FS6200 Server System Implementation Guide - Public Support ...

More documents

Recommendations

Info

Operating the Server This required parameter provides the actual address data for the rule. For a type ODTRDP, HBA, or DIAG rule, the parameter provides one or more remote addresses. You can specify any combination of a single IP address, an IP address range, or both. To specify an IP address range, use a dash (–) between the starting and ending IP addresses. To specify multiple addresses, use a forward slash (/) between IP addresses or between IP address ranges. Do not include spaces in the IP address syntax. For a type CALLHOME rule, you must specify a pair of IP addresses separated by a hash sign (#). The first IP address is the EVLAN address for the host (which is treated as the local address in the rule). The IP address after the hash sign is the EVLAN address for the MCP host (which is treated as the remote address in the rule). Ensure these IP addresses match the addresses specified during the ClearPath Network Services configuration. Note: The IP addresses shown in the following table demonstrate syntax structure, and do not specify actual IP addresses to be used. When running the script, use IP addresses that are appropriate in your environment. Sample Syntax for the IP Parameter Explanation ODTRDP, HBA, or DIAG Rule 10.10.100.60 Single IP address 10.10.100.1 – 10.10.100.50 Range of IP addresses 10.10.100.60/10.10.100.1 – 10.10.100.50 Single IP address, followed by a range of IP addresses CALLHOME Rule 192.168.10.6#192.168.10.5 EVLAN IP address for the host, followed by the hash sign (#) sign, and then EVLAN IP address for the MCP host • action The action parameter is optional and applies only when the type parameter is ODTRDP, HBA, or DIAG . It is not needed if the type parameter is set to CALLHOME. Only one value can be specified for the action parameter. Specify keep to add the IP parameter data to the remote IP addresses already in the rule. If keep is not specified as the action parameter, then the existing remote IP addresses in the rule are replaced with the value specified for the IP parameter. 4–16 8222 3694–000
Sample Commands • ChangeRulesForMCP ODTRDP 10.10.100.1/192.168.100.10-192.168.100.15 This command changes the Unisys ODT (TCP-In) and Remote Desktop (TCP-In) firewall rules to enable connections from IP address 10.10.100.1 and the IP address range of 192.168.100.10 through 192.168.100.15, in addition to the remote IP addresses that are already defined in those rules. On any cell other than the I/O engine, only the Remote Desktop (TCP-In) rule is affected; the Unisys ODT (TCP-In) rule does not exist on the E-mode engine, systems management engine, or JProcessor Specialty Engine cells. As stated in the preceding Syntax subsection, the Remote IP addresses in the Unisys NGAgent (TCP-In), Windows Remote Management (HTTP-In), Unisys Windows Remote Management (HTTPS-In), DFS Management (DCOM-In), and DFS Management (WMI-In) rules will also be updated. • ChangeRulesForMCP ODTRDP 10.10.100.1 This command changes the Unisys ODT (TCP-In) and Remote Desktop (TCP-In) firewall rules to enable connections from IP address 10.10.100.1 only. The existing Remote IP addresses in the rules are deleted because an action parameter is not specified in the syntax. • ChangeRulesForMCP CALLHOME 192.168.1.2#192.168.1.1 This command affects the Unisys Call Home (TCP-In) rule. The local IP address (host) is changed to 192.168.1.2, and the remote IP address (I/O engine) is changed to 192.168.1.1. • ChangeRulesForMCP HBA 10.10.100.1/192.168.100.10-192.168.100.15 keep This command causes the Unisys Configure HBA(TCP-In) to allow connections from IP addresses 10.10.100.1 and 192.168.100.10-192.168.100.15, as well as the Remote IP addresses that are already defined in the rule. • ChangeRulesForMCP DIAG 192.168.222.11-192.168.222.19/192.168.100.10- 192.168.100.15 keep This command causes the FTP Server (FTP Traffic-In) and FTP Server Passive (FTP Passive Traffic-In) rules to allow connections from IP address ranges 192.168.222.11- 192.168.222.19 and 192.168.100.10-192.168.100.15, as well as the Remote IP addresses that are already configured in those rules. The Local IP address is updated with the current IP address of the systems management engine. UnisysHarden_Rollback.ps1 Script Operating the Server It is not recommended that you permanently roll back the most recently applied MCP Firmware Environment Policy. However, you might need to temporarily roll back this security policy to isolate problems. For those instances, the UnisysHarden_Rollback.ps1 script is provided. Ensure that you reapply the policy using the Rollback.ps1 script after you complete your troubleshooting tasks. 8222 3694–000 4–17
Page 1 and 2:
ClearPathFS6200Server SystemImpleme
Page 3 and 4:
Contents Section 1. Introduction Ab
Page 5 and 6:
MCP Firmware Environment Policy Uti
Page 7 and 8:
Updating Specialty Engines . . . .
Page 9 and 10:
Figures 2-1. FS6200 Server Hardware
Page 11 and 12:
Tables 3-1. Physical Location of HB
Page 13 and 14:
Section 1 Introduction About This G
Page 15 and 16:
Section 2 System Overview This sect
Page 17 and 18:
• Two Processor Memory and Module
Page 19 and 20:
MCP Console s-Par Component Descrip
Page 21 and 22: ePortal Specialty Engine The ePorta
Page 23 and 24: Section 3 Customizing the Server Co
Page 25 and 26: Determining Correspondence between
Page 27 and 28: Table 3-1. Physical Location of HBA
Page 29 and 30: • The MCP is running. • The pat
Page 31 and 32: e. Log on to the environment. f. Cl
Page 33 and 34: The default IP address for the intr
Page 35 and 36: Table 3-6. Default Networking Value
Page 37 and 38: Changing the Network Services EVLAN
Page 39 and 40: IEEE 802.1Q VLANs allow a single ne
Page 41 and 42: and BIP protocols. Communications b
Page 43 and 44: 4. To modify a network processor ob
Page 45 and 46: You must replace or modify the prec
Page 47 and 48: Table 3-8. MCP Networking Values fo
Page 53 and 54: Using Sample BNA Initialization Fil
Page 55 and 56: Some of the procedures in MCP Imple
Page 57 and 58: Section 4 Operating the Server This
Page 59 and 60: Powering Off the Platform Hardware
Page 61 and 62: Controlling the MCP Environment Acc
Page 63 and 64: • Domain Name System (DNS) Client
Page 65 and 66: Table 4-1. Unisys-Defined Firewall
Page 67 and 68: Table 4-2. Firewall Rules for JProc
Page 69 and 70: The utility scripts enable you to m
Page 71: Notes: Syntax Usage • Refer to th
Page 75 and 76: Note: The .\ notation before the sc
Page 77 and 78: Differences from Previous MCP Syste
Page 79 and 80: If you do not receive this response
Page 81 and 82: Networking Commands and Inquiries C
Page 83 and 84: • Total processor utilization rep
Page 85 and 86: I/O Time • ACQUIRE • FREE • O
Page 87 and 88: Operating the Server PING commands
Page 89 and 90: Section 5 Setting Up and Operating
Page 91 and 92: Ensuring That the Necessary Disk Sp
Page 93 and 94: ; , REMOTEADDRESS = 000000000000 ,
Page 95 and 96: This command is optional. By defaul
Page 97 and 98: 6. Perform the following actions to
Page 99 and 100: 1. From the Component View tab, exp
Page 101 and 102: Setting Up and Operating the ePorta
Page 103 and 104: Assigning ePortal Specialty Engine
Page 105 and 106: Setting Up and Operating the ePorta
Page 107 and 108: Restoring ePortal The following act
Page 109 and 110: Section 6 Setting Up and Operating
Page 111 and 112: • Microsoft Network Client This f
Page 113 and 114: Applying JProcessor Security Policy
Page 115 and 116: Section 7 Backing Up MCP Firmware C
Page 117 and 118: Section 8 Updates This section disc
Page 119 and 120: Updating MCP Firmware MCP Firmware
Page 121 and 122: Job (USERCODE) EPORTALNOTE ACCEPT:
Page 123 and 124:
17. Go back into update settings (s
Page 125 and 126:
Section 9 Troubleshooting and Recov
Page 127 and 128:
Accessing the Unisys Product Suppor
Page 129 and 130:
Taking a Platform Firmware Livedump
Page 131 and 132:
Hardware Failure Symptoms Criticali
Page 133 and 134:
Workaround Use the platform managem
Page 135 and 136:
• If your TCP/IP or BNA connectio
Page 137 and 138:
• Obtain a Network Services firmw
Page 139 and 140:
The response to the NW NP command
Page 141 and 142:
Restarting a JProcessor Specialty E
Page 143 and 144:
Gathering Diagnostic Information Th
Page 145 and 146:
1. Create an unprivileged MCP userc
Page 147 and 148:
The topic “I/O Configuration” i
Page 149 and 150:
cd “C:\Program Files\Unisys\MCP F
Page 151 and 152:
Restarting Platform Services Note:
Page 153 and 154:
Appendix A Building Network Initial
Page 155 and 156:
• NW TCPIP TCPIPIDENTITY NW TCPIP
Page 157 and 158:
Building Network Initialization Fil
Page 159 and 160:
Sample BNA Initialization File % On
Page 161 and 162:
Index A accessing the Unisys Suppor
Page 163 and 164:
MCP PING commands through intraplat
Page 165 and 166:
MAICP4 dump data, 9-13 Maintenance
Page 167 and 168:
elocating the MCP APPLIANCES share,
Page 170:
© 2012 Unisys Corporation. All rig
show all

FS6200 Server System Implementation Guide - Public Support ...

Create successful ePaper yourself

Delete template?

Save as template?