Maintaining and managing the system. Nortel Networks Nortel Secure Network Access Switch 4050
Add to my manuals922 Pages
advertisement
Chapter 14
Maintaining and managing the system
This chapter includes the following topics:
Topic
Managing and maintaining the system using the CLI
Roadmap of maintenance and boot commands
Performing maintenance using the CLI
Backing up or restoring the configuration using the CLI
Managing Nortel SNAS 4050 devices using the CLI
Managing software for a Nortel SNAS 4050 device using the CLI
Managing and maintaining the system using the SREM
Performing maintenance using the SREM
Backing up or restoring the configuration using the SREM
Managing Nortel SNAS 4050 devices and software using the SREM
Downloading files using the SREM
Running Nortel SNAS 4050 diagnostics using the SREM
Page
723
Nortel Secure Network Access Switch 4050 User Guide
724 Chapter 14 Maintaining and managing the system
You can perform the following activities to manage and maintain the system and individual Nortel SNAS 4050 devices:
• maintenance, in order to collect information for troubleshooting and technical
support purposes (see “Performing maintenance using the CLI” on page 726
or
“Performing maintenance using the SREM” on page 736 ):
• Dump log file or system internal status information and send it to a file exchange server.
• Check connectivity between the Nortel SNAS 4050 and all configured gateways, routers, and servers.
• Start and stop tracing to log information about a client session. You can limit the trace to specific features, such as SSL handshake; authentication method, user name, group, and profile; DNS lookups; and the
TunnelGuard check.
You can use the trace feature as a debugging tool (for example, to find out
why authentication fails). For sample CLI outputs, see “Trace tools” on page 845 .
• configuration backup and restore (see
“Backing up or restoring the configuration using the CLI” on page 730
or “Backing up or restoring the configuration using the SREM” on page 742 )
•
software and device management (see “Managing Nortel SNAS 4050 devices using the CLI” on page 733
and
“Managing software for a Nortel SNAS 4050 device using the CLI” on page 734
, or
“Managing Nortel SNAS 4050 devices and software using the SREM” on page 743 ):
• Manage software versions and activate software upgrades.
• Shut down or reboot a particular Nortel SNAS 4050 device that has become isolated from the cluster.
• Reset the configuration of a particular Nortel SNAS 4050 device back to factory defaults.
Managing and maintaining the system using the CLI
To perform maintenance activities, access the Maintenance menu by using the following command:
/maint
320818-A
Chapter 14 Maintaining and managing the system 725
To manage software versions and Nortel SNAS 4050 devices, connect to the particular Nortel SNAS 4050 device using Telnet, SSH, or a console connection.
Do not connect to the Management IP address (MIP). Access the Boot menu by using the following command:
/boot
Roadmap of maintenance and boot commands
The following roadmap lists the CLI commands to perform maintenance and software and device management activities. Use this list as a quick reference or click on any entry for more information:
Command
Parameter
/cfg/ptcfg <protocol> <server>
/cfg/gtcfg <protocol> <server>
Nortel Secure Network Access Switch 4050 User Guide
726 Chapter 14 Maintaining and managing the system
Command Parameter
Performing maintenance using the CLI
To check the applied configuration and to download log file and system status information for technical support purposes, use the following command:
/maint
The Maintenance menu displays.
320818-A
Chapter 14 Maintaining and managing the system 727
The Maintenance menu includes the following options:
/maint followed by: dumplogs <protocol>
<server> <filename>
<all-isds?>
Collects system log file information and sends it to a file on the specified file exchange server. The information can then be used for technical support purposes. You are prompted to provide the following parameters if you do not specify them in the command:
•
• protocol is the export protocol. Options are tftp|ftp|sftp.
The default is tftp .
server is the host name or IP address of the file exchange server.
•
• filename is the name of the destination log file on the file exchange server. The file is in gzip compressed tar format.
all-isds?
specifies whether the information is to be collected from all Nortel SNAS 4050 devices in the cluster or only from the device to which you are connected. Valid options are y (= yes, all) or n
(= no, single).
If you specify n (= no) and you are connected to the
MIP, information will be collected for the Nortel
SNAS 4050 device currently in control of the MIP.
• for FTP and SFTP, user name and password.
The file sent to the file exchange server does not contain any sensitive information related to the system configuration, such as private keys.
Nortel Secure Network Access Switch 4050 User Guide
728 Chapter 14 Maintaining and managing the system
/maint followed by: dumpstats <protocol>
<server> <filename>
<all-isds?> chkcfg
Collects current system internal status information and sends it to a file on the specified file exchange server.
The information can then be used for technical support purposes. You are prompted to provide the following parameters if you do not specify them in the command:
•
• protocol is the export protocol. Options are tftp|ftp|sftp.
The default is tftp .
server is the host name or IP address of the file exchange server.
•
• filename is the name of the destination file on the file exchange server. The file is in gzip compressed tar format.
all-isds?
specifies whether the information is to be collected from all Nortel SNAS 4050 devices in the cluster or only from the device to which you are connected. Valid options are y (= yes, all) or n
(= no, single).
If you specify n (= no) and you are connected to the
MIP, information will be collected for the Nortel
SNAS 4050 device currently in control of the MIP.
• for FTP and SFTP, user name and password.
Checks if the Nortel SNAS 4050 is able to contact gateways, routers, DNS servers, and authentication servers in the system configuration. The command also checks if the Nortel SNAS 4050 can connect to web servers specified in group links. The CLI displays the result of the connectivity check as well as the method used for the check (for example, ping).
The following is sample output for the chkcfg command:
Checking configuration from
192.168.128.210
Testing /cfg/sys/host 1/gateway:
192.168.128.3... ping ok
Testing /cfg/sys/dns/servers:
192.168.128.1... dns ok
Testing /cfg/vpn 1/aaa/group 1/ link 1:www.cnn.com:80... tcp ok
All tests completed successfully
320818-A
Chapter 14 Maintaining and managing the system 729
/maint followed by: starttrace <tags>
<domain ID> <output
mode> stoptrace
Logs information pertaining to a client session.
You are prompted to provide the following information:
• tags — specifies the specific features or subsystems to which you want to limit tracing. The options are: all — logs all information. The default is all.
aaa — logs authentication method, user name, group, and extended profile dns — logs failed DNS lookups made during the session ssl — logs information related to the SSL handshake procedure (for example, the cipher used)
• tg — logs information related to the TunnelGuard check (for example, TunnelGuard session status and the SRS rule check result) snas — logs operations and events of Nortel
SNA-controlled switches
Enter the desired tag or a comma-separated list of tags (for example, enter aaa or aaa,dns ). To trace all features, press Enter to accept the default.
domain ID — specifies the Nortel SNAS 4050 domain to which you want to limit tracing. The default is all. To trace all domains, enter 0 or press
Enter.
•
Note: With Nortel Secure Network Access Switch
Software Release 1.0, there is only one domain in the system.
output mode — options are: interactive — the information will be logged directly in the CLI when a client authenticates to the portal tftp|ftp|sftp — the information will be logged to a file exchange server. You are prompted to provide the server information.
For sample output from the starttrace command,
.
Stops tracing. If you selected interactive mode for the starttrace command and information has been logged to the CLI, press Enter to redisplay the CLI prompt.
Nortel Secure Network Access Switch 4050 User Guide
730 Chapter 14 Maintaining and managing the system
Backing up or restoring the configuration using the CLI
To save the system configuration to a file on a file exchange server, use the following command:
/cfg/ptcfg <protocol> <server> <filename> <passphrase>
To restore the system configuration, use the following command:
/cfg/gtcfg <protocol> <server> <filename> <passphrase>
You can also dump the system configuration to the screen and then use copy-and-paste to save it to a text file. To perform a configuration dump, use the following command:
/cfg/dump [<passphrase>]
320818-A
Chapter 14 Maintaining and managing the system 731
provides more information about the backup and restore commands on the Configuration menu.
Table 166 Configuration menu backup and restore commands
/cfg followed by: ptcfg <protocol>
<server> <filename>
<passphrase>
Saves the current configuration, including private keys and certificates, to a file on the specified file exchange server. You can later use this file to restore the configuration by using the gtcfg command. You are prompted to provide the following information:
• protocol is the export protocol. Options are tftp|ftp|scp|sftp.
The default is tftp .
•
• server is the host name or IP address of the file exchange server.
filename is the name of the destination file on the file exchange server.
• passphrase is a password phrase required to protect the private keys in the configuration. If you later restore the configuration using the gtcfg command, you will be prompted for this password phrase.
• for FTP, SCP, and SFTP, user name and password
Note: If you have fully separated the Administrator user role from the Certificate Administrator user role, the export passphrase defined by the Certificate
Administrator is used to protect the private keys in the configuration, and this is transparent to the user. If you later restore the configuration using the gtcfg command, the Certificate Administrator must enter the correct passphrase. For more information on separating the Administrator user role from the
Certificate Administrator user role, see “Adding a new user” on page 360
.
Nortel Secure Network Access Switch 4050 User Guide
732 Chapter 14 Maintaining and managing the system
Table 166 Configuration menu backup and restore commands
/cfg followed by: gtcfg <protocol>
<server> <filename>
<passphrase> dump [<passphrase>]
Restores a configuration, including private keys and certificates, from a file on the specified file exchange server. You are prompted to provide the following information:
•
• protocol is the import protocol. Options are tftp|ftp|scp|sftp.
The default is tftp .
server is the host name or IP address of the file exchange server.
•
• filename is the name of the file on the file exchange server.
passphrase is the password phrase specified when the configuration file was saved to the server using the ptcfg command.
• for FTP, SCP, and SFTP, user name and password
Note: If you have fully separated the Administrator user role from the Certificate Administrator user role, the
Certificate Administrator must enter the correct passphrase. The Certificate Administrator defined the passphrase using the /cfg/sys/user/ caphrase command (see
Dumps the current configuration on screen in a format that allows you to restore the configuration without downloading the configuration to a file server.
You are prompted to specify if you wish to include private keys in the configuration dump. If you do, then you are prompted to provide a password phrase in order to protect the private keys. The password phrase you specify applies to all private keys. If you later restore the configuration, you will be prompted for this password phrase.
Save the configuration to a text file by performing a copy-and-paste operation to a text editor. You can later restore the configuration by using the global paste command, at any command prompt in the CLI, to paste the contents of the saved text file. On pasting, the content is batch processed by the Nortel SNAS 4050.
To view the pending configuration changes resulting from the batch processing, use the diff command. To apply the configuration changes, use the apply command.
320818-A
Chapter 14 Maintaining and managing the system 733
Managing Nortel SNAS 4050 devices using the CLI
To manage Nortel SNAS 4050 software and devices, use the following command:
/boot
The Boot menu displays.
The Boot menu includes the following options:
/boot followed by: software halt
Accesses the Software Management menu, in order to view, download, and activate software versions (see
“Managing software for a Nortel SNAS 4050 device using the CLI” on page 734 ).
Stops the Nortel SNAS 4050 device to which you are connected (using Telnet, SSH, or a console connection). If you have a Telnet or SSH connection to the Management IP address (MIP), use the
/cfg/sys/host #/ halt command instead (see
).
Note: Always use the halt command before turning off the device.
Nortel Secure Network Access Switch 4050 User Guide
734 Chapter 14 Maintaining and managing the system
/boot followed by: reboot delete
Reboots the Nortel SNAS 4050 device to which you are connected (using Telnet, SSH, or a console connection). If you have a Telnet or SSH connection to the Management IP address (MIP), use the
/cfg/sys/host #/reboot command instead
(see
).
Resets the Nortel SNAS 4050 device to which you are connected (using Telnet, SSH, or a console connection) to its factory default configuration. All IP configuration is lost. The software itself remains intact.
After executing the delete command, you can only access the device using a console connection. Log on as the Admin user (user name: admin, password: admin) to enter the Setup menu.
Note: If you receive a warning that the device you are trying to delete has no contact with any other master
Nortel SNAS 4050 device in the cluster, also connect to the MIP (using Telnet or SSH) and delete the Nortel
SNAS 4050 device from the cluster by using the
/cfg/sys/host #/delete command (see
).
The /boot/delete command is primarily intended for when you want to delete a Nortel SNAS 4050 device in one of the following situations :
• The device has become isolated from the cluster,
• The device has been physically removed from the cluster without first performing the
/cfg/sys/host #/delete command.
In these situations, you must use the /boot/delete command to present the Setup menu, from which you can perform the new and join commands.
Managing software for a Nortel SNAS 4050 device using the CLI
To view, download, and activate software versions for the Nortel SNAS 4050 device to which you are connected, use the following command:
/boot/software
The Software Management menu displays.
320818-A
Chapter 14 Maintaining and managing the system 735
The Software Management menu includes the following options:
/boot/software followed by: cur activate <version>
Displays the status of the software versions on the particular device to which are connected. The status options are:
•
• permanent — the software version that is currently operational old — the software version that preceded the currently operational software version
• unpacked — the software upgrade package has been downloaded but not yet activated
If you activate a software version indicated as either unpacked or old , the status of that version is propagated to permanent . The software status change occurs after the Nortel SNAS 4050 device performs a reboot.
Activates a downloaded software upgrade package that the cur command indicates as unpacked . If serious problems occur when the new software version runs, you can switch back to the previous version by activating the software version that the cur command indicates as old .
The Nortel SNAS 4050 reboots when you confirm the activate command.
Note: When you activate a software upgrade on a
Nortel SNAS 4050 device, all the Nortel SNAS 4050 devices in the cluster reboot. All active sessions are lost.
Nortel Secure Network Access Switch 4050 User Guide
736 Chapter 14 Maintaining and managing the system
/boot/software followed by: download <protocol>
<server> <filename> del
Downloads a new software package from the specified file exchange server, in order to perform a minor or major upgrade. You are prompted to provide the following parameters if you do not specify them in the command:
•
• protocol is the import protocol. Options are tftp|ftp|scp|sftp.
The default is tftp .
server is the host name or IP address of the file exchange server.
• filename is the name of the software upgrade package. Software upgrade packages typically have the .pkg file name extension.
• for FTP, SCP, and SFTP, user name and password
If you include a directory path and file name
(separated by a forward slash (/)) on the same line as the FTP server host name or IP address when you run the command, make sure you put the combined directory path and file name string within double quotation marks. For example:
>> Software Management# download ftp 10.0.0.1 “pub/SSL-5.1.1upgrade_complete.pkg”
If you are using anonymous mode when downloading the software package from an FTP server, the Nortel SNAS 4050 uses the following string as the password (for logging purposes): admin@<hostname>.isd
Removes a software package that has been downloaded but not yet activated (status is unpacked ). You cannot delete software versions with any other status (see the cur command).
Managing and maintaining the system using the SREM
Performing maintenance using the SREM
To perform maintenance activities, choose from one of the following tasks:
•
“Dumping logs and status information using the SREM” on page 737
•
“Starting and stopping a trace using the SREM” on page 738
320818-A
Chapter 14 Maintaining and managing the system 737
•
“Backing up or restoring the configuration using the SREM” on page 742
•
“Checking configuration using the SREM” on page 741
Dumping logs and status information using the SREM
You can dump logs and statistics about the current internal status of the system to a file exchange server. The information can then be used for technical support purposes.
To dump logs or statistics, perform the following steps:
1 Select the System > Maintenance > Dumps tab.
The Dumps screen appears (see
Figure 223 Dumps
Nortel Secure Network Access Switch 4050 User Guide
738 Chapter 14 Maintaining and managing the system
2
Enter the Dump information in the applicable fields. Table 167 describes the
Dump fields.
Table 167 Dump fields
Field
Dumplogs/Dumpstats
Protocol
Hostname/IP Address
Filename
Collect info for all iSDs
Username
Password
Description
Specifies whether to dump logs or statistics.
Specifies the export protocol. Options are FTP, TFTP,
SFTP. The default is FTP.
Specifies the host name or IP address of the file exchange server.
Specifies the name of the destination file on the file exchange server. The file is in gzip compressed tar format.
Specifies whether the information is to be collected from all
Nortel SNAS 4050 devices in the cluster or only from the device to which you are connected. The options are yes (= all) or no (= single device). The default is no.
Specifies the user name to access a file exchange server.
For FTP and SFTP.
Specifies the password to access a file exchange server.
For FTP and SFTP.
3 Click Dump.
Starting and stopping a trace using the SREM
You can perform a trace to log information about a client session.
320818-A
Chapter 14 Maintaining and managing the system 739
To start or stop a trace, perform the following steps:
1 Select the System > Maintenance > Start/Stop Trace tab.
The Start/Stop Trace screen appears (see Figure 224
).
Figure 224 Start/Stop Trace
Nortel Secure Network Access Switch 4050 User Guide
740 Chapter 14 Maintaining and managing the system
2 Enter the Trace information in the applicable fields.
Start/Stop Trace fields.
Table 168 Start/Stop Trace fields
Field
Trace type
Domain
Protocol
Hostname
Username
Password
Remote Filename
Description
Specifies the specific features or subsystems to which you want to limit tracing. Options are:
• aaa — logs authentication method, user name, group, and extended profile
• dns — logs failed DNS lookups made during the session
• ssl — logs information related to the SSL handshake procedure (for example, the cipher used)
• tg — logs information related to the TunnelGuard check
(for example, TunnelGuard session status and the SRS rule check result)
• snas — logs operations and events of Nortel
SNA-controlled switches
To trace all available types, choose the Select all available option.
Note: If listed, the following options are not supported in
Nortel Secure Network Access Switch
Software Release 1.0: pptp, upref, smb, ftp.
Specifies the Nortel SNAS 4050 domain to which you want to limit tracing.
Specifies the file export protocol. The options are TFTP,
FTP, SFTP. The default is TFTP.
Specifies the hostname or IP address of the host where a trace file is created.
Specifies the user name to access a file exchange server.
For FTP and SFTP.
Specifies the password to access a file exchange server.
For FTP and SFTP.
Specifies the file name for the remote trace file.
3 To start the trace, click Start Trace.
4 To stop the trace, click Stop Trace.
320818-A
Chapter 14 Maintaining and managing the system 741
Checking configuration using the SREM
You can check connectivity to verify that the Nortel SNAS 4050 is able to contact gateways, routers, DNS servers, and authentication servers in the system configuration. The command also checks if the Nortel SNAS 4050 can connect to web servers specified in group links. The SREM displays the result of the connectivity check as well as the method used for the check (for example, ping).
To check the configuration, perform the following steps:
1 Select the System > Maintenance > Check Configuration tab.
The Check Configuration screen appears (see
).
Figure 225 Check Configuration
2 Click Check Configuration.
3 When the check is complete, results are displayed on the screen.
Nortel Secure Network Access Switch 4050 User Guide
742 Chapter 14 Maintaining and managing the system
Backing up or restoring the configuration using the SREM
You can save the current configuration, including private keys and certificates, to a file on the specified file exchange server as backup. You can later use this backup file to restore the configuration.
To create a backup of your system or restore the configuration from an existing backup, perform the following steps:
1 Select the System > Maintenance > Backup & Restore tab.
The Backup & Restore screen appears (see
Figure 226 Backup & Restore
320818-A
Chapter 14 Maintaining and managing the system 743
2
Enter the Backup/Restore information in the applicable fields. Table 169
describes the Backup & Restore fields.
Table 169 Backup & Restore fields
Field
Backup/Restore
Protocol
Hostname
Filename
Private Key password
Username
Password
Description
Specifies whether to back up or restore the configuration.
Specifies the protocol to use to export or import the backup file. The options are TFTP, FTP, SFTP. The default is TFTP.
Specifies the host name or IP address of the file exchange server.
Specifies the name of the backup file on the file exchange server.
Specifies a password phrase used to protect the private keys in the configuration.
Note: If you have fully separated the Administrator user role from the Certificate Administrator user role, the export passphrase defined by the Certificate Administrator is used to protect the private keys in the configuration when performing the backup, and this is transparent to the user.
If you later restore the configuration, the Certificate
Administrator must enter the correct passphrase. For more information on separating the Administrator user role from
the Certificate Administrator user role, see “User rights and group membership” on page 354 .
For FTP and SFTP, the user name to access the file exchange server.
For FTP and SFTP, the password to access the file exchange server.
3 Click Apply on the toolbar to send the current changes to the Nortel
SNAS 4050. Click Commit on the toolbar to save the changes permanently.
Managing Nortel SNAS 4050 devices and software using the SREM
To configure boot settings, choose from one of the following tasks:
•
“Managing software versions using the SREM” on page 744
•
“Downloading images using the SREM” on page 748
Nortel Secure Network Access Switch 4050 User Guide
744 Chapter 14 Maintaining and managing the system
•
“Rebooting or deleting a Nortel SNAS 4050 device using the SREM” on page 750
Managing software versions using the SREM
To manage software images and perform upgrades on the Nortel SNAS 4050 device to which you are connected, select the System > Boot > Image List tab.
The Image List screen appears (see Figure 227 ), listing a history of the Nortel
SNAS 4050 software versions used on this device.
Figure 227 Image List
320818-A
Chapter 14 Maintaining and managing the system 745
describes the Image List fields.
Table 170 Image List fields
Field
Index
Name
Status
Description
Displays the software version.
Displays the name of the Nortel SNAS 4050 device.
Displays the status of the software version on the particular device to which are connected. The status options are:
• permanent operational
— the software version that is currently
•
• old — the software version that preceded the currently operational software version unpacked — the software upgrade package has been downloaded but not yet activated
If you activate a software version indicated as either unpacked or old , the status of that version is propagated to permanent . The software status change occurs after the Nortel SNAS 4050 device performs a reboot.
The following tasks are available from this screen:
•
“Viewing details of the active software image” on page 746
•
“Activating a software image” on page 747
•
“Removing an inactive software image” on page 748
Nortel Secure Network Access Switch 4050 User Guide
746 Chapter 14 Maintaining and managing the system
Viewing details of the active software image
To view the details of the currently active software image on the Nortel
SNAS 4050 device to which you are connected, perform the following steps:
1 Select the System > Boot > Image List tab.
The Image List screen appears (see Figure 227 on page 744 ).
2 Select the image with a Status of permanent from the Image List.
The Image screen appears, displaying information about the active image (see
Figure 228 ). For a description of each field that is displayed, see
“Managing software versions using the SREM” on page 744
.
Figure 228 Image
320818-A
Chapter 14 Maintaining and managing the system 747
Activating a software image
To activate an old or unpacked software image on the Nortel SNAS 4050 device to which you are connected, perform the following steps:
1 Select the System > Boot > Image List tab.
The Image List screen appears (see Figure 227 on page 744 ).
2 Select an image with a Status of either old or unpacked from the Image List.
The Image screen appears, displaying information about the selected image
(see
Figure 229 ). For a description of each field that is displayed, see
“Managing software versions using the SREM” on page 744 .
Figure 229 Image
3 Click Activate to make the selected image active.
A confirmation dialog box appears.
Nortel Secure Network Access Switch 4050 User Guide
748 Chapter 14 Maintaining and managing the system
4 When prompted, click Yes.
The Nortel SNAS 4050 reboots when you confirm the Activate command.
Note: When you activate a software upgrade on a Nortel SNAS 4050 device, all the Nortel SNAS 4050 devices in the cluster reboot. All active sessions are lost.
Removing an inactive software image
To remove an inactive software images on the Nortel SNAS 4050 device to which you are connected, perform the following steps:
1 Select the System > Boot > Image List tab.
The Image List screen appears (see Figure 227 on page 744 ).
2 Select an inactive image from the table.
Inactive images have a Status of old or unpacked in the Image List.
3 Click Delete.
A confirmation dialog box appears.
4 When prompted, click Yes.
The image is removed from the Image List
The active image cannot be removed from the Nortel SNAS 4050 device. To remove the active image, you must first select another available image to activate
(see
“Activating a software image” on page 747 ).
Downloading images using the SREM
Before you can perform a software upgrade, you must download the image file.
320818-A
Chapter 14 Maintaining and managing the system 749
To download an image from a file exchange server, perform the following steps:
1 Select the System > Boot > Download Image tab.
The Download Image screen appears (see
Figure 230 Download Image
Nortel Secure Network Access Switch 4050 User Guide
750 Chapter 14 Maintaining and managing the system
2
Enter the Download Image information in the applicable fields. Table 171
describes the Download Image fields.
Table 171 Download Image fields
Field
Download Type
Host
Filename
Username
Password
Description
Specifies the import protocol. The options are TFTP, FTP,
SCP, SFTP. The default is TFTP.
Specifies the host name or IP address of the file exchange server.
Specifies the name of the software upgrade package.
Software upgrade packages typically have the .pkg file name extension.
For FTP, SCP, and SFTP, the user name to access the file exchange server.
For FTP, SCP, and SFTP, the password to access the file exchange server.
If you are using anonymous mode when downloading the software package from an FTP server, the Nortel
SNAS 4050 uses the following string as the password (for logging purposes): admin@<hostname>.isd
3 Click Apply on the toolbar to send the current changes to the Nortel
SNAS 4050. Click Commit on the toolbar to save the changes permanently.
Rebooting or deleting a Nortel SNAS 4050 device using the
SREM
You can shut down or reboot a Nortel SNAS 4050 device that has become isolated from the cluster. You can reset a Nortel SNAS 4050 device to its factory default configuration.
320818-A
Chapter 14 Maintaining and managing the system 751
To reboot, shut down, or reset the Nortel SNAS 4050 device to which you are connected, perform the following steps:
1 Select the System > Boot > Reboot/Delete ISD Options tab.
The Reboot/Delete ISD Options screen appears (see Figure 231
).
Figure 231 Reboot/Delete ISD Options
2 To reboot the Nortel SNAS 4050 device to which you are connected, click
Reboot. When prompted, click Yes.
3 To shut down the Nortel SNAS 4050 device to which you are connected, click
Halt. When prompted, click Yes.
Always use this command before turning off the device.
4 To reset the Nortel SNAS 4050 device to which you are connected, click
Delete. When prompted, click Yes.
Nortel Secure Network Access Switch 4050 User Guide
752 Chapter 14 Maintaining and managing the system
The command resets the device to its factory default configuration. All
IP configuration is lost. The software itself remains intact. After executing the delete command, you can only access the device using a console connection and performing the initial setup.
If you receive a warning that the device you are trying to delete has no contact with any other master Nortel SNAS 4050 device in the cluster, also connect to the MIP and delete the Nortel SNAS 4050 device from the cluster by using the delete command on the System > Hosts screen.
The delete command on the Reboot/Delete ISD Options tab is primarily intended for when you want to delete a Nortel SNAS 4050 device in one of the following situations:
• The device has become isolated from the cluster,
• The device has been physically removed from the cluster without first executing the delete command on the System > Hosts screen.
Downloading files using the SREM
To download files to the Nortel SNAS 4050 using the SREM, select the File
Download tab.
320818-A
Chapter 14 Maintaining and managing the system 753
The File Download screen appears (see Figure 232
).
Figure 232 File Download screen
describes the File Download fields.
Table 172 File Download fields
Field
Download Type
Host Name
Username
Password
Description
The file download protocol. The options are FTP, SFTP, and SCP. The default is SFTP.
The host name or IP address of the file exchange server.
The user name and password to access the file exchange server.
The user name and password to access the file exchange server.
Nortel Secure Network Access Switch 4050 User Guide
754 Chapter 14 Maintaining and managing the system
Table 172 File Download fields
Field
Remote File Path
Local Directory
Description
The remote path where the file resides.
The local directory used to save the downloaded file.
Running Nortel SNAS 4050 diagnostics using the SREM
To run basic diagnostics on the Nortel SNAS 4050, select the Diagnostics tab.
The Diagnostics screen appears (see
Figure 233 Diagnostics screen
320818-A
Chapter 14 Maintaining and managing the system 755
describes the Diagnostics fields.
Table 173 Diagnostics fields
Field
Operation
IP Address or Host Name
Description
The diagnostic operation to perform. The options are:
• Ping — verify station-to-station connectivity across the network.
• TraceRoute — identify the route used for station-to-station connectivity across the network.
• NSLookup — find the IP address or host name of a machine. In order to use this command, the Nortel
SNAS 4050 must be configured use a DNS server.
The default operation is Ping.
The IP address or Host name on which to perform the diagnostic operation.
Nortel Secure Network Access Switch 4050 User Guide
756 Chapter 14 Maintaining and managing the system
320818-A
advertisement
* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project