Serial port settings and security profiles | Avocent ACS 5000

100Cyclades® ACS 5000 Installation/Administration/User Guide

Table 8.5: Enabled Protocols for Each Security Profile
Other Services	Secure	Moderate	Open	Default
SNMP	N/A	N/A	Yes	N/A
RPC	N/A	N/A	Yes	N/A
ICMP	N/A	Yes	Yes	Yes
FTP	N/A	N/A	N/A	N/A
IPSec	N/A	N/A	N/A	N/A

The first step in configuring your console server is to define a security profile. One of the following situations is applicable when you boot up the console server.

•The console server is starting for the first time or after a reset to factory default parameters.

In this situation when you boot up your console server and log in as an administrator to the web manager, a security warning dialog box appears. The web manager is redirected to Step1: Security Profile in the Wizard mode. Further navigation to other sections of the web manager is not possible without selecting or configuring a security profile. Once you select or configure a security profile and save the changes, the console server restarts.

•The console server firmware is upgraded and the system is restarting with the new firmware.

In this situation the console server was already in use and certain configuration parameters were saved in the flash memory. In this case the console server automatically retrieves the Custom Security Profile parameters saved in the flash memory and behaves as it was a normal reboot.

•The console server is restarting normally.

In this situation the system detects the pre-defined security profile. You can continue working in the web manager.

Serial port settings and security profiles

All serial ports on the console server when shipped from the factory are disabled by default. The administrator can enable ports individually or collectively and assign specific users to individual ports.

The following situations apply to serial ports when you modify or change a security profile.

Image 108

Avocent ACS 5000 manual Serial port settings and security profiles

Contents

Cyclades ACS FCC Warning Statement Canadian DOC Notice Cyclades ACS Symbols Used B L E of C on T E N T S Configuring the Console Server in Wizard Mode Vii Network Menu and Forms Appendix a Technical Specifications 143 Connectors on the Console Server Overview Accessing the Console Server and Connected Devices ACS 5000 Console Server Connectors Number Description Prerequisites for Using the Web Manager Web Manager Authentication Types of UsersSecurity Authentication Methods Supported Authentication Type Definition Services not supporting IPv6 IPv6Packet Filtering Structure of IP filtering Add rule and edit rule options ChainRule Add Rule and Edit Rule Option Definitions Filter Options Numeric protocol options TCP protocol optionsUDP protocol options Icmp protocol options Notifications, Alarms and Data Buffering Example of using facility numbersSyslog servers Prerequisites for logging to syslog servers Console Server and Power Management Configuring access to connected devicesCommon Administrator Tasks for Configuring Software Managing Users of Connected Devices Additional requirements for Server Technology IPDUs Conventions used to identify outlets Configuring power management Configuring ports for power management by authorized users Options for managing power Power management through the web managerHostname Discovery Cyclades ACS 5000 Installation/Administration/User Guide Important Pre-installation Requirements Basic Installation ProceduresMounting the console server Making an Ethernet connection To rack mount the console serverTo connect devices to serial ports To connect to the console port Console server serial port pin-out information To use the wiz command to configure network parameters Turning on the console server and the connected devicesTo turn on the console server To turn on connected devices To configure for IPv4 protocol To configure for IPv6 protocol Selecting a security profile using the web manager Other Methods of Accessing the Web Manager Adding users and configuring ports using the web managerTo use a dynamic IP address to access the web manager Selecting a security profile Connecting PDUs To use the default IP address to access the web managerConnecting third-party IPDUs To daisy-chain PDUs to the console server Using the Web Manager Features of Regular User FormsTo log into the web manager Form area Port access requirements ConnectConnect to the console server Connect to serial ports Connection protocols for serial ports Ipdu Power Management Outlets Manager Outlets Group Ctrl View Ipdu infoBulb Padlock PDU Power Factor Form Heading Description Example To change your password Common Features of Administrator Forms Administrator Web Manager Buttons Button name Use Try changes Click the try changes button Overview of Administrative Modes Wizard modeLogging Into the Web Manager Expert mode Example of Web Manager Form in Wizard Mode Example of Web Manager Form in Expert Mode Cyclades ACS 5000 Installation/Administration/User Guide Default security profile Security ProfilePre-defined security profiles Custom security profile Http Serial port settings and security profiles To select or configure a security profile Network Settings To configure the network settingsPort Profile Port Profile Setup Options Parameter Options Access To set parameters for all serial portsParameter Options To add a user To change a password Data BufferingTo delete a user Wizard Data Buffering Field Names and Definitions Field name To configure data buffering System Log To add a syslog server To delete a syslog server Cyclades ACS 5000 Installation/Administration/User Guide Configuring the Console Server in Expert Mode Overview of menus and forms Expert Mode Screen Elements Number Description Connecting to the console server Connecting to devices connected to the serial portsApplications Menu and Forms Connect Ipdu Power Management Applications Ipdu Power Mgmt Outlets ManagerTo connect to a device through a serial port Expert Outlets Manager Icons Description ButtonPurpose OFF To view status, lock, unlock, rename or cycle power outlets Avocent PM PDU information displayedThird-party Ipdu information displayed Applications Ipdu Power Mgmt. Outlets Group Ctrl Applications Ipdu Power Mgmt. View IPDUs InfoExpert Ouatlet Groups Ctrl Information Form Heading PM20i/30A Applications Ipdu Power Mgmt. Configuration To view and reset Ipdu information Ipdu Power Mgmt Configuration Description Shown Element Type Applications Ipdu Power Mgmt. Software Upgrade To upgrade software on a Cyclades PM Ipdu ExpertTo upgrade software on non-Cyclades IPDUs To download Cyclades Ipdu software Expert Applications PMD Configuration Applications PMD Configuration- GeneralApplications PMD Configuration- Outlet Groups To upgrade software on a Avocent PM PDU Applications PMD Configuration Users Management To configure an outlet groupTo authorize a user for Ipdu power management To delete an outlet group Outlet entry conventions Prefix Group Expert Applications Terminal Profile Menu To create a menu for a local server terminal Click apply changes Host Settings Expert Network Menu Descriptions Menu Selection General host settings DNS ServiceDisabling and enabling IPv4 or IPv6 protocols Disabling IPv4 IPv4 settings Disabling/Enabling IPv6 IPv6 settings IPv6 Ethernet interfaces IPv6 serial interfacesIPv6 PPP interfaces Other interfaces To configure host settings Expert from the General form To configure IPv4 protocol To configure IPv6 protocol Syslog VPN Connections MYCOMPANYDOMAIN-VPN To configure VPN Click on apply changes Description To configure Snmp Example, 193.168.44.0/24 Firewall Configuration Edit button Delete buttonAdd button Edit Rules button Inverted checkboxes Target pull-down menu optionsSource or destination IP and mask Protocol Numeric protocol fields TCP protocol fieldsUDP protocol fields Expert TCP Options Fields Field/Menu Option Icmp protocol fields Input interface, output interface and fragmentsLOG target Firewall configuration procedures Reject targetTo add a chain To edit a chain To add a rule To edit a rule Host Table Static RoutesTo define the console server’s IP address and hostname To configure static routes Expert Field or Menu Name Definition Cyclades ACS 5000 Installation/Administration/User Guide Security Menu and Forms Users and Groups Adding a User Adding a GroupTo delete a user or group Expert Add User Dialog Field Names and Definitions To change a user’s password Active Ports SessionsTo add a group To modify a group To view, kill or refresh active user sessions TTY Configuring authentication for console server logins To configure the console servers login authentication method To configure a Radius authentication server Group authorization on RadiusTo configure a TACACS+ authentication server Group authorization on TACACS+ To configure an Ldap authentication server To configure Ldap authentication Group Authorization on LdapTo configure a Kerberos authentication server Go to Security Authentication Kerberos in Expert mode To configure a NIS authentication server Security Profiles Custom security profile Serial port settings and security profiles Security certificates Certificate for Http security User configured digital certificate Certificate on ssh To enable or disable serial ports Physical Ports103 To select one or more serial ports Console Access Server CAS profile connection protocols General formConnection profiles Ports Menu and Forms Terminal Server TS profile connection protocols Bidirectional Telnet protocol Modem and power management connection protocols Connection Protocols for Modems or IPDUs Protocol Name Cyclades ACS 5000 Installation/Administration/User Guide Click apply changes To configure a power management protocol for an Ipdu To associate an alias to a serial port Access To configure user access to serial portsAccess Form Menu and Fields FieldDescription Authentication methods and fallback mechanism To configure a serial port login authentication method Data Buffering Mode Local Destination Data Buffering Form Fields Field Name Definition To configure data buffering for serial ports Field Name Definition Multi User Expert Multi User Form Fields Field Name Definition Power Management Expert Power Management Form Fields Field Name To configure a serial port for Ipdu power management To configure a serial port for Ipmi power management Other 10 Other Form Fields Field Name Definition TCP Port To configure terminal server connection options Virtual Ports 11 New/Modify Port Dialog Box Fields Field Name Definition To cluster console servers or modify cluster configuration To assign names to slave ports in the cluster Ports Status Ports Statistics Expert Ports Hostname Discovery 14 Expert Ports Hostname Discovery Fields Cyclades ACS 5000 Installation/Administration/User Guide System Information 129System Information Form InformationParameters Notifications To view system informationInformation Parameters Email Notifications Entry Notifications Form Fields Field Name DefinitionEmail Notifications Dialog Box Fields Field Name Definition Pager notifications entry Snmp trap notifications entry Untitled dropdown field Cold Start Serial ports alarm notification To configure a trigger for serial port alarm notificationTime/Date To set the time and date manually To configure time and date using an NTP server Setting up a customized timezone configurationTo create a custom timezone selection To use the custom option to set daylight savings time Boot Configuration Boot Configuration Form Fields Field Name Definition To configure the console server boot Select Flash or Network from the Unit boot from menu Backup Configuration Go to Administration Backup Config in Expert mode Upgrade Firmware To upgrade the console server firmware Reboot To reboot the console serverOnline Help To configure the local online help path Appendix a Technical Specifications 143Environmental Hardware Temperature Elevated operating ambient temperatureTemperatur Erhöhte Umgebungstemperatur im betrieb Safety precautions for operating the console server Mechanical loadingSicherer mechanischer Aufbau Circuit overloading Appendices Electrostatic Discharge ESD Precautions Working inside the console server Replacing the battery Austausch der Batterie Remplacement de la batterieArbeiten am Cyclades ACS Vorsichtsmassnahmen gegen Elektrostatische Entladung ESD Baterìa FCC warning statementCanadian DOC notice To resolve an issue Appendix C Technical Support Cyclades ACS 5000 Installation/Administration/User Guide For Technical Support