File Name: README.TXT IBM UPS 3000XHV, 3000XLV, 7500XHV and 10000XHV firmware Version 2.5.4 CONTENTS --------- 1.0 Overview 2.0 Change History 3.0 Installation and Setup Instructions 4.0 Configuration Information 5.0 Unattended Mode 6.0 Web Sites and Support Phone Number 7.0 Trademarks and Notices 8.0 Disclaimer _____________________________________________________________ 1.0 Overview -------------- 1.1 Overview of this firmware version The current release of the firmware for the Embedded Network Module of an IBM UPS 3000XHV and 3000XLV or a Network Management Card of a 7500XHV and 10000XHV, enables remote management of the uninterruptible power supply through a Web interface (HTTP or HTTPS), control console interface accessed through Telnet or SecureSHell (SSH), or SNMP. You can also access the control console locally through a serial connection to the uninterruptible power supply. The Device IP Configuration Wizard, enables you to discover unconfigured Embedded Network Modules on the network and configure their basic TCP/IP settings, one card at a time. You can then configure further parameters through the interface of each Embedded Network Module or by using the .INI file export utility, iniutil.exe, to configure multiple Embedded Network Modules. The utility automates the configuration of multiple Embedded Network Modules by exporting settings from a configured Embedded Network Module. Firmware can now be upgraded by a new Firmware Upgrade Utility (upgrd_util.exe). You can also transfer firmware to the Embedded Network Module by using FTP or SCP. A Security Wizard enables you to implement components of your system's security. 1.2 Limitations (1) System uptime reverts to zero after the Network Management Card is running for about 497 days. (2) Upload of certificates by using Secure CoPy (SCP) might fail. (3) TFTP client bootfile transfers are not always reliable. TFTP client bootfile transfers could time-out if the response time is more than 1 second. (4) FTP port configuration requires both the configured FTP port and FTP port minus one to be reserved for the FTP server. (5) "Reset to Defaults" does not change the baud rate to its default value of 2400. (6) The Embedded Network Module logs the error "Ran out of simple heap" and performs a warm-start after the following sequence of events: SSL/3DES completes, SSHv2 generates the keys and certificates, you log into FTP and get the config.ini file, and you use the Web to transfer the same config.ini file to the Embedded Network Module. To avoid this limitation, restart the Embedded Network Module after an SSL certificate and SSH keys and certificates are generated but before uploading the config.ini file. (7) While you are in MD5 mode and using Microsoft(R) Internet Explorer 6, some Web pages may report that another user is currently logged in to the Network Management Card. Refresh the page to delete the message. (8) The Web interface enables the user to change the password without confirmation. (9) The Web interface is inaccessible if the http and https ports are configured to the same port number. (10) User name/password credentials are not available to send to the SMTP server when sending e-mail. (11) The option to test sending e-mail through the secondary Domain Name System (DNS) server erroneously sends the e-mail through the primary DNS server. (12) If you issue a bypass command with "Shutdown PCNS Servers" check-marked, the servers will not shut down. (13) The MIB OID upsBasicOutputPhase reports 3 for all supported IBM uninterruptible power supplies. (14) A password change for the Admin user or Device Manager is not logged correctly in the event log. If the new password contains the old password as part of the character string, the fact that the password was changed is not logged at all. In cases where the password change is logged, the log entry does not identify which password has been changed, Admin or Device Manager. (15) The SMTP server needs a user name and password to enable e-mail to be sent, but the Embedded Network Module does not provide a way to enter such parameters. Therefore the customer cannot successfully configure the e-mail function. (16) You cannot display or configure Load Alarm and Runtime Alarm thresholds of the uninterruptible power supply from the user interface of the Embedded Network Module. You must use the front panel display of the uninterruptible power supply instead to display and configure the thresholds. (17) The Embedded Network Module does not return cached values for OIDs but instead returns NULL if the uninterruptible power supply has lost communication. (18) When Network Management Stations (NMSs) designated as SNMP trap receivers are not being checked for authentication failures and therefore do not report when an attempt by a user to log on fails. (19) The Embedded Network Module will not accept a Dynamic Host Configuration Protocol (DHCP) lease if the lease time is set to infinite. (20) When a PowerChute Network Shutdown command is received immediately after the uninterruptible power supply returns to an online condition, the Embedded Network Module shuts down and remains off regardless of whether the Control option for on-battery shutdown is configured as Reboot UPS or Turn off UPS. (21) Functions related to Domain Name System can sometimes be prevented from working. Such an occurrence will cause a system warmstart of the Embedded Network Module. The event log indicates that a system error has occurred, even though the occurrence may not adversely affect the operation of the Embedded Network Module. (22) When the Reset to Defaults option resets the system configuration settings of the Embedded Network Module to their default values, it does not reset the configuration values for outlet groups. (23) You cannot apply Secure SHell (SSH) algorithms in the Web interface while you are logged on using Message Digest 5 (MD5) authentication in the Web interface. If you select an SSH encryption algorithm and click Apply, it reverts to being unselected. To avoid this problem, disable MD5 authentication and then select and apply the algorithms. You can apply Secure Sockets Layer (SSL) algorithms while MD5 is either enabled or disabled. (24) The APC PowerNet MIB OID upsBasicOutputPhase erroneously reports 3 instead of 1 for the IBM UPS 3000XHV and IBM UPS 3000XLV. (25) In the data log, the apparent load is erroneously reported as load current. It should be reported in the %VA column, not the %Watts column. 1.3 Enhancements This firmware release supports the APC PowerNet MIB, version 3.6.8. NOTE: The MIB Reference Guide, available on the Network Management Card CD, documents the 3.6.4 Management Information Base. All products supported by the MIB are documented in the Guide, and some information is not relevant to IBM uninterruptible power supplies. For information on OIDs introduced since the 3.6.4 MIB, use a MIB browser to view their definitions and available values directly from the MIB itself. You can view the definitions of traps that are new since the 3.6.4 MIB at the end of the MIB itself (the file powernet368.mib on the Network Management Card CD). 1.4 Level of recommendations and prerequisites for the update: IBM recommends this release (firmware modules apc_hw02_aos_253.bin and apc_hw02_sumx_254.bin) for users of IBM UPS 3000XHV, 3000XLV, 7500XHV and 10000XHV models. Do not use this update for other IBM uninterruptible power supplies. 1.5 Dependencies: - Requires IBM UPS 3000XHV, 3000XLV, 7500XHV or 10000XHV - PowerChute Network Shutdown (optional). A utility included on the Embedded Network Module CD for reliable, graceful, unattended shutdown of multiple servers protected by the uninterruptible power supply when an extended power outage occurs. - apc_hw02_aos_253.bin: Embedded Network Module operating system and TCP/IP stack. - apc_hw02_sumx_254.bin: Uninterruptible power supply application for IBM UPS 3000XHV and IBM UPS 3000XLV. - powernet368.mib: The APC PowerNet SNMP Management Information Base (MIB) - apctraps368.tdf: The APC PowerNet SNMP MIB trap definition file. - Device IP Configuration Wizard, version 3.0.1: A utility for Windows NT(R), version 4.0; Windows(R) 2000; Windows 2003; and Windows XP to discover unconfigured Embedded Network Modules on the network, identify each one by its MAC address, and provide a screen to configure its three basic TCP/IP settings (IP address, subnet mask, and default gateway). See the Embedded Network Module User's Guide on the Embedded Network Module CD for more information. - .INI file configuration utility: A utility for Windows NT, version 4.0; Windows 2000; Windows 2003; and Windows XP to enable you to export configuration parameter settings from a configured Embedded Network Module to one or more unconfigured Embedded Network Modules. - Security Wizard (version 1.0.1: a utility for Windows NT, version 4.0; Windows 2000; Windows 2003; and Windows XP to enable you to create necessary components of your security system when using Secure Sockets Layer (SSL) and Secure SHell (SSH). Using the Security Wizard you can create the server certificate for the Embedded Network Module, a certificate signing request (required if you use an external Certificate Authority), a CA root certificate, and an SSH host key. - Microsoft(R) Internet Explorer, version 5.0 or higher; or Netscape(R) version 4.0.8 or higher (except Netscape 6.x for using the Web interface of the Embedded Network Module. Some Web interface features (data verification, Event Log, Data Log, and MD5 authentication) require that you enable JavaScript(R), Java(R), and cookies for your Web browser. 2.0 Change History -------------------- This is the third firmware release to support the IBM UPS 3000XHV and the IBM UPS 3000XLV. The following corrections and improvements have been made to the firmware since the second firmware release (apc_hw02_aos_250.bin and apc_hw02_sumx_251.bin) (1) COM Port errors (errors detected by the COM Port) cannot corrupt data being transmitted or received. (2) In some cases, upgrading firmware from the first to the second firmware release caused the file system to become corrupt and caused parameter settings to be reset to their defaults. There is no such risk in updating to this new firmware release. (3) Upgrading firmware from the first to the second firmware release reset FTP client data to default values. There is no such risk in updating to this new firmware release. (4) TFTP file transfer now functions correctly, without transfer failures. (5) E-mail from the Embedded Network Module now always displays the correct URL, http://:. E-mail was displaying http:// when the Web port was changed to a non-standard port from the standard port of 80. (6) The [PowerChute] section of the config.ini file is no longer truncated when approximately eight or more PowerChute Network Shutdown client IP addresses are configured. (7) In both the Web interface and control console, the remaining Shutdown Delay time is now correctly displayed after a "Put UPS to Sleep" operation has begun. (8) When a "Put UPS to Sleep Gracefully" operation is initiated through the control console, the time in seconds remaining before the uninterruptible power supply turns back on is now displayed correctly. A conversion error was causing a shorter than actual time to be displayed. (9) Unsuccessful FTP login attempts no longer can cause the Embedded Network Module to restart. (10) An enabled Synchronized Control Group now issues control commands correctly after a warm-start (when the Embedded Network Module restarts while the UPS is providing power) or after a firmware upgrade. Previously, Embedded Network Module values might be reset to default values by a warm-start or a firmware upgrade. (11) The event text that is sent when an FTP or TFTP file transfer begins now distinguishes between the two types of transfers. Formerly, the message stated only that a file transfer had started. (12) Interruptions in loading Web pages when running Secure Sockets Layer (SSL) version 3 have been corrected. Pages now load correctly with no error messages. (13) After a new or revised config.ini file is uploaded to the Embedded Network Module, the configuration values are implemented the first time the Embedded Network Module is restarted, as intended. (The new values were not being implemented until the second time the Embedded Network Module was rebooted.) (14) When the uninterruptible power supplies in a Synchronized Control Group resume providing power after being in sleep mode, the initiating uninterruptible power supply now always synchronizes correctly with the others in the group. In some cases, the initiating uninterruptible power supply would not recognize the Return Delay and therefore would end its sleep mode before the others in the group. (15) The possibility of data corruption after timed-out (expired) events are removed automatically from a full event queue has been corrected. This issue had sometimes caused repeated warm-starts of the Embedded Network Module. (16) If more than approximately 60 SSL certificates were generated, a flaw in the file allocation process made it impossible to save more certificates. When a certificate could not be saved a new one was generated, which, in turn could not be saved. This continuous generation of certificates has been fixed, so that you can generate more than 60 certificates without incident. (17) A user can no longer accidentally initiate a warm-start of the Embedded Network Module by entering a long username or password that fills the username and password field at HTTP logon. (18) The uninterruptible power supply can no longer deplete its batteries while supporting its load equipment during an input power failure to a point at which it is unable to support that equipment when power returns. (19) The missing Control menu option for outlet groups in the Control Console has been restored. 3.0 Installation and Setup Instructions ----------------------------------------- 3.1 Uninterruptible Power Supply Installation To install and set up your uninterruptible power supply, see the Installation and Quick-Start Guide that was shipped with the uninterruptible power supply. 3.2 Initial Configuration You must configure the following TCP/IP settings before the Embedded Network Module can operate on a network: The IP address of the Embedded Network Module The subnet mask The default gateway To define the TCP/IP settings needed by the Embedded Network Module, use any one of the following methods: Use the Device IP Configuration Wizard. See the Embedded Network Module User's Guide on the Embedded Network Module CD for instructions on how to install and use the Wizard. You can also view instructions for use by clicking on the Help button in the Wizard Interface. Use a DHCP or BOOTP server. See the User's Guide on the Embedded Network Module CD for more information. Use a serial connection from a local computer. See the User's Guide on the Embedded Network Module CD for more information. 4.0 Configuration Information ------------------------------- 4.1 Configuring the Serial Port When you use a terminal emulation program (such as HyperTerminal) to access the control console of the uninterruptible power supply, first disable any service that uses the port. Then run the terminal program; configure the selected port for 2400 bps, 8 data bits, no parity, 1 stop bit, and no flow control; and save the changes. 5.0 Unattended Mode --------------------- After you install and configure your uninterruptible power supply, install PowerChute Network Shutdown, and configure the uninterruptible power supply, the uninterruptible power supply provides unattended graceful shutdown and restart (in response to a power failure or on a scheduled basis). 6.0 Web Sites and Support Phone Number ---------------------------------------- Information and assistance is available through the IBM Web site and by phone. 6.1 Web sites IBM Support Web Site: http://www.ibm.com/pc/support/ IBM eServer Web site: http://www.ibm.com/eserver/xseries/ 6.2 Software service and support Through IBM Support Line, you can get telephone assistance, for a fee, with usage, configuration, and software problems with xSeries servers, IntelliStation workstations, and appliances. For information about which products are supported by Support Line in your country or region, go to http://www.ibm.com/services/sl/products/. For more information about Support Line and other IBM services, go to http://www.ibm.com/services/, or go to http://www.ibm.com/planetwide/ for support telephone numbers. In the U.S. and Canada, call 1-800-IBM-SERV (1-800-426-7378). 6.3 Hardware service and support You can receive hardware service through IBM Services or through your IBM reseller, if your reseller is authorized by IBM to provide warranty service. Go to http://www.ibm.com/planetwide/ for support telephone numbers, or in the U.S. and Canada, call 1-800-IBM-SERV (1-800-426-7378). In the U.S. and Canada, hardware service and support is available 24 hours a day, 7 days a week. In the U.K., these services are available Monday through Friday, from 9 a.m. to 6 p.m. 7.0 Trademarks and Notices ---------------------------- INTERNATIONAL BUSINESS MACHINES CORPORATION PROVIDES THIS PUBLICATION "AS IS" WITHOUT WARRANTY OF ANY KIND, EITHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF NON-INFRINGEMENT, MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE. Some jurisdictions do not allow disclaimer of express or implied warranties in certain transactions, therefore, this statement may not apply to you. This information could include technical inaccuracies or typographical errors. Changes are periodically made to the information herein; these changes will be incorporated in new editions of the publication. IBM may make improvements and/or changes in the product(s) and/or the program(s) described in this publication at any time without notice. IBM, the e-business logo and eServer are trademarks of the IBM Corporation in the United States, other countries, or both. Microsoft, Windows, and Windows NT are trademarks of Microsoft Corporation in the United States, other countries, or both. Java and all Java-based trademarks and logos are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States, other countries, or both. Other company, product, or service names may be trademarks or service marks of others. 8.0 Disclaimer ---------------- 8.1 THIS DOCUMENT IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. IBM DISCLAIMS ALL WARRANTIES, WHETHER EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION, THE IMPLIED WARRANTIES OF FITNESS FOR A PARTICULAR PURPOSE AND MERCHANTABILITY WITH RESPECT TO THE INFORMATION IN THIS DOCUMENT. BY FURNISHING THIS DOCUMENT, IBM GRANTS NO LICENSES TO ANY PATENTS OR COPYRIGHTS. 8.2 Note to Government Users Documentation related to restricted rights -- use, duplication or disclosure --- is subject to restrictions set forth in GSA ADP Schedule Contract with IBM Corporation.