Using the Serial Port
This topic describes use of the serial port and serial port console. It includes the following information:
Connecting to the Serial Port Console
In cases where the admin console is unavailable, you can perform network and host configuration tasks and troubleshooting using the serial port console.
To connect to the serial console:
1.Plug a null modem crossover cable from a console terminal or laptop into the device serial port. This cable is provided in the product box. Do not use a straight serial cable.
2.Configure a terminal emulation utility, such as HyperTerminal, with the following serial connection parameters:
•9600 bits per second
•8-bit No Parity (8N1)
•1 Stop Bit
•No flow control
|
Options |
Description |
|
1. Network Settings and Tools |
Enables you to change standard network settings; print a routing table; print or clear an ARP cache; run the ping and traceroute commands, remove static routes, and add an ARP entry. |
|
2. Create admin username and password |
Enables you to create a new super administrator account. |
|
3. Display log |
Enables you to display system configuration, user access logs, or administrator access logs through the serial console. Note that must enter q to return to serial console options after viewing the logs. |
|
4. System Operations |
Enables you to reboot, shut down, restart, roll back, or factory reset the system without using the admin console. |
|
5. Toggle password protection for the console |
Enables you to password protect the serial console. When you toggle this option to “on,” only super administrators are allowed access. |
|
6. Create a Super Admin session |
Enables you to create a recovery session to the admin console, even if you have configured the system to block access to all administrators. When you select this option, the system generates a temporary token that is valid for 3 minutes. Enter the following URL into a browser window: https://<fully-qualified-domain-name>/dana-na/auth/recover.cgi Then, enter the temporary token when prompted to sign in to the admin console. When you select this option, the system blocks any additional administrators from signing in to the admin console until you sign in to the specified URL and initiate a session using your token. The appliance blocks additional sign-in attempts so that you can fix any configuration problems that the system may have encountered without conflicting with another session. |
|
7. System Snapshot |
Enables you to take a system snapshot without using the admin console. When you select this option, the system takes the snapshot immediately. You can then send the snapshot file, by way of SCP, to a remote system. The system prompts you for the destination server port, user ID, password, and the destination path to the remote directory. If you choose not to send the snapshot file to a remote system, the system saves the file locally. The next time you log in to the admin console, the System Snapshot tab contains a link to the snapshot file. |
Using the Serial Console to Roll Back to a Previous OS Version
You can use the admin console to roll back the configuration to a previous state. If the rollback option is not available in the admin console, you can use the procedure described in this section to perform the system rollback.
If you have not yet performed an OS service package upgrade, there is no previous state to roll back to, and the rollback option is not available. If you have performed an OS service package upgrade, any system and user configuration data created after the upgrade is lost unless you export the most current configuration files before rolling back the system and then import them afterwards.
To roll back to the previous OS service package:
1.Connect to the serial console.
2.In a browser window, sign in to the admin console.
3.Select Maintenance > System > Platform.
4.Click Reboot Now and then return to the console utility window. The window displays a message that the system is restarting.
5.After several moments, you are prompted to use the Tab key to select options. Press Tab, and when prompted for the configuration to load, type rollback and then press Enter.
After you click Reboot Now, the rollback status is output to the screen, and when complete, you are prompted to press Return (Enter) to modify system settings, which returns you to the initial setup options. When you are finished entering data, simply close the serial console window.
If you wait more than 5 seconds to enter your choice, the current system configuration is automatically loaded and you must go back to the admin console and click Reboot Now to start the process again. If you have already performed a system rollback, the rollback option is not available again until you upgrade the OS service package again.
Using the Serial Console to Reset the System to the Factory Image
In rare cases, you might need to reset the system to its original factory settings. Before performing this advanced system recovery option, contact PSGSC (http://www.pulsesecure.net/support/). If possible, export the most current system and user configuration data before performing a factory reset.
To perform a factory reset:
1.Connect to the serial console. In a browser window, sign in to the admin console.
2.Select Maintenance > System > Platform.
3.Click Reboot and then go back to the console utility window. The window displays a message that the system is restarting.
4.After several moments, you are prompted to use the Tab key to select options. Press Tab, and when prompted for the configuration to load, type factory-reset and then press Enter. If you wait more than 5 seconds to enter your choice, the current system configuration is automatically loaded, and you must go back to the admin console and click Reboot Now to start the process again.
5.When you are prompted to confirm performing a factory reset, type proceed and then press Enter. The system begins the process of resetting the machine to its original settings and outputs several screens of data. After several minutes, you are prompted to use the Tab key to select configuration choices.
When prompted to press the Tab key, do one of the following:
•Wait for the default selection (current) to start automatically.
•Press Tab, type current, and then press Enter.
You are then prompted to enter the initial configuration settings. For details on how to proceed, see the installation guide provided in the product packaging or on the Pulse Secure Global Support Center.
After you complete the initialization process, you can upgrade to the latest OS service package and import saved system and user configuration files to return to the last good working state of your system.
You might receive errors from the system during the initial setup or on a factory reset. Before the system starts services, it monitors the network port for a maximum of 120 seconds. The system checks the link status and sends ARP requests to the default gateway. If there is a problem, after 5 seconds, the system displays a message on the serial console that starts with NIC:...... If the link recovers within 120 seconds, the startup process continues. If the link does not recover, the following message is displayed:
Internal NIC:...............[Down code=0x1]
•0x1 means that the interface link status reported by the NIC remains off (for example, a disconnected cable or a cable is in the wrong port).
•0x2 means that the gateway is unreachable. The system boots but is not reachable from IP addresses bound to that network port.