Manuals / Tripp Lite / Computer Equipment / Network Card

Tripp Lite B096-048, 93-2879, B096-016 owner manual 118, Enter the Server Password

Models: 93-2879 B096-016 B096-048

1 224

Download 224 pages 57.82 Kb

Page 118

Local TACACS /RADIUS/LDAP: Tries local authentication first, falling back to remote if local fails

TACACS /RADIUS/LDAP Local: Tries remote authentication first, falling back to local if remote fails

TACACS /RADIUS/LDAP Down Local: Tries remote authentication first, falling back to local if the remote authentication returns an error condition (e.g. the remote authentication server is down or inaccessible)

9.1.1Local authentication

Select Serial and Network: Authentication and check Local Click Apply

9.1.2TACACS authentication

Perform the following procedure to configure the TACACS+ authentication method to be used whenever the Console Server or any of its serial ports or hosts is accessed:

Select Serial and Network: Authentication and check TACAS or LocalTACACS or TACACSLocal or TACACSDownLocal

Enter the Server Address (IP or host name) of the remote Authentication/Authorization server. Multiple remote servers may be specified in a comma-separated list. Each server is tried in succession.

In addition to multiple remote servers, you can also enter for separate lists of Authentication/Authorization servers and Accounting servers. If no Accounting servers are specified, the Authentication/Authorization servers are used instead.

Enter the Server Password

Click Apply. TACAS+ remote authentication will now be used for all user access to Console Server and serially or network attached devices

TACACS+ The Terminal Access Controller Access Control System (TACACS+) security protocol is a recent protocol developed by Cisco. It provides detailed accounting information and flexible

118

Image 118

Tripp Lite B096-048, 93-2879, B096-016 owner manual 118, Enter the Server Password

Contents

Console Server Management Switch Index Failover and OUT-OF-BAND Access Alerts and Logging Authentication System Management Advanced Configuration 16.2 Advanced Control Panel 210 FCC Information IntroductionThis Manual User NoticeManual Organization Types of users Management ConsoleManual Conventions Publishing history Models InstallationIntroduction PortsKit components B092-016 Console Server with PowerAlert Power connectionPower Console Server Management Switch Network connection Power Console Server with PowerAlertSerial Port connection USB Port Connection Rackmount Console / KVM Connection B092-016 onlyInitial System Configuration Management Console ConnectionIP address Browser connectionPage At the Management Console menu select System Administration Administrator PasswordInitial B092-016 connection Configuration Method Select System AdministrationNetwork IP address 1 IPv6 configuration System Services Page PowerAlert Secure VNCCommunications Software Message Changes to configuration succeededPuTTY SSHTerm Management Network Configuration B096-048/016 only Configure Management Switch as a Management LAN gatewayPage Page Configure Management Switch for Failover or Broadband OoB Configuring Serial Ports Serial Port and Network HostCommon Settings Console Server Mode Page Page Page Device RPC, UPS, EMD Mode SDT ModeTerminal Server Mode Serial Bridging Mode Add/Edit Users SyslogPage Page Authentication Network HostsPage Trusted Networks Select Serial & Network Trusted NetworksAutomatically generate and upload SSH keys Serial Port CascadingCheck Generate SSH keys automatically and click Apply Manually generate and upload SSH keys Select RSA Keys and/or DSA KeysPublic Key # ssh remhost Configure the Slaves and their serial ports Managing the Slaves OoB Dial-In Access Failover and OUT-OF-BAND AccessConfigure dial-in PPP Check the Enable Dial-In Access box Modem PortNone Using SDT Connector client for dial-inSet up Windows XP/ 2003/Vista client for dial-in MSCHAPv2Set up earlier Windows clients for dial-in Set up Linux clients for dial-in OoB Broadband Access B096-048/016 onlyBroadband Ethernet Failover B096-048/016 only Page Dial-Out Failover Page Secure Tunneling and SDT Connector IntroductionConfiguring for SDT Tunneling to Hosts SDT Connector ConfigurationSDT Connector client installation Run the set-up programConfiguring a new gateway in the SDT Connector client Page Make an SDT connection through the gateway to a host Manually adding hosts to the SDT Connector gateway Manually adding new services to the new hosts Page Adding a client program to be started for the new service Dial-in configuration Choosing an alternate SSH client e.g. PuTTYPage Page Page Page SDT Connector to Management Console Page Page Pon networkconnection SDT Connector Public Key Authentication Importing and exporting preferencesSetting up SDT for Remote Desktop Access Configure the Remote Desktop Connection client Desktop ConnectionClick Connect Option Color depth 8, 16On a Macintosh client SDT SHH Tunnel for VNC Install, configure and connect the VNC Viewer Page Page Page Select Allow calling computer to specify its own address Set up SDT Serial Ports on Console Server Page Email alerts Configure SMTP/SMS/SNMP/Nagios alert serviceAlerts and Logging Select Alerts & Logging Smtp &SMSSMS alerts Snmp alerts Select Alerts & Logging SnmpNagios Alerts Activate Alert Events and NotificationsNetwork Serial Ports refer to Chapter Alert Add a new alert Page Configuring environment and power alert type Remote Log Storage 100Serial Port Logging 101102 Network TCP or UDP Port LoggingLevel 103 Remote Power Control RPCRPC connection 104 Click Add RPCRPC alerts User power management105 RPC status106 Uninterruptible Power Supply Control UPSPower on Power OFF Power Cycle Power Status Managed UPS connections107 108 Configure UPS powering the Console Server 109Configuring powered computers to monitor a Managed UPS 110UPS status 111UPS alerts Overview of Network UPS Tools NUT112 Environmental Monitoring 113Connecting the EMD 114Environmental alerts 115Environmental status 116 Authentication Configuration Authentication117 Enter the Server Password 118Radius authentication 119Ldap authentication 120RADIUS/TACACS user configuration 121PAM Pluggable Authentication Modules 122Secure Management Console Access 123124 Nagios Overview Nagios Integration125 Central management 126Set up distributed Console Servers Check Prefer NRPE, Nrpe Enabled and Nrpe Command ArgumentsClick New Check and select Check TCP. Select Port Click Console Server Mode and select Logging LevelSelect Serial Port from the Serial & Network menu Configuring Nagios distributed monitoring Page Enable Nrpe monitoring Select System Nagios and check Nrpe EnabledSelect System Nagios and check Nsca Enabled Enable Nsca monitoringConfigure selected Serial Ports for Nagios monitoring Configure selected Network Hosts for Nagios monitoring Permitted ServiceConfigure the upstream Nagios monitoring host Advanced Distributed Monitoring Configuration Sample Nagios configurationTripplitenrpedaemondep Hostname Tripplite Basic Nagios plug-ins Additional plug-insPage System Administration and Reset System ManagementUpgrade Firmware Configure Date and Time Select the Enable NTP checkbox on the Network Time ProtocolStatus Reports Port Access and Active UsersSelect the Status Port Access StatisticsSyslog Support ReportsSelect Status Syslog Local System Logging Remote System LoggingSelect Alerts & Logging Syslog Device Management ManagementPort & Host Management Serial Port Terminal Connection Power ManagementSelect Manage Power Select Manage TerminalSSH Remote Console Access B092-016 only Select Manage KVM Console ServerPage Basic Configuration Linux Commands IntroductionConfig Tool Syntax Linux Command lineDescription Etc/config/config.xml OptionsSystem Settings Administration ConfigurationAuthentication Configuration Manually Change Clock Settings Date and Time ConfigurationNetwork Time Protocol Time Zone IP ConfigurationStatic Dial-in Configuration ATQ0V1H0Services Configuration Serial Port Configuration Serial Port SettingsSupported Protocol Configuration UsersTrusted Networks Event Logging Configuration Remote Serial Port Log StorageAlert Configuration SDT host TCP PortsPage Configuration backup and restore Config -e Output FileGeneral Linux command usage Http//en.tldp.org/HOWTO/HOWTO-INDEX/howtos.html Advanced Configuration IntroductionAdvanced Portmanager PmshellPmchat PmusersPortmanager Daemon External Scripts and AlertsPage Access to Serial Ports Raw Access to Serial PortsAccessing the Console Port Etc/config/ipfilter Standard IP-Filter configurationIP- Filtering Customizing the IP-Filter Etc/config/filter-custom Etc/config/snmpd.conf Modifying Snmp ConfigurationResources Adding more than one Snmp server Secure Shell SSH Public Key Authentication SSH OverviewGenerating Public Keys Linux $ ssh-keygen -t rsadsaInstalling the SSH Public/Private Keys Clustering Installing SSH Public Key Authentication LinuxChown fred /etc/config/users/fred/.ssh/authorizedkeys Generating public/private keys for SSH Windows OpenSSH OpenSSH Windows Fingerprinting SSH tunneled serial bridging IT is Possible That Someone is Doing Something NastyClient Keys $ ssh-keygen -t rsadsa SDT Connector Public Key Authentication Authorized KeysSecure Sockets Layer SSL Support Https Generating an encryption keyInstalling the key and certificate Power Strip Control PowerManTarget Specification Pmpower Adding new RPC devicesPage IPMItool SynopsisDescription Security Commands Scripts for Managing Slaves Ipmitool chassis helpSelect Status Support Report Local Client Service Connections Thin Client B092-016Page Connect- serial terminal Connect- browserConnect- VNC Connect- SSH Connect- Ipmi Connect- Remote Desktop RDP Option Connect- Citrix ICAAdvanced Control Panel Connect- PowerAlertSystem Terminal Custom System Shutdown / RebootSystem Logout StatusRemote control Appendix a Hardware Specification Appendix B Serial Port Connectivity Serial Port PinoutConnectors included in Console Server Appendix C End User License Agreement Page JSch License Page Page SUN Java License Page Warranty Registration Limited WarrantyTripp Lite 1111 W th Street Chicago IL 60609 USA 200903108 93-2879EN