SA-250 Server Installation Guide 7 2 U1 PDF

Installation Guide
SA-250 Server
339 N. Bernardo Avenue, # 200, Mountain View, CA 94043

www.airtightnetworks.com
2003-2015 AirTight Networks, Inc. All rights reserved.
This page is intentionally left blank.
END USER LICENSE AGREEMENT
Please read the End User License Agreement before installing the SA-250 server. The End User License
Agreement is available at the following location -.http://www.airtightnetworks.com/fileadmin/pdf/AirTight-EULA.pdf.
Installing the SA-250 server constitutes your acceptance of the terms and conditions of the End User License
Agreement.
DISCLAIMER
THE INFORMATION IN THIS GUIDE IS SUBJECT TO CHANGE WITHOUT ANY PRIOR NOTICE.
AIRTIGHT NETWORKS, INC. IS NOT LIABLE FOR ANY SPECIAL, INCIDENTAL, INDIRECT, OR
CONSEQUENTIAL DAMAGES WHATSOEVER (INCLUDING, WITHOUT LIMITATION, DAMAGES FOR LOSS
OF BUSINESS PROFITS, BUSINESS INTERRUPTION, LOSS OF BUSINESS INFORMATION, OR ANY OTHER
PECUNIARY LOSS) ARISING OUT OF THE USE OF OR INABILITY TO USE THIS PRODUCT.
THIS PRODUCT HAS THE CAPABILITY TO BLOCK WIRELESS TRANSMISSIONS FOR THE PURPOSE OF
PROTECTING YOUR NETWORK FROM MALICIOUS WIRELESS ACTIVITY. BASED ON THE POLICY
SETTINGS, YOU HAVE THE ABILITY TO SELECT WHICH WIRELESS TRANSMISSIONS ARE BLOCKED AND,
THEREFORE, THE CAPABILITY TO BLOCK AN EXTERNAL WIRELESS TRANSMISSION. IF IMPROPERLY
USED, YOUR USAGE OF THIS PRODUCT MAY VIOLATE US FCC PART 15 AND OTHER LAWS. BUYER
ACKNOWLEDGES THE LEGAL RESTRICTIONS ON USAGE AND UNDERSTANDS AND WILL COMPLY WITH
US FCC RESTRICTIONS AS WELL AS OTHER GOVERNMENT REGULATIONS. AIRTIGHT IS NOT
RESPONSIBLE FOR ANY WIRELESS INTERFERENCE CAUSED BY YOUR USE OF THE PRODUCT.
AIRTIGHT NETWORKS, INC. AND ITS AUTHORIZED RESELLERS OR DISTRIBUTORS WILL ASSUME NO
LIABILITY FOR ANY DAMAGE OR VIOLATION OF GOVERNMENT REGULATIONS ARISING FROM YOUR
USAGE OF THE PRODUCT, EXCEPT AS EXPRESSLY DEFINED IN THE INDEMNITY SECTION OF THIS
DOCUMENT.
LIMITATION OF LIABILITY
AirTight Networks will not be liable to customer or any other party for any indirect, incidental, special,
consequential, exemplary, or reliance damages arising out of or related to the use of AirTight Wi-Fi, AirTight
WIPS, AirTight Cloud Services, and AirTight devices under any legal theory, including but not limited to lost profits,
lost data, or business interruption, even if AirTight Networks knows of or should have known of the possibility of
such damages. Regardless of the cause of action or the form of action, the total cumulative liability of AirTight
Networks for actual damages arising out of or related to the use of AirTight Wi-Fi, AirTight WIPS, AirTight Cloud
Services or AirTight devices will not exceed the respective price paid for AirTight Wi-Fi, AirTight WIPS, AirTight
Cloud Services, or AirTight devices.
Copyright 20032015 AirTight Networks, Inc. All Rights Reserved.

TM
TM
TM
TM
TM
Powered by Marker Packet , Active Classification , Live Events , VLAN Policy Mapping , Smart Forensics ,
TM
TM
WEPGuard and WPAGuard . AirTight Networks and the AirTight Networks logo are trademarks and AirTight is
a registered trademark of AirTight Networks, Inc.
This product contains components from Open Source software. These components are governed by the terms
and conditions of the GNU Public License. To read these terms and conditions visit
http://www.gnu.org/copyleft/gpl.html.
Protected by one or more of U.S. patent Nos. 7,002,943; 7,154,874; 7,216,365; 7,333,800; 7,333,481; 7,339,914;
7,406,320; 7,440,434; 7,447,184; 7,496,094; 7,536,723; 7,558,253; 7,710,933; 7,751,393; 7,764,648; 7,804,808;
7,856,209; 7,856,656; 7,970,894; 7,971,253; 8,032,939; and international patents: AU 200429804; GB 2410154;
JP 4639195; DE 60 2004 038 621.9; and GB/NL/FR/SE 1976227. More patents pending. For more information on
patents, please visit: www.airtightnetworks.com/patents.
SA-250 Server Installation Guide
1.
About this Guide
The SA-250 Server Installation Guide gives an overview of the power connector and the ports on the SA-250
server and explains how to configure it.
Important! Please read the EULA before installing the SA-250 server. Installing the server constitutes your
acceptance of the terms and conditions of the EULA mentioned above in this document.
Intended Audience
This guide is intended for anyone who wants to install and configure the SA-250 server.
Document Overview
This guide contains the following chapters:
1. Package Contents: Lists the components included in the system package.
2. SA-250 Server Overview: Provides an overview of the SA-250 server.
3. Installing the SA-250 Server: Describes how to power on the server, connect the server to the network
and your computer, and configure the server.
4. Server Config Shell Commands: Lists a pre-defined set of commands that allow you to configure and
view the status of the Server.
5. Set Up and Manage Server Cluster: Describes how to set up and manage a server cluster.
6. Troubleshooting: Provides troubleshooting tips while installing the server and sensor.
7. Backup and Restore Database: Provides instructions to backup and restore database.
Product and Documentation Updates

To receive important news on product updates, please visit our website at http://www.airtightnetworks.com.
We continuously enhance our product documentation based on customer feedback. To obtain a latest copy of this
document, visit http://www.airtightnetworks.com/home/support.html.
Contact Information
AirTight Networks, Inc.
339 N, Bernardo Avenue, Suite #200,
Mountain View, CA 94043
Tel: (650) 961-1111
Fax: (650) 963-3388
For technical support, send an email to support@airtightnetworks.com.
2.
Package Contents
This chapter lists the components included in the SA-250 server package.
Please ensure that the following items are included in the server package:
Server with software
System documentation CD-ROM containing:

o
Users Guide
Installation Guide
Quick Setup Guide
Release Notes
Upgrade Instructions
High Availability Configuration
Network Detector Configuration
Power cord
Network interface (Ethernet) cable
Serial cable
Rack mounting accessories
Figure 2-2-1 SA-250 Server Package Contents
If the package is not complete, please contact AirTight Networks, Inc. Technical Support at
support@airtightnetworks.com, or return the package to the vendor or dealer where you purchased the product.
3.
SA-250 Server Overview
This chapter provides an overview of the SA-250 server and describes in detail about the following:
Front panel of the SA-250 server
Rear panel of the SA-250 server
The front panel of SA-250 server has a power switch, power LED, HDD activity LED, network interface LED, high
availability interface LED, and temperature LED.
Figure 3-1: Front Panel of SA-250 Server
The following table details the behavior of the power switch.

Table 3-1: SA-250 Server Power Switch Behavior
Action
System Behavior
Recommended User Action
Push the power

switch for 2 seconds.
Graceful shutdown of the server

(similar to restarting the server).
No action is required as the server restarts

automatically.
Push the power

switch for more than
4 seconds.
Hard shutdown of the server

(similar to disconnecting the
power cable).
Press the power switch again to power on the

server. Do not press the power switch for a long
time, as this may cause damage to the hard disk
and thereby cause severe data loss.
The following table provides information about what the LED lights on the server indicate.
Table 3-2: SA-250 Server LED Details

LED
Power
Hard Disk
LED Color
Meaning of LED
Solid Green
The server is powered on and working normally.
Off
The server is not powered on or not receiving power.
Blinking Green
The hard disk drive is being accessed.
Off
The hard disk drive is not being accessed.
Blinking Green
The server is connected to the network.
Off
The server is not connected to the network.
Blinking Green
The HA interface Ethernet link is up.
Off
The HA interface Ethernet link is down.
Network Interface
High Availability
Interface
The rear panel of the SA-250 server has a power connector to provide power supply to the server and ports to
connect the server to the network and a computer.
Figure 3-2: Rear Panel Ports of SA-250 Server
The rear panel of SA-250 Server has a serial port (RS 232 F-F), a network interface port (RJ-45 10/100/1000
Ethernet), a high availability (HA) port (RJ-45 10/100/1000 Ethernet), and a power connector. Use the power
connector to power the server using 110-240V 50/60 Hz AC input. Connect the power connectors to two different
power sources to optimize the redundancy. The following table describes the serial, network interface, and high
availability ports.
Table 3-3: SA-250 Server Rear Panel Ports
Port
Serial
Description
Enables a serial (RS-232)

connection to establish terminal
sessions using terminal emulation
programs such as HyperTerminal for
Windows or minicom for Linux
Connector
Type
DB-9
Settings/Protocol
Settings:
Bits per second: 9600
Data Bits: 8
Parity: None
Stop Bits: 1
Flow Control: None
Protocol: RS-232
Port
Description
Connector
Type
Network Interface
Used to connect the server to the

enterprise network
RJ-45
High Availability
Used to connect the server to the

other servers in a high availability
cluster
RJ-45
Settings/Protocol
Settings: 10/100/1000
Mbps
Protocol: Ethernet
Settings: 10/100/1000
Mbps
Protocol: Ethernet
4.
Installing the SA-250 Server
You must set up the server before using it to monitor and protect your network. This chapter explains how to
connect and configure the SA-250 server.
Connecting the SA-250 Server

Connecting the server involves mounting the server appliance, powering on the server, and connecting it to the
network.
Mount the Server Appliance

Place the server on the rack and mount it using the rack mounting accessories.
Figure 4-1: Mount SA-250 Server
Power on the Server

The server appliance runs at 110-240V, 3-5A, 50-60 Hz AC power. AirTight Networks recommends that you
provide surge-free stable power to the server.
Figure 4-2: SA-250 Server Power Cable
To power on the server, perform the following steps:

1. Connect one end of the power cable to the power socket on the rear panel of the server.
2. Connect the other end of the power cable to a 110-240V, 50/60 Hz AC power source.
3. Press the Power switch on the front panel of the server.
Note: On connecting the power cable and pressing the power switch, the power LED should turn solid green.
Connect the SA-250 Server to Enterprise Network

After connecting the power cables, you must connect the server to your enterprise network. Connect the network
interface port on the server to the desired subnet using the Ethernet cable provided to you as shown in the figure.
Warning! Do NOT connect the high availability (HA) port to the subnet.
Figure 4-3: SA-250 Server Ethernet Connection
Note: The default IP address of the server is 192.168.1.246. Ensure that no other device on your network uses
the same IP address as the server.
Accessing the Server

You can access the server in following ways:
Using an SSH Secure Shell (SSH) client to access the server (Recommended)
Using a serial RS-232 cable
Accessing the Server using SSH (Recommended)

To access the server using SSH, perform the following steps:
1. Connect your computer to the same subnet where the server is connected.
Note: The default IP address of the server is 192.168.1.246.
2. Change the IP address of your computer to 192.168.1.XXX. For example, 192.168.1.244.

3. Open SSH on your computer and press Enter or Space on the SSH Secure Shell dialog.
4. Access the default server IP address, 192.168.1.246, as shown in the following figure:
Figure 4-4: Access Default Server IP Address
5. Login using the username: config and password: config.
Accessing the Server using a Serial Cable

You can also access the server using a serial RS-232 cable as shown in the following figure and then follow the
steps listed below the figure.
Figure 4-5: Accessing Server using Serial RS-232 Cable
1. Launch the HyperTerminal from Start > All Programs > Accessories > HyperTerminal on your system.
Figure 4-6 HyperTerminal
10
2. Define a new HyperTerminal connection in the Connection Description dialog.

a. Enter a name for the HyperTerminal connection in the Name field.
b. Select an icon to identify the new connection.
c.
Click OK.
Figure 4-7: Connection Description
3. Specify the HyperTerminal connection details by selecting or entering the appropriate connection
information and click OK.
Figure 4-8: HyperTerminal Connection
11
4. Edit the serial port settings to ensure proper communication between the server and your computer, and
click OK. Alternately, click Restore Defaults to use the default settings.
Bits per second: 9600
Data bits: 8
Parity: None
Stop bits: 1
Flow control: None

Figure 4-9: HyperTerminal Connection
5. Press Enter or Space on the HyperTerminal screen.

The login prompt appears. Log in using the username: config and password: config.
Accessing the Server Initialization and Setup Wizard

At the first boot of the server, the Server Initialization and Setup Wizard is displayed. This wizard helps you to
map the Backspace key, change the configuration password, change the network settings, and set the server ID
of the server. You can retain the default values at each step by pressing Enter.
The wizard is displayed at the first boot or at every reboot if the server is not configured.
Important: If you are configuring the server for HA mode, you can skip the Server Initialization and Setup
wizard and go to the config prompt. Change the config shell password, set the time zone and date and time,
set the Server ID, and then use the set ha command to configure the server in HA mode.
12
Configure the Backspace Key

Before configuring the network settings, you are prompted to map the Backspace key to work properly.
Figure 4-10: Configure the Backspace Key
The Server Initialization and Setup Wizard appears as shown in the following figure.
Figure 4-11: Server Initialization and Setup Wizard
13
Change Config Shell Password

As a best practice, AirTight Networks recommends that you change the config shell password. The following
figure shows how to change the config shell password.
Figure 4-12: Change Config Shell Password
Change Network Settings

The network settings of the server specify its unique IP address on the network. Sensors and access points (APs)
use this IP address to identify the server. The default IP address assigned to the server is 192.168.1.246.
Important: Note down the network settings. If you forget the network settings, you can no longer access the
server over the network after it reboots. Use the serial cable to access the server and change its network settings.
To change the network settings, provide the following input.
IP Address: Choose an IP address that is compatible with the network segment on which the server is
connected. The server must belong to the same subnet.
Subnet Mask: Enter the mask of the network segment to which the server is connected.
Gateway IP Address: Enter the IP address of the gateway, for the subnet on which the server is
connected. Ethernet traffic from the subnet is forwarded to another network through the gateway.
Primary DNS IP Address: Specify the IP address of the primary DNS server used by the enterprise
server to resolve DNS entries.
Secondary DNS IP Address: Specify the IP address of the secondary (alternate) DNS server used by
the enterprise server to resolve DNS entries.
Tertiary DNS IP Address: Specify the IP address of the tertiary (alternate) DNS server used by the
enterprise server to resolve DNS entries.
DNS Suffix: Append this suffix to the unqualified domain name to generate a fully qualified domain name.
The following figures show how to change the network settings.
14
Figure 4-13: Configure Network Settings
Figure 4-14: Confirm Network Settings
Figure 4-15: Enable IPv6 Support
15
Set Server Time Zone, Date and Time Settings

Set the correct time zone and date for the server. You must select a continent and then a country to set the time
zone. You can change the server date and time manually or using an NTP server. To set the server date and time
using an NTP server, you must specify the NTP server IP address or the DNS name of the NTP server.
Figure 4-16: Set Server Time Zone, Date and Time
16
Set Server ID Settings

The server ID identifies a unique server instance when there are multiple server instances on the network.
Sensors and APs can be configured to communicate with a specific server instance. The default server ID is 1.
Recommended: Server ID setting is important only if you have a multi-server installation. If you have only one
server, the server ID should be the default value 1.
Figure 4-17: Set Server ID
Set Server Tag

An AirTight server can be assigned a tag that could be used to identify the server and specific files and objects
associated with that server. By default, the server tag is blank.
Figure 4-18: Set Server Tag
You can reset the server tag using the set server tag command. For details, refer to the Server Tagging
chapter in this guide.
17
The server initialization completion message screen appears as shown in the following figure.
Figure 4-19: Server Initialization Completion Message
Press y to reboot the server for the changes to take effect. If you choose to reboot later press n. The server
Config Shell prompt appears. You must reboot the server on completion of the Initialization and Setup Wizard
before you access the server from the AirTight Management Console (GUI).
Note: On the Config Shell prompt, you can type the help command to view the list of available commands.
18
Set up the Server DNS Entry

Add a DNS entry wifi-security-server in your enterprise DNS server. This entry should point to the network
interface IP address of the server that you configured in Change Network Settings.
Adding this entry serves two purposes:
Sensors/APs on a DHCP enabled subnet can connect to the server with zero-configuration.
You can access the server using the address https://wifi-security-server.
Launching the AirTight Management Console

Ensure that the following hardware and software is available on your computer before launching the console.
Table 4-1: Hardware Requirements
Hardware
Requirements
Processor
Intel P4 X86 architecture platform (or equivalent)
Processor Speed
1.4 GHz (minimum)
Memory
1 GB (minimum)
Screen Resolution
1024X768 (recommended)
Table 4-2: Software Requirements

Software
Requirements
Operating System (OS)
Windows 2000 or XP
Browser
Internet Explorer (IE) 9.0 or higher, Mozilla Firefox v18 or higher,

Google Chrome v25 or higher, Safari 6.0 or higher
To launch the AirTight Management Console, perform the following steps:

1. Launch a Web browser from your computer.
2. Enter the default IP Address for the server, that is, 192.168.1.246.
3. Click Yes on each of the security message pop-up dialogs to proceed.
19
Figure 4-20: Security Alert
Activating the License

1. Save the license key file shipped with the server on your desktop.
2. Click Choose File, and browse to the license key file and select it.
The label of the button can vary between Choose File and Browse based on the Web browser used. The
functionality remains the same.
3. Click Apply.
Figure 4-21: Choose File
If the license key is valid, the Login screen is displayed. Else, an error message is displayed.
You can log in with user name admin and password admin.
20
5.
Server Config Shell Commands
This chapter describes the commands in the Server Config Shell used to reconfigure and maintain the server after
running the Server Configuration Wizard. Some commands display the status of the server.
Table 5-1: Database Commands
Command
Description
db backup
Backs up the database to the remote server specified by you
db clean
Resource clean-up without disruption of services
db maintain
Resource clean-up after temporary shutting down of services
db reset
Resets the database to factory defaults but maintains network settings
db restore
Restores the database from a previous backup on a remote server
get db backup info
Displays scheduled DB backup information
set db backup info
Sets scheduled DB backup information
upload db backup
Uploads last successful database backup to external server
Table 5-2: get Commands

Command
Description
get allowed ip
Displays the list of IP addresses or subnets that are allowed to access this
device
get cert
Generates a self-signed certificate
get certreq
Generates a Certificate Signing Request (CSR)
get date
Displays the current time zone, date, and time on the server
get debug
Creates a debug information tarball file for debugging purposes.
get debug verbose
Displays basic debug information on the CLI.
get debug ondemand
Used for on-demand or case-specific debugging and requires a debug bundle as

parameter. Contact support@airtightnetworks.com for the debug bundle.
get FIPS mode
If the server is in FIPS 140-2 mode, the command returns ON. If the server is in
default mode, the command returns OFF.
get ha
Displays high availability (HA) cluster configuration and service status
21
Command
Description
get ha help
Displays detailed high availability (HA) setup help
get interface
Displays the network and HA interface speed and mode
get hddcheck
Displays the number of bad blocks found on the hard disk drive.
get integrity status
Displays PASSED or FAILED after checking the integrity of critical server

components. If the status is FAILED, the list of failed server components is also
displayed.
get ipv6 network
Displays IPv6 networking information
get ipv6 route
Displays IPv6 routing information
get lldp
Displays the configuration of LLDP
get log config
Displays the configuration of the logger
get log level aruba
Displays the log level of Aruba Mobility Controller Adapter module
get log level gui
Displays the log levels of GUI modules
get log level

msmcontroller
Displays the log level of HP MSM Controller Integration module
get log level wlc
Displays the log level of Cisco WLC Adapter module.
get msmcontroller
cert
Generates a self-signed certificate for HP Adapter
get msmcontroller
certreq
Generates a Certificate Signing Request for HP Adapter
get network
Displays the network interface (eth0) configuration including the IP address,

subnet mask, gateway, DNS address, and DNS prefix
get opsec log
Displays the log messages generated by OPSEC API
get route
Displays the routing table
get sensor list
Displays a list of sensors and NDs
get server config
Displays the complete server configuration which includes the server ID, server
version, server build, MAC address of the network and HA interface, server
mode, server time zone, date and time settings, WLSE integration settings,
settings of network interfaces, and server processes
22
Command
Description
get server check
Runs a server consistency check and displays the results. If any fatal item fails,
a failure result is recorded
get serverid
Displays the server ID
get server tag
Displays the custom tag assigned to the server
get ssh
Displays the status of the SSH server
get sensor reset

button
Displays the state of the pinhole reset button on the sensor
get status
Displays the status of server processes
get version
Displays the version and build information of all the server components
get sensor debug

logs
Uploads sensor debug logs to specified upload URL
Table 5-3: set Commands

Command
Description
set allowed ip
Sets the list of IP addresses or subnets that are allowed to access this device
set cert
Installs a signed SSL certificate issued for the request generated using get
certreq
set date
Sets the current time zone, date, and time information on the server; the server
must be rebooted for the date/time information to take effect
set dbserver
Starts/stops the database server
set erase
Configures the backspace key
set communication
passphrase
Set a passphrase of 10-127 characters. The shared secret is derived from this
passphrase
set communication
key
Set a passphrase of 10-127 characters. The shared secret is derived from this
passphrase
set communication
key default
Restores the communication key to its factory default value.
set FIPS mode
Sets the operation mode of the server to either FIPS 140-2 validated mode or
default mode
23
Command
Description
set ha
Enables or disables high availability (HA) service
set ha dead time
Changes the dead time of high availability (HA) service
set ha failover
Forces high availability (HA) failover
set ha link timeout
Sets the timeout, in seconds, after which the data sync link down event is
generated. The default timeout is 10 seconds.
set ha redirector
addrs
Set public IP address/host name of high availability (HA) servers
set ha standby
password
Changes config user password of the other HA server in standby mode
set interface
Sets the network and HA interface speed and mode
set ipv6 network
IPv6 configuration
set ipv6 route
Sets IPv6 static routing configuration
set license
Downloads license from remote server and applies it on the AirTight server.
set log config
Sets the configuration of the logger
set log level aruba
Sets the log level of Aruba Mobility Controller Adapter Module
set log level gui
Sets the log levels of GUI modules.
set log level

msmcontroller
Sets the log level of HP MSM Controller Integration
set log level wlc
Sets the log level of Cisco WLC Adapter Module.
set network
Sets the network interface (eth0) configuration including the IP address, subnet
mask, gateway, DNS address, and DNS prefix
set product name
Changes the product name. The default product name is AirTight Management
Console. This can be changed to SpectraGuard Enterprise, if required. No other
names are allowed.
set route
Allows addition/deletion of routing table entries
set scan config
Modifies AP background scanning parameters
24
Command
Description
set sensor
discovery
Changes discovery settings on sensors.
set sensor legacy

authentication
Allows/disallows sensors running on versions lower than 6.2 to connect to the

server
set sensor reset

button
Sets the state of the pinhole reset button on the sensor (available for select
sensor models only)
set server
Starts/stops the application server
set serverid
Sets the server ID
set server
discovery
Changes server discovery settings on given AP/Sensor devices.
set server tag
Sets a custom tag on the server to identify the server and the files and objects
associated with the server.
set ssh
Starts/stops the SSH access to the server
set lldp
Sets LLDP configuration
set webserver
Starts/stops the Web server
set wlc mapper
Manages Cisco WLC Custom Mapper file
Table 5-4: Miscellaneous Commands

Command
Description
exit
Exits the config shell session
help
Displays help for all the commands
passwd
Allows the admin to change the config shell password that adheres to the
password policy set for users from the GUI. The password policy will be enforced
only at the time of change in password, and, therefore, will not be effective for
current password.
ping6 <IPv6 address

or hostname>
Pings an IPv6 host.
traceroute6 <IPv6
address or
hostname>
Shows route to an IPv6 host.
25
ping <Hostname/IP
Address>
Pings a host
reboot
Reboots the server
reset factory
Resets the server to the factory defaults/out of the box status
reset locked gui
Unlocks Graphical User Interface (GUI) account for user admin
reset password gui
Sets the Graphical User Interface (GUI) password for the user admin to the
factory default admin
shutdown
Shuts down the server gracefully
traceroute
Shows the route to a host
upgrade
Upgrades the server using the specified upgrade bundle from an HTTP location
force autodeletion
Forces autodeletion of data related to APs, clients, events, user actions,

networks, database performance, and analytics.
Table 4-5: Server Cluster Commands

Command
Description
cluster set
Sets a server as a parent server in a server cluster. This command must be

executed on the server to be set as the parent server.
cluster reset
Deletes a server cluster or a child server from a cluster. When executed on a

parent server, the entire cluster is destroyed and all servers in the cluster behave
as standalone servers. This command can be executed on parent server or child
server When executed on a child server; it eliminates the relationship between
the child server and the parent server. The rest of the cluster remains intact.
IMPORTANT! It is recommended to execute this command on parent server only.
It can be executed on a child server ONLY when there is no other way to remove
the child from a server cluster.
cluster add child
Adds a child to a server cluster. This command must be executed on the parent
server in the server cluster.
cluster delete
child
Deletes or removes a child from a server cluster. This command must be

executed on the parent server in the server cluster.
cluster show status
Displays the status of a server cluster. Using this command you can check
whether a server is in a cluster and/or the status of a server in a cluster. This
command can be executed on any server regardless of whether it is in a server
cluster or not.
26
6.
Set Up and Manage Server Cluster
A server cluster is an interconnected group of servers. A server cluster comprises a parent server and one or
more child servers.
A server cluster is created to manage multiple servers using a single server. This managing server is called the
parent server and the servers that are managed from the parent server are called the child servers. The parent
server retrieves aggregated data from multiple child servers in the cluster and displays it on the AirTight
Management Console along with the parent server data. You can also push common policies onto multiple child
servers from a parent server.
A server (parent server or child server) can be a part of only one cluster at any given point. A child server cannot
be the parent of any other server in the cluster.
The creation of a server cluster and management of servers in the server cluster is done using the server
command line console. Viewing of the aggregated server cluster data and management of policies on the child
servers from the parent server in the cluster is done through AirTight Management Console.
Following are the prerequisites to create a server cluster.
The AirTight Wi-Fi/AirTight WIPS servers that form a cluster must have the same version and build
number.
A valid license must have been applied to all child servers to be added to the server cluster.
The child server must not be a part of any other server cluster.
You can perform five cluster-related operations from the server command line console. They are as follows.
1. Set up a server cluster/assign parent server to a server cluster.
2. Add a child server to a server cluster.
3. Delete or remove a child server from a server cluster.
4. Delete an entire server cluster.
5. Check the status of servers in a cluster or check if a server is part of a cluster.
The servers in a server cluster are assigned IDs when they become a part of the server cluster. A parent server is
assigned 1 as ID in the cluster. As and when the child servers are added, they are assigned sequentially
incrementing IDs. The child server added first is assigned 2 as ID, the next one is assigned 3 as ID and so on.
After creating the cluster, you must mount the child servers on the parent server location tree, to be able to view
aggregated server data on the UI or push policies from parent server to child server. For details, refer to the
AirTight Management Console User Guide.
Set Up Server Cluster

You can set up a cluster comprising one parent and multiple child servers through the server command line
interface. The cluster set command is used to set up a cluster. This command must be executed on the
command line interface of the server that you want to assign as the parent server in the server cluster.
You can optionally choose to run the server cluster setup wizard to add child servers to the server cluster.
You can check the status of the server by executing the cluster show status command.
Note: If a parent server or child server is in HA mode, the active server is added to the server cluster. The
standby HA server cannot be added to the server cluster. Before setting up a server cluster, a parent server or a
child server can be in Standalone mode or in HA pair configuration with other servers. Once the server cluster is
set up, HA mode can be enabled at a later point on the parent server or the child server, if required.
27
To set up a cluster, do the following.

1. Login to the server command line interface of the server that you want to set up as the parent server in a
server cluster. Login to the server with 'config' user credentials.
2. Execute the command cluster set on the command line. The server is set as the parent server in the
server cluster.
3. If you want to add child servers right away, enter y when prompted to add child servers. Enter the name
for the child server, IP address of the child server and password for the config user of the child server, to
add a child server. Repeat this step to add more child servers.
Refer to the screenshot below for the cluster set command.
Figure 6-1: cluster set Command to Assign Parent Server in Server Cluster
Add Child Server to Server Cluster

There are two ways to add a child server to a server cluster.
1. Use the server cluster setup wizard available after executing the cluster set command. This has been
explained in the Set Up Server Cluster section.
2. Execute cluster add child command. This command must be executed on the command line of the
parent server. This is explained below.
To add a child server to a server cluster using the cluster add child command, do the following.
1. Login to the server command line interface of the parent server with 'config' user credentials.
2. Execute the command cluster add child on the command line. You are prompted to enter the name
for the child server to be added to the server cluster.
3. Enter a suitable name for the child server. You are prompted to enter the hostname or IP address of the
child server.
4. Enter the hostname or IP address of the child server. You are prompted to enter the config user
password for the child server.
28
5. Enter the config user password. If all the data entered is correct, the server having the specified
hostname/IP address is added as a child server in the server cluster.
Refer to the screenshot below for the cluster add child command.
Figure 6-2: cluster add child Command
Delete Child Server from Server Cluster

A child server can be deleted from a server cluster using the cluster delete child command. When you
delete a child server from a server cluster, the link between the parent server and the child server is broken. The
rest of the server cluster continues to function as a cluster.
To delete a child server from a server cluster, do the following.
2. Execute the command cluster delete child on the command line. You are prompted to enter the
ID of the child server to delete from the server cluster.
3. Enter the ID of the child server to delete. You are prompted to confirm the deletion of the child server from
the server cluster.
4. Enter y to delete the child server from the server cluster. The child server is deleted from the server
cluster.
29
Refer to the screenshot below for the cluster delete child command.
Figure 6-3: cluster delete child Command
Delete Server Cluster

A server cluster can be deleted using the cluster reset command. This command must be executed on the
parent server command line to delete the entire cluster.
Note: When the cluster reset command is executed on a child server command line, it removes the child
from the cluster. This action, however, is NOT recommended unless there is no other way to remove the child
server from the cluster. Use the cluster delete child command to delete a child server from a server
cluster.
To delete a server cluster, do the following.
2. Execute the command cluster reset on the command line. You are prompted to confirm cluster reset.
3. Enter y to confirm cluster reset or deletion of the server cluster. The cluster is deleted.
Refer to the screenshot below for the cluster reset command.
Figure 6-4. cluster reset Command
30
Check Server Status with respect to Server Cluster

You can check if a server is part of a server cluster using the cluster show status command. When a
server is part of a server cluster, you can find out whether a server is a parent server or a child server using the
cluster show status command.
You can execute this command on a server that may or may not be in a server cluster, that is, you can execute
this command on any active server.
To check the status of a server, do the following.
1. Login to the server command line interface of the server with 'config' user credentials
2. Execute the command cluster show status on the command line. The status of the server is
returned by the command.
Refer to the screenshots below for different server statuses.
Figure 6-5: cluster show status Command Executed on Child Server
Figure 6-6: cluster show status Command Executed on Parent Server
31
7.
Custom Server Tag
An AirTight server can be assigned a tag to identify the server and specific files and objects associated with that
server.
Prior to 7.1U4r1 release, if you have a setup with multiple AirTight servers and you download a specific-type of
file, say Audit Log, from each server, you would notice that the files have similar names. This similar file naming
applies to multiple downloadable files and files related server database backup. Although you can identify the type
of file and the content from the filename, identifying the source of the file is not possible. This makes it difficult to
distinguish which file belongs to which server.
Starting with 7.1U4r1 release, a tag assigned to a server is used in the names of files that are downloaded from
that server and in database backup-related files for that server. This makes it easier to identify the point of origin
for these files.
Set Server Tag

You can assign a tag on a server from the server CLI. By default, there is no tag for a server. You must explicitly
set a tag for each AirTight server in your setup. This also holds true for each server in high availability mode and
in a server cluster setup.
You can set or change a server tag from the CLI by using the set server tag command. For example,
[config]$ set server tag
Configure custom tag for files generated by this server.
Current custom tag:
Do you want to set/reset the prefix?([S]et / [R]eset)[R]: S
Enter custom tag (upto 16 characters): Srv-USeast-03
A server tag can contain a maximum of 16 characters. Only alphanumeric characters (a-z, A-Z, 0-9), dot (.), (hyphen), _ (underscore) are allowed in the server tag. The server tag supports Unicode characters as well.
The server or services do not restart when you set or change a server tag. The files generated and downloaded
after setting the server tag have the new server tag in the file name.
You can reset the server tag to a blank value by running the set server tag command and choosing Reset
option
[config]$ set server tag
Configure custom tag for files generated by this server.
Current custom tag: [Srv-USeast-03]
Do you want to set/reset the prefix?([S]et / [R]eset)[R]: R
Custom tag has been successfully reset.
View Server Tag

You can view the tag that has been assigned to an AirTight server by running the get server tag command.
If a tag is set, then it is displayed on the CLI, else a message indicating that a server tag has not been set is
displayed.
[config]$ get server tag
Displays custom tag set by user.
Current custom tag: [Srv-USeast-03]
32
Custom Prefix for Filenames

The tag set on the server is used as the prefix along with the short name for the product AMC_ in the file name.
The format for the filename is as follows:
AMC_SERVERTAG_FILETYPE_ID_YYYYMMDDHHMMSS.extension
For example, if you set the server tag as Srv-USeast-03 and then download a report from this server, the file
name would appear as AMC_ Srv-USeast-03_REPORTID_REPINSTANCEID_YYYYMMDDHHMMSS.pdf.
If no tag is set, the file name has the prefix AMC_ and would appear as follows:
AMC_REPORTID_REPINSTID_YYYYMMDDHHMMSS.pdf.
The filenames prior to the 7.1U4r1 release and the revised names with sample server tag Srv-USeast-03 are as
follows:
Database backup file

Old Name: wss_backup_ETH0MAC_DD-MON-YYYY-HHMMSS.tgz
New Name: AMC_Srv-USeast-03_backup_ETH0MAC_YYYYMMDDHHMMSS.tgz
Database backup file containing configuration settings only

Old Name: wss_backup_ETH0MAC_DD-MON-YYYY-HHMMSS.tgz
New Name: AMC_Srv-USeast-03_backup_ETH0MAC_YYYYMMDDHHMMSS_Config.tgz
Debug file
Old Name: server_$ETH0MAC_MMDDHHMM.tgz
New Name: AMC_Srv-USeast-03_debug_ETH0MAC_YYYYMMDDHHMMSS.tgz
Connection debug logs

Old Name: cl_CLMAC_YYYYMMDDHHMMSS.log
New Name: AMC_Srv-USeast-03_cl_conn_$CLMAC_YYYYMMDDHHMMSS.log
Event Meta Data

Old Name: event_list_USERLOCALE.tsv
New Name: AMC_BUILD#_Event_List_USERLOCALE.tsv
Note:
This file is dependent on the AMC build number and not AMC server itself
Generated Report
Old Name: AMCReport_ID_21_2_RANDOM_MMDDYYYY_HH_MM_SS.pdf
New Name: AMC_Srv-USeast-03_Report_ID_REPORTID_REPINSTID_YYYYMMDDHHMMSS.pdf
Archived Report
Old Name: Archived_Report_1_1_RANDOMSTRING.pdf
New Name: AMC_Srv-USeast-03_Archived_Report_USERID_ARCHIVEREPORTID_RANDOMUUID.pdf
33
Audit logs
Old Name: UAL_MMDDYYYY_HH_MM_SS.csv
New Name: AMC_Srv-USeast-03_UAL_ETH0MAC_YYYYMMDDHHMMSS.log
Visibility Analytics
Old Name: Visibility_Analytics_MMDDYYYY_HH_MM_SS.csv
New Name: AMC_Srv-USeast-03_Visib_Analytics_YYYYMMDDHHMMSS.csv
Association Analytics
Old Name: Association_Analytics_MMDDYYYY_HH_MM_SS.csv
New Name: AMC_Srv-USeast-03_Assoc_Analytics_YYYYMMDDHHMMSS.csv
AirTight Mobile Configuration Policy

Old Name: sgc_group_profile_GROUPID.xml
New Name: AMC_Srv-USeast-03_sgc_group_profile_GROUPID.xml
AirTight Mobile Client Report

Old Name: ReportsRANDOMNUMBER.html
New Name: AMC_Srv-USeast-03_sgc_ReportsRANDOMNUMBER.html
34
8.
SA-250 Server Troubleshooting
The following table details the SA-250 server troubleshooting tips.

Table 8-1 SA-250 Server Troubleshooting
Problem
Solution
After changing the IP address of the

server, the computer used to
configure the server gets
disconnected.
The subnet mask of the computer used to configure the server may not
be the same as that of the server. Change the subnet mask of the
computer so that it is in the same subnet as the server.
On typing https:// wifi-securityserver in the IE 5.5 browser, the

Login screen does not appear
even after adding a DNS entry wifisecurity-server for the server.
The default gateway and preferred DNS server settings of the computer
used to access the server console may be incorrect. Ensure that the
default gateway and preferred DNS server settings of the computer used
to access the server console match the server settings.
On rebooting the server, the get

network command does not show
an IP address.
The IP address assigned to the server conflicts with some other IP

address on the network. Change the IP address of the server using the
set network command.
No sensors connect to the server

after setting the server ID.
The server ID used by the server may be used by another server on the
network. Verify that no other server with the server ID set for the server
is running on the network.
Change the server ID using the set serverid command.
Check if the server is powered on. If the server is not powered on,
switch it on. Else, check the IP Address or the DNS name on the Server
Config Shell.
No connection to the server
Important: Ensure that you have used the correct IP address or the
DNS name to connect to the server.
If the IP address or the DNS name is correct, try pinging other
computers on the network from the Server Config Shell interface.
If the problem still exits, reset the server and attempt to reconnect to the
server.
The console reports Java Runtime

Environment Detection not
installed message.
Unable to log in to the console.
Follow the instructions provided on the console to install the Java

Runtime Environment.
If you are logging in for the first time, refer to the Initializing section for
the default login name and password.
Try recovering the password using the Recover option in the Forgot
Password? section of the Login Screen.
35
Problem
The console has frozen (Clicks do

not work).
Solution
Close the browser and try connecting to the server in another window.
If you cannot connect to the server, follow the steps listed in the first
problem of this table.
Sensor-server authentication fails

with error Mismatch in shared
secret.
Please log into the sensor and set the correct passphrase.
Sensor-server authentication fails

when a pre 6.2 sensor tries to
connect to the server and legacy
authentication has been turned off
If the sensor is using legacy authentication, turn on the legacy

authentication on the server and upgrade the sensor. After upgrade, the
sensor should connect to the server if the server is using the factory
default passphrase. If you have changed the passphrase on the server,
log in to the sensor and set the correct passphrase.
Check the status of the server on the Administration screen.
No events are being reported or the

device status is stale (not updated).
If the Current Status field shows

button in the Server Status section.
or
, click the Start Server
Check the status of the server on the Administration screen.
No sensor is connected to the

server.

button in the Server Status section.
or
, click the Start Sever
, refer to the Sensors

Troubleshooting section for the solution.
Server response time is high.
Restart the console. If the problem persists, run the db clean

command from the Server Config Shell.
36
9.
Dedicated Management Interface
Starting with the 7.1U4r1 release, AirTight server provides CLI commands that enable you to define an Ethernet
interface dedicated for management traffic. Management traffic comprises traffic from the UI, API calls, database
backup, etc. Other traffic, such as infrastructure /operational traffic, would then be made available only on the
network interface eth0. This traffic comprises server-sensor communication, HA data synchronization, cluster,
WLAN controller, AirTight Mobile, etc.
Set Management Interface

You can configure eth1 as the dedicated management interface by using the set management interface CLI
command. On running the command, the Web server is restarted.
Once configured, the following incoming traffic is not allowed over the management interface and instead would
be allowed only on the network interface eth0:
AP/Sensor connection
MSU Cluster
AirTight Mobile client connections
You can also specify which traffic originating from the server destined to specific remote hosts/networks must go
through the management interface rather than the network interface eth0. To achieve this, you must provide list of
such hosts/networks in the set management interface command.
Some examples of outgoing traffic and remote hosts/networks are:
Server where database backup is uploaded
LDAP, RADIUS servers
SMTP server to send out e-mails of events and reports.
ESM Servers (Syslog, CEF, SNMP)
NTP server
LLDP receiver
Upgrade availability
In the case of an HA setup, the management interface must be set on the active and standby server. The HTTP
redirector is started in the management interface of the standby server and it redirects the HTTP/HTTPS traffic to
the management interface of the active server.
Prior to the 7.1U4r1 release, only the HA traffic was routed from eth1, if Data Sync Link was set to eth1. Starting
with the 7.1U4r1 release, if a management interface is enabled in an HA setup, then Data Sync Link cannot be
set to eth1. The data synchronization would happen over eth0.
Note: eth0 and eth1 interfaces must be on different subnets. In the case of an HA setup, all the four interfaces
(eth0 and eth1 on the active and standby servers) must be on different subnets.
On running the set management interface command, a CLI wizard is initiated.
1. If disabled, enable the management interface.
The management interface is disabled by default.
2. The command results in a restart of the Web server. Confirm whether you want to continue with running
the command.
3. Specify the IP address, subnet mask, and gateway IP address of the management interface.
37
4. Confirm the management interface settings.

5. Optionally, you can add or delete networks that would be accessible through the management interface.
6. If you are adding a network, enter the IP address and subnet mask for the network.
7. Specify whether you want to add or delete more networks.
8. Confirm whether you want to continue to add/delete networks
After all the configurations are completed, the Web server is restarted.
Figure 9-1: set management interface Command
Get Management Interface

You can obtain the status of the management interface and the corresponding settings by running the get
management interface command. The following is a sample output of this command:
[config]$ get management interface
Displays Management Interface settings.
Management Interface: [Enabled]
IP Address: [192.168.8.91]
Subnet Mask: [255.255.252.0]
Gateway IP Address: [192.168.11.254]
38
Set Management Route

The set management route command enables you to add networks whose traffic would be sent over a
management interface. The management interface must be enabled for this to take effect. The management
interface can be enabled and configured by using the set management interface command.
On running the set management route command, a CLI wizard is initiated.
1. Specify whether you want to add or delete networks that would be accessible through the management
interface.
2. If you are adding a network, enter the IP address and subnet mask for the network.
3. If you are deleting a network, enter a comma-separated list of network IDs that are show in the CLI.
4. Specify whether you want to add or delete more networks.
Figure 9-2: set management route Command
39
Get Management Route

You can obtain the list of networks whose traffic is routed through the management interface by running the get
management route command. The following is a sample output of this command:
[config]$ get management route
Displays networks whose traffic will be sent over Management Interface.
Traffic destined to following subnets will go over
Management Interface with Default gateway as : [192.168.11.254]
1.192.168.120.0/22
40
10. Backup and Restore Database

AirTight Networks strongly recommends that you periodically take a backup of the database on the AirTight
server. This ensures that you can restore the AirTight server to a last known working state, in the case of a server
failure.
You can run the config shell CLI command, db backup, to take a backup of the database. The command
archives the relevant data and files and stores the archived file on a specified remote server.
Note: The database backup results in the auto-restart of the corresponding monitoring services, such as Web
server. The server hardware or VM in itself does not reboot. The traffic through the AirTight APs is not disrupted
due to the restart of the services.
Types of Database Backup

Starting with the 7.1U4r1 release, AirTight servers provide two types of backup, Full backup and Configurationonly backup. Based on the backup type, specific data and files are archived in to the backup file. The full backup
takes a complete backup of the configuration and data. In the case of a configuration-only backup, the following
data and files are not backed up:
Events
Performance data
Analytics data
All OSS/BSS CSV files of Performance Statistics
Archived Reports
Fetched AirTight Mobile reports
Transient Data
o SSIDs Probed by Clients
o Client fingerprinting
Figure 10-1: Types of Database Backup
Note: For full backup, the analytics data and performance data can be backed up only if the appropriate
license for Analytics and Performance features is applied on the server.
41
When performing a configuration-only backup, you can choose whether the data related to client devices must be
backed up or not. This includes all Client devices and related data, such as probed SSIDs, and other transient
data. The default option is to exclude Client data.
Back up an AirTight Server Database

To take a backup of the server database, perform the following steps:
1. Log in to the server CLI.
2. Type the command db backup.
A CLI-based wizard is initiated enabling you to configure the database backup options.
3. Select the transfer protocol and provide the remote server details.
Option
Description
The available options are:
Transfer protocol/ backup

method
SCP - Type S for using the SCP protocol.
SFTP - Type T for using the SFTP protocol.
FTP - Type F for using the FTP protocol.
Remote server IP
address/DNS name
IPv4 or IPv6 address or FQDN for the remote server. Ensure

that the server is reachable over the network
Remote Server Login Name
User account name for logging in to the remote server.
Remote Server Password
Password for the specified user account login.
Remote Server Destination

Directory
Absolute path of the directory on the remote server where the

database backup file must be stored
4.
Specify the type of backup.

Type F for a full backup and C for a configuration-only backup.
5.
If you are performing a full back and have applied the appropriate licenses on the server:
a. You might be prompted whether to back up the Analytics data. Type Y to back up the Analytics
data.
b. You might be prompted whether to back up the Performance data. Type Y to back up the
Performance data.
6.
If you are performing a configuration-only backup, you would be prompted whether to back up the Client
devices data. Type Y to back up the Client devices data.
7.
Specify whether this backup should be scheduled on a recurring basis. Type ON to configure a backup
schedule.
a. Select a backup frequency.
b. Specify day and/or time for the taking the periodic backup.
8. Type Y to confirm the information provided for the database backup.
The server initiates a backup of the database.
The filename for the full backup is of the form AMC_<PREFIX>_backup_ETH0MAC_YYYYMMDDHHMMSS.tgz,
where <PREFIX> is replaced with the server tag set on the server. If no server tag is set, the filename is of the
form AMC_backup_ETH0MAC_YYYYMMDDHHMMSS.tgz.
The filename for the Configuration-only backup is of the form
AMC_<PREFIX>_backup_ETH0MAC_YYYYMMDDHHMMSS_Config.tgz, where <PREFIX> is replaced with the
server tag set on the server. If no server tag is set, the filename is of the form
AMC_backup_ETH0MAC_YYYYMMDDHHMMSS_Config.tgz.
42
The following figures show an example of full backup and configuration-only backup by using the db backup
command.
Figure 10-2: Full Backup
43
Figure 10-3: Configuration-only Backup
44
You can view the backup file details on the AirTight Management Console under Configuration>System
Settings>System Status. The following image illustrates the backup files stored on the server as seen on the
AirTight Management Console.
Figure 10-4: Backup Files on AirTight Management Console
45
Restore the Database on an AirTight Server

If you have taken a backup of the AirTight server database, you can restore the AirTight server to a last known
working state, in the case of a server failure. The database restore is agnostic of the database backup type. A
database restore removes all the existing data and files and then copies the data and files from a database
backup on to database, so as to configure the database to the last known working state captured in the backup
file.
Important! If you restore a configuration-only backup, then all other data and files that are not part of the
backup will be lost from the database.
1. Log in to the server CLI.
2. Type the config shell CLI command db restore
A CLI-based wizard is initiated enabling you to configure the database backup options.
3. Select the transfer protocol and provide the details of the remote server on which the database backup
file is stored.
Option
Description
The available options are:
Transfer protocol/ backup

method
SCP - Type S for using the SCP protocol.
SFTP - Type T for using the SFTP protocol.
FTP - Type F for using the FTP protocol.
Remote Server IP address/DNS

name
IPv4 or IPv6 address or FQDN for the remote server. Ensure

that the server is reachable over the network.
Remote Server Password
Password for the specified user account login.

Directory
Absolute path of the destination directory on the SCP server

where you want to take the backup.

Directory
Absolute path of the directory on the remote server where the

database backup file is stored.
4. Type Y to confirm the information provided for the database restore.

The server initiates the restoration of the database.
46
Refer to the following image for the db restore command.

Figure 10-5: db restore Command
47
Check Database Backup Schedule Status

You can check the status of a database backup schedule by running the get status command. The Schedule DB
Backup in the command output specifies the recurrence schedule and backup type.
Figure 10-6: Check Backup Schedule Status
48
11. Appendix A Sensor-Server Mutual Authentication

The sensor-server communication begins with a mutual authentication step in which the sensor and server
authenticate each other using a shared secret. Sensor-server communication takes place only if this
authentication succeeds.
After the authentication succeeds, a session key is generated. All communication between the sensor and server
from this point on is encrypted using the session key.
The sensor and server are shipped with the same default value of the shared secret. The CLI commands for
changing the shared secret are provided on both server and sensor. Alternatively, you can modify this shared
secret from Server GUI console as well.
Note: After the shared secret (communication key) is changed on the server, all sensors connected to the server
will automatically be setup to use the new communication key. Sensors that are not connected to the server at
this time must be setup with the same communication key for them to be able to communicate with this server.
Note: When the server is backward compatible, that is, pre version 6.2 sensors can connect to a version 6.8
server. However, this is not recommended. After all sensors have been upgraded to version 6.8, the set
sensor legacy authentication CLI command can be used to disable older sensors from connecting to
the server.
49

SA-250 Server Installation Guide 7 2 U1 PDF

Uploaded by

Document Information

Original Description:

Original Title

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

SA-250 Server Installation Guide 7 2 U1 PDF

Uploaded by

Copyright:

Available Formats

Installation Guide

339 N. Bernardo Avenue, # 200, Mountain View, CA 94043

2003-2015 AirTight Networks, Inc. All rights reserved.

This page is intentionally left blank.

END USER LICENSE AGREEMENT

Copyright 20032015 AirTight Networks, Inc. All Rights Reserved.

SA-250 Server Installation Guide

About this Guide

Product and Documentation Updates

SA-250 Server Installation Guide

Server with software

System documentation CD-ROM containing:

Quick Setup Guide

High Availability Configuration

Network Detector Configuration

Network interface (Ethernet) cable

Rack mounting accessories

Figure 2-2-1 SA-250 Server Package Contents

SA-250 Server Installation Guide

SA-250 Server Overview

Front panel of the SA-250 server

Rear panel of the SA-250 server

The following table details the behavior of the power switch.

Recommended User Action

Push the power

Graceful shutdown of the server

No action is required as the server restarts

Push the power

Hard shutdown of the server

Press the power switch again to power on the

SA-250 Server Installation Guide

Table 3-2: SA-250 Server LED Details

The server is powered on and working normally.

The server is not powered on or not receiving power.

The hard disk drive is being accessed.

The hard disk drive is not being accessed.

The server is connected to the network.

The server is not connected to the network.

The HA interface Ethernet link is up.

The HA interface Ethernet link is down.

Enables a serial (RS-232)

SA-250 Server Installation Guide

Used to connect the server to the

Used to connect the server to the

SA-250 Server Installation Guide

Installing the SA-250 Server

Connecting the SA-250 Server

Mount the Server Appliance

SA-250 Server Installation Guide

Power on the Server

To power on the server, perform the following steps:

Connect the SA-250 Server to Enterprise Network

SA-250 Server Installation Guide

Accessing the Server

Using a serial RS-232 cable

Accessing the Server using SSH (Recommended)

2. Change the IP address of your computer to 192.168.1.XXX. For example, 192.168.1.244.

5. Login using the username: config and password: config.

SA-250 Server Installation Guide

Accessing the Server using a Serial Cable

SA-250 Server Installation Guide

2. Define a new HyperTerminal connection in the Connection Description dialog.