LARA Installation and User Guide

Add to my manuals
89 Pages

advertisement

LARA Installation and User Guide | Manualzz

LARA

Installation and User

Guide

©Copyright 2002 Peppercon AG

All rights reserved

Scheringerstr. 1

08056 Zwickau

Germany

This publication contains proprietary information, which is protected by copyright. No part of this publication can be reproduced, transcribed, stored in a retrieval system, translated into any language or computer language, or transmitted in any form whatsoever without the prior written consent of the publisher, Peppercon AG. Peppercon AG acknowledges the following trademarks:

ˆ Intel is a registered trademark of Intel Corporation.

ˆ Windows 98, Microsoft Windows, and Windows NT are trademarks of Microsoft Corporation.

ˆ IBM, AT, VGA, PS/2, and OS/2 are registered trademarks and XT and CGA are trademarks of International Business Machines Corporation.

ˆ Peppercon is a registered trademark of Peppercon AG Zwickau, Germany.

Other trademarks and trade names may be used in this document to refer to either the entities claiming the marks and names or their products. Peppercon AG disclaims any proprietary interest in trademarks and trade names other than its own

Authors: Peppercon Team

This document was created on July 10, 2002 ii

The LARA

—(LARA Advanced Remote Administration) provides server management capabilities.

You can use LARA to manage and monitor components in your servers through a modem, an ISDN line or LAN, even if your network is down (Modem/ISDN). LARA offers a comprehensive hardware solution to server management.

Limited Warranty

The buyer agrees if this product proves to be defective, that Peppercon AG is only obligated to repair or replace this product at Peppercon AG’ discretion according to the terms and conditions of the warranty registration card that accompanies this product. Peppercon AG shall not be held liable for any loss, expenses or damage, direct, incidental or consequential resulting from the use of this product. Please see the Warranty Information shipped with this product for full warranty details.

Limitations of Liability

Peppercon AG shall in no event be held liable for any loss, expenses or damages of any kind whatsoever, whether direct, indirect, incidental, or consequential (whether arising from the design or use of this product or the support materials provided with the product). No action or proceeding against Peppercon AG may be commenced more than two years after the delivery of product to

Licensee of Licensed Software.

Licensee agrees to defend and indemnify Peppercon AG from any and all claims, suits, and liabilities

(including attorney’s fees) arising out of or resulting from any actual or alleged act or omission on the part of Licensee, its authorized third parties, employees, or agents, in connection with the distribution of Licensed Software to end-users, including, without limitation, claims, suits, and liability for bodily or other injuries to end-users resulting from use of Licensee’s product not caused solely by faults in Licensed Software as provided by Peppercon AG to Licensee.

Technical Support

If you need help installing, configuring, or running LARA, call your Peppercon OEM or VAD

Technical Support representative.

We invite you to access Peppercon’s Web site at: http://www.peppercon.com/

There you shall find all modifications made after the editorial deadline.

iii

iv

Contents

1. The Quick Installation Guide

1

2. Introduction

5

2.1. When the server is up and running

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

7

2.2. When the server is dead

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

8

3. Installation

9

3.1. Operation Overview

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

9

3.2. Connectors and Jumpers

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

3.2.1. Front Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

3.2.2. Rear Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

3.3. Connecting LARA to the host system

. . . . . . . . . . . . . . . . . . . . . . . . . .

11

3.3.1. Connecting system management option

. . . . . . . . . . . . . . . . . . . . .

11

3.3.2. Connecting IPMI option

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

12

3.3.3. Connecting the Internal Reset/Power Option

. . . . . . . . . . . . . . . . . .

13

3.3.4. Connecting the External Reset/Power Option

. . . . . . . . . . . . . . . . . .

13

3.3.5. Connecting Ethernet

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

13

3.3.6. Connecting ISDN

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

14

4. Configuration

15

4.1. Initial Configuration

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

15

4.1.1. Initial configuration via DHCP server

. . . . . . . . . . . . . . . . . . . . . .

15

4.1.2. Initial configuration via local console

. . . . . . . . . . . . . . . . . . . . . . .

15

4.1.3. Mouse, Keyboard and Video configuration

. . . . . . . . . . . . . . . . . . . .

16

4.1.4. Mouse suppression utility

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

17

vi Contents

5. Usage

19

5.1. Prerequisites

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

19

5.2. Login into LARA and logout

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

20

5.2.1. Login into LARA

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

20

5.2.2. Main Screen

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

21

5.2.3. Logout from LARA

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22

5.3. Remote Console

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22

5.3.1. Show Remote Console

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22

5.3.2. Remote Chat Frame

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

25

5.3.3. LARA On-Screen display (OSD)

. . . . . . . . . . . . . . . . . . . . . . . . .

26

5.3.4. LARA Mouse Synchronization

. . . . . . . . . . . . . . . . . . . . . . . . . .

28

5.3.5. Remote Console Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

29

5.3.6. Telnet Console

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

31

5.4. Server

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

31

5.4.1. Power Control

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

31

5.4.2. Power Control Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

33

5.4.3. Keyboard/Mouse & Video Settings

. . . . . . . . . . . . . . . . . . . . . . . .

35

5.4.4. KVM Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

35

5.5. Administration

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

36

5.5.1. User/Group Management

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

36

5.5.2. User/Group Permissions

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

39

5.5.3. Network Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

40

5.5.4. SNMP Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

43

5.5.5. Serial Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

46

5.5.6. Modem Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

47

5.5.7. ISDN Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

48

5.5.8. Update Firmware

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

51

5.5.9. IPMI Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

52

5.5.10. Security Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

55

5.5.11. SSL Certificate Management

. . . . . . . . . . . . . . . . . . . . . . . . . . .

58

5.5.12. Reset LARA

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

5.6. Documentation

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

5.6.1. Data file for support

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

Contents vii

5.6.2. The LARA SNMP MIB

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

5.7. Access via Telnet

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

6. Frequently Asked Questions

63

A. Glossary

B. LARA Video Modes

65

67

C. Key Codes

69

D. Pin Assignments

71

D.1. VGA HD-15

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

71

D.2. RJ 45 Connector Ethernet

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

71

D.3. RJ 45 Connector ISDN

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

72

D.4. Serial SUB-D 9 Connector 1

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

72

D.5. Serial SUB-D 9 Connector 2

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

72

D.6. KVM SUB-D 25 Connector

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

73

D.7. Power Supply Connector

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

73

E. Peppercon Warranty information

75

F. Specifications

77

F.1. Size and Weight

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

77

F.2. Environmental

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

77

viii Contents

List of Figures

1.1. LARA Front Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

1

1.2. Rear Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

2

1.3. Top part of LARA Remote Console

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

4

2.1. LARA total view

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

5

2.2. Internal Reset/Power Option - PC bracket

. . . . . . . . . . . . . . . . . . . . . . . .

7

3.1. LARA usage scenario

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

9

3.2. Multiple users on multiple servers

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

9

3.3. LARA Front Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

3.4. Rear Side Connectors

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

10

3.5. Connections of LARA KVM signals to the controlled system

. . . . . . . . . . . . .

11

3.6. Connections of LARA with local console

. . . . . . . . . . . . . . . . . . . . . . . . .

12

3.7. Connecting LARA system management

. . . . . . . . . . . . . . . . . . . . . . . . .

12

3.8. Top view of internal reset/power option

. . . . . . . . . . . . . . . . . . . . . . . . .

13

5.1. Internet Explorer showing the encryption key length

. . . . . . . . . . . . . . . . . .

20

5.2. LARA login screen

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

21

5.3. LARA home menu window

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

22

5.4. Remote Console window showing a Windows 2000 desktop screen

. . . . . . . . . . .

23

5.5. Example for the Chat window

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

26

5.6. OSD panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

27

5.7. OSD main menu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

27

5.8. OSD picture menu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

27

5.9. OSD picture Misc menu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

28

5.10. OSD settings menu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

28

5.11. OSD configuration menu

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

28

5.12. Example of Remote Console settings

. . . . . . . . . . . . . . . . . . . . . . . . . . .

32

x List of Figures

5.13. Telnet Console

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

33

5.14. Internal Power Control

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

33

5.15. External Power Control

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

33

5.16. Power Control settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

34

5.17. Keyboard Mouse & Video settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

35

5.18. KVM Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

36

5.19. User/Group Management

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

37

5.20. User/Group Permissions panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

39

5.21. LARA network settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

41

5.22. Dynamic DNS Scenario

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

43

5.23. Dynamic DNS configuration panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

43

5.24. SNMP settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

45

5.25. Serial Settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

46

5.26. LARA ISDN settings panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

50

5.27. Panel for uploading a new firmware

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

51

5.28. Panel to update a new firmware that was previously uploaded

. . . . . . . . . . . . .

51

5.29. IPMI settings panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

52

5.30. IPMI Event Log

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

54

5.31. Example of IPMI State panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

54

5.32. Security settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

55

5.33. SSL Certificate Request

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

59

5.34. SSL Certificate Signing Request

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

59

5.35. Reset panel

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

60

C.1. English (US) Keyboard Layout, used for key codes

. . . . . . . . . . . . . . . . . . .

69

List of Tables

1.1. Initial configuration

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3

1.2. Serial parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

3

2.1. Host system failures and how they are detected

. . . . . . . . . . . . . . . . . . . . .

8

4.1. Initial IP configuration

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

15

4.2. Serial line parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

16

5.1. Meaning of the main menu LARA features

. . . . . . . . . . . . . . . . . . . . . . .

22

5.2. Description of Remote Console Options

. . . . . . . . . . . . . . . . . . . . . . . . .

24

5.3. Chat Frame element description

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

26

5.4. Decription of Remote Console Option Menu

. . . . . . . . . . . . . . . . . . . . . . .

30

5.5. Remote reset and power button effects

. . . . . . . . . . . . . . . . . . . . . . . . . .

34

5.6. Keyboard Mouse & Video Settings description

. . . . . . . . . . . . . . . . . . . . .

35

5.7. Description User/Group Management

. . . . . . . . . . . . . . . . . . . . . . . . . .

37

5.8. LARA user and group permissions

. . . . . . . . . . . . . . . . . . . . . . . . . . . .

40

5.9. Network settings parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

41

5.10. Dynamic DNS options

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

44

5.11. SNMP setting parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

44

5.12. Serial Port 1 Functional Options

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

47

5.13. Description of all modem settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . .

47

5.14. Description of all ISDN options

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

48

5.15. IPMI settings explained

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

53

5.16. Security parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

55

5.17. Telnet security settings

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

56

5.18. IP access control parameters

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

57

5.19. Certificate request required information

. . . . . . . . . . . . . . . . . . . . . . . . .

58

5.20. Telnet server commands and description

. . . . . . . . . . . . . . . . . . . . . . . . .

61

xii List of Tables

B.1. LARA Video Modes

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

67

C.1. Key Names

. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .

69

1. The Quick Installation Guide

Installation

LARA redirects local keyboard, mouse and video data to a remote administration console. All data is transmitted via IP. LARA can be used in a multi administrator and multi server environment as well. Combining LARAs with a KVM switched matrix allows to access multiple remote servers over a single remote console.

Connectors

Front Side Connectors (Figure

1.1

)

G

R

AB

IS

D

N

FU

LL

R

ST

VG

A

R

U

N

10

0

LARA

local mouse local keyboard local video interface

Figure 1.1.: LARA Front Side Connectors

Reset Pushing this button performs a reset of LARA. The button is important for the initial configuration of LARA

VGA Indicates, that the VGA input is active and a video signal is received by LARA

RUN Indicates whether the LARA system is running or not

100 Indicates that the Ethernet connection is in 100 Mbit mode

FULL Indicates that the Ethernet connection is in full-duplex mode

ISDN Indicates that the ISDN subsystem is available and active

GRAB Indicates that a remote user is logged onto LARA and the video engine is outputting data

Using the connectors for video and keyboard/mouse a local console might be connected simultaneously.

Rear Side Connectors (Figure

1.2

on the next page)

SUB-D 9 Serial 1 The standard serial connector is used in multiple ways:

2 CHAPTER 1.

THE QUICK INSTALLATION GUIDE

Serial 1 Serial 2

Keyboard/Video/Mouse

ISDN

Power

Ethernet

Figure 1.2.: Rear Side Connectors

ˆ IPMI Version 1.5 connection to the host system using the IPMI Option cable

ˆ Serial output for modem dial in connection

ˆ Serial pass-through via Telnet

ˆ Initial configuration

SUB-D 9 Serial 2 The serial connector 2 supports the internal and external power options

SUB-D 25 KVM The supplied Keyboard VGA Mouse extender cable has an aggregated SUB D

25 connector to LARA

Power supply

RJ 45 ISDN

A power supply with the following parameters must be attached:

ˆ Voltage: 12 V

ˆ Current: >= 1 A

Using this connector LARA can be connected to an EURO ISDN network (EMEA versions only)

RJ 45 Ethernet UTP3/5 cables may be used to connect LARA to an Ethernet LAN

Connecting LARA to the host system

Perform the following steps in order to connect the KVM signals of the server system to LARA:

1. Connect the SUB-D 25 to PS2/PS2/Video cable to the SUB-D 25 connector on LARA

2. Connect the (purple) PS/2 Keyboard jack to the keyboard connector of the host system

3. Connect the (green) PS/2 mouse plug to the mouse connector of the host system

4. Connect the VGA HD-15 connector to the VGA monitor output of the host system

5. Connect the power supply as well as Ethernet and/or modem,ISDN, depending how you want to access LARA

In case you want to connect a local console to the host system besides LARA, you can attach monitor, keyboard and mouse to the according LARA connectors on its front.

Video modes

LARA recognizes a limited number of common video modes. When running X-Window on the host system, please don’t use any custom modelines with special video modes. If done so, LARA may not be able to detect these. You are on the safe side with all standard VESA video modes. Please refer to Appendix

B

on page

67

for a list of all known modes.

3

Initial IP configuration

Initially the LARA network interface is configured with the parameters shown in Table

1.1

.

Table 1.1.: Initial configuration parameter value

DHCP active

IP address 192.168.1.22

Netmask

IP access

255.255.255.0

disabled

If this initial configuration doesn’t meet your local requirements, you need to do the initial IP configuration. Connect the enclosed NULL modem cable to the serial interface on the LARA rear side.

The serial interface needs to be adjusted with the following parameters:

Table 1.2.: Serial parameters parameter value

Bits/second 115200

Data bits 8

Parity

Stop bits

No

1

Flow Control None

Use a terminal software (e.g. hyperterm or minicom) to connect to LARA. After establishing a connection the following message appears:

LARA (c) Peppercon AG 2002

For initial IP configuration login as "config". Press F10 to resume.

192.168.1.22 login:

Enter “config” as login name. There is no need for a password. After logging in you may configure

DHCP, IP address, net mask and default gateway. Pressing ENTER without entering values does not change settings! The gateway value must be set to 0.0.0.0 (for no gateway) or any other value.

Web interface

LARA may be accessed using a standard Web browser. You may use the HTTP protocol or a secure encrypted connection via HTTPS. Just enter the configured IP address of LARA into your

Web browser. Initially there is only one user configured who has unrestricted access to all LARA features:

Login name super

Password lara

Please login and change the password immediately according to your own policies.

4 CHAPTER 1.

THE QUICK INSTALLATION GUIDE

The Remote Console

The Remote Console is the redirected screen, keyboard and mouse of the remote host system to which LARA is attached. The Web browser which is used for accessing LARA has to supply a Java

Runtime Environment version 1.1 or higher. The Remote Console will behave exactly the same way as if you were sitting directly in front of the screen of your remote system. That means keyboard and mouse can be used in the usual way. Open the console by choosing the appropriate link in the navigation frame of the HTML frontend. Figure

1.3

shows the top of the Remote Console.

Figure 1.3.: Top part of LARA Remote Console

There are some options to choose from, the important ones are the following:

Auto Adjust button If the video displayed is of bad quality or distorted in some way, press this button and wait a few seconds while LARA tries to adjust itself for the best possible video quality.

Sync Mouse Choose this option in order to synchronize the local with the remote mouse cursor.

This is especially necessary when using accelerated mouse settings on the host system. In general there is no need to change mouse settings on the host.

OSD Panel in Options Menu This opens a new window with elements to control the LARA OSD

(on-screen display). Press the buttons or use the keyboard to open the OSD. You can change some video settings, for instance related to brightness and contrast of the picture displayed, which may improve the video quality. It is also possible to revert to the default settings for all video modes or only the current one. The changes are saved on exit from the OSD.

2. Introduction

Features

LARA defines a new class of remote KVM access devices (see Figure

2.1

). LARA

1

combines digital remote KVM access via IP networks with comprehensive and integrated system management.

LARA offers convenient, remote KVM access and control via LAN, Internet, or ISDN. It captures, digitizes, and compresses video and transmits it with keyboard and mouse signals to and from a remote computer. LARA provides a non-intrusive solution for remote access and control. Remote access and control software runs on the LARA embedded processors only but not on mission-critical servers, so that there is no interference with server operation or impact on network performance.

Figure 2.1.: LARA total view

Furthermore, LARA offers remote power management and remote system management according to the interfaces of the remote server. LARA supports three ways of power management:

ˆ via Peppercon’s internal reset/power option

ˆ via external scalable power switch box

ˆ via IPMI Version 1.5

1

LARA — LARA Advanced Remote Administration

6 CHAPTER 2.

INTRODUCTION

Other features of LARA are:

ˆ KVM (keyboard, video, mouse) access over IP, ISDN or analogous telephone line.

ˆ No impact on server or network performance

ˆ Automatically senses video resolution for best possible screen capture

ˆ High-performance mouse tracking and synchronization

ˆ Port to connect a user console for direct analogous access to KVM switch

ˆ Remote Mouse suppression (requires an additional software utility)

ˆ Local Mouse suppression (only when using SUN’s Java Virtual Machine)

LARA supports consoles consisting of PS/2 style keyboards, PS/2 style mouse and HD 15 video output. Please refer to Appendix

D.1

on page

71

for more details. LARA will automatically detect the current video mode of the console, however manual fine tuning is recommended to receive the best video quality. LARA will accept video streams up to 110 MHz dot clock. This results in a screen resolution of 1280x1024 dots with a frame rate of 60 Hz.

The used system management options depend on the interfaces the remote server systems provides.

Three main system management options are offered:

IPMI Version 1.5

defines a serial connection to access certain system parameters and to perform system actions like powering down the system or performing a hard reset. Modern server systems, supporting the IPMI

V1.5 specification, provide a mode where the externally available

COM2 serial connection can be configured as system management port (sometimes also referred to as emergency management port).

LARA may use this port in order to enable remote system management operations.

Internal Reset/Power Option The internal Reset/Power Option may be applied to remote systems where no IPMI Version 1.5 is available. The provided bracket is mounted in a free PCI/AGP slot. Main board pins for reset and power on/off have to be connected to the bracket. With this option it is possible to perform a remote reset, a remote power cycle, and a remote power on/off.

External Power Switch Option In case there is neither an IPMI V1.5 option available nor the chance to place a bracket in the remote system, an external power switch box can switch the power on and off.

LARA System Components

LARA is a fully configured stand-alone product consuming one quart of a 1U 19” rack mount chassis space. Up to four LARA devices can be mounted in 1 U chassis using the 19” rack mount kit (Item

No: 8400200)

Each LARA (Item No: 8400000) is shipped with:

1. LARA base unit

2. Peppercon utility CD-ROM including

2.1.

WHEN THE SERVER IS UP AND RUNNING a) LARA Installation and User Manual b) LARA utilities

3. LARA keyboard video mouse connection cable (Sub D 25)

4. NULL modem cable

5. LARA external power supply

7

IPMI Option (Item No. 8400300) The IPMI Option consists of a serial cable (SUB-D 9 female

←→ SUB-D 9 female) for the connection between LARA and an IPMI V1.5 compliant serial management port on the remote system.

Internal Reset/Power Option (Item No: 8400100) The internal reset/power option (see Figure

2.2

) consists of a PC bracket with a Sub-D 9 jack on the outside and 4x2 pin connector in the inner side. The Sub-D 9 jack is connected to the LARA Serial Port 2. The internal 4x2 pin connector allows to connect the reset and power on/off switching signals of the main board to LARA.

Figure

2.2

shows the PC bracket.

Figure 2.2.: Internal Reset/Power Option - PC bracket

2.1.

When the server is up and running

LARA gives you full control over the remote server. The Management Console allows you to access the remote server’s graphics, keyboard and mouse and to send special commands to the server.

You can also perform periodic maintenance of the server. Using the Console Redirection Service, you are able to do the following:

ˆ Reboot the system (a graceful shutdown).

ˆ Watch the boot process.

ˆ Boot the system from a separate partition to load the diagnostic environment.

ˆ Run special diagnostic programs.

8 CHAPTER 2.

INTRODUCTION

2.2.

When the server is dead

Obviously, fixing hardware defects is not possible using a remote management device. Nevertheless

LARA gives the administrator valuable information about the type of a hardware failure.

Serious hardware failures can be categorized into five different categories with different chances to

happen

2

:

1.

Hard disk failure 50%

2.

Power cable detached, power supply failure 28%

3.

CPU, Controller, main board failure 10%

4.

CPU fan failure 8%

5.

RAM failure 4%

Using LARA, administrators can determine which kind of serious hardware failure has occurred

(see Table

2.1

).

Table 2.1.: Host system failures and how they are detected

Type of failure Detected by

Hard disk failure Console screen, CMOS set-up information

Power cable detached, power supply failure

CPU Controller, main board failure

Server remains in power off state after power on command has been given.

Power supply is on, but there is no video output.

CPU fan failure

RAM failure

By IPMI or server specific management software

Boot-Sequence on boot console

2

According to a survey made by the Intel Corp.

3. Installation

3.1.

Operation Overview

Figure

3.1

shows the connections of LARA to its host, to peripheral devices, to the power source and to the local area network.

110/220V power

Figure 3.1.: LARA usage scenario

LARA redirects local keyboard, mouse, and video data to a remote administration console. All data is transmitted via IP. LARA can be used in a multi administrator and multi server environment as well. Combining one or several LARAs with a KVM switched matrix allows to access multiple servers on a single remote console.

LARA is multi user capable, i.e. up to 64 concurrent users may use LARA to administrate a remote site. Figure

3.2

shows a configuration with concurrent users on a number of servers connected by a KVM switching matrix using one or more LARAs.

Using more than one LARA in a configuration as shown in Figure

3.2

prevents blocking administrators who use the switching matrix.

LARA

Admin

Admin

IP Network

Scalable number of LARA boxes

KVM Matrix Switch

Figure 3.2.: Multiple users on multiple servers

Server

10

3.2.

Connectors and Jumpers

3.2.1.

Front Side Connectors

Figure

3.3

shows the connectors on LARA’s front side.

CHAPTER 3.

INSTALLATION

G

R

AB

IS

D

N

FU

LL

R

ST

VG

A

R

U

N

10

0

LARA

local mouse local keyboard local video interface

Figure 3.3.: LARA Front Side Connectors

RST Pushing this button performs a reset of LARA. One has to use this button for the initial configuration of LARA

VGA Indicates, that the VGA input is active and a video signal is received by LARA

RUN Indicates whether the LARA system is running or not

100 Indicates that the Ethernet connection is in 100 Mbit mode

FULL Indicates that the Ethernet connection is in full-duplex mode

ISDN Indicates that the ISDN subsystem is available and active (EMEA version only)

GRAB Indicates that a remote user is logged onto LARA and the video engine is outputting data

In case you want to connect a local console to the host system besides LARA, you can attach monitor, keyboard and mouse to the according LARA connectors on its front.

3.2.2.

Rear Side Connectors

Figure

3.4

shows the connectors on LARA’s rear side.

Serial 1 Serial 2 ISDN

Keyboard/Video/Mouse

Power

Ethernet

Figure 3.4.: Rear Side Connectors

SUB-D 9 Serial 1 The standard serial connector is used in multiple ways:

ˆ IPMI Version 1.5 connection to the remote system using the IPMI Option cable

3.3.

CONNECTING LARA TO THE HOST SYSTEM 11

ˆ Serial output for modem dial in connection

ˆ Serial pass-through via Telnet

ˆ Initial configuration

SUB-D 9 Serial 2 The serial connector 2 supports the internal and external power options

SUB-D 25 KVM The supplied Keyboard VGA Mouse extender cable has an aggregated SUB D

25 connector to LARA

Power supply

RJ 45 ISDN

A power supply with the following parameters can be attached:

ˆ Voltage: 12 V

ˆ Current: >= 1 A

Using this connector LARA can be connected to an EURO ISDN network

RJ 45 Ethernet UTP3/5 cables can be connected to LARA using this standard RJ 45 Jack

3.3.

Connecting LARA to the host system

In order to connect the KVM signals of the host system to LARA perform the following steps:

1. Connect the SUB-D 25 to PS2/PS2/Video cable to the SUB-D 25 connector on LARA

2. Connect the (purple) PS/2 Keyboard jack to the keyboard connector of the host system

3. Connect the (green) PS/2 mouse plug to the mouse connector of the host system

4. Connect the VGA HD-15 connector to the VGA monitor output of the host system

5. Connect the power supply as well as Ethernet and/or modem,ISDN, depending how you want to access LARA

In case you want to connect a local console to the host system besides LARA you may attach monitor, keyboard and mouse to the connectors on the front side. Figure

3.5

shows the resulting connections from LARA to the host system, whereas Figure

3.6

on the following page shows the same connections including the local console ones.

Keyboard

VGA, Mouse

SUB−D 25

LARA

Figure 3.5.: Connections of LARA KVM signals to the controlled system

3.3.1.

Connecting system management option

Figure

3.7

on the next page gives an overview over the three different options to perform remote reset and remote power management to the controlled PC.

12

LARA

SUB−D 25

CHAPTER 3.

INSTALLATION

Keyboard

VGA, Mouse

Video

Figure 3.6.: Connections of LARA with local console

KVM IPMI

Extra

Bracket in server

IPMI KVM

KVM IPMI

IPMI V1.5

Interface

To Reset and

Power on/off

Pins on main board or internal

Adapter Kit

Server

External Power

Switch box

Server

Server

Figure 3.7.: Connecting LARA system management

3.3.2.

Connecting IPMI option

IPMI Version 1.5 defines a serial connection to access certain system parameters and to perform system actions like powering down the system or performing a hard reset. Modern server systems, supporting the IPMI V1.5 specification, provide a modus where the externally available COM2 serial connection can be configured as system management port (sometimes also referred to as emergency management port ). LARA may connect to this port in order to enable remote system management operations.

At http://developer.intel.com/design/servers/ipmi/index.htm

You will find further information about IPMI 1.5.

In order to use the IPMI over serial interface it has to be enabled in the host system. This can be done using BIOS settings or special utilities provided by the server manufacturer. Refer to the server manufacturer’s manual site to find out how the IPMI over serial line can be enabled and configured and where the IPMI serial port is placed.

Hint:

IPMI V1.5 is only supported by modern server systems. No server system manufactured before

2002 supports IPMI 1.5. By the date of printing this manual only the Intel SDS2 server main board has a proper support of IPMI Verson 1.5.

Connect the IPMI option serial cable to the RS232 port 1 on the rear side of LARA and to the serial port of the controlled system.

3.3.

CONNECTING LARA TO THE HOST SYSTEM 13

3.3.3.

Connecting the Internal Reset/Power Option

Figure

3.8

shows the top view of the reset/power bracket.

To Reset Pin on

Mainboard

To Reset Front

Panel switch

To Power on Pin on

Mainboard

To Power Front

Panel switch

Figure 3.8.: Top view of internal reset/power option

Additional cables are required in order to enable the remote reset and the remote power function of LARA:

1. Mount the reset/power bracket in a free slot of the controlled system.

2. Find the cable connecting the front panel reset button and the main board.

3. Disconnect this cable from the main board and connect it to the pin connector on the bracket as shown in Figure

3.8

.

4. Take the supplied red/black reset cable and connect the cable with one end to the main boards reset jumper connector (where you just disconnected the cable to the front panel) and with the other end to the bracket connector as shown in Figure

3.8

.

5. Find the cable connecting the front panel power button and the main board.

6. Disconnect this cable from the main board and connect it to the pin connector on the bracket as shown in Figure

3.8

.

7. Take the supplied red/black power cable and connect the cable with one end to the main board’s power jumper connector (where you just disconnected the cable to the front panel) and with the other end to the bracket connector as shown in Figure

3.8

.

8. Check the cabling: finally, there are four cables connected to the jumper connector on the bracket.

Now, connect the bracket to the LARA serial port 2 using the supplied SUB-D 9 to SUB-D 9 connector.

3.3.4.

Connecting the External Reset/Power Option

Please refer to the manual of the Peppercon external power switch option or a third party external power option to connect those external devices either to the Peppercon Reset/Power Connector or to the serial interface on the rear side of LARA.

3.3.5.

Connecting Ethernet

The rear side of LARA provides a RJ-45 connector for Ethernet. The connector is used either for a 100 Mbps 100BASE-TX connection or for a 10 Mbps 10BASE-T connection. The adapter can sense the connection speed and will adjust to the appropriate operation mode automatically.

14 CHAPTER 3.

INSTALLATION

10 Mbps Connection

For 10BASE-T Ethernet networks, the Fast Ethernet adapter uses Category 3, 4, or 5 UTP cable.

To establish a 10 Mbps connection, the cable must be connected to a 10BASE-T hub.

1. Make sure that the cable is wired appropriately for a standard 10BASE-T adapter.

2. Align the RJ-45 plug with the notch on the adapter’s connector and insert it into the adapter’s connector.

100 Mbps Connection

For 100BASE-TX Fast Ethernet networks, LARA supports Category 5 UTP cabling. To establish a 100 Mbps connection, the cable must be connected to a 100BASE-TX hub.

1. Make sure that the cable is wired appropriately for a standard 100BASE-TX adapter.

2. Align the RJ-45 plug with the notch on the adapter’s connector and insert it into the adapter’s connector.

Note:

The UTP wire pairs and configuration for 100BASE-TX cable are identical to those for

10BASE-T cable when used with Category 5 UTP cable.

3.3.6.

Connecting ISDN

The rear side of LARA contains two RJ-45 connectors. The upper connector, marked as ’ISDN’ is used to connect LARA to an ISDN network, using a standard ISDN cable.

4. Configuration

4.1.

Initial Configuration

LARA’s communication interfaces are all based on TCP/IP. LARA comes pre-configured with the

IP configuration listed in Table

4.1

.

Table 4.1.: Initial IP configuration

Parameter Value

DHCP

IP-Address active

192.168.1.22

Net-mask 255.255.255.0

Default-Gateway None

In case this initial configuration doesn’t meet your requirements there is an initial IP configuration necessary in order to access LARA for the first time. This chapter describes different possibilities to accomplish that.

4.1.1.

Initial configuration via DHCP server

By default, LARA will try to contact a DHCP server in the subnet to which it is physically connected. If a DHCP server is found it may provide a valid IP address, gateway address and net mask. Before you connect the LARA to your local subnet be sure to complete the corresponding configuration of your DHCP server. It is recommended to configure a fixed IP assignment to the

MAC address of LARA. You can find the MAC address of your LARA on the outside of the shipping box and labeled on LARA’s bottom side. If the DHCP connection fails on boot up, LARA will boot with the last known IP configuration. This is the pre-configured IP address in case LARA is booting up for the very first time.

4.1.2.

Initial configuration via local console

There are two ways for getting access to LARA’s local console and carrying out the IP configuration there:

1. Using a serial terminal: LARA has a serial line interface at its rear side (refer to Section

3.2

on page

10 ). The connector is compliant to RS 232 serial line standard. Peppercon is offering

an according serial cable that can be used for connecting the connector of LARA with a

Sub-D 9 connector of a terminal or the serial line interface of a computer running a terminal program. The serial line has to be configured with the parameters given in

4.2

.

2. Use a crossover Ethernet cable to connect LARA to your configuring computer back-to-back and use the initial configuration to connect.

16 CHAPTER 4.

CONFIGURATION

Table 4.2.: Serial line parameters

Parameter Value

Bits/second 115200

Data bits 8

Parity

Stop bits

No

1

Flow Control None

After you have connected your terminal to LARA, you will see the following message on the host’s monitor or in the terminal:

LARA (c) Peppercon AG 2002

For initial IP configuration login as "config". Press F10 to resume.

192.168.1.22 login:

Please enter ’config’ as login name. There is no password required. As you go along you will see the following lines, which you have to answer or to which you may provide the default value by pressing < Enter >. The default value is shown in square brackets.

Enable DHCP (yes/no) [yes]:

IP [192.168.1.22]:

NetMask [255.255.255.0]:

Gateway (0.0.0.0 for none) [0.0.0.0]:

Enable IP Access Control (yes/no) [no]:

After logging in, you must disable DHCP. You may change the IP address, net mask and gateway address. The input may be left empty and you can quit with < Enter > to accept the pre-assigned value. In order to contact LARA from outside of your LAN you need to configure a gateway. If you want to remove an already configured gateway, enter 0.0.0.0.

The last question ‘Enable IP Access Control’ allows you to switch IP packet filtering on or off. It is mainly intended to re-enable access to LARA after a faulty IP access control configuration has been activated. Refer to Table

5.18

on page

57

for more information about IP access control.

After entering all the values, you will see the welcome message again.

4.1.3.

Mouse, Keyboard and Video configuration

The correct operation of the remote mouse depends on two settings which will be discussed in the following subsections. In case the remote mouse doesn’t work properly at least one of the following settings is probably not correct.

LARA mouse settings

The LARA settings for the host’s mouse type and the host’s keyboard type must be correct in order to make remote keyboard and mouse work properly. Check the settings in the LARA front-end.

See Section

5.4.3

on page

35

for details.

4.1.

INITIAL CONFIGURATION 17

Host system mouse settings

The host’s operating system also knows various settings for the mouse driver. While LARA works with accelerated mice and is able to synchronize the local with the remote mouse pointer (see Section

5.3.4

on page

28 ), there are the following limitations which may prevent this synchronization

from working properly:

Special Mouse Driver There are mouse drivers, which influence the synchronization process leading to desynchronized mouse pointers. If this happens, make sure you don’t use a special vendor-specific mouse driver on your host system

Windows XP Mouse Setting Windows XP knows a setting to ’improve mouse acceleration’, which has to be deactivated

You can check the correct setting by moving the mouse of your administration system to the upper left corner of the Remote Console and moving it there slightly forth and back. This will force a mouse synchronization in that corner of the screen. Once that is done you may observe the behaviour of your remote mouse in accordance to the local one. If both mice desynchronize quickly one of the above mentioned settings may be not correct.

LARA Video Modes

LARA recognizes a limited number of common video modes. When running X-Window on the host system, please don’t use any custom modelines with special video modes. If done so, LARA may not be able to detect these. You are on the safe side with all standard VESA video modes. Please refer to Appendix

B

on page

67

for a list of all known modes.

4.1.4.

Mouse suppression utility

In order to provide a convenient user interface, you may install a tiny application on the server to enable remote mouse hiding. This helper application will not install a device driver. Therefore, user rights for installing an application are sufficient for its installation. The LARAm application is written for Win32 operating systems and runs under the following Microsoft environments:

ˆ Windows 98 / ME

ˆ Windows NT4 / 2000 / XP

To install the LARAm application just start the installation script in the LARAm subdirectory of the CD-ROM enclosed, and follow the instructions of the setup procedure. You will be asked if the utility should be placed in the Startup-Folder of your system or if you want to activate it manually.

Once started, an icon appears in the taskbar notification area (tray) of you system to indicate that the application is active and give the possibility to close the program. The installation procedure also creates an icon to uninstall the application.

18 CHAPTER 4.

CONFIGURATION

5. Usage

5.1.

Prerequisites

The LARA features an embedded operating system and the according applications offering a variety of standardized interfaces. The functionality is exposed to the user via these interfaces. This chapter will describe all of these interfaces and how to use them in detail. All the interfaces are accessed using the TCP/IP protocol family, thus they can be used equally over the built-in Ethernet adapter, over modem or over ISDN.

The following interfaces are supported:

1. HTTP/HTTPS: The most complete access is provided by an embedded Web server. Thus the LARA environment can be entirely controlled by a standard Web browser. Depending on the Web browser you can access the eRIC card using the unsecured HTTP protocol or, in case the browser supports it, the encrypted HTTPS protocol. It is recommended to use

HTTPS whenever possible.

2. SNMP

1

: Any standard SNMP client can use this protocol. The according MIB

2

on the LARA tools CD or can be downloaded over the LARA front-end.

is provided

3. Telnet: A standard Telnet client can be used to access an arbitrary device connected to one of LARA’s serial ports via a terminal mode.

Since the primary interface of LARA is the HTTP interface this chapter is mainly evolving around this topic. The other two interfaces are explained in the according subtopics section

5.5.4

on page

43

and section

5.7

on page

60 .

In order to use the Remote Console window of your managed host system the browser has to come with a Java Runtime Environment version 1.1 or higher. But even if the used browser has no Java support, for instance on small handheld devices, you are still able to maintain your remote host system using the administration forms displayed by the browser itself.

Peppercon recommends the following browser for an unsecured connection to LARA.

ˆ Microsoft Internet Explorer version 5.0 or higher on Windows 98, Windows ME and Windows

2000, Windows XP

ˆ Netscape Navigator 7.0 or Mozilla 1.0 on Windows 98, Windows ME, Windows 2000, Windows

XP, Linux and other UNIX like Operating Systems

In order to access the remote host system using a securely encrypted connection you need a browser that supports the HTTPS protocol. Strong security is only assured by using key length of 128

Bit. Many old browser don’t have a strong 128 Bit encryption algorithm due to former export regulations of US authorities. For instance Internet Explorer 5.0, that comes as part of Windows

1

SNMP — Simple Network Management Protocol

2

MIB — Management Information Base

20 CHAPTER 5.

USAGE

ME and Windows 2000 supports a key length of 56 Bit only. You can read about the key length of your Internet Explorer under the menu points ‘?’ and ‘Info’. The dialog box shows also a hyperlink that leads you to information on how to upgrade your browser to a state of the art encryption scheme. Figure

5.1

shows the dialog presented by Internet Explorer 6.0.

However the US export regulations have been declared obsolete recently. Therefore, new browser versions do support strong encryption.

Peppercon recommends the following browser for a secured connection to LARA.

ˆ Microsoft Internet Explorer version 5.5 or higher on Windows 98, Windows ME, Windows

2000 and Windows XP

ˆ Netscape Navigator 7.0 or Mozilla 1.0 on Windows 98, Windows ME, Windows 2000, Windows

XP, Linux and other UNIX like Operating Systems

Figure 5.1.: Internet Explorer showing the encryption key length

5.2.

Login into LARA and logout

5.2.1.

Login into LARA

Start your Web browser and direct it to the address of your LARA that has been configured during installation. The address used might be a plain IP address or a host and domain name, in case you have given your LARA a symbolic name in the DNS.

For instance, you have to type the following into the address line or your browser for establishing an unsecured connection: http://192.168.1.22/ or in case you like to use a secure connection: https://192.168.1.22/

This leads you to the LARA login page as shown in Figure

5.2

on the facing page.

The LARA has a built-in super user that has all permissions to administrate your LARA:

Login name super

Password lara

5.2.

LOGIN INTO LARA AND LOGOUT 21

Figure 5.2.: LARA login screen

Attention:

Please make sure to change the super user password immediately after you have installed and firstly accessed your LARA. Not changing the super user password is a severe security risk and might result in unauthorized access to LARA and the host system with all possible consequences!

5.2.2.

Main Screen

After a successful login, LARA will present its main screen consisting of three frames (see Figure

5.3

on the next page)

The upper left frame contains a home link that brings you instantly back to the home page after you stepped down to one of the administration menu points. The logout link logs you out of LARA.

That means the current session will be terminated and you have to type username and password again to login.

Note:

The LARA will log you out automatically after there is no administration activity for half an hour. In this case each click on one of the links will lead you to the login screen where you have to provide the login information again.

The lower left frame of the LARA main window, called the menu frame, contains the main menu that leads you to the pages for various administration tasks. The functions of the menu frame will be described in detail during the following sections.

The different function pages selected by one of the menu links will be presented in the big right frame, called the function frame.

Initially the function frame contains a short summary about your LARA. Table

5.1

on the following page gives you a description of the meaning of each point.

22 CHAPTER 5.

USAGE

Figure 5.3.: LARA home menu window

Feature

Server Power Status

Table 5.1.: Meaning of the main menu LARA features

Description

Shows whether the host system is switched on or off

Firmware Version

Users

Version number of the firmware installed on your LARA

Shows all currently logged in users with their identity and the IP address from where they are logged in (note: in case a user connected his Web browser over a proxy server the

IP address field will show the IP address of the proxy server and not that of the user machine itself)

5.2.3.

Logout from LARA

This link logs out the current user and presents a new login screen. Please note that an automatic logout will be performed in case there was no activity for half an hour.

5.3.

Remote Console

5.3.1.

Show Remote Console

The Remote Console is the redirected screen, keyboard and mouse of the remote host system LARA controls.

Starting the Remote Console causes an additional window popping up that contains a copy of the screen of your host system (see Figure

5.4

on the next page). The Remote Console will behave exactly in the same way as when you were sitting directly in front of the screen of your remote system. That means keyboard and mouse can be used in the usual way. However, be aware of the fact that the remote system will react to keyboard and mouse actions with a slight delay. The delay depends on the bandwidth of the line over which you are connected to LARA.

5.3.

REMOTE CONSOLE 23

Figure 5.4.: Remote Console window showing a Windows 2000 desktop screen

With respect to the keyboard, the very exact remote representation might lead to some confusion as your local keyboard changes its keyboard layout according to the remote host system.

For instance, special keys on the German keyboard won’t work anymore as expected but will result in their US English counterpart if you are using a German administration system but your host system uses a US English keyboard layout.

You can circumvent such problems by adjusting the keyboard of your remote system to the same mapping as your local one or by using the Soft-Keyboard that is part of the Remote Console applet.

The Remote Console window is a Java Applet that tries to establish its own TCP connection to

LARA. The protocol that is run over this connection is not HTTP or HTTPS but a protocol called

RFB (Remote Frame Buffer Protocol). Currently RFB tries to establish a connection to port number 443. Your local network environment must allow this connection to be made, i.e. your firewall and, in case you have a private internal network, your NAT (Network Address Translation) settings must be configured accordingly.

In case LARA is connected to your local network environment and your connection to the internet is available using a proxy server only without NAT being configured, the Remote Console is very unlikely to be able to establish the according connection. This is because today’s Web proxies are not capable of relaying the RFB protocol.

In case of problems, please consult your network administrator in order to provide an appropriate network environment.

The Remote Console window always tries to show the remote screen with its optimal size. That means it will adapt its size to the size of the remote screen initially and after the screen resolution of the remote screen has been changed. However, you can always resize the Remote Console window in your local window system as usual.

Hint:

In difference to the remote host system, the Remote Console window on your local window system is just one window among others. In order to make keyboard and mouse work, your

Remote Console window must have the local input focus.

The upper part of the Remote Console window contains a control bar. Using its elements you can see the state of the Remote Console and influence the local Remote Console settings. Table

5.2

describes the meaning of each control.

24 CHAPTER 5.

USAGE

Control

Ctrl+Alt+Delete

State line

Auto adjust

Sync mouse

Options

→Monitor Mode

Options

→Scaling

Options

→Readability Filter

Options

→Chat Window

Options

→Soft Keyboard

Options

→Soft Keyboard

→Show

Table 5.2.: Description of Remote Console Options

Description

Special button key to send the ‘Control Alt Delete’ key combination to the remote system (see also Section Remote Chat Frame for defining new button keys).

Shows console and connection state. Normally it displays the size in pixels of the remote screen. The value in round brackets describes the connection to the remote system: Norm stands for a standard connection without encryption; SSL stands for a secured connection. In case there is a connection error, it will be displayed in this line as well. You can double click the state line in order to see a history of all the state messages.

Starts the auto adjustment procedure to determine the settings for best visual quality of the grabbed image. This may take a few moments. During the process the display is turned off and you will see a notification message.

Activates the mouse synchronization process. Have a look at

Section

5.3.4

on page

28

for further information about this topic.

Toggles the read only mode on and off. In case the Monitor Mode check box is checked the Remote Console won’t accept any local input neither keyboard nor mouse. The KM symbol right of the option menu will have a red colour in case the Monitor Mode is switched on and a green colour otherwise.

Allows you to scale down the Remote Console. You can still use mouse and keyboard, however the scaling algorithm won’t preserve all display details.

Toggles the Readability Filter on or off. If the filter is switched on in scaling mode, it will preserve most of the screen details even if the image is substantially scaled down. This option will be available only with a Java Virtual Machine version number of

1.3 or higher.

Opens up the LARA Chat Frame. See Section

5.3.2

on the facing page for a detailed description!

Opens up the Menu for the Soft-Keyboard.

Pops up the Soft-Keyboard. The Soft-Keyboard is necessary in case your host system runs a completely different language and country mapping than your administration machine.

Continued on next page

5.3.

REMOTE CONSOLE

Control

Options

→Soft Keyboard

→Layout

Options

→Soft Keyboard

→Mapping

Options

→Local Keyboard

Table 5.2 – continued from previous page

Description

Small and big keyboard layouts are possible.

Used for choosing the according language and country mapping of the Soft-Keyboard.

Options

→OSD Panel

Options

→Mouse handling

Options

→Local cursor

KM Indicator

Used to change the language mapping of your browser machine running the Remote Console Applet. Normally the Applet determines the correct value automatically. However, depending on your particular JVM and your browser machine settings this is not always possible. A typical example is a German localized system that uses an US-English keyboard mapping. In this case you have to change the Local Keyboard setting manually to the right language

Opens a panel for handling the LARA on-screen display. Have a look at Section

5.3.3

on the next page for a detailed description of the available options.

The submenu for mouse handling offers two options for synchronizing the local and the remove mouse pointer, explained in Section

5.3.4

on page

28 . The third option ’toggle remote visibility’

works in conjuction with the LARAm utility for Win32 systems

(Section

4.1.4

on page

17

). If this program is activated on the controlled machine the remote mouse pointer may be hidden.

Offers a list of different cursor shapes to choose from for the local mouse pointer. The selected shape will be saved for the current user and activated again next time this user opens the Remote

Console. The number of available shapes depends on the Java

Virtual Machine, only a version of 1.2 or higher offers the full list.

The KM symbol right of the option menu is always indicating whether the Monitor Mode is switched on or of. It will be of red color in case the Monitor Mode is switched on and of green color otherwise.

25

5.3.2.

Remote Chat Frame

The LARA Remote Console features a Chat Frame that allows you to communicate with other parties logged into the same device. Figure

5.5

on the following page shows an example of the Chat

Frame.

The Chat Frame is helpful especially for discussing problems and questions among logged in LARA users in case the remote host’s screen should not be changed or misused for that purpose.

Table

5.3

on the next page will list all Chat Frame elements together with their meaning and usage.

The elements will be referred to by the terms introduced in Figure

5.5

on the following page.

26 CHAPTER 5.

USAGE

Tit le Bar

Ch at Ar ea

Ch at Lin e

Id en t it y Lab el

Figure 5.5.: Example for the Chat window

Table 5.3.: Chat Frame element description

Chat Frame Element Description

Title Bar Shows the IP address of the LARA you are connected to.

Chat Area Read-only text area showing the messages, which have been received so far, inclusive your own messages sent to others. The identity string of the sender precedes each message.

Identity Label Shows the identity string used to precede messages sent by this

Chat Frame. The first part of the identity string is the user

ID (‘thomas’ in the example) that has been used to log into the client system, i.e. the system the browser runs on. The second part, behind ‘@’, is the hostname of the client system

(‘ganesh.peppercon.de’ in the example). The last part in round

Chat Line brackets is the user name that was used to log into LARA (‘super’ in the example).

This is an editable text line, where a new message can be entered.

Once the Enter key is hit the message is broadcasted to every other connected party. In case a connected user has not yet opened the Chat Frame it will be opened automatically in order to deliver the message.

Note:

Any message sent to the Chat will be broadcasted to ALL connected users, which are using the Remote Console at the time the message was sent. There is no option to direct a message to a particular user only.

The Chat has no message history. That means, messages will be received only after opening the Remote Console. Messages that possibly have been sent among other users will be lost for a user who opens up his Remote Console afterwards.

5.3.3.

LARA On-Screen display (OSD)

LARA features an on-screen display (OSD) to setup the video options. The OSD is controlled via the OSD panel (see Figure

5.6

on the next page), available in the Remote Console options menu.

This panel offers keys to show/hide or navigate the OSD. It is also possible to use ENTER and the cursor keys for navigation, but the panel must have input focus, else the keypresses will control

5.3.

REMOTE CONSOLE 27 the host system via the Remote Console. The panel also provides an option to start the automatic adjustment for the current video mode.

Figure 5.6.: OSD panel

The OSD is divided into separate submenus (see Figure

5.7

), an explanation for each of them follows. Please note, that all settings are saved only when exiting the OSD.

Figure 5.7.: OSD main menu

OSD Picture menu The Picture submenu (Figure

5.8

) provides options to control the video

settings. The adjustments made here affect all modes and KVM ports globally.

Brightness controls the brightness of the picture

Black level defines what intensity of color is still recognized as black

Contrast controls the contrast of the picture

Figure 5.8.: OSD picture menu

The Misc submenu (Figure

5.9

on the following page) provides additional options to control the video quality and position.

Sampling Clock Defines the horizontal frequency for a video line and depends on the video mode. Different video card types may require different values here. The default settings in conjuction with the auto adjustment procedure should be adequate for all common configurations. If the picture quality is still bad after auto adjustment you may try to change this setting together with the sampling phase to achieve a better quality.

28 CHAPTER 5.

USAGE

Sampling Phase Defines the phase for video sampling, used to control the display quality together with the setting for sampling clock.

Horizontal Position Use the left and right buttons to move the picture in horizontal direction while this option is selected

Vertical Position Use the left and right buttons to move the picture in vertical direction while this option is selected

Figure 5.9.: OSD picture Misc menu

OSD Settings menu The OSD settings submenu (Figure

5.10

) is used to adjust the appearance

of the on-screen display and offers the following options:

Color This submenu is used to set the foreground and background colors for the OSD text

Appearance Controls the transparency of the OSD, choose a value by pressing the left or right

OSD buttons while this option is selected

Zoom Used to double the size of the OSD

Figure 5.10.: OSD settings menu

OSD configuration menu The configuration (Figure

5.11

) menu allows to revert to default video settings, either for all video modes or only for the one currently active.

Figure 5.11.: OSD configuration menu

5.3.4.

LARA Mouse Synchronization

A common problem with KVM devices is the synchronization between the local and remote mouse cursors. LARA addresses this situation with an intelligent synchronization algorithm. Whenever

5.3.

REMOTE CONSOLE 29 the mouse doesn’t move correctly, there are two ways for re-synchronizing local and remote mouse:

Fast Sync The fast synchronization is used to correct a temporary, but fixed skew. Choose the option using the Remote Console options menu (see Table

5.2

on page

23

) or press the mouse synchronization hotkey sequence in case you defined one (refer to Section

5.3.5

).

Intelligent Sync If the fast sync doesn’t work or the mouse settings have been changed on the host system, use the intelligent resynchronization. This method takes slightly more time than the fast one and can be accessed with the appropriate item in the

Remote Console option menu or the ’Sync mouse’ button on top of the Remote

Console. The intelligent synchronization requires, a correctly adjusted picture.

Use the auto adjustment function or the manual correction in the OSD menu

(refer to Section

5.3.3

on page

26

) to setup the picture.

Emergency (direct) mouse mode If all synchronization options fail (due to on of the reasons below) it is still possible to work with the remote mouse by selecting the emergency mode using the keyboard/mouse & video settings panel (see Section

5.4.3

on page

35

). If activated, all mouse movements are transmitted directly to the host, so you can adjust the host mouse settings to less extreme values or even work in this mode if mouse acceleration is turned off. In this mode all synchronization options perform a fast sync.

Limitations of the mouse synchronization While the intelligent algorithm works fine for common cases, there are some special limitations which may prevent the synchronization from working properly:

Special Mouse Driver There are mouse drivers, which influence the synchronization process leading to desynchronized mouse pointers. If this happens, make sure you don’t use a special vendor-specific mouse driver on your host system

Windows XP Mouse Setting Windows XP knows a setting to ’improve mouse acceleration’, which has to be deactivated

Badly adjusted picture To have the intelligent sync working, a correctly adjusted picture is necessary. Use the auto adjustment function or the manual correction in the OSD menu (refer to Section

5.3.3

on page

26

) to setup the picture. The video also has to be of sufficiently good quality.

5.3.5.

Remote Console Settings

The Remote Console settings allow you to customize the Remote Console window prior to its start

(see Figure

5.12

on page

32 ). Some of the parameters you might still change while the Remote

Console is running while others have to be set in the Remote Console settings.

All the settings for the Remote Console window are user specific. That means, each user can individually customize the Remote Console for his needs. Changing the settings for one user does not affect the settings for others.

30 CHAPTER 5.

USAGE

Table 5.4.: Decription of Remote Console Option Menu

Control

User select box

Button Keys

Description

This control will show the user ID for which the values are shown and for which changes will take effect. You might change the settings of other users in case you have the necessary access rights.

Button Keys are meant for simulating keystrokes on the remote system that cannot be generated locally. The reason for this might be a missing key or the fact, that the local operating system of the Remote Console is unconditionally catching this keystroke already. Typical examples are ‘Control Alt Delete’ on Windows and DOS, what is always caught or ‘Control Backspace’ on Linux for terminating the X-Server. The syntax to define a new Button

Key is as follows:

[conf irm] < keycode > [+ < keycode >]

∗ confirm requests confirmation by a dialog box before the key strokes will be sent.

Mouse cursor synchronization hotkey keycode is the key to be sent. Multiple key codes can be concatenated with a plus sign and will be sent one by one sequentially.

For a list of key codes and aliases LARA recognizes refer to Appendix

C

on page

69 .

Allows to specify a hotkey combination which starts the mouse synchronization process if pressed in the Remote Console (see

Section

5.3.4

on page

28

for more information). The key codes are listed in Appendix

C

on page

69

.

Transmission Encoding The Transmission Encoding setting allows changing the imageencoding algorithm that is used to transmit the video data to the

Remote Console window. Using those settings it is possible to optimize the speed of the remote screen depending on the number of parallel users and the bandwidth of the connection line (Modem,

ISDN, DSL, LAN, etc.).

Normal: The Standard Encoding algorithm well suited for many parallel users in a LAN environment. Typical applications generate traffic of up to 15 Kbytes/s.

Compressed: The data stream between LARA and the Remote

Console window will be additionally compressed to save bandwidth. Choosing one of the rates between 1 (lowest) and 9 (highest) adjusts the compression rate. Typical applications generate traffic between 5 Kbytes/s (compression rate 9) and 10 Kbytes/s

(compression rate 1). The compression encoding is well suited for a Modem or ISDN environment. However, since the compression takes processing time on LARA itself, this encoding shouldn’t be used when many parallel users want to access LARA at the same time.

Start in Monitor Mode Sets the initial value for the monitor mode. By default the monitor mode is off. In case you switch it on, the Remote Console window will be started in a read only mode

Continued on next page

5.4.

SERVER

Control

Use Sun Microsystems

Java Browser Plugin

Table 5.4 – continued from previous page

Description

Instructs the Web browser of your administration system to use the JVM (Java Virtual Machine) of Sun Microsystems. The JVM in the browser is used to run the code for the Remote Console window, which is actually a Java Applet. If you check this box for the first time on your administration system and the appropriate Java plug-in is not already installed on your system, it will be downloaded and installed automatically. However, in order to make the installation possible, you still need to answer the according dialogs with YES. The download volume is around 11 Mbytes.

The advantage of downloading Sun’s JVM lays in providing a stable and identical Java Virtual Machine across different platforms.

The Remote Console software is optimized for this JVM versions and offers wider range of functionality when run in SUN’s JVM.

(Hint: If you are connected over a slow connection to the Internet you can also pre-install the JVM on your administration machine.

The software is available on the CD that is delivered along with

LARA.)

Pressing the Apply button finally changes the values permanently in LARA.

31

5.3.6.

Telnet Console

This options offers a Java applet for the Telnet protocol (Figure

5.13

on page

33

) to open a connection to LARA. Its main use is the passthrough option for the serial port 1 (see also Section

5.5.5

on page

46

). The Telnet access has to be enabled in the security settings as well (see Section

5.5.10

on page

55

). Of course it is also possible to connect with a standard Telnet client. For details regarding the Telnet interface please refer to Section

5.7

on page

60

.

5.4.

Server

5.4.1.

Power Control

The appearance of the power control options depends on the power control option connected to

LARA and on the currently activated setting (see Section

5.5.5

on page

46

for an explanation).

There are three options available:

ˆ power control disabled

ˆ internal power option

ˆ external power option

Internal power option

For connecting the internal power option please refer to Section

3.3.3

on page

13 . Once connected

it has to be enabled using the serial settings (see Section

5.5.5

on page

46 ).

32 CHAPTER 5.

USAGE

Figure 5.12.: Example of Remote Console settings

The Power Control panel enables access to the most important external buttons of your host system besides of the keyboard. These buttons are the reset and the ATX power button.

The power button is the representation of the ATX power button on your host system. It is used to switch on and off the power supply. The ATX power button knows two operation modes: pressing it shortly and pressing it for about 4 seconds. As shown in Figure

5.14

on the next page these two modes are supported separately. Table

5.5

on page

34

explains the different effects.

Note: The prerequisite for the remote power/reset button to work is a correct installation of LARA. The additional cabling as described in Section

3.3.3

on page

13

must be properly connected.

External power option

If an external power option is enabled the power control will look like shown in Figure

5.15

on the next page.

The upper half is used to switch the power for the KVM port currently active. Use the KVM settings (Section

5.4.4

on page

35 ) to assign a port of the external power control to a KVM port.

5.4.

SERVER

Figure 5.13.: Telnet Console

33

Figure 5.14.: Internal Power Control

If no assignment exists, the option is disabled.

The lower half offers controls for switching each port of the external power control directly. Select the appropriate port and decide whether to power it off or on.

5.4.2.

Power Control Settings

Figure

5.16

on the next page shows the Power Control Settings, which influence the commands for internal power switching described in the previous chapter.

Figure 5.15.: External Power Control

34 CHAPTER 5.

USAGE

Button

Reset

Power (short press)

Power (long press)

Table 5.5.: Remote reset and power button effects

Description

Pressing this button is similar to pressing the reset button directly on the remote system (see Figure

5.14

on the page before).

Be aware that pressing the reset button will result in unconditional and immediate cold start of the system. This might damage open files and the file system itself.

A short press on the ATX button is normally caught by the running operating system that tries to initiate a controlled shutdown.

Usually this should always be the first action you try in case you would like to power off your system. Only in case this is not working you should try the long press button.

Please note that after you have pressed this button the power state displayed in the administration panel won’t immediately reflect the requested change. A controlled shut down of the system may take up to some minutes. You can observe the action caused by your button press using the Remote Console window or by reloading the Server Power Control panel.

This will unconditionally power off the system. Even if you have submitted a short press before, this will shut down the power supply of the host system.

The effect of the long button press can be immediately observed on the panel that is loaded into the browser because of the button press. The power state will be off.

Reset/Power Button Press Durations:

These options allow changing the duration for pressing the reset or ATX power button. The values are the time in milliseconds the reset/power button will remain pressed. The default value should work in almost all cases, so you should keep it unchanged. However there are some systems, which specify other values. Please consult those system’s manuals and change the settings accordingly.

Additionally ATX distinguishes between two different durations. The shorter duration is meant for initiating a controlled operating system shutdown. The longer duration is an unconditional power off.

These settings only apply to the internal LARA power option.

Figure 5.16.: Power Control settings

5.4.

SERVER 35

5.4.3.

Keyboard/Mouse & Video Settings

LARA supports different keyboard and mouse models. The panel shown in Figure

5.17

is used to adjust those settings as well as some other ones. Their meaning is listed in Table

5.6

:

Figure 5.17.: Keyboard Mouse & Video settings

Table 5.6.: Keyboard Mouse & Video Settings description

Control

Keyboard Model

Mouse Model

Force emergency (direct) mouse mode

Description

Selects the keyboard model used on the remote host system.

Selects the mouse model that is used on the remote system. A wrongly selected mouse model may result in strange mouse effects.

If the mouse synchronization (see Section

5.3.4

on page

28 ) failed

it is possible to force a direct translation of mouse movements between the local and the remote pointer, so you can still move the mouse even if its not entirely synchronous. To use the mouse synchronization process again, turn off this option.

Enable local video port This options decides if the video output on the front panel of

LARA is active and bypassing the incoming signal from the host

Reset mouse/keyboard emulation system.

This option will reset the LARA keyboard and mouse emulation for the host system.

Use it if the keyboard or mouse seems to react irrationally. Its just like pulling out the keyboard and mouse connectors and plugging them in again.

5.4.4.

KVM Settings

The LARA KVM settings (Figure

5.18

on the next page) allow to control a KVM switch located between LARA and the hosts. Have a look at Section

3.1

on page

9

for a connection example.

It is possible to select the number of ports the connected KVM uses. Each port may get a name assigned. In order to provide KVM port switching through LARA, key combinations have to be defined for the ports.

36 CHAPTER 5.

USAGE

Figure 5.18.: KVM Settings

The syntax to define a new Button Key is as follows:

< keycode > [+ < keycode >]

For example: Ctrl+Ctrl+A+Enter

Thereby keycode is the key to be sent. Multiple key codes can be concatenated with a plus sign and will be sent one by one sequentially. (see Appendix

C

on page

69

for a list of key codes that can be used as hotkeys).

Note: The settings will be saved only after pressing ‘Apply’.

If the settings are correct, the KVM port can be switched using the option ‘Active port’ on top of this page or with the KVM switching matrix on the LARA homepage (see Section

5.2.2

on page

21

). LARA uses separate mouse synchronization settings (see section

5.3.4

on page

28

) and video-settings (see Section

5.3.3

on page

26 ) for each port.

Note:

It is still possible to apply KVM key combinations through the Remote Console for switching

KVM port, however, in this case video and mouse synchronization settings will be shared among the ports and may unintentionally be changed for one of those port.

If an external power option is enabled it is additionally possible to assign a port of this control for power switching to each KVM port (see Section

5.4.1

on page

32

).

5.5.

Administration

5.5.1.

User/Group Management

The user and group management of LARA is based on configurable users and groups. Each user or group may have different permissions.

5.5.

ADMINISTRATION 37

Upon delivery, each LARA is pre-configured with a supervisor user called ‘super’ having the password ‘lara’. Make sure to change the super user password immediately after you have installed and firstly accessed your LARA.

Figure

5.19

shows the User/Group Management panel of the LARA front-end. Its use will be described in Table

5.7

and in the following text.

Field

Existing user

Figure 5.19.: User/Group Management

Table 5.7.: Description User/Group Management

Description

Select an existing user for modification or deletion. Once a user has been selected, click the lookup button to see the complete user information.

Continued on next page

38 CHAPTER 5.

USAGE

Field

New user name

Full user name

Password

Confirm password

Email address

Mobile number

Group membership

Existing groups

New group name

Table 5.7 – continued from previous page

Description

In order to create a new user, enter a new login name in this field. The new name must not yet exist as user or group. In case it does, an error message will be displayed on top of the panel.

This name is the full name belonging to the login name.

The password for the login name. It must be at least four characters long.

Confirmation of the password above.

This is optional.

This information may be optionally provided.

Each user can be a member of one or more groups.

Selects an existing group for copying, modification or deletion.

In order to create a new group, enter a new and unused group name.

The user management of LARA allows many different users. The following sections will describe how to add, change and delete users.

Add User

Fill out the fields ‘New user name’, ‘Full user name’, ‘Password’ and ‘Confirm password’ as shown in Figure

5.19

on the preceding page. Optionally select the groups the new user should become a member of. Click the ’Create user’ button.

Delete User

Select a user in the ‘Existing user’ control. Click the ‘Lookup’ button. The complete user information will be shown. Click the ‘Delete user’ button.

Hint:

The pre-configured supervisor user ‘super’ can’t be deleted. This user can be renamed only.

Modify User

Select a user in the ‘Existing user’ control. Click the lookup button to get all the user’s information.

All fields can be modified as required. The old password is not displayed, but can be modified. If all changes are done click the ‘Modify user’ button.

Copy User

Select a user in the ‘Existing user’ control. Enter a new user name in the field ‘New user name’.

Click the ‘Copy User’ button. This will create a new user with the given name. All properties of the selected user will be copied to the new one, except user specific permissions.

5.5.

ADMINISTRATION 39

Add Group

Type the name of the new group into the field ‘New group name’ and click the ‘Create group’ button.

Delete Group

Select a group in the ‘Existing group’ control. Click the ‘Delete group’ button.

Modify Group

To modify an existing group select the group in the ‘Existing group’ control. The group’s name field can be modified. Finally click the ‘Modify group’ button.

Copy Group

Select a group in the ‘Existing group’ control and type the name of the new group into the field

‘New group name’. Click the ‘Copy Group’ button. This will create a new group and copy all properties and permissions of the selected group to the newly created group.

5.5.2.

User/Group Permissions

A set of permissions is assigned to each user or group. Those rights are used to authorize access to certain LARA functionality for a particular user. By default the user ’super’ has all permissions.

His permissions cannot be shrunk. A newly created user or group has no permissions. A user will inherit the permissions of all groups he belongs to.

Figure 5.20.: User/Group Permissions panel

The User/Group Permissions panel as shown in Figure

5.20

allows you to change the permissions of a certain user or group. Note that the User/Group Permissions panel will show the changes to the

40 CHAPTER 5.

USAGE permissions inherited by the user’s ancestors only. That means an empty permission list of a user does not imply that the user has no permissions at all but that he has exactly the same permissions as inherited from the groups he belongs to.

The right of one user for changing another user’s or group’s access rights is determined by the parent/child relationship between them. When one user is creating another user, he will implicitly become the parent of that new user and hence has the right to change his permissions. More general, a certain user has the right to change another user’s or group’s permissions in case he stands higher in the ancestry than the other one. The ‘super’ user stands at the top (or the root) of the ancestry, hence has the right to change everybody’s permissions.

Additionally, there is the restriction that a user can never give more permission to others than what he has. For example, if a user has no permission to change the network settings he won’t be able to grant this right to somebody else. However, a user has always the right to reduce the set of permissions of his descendants.

In order to change the permissions of a user/group you have to select the user/group first. This is done using the selection list at the top of the User/Group Permissions panel (see Figure

5.20

on the preceding page). The selection list will show only users and groups for which you have the right to change their permissions. Next, clicking the ‘Update’ button will show the permission list of that user. Every right in the list has a permission value, which is explained in Table

5.8

.

Field

+view

-view

+change

-change

+allow

-allow

Table 5.8.: LARA user and group permissions

Description

The user can view the entry.

The user cannot view the entry.

The user can change the entry settings. This value doesn’t include the +view setting. To view the entry the +view value must be set as well.

The user cannot change the entry’s settings.

The user can use this LARA function.

The user cannot use this LARA function.

Add a permission

Once you have brought up the user’s permission list, select the permission entity in the list box below and click the ‘Add’ button. The permission entity will be added to the permission list having a default value. Change the permission as desired. Once all permissions have been set, click the

‘Apply’ button.

Delete a permission

Check the ‘Delete’ check box right of the desired entry in the permission list and click ‘Apply’.

5.5.3.

Network Settings

The Network Settings panel as shown in Figure

5.21

on the facing page allows changing network related parameters. Each parameter will be explained in Table

5.9

on the next page. Once applied the new network settings will immediately come into effect.

5.5.

ADMINISTRATION

Note:

The initial IP configuration is usually done directly at the host system using the special procedure described in Section

4.1

on page

15 . However you can also connect to the LARA

using its pre-configured IP settings.

Attention:

Changing the network settings of LARA might result in losing connection to it. In case you change the settings remotely make sure all the values are correct and you still have an option to access the LARA.

41

Parameter

Enable DHCP

Figure 5.21.: LARA network settings

Table 5.9.: Network settings parameters

Description

If this option is checked, LARA will contact a DHCP (Dynamic Host Configuration Protocol) server in the local subnet in order to obtain a valid IP address, gateway address and net mask. Before you connect LARA to your local subnet, make sure to complete the corresponding configuration of your DHCP server.

Continued on next page

42 CHAPTER 5.

USAGE

Parameter

DHCP Timeout

IP address

Subnet mask

Gateway IP address

Table 5.9 – continued from previous page

Description

Time within a DHCP server is expected to respond to the

LARA DHCP client request. If there is no response, the last known IP settings will be used to configure LARA.

IP address in the usual dot notation.

The net mask of the local network.

In case the LARA should be accessible from networks other than the local one, this IP address must be set to the local network router’s IP address.

Primary DNS Server IP address

Secondary DNS Server IP address

Primary Time Server

IP address of the primary Domain Name Server in dot notation. This option may be left empty, however LARA won’t be able to perform name resolution.

IP address of the secondary Domain Name Server in dot notation. It will be used in case the Primary DNS Server can’t be contacted.

IP address of the primary NTP (Network Time Protocol) compliant timeserver in dot notation. LARA will synchronize its own absolute time with the timeserver’s one. This is important for writing log entries and for the Dynamic DNS

Service.

Secondary Time Server

Remote Console & HTTPS port

HTTP port

Telnet port

IP address of the secondary NTP compliant timeserver in dot notation. It will be used in case the Primary Time

Server can’t be contacted.

Port number at which LARA’s Remote Console server and

HTTPS server are listening. If left empty the default value will be used.

Port number at which LARA’s HTTP server is listening. If left empty the default value will be used.

Port number at which LARA’s Telnet server is listening. If left empty the default value will be used.

Dynamic DNS

Peppercon provides a Dynamic DNS service that can be used in the following scenario (see Figure

5.22

on the next page):

LARA is reachable via the IP address of the DSL router, which is dynamically assigned by the provider. Since the administrator doesn’t know the IP address assigned by the provider, LARA connects to a special dynamic DNS server in regular intervals and registers its IP address there.

The administrator may contact this server as well and pick up the same IP address belonging to his card.

The administrator has to register a LARA that is supposed to take part in the service with the

Dynamic DNS Server. He will get an approved nickname and password in return to the registration process. This account information is needed in order to determine the IP address of the registered

LARA.

You have to perform the following steps in order to enable Dynamic DNS:

1. Make sure the LAN interface of LARA is properly configured.

5.5.

ADMINISTRATION

Admin−PC

Dynamic IP

NAT

DSL Router

DSL

LAN

Internet

Dynamic DNS Server www.dyndns.peppercon.com

ERIC

Server

Figure 5.22.: Dynamic DNS Scenario

43

Figure 5.23.: Dynamic DNS configuration panel

2. Enter the Dynamic DNS Settings configuration dialog as shown in Figure

5.23

(Menu

Network Settings

→ Dynamic DNS Settings)

3. Enable Dynamic DNS and change the settings according to your needs (see Table

5.10

on the next page).

Note:

LARA has its own independent real time clock. Make sure the time setting of LARA is correct.

This can be achieved by configuring a timeserver (see Figure

5.21

on page

41

)

Note:

LARA registers itself to the Dynamic DNS server slightly different from the time configured.

To reduce load peaks on the server we add a random time (0-10 min) to the absolute time value.

5.5.4.

SNMP Settings

The following information is available via SNMP:

ˆ Serial number

ˆ Firmware version

44 CHAPTER 5.

USAGE

Parameter

Enable Dynamic DNS

Dynamic DNS server

Nickname

Check time

Check interval

Table 5.10.: Dynamic DNS options

Description

This enables the Dynamic DNS service. This requires a configured DNS server IP address.

Here you enter the server name where LARA registers itself in regular intervals.

If left blank the default

(www.dyndns.peppercon.com) will be used.

You have registered this nickname during your manual registration with the Dynamic DNS Server. Spaces are not allowed in the Nickname!

LARA card registers itself in the Dynamic DNS server at this time.

This is the interval for reporting again to the Dynamic DNS server by LARA.

ˆ MAC address / IP address / Netmask / Gateway of LAN interface

ˆ Configured users

ˆ Currently active users with login time (login time is only valid if time is synchronized on

LARA)

ˆ Server’s power state

ˆ The following actions can be initiated via SNMP:

ˆ Reset server

ˆ Power on/off server

ˆ Reset LARA

The following events are reported by LARA via SNMP:

ˆ Login trial at LARA failed.

ˆ Login trial at LARA succeeded.

ˆ Denying access to a particular action.

ˆ Server was reset.

ˆ Server was powered on/off.

The SNMP settings panel as shown in Figure

5.24

on the next page, described in Table

5.11

, allows you to change SNMP related parameters.

Table 5.11.: SNMP setting parameters

5.5.

ADMINISTRATION 45

Figure 5.24.: SNMP settings

Parameter

Enable SNMP Agent

Read Community

Write Community

System Location

System Contact

Enable SNMP Authentication Traps

Enable LARA Authentication Traps

Description

If this option is checked, LARA will answer to SNMP requests.

Hint: If a community is left blank, you cannot perform the according request. E.g. if you want to disable the possibility to reset LARA via SNMP then don’t set a write community.

This is the SNMP community, which allows you to retrieve information via SNMP.

This community allows you to set options and to reset LARA or the host via SNMP, i.e. all that effects the host or LARA.

Enter a description of the physical location of the host. The description will be used in reply to the SNMP request ”sysLocation.0”.

Enter a contact person for the host. The value will be used in reply to the SNMP request ”sysContact.0”.

If this option is checked, an SNMP trap will be sent in case somebody has tried to access LARA via SNMP using a wrong

SNMP community.

If this options is checked, an SNMP trap will be sent in case somebody has tried to login via the Web front-end. Both successful and failed logins trials will be indicated. Furthermore, there will be notification about other security violations like trying to perform an action via Web front-end for which a user has no permission.

Continued on next page

46

Parameter

Enable Host Traps

Trap destinations

CHAPTER 5.

USAGE

Table 5.11 – continued from previous page

Description

If this option is checked, LARA will send SNMP traps whenever the host is reset, powered down or powered up.

Here you can enter the IP addresses, to which the traps will be sent. For every IP address, you have to set an according community. This is necessary so that your management client can identify the SNMP traps.

5.5.5.

Serial Settings

The LARA Serial Settings (Figure

5.25

) allow you to specify, what devices are connected to the two serial ports and how to use them.

Figure 5.25.: Serial Settings

Serial Port 1 This port may be used for different purposes. All possible options are listed and described in Table

5.12

.

5.5.

ADMINISTRATION

Function

Modem

IPMI over Serial

Passthrough

Table 5.12.: Serial Port 1 Functional Options

Description

Allows to access LARA via modem, see Section

5.5.6

for details.

Enables the possibility to use this serial port for IPMI 1.5 over serial, check Section

5.5.9

on page

52

for more information.

Using this option, it is possible to connect an arbitrary device to the serial port and access it (assuming it provides terminal support) via telnet. Select the appropriate options for the serial port and use the Telnet Console (see Section

5.3.6

on page

31 )

or a standard telnet client to connect to LARA. For more information about the telnet interface have a look at Section

5.7

on page

60

.

47

Serial Port 2 This serial port provides the power control options for LARA (see also Section

5.4.1

on page

31

). Choose a suitable setting and fill in additional required options. By the date of printing this manual the only external power switch supported is the Avocent

—SPC

3

. To use this

device you have to enter an username and a password which must exist on the SPC and have the privileges to switch power for each port.

5.5.6.

Modem Settings

LARA offers remote access using a telephone line in addition to the standard access over the built-in

Ethernet adapter. The modem needs to be connected to LARA’s serial interface (refer to Figure

3.3

on page

10

).

Logically, connecting to LARA using a telephone line means nothing else than building up a dedicated point to point connection from your console computer to the LARA. With other words,

LARA acts as an Internet Service Provider (ISP) to which you can dial in. The connection is established using the Point-to-Point Protocol (PPP). Before you connect to LARA, make sure to configure your console computer accordingly. For instance on Windows based operating systems you can configure a dial-up network connection, which defaults to the right settings like PPP.

The modem settings are part of serial settings panel (Figure

5.25

on the preceding page).

Parameter

Enable modem on RS

232

Table 5.13.: Description of all modem settings

Description

Enable or disable the modem on the serial interface adapter of

LARA. In case it is enabled, LARA tries to initialize the modem using an initial string of AT commands and waits for incoming connections.

Continued on next page

3

Avocent is a registered trademark of Acovent Corp. Huntsville

48

Parameter

Serial line speed

Modem Init String

Client IP address

CHAPTER 5.

USAGE

Table 5.13 – continued from previous page

Description

The speed LARA is communicating with the modem. Most of all modems available today will support the default value of 115200 bps. In case you are using an old modem and discovering problems try to lower this speed.

The initialization string used by LARA to initialize the modem.

The default value will work with all modern standard modems directly connected to a telephone line. In case you have a special modem or the modem is connected to a local telephone switch that requires a special dial sequence in order to establish a connection to the public telephone network, you can change this setting by giving a new string. Refer to the modem’s manual about the AT command syntax.

This IP address will be assigned to your console computer during the PPP handshake. Since it is a point-to-point IP connection virtually every IP address is possible but you must make sure, it is not interfering with the IP settings of LARA and your console computer. The default value will work in most cases.

5.5.7.

ISDN Settings

In addition to the standard interfaces, LARA offers remote access using an ISDN connection

4

.

Logically, connecting to LARA using an ISDN line means nothing else than building up a dedicated point to point connection from your console computer to LARA. With other words, LARA acts as an Internet Service Provider (ISP) to which you can dial in. The connection is established using the

Point-to-Point Protocol (PPP). Before you connect to LARA, make sure to configure your console computer accordingly.

The ISDN settings panel (see Figure

5.26

on page

50 ) allows you to configure LARA for an ISDN

connection. The according ISDN options are described in Table

5.14

.

Parameter

Enable ISDN

MSN

Layer-2 protocol

Table 5.14.: Description of all ISDN options

Description

Enables or disables the ISDN adapter.

This Multiple Subscriber Number is assigned to LARA.

The Layer-2 Protocol (the Data Link Layer) of the ISO 7-layered architecture. It is responsible for the error-free movement of data between network nodes.

You can choose between the High-level Data Link Control

(HDLC) and X.75.

You can leave this option untouched in case you use a standard network connection as built in Windows or Linux.

Continued on next page

4

ISDN is available for EMEA versions of LARA only

5.5.

ADMINISTRATION

Parameter

Enable hang-up timer

Table 5.14 – continued from previous page

Description

If you want LARA to hang up an incoming connection, you have for incoming calls

Hang-up timeout to check this box. The time out value is configured using the next option.

The hang-up time out measured in seconds. Normally it is valid for outgoing connections only. That means, in case LARA is

IP address range configured for callback.

In case the ‘Enable hang-up timer for incoming calls’ option is checked, the time out will apply for incoming calls also.

Addresses from this range will be assigned to LARA and the console computer during establishing an ISDN connection. The first address will be used for LARA itself. The range must enclose

3 addresses at least.

Enable callback

Force callback

Calling #

Called #

User / Password

Call back after [x] seconds

This enables the callback mechanism. If you have callback entries configured (see below) LARA will reject any call from the configured number(s) and make a call to a number, which can be configured too.

Only callback connections are enabled if you enable this option.

That means nobody can dial in without callback. This option has effect only if you have callbacks enabled.

This is the calling number - the client that tries to dial into

LARA.

If you want to call the caller back, you have to enter his number here.

If LARA calls back these are the user name and the corresponding password for authentication on the console computer.

The entry is marked as a callback entry in case this checkbox is checked. Additionally, the delay, after which the callback connection will be established, can be configured. Callback entries are only effective when the callback mechanism is enabled.

In the following, we will present some example use cases for a proper ISDN configuration.

49

I want to allow non-callback dial in for everyone.

To achieve this you have to switch off the ”Force callback” option and you should have no callback entries configured.

I want to allow non-callback dial in for selected people.

First, make sure ”Force callback” is switched off. Second, you have to make an entry with the calling number for every allowed client. The other fields should be left empty. There must be at least one non-callback entry or anyone can dial in!

50 CHAPTER 5.

USAGE

Figure 5.26.: LARA ISDN settings panel

I want to allow non-callback dial in for everyone except some people that should be called back.

Make sure you have callback enabled and ”Force callback” is switched off. Now configure an entry for every number that should be called back. Don’t forget to mark the entries as callback entries!

The list should contain callback entries only.

I want to allow non-callback dial in for selected people except some people that should be called back.

Make sure you have callback enabled and ”Force callback” is switched off. Then you have to make an entry for every allowed client. For callback entries, all fields have to be specified. There must be at least one non-callback entry or anyone can dial in!

I want to allow callback connections only.

Make sure you have callback enabled and ”Force callback” is switched on. You have to make an entry for every allowed client. Don’t forget to mark the entries as callback entries!

5.5.

ADMINISTRATION 51

5.5.8.

Update Firmware

LARA is a complete standalone computer. The software it runs is called the firmware. The firmware of LARA can be updated remotely in order to install new functionality or special features.

A new firmware update is a binary file which will be sent to you by email or which you can download from the Peppercon Web site.

Before you can start updating the firmware of your LARA the new firmware file must be accessible on the system that you use for connecting to LARA.

Updating the firmware is a three-stage process:

ˆ Firstly the new firmware file is uploaded onto LARA. In order to do that you need to select the file on your local system using the browse button of the Upload Firmware panel

(see Figure

5.27

). Once the firmware file has been uploaded, it is checked whether it is a valid

firmware file and whether there were any transmission errors. In case of any error the Upload

Firmware function will be aborted.

Figure 5.27.: Panel for uploading a new firmware

ˆ Secondly, if everything went well, you see the Update Firmware panel (see Figure

5.28

). The

panel shows you the version number of the currently running firmware and the version number of the uploaded firmware. Pressing the update button will store the new version over the old one. Attention: this process is not reversible and might take some minutes. Make sure the

LARA’s power supply won’t be interrupted during the update process, because this may an unusable device.

ˆ Thirdly, after the firmware has been stored, the panel will request you to reset LARA manually. Half a minute after the reset, LARA will run with the new firmware version and should be accessible. However, you are requested to login once again.

Figure 5.28.: Panel to update a new firmware that was previously uploaded

52 CHAPTER 5.

USAGE

Attention:

The three-stage firmware update process and complete consistency check are making a mistake in updating the firmware almost impossible. However, only experienced staff members or administrators should perform a firmware update. Make sure LARA’s power supply won’t be interrupted!

5.5.9.

IPMI Settings

Generals

By using the LARA IPMI (Intelligent Platform Management Interface) facilities, you have an additional way to power on or off the system or to perform a hard reset. Furthermore, it provides the possibility to show an event log of the host system and the status of some system sensors (i.e.

temperature). If your host system supports IPMI, you can access it by one of the following ways:

ˆ IPMI over Serial (IPMI V1.5 is required)

ˆ IPMI over LAN (IPMI V1.5 is required)

IPMI Settings

Figure

5.29

shows the LARA IPMI settings panel. Its options will be explained in Table

5.15

.

Figure 5.29.: IPMI settings panel

5.5.

ADMINISTRATION

Control

IPMI disabled

BMC address

IPMI over Serial

IPMI over LAN

Table 5.15.: IPMI settings explained

Description

Disables IPMI on LARA. This means that Status via IPMI and

Event Log via IPMI are not available and the power on/off and reset functions don’t use IPMI rather than the ATX and the reset cable connected from LARA to the motherboard.

The hexadecimal Baseboard Management Controller address, which is needed for all communication types to the IPMIinterface. Usually you can find this address in the BIOS of the host system. The default and common value for this address is

20.

If your host system supports IPMI V1.5 and has an Intel EMP

(Emergency Management Port, usually COM2) connector, you can connect IPMI through serial port 1 on LARA There are some additional points to note:

ˆ The EMP port must be set to ’Always enable’ and the

’Restricted Mode’ must be switched off.

ˆ The BMC should accept a ’null username’ and a ’non-null password’ account as login.

ˆ Passwords are 4 - 16 characters long.

ˆ A null modem cable is used for connection

You can connect the IPMI over a LAN connection too. The prerequisite for this access type is a host system with IPMI V1.5

and a network adapter with a sideband connection to the BMC

(mostly on board). In the IPMI Settings, you must enter the

IP-address of this host system and the correct password for the

LAN connection.

You can also access other IPMI systems when you enter their IP address.

53

Power Control

If IPMI is enabled, these functions are performed over IPMI requests. These requests may take a few seconds.

If IPMI is disabled, the power control functions (power on, power off, reset) are performed over the internal or external power control options.

Event Log via IPMI

The Event Log via IPMI accesses the SEL (System Event Log) repository and reads every entry sequentially. The first time you use this function after starting LARA the complete repository has to be read, what may take 1 or 2 minutes.

When all entries have been read, LARA displays the entries with their time, sensor and description in accordance with the filter settings. You have the choice between several pre-settings (i.e. last day, last week) or an exact declaration of the start and the end date.

54 CHAPTER 5.

USAGE

Figure 5.30.: IPMI Event Log

Once you changed the filter settings, click on ‘Update’ in order to update the shown entries (see Figure

5.30

). If the checkbox ‘Get sensor names’ is checked all sensor IDs will be shown with their respective names.

The time that is shown in the log entries is the SEL time, which means that this time is independent to the system time. The actual SEL time is shown at the top of the log table.

With the button ‘Clear Event Log’ you can delete all entries in the SEL repository.

Status via IPMI

Figure 5.31.: Example of IPMI State panel

The Status via IPMI function shows the current values and the min/max-thresholds of all fans, temperatures and voltages existing in the host system. An example of such an IPMI panel is shown in Figure

5.31

. You can change the thresholds by editing the according values and pressing ’Apply’.

The first time you call this page, it may take up to two minutes until the sensor data will be shown.

Note:

If IPMI is disabled, Status via IPMI and System Log via IPMI are not available (the corresponding menu options are not visible).

5.5.

ADMINISTRATION 55

5.5.10.

Security Settings

Figure

5.32

shows the panel for security related SSL, Telnet and IP address settings. Each of those categories will be explained in the following subsections.

Figure 5.32.: Security settings

SSL Settings

Table

5.16

explains the possible adjustments related to the usage of SSL.

Parameter

Force HTTPS

Table 5.16.: Security parameters

Description

If this option is enabled access to the Web front-end is only possible using an HTTPS connection. LARA won’t listen on the

HTTP port for incoming connections.

In case you want to create your own SSL certificate that is used to identify this LARA refer to Section SSL Certificate Management.

Continued on next page

56

Parameter

KVM encryption

CHAPTER 5.

USAGE

Table 5.16 – continued from previous page

Description

This option controls the encryption of the RFB protocol, the protocol used by the Remote Console to transmit the screen data to the administrator machine and keyboard and mouse data back to the host.

If set to ‘Off’ no encryption will be used.

If set to ‘Try’ the applet tries to make an encrypted connection.

In case connection establishment fails for any reason an unencrypted connection will be used.

If set to ‘Force’ the applet tries to make an encrypted connection.

An error will be reported in case connection establishment fails.

Telnet Settings

Table

5.17

explains the settings related to Telnet access.

Parameter

Enable Telnet access

Table 5.17.: Telnet security settings

Description

If this option is enabled, access over Telnet client is possible. For higher security we recommend to disable Telnet access.

IP Access Control

Table

5.18

on the next page explains the settings related to IP access control. It is used to limit access to a distinguished number of clients only. These clients will be identified by their IP address, from which they are trying to build up a connection. Refer also to Figure

5.32

on the preceding page.

Note:

The IP access control settings apply to the LAN interface only!

5.5.

ADMINISTRATION

Parameter

Enable IP Access Control

Default policy

Rule Number

IP/Mask

Policy

Appending a rule

Inserting a rule

Replacing a rule

Table 5.18.: IP access control parameters

Description

Enables access control based on IP source addresses.

This option controls what to do with arriving IP packets that don’t match any of the configured rules. They can be accepted or dropped.

ATTENTION:

If you set this to DROP and you have no ACCEPT rules configured, access to the Web front-end over LAN is actually disabled!

To enable access again you can change the security settings via modem or ISDN dial in or by temporarily disabling IP access control with the initial configuration procedure (see Section

4.1

on page

15 ).

This should contain the number of a rule for which the following commands will apply. This field will be ignored, in case of appending a new rule.

Specifies the IP address or IP address range for which the rule applies.

Examples (the number concatenated to an IP address with a

‘/’ is the number of valid bits that will be used of the given IP address):

192.168.1.22

or 192.168.1.22/32 matches the IP Address

192.168.1.22

192.168.1.0/24 matches all IP packets with source addresses from

192.168.1.0 to 192.168.1.255

0.0.0.0/0 matches any IP packet

The policy determines what to do with matching packets. They can be accepted or dropped.

NOTE: The order of the rules is important. The rules are checked in ascending order until a rule matches. All the rules below the matching one will be ignored. The default policy applies if no match has been found.

Enter the IP/Mask and set the policy. Finally, press ‘Append’.

Enter the rule number, the IP/Mask and set the policy. Finally, press ‘Insert’.

Enter the rule number, the IP/Mask and set the policy. Finally, press ‘Replace’.

Continued on next page

57

58 CHAPTER 5.

USAGE

Parameter

Deleting a rule

Table 5.18 – continued from previous page

Description

Enter the rule number and press ‘Delete’.

5.5.11.

SSL Certificate Management

LARA uses the SSL

5

protocol for any encrypted network traffic between itself and a connected client.

During connection establishment, LARA has to expose its identity to a client using a cryptographic certificate. Upon delivery, this certificate is the same for all LARAs ever produced and certainly won’t match the network configurations that will be applied to the card by its user.

The certificate’s underlying secrete (private) key is also used for securing the SSL handshake. Hence, this is a security risk (but far better than no encryption at all).

Parameter

Common name

Organizational unit

Organization

Locality/City

State/Province

Country

Challenge Password

Table 5.19.: Certificate request required information

Description

This is the network name of LARA once it is installed in the user’s network (usually the fully qualified domain name). It is identical to the name that is used to access the card with a Web browser (without the ‘http://’ prefix). In case the name given here and the actual network name differ, the browser will pop up a security warning when the card is accessed over HTTPS.

This field is used for specifying to which department within an organization LARA belongs.

The name of the organization to which LARA belongs.

The city where the organization is located.

The state or province where the organization is located.

The country where the organization is located. This is the twoletter ISO code, e.g. DE for Germany or US for the USA.

Some certification authorities require a challenge password to authorize later changes on the certificate (e.g. revocation of the certificate). The minimal length of this password is 4 characters.

Confirmation of the Challenge Password Confirm Challenge Password

Email

Key length

The email address of a security contact person that is responsible for LARA.

This is the length of the generated key in bits. 1024 Bits are supposed be sufficient for most cases. Larger keys may result in slower response time of LARA during connection establishment.

However, it is possible to generate and install a new certificate that is unique for a particular card.

In order to do that, LARA is able to generate a new cryptographic key and the associated so called

Certificate Signing Request that needs to be certified by a so called certification authority (CA).

A certification authority verifies that you are who you claim you are and signs and issues a SSL certificate to you.

The following steps are necessary to create and install an LARA SSL certificate:

1. Create a SSL Certificate Signing Request using the panel shown in Figure

5.33

on the facing page (Security Settings

→ SSL Settings → Create your own SSL certificate). You need to fill

5

SSL — Secure Socket Layer

5.5.

ADMINISTRATION 59

Figure 5.33.: SSL Certificate Request out a number of fields that are explained in Table

5.19

on the preceding page. Once this is done, click ‘Create CSR’ which will initiate the Certificate Signing Request generation. The

CSR can be downloaded to your administration machine with the ‘Download CSR’ button

(see Figure

5.34

).

2. Send the saved CSR to a CA for certification. You will get the new certificate from the CA after a more or less complicated traditional authentication process (depending on the CA).

3. Upload the certificate to LARA using the ‘Upload’ panel as shown in Figure

5.34

.

Figure 5.34.: SSL Certificate Signing Request

After completing these three steps, LARA has its own certificate that is used for identifying the card to its clients.

60 CHAPTER 5.

USAGE

Important Note:

If you destroy the CSR on LARA there is no way to get it back! In case you deleted it by mistake, you have to repeat the three steps.

5.5.12.

Reset LARA

The reset panel (see Figure

5.35

) allows you to reset LARA. This function is mainly needed to activate a newly updated firmware.

A reset will close all current connections to the administration console or to the Remote Console.

The whole process will take half a minute.

Figure 5.35.: Reset panel

5.6.

Documentation

5.6.1.

Data file for support

This link allows you to download the LARA data file with support information. This is an XML file with certain customized support information like the serial number etc. You may send this information along together with a support request. It will help us troubleshooting your problem.

5.6.2.

The LARA SNMP MIB

This link allows you to download the LARA SNMP MIB file. This file may be necessary for an

SNMP client to communicate with LARA.

5.7.

Access via Telnet

The LARA firmware features a Telnet server that enables a user to connect via a standard Telnet client. It is used for passthrough access to a device possibly connected to the serial port 1. This means you may connect any serial device which offers terminal access via its serial port to LARA and access it using the Telnet interface. Set the serial settings (see Section

5.5.5

on page

46 )

according to the requirements of the device.

Connecting to LARA is done as usual and as required by the Telnet client, for instance in a UNIX shell:

5.7.

ACCESS VIA TELNET 61 telnet 192.168.1.22

6

This will prompt for username and password in order to log into the card. The credentials that need to be entered for authentication are identical to that one of the Web interface. That means, the user management of the Telnet interface is entirely controlled with the according functions of the Web interface.

Once you have successfully logged in LARA will present you the command line where you can enter according management commands.

In general, the Telnet interface supports two operation modes: the command line mode and the terminal mode. The command line mode is used to control or display some parameters. In terminal mode the pass-through access to serial port 1 is activated (if the serial settings were made accordingly). All inputs are redirected to the device on serial port 1 and its answers are displayed at the Telnet interface

Table

5.20

shows the according command mode command syntax and their usage.

Command help cls logout version terminal

Table 5.20.: Telnet server commands and description

Description

Shows the list of the following commands

Clear screen

Logs out the current user and disconnects from the client

Shows a compound string off all available version numbers

Starts the terminal passthrough mode for serial port 1. The key sequence ‘<esc> exit’ switches back to command modus.

6

The IP address has be replaced by the one that is actually assigned to LARA.

62 CHAPTER 5.

USAGE

6. Frequently Asked Questions

Q 001: The remote mouse doesn’t work or is not synchronous

A 001: Make sure the mouse settings in LARA match the mouse model. There are some circumstances where the mouse synchronization process could behave incorrectly, refer to Section

5.3.4

on page

28

for further explanation.

Q 002: The video quality is bad or the picture is grainy

A 002: Try to correct the brightess and contrast settings with the OSD (see Section

5.3.3

on page

26

) until they are out of a range where the picture looks grainy. Use the auto adjustment feature to correct a flickering video.

Q 003: Login on LARA fails.

A 003: Was the correct combination of user and password given? On delivery, the user ”super” has the password ”lara”. Moreover your browser must be configured to accept cookies.

Q 004: I use the Mozilla Browser 0.9.x., Netscape 6.x and https (secure http).

When I try to open the Remote Console applet loading may fail with Bad

Magic Number Exception.

A 004: This is a bug in some older versions of Mozilla. Don’t use https or upgrade your

Browser.

Q 005: The Remote Console window can’t connect to LARA.

A 005: Possibly a firewall prevents access to the Remote Console. Make sure the TCP port numbers 443 or 80 are open for incoming TCP connection establishments.

Q 006: No connection can be established to LARA.

A 006: Check whether the network connection is working in general (ping the IP address of

LARA). If not, check network hardware. Is LARA powered on? Check whether the

IP address of LARA and all other IP related settings are correct! Also verify that all the IP infrastructure of your LAN, like routers etc., are correctly configured. Without a ping functioning, LARA can’t work either.

Q 007: Special key combinations, e.g. ALT+F2, ALT+F3 are intercepted by the console system and not transmitted to the host.

A 007: You have to define a so-called ’Button Key’. This can be done in the Remote Console settings.

Q 008: In the browser the LARA pages are inconsistent or chaotic.

A 008: Make sure your browser cache settings are feasible. Especially make sure the cache settings are not set to something like ”never check for newer pages”. Otherwise LARA pages may be loaded from your browser cache and not from the card.

64 CHAPTER 6.

FREQUENTLY ASKED QUESTIONS

A. Glossary

ACPI A specification that enables the operating system to implement power management and system configuration.

ATX Advanced Technology Extended: A particular specification of a motherboard introduced by Intel in 1995.

BMC Board Management Controller: implements the IPMI based main board management functions.

DHCP Dynamic Host Configuration Protocol: protocol for dynamically assigning IP configurations in local networks.

DNS

EMP

Domain Name System: protocol used to locate computers on the Internet by their name.

Emergency Management Port: provides remote emergency access and control of server resources. EMP offers operating system independent, fundamental remote management access regardless of the server’s current state or network availability.

Frequently Asked Questions FAQ

HTTP Hypertext Transfer Protocol: the protocol used between web browsers and servers.

HTTPS Hyper Text Transfer Protocol Secure: secure version of HTTP.

IPMI

LED

Intelligent Platform Management Interface

Light Emitting Diode

MIB

PS/2

Management Information Base: describes the structure of the management information that can be accessed via SNMP.

The PS/2 device interface was developed by IBM and is used by many mice and keyboards.

SNMP Simple Network Management Protocol: a widely used network monitoring and control protocol.

SSL Secure Socket Layer: encryption technology for the Internet used to provide secured data transmissions.

SVGA Super VGA: A refinement of Video Graphics Array (VGA) that providing increased pitch and resolution performance.

UTP Unshielded Twisted Pair: a cable with two conductors twisted as a pair and bundled within the same outer PVC covering.

66 APPENDIX A. GLOSSARY

B. LARA Video Modes

Table

B.1

lists the video modes LARA supports. Please don’t use other custom video settings besides of these. If done so, LARA may not be able to detect them.

Table B.1.: LARA Video Modes

Resolution (x,y) Refresh Rates (Hz)

640x350 70, 85

640x400

640x480

56, 70, 85

60, 67, 72, 75, 85, 90, 100, 120

720x400

800x600

832x624

1024x768

70, 85

56, 60, 70, 72, 75, 85, 90, 100

75

60, 70, 72, 75, 85, 90, 100

1152x864

1152x870

1152x900

1280x960

1280x1024

75

75

66, 76

60

60

68 APPENDIX B. LARA VIDEO MODES

C. Key Codes

Table

C.1

shows the key codes used to defines key strokes or hotkeys for several functions. Please note that these key codes do not represent necessarily key characters that are used on international keyboards. They name a key on a standard 104 key PC keyboard with an US English language mapping. The layout for this keyboard is shown in Figure

C.1

. However, most modifier keys

and other alphanumeric keys used for hotkey purposes in application programs are on an identical position, no matter what language mapping you are using. Some of the keys have aliases also, means they can be named by 2 key codes (separated by comma in the table).

Esc F1 F2 F3 F4 F5 F6 F7 F8 F9 F10 F11 F12 Prnt Scrl Brk

~ 1 2 3 4 5 6 7 8 9 0 − = Bsp tab q w e r t y u i o p [ ]

Caps a s d f g h j k l ; ’ \

CR

Ins Pos1Pgup

Num

/ * −

Del End Pgdn

7 8 9

+

4 5 6

1 2 3

LShift z x c v b n m , . ? Rshift Up

Lctrl Win Alt Space AltGR Menu RCtrl

Left Down Right

0 ,

CR

Figure C.1.: English (US) Keyboard Layout, used for key codes

Table C.1.: Key Names

Key (and aliases)

0 - 9

A - Z

, TILDE

-, MINUS

=, EQUALS

;

<, LESS

,

.

/, SLASH

BACK SPACE

TAB

[

]

ENTER

CAPS LOCK

\, BACK SLASH

LSHIFT, SHIFT

RCTRL

RSHIFT

LCTRL, CTRL

LALT, ALT

SPACE

ATGR

Continued on next page

70

Key (and aliases)

ESCAPE, ESC

F1

F2

F3

F4

F5

F6

F7

F8

F9

F10

F11

F12

PRINTSCREEN

SCROLL LOCK

BREAK

INSERT

HOME

PAGE UP

DELETE

END

PAGE DOWN

UP

LEFT

DOWN

RIGHT

NUM LOCK

NUMPAD0

NUMPAD1

NUMPAD2

NUMPAD3

NUMPAD4

NUMPAD5

NUMPAD6

NUMPAD7

NUMPAD8

NUMPAD9

NUMPAD+

NUMPAD/

NUMPAD*

NUMPAD-

NUMPADENTER

WINDOWS

MENU

Table C.1 – continued from previous page

APPENDIX C. KEY CODES

D. Pin Assignments

D.1.

VGA HD-15

5 4 3 2 1

15

10

14

9

13

8

12

7

11

6

6

7

4

5

8

2

3

Pin Assignment

1 Red

Green

Blue

Not connected

GND

GND red

GND green

GND blue

Pin

9

Assignment

5 V

10 GND sync

11 Not connected

12

13

14

15

SDA, DCC, ...

HSYNC

VSYNC

DATA CLOCK

D.2.

RJ 45 Connector Ethernet

7

8

5

6

3

4

1

2

2

3

4

Pin Assignment

1 TX +

TX -

RX +

6

7

Not connected 8

Pin Assignment

5 Not connected

RX -

Not connected

Not connected

72

D.3.

RJ 45 Connector ISDN

APPENDIX D. PIN ASSIGNMENTS

7

8

5

6

3

4

1

2

2

3

Pin Assignment

1 Not connected

Pin

5

Assignment

RX -

4

Not connected

TX +

RX +

6

7

8

TX -

Not connected

Not connected

D.4.

Serial SUB-D 9 Connector 1

1 2 3 4 5

6 7 8 9

4

5

2

3

Pin Assignment Pin Assignment

1 DCD 6 DSR

RX

TX

7

8

RTS

CTS

DTR

GND

9 RI

D.5.

Serial SUB-D 9 Connector 2

1 2 3 4 5

6 7 8 9

2

3

4

5

Pin Assignment Pin Assignment

1 DCD 6 DSR, Reset2

RX

TX

GND

7

8

DTR, Reset1 9

RTS, Power1

DTS, Power2

Not connected

Pins 1 and 6 are bridged

D.6.

KVM SUB-D 25 CONNECTOR

D.6.

KVM SUB-D 25 Connector

1 2 3 4 5 6 7 8 9 10 11 12 13

14 15 16 17 18 19 20 21 22 23 24 25

4

5

6

2

3

Pin Assignment

1 VGA blue

VGA green

VGA red

VGA hsync

GND

VGA SCL

Pin Assignment

14 GND

15 GND

16 GND

17 VGA vsync

18 Not connected

19 VGA SCL

7

8

GND 20 GND

Not connected 21 GND

9 KBD data

10 GND

22

23

KBD clock

RS232 2 TX

11 MOUSE clock 24 RS232 2 RX

12 MOUSE data 25 MOUSE +5V

13 KBD +5V

D.7.

Power Supply Connector

1 2

3 4

2

3

4

Pin Assignment

1 +12V

+12V

GND

GND

73

74 APPENDIX D. PIN ASSIGNMENTS

E. Peppercon Warranty information

LIMITED WARRANTY

Peppercon AG (”Peppercon”) manufactures its hardware products from parts and components that are new or equivalent to new in accordance with industry-standard practices. Peppercon warrants that the hardware products including the firmware will be free from defects in materials and workmanship under normal use. Any implied warranties on the Peppercon firmware and hardware are limited to 24 months, respectively, beginning on the date of invoice. Some states/jurisdictions do not allow limitations on duration of an implied warranty, so the above limitation may not apply to you.

CUSTOMER REMEDIES

Peppercorn’s entire liability and exclusive remedy shall be, at Peppercorn’s option, either (a) return of the price paid, or (b) repair or replacement of the firmware or hardware that does not meet this

Limited Warranty and which is returned to Peppercon with a copy of your receipt. Damage due to shipping the products to you is covered under this warranty. Otherwise warranty does not cover damage due to external causes, including accident, abuse, misuse, problems with electrical power, servicing not authorized by Peppercon, usage not in accordance with product instructions, failure to perform required preventive maintenance and problems caused by use of parts and components not supplied by Peppercon. Any replacement hardware will be warranted for the remainder of the original period or thirty (30) days, whichever is longer.

Peppercon will repair or replace products returned to Peppercorn’s facility. To request warranty service you must inform Peppercon within the warranty period. If warranty service is required,

Peppercon will issue a Return Material Authorization Number. You must ship the products back to Peppercon in their original or an equivalent packaging, prepay shipping charges, and insure the shipment or accept the possibility of loss or damage during shipment.

NO OTHER WARRANTIES

To the maximum extend permitted by applicable law, Peppercon disclaim all other warranties, either express or implied, including, but not limited to implied warranties of merchantability and fitness for a particular purpose, with regard to the firmware, the accompanying written materials, and any accompanying hardware. This limited warranty gives you specific legal rights. You may have others, which vary from state/jurisdiction to state/jurisdiction.

76 APPENDIX E. PEPPERCON WARRANTY INFORMATION

NO LIABILITY FOR CONSEQUENTIAL DAMAGES

To the maximum extent permitted by applicable law, in no event shall Peppercon be liable for any damages whatsoever (including without limitation, special, incidental, consequential or indirect damages for personal injury, loss of business information, or any other pecuniary loss) arising out of the use of or inability to use this product, even if Peppercon has been advised of the possibility of such damages. In any case, Peppercon entire liability under any provision of this agreement shall be limited to the amount actually paid by you for the firmware and/or hardware. Because some states/jurisdictions do not allow the exclusion or limitation of liability for consequential or incidental damages, the above limitation may not apply to you.

F. Specifications

F.1.

Size and Weight

Height:

Width:

44 mm 1 HU (Height Unit)

105 mm 1/4 19

00

Length (Box): 223 mm

Length (Box with connectors): 233

Weigth: 700 g

F.2.

Environmental

Temperature

Operating

Storage

Humidity:

Operating

Storage

0

°C to 40°C (32°F to 131°F)

-18

°C to 70°C (-20°F to 158°F)

10% to 90% (non-condensing)

5% to 95% (non-condensing)

advertisement

Was this manual useful for you? Yes No
Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Related manuals

Download PDF

advertisement

Table of contents