How To Configure The M4000 XSCF

Log in as the ‘default’ user. The ‘default’ user is required to authenticate to the server by physically turning the server’s front panel mode switch from Locked to Service, or vice versa. Obviously, this precludes the option of logging in remotely to the XSCF.

Once logged in, create the ‘sysadm’ user (or whatever name you want to call the admin user). Unless you create a new user, you may only log in as the ‘default’ user which requires that you be physically present at the site to turn the mode switch in the front of the server.

Specify sysadm’s password and set its privileges to sysadm, useradm, platadm and platop.

XSCF> adduser sysadm
XSCF>
XSCF> password sysadm
New XSCF password:
Retype new XSCF password:
XSCF>
XSCF> setprivileges sysadm useradm platadm platop
XSCF>
XSCF> exit

Login as sysadm and run the setupplatform command. You will need an IP address for the XSCF. You will also need the appropriate subnet mask and default gateway among others. Below is a summary of the settings used in this example.

Parameter Value
IP address 203.56.9.220
Subnet mask 255.255.255.0
Default gateway 203.56.9.1
DSCP network 192.168.2.0. This must be a network dfferent from both the XSCF’s network and the hosts’ network.
DSCP netmask 255.255.255.0
Primary DNS server IP address 203.56.9.59
Secondary DNS server IP address 203.56.2.75
Domain name domain.com
XSCF#0 hostname m4k-xscf
Primary NTP server IP address 10.1.1.1
Secondary NTP server ip address 203.56.1.1
Enable ssh Yes
Enable https No, initially. Configure separately by running sethttps
Configure email reports Yes
Mail Server 203.56.9.159
Port 25
Authentication Mechanism none
Reply Address admin@domain.com
Enable E-Mail Reporting Yes
E-mail Recipient Address admin@domain.com
Set up chassis altitude No
XSCF time zone As appropriate
HTTPS passphrase As appropriate
Certificate Authority US CA Pasadena Domain Inc admin@domain.com
XSCF> setupplatform
Do you want to set up an account? [y|n]: n
Do you want to set up networking? [y|n]: y
Do you want to set up the XSCF network interfaces? [y|n]: y
Do you want to configure xscf#0-lan#0? [y|n]: y
xscf#0-lan#0 ip address? []: 203.56.9.220
xscf#0-lan#0 netmask? [255.255.255.0]:
xscf#0-lan#0 default gateway? []: 203.56.9.220 1
xscf#0-lan#0 ip address: 203.56.9.220
xscf#0-lan#0 netmask: 255.255.255.0
xscf#0-lan#0 default gateway: 203.56.9.1
Are these settings correct? [y|n]: y
XSCF> setnetwork xscf#0-lan#0 -m 255.255.255.0 203.56.9.220
XSCF> setroute -c add -n 0.0.0.0 -m 0.0.0.0 -g 203.56.9.1 xscf#0-lan#0
Do you want to configure xscf#0-lan#1? [y|n]: n
Do you want to configure lan#0? [y|n]: n
Do you want to configure lan#1? [y|n]: n
Do you want to set up the DSCP network? [y|n]: y
DSCP network? []: 192.168.2.0
DSCP netmask? [255.255.255.0]:
DSCP network: 192.168.2.0
DSCP netmask: 255.255.255.0
Are these settings correct? [y|n]: y
XSCF> setdscp -q -y -i 192.168.2.0 -m 255.255.255.0
Domain name service is already configured:
Primary DNS server ip address: ---
Secondary DNS server ip address: ---
Tertiary DNS server ip address:
Domain name: localdomain
XSCF#0 hostname: localhost
Do you want to set up the domain name service? [y|n]: y
Primary DNS server ip address? [---]: 203.56.9.59
Do you want a secondary DNS server? [y|n]: y
Secondary DNS server ip address? [---]: 203.56.2.75
Do you want a tertiary DNS server? [y|n]: n
Do you want to specify a domain name? [y|n]: y
Domain name [localdomain]: domain.com
XSCF#0 hostname [localhost]: m4k-xscf
Primary DNS server ip address: 203.56.9.59
Secondary DNS server ip address: 203.56.2.75
Tertiary DNS server ip address:
Domain name: domain.com
XSCF#0 hostname: m4k-xscf
Are these settings correct? [y|n]: y
XSCF> setnameserver -c del -a
XSCF> setnameserver -c add 203.56.9.59 203.56.2.75
XSCF> sethostname xscf#0 m4k-xscf
XSCF> sethostname -d domain.com
Do you want to set up the network time protocol? [y|n]: y
Do you want a primary NTP server? [y|n]: y
Primary NTP server ip address? []: 10.1.1.1
Do you want a secondary NTP server? [y|n]: y
Secondary NTP server ip address? []: 203.56.1.1
Do you want a tertiary NTP server? [y|n]: n
Primary NTP server ip address: 10.1.1.1
Secondary NTP server ip address: 203.56.1.1
Tertiary NTP server ip address:
Are these settings correct? [y|n]: y
XSCF> setntp -c del -a
Please reset the XSCF by rebootxscf to apply the ntp settings.
XSCF> setntp -c add 10.1.1.1 203.56.1.1
Please reset the XSCF by rebootxscf to apply the ntp settings.
The ssh service is: disabled
Do you want to set up ssh? [y|n]: y
Enable ssh service? [y|n]: y
XSCF> setssh -q -y -c enable
The https service is: disabled
Do you want to set up https? [y|n]: n
Do you want to configure email reports? [y|n]: y
XSCF> setsmtp
Mail Server []: 203.56.9.159
Port [25]:
Authentication Mechanism [none]:
Reply Address []: admin@domain.com

XSCF> setemailreport
Enable E-Mail Reporting? [no]: yes
E-mail Recipient Address []: admin@domain.com
Do you want to send a test mail now [no]?

Do you want to apply the network changes? [y|n]: y
XSCF> applynetwork -y
The following network settings will be applied:
xscf#0 hostname :m4k-xscf
DNS domain name :domain.com
nameserver :203.56.9.59
nameserver :203.56.2.75

interface:xscf#0-lan#0
status :up
IP address :203.56.9.220
netmask :255.255.255.0
route :-n 0.0.0.0 -m 0.0.0.0 -g 203.56.9.1

interface:xscf#0-lan#1
status :down
IP address :
netmask :
route :

Continue? [y|n] :y
Please reset the XSCF by rebootxscf to apply the network settings.
Please confirm that the settings have been applied by executing
showhostname, shownetwork, showroute and shownameserver after rebooting
the XSCF.
Do you want to reboot the XSCF now? [y|n]: n
Do you want to set up the chassis altitude? [y|n]: n
Do you want to set up the XSCF time zone? [y|n]: y
Chassis time zone is already configured:
XSCF time zone: UTC
Continue setting up the XSCF time zone? [y|n]: y
0Africa/Abidjan
1Africa/Accra
2Africa/Addis_Ababa
:
: {snip}
:
344Australia/Sydney
345Australia/Tasmania
346Australia/Victoria
Enter number to choose time zone or return for next set of time zones: 344
XSCF time zone: Australia/Sydney
Is this setting correct? [y|n]: y
XSCF> settimezone -c settz -s Australia/Sydney
Australia/Sydney
XSCF>
XSCF> sethttps -c genserverkey
Enter passphrase:
Verifying - Enter passphrase:
XSCF>
XSCF> sethttps -c selfsign US CA Pasadena Domain Inc admin@domain.com
CA key and CA cert already exist. Do you still wish to update? [y|n] :y
Enter passphrase:
Verifying - Enter passphrase:
XSCF>
XSCF> sethttps -c enable
Continue? [y|n] :y
Please reset the XSCF by rebootxscf to apply the https settings.
XSCF>
XSCF> rebootxscf -y
The XSCF will be reset. Continue? [y|n] :y
XSCF>

Verify that the settings have taken effect.

XSCF> showhostname -a
xscf#0:m4k-xscf.domain.com
XSCF>
XSCF> shownetwork -a
xscf#0-lan#0
Link encap:Ethernet HWaddr 00:21:28:AF:86:D2
inet addr:203.56.9.220 Bcast:203.56.9.255 Mask:255.255.255.0
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:2716 errors:0 dropped:0 overruns:0 frame:0
TX packets:369 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:228720 (223.3 KiB) TX bytes:43978 (42.9 KiB)
Base address:0xe000

xscf#0-lan#1
Link encap:Ethernet HWaddr 00:21:28:AF:86:D3
BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
Base address:0xc000

XSCF> showroute -a
Destination Gateway Netmask Flags Interface
203.56.9.0 * 255.255.255.0 U xscf#0-lan#0
default 203.56.9.1 0.0.0.0 UG xscf#0-lan#0
XSCF>
XSCF> shownameserver
nameserver 203.56.9.59
nameserver 203.56.2.75
search ---
XSCF>
XSCF> showntp -a
server 10.1.1.1 prefer
server 203.56.1.1
XSCF>
XSCF> showsmtp
Mail Server: 203.56.9.159
Port: 25
Authentication Mechanism: none
Reply Address: admin@domain.com

XSCF> showemailreport
E-Mail Reporting: enabled
E-mail Recipient Address: admin@domain.com
XSCF> showssh
SSH status: enabled
SSH DSCP: accept
RSA key:
ssh-rsa
[A really long sequence of characters]
Fingerprint:
[A long sequence of characters]
DSA key:
ssh-dss
[A really long sequence of characters]
Fingerprint:
[A long sequence of characters]
XSCF>
XSCF> showhttps
HTTPS status: enabled
Server key: installed in Dec 15 00:39:33 UTC 2011
CA key: installed in Dec 15 00:39:33 UTC 2011
CA cert: installed in Dec 15 00:39:33 UTC 2011
CSR:
-----BEGIN CERTIFICATE REQUEST-----
[A really long sequence of characters]
-----END CERTIFICATE REQUEST-----
XSCF>