MicroNet SP1200A User`s manual

MicroNet SP1200A User`s manual
User’s Manual
IP KVM Switch
Model No.: SP1200A
http://www.micronet.info
Table of Contents
Chapter 1 Introduction................................................................................. 1
1.1 Package Contents .......................................................................................... 1
1.2 Key Features ................................................................................................. 1
1.3 System Requirements.................................................................................... 2
1.4 Specifications ................................................................................................ 2
Chapter 2 Tour of Product........................................................................... 3
2.1 Front View .................................................................................................... 3
2.1.1 LED Indication....................................................................................................3
2.2 Rear View ..................................................................................................... 3
2.3 Hardware Installation.................................................................................... 4
2.4 Cable Connections (PC)................................................................................ 5
2.5 Cable Connections (KVM Switch) ............................................................... 6
Chapter 3 Configuration .............................................................................. 7
3.1 PSetup Utility................................................................................................ 7
3.2 Configuration Setup via Serial Console ....................................................... 8
3.3 Keyboard, Mouse, and Video Configuration................................................ 9
3.3.1 SP1200A Keyboard Settings ...........................................................................9
3.3.2 Remote Mouse Settings .................................................................................10
3.3.3 Host System Mouse Settings ........................................................................11
3.3.4 Single and Double Mouse Mode...................................................................11
3.3.5 Recommended Mouse Settings....................................................................12
3.3.6 Video Modes ....................................................................................................12
3.4 IP Address Configuring .............................................................................. 12
3.5 Accessing Web-based UI............................................................................ 14
3.5.1 HTTP/HTTPS ...................................................................................................14
Chapter 4 Web-based User Interface ....................................................... 17
4.1 The Remote Console................................................................................... 18
4.1.1 Main Window of Remote Console ................................................................18
4.1.2 Control Bar of Remote Console ....................................................................19
4.1.3 Status Line of Remote Console ....................................................................27
4.2 Remote Control Menu................................................................................. 28
4.2.1 KVM Console ...................................................................................................29
4.2.2 Telnet Console.................................................................................................29
4.3 Virtual Media Menu.................................................................................... 31
4.3.1 Floppy Disk.......................................................................................................32
4.3.2 CD–ROM Image ..............................................................................................35
4.3.3 Drive redirection ..............................................................................................39
4.3.4 Options..............................................................................................................41
4.4 User Management ....................................................................................... 42
4.4.1 Change Password ...........................................................................................42
4.4.2 Users Account..................................................................................................43
4.5 KVM Settings ............................................................................................. 44
4.5.1 User Console ...................................................................................................45
4.5.2 Keyboard/Mouse .............................................................................................48
4.5.3 Video .................................................................................................................49
4.6 Device Settings ........................................................................................... 50
4.6.1 Network .............................................................................................................51
4.6.2 Dynamic DNS ..................................................................................................52
4.6.3 Security .............................................................................................................54
4.6.4 Certificate..........................................................................................................56
4.6.5 Serial Port .........................................................................................................58
4.6.6 Date / Time .......................................................................................................60
4.6.7 Event Log..........................................................................................................61
4.7 Maintenance ................................................................................................ 63
4.7.1 Device Information ..........................................................................................64
4.7.2 Even Log...........................................................................................................65
4.7.3 Update Firmware .............................................................................................65
4.7.4 Unit Reset .........................................................................................................66
Chapter 5 Appendix ................................................................................... 67
5.1 Key Codes ................................................................................................... 67
5.2 Video Modes ............................................................................................... 68
5.3 User Role Permissions ................................................................................ 68
5.4 SP1200A TCP Port Number ....................................................................... 69
5.5 Bandwidth Consumption ............................................................................ 69
Chapter 1 Introduction
Micronet SP1200A, IP KVM Switch, delivers highly reliable solution to increase
operational efficiency and mobility for the enterprise. SP1200A allows Server PC to
become accessible over the Internet via web browser. SP1200A can work in
conjunction with SP218D/SP226D to allow multiple servers’ images to be
transmitted over the Internet. By taking advantage of SP218D/SP226D existing
cascading feature, the personnel will gain access to hundred of servers over the
Internet. Security over the Internet is guarded using CSR (Certificate Signing
Request) for authentication and HTTPS protocol for encrypting transmitted data.
1.1
Package Contents
Prior to the installation of the device, please verify the following items are in the
package:
y
IP KVM Switch
y
Quick Installation Guide/ Manual CD
y
Power Adapter/ Power Cord
y
Null Modem Cable/ USB Cable/ 3-to-3 KVM Cable
y
Rack Mount Kit
Note: Contact your dealer immediately if any of the above items are missing,
damaged, or if the unit does not work.
1.2
Key Features
y
Support KVM over IP for remote management and access.
y
Work in conjunction with SP218D/SP226D KVM switch to cascade and
control 120/128 PCs.
y
Secure data transmission via HTTPS encrypted connection.
y
Support user authentication via CSR for digital identity certificate.
y
Support Web-based access via browser application for ease-of-use.
y
Automatically senses video resolution for best possible screen capture.
1
y
High-performance mouse tracking and synchronization.
y
Automatic adjustment of data rate to transmission line.
y
Remote mass storage control and redirection.
1.3
System Requirements
y
Java Runtime Environment: version 1.4.2 or above.
y
Browser: Microsoft Internet Explorer version 6.0 or above or Netscape or
Mozilla or Safari.
y
PS/2 interface on KVM/PC for mouse and keyboard connection.
1.4
Specifications
Interface
y Console:
¾ 1 x PS/2 Keyboard Mini Din 6 Pin
¾ 1 x PS/2 Mouse Mini Din 6 Pin
¾ 1 x VGA HDDB 15 Pin
y PC/KVM Port:
¾ 1 x Keyboard PS/2 Mini Din 6 Pin
¾ 1 x Mouse PS/2 Mini Din 6 Pin
¾ 1 x VGA HDDB 15 Pin
y USB: 1 x USB 2.0 Type B
receptacle
y LAN Port: 1 x 10/100M RJ-45
y Serial: 1 x Serial DB9 Pin
Video Resolution
y Local: 1600 x 1200
y Remote: 1280 x 1024
Advanced Feature
y DDNS
y Mouse Auto-Synchronization
y Single/Double Mouse Mode
y Virtual Media Access
y User Management
HTTPS, CSR
NFS, SMTP, SNMP trap
Web UI, Utility, Telnet
IE 6.0, Netscape 7.0, Mozilla 1.6 (or
above)
5V, 2.6A
Security
Event Log
Management
Browser
Power
2
Chapter 2 Tour of Product
2.1
Front View
Front View
2.1.1
LED
Status
Power
Red
Device is powered on.
RS-232
Blue
Data traffic on RS-232 link.
LAN
10/100Mbps
On
Indicate LAN port is active
and the data speed.
Link
2.2
LED Indication
Operation
Blinking Indicate data activity.
Rear View
Rear View
1.
Power Jack/ Backup: Interface for power source and a backup power
port.
2.
USB: For attaching to host PC, while using remote mass storage control.
3.
Local Console: Interface for connecting to mouse, keyboard and monitor.
3
4.
PC: Interface for connecting 3-to-3 KVM cable from SP1200A to PC or
KVM switch (SP218D/SP226D).
5.
Local Console: Interface for connecting to mouse, keyboard and monitor.
6.
RS232: Connect to external modem via RS232 for serial console access.
7.
LAN: Port for connecting to existing network or router for remote access
over Internet.
2.3
Hardware Installation
Step 1. Connect the Monitor/Keyboard/Mouse to the local console section on
the rear of the device.
Step 2. Use the 3-to-3 KVM cable provided to connect SP1200A’s PC section
to a KVM switch or PC.
Step 3. Connect SP1200A to a network (switch/router) via the LAN port
provided using R-45 cable.
Step 4. Attach the power adapter to the power jack of the device to activate.
4
2.4
Cable Connections (PC)
This scenario is for direct connection to a single PC/Server by using the
included 3-to-3 KVM cable. RS-232 is an alternative interface for connecting to
serial modem for access.
5
2.5
Cable Connections (KVM Switch)
SP1200A can be connected to a multi-port KVM switch to increase the
quantity of controllable servers. By connecting the 3-to-3 KVM cable to the
local console interface of the KVM switch, it will transform the SP1200A’s
single port access to multi-port access.
6
Chapter 3 Configuration
3.1
PSetup Utility
There is a Network Setup Software tool (PSetup) for setting up the network
configuration (IP address, Subnet mask, DHCP, etc). It is useful when you
want to change the network settings or you can not access to the unit due to
not knowing the network settings of the unit. In this case, you can view or
change the settings via this utility. The setup tool PSetup can be found on the
CD ROM delivered with this package. If you have installed the SP1200A on a
network that enables DHCP, you can use the PSetup to find out the IP KVM’s
IP. Users can follow the procedures described below.
Step 1. Plug Ethernet cable to SP1200A. The IP KVM will get an IP via DHCP.
Step 2. Initiate the ‘psetup.exe’ on product CD. Click <Refresh Devices>
button to detect connected devices
Step 3. Select MAC address of the SP1200A in “Device MAC address” box.
Users can find the MAC address labeled on the bottom side of I-BOX. MAC
address is detected as connection from computer and SP1200A is valid
through USB or network.
Step 4. Click <Query Device> to find the IP configuration on the right pane.
7
Parameter
None
BOOTP
DHCP
Super User Login
Super user password
New super user
password
New password
(confirm)
Description
Select this option to setup a fixed IP address for the IP KVM
switch. After selecting ‘None’, enter the desired IP address,
Subnet Mask and Gateway.
A static configuration protocol uses a table that maps IP
addresses to physical addresses.
An extension to BOOTP that dynamically assigns
configuration information. DHCP is backward compatible with
BOOTP.
Enter the login name of the super user. The initial value is
“super”. All characters are in lower case.
Enter the current password for the super user. This initial
value is “pass”. All characters are in lower case.
Enter the new password for the super user.
Re-type the new password for the super user for confirmation.
Click on <Setup Device> button to apply the new settings on IP KVM Switch.
3.2
Configuration Setup via Serial Console
For using serial terminal, the SP1200A has a serial line interface (host side).
This connector is compliant with the RS-232 serial line standard. The serial
line has to be configured with the parameters given in Table below.
Parameter
Value
Bits/second
Data bits
Parity
Stop bits
115200
8
No
1
8
Flow Control
None
When configuring with a serial terminal (Eg. HyperTerminal) reset the
SP1200A and immediately press the “ESC” key. Users will see some device
information, and a “=>” prompt. Enter “config”, press “Enter” key and wait for a
few seconds for the configuration questions to appear. As you proceed, the
following questions for setting the parameters will appear on the screen. To
accept the default values, press <Enter> key.
Parameter
IP auto-configuration
IP address
Net mask
Gateway address
Description
With this option, users can specify whether the SP1200A
should get its network settings from a DHCP or BOOTP
server. For DHCP, enter “dhcp”, and for BOOTP enter
“bootp”. If user does not specify any of these, the IP autoconfiguration is disabled and subsequently you will be asked
for the desired network settings.
The IP address of the SP1200A. This option is only available
if IP auto-configuration is disabled.
The net mask of the connected IP subnet. This option is only
available if IP auto-configuration is disabled.
The IP address of the default router for the connected IP
subnet. If you do not have a default router, enter 0.0.0.0. This
option is only available if IP auto-configuration is disabled.
3.3
Keyboard, Mouse, and Video
Configuration
Between the SP1200A and the host, there are two interfaces available for
transmitting keyboard and mouse data: USB and PS/2. The correct operation
of the remote mouse depends on several settings which will be discussed in
the following subsections.
3.3.1
SP1200A Keyboard Settings
The SP1200A settings for the host's keyboard type have to be corrected in
order to make the remote keyboard work properly. Check the settings in the
SP1200A Web front-end. Check the relevant sections in the user manual for
further details. Below parameters can be set via web-based UI of SP1200A.
9
3.3.2
Remote Mouse Settings
A common seen problem with KVM devices is the synchronization between
the local and remote mouse cursors. The SP1200A addresses this situation
with an intelligent synchronization algorithm. There are two mouse modes
available on the IP KVM:
Parameter
Auto mouse speed
Fixed mouse speed
Description
The automatic mouse speed mode tries to detect the speed
and acceleration settings of the host system automatically.
See the section below for a more detailed explanation.
This mode just translates the mouse movements from the
Remote Console in a way that one pixel move will result in npixel moves on the remote system. This parameter n is
adjustable with the scaling. Please note that this works only
when mouse acceleration is turned off on the remote system.
Automatic mouse speed and mouse synchronization
The automatic mouse speed mode performs the speed detection during
mouse synchronization. Whenever the local and remote mouse cursors move
asynchronously, there are two ways for re-synchronizing local and remote
mouse cursors:
Parameter
Fast Sync
Intelligent Sync
Description
The fast synchronization is used to correct a temporary, but
fixed skew. Choose the option using the Remote Console
options menu or press the mouse synchronization hotkey
sequence in case you defined one.
If the fast sync does not work or the mouse settings have
been changed on the host system, use the intelligent
resynchronization. This method takes more time than the fast
one and can be accessed with the appropriate item in the
Remote Console option menu. The intelligent synchronization
requires a correctly adjusted picture. Use the auto adjustment
function to setup the picture, and make sure that there are no
window at the top left corner of the remote desktop that are
able to change the mouse cursor shape from the normal
state. The Sync mouse button on top of the Remote Console
can behave differently, depending on the current state of
mouse synchronization. Usually pressing this button leads to
a fast sync, except in situations where the KVM port or the
video mode changed recently.
10
3.3.3
Host System Mouse Settings
The host's operating system knows various settings from the mouse driver.
While the IP KVM works with accelerated mice and is able to synchronize the
local with the remote mouse pointer, there are the following limitations, which
may prevent this synchronization from working properly:
¾
Special Mouse Driver: There are mouse drivers that influence the
synchronization process and lead to desynchronized mouse pointers.
If this happens, make sure you do not use a special vendor-specific
mouse driver on your host system.
¾
Windows XP Mouse Settings: Windows XP knows a setting named
“improve mouse acceleration”, which has to be deactivated.
¾
Active Desktop: If the Active Desktop feature of Microsoft Windows
is enabled do not use a plain background. Instead, use some kind of
wallpaper. As an alternative, you could also disable the Active
Desktop completely. Navigate your mouse pointer into the upper left
corner of the applet screen and move it slightly forth and back. Thus
the mouse will be resynchronized. If re-synchronizing fails, disable
the mouse acceleration and repeat the procedure.
3.3.4
Single and Double Mouse Mode
The information above applies to the Double Mouse Mode, where remote and
local mouse pointers are visible and need to be synchronized. The SP1200A
also features another mode, the Single Mouse Mode, where only the remote
mouse pointer is visible. Activate this mode in the open Remote Console and
click into the window area. The local mouse pointer will be hidden and the
remote one can be controlled directly. To leave this mode, it is necessary to
define a mouse hotkey in the Remote Console Settings Panel. Press this key
to free the captured local mouse pointer.
11
3.3.5
Recommended Mouse Settings
For the different operating systems we can give the following advice:
¾
MS Windows: In general, we recommend the usage of a mouse via
USB. Choose USB without Mouse Sync. For a PS/2 mouse choose
Auto Mouse Speed. For XP disable the option “enhance pointer
precision” in the Control Panel.
¾
SUN Solaris: Adjust the mouse settings either via xset m 1 or use
the CDE Control Panel to set the mouse to “1:1, no acceleration”. As
an alternative you may also use the Single Mouse Mode.
¾
MAC OS X: We recommend using the Single Mouse Mode.
3.3.6
Video Modes
The IP KVM recognizes a limited number of common video modes. When
running ‘X11’ on the host system, it is not recommended to use any custommode lines with special video modes. Otherwise, the IP KVM may not be able
to detect them. We recommend using any of the standard VESA video modes,
instead.
3.4
IP Address Configuring
PC/Notebook must belong in the same IP range and subnet. Follow the steps
below to configure IP settings for LAN PC.
12
Step 1. In the control panel, double
click on Network Connections.
Double click on the local area
connection (e.g. LAN). The following
screen will appear. Highlight ‘Internet
Protocol (TCP/IP)’ and click on
‘Properties’.
Step 2. Select ‘Internet Protocol
(TCP/IP)’, and then click on the
<Properties> button. The screen will
appear to allow entry of TCP/IP settings.
Step 3. In DOS command, type ‘ipconfig’ to view information on LAN
connection. Ensure the IP address and subnet mask are on the same subnet
as the IP KVM Switch.
13
Default IP Address
Default Subnet Mask
Default Username
Default Password
3.5
192.168.0.70
255.255.255.0
‘super’
‘pass’
Accessing Web-based UI
The SP1200A IP KVM Switch provides several standardized interface like
web-based configuration and telnet for allowing users to configure from a
wired workstation. This chapter will describe both these interfaces, and the
way to use them in a more detailed manner. The interfaces are accessed
using the TCP/IP protocol family, thus they can be accessed using the LAN
port of the device.
3.5.1
HTTP/HTTPS
Full access is provided by the embedded web server. The IP KVM
environment can be entirely managed using a standard web browser. Users
can access the IP KVM using the insecure HTTP protocol, or using the
encrypted HTTPS protocol. Whenever possible, use HTTPS for enhanced
security. In order to use the Remote Console window of your managed host
system, the browser has to come with a Java Runtime Environment version
1.4.2 or above. If the browser has no Java support (such as on a small
handheld device), you are still able to maintain your SP1200A using the
administration forms displayed by the browser itself.
For secure connection to the SP1200A, we recommend the following browsers
versions:
¾
Microsoft Internet Explorer version 6.0 or higher
¾
Netscape Navigator 7.0 or Mozilla 1.6 or higher
In order to access the remote host system using a securely encrypted
connection, you need a browser that supports the HTTPS protocol. Strong
14
security is only assured by using a key length of 128 Bit. Some of the old
browsers do not have a strong 128 Bit encryption algorithm. Using the Internet
Explorer, open the menu entry “?” and “Info” to read about the key length that
is currently activated. The dialog box contains a link that leads you to
information on how to upgrade your browser to a state of the art encryption
scheme. Figure below shows the dialog box presented by the Internet Explorer
6.0.
Step 1. Enter SP1200A’s default IP into the web browser to access web-based
settings.
Step 2. Login page will appear to prompt users to enter the username and
password.
15
Step 3. Once username and password are correctly entered, below interface
will appear to allow users to configure and operate the IP KVM Switch. For
further details on each function and selection, please consult the user manual.
16
Chapter 4 Web-based User Interface
Having logged into the IP KVM successfully, the main page of the IP KVM
appears. This page consists of three parts and each of them contains specific
information. The buttons on the upper side allow you to navigate within the
front end. Within the right frame, task-specific information is displayed that
depends on the section you have chosen before.
Return to main page of IP KVM access page
Open the IP KVM remote console
Exit the Web-based UI.
If there is no activity for 30 minutes, the IP KVM will log you out, automatically.
A click on one of the links will bring you back to the login screen.
17
4.1
The Remote Console
The Remote Console window is a Java Applet that tries to establish its own
TCP connection to the SP1200A. The protocol that is run over this connection
is neither HTTP nor HTTPS, but RFB (Remote Frame Buffer Protocol). As
default, RFB tries to establish a connection to TCP port number 443. Your
local network environment has to allow this connection to be made, i.e. your
firewall and NAT (Network Address Translation) settings have to be configured
accordingly.
In case the IP KVM is connected to your local network environment and your
connection to the Internet is available using a proxy server only without NAT
being configured, the Remote Console is very unlikely to be able to establish
the desired connection. This is because today's web proxies are not capable of
relaying the RFB protocol. In case of problems, please consult your network
administrator in order to provide an appropriate networking environment.
4.1.1
Main Window of Remote
Console
To open the KVM console either click on the icon <Console> or ‘Remote
Control > KVM Console’ of the menu entry on the left.
18
Starting the Remote Console opens an additional window. It displays the
screen content of your host system. The Remote Console will behave exactly
in the same way as if you were sitting locally in front of the screen of your
remote system. That means keyboard and mouse can be used in the usual
way. However, be aware of the fact that the remote system will react to
keyboard and mouse actions with a slight delay. The delay depends on the
bandwidth of the link to which you use to connect to the SP1200A.
In respect to the keyboard, the very exact remote representation might lead to
some confusion as your local keyboard changes its keyboard layout according
to the remote host system. If you use a German administration system, and
your host system uses a US English keyboard layout, for instance, special
keys on the German keyboard will not work as expected. Instead, the keys will
result in their US English counterpart. You can avoid such problems by
adjusting the keyboard of your remote system to the same mapping as your
local one.
The Remote Console window always tries to show the remote screen with its
optimal size. Meaning it will adapt its size to the size of the remote screen
initially and after the screen resolution of the remote screen has been changed.
However, you can always resize the Remote Console window in your local
window system as usual.
4.1.2
Control Bar of Remote Console
The upper part of the Remote Console window contains a control bar. Using
its elements you can see the state of the Remote Console and adjust the local
Remote Console settings. A description for each control follows.
Icon
Description
Special button to send the “Control+Alt+ Delete” key
combination to the remote system.
19
If the video display is of bad quality or distorted in some way,
press this button and wait a few seconds while the SP1200A
tries to detect the video mode of VGA port to the controlled
host and adjust itself for the best possible video quality.
Activates the mouse synchronization process. Choose this
option in order to synchronize the local with the remote
mouse cursor. This is especially necessary when using
accelerated mouse settings on the host system. In general,
there is no need to change mouse settings on the host.
Switches between the Single Mouse Mode (where only the
remote mouse pointer is visible) and the Double Mouse Mode
(where remote and local mouse pointers are visible and need
to be synchronized). Single mouse mode is only available if
using SUN JVM 1.4.2 or higher.
To open the Options menu, click on the button “Options”.
Monitor Only
Toggles the Monitor only filter on or off. If the filter is switched on no remote
console interaction is possible, and monitoring is possible.
20
Exclusive Access
If a user has the appropriate permission, he or she can force the Remote
Consoles of all other users to close. No one can open the Remote Console at
the same time again until this user disables the exclusive access, or logs off.
Scaling
Allow you to scale down the Remote Console. You can still use both mouse
and keyboard, but the scaling algorithm will not preserve all display details.
When you designate 25%, 50%, or100% scaling, the size of Remote Console
window is calculated according to the remote host video setting with scaling
algorithm execution. When you designate “Scale to fit”, the remote video
displaying is scaled to fit the size of Remote Console window.
Mouse Handling
The submenu for mouse handling offers two options for synchronizing the local
and the remote mouse cursors.
21
Parameter
Fast Sync
Intelligent Sync
Description
The fast synchronization is used to correct a temporary, but
fixed skew.
Use this option if the fast sync does not work or the mouse
settings have been changed on the host system.
Local Cursor
The menu offers a list of different cursor shapes for the local mouse pointer.
The selected shape will be saved for the current user and activated the next
time this user opens the Remote Console. The number of available shapes
depends on the Java Virtual Machine where version 1.4.2 or above offers the
full list.
Video Settings
The menu opens a panel for changing the SP1200A video settings. SP1200A
features two different dialogs for adjusting the video settings.
22
Video Settings through the HTML
To enable local video port, select this option. This option decides if the local
video output of SP1200A is active and passing through the incoming signal
from the host system. The option Noise Filter defines how SP1200A reacts to
small changes in the video input signal. Turning on the noise filter can help
reduce video flickering that is often caused by distortions, as well as lowering
unnecessary bandwidth consumption. A large filter setting needs less network
traffic and leads to a faster video display, but small changes in some display
regions may not be recognized immediately. A small filter displays all changes
instantly but may lead to a constant amount of network traffic even if display
content is not really changing (depending on the quality of the video input
signal). All in all the default setting should be suitable for most situations.
Video Settings via the Remote Console
Parameter
Brightness
Contrast
Clock
Phase
Horizontal Position
Vertical Position
Description
Controls the brightness of the picture.
Controls the contrast of the picture.
Defines the horizontal frequency for a video line and depends
on the video mode. Different video card types may require
different values here. The default settings in conjunction with
the auto adjustment procedure should be adequate for all
common configurations. If the picture quality is still bad after
auto adjustment you may try to change this setting together
with the sampling phase to achieve a better quality.
Defines the phase for video sampling, used to control the
display quality together with the setting for sampling clock.
Use the left and right buttons to move the picture in horizontal
direction while this option is selected.
Use the left and right buttons to move the picture in vertical
direction while this option is selected.
23
Reset this Mode
Reset all Modes
Save changes
Undo Changes
Reset mode specific settings (Clock, Phase and Position) to
the factory-made defaults.
Reset all settings to the factory-made defaults.
Save changes permanently
Restore last settings
Refresh Video
Click to run this menu item for retrieving the whole video again from the
controlled host and displayed on Remote Console. In normal situation, it only
sent changed parts of video from SP1200A, for saving network bandwidth.
This function is mainly used for troubleshooting purpose where some old video
fragments are displayed as not updated in time for some reason, for example,
noise filter for VGA is setting too large.
Soft Keyboard
The function opens up the Menu for the Soft-Keyboard.
Parameter
Show
Mapping
Description
Pops up the Soft-Keyboard. The Soft-Keyboard is necessary
in case your host system runs a completely different language
and country mapping than your administration machine.
Used for choosing the specific language and country mapping
of the Soft-Keyboard.
24
Local Keyboard
The function is for changing the language mapping of your browser machine
running the Remote Console Applet. Normally, the applet determines the
correct value automatically. However, depending on your particular JVM and
your browser settings, issues may arise. A typical example is a German
localized system that uses an US-English keyboard mapping. In this case you
have to change the Local Keyboard setting to the right language, manually.
Hotkeys
Opens a list of hotkeys defined before. Choose one entry, the command will
be sent to the host system. A confirmation dialog can be added that will be
displayed before sending the selected command to the remote host. Select
“OK” to execute the command on the remote host.
Encoding
These options are used to adjust the encoding level in terms of compression
and color depth. They are only available unless "Transmission Encoding" is
determined automatically
25
Compression Level
Users may select a value between 1 and 9 for the desired compression level
with level 1 enabling the fastest compression and level 9 the best compression.
The most suitable compression level should always be seen as a compromise
between the network bandwidth that is available, on your video picture to be
transferred, and on the number of changes between two single video pictures.
We recommend using a higher compression level if the network bandwidth is
low. The higher the compression level the more time is needed to pack and
unpack the video data on either side of the connection. The compression
quality depends on the video picture itself, e.g. the number of the colors or the
diversity of pixels. The lower the compression quality, the more data have to
be sent and the longer it may take to transfer the whole video picture. If level 0
is chosen the video compression is disabled.
The option "Video Optimized" has its advantages if transferring high-quality
motion pictures. In this case the video compression is disabled, completely
and all video data is transferred via network as full-quality video snippets.
Therefore, a high amount of bandwidth is required to ensure the quality of the
video picture.
The next two options allow you to set the compression level to a predefined
level OR to set a level for "lossy" compression. This compresses is well refined,
but leads to a degradation in image quality.
26
Color Depth
The function is for setting the desired color depth. Users may select between 8
or 16 bit for Video Optimized/compression level 0, or between 1 and 8 bit for
compression level 1 to 9. The higher the color depth, the more video
information has to be captured and to be transferred.
4.1.3
Status Line of Remote Console
The interface shows both console and the connection state. The size of the
remote screen is displayed. Figure below was taken from a Remote Console
with a resolution of 800x600 pixels. The value in brackets describes the
connection to the Remote Console. “Norm” means a standard connection
without encryption and “SSL” means a secure connection.
27
Furthermore, both the incoming (“In:”) and the outgoing (“Out:”) network traffic
are visible (in kb/s). If compressed encoding is enabled, a value in brackets
displays the compressed transfer rate.
4.2
Remote Control Menu
The Remote Console is the redirected screen, keyboard and mouse of the
remote host system that SP1200A controls. The Remote Console window is a
Java Applet that tries to establish its own TCP connection to the SP1200A.
Starting the Remote Console opens a new window displays screen movement
of host system, with its size automatically adjusted to optimum. Keyboard and
28
mouse are redirected to control the host system simultaneously. A slight delay
may present depending on the bandwidth of network.
4.2.1
KVM Console
To open the KVM console either click on the icon ‘Console’ or ‘Remote Control
> KVM Console’ of the menu entry on the left.
4.2.2
Telnet Console
The SP1200A firmware features a Telnet server that enables a user to connect
via a standard Telnet client. In case the Telnet program is using a VT 100, VT
29
102 or VT 220 terminal or an according emulation, it is even possible to
perform a console redirection as long as the SP1200A host machine is using a
text mode screen resolution.
Connecting to the SP1200A is done as usual and as required by the Telnet
client, for instance in a UNIX shell:
telnet 192.168.0.70
Replace the IP address by the one that is actually assigned to the SP1200A.
This will prompt for username and password in order to log into the device.
The credentials that need to be entered for authentication are identical to
those of the web interface. That means, the user management of the Telnet
interface is entirely controlled with the according functions of the web interface.
Once you have successfully logged into the SP1200A a command line will be
presented and you can enter according management commands. In general,
the Telnet interface supports two operation modes: the command line mode
and the terminal mode. The command line mode is used to control or display
some parameters. In terminal mode the pass-through access to serial port 1 is
activated (if the serial settings were configured accordingly). All inputs are
redirected to the device on serial port 1 and its answers are displayed on the
Telnet interface.
Parameter
help
cls
quit
version
terminal
Description
Displays the list of possible commands.
Clears the screen.
Exits the current session and disconnects from the client.
Displays the release information.
Starts the terminal pass through mode for serial port 1. The
key sequence ESC exit switches back to the command mode.
30
4.3
Virtual Media Menu
Before go ahead with this setup, both remote user computer and local
computer (the one connected with SP1200A) would have to have Operating
System Win2000, XP or above. This function would not work on other
platforms at this moment. Before using Virtual Media, please connect the USB
cable from SP1200A to host computer. After connecting the USB cable, you
can see a “Removable Disk” on the host computer. Below is the host computer
screen (the computer which connected with SP1200A).
31
4.3.1
Floppy Disk
Step 1. User need to create the floppy to an image file first.
Step 2. For this example, we use RawWrite software (or any other imagecreator software) to create floppy image. Please use licensed software for this
purpose.
32
Step 3. Users can find an image file saved at desire destination after you
created it with RawWrite.
Step 4. Open the browser to log into the SP1200A. Click on ‘Virtual Media >
Floppy Disk’ to access below interface. Click the <Browse> button to choose
the image file.
Step 5. After you uploading the image file, you will see the information below.
33
Step 6. Open the remote console and you will see a virtual Floppy drive is
created on the host computer that connects to SP1200A.
Users may create a floppy image size up to 1.44Mb. This drive would be in
read-only mode and would not allow users to write any information on this
drive but copying only. This drive would be bootable under DOS mode if the
motherboard/BIOS on the host computer supporting USB BOOTABLE function.
If using other image-creator software, the output image extension file name
has to be ‘img’, e.g. floppy_vir.img. The uploaded image file will be kept in the
onboard memory of the SP1200A until the end of the current session, as you
logged out, or initiated a reboot of the SP1200A.
34
4.3.2
CD–ROM Image
Use Image on Windows Share (SAMBA)
To include an image from a Windows share, select “CD-ROM” from the
submenu.
Step 1. Please run Nero or any CD imaging tool to create CD-ROM ISO image.
Step 2. Please create a folder and share this folder. (Please make sure
password has to be setup with the authorized user during Sharing ->
Permission settings)
Step 3. Copy the CD-ROM ISO image file to this sharing folder.
Step 4. Please fill in the sharing information as below picture.
35
Parameter
Share host
Share folder name
Image file name
User name
Password
Description
The server name or its IP address.
The name of the share folder to be used.
The name of the image files on the share folder.
If necessary, specify the username for the share named in
advance. If unspecified, and a guest account is activated, this
guest account information will be used as your login.
If necessary, specify the password for the given username.
Step 5. Image file set successfully.
Step 6. Open the remote console and users can see the virtual CD as below
picture.
36
The output image extension file name has to be ‘iso’, e.g. CD-Rom_vir.iso.
Users may create an ISO image size up to 650Mb. This drive would be in
read-only mode and would not allow you to write any information on this drive
but copying only. This drive would be bootable under DOS mode if the
motherboard/BIOS on the host computer support USB BOOTABLE function.
For emulating DVD Drive, please use Drive Redirection function.
To register the specified file image and its location click on the button <Set>.
The specified image file is supposed to be accessible from the SP1200A. The
information above has to be given from the point of view of the SP1200A. It is
important to specify correct IP addresses, and device names. Otherwise,
SP1200A may not be able to access the referenced image file. Furthermore,
the specified share has to be configured correctly. Therefore, administrative
permissions are required. As a regular user you may not have these
permissions. You should either login as a system administrator (or as “root” on
UNIX systems), or ask your system administrator for help to complete this task.
MS Windows
Open the Explorer, navigate to the directory (or share), and press the right
mouse button to access the context menu.
37
Step 1. Select “Sharing” to open the configuration dialog.
Step 2. Adjust the settings for the selected directory.
Step 3. Activate the selected directory as a share. Select “Sharing this folder”.
Step 4. Choose an appropriate name for the share. You may also add a short
description for this folder (input field “Comment”). If necessary, adjust the
permissions (button “permissions”).
Step 5. Click <OK> to set the options for this share.
38
UNIX and UNIX-like OS (Sun Solaris, and Linux)
If you like to access the share via SAMBA, SAMBA has to be set up properly.
You may either edit the SAMBA configuration file /etc/samba/smb.conf, or use
the Samba Web Administration Tool (SWAT) or WebMin to set the correct
parameters.
4.3.3
Drive redirection
The Drive Redirection is another possibility to use a virtual disc drive on the
remote computer. With Drive Redirection you do not have to use an image file
but may work with a drive from your local computer on the remote machine.
The drive is hereby shared over a TCP network connection. Devices such as
floppy drives, hard discs, CD ROMs and other removable devices like USB
sticks can be redirected. It is even possible to enable a write support so that
for the remote machine is possible to write data to your local disc.
Please note that Drive Redirection works on a level which is far below the
operating system. That means that neither the local nor the remote operating
system is aware that the drive is currently redirected. This may lead to
inconsistent data as soon as one of the operating systems (either from the
local machine, or from the remote host) is writing data on the device. If write
support is enabled the remote computer might damage the data and the file
system on the redirected device. On the other hand, if the local operating
system writes data to the redirected device the drive cache of the operating
system of the remote host might contain older data. This may confuse the
remote host’s operating system. We recommend using the Drive Redirection
with care, especially the write support.
39
Parameter
Disable Drive
Redirection
Force read-only
connections
Description
If enabled the Drive Redirection is switched off.
If enabled the Write Support for the Drive Redirection is
switched off. It is not possible to write on a redirected device.
Step 1. Please install Drive Redirection Software on remote computer first
then run Drive Redirection application and fill in information accordingly.
Step2. Click <Connect> to create virtual drive on host computer.
Step 3. Open the remote and you can see the virtual hard drive as below
picture.
40
Please note that Virtual Drive creation is by Device manner not by Partition.
Which means it looks for I/O in BIOS and sends the corresponding signal to
host computer. This way, you are sending the entire hard drive (may consist of
‘X’ numbers of partitions) and emulate whatever number of partitions on host
computer. You may also emulate a DVD-Drive with the same procedure.
However, this DVD-Drive does not support Bootable function like Floppy and
CD-Rom emulation.
4.3.4
Options
Set this option to disable the mass storage emulation (and hide the virtual
drive) if no image file is currently loaded. If unset, and no file image will be
found it may happen that the host system will hang on boot due to changes in
the boot order, or the boot manager (LILO, GRUB). This case was reported for
some Windows versions (2000, XP), other OS might not be fully excluded.
This behavior depends on the BIOS version used in that machine.
41
4.4
User Management
4.4.1
Change Password
Parameter
Old Password
New Password
Confirm New
Password
Description
Type in current password
type in new password
Re-type new password for verification
42
4.4.2
Users Account
There are three kinds of levels of user accounts:
¾
Super: Has all possible rights to configure the device.
¾
Administrator: Has partial rights to change configuration apart from
critical settings.
¾
User: Has permission to access basic function of open Remote
Console.
The SP1200A comes with 1 pre-configured user account that has fixed
permissions. The account “super” has all possible rights to configure the
device and to use all functions SP1200A offers. Upon delivery, the account
“super” has the password “pass”. Make sure to change password immediately
after you have installed or on initial access of your SP1200A.
Parameter
Existing users
New User name
Password
Confirm password
Email address
Mobile number
Description
Select an existing user for modification. Once a user has
been selected, click the lookup button to see the user
information.
The new user name for the selected account.
The password for the login name. It must be at least three
characters long.
Confirmation of the password above.
This is optional.
This information may be optionally provided.
43
Role
Each user can be a member of a group (named a “role”) –
there kinds can be chose from: super, administrator, or a
regular user.
To create a user, press the button <Create>. The <Modify> button changes
the displayed user settings. To delete a user, press the button <Delete>.
The SP1200A is equipped with a host-independent processor and memory
unit which both have a limitation in terms of the processing instructions and
memory space. To guarantee an acceptable response time we recommend
not exceeding the number of 15 users connected to the SP1200A at the same
time. The memory space that is available onto the SP1200A mainly depends
on the configuration and the usage (log file entries etc.). That’s why we
recommend not storing more than 150 user profiles.
4.5
KVM Settings
44
4.5.1
User Console
The following settings are user specific. That means, the super user can
customize these settings for every users separately. Changing the settings for
one user does not affect the settings for the other users.
Transmission Encoding
The Transmission Encoding setting allows changing the image-encoding
algorithm that is used to transmit the video data to the Remote Console
window. It is possible to optimize the speed of the remote screen processing
depending on the number of users working at the same time and the network
bandwidth of the connection line (Modem, ISDN, DSL, LAN, etc.).
45
Parameter
Automatic detection
Pre-configured
Manually
Description
The encoding and the compression level are determined
automatically from the available bandwidth and the current
content of the video image.
The pre-configured settings deliver the best result because of
optimized adjustment of compression and color depth for the
indicated network speed.
Allows adjusting both compression rate and the color depth
individually. Depending on the selected compression rate the
data stream between the SP1200A and the Remote Console
will be compressed in order to save bandwidth. Since high
compression rates consume more computing power of
SP1200A, they should not be used while several users are
accessing the SP1200A simultaneously.
The standard color depth is 16 Bit (65536 colors). The other
color depths are intended for slower network connections in
order to allow a faster transmission of data. Therefore
compression level 0 (no compression) uses only 16 Bit color
depth. At lower bandwidths only 4 Bit (16 colors) and 2 Bit (4
gray scales) are recommended for typical desktop interfaces.
Photo-like pictures have best results with 4 Bit (16 gray
scales). 1 Bit color depth (black/white) should only be used for
extremely slow network connections.
Remote Console Type
The menu specifies which Remote Console Viewer to use.
Parameter
Default Java-VM
Sun Microsystems
Java Browser Plug-in
Description
Uses the default Java Virtual Machine of your Browser. This
may be the Microsoft JVM for the Internet Explorer, or the
Sun JVM if it is configured this way. Use of the Sun JVM may
also be forced (see below).
Instructs the web browser of your administration system to
use the JVM of Sun Microsystems. The JVM in the browser is
used to run the code for the Remote Console window, which
is actually a Java Applet. If you check this box for the first
time on your administration system and the appropriate Java
plug-in is not already installed on your system, it will be
downloaded and installed automatically. However, in order to
make the installation possible, you still need to answer the
according dialogs with “yes”. The download volume is around
11 Mbytes. The advantage of downloading Sun's JVM lays in
providing a stable and identical Java Virtual Machine across
different platforms. The Remote Console software is
optimized for these JVM versions and offers wider range of
functionality when run in SUN's JVM. Please make sure that
you are installing Sun JVM 1.4.2 or above to your client
system.
46
Miscellaneous Remote Console Settings
Parameter
Description
Start in Monitor Mode
Start in Exclusive
Access Mode
Sets the initial value for the monitor mode. By default the
monitor mode is off. In case you switch it on, the Remote
Console window will be started in a read only mode.
Enables the exclusive access mode immediately at Remote
Console startup. This forces the Remote Consoles of all other
users to close. No one can open the Remote Console at the
same time again until this user disables the exclusive access
or logs off.
Mouse Hotkey
Allows specifying a hotkey combination which starts either the mouse
synchronization process if pressed in the Remote Console, or is used to leave
the single mouse mode.
Remote Console Button Keys
Button Keys allow simulating keystrokes on the remote system that cannot be
generated locally. The reason for this might be a missing key or the fact, that
the local operating system of the Remote Console is unconditionally catching
this keystroke already. Typical examples are “Control+Alt+Delete” on Windows
and DOS, what is always caught, or “Control+Backspace” on Unix-like OS for
terminating the X-Server. The syntax to define a new Button Key is as follows:
[confirm] <keycode>[+|-[*]<keycode>]*
Parameter
confirm
keycode
Description
Requests confirmation by a dialog box before the key strokes
will be sent to the remote host.
The key to be sent. Multiple key codes can be concatenated
with a plus, or a minus sign. The plus sign builds key
combinations, all keys will be pressed until a minus sign or
the end of the combination is encountered. In this case all
pressed keys should be released in reversed sequence. The
minus sign builds single, separate key presses and releases.
The star inserts a pause with duration of 100 milliseconds.
47
4.5.2
Keyboard/Mouse
Parameter
Description
Enables a certain interface the mouse is connected to. You
can choose between “Auto” for automatic detection, “USB” for
an USB mouse, and “PS/2” for a PS/2 mouse.
Host Interface
PS/2 Keyboard Model
Keyboard timeout
To use the USB and/or PS/2 interface you need a correct
cabling between the managed host and the managing device.
If the managed host has no USB keyboard support in the
BIOS and you have connected the USB cable only then you
will have no remote keyboard access during the boot process
of the host. If USB and PS/2 are both connected and you
selected “Auto” as host interface, then the card will select
“USB” if available or otherwise falls back to “PS/2”.
To get USB remote keyboard access during the boot process
of the host, the following conditions must be fulfilled:
¾ The host BIOS must have USB keyboard support.
¾ The USB cable must be connected or must be
selected in the Host interface option.
Enables a certain keyboard layout. You can choose between
“Generic 101-Key PC” for a standard keyboard layout,
“Generic 104-Key PC” for a standard keyboard layout
extended by three additional windows keys, “Generic 106-Key
PC” for a Japanese keyboard, and “Apple Macintosh” for the
Apple Macintosh.
Recommended as “enable” for keyboard timeout when host is
UNIX or UNIX-like OS.
48
USB Mouse Type
Mouse Speed
4.5.3
Enables USB mouse type. Choose between “Windows >=
2000 , MacOSX” for MS Windows 2000 or Windows XP, Mac
OSX or “Other Operating Systems” for MS Windows NT, Unix
or Unix-like OS, or OS X. In “Windows >= 2000 , MacOSX”
mode the remote mouse is always synchronized with the local
mouse.
¾
Auto mouse speed: Use this option if the mouse
settings on host use an additional acceleration setting.
The SP1200A tries to detect the acceleration and speed
of the mouse during the mouse sync process.
¾
Fixed mouse speed: Use a direct translation of mouse
movements between the local and the remote pointer.
You may also set a fixed scaling which determines the
pixel-amount of the remote mouse pointer movement
when the local mouse pointer is moved by one pixel.
This option is used to manually control the remote
mouse speed and only works when the mouse settings
on the host are linear. This means mouse acceleration
of OS should be disabled, and the intelligent mouse
synchronization of SP1200A is not functioning under this
setting.
¾
Absolute mouse scaling for MAC server: Use this
option for MAC server.
Video
Parameter
Noise filter
Description
This option defines how the SP1200A reacts to small changes
in the video input signal. Turning on the noise filter can help
reduce video flickering that is often caused by distortions, as
well as lowering unnecessary bandwidth consumption. A
large filter setting needs less network traffic and leads to a
faster video display, but small changes in some display
regions may not be recognized immediately. A small filter
displays all changes instantly but may lead to a constant
amount of network traffic even if the display content is not
really changing (depending on the quality of the video input
signal). All in all the default setting should be suitable for most
situations.
49
Force Composite
Sync (Required for
Sun Computers)
4.6
When connecting the device directly to legacy Sun computer
(with composite sync as the video output), it may be possible
that SP1200A don’t recognize the composite sync
automatically. To support signal transmission from a Sun
machine, enable this option. If not enabled the picture of the
remote console will not be visible.
Device Settings
50
4.6.1
Network
The Network Settings panel allows changing network related parameters.
Each parameter will be explained below. Once applied the new network
settings will immediately come into effect.
Parameter
IP auto configuration
Preferred host name
IP address
Subnet Mask
Gateway IP address
Primary DNS Server IP
Address
Description
With this option you can control if the SP1200A should fetch
its network settings from a DHCP or BOOTP server. For
DHCP, select “dhcp” , and for BOOTP select “bootp”
accordingly. If you choose “none” then IP auto configuration is
disabled.
Preferred host name to request from DHCP server. Whether
the DHCP server takes the SP1200A’s suggestion into
account or not depends on the server configuration.
IP address in the usual dot notation.
The net mask of the local network.
In case the SP1200A should be accessible from networks
other than the local one, this IP address must be set to the
local network router's IP address.
IP address of the primary Domain Name Server in dot
notation. This option may be left empty, however the
SP1200A will not be able to perform name resolution.
51
Secondary DNS
Server IP Address
Remote Console And
HTTPS port
HTTP port
Telnet port
SSH port
Bandwidth limitation
Enable Telnet access
Enable SSH access
Disable Setup
Protocol
LAN Interface Settings
4.6.2
IP address of the secondary Domain Name Server in dot
notation. It will be used in case the Primary DNS Server
cannot be contacted.
Port number at which the SP1200A's Remote Console server
and HTTPS server are listening. If left empty the default value
will be used.
Port number at which the SP1200A's HTTP server is listening.
If left empty the default value will be used.
Port number at which the SP1200A's Telnet server is
listening. If left empty the default value will be used.
Port number at which the SP1200A SSH (Secure SHell)
server is listening to. If left empty the default value (port 22)
will be used.
The maximum network traffic generated through the SP1200A
Ethernet device. Value in Kbit/s.
This enables the Telnet function.
This enables the SSH (Secure SHell) function.
Enable this option to exclude the SP1200A from the setup
protocol. Setup protocol is a proprietary layer-2 MAC-based
protocol to allow some configuration software to detect
SP1200A devices in the network, even without IP address,
and then config network related settings to SP1200A.
The “Autodetect” will set the Ethernet speed to the fastest
possible value supported by both endpoints of the link. For
example, if you use a 10M/half duplex HUB, this speed will be
auto-selected. If this option does not work with some network
device (HUB, switches, and routers), you can set the Ethernet
interface speed of SP1200A manually to the values as
supported by the network device.
Dynamic DNS
A freely available Dynamic DNS service (www.dyndns.org) can be used in the
following scenario.
52
The SP1200A is reachable via the IP address of the DSL router, which is
dynamically assigned by the provider. Since the administrator does not know
the IP address assigned by the provider, the SP1200A connects to a special
dynamic DNS server in regular intervals and registers its IP address there. The
administrator may contact this server as well and pick up the same IP address
belonging to his card. The administrator has to register an SP1200A that is
supposed to take part in the service with the Dynamic DNS Server and assign
a certain hostname to it. He will get a nickname and a password in return to
the registration process. This account information together with the hostname
is needed in order to determine the IP address of the registered SP1200A.
Steps for Setting UP DDNS:
¾ Make sure that the LAN interface of the SP1200A is properly configured.
¾ Enter the Dynamic DNS Settings configuration dialog as shown in
Figure.
¾ Enable Dynamic DNS and change the settings according to your needs
(see below).
Parameter
Enable Dynamic DNS
Description
This enables the Dynamic DNS service. This requires a
configured DNS server IP address.
53
Dynamic DNS server
DNS System
Hostname
Username
Password
Check time
Check interval
4.6.3
This is the server name where SP1200A registers itself in
regular intervals. Currently, this is a fixed setting since only
dyndns.org is supported for now.
Choose Dynamic for free DNS service. Custom for your own
domain.
This is the hostname of the SP1200A that is provided by the
Dynamic DNS Server. Use the whole name including the
domain (e.g. testserver.dyndns.org) not just the actual
hostname.
You have registered this username during your manual
registration with the Dynamic DNS Server. Spaces are not
allowed in the username.
You have used this password during your manual registration
with the Dynamic DNS Server.
The SP1200A registers itself for initiating the IP address
stored in the Dynamic DNS server at this time.
This is the interval for reporting again to the Dynamic DNS
server for updating the IP address associated with the
Domain Name of the SP1200A.
Security
Force HTTPS
If this option is enabled access to the web front-end is only possible using an
HTTPS connection. The SP1200A will not listen on the HTTP port for incoming
connections.
KVM Encryption
This option controls the encryption of the RFB protocol. RFB is used by the
Remote Console to transmit both the screen data to the administrator machine
and keyboard and mouse data back to the host. If set to “Off”, no encryption
54
will be used. If set to ”Try”, the applet tries to make an encrypted connection.
In case connection establishment fails for any reason an unencrypted
connection will be used. If set to “Force” the applet tries to make an encrypted
connection with certificate. An error will be reported in case connection
establishment fails.
Group-based System Access Control
This is the IP filtering function that keeps unauthorized hosts from accessing to
the SP1200A by specifying IP filtering rules. It is important to fully understand
what an IP filter is. If you don't fully understand this, you will get unexpected
results against your original planning.
The Chain rule determines whether the access from the hosts is allowed or not.
It can be one of these two values:
¾ ACCEPT: access allowed.
¾ DROP: access not allowed.
The rule can be configured to apply to a particular Group level (All, User,
Super, Administrator). When the SP1200A receives a TCP packet, it will
process the packet with the chain rule depicted below. The process ordering is
important. The packet will enter the chain rule 1 first, if meet the rule then take
action directly, otherwise go to chain rule 2.
55
4.6.4
Certificate
The SP1200A uses the Secure Socket Layer (SSL) protocol for any encrypted
network traffic between itself and a connected client. During the connection
establishment the SP1200A has to expose its identity to a client using a
cryptographic certificate. The default certificate comes with SP1200A device
upon delivery is for testing purpose only. System administrator should not rely
on this default certificate as the secured global access mechanism through
Internet. However, it is possible to generate and install a new base 64 X.509
certificate that is unique for a particular device. In order to do that, the
SP1200A is able to generate a new cryptographic key and the associated
Certificate Signing Request (CSR) that needs to be certified by a certification
authority (CA). A certification authority verifies that you are the person who you
claim you are, and signs and issues a SSL certificate to you.
The following steps are necessary to create and install a SSL certificate:
¾ Create a SSL Certificate Signing Request. You need to fill out a number
of fields that are explained below. Once this is done, click on the button
<Create> which will initiate the Certificate Signing Request generation.
The CSR can be downloaded to your administration machine with the
<Download> button.
56
¾ Send the saved CSR string to a CA for certification. You will get the
new certificate from the CA after a more or less complicated traditional
authentication process (depending on the CA).
¾ Upload the certificate to the SP1200A using the <Upload> button
Parameter
Common name
Organizational unit
Organization
Locality/City
State/Province
Country (ISO code)
Challenge Password
Description
This is the network name of the SP1200A once it is installed
in the user's network (usually the fully qualified domain
name). It is identical to the name that is used to access the
SP1200A with a web browser (without the “http://” prefix). In
case the name given here and the actual network name differ,
the browser will pop up a security warning when the SP1200A
is accessed using HTTPS.
This field is used for specifying to which department within an
organization the SP1200A belongs.
The name of the organization to which the SP1200A belongs.
The city where the organization is located.
The state or province where the organization is located.
The country where the organization is located. This is the twoletter ISO code, e.g. DE for Germany, or US for the USA.
(Note: the country code has to be entered in CAPITAL
LETTERS.)
Some certification authorities require a challenge password to
authorize later changes on the certificate (e.g. revocation of
the certificate). The minimal length of this password is 4
characters.
Confirm Challenge
Password
Confirmation of the Challenge Password
Email
The email address of a contact person that is responsible for
the SP1200A and its security.
57
This is the length of the generated key in bits. 1024 Bits are
supposed to be sufficient for most cases. Longer keys may
result in slower response time of the SP1200A during
connection establishment.
Key length
4.6.5
Serial Port
The SP1200A’s Serial Settings allows you to specify what device is connected
to the serial port and how to use it.
Configuration or Console Login
Do not use the serial port for any special function but use it only for the initial
configuration.
Modem
The SP1200A offers remote access using a telephone line in addition to the
standard access over the built-in Ethernet adapter. The modem needs to be
connected to the serial interface of the SP1200A. Logically, connecting to the
SP1200A using a telephone line means nothing else than building up a
dedicated point-to-point connection from your console computer to the device.
In other words, the SP1200A acts as an Internet Service Provider (ISP) to
which you can dial in. The connection is established using the Point-to-Point
Protocol (PPP). Before you connect to the SP1200A, make sure to configure
your console computer accordingly. For instance, on Windows based
operating systems you can configure a dial-up network connection, which
defaults to the right settings like PPP. The Modem Settings panel allows you to
58
configure the remote access to the SP1200A using a modem. The meaning of
each parameter will be described below. The modem settings are part of the
serial settings panel.
Parameter
Serial line speed
Modem Init String
Modem server IP
address
Modem client IP
address
Description
The speed the SP1200A is communicating with the modem.
Most of all modems available today will support the default
value of 115200 bps. In case you are using an old modem
and discovering problems try to lower this speed.
The initialization string used by the SP1200A to initialize the
modem. The default value will work with all modern standard
modems directly connected to a telephone line. In case you
have a special modem or the modem is connected to a local
telephone switch that requires a special dial sequence in
order to establish a connection to the public telephone
network, you can change this setting by giving a new string.
This IP address will be assigned to the SP1200A itself during
the PPP handshake. Since it is a point-to-point IP connection
virtually every IP address is possible but you must make sure,
it is not interfering with the IP settings of the SP1200A and
your console computer. The default value will work in most
cases.
This IP address will be assigned to your console computer
during the PPP handshake. Since it is a point-to-point IP
connection virtually every IP address is possible but you must
make sure, it is not interfering with the IP settings of the
SP1200A and your console computer. The default value will
work in most cases.
Pass Through Access to Serial Port via Telnet
Using this option, it is possible to connect an arbitrary device to the serial port
and access (assuming it provides terminal support) via Telnet. Select the
appropriate options for the serial port and use the Telnet Console, or a
standard Telnet client to connect to the SP1200A.
59
4.6.6
Date / Time
This link refers to a page, where the internal real-time clock of the SP1200A
can be set up. Users have the possibility to adjust the clock manually, or to
use a NTP timeserver. Without a timeserver, your time setting will not be
persistent, so you have to adjust it again, after SP1200A loses power for more
than a few minutes. To avoid this, you can use a NTP timeserver, which sets
up the internal clock automatically to the current UTC time. NTP server time is
always UTC and there is a setting that allows you to set up a static offset to
get your local time.
60
4.6.7
Event Log
Important events like a login failure or a firmware update are logged to a
selection of logging destinations. Each of those events belongs to an event
group, which can be activated separately. The common way to log events is to
use the internal log list of the SP1200A. In order to show the log list, please
click on <Event Log> under “Maintenance”. In the Event Log Settings you can
choose how many log entries are shown on each page.
61
Parameter
List logging enabled
NFS Logging enabled
SMTP Logging
enabled
SNMP Logging
enabled
Description
The common way to log events is to use the internal log list of
the SP1200A. In order to show the log list, please click on
<Event Log> under “Maintenance”. Since the SP1200A’s
system memory is used to save all the information, the
maximum number of possible log list entries is restricted to
1000 events. Every entry that exceeds this limit overrides the
oldest one.
Define a NFS server, where a directory or a static link has to
be exported, to write all logging data to a file that is located
there. To write logging data from more than one SP1200A
devices to only one NFS share, you have to define a file
name that is unique for each device. When you change the
NFS settings and press the button <Apply>, the NFS share
will be mounted immediately. That means, the NFS share and
the NFS server must be filled with valid sources or you will get
an error message.
With this option, the SP1200A is able to send Emails to an
address given by the Email address text field in the Event Log
Settings. These mails contain the same description strings as
the internal log file and the mail subject is filled with the event
group of the occurred log event. In order to use this log
destination you have to specify a SMTP server that has to be
reachable from the SP1200A device and that needs no
authentication at all (<serverip>:<port>).
If this is activated, the SP1200A sends a SNMP trap to a
specified destination IP address, every time a log event
occurs. If the receiver requires a community string, you can
set it in the appropriate text field. Most of the event traps only
contain one descriptive string with all information about the
log event. Only authentication and host power events have an
own trap class that consists of several fields with detailed
information about the occurred event. To receive this SNMP
traps, any SNMP trap listener may be used.
62
4.7
Maintenance
63
4.7.1
Device Information
This section contains a summary with various information about SP1200A
including firmware version. The Data file for support allows you to download
the SP1200A data file with specific support information. This is an XML file
with certain customized support information like the serial number etc. Users
may send us this information together with a support request. It will help us to
locate and solve your reported problem.
Figure above displays the SP1200A activity. From left to right the connected
user(s), IP Address (from which host the user comes from) and its activity
status is displayed. RC means that the Remote Console is open. If the Remote
Console is opened in exclusive mode the term (exclusive mode) is added. To
display the user activity the last column contains either the term ‘active’ for an
active user or ‘30 min idle’ for an user who is inactive for a certain amount of
time.
64
4.7.2
Even Log
The figure above displays the log list including the events that are logged by
the SP1200A
4.7.3
Update Firmware
The SP1200A is a complete standalone device. The software it runs is called
firmware. The firmware of the SP1200A can be updated remotely in order to
install new functionality or special features. A new firmware update is a binary
file which will be sent to you by email or which you can download from the
supplier web site. If the firmware file is compressed (file suffix .zip) then you
must unzip it before you can proceed. Under the Windows operating system
you may use WinZip from http://www.winzip.com/ for decompression. Other
operating systems might provide a program called unzip. Before you can start
updating the firmware of your SP1200A, the new uncompressed firmware file
has to be accessible on the system that you use for connecting.
65
4.7.4
Unit Reset
This section allows you to reset specific parts of the device. This involves the
both keyboard and mouse, the video engine and the SP1200A itself. Resetting
the card itself is mainly needed to activate a newly updated firmware. It will
close all current connections to the administration console and to the Remote
Console. The whole process will take about half a minute. Resetting sub
devices (e.g. video engine) will take few seconds only and does not result in
closing connections. To reset a certain SP1200A functionality click on the
button <Reset>. Only the super user is allowed to reset the SP1200A.
66
Chapter 5 Appendix
5.1
Key Codes
Table below shows the key codes used to defines keystrokes or hotkeys for
several functions. Please note that these key codes do not represent
necessarily key characters that are used on international keyboards. They
name a key on a standard 104 key PC keyboard with an US English language
mapping. The layout for this keyboard is shown in figure below. However, most
modifier keys and other alphanumeric keys used for hotkey purposes in
application programs are on an identical position, no matter what language
mapping you are using. Some of the keys have aliases also, means they can
be named by 2 key codes (separated by comma in the table).
67
5.2
Video Modes
Table below lists the video modes SP1200A supports. Please don’t use other
custom video settings besides these. Otherwise, SP1200A may not be able to
detect them.
5.3
User Role Permissions
Table below lists the user role permissions granted for three user role groups:
“Superuser”, “Administrator”, and “User”.
68
5.4
SP1200A TCP Port Number
5.5
Bandwidth Consumption
The preconfigured network speed selection simply results in a different
Compression and Color Depth configuration in order to match the different
bandwidth limitations of the network type (UMTS, ISDN, etc.). The following
suggested network bandwidth planning table for SP1200A installation is from
the test results with 3D-Labyrinth screen saver at Resolution 800x600, the
worst case consuming the highest network bandwidth.
69
Was this manual useful for you? yes no
Thank you for your participation!

* Your assessment is very important for improving the work of artificial intelligence, which forms the content of this project

Download PDF

advertisement