Avocent CCM1640 Network Card User Manual
Contents
1. Field Contents User Username Pass YES if userhas a password defined NO if not Key YES if userhas an SSH key defined NO if not Lock YES if useris locked out NO if not Level User s access level If a level was not configured access rights determine the level Users with SCON access gt APPLIANCEADMIN Users with USER but not SCON gt ADMIN Otherwise USER level is assigned Access User s access rights SPC Command The SPC command is reserved for future functionality User Commands The User command has several forms as listed in the following table User Command Summary Command Description User Add Adds a new userto the CCM user database User Delete Deletes a user from the CCM user database User Logout Terminates a user s active CCM session UserSet Changes a user s configuration information User Unlock Unlocks a locked out user User Add command The User Add command adds a new user to the CCM user database The CCM user database holds a maximum of 64 user definitions For more information see Managing Users Connecting to devices using SSH and Access rights and levelsin Chapter 3 Access right USER Access level ADMIN or APPLIANCEADMIN 78 CCM 840 1640 Installer User Guide Syntax Parameter USER ADD username PASSWORD lt pwd gt SSHK EY 2 keyfil e FTPIP lt ftpadd gt KEY 2 sshkey ACCE SS lt access gt User Add Co2. You will need aTFTP server Download the latest FLASH image Savethe image file to the appropriate directory on the TFTP server Access right SCON Access level APPLIANCEADMIN Syntax SERVER FLASH BOOT APP HOSTIP lt tftp add gt IMAGE host file gt Server FLASH Command Parameters Parameter Description BOOT Indicates the BIO S Bootstrap image should be updated APP Indicates the application image should be updated HOSTIP lt tftp_add gt IP address of TFTP server host IMAGE lt host file gt Name of file on TFTP server host containing the image file Example The following command updates the CCM boot image program using the image file name c winnt system32 drivers ccm4 bt img which is located on the TFTP server host located at 192 168 1 16 gt ser fla boot hostip 192 168 1 16 ima c winnt system32 drivers ccm40bt img ServerPPP command The Server PPP command enables or disables the PPP server on the serial CLI port For more information see Connecting to devices using PPP in Chapter 3 Once the PPP server has been configured with this command by specifying the required addresses and masks those values remain in the database Later if you disable the PPP server and wish to reenable it with the same addresses you don t need to specify the address values again When you enable the PPP server the serial CLI port must already be defined When you enter this command you are prompted to
3. For more information see Server SNMP Trap command in Chapter 5 The Equinox web site www equinox com support describes the supported traps To add or delete SNMP trap destination addresses 1 To add an SNMP trap destination address issue a Server SNMP Trap Destination command with the Add parameter and the destination s IP address You may define up to four destination addresses using separate commands SERVER SNMP TRAP DESTINATION ADD lt ip_address gt To delete an SNMP trap destination address issue a Server SNMP Trap Destination command with the Delete parameter and the destination s IP address SERVER SNMP TRAP DESTINATION DELETE lt ip_address gt For more information see Server SNMP Trap Destination command in Chapter 5 To add copy or delete port alert strings 1 To add a port alert string issue a Port Alert Add command specifying the port number and a 3 32 character string You may define up to ten strings for each port using separate commands The alert string will only generate a trap if the portAlert trap is enabled with a Server SNMP Trap command PORT lt port gt ALERT ADD lt string gt To delete a port alert string issue a Port Alert Delete command specifying a port number PORT lt port gt ALERT DELETE The CCM displays a numbered list of alert strings that have been defined for the specified port with a prompt requesting you to select alert string s to delete Indicate the aler
4. POR 2 SET BAUD 576 FLOW XON ERR 27 SET keyword value invalid 46 CCM 840 1640 Installer User Guide In the following example there are spaces between BAUD the equal sign and the value 57600 Spaces are not permitted between keyword parameters and their values gt POR 2 SET BAUD 57600 FLOW XON ERR 26 SET keyword parameter invalid Syntax conventions This manual uses the following command syntax conventions Brackets surround optional keywords and values e Angle brackets lt gt surround user supplied positional parameters and keyword parameter values e In most cases choices are separated by a vertical bar The description indicates if you may specify more than one of the choices and how to separate multiple values The exception is the Server SSH command In this case the vertical bar is specified on the command line when you enable the password or key method PW KEY or the key or password method KEY PW Command Summary The following table lists the CCM commands including a brief description plus the required access rights and level CCM Command Summary Command Description Access Right and Access Level Connect Accesses devices from the serial CLI port Access right port specific Access level ADMIN or APPLIANCEADMIN Disconnect Ends a device session initiated with C onnect command Access right port specific Access level ADMIN or APPLIANCEADMIN Help Dis
5. PW default SSH connections will be authenticated with a username password W ith this method a user s definition must include a valid password in order for that user to authenticate an SSH session A password may authenticate to a RADIUS server or to the local user database KEY SSH connections will be authenticated with an S SH key W ith this method a user s definition must include valid S SH key information in order for that user to authenticate an SSH session Key authentication is always local RADIUS is not supported For more information see SSH user keys in this chapter PW KEY orKEY PW SSH connections will be authenticated with either a username password or an SSH key If a user has only a password defined that user must authenticate an SSH session with a username password If a user has only an SSH key defined that user must authenticate an SSH session using the key If a user has both a password and an SSH key defined that user may use either a username password or the SSH key to authenticate an SSH session This method allows the CCM administratorto define how each user will authenticate an SSH session based on information provided in the User Add S et command PW authentication will be local orRADIUS as specified in the Auth parameter of the Server S ecurity command Key authentication is always local PW amp KEY orKEY amp PW SSH connections will be authenticated using both a username password and an SSH key
6. The CCM ships with a single user defined in its user database The first time you connect to the CCM via Telnet or serial CLI you are prompted for a username To log in to the CCM for the first time 1 At the Username prompt type Admin There is no factory default password for the Admin user At the Password prompt press Return Username Admin Password Authentication Complete CCM configuration is required Once authentication completes the CCM prompts for any missing configuration values that are required for operation If you already provided the IP address and subnet mask you will not be prompted for those values again If you have not already provided the IP address and subnet mask you will be prompted for them Enter the CCM IP address and subnet mask using standard dot notation CCM configuration is required Enter CCM IP address gt 192 168 0 5 Enter CCM Subnet mask gt 255 255 255 0 14 CCM 840 1640 Installer User Guide 3 You are prompted for a new Admin password Passwords are case sensitive and must contain 3 16 alphanumeric characters You must enter the new password twice to confirm that you entered it correctly Enter CCM New Admin Password gt Confirm New Admin Password gt After you have provided the required configuration information a confirmation message appears while the CCM stores the values in its configuration database You have now completed the initial login and
7. interprets it as a power on condition for the attached device when the signal is false a power off condition for the device is assumed The signal specified for flow control cannot be used for power control and vice versa To configure serial console port settings Issue a Port Set command You may specify settings for one or all ports PORT lt port gt ALL SET NAM E lt name gt BAUD lt baud gt SIZE lt size gt PARITY lt parity gt STOP lt stop_bits gt FLOW lt flow_ctrl gt TIMEOUT lt timeout gt SOCKET lt socke gt CHAR lt dlii_char gt TOGGLE NONE DTR POWER lt signal gt 18 CCM 840 1640 Installer User Guide For more information and descriptions of all valid parameters see Port Set command in Chapter 5 To display serial port settings Issue a Show Port command SHOW PORT port ALL NAM ES When you request information about a port the display includes configuration information current power status if power status monitoring has been enabled plus transmit receive and error counts When you request information about a single port and a user is currently accessing that port the display also includes the username access rights and other information about the current session When you request information about port names the display includes the port numbers and names If a port s name has not been changed with a Port Set command the logical name is displayed
8. traps when a trap occurs the CCM will generate SNMP trap messages to each defined SNMP trap destination You may define up to four trap destinations using separate commands For more information see Managing the CCM Using SNMP in Chapter 3 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP TRAP DESTINATION ADD DELETE ip address Server SNMP Trap Destination Command Parameters Parameter Description ADD DELETE Defines or deletes the specified destination ip address IP address of trap destination Server SSH command The Server SSH command enables or disables SSH session access to the CCM and specifies the SSH authentication method When you enable SSH all CCM sessions will be terminated if a CCM SSH server key must be generated If you enable plain text Telnet connections with a Server Security command enabling SSH session access with the Server SSH command will add that as a valid connection method both plain text and SSH connections will be allowed For more information see Connecting to devices using SSH in Chapter 3 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SSH ENABLE DISABLE AUTH lt auth gt Server SSH Command Parameters Parameter Description ENABLE DIS ABLE Enables or disables SSH session access to the CCM Chapter 5 CCM Commands 71 Server SSH Command Parameters Continued Parameter Description AUTH lt auth gt SSH aut
9. Data C arrier Detect 4 RxD Input Receive Data 5 TxD O utput Transmit Data 6 GND N A Signal G round 7 DTR O utput Data Terminal Ready 8 CTS Input Clearto Send NOTE RI Ring Indicate is not supported Figures B 1 through B 3 show the wiring diagrams for cables that connect from CCM ports to terminals printers PCs and modems CT B Pe NC C 4 Clear to Send Request to Send Data Terminal Ready Data Set to Ready Signal Ground Signal Ground Transmit Data Receive Data Receive Data Transmit Data Data Carrier Detect Data Terminal Ready Data Set Ready Data Carrier Detect Request to Send Clear to Send oO000000 e eo 10100 00 0 1 DB 25 FEMALE I RJ 45 Plug DB 25 MALE Cable End View Cable End View Figure B 1 Cable Pin Assignments for RJ 45 to Terminal Printer Appendices 87 To CCM RJ 45 Port Clear to Send Data Terminal Ready To PC DB 9 Request to Send Data Set to Ready Signal Ground Signal Ground Transmit Data Receive Data Receive Data Transmit Data Data Carrier Detect Data Terminal Ready Data Set Ready Data Carrier Detect Request to Send INT RJ 45 Plug Cable End View Clear to Send pI O H Ol M s oO A O NIOIO Clear to Send 1 00000 DB 9 FEMALE Cable End View Clear to Send Data Terminal Ready Data Terminal Ready
10. Product Overview Features and Benefits Overview The CCM 840 and CCM 1640 serial over IP network appliances provide non blocked access and control for serial devices such as routers power management devices and firewalls You may connect up to 8 serial devices to a CCM840 and up to 16 serial devices to a CCM 1640 A single 10 100 Ethernet port provides network connectivity on each CCM Two CCM appliances may be mounted in 1U of vertical space in a standard 19 inch rack Serial device access options You may choose from among several available Telnet options to access the CCM and its attached serial devices e The AVWorks multiplatform graphic management interface that offers a built in enhanced Telnet client and a Secure Shell SSH client e Third party Telnet clients e Third party SSH clients Access to attached serial devices is also possible via a serial Command Line Interface CLI connection a PPP Point to Point Protocol dial in connection to a serial CLI modem or from a third party SSH client User authentication and data security The CCM user database supports up to 64 user accounts which include usernames passwords and or keys plus specifications of access rights to CCM ports and commands User definitions may be changed at any time You may choose to have user access authenticated locally at the CCM user database or at one or more RADIUS Remote Access Dial In User Service servers Data security may be enhan
11. Server SNMP command displays SNMP configuration information Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER SNMP 76 CCM 840 1640 Installer User Guide Show User command The Show User command displays information about one or all users Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW USER lt username gt ALL Show User Command Parameter Parameter Description lt username gt Username Default user currently logged in ALL Requests a display of all defined users The Show User command display for one user includes the information in the following table Show User Command Display Fields Field Contents User Username Level User s access level If a level was not configured access rights determine the level Users with SCON access gt APPLIANCEADMIN Users with USER but not SCON gt ADMIN Otherwise USER level is assigned Access User s access rights Locked YES if user is locked out NO if not Last Login System up time value when the user logged in Port Serial port to which user is connected Username Username Duration Duration of user s session Socket Telnet C CM socket number From S ocket Telnet client IP address and socket number Chapter 5 CCM Commands 77 A Show User All command display includes the information in thefollowing table Show User All Command Display Fields
12. Signal Ground Transmit Data Receive Data Data Carrier Detect Data Set Ready Request to Send RJ 45 Plug Cable End View Signal Ground Transmit Data Receive Data Data Carrier Detect Data Set to Ready Request to Send DB 25 MALE Cable End View Figure B 3 Cable Pin Assignments for RJ 45 to Modem DB 25 88 CCM 840 1640 Installer User Guide RJ 45 modular adaptors and cables Modular adaptors are available from Equinox to convert RJ 45 modular jacks to standard pinout configurations These modular adaptors when used with 8 wire cables provide the functions shown in Figures B 1 through B 3 Adaptors are available for use with e CAT 5cable Serial reversing cable Reversing adaptors and cables are recommended for distances greater than 100 feet Adaptors for Use with CAT 5 Cable Part No Description 210122 RJ 45 to DB 9M DTE Adaptor 210120 RJ 45 to DB 9F DCE Adaptor 210124 RJ 45 to DB 25M DTE Adaptor 210123 RJ 45 to DB 25M DCE Adaptor 210125 RJ 45 to DB 25F DTE Adaptor 210121 RJ 45 to DB 25F DCE Adaptor 210127 RJ 45 to RJ 45 Male Adaptor for Cisco and Sun Netra console port 750238 CAT 5 Serial Starter Kit includes all the above adaptors Thefollowing table lists the available Equinox modular adaptors for use with 8 wire reversing modular cables plus available reversing modular cables These are recommen
13. T CP port number which by default is 3000 plus the physical port number in decimal format The TCP port number may be changed for any CCM port For example the following Telnet command connects to the serial device attached to physical port 14 of a CCM 1640 telnet 192 168 0 5 3014 If an authentication method other than None has been configured for the CCM you will be prompted for credentials username and password Once authentication completes your connection is confirmed When you successfully connect to the serial device you will see a display similar to the following Username Myname Password Authentication Complete Connected to Port 14 9600 8 N 1 XON XOFF If the authentication method is configured as None you may Telnet and connectto a serial device without entering credentials however credentials are always required when connecting to the CCM CLI Data entered at the Telnet client is written to the attached serial device Any data received by the CCM from the serial deviceis output to your Telnet client You may access the CCM and its ports using Equinox provided or third party Telnet client applications A cross platform Telnet client is bundled with the AVWorks application Third party Telnet client applications may be used in combination with AVWorks or standalone You may connect using either SSH AVWorks provides built in support for SSH2 or plain text AVWorks Telnet AVWorks is a cross platform
14. TheADMIN level is equivalent to PALL USER SMON PCON and BREAK Chapter 3 Operations 31 A user s access level may be used for preemption For example assume User A is connected to a port User B tries to connect to the same port If User B has an access level equal to or greater than User A s access level then User B will be given the option of preempting User A To manage a user s access rights level L To configure a user s access rights level issue a User Add command using the Access parameter to specify the rights or a level USER ADD username ACCE SS lt access gt 2 To change a user s access rights level issue a User Set command using the Access parameter to specify the rights or a level USER SET username ACCE SS lt access gt 3 To display the access rights and level for one or all users issue a Show User command SHOW USER lt username gt ALL For more information see Managing Users in this chapter plus User Add command User Se command and Show User command in Chapter 5 Using Authentication Modes The CCM supports several methods for authenticating users RADIUS local and none Multiple connection and authentication methods may operate concurrently By default authentication is done at the local CCM user database Local authentication Local authentication uses the CCM internal user database to authenticate users RADIUS authentication RADIUS authentication uses an external thi
15. To delete a user Issue a User Delete command USER DELETE username If the specified user is currently logged in a message is sent to the user indicating that access is no longer permitted and the user s Telnet session is terminated For more information see User Deee command in Chapter 5 To display user configuration information 1 To display information about one user issue a Show User command specifying the username SHOW USER username 2 Todisplay information about all users issue a Show User command with the All parameter SHOW USER ALL 30 CCM 840 1640 Installer User Guide For more information see Show User command in Chapter 5 Access rights and levels Most CCM commands require the user to have access rights to use the commands The access rights for each CCM command are listed in Chapter 4 Thefollowing table describes the access rights a user may be given Access Rights Access Right Description PCON The Port Configuration access right should be given to users who must modify port settings Grant PC ON access rights only to users who need to issue the Port Set command SCON The Server Configuration access right should be given to users who must change the CCM configurations including setting the IP address and updating the C CM program load in FLASH Grant SCON access only to users who need to administer the CCM SMON The Server Monitor access right should be given to us
16. add JohnDoe password secretname access P2 5 7 user smon Thefollowing command adds the username J aneDoe with access to all ports The name of the SSH public user key file is ccm key2 pub This file is located on the FTP server at IP address 10 0 0 3 gt user add JaneDoe ssh ccm key2 pub ftp 10 0 0 3 access pall Chapter 5 CCM Commands 79 The following command adds the username J Doe and gives that user the Appliance Administrator access level which enables access to all ports and CCM commands gt user add JDoe access applianceadmin User Delete command The User Delete command removes a username entry from the CCM user database The username may no longer be used to authenticate a session with the CCM If the specified user is currently logged in a message is output to the user indicating that access is no longer permitted and the Telnet session is terminated Access right USER Access level ADMIN or APPLIANCEADMIN Syntax USER DEL lt username gt User Delete Command Parameter Parameter Description lt username gt Username to be deleted User Logout command The User Logout command terminates a user s active sessions on the CCM If the specified user has no active sessions an error message is displayed For all active sessions that are terminated a message is sent to the Telnet client and the Telnet connection is dropped Access right USER Access level APPLIANCEADMIN may log out any user
17. and Trapcomm parameters to specify community names NOTE The default community names are public if you enable SNMP you are encouraged to change the community values to prevent access to the MIB SERVER SNMP COMMUNITY READCOM M lt name gt WRITECOM M lt name gt TRAPCOM M lt name gt Although all three community names default to public if you specify a trap community name with this command it must be different from the read and write community names For more information see Server SNMP Community command in Chapter 5 38 CCM 840 1640 Installer User Guide To add or delete SNMP management entity addresses L To add an SNMP management entity address issue a Server SNMP Manager command with the Add parameter and the management entity s IP address You may define up to four SNM P management entity addresses using separate commands SERVER SNMP MANAGER ADD lt ip_address gt When you define at least one SNM P manager SNMP requests are processed if they are from one of the defined SNMP managers If a request is not from one of the defined SNMP managers the SNM P request is discarded To delete an SNMP management entity address issue a Server SNMP Manager command with the Delete parameter and the management entity s IP address SERVER SNMP MANAGER DELETE lt ip_address gt If no management entities are defined any SNMP manager may access the MIB For more information see Server SNMP Manager command in Chap
18. and the CCM establish the PPP protocol The PPP dial in may be used to access a remote CCM that does not warrant a WAN Wide Area Network link to the Ethernet interface In this case the PPP connection allows a remote PC with Telnet capability to dial the CCM and then establish a Telnet connection to a CCM port The PPP dial in may also be used to access a subnet containing remote CCM devices in the event of a WAN link failure In this case the PPP provides an alternate path to one or more remote CCM devices Oncethe PPP connection is established you must launch an application that connects to the CCM or to one of its ports The PPP connection is only a communications interface to the CCM The CCM implements a PPP server that uses CHAP Challenge Authentication Protocol Passwords are not accepted in the clear on PPP connections PPP is disabled by default To enable or disable a PPP server on the serial CLI port L To enable a PPP server on the serial CLI port issue a Show Server CLI command to ensure that a serial CLI port has been defined SHOW SERVER CLI 2 Issue a Server PPP command with the Enable parameter SERVER PPP ENABLE LOCALIP lt local_ip gt REMOTEIP lt ren_ip gt MASK lt subnet gt You must specify local and remote IP addresses to be used for the CCM and client ends of the PPP connection respectively You are prompted to confirm or cancel the changes Enter Y to confirm or N to cancel 3 To disable a PP
19. cable to ensure that both ends are correctly inserted into their jacks If the unitis connected to a 100 MB Ethernet hub the 100M BpsLED will be illuminated Once the POWER ONLINE and LINK LEDs are illuminated remove power from the CCM and proceed with the configuration process WARNING The CC M840 1640 and all attached devices should be powered down before servicing the unit Always disconnect the power cord from the wall outlet Configuring the CCM To configure the CCM 840 1640 you must enter a unique IP address and the network s subnet mask This information will be stored in the unit s configuration database During initial login you will specify a password for the Admin user Chapter 2 Installation and Configuration 11 Configuring the IP address and subnet mask You may use any of four methods to configure the CCM IP address and subnet mask AVWorks BootP Telnet Command Line Interface CLI or the serial CLI on port 1 These methods work as documented on most Windows and UNIX systems however the actual implementation on your system may differ from the instructions provided Refer to your system administrator guide or use AVWorks to simplify CCM configuration To configure the IP address and subnet mask using AVWorks Using the AVWorks installation wizard is the easiest method to configure the CCM IP address and subnet mask See the AVWorks Installer User Guide for instructions After the IP address and su
20. client application provided with each CCM AVWorks provides a convenient way to select a CCM or attached device and launch a Telnet session to manage it 20 CCM 840 1640 Installer User Guide AVWorks includes a built in Serial Console Viewer Telnet application that offers several features not found in other Telnet clients For maximum flexibility AVWorks allows you to associate a unique Telnet client with each CCM port You may specify the built in Telnet client or a third party Telnet client For more information see the AVWorks Installer User Guide Standalone third party Telnet clients You may usethird party Telnet clients to access the CCM directly without AVWorks management software Connecting to devices from the serial CLI port By factory default port 1 of the CCM is configured with the serial CLI which prohibits the use of port 1 with an attached serial device You may configure the CLI on a different port but only one port may be configured as the serial CLI port at onetime For example when you enable the CLI interface on port n and itis already active on port p then the CLI will automatically be disabled on port p You may connect to one serial device at a time through the serial CLI port using alocal terminal or a local PC using a terminal emulation program If you connect an external modem to the serial CLI port you may also access devices through a remote terminal or PC that can dial into the CCM external m
21. e If Keep is specified the port history buffer s content is retained at the end of a session To clear and discard all data in a port history buffer Issue a Clear command while you are in port history mode CLEAR or Issue a Server CLI command indicating History Clear SERVER CLI HISTORY CLEAR In this case the port s history buffer is cleared at the end of each device session Chapter 3 Operations 37 Managing the CCM Using SNMP TheCCM provides a set of commands that create and manage SNMP structures for use by third party network management products These commands cover the following operations Enabling and disabling SNMP UDP port 161 SNMP processing e Defining read write and trap community names e Defining and deleting up to four SNMP management entity IP addresses Enabling and disabling SNMP traps e Defining and deleting up to four trap destination IP addresses e Defining copying and deleting up to ten alert strings for each port SNMP is disabled by default To enable or disable SNMP processing 1 To enable SNMP processing issue a Server SNMP command with the Enable parameter This is the default setting SERVER SNMP ENABLE 2 To disable SNMP processing issue a Server SNMP command with the Disable parameter SERVER SNMP DISABLE For more information see Server SNM P command in Chapter 5 To specify SNMP community names Issue a Server SNMP Community command using the Readcomm Writecomm
22. enables disables device connection from the CLI port specifies a modem initialization string specifies port history mode operations and a port time out value Access right SCON Access level APPLIANCEADMIN Server FLASH Updates the CCM FLASH Access right SCON Access level APPLIANCEADMIN Server PPP Enables disables a PPP server on the serial CLI port Access right SCON Access level APPLIANCEADMIN ServerRADIUS Specifies RADIUS server parameters Access right SCON Access level APPLIANCEADMIN ServerReboot RebootstheCCM Access right SCON Access level APPLIANCEADMIN Server Security Specifies user authentication mode allowed access methods and security lock out Access right SCON Access level APPLIANCEADMIN 48 CCM 840 1640 Installer User Guide CCM Command Summary Continued Command Description Access Right and Access Level ServerSet Changes CCM addresses Access right SCON Access level APPLIANCEADMIN ServerSNMP Enables disables UDP port 161 SNMP processing Access right SCON Access level APPLIANCEADMIN ServerSNMP Community Defines read write and trap SNMP community strings Access right SCON Access level APPLIANCEADMIN ServerSN MP Manager Defines deletes SNMP management entities Access right SCON Access level APPLIANCEADMIN ServerSN MP Trap Enables disables SNMP traps Access right SCON Access level APPLIANCEADMIN Serv
23. may also type ALL to select all traps in the list or press Enter which cancels the operation If you specify ALL on the command line the numbered list is not displayed If you enable a trap but there is no trap destination configured for it a warning will be issued In this case issue a Server SNMP Trap Destination command NOTE By default all traps are disabled The portAlert trap must be enabled for port alert processing to be performed For more information see Managing the CCM Using SNMP in Chapter 3 The Equinox web site www equinox com support lists the supported traps Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP TRAP ENABLE DISABL E ALL Server SNMP Trap Command Parameter Parameter Description ENABLE DISABLE Enable generates a numbered list of currently disabled traps from which you choose those to enable Disable generates a numbered list of currently enabled traps from which you choose those to disable Example The following command enables the linkUp userDeleted and userL ogin SNMP traps server snmp trap enable Traps now disabled 1 linkUp 4 userLogin 2 userAdded 5 imageUpgradeStarted 3 userDeleted Select trap s to enable gt 1 3 4 70 CCM 840 1640 Installer User Guide Server SNMP Trap Destination command The Server SNMP Trap Destination command defines or deletes destinations for enabled SNMP traps Once you define destinations for enabled SNMP
24. not displayed W hen Auto is specified upon connection you are informed of how much data is in the history buffer and itis then displayed When Clear is specified the history buffer s content is cleared when a session ends W hen Keep is specified the history buffer s content is retained when a session ends You cannot specify both Clear and Keep or both Hold and Auto Default HOLD CLEAR Modem initialization string enclosed in quotation marks Must contain at least ATV1 and S 1 Default no modem is attached to serial CLI port Number of time out minutes in the range 90 If no data is received ortransmitted during a Telnet session forthe specified period the session will time out A zero value indicates no time out This value is used for any CCM port that does not have a time out value set with the Port S et command during a Telnet session to port 23 oran SSH session to port 22 Default 15 minutes is the manufacturing default Server FLASH command The Server FLASH command updates the CCM program images in FLASH memory You may wish to use this command to update the program with new features or to install a later release of the program There are two program images that you may update in the CCM FLASH The boot image file ccm4Obt img contains the CCM startup and self test logic The application image ccm40app img contains the CCM program that provides CCM functionality Chapter 5 CCM Commands 63
25. you may enter a new command Down Arrow The next command in the CLI command line buffer is made available for edit If there is no next command line the command line is set to blanks and you may enter a new command Delete The character at the cursor position is deleted and all characters to the right of the cursor position are moved left one character The following table lists the line editing operations for ASCII TTY devices There is no command line buffer available on an ASCII TTY device Line Editing Operations for ASCII TTY Devices Operation Action Backspace Erases the last character typed Esc Erases the current command line 44 CCM 840 1640 Installer User Guide When commands take effect Each command is completely processed before the next command may be entered Some commands prompt for confirmation before they are processed In these cases you must confirm or cancel by entering Y or N respectively If you enter a Server FLASH command or if you change the CCM IP address with a Server Set command a CCM reboot is required before the change becomes effective In these cases the CCM database is updated when you enter the command and you are prompted that the change will not take effect until the CCM reboots You may choose to reboot at that time or you may decline When the CCM reboots your session and all other sessions on the CCM are terminated Understanding Conventions This sect
26. 00 28800 38400 57600 115200 Default 9600 SIZE lt size gt Number of data bits per character Valid values are 7 and 8 Default 8 PARITY z parity Parity Valid values are None No parity Even Even parity Odd O dd parity Mark Mark parity Space Space parity Default None STO P lt stopbits gt Number of stop bits per character Valid values are 1 and 2 Default 1 Chapter 5 CCM Commands 59 Port Set Command Parameters Continued Parameter Description FLOW lt signal gt Flow control signal For hardware flow control be sure the control signals are correctly wired or data loss may occur The flow control signal cannot also be used for powerstatus monitoring Valid values are XONXOF RTSCTS DTRDCD None Default None Software XO N XOFF flow control Hardware RTS CTS flow control Hardware DTR DCD flow control No flow control TIMEO UT lt time out gt Number of time out minutes in the range 90 If no data is received ortransmitted during a Telnet session for the specified period the session will time out A zero value indicates no time out This value overrides the time out value set with a Server CLI command Default use value set with Server CLI command SOCKET lt socket gt TCP port that must be entered on the Telnet client to connect to this serial port The new value becomes effective upon the next connection to the port W hen SSH is enabled the
27. ADMIN may log out any other user except APPLIANCEADMIN Syntax USER LOGOUT lt username gt User Logout Command Parameter Parameter Description lt username gt Username to be logged out 80 CCM 840 1640 Installer User Guide User Set command The User Set command changes a user s configuration in the CCM user database For more information see Managing Users Connecting to devices using SSH and Access rights and levdsin Chapter 3 You may delete a user s password or key however each user must have a password or a key so you cannot remove both Also you cannot remove a user s password or key if that action would result in no users having USER access rights Access right none to change your own password USER to change anything else Access level none to change your own password ADMIN or APPLIANCEADMIN to change anything else Syntax USER SET username PASSWORD lt pwd gt SSHKEY keyfil e FT PI P lt ftpadd gt KEY lt sshkey gt ACCE SS lt access gt User Set Command Parameters Parameter Description lt username gt Username PASSWORD lt pwd gt New 3 16 alphanumeric character password Passwords are case sensitive This parameter is required when changing another user s password The password is displayed on the screen For security clear your screen display after issuing this command To delete a password specify Password SSHKEY lt keyfile gt Name of
28. CCM 840 1640 Installer User Guide IftheCCM did not successfully obtain its IP address with the BootP protocol you will see a display similar to the following Pinging 192 168 0 5 with 32 bytes of data Request timed out Request timed out Request timed out Request timed out In this case check the MAC address and IP address provided to the BootP server to confirm they are correct Verify thatthe Ethernet LAN adaptor cable is correctly installed on the CCM and the Ethernet hub After the IP address is configured successfully launch a Telnet session to the CCM IP address Then see Initial CCM login in this chapter To configure the IP address and subnet mask using a Telnet CLI L Ensure that your server or workstation has a Telnet client and is located on the same LAN segment as the CCM Use the arp command to update the server or workstation with the CCM IP address and Ethernet MAC address The CCM Ethernet MAC address is located on the back panel above the LAN connector The arp command is entered as arp s lt ip_address gt lt mac_address gt For example the following command assigns the IP address 192 168 0 5 and the Ethernet MAC address 00 80 7d 54 01 54 to the CCM arp s 192 168 0 5 00 80 7d 54 01 54 On a UNIX platform the MAC address may require colons instead of dashes for example 00 80 7d 54 01 54 You may verify that you entered the information correctly by using an arp command with th
29. CCM automatically adds 100 to the specified value When All is specified port 1 will be assigned the specified socket value plus 1 port 2 will be assigned the specified value plus 2 and so on W hen All is specified and SSH is enabled port 1 will be assigned the specified socket value plus 101 port 2 will be assigned the specified value plus 102 and so on W hen both plain text Telnet and SSH connections are enabled the 100 value will not appear in displays Default 3000 plus the port number 3100 plus the port number if SSH is enabled see above for action taken if All is specified CHAR cli char C LI access character in the range A to _ underscore or NONE The allowable ASCII range is x41 x5F and x61 O x7A The CLI access character when pressed simultaneously with the Ctrl key during a session with an attached serial device will suspend the session with the device and place you in CLI command mode If None is specified the value specified in the Char parameter of the Server CLI command will be used Default None TOGGLE NONE DTR When set to DTR the CCM will toggle the port s DTR out signal off for 1 2 second each time a connection is made to the port This toggle is required to awaken the console port of some devices POW ER lt signal gt Control signal to monitor and the state that indicates the target device has power on The entire value must be specified abbreviations are not allowed T
30. CM840 or 1 16 fora CCM1640 string 3 32 character string Port Alert Copy command The Port Alert Copy command copies the alert strings from one port from port to another to port Any alert strings that were previously defined on theto port will be deleted When you enter this command you are prompted to confirm or cancel the copy operation For more information see Managing the CCM Using SNMP in Chapter 3 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT to port ALERT COPY from port Port Alert Copy Command Parameters Parameter Description to port Port number where alert strings will be copied in the range 1 8 fora CCM840 or1 16 fora CCM1640 from port Port number from which alert strings will be copied in the range 1 8 fora CCM840 or 1 16 fora CCM1640 Example Thefollowing command copies the alert strings defined on port 1 to port 7 replacing any previously defined alert strings on port 7 port 7 alert copy 1 Port Alert Delete command The Port Alert Delete command deletes one or more alert strings from a port When you issue this command a numbered list of defined alert strings is displayed from which you choose those to be deleted You may enter one or more numbers separated by commas a range of numbers separated by a hyphen or type ALL to specify all strings Pressing Enter cancels the command For more information see Managing the CCM Using SN
31. EQUINOX CCM840 1640 Installer User Guide INSTRUCTIONS This symbol is intended to alert the user to the presence of important operating and maintenance servicing instructions in the literature accompanyingthe appliance DANGEROUS VOLTAGE This symbol is intended to alert the user to the presence of uninsulated dangerous voltage within the product s enclosure that may be of sufficient magnitude to constitute a risk of electric shock to persons POWER ON This symbol indicates the principal on off switch is in the on position POWER OFF This symbol indicates the principal on off switch is in the off position PROTECTIVE GROUNDING TERMINAL This symbol indicates a terminal which must be connected to earth ground prior to making any other connections to the equipment This document is written for use with the CCM840 1640 application version 2 0 EQUINOX an Avocent Company CCM840 1640 Installer User Guide Avocent Equinox and AVWorks are trademarks or registered trademarks of Avocent Corporation or its affiliates All other marks are the property of their respective owners 2004 Avocent Corporation All rights reserved USA Notification Canadian Notification Japanese Notification Agency Approvals Warning Changes or modifications to this unit not expressly approved by the party responsible for compliance could void the user s authority to operate the equipment Note This equipment has be
32. For more information see Show Port command in Chapter 5 Connecting to Serial Devices The CCM offers several methods for connecting to attached serial devices Telnet serial CLI PPP and SSH Preemption Depending on configured access levels a user who is connecting to a port the connecting user may disconnect another user of equal or lower access the current user If the connecting user s access level is lower than the current user s access level the connecting user will receive an In Use message and the connection will be dropped If the connecting user s access level is equal to or higher than the owning user s access level an In Use by owning user message will be displayed The connecting user may then choose to preempt the current user s session If the current user s session is preempted an appropriate message is displayed For more information about access levels see Access rights and levels in this chapter Chapter 3 Operations 19 Connecting to devices using Telnet Each CCM serial port is directly addressable via a unique TCP port number that provides a connection to the attached serial device Plain text non encrypted Telnet connections are enabled by default For information about enabling both plain text Telnet and SSH connections see Enabling plain text Tdne and SSH connections in this chapter To connect to a device using Telnet Type telnet followed by the CCM IP address and the appropriate
33. Installer User Guide Port Setcommand The Port Set command changes CCM port settings in theCCM configuration database At least one keyword parameter and value must be specified For more information see Configuring Serial Port Settings in Chapter 3 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt ALL SET TD lt device gt NAME lt name gt BAUD lt baud gt SIZE lt size gt PARITY lt parity gt ST OP lt stopbits gt FLOW lt signal gt TIMEOUT lt timeout gt SOCKET lt socket gt CHAR lt cli_char gt TOGGLE NONE DTR POWER lt signal gt Port Set Command Parameters Parameter Description lt port gt ALL Either a port number in range 1 8 fora CCM840 or 1 16 fora CCM1640 orAll which indicates that the settings that follow should be applied to all ports Default port to which you are attached TD lt device gt Target device type Valid values are Console and SPC The SPC value is reserved for future functionality Default Console NAME lt name gt Port name up to 32 characters If the name contains spaces enclose the name in double quotes To return one orall port names to default values specify Name The port name is used only by AVW orks Default last 3 octets of MAC address plus the port number BAUD lt baud gt Baud rate Valid values are 0 75 110 134 150 200 300 600 1200 2400 4800 7200 9600 14400 192
34. MP in Chapter 3 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN 56 CCM 840 1640 Installer User Guide Syntax PORT lt port gt ALERT DELETE Port Alert Delete Command Parameter Parameter Description lt port gt Port number in the range 1 8 fora CCM840 or1 16 fora CCM1640 Example The following command deletes defined alert strings from port 3 gt PORT 3 ALERT DELETE Alert strings assigned to port 3 1 The first alert string 2 The second alert string 3 The third alert string 4 The fourth alert string Select Alert string s to delete Thealert string numbers specified at the prompt will be deleted Port Break command The Port Break command sends a serial break signal to the device to which you are attached Access right BREAK Access level ADMIN or APPLIANCEADMIN Syntax PORT BREAK Port History command The Port History command accesses a CCM serial port s history mode while you are attached to the port When you are in history mode the PORT HISTORY prompt appears and you may search the port s history buffer for specified strings For more information see Managing the Port History Buffer in Chapter 3 Access right none needed Access level all Syntax PORT HISTORY Chapter 5 CCM Commands 57 When you are in port history mode you may issue the following commands Port History Mode Commands Command Description Bottom B sets the hi
35. Number 8 CCM840 16 CCM1640 Type Serial ports Connectors Serial port RJ 45 Network Connection Number 1 Type Ethernet IEEE 802 3 10BaseT Fast Ethernet IEEE 802 3U 100BaseT Connector RJ 45 Dimensions Dimensions H xW xD 4 45 x 22 23 x 20 32 cm 1U form factor 1 75 x8 75 x 8 00 in W eight 5 Ibs 2 3 kg without cables Heat Dissipation 75 BTU hr CCM840 102 BTU hr CCM 1640 Airflow 2 5 cfm Power Consumption 22W CCM840 30W CCM1640 AC input power 50 W maximum AC input maximum 90 267 VAC AC input current rating 0 5 A AC input cable 18 AWG three wire cable with a three lead IEC 320 receptacle on the power supply end and a country dependent plug on the power resource end Frequency 50 60 Hz Temperature Q to 40 Celsius 32 to 104 Fahrenheit operating 20 to 65 Celsius 4 to 149 Fahrenheit nonoperating Humidity 1096 9096 noncondensing Agency Approvals FCC P 15 Class A EN55022 EN61000 3 2 EN61000 3 3 EN60950 EN55024 ETL UL 1950 CSA 22 2 No 950 86 CCM 840 1640 Installer User Guide Appendix B Device Cabling Each CCM serial port has an RJ 45 connector for attaching a serial device The following table lists the pin assignments Port Pin Assignments Pin RS 232 Signal Direction Description 1 RTS Output Request To Send 2 DSR Input Data Set Ready 3 DCD Input
36. P server issue a Server PPP command with the Disable parameter SERVER PPP DISABLE Chapter 3 Operations 23 For more information see Show Server CLI command and Server PPP command in Chapter 5 To display PPP configuration information Issue a Show Server PPP command SHOW SERVER PPP For more information see Show Server PPP command in Chapter 5 Connecting to devices using SSH TheCCM supports version 2 of the SSH protocol SSH2 The CCM SSH server operates on the standard SSH port 22 The shell for this connection provides a CLI prompt as if you had established a Telnet connection on port 23 The shell request for this connection is for CLI access Additional CCM SSH servers operate on TCP ports that are numbered with values 100 greater than the standard 30xx Telnet ports for the CCM For example if port 7 is configured for Telnet access on port 3007 then port 3107 will be a direct SSH connection for port 7 When SSH is enabled Telnet port 23 connections will be accepted from other clients if the Server Security command includes Encrypt SSH None Connecting to Telnet port 23 may be tunneled via a connection to SSH port 22 SSH server keys When SSH is enabled for the first time the CCM generates an SSH server key The key generation process may take up to ten minutes The key is computed at random and is stored in the CCM configuration database In most cases the SSH server key should not be modified because m
37. Show Server PPP command The Show Server PPP command displays the current CCM PPP settings that were configured with the Server PPP command Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER PPP Chapter 5 CCM Commands 75 Show Server RADIUS command The Show Server RADIUS command displays the current CCM RADIUS settings that were configured with the Server RADIUS command Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER RADIUS Show Server Security command The Show Server Security command displays the current CCM authentication and lock out settings that were configured with the Server Security and Server SSH commands Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER SECURITY Show Server Security Command Display Fields Field Contents Authentication Configured authentication method s This includes the SSH authentication method configured with the ServerSSH command or the default value regardless of whether SSH is enabled Encryption Configured connection methods Lockout Configured security lock out state Enabled or Disabled If Enabled the number of hours in the lock out period is included Fingerprint Hex SSH key MD5 hash This field is displayed only when SSH is enabled Fingerprint BB SSH key bubble babble This field is displayed only when SSH is enabled Show Server SNMP command The Show
38. US parameters Server Reboot Reboots the CCM Chapter 5 CCM Commands 61 Server Command Summary Continued Command Description Server Security Specifies the authentication mode and lock out ServerSet Changes CCM addresses ServerSNMP Enables disables SNMP processing ServerSNMP Community Defines read write and trap community strings ServerSNMP Manager Defines deletes SNMP management entities ServerSNMP Trap Enables disables SNMP traps ServerSNMP Trap Destination Defines deletes destinations forenabled SNMP traps ServerSSH Enables disables SSH session access to the CCM Server CLI command The Server CLI command Specifies the CLI port type and access character e Enables or disables device connection from the CLI port e Specifies a modem initialization string e Specifies port history mode operations Specifies a port time out value Atleast one parameter must be specified Access right SCON Access level APPLIANCEADMIN Syntax SERVER CLI PORT lt port gt TYPE lt type gt CHAR lt char gt CONNECT ON OFF HISTORY HOLDJAUTO CLEARIKEEP MODEMINIT lt string gt TIMEOUT lt timeout gt Server CLI Command Parameters Parameter Description PO RT lt port gt CLI port number in the range 1 8 fora CCM840 or 1 16 fora CCM1640 Default current CLI port number 1 is the manufacturing default TY PE lt type gt Terminal type to be used
39. With this method a user s definition must include a password and SSH key information for that user to authenticate an SSH session PW authentication will be local orRADIUS as specified in the Auth parameter of the Server S ecurity command Key authentication is always local A user s access rights are determined from the authentication method used SSH key authentication always uses the access rights from the local user database Depending on the server authentication mode specified with the Chapter 3 Operations 25 Server Security command SSH password authentication will use either the access rights from the local user database or the values returned by the RADIUS server With either of the or methods PW KEY and KEY PW the user access rights are determined from the method used to authenticate the user With either of the and methods PW amp KEY and KEY amp PW the user access rights are determined from the first method specified If PW amp KEY is specified the access rights from the password authentication will be used If KEY amp PW is specified the access rights from the key authentication will be used For more information see Using Authentication Modes in this chapter SSH user keys A user s SSH key is specified in a User Add or User Set command You may define a key even if SSH is not currently enabled The key may be specified in one of two ways When using the SSHKEY and FT PIP keyword pai
40. ay Sunrise Florida 33351 USA Tel 954 746 9000 590 364 0018
41. bnet mask are configured see Initial CCM login in this chapter To configure the IP address and subnet mask using BootP L Ensure that there is a BootP server on your network that is configured to correctly respond to a BootP request from the CCM BootP servers require the Ethernet MAC address of network devices The CCM Ethernet MAC address is located on the back of the unit See your BootP server s system administrator guide for information about configuring the BootP server 2 After you have configured your network s BootP server with the CCM Ethernet MAC address IP address and subnet mask restore power to the CCM and wait for the ONLINE LED to illuminate Once this occurs the CCM has completed the BootP protocol obtained its IP address and subnet mask and stored these in FLASH 3 You may verify that the BootP process was successful with a ping command which tests network connectivity The ping command is entered as ping lt ip_address gt For example the following command tests the network connectivity of a CCM with the IP address 192 168 0 5 ping 192 168 0 5 4 IftheCCM completes the BootP successfully you will see a display similar to the following Pinging 192 168 0 5 with 32 bytes of data Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 Reply from 192 168 0 5 bytes 32 time lt 10ms TTL 128 Reply from 192 168 0 5 bytes 32 time l10ms TTL 128 Reply from 192 168 0 5 bytes 32 time l10ms TTL 128 12
42. buse and unauthorized alteration or repair are not warranted This warranty is limited to the repair and or replacement at Equinox option of the defective Product during its warranty period Customer must obtain a Return Material Authorization RMA number prior to returning the defective Productto Equinox for service Customer agrees to insurethe Productor assumetherisk oflossor damage in transit to prepay shipping charges and to use the original shipping container or equivalent Contact Equinox Customer Support at 954 746 9000 for further information Product repaired or replaced shall be warranted for a period of ninety 90 days or for the duration of the initial Product warranty period whichever is longer THE PROVISIONS OF THE WARRANTY ARE IN LIEU OF ANY OTHER WARRANTY WHETHER EXPRESSED OR IMPLIED WRITTEN OR ORAL AND EQUINOX LIABILITY ARISING OUT OF THE MANUFACTURE SALE OR SUPPLYING OF THE PRODUCT AND ITS USE WHETHER BASED ON WARRANTY CONTRACT NEGLIGENCE PRODUCT LIABILITY OR OTHERWISE SHALL NOT EXCEED THE ORIGINAL COST OF THE PRODUCT IN NO EVENT SHALL EQUINOX BE LIABLE FOR UNINTENDED OR CONSEQUENTIAL DAMAGES INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS OR USE DAMAGES ARISING OUT OF THE MANUFACTURE SALE OR SUPPLYING OF THE PRODUCT Copyright 2004 Equinox Systems All rights reserved EQUINOX an Avocent Company ForTechnical Support Email support equinox com www equinox com Equinox S ystems One Equinox W
43. ced via industry standard SSH encryption Extensive command set The CCM offers a wide range of commands that allow administrators to easily configure control and display information about the CCM operating environment including its ports user accounts and active sessions The user interface also offers descriptive error message data and built in command help information On board Trivial File Transfer Protocol TFTP support allows administrators to upload new functionality to CCM units in the field CCM 840 1640 Installer User Guide Port history Each CCM port has a buffer that holds the most recent 64K bytes of online and offline serial data A separate history command mode lets you navigate within a port s current history file and conduct tailored searches S afety Precautions To avoid potential device problems if the building has 3 phase AC power ensure that a computer and its monitor if used are on the same phase For best results they should beon the same circuit To avoid potentially fatal shock hazard and possible damage to equipment please observe the following precautions e Donotusea 2 wire extension cord in any product configuration e Test AC outlets at the computer and monitor if used for proper polarity and grounding e Use only with grounded outlets at both the computer and monitor When using a backup Uninterruptible Power Supply UPS power the computer the monitor and the CCM unit off the s
44. confirm or cancel the specified changes Access right SCON Access level APPLIANCEADMIN Syntax SERVER PPP DISABLE ENABLE LOCALIP lt local_ip gt REMOTEIP lt rem_ip gt MASK lt subnet gt 64 CCM 840 1640 Installer User Guide Server PPP Command Parameters Parameter Description DISABLE Disables the PPP server ENABLE Enables the PPP server LOCALIP lt local_ip gt IP address to be used to connectthe CCM overthe PPP connection Must be on same subnet as REMOTEIP address REMOTEIP lt rem_ip gt IP address to assign to the PPP clientend ofthe PPP connection Must be on same subnet as LOCALIP address MASK lt subnet gt LAN subnet for the PPP dial in client Examples The following command enables the PPP server with a local IP address of 192 168 0 1 a remote IP address of 192 168 0 2 and a subnet mask of 255 255 255 0 gt ser ppp ena loc 192 168 0 1 rem 192 168 0 2 mas 255 255 255 0 The following command enables the PPP server with previously configured IP and subnet mask values This form of the command would not be valid unless the IP and subnet mask values had been previously configured gt server ppp enable Server RADIUS command The Server RADIUS command defines or deletes RADIUS parameters for the CCM RADIUS client For more information see RADIUS authentication in Chapter 3 When you enter this command you are prompted to confirm or cancel the specified changes Access righ
45. connection if the unit is not accessible from the network It may also be used as a primary connection at remote sites that do not have Ethernet network capability The modem must be Hayes compatible To specify a modem initialization string 1 Issue a Show Server CLI command to ensure that the port where the modem is connected has been defined as the serial CLI port SHOW SERVER CLI Issue a Server CLI command using the Modeminit parameter to specify the modem initialization string SERVER CLI MODEMINIT string The string must be enclosed in quotes and must include at least the command settings AT V1 and SO 1 which cause the modem to issue verbose response strings and auto answer the phone on the first ring For more information see Server CLI command in Chapter 5 The modem initialization string is sent to the cabled modem when any of the following conditions occur e CCM initialization e Detection of a transition of DSR from low to high e Completion of a call when DCD changes from high to low Upon successful modem connection press the Enter key until the login prompt appears 22 CCM 840 1640 Installer User Guide To display modem configuration information Issue a Show Server CLI command SHOW SERVER CLI For more information see Show Server CLI command in Chapter 5 Connecting to devices using PPP The CCM supports remote PPP access using an auto answer modem that answers calls A dial in client
46. d name Default Displays list of all commands Examples Thefollowing command displays information aboutthe Show Server CLI command help sho ser cli The following command displays a list of all commands help Port Commands The Port command has several forms as listed in the following table Port Command Summary Command Description Port Alert Add Adds a port alert string to a specified port Port Alert Copy Copies port alert strings from one port to another port Port Alert Delete Deletes one or more port alert strings from a specified port Port Break Sends a Serial break signal to the attached device Port History Accesses a port s history mode Port Logout Terminates the CCM session on a specified port Port Set Changes CCM serial port settings for one or all ports Port Alert Add command The Port Alert Add command adds a port alert string to a specified port Each port may have up to ten port alert strings Duplicate strings are not allowed on the same port To generate a trap the Server SNMP Trap command must be issued to enable the portAlert trap For more information see Managing the CCM Using SNMP in Chapter 3 Access right SCON or PCON Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt ALERT ADD lt string gt Chapter 5 CCM Commands 55 Port Alert Add Command Parameters Parameter Description lt port gt Port number in the range 1 8 fora C
47. ded for distances greater than 100 feet Reversing Cables and Adaptors Part No Description 210094 RJ 45 to DB 9M DTE Adaptor 210095 RJ 45 to DB 9F DCE Adaptor 210090 RJ 45 to DB 25M DTE Adaptor 210092 RJ 45 to DB 25M DCE Adaptor 210091 RJ 45 to DB 25F DTE Adaptor 210093 RJ 45 to DB 25F DCE Adaptor 210105 RJ 45 to RJ 45 Male Adaptor for Cisco and Sun Netra console port 690226 10 foot 8 wire Reversing Modular C able 690227 25 foot 8 wire Reversing Modular C able 690228 75 foot 8 wire Reversing Modular C able 750122 W iring Starter Kit 8 wire includes all the above adaptors and one 690226 cable Appendices 89 If you choose to use a non Equinox reversing cable make sure the cable is reversing as shown in Figure B 4 8 WIRE RTS 1 8 RTS DSR 2 7 DSR CD 3 6 CD RD 4 5 RD TD 5 4 TD GND 6 3 GND DIR 7 2 DIR CTS 8 1 CTS E CCM Port Modular Adaptor Figure B 4 8 wire RJ 45 Reversing Cable You may also order a Rack Mount Shelf 90 CCM 840 1640 Installer User Guide Appendix C Ports Used The following table lists the UDP and TCP port numbers used by the CCM The values assume a default CCM configuration some values are configurable Ports Used by CCM Port Type and Number Used for TCP 22 SSH2 if enabled TCP 23 Telnet UDP 161 SNMP if enabled UDP 3211 Secure protocol used by AVW orks TCP 3211 Secure protocol used by AVW o
48. e a option arp a This command shows all arp entries for the server or workstation See your system administrator guide if you need additional help with the arp command After the above arp command is entered correctly launch a Telnet client to the assigned IP address Then continue with Initial CCM login in this chapter To configure the CCM using the serial CLI L By factory default port 1 of the CCM is configured for the serial CLI To access the serial CLI attach a compatible device to port 1 The compatible device types are ASCII VT52 VT 100 VT 102 VT 220 and VT 320 Chapter 2 Installation and Configuration 13 4 Appendix B lists the required cables and adaptors You may also use any terminal emulation program that is available on your system Configure your terminal or terminal emulation program as follows Baud rate 9600 Bits per character 8 Parity None Stop bits 1 Flow control None Press the Return or Enter key until a prompt appears requesting your username If you do not receive a prompt after pressing the key five times check your cable and serial settings to be sure that they are correct Proceed to Initial CCM login in this chapter After you complete the CCM configuration you may reconfigure the CLI on another port or disable it completely and use port 1 with an attached device For more information see Connecting to devices from the serial CLI port in Chapter 3 Initial CCM login
49. en tested and found to comply with the limits for a Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in acommercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordance with the instruction manual may cause harmful interference to radio communications Operation of this equipment in a residential area is likely to cause harmful interference in which case the user will be required to correctthe interference at his own expense This digital apparatus does not exceed the Class A limits for radio noise emissions from digital apparatus set out in the Radio Interference Regulations of the Canadian Department of Communications Le pr sent appareil num rique n met pas de bruits radio lectriques d passant les limites applicables aux appareils num riques de la classe A prescrites dans le R glement sur le brouillage radio lectrique dict par le Minist re des Communications du Canada FCC P 15 Class A EN55022 EN61000 3 2 EN61000 3 3 EN60950 EN55024 ETL UL 1950 CSA 22 2 No 950 Table of Contents Chapter 1 Product Overview Features and Bendits 0 cee eeu Safety Precautions 0 2 00 c cece eee Using AVWorks ccc cece eee eens Chapter 2 Installation and Configuration HardwareOverview 0 Installing t
50. ent IP address with socket number in parentheses Network IP statistics including number of packets delivered discarded and fragments TCP Network TC P statistics including in segs out segs errors and retransmissions 74 CCM 840 1640 I nstaller User Guide Show Server Command Display Fields Continued Field Content UDP Network UDP statistics including in out errors and no port events BOOT BIO S Bootstrap version date and time APP Application version that is running plus its date and time Show Server CLI command The Show Server CLI command displays the CCM serial CLI settings Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER CLI Show Server CLI Command Display Fields Field Contents CLI Port Serial CLI port number and terminal type Access Character Control character used to access CLI History Indicates whether a port s history buffer content is displayed auto or not displayed hold when a user connects to the port and whether the buffer content is cleared clear or kept keep when a session ends Connect Indicates whether a valid user on the serial CLI port may use the Connect command Modeminit string String used to initiate modem connections on the serial C LI port Server CLI Timeout Session time out value shown in full minute or minute second form for example 3m for 3 minutes 3 30 for 3 minutes 3 seconds
51. entication method other than None SHOW SERVER SECURITY 2 Issue a Server SSH command with the Enable parameter You may also specify an authentication method SERVER SSH ENABLE AUTH lt auth gt If an authentication method is not specified the previous authentication parameter will be used The default value is AUTH PW 3 If you are enabling SSH for the first time you are advised that all other CCM sessions will be terminated Enter Y to continue or N to cancel 4 Ifyou are reenabling SSH you are prompted to use the existing SSH server key or generate a new key Enter Y to use the existing key or N to generate anew key For more information see Server SSH command in Chapter 5 To disable SSH session access to the CCM Issue a Server SSH command with the Disable parameter SERVER SSH DISABLE When SSH is disabled the CCM operates in plain text mode To display SSH information Issue a Show Server Security command SHOW SERVER SECURITY If SSH is enabled the display will include SSH2 Regardless of whether SSH is enabled the display will indicate the authentication method that was specified with the Server SSH command Enabling plain text Telnet and SSH connections Plain text non encrypted Telnet connections are enabled by default If you enable SSH connections using the Server Security command and the Encrypt SSH parameter plain text Telnet connections will be disabled However if you enable SSH connections w
52. er Set commands Access User s access rights from User Add and User S et commands Duration Duration of user s session Displayed only when the command specifies a single port that is currently being accessed Displayed only when the command specifies a single port that is not in use Chapter 5 CCM Commands 73 Show Port Alert command The Show Port Alert command displays a port s alert strings Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW PORT lt port gt ALERT Show Port Alert Command Parameter Parameter Description port Port number in the range 1 8 fora CCM840 or 1 16 fora CCM1640 Show Server command The Show Server command displays CCM configuration information and statistics Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW SERVER Show Server Command Display Fields Field Content Server CCM IP address from initial configuration or Server S et command Mask Subnet mask from initial configuration or S erver S et command Gateway Gateway IP address from initial configuration or Server Set command Up Time Days hours minutes and seconds since CCM was rebooted MAC Ethernet MAC address S N CCM serial number Port Port number Username Username from User Add command Duration Duration of session Socket Telnet CCM socket number From Socket IP Input and Output Telnet cli
53. erSN MP Trap Destination Defines deletes destinations for enabled SNMP traps Access right SCON Access level APPLIANCEADMIN Server S SH Enables disables SSH session access to the CCM and specifies the SSH authentication method Access right SCON Access level APPLIANCEADMIN Show Port Displays port configuration information and statistics Access right SMON Access level ADMIN or APPLIANCEADMIN Show Port Alert Displays a port s alert strings Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server Displays C CM configuration statistics and session information Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server CLI Displays information specified with the S erver CLI command Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server PPP Displays PPP settings Access right SMON Access level ADMIN or APPLIANCEADMIN Show ServerRADIUS Displays RADIUS settings Access right SMON Access level ADMIN or APPLIANCEADMIN Show Server S ecurity Displays authentication encryption and lock out settings Access right SMON Access level ADMIN or APPLIANCEADMIN Chapter 4 Using CCM Commands 49 CCM Command Summary Continued Command Description Access Right and Access Level Show ServerSNMP Displays SNMP configuration information Access right SMON Access level ADMIN or APPLIANCEADMIN Show U
54. ers who need to view CCM status and monitor serial port activity Grant SMO N access only to users who need to assist other users in accessing attached serial devices USER The Useraccess right should be given to users who need to modify the user database Grant USER access only to users who must add change or delete user accounts At least one user must have USER access rights otherwise the user database cannot be changed BREAK The Break access right allows users to send a serial break sequence to the attached serial device On certain devices this sequence has a special meaning Grant BREAK access only to users who need to use the Port Break command P The Port access right gives users access to one or more Serial ports This confers the right to access that serial port and connect to the attached serial device You may grant Port access rights to specific ports Pn a range of ports Px y orall ports PALL The Admin user is preconfigured in the user database with all access rights Access levels When you specify a user s access rights you may either specify the individual rights or you may use a shortcut that specifies an access level The APPLIANCEADMIN and ADMIN levels which are used in AVWorks in lieu of individual specifications other than port access rights are equivalent to the following individual specifications e The APPLIANCEADMIN level is equivalent to PALL USER SCON SMON PCON and BREAK e
55. ess The following command searches the history buffer for the string Process ignoring case PORT HISTORY gt s i Process For more information see Server CLI command and Port History command in Chapter 5 36 CCM 840 1640 Installer User Guide To access port history mode Issue a Port History command PORT HISTORY The PORT HISTORY gt prompt appears To control the port history buffer display when you connect Issue a Server CLI command using the History parameter to specify the Hold or Auto option SERVER CLI HISTORY HOLDJAUTO If Hold is specified the number of bytes in the history buffer is displayed but none of the history data is output In this case you must access the CLI and use the Port History command to view the port s history buffer content This is the default mode e If Auto is specified the number of bytes in the history buffer is displayed and the entire content of the buffer is outputto the Telnet session In this mode the history buffer s content may be reviewed in the Telnet client s scrolling window You may also use the Port History command to view the port s history buffer content To control the port history buffer content when you end a session Issue a Server CLI command using the History parameter to specify the Clear or Keep option SERVER CLI HISTORY CLEAR KEEP e If Clear is specified the port history buffer is cleared and all data is discarded atthe end of a session
56. g the CLI The AVWorks Installer User Guide describes how to manage a CCM 840 1640 using the graphical interface CCM 840 1640 Installer User Guide Contents HardwareOverview sssaaa 9 Installing theCCM 22 22er 10 Configuring the CCM een 10 Reinitializing theCCM 005 14 Chapter 2 Installation and Configuration 9 Chapter 2 Installation and Configuration Hardware Overview Figure 2 1 shows the front of a CCM 1640 Figure 2 1 CCM1640 Front View Thelower left area of the front panel contains the following LEDs and buttons e ThePOWER LED illuminates when the CCM is connected to a power source e The ONLINE LED illuminates steadily not blinking when the CCM self test and initialization procedures complete successfully e TheLINK LED illuminates when the CCM establishes a connection to the network e TheTRAFFIC LED blinks when there is network traffic e The 100M Bps LED illuminates when the CCM is connected to a 100 MBps LAN The RESET button when pressed reboots the CCM e ThelNIT button when pressed restores the CCM to factory defaults See Ranitializing the CCM in this chapter Figure 2 2 shows the back panel of a CCM 1640 100 250 VAC 50 60 HZ 1 A 3 4 9 10 11 12 a mm L lt 6 7 8 m i 13 14 15 16 LAN 0 5A 5 Figure 2 2 CCM1640 Back Panel The back panel contains e 8 CCM840 or 16 CCM 1640 RJ 45 connectors for seria
57. he power status monitoring signal cannot also be used for flow control Valid values are None HICTS LOCTS HIDCD LODCD HIDSR LODSR Default None Disables power status monitoring CTS high indicates power on CTS low indicates power on DCD high indicates power on DCD low indicates power on DSR high indicates power on DSR low indicates power on 60 CCM 840 1640 Installer User Guide Example Thefollowing command sets a baud rate of 57600 and enables XON XOFF flow control on port 2 port 2 set baud 57600 flow xonxof Quit Command The Quit command terminates the current CCM session and terminates your Telnet connection to the CCM Access right none needed Access level all Syntax QUIT Resume Command The Resume command exits the CLI and resumes your connection to the attached serial device The history buffer contains any data received while you were in CLI mode Access right none needed Access level all Syntax RESUME Server Commands The Server command has several forms Server Command Summary Command Description Server CLI S pecifies the serial C LI port type and access character modem initialization string port history mode operations and port time out value It also enables disables device connection from the CLI port Server FLASH Updates the CCM program FLASH Server PPP Enables disables PPP connections to the serial C LI port Server RADIUS Specifies RADI
58. heCCM 0 0 2c eee eee Configuring theCCM 22er RenitializingtheCCM 02005 Chapter 3 Operations Configuring Serial Port SettingS 05 Connecting to Serial Devices eee Managing User Accounts 00 e eee aes Using Authentication Modes 222er Using Security Lock out 2 2 0 eee eee Managing the Port History Buffer Managing theCCM Using SNMP Chapter 4 Using CCM Commands Accessing the CLI 00 c eee ee Entering Commands 0 0c eee ees Understanding Conventions 00ee aes Command Summary 000 nennen Chapter 5 CCM Commands Connect Command s eee ees Disconnect Command ss esses Hdp Command 0 cece eee Port Commands 0 0 cee cee eee eee eens Quit Command isas sia ccc cece eee Resume Command 22 ccc eee eee ees Server Commands cece eee eee ees Show Commands 0 ccc e cece eee ene aes SPC Command 0 00 ete esee ees User Commands 0 0 0 cece eee eee eens Appendices Appendix A Technical Specifications Appendix B Device Cabling Appendix C Ports Used 0 00 eee eee Appendix D Technical Support Contents Features and Benefits 2 2 0 cc eee eee 3 Safety Precautions 000 e eee nen 4 Using AVWOLKS us CENE E ER 5 Chapter 1 Product Overview 3 Chapter 1
59. hentication methods You must enter the entire value abbreviations are not permitted Valid values are PW Password authentication KEY Key authentication PW KEY Password or key authentication KEY PW Key or password authentication PW amp KEY Password and key authentication KEY amp PW Key and password authentication Default PW Show Commands The Show command has several forms as listed in the following table Show Command Summary Command Description Show Port Displays configuration information and statistics for one or all ports Show Port Alert Displays port alert strings Show Server Displays C CM configuration information and statistics Show Server CLI Displays C CM CLI settings Show Server PPP Displays CCM PPP settings Show ServerRADIUS Displays CCM RADIUS settings Show Server Security Displays CCM authentication allowed access method and Security Lock out settings Show Server SNMP Displays SNMP configuration information Show User Displays user configuration and session information Show Port command The Show Port command displays configuration and status information about one or all ports Access right SMON Access level ADMIN or APPLIANCEADMIN Syntax SHOW PORT lt port gt ALL NAMES 72 CCM 840 1640 Installer User Guide Show Port Command Parameter Parameter Description port Port number Default your port ALL Displays
60. ices eee 18 Managing User Accounts een 28 Using Authentication Mods 00 eens 31 Using Security Lock out 0 0 0 cece eee 33 Managing the Port History Buffer 34 Managing the CCM Using SNMP 37 Chapter 3 Operations 17 Chapter 3 Operations Overview The CCM and its ports may be easily configured and managed to meet your requirements for device connection user authentication access control power status monitoring port history information display and SNMP compliance for use with third party network management products Configuring Serial Port Settings By default CCM ports are configured with the following settings Target device Console Name XX Xx Xx Pn last 3 octets of MAC address plus the port number Baud rate 9600 Bits per character 8 Parity None Stop bits 1 Flow control None Time out 15 minutes CLI access character Use Server CLI setting D Power None Most of these settings are standard serial port operating characteristics The CLI access character parameter specifies how you access the CLI For more information see CLI modein this chapter The Power parameter instructs the CCM to monitor the state of a specified control signal Signal transitions may be configured to trigger SNMP alerts The parameter value indicates an inbound control signal CTS DCD or DSR and the state of that signal low or high When the defined signal is true the CCM
61. ify this parameter the name must be different from the read and write community names Default public Server SNMP Manager command The Server SNMP Manager command defines or deletes SNMP management entities You may define up to four management entities If you delete all SNMP managers or never add any the CCM may be accessed via SNMP from any IP address For more information see Managing the CCM Using SNMP in Chapter 3 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP MANAGER ADD DELETE ip address gt Server SNMP Manager Command Parameters Parameter Description ADD DELETE Adds or deletes the specified SNMP management entity ip address IP address of SNMP management entity Example The following command adds an SNMP management entity with the IP address of 192 168 0 1 Server snmp manager add 192 168 0 1 Chapter 5 CCM Commands 69 Server SNMP Trap command The Server SNMP Trap command enables or disables SNMP traps When you issue this command with the Enable parameter the CCM displays a numbered list of all currently disabled traps When you issue this command with the Disable parameter the CCM displays a numbered list of all currently enabled traps You may indicate the traps to be enabled disabled by entering a single number several numbers separated by commas a range of numbers separated by a dash or a combinations of numbers separated by commas and dashes You
62. information about all ports NAMES Displays only port numbers and names If a port has not been given a name with a Port S et command the default name is displayed A default name contains the last three octets of the MAC address plus the port number Thefollowing tables list the display fields for a SHOW PORT command that specifies one or all ports Show Port Command Display Fields for Console Ports Field Content Port Port number Serial Port Settings Comma separated string of port values baud rate number of bits parity stop bits flow control socket number time out value and CLI access character The CLI character is preceded by POR CLI if it was defined with a Port Set command or by SER CLI if it was defined with a Server CLI command TX B ytes Number of bytes transmitted RX Bytes Number of bytes received Errors Number ofTX RX parity and framing errors Power Device power status if monitoring is enabled ON indicates the device is on OFF indicates the device is off If monitoring is disabled this field is blank Toggle Toggle value from Port Set command Power Signal Signal and state being monitored for device power status from Port Set command Logical name Logical port name which contains lastthree octets of MAC address plus the port number User Username from User Add command Level User s access level from User Add and Us
63. ing the CLI You may access the CLI in three ways using the Telnet CLI using the serial CLI or entering the CLI access character during a session to a serial device When the CLI is accessed its prompt appears gt indicating you may type a command Entering Commands At the command prompt type a command and then press Return or Enter When the key is pressed the command line comprises all characters to the left of the cursor The character at the cursor and any characters to the right of the cursor are ignored The following table lists the line editing operations for VT 100 compatible devices Line Editing Operations for VT100 Compatible Devices Operation Action Backspace The character immediately before the cursor is erased and all text at and to the right of the cursor moves one character to the left Left Arrow If the cursor is not at the beginning of the line the cursor moves one character to the left If the cursoris at the beginning of the line no action is taken Right Arrow If the cursoris not at the end of the line the cursor moves one character to the right If the cursoris at the end of the line no action is taken Up Arrow The CLI maintains a buffer containing the last 16 typed command lines If there is a previous command line it will be output as the current command line and may be edited If there is no previous command line in the command line buffer the command line is set to blanks and
64. ion describes the parts of a CCM command and the conventions used in this document to describe a command s syntax Command syntax A command may have four types of syntax positional commands positional parameters keyword parameters and keyword values The following examples demonstrate the syntax types Thefollowing Set Port command changes the baud rate and flow control settings for port 2 PORT 2 SET BAUD 57600 FLOW XONXOF Command Syntax Types in Example Command Value Syntax PORT Positional command 2 Positional parameter that indicates the port number for the command SET Positional command that indicates port settings are to be changed BAUD Keyword parameter which is always followed by an equal sign 57600 Keyword value indicating the baud rate value for the BAUD keyword parameter FLOW Keyword parameter which is always followed by an equal sign XO NXOF Keyword value Not every command will contain all syntax types For example the following command reboots the CCM gt SERVER REBOOT Chapter 4 UsingCCM Commands 45 In this case both SERVER and REBOOT are positional commands In most cases one or more spaces separate positional commands positional parameters and keyword parameters For most positional commands positional parameters or keyword parameters you only need to enter thefirstthree characters The exceptions are e When you specify a terminal type with the Ty
65. istory display page Quit Q returns to the normal CLI Resume R leaves port history mode and CLI mode and resumes the session with the attached serial device This single command is equivalent to sequentially using the Quit and Resume commands Search S searches the port history buffer for a specified text string Search strings with embedded spaces must be enclosed in quotes By default the search is case sensitive To ignore case enter i before the string To specify direction type U to search up from the current line toward the top of the buffer or d to search down from the current line toward the bottom of the buffer The search direction remains in effect for subsequent searches until you change the search direction If the string is found the current history display line is set to the line containing the string and the CCM outputs a history display page If the string is not found an errormessage is displayed no other information is output and the current history display line is not changed Entering the Search command with no parameters searches again for the previous string in the same direction as the previous search Top T sets the current history display line to one and outputs a history display page The following examples assume the user is in port history mode The following command searches the history buffer in the upward direction for the string Abort Process PORT HISTORY gt s u Abort Proc
66. ith the Server SSH command both plain text and SSH connections will be allowed Chapter 3 Operations 27 To enable both Telnet and SSH connections Issue a Server Security command indicating Encrypt SSH None Telnet CLI mode While you are connected to an attached serial device you may enter CLI mode and enter CCM commands To enter or exit CLI mode when connected to a serial device Ll Toenter CLI mode type the CLI access character which is Ctrl D by default At the CLI prompt gt you may enter CCM commands 2 Toexit CLI mode and return to the session with the attached device issue a Resume command RESUME For more information see Resume Command in Chapter 5 To change the CLI access character Issue a Server CLI command or a Port Set command using the Char parameter to specify the CLI access character SERVER CLI CHAR lt char gt or m PORT SET CHAR lt char gt If you issue a Port Set command with Char None then the CLI access character specified in the Server CLI command will be used The Port Set command may be used to override the Server CLI access character on a per port basis For more information see Server CLI command and Port Set command in Chapter 5 To display CLI access character information Issue a Show Server CLI command SHOW SERVER CLI For more information see Show Server CLI command in Chapter 5 Ending device sessions To end your device session Enter CLI mode and iss
67. l P lt ftpadd gt KEY lt sshkey gt ACCE SS lt access gt You must specify a username You must also specify a password or SSH user key information or you may specify both You may also include an access level or access rights For more information see Connecting to devices using SSH and Access rights and levdsin this chapter and User Add command in Chapter 5 Chapter 3 Operations 29 To change a user s configuration information Issue a User Set command USER SET username PASSWORD lt pwd gt SSH KEY keffil e FTPIP lt ftpadd gt KEY lt sshkey gt ACCE SS lt access gt You may change your own password at any time You must have USER access rights to change another user s password or to change any user s SSH user key information and access rights To remove an SSH user key or password specify Keyz or Passwordz You cannot remove both the password and the SSH key from a user s definition one must remain in the user database Also you cannot remove a user s key or password if that removal would result in no valid users having USER access rights For more information see Connecting to devices using SSH and Access rights and levds in this chapter and User Set command in Chapter 5 To end another user s CCM session Issue a User Logout command USER LOGOUT username A message is sent and the Telnet or SSH connection is dropped For more information see User Logout command in Chapter 5
68. l cabling ALAN connector for a 10BaseT or 100BaseT interface cable e The AC line cord connector 10 CCM 840 1640 Installer User Guide AN Installing the CCM WARNING The power outlet should be installed near the equipment and should be easily accessible To install the CCM hardware 1 Locate the CCM where you can connect cables between the serial devices and the CCM serial ports and where you can connect a LAN interface cable between the Ethernet hub or switch and the CCM LAN connector If you are using arack mount kit follow the instructions included with the kit Connect serial devices to the CCM serial ports see Appendix B for cabling information Connect each serial device to its appropriate power source following the device s documentation Attach a 10BaseT or 100BaseT LAN interface cable to the LAN connector on the back of the CCM A CAT 5 cable is required for 100BaseT operation Insert the power cord into the back of the CCM Insert the other end of the power cord into a grounded electrical receptacle Check that the POWER LED on the front of the CCM is illuminated If not check the power cable to ensure that it is inserted snugly into the back of the unit The ONLINE LED will illuminate within one minute to indicate that the unit self test is complete If the ONLINE LED blinks contact Equinox Technical Support for assistance Check that the LINK LED is illuminated If not check the Ethernet
69. ling access to all ports with configuring and monitoring access rights gt user set JohnDoe access pall scon smon The following command removes the server configuration access right for J ohnDoe and leaves other access rights intact gt user set JohnDoe access SCON The following command deletes the SSH key information for J ohnDoe The command will complete successfully only if J ohnDoe has a password configured in a previous User Add or User Set command and if there are other users with User access rights gt user set key User Unlock command The User Unlock command unlocks a user who was previously locked out After this command completes the user will be able to attempt login authentication again Access right USER Access level APPLIANCEADMIN may unlock any user ADMIN may unlock any user except APPLIANCEADMIN Syntax USER UNLOCK lt username gt User Logout Command Parameter Parameter Description lt username gt Username to be unlocked 82 CCM 840 1640 Installer User Guide Contents Appendix A Technical Specifications 85 Appendix B DeviceCabling 86 Appendix C PortsUsed 22 22 nennen 90 Appendix D Technical Support 91 Appendices 85 Appendices CCM Product Specifications Appendix A Technical Specifications The following table lists the CCM technical specifications Device Ports
70. mmand Parameters Description username 3 16 alphanumeric character username Usernames are case sensitive PASSWORD lt pwd gt 3 16 alphanumeric character password Passwords are case sensitive SSHKEY lt keyfile gt Name of uuencoded public key file on an FTP server The maximum file size that can be received is 4K bytes Ifthis parameter is specified you must also specify the FTPIP parameter FTPIP lt ftpadd gt FTP server s IP address If this parameter is specified you must also specify the SSHKEY parameter KEY lt sshkey gt Uuencoded SSH key ACCESS lt access gt Command and port access rights or level You may specify multiple access rights separated by commas ora level Valid values for access rights are P lt n gt P lt x y gt PALL USER PCON SCON SMON BREAK Access to the specified port number Access to the specified range of ports Access to all ports User configuration access rights Port configuration access rights Configuration access rights Monitor access rights May issue Port Break command Valid values for access levels are ADMIN APPLIANCEADMIN Default PALL SMON PALL USER SMON PCON and BREAK access rights PALL USER SCON SMON PCON and BREAK access rights Examples Thefollowing command adds the username J ohnDoe with the password secretname access to ports 2 5 6 and 7 and user and monitor access rights user
71. odem For information about modem connections see Configuring and using dial in connections in this chapter and Server CLI command in Chapter 5 To configure a port forthe serial CLI L Issuea Server CLI command using the Port parameter to specify the CLI port and the Type parameter to specify the terminal type SERVER CLI PORT lt port gt TYPE lt type gt 2 Todisablethe CLI that was previously configured on a port issue a Server CLI command indicating Type Off For more information see Server CLI command in Chapter 5 To display CLI port information Issue a Show Server CLI command SHOW SERVER CLI The display includes the CLI port number and terminal type plus the CLI access character For more information see Show Server CLI command in Chapter 5 Chapter 3 Operations 21 To connect to a device from the serial CLI port 1 Issue a Server CLI command using the Connect parameter to enable the use of the Connect command from the serial CLI port SERVER CLI CONNECT ON Issue a Connect command to the desired port CONNECT port To end a device session that was initiated with a Connect command issue a Disconnect command DISCONNECT For more information see Server CLI command Connect Command and Disconnect Command in Chapter 5 Configuring and using dial in connections You may attach an external modem to the serial CLI port for dial in serial CLI access to the CCM This may be used as a backup
72. on CLI port The entire type name must be specified abbreviations are not permitted Valid types are ASCII VT52 VT100 VT102 VT220 VT320 and OFF Specifying Type O ff disables the CLI Default ASCII 62 CCM 840 1640 Installer User Guide Parameter Server CLI Command Parameters Continued Description CHAR 2 char CONNECT ONJOFF HISTORY HOLDJAUTO CLEAR KEEP MODEMINIT lt string gt TIM EO UT lt time out gt CLI access character in the range A through _ underscore The allowable ASCII range is x41 x5F and x61 x7A The CLI access character when pressed simultaneously with the Ctrl key during a session with an attached serial device will suspend the session with the device and place you in CLI command mode This value will be used if a port s Port Set command contains a CharzNone parameter Default 2 d is the manufacturing default Enables or disables the ability to use the Connect command from the serial C LI port W hen enabled a serial CLI user may use the Connect command to establish a connection to the serial device attached to another CCM serial port W hen disabled you cannot use the Connect command from the serial CLI port Default ON Port history file processing options during connection Hold or Auto and when a session ends C lear or Keep W hen Hold is specified upon connection you are informed of how much data is in the history buffer but the data is
73. ost SSH clients will associate the key with the IP address of the CCM During the first connection to a new SSH server the client will display the fingerprint of the SSH server key and prompt you to indicate if you wish to store it on the SSH client After the first connection most SSH clients will validate the key when connecting to the CCM This provides an extra layer of security because the SSH client can verify the key sent by the server each time it connects If you disable SSH and later reenable it you may either use the existing server key or compute a new one If you are reenabling the same server at the same IP address it is recommended that you use the existing key as SSH clients may be using it for verification If you are moving the CCM to another location and changing the IP address you may wish to generate a new SSH server key 24 CCM 840 1640 Installer User Guide Authenticating an SSH user SSH is enabled and disabled with the Server SSH command When you enable SSH you may specify the authentication method s that will be used for SSH connections The method may be a password an SSH key or both A user s password and SSH key are specified with a User Add or User Set command All SSH keys must be RSA keys DSA keys are not supported Thefollowing table lists and describes the valid SSH authentication methods that may be specified with a Server SSH command SSH Authentication Methods Method Description
74. p USER RIGHTS lt attr gt AUTHPORT lt udp gt TIMEOUT lt time out gt RETRIES lt rdry gt Chapter 3 Operations 33 3 You must specify the server s IP address the UDP portto be used and a secret to be used You must also specify a user rights attribute value that matches a value in the RADIUS server s dictionary You may also use this command to delete a RADIUS server definition SERVER RADIUS PRIMARY SECONDARY DELETE For more information see Server RADIUS command in Chapter 5 Issue a Server Security command using the Authentication parameter to specify the authentication mode Use the Encrypt parameter to enable plain text Telnet connections SSH connections or both SERVER SECURITY AUTHENTICATION lt auth_mode gt ENCRYPT lt conns gt You are prompted to save the information Enter Y to confirm or N to cancel To display authentication configuration information 1 Issue a Show Server Security command SHOW SERVER SECURITY The display includes the current CCM authentication settings that were configured with the Server Security command If SSH access has been enabled the display indicates SSH2 Regardless of whether SSH is enabled the display includes the authentication method specified with the Server SSH command To display CCM RADIUS settings that were configured with the Server RADIUS command issue a Show Server RADIUS command SHOW SERVER RADIUS For more information see Serve
75. pe parameter in the Server CLI command you must enter all characters e When you specify an authentication method with the Auth parameter in the Server SSH command you must enter all characters e When you specify control signal monitoring with the Power parameter in the Port Set command you must enter all characters With the exception of usernames and passwords commands are not case sensitive they may be entered in uppercase lowercase or a combination For example all of the following commands are correct PORT 2 SET BAUD 57600 FLOW XON POR 2 SET BAU 57600 FLOW XON por 2 Set Baud 57600 flow xon port 2 set baud 57600 flow xon VV VM NOTE Usernames and passwords are case sensitive These values are stored exactly as you enter them For example the username Ann must be entered with an uppercase A and all other letters lowercase The username ANN will not be accepted by the CCM as the username Ann Usernames and passwords must contain 3 16 alphanumeric characters Any syntax errors are displayed and where applicable the error is underlined In thefollowing example the keyword parameter baud is misspelled Even if more than three characters are entered they must all be correct port 2 Set Baux 57600 flow xon ERR 26 SET keyword parameter invalid In thefollowing example the keyword value 576 is not valid Numeric keyword values must be fully specified and may not be shortened to three characters
76. plays information about commands Access right none needed Access level all Port Alert Add Adds a port alert string Access right SCON orPCON Access level ADMIN or APPLIANCEADMIN Port Alert Copy Copies a port s alert strings to another port Access right SCON orPCON Access level ADMIN or APPLIANCEADMIN Users who do not have the ADMIN orAPPLIANC EADMIN level must have the appropriate port access configured to issue this command Chapter 4 Using CCM Commands 47 CCM Command Summary Continued Command Description Access Right and Access Level Port Alert Delete Deletes one or more port alert strings Access right SCON orPCON Access level ADMIN or APPLIANCEADMIN Port Break Sends a break signal to the attached device Access right BREAK Access level ADMIN or APPLIANCEADMIN Port History Accesses the port history buffer Access right none needed Access level all Port Logout Terminates the CCM session on a specified port Access right USER Access level ADMIN orAPPLIANCEADMIN Port Set Changes port settings Access right SCON orPCON Access level ADMIN orAPPLIANCEADMIN Quit Terminates the current CCM session Access right none needed Access level al Resume Resumes device connection after being in CLI mode Access right none needed Access level al Server CLI Specifies the serial C LI port port type and access character
77. pter 5 CCM Commands 53 Chapter 5 CCM Commands Connect Command The Connect command establishes a connection from the CCM serial CLI port to a device attached to another port on that CCM If the specified port is already in use you will receive an error message To use this command you must have previously issued a Server CLI command with the Connect On parameter For more information see Connecting to Serial Devices in Chapter 3 Access right port specific Access level ADMIN APPLIANCEADMIN or others with access to port Syntax CONNECT lt port gt Connect Command Parameter Parameter Description lt port gt Port number in range 1 8 fora CC M840 or 1 16 fora CCM1640 Example The following command establishes a connection from the serial CLI port to port 6 gt connect 6 Disconnect Command The Disconnect command terminates a session with a serial device that was previously initiated with a Connect command This command frees the attached serial device and allows other users to access it Access right port specific Access level ADMIN APPLIANCEADMIN or others with access to port Syntax DISCONNECT Help Command The Help command displays information about CCM commands Access right none needed Access level none needed Syntax HELP lt command_name gt 54 CCM 840 1640 Installer User Guide Help Command Parameter Parameter Description lt command_name gt Comman
78. r Security command Show Server Security command and Show Server RADIUS command in Chapter 5 plus Connecting to devices using SSH and Enabling plain text Tand and SSH connections in this chapter Using Security Lock out When the Security Lock out feature is enabled a user will be locked out after five consecutive authentication failures A successful authentication will reset the counter to zero You may configure a lock out period of from 1 99 hours Specifying a lock out period of disables the feature that is users will not be locked out 34 CCM 840 1640 Installer User Guide A locked out user will remain locked out until the specified time elapses the CCM is power cycled or the user is unlocked by an administrator with the User Unlock command A user with the ADMIN access level may unlock all users except a user with the APPLIANCEADMIN level A user with the APPLIANCEADMIN level may unlock all users To enable or disable Security Lock out L To enable Security Lock out issue a Server Security command using the Lockout parameter with a value between 1 99 2 Todisable Security Lock out issue a Server Security command using the Lockout2 parameter To unlock a locked out user Issue a User Unlock command with the username Managing the Port History Buffer Each CCM serial port has a circular history buffer that contains the latest 64K bytes of data received from the attached serial device This information ma
79. r to define the network location of a user s SSH key file the SSHKEY parameter specifies the name of the uuencoded UNIX to UNIX encoded public key file on an FTP server The maximum file size that can be received is 4K bytes The FTPIP parameter specifies the FTP server s IP address When this method is specified the CCM initiates an FTP client request to the specified IP address The CCM then prompts the user for an FTP user name and password for connection When connected the CCM will GET the specified key file and the FTP connection will be closed The CCM then stores the SSH key with the username in the CCM user database e When using the KEY keyword to specify the SSH key the KEY param eter specifies the actual uuencoded SSH key This is for configurations that do not implement an FTP server The CCM stores the specified key in the CCM user database The CCM processes a uuencoded SSH2 public key file with the format described in the IETF document draft ietf secshpublickeyfile 02 The key must follow all format requirements The UNIX ssh keygen2 generates this file format The CCM also processes a uuencoded SSH1 public key file The UNIX ssh keygen generates this file format You may also generate SSH user keys via AVWorks See the AVWorks Installer User Guide 26 CCM 840 1640 Installer User Guide To enable SSH session access to the CCM L Issue a Show Server Security command to ensure that you are using an auth
80. rd party RADIUS server containing a user database to authenticate CCM users The CCM functioning as a RADIUS client sends usernames and passwords to the RADIUS server If a username and password do not agree with equivalent information on the RADIUS server the CCM is informed and the user is denied CCM access If the username and password are successfully validated on the RADIUS server the RADIUS server returns an attribute that indicates the access rights defined for that username To use RADIUS authentication you must specify information about the primary RADIUS server and optionally a secondary RADIUS server to be used as a backup 32 CCM 840 1640 Installer User Guide The RADIUS server definition values specified in CCM commands must match corresponding values configured on the RADIUS server On the RADIUS server you must include CCM specific information the list of valid users and their access rights for the CCM Each user rights attribute in the RADIUS server s dictionary must be specified as a string containing the user s access rights for the CCM exactly matching the syntax used in the CCM User Add command Consult your RADIUS administrator s manual for information about specifying users and their attributes The exact process depends on the RADIUS server you are using No authentication When authentication is disabled users are not authenticated Telnet sessions to serial ports are accepted immediately and
81. rimary ip 192 168 0 200 secret ThePrimaryRadSecret user rights 86 The following command deletes the primary RADIUS server definition gt ser radius primary del Server Reboot command The Server Reboot command reboots the CCM During a reboot any active Telnet sessions including your own are terminated and all users are informed accordingly Any CCM configuration changes that require a reboot will become effective when the reboot completes When you enter this command you are prompted to confirm or cancel the reboot Access right SCON Access level APPLIANCEADMIN Syntax SERVER REBOOT 66 CCM 840 1640 Installer User Guide Server Security command The Server Security command specifies how authentication will be performed and whether Security Lock out is enabled You may also enable disable SSH connections plain text Telnet connections or both For more information see Using Authentication Modes and Using Security Lock out in Chapter 3 When you enter this command you are prompted to confirm or cancel the specified information Access right SCON Access level APPLIANCEADMIN Syntax SERVER SECURITY AUTHENTICATION lt auth_mode gt ENCRYPT lt conns gt LOCKOUT lt hours gt Server Security Command Parameters Parameter Description AUTHENTICATION Authentication mode Multiple values may be specified separated lt auth_mode gt by commas Valid values are LO CAL Use the internal CCM
82. rks TCP 3001 3016 Telnet serial sessions with ports 1 16 TCP 3101 3116 SSH serial sessions with ports 1 16 Appendices 91 Appendix D Technical Support Our Technical Support staff is ready to assist you with any installation or operating problems you encounter with your Equinox product If an issue should develop follow the steps below for the fastest possible service L Check the pertinent section of the manual to see if the issue may be resolved by following the procedures outlined 2 Check our web site at www equinox com support to search the knowledge base or use the online service request 3 Call Equinox Technical Support for assistance at 954 746 9000 ext 322 Visit the Equinox web site at http www equinox com support and click on Support Getting Support for current phone support hours 92 CCM 840 1640 Installer User Guide LIMITED WARRANTY Equinox warrants that the Product s shall be free from manufacturing defects in materials and workmanship for a period of five 5 years from the date of delivery provided that the Product was properly installed and used Defects malfunctions or failures of the warranted Product caused by damage resulting from acts of God such as floods fire etc environmental and atmospheric disturbances other external forces such as power line disturbances host computer malfunction plugging the board in under power or incorrect cabling and damage caused by misuse a
83. s CCM IP address MASK lt subnet gt Subnet mask for the subnet on which the CCM resides GATEWAY lt gtwy gt IP address of default gateway for routing IP packets Server SNMP command The Server SNMP command enables or disables SNMP UDP port 161 SNMP processing When you disable SNMP processing you may still enable and disable traps with the Server SNMP Trap command For more information see Managing the CCM Using SNMP in Chapter 3 Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP ENABLE DISABLE Server SNMP Command Parameter Parameter Description ENABLE DIS ABLE Enables or disables SNMP processing Default Enabled Server SNMP Community command The Server SNMP Community command defines read write and trap SNMP community strings Community names are case sensitive For more information see Managing the CCM Using SNMP in Chapter 3 68 CCM 840 1640 Installer User Guide Access right SCON Access level APPLIANCEADMIN Syntax SERVER SNMP COMMUNITY READCOM M lt name gt WRITE COM M lt name gt TRAPCOMM lt name gt Server SNMP Community Command Parameters Parameter Description READC OMM lt name gt 1 64 alphanumeric character read community name Default public WRITECO MM lt name gt 1 64 alphanumeric character write community name Default public TRAPCOMM lt name gt 1 64 alphanumeric character trap community name If you spec
84. ser Displays user configuration and session information Access right SMON Access level ADMIN or APPLIANC EADMIN SPC Reserved for future functionality User Add Adds a new user Access right USER Access level ADMIN or APPLIANCEADMIN User Delete Deletes a user Access right Access level mco 92 m 20 DMIN orAPPLIANCEADMIN User Logout Terminates a user s session Access right Access level wn oO A Uu rc Iw MIN or APPLIANC EADMIN User Set Changes a user s configuration information Access right ER Access leve MIN orAPPLIANCEADMIN S D d out user SER DMIN or APPLIANCEADMIN Users who do not have the ADMIN orAPPLIANC EADMIN level must have the appropriate port access configured to issue this command A user with ADMIN level may issue a UserLogout or User Unlock command for users with any level other than APPLIANC EADMIN Access right Access leve U A UserUnlock Unlocks a locke U A 50 CCM 840 1640 Installer User Guide Contents Connect Command sees 53 Disconnect Command 2222er 53 Hep Command 02 00 c eee ees 53 Port Commands 0 00 ee cece eee eens 54 Quit Command cece eee 60 Resume Command 0 ccc eee ee ees 60 Server Commands 0 ccc eee eens 60 Show Commands Hm ee een 71 SPC Command e eR Rx 77 User Commands 0 00 c eee eee 77 Cha
85. story view location to the bottom of the file minus 23 history display lines if available Clear C clears the port s history buffer Next N increments the current history display line by the number of lines per page and a new history display page is output Prev P decrements the current history display line by the number of lines per page and a new history display page is output Quit Q returns to the normal CLI Resume R exits port history mode and CLI mode and resumes the serial session with the attached serial device Search S searches the port history buffer for a specified string Enclose strings containing embedded spaces in quotes To specify search direction type u up or d down To ignore case type i Top T sets the current history display line to 1 and outputs a history display page Examples The following command accesses the serial port s history mode gt port history In history mode the following command searches the history buffer in the downward direction for the string connected to ignoring case PORT HISTORY gt s d i connected to Port Logout command The Port Logout command terminates the CCM session on a specified port Access right USER Access level ADMIN or APPLIANCEADMIN Syntax PORT lt port gt LOGOUT Port Logout Command Parameter Parameter Description lt port gt Port number in the range 1 8 fora CCM840 or1 16 fora CCM1640 58 CCM 840 1640
86. t SCON Access level APPLIANCEADMIN Syntax SERVER RADIUS PRIMARY SECONDARY IP lt radius_ip gt SECRET lt secret gt USER RIGHT S lt attr gt AUT HPORT lt udp gt TIMEOUT lt timeout gt RET RIES lt retry gt or SERVER RADIUS PRIMARY SECONDARY DELETE Chapter 5 CCM Commands 65 Server RADIUS Command Parameters Parameter Description PRIMARY Indicates the primary RADIUS server is being defined or deleted SECONDARY Indicates the secondary RADIUS server is being defined or deleted IP lt radius_ip gt IP address ofthe RADIUS authentication server SECRET lt secret gt 8 24 character text string forshared secret with the RADIUS server Enclose the string in quotes if it contains spaces USER RIGHTS lt attr gt Attribute number defined on the RADIUS server in the range 1 255 AUTHPORT lt udp gt UDP port forRADIUS authentication server in the range 1 65535 This value is usually 1645 but may be 1812 Default 1645 TIMEO UT lt time out gt Number of seconds to wait fora response from the RADIUS server in the range 1 60 Default 5 RETRIES lt retry gt Number of attempts to make to authenticate a user after a time out in the range 1 10 Default 3 DELETE Deletes the RADIUS server definition Examples The following command specifies primary RADIUS server information default values will be used for the UDP port time out and retries values gt ser radius p
87. t strings to be deleted by entering an alert string s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To delete all alert strings type ALL To cancel the command press Enter To copy the defined alert strings from one port to another port issue a Port Alert Copy command specifying the port numbers to be copied to and from PORT to port ALERT COPY from port 40 CCM 840 1640 Installer User Guide Atthe confirmation prompt press Y to confirm or N to cancel When the copy operation occurs all previously defined strings on the port to which you are copying will be replaced For more information see Port Alert Add command Port Alert Copy command and Port Alert Dd ee command in Chapter 5 To display SNMP configuration information Issue a Show Server SNMP command SHOW SERVER SNMP The display includes information specified with the Server SNMP Server SNMP Community Server SNMP Manager Server SNMP Trap and Server SNMP Trap Destination commands For more information see Show Server SNMP command in Chapter 5 To display port alert string information Issue a Show Port Alert command specifying a port number SHOW PORT port ALERT The display lists all the port s defined alert strings For more information see Show Port Alert command in Chapter 5 Chapter 4 UsingCCM Commands 43 Chapter 4 Using CCM Commands Access
88. ter 5 To enable or disable SNMP traps L To enable SNMP traps issue a Server SNMP Trap command with the Enable parameter SERVER SNMP TRAP ENABLE The CCM will display a numbered list of traps that are currently disabled with a prompt requesting you to select trap s to enable Indicate the traps to be enabled by entering a trap s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To enable all traps type ALL To cancel the command press Enter u or To enable all SNMP traps issue a Server SNMP Trap command with the Enable and All parameters In this case the numbered list is not displayed SERVER SNMP TRAP ENABLE ALL To disable SNMP traps issue a Server SNMP Trap command with the Disable parameter SERVER SNMP TRAP DISABLE The CCM will display a numbered list of traps that are currently enabled with a prompt requesting you to select trap s to disable Indicate the traps to be disabled by entering a trap s list number several numbers separated by commas a range of numbers separated by a dash or a combination of numbers with commas and dashes To disable all traps type ALL To cancel the command press Enter Chapter 3 Operations 39 or To disable all SNMP traps issue a Server SNM P Trap command with the Disable and All parameters In this case the numbered list is not displayed SERVER SNMP TRAP DISABLE ALL
89. ue a Quit command or a User Logout command QUIT 28 CCM 840 1640 Installer User Guide 0r If you initiated the device session with a Connect command enter CLI mode and issue a Disconnect command DISCONNECT or Allow the port to time out due to inactivity In this case a notification message is issued and the serial CLI session returns to CLI mode This time out may occur while you are in CLI mode or For modem connections if a carrier drop occurs the serial CLI session is automatically logged off Session time outs The CCM monitors data traffic when you are connected to an attached serial device You may specify a time out value with the Server CLI command You may also specify a time out value for each port with the Port Set command When no data is received from the connected user for the configured number of minutes the connection is terminated The following time out values are used e Fora Telnet session the Server CLI time out value is used For a serial port session if the port s configured time out value is the Server CLI time out value is used even if itis also Fora serial port session if the port s configured time out value is non that value is used Managing User Accounts The CCM user database may store information for up to 64 user accounts To add a user Issue a User Add command USER ADD lt username gt PASSWORD lt pwd gt SSHKEY lt eyfile gt FT P
90. upply NOTE The AC inlet is the main disconnect Rack mount safety considerations e Elevated Ambient Temperature If installed in a closed rack assembly the operation temperature of the rack environment may be greater than room ambient Use care not to exceed the rated maximum ambient temperature of the unit e Reduced Airflow Installation of the equipment in a rack should be such that the amount of airflow required for safe operation of the equipment is not compromised e Mechanical Loading Mounting of the equipment in the rack should be such that a hazardous condition is not achieved due to uneven mechanical loading e Circuit Overloading Consideration should be given to the connection of the equipment to the supply circuit and the effect that overloading of circuits might have on overcurrent protection and supply wiring Consider equipment nameplate ratings for maximum current e Reliable Earthing Reliable earthing of rack mounted equipment should be maintained Pay particular attention to supply connections other than direct connections to the branch circuit for example use of power strips Chapter 1 Product Overview 5 Using AVWorks The AVWorks graphical management interface may be used to manage CCM 840 1640 appliances and access attached devices Using AVWorks you may perform most of the operations that are described in this manual This manual describes how to manage a CCM 840 1640 by entering commands usin
91. user database to authenticate users RADIUS Use the previously defined RADIUS server s to authenticate users NONE Do not authenticate users This mode cannot be used when SSH access is enabled and it cannot be combined with other authentication modes Default LOCAL ENCRYPT lt conns gt Enables disables plain text Telnet or SSH connections You may enable both by specifying both values separated by a comma Valid values are SSH Enables SSH connections None Enables plain text Telnet connections Default None LOCKOUT lt hours gt Enables or disables Security Lock out To enable specify the number of hours in the lock out period in the range 1 99 To disable specify a value Default disabled Examples The following command specifies that the CCM user database will be used to authenticate users SSH and plain text Telnet connections will be allowed gt server security authentication local encrypt ssh none Chapter 5 CCM Commands 67 Server Set command The Server Set command changes CCM address information If you change the IP address you are prompted to confirm or cancel aCCM reboot to effect the change changing the mask or gateway address doesn t require a reboot Access right SCON Access level APPLIANCEADMIN Syntax SERVER SET IP lt ip_ address MASK lt subnet gt GAT EWAY lt gtwy gt Server Set Command Parameters Parameter Description IP lt ip addres
92. users are not prompted for a username or password In this case users are granted access only to the port to which they are connected including Break access Connections to the Telnet port 23 serial CLI and PPP are still authenticated even when authentication is expressly disabled Generally these communications paths are used only by administrators and authentication is enforced in order to establish appropriate access rights Authentication may not be disabled when SSH session access is enabled Authentication summary The CCM allows concurrent use of multiple authentication modes This allows Telnet and SSH clients to all access a single CCM as long as the appropriate values are enabled You may optionally specify both RADIUS and local authentication in either order In this case authentication will be attempted initially on the first method specified If that fails the second method will be used for authentication For example if you enable local and RADIUS authentication in that order authentication uses the CCM user database If that fails authentication goes to the defined RADIUS servers If you enable RADIUS and local authentication in that order authentication goes first to the defined RADIUS servers If that fails the local user database is used To specify the authentication mode 1 For RADIUS authentication issue a Server RADIUS command SERVER RADIUS PRIMARY SECONDARY IP lt radius ip SECRET ser am
93. uuencoded public key file on an FTP server The maximum file size that can be received is 4K bytes FTPIP lt ftpadd gt FTP server s IP address KEY lt sshkey gt Uuencoded SSH key To delete an SSH key whether it was Originally specified with the SSHKEY and FTPIP parameters or with the KEY parameter specify Key ACCESS lt access gt Command and port access rights or level You may specify multiple access rights separated by commas ora level If specifying access rights you may use one of three forms ACCESS lt access gt to specify all access rights ACCESS lt access gt to specify only access rights to be added ACCESS lt access gt to specify only access rights to be deleted Valid values for access rights are P n Access to the specified port number P lt x y gt Access to the specified range of ports PALL Access to all ports USER User configuration access rights PCON Port configuration access rights SCON Configuration access rights SMON Monitor access rights BREAK May issue Port B reak command Chapter 5 CCM Commands 81 User Set Command Parameters Continued Parameter Description ACCESS lt access gt Valid values for access levels are C ontinued ADMIN PALL USER SMON PCON and BREAK access rights APPLIANCEADMIN PALL USER SCON SMON PCON and BREAK access rights Default PALLSMON Examples The following command sets the access rights for J ohnDoe enab
94. y be helpful in analyzing attached device anomalies The history buffer begins filling with received data upon completion of CCM initialization even if no user is connected When you connect to a serial port the data that was received from the attached serial device prior to the connection is available in the buffer Once online new data continues to be stored in the buffer You may choose whether to display the history buffer s content automatically when you connect and whether to keep or discard the history buffer s content at the end of a session When more than 64K bytes of data are sent to the history buffer data at the top of the buffer is discarded to make room for the new data As a result the buffer always contains the most recent 64K bytes of port history Using port history mode commands Once you issue a Port History command to enter port history mode you may issue the commands listed in the following table Only the first letter of the command is required Chapter 3 Operations 35 Port History Mode Commands Command Description Bottom B sets the view location to the bottom of the file minus 23 history display lines if available Clear C clears the port history buffer Next N increments the current history display line by the number of lines per page and outputs a new history display page Prev P decrements the current history display line by the number of lines per page and outputs a new h
95. you may enter additional commands at the CLI prompt gt To configure CCM ports see Configuring Serial Port Settingsin Chapter 3 Reinitializing the CCM Reinitializing the CCM removes configured information This may be useful when reinstalling the CCM at another location in your network The CCM stores configuration information in FLASH databases During reinitialization the FLASH erase has two phases The first phase erases the CCM configuration database which contains all nonvolatile data except the IP address The second phase erases the IP address and restores the CCM to its factory default settings To reinitialize the CCM 1 Locate the recessed INIT button on the front of the CCM You will need a tool that fits inside the recess such as an opened paper clip 2 Insert the tool in the recess then depress and hold the button The ONLINE LED will blink indicating a CCM initialization has been requested You have approximately seven seconds to release the button before any action is taken After seven seconds the ONLINE LED will blink more rapidly to confirm that the CCM configuration database has been erased Continuing to hold the INIT button for a few more seconds will erase the P address as well The ONLINE LED will blink faster to confirm the deletion If any portion of FLASH is erased the CCM reboots when the INIT button is released Configuring Serial Port Settings 2 222 Connecting to Serial Dev
Download Pdf Manuals
Related Search