Home > Products > Serial Console Management > Dominion SX

E-MAIL

Dominion SX

The Raritan Dominion SX serial console servers enable IT professionals to access, monitor and control all their serial devices securely, anytime, from anywhere. Easy to install, simple to use, secure and scalable, this remote management solution provides a single point of control to manage a wide range of servers and IT devices, including:

Networking equipment -- routers, Ethernet switches, firewalls
WAN equipment -- ISDN terminal adapters, channel banks, CSU/DSUs, PBX/PABXs and WDM
Servers and headless servers -- Sun® Cobalt™, Solaris™, HP-UX, UNIX®, Linux®,IBM® AIX® and Windows Server™ 2003
Raritan rack PDUs like the RPC Series and Dominion PX series.

OVERVIEW
BENEFITS
FAQ
ORDERING INFO

OVERVIEW

Dominion SX is a cost-effective solution to increase security and reduce network downtime and IT costs. With Dominion SX, you can:

Add new layers of security to protect your network against intrusion and brute-force attacks.
Optimize and troubleshoot networks via proactive event notification and data logs
Restore network connectivity and server operation via out-of-band direct serial or dial-up access (built-in modems are available on select models)
Troubleshoot, maintain and manage remote locations 24/7 from a single location, minimizing travel costs

Dominion® SX provides local and remote access and control via SSH/Telnet and Web browser to manage users, serial servers and other IT devices.

Scalable across hundreds of users and thousands of devices, Dominion SX models support capacities of 4 to 48 ports, single and dual feed AC and DC power, dual Ethernet LAN options and internal modem options.

Languages supported: English, Chinese, Japanese, and Korean.

To find the secure console server that best fits your needs, see the table below:

				Ports
				4	8	16	32	48
Local Ports	Power Supply	Built-In Modem	Ethernet Ports
1	Dual-AC	Yes	1		DSXA-8	DSXA-16	DSXA-32
	Dual-AC	Yes	2			DSXA-16-DLM	DSXA-32-DLM	DSXA-48
	Single-AC	No	1		DSX-8
	Single-AC	Yes	1	DSXB-4-M	DSXB-8-M
2	Dual-AC	No	1				DSXA-32-AC
	Dual-AC	No	2			DSXA-16-DL	DSXA-32-DL	DSXA-48-AC
	Single-AC	No	1	DSX-4

Product Documentation and Firmware

BENEFITS

Click here for a detailed list of SX benefits

Features	Benefits
Flexibility
Wide variety of supported models	Models available in 4-48 ports. Offering the highest port density (48-ports) in the market in a 1U rack unit. Variety of power options, including dual-feed, load-sharing power supplies with zero failover time. AC and DC power models. Choice of one or two 10/100 Base-T Ethernet ports with intelligent automatic failover. Models are available with or without built-in modem, and with one or two “at the rack” serial ports for local access.
Increased Memory on 8-, 16-, 32- & 48-port models	Port buffer has been increased to 256KB which provides expanded logging of 80 pages of local events and alerts. Users now have expanded event logging and storage.
1U Form Factor	Small form-factor saves rack and/or closet space and makes it perfect for remote offices where space is limited. Rack-mount brackets included for all DSX16-48 port models; optional on all DSX4 and DSX8 port models, except the DSXA-8 dual-power which comes with a rack-mount kit.
International Language Support	The Raritan Serial Console can support four languages: English, Japanese, Korean and Chinese
Reliability
Intelligent Auto-Failover on Dual-LAN models	On all dual-LAN models, the administrator can enable failover to the second LAN port. One or two IP addresses may be used. Either LAN connection can be used as the access port to the Dominion SX.
Cross-platform and Hardware Independent	Allows the connection of multiple disparate servers running SUN^® Solaris^TM, HP-UX, AIX, Linux^®, Windows^® Server 2003, and UNIX^®-based servers as well as multiple serial devices to a single Dominion SX – making it perfect for situations where a range of equipment is needed, which is common in remote locations.
AC and DC Power Options	Integrated power supply ensures proper power provision and system reliability. AC Power: 100-240VAC auto-switching available on all port models Auto-Switching DC Power: -36-72V DC, available in 32 and 48 port models
No moving parts – higher reliability	No fans or other moving parts to fail means higher reliability. Cooler running units mean lower heat dissipation and lower power consumption.
Integrated 56K Modem via RJ11 connection available*	Provides emergency access in the event of a network outage. This capability enables an administrator to access server and network equipment for trouble shooting/disaster recovery. Integrated modem provides a very clean installation and removes the need for an external modem/cabling and power or a separate remote access server, flimsy PCMCIA slot modem cards, local authentication software, and thus minimizing the potential points of failure.
Security
Fully featured firewall	User selectable and customizable system security levels catering to wide range of user needs for security. Enhancements to the firewall – added pre- and post-routing and Static NAT (SNAT) support.
Man In The Middle (MITM) attack mitigation	Enhanced security of communication channels by using client and server SSL certificates.
Selective Static Routing Support	Supports connections between modem and LAN 1, modem and LAN 2 or LAN 1 and LAN 2. This allows users to utilize two different network (Public and Private) and modem access to KVM or Ethernet controlled devices. When used with the firewall function, secure access will be enabled.
TCP Port Addressing for Telnet and SSHv2	Direct Port Addressing can function with TCP port addressing for both Telnet and SSH. Independent IP addresses or TCP port numbers can be assigned to each port for Direct Port Access. Com Port Redirection can be supported for third-party software redirectors.
Local User Groups	Allows flexibility of assigning user permission per SX with the use of local groups. Now the Authentication server can send back the group after it authenticates and permissions can be determined locally.
Flexible strong password support	Offers user-selectable password parameters to satisfy a wide range of password security levels.
Customizable login & consent banner	Improved security with audit option during identification and authorization.
Rejecting access attempts using SSHv1	Due to the many known security vulnerabilities of the SSHv1 protocol, the Dominion SX will automatically reject SSHv1 connections.
Enhanced Encryption Options	Support more encryption options: web-browser security through 128-bit SSL and RC4 encryption; for SSHv2 connections, AES and 3DES are supported (client-dependent).
Authentication and Authorization Support - Kerberos	Support provided for the RADIUS, LDAP, TACACS+, Kerberos V.5 and Active Directory^®; Primary and secondary servers are supported.
Login Name and Password never stored in clear text	Sensitive information is MD5 hashed for storage on the unit.
User Defined and Installable Security Certificates	Dominion SX includes user authentication security and user-defined and installable security certificates. Use with Active Directory and LDAPS for secure communication. Both client and server certificates are supported.
SecureID Support	SecureID is supported via RADIUS for added security.
Target server disconnection option	Once a user is timed out for inactivity, a user defined logoff command is sent to the target. Improved security of user sessions results as the next user that connects to the port will need to login to the target with their own credentials. Some users may know this capability as an exit macro.
Modem dial-back Security	For enhanced security, Dominion SX supports modem dial-back with Linux^®, and Windows 2000/XP clients.
Disabling Authentication and Authorization	This option saves user time when accessing SX in data center where security is provided through other means. User does not need to type in user name and password.
Disable Local Authentication Option	This option allows for enhanced security where required by security policy, ensuring that a single directory service is used for all users.
End User Experience
HTML Implementation	Reduces the time to load the Java applet in a browser implementation to less than one minute.
Full Modern CLI – GUI Equivalence	Improved usability, with command completion and history. CLI admin has the same functionality as the GUI, thereby allowing scripting of any command.
Broad Range of Supported Browsers	Offers broad range of browsers – Mozilla Firefox, Internet Explorer 6.0+; ensuring compatibility with the wide variety of operating systems and devices.
Single Appliance – Higher Security and No Additional Software Required	Appliance model offer enhanced security with no user access to underlying Linux OS of the console server. Provides true ‘Plug and Play’ capability making installation and set-up quick and easy. No additional client/host software or hardware to buy and no special networking equipment or design is necessary. When using a Java-enabled web-browser, there is no need for expensive SSH client software, and it reduces the need to manage additional client software.
Manageability
Easy to Install	Installation in less than 3 minutes, with just a web browser or a VT100 terminal (or equivalent). Some competitive products require burdensome editing of multiple files to complete a basic installation.
IPMI support	Improved system performance monitoring and management. Allows for discovery and management of IPMI enabled servers.
Port Keyword Monitor and Alert	Also sometimes called “port triggers”. Users can define up to 14 keywords per port with up to 40 characters each. The SX will scan the data coming from the port and if a keyword is encountered, it will send alerts via SNMP or e-mail to predefined addresses. This allows monitoring and alerting of problems with the targets even when the user is not attached, thereby reducing Mean Time to Repair (MTTR), and faster notification of a problem than by traditional SNMP monitoring systems.
Access via WebBrowser, SSHv2 & Telnet	Easy point-and-click access via a Java-enabled Web browser, and SSHv2/Telnet client from a desktop, laptop, or handheld device. Direct Port Access via a SSH user string syntax. Customer can upload, view and delete SSH keys for greater security.
VT100/220/320/ANSI support	Increased choice of terminal emulation options, allows support of a broader range of devices. SX 3.1 can support the following code-sets: US-ASCII (ISO 646); ISO 8859-1 (Latin-1); ISO 8859-15 (Latin-9); UTF-8
SecureChat Instant Messaging	Allows encrypted instant messaging for online collaboration with other authorized web-browser users and maximizes the contribution and effectiveness of a distributed workforce. This feature reduces the time to resolve problems, and allows multiple administrators to troubleshoot a problem. This feature can also be used for training purposes.
Comprehensive SNMP Traps	Enhancements in SMTP notifications –persistent attempts (automatic retries) to send SMTP notifications and support for mail server authentication. SNMP v2 and v3.
Syslog	Supports Syslog to multiple servers, allowing administrators to track activity; logs can also be stored locally on the unit.
NFS Logging	Allows logging of all keystrokes and server/device responses to NFS server(s). Primarily used for audit trails. NFS logging can now be stored on the NFS server with user-defined encryption keys for greater security. Thus if there is an intrusion into the file, the data will be useless without the key under which it was encrypted. Keep-alive messages in the NFS log allow easy monitoring if the managed server/device goes down.
Integrated 56K Modem via RJ11 connection available for out of band emergency access	Provides emergency access in the event of a network outage. This capability enables an administrator to access server and network equipment for trouble shooting/disaster recovery. Integrated modem provides a clean installation and removes the need for an external modem/cabling and power. Unlike a separate remote access server, flimsy PCMCIA slot modem cards, and software solutions, the integrated modem, available on select models, minimizes potential points of failure.
CLI Power Control Support of Raritan’s Rack Power Distribution Units (PDU)	A Raritan power control unit (RPC/Dominion PX/Dominion PX2) can be connected to each serial port on a Dominion SX. Customers can also control RPCU without a GUI, through scripting and the command line interface (CLI). Outlet associations for servers and networking devices with multiple power feeds, from one power distribution unit or multiple power distribution units.
Integration with CommandCenter^® Secure Gateway
Extensible	When deployed with CommandCenter Secure Gateway, hundreds of Dominion SX devices can be managed with centralized authentication and authorization.
Firmware Upgradeable via Network Connection or CommandCenter Secure Gateway	Simplifies the deployment of firmware updates via CommandCenter Secure Gateway. Administrator can schedule firmware upgrades for single or multiple SX devices.
GUI Remote Power Control via CommandCenter Secure Gateway of Raritan’s Intelligent Rack PDU’s	Raritan rack PDU’s can be connected to each serial port on a Dominion SX. For servers/equipment that have multiple power feeds, multiple power outlets can be associated together to switch equipment on or off with a single click of the mouse.
Single IP Address for Administration and target connection	Administrators and users can connect to one IP address with one login via CommandCenter Secure Gateway to manage the SX or connected serial devices. This connection can be via web browser or through SSH. Only Raritan allows direct SSH connection to the aggregator. Option for SX at-the-rack access while under CC-SG management.

FAQ

Click here for a PDF of the complete SX FAQ

Questions

Answers

How do I enable Direct Port Access with a Dominion SX unit running SX3.0 firmware?

Enabling Direct Port Access (DPA) from the CLI in Dominion SX3.0..

Attached is a sample run for DPA configuration from CLI.

The following are main steps:

Configure DPA mode from Configuration->Services.
Configure which port need DPA and type of DPA (Telnet-TCP, SSH-TCP, IP ADDR) from Configuration->ports
Reboot SX
Reapply Configuration-Services settings, for SSH, Telnet to take effect of DPA settings.
Reboot SX

DPA should be functional on 2^nd reboot

Why do I get a “This page contains secure and insecure items” prompt when using IE6?

This message may or may not be displayed, depending on the settings of IE6.

Why do I get an “Invalid certificate message” when using some browsers?

The Certificate Authority (CA) used by Raritan, Inc. may not be on the CA list of the browser.

What is the purpose of the Disable Local Authentication option?

For security reasons, some users do not want to allow any locally authenticated users to log into the Dominion SX unit. This option allows only for remotely authenticated users to log into the Dominion SX unit. This option should only be enabled AFTER remote authentication has been successfully tested and configured.

When I Disable Local Authentication, how come I cannot log into the Dominion SX unit?

This is because of a couple of reasons:

1) A valid remote authentication source has not been entered.

2) The remote authentication source is not reachable.

The Disable Local Authentication option should only be enabled AFTER remote authentication has been successfully tested and configured.

Why do I lose connectivity to the Dominion SX unit after resetting it to factory default?

By default the unit in factory reset mode enables DHCP to get an IP address. If there is no DHCP server, it will reset to the IP address 192.168.0.192 with the username “admin” and password “raritan”.

What settings will be lost when restoring a unit to factory default?

All user-entered settings: usernames, passwords, all networking parameters – including IP address, security profiles, firewall rules, all services, TCP port numbers for services, idle logout timer, strong password rules.

Why does the Device disconnect indication not work with all my devices and servers?

Device disconnect indication requires both hardware (RS232) control signal support, and the right serial cabling to work. If either of these is missing, device disconnect indication cannot correctly track the loss of connection to a serial device. Most, but not all, servers and devices support these control signals.

Why does my device show “Down” in the port access menu on the GUI and the CLI, but I can still log into it?

If a device is configured for device disconnect indication, but the device cannot support the control signal or (RS232) serial cabling is not correctly made, the device will indicate “Down” on the Port access screen (GUI) and on the CLI, but it can still be accessible when connected. Disable the device disconnect indication option to show default indication that the device is “Up”.

How many lines can I cut and paste with the Dominion SX?

With Release 3.0, the SX is user-configurable and can be set up to copy-paste an industry-leading 9999 lines.

Where can I get a copy of the MIB for Dominion SX?

The SX MIB is available from the SX User Interface on the GUI SNMP configuration page. You can also find on the Firmware, Software and Product Documentation page for the SX: www.raritan.com/support/dominion-sx

With Dominion SX release 3.0 or higher, do I still need to type dominion before I get the username and password prompt using SSH/Telnet?

No. Beginning with release 3.0, enter the username in the “Login as:” or Username prompt.

When I SSH into Dominion SX, I am unable to log in, even when I use a local account that I know works through the web/GUI interface.

[Only applied to firmware releases 2.1 though 2.5] The initial login name for Dominion SX over SSH interface is dominion (no password). Once this account is accessed you will see the "Welcome to Raritan Dominion Server" message and be prompted to enter a username. At this prompt, type the account that exists locally on the SX or the remote account (this assumes that the SX unit is configured with remote authentication information).

My Dominion SX has just been configured with a network address and I can successfully ping the SX IP, but when I try to access it using a Web browser, the message reads "Page cannot be found or server error, please contact System Administrator".

Check your Web browser settings and confirm that a proxy server is being used. If so, click on the checkbox to 'Bypass local addresses or configure DSX IP in the exception list.' Next, make sure the Web browser has 128-bit cipher strength. From the Help menu, click on "About" to find this information.

When I select the "Send Break" option from the Emulator menu in Raritan Console (on my DSX), it does not send a break to my Sun server. What could be wrong and how can I address it?

If the SUN machine does not respond to the break signal, verify that the line 'KEYBOARD_ABORT=disable' is commented out in the /etc/default/kbd file (on the SUN machine). If this line is not commented out, it will disable a keyboard abort sequence; comment out this line to enable the sequence.

Is there any software requirement for PCs connected to Dominion SX?

Depends. For access using a web-browser, the Dominion SX does not require any software to be loaded on the client; the browser does have to be Java-enabled. It is 100% operating system independent. When using an SSH/Telnet client, the customer has to provide an SSH/Telnet client. In some operating systems, like Linux®, an SSH client is included in the distribution. Also, OpenSSH.org has an SSH client.

How can I consolidate the sites where I have a Dominion SX installed?

Raritan's CommandCenter® Secure Gateway is designed specifically to provide centralized management. It is the ideal solution if you are looking to consolidate management of devices such as Dominion SX and other Raritan network-based products.

Is the Ethernet port on the Dominion SX unit 10/100Mbps auto sensing?

Yes.

Can the network port(s) on the Dominion SX be set to 100Mbps Full-Duplex?

Yes.

Does Dominion SX support RS422 and RS485?

No. Currently Dominion SX supports only asynchronous RS232 (also commonly called serial, even though serial is a broad term that covers more than RS232). RS 422 and RS485 are used in industrial automation and other markets. Dominion SX is currently designed for connection to serially managed servers and other devices typically found in the data-center and server rooms. This includes serially controlled power strips like Raritan's line of remote power control units.

Do I need to be a UNIX expert to install Dominion SX?

Dominion SX is the easiest to install of all the secure console servers on the market. From power-up, typical time for installation is less than 3 minutes, with no need to edit files and use the command-line. Dominion SX does not require an external server to operate.

I have a server/serially managed device that is more than 90 meters from the Dominion SX - how do I connect?

You will need to purchase a 3rd party RS232 to RS422/485 converter for each end (two units total)-one at the Dominion end and one connected to the device.

Does Dominion SX provide an integrated interface that allows you to view all the Serial devices that are connected?

Yes, Dominion SX provides a single, consolidated view of all serial devices via one-sign-on. A single IP address gives access to all connected serial devices while any Java-enabled Web browser provides terminal emulation. Or, use an SSH/Telnet client.

Can I open multiple windows and "tile" to monitor multiple servers and other IT equipment?

Yes, you may monitor and "tile" as many windows as there are serial ports on the Dominion SX. For example, up to 32 serial ports on a 32 port unit, 16 on a 16-port unit and 48 on a 48-port unit. This is assuming one (1) user session per port; in some applications more than one user session per port is possible.

I manage many servers. How do I select a server to connect to?

From a browser, a simple menu provides the user-assigned name of each server. Users simply click on a server to connect to its console port. When using SSH/telnet, the user gets a list of ports they are authorized to connect with when they log in.

As a user, do I see all servers connected to a Dominion SX?

No. Each user sees only a list of servers they are authorized to manage/view. The administrator of the Dominion SX sets up the access privileges to each server by user group, or under control of privileges from a directory service like LDAP, Active Directory®, or authentication system - TACACS+, RADIUS, or Kerberos.

Does Dominion SX work with Raritan's CommandCenter® Secure Gateway?

Yes, Dominion SX is deployable as part of an enterprise-wide management solution with Raritan's CommandCenter Secure Gateway; hundreds of Dominion SX units can be managed via CommandCenter Secure Gateway.

Is the modem used only for administering the Dominion SX itself?

No. Unlike other products in its category, Dominion SX offers modem access to administer the box and get to the target servers.

Is a modem standard on any Dominion SX models?

Many Dominion SX Models with 4- to 48-serial ports include a built-in 56K modem. Competitors charge for an additional PCMCIA modem; other models have a dedicated modem port via a DB9-Male connector.

What level of control does Dominion SX have over attached target servers?

The remote user has direct command line access and total control of target devices for maintenance, administration, troubleshooting, and even rebooting. User rights are only restricted by their log-on privileges on Dominion SX and the server itself.

What is the MTBF for the power supply in the Dominion SX?

350,000 hours. But, keep in mind that the life of a power supply depends on environmental factors like temperature, humidity, variation in power, and other factors.

What is the ESD (electro-static discharge) protection on the Dominion SX serial ports?

15KV (Kilo volts)

Why do I need to use a serial adapter to connect to some servers?

While EIA published a standard for RS232 on DB25 and DB9 connectors, there is no standard for RS232 on RJ45 connectors. Also, some manufacturers have chosen not to follow the pin out assignments of the EIA on DB25 and DB9 connectors.

Is the Dominion SX unit SUN® "break-safe"?

All Dominion SX units are SUN "break-safe" for use with SUN Solaris, and the units are Solaris Ready certified by SUN.

I have lost my Admin password to the Dominion SX. Is there a back door or secret password?

For security reasons, there is no back-door password. The only option is to restore the unit to its factory default settings. A hardware reset function to restore the unit to factory default settings is provided.

Does Dominion SX include the 19" rack mount kit or is there an extra charge for this option?

Dominion SX comes standard with a complete ready-to-install 19" rack mount kit on the models with 16 or greater serial ports. One 8-port model with dual-power also comes with a rack-mount kit. Some competitors charge extra for a rack mount kit. On models with less than 16 ports, a rack mount kit is available as an option.

What remote access connection methods can Dominion SX accommodate?

Dominion SX provides multiple choices for remote access. These include: HTTP/HTTPS, SSH/Telnet, or dial-up modem. That means servers can be accessed both in and out of band so remote access to mission critical target servers is always available-even if the network is down.

Which ports need to be open on the corporate firewall for a secure console session using Dominion SX?

Port 443 (for https); optionally port 80 (http) for user sessions. For units running software version 2.2 or higher, port 51000 (or other port between 1024-65536). On software releases PRIOR to firmware 2.2 (2.0Bx or 2.1.x) either port 23 or a user-designated port between 2000 and 2400. When using SSH, port 22 needs to be open. Starting with Dominion SX firmware 3.0, the TCP ports for HTTP, HTTPS, Telnet, SSH are all user configurable. These user configured ports will need to be open for access. Also, TCP port 5000.

How do I get access to the operating system of the Dominion SX?

Dominion SX is a secure appliance. Therefore, NO access is possible to the operating system.

I have a few serial devices located a distance away from my server closet and the Dominion SX. Can I connect these devices to my Raritan switch?

Yes. EIA RS232 specifications defined in the 1970s recommend that the maximum distance serial devices be 10 meters. However, with good cables, no patch panels, and lower baud rates, customers report success up to 60 meters.

How do I upgrade the software on my Dominion SX?

Use the Administrator option for Upgrade from a menu. The upgrade is done over the Ethernet port of the Dominion SX. Access to an FTP server is required.

Are updates to Dominion SX software free?

Yes. Currently, all software upgrades are free.

Does Dominion SX require any additional client software?

No. Dominion SX is truly "Plug-and-Play" making installation quick and set-up easy. It is not necessary to buy any additional client software or hardware. In addition, no special networking equipment or design is necessary.

What code-sets does the terminal emulator in Dominion SX support?

Dominion SX release 3.0 or higher supports VT100/VT220/VT320 and ANSI with the following code-sets:

US-ASCII (ISO 646)
ISO 8859- (Latin-1)
ISO-8859-15— (Latin -9)
UTF-8

What is the name of the terminal emulation package included with Dominion SX?

Beginning with Release 3.0 it is called the Raritan Serial Console (RSC). For firmware releases 2.00 through and including 2.5, it was called RaritanConsole.

Can I use Dominion SX over a VPN connection?

Yes, Dominion SX fits into most any network configuration utilizing TCP/IP. Set up the VPN (typically IPSec) connection then start the web-browser and enter the URL for the Dominion unit. The session to the Dominion runs transparently over the VPN tunnel.

The Dominion SX uses the Web browser to access serial devices. What are the advantages of Java-enabled Web browser access?

For many Solaris^TM/Unix®/Linux system administrators, the de facto standard for accessing serial hosts is SSH. However, the SSH clients available for Unix/Linux do not support Apple Macintosh. Additionally, Java-enabled browsers are available on many platforms, including PDAs and handheld PCs. The easy "point-and-click" access offered by Dominion SX allows administrators secure access from any Java-enabled Web browser.

I need an IP-enabled console switch. Now that Dominion SX support local (direct) Port access, beginning with release 2.2, by using the AUATC, can I connect a Dominion SX to the Paragon network, instead of using an SCS232 Console Switch (or equivalent)?

Yes. Connect the AUATC to the Paragon switch, and connect the AUATC (DB-25-Male connector) to the Dominion SX (DB9-Male connector) using a DB25-female to DB9-female cable. Then Enable the local port access (LPA) feature on the Dominion SX; ensuring that the communication parameters (baud rate, parity, etc.) matches between the AUATC and the Dominion SX.

What Authentication mechanisms does the Dominion SX support?

Local database, RADIUS, LDAP/S, TACACS+, Active Directory, and Kerberos V5.

What Authentication and Authorization mechanisms does the Dominion SX support?

Local database, RADIUS, LDAP/S, TACACS+, Active Directory, Kerberos V5. Optionally, local authentication can be Disabled.

Can the Dominion SX support Authorization at a per port level?

Yes. Dominion SX can support Authorization at a per port level – via Local database, RADIUS, LDAP/S, TACACS+, Active Directory, Kerberos V5.

Does Dominion SX support SNMP?

Yes. Dominion SX supports SNMP traps via the Raritan Enterprise MIB. SNMP v2 and v3 are supported.

Does Dominion SX support syslog

Yes. Dominion SX supports syslog – to primary and secondary servers.

Can I log every keystroke of a session (input from user and response from a server/device) with a server?

Yes. Dominion SX supports logging over NFS. Beginning with Release 3.0, the session can be optionally encrypted with a user-defined key.

Does Dominion SX support telnet?

Yes. Dominion SX supports enabling of the telnet daemon on the Dominion SX unit. Because telnet sends all information “in the clear”, enabling telnet is at the customers own discretion, and telnet is disabled by default when the unit ships from the factory. Raritan strongly suggests the use of SSH as a safer alternative to telnet, since all data is encrypted, including the login sequence.

Can I send an intentional “break” signal to the SUN Solaris server when using SSH?

Yes.

Can I send an intentional “break” signal to the SUN Solaris server when using a Web browser?

Yes.

Can I send an intentional “break” signal to the SUN Solaris server when using telnet?

Yes.

Can I get the buffered off-line data from a serial port when using SSH?

Yes.

Can I get the buffered off-line data from a serial port when using telnet?

Yes.

Can I get the buffered off-line data from a serial port when using a Java-enabled web-browser?

Yes.

Does Dominion SX support local (direct) port access for “crash-cart” applications in a data center?

Yes.

1. Dominion SX supports local port access. Feature is disabled by default from the factory. Default parameters are 9600-N-8-1. The local port on the Dominion SX 4/8/16/32 is a DB9-Male.

2. The local port on the Dominion SX 48 port models with a modem is RJ45 Female. For models with two local ports (models without a modem), the 2^nd local port is DB9-Male.

What are the pin-outs of the Dominion SX RJ45 serial ports?

Dominion SX Serial Pin-outs

The RJ45 connector on the rear of the unit has the following pinout:

RJ45 PIN	SIGNAL
1	RTS
2	DTR
3	TxD
4	GND
5	Signal GND
6	RxD
7	DSR
8	CTS

What are the browsers (and versions) supported?

Please check the documentation or release notes for the specific firmware version on the SX.

What are the most commonly used cables and adapters?

Connectivity Table:
This table lists the commonly used Dominion SX hardware (adapters and/or cables) to common Vendor/Model combinations:

VENDOR	MODELS	CONSOLE CONNECTOR	SERIAL CONNECTION
Checkpoint	Firewall	DB9M	ASCSDB9F adapter and CAT5 cable
Cisco	PIX Firewall	DB9M	ASCSDB9F adapter and CAT5 cable
Cisco	Catalyst	RJ45	CRLVR-15 cable
Cisco	Router	DB25F	ASCSDB25M adapter and CAT5 cable
Hewlett- Packard	Unix Server	DB9M	ASCSDB9F adapter and CAT5 cable
Silicon Graphics	Origin	DB9M	ASCSDB9F adapter and CAT5 cable
Sun	SPARCStation	DB25F	ASCSDB25M adapter and CAT5 cable
Sun	Netra T1	RJ45	CRLVR-15 cable
Sun	Cobalt	DB9M	ASCSDB9F adapter and CAT5 cable
Various	Windows NT	DB9M	ASCSDB9F adapter and CAT5 cable
Raritan	RPCU	RJ45	CSCSPCS-10 CABLE

How do I install Java?

See the Standalone Raritan Serial Console section of Chapter 5: Port Configuration and Port Access Application of the Dominion SX User Guide.

Is the status of the unit limited by the status of the device or equipment to which it is attached (that is, Server, router, firewall, load balancer, or other network device)?

No, because the unit is a totally “out of band” solution that runs on its own dedicated microprocessor.

Even if the target devices to which the Dominion SX is attached are turned off, you will still be able to access the unit.

Can I reset the unit without losing my settings?

Click Maintenance > Reboot to reset the system.

How do I reset the unit back to its factory-default settings?

Performing a factory Reset returns the Dominion SX unit to its default factory settings. Be very careful when doing this, because it will erase all the data and settings on the Dominion SX unit and return it to the state in which it was originally shipped.

To perform a factory reset, choose Maintenance > Factory Reset

In case you are not aware of the administrative password to log in the Dominion SX GUI to perform a factory reset, you may want to try resetting from the Dominion SX hardware. To do so, insert a pin into the RESET hole on the back panel of the Dominion SX unit and hold for about 15 seconds. The Dominion SX is then reset to factory defaults.

Does the unit need to be on the same physical LAN as the client host during installation and setup?

No, setup can be performed via the SX’s LPA port with a straight serial connection.

Once the physical installation is complete and my ping query elicits a response from the unit, how do I initially access the unit and begin to customize the unit?

Open a supported network-enabled web browser, type “192.168.0.192” in the address line, and press the <Enter> key.
The system displays the start-up screen for the unit, and prompts you through the entire set-up process.

Once setup is complete, log off the console, and use the
IP address you assigned during set-up to re-access the unit.

Once I have assigned the unit a unique IP address, how do I access the unit in the future?

Open your supported Web browser,
Type the IP address you have assigned to that unit into the Address field
Press the <Enter> key. The login/password screen for the unit will appear.

Can I assign specific port access to a specific user?

Yes, but only if the user is NOT an Administrator. The Administrator will always have access to all the ports.

I performed maintenance on my NFS server, which affected my Dominion SX port logging. I had port logging enabled, but I could not access any port on the DSX.

This is a designed feature. The idea of NFS port logging is to avoid missing anything on the ports.

Disable port logging when performing maintenance on the NFS server.

Sometimes when I try to log on, I see a message that states my “login is incorrect” even though I am sure I am entering the correct User Name and Password. Why is this?

This is a security feature.

There is a session-specific ID that is sent out each time you login to the unit. This ID has a time-out feature. If you do not login to the unit before the time-out occurs, then the session ID becomes invalid.

Performing a <Shift-Reload> refreshes the page from the unit, and not from the now-expired cache. Similarly, you may close the current browser, open a new browser, and login again. This provides an additional security feature so that no one can recall information stored in the cache to access the unit.

What should I do if the browser returns with the message that the device timed out?

Try reloading using <Shift-Reload>. If this does not work, check your network connections and network status.

You may also want to ping the console or perform a route print (as described in other FAQs) to ensure that proper network communication is occurring.

If a web page does not load to your browser, there are probably network difficulties that are preventing the page from loading.

How do I upgrade the Dominion SX software?

Since Release 3.0, Click Maintenance > Firmware Upgrade and fill in the parameters.

What if I forget or lose my password?

Any Administrator can assign any user (Administrator, Operator, or Observer) a new password if it is forgotten or lost.

Important: If there is only one Administrator, and he/she forgets his/her password, then the unit must be factory-reset and re-configured from the initial set-up screen. All saved values will be lost.

Is there any way for me to optimize the performance of Microsoft Internet Explorer if it is my preferred Web browser?

To improve the performance of Microsoft Internet Explorer when accessing the console:

Select Tools®Internet Options®Advanced from the main menu.
Scroll through the list until you see the following items and disable them.

JIT compiler for virtual machine enabled
Java logging enabled
Java console enabled

I am having trouble using the 128-bit SSL on the unit. Do you know what might be causing this?

It is likely that the browser you are using does not support 128-bit SSL encryption. Depending on the version of browser installed on your workstation, you may need to do one of the following:

Install a 128-bit SSL compatible version of your browser.
Upgrade your current browser to be 128-bit SSL compatible.

See the browser manufacturer’s web site for instructions.

Sometimes when I am trying to dial-in to the unit or when I am connected to the unit via the modem and I lose my connection.

If I immediately try to dial-in again, I can’t get connected.

However, if I wait for a few minutes, the dial-in is successful. Why is this?

In this case, “a few minutes” is the key:

The modem has a pre-defined "clean up time" after every connection ends – it does not matter whether the connection is dropped, severed, or intentionally closed by the user.
The modem will take about one minute to re-cycle itself to be ready for the next incoming call.

What’s the MTBF for Dominion SX?

131,566 Hours. Keep in mind that the life of a SX depends on the environment factors such as temperatures, humidity, variation in power and other factors

How do I select the language and how many languages are there that RSC can support?

Open RSC - Emulator - Setting - Display - Language. SX 3.1 RSC can support four languages: English, Japanese, Korean and Chinese

ORDERING INFO

Switches

Accessories

Warranties

TAKE THE NEXT STEP

View the Dominion SX Data Sheet

Request Product Info

Schedule an Online Demo

What's New?

The Distributed Enterprise: Remote Access and Management of IT Infrastructure
IT managers, remote offices can cause any number of headaches. Fortunately, Raritan offers a variety of solutions easing the fallout of the control, security and budgetary issues involved in remote management. In this white paper, we examine and analyze the increases in uptime and security provided by out-of-band access and control tools.

Download white paper
(PDF 1.2MB) >>>