Tripp Lite 0 Idades Manual
Have a look at the manual Tripp Lite 0 Idades Manual online for free. It’s possible to download the document as PDF or print. UserManuals.tech offer 7 Tripp Lite manuals and user’s guides for free. Share the user manual or guide on Facebook, Twitter or Google+.
1 1111 W. 35th Street, Chicago, IL 60609 USA • www.tripplite.com/support Owner’s Manual Console Server Management Switch Models: B096-016 / B096-032 / B096-048 Console Server with PowerAlert Model: B092-016 Console Server Models: B095-004-1E / B095-003-1E-M / B094-008-2E-M-F / B094-008-2E-V Copyright © 2016 Tripp Lite. All rights reserved. All trademarks are the property of their\ respective owners. PROTECT YOUR INVESTMENT! Register your product for quicker service and ultimate peace of mind. You could also win an ISOBAR6ULTRA surge protector—a $100 value! www.tripplite.com/warranty
Please take care to follow the safety precautions below when installing \ and operating the Console Server: • Do not remove the metal covers. There are no operator-serviceable components inside. Opening or removing the cover may expose you to dangerous voltage which may cause fi\ re or electric shock. Refer all service to Tripp Lite qualified personnel • To avoid electric shock the power cord protective grounding conductor mus\ t be connected through to ground • Always pull on the plug, not the cable, when disconnecting the power cor\ d from the socket • Do not connect or disconnect the Console Server during an electrical sto\ rm • Also it is recommended you use a surge suppressor or UPS to protect the \ equipment from transients FCC Information, Class A This device complies with part 15 of the FCC Rules. Operation is subject\ to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any in\ terference received, including interference that may cause undesired operation. Note: This equipment has been tested and found to comply with the limits\ for a Class A digital device, pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable protectio\ n against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses,\ and can radiate radio frequency energy and, if not installed and used in accordance with the instruction manual, may ca\ use harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause har\ mful interference in which case the user will be required to correct the interference at his own expense. The user must use shield\ ed cables and connectors with this equipment. Any changes or modifications to this equipment not expressly approved by T\ ripp Lite could void the user’s authority to operate this equipment. RoHS This product is RoHS compliant. User Notice All information, documentation and specifications contained in this ma\ nual are subject to change without prior notification by the manufacturer. The manufacturer makes no representations or warranties, either expres\ sed or implied, with respect to the contents hereof and specifically disclaims any warranties as to mercha\ ntability or fitness for any particular purpose. Any of the manufacturer's software described in this manual is sold or licensed `as\ is'. Should the programs prove defective following their purchase, the buyer (and not the manufacturer, its distributor, or its dealer), assumes the entire cost of all necessary servicing, repair and any incidental or consequential damages resulting \ from any defect in the software. The manufacturer of this system is not responsible for any radio and/or \ TV interference caused by unauthorized modifications to this device. It is the responsibility of the user to correct such int\ erference. The manufacturer is not responsible for any damage incurred in the operation of this system if the correct operation\ al voltage setting was not selected prior to operation.
3 Introduction 10 Installation 14 2.1 Models 14 2.1.1 Kit components: B096-048, B096-032 and B096-016 Console Server Managemen\ t Switch 14 2.1.2 Kit components: B092-016 Console Server with PowerAlert 15 2.1.3 Kit components: B095-004-1E and B095-003-1E-M Console Server 15 2.1.4 Kit components: B094-008-2E-M-F and B094-008-2E-V Console Server 16 2.2 Power Connection 17 2.2.1 Power: Console Server Management Switch 17 2.2.2 Power: Console Server with PowerAlert 17 2.2.3 Power: Console Server 17 2.3 Network Connection 17 2.4 Serial Port Connection 18 2.5 USB Port Connection 18 2.6 Rackmount Console / KVM Connection (B092-016 only) 18 Initial System Configuration 19 3.1 Management Console Connection 19 3.1.1 Connected computer set up 19 3.1.2 Browser connection 20 3.1.3 Initial B092-016 connection 21 3.2 Administrator Password 22 3.2.1 Set up new administrator 23 3.3 Network IP Address 24 3.3.1 IPv6 configuration 25 3.3.2 Dynamic DNS (DDNS) configuration 26 3.4 System Services and Service Access 27 3.4.1 Brute force protection 30 3.5 Communications Software 31 3.5.1 SDT Connector 31 3.5.2 PuTTY 31 3.5.3 SSHTerm 32 3.6 Management Network Configuration 33 3.6.1 Enable the Management LAN 33 3.6.2 Configure the DHCP server 34 3.6.3 Select Failover or broadband OOB 35 3.6.4 Bridging the network ports 35 3.6.5 Wireless LAN 36 3.6.6 Static routes 37 Serial Port, Device & User Configuration 38 4.1 Configuring Serial Ports 38 4.1.1 Common Settings 39 4.1.2 Console Server Mode 40 4.1.3 SDT Mode 44 4.1.4 Device (RPC, UPS, EMD) Mode 44 4.1.5 Terminal Server Mode 44 4.1.6 Serial Bridging Mode 45 4.1.7 Syslog 45 4.2 Add/ Edit Users 46 4.3 Authentication 48 4.4 Network Hosts 48 Table of Contents
4 4.5 Trusted Networks 49 4.6 Serial Port Cascading 50 4.6.1 Automatically generate and upload SSH keys 50 4.6.2 Manually generate and upload SSH keys 51 4.6.3 Configure the slaves and their serial ports 52 4.6.4 Managing the slaves 52 4.7 Serial Port Redirection 53 4.7.1 Install VirtualPort client 53 4.7.2 Configure the VirtualPort client 54 4.7.3 To remove a configured port 56 4.7.4 Configure the remote serial device connection 56 4.8 Managed Devices 57 4.9 IPsec VPN 58 4.9.1 Enable the VPN gateway 58 4.10 OpenVPN 60 4.10.1 Enable the OpenVPN 61 4.10.2 Configure as Server or Client 62 4.10.3 Windows OpenVPN Client and Server set up 64 4.11 PPTP VPN 67 4.11.1 Enable the PPTP VPN server 68 4.11.2 Add a PPTP user 69 4.11.3 Set up a remote PPTP client 70 4.12 IP Passthrough 71 4.12.1 Downstream router setup 71 4.12.2 IP Passthrough pre-configuration 71 4.12.3 IP Passthrough configuration 72 4.12.4 Service intercepts 72 4.12.5 IP Passthrough status 72 4.12.6 Caveats 72 Firewall, Failover & Out-of-Band 73 5.1 OoB Dial-In Access 73 5.1.1 Configure dial-in PPP 74 5.1.2 Using SDT Connector client for dial-in 75 5.1.3 Set up Windows XP/2003/Vista/7 client for dial-in 75 5.1.4 Set up earlier Windows clients for dial-in 76 5.1.5 Set up Linux clients for dial-in 76 5.2 OoB Broadband Access 77 5.3 Broadband Ethernet Failover 77 5.4 Dial-Out Access 78 5.4.1 Always-on dial-out 78 5.4.2 Dial-Out Failover 79 5.5 Firewall & Forwarding 80 5.5.1 Configuring network forwarding and IP masquerading 80 5.5.2 Configuring client devices 82 5.5.3 Port/Protocol Forwarding 83 5.5.4 Firewall Rules 84 5.6 Internal Cellular Modem Connection 85 5.6.1 Connecting to a 4G LTE carrier network 85 5.6.2 Verifying the cellular connection 86 5.6.3 Cellular modem watchdog 87 Table of Contents
5 5.7 Cellular Operation 88 5.7.1 OOB access set up 88 5.7.2 Cellular failover setup 89 5.7.3 Cellular routing 89 Secure SSH Tunneling & SDT Connector 90 6.1 Configuring for SDT Tunneling to Hosts 91 6.2 SDT Connector Configuration 92 6.2.1 SDT Connector client installation 92 6.2.2 Configuring a new gateway in the SDT Connector client 93 6.2.3 Auto-configure SDT Connector client with the user’s access privileg\ es 94 6.2.4 Make an SDT connection through the gateway to a host 95 6.2.5 Manually adding hosts to the SDT Connector gateway 96 6.2.6 Manually adding new services to the new hosts 97 6.2.7 Adding a client program to be started for the new service 99 6.2.8 Dial-in configuration 100 6.3 SDT Connector to Management Console 101 6.4 SDT Connector - Telnet or SSH Serial Device Connection 102 6.5 SDT Connector OoB Connection 103 6.6 Importing (and Exporting) Preferences 104 6.7 SDT Connector Public Key Authentication 105 6.8 Setting up SDT for Remote Desktop Access 106 6.8.1 Enable Remote Desktop on the target Windows computer to be accessed 106 6.8.2 Configure the Remote Desktop Connection client 107 6.9 SDT SSH Tunnel for VNC 110 6.9.1 Install and configure the VNC Server on the computer to be accessed 110 6.9.2 Install, configure and connect the VNC Viewer 111 6.10 SDT IP Connection to Hosts 113 6.10.1 Establish a PPP connection between the host COM port and Console Server 113 6.10.2 Set up SDT Serial Ports on Console Server 116 6.10.3 Set up SDT Connector to SSH port forward over the Console Server Serial Port 116 6.11 SSH Tunneling using other SSH clients (e.g. PuTTY) 117 Alerts, Automated Response and Logging 120 7.1 Set Up Auto-Response and Configure Check Conditions 120 7.1.1 Environmental Check 121 7.1.2 Alarms and Digital Inputs 122 7.1.3 UPS/Power Supply 122 7.1.4 UPS Status 122 7.1.5 Serial Login/Logout 123 7.1.6 ICMP Ping 123 7.1.7 Cellular Data 123 7.1.8 Custom Check 124 7.1.9 SMS Command 124 7.1.10 Log In/Log Out 125 7.1.11 Network Interface Event 125 7.1.12 Routed data usage check 126 Table of Contents
6 7.2 Trigger and Resolve Actions 127 7.2.1 Send Email on Trigger 127 7.2.2 Send SMS on Trigger 127 7.2.3 Perform RPC Action on Trigger 127 7.2.4 Run Custom Script on Trigger 128 7.2.5 Send SNMP Trap on Trigger 128 7.2.6 Send Nagios Event on Trigger 128 7.2.7 Perform Interface Action 128 7.2.8 Resolve Actions 129 7.2.9 Send Email alerts on Resolution 129 7.2.10 Send SMS Alerts on Resolution 129 7.2.11 Send SNMP Trap alerts on Resolution 130 7.2.12 Send Nagios Event alerts on Resolution 131 7.3 Remote Log Storage 132 7.4 Serial Port Logging 132 7.5 Network TCP or UDP Port Logging 133 7.6 Auto-Response Event Logging 133 7.7 Power Device Logging 133 Power and Environment 134 8.1 Remote Power Control (RPC) 134 8.1.1 RPC connection 134 8.1.2 RPC alerts 136 8.1.3 RPC status 136 8.1.4 User power management 137 8.2 Uninterruptible Power Supply Control (UPS) 138 8.2.1 Managed UPS connections 138 8.2.2 Configure UPS powering the Console Server 140 8.2.3 Configuring powered computers to monitor a Managed UPS 141 8.2.4 UPS alerts 142 8.2.5 UPS status 142 8.2.6 Overview of Network UPS Tools (NUT) 143 8.3 Environmental Monitoring 144 8.3.1 Connecting the EMD 145 8.3.2 Environmental alerts 146 8.3.3 Environmental status 146 Authentication 147 9.1 Authentication Configuration 147 9.1.1 Local authentication 147 9.1.2 TACACS authentication 148 9.1.3 RADIUS authentication 149 9.1.4 LDAP authentication 150 9.1.5 RADIUS/TACACS user configuration 152 9.1.6 Group support with remote authentication 152 9.1.7 Remote groups with RADIUS authentication 152 9.1.8 Remote groups with LDAP authentication 154 9.1.9 Idle timeout 155 9.1.10 Kerberos authentication 156 9.1.11 Authentication testing 156 9.2 PAM (Pluggable Authentication Modules) 156 9.3 Secure Management Console Access 157 9.4 SSL Certificate 158 Table of Contents
7 Nagios Integration 160 10.1 Nagios Overview 160 10.2 Central management and setting up SDT for Nagios 161 10.2.1 Set up central Nagios server 161 10.2.2 Set up distributed Console Servers 162 10.3 Configuring Nagios distributed monitoring 164 10.3.1 Enable Nagios on the Console Server 164 10.3.2 Enable NRPE monitoring 165 10.3.3 Enable NSCA monitoring 166 10.3.4 Configure selected Serial Ports for Nagios monitoring 167 10.3.5 Configure selected Network Hosts for Nagios monitoring 167 10.3.6 Configure the upstream Nagios monitoring host 168 10.4 Advanced Distributed Monitoring Configuration 169 10.4.1 Sample Nagios configuration 169 10.4.2 Basic Nagios plug-ins 172 10.4.3 Additional plug-ins 172 System Management 173 11.1 System Administration and Reset 173 11.2 Upgrade Firmware 174 11.3 Configure Date and Time 175 11.4 Configuration Backup 176 11.5 Delayed Configuration Commit 177 11.6 FIPS Mode 178 Status Reports 179 12.1 Port Access and Active Users 179 12.2 Statistics 180 12.3 Support Reports 180 12.4 Syslog 181 12.5 Dashboard 181 12.5.1 Configuring the Dashboard 182 12.5.2 Creating custom widgets for the Dashboard 183 Management 184 13.1 Device Management 184 13.2 Port and Host Log Management 185 13.3 Terminal Connection 185 13.3.1 Web Terminal 185 13.3.1.1 Web Terminal to Command Line 185 13.3.1.2 Web Terminal to Serial Device 186 13.3.2 SDTConnector access 186 13.4 Power Management 187 13.5 Remote Console Access (B092-016 only) 187 Command Line Configuration 188 14.1 Accessing config from the command line 188 14.1.1 Serial Port configuration 190 14.1.2 Adding and removing Users 193 14.1.3 Adding and removing user Groups 194 14.1.4 Authentication 195 14.1.5 Network Hosts 196 14.1.6 Trusted Networks 197 14.1.7 Cascaded Ports 197 Table of Contents
8 14.1.8 UPS Connections 198 14.1.9 RPC Connections 199 14.1.10 Environmental 200 14.1.11 Managed Devices 200 14.1.12 Port Log 201 14.1.13 Alerts 202 14.1.14 SMTP & SMS 203 14.1.15 SNMP 205 14.1.16 Administration 205 14.1.17 IP settings 205 14.1.18 Date & Time settings 206 14.1.19 Dial-in settings 206 14.1.20 DHCP server 207 14.1.21 Services 208 14.1.22 NAGIOS 208 14.2 General Linux command usage 209 Advanced Configuration 211 15.1 Custom Scripting 211 15.1.1 Custom script to run when booting 211 15.1.2 Running custom scripts when alerts are triggered 212 15.1.3 Example script - Power cycling on pattern match 213 15.1.4 Example script - Multiple email notifications on each alert 213 15.1.5 Deleting configuration values from the CLI 214 15.1.6 Power cycle any device upon a ping request failure 217 15.1.7 Running custom scripts when a configurator is invoked 218 15.1.8 Backing-up the configuration and restoring using a local USB stick 218 15.1.9 Backing-up the configuration off-box 219 15.2 Advanced Portmanager 220 15.2.1 Portmanager commands 220 15.2.2 External Scripts and Alerts 223 15.3 Raw Access to Serial Ports 224 15.3.1 Access to serial ports 224 15.3.2 Accessing the console/modem port 224 15.4 IP- Filtering 225 15.5 SNMP Status Reporting and Traps 225 15.5.1 Retrieving status information using SNMP 225 15.5.2 Check firewall rules 225 15.5.3 Enable SNMP service 226 15.5.4 /etc/config/snmpd.conf 229 15.5.5 Adding multiple remote SNMP managers 229 15.6 Secure Shell (SSH) Public Key Authentication 230 15.6.1 SSH Overview 230 15.6.2 Generating Public Keys (Linux) 231 15.6.3 Installing the SSH Public/Private Keys (Clustering) 231 15.6.4 Installing SSH Public Key Authentication (Linux) 232 15.6.5 Generating public/private keys for SSH (Windows) 233 15.6.6 Fingerprinting 234 15.6.7 SSH tunneled serial bridging 235 15.6.8 SDT Connector Public Key Authentication 237 15.7 Secure Sockets L ayer (SSL) Support 238 Table of Contents
9 15.8 HTTPS 238 15.8.1 Generating an encryption key 238 15.8.2 Generating a self-signed certificate with OpenSSL 238 15.8.3 Installing the key and certificate 239 15.8.4 Launching the HTTPS Server 239 15.9 Power Strip Control 240 15.9.1 PowerMan 240 15.9.2 pmpower 241 15.9.3 Adding new RPC devices 241 15.10 IPMItool 243 15.11 Scripts for Managing Slaves 245 15.12 SMS Server Tools 246 15.13 Multicast 246 15.14 Zero Touch Provisioning 247 15.14.1 Preparation 247 15.14.2 Example ISC DHCP server configuration 247 15.14.3 Setup for an untrusted LAN 247 15.14.4 How it works 248 15.14.5 Setup a USB key for authenticated restore 249 Thin Client (B092-016) 252 16.1 Local Client Service Connections 252 16.1.1 Connect: Serial Terminal 253 16.1.2 Connect: Browser 254 16.1.3 Connect: VNC 255 16.1.4 Connect: SSH 256 16.1.5 Connect: IPMI 257 16.1.6 Connect: Remote Desktop (RDP) 258 16.1.7 Connect: Citrix ICA 259 16.1.8 Connect: PowerAlert 259 16.2 Advanced Control Panel 260 16.2.1 System: Terminal 260 16.2.2 System: Shutdown / Reboot 260 16.2.3 System: Logout 260 16.2.4 Custom 260 16.2.5 Status 260 16.2.6 Logs 260 16.3 Remote Control 261 Appendix A: Hardware Specification 262 Appendix B: Serial Port Connectivity 263 Appendix C: End User License Agreements 265 Appendix D: Service and Warranty 272 Table of Contents
10 This User Manual is provided to help you get the most from your B096-016\ / B096-032 / B096-048 Console Server Management Switch, B092-016 Console Server with PowerAlert or B095-004-1E / B095-003-1E-M / B094-008-2E-M-F / B094-008-2E-V Console Server product. These products are referred to generically in \ this manual as Console Servers. Once configured, you will be able to use your Console Server to secure\ ly monitor, access and control the computers, networking devices, telecommunications equipment, power supplies and ope\ rating environment in your data center, branch office or communications room. This manual guides you in managing this\ infrastructure locally (at the rack side or across your operations or management LAN or through the local serial console port),\ and remotely (across the Internet, private network or via dial up). Manual Organization This manual contains the following chapters: 1. Introduction An overview of the features of the Console Server and information on thi\ s manual 2. Installation Details physical installation of the Console Server and the interconnect\ ion of controlled devices 3. System Configuration Describes the initial installation and configuration using the Managem\ ent Console of the Console Server on the network and the services that will be supported 4. Serial and Network Covers configuring serial ports and connected network hosts, and setti\ ng up Users and Groups 5. Failover and OoB dial-in Describes setting up the high-availability access features of the Consol\ e Server 6. Secure Tunneling (SDT) Covers secure remote access using SSH and configuring for RDP, VNC, HTTP, HTTPS, etc. access to network and serially connected devices 7. Alerts and Logging Explains the setting up of local and remote event/ data logs and trigger\ ing SNMP and email alerts 8. Power & Environment Management of USB, serial and network attached Power Distribution units and UPS units including Network UPS Tool (NUT) operation and IPMI power control. EMD environmental sensor configuration 9. Authentication All access to the Console Server requires usernames and passwords which \ are locally or externally authenticated 10. Nagios Integration Setting Nagios central management with SDT extensions and configuring \ the Console Server as a distributed Nagios server 11. System Management Covers access to and configuration of services to be run on the Consol\ e Server 12. Status Reports View the status and logs of serial and network connected devices (ports\ , hosts, power and environment) 13. Management Includes port controls and reports that can accessed by Users 14. Basic Configuration Command line installation and configuration using the config command\ 15. Advanced Config More advanced command line configuration activities where you will nee\ d to use Linux commands 16. Thin Client Configuration and use of the thin client and other applications (incl\ uding PowerAlert) embedded in the Console Server with PowerAlert (B092-016) product Chapter 1: Introduction