Tripp Lite B098016V Owners Manual for B093- B097- and B098-Series Console Serv
Tripp Lite B098016V Manual
View all Tripp Lite B098016V manuals
Add to My Manuals
Save this manual to your list of manuals |
Tripp Lite B098016V manual content summary:
- Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 1
YOUR INVESTMENT! Register your product for quicker service and ultimate peace of mind. You could also win an ISOBAR6ULTRA surge protector-a $100 value! www.tripplite.com/warranty 1111 W. 35th Street, Chicago, IL 60609 USA • www.tripplite.com/support Copyright © 2018 Tripp Lite. All rights reserved - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 2
3.3.2 Dynamic DNS (DDNS) 17 Configuration 3.4 Services and Service Access 19 3.4.1 Brute Force Protection 22 3.5 Communications 52 4.6.1 Automatically Generate and 53 Upload SSH keys 4.6.2 Manually Generate and 54 Upload SSH Keys 4.6.3 Configure the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 3
6.9.1 Install and Configure the VNC 119 5.6.6 Multi-Carrier Cellular Support 89 5.7 Cellular Operation 91 5.7.1 Set Up OOB Access 91 to a Host 6.2.5 Manually Adding Hosts to the 108 SDT Connector Gateway 6.2.6 Manually Adding New Services 109 to the New - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 4
Resolve Actions 141 7.5 Configure SMTP, SMS, SNMP and/or 142 Nagios Service for Alert Notifications 7.5.1 Send Email Alerts 142 7.5.2 Send SMS Alerts RADIUS/TACACS User 174 Configuration 9.1.6 Group Support with Remote 175 Authentication 9.1.7 Remote Groups - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 5
.1 Port Access and Active Users 205 12.2 Statistics 206 12.3 Support Reports 206 12.4 Syslog 207 12.5 Dashboard 208 12.5.1 Configuring the 19 Dial-In Settings 232 14.1.20 DHCP Server 232 14.1.21 Services 233 14.1.22 NAGIOS 234 15. Advanced Configuration 235 15.1 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 6
SNMP 15.5.2 Check Firewall Rules 248 15.5.3 Enable SNMP Service 248 15.5.4 Adding Multiple Remote 250 SNMP Managers 15.6 Key 259 Authentication 15.7 Secure Sockets Layer (SSL) 259 Support 15.8 HTTPS 259 15.8.1 Generating an Encryption Key 259 15 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 7
Instructions Please take care to follow the safety precautions below when installing and operating the console server: - Do not remove the metal covers. There are no operator serviceable server device is not approved for use as a life-support or medical system. Any changes or modifications made to - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 8
2. Installation 2.1 Models Each model contains a different number of network/serial/USB ports, power supply type and wireless configuration: Serial USB 10/100 Ethernet 10/100/1000 Ethernet Flash Console Port V.92 Modem Wireless Cellular Power Model B093-004-2E4U 4 4 - 2 4GB - - - - External - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 9
to a network, you must connect a computer to the console server's primary network port. Ensure you only connect the LAN port to an Ethernet network that supports 10/100, or 10/100/1000 (B098, B097, B093 only). The B098 has four physical input ports which are logically presented as two ports (NET1 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 10
is used for serial connections. Before connecting the console port of an external device to the console server's serial port, confirm the device supports standard RS-232C (EIA-232). Select console server models also have a DB9 LOCAL (Console/Modem) port. 2.5 USB Port Connection • Tripp Lite console - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 11
2. Installation 2.6 Fitting Cellular SIM and Antennas The B093 -V models and the B098-016-V have internal 4G LTE cellular modems. Each cellular modem requires at least one SIM card to be installed and two external cellular antennas to be attached. The B098 -V also has an internal 802.11 wireless - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 12
3. System Configuration This chapter provides step-by-step instructions for the initial configuration of your console server and how to connect it to the Management or Operational LAN. Notes: • System configuration must be done - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 13
cache again. 3.1.2 Browser Connection Open a web browser on the connected PC / workstation and enter https://192.168.0.1 . The management console supports all current versions of popular browsers (Internet Explorer, Mozilla Firefox, Google Chrome, Apple Safari, and more). Note: Console servers are - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 14
3. System Configuration 3.2 Administrator Setup 3.2.1 Change Default Root System Password For security reasons, only the Administrator user named root can initially log into your console server. Also, only users who know the root password can access and reconfigure the console server. Since anyone - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 15
3. System Configuration 3.2.3 Name the System Select System: Administration. Enter a System Name and System Description for the console server to give it a unique ID and make it simple to identify. Note: The System Name can contain from 1 to 64 alphanumeric characters (you can also use the special - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 16
Full Duplex (FD) or Half Duplex (HD). Note: If you encounter packet loss or poor network performance with the default auto-negotiation setting, try manually setting the Ethernet Media settings on the console server and the device it is connected to. In most cases, select 100baseTx-FD (100 megabits - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 17
can be located using a fixed host or domain name. The first step in enabling DDNS is to create an account with the supported DDNS service provider of your choice. Supported DDNS providers include: • DyNS www.dyns.cx • dyndns.org www.dyndns.org • GNUDip gnudip.cheapnet.net • ODS www.ods.org • TZO www - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 18
DDNS on any of the Ethernet or cellular network connections on the console server (by default DDNS is disabled on all ports): • Select the DDNS service provider from the dropdown Dynamic DNS list on the System: IP or System: Dial menu. • In DDNS Hostname, enter the fully qualified DNS hostname for - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 19
on TCP port 80 (for CMS and sdt-connector communications), but will be inaccessible through the firewall. HTTPS By default, the HTTPS service is running and this service is enabled on all network interfaces. It is recommended that only HTTPS access be used if the console server is to be managed - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 20
more information). The Administrator can also set alternate ranges for these services, and these secondary ports will then be used, in addition to TCP is 4000; and for RFC2217 it is 5000 • A number of other services can be enabled and configured indirectly from this menu by selecting Click here to - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 21
connect to the console server and through the console server to attached serial and network-connected devices. • Select the Service Access tab on the System: Services page. Note: With firmware releases pre-3.5.3, the Service Access tab is found on the System: Firewall page. • This will display the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 22
), while remote administrators using dial-in or cellular have no such telnet access (unless they set up a VPN). • Respond to ICMP echoes (i.e. ping) Service access options can be configured at this stage. This allows the console server to respond to incoming ICMP echo requests. Ping is enabled by - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 23
3. System Configuration 3.5 Communications Software You have configured access protocols for the Administrator client to use when connecting to the console server. User clients (who you may set up later) will also use these protocols when accessing console server serial attached devices and network - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 24
3. System Configuration 3.5.2 PuTTY Communications packages like PuTTY can also be used to connect to the console server command line (and to connect serially attached devices, refer to 4. Serial Port, Host, Device and User Configuration). PuTTY is a freeware implementation of telnet and SSH for - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 25
3. System Configuration A new Connection Profile dialog box will appear where you can type in the host name or IP address (for the console server unit) and the TCP port that the SSH session will use (port 22). Type in your username, choose password authentication and click Connect. You may receive a - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 26
LAN are secure. The LAN ports can also be configured in bridged or bonded mode (as described later in this section) or they can be manually configured from the command line. 26 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 27
3. System Configuration 3.6.2 Configure the DHCP Server All Tripp Lite devices host a DHCP server. However, this setting is disabled by default. The DHCP server enables the automatic distribution of IP addresses to devices on the Management LAN that are running DHCP clients. To enable the DHCP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 28
Add in the Dynamic Address Allocation Pools field. • Enter the DHCP Pool Start Address and End Address, then click Apply. The DHCP server also supports pre-assigning IP addresses to be allocated only to specific MAC addresses and reserving IP addresses to be used by connected hosts with fixed IP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 29
3. System Configuration 3.6.3 Select Failover or Broadband OOB The B093 and B098 console servers provide a failover option. In the event a problem arises while using the main LAN connection for accessing the console server, an alternate access path is automatically used. By default, the failover is - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 30
3. System Configuration 3.6.4 Aggregating the Network Ports By default, the console server's Management LAN network ports can only be accessed using SSH tunneling /port forwarding or by establishing an IPsec VPN tunnel to the console server. However, all wired network ports on the console servers - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 31
it is best to do a site survey and pick another channel if the unit is being deployed in an office environment. Hardware Mode: The unit supports 802.11b and g, and single-band 802.11n. In most cases, selection 802.11b/g/n will provide the best interoperability with other hardware. 31 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 32
: Select the WEP key length. 128-bit keys offer more security, but are not supported on all devices. WEP keys must be entered in Hexidecimal. WEP Key 1-4: Up to or Static for the Configuration Method • If you selected Static, manually enter the new IP Address, Subnet Mask, Gateway and DNS server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 33
as the main network connection to the console server. • Select the Country the device is to operate in. • Enter the appropriate SSID (Set Service Identifier) of the wireless access point to connect to. • Select the Wireless Network Type where Infrastructure is used to connect to an access point - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 34
System Configuration 3.6.6 Static Routes Firmware 3.4 and later support static routes, which provide a quick way to flash drive. Preparation The typical steps for configuration over a trusted network are: • Manually configure a same-model Tripp Lite device. • Save its configuration as a backup - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 35
3. System Configuration A backup configuration file - model-name_iso-format-date_config.opg - is downloaded from the Tripp Lite device to the local system. Alternately, you can save the configuration as an xml file: • Select System > Configuration Backup > XML Configuration. An editable field - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 36
3. System Configuration Prepare a USB Drive and Create the X.509 Certificate and Private Key • Generate the CA certificate so the client and server Certificate Signing Requests (CSRs) can be signed. # cp /etc/ssl/openssl.cnf . # mkdir -p exampleCA/newcerts # echo 00 > exampleCA/serial # echo 00 > - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 37
configure access privileges for each of these devices, and specify the services that can be used to control the devices. The Administrator can select what mode the port is to operate in. Each port can be set to support one of these operating modes: i. Disabled mode is the default. The serial port - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 38
server has been configured with distributed Nagios monitoring enabled, then you will also be presented with Nagios Settings options to enable assigned services on the Host to be monitored (see section 10. Nagios Integration for more information). 4.1.1 Common Settings There are a number of common - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 39
to access consoles on the console server serial ports, configure the SDT Connector with the console server as a gateway, then as a host. Then enable telnet service on Port (2000 + serial port #) i.e. 2001-2048. Refer to 6. SSH Tunnels and SDT Connector for more details on using the SDT Connector for - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 40
a direct telnet (or SSH) connection to the serial ports. Note: PuTTY also supports telnet (and SSH). The procedure to set up a telnet session is simple. with the console server as a gateway, then as a host, and you enable SSH service on Port (3000 + serial port #) i.e. 3001-3048. You can also use - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 41
If connecting over OpenSSH, type ~~b. TCP RAW TCP allows connections directly to a TCP socket. However, while communications programs like PuTTY also supports RAW TCP, this protocol would usually be used by a custom application. For RAW TCP, the default port address is IP Address _ Port - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 42
248). These IP addresses can only be used to access the specific serial port using the standard protocol TCP port numbers of the console server services. For example, SSH on serial port 3 would be accessible on port 22 of a serial port IP alias (whereas on the console server's primary address, it - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 43
4. Serial Port, Host, Device and User Configuration 4.1.3 SDT Mode This secure tunneling setting allows port forwarding of RDP, VNC, HTPP, HTTPS, SSH, telnet and other LAN protocols to computers locally connected to the console server by their serial COM port. However, such port forwarding requires - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 44
and network-attached management accesses, as covered in section 7. Alerts, Auto-Response and Logging), the console server can also be configured to support the remote syslog protocol on a per serial port basis. Select the Syslog Facility and Syslog Priority fields to enable traffic logging on the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 45
B097, and B098 model console servers running firmware 3.16.5 or later support USB console connections to devices from a wide range of vendors, including Lite Console Managers have the LLDP service disabled by default. Both lldpd and lldpcli have standard manual pages but because of space concerns, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 46
up, edit and delete users, and define the access permissions for each of these users. Users can be authorized to access specified services, serial ports, power devices and specified network-attached hosts. These users can also be given full Administrator status (with full configuration, management - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 47
4. Serial Port, Host, Device and User Configuration 4. The Administrator can also set up additional groups with permissions to a specific power device, serial port and host access. However, users in these additional groups do not have any access to the Management Console menu nor do they have any - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 48
4. Serial Port, Host, Device and User Configuration 4.2.2 Set Up New Users To set up new users, and assign users to particular groups: • Select Serial & Network: Users & Groups to display the configured groups and user. • Click Add User to add a new user. • Add a Username for each new user. You may - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 49
remotely access a locally networked computer or device (referred to as a host), you must identify the host and specify the TCP or UDP ports/services that will be used to control that host: Selecting Serial & Network: Network Hosts presents all the network-connected hosts that have been enabled for - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 50
If the console server has been configured with distributed Nagios monitoring enabled, you will also be presented with Nagios Settings options to enable assigned services on the host to be monitored (refer to 10. Nagios Integration). Click Apply. This will create the new host and create a new managed - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 51
4. Serial Port, Host, Device and User Configuration 4.5 Trusted Networks The Trusted Networks facility provides an option to assign specific IP addresses that users (Administrators and Users) must be located in order to have access to console server serial ports: • Select Serial & Network: Trusted - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 52
4. Serial Port, Host, Device and User Configuration If you wish to allow all users operating from within a specific range of IP addresses (any of the 30 addresses from 204.15.5.129 to 204.15.5.158) to be permitted connection to the assigned port: Host /Subnet Address 204.15.5.128 Subnet Mask 255 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 53
4. Serial Port, Host, Device and User Configuration 4.6.1 Automatically Generate and Upload SSH keys To set up public key authentication, you must first generate an RSA or DSA key pair and upload them into the Primary and Secondary console servers. This can all be done automatically from the Primary - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 54
similar tool as detailed in 15.6 Secure Shell (SSH) Public Key Authentication. To manually upload the public and private key pair to the Primary console server: • Select System to supply a password, there is a problem with uploading keys. The keys should remove any need to supply a password. 54 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 55
: Cascaded Ports on the Primary unit's management console: • To add clustering support, select Add Slave (Secondary). Note: You will be prevented from adding any Secondary units until you have automatically or manually generated SSH keys: To define and configure a Secondary console server: • Enter - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 56
such as servers will commonly have more than one power connection (e.g., dual power supplied) and more than one network connection (e.g., for BMC/service processor). All users can view (but not edit) these managed device connections by selecting Manage: Devices. Only the Administrator can edit and - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 57
4. Serial Port, Host, Device and User Configuration To edit an existing device and add a new connection: • Select Edit on the Serial & Network: Managed Devices and click Add Connection. • Select the connection type for the new connection (Serial, Network Host, UPS or RPC). Then select the specific - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 58
warrior administrator can use a VPN IPsec software client such as TheGreenBow (www.thegreenbow.com/vpn_ gateway.html) or Shrew Soft (www.shrew.net/support ) to remotely access the advanced console server and every machine on the Management LAN subnet at the remote location. Configuration of IPsec is - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 59
4. Serial Port, Host, Device and User Configuration Click Add and complete the Add IPsec Tunnel screen. Enter any descriptive name you wish to identify the IPsec Tunnel you are adding, such as WestStOutlet-VPN. Select the Authentication Method to be used, either RSA digital signatures or a Shared - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 60
4. Serial Port, Host, Device and User Configuration In Authentication Protocol, select the authentication protocol to be used. Either authenticate as part of ESP (Encapsulating Security Payload) encryption or separately using the AH (Authentication Header) protocol. Enter a Left ID and Right ID. The - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 61
4. Serial Port, Host, Device and User Configuration 4.9.1 Enable the OpenVPN Select OpenVPN on the Serial & Networks menu. Click Add and complete the Add OpenVPN Tunnel screen. Enter any descriptive name you wish to identify the OpenVPN Tunnel you are adding, for example NorthStOutlet-VPN. Select - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 62
parameters). Refer to http://openvpn.net/easyrsa.html for a guide on basic RSA key management. For alternative authentication methods, go network tunnel) and TAP (network tap) drivers are virtual network drivers that support IP tunneling and Ethernet tunneling, respectively. TUN and TAP are part of - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 63
4. Serial Port, Host, Device and User Configuration To enter authentication certificates and files, Edit the OpenVPN tunnel. Select the Manage OpenVPN Files tab. Upload or browse to relevant authentication certificates and files. Click Apply to save changes. Saved files will be displayed in red on - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 64
4. Serial Port, Host, Device and User Configuration To enable OpenVPN, Edit the OpenVPN tunnel. Check the Enabled button. Click Apply to save changes. Note: Please make sure that the console server system time is correct when working with OpenVPN. Otherwise, authentication issues may arise. Select - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 65
4. Serial Port, Host, Device and User Configuration 4.9.3 Set Up Windows OpenVPN Client and Server Windows does not come standard with any OpenVPN server or client. This section outlines the installation and configuration of a Windows OpenVPN client or a Windows OpenVPN server and setting up a VPN - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 66
(maximum). For example, 0 = silent except for fatal errors 3 = medium output, good for general usage 5 = helps with debugging connection problems 9 = extremely verbose, excellent for troubleshooting Select dev tun to create a routed IP tunnel or dev tap to create an Ethernet tunnel. The client and - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 67
the OpenVPN link. This must be enabled on both the client and the server. By default, logs are located in syslog or, if running as a service on Window, in \ Program Files\OpenVPN\log directory. To initiate the OpenVPN tunnel following the creation of the client/server configuration files: • Right - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 68
business trip, you can dial a local number to connect to your Internet access service provider (ISP) and then create a second connection (tunnel) into your office does not require special software as the PPTP Server supports the standard PPTP client software included with Windows NT and later. 4. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 69
4. Serial Port, Host, Device and User Configuration 4.10.1 Enable the PPTP VPN Server Select PPTP VPN on the Serial & Networks menu. Select the Enable check box to enable the PPTP Server. Select the Minimum Authentication Required. Access is denied to remote users attempting to connect using an - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 70
the IP address of the WINS server that assigns IP addresses to connecting PPTP client. Enable Verbose Logging to assist in debugging connection problems. Click Apply Settings. 4.10.2 Add a PPTP User Select Users & Groups on the Serial & Networks menu, and complete the fields as covered in section - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 71
access or if you are using an alternate version of Windows. More detailed instructions are available from the Microsoft web site. Log in to your Windows client IP address, consider using a dynamic DNS service. Otherwise, you must modify the PPTP client configuration each time your Internet IP address changes. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 72
essentially turns a console server into a modem-to-Ethernet half-bridge, some specific layer 4 services (HTTP/HTTPS/SSH) may still be terminated at the console server (Service Intercepts). Also, services running on the console server can initiate outbound cellular connections independent of the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 73
on the specified intercept port(s) will be handled by the console server, rather than being passed through to the downstream router. • For the required service of HTTP, HTTPS or SSH, check Enable. • Optionally modify the Intercept Port to an alternate port (e.g. 8443 for HTTPS). This is useful if - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 74
, they will also not work unless the service is enabled and access to the service is enabled (see System: Services: Service Access: Dial-Out/Cellular). Outbound connections originating from the console server to remote services are supported (e.g. sending SMTP email alerts, SNMP traps, getting - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 75
ensure there is a modem attached to the console server. • All models support external USB modems. The USB modem will be auto-detected and an External (in addition to the Serial DB9 Port tab). All console server models supports an external modem (any brand) attached via a serial cable to the console - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 76
5. Firewall, Failover and OOB Access 5.2.1 Configure Dial-In PPP Enable PPP access on the internal or externally attached modem: • Select the System: Dial menu option and the port to be configured (Serial DB9 Port, Internal Modem Port or External USB Port). • Select the Baud Rate and Flow Control - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 77
5. Firewall, Failover and OOB Access 77 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 78
are configured when the User is set up. Earlier firmware is only supported for one PPP dial-in account. Section 13. Management contains examples of click Next. On the Getting Ready screen, select Set up my connection manually and click Next. On the Internet Connection screen, select Connect using a - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 79
.com/TUTORIALS/LinuxTutorialPPP.html presents a selection of methods for establishing a dial-up PPP connection: • Command line PPP and manual configuration (which works with any Linux distribution). • Using the Linuxconf configuration tool (for Red Hat compatible distributions). This configures - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 80
5. Firewall, Failover and OOB Access 5.3.1 Always-On Dial-Out With firmware version 3.4 (and later), the console server modem can be configured for out-dial to be always on, with a permanent external dial-up ppp connection. • Select the System: Dial menu option and check Enable Dial-Out to allow - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 81
later than 3.0.2, HTTPS access is also enabled so the administrator can use SSH (or HTTPS) to connect to the console server and fix the problem. When configuring the principal network connection in System: IP, specify the failover interface that will be used when a fault has been detected with - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 82
Override returned DNS Servers box. Enter the IP of the DNS servers into the spaces provided. Note: By default, the advanced console server supports automatic failure-recovery that reverts it back to its original state prior to failover (firmware version 3.1.0 and later). The advanced console server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 83
5. Firewall, Failover and OOB Access 5.5 Broadband Ethernet Failover The second Ethernet port on the console servers can also be configured for failover to ensure transparent high availability. • When configuring the principal network connection, specify Management LAN Interface as the Failover - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 84
is also enabled so the administrator can connect to the console server using SSH (or HTTPS) to fix the problem. By default, the advanced console server supports automatic failure-recovery back to the original state prior to failover (firmware version 3.1.0 and later). The advanced console server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 85
5. Firewall, Failover and OOB Access 5.6.1 Connecting to a 4G LTE Carrier Network Before powering on the console server, install the SIM card provided by your cellular carrier and attach the external aerial. Select Internal Cellular Modem panel on the System: Dial menu. Check Enable Dial-Out - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 86
the cellular modem connection should now be on. • You can verify the connection status from Status: Statistics o Select the Cellular tab. In Service Availability, verify Mode is set to Online. o Select Failover & Out-of-Band. The Connection Status should read "Connected". o Check your allocated IP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 87
When you select Enable Dial-Out on the System: Dial menu, you will be given the option to configure a cellular modem watchdog service (with firmware version 3.5.2u13 and later). This service will periodically ping a configurable IP address. If a set threshold number of consecutive attempts fail, the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 88
each SIM connection with as much information (e.g. APN, etc.), such that it will make a successful connection, assuming sufficient signal strength from the cell service provider. • Enter a Failback Test IP address for each SIM. This IP address is used to ping test the status of the cell modem - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 89
of the last firmware download, and a cryptographic fingerprint that can be used to verify the local files' integrity through Tripp Lite Technical Support.. • Click the Check for Update button to step through the upgrade process. This process contacts the remote server and displays an update summary - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 90
5. Firewall, Failover and OOB Access • The update summary indicates the local and remote fingerprints for comparison, without altering any of the local files. The Advanced section, when expanded, shows a full list of files to be downloaded or deleted, along with their SHA1 hashes (temporary files - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 91
taken by cell-fw-update -d. • Download latest firmware for all carriers supported by the modem: /etc/scripts/cell-fw-update -d Also specify -v it. • If you have a dynamic public IP address plan, a DDNS service will need to be configured to enable the remote administrator to initiate incoming access. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 92
5. Firewall, Failover and OOB Access By default, most providers offer a consumer grade service, which provides dynamic private IP address assignments to 3G devices. This IP address is not enabled on the failover connection (which should enable the administrator to connect and fix the problem). 92 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 93
during failover. The failover state will be removed once the original state has been re-established. For earlier firmware that does not support automatic failure-recovery, restore networking to a recovered state by running the following command: rm -f /var/run/*-failed-over && config -r ipconfig If - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 94
. CSD is provided selectively by carriers. As such, it is important you receive a Data Terminating number as part of the mobile service your carrier provides. This is the number that external modems will call to access the console server. • Select the Cellular Modem panel on the System: - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 95
routing, NAT (Network Address Translation), packet filtering and port forwarding support on all network interfaces. This enables the console server to function and accepts or rejects it based on user-defined rules. • Then Service Access Rules can be set for connecting to the console server/router - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 96
5. Firewall, Failover and OOB Access • Navigate to the System: Firewall page, then click on the Forwarding & Masquerading tab. • Find the Source Network to be routed, then select the relevant Destination Network to enable Forwarding. For example, to configure a single Ethernet device as a cellular - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 97
Client devices on the local network must be configured with Gateway and DNS settings. This can be done statically on each device or using DHCP. Manual Configuration Manually set a static gateway address (the address of the console server) and set the DNS server address to be the same as used on the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 98
5. Firewall, Failover and OOB Access • Click on the Disabled link next to DHCP Server, which will open the System: DHCP Server page. • Check Enable DHCP Server. • To configure the DHCP server, select the Use interface address as gateway check box. • Set the DNS server address(es) to be the same as - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 99
and OOB Access The DHCP server also supports pre-assigning IP addresses to be allocated only in the following fields: Name: Name for the port forward. This should describe the target and the service that the port forward is used to access. Input Interface: This allows the user to only forward - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 100
5. Firewall, Failover and OOB Access For example, to forward port 8443 to an internal HTTPS server on 192.168.10.2, the following settings are used: Input Interface: Any Input Port Range: 8443 Protocol: TCP Output Address: 192.168.10.2 Output Port Range: 443 100 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 101
, the source and/or destination IP address (range), the direction (ingress or egress) and the protocol. This can be used to allow custom on-box services, or block traffic based on policy. To set up a firewall rule: • Navigate to the System: Firewall page and click on the Firewall Rules tab. Note - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 102
5. Firewall, Failover and OOB Access Protocol Select if the firewall rule will apply to TCP or UDP, TCP and UDP, ICMP, ESP, GRE or Any. Direction Select the traffic direction the firewall rule will apply to (Ingress = incoming, or Egress). Action Select the action (Accept or Block) that will - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 103
5. Firewall, Failover and OOB Access 5.8.5 Packet State Matching in Firewall Rules As of firmware version 4.0.0, firewall rules can include packet state matching. This is implemented using an iptables extension module and can be set as follows: Navigate to System > Firewall > Firewall Rules. In - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 104
6. SSH Tunnels and SDT Connector Each console server has an embedded SSH server and uses SSH tunneling so remote users can securely connect through the console server to managed devices by using text-based console tools (e.g., SSH, telnet, SoL), or graphical tools (e.g., VNC, RDP, HTTPS, HTTP, X11, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 105
using the Serial & Network: Network Hosts menu as detailed in section 4.4 Network Hosts. Only these permitted services will be forwarded by SSH to the host. All other services (TCP/UDP ports) will be blocked. Note: Some TCP Ports used by SDT in the console server include: 22 SSH (All SDT tunneled - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 106
2000 and later and on most Linux platforms. Solaris platforms are also supported. However, they must have Firefox installed. SDT Connector can run on console server so it points to the console server. For port forwarding instructions for a range of routers, visit http://www.portforward.com. Also, you - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 107
Retrieve Hosts. This will: o Configure access to network-connected hosts the user is authorized to access and set up (for each of these Hosts), the services (e.g. HTTPS, IPMI2.0) and the related IP ports being redirected. o Configure access to the console server itself (this is displayed as a Local - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 108
Lite console servers support hundreds of simultaneous client tunnels. 6.2.5 Manually Adding Hosts to the SDT Connector Gateway For each gateway, you can manually specify the network-connected hosts accessed through that console server. For each host, specify the services used in communicating - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 109
configuration). • Click OK. 6.2.6 Manually Adding New Services to the New Hosts To extend the range of services that can be used when accessing have clients associated with them. One example of this is the Dell RAC service. The first redirection is for the HTTPS connection to the RAC server. The - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 110
. It is automatically loads in a Java client served through the web browser, so it does not need a local client associated with it. • On the Add Service screen, you can click Add as many times as needed to add multiple new port redirections and associated clients. You may also specify Advanced port - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 111
i.e. the previous field. %host% is the local address to which the local endpoint of the redirection is bound, i.e. the Local Address field for the Service redirection Advanced options. %port% is the local port to which the local endpoint of the redirection is bound, i.e. the Local TCP Port field for - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 112
6. SSH Tunnels and SDT Connector Also, some clients are launched in a command line or terminal window. The telnet client is an example of this. As such, the "Path to client executable file" is telnet and the "Command line format for client executable" is cmd /c start %path% %host% %port%: • Click OK - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 113
, select File: New Host • Enter 127.0.0.1 as the Host Address and provide details in Descriptive Name/Notes. Click OK. • Click the HTTP or HTTPS services icon to access the gateway's management console, and/or click SSH or Telnet to access the gateway command line console. Note: To enable SDT access - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 114
and click the Host icon to create a host. Alternately, select File: New Host. • Enter 127.0.0.1 as the Host Address and select Serial Port 2 for service. In Descriptive Name, enter something along the lines of Loopback ports, or Local serial ports. Click OK. • Click the Serial Port 2 icon for Telnet - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 115
6. SSH Tunnels and SDT Connector 6.5 Using SDT Connector for Out-of-Band (OOB) Connection to the Gateway SDT Connector can also be set up to connect to the console server (gateway) out-of-band (OOB). OOB access uses an alternate path for connecting to the gateway to that used for regular data - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 116
bar will change color to indicate this gateway is now being accessed using the OOB link rather than the primary link. When you connect to a service on a host behind the gateway, or to the console server gateway itself, SDT Connector will initiate the OOB connection using the provided Start Command - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 117
6. SSH Tunnels and SDT Connector 6.8 Setting up SDT for Remote Desktop Access Microsoft's Remote Desktop Protocol (RDP) enables the system manager to securely access and manages remote Windows computers - to reconfigure applications and user profiles, upgrade the server's operating system, reboot - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 118
6. SSH Tunnels and SDT Connector 6.8.2 Configure the Remote Desktop Connection Client With the Client PC securely connected to the console server (locally, remotely from the enterprise VPN, or a secure SSH internet tunnel or dial-in SSH tunnel), you can establish the remote desktop connection from - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 119
: widthxheight or 70% screen percentage. Use -p - to receive password prompt. You can use GUI front end tools like the GNOME Terminal Services Client tsclient to configure and launch the rdesktop client (using tsclient also enables you to store multiple configurations of rdesktop for connection to - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 120
://www.tightvnc.com is an enhanced version of VNC. It has added features such as file transfer, performance improvements, and read-only password support. They have just recently included a video drive much like UltraVNC. TightVNC is still free, cross-platform (Windows UNIX and Linux) and compatible - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 121
and/or control the Mac OS X machine. OSXvnc is supported by Redstone Software. Most other operating systems (Solaris, HPUX, refer to http://doc.uvnc.com for detailed configuration instructions). • To establish the VNC connection, first Manually Adding New Services to the New Hosts) e.g., :1234. 121 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 122
6. SSH Tunnels and SDT Connector When the Viewer PC is directly connected to the console server (i.e. locally or remotely via VPN or dial-in connection) and the VNC Host computer is serially connected to the console server, enter the IP address of the console server unit with the TCP port that the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 123
Windows computer and through its COM port to the console server. Both Windows 2003 and Windows XP Professional allow you to create a simple dial-in service which can be used for the Remote Desktop/VNC/HTTP/X connection to the console server: • Open Network Connections in Control Panel and click the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 124
6. SSH Tunnels and SDT Connector • On the Network Connection screen, select TCP/IP, then click Properties. • Select Specify TCP/IP addresses on the Incoming TCP/IP Properties screen, then select TCP/IP. Assign a From: and a To: TCP/IP address. Click Next. Note: You can choose any TCP/IP addresses as - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 125
put portxx where xx = the port you are connecting to. For example, for port 3, you would have a Host Address of: port03, then select the RDP Service check box. 6.11 SSH Tunneling Using Other SSH Clients (e.g. PuTTY) It is recommend you use the SDT Connector client software supplied with the console - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 126
6. SSH Tunnels and SDT Connector The steps below show the establishment of an SSH tunneled connection to a network-connected device using the PuTTY client software. In the Session menu, enter the console server's IP address in the Host Name or IP address field. • For dial-in connections, this IP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 127
6. SSH Tunnels and SDT Connector • If your destination computer is serially connected to the console server, set the destination as :3389. If the label you specified on the console server's serial port is win2k3, then specify the remote host as win2k3:3389. Alternately, you can set the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 128
6. SSH Tunnels and SDT Connector 6.12 VNC Security VNC access generally allows access to your whole computer, so maintaining strong security is important. VNC uses a random challenge-response system to provide the basic authentication that allows you to connect to a VNC server. This is reasonably - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 129
7. Alerts, Auto-Response and Logging This chapter describes the automated response, alert generation and logging features of the console server. The Auto-Response facility extends on the basic Alert facility available in earlier (pre-V3.5) firmware revisions. With autoresponse, the console server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 130
7. Alerts, Auto-Response and Logging • Enter any required delay time before repeating trigger actions in Repeat Trigger Action Delay. This delay starts after the last action is queued. • Check Disable Auto-Response at specific times. You will be able to periodically disable auto-responses between - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 131
7. Alerts, Auto-Response and Logging 7.2 Check Conditions To configure the condition that will trigger the auto-response: • Click on the Check Condition type (e.g. Environmental, UPS Status or ICMP ping) to be configured as the trigger for this new auto-response in the Auto-Response Settings menu. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 132
7. Alerts, Auto-Response and Logging 7.2.3 UPS/Power Supply To use the properties of any attached UPS as the trigger event: • Click on UPS / Power Supply as the Check Condition. • Select UPS Power Device Property (Input Voltage, Battery Charge %, Load %, Input Frequency Hz or Temperature in °C) that - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 133
7. Alerts, Auto-Response and Logging 7.2.5 Serial Login, Signal or Pattern To monitor serial ports and check for login/logout or pattern matches for auto-response triggers events: • Click on Serial Login/Logout as the Check Condition. In the Serial Login/Logout Check menu, select Trigger on Login ( - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 134
7. Alerts, Auto-Response and Logging To monitor USB ports: • Click USB Console Status as the Check Condition. • Check the Trigger on Connect checkbox, the Trigger on Disconnect checkbox, or both checkboxes to set which actions trigger the auto-response. • Check each USB port to be monitored (or - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 135
, and Tripp Lite Console Managers have the LLDP service disabled by default. Documentation Both lldpd and lldpcli have standard manual pages. However, due to space constraints, these manual pages are not shipped with Tripp Lite hardware. Both manual pages are available on the lldpd project web-site - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 136
7. Alerts, Auto-Response and Logging 7.2.10 Custom Check This check allows users to run an assigned custom script with assigned arguments whose return value is used as an autoresponse trigger event: • Click on Custom Check as the Check Condition. • Create an executable trigger check script file - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 137
7. Alerts, Auto-Response and Logging 7.2.11 SMS Command An incoming SMS command from an assigned caller can trigger an auto-response: • Click on SMS Command as the Check Condition. • Specify which Phone Number (in international format) of the phone sending the SMS message. For multiple trusted SMS - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 138
7. Alerts, Auto-Response and Logging • Check Trigger on Login (Logout) to trigger when a user logs into (or out of) the Web UI. • Check Trigger on Authentication Error to trigger when a user fails to authenticate to the Web UI. Note: This check is not resolvable. Resolve actions will not run. 7.2.13 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 139
7. Alerts, Auto-Response and Logging 7.2.14 Routed Data Usage Check This check monitors the specified input interface for data usage being routed through the console server and out through another interface, such as the Internal Cellular Modem. Routed data usage check is particularly useful in IP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 140
7. Alerts, Auto-Response and Logging Note: A message text can be sent with Email, SMS and Nagios actions. This configurable message can include selected values: $AR_TRIGGER_VAL = the trigger value for the check e.g. for UPS Status, it could be onbatt or battlow $AR_VAL = the value returned by the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 141
an incoming SMS, or set up an OpenVPN tunnel whenever your Tripp Lite device fails over to use the cellular connection. Note: If any IPsec service or OpenVPN tunnel is to be controlled by the Network Interface Event Action, you will need to have checked the Control by Auto-Response box - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 142
remote alerts to be sent as Trigger and Resolve Actions. Before such alert notifications can be sent, you must configure the assigned alert service. 7.5.1 Send Email Alerts The console server uses SMTP (Simple Mail Transfer Protocol) for sending the email alert notifications. To use SMTP, the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 143
enter a Sender email address which will appear as the "from" address in all email notifications sent from this console server. Some SMS gateway service providers only forward email to SMS when the email has been received from authorized senders. You may need to assign a specific authorized email - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 144
not disrupt existing SNMP management. When upgrading from old firmware that does not support the newer SNMP MIBs/traps (versions before 3.10.2) to firmware that does support the new MIBs/traps: • If the SNMP service was enabled and an SNMP manager was configured before upgrading the firmware, the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 145
. • Enter the TCP/IP port number into the Manager Trap Port field (default =162). • Select the Version to be used. The console server SNMP agent supports SNMP v1, v2 and v3. • Enter the Community name for SNMP v1 or SNMP v2c. At a minimum, a community needs to be set for either SNMP - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 146
7. Alerts, Auto-Response and Logging o Complete the Username. This is the Security Name of the SNMPv3 user sending the message. This field is mandatory and must be completed when configuring the console server for SNMPv3. o An Authentication Protocol (SHA or MD5) and Authentication Password must be - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 147
7. Alerts, Auto-Response and Logging 7.6.1 Log Storage Before activating any Event, Serial, Network or UPS logging, you must specify where those logs are to be saved. These records are stored off-server or in the Tripp Lite gateway's USB flash memory. Select the Alerts & Logging: Port Log menu - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 148
data select Manage: Port Logs. 7.6.3 Network TCP and UDP Port Logging The console server supports optional logging of access to and communications with network-attached hosts. • For each host, when you set up the permitted services that are authorized to be used, you also must set up the level of - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 149
7. Alerts, Auto-Response and Logging • Specify the logging level that is to be maintained for that particular TDC/UDP port/service on that particular host: Level 0 Turns off logging for the selected TDC/UDP port to the selected host. Level 1 Logs all connection events to the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 150
Management Console), an SNMP management package, or using the vendor-supplied control software. Servers and network-attached devices with embedded IPMI service processors or BMCs are supplied with their own management tools (like SoL) to provide secure management when connected using with SDT - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 151
8. Power, Environment and Digital I/O • Select the Serial & Network: RPC Connections menu. This will display all RPC connections that have already been configured. • Click Add RPC. • Connected Via presents a list of serial ports and network host connections you have set up with device type RPC (but - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 152
embedded Network UPS Tools. o If you are connecting to the RPC by a serial port, you will be presented with all the serial RPC types currently supported by the embedded PowerMan and Tripp Lite's power manager: • Enter the Username and Password used to log in to the RPC. Note: These login credentials - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 153
can be added directly (refer to 14. Configuration from the Command Line) or by having the PDU support added to either the Network UPS Tools or PowerMan open source projects. IPMI service processors and BMCs can be configured so all authorized users can use the management console to remotely cycle - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 154
serial and network attached PDU power strips, servers with embedded IPMI service processors or BMCs: • Select Manage: Power, the particular Target device to be controlled and the outlet to be controlled (if the RPC supports outlet level control). • The outlet status is displayed. You can initiate the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 155
8. Power, Environment and Digital I/O 8.1.4 RPC Status You can monitor the current status of your network and serially connected PDUs and IPMI RPCs. • Select the Status: RPC Status menu. A table with the summary status of all connected RPC hardware will display. • Click on View Log or select the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 156
8. Power, Environment and Digital I/O 8.2 Uninterruptible Power Supply (UPS) Control All Tripp Lite console servers can be configured to manage locally and remotely connected UPS hardware using Network UPS Tools. Network UPS Tools (NUT) is a group of open source programs that provide a common - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 157
8. Power, Environment and Digital I/O Serial and network-connected UPS systems must first be connected to and configured to communicate with the console server: • For serial UPS systems, attach the UPS to the selected serial port on the console server. From the Serial and Network: Serial Port menu, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 158
you wish to have the status from this UPS be logged. These logs can then be viewed from the Status: UPS Status screen. • If Nagios services are enabled, you will be presented with an option for Nagios monitoring. Check the Enable Nagios checkbox to allow the UPS to be monitored using - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 159
8. Power, Environment and Digital I/O 8.2.2 Remote UPS Management A remote UPS is a managed device connected to a remote console server that is being monitored (but not managed) by your console server. The upsc and upslog clients in the Tripp Lite console server can configured to monitor remote - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 160
run, allowing you to perform any final shutdown actions. • Click Apply. Note: The remote UPS feature is supported on all console servers with firmware version 2.8 and later. Earlier versions support a single remote "Monitored UPS", which could be set to trigger the console server shutdown script - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 161
8. Power, Environment and Digital I/O 8.2.5 UPS Status You can monitor the current status of your network, serial or USB-connected managed UPS systems and any configured remote UPS systems. • Select the Status: UPS Status menu. A table with the summary status of all connected UPS hardware will - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 162
8. Power, Environment and Digital I/O • By selecting UPS Logs, you will be presented with the log table of the load, battery charge level, temperature and other status information from all managed and monitored UPS systems. This information is logged for all UPS systems configured with the Log - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 163
Environmental Monitoring The B090-EMD Environmental Monitoring Device (EMD) can be connected to any Console Server serial port and each Console Server can support multiple EMDs. Each EMD has one temperature sensor, one humidity sensor and one general-purpose status sensor that can be connected to - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 164
Server Vibration Sensor B090-SD-110 - Console Server Smoke Detector - 110V B090-SD-220 - Console Server Smoke Detector - 120V Note: Console servers only support attaching a single sensor to each EMD. The EMD can only be used with a console server and cannot be connected to standard RS-232 serial - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 165
8. Power, Environment and Digital I/O • When configured as Inputs, the SENSOR and DIO ports are notionally attached to the internal EMD. Go to the Serial & Network: Environmental page and enable the Internal EMD. Then configure the attached sensors as alarms, as covered in the next section. 8.3.2 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 166
8. Power, Environment and Digital I/O • You may optionally calibrate the EMD with a Temperature Offset (+ or - °C) or Humidity Offset (+ or percent). If you check Temperature in Fahrenheit, the temperature will be reported in Fahrenheit. Otherwise, it will be reported in degrees Celsius. • Provide - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 167
8. Power, Environment and Digital I/O 8.3.4 Environmental Status You can monitor the current status of all configured external EMDs and their sensors, as well as any internal or directly attached sensors. • Select the Status: Environmental Status menu. A table with the summary status of all - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 168
9. Authentication The console server platform is a dedicated Linux computer and embodies myriad popular and proven Linux software modules for networking, secure access (OpenSSH), communications (OpenSSL) and sophisticated user authentication (PAM, RADIUS, TACACS+, Kerberos and LDAP). More details on - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 169
, enter the TACACS Group Membership Attribute to be used to indicate group memberships (defaults to groupname#n). • If required, specify the TACACS Service used to authenticate. This determines which set of attributes are returned by the server (defaults to raccess). • If required, check Default - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 170
single access control server (the TACACS+ daemon) to provide authentication, authorization and accounting services independently. Each service can be tied into its own database to take advantage of other services available on that server or network, depending on the capabilities of the daemon. There - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 171
9. Authentication RADIUS The Remote Authentication Dial-In User Service (RADIUS) protocol was developed by Livingston Enterprises as an access server authentication and accounting protocol. The RADIUS server can support a variety of methods to authenticate a user. When provided with the username - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 172
9. Authentication Note: The libldap library is particular about ensuring SSL connections are using certificates signed by a trusted CA. As such, it is often not easy to set up a connection to an LDAP server using SSL. Perform the following procedure to configure the LDAP authentication method used - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 173
server at /etc/config/ldaps_ca.crt. Also, the file name must be ldaps_ca.crt. You will need to copy the file to this location and manually name using 'scp' or the like. Some examples include: scp /local/path/to/myCA.c rt root@console_server:/etc/config/ldaps_ca.crt 173 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 174
9. Authentication • Enter the Server Password. • Click Apply. LDAP remote authentication will now be used for all user access to the console server and serially or network attached devices. LDAP The Lightweight Directory Access Protocol (LDAP) is based on the X.500 standard, but is significantly - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 175
any local group names, the user is given permissions as configured in the local groups. To enable group support by remote authentication services: • Select Serial & Network: Authentication. • Select the relevant Authentication Method. • Check the Use Remote Groups button. 9.1.7 Remote Groups with - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 176
9. Authentication Edit the RADIUS user's file to include group information and restart the RADIUS server. When using RADIUS authentication, group names are provided to the console server using the Framed-Filter-Id attribute. This is a standard RADIUS attribute and may be used by other devices that - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 177
each group will have the appropriate permissions to access the router and UPS. Currently, the only LDAP directory service that supports group provisioning is Microsoft Active Directory. Support is planned for OpenLDAP later. To enable group information to be used with an LDAP server: • Complete the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 178
, there are two ways to grant a remotely authenticated user privileges. The first is to set the priv-lvl and port attributes of the raccess service to 12 (refer to 9.2 PAM for more information). Group names can also be provided to the console server using the groupname custom attribute of - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 179
9. Authentication 9.1.10 Idle Timeout You can specify amount of time in minutes the console server waits before it terminates an idle ssh, pmshell or web connection. • Select Serial and Network: Authentication. • Web Management Session Timeout specifies the browser console session idle timeout in - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 180
is that each time a new authentication scheme is developed, it requires all the necessary programs (login, ftpd, etc.) to be rewritten to support it. PAM provides a way to develop programs that are independent of authentication scheme. These programs need "authentication modules" to be attached to - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 181
{ priv-lvl = 11 port1 = b093/port02 } global = cleartext mit } RADIUS Example: paul Cleartext-Password := "luap" Service-Type = Framed-User, Fall-Through = No, Framed-Filter-Id=":group_name=admin:" The list of groups may include any number of entries separated by a comma. If - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 182
9. Authentication Activate your preferred browser and enter https:/ / IP address. Your browser may respond with a message verifying the validity of the security certificate, while noting that it is not necessarily verified by a trusted authority. To proceed, click Yes if using Internet Explorer or - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 183
9. Authentication The console server must be enabled to generate a new cryptographic key and the associated Certificate Signing Request (CSR) that needs to be certified by a Certification Authority (CA). A certification authority verifies you are the person who you claim you are and signs and issues - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 184
Nagios server at remote sites. Tripp Lite console servers support distributed monitoring. Even if distributed monitoring is not required, server. • If the console server is to periodically report on Nagios monitored services, the NSCA client embedded in the console server must be configured in - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 185
10. Nagios Integration 10.2.1 Enable Nagios on the Console Server Select System: Nagios on the console server management console and check the service Enabled checkbox. Enter the Nagios Host Name the console server will be referred to in the Nagios central server. This will be generated from local - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 186
10. Nagios Integration 10.2.2 Enable NRPE Monitoring Enabling NRPE allows you to execute plug-ins such as check_tcp and check_ping on the remote console server to monitor serial or network attached remote servers. This will offload the CPU from the upstream Nagios monitoring machine, which is - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 187
10. Nagios Integration 10.2.3 Enable NSCA Monitoring NSCA sends passive check results from the remote console server to the Nagios daemon running on the monitoring server. To enable NSCA: • Select System: Nagios and check NSCA Enabled. • Select the Encryption to be used from the dropdown menu. Enter - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 188
to add a specific check to be run on this host. • Select Check Permitted TCP/UDP to monitor a service you have previously added as a Permitted Service. • Select Check TCP/UDP to specify a service port you wish to monitor, but do not wish to allow external (SDT Connector) access to. • Select Check - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 189
10. Nagios Integration • The Nagios Check assigned as the check-host-alive check determines whether the network host is up or down. • Typically, this will be Check Ping. In some cases, the host will be configured to not respond to pings. • If no check-host-alive is selected, the host will always be - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 190
method and defaulting to NRPE if checked late. For more information, refer to Nagios documentation (http://www.nagios.org/docs/) on Service and Host Freshness Checks. ; Host definitions ; ; Tripp Lite Console server define host{ use generic-host host_name tripp-lite alias Console server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 191
$USER1$/check_nrpe -H 192.168.254.147 -p 5666 -c host_ping_$HOSTNAME$ } define service { service_description Host Ping host_name server use generic-service check_command check_ping_via_tripp-lite } define service { service_description host-ping-server host_name server use generic - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 192
-ins are compiled executables or scripts that can be scheduled to be run on the console server to check the status of a connected host or service. This status is then communicated to the upstream Nagios server, which uses the results to monitor the current status of the distributed network. Each - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 193
10. Nagios Integration 10.3.3 Additional Plug-Ins Additional Nagios plug-ins (listed below) are available for all B097 and B098 models: check_apt check_by_ssh check_clamd check_dig check_dns check_dummy check_fping check_ftp check_game check_hpjd check_http check_imap check_jabber check_ldap - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 194
10.3.4 Number of Supported Devices The number of devices that can be supported by a console 6 seconds NRPE time to service 1 check NRPE time to service 10 simultaneous checks Maximum number failure or other incident that causes multiple problems, the individual refresh checks will be staggered - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 195
, the console server, NRPE server or NSCA client can be configured to make active checks of configured services and upload to the Nagios server waiting passively. It can also be configured to service NRPE commands to perform checks on demand. In this situation, the console server will perform checks - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 196
10. Nagios Integration Remote Site with Restrictive Firewall In this scenario, the console server's role will vary. One aspect may be to upload check results through NSCA. Another may be to provide an SSH tunnel to allow the Nagios server to run NRPE commands. Remote Site with No Network Access In - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 197
11. System Management This chapter describes how the Administrator can perform a range of general console server system administrative and configuration tasks. 11.1 System Administration and Reset The Administrator can reboot or reset the gateway to default settings. To perform a soft reset: • - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 198
in the header of each page. • Alternately, selecting Status: Support Report reports the Firmware Version. • To upgrade, you first must download the latest firmware image from www.tripplite.com/support. • Save this downloaded firmware image file on to a system on the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 199
with the NTP server. • Click Apply NTP Settings. If remote NTP is not used, the time can be set manually: • Enter the Year, Month, Day, Hour and Minute using the Date and Time selection boxes. • Check Set page and ensure the appropriate networks are selected on the Service Access tab under System - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 200
console server. Some console server models allow you to save the backup file locally onto the USB storage. To do so, your console server must support USB and have an internal or external USB flash drive installed. 200 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 201
11. System Management To backup and restore using USB: • Ensure the USB flash is the only USB device attached to the console server. • Select the Local Backup tab and click here to proceed. This will set a volume label on the USB storage device. This preparation step is only necessary the first time - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 202
11. System Management 11.5 Delayed Configuration Commit This mode allows the grouping or queuing of configuration changes and the simultaneous application of these changes to a specific device. For example, changes to authentication methods or user accounts may be grouped and run once to minimize - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 203
11. System Management To queue, then run configuration changes: • First, apply all the required changes to the configuration (e.g., modify user accounts, amend authentication method, enable OpenVPN tunnel or modify system time). • Click the Commit Config button. This will generate the System: Commit - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 204
meet the FIPS 140-2 standards and has received Certificate #1051. When configured in FIPS mode, all SSH, HTTPS and SDT Connector access to all services on the advanced console servers will use the embedded FIPS-compliant cryptographic module. To connect, you must also use FIPS-approved cryptographic - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 205
12. Status Reports 12.1 Port Access and Active Users The Administrator can see which Users have access privileges with which serial ports: • Select Status: Port Access. The Administrator can also see the current status of Users who have active sessions on those ports: • Select Status: Active Users. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 206
that will assist the Tripp Lite technical support team to solve any problems you may experience with your console server. If you experience a problem and have to contact support, ensure you include the Support Report with your email support request. The Support Report should be generated when the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 207
12. Status Reports 12.4 Syslog The Linux System Logger in the console server maintains a record of all system messages and errors: • Select Status: Syslog. The syslog record can be redirected to a remote Syslog Server: • Enter the remote Syslog Server Address and Syslog Server Port details. Click - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 208
12. Status Reports 12.5 Dashboard The Dashboard provides the Administrator with a summary of the status of the console server and its managed devices. Custom dashboards can be configured for each user group. 12.5.1 Configuring the Dashboard Only users in the admin group (and the root user) can - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 209
12. Status Reports Note: The Alerts widget is a new screen that shows the current alerts status. When an alert is triggered, a corresponding .XML file is created in /var/run/alerts/. The dashboard scans all of these files and displays a summary status in the alerts widget. When an alert is deleted, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 210
12. Status Reports 12.5.2 Creating Custom Widgets for the Dashboard To run a custom script inside a dashboard widget: Create a file called widget-.sh in the folder /etc/config/scripts / , where can be of your choosing. You can have as many custom dashboard files as desired. Inside this - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 211
13. Management The console server has a small number of Manage reports and tools available to both Administrators and Users: • Access and control authorized devices • View serial port logs and host logs for those devices • Use SSH or Web Terminal to access serially attached consoles • Control power - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 212
the console server using HTTP or HTTPS as a terminal, without the need for additional client installation on the user's PC. • The SDT Connector service launches a pre-installed SDT Connector client on the user's PC to establish secure SSH access, then uses pre-installed client software on the client - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 213
13. Management 13.3.1.2 Web Terminal to Serial Device To enable the web terminal service for each serial port you want to access: • Select Serial & Network: Serial Port and click Edit. Ensure port devices. However, jcterm is known to have JRE compatibility issues and is no longer supported. 213 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 214
13. Management 13.3.2 SDT Connector Access Administrator and Users can communicate directly with the console server command line and devices attached to the console server serial ports using SDT Connector and their local tenet client, or using a Web terminal and browser. • Select Manage: Terminal. • - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 215
the password default. The command line prompt should appear as a hash (#). This section is not intended to teach you Linux. In following these instructions, we assume you already have a certain level of understanding before executing Linux kernel level commands. The config tool Syntax config [ -ahv - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 216
, and then save. The registered configurators are: alerts auth cascade console dhcp dialin eventlog hosts ipaccess ipconfig nagios power serialconfig services Secondary systemsettings time ups users There are three ways to delete a config element value. The simplest way is use the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 217
-s config.ports.port5.flowcontrol=None The following command will synchronize the live system with the new configuration: # config -r serialconfig Note: Supported serial port baud-rates are '50', '75', '110', '134', '150', '200', '300', '600', '1200', '1800', '2400', '4800', '9600', '19200', '38400 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 218
.mode=bridge Optional configurations for the network address of RFC-2217 server of 192.168.3.3 and TCP port used by the RFC-2217 service = 2500: # config -s config.ports.port5.bridge.address=192.168.3.3 # config -s config.ports.port5.bridge.port=2500 To enable RFC-2217 access: # config -s config - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 219
encrypt it. In fact, the value of any config element can be encrypted using the -P parameter, but only encrypted user passwords and system passwords are supported. If any other element value were to be encrypted, the value will become inaccessible and have to be reset. To add this user to specific - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 220
14. Configuration from the Command Line To remove port access: # config -s config.users.user2.port1='' (the value is left blank) or simply: # config -d config.users.user2.port1 The port number can be anything from 1 to 48, depending on the available ports on the specific console server. For example, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 221
not be affected. Only the group details are deleted. The administrator is responsible for reviewing config.xml and removing group dependencies and references manually, specifically if the group had access to a host or RPC device. The following command will synchronize the live system with the new - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 222
-s config.sdt.hosts.host4.udpports.udpport2=443 # config -s config.sdt.hosts.host4.udpports.udpport2.loglevel=0 The loglevel can have a value of 0 or 1. The default services that should be configured are: 22/tcp (ssh), 23/tcp (telnet), 80/tcp (http), 443/tcp (https), 1494/tcp (ica), 3389/tcp (rdp - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 223
when adding more Secondary devices. Note: If a Secondary device is added using the CLI, the Primary SSH public key will need to be manually copied to every Secondary device before cascaded ports will work. Refer to 4. Serial Port, Host, Device and User Configuration. The following command will - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 224
14. Configuration from the Command Line 14.1.8 UPS Connections Managed UPS Systems Before adding a managed UPS, make sure at least one port has been configured to run in 'device mode', and that the device is set to 'ups'. To add a managed UPS with the following values: Connected via Port 1 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 225
14. Configuration from the Command Line Remote UPS Systems To add a remote UPS with the following details (assuming this is your first remote UPS): UPS name oldUPS Description UPS in room 2 Address 192.168.50.50 Log status Disabled Log rate 240 seconds Run shutdown script - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 226
14. Configuration from the Command Line 14.1.10 Environmental To configure an environmental monitor with the following details: Monitor name Envi4 Monitor Description Monitor in room 5 Temperature offset 2 Humidity offset 5 Enable alarm 1 ? yes Alarm 1 label door alarm - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 227
14. Configuration from the Command Line 14.1.12 Port Log To configure serial/network port logging: # config -s config.eventlog.server.address='remote server ip address' # config -s config.eventlog.server.logfacility='facility' 'facility' can be: Daemon Local 0-7 Authentication Kernel User Syslog - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 228
14. Configuration from the Command Line Below are the specific settings, depending on the type of alert required: Connection Alert To trigger an alert when a user connects to serial port 5 or network host 3: # config -s config.alerts.alert2.host3='host name' # config -s config.alerts.alert2.port5=on - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 229
14. Configuration from the Command Line Example 2: To configure a load sensor alert for outlets 2 and 4 for an RPC called 'RPCInRoom20': # config -s config.alerts.alert2.outlet1='RPCname'.outlet2 # config -s config.alerts.alert2.outlet2='RPCname'.outlet4 # config -s config.alerts.alert2.enviro.high - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 230
and encrypt it. The value of any config element can be encrypted using the -P parameter, but only encrypted user passwords and system passwords are supported. If any other element value were to be encrypted, the value will become inaccessible and must be reset. An alternative to the second command - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 231
pool.ntp.org, issue the following commands: # config -s config.ntp.enabled=on # config -s config.ntp.server=pool.ntp.org Alternately, you can manually change the clock settings: To change running system time: # date 092216452005.05 Format is MMDDhhmm[[CC]YY][.ss] The following command will - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 232
.password=secret To make the dialed connection the default route: # config -s config.console.ppp.defaultroute=on Please note that supported authentication types are 'None', 'PAP', 'CHAP' and 'MSCHAPv2'. Supported serial port baud-rates are '9600', '19200', '38400', '57600', '115200', and '230400 - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 233
.lan.dhcpd.staticips.total=1 The following command will synchronize the live system with the new configuration: # config -a 14.1.21 Services You can manually enable or disable network servers from the command line. For example, to guarantee the following server configuration: HTTP Server - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 234
14. Configuration from the Command Line 14.1.22 NAGIOS To configure NAGIOS with the following settings: NAGIOS host name NAGIOS host address NAGIOS server address Enable SDT for NAGIOS ext. SDT gateway address Prefer NRPE over NSCA b098-16 (Name of this system) 192.168.0.1 (IP to find - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 235
Linux commands and the config utility (as described in 14. Configuration from the Command Line). The Linux kernel in the console server also supports GNU bash shell script enabling the Administrator to run custom scripts. This chapter presents a number of useful scripts and scripting tools including - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 236
15. Advanced Configuration This code shows there are two alternative scripts that can be run instead of the default script. This code first checks whether a file "/etc/config/scripts/pattern-alert.${ALERT_PORTNAME}" exists. The variable ${ALERT_PORTNAME} must be replaced with "port01" or "port13", - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 237
15. Advanced Configuration 15.1.5 Deleting Configuration Values from the CLI The delete-node script is provided to help with deleting nodes from the command line. The "delete-node" script takes one argument: the node name you want to delete (e.g., "config.users.user1" or "config.sdt.hosts.host1"). - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 238
15. Advanced Configuration # Make backup copy of config file cp /etc/config/config.xml /etc/config/config.bak echo "backup of /etc/config/config.xml saved in /etc/config/config.bak" if [ -z $NUMBER ] # test whether a singular node is being \ #deleted e.g. config.sdt.hosts then echo "deleting $1" - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 239
(and the router has an internal IP address of 192.168.22.2), the following instructions will show you how to continuously ping the router. When the router fails to script is only run by default when the system boots. You can manually run the rc.local script or the ping-detect script, if desired. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 240
15. Advanced Configuration if [ "$LOSS" -eq "100" ] then COUNTER=`expr $COUNTER + 1` else COUNTER=0 sleep 30s fi if [ "$COUNTER" -eq 5 ] then COUNTER=0 "$@" sleep 2s fi done 15.1.7 Running Custom Scripts when a Configurator is Invoked A configurator is responsible - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 241
> This will extract the contents of the previously created backup to /tmp, and then synchronize the /etc/config directory with the copy in /tmp. One problem that may arise is a lack of space in /tmp to extract files to. The following command will temporarily increase the size of /tmp: mount -t tmpfs - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 242
: To connect to port 8 via the portmanager: # pmshell -l port08 pmshell Commands: Once connected, the pmshell command supports a subset of the '~' escape commands that tip/cu support. For SSH you must prefix the escape with an additional '~' command (i.e. use the '~~' escape). Send Break: Typing - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 243
15. Advanced Configuration Per port control command config parameters: config.ports.portX.ctrlcode.break - Generate BREAK. config.ports.portX.ctrlcode.portlog - View History. config.ports.portX.ctrlcode.power - Power menu. config.ports.portX.ctrlcode.chooser - Connect to port menu. config.ports. - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 244
a chat script via the portmanager: # pmchat -v -f /etc/config/scripts/port08.chat < /dev/port08 For more information on using chat (and pmchat), consult the UNIX manual pages: http://techpubs.sgi.com/library/tpl/cgibin/getdoc.cgi?coll=linux&db=man&fname=/usr/share/catman/man8/chat.8.html pmusers The - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 245
portmanager daemon There is normally no need to stop and restart the daemon. To restart the daemon normally, simply run the command: # portmanager Supported command line options are: Force portmanager to run in the foreground: --nodaemon Set the level of debug logging: --loglevel={debug,info,warn - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 246
Hayes-compatible data and data/fax modems. mgetty knows about modem initialization, manual modem answering (so your modem does not answer if the machine is provides extensive logging facilities. All standard mgetty options are supported. Modem initialization strings: • To override the standard modem - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 247
and returns the information to the sender. Note: Initially, only advanced console server models were equipped with an SNMP Service. With firmware version 3.0 (and later), this support was extended to all console servers. Also, the MIBS were extended (and renamed for compliance) with this firmware - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 248
for the interface required. This will allow SNMP requests through the firewall for the specified interface. 15.5.3 Enable SNMP Service The console server supports different versions of SNMP, including SNMPv1, SNMPv2c and SNMPv3. SNMP, although an industry standard, brings with it a variety of - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 249
15. Advanced Configuration • Enter the Read-Only Community and Read-Write Community. This is required for SNMP v1 & v2c only. The ReadOnly Community field is used to specify the SNMPv1 or SNMPv2c community allowed read-only (GET and GETNEXT) access. This must be specified in order for both versions - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 250
SNMP servers using the management console (refer to 7. Alerts, Auto-Response and Logging) or the command line config tool. Further SNMP servers must be added manually using config. Log in to the console server's command line shell as root or an admin user. Refer to the management console UI or user - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 251
security bugs fixed, new features reintroduced and many other fixes. The only changes in the Tripp Lite SSH implementation are: • PAM support. • EGD[1]/PRNGD[2] support and replacements for OpenBSD library functions that are absent from other versions of UNIX. • The config files are now in /etc - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 252
15. Advanced Configuration 15.6.2 Generating Public Keys (Linux) To generate new SSH key pairs, use the Linux ssh-keygen command. This will produce an RSA or DSA public/private key pair. You will be prompted for a path to store the two key files e.g. id_dsa.pub (the public key) and id_dsa (the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 253
15. Advanced Configuration 15.6.3 Installing the SSH Public/Private Keys (Clustering) For Tripp Lite console servers, the keys are simply uploaded through the web interface on the System: Administration page. This enables you to upload stored RSA or DSA Public Key pairs to the Primary device and - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 254
15. Advanced Configuration If the Tripp Lite device selected to be the server will have only one client device, the authorized_keys file is simply a copy of the public key for that device. If one or more devices will be clients of the server, the authorized_keys file will contain a copy of all - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 255
15. Advanced Configuration • Follow the instruction to move the mouse over the blank area of the program in order to create random data used by PUTTYGEN to generate secure keys. Key - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 256
changed, it can be removed from the ~/.ssh/known_hosts file with the new fingerprint added. If it has not changed, this indicates a serious problem that should be investigated immediately. 15.6.7 SSH Tunneled Serial Bridging You have the option to apply SSH tunneling when two Tripp Lite console - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 257
15. Advanced Configuration As detailed in 4. Serial Port, Host, Device and User Configuration, the server console server is set up in Console Server mode with either RAW or RFC2217 enabled, and the client console server is set up in Serial Bridging mode with the Server Address and Server TCP Port ( - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 258
15. Advanced Configuration To generate the keys using OpenBSD's OpenSSH suite, use the ssh-keygen program: $ ssh-keygen -t [rsa|dsa] Generating public/private [rsa|dsa] key pair. Enter file in which to save the key (/home/user/.ssh/id_[rsa|dsa]): Enter passphrase (empty for no passphrase): Enter - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 259
client that SDT Connector launches (e.g., Putty, OpenSSH) and the host's SSH server for public key authentication. 15.7 Secure Sockets Layer (SSL) Support Secure Sockets Layer (SSL) is a protocol developed by Netscape for transmitting private documents via the Internet. SSL works by using a private - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 260
the HTTPS Server The easiest way to enable the HTTPS server is from the web management console. Simply click the appropriate checkbox in Network: Services: HTTPS Server. The HTTPS server will be activated, assuming the ssl_key.pem & ssl_cert.pem files exist in the /etc/config directory. Alternately - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 261
15. Advanced Configuration 15.9 Power Strip Control The console server supports a growing list of remote power-control devices (RPCs), which can be configured using the management console as described in 8. Power, Environment and Digital I/O. These RPCs - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 262
15. Advanced Configuration Target Specification PowerMan target hostnames may be specified as comma-separated or space-separated hostnames or host ranges. Host ranges are of the general form: prefix[n-m,l-k,...], where n < m and l < k, etc. This form should not be confused with regular expression - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 263
attached to a serial port. The configuration also searches for (and loads) /etc/config/powerstrips.xml (if it exists). The user can add their own support for more devices by adding their definitions into /etc/config/powerstrips.xml. This file can be created on a host system and copied to the - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 264
hardware independent of the main CPU, BIOS and OS. The service processor (or Baseboard Management Controller, BMC) is the brain behind Specify an authentication type to use during IPMIv1.5 lan session activation. Supported types are NONE, PASSWORD, MD5, or OEM. -c Present output in CSV - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 265
local IPMB address. The default is 0x20. There is no need to change this setting under normal operation. -o Select the OEM type to support. This usually involves minor hacks in place in the code to work around quirks in various BMCs from various manufacturers. Use -o list to see a list - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 266
15. Advanced Configuration fru Print built-in FRU and scan SDR for FRU locators sel Print System Event Log (SEL) pef Configure Platform Event Filtering (PEF) sol Configure IPMIv2.0 Serial-over-LAN isol Configure IPMIv1.5 Serial-over-LAN user Configure Management Controller users channel - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 267
sending a message. It can inform when the program detects a problem. These programs can inspect the related text files and perform automatic 300 585) and GSM 03.38 (=ETSI TS 100 900). AT command set is supported. Devices can be connected with serial port, infrared or USB. For more information, - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 268
, but not necessary. Rather, they aim to be sufficiently user-friendly for remote hands to manage. This bulk-provisioning feature is supported by firmware version 3.9.1 or later. The basic steps are: 1. Configure an individual "golden Primary" appliance with the baseline configuration shared by - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 269
15. Advanced Configuration 15.15.3 Set Up an Untrusted LAN If network security is a concern, you can have remote hands insert a trusted USB flash drive into the Tripp Lite device during provisioning. A summary of the steps required for deploying configuration in an untrusted network is outlined - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 270
will be disabled. If no option 43 is received over DHCP, no URLs are downloaded and no reboots occur: the system must be manually configured. Once configured (manually or by ZTP), a Tripp Lite device will no longer request option 43 from the DHCP server, and it will ignore option 43 configuration - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 271
can be configured to serve different directories via the command line. For example: config -s config.services.ftp.directory=/var/mnt/storage.usb/my-ftp-dir config -r services The directory will be created if it does not already exist. 15.16.4 Mounting a Preferred USB Disk by Label The "first - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 272
a dedicated Linux computer optimized to provide monitoring and secure access to serial and network consoles of critical server systems and their supporting power and networking infrastructure. Tripp Lite console servers are built on the uCLinux distribution as developed by the uCLinux project. This - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 273
APPENDIX A: Linux Commands and Source Code gzip * hd hostname * httpd hwclock inetd inetd-echo init ip ipmitool iptables ip6tables iptables-restore iptables-save kill * ln * login loopback loopback1 loopback2 loopback8 loopback16 loopback48 ls * mail mkdir * mkfs.jffs2 mknod * more * mount * msmtp - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 274
APPENDIX A: Linux Commands and Source Code pminetd pmloggerd pmshell pmusers portmanager portmap pppd ps * pwd * reboot * rm * rmdir * routed routed routef routel rtacct rtmon scp sed * setmac setserial sh showmac sleep * smbmnt smbmount smbumount snmpd snmptrap sredird ssh ssh-keygen sshd stty - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 275
-class management tool that provides central monitoring of the hosts and services in distributed networks. For CLI details, go to http://www. are licensed under the GNU General Public License (version 2), which Tripp Lite supports. You may obtain a copy of the GNU General Public License at http:// - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 276
you to dangerous voltage, which may cause fire or electric shock. Refer all service to qualified Tripp Lite personnel. • To avoid electric shock, the power cord can reasonably be expected to cause the failure of the life support equipment or to significantly affect its safety or effectiveness is not - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 277
APPENDIX D: Connectivity, TCP Ports and Serial I/O Pin-out standards exist for both DB9 and DB25 connectors. However, there are no pinout standards for serial connectivity using RJ45 connectors. Most console servers and serially managed servers / routers / switches / power devices have adopted - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 278
APPENDIX D: Connectivity, TCP Ports and Serial I/O Local Console Port The LOCAL (console/modem) port on the Console Server uses a standard DB9 connector as tabled below: RS-232 Standard Pinouts The RS-232 pinout standards for the DB9 connectors are: SIGNAL DB9 TXD 3 RXD 2 RTS 7 CTS 8 DSR - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 279
APPENDIX D: Connectivity, TCP Ports and Serial I/O DB9F-RJ45S cross-over connector TCP/UDP Port Numbers Port numbers are divided into three ranges: Well-Known Ports, Registered Ports and Dynamic and/or Private Ports. WellKnown Ports are those from 0 through 1023. Registered Ports are those from - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 280
used by carriers to identify an IP packet data network that a mobile data user wants to communicate with and the type of wireless service. Authentication SMTP (Simple Mail Transfer Protocol) Authentication is the technique by which a process verifies that its communication partner is who it is - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 281
simple links between two peers. The Remote Authentication Dial-In User Service (RADIUS) protocol was developed by Livingston Enterprises as an access server authentication and accounting protocol. The RADIUS server can support a variety of methods to authenticate a user. When it is provided with - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 282
) to and from the remote-client system over a LAN. With SOL support and BIOS redirection (to serial), remote managers can view the BIOS/POST output . Secure Sockets Layer is a protocol that provides authentication and encryption services between a web server and a web browser. The Terminal Access - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 283
licensed under the GNU General Public License Version 2, which Tripp LIte supports, and (2) the SDT Connector includes code from JSch, a pure export or re-export the Software, any part thereof, or any process or service that is the direct product of the Software in violation of any applicable laws - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 284
LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 285
APPENDIX F: End User License Agreements GNU GENERAL PUBLIC LICENSE Version 2, June 1991 Copyright (C) 1989, 1991 Free Software Foundation, Inc. 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA Everyone is permitted to copy and distribute verbatim copies of this license document, but - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 286
APPENDIX F: End User License Agreements 3. You may copy and distribute the Program (or a work based on it, under Section 2) in object code or executable form under the terms of Sections 1 and 2 above provided that you also do one of the following: a) Accompany it with the complete corresponding - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 287
, but may differ in detail to address new problems or concerns. Each version is given a distinguishing version exceptions for this. Our decision will be guided by the two goals of preserving the free DEFECTIVE, YOU ASSUME THE COST OF ALL NECESSARY SERVICING, REPAIR OR CORRECTION. 12. IN NO EVENT - Tripp Lite B098016V | Owners Manual for B093- B097- and B098-Series Console Serv - Page 288
procedures in this manual to insure that the service problem does not originate from a misreading of the instructions. If the problem continues, do not contact or return the product to the dealer. Instead, visit www.tripplite.com/support. If the problem requires service, visit www.tripplite
1
Owner’s Manual
B093-00X-2E4U-X Resilience Gateway
B097-016/048 Console Server
B098-016/048 and B098-016-V
Infrastructure Manager
PROTECT YOUR INVESTMENT!
Register your product for quicker service and ultimate peace of mind.
You could also win an ISOBAR6ULTRA surge protector—a $100 value!
www.tripplite.com/warranty
Copyright © 2018 Tripp Lite. All rights reserved.