface and the CLI. To Configure Dial Up / Dial Back Note: Modems are currently supported on the APM E2000 only. To configure Dial Up or Dial Back, follow the steps below: 1.

  • Page 152: Table 4-5: Dial Up Form

    Devices 2. Complete the form using the table below as a guide: Table 4-5: Dial Up Form Element Definition Modem Mode Drop-down box to select how you want your PPP connection to be used: Disabled - default value. Primary Network - uses a modem connection as the primary way to connect to a device.

  • Page 153: Other Requirements For Dial Out / Dial Back

    Devices Table 4-5: Dial Up Form Element Definition PPP Password The password to be used to authenticate the dial back user. Enable OTP Check box to enable One Time Password See “One Time (ACS only). Password Configuration” on page 122. 3.

  • Page 154: Other Requirements For Dial Back (Acs Only)

    Devices passwd • <ppp_user> Note: See the section, “Changing the Ports to be Proxied” on page 288 in Chapter 5, “Advanced Configuration.” Other Requirements for Dial Back (ACS Only) Currently, the dial back feature works for ACS only. To set an ACS device for dial back, you must also configure the following: From the AlterPath Manager: 1.

  • Page 155: Figure 4-13:Dial Up Form With One Time Password Setup

    Devices Figure 4-13:Dial Up Form with One Time Password Setup To Enable the OTP Authentication for Dialup Caution: It is strongly recommended that you do not attempt to upload firmware using a modem connection. 1. Set the “Modem Mode” field to either “Primary Network’ or “Network Backup.”...

  • Page 156: Kvm/Net Device Detail Form

    Devices 2. Fill in the “PPP Phone” field with the phone number on which the ACS modem is installed. 3. Fill in the “PPP User” field with a user name. This is normally the admin user name. Note: If you fill in the name of a user not already configured on the APM, the user will automatically be configured as the PPP user.

  • Page 157: Figure 4-14: Kvm/Net Device Detail Form

    Devices Figure 4-14: KVM/net Device Detail Form The input fields and buttons of the KVM/net Device Detail form are similar to that of the ACS or TS with the exception of the following: Table 4-6: Features Unique to the KVM/net Device Configuration Element Definition KVM Viewer...

  • Page 158: Assigning Kvm Device Groups

    Devices See the “Consoles” section of this chapter for more detailed information. Assigning KVM Device Groups Use the “Groups” tabbed form to assign a KVM device to groups. This form functions the same way as you would group users and consoles. See also: “KVM/net Device Configuration”...

  • Page 159: Ipmi Device Detail Form

    Note: IPMI Activation. IPMI is a paid-for option for AlterPath Manager users. The feature is hidden from users who do not need it. To activate IPMI: Copy the IPMI license file that you purchased from Cyclades into the following directory on your APM: /var/apm/licenses/data/APM_B_IPMI.enc...

  • Page 160: Table 4-8: Devices, Details Form (Ipmi)

    Devices The example below shows the Device Detail form for the device type, IPMI. The device configuration for IPMI is actually the configuration for the IPMI Baseboard Management Controller (BMC) that is embedded in the system. The input fields and buttons for this form are also similar to the other Device Detail forms with the exception of the following: Table 4-8: Devices, Details Form (IPMI) Element...

  • Page 161: Using The Ipmi Console Detail Form To Add A Console

    Devices 3. Follow the system instructions and enter all relevant information, as needed. Note: You may change the default console name which is the same as the device name. 4. Once you have saved the Console configuration, the system returns you to the Device Detail form.

  • Page 162: Function Of The Status Field

    Devices The Device Definition window provides three IP modes in which to configure your DHCP server or static IP address. The IP address that you use depends on what type of mode you use. IP Mode When to use this mode int_dhcp (internal) Select this mode if you are using the AlterPath Manager as your DHCP server.

  • Page 163: Difference Between Auto Upload And Manual Upload

    Devices Difference between Auto Upload and Manual Upload From the AlterPath Manager interface, there are two ways in which you can upload your device configuration to the console server(s): • Auto Upload • Manual Upload When the “Auto Upload” box is checked from the Device Definition form, every time you make a change to a Device or Console parameter, or the Device Default Gateway, the change is automatically uploaded to the console server after you select “Save”...

  • Page 164: Table 4-9: Ppp Connection Modes

    Devices Modem Mode There are three modes of PPP connection: Table 4-9: PPP Connection Modes Connection Mode Definition Disabled This is the default mode. Primary Network Select this to establish a PPP connection whenever a user connects to a device or console.

  • Page 165: Modem Management Via Command Line Interface

    Devices Modem Mode provides three choices: Table 4-10: Modem Mode Choices Option Use this option if you want to use PPP . . . Primary As the primary mode of connection. Network Network Backup Only when the network fails. Disable Default value.

  • Page 166: Console Wizard

    Devices If you need to use any of these procedures, please refer to Chapter 5, “Advanced Configuration.” To Configure the Health Monitoring System The Device Health Monitoring feature enables the AlterPath Manager to monitor, on a periodic basis, the consoles that run on specified devices, as well as to create log files, and to send an alarm notification to specified users.

  • Page 167: Summary Of Console Wizard Forms

    Devices If you use the wizard to edit a device which already has consoles defined, then it will detect and list the consoles, but keep them unchecked. You can then decide which console should be checked and have the configuration overridden.

  • Page 168: Figure 4-16: Device Details Form

    Devices Table 4-13: Summary of Console Wizard Forms Wizard Form Function Console Creation Finish This page is shown if you did not select “Auto Upload” from the Device Details form. To Run the Console Wizard To Run the Console Wizard follow the steps below: 1.

  • Page 169: Figure 4-17: Console Wizard Warning Message

    Devices • Admin Name • IP address (for IP mode: “int_dhcp” or “static”) • Netmask (for IP mode: “static”) • Base Port • MAC address (for IP Mode: “int_dhcp” or “ext_dhcp”) 3. Select the Save / Create Consoles button to invoke the Console Wizard. The Console Wizard begins with a warning message to notify you of any data to be overwritten and the choices you have before going ahead with the wizard.

  • Page 170: Figure 4-18: Console Wizard Defaults Form

    Devices Figure 4-18: Console Wizard Defaults Form 5. Complete the above fields, and then select the “Next” button when done. The system brings up the User Access form: Figure 4-19: Console Wizard Access Form “USER+” is the default list which contains all users. APM Installation, Configuration, and User’s Guide...

  • Page 171: Figure 4-20: Console Wizard Notification Form

    Devices The system also adds a plus (+) sign to any added user group that appears in the selection box. 6. Follow the instructions for the User Access form and then click on the Notify tab to proceed to the User Notification form: From the User Notification form, select the user(s) you wish to be notified and then select the Groups tab to display the Groups form: Figure 4-20: Console Wizard Notification Form...

  • Page 172: Figure 4-21:Unconfigured Consoles List

    Devices Figure 4-21:Unconfigured Consoles List 9. Select the unconfigured console(s) that you wish to configure, and then select the “Next” button to display the Edit Console Settings form. Figure 4-22: Edit Console Settings Form - Page 1 APM Installation, Configuration, and User’s Guide...

  • Page 173: Figure 4-23: Edit Console Settings Form

    Devices Note: If you need to change the prefix of the console names, type in the new prefix in the “Console Prefix” field and then click on the “Console Prefix” button. The system applies the new prefix to all console names. 10.

  • Page 174: Device Discovery (Auto Discover)

    Device Discovery (Auto Discover) The Device Discovery feature enables the AlterPath Manager to recognize the current configuration of a Cyclades AlterPath TS, ACS, or KVM/net and, through the use of a wizard, autopopulate the console parameters based on the existing device configuration settings.

  • Page 175: To Run The Device Discovery Wizard

    Devices Configuration Requirements For the “Auto Discover” button to work, you must complete the required fields which are highlighted in red in the Device Definition form: • IP Address • Netmask or MAC Address • Admin Username • Admin Password To Run the Device Discovery Wizard To run the Device Discovery Wizard follow the steps below: 1.

  • Page 176: Figure 4-25:Adding Console Wizard

    Devices therefore will not find any ports on a new ACS as shipped from the factory. If this is the case, and you are configuring an ACS using the “Save & Auto Discover” button, you will see the message: No Console Found You will need to do one of the following: Manually enable some console ports by directly logging on to the ACS you are configuring in order to allow the auto discover feature to discover those...

  • Page 177: Multiple Auto Discover

    Devices The selected user name(s) will be moved into the “Selected users” box. 8. Select the “Notify” tab, and select the appropriate user(s) to be notified by email when alarm events occur. Click the “Add” button. 9. Select the “Groups” tab, and select the appropriate group(s) to be associated with this console.

  • Page 178: Figure 4-27:Selecting The Cli Option For A Device

    Devices existing consoles will be overwritten if you follow through with the configuration. 4. Continue from here as you would if you were running Auto Discover on just one device. To Connect to a Device To connect to a device, follow the steps below: 1.

  • Page 179: Figure 4-28: Connection To A Device

    Devices Figure 4-28: Connection to a Device If the type of device defined is IPMI, when you connect via CLI to the device, the system connects you to the BMC via ipmitool To Delete a Device To delete (or disconnect) a device from the AlterPath Manager, follow the steps below: 1.

  • Page 180: Deleting A Device Group

    Devices 2. Under the “Config” column of the Devices List form, click on the “Edit” link of the device you wish to remove from a group. 3. The system displays the Device Detail form for the selected device. 4. From the Device Detail form, click on “Groups.” The system displays the Device Group form.

  • Page 181: Kvm/Net Device Configuration

    Devices Figure 4-29: Device Firmware Upload 4. Select “Upload firmware/bootcode” and/or “Upload configuration” to select either a firmware upload, a configuration upload, or both. 5. Click on the “Submit” button. Note: The “Upload firmware/bootcode” option appears even if the AlterPath Manager firmware repository is empty.

  • Page 182: To Configure Escape Sequences And Idle Timeout

    Devices Table 4-14: Forms Used to Configure KVM/net Form Use this form to: Device Detail Configure the currently selected KVM/net device (e.g., Model, IP Address, MAC Address, etc.) Groups Assign the current KVM/net switch to one or more groups. Proxies Select the type of proxy if a KVM web proxy is required.

  • Page 183: Figure 4-30: Kvm Device Details Form

    Devices Figure 4-30: KVM Device Details Form 3. From the Device Detail form, click on the “KVM Viewer” tab. The system displays the KVM Device Viewer form. Figure 4-31: KVM Device Viewer Form Configuration and Administration...

  • Page 184: Table 4-15: Device Kvm Viewer Form

    Devices Table 4-15: Device KVM Viewer Form Element Definition Details Tab that links to the Device Detail form. Groups Tab that links to the Device Group form. KVM Viewer Tab that links to the KVM Viewer form (currently displayed). Idle Timeout The time (in seconds) it takes before the KVM viewer switches to idle mode after a period of inactivity.

  • Page 185: To Cascade A Secondary Kvm To A Primary Kvm

    Devices Table 4-15: Device KVM Viewer Form Element Definition Port Info Displays any information about the current port. Back Button to return to the previous form. Reset Button to reset the input fields of the current form. Save Button to save the configuration to Flash. Save &...

  • Page 186: Figure 4-32: Device Cascade List Form

    Devices The system displays the Device Cascade List form. Figure 4-32: Device Cascade List Form For a definition of the column fields, refer to the Field Definition table of the Cascade Detail form, next step. 4. To configure a new device for cascading, click the “Add” button. Or, to edit an existing cascaded device, click on the “edit”...

  • Page 187: Figure 4-33: Device Cascade Detail Form

    Devices I couldn’t get this to work. Figure 4-33: Device Cascade Detail Form 5. Complete the dialog box as follows: Element Definition Device Name Name of the secondary device or KVM switch. Parent Name The name of the primary KVM switch to which you are connecting the secondary device or KVM switch.

  • Page 188: Alarm Trigger

    Alarm Trigger Alarm Trigger Note: Alarm triggers work only with serial and IPMI consoles. An alarm trigger is a text string that you can create to generate any one or combination of the following: • Email notification for users or administrators •...

  • Page 189: Alarm Trigger Management

    Alarm Trigger Alarm Trigger Management Use the Alarm Trigger forms to perform the following Alarm Trigger management procedures: Table 4-17: Forms Used to Configure Alarms Form Function Form(s) Used Add a new trigger string. Alarm Trigger list form (“Add” button) > Alarm Trigger detail form.

  • Page 190: Figure 4-34: Alarm Trigger List Form

    Alarm Trigger The system displays the Alarm Trigger List form. Figure 4-34: Alarm Trigger List Form For an explanation of each fieldname, refer to the Form Fields and Elements of the Alarm Trigger Definition form, next form section. To view or edit the configuration of an alarm trigger, click on the alarm trigger name.

  • Page 191: Figure 4-35: Alarm Trigger Detail Form

    Alarm Trigger Figure 4-35: Alarm Trigger Detail Form Table 4-18: Alarm Trigger Detail Form Element Definition Alarm Trigger Name Name of the trigger. Selecting a trigger name invokes the Alarm Trigger Detail form for that trigger. Trigger Expression String used to generate a trigger. Notify Yes or No.

  • Page 192: Configuring Alarms For Device Health Monitoring

    Alarm Trigger Table 4-18: Alarm Trigger Detail Form Element Definition Reset Button to reset the form to create a new trigger entry. 3. Complete the fields, as necessary. 4. Click the “Save” button to complete the procedure. To Delete an Alarm Trigger 1.

  • Page 193: Using The Logical And In The Alarm Trigger Expression

    Alarm Trigger Figure 4-36: Health Monitor User Entry Field The available choices from the “Health Monitoring” drop down list are: Table 4-19: Health Monitor Frequency Selections Selection Definition Never System will never run Health Monitoring for this device (default). Daily System will run Health Monitoring at 2 am everyday.

  • Page 194: Figure 4-37: Health Monitoring Alarm Trigger Detail Form

    Alarm Trigger The alarm trigger is also capable of processing substrings. OK, for example, is a substring of NOK. Therefore, both types of messages will cause alarms if.*OK is appended to the HeaLth_MoNiToR trigger string. To Configure the Health Monitoring Alarm Trigger 1.

  • Page 195: How Health Monitoring Works

    Profiles Table 4-20: Alarm Trigger Setup Fields Element Definition Notify Select “Yes” if you want users to receive email notifications regarding the alarm. Create Alarm Select Yes if you want alarms to be generated based on the trigger expression. Priority Select a priority to be associated with the alarm.

  • Page 196: Figure 4-38: Profiles List Form

    Profiles There is a default profile and there are other profiles which the Device Discovery feature can generate. You may want to define your own profile before adding consoles because it is more convenient, but you may also edit individual consoles to use a different profile at a later time. Table 4-21: Summary of Profiles Forms Action Form(s) Used...

  • Page 197: Figure 4-39: Profile Detail Form

    Profiles Figure 4-39: Profile Detail Form Table 4-22: Profiles Detail Form Element Definition Profile Name Port name. Console Type Drop down list to select type of console supported. Description Brief description of the profile. Status Port status (Enable or Disable). Port Speed Serial port baud rate.

  • Page 198: Consoles

    Consoles Table 4-22: Profiles Detail Form Element Definition Back / Save / Reset Buttons for the indicated actions. 2. Enter your port settings and other profile information in the provided fields 3. Click “Save” to complete the configuration. To Modify a Profile To edit a profile, perform the following steps: 1.
  • Page 199 Consoles Table 4-23: Summary of Console Forms Action Form(s) Used Select or change the Console Detail form (“Authentication” drop authentication method down list) for console access. NOTE: The AlterPath Manager authenticates users from the console or terminal server. Assign the current Console Detail form (“Access”...

  • Page 200: To View The Console List

    Consoles Data buffering, data logging, and event notification are valid definitions only for consoles with permanent connections (i.e., data status is enabled). Limitation of Remote Authentications in ACS Console Access To upload configurations and firmware, you must configure the ACS device to use “root”...

  • Page 201: Changing The Number Of Consoles Per Page

    Consoles Figure 4-40: Consoles List Form From the Consoles List form, you can add, edit, or delete a console by selecting the appropriate button or link. Note: For console forms associated with the Blade Management Module, see “Blade Management Module” on page 206 of this chapter. Changing the Number of Consoles per Page You can change or configure the number of consoles that you can view for each page.

  • Page 202: Figure 4-41: Creating New Console Form

    Consoles The system displays the Creating New Console form: Figure 4-41: Creating New Console Form 3. From the Creating New Console form, select the type of console you wish to add. The system displays the Console Detail form: Figure 4-42: Console Detail Form APM Installation, Configuration, and User’s Guide...

  • Page 203: Table 4-24: Consoles, Details Form

    Consoles Table 4-24: Consoles, Details Form Field Meaning Details Tab to display the Console Detail form which is the currently displayed form. User ACL Tab to display the form used to assign or authorize users to access the current console. Notify Tab to display the Console Notify form used to assign users to be notified when an alarm...
  • Page 204 Consoles Table 4-24: Consoles, Details Form Field Meaning Description Brief description of the console. Location Physical location of the console. Machine Type Type of machine connected to the console. Machine Name Name of machine connected to the console. OS Type Type of operating system.

  • Page 205: Console Type: Kvm

    Consoles Console Type: KVM Selecting KVM as the Console Type displays the Console Detail form below. The Console Detail form for KVM allows you to configure the KVM ports for a KVM/net switch or KVM ports for an OnSite switch. KVM/net, KVM/net Plus or OnSite KVM Console Details Note: The RDP connection fields discussed in the following table apply only to the KVM/net version 2.0.0 or greater and the KVM/net Plus.
  • Page 206 Consoles Table 4-25: KVM/net and KVM/net Plus Console RDP Connection Fields Field Meaning RDP Server Port This field contains the RDP viewer port number associated with this console. The default of 3389 can be used in most cases. RDP Status Drop-down field used to enable or disable the ability to make the RDP connection.

  • Page 207: Figure 4-43:Enabling Rdp On Kvm/Net Or Kvm/Net Plus Console Port

    Consoles Figure 4-43:Enabling RDP on KVM/net or KVM/net Plus Console Port. You can also configure a port as “RDP Only.” This allows the KVM/net Plus to connect exclusively to an RDP server over the Ethernet (in-band). For this type of configuration, a physical KVM port connection is not necessary. Figure 4-44 illustrates enabling an “RDP Only”...

  • Page 208: Figure 4-44:Configuring Or Editing An Rdp Only Console

    Consoles Figure 4-44:Configuring or Editing an RDP Only Console When configuring an “RDP Only” connection, you must configure the “RDP IP Address,” the “RDP Service Port” (default 3389), and you must select “RDP Only” from the “Port” pull-down field. Caution: Be sure to turn off your web browser’s popup blocker before attempting to make an RDP connection.

  • Page 209: Figure 4-45: Kvm Console Users Form

    Consoles Figure 4-45: KVM Console Users Form 2. From the resulting form, select a user from the “Select User to Console Access” view panel. In the selection box, “+USER” is the default list which contains all users. The plus (+) sign is also used to indicate all defined groups. 3.

  • Page 210: Figure 4-46: Kvm Console Notify Form

    Consoles Figure 4-46: KVM Console Notify Form 2. From the resulting form, select a user from the “Select User to Notify” view panel. In the selection box, “+USER” is the default list which contains all users. The plus (+) sign is also used to indicate all defined groups. 3.

  • Page 211: Figure 4-47: Kvm Console Groups Form

    Consoles Figure 4-47: KVM Console Groups Form 2. From the resulting form, select a group from the “Select Console Groups” view panel. Note: As with USER and DEVICE, CONSOLE is the default list which contains all consoles. 3. Select the “Add” button. The system transfers the selected group to the “Selected Groups”...

  • Page 212: Deleting A Console Group

    Consoles The system displays the Console Detail form. 1. From the Console Detail form, click on the “Groups” tab. The system displays the Console Group form. 3. From the Selected Groups view panel of the Console Group form, select the group or groups from which you wish to remove the current console. 4.

  • Page 213: Log Rotate Now

    Consoles Log Rotate Now Either periodically, or when the log file reaches a specified size, the system creates a backup (rotation) file and then creates a new file to collect a new set of console data. The file rotation is seamless with no data loss as the system copies from one file to another.

  • Page 214: To Add An Ipmi Console From Console Detail Form

    Note: IPMI is a paid-for option for AlterPath Manager users. The feature is hidden from users who do not need it. To Activate IPMI Copy the IPMI license file that you purchased from Cyclades into the following directory on your APM: /var/apm/licenses/data/APM_B_IPMI.enc...

  • Page 215: Users

    Users If at any time you run “defconf” the file, “/etc/files.list” will revert back to its original state, and you will need to reinstall your license. Users The “Users” option provides forms that enable the following user management tasks: Table 4-26: Summary of User Forms Action Form(s) Used Add a new user.

  • Page 216: User List Form

    Users User List form Use the User List form to view all AlterPath Manager system administrators and regular users. The list includes information about each user (e.g., Name, Location, Phone) which you define in the User Detail form. Any user who will use the AlterPath Manager application must be entered in the AlterPath Manager database in order to have access to the application, regardless of whether you are using any other authentication services or not.

  • Page 217: Figure 4-49: User Detail Form

    Users 2. From the User List form, click on the “Add” button. The system displays the User Detail form. Figure 4-49: User Detail Form 3. Complete the User Detail form, as necessary. Table 4-27: Users Detail Form Element Definition Details Tab to display the User Detail form (currently displayed).
  • Page 218 Users Table 4-27: Users Detail Form Element Definition Admin User Checkbox to indicate if the user is an admin and to authorize user access to the web application in admin mode. Security Rule This check box appears only if you are in edit mode and a Security Rule can be assigned to the user group of this user.

  • Page 219: To Select Consoles For A User

    Users Table 4-27: Users Detail Form Element Definition GUI Theme Drop-down list to select GUI colors. There is a choice of colors: orange (default), blue, gray and green. The WMI takes on the color assigned to the user who is currently logged onto the APM.

  • Page 220: Figure 4-50: User Consoles Form

    Users Figure 4-50: User Consoles Form 4. From the resulting form, select from the “Select Console to User Access” view panel the console you wish to assign to the user. In the selection box, the plus (+) sign is used to indicate defined groups. The Console (or +CONSOLE) group is the default console group.

  • Page 221: Figure 4-51:User Devices Form

    Users The system displays the User Detail form. 3. From the User Detail form, click on the “Devices” tab. The system displays the User Device form: Figure 4-51:User Devices Form 4. From the resulting form, select from the “Select Device to User Access” view panel the console you wish to assign to the user.

  • Page 222: Figure 4-52: User Groups Form

    Users To assign a user to one or more groups, follow the steps below: 1. From the menu, select “Users.” The system displays the Users List form. 2. From the Users List form, select the user to whom you wish to assign one or more groups.

  • Page 223: Figure 4-53: User Security Rule Form

    Users To Set a User’s Security Rule The “Security” tab selects the User’s Security Rule, which allows you to assign or delete a security rule of a user group to which the current user belongs. You can assign a security rule to a user or a user group. Figure 4-53: User Security Rule Form To Delete a User To delete one or more users from the User List, follow the steps below:...

  • Page 224: Deleting A User Group

    Users 4. From the “Selected Groups” view panel of the User Group form, select the group or groups from which you wish to remove the current user. 5. Click on the “Delete” button. 6. Click on the “Save” button to end the procedure. Deleting a User Group You cannot delete a user group from the User Group form.

  • Page 225: Groups

    Groups Groups The “Groups” option allows you to create new groups of users, consoles, or devices, as well as to edit or delete these groups. The AlterPath Manager has three default groups: • Device, • Console • User The system does not allow you to edit or delete these groups. You can edit and delete only those groups that you have created.

  • Page 226: Figure 4-55: Adding Group Form

    Groups The system displays the Adding Group form: Figure 4-55: Adding Group Form 3. From the resulting form, select the group type you wish to create (Device, Console, or User). Based on your selection, the system displays the Group Detail form. The example below uses the Group General form for the Group Type, User.

  • Page 227: To Add Members To A Group

    Groups 4. Enter the Group Name, Description, and Status of the new group. 5. Select desired members from the “Select group members” list box. 6. Click on the “Add” button. 7. Click on the “Save” button to complete the procedure. To Add Members to a Group To add members to an existing group, follow the steps below: 1.

  • Page 228: Figure 4-57: New User Group Security Form

    Groups Figure 4-57: New User Group Security Form APM Installation, Configuration, and User’s Guide...

  • Page 229: Firmware

    AlterPath Manager contains a firmware repository and supports firmware upgrades for the TS, the ACS and the KVM/net. Each time a new firmware is released for the ACS and TS, Cyclades will release a package for AlterPath Manager to import.

  • Page 230: Figure 4-58: Firmware List Form

    AlterPath Manager via Secure Copy (SCP). To add or import new firmware, follow this procedure: 1. From the web (www.cyclades.com), download the firmware to your computer. 2. Using the Linux shell on the serial console interface, use the SSH scp command to copy the firmware to AlterPath Manager.

  • Page 231: To Delete Firmware

    Firmware To Delete Firmware 1. From the menu panel, select “Firmware.” 2. From the Firmware List form, select the checkmark box of the firmware you wish to delete. 3. Select the “Delete” button. To Upload Firmware to Console Devices 1. From the Device Details form (Device List > “edit” button), select the firmware you wish to upload from the “Firmware/Boot”...

  • Page 232: Firmware Detail Form

    Firmware Firmware Detail Form Use the Firmware Detail form to: • View firmware details • Add comments regarding a firmware. • Assign a status to a firmware • Access Manuals and Release Notes Figure 4-59:Firmware Detail Form The table below defines all the fields in the Firmware Detail form. Table 4-28: Firmware Detail Form Element Function...

  • Page 233: To View And Access Firmware Information

    You may upgrade the AlterPath Manager firmware by downloading the upgraded software from the web to the AlterPath Manager. 1. From the Cyclades website (www.cyclades.com), download and copy the firmware to the AlterPath Manager via Secure Copy (SCP). The firmware is composed of two files: •...

  • Page 234: Backing Up User Data

    Backing Up User Data • AlterPath Manager_v140.md5sum.tgz Copy the two files to the AlterPath Manager /tmp directory as follows: scp E2000_v140.tgz root@E2000_IP:/tmp Enter scp E2000_v140.md5sum.tgz Enter 2. Login to the AlterPath Manager as root, and then change the directory to as follows: /tmp ssh root@E2000_IP...

  • Page 235: Backup And Restore Scenarios

    System Recovery Guidelines Backup and Restore Scenarios For illustration purposes, there are two scenarios in which you can perform the backup. • Replicating data to a hot spare machine - You back up the configuration data and data buffers and restore them to a second AlterPath Manager unit.

  • Page 236: Apm Database Transaction Support

    Info / Reporting APM Database Transaction Support The AlterPath Manager commits all successful database transactions to the AlterPath Manager database. To ensure data integrity, the AlterPath Manager will roll back any failed database transaction in the event that: • There are concurrent users updating the same record at the same time or •...

  • Page 237: Figure 4-60:Info / Reporting List Form

    Info / Reporting Figure 4-60:Info / Reporting List Form Table 4-30: Info / Reporting List Form Element Definition User Name of session user. To sort by User, click on the “User” column heading. Session Start Date and time when the session started. To sort by Session Start, click on the “Session Start”...

  • Page 238: Info / Reporting Details

    Blade Management Module Info / Reporting Details To view a more detailed information about a particular user from a detail line, select from under the “User” column the particular user you wish to view. When you select a user from the Info/Reporting List form, the system displays the following detail list: Figure 4-61: Info / Reporting Detail List Blade Management Module...

  • Page 239: Forms Used To Configure The Blade Module

    Blade Management Module The Blade Module also comes with a Blade Wizard which enables the admin user to configure up to 14 blades and 4 switches for each chassis. There is no limit to the number of chassis that the Blade Module can support. To Activate the Blade Module 1.
  • Page 240 Blade Management Module Table 4-31: Summary of Blade Module Forms Menu Option Forms and their Functions Consoles Consoles List - View list of blades/switches; add, edit or delete blades/switches. Console Details - View or edit blade configuration details (e.g., connection type, log rotation, etc.) Access - Select user(s) to access the current blade.
  • Page 241 Blade Management Module Table 4-31: Summary of Blade Module Forms Menu Option Forms and their Functions Groups Group List - View list of groups according to user, blade or switch. Chassis > General - Select group members for the selected chassis group. Blade >...

  • Page 242: Devices

    Blade Management Module more detailed information about the BladeManager web interface in Access Mode. Devices The Devices List form allows you to perform the following: • Connect to the Blade Management Module Web GUI through a web proxy of the native web interface or by telnet access (or whatever default session type is configured from the Devices Detail form).

  • Page 243: Figure 4-62: Selecting "Blade_Center" From Devices List

    Blade Management Module Figure 4-62: Selecting “Blade_Center” from Devices List The system displays the Devices detail form: Figure 4-63: Blade Device Details Form Configuration and Administration...

  • Page 244: Table 4-32: Blademodule: Devices, Details Form

    Blade Management Module 3. Complete or modify the Details tabbed form as defined by the following table: Table 4-32: BladeModule: Devices, Details Form Element Definition Device Name The symbolic name linked to the chassis. This is a required field Type IBM Blade Center is the only supported type of device or chassis.

  • Page 245: To Select A Group To Access The Chassis

    Blade Management Module Table 4-32: BladeModule: Devices, Details Form Element Definition IP Address The IP address of the device for IP mode: “int_dhcp” or “static.” Netmask As indicated, in dotted notation. Default Gateway As indicated, in dotted notation. As indicated, in dotted notation. Connection Select “telnet”...

  • Page 246: Proxies

    Blade Management Module Figure 4-64: Blade Device Groups Form 2. Select (or highlight) from the left list box the device group that the current chassis supports. Note: Unless a device is configured for another group, the “Device” group is the default group for all devices. 3.

  • Page 247: Figure 4-65: Blade Device Switch 1 Form

    Blade Management Module To Configure the Chassis Switch The switch tabbed form allows you to specify the parameters to access the switch management interface through Telnet or the web interface. You can configure up to four chassis switches for the currently selected chassis. To configure a switch, perform the steps below: 1.
  • Page 248 Blade Management Module Table 4-33: Blade Module: Device Switch 1 Form Element Definition Admin Name The admin username (superuser) of the device. Admin Password Button to invoke a dialog box used to define the Admin’s password. This password is used to access the IBM Blade Center port, but NOT to change the password.

  • Page 249: Two Methods Of Blade Configuration

    Blade Management Module Table 4-33: Blade Module: Device Switch 1 Form Element Definition Save Button to save your configuration. Save & Create Blades Button to activate the Blade Wizard. 3. Click on “Save” to save your configuration. 4. To configure another switch, click on the next Switch tab form. Two Methods of Blade Configuration Once the chassis has been defined and configured, you can configure the blades and switches in two ways:...

  • Page 250: Figure 4-66: Blade Wizard Warning Message

    Blade Management Module Table 4-34: Summary of Blade Wizard Forms Form Name Function Console (blade/switch) Allows you to select each blade/switch to be selection. configured from the list of unconfigured blades/ switches. Edit Configuration Allows you to edit any of the configured blades/ switches.

  • Page 251: Figure 4-67: Blade Wizard Connection Method Form

    Blade Management Module Figure 4-67: Blade Wizard Connection Method Form Figure 4-68: Blade Wizard User Access & Notification Form Configuration and Administration...

  • Page 252: Figure 4-69: Blade Wizard Console / Switch Selection

    Blade Management Module Figure 4-69: Blade Wizard Console / Switch Selection Figure 4-70: Blade Wizard Edit Configuration Form Page 1 APM Installation, Configuration, and User’s Guide...

  • Page 253: Figure 4-71: Blade Wizard Edit Configuration Form

    Blade Management Module Figure 4-71: Blade Wizard Edit Configuration Form Page 2 Figure 4-72:Blade Wizard Configuration Confirmation From the Confirmation form, you can click the “Page 2/2” tab, if necessary. Finally, click on “Finish” to complete the configuration process. Configuration and Administration...

  • Page 254: Configuring The Blades And Switches

    Blade Management Module Configuring the Blades and Switches The blades and switches are configured from the Consoles forms in the same way you would configure consoles. The forms are the same except that they now fully support blade configuration. The Consoles List form shows one console name for each blade or switch. For each blade, the AlterPath Manager provides serial console, KVM, power and virtual media connections;...

  • Page 255: Consoles List Form

    Blade Management Module Consoles List Form The Consoles List form displays all the blades configured and supported by the AlterPath Manager. The form allows you to: • Connect to a blade server or switch - When you move your cursor over the blade or switch name, a pop-up window displays options to provide you the following connection types: Table 4-36: Blade or Switch Connection Types...

  • Page 256: Figure 4-73: Blade Server Console List

    Blade Management Module Figure 4-73: Blade Server Console List To Add a Blade or Switch To add a blade or switch: 1. Select “Consoles” from the menu. 2. From the Consoles List form, select the “Add” button. 3. From the Select Console Type form, select “Blade” or “Switch.” Caution: If you are adding a switch, be sure that you have set the switch to “Enable”...

  • Page 257: Security Rules

    Security Rules Security Rules A security rule defines a set of rules or conditions regarding a user’s access permissions and limits for accessing the AlterPath Manager and its features. The “Security Rules” feature allows the administrator to centrally create rules for as many user authorization levels as necessary.

  • Page 258: Security Rule List

    Security Rules Table 4-37: Summary of Security Rule Forms Form Title Use this form to: Day/Time Enter the date and time in which the user can access the system. Authorized Actions Define the specific authorized action (e.g., Connect to a console, connect to a KVM/net, Connect to the web management interface, etc) for this rule.

  • Page 259: Figure 4-74: Security Rules List Form

    Security Rules Figure 4-74: Security Rules List Form To Add or Edit a Security Rule To add or edit a security rule, perform the following steps: 1. From the menu select Security Rule. The system displays the Security Rule list form (see previous page). 2.

  • Page 260: Figure 4-75: Security Rules General Form

    Security Rules Figure 4-75: Security Rules General Form 3. From the Security Rule General form, enter the rule name (required), a brief description of the rule, its status (Enabled or Disabled), and the rule to be applied to the entire rule (Allow or Deny). 4.

  • Page 261: Figure 4-76: Security Rule Source Filtering Form

    Security Rules Figure 4-76: Security Rule Source Filtering Form 2. Complete or modify the form, as needed. Table 4-39: Security Rules, Source IP Element Function Source Filtering (tab) Title of the current tabbed form. Permission The default rule (Allow or Deny) that applies to the entire security rule.
  • Page 262 Security Rules Table 4-39: Security Rules, Source IP Element Function Start IP The starting IP address of a range of IP addresses. End IP The ending IP address of a range of IP addresses. Hostname Hostname of the workstation. If the domainname is not entered, then the domainname of the APM is used to filter the source.

  • Page 263: Security Rules: Network Intf

    Security Rules cached for about 15 minutes. If a user has a security rule with “deny,” and the DNS lookup of source was not verified, the user will be denied access to the APM for 15 minutes. In this case, the user must wait for 15 minutes before attempting to sign on again to the APM.

  • Page 264: Security Rule: Date/Time Configuration

    Security Rules Table 4-40: Security Rules, Network Intf Element Function Permission The default rule (Allow or Deny) that applies to the current form and the entire security rule. The permission is configured from the “General” tabbed form. Select Net Intf List box that lists all LAN interfaces.

  • Page 265: Figure 4-78: Security Rule Day / Time Form

    Security Rules Figure 4-78: Security Rule Day / Time Form Table 4-41: Security Rules Date/Time Form Element Function Day/Time (tab) Tab title to select the current form. Permission The rule (Allow or Deny) that applies to the entire security rule. The default permission is configured from the “General”...

  • Page 266: Security Rule: Authorization Configuration

    Security Rules Table 4-41: Security Rules Date/Time Form Element Function End Time Specify an End Time to be applied to the selected day(s), as part of the time conditions. Button to add the day and time settings to the Added Time Period Conditions box and apply them to the rule.

  • Page 267: Power Management Support

    Power Management Support The list of valid actions to select from are as follows: Table 4-42: Security Rule Actions Authorized Action Use this action to: ConnectToDeviceCLI Allow user access to CLI configuration interface. ConnectToDeviceGUI Allow user access to web configuration interface.

  • Page 268: Figure 4-80:Ipdu Details Form

    Power Management Support associate the outlets with consoles. Figure 4-80 shows an example of an administrative PM details edit form. Figure 4-80:IPDU Details Form Table 4-43: IPDU Device Details Element Definition Details Opening tab that is the default when you either create or edit a power management device.
  • Page 269 A name you can give to the PM device to help you remember where it is and what it controls. Type Fixed at “IPDU” Vendor Fixed at Cyclades Model The model and output current capacity of the PM device. Connection A pull-down list allowing you to select either “ssh,”...

  • Page 270: To Configure A Pm Device

    Power Management Support Table 4-43: IPDU Device Details Element Definition Buzzer If selected, sounds a buzzer if the alarm threshold is exceeded. Syslog If selected, allows PM device alarm events to be logged. Back Button that allows you to go back to the previous form without saving any configuration parameters.

  • Page 271: Figure 4-81:Ipdu Create/Device Details Form

    Power Management Support 3. From the “Admin” tab, select: “Devices” > “Add” button. 4. Select “IPDU” from the “Device Types” pull-down list and click the “Select” button. The “IPDU” create/device details form appears. Figure 4-81:IPDU Create/Device Details Form 5. Give the IPDU device a name. 6.

  • Page 272: Redundant (Fault Tolerant) Configuration

    Redundant (Fault Tolerant) Configuration 10. Save the PM configuration, by clicking one of the following buttons: a. Create b. Create Device & Outlets c. Create Device & Autodiscover 11. If you have not uploaded the PM device during the previous step, select: “Admin”...

  • Page 273: Physical Setup Of Fault Tolerant Apms

    Redundant (Fault Tolerant) Configuration Physical Setup of Fault Tolerant APMs Figure 4-82 that follows shows a typical physical connection for a redundant APM configuration. Eth1 Eth1 Eth0 CAT 5 crossover cable Eth0 ACS/TS Figure 4-82:Connecting 2 APMs in a Redundant Configuration Configuration and Administration...

  • Page 274: Wmi Configuration Of Fault Tolerant Apms

    Redundant (Fault Tolerant) Configuration WMI Configuration of Fault Tolerant APMs Figure 4-83 shows the APM Heartbeat Configuration form. Figure 4-83:APM Heartbeat Configuration Form. Figure 4-84 shows a detailed view of a filled in Heartbeat Configuration form for the primary APM in the configuration. Figure 4-85 shows a detailed view of a filled in Heartbeat Configuration form for the redundant APM.

  • Page 275: Figure 4-84:Detailed View - Apm Heartbeat Form For Primary

    Redundant (Fault Tolerant) Configuration Figure 4-84:Detailed View - APM Heartbeat Form for Primary Figure 4-85:Detailed View - APM Heartbeat Form for Redundant Configuration and Administration...

  • Page 276: Table 4-45: Heartbeat Form Fields And Meanings

    Redundant (Fault Tolerant) Configuration Table 4-44: Definitions Used in Fault Tolerant APMs Term Definition Primary system The primary system is the system that runs under normal conditions. Ideally, this is always the case. Redundant system The redundant system is the system that takes over if the primary system fails or the heartbeat signal is interrupted.
  • Page 277 Redundant (Fault Tolerant) Configuration Table 4-45: Heartbeat Form Fields and Meanings Element Meaning and Configuration Configured Drop-down menu to the APM you are currently State configuring either the “PRIMARY” or the “REDUNDANT” APM in the configuration. Authentication Drop-down menu to select CRC (default - no authentication), MD5, or SHA1.
  • Page 278 Redundant (Fault Tolerant) Configuration Table 4-45: Heartbeat Form Fields and Meanings Element Meaning and Configuration IP Address The IP addresses of the APMs you are configuring. There are two fields: one field is for the current system, and the other field is for the mated system The current system is the primary system when you are configuring the primary system and it is the redundant system when you are configuring the redundant system.

  • Page 279: Figure 4-86:Apm Synchronization Form

    Redundant (Fault Tolerant) Configuration Figure 4-86:APM Synchronization Form Table 4-46: Synchronization Form Fields and Meanings Element Meaning and Configuration Synchronization The default is 700000 KB/second. This is the maximum Speed speed allowed for this field. Note: The APM 2500 and the APM 5000 synchronize using network RAID and DRBD (Distributed Replicated Block Device).

  • Page 280: Configuration Of The Primary Apm

    Redundant (Fault Tolerant) Configuration Caution: You can mix APM hardware platforms, but you must be sure the APM 5000 has APM 5000 firmware and the APM 2500 has APM 2500 firmware. Both APMs must have firmware of the same build number and date.
  • Page 281 Redundant (Fault Tolerant) Configuration The rest of the fields in the form will become active. The default settings for “Fail Over Time,” “Message-Period,” and “Dead Ping Timeout” can remain as they are. 8. Select the “Configured State” drop-down box and set it to “Primary.” 9.

  • Page 282: Configuration Of The Redundant Apm

    Redundant (Fault Tolerant) Configuration Configuration of the Redundant APM 21. Log onto the WMI of the redundant APM as “admin” and select: “System” tab > “Cluster Settings” > “Heartbeat” tab. 22. Select the “Status” drop-down box and select “Enable.” The rest of the fields in the form will become active. The default settings for “Fail Over Time,”...
  • Page 283 Redundant (Fault Tolerant) Configuration Caution: All settings for time, synchronization, authentication, and shared secrets must be identical entries for both APMs. 33. Select the “Admin” tab > “Alarm Trigger” 34. Click on “Resources Take Over” and select “Enable” from the drop- down field.

  • Page 284: To Upgrade Firmware On Redundant Apms

    Redundant (Fault Tolerant) Configuration When the synchronization of the two APMs is complete, the display be similar to the following: [root@APM_SW root]# /etc/init.d/drbd status drbd driver loaded OK; device status: version: 0.7.13 (api:77/proto:74) SVN Revision: 1942 build by root@hp, 2005-11-16 10:15:30 0: cs:Connected st:Primary/Secondary ld:Consistent ns:92041488 nr:92957432 dw:92965160 dr:92034520 al:17 bm:23520 lo:0 pe:0 ua:0 ap:0...
  • Page 285 Redundant (Fault Tolerant) Configuration 6. Log onto the WMI of the primary APM as admin and select: “System” tab > “Cluster Settings” > “Heartbeat” tab > “Status” drop- down box > “Enable” 7. Log onto the WMI of the redundant APM as admin and select: “System”...
  • Page 286 Redundant (Fault Tolerant) Configuration APM Installation, Configuration, and User’s Guide...

  • Page 287: Chapter 5: Advanced Configuration

    This chapter presents some procedures for configuring the AlterPath Manager E2000, 2500, and 5000 through the Command Line Interface (CLI). First Time Configuration aside, Cyclades recommends the use of the CLI only for advanced admin users who are proficient with CLI, and would like more control over the configuration features of the AlterPath Manager.

  • Page 288: Working From A Cli

    Working from a CLI Configuring Dial Out and Dial Page 285 Back Modem Dial Back for ACS Page 286 Changing the Ports to be Proxied Page 288 Creating the krb5.keytab for Page 290 Kerberos Authentication Firmware Page 294 Backing Up User Data Page 296 Managing Log Files Page 297...

  • Page 289: To Do A Windows Ssh Login

    Working from a CLI 3. When prompted, log in. To Do a Windows SSH Login 1. Using an IP connection client such as PuTTY, select “SSH” for the protocol setting. 2. In the client’s IP address window, type the IP address of the APM. A CLI screen will be launched.

  • Page 290: Cli Commands

    Working from a CLI If you are an admin user, you will get a menu that gives you the following choices: Please choose from one of the following options: Shell Prompt Quit Option ==> CLI Commands A list of commonly used CLI commands for operating the AlterPath Manager are as follows: Table 5-1: CLI Specific Commands Command...

  • Page 291: Copying And Pasting Text Within The Console Applet Window

    Working from a CLI Copying and Pasting Text within the Console Applet Window The APM allows you to copy and paste text within your console (Java applet) window to facilitate any command line configuration of a device and other similar operations. To use the copy &...

  • Page 292: Figure 5-1: Putty Configuration Of Apm As A Security Proxy

    Working from a CLI 2. In the “Host Name (or IP address)” field, type the connection parameters in the following format: <user name>:<console name>@<IP address of APM> Figure 5-1 shows a PuTTY configuration window with a sample SSH configuration setup that uses the APM as a security proxy. Figure 5-1: PuTTY Configuration of APM as a Security Proxy To Connect SSH from a Linux or UNIX System Using SSH on a Linux or UNIX system, type in:...

  • Page 293: Sample Command Line Interface

    Working from a CLI Sample Command Line Interface An example of a command line interface as accessed by an admin follows: Cyclades-APM V_1.4.0-RC1 (Oct/11/2005) - Console (kernel 2.4.25) APM_Gregg login: admin Password: ************************************************************************** * WARNING: changing system files directly is dangerous and may adversely * affect your system's functionality.
  • Page 294 Working from a CLI The foregoing banner message displays briefly and then it is replaced by the following banner and prompt: ---------------------------------------------------- AlterPath Manager ---------------------------------------------------- Please choose from one of the following options: Shell Prompt Quit Option ==> To select CLI, enter “1” at the prompt as shown below to start the sequence. Option ==>...

  • Page 295: Console Session Hot Keys

    Working from a CLI Console Session Hot Keys For your convenience, the console session hot key commands (viewable by pressing Ctrl+Shift+e c ?) are summarized in the table below. Each command must be preceded by Ctrl+Shift+e c (abbreviated in the menu as ^Ec). For example, to send a broadcast message, you must press: Ctrl+Shift+e and then c and then b Table 5-3: Console Applet ^Ec Command Set.

  • Page 296: Set Commands

    Working from a CLI Set Commands The following set commands are available to enable you to manually and individually configure specific AlterPath Manager settings from the Linux shell: setauth - Set Authentication Page 265 setboot - Set the Network Boot Utility Page 266 setcons - Set Console Connection Page 267...

  • Page 297: Setauth - Set Authentication

    Working from a CLI setauth - Set Authentication [root@APM-gregg data]# setauth Your configuration will be overwritten by the default files!! Are you sure you want to continue? (y/n)[n] y Continuing setauth... Choose the desirable authentication method (local/radius/tacacs+/ldap/kerberos/nis/active_directory) [local]: *** Configuration changed! *** Execute saveconf to save the new values in flash.

  • Page 298: Setboot - Set The Network Boot Utility

    Working from a CLI setboot - Set the Network Boot Utility [root@APM-gregg root]# setboot Manager Network Boot Configuration Utility ----------------------------------------- Current Status: DISABLED Press <ENTER> if you wish to change it, or [Q<ENTER>] to quit: Enter Local IP Address []: <IP_of_APM> Enter Server IP Address []: <IP_of_tftpboot>...

  • Page 299: Setcons - Set Console Connection

    Working from a CLI setcons - Set Console Connection [root@APM-gregg root]# setcons APM Console Configuration Utility ---------------------------------- Current Parameters: 9600, 8n1, vt100 Press <ENTER> if you wish to change it, or [Q<ENTER>] to quit: Enter Baud Rate (in bps) [9600]: Enter Word Length (5, 6, 7 or 8) [8]: Enter Parity (even, odd or no) [no]: Enter Stop Bits (1 or 2) [1]:...

  • Page 300: Setdatetime - Set System Timezone, Date, And Time

    Working from a CLI setdatetime - Set System Timezone, Date, and Time [root@APM-gregg root]# setdatetime Please choose the time zone where this machine is located. 1) Africa 18) Eire 35) Jamaica 52) ROC 2) America 19) Etc 36) Japan 53) ROK 3) Antarctica 20) Europe 37) Kwajalein...

  • Page 301: Advanced Configuration

    Working from a CLI Note: Ethernet and other expansion cards are not supported on the APM 2500. [root@APM-gregg root]# setethernet Current Ethernet eth0 speed/duplex settings: AUTO Change Ethernet eth0 speed/duplex: (Y)es or (N)o ? [N]: y Choose the correct operation mode: 1) Auto-negotiation 2) 10 Mbps, full duplex 3) 10 Mbps, half duplex...

  • Page 302: Setnames - Set Host, Domain Names, Nameserver

    You can verify that the domain name server is configured correctly on your APM by entering the following command from the console: nslookup <your_APM_IP_address> nslookup <your_APM_host_and_domain_name> The console display will appear something like the following: [root@APM-gregg root]# nslookup 192.168.48.162 Name: backup.cyclades.com Address: 192.168.44.21 Name: APM-gregg.cyclades.com Address: 192.168.48.162...

  • Page 303: Setnetwork - Set Ethernet Subinterfaces

    Working from a CLI setnetwork - Set Ethernet Subinterfaces [root@APM-gregg root]# setnetwork Show current configuration: (Y)es or (N)o ? [N]: n Enable Ethernet Bonding: (Y)es or (N)o ? [N]: n Ethernet eth0 IP address: (S)tatic, (D)HCP, (N)one or (K)eep current ? [K]: s Enter Ethernet eth0 IP address: 192.168.48.162 Enter Ethernet eth0 Subnet Mask: 255.255.252.0 Ethernet eth1 IP address: (S)tatic, (N)one or (K)eep current ? [K]: s...
  • Page 304 Working from a CLI Ethernet Default Gateway: (C)hange or (K)eep current ? [K]: k *** Configuration changed! *** Execute saveconf to save the new values in flash. Do you want to make these changes effective now (y/n)? y Reconfiguring network interfaces: Added VLAN with VID == 2 to IF -:eth0:- Configuring eth0 speed/duplex...

  • Page 305: Setntp - Set Network Time Protsocol Server

    Working from a CLI setntp - Set Network Time ProtSocol Server [root@APM-gregg root]# setntp Enter the NTP server: 192.168.48.164 *** Configuration changed! *** Execute saveconf to save the new values in flash. setserial - Examine the Serial Port Parameters [root@APM-gregg root]# setserial /dev/ttyS0 /dev/ttyS0, UART: 16550A, Port: 0x03f8, IRQ: 4 setsmtp - Set the Email Server’s IP Address.

  • Page 306: Re-Defining The Interrupt Key

    Working from a CLI #modify this line to have -e <escape seq>. Note: In this example esc seq= ^Az exec /var/apm/bin/console -Mlocalhost -e^Az -l$USR $1 The result of this change in the console session is as follows: [arnaldo@hp arnaldo]$ [arnaldo@hp arnaldo]$ ssh -ladmin:acs8_02 192.168.47.86 Password: Console on-demand, please wait...

  • Page 307: To Change The Session Timeout

    Working from a CLI 2. Locate the line and edit as follows: Terminal.buffer = [number of lines] 3. Type in saveconf to save your configuration. 4. Close and reopen the applet window to make the change effective. To Change the Session Timeout The default session timeout value is 60 minutes.
  • Page 308 Working from a CLI a. Edit and remove the “#” symbols to from the /etc/xinetd.conf following section of the file to enable the PAM version of telnet: # Telnetd with PAM support service telnet flags = REUSE socket_type = stream wait = no user...

  • Page 309: To Change The Acs/Ts Admin Name

    Working from a CLI 4. If you are going to use PAM support, add the “pts” devices in the file, as shown below: /etc/securetty ttyS0 pts/0 pts/1 pts/2 pts/3 pts/4 pts/5 5. Enter the command: saveconf 6. To complete the procedure, restart with the following command: xinetd /etc/init.d/xinetd restart...

  • Page 310: Ethernet Bonding

    Ethernet Bonding the device page. This is true regardless whether the connection is for an upload or for a console session, or which user is logged into the AlterPath Manager. If you configure any of the consoles of a device to do remote authentication, ensure that the admin user name and password configured for the device can be authenticated by the remote service.

  • Page 311: Example Ethernet Bonding Configuration

    Ethernet Bonding Example Ethernet Bonding Configuration The following is an example of how to set up Ethernet Bonding. The bond0 Bonding IP address should match the APM’s primary Ethernet IP address. The IP address used in this example is 192.168.10.2. Note: The example shown is a branch of SETNETWORK or a branch of the Initial Configuration Wizard.

  • Page 312: Configuration Of Dhcp Client In Apm

    Configuration of DHCP Client in APM Configuration of DHCP Client in APM Note: You cannot use DHCP if you are including Eth0 as part of an Ethernet bond. When you configure the network, either through the First Time Configuration Wizard, or through the CLI “setnetwork” command, you now have the option to use DHCP (Dynamic Host Configuration Protocol) to configure Eth0.

  • Page 313: Ethernet Port Configuration

    Note: Gigabit Ethernet is available on the APM 2500 and APM 5000 only. HP OpenView NNM Integration The HP OpenView Integration Module (IM) is a Cyclades product that links the AlterPath System to the HP OpenView systems management platform. In order for the IM to work, the AlterPath Manager must contain the NNM license.

  • Page 314: To Exclude Modems From The Modem Pool

    Modem Card Configuration Where: -d disconnect -s status [tty] If no tty is specified, then the command applies to all modems. To check what modems are available, type in: check_modem -s Example: [root@APM root]# check_modem -s ttyPS0 Available ttyPS1 Available ttyPS2 Available ttyPS3 Available To Exclude Modems from the Modem Pool...

  • Page 315: Viewing The Latest Status For Each Modem

    Serial Card Configuration Viewing the Latest Status for Each Modem The modems in the modem pool are allocated in a round robin sequence to ensure all modems are exercised to the same degree. If a modem fails to dial out, the system will allocate the next modem in the modem pool. file contains the result of the last attempted /var/log/modem_status usage of a modem.

  • Page 316: Checking Your Modems

    Serial Card Configuration Checking Your Modems All modems that are powered ON are included automatically in the modem pool. To view which modems are in use or which ones are available, use SSH to connect to the AlterPath Manager, login as “root”, and use the following commands: check_modem ( -d | -s ) [tty] Where: -d disconnect...

  • Page 317: Configuring Dial Out And Dial Back

    Configuring Dial Out and Dial Back To Define Different Scripts for Each tty Device The modem chat scripts are located in “/etc/ppp”, and are used by “pppd” to initialize the modem and to dial out. The file, “/etc/ppp/chat-init” is the default script used for modem initialization and “/etc/ppp/chat-connect”...

  • Page 318: Modem Dial Back For Acs

    Modem Dial Back for ACS Modem Dial Back for ACS The dial back feature, which is configurable from the web interface, is designed to enable the AlterPath Manager to automatically dial to a remote ACS unit should the network fail, and enable the ACS to dial back the connection.

  • Page 319: For External Modems

    Modem Dial Back for ACS • Exclude modems from the modem pool by listing the modems to be excluded. modem.pool.exclude=ttyPS2 ttyPS3 • Select modems that will never be used for dial-in by listing them as follows: modem.pool.out_only=ttyPS1 ttyPS3 • Configure timeout to wait for a dial-back call from an ACS: modem.pool.dial_in_timeout=30 If a timeout value is not provided, the AlterPath Manager will wait for 60 seconds.

  • Page 320: Changing The Ports To Be Proxied

    Changing the Ports to be Proxied Changing the Ports to be Proxied When Forward Proxy (with or without ARP) is enabled for a device, the default proxied ports are 80 and 443. To change the opened ports, perform the following steps: 1.

  • Page 321: Nis User Authentication

    NIS Configuration What the status messages mean: Status: Meaning: SUCCESS No error occurred and the desired value is returned. The default action for this status is return. NOT FOUND The lookup process works, but the needed value was not found. The default action for this status is continue.

  • Page 322: Creating The Krb5.Keytab For Kerberos Authentication

    Creating the krb5.keytab for Kerberos Authentication passwd: compat files shadow: compat files group: compat files passwd_compat: nis shadow_compat: nis group_compat: nis Authenticate the user first through NIS, and if the user is not found or the NIS server is down, use the local database. passwd: compat [UNAVAIL=continue TRYAGAIN=continue] files shadow: compat [UNAVAIL=continue TRYAGAIN=continue] files group: compat [UNAVAIL=continue TRYAGAIN=coninue] file...

  • Page 323: Creating The Krb5.Keytab In The Alterpath Manager

    Creating the krb5.keytab for Kerberos Authentication user. The login program or kinit decrypts the TGT using the user's key (which it computes from the user's password). The TGT, which is set to expire after a certain period of time, is stored in your credentials cache. An expiration time is set so that a compromised TGT can only be used for a certain period of time, usually eight hours (unlike a compromised password, which could be used until changed).

  • Page 324: Active Directory (With Ldap)

    [local]: active_directory 2. Enter the Active Directory server: <authserver> 3. Enter the distinguished name of the search base: (ex: 'dc=cyclades,dc=com'): dc=<first_part_domain_name>,dc=<second_part_domain_name> Note: The second part of the domain name is usually “.com,” “.net,” “.org,” etc. 4. Enter the common name to bind to the server: (ex: 'cn=Administrator,cn=Users,dc=cyclades,dc=com'): <user>@<authserver>...

  • Page 325: Open Ldap

    2. Enter the name or IP address of the LDAP server at the prompt: Enter the LDAP server: <LDAP_server_name> 3. Enter the server’s LDAP base at the prompt: (ex: 'dc=cyclades,dc=com', 'ou=person,o=cyclades'): dc=<first_part_domain_name>,dc=<second_part_domain_name> Note: The second part of the domain name is usually “.com,” “.net,” “.org,”...

  • Page 326: Disabling Http To Use Only Https

    AlterPath Manager using Secure Copy (SCP). To add or import new firmware, follow this procedure: 1. From the web (www.cyclades.com), download the firmware to the server you use to store your firmware. Connect to the AlterPath Manager from your server using SSH.

  • Page 327: To Upgrade The Apm Firmware

    1. From the Cyclades website (www.cyclades.com), download and copy the firmware to the server you want to use to store firmware for the AlterPath Manager.

  • Page 328: Backing Up User Data

    Backing Up User Data Caution: Licenses (except for factory default licenses) must be reinstalled after you recreate the system partition or after you run the “installimg” command. If you want to preserve your licenses before you recreate a system partition or before you run “installimg,” you can edit the file “/etc/ files.list”...

  • Page 329: Backup And Restore Scenarios

    Managing Log Files Backup and Restore Scenarios For illustration purposes, there are two scenarios in which you can perform the backup. • Replicating data to a hot spare machine - You back up the configuration data and data buffers and restore them to a second AlterPath Manager unit.

  • Page 330: Backing Up Log Files To A Remote Server

    System Recovery Guidelines You can back up these files to another server using the secure shell SCP program. Backing Up Log Files to a Remote Server You can copy rotated logs to another server that is more suited for holding large amounts of log data using the following command line syntax: save_rotated_log [[user@]host:]file [-flush] [-now] Where:...

  • Page 331: Root Password Recovery

    Root Password Recovery If the AlterPath Manager goes down, you will still have direct access to ports and consoles, but you will need to redefine the devices. Root Password Recovery In the event of a forgotten or mistyped the root password, the APM’s main system administrator (e.g., the root user) will need create a new password.

  • Page 332: Changing The Database Configuration

    Changing the Database Configuration GRUB version 0.91 (639K lower / 522176K upper memory) +-------------------------------------------------------------------------+ | APM | APM Network Boot | APM Emergency Mode +-------------------------------------------------------------------------+ Use the ^ and v keys to select which entry is highlighted. Press enter to boot the selected OS, 'e' to edit the commands before booting, or 'c' for a command-line.

  • Page 333: Restoring Your Configuration

    Restoring Your Configuration You can change the default configuration values from the properties file “/var/apm/apm.properties”. Table 5-5: Default Configuration Values from the “apm.properties” File Property Name Default If you change the Property default property value, Value ensure that . . . db.apm apmdb The system creates a...

  • Page 334: To Install Ssl Certificates

    To Install SSL Certificates This section explains how to add or import your own SSL certificate to the AlterPath Manager instead of using the Cyclades default SSL certificate. A certificate for the HTTP security is created by a Certification Authority (CA).

  • Page 335: Table 5-6: Information For The "Openssl" Command

    Restoring Your Configuration 4. Verify that the certificate was deleted. Enter the command: keytool -list After you enter the password, the console terminal will display: [root@2500_QA root]# keytool -list Enter keystore password: changeit Keystore type: jks Keystore provider: SUN Your keystore contains 0 entries 5.
  • Page 336 Restoring Your Configuration Table 5-6: Information for the “openssl” Command Parameter Description Common Name (e.g., your name or Name of the machine where the your server’s hostname) [ ]: certificate must be installed. Email Address [ ]: Your email address or the administrator’s.

  • Page 337: More About Importing Certificates

    Restoring Your Configuration More About Importing Certificates There are many sources of information regarding certificate management on the web. The information below has been excerpted and modified from the keytool document which you can access from the following web site: https://java.sun.com/j2se/1.4.2/docs/tooldocs/windows/keytool.html.
  • Page 338 Restoring Your Configuration Then call or contact the person who sent the certificate, and compare the fingerprint(s) that you see with the ones that they show. Only if the fingerprints are equal is it guaranteed that the certificate has not been replaced in transit with somebody else’s (for example, an attacker’s) certificate.

  • Page 339: Appendix A: Technical Specifications

    Appendix A Technical Specifications Hardware Specifications Feature AlterPath E2000 AlterPath 2500 AlterPath 5000 Intel® Celeron® 850MHz Intel Celeron 3.0GHz 2 x Intel Xeon 3.0GHz Memory 512MB RAM 2GB RAM 4GB RAM 256MB compact flash 256MB compact flash 512MB compact flash...

  • Page 340: Software Specifications

    Software Specifications Feature AlterPath E2000 AlterPath 2500 AlterPath 5000 Operating Linux 2.4.x (embedded) Linux 2.6.x (embedded) Linux 2.6.x (embedded) system Users and Unlimited Unlimited Unlimited administrators Managed 2048 2048 2048 devices Managed 4096 (fixed) 1024 to 8192 (licensed) 1024 to 32768 (licensed)

  • Page 341: Appendix Bacs Modem Configuration

    Appendix B ACS Modem Configuration The AlterPath Manager allows you to automatically dial out to remote console servers such as the AlterPath Consolde Server (ACS) or Terminal Server Series (TS) if the network connection is lost. In the remote console server, you can connect an external modem to a serial port, or use a PCMCIA modem in the case of the ACS.
  • Page 342 Caution: Ensure that you do not configure the console where the modem is attached otherwise any upload process on the console will overwrite your configuration. 1. Open the file, in an editor such as VI. /etc/portslave/pslave.conf 2. Go to the “all.initchat” section of the file. The “all.initchat”...
  • Page 343 The section should now appear as follows: sxx.initchat TIMEOUT 10 \ "" \d\l\dATZ \ OK\r\n-ATZ-OK\r\n "" \ TIMEOUT 10 \ "" ATM0 \ OK\r\n "" \ TIMEOUT 3600 \ RING "" \ STATUS Incoming %p:I.HANDSHAKE \ "" ATA \ TIMEOUT 60 \ CONNECT@ ""...
  • Page 344 8. In the first line of this section, change "%i:%j" to "0.0.0.0:0.0.0.0". 9. Remove the backslash from end of the line that reads: "mtu %t mru %t \" . The section should now appear as follows: sxx.autoppp 0.0.0.0:0.0.0.0 novj \ proxyarp modem asyncmap 000A0000 \ noipx noccp login auth require-pap refuse-chap \ mtu %t mru %t...
  • Page 345 The section should now appear as follows: sxx.pppopt 0.0.0.0:0.0.0.0 novj \ proxyarp modem asyncmap 000A0000 \ noipx noccp mtu %t mru %t netmask %m \ idle %I maxconnect %T ms-dns 192.168.160.5 ms-dns 0.0.0.0 \ plugin /usr/lib/libpsr.so 15. Edit the file “/etc/ppp/pap-secrets”. When the file is opened for the first time, it should look something like this: # Secrets for authentication using PAP...
  • Page 346 A sample user with the fields changed to 0 is as follows: edson:fTEQb6zEnuIEQ:0:0:Embedix User...:/home/ edson:/bin/sh 20. Change the ownership of the user’s home directory to root as follows: chown root /home/edson 21. Edit the file “/etc/ssh/sshd_config” to remove the comment symbol (#) in front of the line: AuthorizedKeysFile /etc/ssh/authorized_keys...

  • Page 347: Appendix Cdls Activation

    Additional DLS at Time of Purchase Additional DLS activation can be included at the time of initial purchase, or it can be added as a feature activation conversion. Cyclades recommends you...

  • Page 348: Table C-1: Dls Activations Available At Initial Purchase

    Data Logging Session Activation purchase the additional DLS activation with your APM. There is a price benefit when you buy the DLS activation this way. Initial purchase part numbers for the DLS activation options along with their corresponding managed console capacities are shown in the table that follows: Table C-1: DLS Activations Available at Initial Purchase Max.

  • Page 349: Dls Activation Conversion

    DLS Activation Conversion For the APM 2500 and 5000, DLS capacity can be expanded and additional capacity can be purchased from Cyclades. This is an activation conversion. Activation conversion options are shown in the following table: Table C-2: Activation Conversion Options...

  • Page 350: Obtaining Expanded Dls Activation

    Each DLS activation is assigned to a single MAC (Ethernet hardware) address, and cannot be transferred to another AlterPath Manager. Obtaining Expanded DLS Activation You can purchase expanded DLS activation from your Cyclades sales team or from Cyclades partners. Cyclades customer service will need the MAC (Ethernet hardware) address of Eth0 (the first Ethernet controller in your APM) to generate the license file which will activate your new features.

  • Page 351: Verifying Your Current Dls Activation

    Data Logging Session Activation in the file name). Only one base file is allowed in the “/var/apm/licenses/data” directory. 3. Copy any new license files into this directory. Note: If you have more than one feature activation (FA) license file for DLS activation, you must be sure all the license files are included in the “/var/apm/ licenses/data”...

  • Page 352: Figure C-1: Feature Window (Full Content Scrolled)

    Data Logging Session Activation Figure C-1: Feature Window (full content scrolled) You can also verify your current DLS Activation by logging onto your APM CLI as root and running the following command: ls /var/apm/licenses/data If DLS is activated, the screen will display a file name similar to this: APM_B_DLS_256.enc The foregoing file name indicates a DLS capacity of 256 logging sessions.

  • Page 353: Verifying Your Mac Addresses

    Data Logging Session Activation Verifying your MAC addresses Log on to the CLI (on the serial console port) as root or as admin and run the following command: # ifconfig A display similar to the following will appear: eth0 Link encap:Ethernet HWaddr 00:90:FB:81:57:17 inet addr:192.168.48.162 Bcast:192.168.51.255...
  • Page 354 Data Logging Session Activation AlterPath Manager Installation, Configuration, and User’s Guide...

  • Page 355: Glossary

    Controlling access by requiring users to enter names and passwords. Anyone accessing Cyclades products and connected devices must log in by entering a username and password. The usernames and passwords entered during login attempts are checked against a database that lists all the valid usernames along with the encrypted passwords.
  • Page 356 EIA/TIA). CAT5 is the fifth generation of twisted pair Ethernet cabling and the most popular of all twisted pair cables in use today. The support for CAT5 cabling in many Cyclades products allows the use of existing cabling infrastructure in the data center.
  • Page 357 OnSite to perform actions using the CLI by typing commands on the Linux shell's command line. Do not be confused by the fact that some Cyclades products offer a management tool called the CLI, which has the same name as the term used in general for any command line interface.
  • Page 358 Checksum An algorithm, usually generated by a program, to check the integrity of a target file or target packet of data that has been transferred across a network. A very common checksum program is “md5sum” that is run after a target file has been downloaded.
  • Page 359 Many Cyclades products provide GUI access through the Web Manager.
  • Page 360 KVM over IP Supports remote access over a LAN or WAN or telephone line using the TCP/ IP protocols and a web browser. Enables operations over long distances. Cyclades AlterPath KVM/IP switches are one component of the out-of-band infrastructure, LDAP Lightweight Directory Access Protocol.
  • Page 361 NEBS (Network Equipment Building Systems) Compliance Means that equipment has been tested and proven to meet the NEBS requirements commonly adhered to by several telecommunications carriers. The requirements are in place to ensure that telecommunications equipment poses no risk or safety hazard to people, nearby equipment, or to the physical location where the equipment operates, and that equipment is reliable and dependable during both normal and abnormal conditions.

  • Page 362: Table G-1: Service Processor Technology By Vendor

    Shell A command interpreter on UNIX-based operating systems (like the Linux operating system that controls most Cyclades products). At the time this is being written, Microsoft has announced an upcoming release of a Microsoft shell. A shell typically is accessed in a terminal window where the shell presents a prompt.
  • Page 363 Web Manager Cyclades' web management interface (WMI), which runs in supported browsers. Advanced Configuration...
  • Page 364 APM Installation, Configuration, and User’s Guide...

  • Page 365: Index

    Auto Discover 142 navigation shortcuts xxvi Auto Upload and Manual Upload 131 user input xxv Auto Upload, device configuration 131 Creating an alarm trigger 158 Cyclades technical training xxviii Backing Up User Data 202 Blade or switch viewing 58 Data Buffer 71...
  • Page 366 Data Logging Session 315 Firmware Detail screen 200 Data Synchronization 240 Firmware List screen 197 deleting or adding 199 Database Configuration 300 Firmware Management 197, 294 Date 268, 273 set 268 Firmware screen 106 date 273 Firmware upgrades xxix Date and time setting 268, 273 First Time Configuration 86 Deleting a Device 147 First Time Configuration Wizard 88...
  • Page 367 Log File Compression and Rotation 7 PCMCIA Modem, ACS 309 Log rotation 181 Power Management 72, 235 Logs 67 Pre-configuration 30 Access 69 Pre-installation 30 Data buffer 71 IP Addresses 30 Event 70 NIC card 30 Logs, Access Mode 68 Prioritized Triggers &...
  • Page 368 setcons 267 Telnet 275 enable 275 setdatetime 268 Ticket 52 setethernet 268 Time 268, 273 setnames 270 set 268 setnetwork 271 Time and date setting 268, 273 setntp 273 Time zone 268 setserial 273 Training xxviii setsmtp 273 Typographic Conventions xxv Single Network Diagram 28 Single Network Topology 26 Single point security gateway 5...

This manual is also suitable for:

Alterpath 2500Alterpath 5000

Table of Contents