Contents Product Description . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1 Features 1 Initial set-up 2 Network management features 3 network management card USER’S GUIDE Introduction--1 Internal Management Features . . . . . . . . . . . . . . . . . . . . . . . . . . . 4 Overview 4 Login control 4 Types of user accounts 5 Front Panel . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Web Interface--23 network management card USER’S GUIDE Control Console Menus . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 19 Overview 19 Main menu 19 Menu structure 20 Device Manager option 21 Network option 21 System option 22 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 23 Overview 23 Supported Web browsers 24 How to Log On . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
network management card USER’S GUIDE Option Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 37 TCP/IP 37 DNS 40 Ping utility (control console) 41 FTP Server 41 Telnet/SSH 42 SNMP 49 Email 50 Syslog 51 Web/SSL/TLS 54 System Menu--61 Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61 Overview 61 Menu options 62 Option Settings . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
Diagnostics . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79 Overview 79 Diagnostic tests 79 Scheduled UPS self-tests 81 Configuration . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89 Overview 89 Utility Line Settings 90 Alarm Thresholds (Symmetra UPS or Symmetra PX UPS) 91 Shutdown Parameters 92 General Settings 94 Reset UPS Defaults 95 Configure Parallel UPS parameters (Silcon UPS only) 95 network management card USER’S GUIDE Control . . . .
Environment Menu--109 Status Options . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110 Overview 110 Probe status 111 Contact status 111 Output relay status (AP9618 or AP9619) 111 network management card USER’S GUIDE Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109 Overview 109 Environment menu options 109 Settings Options. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .
E-mail Feature . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 126 Overview 126 DNS servers 127 SMTP settings 127 Email Recipients 128 network management card USER’S GUIDE How to Configure Individual Events . . . . . . . . . . . . . . . . . . . . . 131 “Event List” page 131 “Detailed Event Action Configuration” page 131 Data Menu (Web Interface Only)--132 Log Option . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132 Configuration Option . . . . . . .
Creating and Installing Digital Certificates . . . . . . . . . . . . . . . . . 154 Purpose 154 Choosing a method for your system 155 Firewalls . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161 Management Card . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162 Management Card access problems 162 SNMP issues 164 Synchronization problems 164 network management card USER’S GUIDE Troubleshooting--162 Product Information--165 Warranty and Service . . . . .
Introduction Product Description network management card USER’S GUIDE Features The following APC Network Management Cards are web-based management products that use multiple, open standards such as Telnet, HTTP, HTTPS, SSL, TLS, SCP, and SNMP to provide full management of supported devices: • AP9617 Network Management Card EX: The following is a list of some of this Management Card’s features: – Generates system log (Syslog) messages – Allows using a Dynamic Host Configuration Protocol (DHCP) server to p
and an Integrated Environmental Monitor that includes an output relay. network management card USER’S GUIDE Kits are available to upgrade AP9617 to include the features of AP9618 (AP9618U kit) or AP9619 (AP9619U kit). The AP9618U kit can also upgrade an AP9619 Management Card to include the AP9618 analog modem feature.
Network management features Following are some of the network management applications and utilities that can work with a UPS that connects to the network through a Network Management Card. – PowerChute Network Shutdown provides unattended graceful shutdown of computers that are connected serially to the UPS. network management card USER’S GUIDE • APC network management applications: – APC Enterprise Manager provides enterprise-level power management and diagnostics for APC UPS systems.
Internal Management Features The Management Card has two internal interfaces (control console and Web interface) which provide menus with options that allow you to manage the UPS, an environmental monitor (including the Integrated Environmental Monitor at an AP9618 or AP9619 Network Management Card), and the Management Card. The Management Card’s SNMP interface also allows you to use an SNMP browser with the PowerNet MIB to manage the UPS and environmental monitor.
Types of user accounts • An Administrator can use all of the management menus available in the control console and the Web interface. The Administrator’s default User Name and Password are both apc. network management card USER’S GUIDE The Management Card has three levels of access (Administrator, Device Manager, and Read-only User), all of which are protected by user name and password requirements.
Front Panel Introduction network management card USER’S GUIDE The figures below identify the front-panel features of the three versions (AP9617, AP9618, and AP9619) of the Network Management Card. Includes Status LEDs, Reset button, and 10/100Base-T connector.
Output Pwr Zone 1 N O C O M Reset N C + G N 1 NN C 2 DO V 2 C O M N C Probe C O M 10 /100 network management card Smart Slot USER’S GUIDE 10/100Base-T Includes AP9617 features and the Integrated Environmental Monitor’s connections (probe, input contacts, and output relay contacts).
network management card USER’S GUIDE Features AP9618 or AP9619 Description 9-pin connector1 • Output relay (Output): Normally closed (NC), common (COM), and normally open (NO) pins used by the Integrated Environmental Monitor’s output relay at an AP9618 or AP9619 Management Card. • Power (Pwr): Normally-open ground (GND NO) and +12VDC pins.
Status LED Condition Description Off One of the following situations exist: • The Management Card is not receiving input power network management card USER’S GUIDE This LED indicate the Management Card’s status. • The Management Card is starting up. • The Management Card is not operating properly. It may need to be repaired or replaced. Contact APC Worldwide Customer Support. Solid Green The Management Card has valid TCP/IP settings.
Link-RX/TX (10/100) LED Condition Description Off One or more of the following situations exist: • The Management Card is not receiving input power. network management card USER’S GUIDE This LED indicates the network status. • The cable that connects the Management Card to the network is disconnected or defective. • The device that connects the Management Card to the network is turned off or not operating correctly. • The Management Card itself is not operating properly.
Watchdog Features To detect internal problems and recover from unanticipated inputs, the Management Card uses internal, system-wide watchdog mechanisms. When it restarts to recover from an internal problem, a System: Warmstart event is recorded in the Event Log. network management card USER’S GUIDE Overview Network interface watchdog mechanism The Management Card implements internal watchdog mechanisms to protect itself from becoming inaccessible over the network.
To ensure that the Management Card does not restart if the network is quiet for 9.5 minutes, the Management Card attempts to contact the Default Gateway every 4.5 minutes. If the gateway is present, it responds to the Management Card, and that response restarts the 9.5-minute timer. If your application does not require or have a gateway, specify the IP address of a computer that is running on the network most of the time and is on the same subnet. The network traffic of that computer will restart the 9.
Control Console How To Log On network management card USER’S GUIDE Overview You can use either a local (serial) connection, or a remote (Telnet) connection with a computer on the Management Card’s subnet to access the control console. For an AP9618 Network Management Card, you can also use its internal analog modem to access the control console (see Modem (AP9618 control console)).
Local access to the control console 1. Select a serial port at the local computer and disable any service which uses that port. network management card USER’S GUIDE You can use a local computer, a computer that connects to the Management Card through the serial port at the Management Card’s UPS or expansion chassis, to access the control console. 2.
How to Recover from a Lost Password 1. Select a serial port at the local computer and disable any service which uses that port. network management card USER’S GUIDE You can use a local computer, a computer that connects to the Management Card through the serial port at the Management Card’s UPS or expansion chassis, to access the control console. 2.
Main Screen Example main screen network management card The following is an example of the screen that appears when you log on to the control console at an AP9618 or AP9619 Management Card that has the Integrated Environmental Monitor’s output relay enabled (an AP9617 does not have an Integrated Environmental Monitor, so it cannot report status for an output relay). The Relay OK entry in the Environment status line indicates that the output relay is enabled and that no alarm condition exists.
Information and status fields • Two fields identify the APC operating system (AOS) and application (APP) firmware versions. The application firmware uses a name that identifies the type of UPS that the Management Card connects to the network. In the preceding example, the Management Card uses the application firmware for a UPS in the Smart-UPS/Matrix-UPS family, in this case, the Smart-UPS 700. network management card USER’S GUIDE Main screen information fields.
Main screen status fields. • A Stat field reports the Management Card status. network management card USER’S GUIDE Stat : P+ N+ A+ P+ The APC operating system (AOS) is functioning properly. N+ The network is functioning properly. N? A BOOTP request cycle is in progress. N– The Management Card failed to connect to the network. N! Another device is using the Management Card’s IP address. A+ The application is functioning properly. A– The application has a bad checksum.
Control Console Menus The control console dynamically expands to provide options that you use to manage a Management Card, its UPS, and other supported devices. If a device is not present, the control console displays no options for that device. For example: network management card USER’S GUIDE Overview • The control console at a Management Card that connects with an environmental monitor only, does not provide UPS options.
Menu structure Some options access a new menu; other options allow you to change a setting. Menus that allow you to change a setting have an Accept Changes option which you must use before you exit a menu to save the changes you made. network management card USER’S GUIDE The menus in the control console list options by number and name. To use an option, type the option’s number and press ENTER, then follow any onscreen instructions.
Device Manager option This option accesses the Device Manager menu. This menu’s options allow you to select the device that you want to manage: The Environment option is present only when an environmental monitor is present. For an AP9618 or AP9619 Network Management Card, the Environment option accesses the menu options you use to configure the Integrated Environmental Monitor, as well as an external environmental monitor.
System option To do any of the following tasks, see System Menu: • Control Administrator and Device Manager access. (You can control Read Only User access by using only the Web interface.) • Set the Date and Time used by the Management Card. network management card USER’S GUIDE • Define the system Name, Contact, and Location values. • Restart the Management Card. • Reset control console settings to their default values.
Web Interface Introduction network management card USER’S GUIDE Overview The Web interface provides options that you use to manage a Management Card, its UPS, and other supported devices (if a device is not present, the Web interface displays no options for that device). For example: • The Web interface at a Management Card that connects with an environmental monitor only, will not provide UPS options.
Supported Web browsers Data verification, the event log, the data log, and Message Digest 5 (MD5) authentication require that you enable the following for your Web browser: network management card USER’S GUIDE As your browser, you can use Microsoft® Internet Explorer (IE) 5.0 (and higher) or Netscape® 4.0.8 (and higher, except Netscape 6.x) to access the Management Card through its Web interface. Other commonly available browsers also may work but have not been fully tested by APC.
How to Log On You can use a Management Card’s DNS name or System IP address for the URL address of the Web interface. Use your case-sensitive User Name and Password settings to log on. The default user name differs by account type: network management card USER’S GUIDE Overview • apc for an Administrator • device for a Device Manager • readonly for a Read Only User The default password is apc for all three account types.
URL address formats network management card USER’S GUIDE Type the Management Card’s DNS name or IP address in the Web browser’s URL address field and press ENTER. Except when you specify a non-default web server port in Internet Explorer, http:// or https:// is automatically added by the browser. If the error “You are not authorized to view this page” occurs (Internet Explorer only), someone is logged onto the Web interface or control console.
Summary Page Example Web page network management card A navigation menu (see Navigation Menu) and “Summary” page are displayed when you log on to the Web interface at an AP9618 or AP9619 Management Card that has the Integrated Environmental Monitor’s output relay enabled. (An AP9617 has no output relay.) The Relay OK entry in the Environment status line indicates that the output relay is enabled and that no alarm condition exists.
“Summary” page fields The “Summary” page has three sections: • The Environment section reports status information for any connected environmental monitor, including the Integrated Environmental Monitor’s output relay at an AP9618 or AP9619 Network Management Card. network management card USER’S GUIDE • The UPS section reports the status of a connected UPS.
Quick status tab Three types of icons can appear in the quick status tab in the upper-right corner of every Web interface page: network management card USER’S GUIDE • A question mark (?) provides access to the online help for that page: • When a UPS is connected, a battery icon identifies the current status of the UPS and accesses the “Summary” page from any other page: The UPS is switched to bypass mode. The UPS is operating normally. The UPS is turned off. The UPS is overloaded.
• When an environmental monitor is connected, including the Integrated Environmental Monitor at an AP9618 or AP9619, icons will identify any fault conditions: A low-temperature threshold violation exists. network management card USER’S GUIDE A high-temperature threshold violation exists. A high-humidity threshold violation exists. A low-humidity threshold violation exists.
Navigation Menu Overview • The Management Card’s IP address network management card USER’S GUIDE When you log on to the Web interface as an Administrator, the navigation menu (left frame) includes the following elements: • A UPS menu which uses the UPS model for its name (Smart-UPS 700, in the example on Example Web page) • An Environment menu (if an environmental monitor is used) • An Events menu • A Data menu • A Network menu • A System menu When you log on as a Device Manager or Read Only User, the N
Use the menus to perform tasks as follows: • To manage a UPS, and to set up and manage Synchronized Control Groups of Smart-UPS or Symmetra UPSs, see UPS Menu. • To manage an environmental monitor, including the AP9618 or AP9619 Network Management Card’s Integrated Environmental Monitor, see Environment Menu. network management card USER’S GUIDE Selecting a menu to perform a task • To do the following, see Event-Related Menus: – Access the Event Log.
network management card USER’S GUIDE • To do the following, see System Menu. – Control Administrator, Device Manager, and Read Only User access. – Define the system Name, Contact, and Location values. – Set the Date and Time values used by the Management Card. – Restart the Management Card. – Reset control console settings to default settings. – Select Fahrenheit or Celsius for temperature displays. – Define the URL addresses used by the Web interface’s user and APC logo links, as described in Links menu.
Links menu This menu provides three user-definable URL link options. By default, these links access the following APC web pages: • Testdrive Demo accesses a demonstration page where you can use samples of APC web-enabled products network management card USER’S GUIDE • APC’s Web Site accesses the APC home page • APC Monitoring accesses the “APC Remote Monitoring Service” page where you can find more information about monitoring services available from APC at an additional cost.
Network Menu Introduction network management card USER’S GUIDE Overview The Network menu has the options that you use to do the following tasks: • Define TCP/IP settings, including DHCP or BOOTP server settings, when one of those types of servers is used to provide the required TCP/IP values • Use the Ping utility • Define and display settings that affect the Management Card’s settings for DNS, FTP, Telnet, SSH, SNMP, E-mail, Syslog, and the Web interface (SSL/TLS) Only an Administrator has access to the
Menu options Unless noted, the following menu options are available in the control console and Web interface: • TCP/IP • Send DNS Query (Web interface) network management card USER’S GUIDE • DNS • Ping utility (control console) • FTP Server • Telnet/SSH • SNMP • Email • Syslog • Web/SSL/TLS ® 36
Option Settings TCP/IP • A Boot mode setting selects the method used to define the TCP/IP values that a Management Card needs to operate on the network: network management card USER’S GUIDE This option accesses the following settings: – System IP: The IP address of the Management Card – Subnet Mask: The subnet mask value – Default Gateway: The IP address of the default gateway For information about the watchdog role the default gateway plays, see Resetting the network timer; for information about how to
Boot mode setting. This setting selects which method will be used to define the Management Card’s TCP/IP settings whenever the Management Card turns on, resets, or restarts: • BOOTP only: A BOOTP server provides the TCP/IP settings. network management card USER’S GUIDE • Manual: Three settings (System IP, Subnet Mask, and Default Gateway) which are only available when Manual is used to define the needed TCP/IP settings. • DHCP only: A DHCP server provides the TCP/IP settings.
Advanced settings. The boot mode affects which settings are available: • Two settings are available for all Boot mode selections to define the Management Card’s Host Name and Domain Name values.
DNS See E-mail Feature and DNS servers. network management card USER’S GUIDE Use this option to define the IP addresses of the primary and secondary Domain Name Servers (DNS) used by the Management Card’s e-mail feature. Send DNS Query (Web interface). Use this option, available only through the DNS menu in the Web interface, to send a DNS query that tests the setup of your DNS servers.
Ping utility (control console) By default, the default gateway IP address (see TCP/IP) is used. However, you can use the IP address of any device known to be running on the network. network management card USER’S GUIDE Select this option, available only in the control console, to check the Management Card’s network connection by testing whether a defined IP address responds to the Ping network utility. FTP Server Use the Access setting to enable or disable the FTP server.
See also To use FTP to download configuration files, see the Management Card Addendum (./doc/addendum.pdf) on the APC Network Management Card utility CD. Use the Telnet/SSH option to perform the following tasks: network management card USER’S GUIDE Telnet/SSH • Enable or disable Telnet or the Secure SHell (SSH) protocol for remote control console access. – While SSH is enabled, you cannot use Telnet to access the control console. – Enabling SSH enables SCP automatically.
If you do not specify a host key file, the Network Management Card generates an RSA host key of 768 bits, instead of the 1024-bit RSA host key that the Wizard creates. The Management Card can take up to 5 minutes to create this host key, and SSH is not accessible during that time. network management card USER’S GUIDE From a command line interface, such as the command prompt on Windows operating systems, you can use FTP or Secure CoPy (SCP) to transfer the host key file.
Option Description Telnet/SSH Network Configuration Enables or disables the access method selected in Protocol Mode. NOTE: Enabling SSH automatically disables Telnet. To enable SSH, change the setting and then click Next>> in the Web interface or choose Accept Changes in the control console.
Option Description Telnet/SSH Port Configuration Identifies the TCP/IP port used for communications by Telnet with the Management Card. The default is 23. You can change the Port setting to the number of any unused port between 5000 and 32768 to enhance the protection provided by User Name and Password settings. Then, according to the requirements of your Telnet client program, you must use either a colon (:) or a space in the command line to specify the non-default port number.
Option Description SSH Server Configuration SSHv1 Encryption Algorithms Enables or disables DES, and displays the status (always enabled) of Blowfish, two encryption algorithms (block ciphers) compatible with SSH, version 1, clients. network management card USER’S GUIDE • DES: The key length is 56 bits. • Blowfish: The key length is 128 bits. You cannot disable this algorithm. NOTE: Not all SSH clients can use every algorithm. If your SSH client cannot use Blowfish, you must also enable DES.
Option Description SSH User Host Key File The Status field Indicates the status of the host key (private key). In the control console, you display host key status by selecting Advanced SSH Configuration. • SSH Disabled: No host key in use: No host key has been transferred to the Management Card or a host key has been transferred improperly.
Option Description network management card USER’S GUIDE SSH Host Key Fingerprint SSH v1: Displays the SSH version 1 fingerprint for the host key. The fingerprint is a unique identifier to further authenticate the host key. In the control console, choose Advanced SSH Configuration and then Host Key Information to display the fingerprint. SSH v2: Displays the SSH version 2 fingerprint for the host key. The fingerprint is a unique identifier to further authenticate the host key.
SNMP To define up to four NMSs that will serve as trap receivers, see Trap Receivers; to use SNMP to manage a UPS or an environmental monitor, see the PowerNet® SNMP Management Information Base (MIB) Reference Guide (.\doc\mibguide.pdf) on the APC Network Management Card utility CD. network management card USER’S GUIDE An Access option (Settings in the control console) enables (by default) or disables SNMP.
Email You use this option to define two SMTP settings (SMTP Server and From Address) used by the Management Card’s e-mail feature. network management card USER’S GUIDE See SMTP settings and E-mail Feature.
Syslog network management card USER’S GUIDE By default, the Management Card can send messages to up to four Syslog servers whenever Management Card, environmental monitor, or UPS events occur. The Syslog servers, which must be specifically identified by their IP addresses, record the events in a log that provides a centralized record of events that occur at network devices. This user’s guide does not describe Syslog or its configuration values in detail.
Setting Definition Syslog Server Settings Uses specific IP addresses to Identify which of up to four servers will receive Syslog messages sent by the Management Card. NOTE: To use the Syslog feature, at least Server IP must be defined for at least one server. network management card USER’S GUIDE Server IP Port Identifies the user datagram protocol (UDP) port that the Management Card will use to send Syslog messages. The default is 514, the number of the UDP port assigned to Syslog.
Syslog test (Web interface). This option allows you to send a test message to the Syslog servers configured in the Syslog Server section. 1. Select the Priority you want to assign to the test message. 3. Click Apply to have the Management Card send a Syslog message that uses the defined Priority and Test Message settings. network management card USER’S GUIDE 2. Define the Test Message using any text that meets the format described in Syslog message format below.
Web/SSL/TLS Use the Web/SSL/TLS menu to perform the following tasks. – Hypertext Transfer Protocol (HTTP) provides access by user name and password, but does not encrypt user names, passwords, and data during transmission. network management card USER’S GUIDE • Enable or disable the two protocols that provide access to the Web interface of the Network Management Card: – Hypertext Transfer Protocol over Secure Socket Layer (HTTPS).
network management card USER’S GUIDE Creating and uploading a server certificate in advance reduces the time required to enable HTTPS (SSL/TLS). If no server certificate is loaded when you enable HTTPS (SSL/ TLS), the Management Card creates one when it reboots. The Management Card can take up to 5 minutes to create this certificate, and the SSL/TLS server is not available during that time. • Display the configured parameters of a digital server certificate, if one is installed.
Option Description HTTP/HTTPS Port Configuration Identifies the TCP/IP port used for communications by HTTP with the Management Card. The default is 80. You can change the Port setting to the number of any unused port between 5000 and 32768 to enhance the protection provided by User Name and Password settings. network management card USER’S GUIDE HTTP Port You must then use a colon (:) in the command line to specify the nondefault port number.
Option Description SSL/TSL Server Configuration Enables or disables the following SSL encryption ciphers and hash algorithms. (To access these options in the control console, choose Web/SSL/TLS, then Advanced SSL/TLS Configuration.) NOTE: All of these encryption ciphers and hash algorithms use the RSA public key algorithm. network management card USER’S GUIDE CipherSuite • DES (SSL_RSA_WITH_DES_CBC_SHA): a block cipher with a key length of 56 bits.
Option Description SSL/TLS Server Certificate Status: The Status field indicates whether a server certificate is installed. (To display the status in the control console, choose Web/SSL/TLS, then Advanced SSL/TLS Configuration.) network management card USER’S GUIDE • Not installed: No certificate is installed on the Management Card. NOTE:If you install a certificate by using FTP or SCP, you must specify the correct location (/sec) on the Management Card.
Parameter Description Current Certificate Details network management card USER’S GUIDE Issued to: Common Name (CN): The IP Address or DNS name of the Management Card, except if the server certificate was generated by default by the Management Card. For a default server certificate, the Common Name (CN) field displays the Management Card’s serial number.
Description Fingerprints Each of the two fingerprints is a long string of alphanumeric characters punctuated by colons. A fingerprint is a unique identifier that you can use to further authenticate the server. Record the fingerprints to compare with the fingerprints contained in the certificate, as displayed in the browser. SHA1 Fingerprint: This fingerprint is created by a Secure Hash Algorithm (SHA).
System Menu Introduction network management card USER’S GUIDE Overview The System menu has the options that you use to do the following tasks: • Configure system identification, date and time settings, and access parameters for the Administrator, Device Manager, and Read Only User accounts. • Synchronize the Management Card’s real-time clock with a Network Time Protocol (NTP) server. • Download configuration files. • Reset or restart the Management Card.
Menu options Unless noted, the following menu options are available in the control console and Web interface: • User Manager • Date & Time network management card USER’S GUIDE • Identification • Tools • Modem (AP9618 control console) • Preferences (Web interface) • Links (Web interface) • About System About System is an option of the Help menu in the Web interface.
Option Settings Use this option to define the access values shared by the control console and the Web interface, and the authentication used to access the Web interface.
Setting Definition network management card USER’S GUIDE Values affecting all users Auto Logout The number of minutes (3 by default) before a user is automatically logged off because of inactivity. Authentication The Basic setting (default) causes the Web interface to use standard HTTP 1.1 login (base64-encoded passwords); MD5 causes the Web interface to use an MD5-based authentication login. NOTE: Cookies must be enabled at a browser before it can be used with MD5 authentication.
Identification For more information about the MIB-II OIDs, see the PowerNet® SNMP Management Information Base (MIB) Reference Guide (./doc/mibguide.pdf) provided on the APC Network Management Card utility CD. network management card USER’S GUIDE Use this option to define the System Name, Location, and Contact values used by the Management Card’s SNMP agent. The option’s settings provide the values used for the MIB-II sysName, sysContact, and sysLocation Object Identifications (OIDs).
Date & Time Set Manually. Use this option in the Web interface, or Manual in the control console, to define the date and time for the Management Card. network management card USER’S GUIDE Use this option to set the time and date used by the Management Card. The option displays the current settings, and allows you to change those settings manually, or through a Network Time Protocol (NTP) Server.
Tools network management card USER’S GUIDE Use this option to restart the Management Card or to reset some or all of its configuration settings to their original, default values. Action Definition Reboot Card Restarts the Management Card. Reset Card to Defaults Resets all configuration settings. NOTE: For information about how this affects the Boot mode setting, see this table’s description of Reset Only TCP/IP to Defaults.
Preferences (Web interface) Use this option to define whether temperature values are displayed as Fahrenheit or Celsius in the Web interface and the control console. Use this option to modify the links to APC Web pages. network management card USER’S GUIDE Links (Web interface) Setting Definition User Links Name Defines the link names that appear in the Links menu (by default, APC’s Web Site, Testdrive Demo, and APC Monitoring). URL Defines the URL addresses used by the links.
Modem (AP9618 control console) network management card USER’S GUIDE Use this option, which is available in the AP9618 Network Management Card’s control console only, to configure dial-in access to the control console using the Management Card’s internal analog modem. Setting Definition Console Dial-In Enables (by default) or disables dial-in access to the control console through the analog modem.
About System The hardware information will never change. For example, if you use an AP9168U upgrade kit to convert an AP9617 Network Management Card EX to an AP9618 Network Management Card EM/MDM, the About System option still reports AP9617 for that Management Card’s model number. network management card USER’S GUIDE This option identifies hardware information for the Management Card, including Model Number, Serial Number, Manufacture Date, Hardware Revision, MAC Address, and Flash Type.
UPS Menu Introduction network management card USER’S GUIDE Overview In the Web interface, the UPS menu is in the navigation menu; in the control console, you access the UPS menu through the Device Manager option in the Control Console menu. The menu is named with the model name of the UPS you are using. UPS menu options The UPS menu options and the information they provide vary by UPS model.
UPS Status Overview • Detailed UPS Status network management card USER’S GUIDE The Status options provide access to the information described in the following sections: • Utility Power Status • Output Power Status • Fault Tolerance (Symmetra or Symmetra PX UPS) • Battery Status For a Silcon UPS, the “Status of UPS” page in the Web interface includes the View the refreshing status page hyperlink described in Configure Parallel UPS parameters (Silcon UPS only).
Detailed UPS Status In the Web interface, use the Status option in the UPS menu to access the following UPS status information; in the control console, this status information is listed above the UPS menu. For a list of the UPS events that can be reported as part of the UPS status, see “Event List” page. network management card USER’S GUIDE • The current status of the UPS.
Utility Power Status A 3-phase UPS (Symmetra PX UPS or Silcon UPS) identifies the values for all three phases. network management card USER’S GUIDE Footnotes indicate which utility-power fields are shared by which UPS models. (If no footnote is used, all UPS models report that value.) Status Field Definition Bypass Input Voltage1 The AC voltage (VAC) used when the UPS is in bypass mode. Input Current1 The current, in Amps, supplied by the input voltage.
Output Power Status The Smart-UPS product line has a wide variety of models. If a status field is listed for Smart-UPS in the table, it may be supported on only some Smart-UPS models. network management card USER’S GUIDE Footnotes to indicate which output-power fields are shared by which UPS models. Only the status field Output Voltage is shared by all UPS models. A 3-phase UPS (Symmetra PX UPS or Silcon UPS) identifies the values for all three phases.
USER’S GUIDE network management card ® Status Field Definition Load Current1, 2 or Output Current3 The current, in Amps, supplied to the load. Load Power1, 2 The UPS load as a percentage of available Watts. Apparent Load Power1, 2 The UPS load as a percentage of available VA. Output Frequency 4 The frequency, in Hz, used by the output voltage. In the control console for Smart-UPS or Matrix-UPS, the Operating Frequency field reports the frequency value shared by the input and output voltages.
Fault Tolerance (Symmetra or Symmetra PX UPS) network management card USER’S GUIDE In the control console, use the Detailed UPS Information option to access the fault tolerance status. Status Field Definition Present KVA Capacity The maximum load that the Symmetra can support. Redundancy The number of power modules which can fail or be removed without causing the Symmetra to switch to bypass.
Battery Status network management card USER’S GUIDE Footnotes indicate which output-power fields are shared by which UPS models. Only the status field Runtime Remaining is shared by all UPS models. ® Status Field Definition Battery Capacity 1 How much of the UPS battery capacity is available to support the attached equipment. Battery Current2 The current being output from the battery. Battery Voltage3, Actual Battery Voltage2, or Actual Battery Bus Voltage4 The available DC power.
Diagnostics Overview • Options which cause a specified test to occur immediately network management card USER’S GUIDE There are two types of diagnostics options you can use with all UPS models except a Silcon UPS, which has no diagnostic options: • A scheduling option which controls when a UPS self-test occurs Diagnostic tests In the Web interface, use the Diagnostics option of the UPS menu to perform diagnostic tests or to view the results of the last self-test or runtime calibration.
Smart-UPS, Matrix-UPS, or Symmetra UPS. You can use diagnostics options to perform the following tests. For the results of the last self-test and last runtime calibration: • In the control console, use the option Detailed Status (Smart-UPS or Matrix-UPS models) or Detailed UPS Information (Symmetra or Silcon UPS models). network management card USER’S GUIDE • In the Web interface, use the “Diagnostics” page. Test Definition Self-Test Perform a self-test of the UPS.
Symmetra PX UPS. Use buttons on the “Diagnostics” page in the Web interface to perform self-tests (Tests...) or runtime calibrations (Calibrate...). network management card USER’S GUIDE For the results of the last self-test and last runtime calibration, and the status of intelligence modules, power modules, batteries, and the communication bus and subsystems: • In the Web interface, use the “Diagnostics” page. • In the control console, use the Detailed UPS Information option.
Control Initiating a UPS Control option You can initiate a UPS Control option in either of these ways: – In the Web interface, select No for Apply to Sync Group? network management card USER’S GUIDE • For the UPS of the initiating Management Card only.
The synchronization process . If you apply an action to the Synchronization Control Group, the UPSs with management cards that are enabled group members behave as follows: • The action uses the delay periods (such as Shutdown Delay, Sleep Time, and Return Delay) that are configured for the initiating UPS. network management card USER’S GUIDE • Each UPS receives the command regardless of its output status, even if it is in a low-battery state.
Actions (for a single UPS and Synchronized Control Groups). You can use the actions described in the table on the next several pages for individual UPSs and for Synchronized Control Groups, within these guidelines: – These actions are available for Synchronized Control Groups of Symmetra UPS or Smart-UPS models. network management card USER’S GUIDE • All actions except Put UPS in Bypass and Take UPS Off Bypass: – These actions are available for all individual APC UPSs except Silcon UPS models.
network management card USER’S GUIDE . Action Definition Turn UPS On (control console) This action turns on power at the UPS. For a Synchronized Control Group, after a delay of a few seconds, the action turns on all enabled group members that have input power. Turn UPS Off This action turns off power immediately at the UPS, without a shutdown delay, and the UPS remains off until you turn on its power again.
network management card USER’S GUIDE Action Definition Reboot UPS This option restarts the attached equipment by doing the following: • Turns off power at the UPS after the Shutdown Delay • Turns on power at the UPS after the UPS battery capacity returns to at least the percentage configured for Return Battery Capacity and the UPS waits the time specified as Return Delay.
network management card USER’S GUIDE Action Definition Put UPS To Sleep This option puts the UPS into sleep mode by turning off its output power for a defined period of time, as follows: • The UPS turns off output power after waiting the time configured as its Shutdown Delay. • When input power returns, the UPS turns on output power after two configured periods of time: its Sleep Time and Return Delay.
Control options for Silcon UPS. By default, no control options are available for Silcon UPS. network management card USER’S GUIDE To use control options for a Silcon UPS, you must enable the Accept Remote Turn Off Commands option, available only in the control console’s UPS Control menu and only when you use a local, serial connection to access the control console. To use a serial connection, see Local access to the control console.
Configuration Overview • Utility Line Settings network management card USER’S GUIDE The UPS menu’s Configuration option provides access to the configurable parameters described in the following sections: • Alarm Thresholds (Symmetra UPS or Symmetra PX UPS) • Shutdown Parameters • General Settings • Reset UPS Defaults • Configure Parallel UPS parameters (Silcon UPS only) ® 89
Utility Line Settings Smart-UPS or Matrix-UPS. Not all Utility Line settings are available for all Smart-UPS and Matrix-UPS models, and each setting’s selections can differ by UPS model. network management card USER’S GUIDE This Configuration menu option is available to all UPS models except a Silcon UPS. The available settings differ based on the UPS model. Setting Definition Output Voltage The nominal AC voltage level for the UPS output.
network management card USER’S GUIDE Symmetra or Symmetra PX UPS. The following table describes the Utility Line settings for a Symmetra UPS. A Symmetra PX UPS uses only the settings Output Frequency Range and If UPS fails. Setting Definition Output Voltage Defines the nominal AC voltage level for the UPS output. Vout Reporting Defines how the UPS scales its output voltage readings. Output Frequency Range Defines the nominal value for the frequency used by the output voltage.
Shutdown Parameters In the control console, use the Battery option in the Configuration menu to access the Return Battery Capacity setting. network management card USER’S GUIDE All of the following settings are available with Smart-UPS, Matrix-UPS, Symmetra UPS, and Symmetra PX UPS models. A Silcon UPS uses only the Low-Battery Duration, Maximum Shutdown Time, and Shutdown Delay settings (under Shutdown Behavior Settings).
Action Definition Return Delay Defines how long the UPS waits before it turns on after a shutdown that was caused by a power failure. NOTE: The UPS must also have the capacity specified by the Return Battery Capacity setting before it can turn on. network management card USER’S GUIDE Sleep Time Defines how long the UPS sleeps (keeps its output power turned off) when you use either of the Control menu’s sleep options (Put UPS To Sleep or Put UPS To Sleep Gracefully).
General Settings In the control console, use the Battery option in the Configuration menu to access the Last Battery Replacement and External Batteries settings. network management card USER’S GUIDE Four General Settings are available for Smart-UPS. The first two settings (UPS Name and Last Battery Replacement) are available for all other UPS models. Setting Definition UPS Name Defines the name of the UPS. Last Battery Replacement Defines the date of the most recent UPS battery replacement.
Reset UPS Defaults This option resets the UPS to use the default EEPROM values. network management card USER’S GUIDE Caution Before you use this option, make sure that resetting the EEPROM values will not adversely affect the load equipment or any shutdown sequence.
Module Status (Symmetra UPS or Symmetra PX UPS) Menu options Symmetra UPS and Symmetra PX UPS models have the following options in the UPS menu of the control console: network management card USER’S GUIDE Symmetra UPS models have a Module Status option in the Web interface that provides status information about the modules used at that UPS. • Module Diagnostics & Information provides module status. • Raw Status Data provides diagnostic information about the modules.
PowerChute (UPS PowerChute Network Shutdown) The PowerChute option of the UPS menu in the Web interface allows you to use the APC PowerChute Network Shutdown utility to shut down as many as 50 servers on your network that are using any client version of PowerChute Network Shutdown. network management card USER’S GUIDE Overview For more information about PowerChute Network Shutdown, see the PowerChute Network Shutdown Installation Guide (Install.
Parameter Definition Maximum Shutdown Time Defines the maximum time that the UPS at a PowerChute Network Shutdown client waits before it shuts down in response to a graceful turn-off command. NOTE: For information about this shutdown delay is determined, see Maximum-Shutdown-Time negotiation.
Maximum-Shutdown-Time negotiation For information about the Turn UPS Off Gracefully, Reboot UPS Gracefully, and Put UPS To Sleep Gracefully options that use this delay, see Control. network management card USER’S GUIDE The Maximum Shutdown Time setting provides the delay needed to make sure that a server has enough time to shut down safely when the Management Card or PowerChute Network Shutdown client initiates a graceful shutdown at that server.
network management card USER’S GUIDE At the end of the negotiation process. two minutes time period is added to the calculated total for Maximum Shutdown Time to allow for any unusual delays that might occur in notifying servers to shut down. See also For a flowchart of the negotiation process, see the PCNS Maximum Shutdown Time Negotiation.pdf file provided in the .\trouble\ directory on the APC Network Management Card utility CD. The .
Scheduling (UPS Shutdown) You can schedule shutdowns on a daily, weekly or one-time basis, and you can schedule them for a single UPS or for all UPSs in a Synchronized Control Group.
Examples network management card The following web page provides examples of Daily, Weekly, and OneTime shutdowns that were scheduled using the Scheduling option, which is available in the Web interface only.
How to schedule a shutdown 2. Use Shutdown to define when the shutdown will begin. network management card USER’S GUIDE Click the Daily, Weekly, or One-Time option to choose the type of shutdown, and then use the following fields: 1. Use Name of Scheduled Shutdown to define a name for the shutdown. 3. Use Turn back on to define whether the UPS will turn on at a specific day and time, Never (the UPS will be turned on manually), or Immediately (the UPS will turn on after a six-minute delay). 4.
How to schedule a synchronized shutdown To use the Network Management Card’s Web interface to schedule shutdowns within a Synchronized Control Group, always schedule all shutdowns through the same member of the group. network management card USER’S GUIDE The following guidelines apply to Synchronized Control Groups: • All UPSs in a Synchronized Control Group must be the same model. • Synchronized Control Groups are supported for most UPS models of the Smart-UPS and Symmetra UPS product lines.
How to edit, disable, or delete a shutdown • View a summary of the shutdown, including information about the values for settings that can affect how the UPS shuts down and turns on again: network management card USER’S GUIDE Click a listed shutdown to display the “Daily Shutdown Detail” page.
Sync Control The Sync Control option of the UPS menu displays the status of each member of the Synchronized Control Group, if any, in which this Management Card is a member and the parameters necessary for this Management Card to be identified and operate as a member of the group. network management card USER’S GUIDE Overview The following guidelines apply to Synchronized Control Groups: • All UPSs in a Synchronized Control Group must be the same model.
network management card USER’S GUIDE Configure Synchronized Control Parameter Description Synchronized Group Membership Determines whether this Synchronized Control Group member is an active member of its group. If you set this value to Disabled (the default value), the Management Card ignores all Synchronized Control Group commands, and its UPS functions as if it were not a member of any Synchronized Control Group.
Description Multicast IP Address The IP address used by members of a Synchronized Control Group to communicate with each other. This address must be within the range of 224.0.0.3 to 224.0.0.254. All members of the Synchronized Control Group must have the same group number and multicast IP address.
Environment Menu Introduction network management card USER’S GUIDE Overview Use the Environment menu in the Web interface or control console to manage an external environmental monitor or the Integrated Environmental Monitor of an AP9618 or AP9619 Network Management Card. (In the control console, the Environment menu is an option of the Device Manager menu.
Status Options The “Summary Page” of the Web interface displays basic status information about the environmental monitor thresholds and contacts and about the Integrated Environmental Monitor’s output relay at an AP9618 or AP9619 Network Management Card. Use the Status option in the Environment menu to access detailed status about these environmental monitor components, including how the current humidity and temperature readings relate to their high and low thresholds.
Probe status The Web interface uses Temperature and Humidity graphs to identify whether the reported value exceeds a low (blue) or high (red) threshold for each of the identified probes: • Up to three probes at an AP9618 or AP9619, Network Management Card with the Integrated Environmental Monitor probe listed last network management card USER’S GUIDE • Up to two probes at an AP9617 Network Management Card In the control console, the status options in the Environmental Monitor Settings menus report the h
Settings Options Probe settings • Setting fields that define a name (16-character maximum) and high and low temperature and humidity thresholds, for each probe network management card USER’S GUIDE In the Web interface, use the Probes option in the Environment menu to access the following fields: • Event Generation fields that enable or disable the generation of an event when a selected threshold violation occurs.
Output relay settings (AP9618 or AP9619) To access the following settings: • In the control console, use the Output Relay Settings option in the Integrated Environmental Monitor menu. network management card USER’S GUIDE • In the Web interface, use the Output Relay option in the Environment menu. Setting Definition Output Relay (Web interface) Defines a description of the output relay’s purpose (16-character maximum).
Event-Related Menus Introduction network management card USER’S GUIDE Overview Use the options of the Events menu to do the following tasks: • Access the Event Log. • Define the actions to be taken when an event occurs, based on the severity level of that event. (You must use the Web interface to define which events will use which actions.
Menu options To access the event-related options: • In the Web interface, use the Events menu.
Event Log The Management Card supports event logging for all UPS application firmware modules. You can record and view UPS, environmental monitor, and Management Card events.
Logged events By default, the following events are logged: • Any event that causes an SNMP trap, except for SNMP authentication failures. network management card USER’S GUIDE • The Management Card’s abnormal internal system events To disable the logging of events based on their assigned severity level, use the Actions option in the Web interface’s Events menu. See Event Actions (Web Interface Only).
Control console While viewing the log, type d and press ENTER to clear all events from the log. network management card USER’S GUIDE In the control console, press CTRL-L to display up to 300 events from the event log, in reverse chronological order. Use the SPACE BAR to scroll through the recorded events. Deleted events cannot be retrieved.
If you are using the encryption-based security protocols for your system, use Secure CoPy (SCP) to retrieve the log file. (You should have FTP disabled.) See Security for information on the available protocols and methods for setting up the type of security appropriate for your needs. network management card USER’S GUIDE If you are using unencrypted authentication methods for the security of your system, use FTP to retrieve the log file. To use SCP to retrieve the files.
network management card USER’S GUIDE 2. Use the case-sensitive User Name and Password for either an Administrator or a Device Manager user to log on. – For Administrator, apc is the default for User Name and Password. – For Device Manager, device is the default for User Name, and apc is the default for Password. 3. Use the get command to transmit the text-version of the event log or data log to your local drive. ftp>get event.txt or ftp>get data.txt 4.
Event Actions (Web Interface Only) Overview Use the Actions option in the Events menu to do the following: – Event Log selects which severity levels cause an event to be recorded in the event log. network management card USER’S GUIDE • Select which actions will occur for events that have a severity level: See Event Log action. – Syslog selects which severity levels cause messages to be sent to Syslog servers to log events. See Syslog action.
Severity levels Except for some system (Management Card) events that do not have a severity level, events are assigned a default severity level. • Warning: Indicates an event that may need to be addressed if the condition continues, but which does not require immediate attention. network management card USER’S GUIDE • Informational: Indicates an event that requires no action, such as a notification of a return from an abnormal condition. • Severe: Indicates an event that requires immediate attention.
Syslog action See Syslog. network management card USER’S GUIDE By default, the Syslog action is enabled for all events that have a severity level. However, before you can use this feature to send Syslog messages when events occur, you must configure it. SNMP Traps action By default, the SNMP Traps action is enabled for all events that have a severity level. However, before you can use SNMP traps for event notifications, you must identify the NMSs (by their IP addresses) that will receive the traps.
Event Recipients You can use the Web interface or control console to define the trap receivers and up to four e-mail addresses to be used when an event occurs that has SNMP traps or e-mail enabled, as described in Event Actions (Web Interface Only). network management card USER’S GUIDE Overview To identify the servers that will receive Syslog messages, see Syslog.
Trap Receivers network management card USER’S GUIDE To define the Trap Receiver settings that determine which NMSs will receive traps: • In the Web interface, use the Recipients option in the Events menu. • In the control console, use the SNMP option in the Network menu. Item Definition Community Name The password (maximum of 15 characters) used when traps are sent to the NMS identified by the Receiver NMS IP setting. Receiver NMS IP The IP address of the NMS that will receive traps.
E-mail Feature Overview To use the e-mail feature, you must define the following settings: network management card USER’S GUIDE Use the Simple Mail Transfer Protocol (SMTP) to send e-mail to up to four recipients when an event occurs. • The IP addresses of the primary and secondary Domain Name Service (DNS) servers See DNS servers. • The DNS name of the SMTP Server and the From Address settings for SMTP See SMTP settings. • The e-mail addresses for a maximum of four recipients See Email Recipients.
DNS servers The Management Card cannot send any e-mail messages unless at least the IP address of the primary DNS server is defined. network management card USER’S GUIDE See DNS. The Management Card will wait a maximum of 15 seconds for a response from the primary DNS server or the secondary DNS server (if a secondary DNS server is specified). If the Management Card does not receive a response within that time, e-mail cannot be sent.
Email Recipients In the control console, use the Email option in the Network Menu, to access the e-mail recipient settings. network management card USER’S GUIDE In the Web interface, use the Recipients option in the Events menu or the Configure the Email recipients link in the “Email Configuration” page to identify up to four e-mail recipients. Use the Email Test option to send a test message to a configured recipient.
Setting Description To Address† Defines the user and domain names of the recipient. To use e-mail for paging, use the e-mail address for that recipient’s pager gateway account (for example, myacct100@skytel.com). The pager gateway will generate the page. network management card USER’S GUIDE NOTE: The recipient’s pager must be able to use text-based messaging.
Setting Description Format Selects the format used for e-mail messages: Short: Identifies only the event that occurred. For example: Long: Includes information about the Management Card and the UPS, as well as the event. For example: network management card USER’S GUIDE UPS: Communications Established Name : Test Lab Location : Building 3 Contact : Don Adams http://139.225.6.
How to Configure Individual Events The Actions option in the Events menu opens the “Event Actions Configuration” page. Use the Details button in this page for a complete list of the Management Card (System), UPS, and environmental monitor (Environment) events that can be reported by your Management Card. network management card USER’S GUIDE “Event List” page Each event is identified by its unique code, its description, and its assigned severity level, as shown in the following examples.
Data Menu (Web Interface Only) Use this option to access a log that stores information about the UPS, the power input to that UPS, and the ambient temperature and relative humidity measured by an environmental monitor’s probes. network management card USER’S GUIDE Log Option Use the Data menu’s Configuration option to define how frequently data is sampled and stored in the data log. Each entry is listed by the date and time the data was recorded, and provides the data in a column format.
Configuration Option The minimum interval is 60 seconds; the maximum interval is 8 hours, 10 minutes, 15 seconds. network management card USER’S GUIDE Use this option to access the “Data Log Configuration” page. which reports how much data can be stored in the data log. If you change the Log Interval setting, which defines how often data will be sampled and recorded in the data log, the report updates based on the new setting.
Boot Mode Introduction network management card USER’S GUIDE Overview In addition to using a BOOTP server or manual settings, the Network Management Card can use a dynamic host configuration protocol (DHCP) server to provide the settings the Management Card needs to operate on a TCP/IP network. To use a DHCP server to provide the Management Card’s network settings, use Boot mode, a TCP/IP option in the Network menu. Boot mode must be set to either DHCP & BOOTP, its default setting, or DHCP only.
DHCP & BOOTP boot process 1. The Management Card makes up to five requests for its network assignment from any BOOTP server. If a valid BOOTP response is received, the Management Card starts the network services and sets Boot mode to BOOTP Only. network management card USER’S GUIDE When Boot mode is set to its default DHCP & BOOTP setting, the following occurs when the Management Card is turned on or reset: 2.
network management card USER’S GUIDE If a DHCP server responds with an invalid offer (for example, the offer does not contain the APC Cookie), the Management Card accepts the lease from that server on the last request of the sequence and then immediately releases that lease. This prevents the DHCP server from reserving the IP Address associated with its invalid offer. For more information on what a valid response requires, see DHCP response options.
DHCP Configuration Settings Use the TCP/IP option in the Network menu of either the Web interface or the control console to configure the network settings of the Management Card. network management card USER’S GUIDE Management Card settings • The Port Speed, Host Name, and Domain Name settings are available for any Boot mode selection • The Vendor Class, Client ID, and User Class settings are available for any Boot mode selection except Manual. See Advanced settings.
When Boot mode is set to DHCP & BOOTP, two options are available: • DHCP Cookie Is in the control console (or Require vendor specific cookie to accept DHCP Address in the Web interface): By default, this option requires that the DHCP responses include the APC cookie in order to be valid.
DHCP response options A Management Card uses the Vendor Specific Information option (option 43) in a DHCP response to determine whether the DHCP response is valid. network management card USER’S GUIDE Each valid DHCP response contains options that provide the TCP/IP settings a Management Card needs to operate on a network and other information that affects the Management Card’s operation. Vendor Specific Information (option 43).
Boot Mode Transition. Tag 2, Len 1, Data 1/2 • A data value of 1 disables the After IP Assignment option. The Boot mode option remains as DHCP & BOOTP after network values are assigned successfully. Whenever the Management Card reboots, it will request its network assignment first from a BOOTP server, and then, if necessary, from a DHCP server.
TCP/IP options. A Management Card uses the following options within a valid DHCP response to define its TCP/IP settings: • IP Address (from the yiaddr field of the DHCP response): The IP address that the DHCP server is leasing to the Management Card. • Default Gateway (option 3): The default gateway address, which the Management Card needs to operate on the network.
Other options. A Management Card uses the following options within a valid DHCP response to define NTP, DNS, hostname and domain name settings: • NTP Time Offset (option 2): The offset of the Management Card's subnet, in seconds, from Coordinated Universal Time (UTC), formerly Greenwich Mean Time (GMT). network management card USER’S GUIDE • NTP Server, Primary and Secondary (option 42): Up to two NTP servers that can be used by the Management Card.
Security Security Features network management card USER’S GUIDE Planning and implementing security features As a network device that passes information across the network, the Network Management Card is subject to the same exposure as other devices on the network. Use the information in this section to plan and implement the security features appropriate for your environment. Summary of access methods Serial control console. Security Access Access is by user name and password.
SNMP. Security Access Available methods: • Community Name • Agent Enable/Disable network management card USER’S GUIDE • NMS IP filters • 4 access communities with read/write/disable capability Description The NMS IP filters allow access from designated IP addresses. • 159.215.12.1 allows only the NMS with that IP address to have access. • 159.215.12.255 allows access for any NMS on the 159.215.12 segment. • 159.215.255.255 allows access for any NMS on the 159.215 segment. • 159.255.255.
Web Server. Security Access Available methods: • User name and password • Server Enable/Disable network management card USER’S GUIDE • Selectable server port • MD5 authentication • Secure Socket Layer (SSL) and Transport Layer Security (TLS) Description In basic HTTP authentication mode, the user name and password are transmitted base-64 encoded (with no encryption). MD5 authentication mode uses a user name and password phrase.
All user names, passwords, and community names for SNMP are transferred over the network as plain text. A user who is capable of monitoring the network traffic can determine the user names and passwords required to log in to the accounts of the control console or Web interface of the Network Management Card. If your network requires the higher security of the encryption-based options available for the control console and Web interface, be sure to disable SNMP access or set its access to read-only.
Authentication You can select to use security features for the Network Management Card that control access by providing basic authentication through user names, passwords, and IP addresses, without using encryption. These basic security features are sufficient for most environments in which sensitive data are not being transferred.
MD5 authentication (for the Web interface) • The Web server requests a user name and a password phrase (distinct from the password). The user name and password phrase are not transmitted over the network, as they are in basic authentication. Instead, a Java login applet combines the user name, password phrase, and a unique session challenge number to calculate an MD5 hash number.
You can use MD5 and the encryption-based SSL/TSL security protocols together. See Secure Socket Layer (SSL)/ Transport Layer Security (TLS) for an example of the extra security benefits of using both. network management card USER’S GUIDE For additional information on MD5 authentication, see RFC document #1321 at http://www.ietf.org, the Web site of the Internet Engineering Task Force. For CHAP, see RFC document #1994.
Encryption The Secure SHell (SSH) protocol provides a secure mechanism to access computer consoles or shells remotely. The protocol authenticates the server (in this case, the Network Management Card) and encrypts all transmissions between the SSH client and the server. network management card USER’S GUIDE Secure SHell (SSH) and Secure CoPy (SCP) • SSH is an alternative to Telnet, which does not provide encryption.
Secure CoPy (SCP) is a secure file transfer application that you can use instead of FTP. SCP uses the SSH protocol as the underlying transport protocol for encryption of user names, passwords, and files. • When you enable and configure SSH, you automatically enable and configure SCP. No further configuration of SCP is needed. network management card USER’S GUIDE • You must explicitly disable FTP. It is not disabled by enabling SSH.
For secure Web communication, you enable Secure Socket Layer (SSL) and Transport Layer Security (TLS) by selecting HTTPS (SSL/TLS) as the protocol mode to use for access to the Web interface of the Network Management Card. Hypertext Transfer Protocol over Secure Socket Layer (HTTPS) is a Web protocol that encrypts and decrypts page requests from the user and pages that are returned by the web server to the user.
external Certificate Authority, or if you do not want to use an existing Certificate Authority, you can create an APC root certificate to upload to a browser’s certificate store (cache). You can also use the Wizard to create a server certificate to upload to the Management Card. network management card USER’S GUIDE See Creating and Installing Digital Certificates for a summary of how these certificates are used.
Creating and Installing Digital Certificates For network communication that requires a higher level of security than password encryption, the Web interface of the Network Management Card supports the use of digital certificates with the Secure Socket Layer (SSL) protocol. Digital certificates can authenticate the Network Management Card (the server) to the Web browser (the SSL client).
Choosing a method for your system Method 1: Use APC’s default certificate. When you enable SSL, you must reboot the Management Card. During rebooting, if no server certificate exists on the Management Card, the Management Card generates a default server certificate that is signed by APC but that you cannot configure. network management card USER’S GUIDE Using the Secure Socket Layer (SSL) protocol, you can choose any of the following methods for using digital certificates.
– The default server certificate on the Management Card has the Management Card’s serial number in place of a valid common name (the DNS name or the IP address of the Management Card). Therefore, although the Management Card can control access to its Web interface by user name, password, and account type (e.g., Administrator, Device Manager, or Read Only User), the browser cannot authenticate what Management Card is sending or receiving data.
• A CA root certificate (Certificate Authority root certificate) that the APC Security Wizard uses to sign all server certificates and which you then install into the certificate store (cache) of the browser of each user who needs access to the Management Card. network management card USER’S GUIDE Method 2: Use the APC Security Wizard to create a CA certificate and a server certificate.
– The server certificate that you upload to the Management Card enables SSL to authenticate that data are being received from and sent to the correct Management Card. This provides an extra level of security beyond the encryption of the user name, password, and transmitted data. network management card USER’S GUIDE than the public key used in Method 1. (This longer encryption key is also used in Method 3.
network management card USER’S GUIDE Method 3: Use the APC Security Wizard to create a certificate-signing request to be signed by the root certificate of an external Certificate Authority and to create a server certificate. You use the APC Security Wizard to create a request (a .csr file) to send to a Certificate Authority. The Certificate Authority returns a signed certificate (a .crt file) based on information you submitted in your request.
– The server certificate that you upload to the Management Card enables SSL to authenticate that data are being received from and sent to the correct Management Card. This provides an extra level of security beyond the encryption of the user name, password, and transmitted data. network management card USER’S GUIDE used in Method 1 (This longer encryption key is also used in Method 2.
Firewalls network management card USER’S GUIDE Although some methods of authentication provide a higher level of security than others, complete protection from security breaches is almost impossible to achieve. Well-configured firewalls are an essential element in an overall security scheme.
Troubleshooting Management Card network management card USER’S GUIDE Management Card access problems For problems that are not described here, see the troubleshooting flowcharts in .\trouble on the APC Network Management Card utility CD. If the problem still persists, see Warranty and Service. Problem Solution Unable to ping the Management Card If the Management Card’s Status LED is green, try to ping another node on the same network segment as the Management Card.
Problem Solution Cannot access the Web interface • Verify that HTTP or HTTPS access is enabled • Verify that you can ping the adapter network management card USER’S GUIDE • Verify that you are using a Web browser that is supported for the Network Management Card. See Supported Web browsers.
SNMP issues Problem Solution Unable to perform a GET • Verify the read (GET) community name. • Use the control console or Web interface to ensure that the NMS has access. See SNMP. network management card USER’S GUIDE The following table describes known SNMP problems. Unable to perform a SET • Verify the read/write (SET) community name. • Use the control console or Web interface to ensure that the NMS has write (SET) access. See SNMP.
Product Information Limited warranty network management card USER’S GUIDE Warranty and Service APC warrants the Network Management Card to be free from defects in materials and workmanship for a period of two years from the date of purchase. Its obligation under this warranty is limited to repairing or replacing, at its own sole option, any such defective products.
Warranty limitations network management card USER’S GUIDE Except as provided herein, APC makes no warranties, express or implied, including warranties of merchantability and fitness for a particular purpose. Some jurisdictions do not permit limitation or exclusion of implied warranties; therefore, the aforesaid limitation(s) or exclusion(s) may not apply to the purchaser.
Obtaining service To obtain support for problems with your Network Management Card: 0 2. Contact Customer Support at a phone number listed under APC Worldwid Customer Support at the end of this manual. A technician will try to help you solve the problem by phone. network management card USER’S GUIDE 1. Note the serial number and date of purchase. The serial number is on the Management Card itself and on the Quality Assurance slip shipped with the card. 3.
Life-Support Policy General policy • In life-support applications where failure or malfunction of the APC product can be reasonably expected to cause failure of the life-support device or to affect significantly its safety or effectiveness. network management card USER’S GUIDE American Power Conversion (APC) does not recommend the use of any of its products in the following situations: • In direct patient care.
Specifications network management card USER’S GUIDE Electrical Item Specification Acceptable input voltage 19-30 VDC Maximum total current draw 110 mA Physical Item Specification Size (H × W × D) 1.46 ×4.75 ×4.3 in (3.7 ×12.1 ×10.9 cm) Weight .25 lb (.11 kg) Shipping weight .8 lb (.
Index Apply Local Computer Time 66 Audible Alarm 94 About System 33 Authentication Access MD5 147 FTP Server 41 Phrase 64 limiting NMS SNMP access by IP address 49 SNMP Traps 125 security options for each interface 143 User Manager setting in the control troubleshooting 163 console 64 Access Type setting 49 with SSL 152 Actions 121 Auto Logout 64 Actual Battery Bus Voltage 78 Actual Battery Voltage 78 B Add Client IP 98 Battery Capacity 78 Advanced settings Battery Current 78 Client ID 39, 137 Battery statu
BOOTP Community Name 125 SNMP 49 After IP Assignment setting 138 Boot mode settings 38 BOOTP Only boot mode setting 38 Communication verifying correctness 164 Configuration menu Battery 92 DHCP & BOOTP boot process 135 Remain in DHCP & BOOTP mode setting 138 Status LED indication for making BOOTP requests 9 network management card USER’S GUIDE Client ID 39 User Class 39 Vendor Class 39 General Settings 94 option in UPS menu 89 Shutdown Parameters 92 Configure Synchronized Control 107 Configured Cl
response options 139 Retry Then Stop setting 138 Status LED indication for making DHCP requests 9 D Data log configuration 133 importing into spreadsheet 118 Log Interval setting 133 using FTP or SCP to retrieve 118 Diagnostics menu Self-Test 80 Simulate Power Failure 80 Start/Stop Runtime Calibration 80 Test UPS Alarm 80 Apply Local Computer Time 66 GMT Offset (TIme Zone) 66 Manual 66 Network Time Protocol (NTP) 66 Primary NTP Server 66 Secondary NTP Server 66 Set Manually 66 Synchronize with NTP Server
Events menu e-mail forwarding to external SMTP Actions 121 servers 129 Email (Web interface) 123 e-mail to a recipient 129 Email Recipients (Web interface) 128 MD5 authentication 147 Event log 122 sending any traps to an NMS 125 Log option 117 sending authentication traps to an NMS 125 SNMP traps 123 SSH 44 Syslog action 123 Synchronized Group Membership 107 External Batteries 94 Telnet 44 network management card USER’S GUIDE Enabling Encryption with SSH and SCP 150 with SSL 54 Environment menu F Fac
IP addresses H for Configure Multiple/Parallel UPS IP Address 95 for PowerChute Network Shutdown clients 98 of DNS server for e-mail 126 of trap receivers 125 to limit access to specified NMSs 49 Help High Transfer Voltage 90 Host key file name 47 file status 47 network management card USER’S GUIDE About System option (Web interface) 33 on control console 20 fingerprints displaying for versions 1 and 2 48 generated by the Management Card 43 transferring to the Management Card 43, 47 Host Name sett
Management Card Network menu Manual boot mode setting 38 Manual option to set date and time 66 Maximum Line Voltage 74 Maximum Shutdown Time PowerChute Network Shutdown 98, 99 Shutdown Parameters 92 Maximum-Shutdown-Time negotiation 99, 100 MD5 browser settings required 23 enabling 147 how it performs authentication 148 network management card USER’S GUIDE port assignment 145 requirement of login credentials to access cached Web page 153 Menus Configuration 89, 92 Control Console 19 Data 32, 132 Devi
using a non-default port Output relay for FTP 41 for HTTP 56 for HTTPS 56 for SSH 45 for Telnet 45 Output VA at n+0 76 Output VA at n+1 76 Output Voltage 76, 90, 91 Output Watts at n+0 76 Output Watts at n+1 76 network management card USER’S GUIDE AP9618 and AP9619 feature 1, 6, 8 control console status report 16, 18, 111 settings 113 Web interface status report 27, 28, 111 P Paging by using e-mail 129 Password change for security 145 Passwords default for Administrator, Device Manager, and Read Only
network management card USER’S GUIDE options for each interface 143 planning and implementing 143, 147 SCP as alternative to FTP 151 SSL Reset Card to Defaults 67 Reset Card to Defaults Except TCP/IP 67 Reset Only TCP/IP to Defaults 67 Restart Network Management Card preventing restart for inactivity 12 Retry Then Fail setting 39 Retry Then Stop setting (DHCP) 138 Return Battery Capacity 92 Return Delay 93 RSA key exchange algorithm 57 Runtime Remaining 78 choosing a method to use certificates 154 Ciphe
Sleep Time 93 SMTP Status in detail 73 in Web interface 28 on control console main screen 18 summary 27, 73 UPS menu option 73 From Address 127 SMTP Server 127 Access Type setting 49 Authentication Traps 125 Community Name setting 49 enabling and disabling 49 NMS IP setting 49 SNMP traps option 123 troubleshooting problems 164 network management card USER’S GUIDE SNMP Specifications 169 electrical 169 physical 169 SSH configuring 42 enabling 42 encryption 150 fingerprints,displaying and comparing 43 h
To Address 129 Tools menu 67 Take UPS off Bypass 87 TCP/IP Advanced settings 39 Boot mode 38 Client ID setting 39, 137 Current settings fields 37 default gateway 37, 38 network management card USER’S GUIDE T defining settings for the Management Card 37 Domain Name setting 39, 137 Host Name setting 39, 137 On Retry Failure setting 39 Port Speed setting 39, 137 restoring default settings 67 Retry Then Fail setting 39 setting port assignments for extra security 145 subnet mask 37, 38 system IP address 37,
Utility Line Settings Unidentified traps, troubleshooting 164 Up Time control console main screen 17 Web interface 28 Update Interval 66 Upgrade kits, to add modem and environmental monitor 2 UPS menu 71 Configuration 89 Detailed Status 73 Detailed UPS Information 73 Faults & Alarms 73 Module Diagnostics & Information 96 Module Status 96 Output Power Status 75 Scheduled Tests 81 Status 73 UPS Name 94 UPS status icons in the Web interface 29 URL address formats 26 Use SMTP Server 129 User access identificat
status 28 summary page 27 troubleshooting access problems 163 Up Time 28 URL address formats 26 XMODEM 67 network management card USER’S GUIDE X ® 181
Customer support for this or any other APC product is available at no charge in any of the following ways: • Visit the APC Web site to find answers to frequently asked questions (FAQs), to access documents in the APC Knowledge Base, and to submit customer support requests. – www.apc.
Entire contents copyright © 2003 American Power Conversion. All rights reserved. Reproduction in whole or in part without permission is prohibited. APC, the APC logo, InfraStruXure, Smart-UPS, Matrix-UPS, Symmetra, Silcon, PowerNet, and PowerChute are trademarks of American Power Conversion Corporation and may be registered in some jurisdictions. All other trademarks, product names, and corporate names are the property of their respective owners and are used for informational purposes only.
