Yellow Machine ™

Terabyte Storage Appliance

P400 Series

User’s Manual for YM Software v3.0

Copyrights and Trademarks
Copyright © 2006 Anthology Solutions, Inc.™ The information contained in this manual is
subject to change without notice. Reproduction, adaptation or translation without prior written
permission is prohibited, except as allowed under the copyright laws.
Anthology Solutions, Inc., Yellow Machine and Praetorian are either registered trademarks or
trademarks of Anthology Solutions, Inc. and/or its affiliates in the U.S. and certain other
countries. All rights reserved.
Acrobat and the Acrobat logo are trademarks of Adobe Systems Incorporated.
Microsoft, Microsoft Windows and Microsoft Internet Explorer are either registered trademarks
or trademarks of Microsoft Corporation in the United States and/or other countries.
Macintosh, Mac, Apple, Safari, and Mac OS are trademarks of Apple Computer, Inc., registered
in the U.S. and other countries.
APC and Smart-UPS are registered trademarks of American Power Conversion (APC).
SafeNet and SoftRemote are registered trademarks of SafeNet, Inc.
EMC and Retrospect are registered trademarks of EMC Corporation.
Other company and product names mentioned herein can be trademarks or registered
trademarks of their respective companies.
Yellow MachineTM appliance is the marketing name of a product produced by Anthology
Solutions, Inc.
The P400T is a particular model number within the Yellow MachineTM appliance product
family.

Safety Information
CAUTION
TO REDUCE THE RISK OF FIRE OR SHOCK, DO NOT EXPOSE THIS PRODUCT TO
RAIN OR MOISTURE.
Servicing is required when the apparatus has been physically damaged in any way, such as
when the power supply cord or plug is damaged, liquid has been spilled or objects have fallen
into the apparatus, the apparatus has been exposed to rain or moisture, or has been dropped.
To prevent electric shock, plug the equipment into properly grounded electrical outlets. Ensure
that the ground prong of the power plug is inserted in the ground contact of the power strip.
Incorrect insertion of the power plug could result in permanent damage to your equipment, as
well as risk of electric shock and/or fire.
To help avoid the potential hazard of electric shock, power down the system and unplug the
system during an electrical storm. Do not connect or disconnect cables or perform maintenance
or reconfiguration of this product during an electrical storm. Do not expose equipment to
dripping or splashing. Do not spill food or liquids on the equipment. No objects filled with
liquids should be placed on the equipment.
Do not use equipment in a wet environment, for example, near a bath tub, sink, or swimming
pool. Clean only with a dry cloth and when unplugged.
Do not block any ventilation openings or push any objects into the openings. Doing so can
cause fire or electric shock by damaging interior components.

Copyrights and Trademarks i

 Ensure that nothing rests on the equipment’s cables and that the cables are not located where
they can be stepped on or tripped over. Protect the power cord and cables from being walked on
or pinched particularly.

Regulatory Compliance
FCC (Federal Communication Commission) Information
This equipment has been tested and found to comply with the limits for a Class B digital device,
pursuant to part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference in a residential installation. This equipment generates,
uses and can radiate radio frequency energy and, if not installed and used in accordance with the
instructions, can cause harmful interference to radio communications. However, there is no
guarantee that interference will not occur in a particular installation. If this equipment does
cause harmful interference to radio or television reception, which can be determined by turning
the equipment off and on, the user is encouraged to try to correct the interference by one or
more of the following measures:
• Reorient or relocate the receiving antenna.
• Increase the separation between the equipment and receiver.
• Connect the equipment into an outlet on a circuit different from that to which the receiver is
connected.
• Consult the dealer or an experienced radio/TV technician for help.
UL Listing Mark - Meets UL's safety requirements, primarily based on UL's own published
Standards for Safety. ALL COMMUNICATION WIRING SHALL BE LIMITED TO INSIDE
THE BUILDING.
The Regulation for Certification of Information and Communication Equipment is based on
Article 33 of the “Telecommunications Basic Act” and Articles 46 and 57 of the “Radio Waves
Act.” MIC standards are based on IEC standards. The MIC-mark is issued by the Radio
Research Laboratory (RRL).
CE Mark - Declares compliance to the European Union (EU) EMC directive (89/336/EEC) and
Low Voltage directive (73/23/EEC).

Publication Change Record

The following table records all revisions to this publication. This first entry is always the
publication’s initial release. Each entry indicates the date of the release and the number of the
system release to which the revision corresponds.

Part number Date System Release

22-0031-001 Rev. 1.0 March 2006 YM Software v3.0

ii P400 Series User’s Manual for YM Software v3.0

 Contents

Copyrights and Trademarks . . . . . . . . . . . . . . . . . . . . . . . . . . i

Preface 1
About This Manual . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Related Documentation . . . . . . . . . . . . . . . . . . . . . . . . . . . .1
Typographical Conventions . . . . . . . . . . . . . . . . . . . . . . . . . .1
Contacting Anthology Solutions . . . . . . . . . . . . . . . . . . . . . . . .2
Special Messages . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .2

Chapter 1
Getting Acquainted 3
YM Introduction . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .3
YME Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .4
YMC Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .5
YMM Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .6
Launching YME Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Launching YMC Utility . . . . . . . . . . . . . . . . . . . . . . . . . . . . .7
Logging On To YMM . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .8
Front View of Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
MODE Button . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .9
Status Indicator LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Rear View of Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
On/Off Switch . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
Emergency Power Switch. . . . . . . . . . . . . . . . . . . . . . . . . 11
Voltage Selector Switch and Power Receptacle . . . . . . . . . . . . . 11
Ethernet (LAN/WAN) Ports . . . . . . . . . . . . . . . . . . . . . . . . 12
Serial Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12

Chapter 2
Product Requirements and Specifications 13
System Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Administrative PC . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13
Network Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Physical Specifications . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14
Environmental Requirements . . . . . . . . . . . . . . . . . . . . . . . . 14
Temperature, Humidity, and Altitude Specifications. . . . . . . . . . . . 14
Cooling Requirements . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Electrostatic Discharge . . . . . . . . . . . . . . . . . . . . . . . . . . 15
Mechanical Vibration and Shock Specifications . . . . . . . . . . . . . 15
Electrical Specifications and Power Requirements . . . . . . . . . . . . . 16
Uninterruptible Power Supply . . . . . . . . . . . . . . . . . . . . . . . . 16

Chapter 3
Powering On/Off and Rebooting Appliance 17
Powering On Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Powering Off Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . 17
Rebooting Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 18

Chapter 4
Configuring the Network 19
Example Configurations . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Storage Only . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20
Storage and Network Router . . . . . . . . . . . . . . . . . . . . . . . 21
Storage and VPN Router . . . . . . . . . . . . . . . . . . . . . . . . . 21
Storage, Network Router, and VPN Router . . . . . . . . . . . . . . . . 22

Contents iii
 Using Appliance as Storage and Router . . . . . . . . . . . . . . . . . . . 23
Adding Yellow Machine Appliances . . . . . . . . . . . . . . . . . . . . . 25
Extending to Multiple Departments. . . . . . . . . . . . . . . . . . . . . . 26
About Network Interface Settings . . . . . . . . . . . . . . . . . . . . . . 27
Identifying Appliance IP Addresses . . . . . . . . . . . . . . . . . . . . . 28
Changing Network Interface Settings . . . . . . . . . . . . . . . . . . . . 28
Fixing Incompatible Network Settings . . . . . . . . . . . . . . . . . . . . 29
Resetting Network Settings . . . . . . . . . . . . . . . . . . . . . . . . . 30
Circumventing IP Address Delay. . . . . . . . . . . . . . . . . . . . . . . 31
Changing Host Name, Domain Name, and DNS Server . . . . . . . . . . . 31
Using Dynamic DNS With Appliance. . . . . . . . . . . . . . . . . . . . . 32
About Port Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . . . . 33
Setting Up Port Forwarding . . . . . . . . . . . . . . . . . . . . . . . . . 33
Administering Port Forwarding . . . . . . . . . . . . . . . . . . . . . . . . 35
Enabling PCs as Clients . . . . . . . . . . . . . . . . . . . . . . . . . . . 36
Task Overview: Enabling Unix/Linux Systems as Clients . . . . . . . . . . 37
Enabling NFS on the Appliance . . . . . . . . . . . . . . . . . . . . . . . 37
Mounting Appliance Volume . . . . . . . . . . . . . . . . . . . . . . . . . 38
Cloning MAC Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . 38

Chapter 5
Using Appliance in Active Directory Environment 41
About Active Directory . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41
Switching Between Workgroup and Active Directory . . . . . . . . . . . . 42
Task Overview: Configuring Appliance for Active Directory . . . . . . . . . 42
Supported Active Directory Configurations . . . . . . . . . . . . . . . . . 43
Appliance as Member . . . . . . . . . . . . . . . . . . . . . . . . . . . 43
VPN in Active Directory Environment . . . . . . . . . . . . . . . . . . . 44
Configuring Appliance for Active Directory Environment. . . . . . . . . . . 45
Creating a Directory Structure on Appliance . . . . . . . . . . . . . . . . . 46

Chapter 6
Administering User Accounts in Workgroup Environment 47
About Managing User Accounts . . . . . . . . . . . . . . . . . . . . . . . 47
Managing User Accounts in YMM . . . . . . . . . . . . . . . . . . . . . . 47
Managing Superuser Accounts in YMM . . . . . . . . . . . . . . . . . . . 49
Managing Group Accounts in YMM . . . . . . . . . . . . . . . . . . . . . 50

Chapter 7
Working With Files, Folders, and Storage 53
Character Restrictions and Limitations. . . . . . . . . . . . . . . . . . . . 54
Transferring Files Using YMM . . . . . . . . . . . . . . . . . . . . . . . . 55
Transferring Files To Appliance Using FTP . . . . . . . . . . . . . . . . . 56
Enabling Journaling File System . . . . . . . . . . . . . . . . . . . . . . . 57
Task Overview: Managing User Storage Quotas. . . . . . . . . . . . . . . 57
Setting User Storage Quotas. . . . . . . . . . . . . . . . . . . . . . . . . 58
Viewing User Storage Quotas . . . . . . . . . . . . . . . . . . . . . . . . 59
Task Overview: (Workgroup Only) Sharing Files and Storage . . . . . . . . 60
(Workgroup Only) About User Access Permissions . . . . . . . . . . . . . 62
(Workgroup Only) Setting Permission Policy. . . . . . . . . . . . . . . . . 63
(Workgroup Only) Defining Disk Permissions . . . . . . . . . . . . . . . . 63
(Workgroup Only) Managing Files and Folders . . . . . . . . . . . . . . . 64
Copying and Creating Files Through YME and YMC Utilities. . . . . . . 64
Copying and Creating Files and Folders Through YMM . . . . . . . . . 65

Chapter 8
Securing Appliance and Network 67
Creating an Isolated Network . . . . . . . . . . . . . . . . . . . . . . . . 68

iv P400 Series User’s Manual for YM Software v3.0

Changing Security Mode Settings . . . . . . . . . . . . . . . . . . . . . . 69
Setting Up IE To Work With Proxy Mode. . . . . . . . . . . . . . . . . . . 70
Setting Up Outlook To Work With Proxy Mode. . . . . . . . . . . . . . . . 70
About Web Access Control and E-mail Recording . . . . . . . . . . . . . . 71
Task Overview: Managing Internet, Webmail, and Adult Content Access . . 71
Registering Computers. . . . . . . . . . . . . . . . . . . . . . . . . . . . 71
Allowing Access To Adult Content . . . . . . . . . . . . . . . . . . . . . . 72
Allowing Access To Webmail. . . . . . . . . . . . . . . . . . . . . . . . . 72
Creating Black Lists and Grey Lists . . . . . . . . . . . . . . . . . . . . . 73
Changing Archive Location for Recorded E-mail . . . . . . . . . . . . . . 73
Enabling External Access Control . . . . . . . . . . . . . . . . . . . . . . 74
Setting Idle Timeout . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74

Chapter 9
Maintaining Storage and Managing Data 75
About Appliance Backup Solutions . . . . . . . . . . . . . . . . . . . . . 75
Task Overview: Backing Up Data Using Retrospect . . . . . . . . . . . . . 76
Planning the Retrospect Backup . . . . . . . . . . . . . . . . . . . . . . . 77
Backing Up Data Using Retrospect . . . . . . . . . . . . . . . . . . . . . 78
Changing RAID Level . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80
Scrubbing Disks for Disk Block Failures . . . . . . . . . . . . . . . . . . . 81
Task Overview: Identifying and Fixing Disk Drive Failures and RAID Problems
82
Determining a Disk Drive Failure. . . . . . . . . . . . . . . . . . . . . . . 83
Task Overview: Replacing a Failed Disk Drive . . . . . . . . . . . . . . . . 85
Removing a Failed Disk Drive . . . . . . . . . . . . . . . . . . . . . . . . 86
Installing a New Disk Drive. . . . . . . . . . . . . . . . . . . . . . . . . . 88
Rebuilding Data . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90
Reformatting Disk Drives. . . . . . . . . . . . . . . . . . . . . . . . . . . 91
Monitoring Progress of Data Rebuild. . . . . . . . . . . . . . . . . . . . . 92
Changing a Boot Disk . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92

Chapter 10
Connecting Remotely To Appliance 95
About Creating VPN Connections To Appliance . . . . . . . . . . . . . . . 96
Road Warrior Connections . . . . . . . . . . . . . . . . . . . . . . . . 96
Net-To-Net Connections . . . . . . . . . . . . . . . . . . . . . . . . . 96
Task Overview: Establishing Road Warrior Connections With PPTP . . . . 97
Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC. 97
Task Overview: Establishing Road Warrior Connections With IPSEC . . . . 98
Task Overview: Establishing Net-To-Net Connections . . . . . . . . . . . . 99
Planning Road Warrior Connections . . . . . . . . . . . . . . . . . . . . . 99
Supported Operating Systems . . . . . . . . . . . . . . . . . . . . . 100
Supported Client Software . . . . . . . . . . . . . . . . . . . . . . . 100
Supported Routers . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
Supported Connection Types and Road Warrior Configurations . . . . 101
Creating the Registry Key . . . . . . . . . . . . . . . . . . . . . . . . . 103
Configuring Appliance for Road Warrior Connections . . . . . . . . . . . 104
Requesting Certificates From Appliance . . . . . . . . . . . . . . . . . . 106
Importing the Certificate for Windows Connection Software . . . . . . . . 107
Creating the VPN Connection Using Windows Connection . . . . . . . . 109
Configuring PPTP Connections and Initiating Road Warrior Connection To
Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .110
Configuring L2TP-IPSEC Connections and Initiating Road Warrior Connection
To Appliance . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . .113
Planning Net-To-Net Connections . . . . . . . . . . . . . . . . . . . . . .116
Supported Routers and Connection Types . . . . . . . . . . . . . . . .116
Supported Net-To-Net Configurations . . . . . . . . . . . . . . . . . .117

Contents v
 Configuring Router for Net-To-Net Connections . . . . . . . . . . . . . . .118
Initiating Net-To-Net Connection . . . . . . . . . . . . . . . . . . . . . . 123
Accessing a Computer or Appliance on VPN Through Web Browser . . . 124
About Remote Desktop Control . . . . . . . . . . . . . . . . . . . . . . 125
Task Overview: Initiating Remote Desktop Control . . . . . . . . . . . . 125
Planning To Connect Remotely To a Computer . . . . . . . . . . . . . . 125
Enabling Remote Desktop Control . . . . . . . . . . . . . . . . . . . . . 126
Configuring Windows Firewall To Allow Access . . . . . . . . . . . . . . 127
Connecting Client to Host Computer . . . . . . . . . . . . . . . . . . . . 127

Chapter 11
Monitoring Appliance 129
Identifying Appliance Uptime and Software Version . . . . . . . . . . . . 130
Updating System Time . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
Monitoring Storage Status . . . . . . . . . . . . . . . . . . . . . . . . . 131
Monitoring LAN Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . 132
Monitoring Power To Appliance . . . . . . . . . . . . . . . . . . . . . . 133
Configuring a UPS . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 134
Enabling and Disabling System Warning Notifications . . . . . . . . . . . 135
Changing Appliance’s Language Setting. . . . . . . . . . . . . . . . . . 135

Chapter 12
Understanding RAID and Disk Scrubbing 137
About RAID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 137
RAID Level Comparisons . . . . . . . . . . . . . . . . . . . . . . . . . 138
No RAID . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
RAID 0, Striping . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140
RAID 1, Mirroring . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
RAID 5, Striping plus Parity Mode . . . . . . . . . . . . . . . . . . . 142
About Disk Scrubbing . . . . . . . . . . . . . . . . . . . . . . . . . . . 143
Disk Scrubbing Operations on RAID 5 Configurations . . . . . . . . . 143
Disk Scrubbing Operations on RAID 1 Configurations . . . . . . . . . 143

Appendix A
System Configuration Worksheet 145
Appendix B
Creating a Postman Account in Outlook 147

vi P400 Series User’s Manual for YM Software v3.0

 Figures

Figure 1.1 Yellow Machine Explorer (YME) utility . . . . . . . . . . . . . . . 4

Figure 1.2 Yellow Machine Appliance Control (YMC) utility . . . . . . . . . . 5
Figure 1.3 Front View of Yellow Machine Appliance . . . . . . . . . . . . . . 9
Figure 1.4 Indicator LEDs . . . . . . . . . . . . . . . . . . . . . . . . . . 10
Figure 1.5 Rear View of Yellow Machine Appliance . . . . . . . . . . . . . 11
Figure 4.1 YM Appliance as Storage Only: Example #1 . . . . . . . . . . . 20
Figure 4.2 YM Appliance as Storage Only: Example #2 . . . . . . . . . . . 20
Figure 4.3 YM Appliance as Storage and Router . . . . . . . . . . . . . . 21
Figure 4.4 YM Appliance as Storage and VPN Router. . . . . . . . . . . . 21
Figure 4.5 YM Appliance as Storage, Network Router, and VPN Router . . 22
Figure 4.6 Multiple Yellow Machine Appliances on a Network . . . . . . . . 25
Figure 4.7 Creating Sub-Networks with Multiple Appliances. . . . . . . . . 26
Figure 4.8 Determining Computer’s MAC Address . . . . . . . . . . . . . 38
Figure 5.1 YM Appliance as Member in ADS Environment . . . . . . . . . 43
Figure 5.2 YM Appliance as VPN Router and Gateway in ADS Environment 44
Figure 8.1 LAN Address Settings Worksheet . . . . . . . . . . . . . . . . 68
Figure 9.1 Installing Retrospect . . . . . . . . . . . . . . . . . . . . . . . 76
Figure 9.2 Retrospect: Saving Duplicate/Incorrect Volume Configuration . . 78
Figure 9.3 Retrospect: Adding Volumes . . . . . . . . . . . . . . . . . . . 79
Figure 9.4 RAID 5 Configuration . . . . . . . . . . . . . . . . . . . . . . . 80
Figure 9.5 Disk Drive LEDs . . . . . . . . . . . . . . . . . . . . . . . . . 83
Figure 9.6 Degraded RAID5 Configuration . . . . . . . . . . . . . . . . . 84
Figure 9.7 Side View . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
Figure 9.8 Top View with HDD and Cables . . . . . . . . . . . . . . . . . 85
Figure 10.1 Road Warrior Configuration: Example #1 . . . . . . . . . . . 102
Figure 10.2 Road Warrior Configuration: Example #2 . . . . . . . . . . . 102
Figure 10.3 Preventing Network Conflicts in VPN Configurations . . . . . 105
Figure 10.4 Launching Microsoft Management Console . . . . . . . . . . 107
Figure 10.5 Locating Certificates Subfolder . . . . . . . . . . . . . . . . 107
Figure 10.6 Locating Certificate in Personal\Certificates . . . . . . . . . 108
Figure 10.7 Locating Certificate in Trusted Root CA\Certificates . . . . . 108
Figure 10.8 Specifying Data Encryption Instructions . . . . . . . . . . . . .111
Figure 10.9 Specifying Data Encryption Instructions . . . . . . . . . . . . .114
Figure 10.10 Net-to-Net Connection: Example #1 . . . . . . . . . . . . . .117
Figure 10.11 Net-to-Net Connection: Example #2 . . . . . . . . . . . . . .117
Figure 10.12 Configuring YM Appliance for Net-To-Net Connection . . . . .119
Figure 10.13 Configuring Linksys Router for Net-To-Net Connection . . . 120
Figure 10.14 Creating IKE Policy for NetGear Router . . . . . . . . . . . 121
Figure 10.15 Configuring NetGear Router for Net-To-Net Connection. . . 122
Figure 10.16 Initiating a VPN Connection on the YM Appliance . . . . . . 123
Figure 10.17 \Determining Host’s Computer Name . . . . . . . . . . . . 126
Figure 11.1 Connecting a UPS . . . . . . . . . . . . . . . . . . . . . . . 134
Figure 12.1 No RAID . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
Figure 12.2 RAID 0, Striping . . . . . . . . . . . . . . . . . . . . . . . . 140
Figure 12.3 RAID 1, Mirroring . . . . . . . . . . . . . . . . . . . . . . . 141
Figure 12.4 RAID 5, Striping plus Parity . . . . . . . . . . . . . . . . . . 142
Figure B.1 Outlook E-mail Account for Postman . . . . . . . . . . . . . . 148

Figures vii
 Tables

Table 1.1 YMM Drop-down Menu Items . . . . . . . . . . . . . . . . . . . .6

Table 1.2 Explanation of LED Status Lights . . . . . . . . . . . . . . . . . 10
Table 2.1 Temperature, Humidity, and Altitude Specifications . . . . . . . . 14
Table 4.1 Ports Used By Internet Games . . . . . . . . . . . . . . . . . . 34
Table 4.2 Ports Used By Network Applications . . . . . . . . . . . . . . . 34
Table 4.3 Protocol Numbers . . . . . . . . . . . . . . . . . . . . . . . . . 35
Table 6.1 User Accounts. . . . . . . . . . . . . . . . . . . . . . . . . . . 48
Table 7.1 Character Limitations . . . . . . . . . . . . . . . . . . . . . . . 54
Table 7.2 Access Permissions Policies . . . . . . . . . . . . . . . . . . . 62
Table 8.1 Network Security Options . . . . . . . . . . . . . . . . . . . . . 69
Table 9.1 RAID Requirements . . . . . . . . . . . . . . . . . . . . . . . . 81
Table 9.2 Interpreting Disk Drive Status LEDs. . . . . . . . . . . . . . . . 83
Table 9.3 Building RAID: Time Estimates . . . . . . . . . . . . . . . . . . 90
Table 9.4 Reformat Disk Drives: Time Estimates . . . . . . . . . . . . . . 91
Table 10.1 Connection Type Comparison . . . . . . . . . . . . . . . . . 101
Table 10.2 Net-To-Net: Supported Routers and Connection Types . . . . .116
Table 11.1 Storage Status Messages . . . . . . . . . . . . . . . . . . . 131
Table 11.2 Monitoring System Power . . . . . . . . . . . . . . . . . . . 133
Table 11.3 System Warning Notifications . . . . . . . . . . . . . . . . . 135
Table 12.1 RAID Level Overhead . . . . . . . . . . . . . . . . . . . . . 138
Table A.1 System Configuration Worksheet . . . . . . . . . . . . . . . . 145

Tables ix
 Preface
Chapter0

About This Manual

This manual provides an introduction to the Yellow MachineTM appliance. This manual also
explains how to use, manage, and maintain the YM appliance.
All Yellow MachineTM appliances ship with system software already installed. Therefore, this
guide assumes that the YM appliance that you are accessing has YM Software v3.0 installed.
This guide also assumes that you configured the YM appliance for your network. The Read Me
First for YM Software v3.0 walked you through this process.

Related Documentation
The following documents contain additional information relevant to installing, maintaining, and
administering the YM appliance.
• P400 Series Release Notes for YM Software v3.0 - Shipped with the YM appliance and
available online at www.YellowMachine.com.
• Read Me First for YM Software v3.0 - Shipped with the YM appliance and available online at
www.YellowMachine.com.
• P400 Series User’s Manual for YM Software v3.0 - Available online at
www.YellowMachine.com and on the Yellow Machine System Software CD.
• P400 Series Installation and Upgrade Guide for YM Software v3.0 - Shipped with upgrade
kit and available online at www.YellowMachine.com and on the Yellow Machine System
Software CD.
For additional documentation, go to www.YellowMachine.com.

Typographical Conventions
This document uses different typefaces to indicate different kinds of information. The following
table explains these typographical conventions.

Font Meaning
Typewriter Indicates error messages or screen output.
Bold In a command line, indicates information to be entered
exactly as shown.
Italics Indicates a variable for which you should substitute an
appropriate value.

Preface 1
Contacting Anthology Solutions
Sales: sales@YellowMachine.com or Toll-free Tel: +1-877-936-5600 in the U.S. or
408-454-6700 from outside the U.S.
Customer Support: support@YellowMachine.com or Toll-free +1-877-976-5600 in the U.S.
or 408-454-7112 from outside the U.S.
VAR Support: Toll-free +1-800-720-8406 in the U.S.

Special Messages
This documentation uses the following special messages and icons:

Warnings alert you to the danger of personal injury and call attention to instructions you must
follow to ensure your personal safety.

Cautions call attention to instructions you must follow to prevent damage to system hardware or
software, or loss of system data.

Notes call attention to important information that you should be aware of as you follow the
procedures that are outlined in this document.

Recommendations call attention to an item or procedure that is not required but might help
improve performance, ease of use, and ease of installation or configuration.

Tools identify the tools that you need to complete a task.

Tips provide suggestions that help you save time.

2 P400 Series User’s Manual for YM Software v3.0

 1
Getting Acquainted
Chapter0

Thank you for choosing the Yellow MachineTM appliance (YM appliance). The YM appliance
provides you reliable, easy-to-use storage, and a secure network gateway to the Internet. The
chassis contains four disk drives, providing 1TB, 1.6 TB, or 2 TB in storage capacity,
depending on the configuration that you chose.
To acquaint yourself with the YM appliance, review the following topics:
• “YM Introduction”
• “YME Utility”
• “YMC Utility”
• “YMM Interface”
• “Launching YME Utility”
• “Launching YMC Utility”
• “Logging On To YMM”
• “MODE Button”
• “Status Indicator LEDs”
• “On/Off Switch”
• “Emergency Power Switch”
• “Voltage Selector Switch and Power Receptacle”
• “Ethernet (LAN/WAN) Ports”
• “Serial Port”

YM Introduction
The YM appliance provides the following interfaces:
• Yellow Machine Explorer (YME) utility
• Yellow Machine Appliance Control (YMC) utility
• Yellow Machine Manager (YMM)
The YM Utility Installer installs these utilities. The utility that resides on your computer’s
desktop depends on the utility that you chose to install in the Yellow Machine Utility & Setup
Wizard. The Read Me First for YM Software v3.0 walked you through this interface installation
process.
• A user that does not need to administer a YM appliance, only needs the Yellow Machine
Explorer (YME) utility.
• A user that needs to administer a YM appliance, requires both the Yellow Machine
Appliance Control (YMC) utility and Yellow Machine Manager (YMM).

Getting Acquainted 3
 YME Utility
The YM Utility Installer installs the YME utility on your PC. The YME utility is a
browser-based interface that enables you to browse and access the YM appliances on your
network. The YME utility does not run on a MacTM. However, the YM appliance supports Mac
Finder.
Simply double-click on the YM appliance you want to access, and begin to create new folders
or copy files and folders to a YM appliance. Copying and creating files and folders in the YME
utility is no different than doing so in Windows® Explorer.
Note: Depending on the permission policy, which you can set on the YM appliance, you might
need to enter a user name and password to access the YM appliance. For information about
permission policies, go to “(Workgroup Only) About User Access Permissions” on page 62.
The YME utility provides a subset of the privileges that an administrator receives through the
YMC utility. To learn about the YMC utility, go to “YMC Utility” on page 5.
As Figure 1.1 shows, until you create a customized and unique host name for the YM appliance,
the YME utility identifies the YM appliance by its default host name, which is
YMLast6DigitsOfMACaddress. Every hardware device on a network has a specific MAC
address, a unique and permanent identifier.

Figure 1.1 Yellow Machine Explorer (YME) utility

4 P400 Series User’s Manual for YM Software v3.0

YMC Utility
The YM Utility Installer installs the YMC utility. The YMC utility provides access to the YMM
interface and enables you to:
• Browse and access the YM appliances on the network.
• Set up the network and storage configuration.
• Manage and control networks security, user accounts, and storage configuration.
At least one client on the network requires the YMC utility. The YMC utility does not run on a
Mac. Therefore, the network must include a PC to manage the YM appliance.

Figure 1.2 Yellow Machine Appliance Control (YMC) utility

When you launch the YMC utility, you have several navigation buttons from which to choose:

Explore Browse and access the YM appliances on the network.

Network Enables you to set up the network configuration by using a wizard. To
learn more about changing your configuration, go to “Changing Network
Interface Settings”.
Storage Enables you to check storage status and change your RAID
configuration.
Advanced Provides you access to the YMM interface. The features of the YMM are
outlined in “YMM Interface”.

YM Introduction 5
 YMM Interface
The YMM is a browser-based interface to configure and monitor the status of the YM appliance
and its network. You can access the YM appliance’s features through this interface. You can:
• Reliably share files with other users.
• Ensure redundant through specific RAID configurations.
• Add security to your home or office network.
• Control web access.
The YMM consists of the following five tabs. Reading across the tabs from left to right, Table
1.1 lists the drop-down menu items:
Table 1.1 YMM Drop-down Menu Items
Tab Menu Item
System: • System Status
• System Time
• Boot Disk
• System Power
• Administration
User: • User Accounts
• Superuser Accounts
• Group Accounts
Network: • Network Interfaces
• LAN Ports
• Host Configuration
• Network Neighbors
Security: • Quick Network Security
• Port Forwarding
• Web Access Control
• VPN
Storage: • Quick Network Storage
• User Storage Quota
• File Manager
• File Transfer
• Journaling FS
• RAID DST

6 P400 Series User’s Manual for YM Software v3.0

Launching YME Utility
To launch YME utility:

Do one of the following:

• Double-click the YME shortcut icon on your desktop.

• Click Start > All Programs > Yellow Machine Utilities > YME Explorer

Launching YMC Utility

To launch YMC utility:

Do one of the following:

• Double-click the YMC shortcut icon on your desktop.

• Click Start > All Programs > Yellow Machine Utilities > YMC

Launching YME Utility 7

Logging On To YMM
You cannot change the user name and password settings from the Login window. The factory
default login settings are:
Username: admin
Password: admin
Confirm: admin
The defaults appear each time you log on until you change the password. After you change the
password, the Login window entries are blank the next time you log on.
To log on to the YMM:

1. Do one of the following:

• Launch the YMC utility. To launch YMC utility, see “Launching YMC Utility”.
a. Launch YMC utility, and select Advanced.
b. In the Yellow Machine Advanced Setup window, double-click the YM appliance. The
Yellow Machine Manager (YMM) launches.
• Launch YMM:
a. Launch your Internet browser.
b. Type http://YMapplianceLANIPaddress:10000 in the address field of the web browser
and click Go. The Yellow Machine Manager (YMM) Login window appears.

2. Click Login. The System Status window appears. You are now logged on to YMM.

8 P400 Series User’s Manual for YM Software v3.0

Front View of Appliance

Figure 1.3 Front View of Yellow Machine Appliance

MODE Button
The MODE button has two distinct functions:
• Resets the following settings to the factory default. The MODE button does not reset all other
settings that are outlined in “System Configuration Worksheet” on page 145 to factory
defaults, including hostname.
• Network configuration (WAN and LAN). Go to “To reset WAN and LAN settings” on
page 30.
• Admin and root password. Go to “To reset admin or root password” on page 50.
• Security configuration.
• YMM Control from WAN.
• During an installation or upgrade, triggers a software installation or an upgrade. For more
information about installation or upgrade, see the P400 Series Installation and Upgrade
Guide for YM Software v3.0.

Front View of Appliance 9

 Status Indicator LEDs
The following status LEDs and the MODE button are located on the front panel of the YM
appliance:

Figure 1.4 Indicator LEDs

Table 1.2 Explanation of LED Status Lights

SOLID BLINKING OFF
PWR Power is On N/A Power is Off
(green)
FAULT Fault detected System in boot or System in normal
(red) shutdown operation
LINK/ WAN port connected, WAN port connected, WAN port not connected
ACT No traffic Traffic exists
(blue)
10/100 WAN port 100Mbps N/A WAN port 10Mbps
(blue) Link connected Link connected
FULL/ WAN port in full WAN port collision WAN port in half duplex
COL duplex occurred in half duplex
(blue)
System is Ready System booting or System is not Ready
READY System shutting down or
(green)
RAID resynching
HDD1 Installed but not in use HDD in use Not installed
HDD2 Installed but not in use HDD in use Not installed
HDD3 Installed but not in use HDD in use Not installed
HDD4 Installed but not in use HDD in use Not installed
Special Cases
The FAULT and READY LEDs alert you to specific processes that are running on the YM
appliance:
• Power On Sequence: Both FAULT and READY LEDs blink simultaneously once every
second.
• Power Off Sequence: FAULT or READY LEDs blink alternately.
• File System Checking: Both FAULT and READY LEDs blink rapidly.
• Installation or Upgrade: Both FAULT and READY LEDs are on. After a few minutes,
both LEDs begin blinking. After an additional few minutes, the FAULT LED turns off.
The READY LED remains on and blinking until the installation/upgrade completes. Both
the installation process and the upgrade process require approximately 30 minutes to 1
hour to complete.
• RAID Resync: READY LED blinks rapidly. The length of the resync process can take up
to 8 hours depending on your configuration.

10 P400 Series User’s Manual for YM Software v3.0

Rear View of Appliance
The following components are located on the rear of the system:
• “On/Off Switch”
• “Emergency Power Switch”
• “Voltage Selector Switch and Power Receptacle”
• “Ethernet (LAN/WAN) Ports”
• “Serial Port”

On/Off Switch
The On/Off Switch, in the center of the rear panel, is a momentary switch. Use this switch to
properly power on or power off the YM appliance. Do not use the “Emergency Power Switch”
to power on or power off the YM appliance.

Emergency Power Switch

The Emergency Power Switch is off when the 0 is pressed in and is on when the 1 is pressed in.
The Emergency Power Switch, on the lower left of the rear panel, turns off the power
immediately, with the risk of damaging files. Use the Emergency Power Switch only after you
power off the YM appliance by using the “On/Off Switch”.

Figure 1.5 Rear View of Yellow Machine Appliance

Voltage Selector Switch and Power Receptacle

Caution: To avoid damaging your YM appliance, ensure that the voltage selection switch is set
to match the AC power that is available at your site.
Before Anthology Solutions ships the YM appliance, the voltage selector switch is set to match
the AC power available at your location. To determine which setting to use, go to “Electrical
Specifications and Power Requirements”.

Rear View of Appliance 11

 Ethernet (LAN/WAN) Ports
The YM appliance is equipped with nine RJ45 Ethernet ports: one for the WAN and eight for
the LAN switch. The 10/100 Mbps Ethernet WAN port is used to connect to an ADSL or cable
modem, or to any outside network.
Each of the eight 10/100 Mbps Ethernet LAN switch ports has two LED indicators. If the amber
LED is blinking, the port is operating at 100 Mbps. If the green LED is blinking, the port is
operating at 10 Mbps.

Serial Port
Use the standard 9-pin serial port to connect an Uninterruptible Power Supply (UPS). Use the
YMM to monitor the status of the UPS and to shut down the system in the event of a power
failure. The YM appliance supports all products in the APC Smart-UPS® family.
• To learn about UPS monitoring and system shutdown, go to “Monitoring Power To
Appliance” on page 133.
• To connect the YM appliance to a UPS, go to “Configuring a UPS” on page 134.

12 P400 Series User’s Manual for YM Software v3.0

 2
Product Requirements and Specifications
Chapter1

The YM appliance has system and space requirements, and operates under specific
environmental conditions and electrical specifications.
This chapter covers the following topics:
• “System Requirements”
• “Physical Specifications”
• “Temperature, Humidity, and Altitude Specifications”
• “Cooling Requirements”
• “Electrostatic Discharge”
• “Mechanical Vibration and Shock Specifications”
• “Electrical Specifications and Power Requirements”
• “Uninterruptible Power Supply”

System Requirements
Administrative PC
To set up and administer the YM appliance, you need a PC that meets the following
requirements:
• Microsoft® Windows® 2000, 2003, and XP
• (Mac OS X) Mozilla/Firefox
• (Windows) Internet Explorer 6.0 or greater
• 500MHz Pentium-compatible processor
• 128MB of RAM at minimum
Recommendation: For better performance, Anthology Solutions recommends 256MB of
RAM.
• CD-ROM or DVD drive
• 160 MB of disk space

Product Requirements and Specifications 13

 Network Clients
The following network clients are supported. Each client PC requires an Ethernet connection.
The YM appliance supports the following operating systems for clients:
• Microsoft® Windows® 2000, 2003, and XP
• Mac OS X 10.3 at minimum
• Unix or Linux through NFS

Physical Specifications
The YM appliance weights 7.94 Kg (17.5 lbs) with disk drives, and has the following physical
dimensions:
• Width: 14 cm (5.5 inches)
• Height: 17.8 cm (7.0 inches)
• Length: 30.7 cm (12.1 inches)

Environmental Requirements
Temperature, Humidity, and Altitude Specifications
The YM appliance operates under specific temperature, humidity, and altitude specifications.
Table 2.1 lists these specifications.
Table 2.1 Temperature, Humidity, and Altitude Specifications
Environmental Requirement Minimum Maximum
Operating temperature 0° C (32° F) 35° C (95° F)
Recommended operating 20° C (68° F) 25°C (77° F)
temperature
Nonoperating temperature 10° C (14° F) 50° C (22° F)
Operating altitude -15 m (-50 ft) -3,048 m (10,000 ft)
Nonoperating altitude -15 m (-50 ft) -12,192 m (40,000 ft)
Operating humidity 10% 90%
(noncondensing)
Recommended operating 40% 70%
humidity
Nonoperating humidity 5% 95%
(noncondensing)

14 P400 Series User’s Manual for YM Software v3.0

Cooling Requirements
Anthology Solutions recommends an operating temperature of 20°C (68°F) to 25°C (77°F). To
ensure proper ventilation and to prevent overheating, adhere to the following requirements:
Note: The YM appliance and UPS add to the surrounding temperature.
• Do not block any ventilation openings or push any objects into the openings. The YM
appliance’s ventilation openings are located underneath the bottom of the chassis.
• Place the YM appliance on a smooth, flat, and clean surface.
• Do not place the YM appliance on carpet or fabric.

Electrostatic Discharge
ESD (Electrostatic Discharge) is the rapid movement of an electrical charge from one object to
another. There charges are generated and stored in nonconductive surfaces such as plastic,
glass, paper, and natural fiber by friction or induction.
ESD can damage your YM appliance electronic components. All electronic components are
susceptible to EDS.
To minimize ESD, Anthology Solutions recommends the following guidelines:
• Maintain 40% to 70% relative humidity.
• Discharge static electricity from your body before you touch any of the YM appliance’s
electronic components. You can do so by touching an unpainted metal surface.
• Use standard antistatic techniques including a qualified ESD protection device such as a
wrist strap.

Mechanical Vibration and Shock Specifications

Construction or similar activities in close proximity to the YM appliance might produce unsafe
levels of mechanical vibration and shock. To prevent damage to disk drives, the room in which
you place the YM appliance must not exceed the YM appliance’s mechanical vibration and
shock specification. The YM appliance with packaging can tolerate 5-200MHz at 1Grms for 30
minutes in each direction.

Environmental Requirements 15
Electrical Specifications and Power Requirements
The YM appliance with 1TB requires a nominal input voltage range of 95-132V or 190-264V.
The YM appliance’s Input Voltage Selector Indicator has two settings: 115V and 230V. In the
US and Canada, the 115V setting is for AC power sources that operate anywhere between 95V
and 132V. The 230V setting handles ranges between 190V and 264V. The YM appliance with
1TB supports a frequency range of 47Hz-63Hz. Input voltages and frequency outside this range
will damage the YM appliance. To set the voltage range, go to “Voltage Selector Switch and
Power Receptacle” on page 11.
Protect the YM appliance from the power surges that might be caused by an unreliable power
supply or an electrical storm. Plug the YM appliance power cord into an optional, high-quality
surge protector.
To prevent electric shock, plug the equipment into properly grounded electrical outlets. Ensure
that the ground prong of the power plug is inserted in the ground contact of the power strip.
Incorrect insertion of the power plug could result in permanent damage to your equipment, as
well as risk of electric shock and or fire or both.

Uninterruptible Power Supply

To protect the YM appliance from power outages and power shortages, purchase an
Uninterruptible Power Supply (UPS). A YM appliance with 1TB consumes 60 Watts. A UPS
protects your data just as much as RAID. Install the UPS between the power outlet and the YM
appliance. A UPS stores limited back-up power to enable you to power off the YM appliance.
Power off the YM appliance during a power shortage or power outage to prevent damage to the
YM appliance’s disk drives. To configure a UPS, go to “Configuring a UPS” on page 134.

16 P400 Series User’s Manual for YM Software v3.0

 3
Powering On/Off and Rebooting Appliance
Chapter2

This chapter covers the following topics:

• “Powering On Appliance”
• “Powering Off Appliance”
• “Rebooting Appliance”

Powering On Appliance
To power on your YM appliance:

Recommendation: Anthology Solutions recommends that, at a minimum, you protect your

YM appliance by using a power strip with surge-protection, or ideally, by using an
Uninterruptible Power Supply (UPS). To configure a UPS, go to “Configuring a UPS”.
1. Ensure that the “Emergency Power Switch” is on. If it is not on, turn on the Emergency
Power Switch and wait five seconds.
2. Press and release the “On/Off Switch”. This action starts the power-on sequence. If you just
powered off the YM appliance, wait 5 seconds before powering on the YM appliance again.
• The system power status LED comes on. Both the FAULT and READY LEDs begin
blinking once per second.
• Upon completion, the PWR and READY LEDs and LEDs for each installed disk drive
are on. A normal power-on sequence takes one minute to complete.

Powering Off Appliance

The YM appliance is designed to remain on. However, power off your YM appliance under the
following circumstances:
• If there is an electrical storm or power outage.
• If you need to physically move or service the YM appliance.
Caution: Abruptly cutting the power to the YM appliance can damage the file system. Also, if
the YM appliance detects a file system error, the YM appliance starts the file system recovery
operation immediately. The FAULT and READY LEDs blink rapidly 3 times per second to
indicate that the file system recovery operation is in progress. The operation takes ten minutes
to 10 hours depending on how much data you have. Do not shut down the power when the
system is in file system recovery operation. Doing so might cause system failure or data loss.

Powering On/Off and Rebooting Appliance 17

 To power off your YM appliance through On/Off switch:

1. Using the “On/Off Switch” on page 11, press and hold the On/Off switch for one second,
then release it. The FAULT and READY LEDs blink alternately during the power off
sequence.
2. Wait several minutes to allow the YM appliance to complete a normal power-off sequence.
The YM appliance shuts down properly to prevent data loss. Upon completion, all LEDs
turn off.
To power off YM appliance through the YMM:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Power. The System Power window appears.
3. Click Edit.
4. Select the Power Off System checkbox to shut down the YM appliance. The confirmation
window appears.
5. Click Yes to continue or No to abort.

Rebooting Appliance
To reboot YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Boot Disk. The Boot Disk window appears.
3. Click Edit.
4. In the Boot Disk Status pane, select Reboot System checkbox and click Apply.
5. When prompted, click Yes to reboot. The system initiates the reboot process.

18 P400 Series User’s Manual for YM Software v3.0

 4
Configuring the Network
Chapter2

This chapter covers the following topics:

• “Example Configurations”
• “Using Appliance as Storage and Router”
• “Adding Yellow Machine Appliances”
• “Extending to Multiple Departments”
• “About Network Interface Settings”
• “Identifying Appliance IP Addresses”
• “Changing Network Interface Settings”
• “Fixing Incompatible Network Settings”
• “Resetting Network Settings”
• “Circumventing IP Address Delay”
• “Changing Host Name, Domain Name, and DNS Server”
• “Using Dynamic DNS With Appliance”
• “About Port Forwarding”
• “Setting Up Port Forwarding”
• “Administering Port Forwarding”
• “Enabling PCs as Clients”
• “Task Overview: Enabling Unix/Linux Systems as Clients”
• “Cloning MAC Addresses”

Configuring the Network 19

Example Configurations
The YM appliance has a number of applications:
• “Storage Only”
• “Storage and Network Router”
• “Storage and VPN Router”
• “Storage, Network Router, and VPN Router”
For specific information about supported VPN configurations, go to “Connecting Remotely To
Appliance” on page 95. For information about supported Active Directory configurations, go to
“Using Appliance in Active Directory Environment” on page 41.

Storage Only
If your current network has an existing connection to the Internet then you do not need to use
the YM appliance for both its storage and router capabilities. Instead, you can use the YM
appliance as storage only.
1. Connect your existing router to one of the YM appliance’s LAN ports as shown in Figure
4.1. If your PC currently connects to the network through a wall jack, then connect the YM
appliance as shown in Figure 4.1.
2. Set the YM appliance to NAS Only mode as outlined in the Read Me First for YM Software
v3.0.

Figure 4.1 YM Appliance as Storage Only: Example #1

Figure 4.2 YM Appliance as Storage Only: Example #2

20 P400 Series User’s Manual for YM Software v3.0

Storage and Network Router
If you are building a new network, and the network is to be connected to the Internet, then you
can use both the storage and router capabilities of the YM appliance. If you have an existing
router, you can replace it with the YM appliance.
1. Connect the DSL or cable modem to the WAN port on the YM appliance (Figure 4.3).
2. Set the YM appliance to Storage and Router mode as outlined in “Using Appliance as
Storage and Router” on page 23.

Figure 4.3 YM Appliance as Storage and Router

Storage and VPN Router

In addition to using the YM appliance’s storage capabilities, the YM appliance can be a Virtual
Private Network (VPN) router without the need to have the YM appliance as the gateway to the
Internet. Use this configuration if you do not want to replace your existing gateway, but you do
want to create a VPN.
1. Connect your existing router to one of the YM appliance’s LAN ports (Figure 4.1).
2. Set the YM appliance to NAS Only mode as outlined in the Read Me First for YM Software
v3.0.
3. Configure VPN with PPTP connection type as outlined in “Connecting Remotely To
Appliance” on page 95.

Figure 4.4 YM Appliance as Storage and VPN Router

Example Configurations 21
 Storage, Network Router, and VPN Router
In addition to using the YM appliance’s storage and router capabilities as shown in Figure 4.3,
the YM appliance can be a Virtual Private Network (VPN) router as shown in Figure 4.5. If you
have not yet set up your network, this configuration enables you to use all of the YM
appliance’s capabilities without the need to purchase a router. If you have an existing router,
you can replace it with the YM appliance.
1. Connect the DSL or cable modem to the YM appliance’s WAN port as shown in Figure 4.3.
2. Set the YM appliance to Storage and Router mode as outlined in “Using Appliance as
Storage and Router” on page 23.
3. Configure VPN as outlined in “Connecting Remotely To Appliance” on page 95.

Figure 4.5 YM Appliance as Storage, Network Router, and VPN Router

22 P400 Series User’s Manual for YM Software v3.0

Using Appliance as Storage and Router
When you initially set up your network configuration, the Read Me First for YM Software v3.0
walked you through how to use the YM appliance as storage only. However, you might want to
use the YM appliance as both a storage appliance and a router in Firewall or Proxy mode to
achieve greater security.
This procedure assumes the following:
• You are not using a static IP from your Internet Service Provider.
• You want to physically eliminate your existing router from your network configuration, and
that router is also your firewall.
• For simplification, your network configuration is similar to the network configuration in
Figure 4.1 and you intend to change your network configuration to match the network
configuration in Figure 4.3.
• Your YM appliance is powered on.
To change the YM appliance to a router:

1. Access the YM appliance and prepare to change the system mode:

a. Launch the YMC utility. To launch the YMC utility, go to “Launching YMC Utility”
on page 7.
b. Click Network, and wait for the YM appliance to appear.
c. Double-click on the YM appliance, and from the Yellow Machine Configuration
Wizard Login window, log on to the YM appliance. The Locale window appears.
d. Click Next to bypass the Locale window. The System Mode window appears.
2. Disconnect the router from the YM appliance’s LAN port and connect the router to the YM
appliance’s WAN port.
3. Edit system mode:
a. From the System Mode window, click Edit. The Changing System Mode window
appears.
b. Select the Storage and Router radio button, and click Apply.
c. Verify your selection, and click Next.
The YM appliance searches the WAN for DSL and DHCP (automatic) services, although
the YM appliance does not request an IP address. The WAN Connection window appears.
4. Do one of the following:
• If the WAN Connection window states Connection Type DHCP, click Next, and skip
to Step 6.
• If the WAN Connection window states Connection Type Static, proceed to Step 5.
5. Change WAN connection type from Static to DHCP:
a. In the WAN Connection window, click Edit.
b. Select the Obtain IP address automatically: Yes radio button, and click Apply. The
WAN Connection window appears.
c. Verify your selection, and click Next. The YMC utility searches the LAN for DHCP
services, and returns the following message:

Using Appliance as Storage and Router 23

 To configure ‘Storage and Router’ mode, LAN connection should be
set to static IP address.
d. Click OK.
6. Do one of the following:
• If the LAN Connection window states Connect Type Static, skip to Step 8.
• If the LAN Connection window states Connect Type DHCP, proceed to Step 7.
7. Change LAN connection type from DHCP to Static:
a. In the LAN Connection window, click Edit.
b. Select the Obtain IP address automatically: No radio button, select DHCP Service:
Enabled radio button or DHCP Service: Disabled radio button, and click Apply. The
LAN Connection window appears.
c. Verify your selection, and click Next. The Network Property window appears.
Note: If your router, like many routers today, is also your firewall, you must use the YM
appliance’s firewall capabilities to replace your router’s built-in firewall. If you do not use the
YM appliance as your firewall and you remove your existing router, your network will not be
protected.
8. Change the network security mode to Firewall or Proxy:
a. In the Network Property window, click Edit.
b. Select the Firewall radio button or Proxy radio button, and click Apply. The Network
Property window appears again.
9. Verify your configuration changes, click Next, and click Finish.
10. Replace your existing router with the YM appliance.
a. Power off the YM appliance using the “On/Off Switch” in the center of the rear panel.
Press and hold the On/Off switch for one second, then release it.
b. Power off the router.
c. Disconnect the router from your DSL or cable modem as you no longer need this
device.
d. Connect the YM appliance to your DSL or cable modem, replacing the router you just
removed.
e. Power on the YM appliance.
11. Renew PC’s IP address:
a. From the YMC, click Explore. The Yellow Machine Explorer window appears.
b. Double-click on YM. You receive the following message:
Cannot access Yellow Machine appliance as the network settings
are incompatible.
c. Click OK.
d. Click Renew IP.
The YM appliance is now both your router and firewall.

24 P400 Series User’s Manual for YM Software v3.0

Adding Yellow Machine Appliances
You can connect multiple YM appliances through the LAN ports to increase both storage
capacity and the number of LAN ports available for a home office or department. In this case,
LAN interfaces remain enabled and the WAN interfaces on the second YM appliance and
beyond are disabled. The WAN interface on first YM appliance is the default gateway.

Figure 4.6 Multiple Yellow Machine Appliances on a Network

Adding Yellow Machine Appliances 25

Extending to Multiple Departments
You can also use additional YM appliances for storage capacity expansion to multiple
departments with the option to augment security on a department-by-department basis.
Tip: Use the Server Description field (From the YMM, click Storage > Quick Network
Storage.) to label YM appliances that are specific to each department.
In the following network scenario, the WAN interface on the first YM appliance operates as the
default gateway to the Internet; however, network connections connect from the LAN port(s) on
the first YM appliance to the WAN ports on the second YM appliance and beyond. Those WAN
ports must remain enabled.

Figure 4.7 Creating Sub-Networks with Multiple Appliances

Security settings can remain in the default Router mode for the second YM appliance and
beyond. However, if you want to switch the YM appliance to Firewall mode or Proxy mode,
enable the External Access Control as outlined in “Enabling External Access Control” on
page 74. The effort required to maintain your network increases with the relative complexity of
your network configuration.

26 P400 Series User’s Manual for YM Software v3.0

About Network Interface Settings
If you use the YM appliance as a router, you need two IP addresses—one for the LAN side and
one for the WAN side. The YMM’s Network Interfaces window displays the network status
including LAN IP address (Private IP address) and WAN IP address (Public IP address), DHCP
services settings, and the default gateway:
To learn more about networking terminology, go to “Glossary” on page 151.

Set-up Method
This field shows how each IP address is configured.

Static IP address assigned manually by the administrator

DHCP Client IP address acquired from a DHCP server
PPPoE Client IP address acquired from the ISP's PPP server

Interface
This field shows whether each interface is enabled or disabled.

Enabled Interface is enabled

Disabled Interface is disabled

Link Status
This field shows whether the interface is connected or not.

Connected Ethernet cable connected

Disconnected Ethernet cable disconnected

DHCP Service
This field shows whether the DHCP Server service is enabled or not. Your choices are:

Enabled Connected PCs can get IP addresses from the YM appliance

Disabled DHCP Service disabled

The starting address of the DHCP service is 172.16.1.100 presuming the default LAN address
of the YM appliance is 172.16.1.1. The ending IP address is 172.16.1.200 and the lease time is
one day.

Default Gateway The default gateway enables you to connect to the Internet through the
WAN port on the YM appliance to use the YM appliance’s integrated
router. If your interface is set up for either DHCP Client or PPoE Client,
the default gateway is automatically obtained from a server. Therefore,
you cannot edit the default gateway. If your interface is Static, the LAN
IP address (Private IP address) is set for the default gateway.
LAN Port Status If you click LAN Port Status, the LAN port status window appears and
shows each port's connection status and speed. The LAN port status will
be constantly updated until the window is closed.

About Network Interface Settings 27

Identifying Appliance IP Addresses
If you use the YM appliance as a router, you need two IP addresses—one to communicate on
the internal network or LAN and another to communicate on the Internet (WAN).
For conceptual information about network interface settings, go to “About Network Interface
Settings” on page 27.
To identify the YM appliance’s IP addresses:

1. Log on to YMM. To log on to the YMM, go to “Logging On To YMM” on page 8.

2. From the YMM, click Network > Network Interfaces. The Network Interfaces window
appears, and lists the WAN IP address (Public IP address) and LAN IP address (Private IP
address).

Changing Network Interface Settings

To prevent network conflicts, after you change network interface settings, wait one to two
minutes for the system to initialize the change before making additional changes.
For conceptual information about network interface settings, go to “About Network Interface
Settings” on page 27.
To change your LAN settings:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Network > Network Interfaces. The Network Interfaces window
appears.
3. Click Edit.
4. Select Yes to Enable LAN Interface. Default: Yes (Enabled)
• If you select No, all other LAN option fields are blocked.
• If you disable the LAN Interface, the only access to the YM appliance is through the
WAN port. Anthology Solutions does not recommend this configuration.
5. Check Enable DHCP Service if the DHCP service is needed for the PCs attached to the YM
appliance’s LAN ports. This setting makes the YM appliance the DHCP server for your
LAN (or sub-network), providing IP addresses dynamically for the clients connected to the
LAN ports. Default: Checked (Disabled)
6. Select either Obtain IP Address Automatically from DHCP Server, or Static IP Address.
Default: Static IP Address
• Choose Obtain IP Address Automatically from DHCP Server if your YM appliance
connects to either a router that has DHCP service enabled or to a cable modem. This
setting makes the YM appliance a DHCP client on your network.
• Obtain IP Address from ADSL provider is greyed out.
• Choose Static IP Address if your network is locally defined and controlled and does not
use DHCP services. Type the IP address manually.
7. Specify IP address and Subnet mask if you selected a Static IP Address, and click Apply.

28 P400 Series User’s Manual for YM Software v3.0

 8. Click Yes to confirm, No to abort. The changes takes affect within five seconds after the
network interface change notice appears.
To change your WAN interface settings:

1. From the YMM, click Network > Network Interfaces. The Network Interfaces window
appears.
2. Click Edit.
3. Select Yes to Enable WAN Interface if you are connecting any network device to the WAN
port. Select No if you are not using the WAN port. The other WAN option fields are greyed
out. Default: No (Disabled).
Recommendation: To improve performance, Anthology Solutions recommends that you leave
the WAN interface disabled if you are not using the WAN port.

Fixing Incompatible Network Settings

When you access a Yellow Machine (YM) appliance through the Yellow Machine Control
(YMC) utility’s Explore feature, you might receive the following message:
Cannot access Yellow Machine appliance as the network settings are incompatible
This message means that your YM appliance and PC cannot communicate with each other
because they have different IP address schemes.
The following scenarios represent your current settings, but the solution is to change your PC's
IP address, YM appliance's IP address, or both. This incompatibility can occur for a variety of
expected reasons, including disconnecting devices from a network.

PC Client:
• Saved its dynamic IP address (for example, 10.x.x.x.)
• Saved its static IP address (for example, 10.x.x.x).
• Defaulted to a Windows-defined IP address of 169.x.x.x.

YM Appliance:
• Saved its dynamic IP address of 10.x.x.x.
• Saved its static IP address of 172.16.1.1 or, for example, 10.x.x.x.
• Defaulted to a YM-defined IP address of 0.0.0.0.
To change PC's LAN IP address (Private IP address) settings:

1. From Windows XP, click Start > Control Panel > Network and Internet Connections
Network Connections > Local Area Connection > [Properties] >
Internet Protocol (TCP/IP) > Properties. The General dialogue box opens.
2. Make your selection.
3. Click OK, and close the open Control Panel windows.
To change YM Appliance's LAN IP address (Private IP address) settings:

1. From YMC, click Network. The Network Setup window appears.

Fixing Incompatible Network Settings 29

 2. Double-click on the YM appliance. The Configuration Wizard Login window appears.
3. Log on to the configuration wizard.
4. Click Next, and click Next again. The LAN Connection window appears.
5. Click Edit.
6. Do one of the following:
• To assign a static IP address, select the Obtain IP address automatically: No radio
button, enter correct IP address, and click Apply.
• To assign a dynamic IP address, select the Obtain IP address automatically: Yes radio
button, and click Apply.
7. Click Next, click Next again, and click Finish.
8. Select one of the following options:
• Obtain IP Address Automatically from DHCP Server. Choose this option if your
YM appliance is connected to either a Router which has DHCP services enabled, or to a
cable modem, in which case, the IP address is supplied by your ISP. This is the default.
• Obtain IP Address from ADSL provider. Choose this option if your YM appliance is
connected to an ADSL modem (not an ADSL Router). This option requires that you
supply a user name and password (typically made available by your ISP or DSL
provider). For more information about your particular device, refer to the ADSL service
provider documentation.
• Static IP Address. Choose this option if your YM appliance is connected to a local
network which does not have any DHCP service. You must specify the IP address and
subnet mask value.
9. Enter a User Name and Password for the ADSL account if required.
10. Specify the IP address and subnet mask, if Static IP Address is selected, and click Apply.
11. Click Yes to confirm, or No to abort. The changes take effect within five seconds after the
network interface change notice appears.

Resetting Network Settings

To reconfigure your network from scratch, reset WAN and LAN settings as follows:

WAN Disabled
LAN DHCP Client

This procedure resets additional YM appliance settings to the factory default. To learn about
these additional settings, go to “MODE Button” on page 9.
To reset WAN and LAN settings:

1. Locate the “MODE Button” on the front panel, to the right of the indicator LEDs (Figure
1.3).
2. With the system running, push and hold the MODE button and at the same time,
momentarily press and release the “On/Off Switch”. The YM appliance resets to the factory
defaults and shuts down gracefully.

30 P400 Series User’s Manual for YM Software v3.0

Circumventing IP Address Delay
A PC on the LAN obtains an IP address from the YM appliance. This connection between the
two devices might take 15 minutes or more after you reboot the YM appliance or change to the
YM appliance’s LAN or WAN interface settings. When a communication error occurs, a PC
times out and waits for a new connection to be established.
An option with Windows XP is to disconnect the Ethernet cable from the PC, and then
reconnect the Ethernet cable. Alternatively, you can establish a connection from a DOS prompt
to bypass the waiting period.
To renew a connection in Windows XP/2000:

1. From the Start menu, go to Programs > Accessories > Command Prompt
2. From a DOS prompt, type ipconfig /release and press Enter.
3. Type ipconfig /renew and press Enter.

Changing Host Name, Domain Name, and DNS Server

The Host Configuration menu item enables you to set the following information for your
Domain Name Server:
• Host Name
• Domain Name
• DNS Server’s IP Address
This information is used to control Internet services including mail delivery.
To change host configuration settings:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Network > Host Configuration. The Host Configuration window
appears.
3. Click Edit.
4. Enter the host configuration information, and click Apply to save.

Host Name Any unique name that you want to give the YM appliance. Although the
YM appliance accepts other entries, for PCs on the network to see the
YM appliance, the hostname must adhere to the following requirements:
• Must not contain spaces.
• Must not contain special characters. Go to “Character Restrictions and
Limitations” on page 54.
• Must not be longer than 8 characters.

Circumventing IP Address Delay 31

 Domain Name An Internet domain name. The domain name setting on your YM
appliance is your company’s domain name for e-mail and other web
services. If your interface set method is either DHCP Client or PPPoE
Client, then this “Domain Name” is automatically obtained from either
the DHCP server or your ISP's PPP server and you don’t need to enter
anything here.
DNS Servers The IP addresses of the DNS servers for your network. Just as for
Domain Name above, DNS Server information is obtained from either
the DHCP server or your ISP's PPP server.

Using Dynamic DNS With Appliance

To avoid updating your connection each time your IP address changes, use a Dynamic Domain
Name Service (DDNS). DDNS enables the Internet to translate a dynamic IP address to a static
hostname.
To request a hostname for the YM appliance, register with a DDNS vendor such as DynDNS at
http://www.dyndns.com/. DDNS is only available when you use the YM appliance as a
gateway.
To specify Dynamic DNS for the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, go to Network > Host Configuration. The Host Configuration window
appears.
3. In the DDNS Client Options pane, click Edit.
4. Register with a DDNS service provider if you have not already done so:
a. Select the Yes radio button.
b. In the DDNS Service Provider drop-down list, select a service provider.
c. Click Visit & Register.
d. Complete the service provider’s registration, and record the following information:
• Account Name. Account name that you used to register for the DDNS.
• Password. Password that you used to register for the DDNS.
• Domain Name or Custom Domain. The Internet domain name that you registered
with the DDNS service provider. Providers such as DynDNS provide
customers free, predefined domain names. DynDNS also provides customers
the ability to purchase customized domain names whereby the customer
chooses the complete domain name. Use the DDNS Domain Name field to
specify the predefined domain name that you received free of charge. Use the
DDNS Customer Domain field to specify the customized domain name that
you purchased.
5. Provide the DDNS account information:
a. In the DDNS Service Provider drop-down list, select the service provider if you have
not already done so.
b. Specify Domain Name, Account Name, and Password that is registered with the DDNS
service provider.
6. Click Apply.

32 P400 Series User’s Manual for YM Software v3.0

About Port Forwarding
Port Forwarding enables you to retain the security that the YM appliance in Firewall mode
offers, and still enable users to access certain services. Port Forwarding provides functionality
for VPN, VoIP, or Internet gaming. You can also use this function to establish a Web, FTP, or
File Server on the LAN through the YM appliance.
Port Forwarding (also know as tunneling) redirects Internet traffic on a given port to a specific
computer on the LAN. When users from the Internet make connection requests to the YM
appliance, the YM appliance can forward those requests to specific servers on the LAN to
service the requests.
• By default, FTP and Telnet pass-through services are not enabled because these services are
not secure. To enable these services, you must port forward the requests to a server.
• By default, VPN pass-through services are enabled. Nonetheless, you must port forward the
requests to a VPN router. To learn about how to enable the YM appliance as a VPN router,
go to “About Creating VPN Connections To Appliance” on page 96.
To enable port forwarding on a YM appliance, perform the following sequence of tasks:
Task Instructions
1. Establish a public IP address for the Contact your ISP.
YM appliance’s WAN interface.
2. Ensure that YM appliance is in “Changing Security Mode Settings” on page 69
Firewall mode.
3. Set up port forwarding. “Setting Up Port Forwarding” on page 33

Setting Up Port Forwarding

This procedure assumes the following:
• You have a public IP address, which your ISP provided. A public IP address in one that is not
hidden behind a firewall. In this procedure, you will assign this public IP address to the YM
appliance’s WAN interface.
• The YM appliance is in Firewall mode. To change security modes, go to “Changing Security
Mode Settings” on page 69.
To set up port forwarding:
Before Contact your ISP to obtain a public IP address if you do not already have one. Then, ensure that
You the YM appliance is in Firewall mode. To change security mode settings, go to “Changing
Begin Security Mode Settings” on page 69.
1. Log on to YMM. Go to “Logging On To YMM” on page 8.
2. (FTP &Telnet Services Only) Enable FTP and Telnet access for each user that needs to
initiate an FTP or a Telnet request.
a. Log on to YMM. Go to “Logging On To YMM” on page 8.
b. From the YMM, click User > User Accounts. The User Accounts window appears.
c. For the user account to which you need to assign FTP or Telnet access, click Edit.
d. Select the FTP Access Yes radio button or the Telnet radio button.
e. Click Apply.

About Port Forwarding 33

 3. From YMM, go to Network > Network Interfaces, and record the IP address and the subnet
mask of the YM appliance’s LAN interface.
4. On the computer that you want to receive the service request, set a static IP address, and
enter the subnet mask that you recorded in Step 3.
Port Forwarding redirects Internet traffic on a given port to a specific computer on your
network. Therefore, ensure that the target computer keeps the same IP address by assigning
that computer a static IP address. Ensure that the IP address that you assign does not
conflict with any IP address that the DHCP server might assign.
5. From the YMM, go to Security > Port Forwarding, and create a new port forwarding entry:
a. Click Add New to establish Port Forwarding or to make changes to any of the
parameters previously established. The Edit Port Forwarding window appears.
b. Enter Application Name.
c. Enter Source IP Address. This IP address is the IP address of the remote computer that
initiates a service request. If you want to grant the service to all computers that initiate a
request, then enter 0.0.0.0 in the Source IP Address field.
d. Enter Start Port and End Port.
• To forward to a range of application ports, enter the beginning of the range in Start
Port and end of the range in End Port. Some Internet games require port
forwarding of various ranges in order to work correctly through firewalls. If you want
to establish a networked game through the YM appliance, obtain the port range from
the game vendor. Table 4.1 provides examples.
Table 4.1 Ports Used By Internet Games
Game Port Numbers
Battlefield 1942 4711, 14567, 14667, 14690,
23000-23009, 27900, 28900
Blizzard Realm Games 4000
Unreal Tournament 2004 7777-7778, 7787, 28902
MSN Game Zone 6667, 28800-29000
World of Warcraft 3724, 6112, 6881-6999
Downloader
Rome Total War 6500, 13139, 26220

• To forward to a single port, either enter the same number in both Start Port field and
End Port field, or enter the port number for Start Port and enter 0 for the End
Port.Table 4.2 provides examples.
Table 4.2 Ports Used By Network Applications

Application Port Protocol

Numbers
FTP-DATA 20 TCP
FTP 21 TCP
TELNET 23 TCP
SMTP 25 TCP
POP3 110 TCP
DNS 53 TCP & UDP
HTTP 80 TCP
HTTPS 443 TCP

34 P400 Series User’s Manual for YM Software v3.0

 Table 4.2 Ports Used By Network Applications

Application Port Protocol

Numbers
IPSEC-DATA 500 UDP
PPTP 1723 TCP
IPSEC 4500 UDP

e. Enter Protocol. Table 4.3 provides examples.

Table 4.3 Protocol Numbers
Protocol Protocol Number
Name
IP 0
ICMP 1
TCP 6
UDP 17
GRE(PPTP) 47
IPSEC-ESP 50
IPSEC-AH 51

f. Enter valid Target IP Address.

g. Select the Enable checkbox, and click Apply. The YM appliance is now configured to
forward the service requests.

Administering Port Forwarding

To enable or disable port forwarding entries:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, go to Security > Port Forwarding. The Port Forwarding window appears.
3. Click Add New. The Edit Port Forwarding window appears.
4. Deselect the Enable checkbox or Disable checkbox for each entry that you want to enable or
disable, and click Apply.
To delete port forwarding entries:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, go to Security > Port Forwarding. The Port Forwarding window appears.
3. Click Add New. The Edit Port Forwarding window appears.
4. Select the Delete checkbox for each entry that you want to delete, and click Apply.

Administering Port Forwarding 35

Enabling PCs as Clients
Some software applications require that you map the YM appliance to a network drive before
you can access the folders on the YM appliance from that application. Once the Yellow
Machine appliance is mapped as a network drive, the software application accesses a shared
folder through the drive letter that you assign.
Tip: Use the drive letter Y (short for Yellow MachineTM appliance) to help you remember the
drive letter to the YM appliance.
To map a shared network drive in Windows® XP:

1. Launch Windows Explorer.

2. Go to Tools > Map Network Drive. The Map Network Drive dialog box appears.
3. Choose an available drive letter from the drop-down list next to Drive. Drives already
mapped will have a shared folder name displayed in the drop-down list next to the
associated drive letter.
4. Click Browse and select the YM appliance’s logical disk from the list of shared network
resources under the Microsoft Windows Network node.
5. Leave the Reconnect at login checkbox selected if you want to map this network drive
permanently. If you deselect this box, once you log off this computer, the drive is no longer
mapped.
6. Do the following if the YM appliance’s shared folder requires a user with sufficient
privileges to access the folder:
a. Click Connect using a different user name.
b. Enter that user name and password in the dialog box and click OK.
c. Click Finish.
For more information about user account access, go to “Administering User Accounts in
Workgroup Environment” on page 47.

Troubleshooting Tips
If the network drive cannot be mapped:
• Ensure that the folder was correctly set up for sharing on the YM appliance. To modify folder
access permissions on the YM appliance, go to “Working With Files, Folders, and Storage”
on page 53.
• Check that you entered the correct user name and password.
• Check that the computer network connections are functioning properly.

36 P400 Series User’s Manual for YM Software v3.0

Task Overview: Enabling Unix/Linux Systems as Clients
To enable Unix/Linux systems to connect to the YM appliance as clients, perform the following
sequence of tasks:
Task Instructions
1. Enable NFS. “Enabling NFS on the Appliance” on page 37
2. Mount the YM appliance’s file system. “Mounting Appliance Volume” on page 38

Enabling NFS on the Appliance

The YM appliance uses Network File Sharing (NFS) protocol to enable Unix/Linux/Mac OS X
systems to share files on the YM appliance with other Unix/Linux/Mac OS X systems. The YM
appliance uses Samba to enable Unix/Linux/Mac OS X systems to share files on the YM
appliance with Windows clients. Because most networks have Windows clients, Samba is
enabled by default on the YM appliance.
Samba requires a lot of processing power. Therefore, if you do not have any Windows clients in
your network, enable NFS to achieve better performance. If you have a mixed environment, you
can enable NFS; however, Samba cannot not overcome Windows character limitations outlined
in “Character Restrictions and Limitations” on page 54.
To enable NFS on the YM appliance:

1. Log on to YM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
3. In the Network Storage Configuration pane, click Edit.
4. Click Edit. The Quick Network Storage window appears.
5. Select the logical drive.
6. Select the Enable NFS checkbox, and click Apply.
7. Verify your selection, and click Accept to accept the changes.
Next Mount the file system. Go to “Mounting Appliance Volume”.
Step
Return To return to the task overview that applies to this task, go to “Task Overview: Enabling Unix/
To Task Linux Systems as Clients” on page 37.
Overview

Task Overview: Enabling Unix/Linux Systems as Clients 37

Mounting Appliance Volume
Before Enable NFS. Go to “Enabling NFS on the Appliance”.
You
Begin To mount the YM appliance’s volume:

1. Telnet to your Unix or Linux system.

2. Run the following command:
# mount -t nfs IPAddress:/mnt/diskNumber /mnt/mountPoint
• Where IPAddress is the YM appliance’s LAN IP address if the YM appliance is in NAS
Only mode, or where IPAddress is the YM appliance’s WAN IP address if the YM
appliance is in Router, Firewall or Proxy mode.
• Where diskNumber is the logical disk on the YM appliance.
• Where mountPoint is a directory.
Return To return to the task overview that applies to this task, go to “Task Overview: Enabling Unix/
To Task Linux Systems as Clients” on page 37.
Overview

Cloning MAC Addresses

If the YM appliance is used as the Internet gateway, you might want to change the YM
appliance's WAN MAC address.
Some ISPs require that a customer use the same computer each time the customer wants to
connect to the Internet. To implement this requirement, the ISP refuses any connection if the
Media Access Control (MAC) address on the customer's computer does not match the MAC
address that is registered with the ISP.
If your ISP has this requirement, and you want to use the YM appliance in this environment, use
the YM appliance's MAC address cloning feature. This feature enables you to change the YM
appliance’s MAC address to reflect your computer’s MAC address.
To clone a computer’s MAC address on the YM appliance:

1. Determine your computer’s MAC address. For example, in Windows XP, perform the
following steps as shown in Figure 4.8:
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type Getmac and press Enter.

Figure 4.8 Determining Computer’s MAC Address

2. Log on to YMM. Go to “Logging On To YMM” on page 8.
3. From the YMM, click Network > Network Interfaces. The Network Interfaces window
appears.

38 P400 Series User’s Manual for YM Software v3.0

4. In the WAN MAC Address pane, click Edit. The Edit WAN MAC Address window
appears.
5. Select the No radio button.
6. In the Enter WAN MAC Address field, replace the YM appliance’s default MAC address
with the MAC address that you identified in Step 1, and click Apply.
The ISP now recognizes the YM appliance as the computer that is registered with the ISP.

Cloning MAC Addresses 39

 5
Using Appliance in Active Directory
Chapter4

Environment
This chapter covers the following topics:
• “About Active Directory”
• “Switching Between Workgroup and Active Directory”
• “Task Overview: Configuring Appliance for Active Directory”
• “Supported Active Directory Configurations”
• “Configuring Appliance for Active Directory Environment”
• “Creating a Directory Structure on Appliance”

About Active Directory

Active Directory is a service that is included with Microsoft® Windows Server 2003 and
Microsoft Windows 2000 Server operating systems. Active Directory enables centralized,
secure management of a network. For more information about Active Directory, go to
www.microsoft.com.
With YM Software v3.0, you can use YM appliances in an Active Directory environment. You
no longer need the YM appliance to manage user accounts and user rights and permissions.
Instead, you can configure a YM appliance to enable Active Directory to manage the user
accounts. From that point forward, you set user rights and permissions as you would in a
Windows environment.

Using Appliance in Active Directory Environment 41

Switching Between Workgroup and Active Directory
Any user names and passwords that you create in a Workgroup environment on the YM
appliance do not interoperate with Active Directory. You must manually recreate the user
accounts on the Active Directory server. Once you begin to use the YM appliance in an Active
Directory environment, do not switch to a Workgroup environment. If your Active Directory
server becomes unavailable, wait for that server to become available.

Task Overview: Configuring Appliance for Active Directory

To configure a YM appliance to work in an Active Directory environment, perform the
following sequence of tasks for each YM appliance that you want to operate as a Active
Directory member. This process requires approximately 15 minutes:
Task Instructions
1. Ensure that your configuration is supported. “Supported Active Directory Configurations”
on page 43
2. Retrieve the following information from the domain Refer to your Active Directory documentation.
controller.
• Domain controller’s IP address.
• Domain name.
• Password server’s IP address, if you have a
designated server to manage passwords.
• User name and password for the Administrator
on the Active Directory server.
3. Configure the YM appliance to communicate with “Configuring Appliance for Active Directory
the Active Directory server. Environment” on page 45
4. If your YM appliance is new, create the directory “Creating a Directory Structure on Appliance”
structure on the YM appliance. on page 46
If you upgraded to YM Software v3.0, you do not
need to create the directory structure because the
YM Installer migrated your files and folders with
the original Creator/Owner in tact.

42 P400 Series User’s Manual for YM Software v3.0

Supported Active Directory Configurations
Appliance as Member
As Figure 5.1 shows, YM Software v3.0 supports the YM appliance as a member (a client) in an
Active Directory environment. The YM appliance cannot be a server. However, the YM
appliance can communicate with an Active Directory server (ADS1) and a secondary Active
Directory server (ADS2)—even when that secondary Active Directory server is at a remote
location.

Figure 5.1 YM Appliance as Member in ADS Environment

Supported Active Directory Configurations 43

 VPN in Active Directory Environment
As Figure 5.2 shows, the YM appliance is not supported as VPN router or gateway in an Active
Directory environment at this time.

Figure 5.2 YM Appliance as VPN Router and Gateway in ADS Environment

44 P400 Series User’s Manual for YM Software v3.0

Configuring Appliance for Active Directory Environment
You must set the appropriate permission policy to ensure that Active Directory Server manages
all user access to the YM appliance and permissions. In this procedure, you create a user
account on the domain controller by supplying YMM the specific information about the domain
controller.
To configure YM appliance for Active Directory environment:
Before Retrieve the following information:
You
Begin • Domain controller’s IP address
• Domain name
• Password server’s IP address, if you have a designated server to manage passwords
• User name and password for the Administrator on the Active Directory server.

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. If the YM appliance is a DHCP server, specify the domain name:
a. From the YMM, click Network > Host Configuration. The Host Configuration window
appears.
b. In the DNS Client Options pane, click Edit.
c. Type the domain name in the Domain Name field, and click Apply.
3. Set the permission policy, and enable YM appliance to become an Active Directory
member by enabling YMM to create a resource on the domain controller:
a. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
b. In the Windows Network Global Options pane, click Edit.
c. From the Security Level drop-down menu, select ADS:
d. Specify values for the following fields, and click Apply.

Server Description YM appliance’s host name. Enables you to identify the

YM appliance in Windows Explorer.
ADS Server Active Directory server’s IP address.
Password Server Password server’s IP address. If you do not have a
password server, specify the Active Directory server’s IP
address.
ADS Admin Name User name for the Administrator on the Active Directory
server. Allows the YM appliance to become an Active
Directory member.
ADS Admin Password Password for the Administrator on the Active Directory
server.

4. Verify that YMM created the YM appliance’s resource on the domain controller.

Configuring Appliance for Active Directory Environment 45

 Troubleshooting Tips
If you are using the YM appliance as a DHCP server, ensure that you configured the YM
appliance with the correct DNS server. To change DNS server, go to “Changing Host Name,
Domain Name, and DNS Server” on page 31. If the YM appliance is not a DHCP server, the
YM appliance automatically receives the DNS server information from the network’s DHCP
server.

Creating a Directory Structure on Appliance

YM appliances ship with system software already installed. If your YM appliance shipped with
YM Software v3.0 installed, you must create a directory structure. If you upgraded to YM
Software v3.0, you do not need to perform this procedure because the YM Installer migrated
your files and folders with the original Creator/Owner.
Folders on the logical drive(s) inherit the Creator/Owner of the logical drive(s). Subfolders on a
YM appliance inherit the Creator/Owner of the parent folder. In an Active Directory
environment with a new YM appliance that has YM Software v3.0 pre-installed, the default
Creator/Owner for a logical drive is root, and the default Creator/Owner for folders that YM
Installer created on the logical drive(s) is nobody. The only user that can change file and folder
permissions is the Creator/Owner and administrator.
Note: If you do not create a directory structure that is conducive to the YM appliance’s
inheritance rules, a user that cannot log on to the domain controller as Administrator cannot
assign permissions to files and folders even if that user created the file or folder.
In most work environments, users need to create folders and assign permissions to those folders.
The directory structure outlined in this procedure is an ideal directory structure for most work
environments.
To create a directory structure on the YM appliance:

1. Log on to a computer as Administrator for the Active Directory server.

2. Using My Network Places or MacTM Finder, create a directory structure on the YM
appliance that enables users to set permissions on folders that they create. The following
example achieves this goal by creating a home directory for each user.

3. Assign the appropriate Creator/Owner to the new folders that you created in Step 2 and to
any folders that the YM Installer created.

46 P400 Series User’s Manual for YM Software v3.0

 6
Administering User Accounts in Workgroup
Chapter5

Environment
This chapter assumes that the YM appliance is not in an Active Directory environment and that
you intend to administer user accounts in a Workgroup environment. If the YM appliance is in
an Active Directory environment, go to “Using Appliance in Active Directory Environment” on
page 41.
This chapter covers the following topics:
• “About Managing User Accounts”
• “Managing User Accounts in YMM”
• “Managing Superuser Accounts in YMM”
• “Managing Group Accounts in YMM”

About Managing User Accounts

In a Workgroup environment, YM appliance you must use YMM to administer user access to
the YM appliance.
As outlined in “Working With Files, Folders, and Storage” on page 53, users can have equal
access to all logical drives and all files and folders. In this case, users do not require user
accounts. However, if you want to restrict access at either the disk or folder level for one or
more users, all users must have user accounts. Group accounts provide a convenient way to
assign a set of permissions to groups of users.

Managing User Accounts in YMM

Before you can control a user’s access to the storage, you must create an account.To ensure a
secure user name and password for the account, the user name and password must adhere to the
following guidelines:
• Must be unique
• Cannot contain spaces
• Are case sensitive
• Cannot start with a number
• Must not contain special characters as outlined in “Character Restrictions and Limitations”
on page 54.
• Contain a combination of at least 6 to 8 alpha and numeric characters.

Administering User Accounts in Workgroup Environment 47

 The following accounts are reserved for system administration only:
Table 6.1 User Accounts
Admin Default superuser account for YMM administration. Additional
superusers can be assigned (initially by admin) to administer the YMM.
All accounts that display SuperUser in the Description field are
superuser accounts. YMM is accessible only by those with superuser
status.
Postman System e-mail recording administrator account. When the system is set
for Proxy security mode, you manage recorded e-mail using this account.
All recorded e-mail is accessible from any e-mail client (for example,
Microsoft Outlook) by setting up a postman e-mail account in that e-mail
application.
The default postman password is postman. For security reasons,
Anthology Solutions recommends that you change the postman
password.
To set up a postman account, go to “Creating a Postman Account in
Outlook” on page 147.
Root Default Linux/Unix system superuser. You cannot delete this account. In
some cases, you must provide the password for this account in order for
Anthology Solutions Technical Support to troubleshoot your YM
appliance.

To set up a new user:

1. Set up the account user name and password on user's PC. The user name and password on
the YM appliance must match the user Name and password on the user's PC.
2. Log on to YMM. Go to “Logging On To YMM” on page 8.
3. From the YMM, click User > User Accounts. The User Accounts window appears.
4. Click Add New.
5. Enter the user name, description, and password.
6. Click Apply.
Next To set up a storage quota for the user account you just created, go to “Setting User Storage
Step Quotas” on page 58.
To modify an existing user account:

1. Change the account user name and password on user's PC. The user name and password on
the YM appliance must match the user name and password on the user's PC.
2. Log on to YMM. Go to “Logging On To YMM” on page 8.
3. From the YMM, click User > User Accounts. The User Accounts window appears.
4. Click Edit.
5. Make the changes to password or description, and click Apply.

48 P400 Series User’s Manual for YM Software v3.0

 To delete a user account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > User Accounts. The User Accounts window appears.
3. Click Delete. The YM appliance asks you if you want to continue.
4. Click Yes if you want to Delete that user from the system, or click No to return to the User
Account List without deleting the user account.

Managing Superuser Accounts in YMM

A superuser logs into the YMM and performs administrative functions. The Superuser
Accounts menu item allows an administrator (superuser) to create, modify, or delete the YM
appliance superuser accounts. A superuser account with administrative privileges reads
SuperUser in the Description field when displayed in the User Account list.
Recommendation: The default superuser account login name is admin with a password of
admin. For security reasons, Anthology Solutions recommends that you change the default
admin password.
Once you change the password, the default password no longer appears. You must use the
newly created password the next time you log in. Save the new superuser name and password in
a safe place. Without the password, you will be locked out of the YM appliance.
Once you create a superuser, you cannot change that user name. However, you can create a new
superuser and, after you have done so, delete the old user name.
To create a superuser account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > Superuser Accounts. The Superuser Accounts window
appears.
3. Click Add New.
4. Enter the superuser name and password.
5. Re-enter the password to confirm.
6. Click Apply.
To modify a superuser account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > Superuser Accounts. The Superuser Accounts window
appears.
3. Click Edit adjacent to the superuser name that you want to modify in the superuser account
window.
4. Edit superuser information.
5. Click Apply.

Managing Superuser Accounts in YMM 49

 To delete a superuser account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > Superuser Accounts. The Superuser Accounts window
appears.
3. Click Edit adjacent to the superuser name to be modified in the superuser account window.
4. Click Delete.
5. Click Yes to continue, No to abort.
To reset admin or root password:

Use this procedure if you forgot your admin or root password and need to reset it as follows:

User Name admin

Password admin

Note: For security purposes, this manual does not disclose the default root password.
This procedure resets additional YM appliance settings to the factory default. To learn about
these additional settings, go to “MODE Button” on page 9.

1. Locate the MODE button on the front panel, to the right of the indicator LEDs (Figure 1.3).
2. With the system running, push and hold the MODE button and at the same time,
momentarily press and release the “On/Off Switch”. The YM appliance resets to the factory
defaults and shuts down gracefully.

Managing Group Accounts in YMM

Group accounts provide a convenient way to manage file and directory permissions for multiple
users.
Group accounts are used in YMM’s File Manager to allow specific access permissions for a
group of users. Only valid users can be members of a group account.
To create a group account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > Group Accounts. The Group Accounts window appears.
3. Click Create a new group.
4. Type in a descriptive name for a group of users. Adhere to the following guidelines and
requirements:
• No spaces
• Does not start with a number
• Not case sensitive
5. Click the Selector button, and wait for the Select Users pop-up window to appear.

50 P400 Series User’s Manual for YM Software v3.0

6. Add users or remove members:
• To add users to the group, click the users from the left side of the Select Users window.
• To remove members from the group, click the users from the right side of the Select
Users window.
7. Click OK at the Select Users window.
8. Click Apply.
To modify a group account:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click User > Group Accounts. The Group Accounts window appears.
3. Click Edit for the group that you want to modify in the Group Account List.
4. Click the Selector button, and wait for the Select Users window to appear.
5. Add or remove users from the group:
• To add users to the group, click the users from the left side of the Select Users window.
• To remove users from the group, click the users from the right side of the Select Users
window.
6. Click OK at the Select Users window.
7. Click Apply.
To delete a group account:

1. Click Delete adjacent to the group to be deleted in the Group Account List.
2. Click Yes to continue, or No to abort.

Managing Group Accounts in YMM 51

 7
Working With Files, Folders, and Storage
Chapter6

This chapter covers the following topics:

• “Character Restrictions and Limitations”
• “Transferring Files Using YMM”
• “Transferring Files To Appliance Using FTP”
• “Enabling Journaling File System”
• “Task Overview: Managing User Storage Quotas”
• “Task Overview: (Workgroup Only) Sharing Files and Storage”
• “(Workgroup Only) About User Access Permissions”
• “(Workgroup Only) Setting Permission Policy”
• “(Workgroup Only) Defining Disk Permissions”
• “(Workgroup Only) Managing Files and Folders”

Working With Files, Folders, and Storage 53

Character Restrictions and Limitations
Because Samba, not the YM appliance’s operating system (Linux), emulates Windows, all
clients that connect to the YM appliance experience the limitations of Window’s file system
(NTFS) because the translation is not perfect. Table 7.1 outlines these limitations. No name
translation exists when you copy files with special characters from Mac OS X (or Linux/Unix)
to Windows.
Note: The YM appliance does not support FAT16 or FAT32 file systems. The YM appliance
supports NTFS. If you have FAT16 or FAT32, you must convert to NTFS.
If some network clients are running Mac OS X and sharing files on the YM appliance with other
network client running Windows, you can choose one of the following scenarios:
• All clients use Samba. Users name files and folders according to Windows requirements,
avoiding potential conflicts.
• All clients use Samba. Users name files and folders using Mac requirements, accepting
potential conflicts.
• Mac clients use NFS and Windows clients use Samba, accepting potential conflicts, but
achieving better performance.
If all your network clients run Mac OS X, use Network File Sharing (NFS). In doing so, you
avoid Windows character limitations and increase performance. To enable NFS, go to “Task
Overview: Enabling Unix/Linux Systems as Clients” on page 37.
Table 7.1 Character Limitations
Special Characters in File/Folder Names File/Folder Length
Mac OS X (HFS Plus)
None Maximum of 255 characters
in file name
Windows (NTFS)
Cannot contain: Maximum of 255 characters
? " / \ < > * | : in file path
Cannot contain trailing periods
YM appliance
Inherits Windows limitations Inherits Windows limitations

54 P400 Series User’s Manual for YM Software v3.0

Transferring Files Using YMM
File Transfer enables you to transfer a file from the administrator’s computer to the YM
appliance or from the YM appliance to a computer without the need to use Windows Explorer
or Mac Finder.
File Transfer supports transfer of files smaller than 2 GB in size. Your security mode setting
and the amount of data passing through the WAN port affect the file transfer speeds.
The speed at which data transfers depends on the mode. The more the mode uses the WAN port,
the more the overhead. Starting with the mode that has the highest transfer rate, the hierarchy is
as follows:
1. NAS Only Mode
2. Router Mode
3. Firewall Mode
4. Proxy Mode
Tip: If you experience slow network performance during file transfers, updating your
computer's network card driver might improve performance.
To download a file from the YM appliance to a computer:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Transfer. The File Transfer window appears.
3. In the File Download from Yellow Machine pane, click Browse to find the file on the YM
appliance.
4. Click Apply to transfer the file.
5. Choose Open the file, Save it to disk, or Cancel to abort. If you choose Save, the Windows
dialog box appears to enable you to choose a folder on the computer to contain the file.
To upload a file from a computer to the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Transfer. The File Transfer window appears.
3. In the File Upload from Yellow Machine pane, click Browse to find the file on the YM
appliance.
4. Click Browse to find the file on the computer that you want to transfer to the YM appliance.
The Internet Explorer File Folder window appears.
5. Highlight the that file you want to move and click Open. The file path and name appears in
the appropriate text box.
6. Click Browse to find the folder on the YM appliance that you want to transfer.
7. Highlight your folder selection and click Select. The folder path and name appears in the
appropriate text box.
8. Click Apply to transfer the file.

Transferring Files Using YMM 55

Transferring Files To Appliance Using FTP
File Transfer Protocol (FTP) enables you to transfer a file from one computer that is connected
to the Internet to another computer (in this case, a YM appliance) that is also connected to the
Internet. Unlike VPN connections, FTP is not secure. To add additional security, set up port
forward as outlined in “About Port Forwarding” on page 33.
To ftp a file to a YM appliance:

1. If you do not have access to the YM appliance, create an account as outlined in

“Administering User Accounts in Workgroup Environment” on page 47.
2. If you have access to the YM appliance, enable FTP access for the user account:
a. Log on to YMM. Go to “Logging On To YMM” on page 8.
b. From the YMM, click User > User Accounts. The User Accounts window appears.
c. For the user account to which you need to assign FTP access, click Edit.
d. Select the FTP Access Yes radio button.
e. Click Apply.
3. From an Internet browser, type the YM appliance’s WAN IP address (Public IP address) or
Dynamic DNS as follows, and press Enter.
• ftp://YMWANIPAddress
or
• ftp://YMLANIPAddress
or
• ftp://YMDynamicDNS
The YM appliance prompts for a user name and password. For more information about
DNS, go to “Using Dynamic DNS With Appliance” on page 32.
4. Enter the user name and password for the YM appliance. Windows Explorer or Mac Finder
launches, displaying the YM appliance’s logical drive. You can now drag and drop files
from your computer to the YM appliance.

56 P400 Series User’s Manual for YM Software v3.0

Enabling Journaling File System
If a power failure or system crash occurs, all operating systems check and resolve specific file
system problems. The YM appliance is no exception. However, the YM appliance’s operating
system provides you a choice between two methods of checking and resolving specific file
system problems:
• File System Checking (EXT2)
• Journaling File System (EXT3)
You can move between EXT2 and EXT3. For more information about this compatibility, go to
http://www.debian.org.
By default, the YM appliance uses File System Checking. File System Checking, in some cases,
requires up to one hour. Journaling File System (EXT3) takes a few minutes, but results in a
3-5% performance degradation in the overall performance of the YM appliance.
• Use Journaling File System (EXT3) if you need immediate access (high availability) to your
data after a crash.
• Use File System Checking if performance is critical to you.
To enable Journaling FS:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > Journaling FS. The Journaling File System window
appears.
3. In the Journaling File System pane, click Edit.
4. Select the Enable Journaling FS: Yes radio button, and click Apply.
5. Reboot the YM appliance. To reboot, go to “Rebooting Appliance” on page 18. The YM
appliance’s operating system updates the file system. This process requires up to 10
minutes to complete.

Task Overview: Managing User Storage Quotas

To manage user storage quotas, perform the following sequence of tasks:
Task Instructions
1. Set up the storage quota. “To assign a quota to a user”
or
“To assign a quota to a disk”
2. Monitor the storage quota. “To view user quotas”

Enabling Journaling File System 57

Setting User Storage Quotas
Setting a User Storage Quota limits the amount of disk space each registered user can use.
Storage quotas enable you to manage storage costs. If a user has quota limits set, the last
operation that causes the user to exceed their disk quota fails. Setting a user storage quota is
meaningful only when all of the following conditions are met:
• Default Share is set to User All.
• There is at least one user with Read/Write permission for at least one storage device.
To assign a quota to a user:
Before Ensure that the user has a user account. To set up a user account, go to “Managing User
You Accounts in YMM”.
Begin
1. From the YMM, click Storage > User Storage Quota. The Storage Quota window appears.
To log on to the YMM, go to “Logging On To YMM” on page 8.
2. For the user to whom you want to assign the quota, click Edit. The Edit Quota window
displays.
3. Assign the quota, and click Apply.
To assign a quota to a disk:

1. From the YMM, click Storage > User Storage Quota. The Storage Quota window appears.
To log on to the YMM, go to “Logging On To YMM” on page 8.
2. Click Edit to assign a quota for a user on a disk that is not displayed in the Disk column.
The Edit Quota window displays all logical disks.
3. Assign the quota, and click Apply.
Next To monitor a user’s storage usage, go to “Viewing User Storage Quotas”.
Step

58 P400 Series User’s Manual for YM Software v3.0

Viewing User Storage Quotas
After you create a user storage quota, you can monitor a user’s storage quotas in two ways:
• “Disk Centric View”
• “User-Centric View”

Disk Centric View

This default view enables an administrator to easily manage user storage quotas for specific
disks.

Disk Logical disk names. Physical device description can be obtained in the
Storage > Quick Network Storage area.
Total Space Capacity of logical disk in Disk field.
Free Space Unused storage space of logical disk in Disk field.
User Name List of user accounts that have either a quota assigned or created files or
folders on the logical disk in Disk field.
Quota Storage space limit assigned to the user in Disk field on the logical disk.
If this number is 0, then the user has no limit.
Files Created Total number of files and folders the user in the User Name field has
created on the logical disk in the Disk field.
Space Used Total disk space the user in the User Name field has used on the logical
disk in the Disk field.

User-Centric View
This view enables the administrator to easily manage user storage quotas for specific users.

User Name This column displays all the users created in the User > User Account
module.
User Description User description as set in the User Accounts module.
Disk List of logical disks on which a user in the User Name field has either a
quota assigned or has created files or folders.
Quota Storage space limit assigned to the user in Disk field on the logical disk.
If this number is 0, then the user has no limit on the use of the logical
disk.
Files Created Total number of files and folders the user in the User Name field has
created on the logical disk in the Disk field.
Space Used Total disk space the user in the User Name field has used on the logical
disk in the Disk field.

Viewing User Storage Quotas 59

 To view user quotas:

1. From the YMM, click Storage > User Storage Quota. The Storage Quota window appears.
To log on to the YMM, go to “Logging On To YMM” on page 8.
2. Select Sort by User or Sort by Disk to toggle between “User-Centric View” or “Disk
Centric View”.
3. Click Refresh to see the latest Quota status.

Task Overview: (Workgroup Only) Sharing Files and Storage

This section explains how to share files and storage in a Workgroup environment. If the YM
appliance is in an Active Directory environment, go to “Using Appliance in Active Directory
Environment” on page 41.
There are two approaches to sharing files and folders:
• Allow access to all data and then disallow access on individual files and folders. This
approach is useful if all users need access to most of the data. An example is in the case
where you want a user to access all data with the exception of other users’ home directories.
To use this approach, perform the following sequence of tasks:
To allow access to all data, and then disallow access on individual files and folders:
Task Instructions
1. If Unix/Linus systems need to connect to the “Task Overview: Enabling Unix/Linux Systems
YM appliance, enable NFS. as Clients” on page 37
2. For the user or group of users that you want to “Administering User Accounts in Workgroup
access the logical disks, create the user Environment” on page 47
account or group account.
3. Set the Security Level (Permission Level) to “(Workgroup Only) Setting Permission Policy”
Share. on page 63
4. Define file and folder permissions. “Copying and Creating Files and Folders Through
YMM” on page 65
5. (Optional) Set a quota on the logical disk. “Setting User Storage Quotas” on page 58
• Disallow access to all data (by denying access to logical disks) and then allow access to
specific files and folders. Physical disks are grouped together as logical disks within a RAID
array. A logical disk setting enables users to view available disk space as a large, single pool
of disk. This approach is the most secure and useful if your users do need access to most of
the data. To use this approach, perform the following sequence of tasks:

60 P400 Series User’s Manual for YM Software v3.0

 To disallow access to all data, and then allow access to specific files and folders:
Task Instructions
1. If Unix/Linux systems need to connect to the “Task Overview: Enabling Unix/Linux Systems
YM appliance, enable NFS. as Clients” on page 37
2. For the user or group of users that you want to “Administering User Accounts in Workgroup
access the logical disks, create the user Environment” on page 47
account or group account.
3. Set the Security Level (Permission Level) to “(Workgroup Only) Setting Permission Policy”
User. on page 63
4. Define disk permissions. “(Workgroup Only) Defining Disk Permissions”
on page 63
5. Define file and folder permissions. “Copying and Creating Files and Folders Through
YMM” on page 65
6. (Optional) Set a quota on the logical disk. “(Workgroup Only) Managing Files and Folders”
on page 64
For more information about user access permissions, go to “(Workgroup Only) About User
Access Permissions”.

Task Overview: (Workgroup Only) Sharing Files and Storage 61

(Workgroup Only) About User Access Permissions
User access permission policies are defined by a combination of the following:
• The Security Level (Permission Level) access permission setting (Share or User). Share is
equivalent to Window’s Everyone group.
• The user-specific permissions for Read Only or Read/Write access on a logical disk.
• Permissions set for specific file folders.
The combined permissions options result in the following policies:
Table 7.2 Access Permissions Policies

Policy Minimal Medium Security Maximum All Users

Security Security Blocked
Security Level Share User User Share
Setting
User None set User Read Only or None set User Read Only
Permissions Read/Write or Read/Write
Permissions Permissions can
display but are
not effective
Result All users have Specified users have No users have Not available
Read/Write and Read/Write and access to any
Delete access to Delete access to drives
all drivers defined drives. This
is the only setting for
which User Storage
Quotas can be set
File Manager Access Access permissions File folder Not available
permissions can can be defined as a access
be defined on a subset of Read/Write permissions are
file folder basis User Access disabled
Permissions

62 P400 Series User’s Manual for YM Software v3.0

(Workgroup Only) Setting Permission Policy
To set permission policy for Workgroup environment:
Before Learn about permission policies. Go to “(Workgroup Only) About User Access Permissions”.
You
Begin 1. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
2. In the Windows Network Global Options pane, click Edit.
Note: The Workgroup setting enables the YM appliance’s disks to be shared with all group
members as defined in “(Workgroup Only) About User Access Permissions” on page 62. The
Workgroup Name must match the Windows® workgroup name.
3. From the Security Level drop-down menu, select one of the following options:
• Share - With Security Level (Permission Level) set at Share, unless restrictions are
imposed on a logical disk, all users have both Read and Write access permissions.
• User - With Security Level (Permission Level) set at User, you must define individual
permissions on a logical disk basis.
4. Click Apply.
Next To define disk permissions, go to “(Workgroup Only) Defining Disk Permissions”.
Step
Return To return to the task overview that applies to this task, go to “(Workgroup Only) Managing
To Task Files and Folders” on page 64.
Overview

(Workgroup Only) Defining Disk Permissions

To define disk user access permission:
Before Learn about permission policies. Go to “(Workgroup Only) About User Access Permissions”.
You
Begin 1. Log on to YMM. Go to “Logging On To YMM” on page 8.
2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
3. In the Network Storage Configuration pane, click Edit.

Disks Shows the name of each logical disk.

Type Shows the logical disk RAID setting.
User Access Shows a summary of access permissions defined for the logical disk
Permissions
Capacity Shows the size of an entire logical disk. The size might differ from the
values advertised by the disk drive manufacturer. While disk drive sizes
are expressed in decimal numbers by manufacturers, computers use
hexadecimal numbers instead. There are overheads associated with
formatting and the file system’s organization. Thus, the actual capacity
of a disk drive varies from system to system.
Used Shows the disk drive space usage expressed as a percentage.

(Workgroup Only) Setting Permission Policy 63

 Free Shows unused disk drive space
Mail Disk Shows disk choice for e-mail recording. If a logical disk has not been
chosen for this purpose, a Mailbox is in System Default
message appears.

4. Select the logical disk.

5. Click the Selector button at the end of the Read Only or Read/Write field of a logical disk.
The Select User window appears.

Read Only Select users or groups for read-only access permission settings.
Read/Write Select users or groups for read and write access permission settings.

Each logical disk can be configured for either Read Only or Read/Write, not both. If you
want to enable a combination of Read Only access for some users and Read/Write access
for others on a single logical disk, you must set up users here with Read/Write privileges.
Then, further refine access permissions on a per-user or per-group basis under File
Manager. For more information about access permission policies, go to “(Workgroup Only)
About User Access Permissions” on page 62.
6. To add users, select the user names on the left, and to remove users, click the names on the
right in the Select Users window.
7. Click OK.
8. Click Apply.
9. Select Accept Changes in the confirmation window.
10. Click OK when complete.
Next To define file and folder permissions, go to “(Workgroup Only) Managing Files and Folders”
Step on page 64.
Return To return to the task overview that applies to this task, go to “(Workgroup Only) Managing
To Task Files and Folders” on page 64.
Overview

(Workgroup Only) Managing Files and Folders

All operating systems have character limitations. Before you create files and folders, review
“Character Restrictions and Limitations” on page 54.

Copying and Creating Files Through YME and YMC Utilities

The Yellow Machine Explorer (YME) utility and the Yellow Machine Appliance Control
(YMC) utility enable you to do the following:
• Create new file folders on the YM appliance.
• Copy, delete, and rename files and folders on the YM appliance.
• Modify access permissions for files and folders on the YM appliance.
Perform these tasks as you would in a Windows or Mac environment.To learn more about the
YME utility, go to “Getting Acquainted” on page 3.

64 P400 Series User’s Manual for YM Software v3.0

Copying and Creating Files and Folders Through YMM
The YMM File Manager enables you to:
• Create new file folders on the YM appliance.
• Copy, delete, and rename files and folders on the YM appliance.
• Modify access permissions for files and folders on the YM appliance.
To create a new folder:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Manager. The File Manager window appears.
3. In the File Manager window, select the folder under which you want to save the new folder.
Your selection is highlighted.
4. Click New. A new folder is created (called New Folder). To name it, click Rename.
5. Type the name in the text box and Click OK.
To delete files or folders on the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Manager. The File Manager window appears.
3. In the File Manager window, select the file or folder you want to delete. Your selection is
highlighted.
4. Click Delete.
5. Click OK to delete your selection, or click Cancel to abort the operation.
To copy files and folders on the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Manager. The File Manager window appears.
3. In the File Manager window, select the file or folder on the right that you want to copy.
Your selection is highlighted.
4. Click Copy.
5. Select the folder on the left into which the file or folder is to be copied.
6. Click Paste. Your selection appears in the box on the right in the new location.
To rename a file or directory on the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Manager. The File Manager window appears.
3. In the File Manager window, select file or folder that you want to rename.
4. Click Rename.
5. Enter the new name in the Rename dialog box and click OK.

(Workgroup Only) Managing Files and Folders 65

 To modify folder access permissions on the YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > File Manager. The File Manager window appears.
3. In the File Manager window, select the file or folder that you want to view or change. Your
selection is highlighted.
4. Click Properties. The Properties dialog box appears:
5. Click the Selector button next to the Owner to assign a new owner. The User pop-up
window appears.
6. Select an Owner.
7. Click the Selector button next to Group to choose a new Group. The Select Group pop-up
window appears.
8. Select a Group.
9. Check the appropriate Read, Write or Read and Write access permissions for the selected
user and/or group. Uncheck Read and/or Write box not granting permission.
10. Check the Others box if users other than those that you selected require access to the file or
folder. Uncheck the Others box if the file or folder access is restricted to only those to
whom you have assigned access.
11. If want the folder to inherit the Group ID for all subfolders and files within the folder that
you are modifying, select the Inherit Group ID to subfolders: On radio button.
12. Click Apply to apply the changes or Cancel to abort.
13. Click OK to confirm permissions for the subfolders, or Cancel to change permissions for
the top level directory (folder) only.
14. Click Cancel to close the window.

66 P400 Series User’s Manual for YM Software v3.0

 8
Securing Appliance and Network
Chapter7

This chapter covers the following topics:

• “Creating an Isolated Network”
• “Changing Security Mode Settings”
• “Setting Up IE To Work With Proxy Mode”
• “Setting Up Outlook To Work With Proxy Mode”
• “About Web Access Control and E-mail Recording”
• “Task Overview: Managing Internet, Webmail, and Adult Content Access”
• “Enabling External Access Control”
• “Setting Idle Timeout”

Securing Appliance and Network 67

Creating an Isolated Network
To create an isolated, self-enclosed network without external access, set up your PC to use a
fixed IP address.
To set up your PC to use a fixed IP address:

1. Record your existing PC’s IP address settings by using the following worksheet.

Figure 8.1 LAN Address Settings Worksheet

2. On a PC running Windows XP, click Start > Control Panel > Network and Internet
Connections > Network Connections > Local Area Connection > [Properties] > Internet
Protocol (TCP/IP) > Properties. The General dialogue box opens.
3. Select Use the following IP address radio button.
4. Enter 172.16.1.2 in the IP address box.
5. Enter 255.255.255.0 for the Subnet mask.
6. Enter 172.16.1.1 in the Default Gateway box.
7. Click OK and close the open Control Panel windows.

68 P400 Series User’s Manual for YM Software v3.0

Changing Security Mode Settings
The YMM provides a quick and easy method to set up network security. The YMM offers a
choice of either simple storage on the LAN (NAS Only) or one of three pre-configured Internet
security modes:
• Router
• Firewall
• Proxy
Web Access Control and e-mail recording are also available.
To change your security mode setting:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, go to Security > Quick Network Security.
3. In the Network Security Mode pane, click Edit.
4. Choose among the options in the following table and click Apply.
Table 8.1 Network Security Options
NAS Only Provides simple file sharing on the LAN. Assumes that you are not using
(Storage) Mode the YM appliancet as a router.
Router Mode Provides IP address sharing functionality or Network Address
Translation (NAT).
Any computers that are attached on both the WAN and LAN can
communicate with each other without any restrictions.
Firewall Mode Provides the following features:
• Packet filtering services
• IP address sharing
Blocks access to all ports. You can selectively open ports using port
forwarding. To learn about port forwarding, go to “About Port
Forwarding” on page 33.
Any computer that is attached to the LAN can access the Internet, but any
computer coming through the WAN is blocked from accessing
computers that are attached to the LAN ports. To enable access to WAN,
go to “Enabling External Access Control” on page 74.
Proxy Mode Provides the following features:
• Application-level filtering
• Session filtering
• Packet filtering services
• IP address sharing functionality
Activates the YM appliance's Web Access Control and e-mail recording
features. To modify these features, go to “About Web Access Control
and E-mail Recording” on page 71.
Any computer coming in through the WAN is blocked from accessing
computers that are attached to the LAN ports. To enable access to WAN,
go to “Enabling External Access Control” on page 74.

Changing Security Mode Settings 69

Setting Up IE To Work With Proxy Mode
If your YM appliance is set for Proxy mode, you must also set Internet Explorer on each PC on
the LAN to work with a proxy server.
To set Internet Explorer to work in proxy mode:

1. Open Internet Explorer and select Tools > Internet Options > Connections > LAN Settings.
2. Select both the Use a proxy server for your LAN checkbox and the Bypass proxy server for
local addresses checkbox.
3. Enter the YM appliance’s LAN address in the Proxy address to use field and 3128 in the
Port field, and click Advanced.
4. Enter the YM appliance’s LAN address in the Exceptions box.

Setting Up Outlook To Work With Proxy Mode

If your YM appliance is set for Proxy mode, your must change the POP3 e-mail client setting on
each PC to work with Proxy mode.
To set Outlook to work in proxy mode:

1. Open Outlook and select Tools > E-mail Accounts.

2. Under E-mail, select View or change existing e-mail accounts, and click Next.
3. Select an account and click Change.
4. Under Logon Information: and after your User Name, type:
username/POP3servername
Where username is the name that is referenced in the User Name field, and where
servername is the POP3 server name that is referenced in the Incoming Mail Server (POP3)
field.
5. After Password:, type your password if it is not already entered, and click Next.
6. Click Finish.

70 P400 Series User’s Manual for YM Software v3.0

About Web Access Control and E-mail Recording
When configured for Proxy mode, the YM appliance activates Web Access Control security
features, which do the following:
• Disallow all web access from all PCs on the LAN. The YM appliance restricts access based
on a user’s hostname (computer), not a user’s user name.
• Disallow access to webmail by all users. The YM appliance identifies the most common free
web e-mail providers.
• Disallow access to adult content by all users.
• Record incoming e-mail. In order to capture such e-mail, the e-mail must be downloaded to
the YM appliance. Many free e-mail providers store e-mail on the provider’s server;
therefore, most webmail does not pass through the YM appliance.

Task Overview: Managing Internet, Webmail, and Adult Content

Access
To allow specific computers access to the Internet, access to adult content, and access to
webmail, but restrict access to specific websites, perform the following sequence of tasks:
Task Instructions
1. Register the PCs that you want to “Registering Computers”
have access to the web.
2. Allow access to adult content. “Allowing Access To Adult Content”
3. Allow access to webmail. “Allowing Access To Webmail”
4. Restrict access to specific “Creating Black Lists and Grey Lists”
websites.

Registering Computers
The YM appliance implements web access controls based on hostnames (computers), not user
names.
To register computers:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, go to Security > Web Access Control. The Web Access Control window
appears.
3. Click Add New. The Add New Web Access Control window appears.
4. Click the Selector button, and wait for the Network Neighbor Chooser window to select a
name from the displayed list of PCs on the network, or type a PC name in the Enter
Computer Name field.
5. Click Apply.

About Web Access Control and E-mail Recording 71

 6. Do any of the following to selectively restrict or add web privileges for the PCs you just
registered:
• To create black lists and grey lists, go to “To create black list and grey list entries”.
• To allow access to webmail, go to “To allow access to webmail”.
• To allow access to adult content, go to “To allow access to adult content websites”.
Return To return to the task overview for this task, go to “Task Overview: Managing Internet,
To Task Webmail, and Adult Content Access” on page 71.
Overview

Allowing Access To Adult Content

To allow access to adult content websites:
Before Configure your YM appliance to use Proxy mode as outlined in “Changing Security Mode
You Settings” on page 69.
Begin
1. From the YMM, go to Security > Web Access Control. The Web Access Control window
appears.
2. Select the Allow Adult Content checkbox as appropriate and click Apply.
3. (Optional) Block additional adult sites as outlined in “To create black list and grey list
entries”.
Return To return to the task overview for this task, go to “Task Overview: Managing Internet,
To Task Webmail, and Adult Content Access” on page 71.
Overview

Allowing Access To Webmail

To allow access to webmail:
Before Configure your YM appliance to use Proxy mode as outlined in “Changing Security Mode
You Settings” on page 69.
Begin
1. From the YMM, go to Security > Web Access Control. The Web Access Control window
appears.
2. Check the box for Allow Webmail as appropriate, and click Apply.
Return To return to the task overview for this task, go to “Task Overview: Managing Internet,
To Task Webmail, and Adult Content Access” on page 71.
Overview

72 P400 Series User’s Manual for YM Software v3.0

Creating Black Lists and Grey Lists
Proxy mode automatically activates Web Access Control, which blocks adult content. Adult
content is defined by an industry-wide database of indecent URLs and by a list a keywords.
Because this method does not block most indecent websites, use the black list and the grey list
features in conjunction with the adult content feature to block additional adult websites. You
can also use black lists and grey lists to block access to websites related to any subject.
Black lists completely restrict access to domains/URLs that you specify. Grey lists restrict
access to defined domains/URLs only during the time periods that you specify.

To create black list and grey list entries:

Before Configure your YM appliance to use Proxy mode as outlined in “Changing Security Mode
You Settings” on page 69.
Begin
1. From the YMM, go to Security > Web Access Control. The Web Access Control window
appears.
2. Click Black List or Grey List.The Domain List window appears.
3. In the Add New field, type the domain name or URL that you want to block.
4. Click Add New to add the domain name or URL to the list of blocked domains. A new field
appears. Use this field to continue adding domain names.
5. Use Edit and Delete to modify or delete domain names that you previously entered.
6. Click Finish Database Edit to close the window and return to Access Control Rules
Settings.
• If you are adding a black list, you are done.
• If you are adding a grey list, proceed to Step 7.
7. Select the days for which you want access to be restricted.
8. Select the start and end times for which you want access to be restricted.
9. Use the Description field to type in descriptive comments, and click Apply.
Return To return to the task overview for this task, go to “Task Overview: Managing Internet,
To Task Webmail, and Adult Content Access” on page 71.
Overview

Changing Archive Location for Recorded E-mail

When set to Proxy mode, the YM appliance records all e-mail traffic. All e-mail saves to a
default area on the hard drive. System default maximum capacity is 900MB. If you need more
space, select a logical disk on which to archive the mail. If you choose a logical disk, the
recorded e-mail traffic archive file grows as large as necessary.
To change location of recorded e-mail:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
window appears.

Creating Black Lists and Grey Lists 73

 3. In the Mail Disk drop-down menu, select a logical disk to where you want the e-mail
archive to reside.
4. Click Apply.
5. Select Accept Changes in the confirmation window.
You can read all recorded e-mail messages from a postman account that you set up through an
e-mail client application such as Microsoft Outlook or Outlook Express. For more information,
go to “Creating a Postman Account in Outlook” on page 147.

Enabling External Access Control

When WAN access is enabled, you can select one of two enhanced security modes:
• Firewall
• Proxy
With these security modes, by default, you do not have access to the YMM through the WAN
port. This default provides greater security. However, you have the option to enable access to
the YMM from the WAN port.
To enable access to appliance from WAN:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Administration. The Administration window appears.
3. In the External Access Control pane, click Edit. The External Access Control window
appears.
4. Select the Yes radio button to allow access.

Setting Idle Timeout

The idle timeout setting can provide added security to the YM appliance. Using the idle timeout
feature, you can configure the YM appliance to:
• Close the YMM automatically after a certain period of inactivity.
• Prevent multiple administrators from logging in to the YMM simultaneously.
The default idle timeout is 0. This default setting disables the idle timeout feature. With the idle
timeout feature disabled, the YMM does not automatically close and allows multiple
administrators to log in simultaneously.
To enable or modify idle timeout:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Administration. The Administration window appears.
3. In the Idle Timeout pane, click Edit. The Idle Timeout window appears.
4. Specify your timeout settings, and click Apply.

74 P400 Series User’s Manual for YM Software v3.0

 9
Maintaining Storage and Managing Data
Chapter8

This chapter covers the following topics:

• “About Appliance Backup Solutions”
• “Task Overview: Backing Up Data Using Retrospect”
• “Changing RAID Level”
• “Scrubbing Disks for Disk Block Failures”
• “Task Overview: Identifying and Fixing Disk Drive Failures and RAID Problems”
• “Task Overview: Replacing a Failed Disk Drive”
• “Rebuilding Data”
• “Reformatting Disk Drives”
• “Monitoring Progress of Data Rebuild”
• “Changing a Boot Disk”

About Appliance Backup Solutions

The YM appliance supports EMC® Retrospect® Professional backup software. Use Retrospect
software to back up data on a computer or multiple computers to the YM appliance or to back
up data on YM appliance to another device. To perform a backup using Retrospect, go to
“Planning the Retrospect Backup” on page 77.
If you purchased a YM appliance, Retrospect software is bundled in one of the following ways:

Retrospect • Try-and-buy product. 6 user licenses: 1 license for a

Professional computer (server or master) to initiate and administer
backups, and 5 licenses for the 5 clients that you
intend to back up. To buy Retrospect backup software,
go to http://www.yellowmachine.com/go/Retrospect.
or
• Purchased product. 6 user licenses: 1 license for a
computer (server or master) to initiate and administer
backups, and 5 licenses for the 5 clients that you
intend to back up.
Retro Only available to VARs.
Professional
Express

The default location of the executable (Setup.exe) resides on the YM appliance under
/disk1/All/Software Store folder. This executable launches the Retrospect Wizard,
which installs Retrospect software on your PC. The Retrospect Wizard enables you to install
both the server application and the client application as shown in Figure 9.1 on page 76.

Maintaining Storage and Managing Data 75

 Figure 9.1 Installing Retrospect
If your client runs Windows XP Professional, your operating system supports Microsoft
Windows Backup—free backup software. If your client runs Windows XP Home Edition, you
must install the Microsoft Windows Backup utility (Ntbackup.exe). For Microsoft
documentation, go to http://www.microsoft.com.
Anthology Solutions does not test Microsoft Backup with the YM appliance. If you choose to
use Microsoft Backup, for higher accuracy of backup restores, use full backups, not Windows
incremental backups. Windows backup applications use a file attribute (an archive bit) to
differentiate changed files from unchanged files. Some non-backup applications use this file
attribute for other purposes thereby causing this attribute to be unreliable.

Task Overview: Backing Up Data Using Retrospect

A backup consists of the following sequence of tasks:
Task Instructions
1. Plan the backup. “Planning the Retrospect Backup” on page 77
2. Perform the backup. “Backing Up Data Using Retrospect” on page 78
3. (Optional) Learn more about Retrospect. • (Mac) http://www.emcinsignia.com/products/
homeandoffice/retroformac/
• (Windows) http://www.emcinsignia.com/products/
homeandoffice/retroforwin/

76 P400 Series User’s Manual for YM Software v3.0

Planning the Retrospect Backup
Using Retrospect, you can back up data (for example, home directories) on a computer or
multiple computers to the YM appliance or back up data on YM appliance to another device.
The Retrospect Wizard requires several minutes to several hours to back up your data. The
required time depends on the following factors:
• Amount of data that you need to back up.
• Network connection speed.
• Number of files that you need to back up. The more files that need to back up, the more time
required as the backup software needs to cache the file names.
• Number of small files. As a result of CIF/SMB protocol, larger files back up faster than
smaller files.
• Processing power of your server or clients or both.
To plan the backup:

1. Choose your backup method, and define your backup, restore, and disaster recovery
strategy. To learn more about such methods and strategies, refer to the following white
papers:
• Building a Backup Strategy for SMBs at http://support.yellowmachine.com/.
• Speed vs. Accuracy in Backup and Restore at http://support.yellowmachine.com/.
2. Choose a backup server. To learn more about backup server requirements, refer to
Disk-to-Disk-to-Tape Backups with Retrospect at http://support.yellowmachine.com/.
3. Identify your backup device, and verify that the backup device meets your disk drive
requirements.
You must back up to a disk outside the device that you intend to back up. The backup
device must have disk space greater than the amount of data you want to back up.
If you want to back up data that resides on a YM appliance and if you do not have enough
disk space on another system to store all the data you want to back up, you can purchase
another YM appliance specifically to store your backup.
4. Schedule the backup. To minimize any impact to network performance, schedule backups
during off-peak times.
5. Identify future growth. You can easily add another YM appliance to your network and
assign specific resources to each YM appliance.
Next Back up the data as outlined in “Backing Up Data Using Retrospect”.
Task

Planning the Retrospect Backup 77

Backing Up Data Using Retrospect
In this procedure source device is the YM appliance or client that contains the data that you
want to back up. The destination device is the backup device, which is a YM appliance if you
are backing up client data and can be a YM appliance if you are backing up appliance data.
To back up data using Retrospect software:
Before Plan the backup as outlined in “Planning the Retrospect Backup”.
You
Begin 1. On your PC and from Retrospect, launch the wizard that corresponds to the type of backup
you want to perform. For information about these backup methods, go to your Retrospect
documentation at http://www.emcinsignia.com/.
• The Backup Wizard provides incremental backups. This option is the most common
backup method. If you choose this option, skip to Step 3.
• The Duplicate Wizard provides a mirror, enabling you to synchronize data between
clients that retain copies of the same files. There are disadvantages to this option if you
do not use this option in conjunction with incremental backups. If you choose this
option, proceed to Step 2.
2. (Duplicate Backup Only) Create a folder on the destination device to contain the backup.
This folder ensures that you do not overwrite data that might exist on the destination device
now and in the future.
3. Add volumes for both the source device and the destination device. Figure 9.2 shows how
to add volumes to Retrospect if you want to back up appliance data to a YM appliance.
• If want to perform a duplicate backup, the source device is the folder that you created in
Step 2. A duplicate backup replaces all content on the volume, so create the volume
from a folder. As Figure 9.2 shows, if you create the volume from the disk, you will
overwrite the entire disk.

Figure 9.2 Retrospect: Saving Duplicate/Incorrect Volume Configuration

78 P400 Series User’s Manual for YM Software v3.0

 • If you want to perform an incremental backup, select the disk.

Figure 9.3 Retrospect: Adding Volumes

4. Follow the on-screen instructions to select the volume for the source device and the volume
for the destination device.
Caution: Ensure that you choose the devices carefully. Do not confuse the source device that
contains your data with the destination device—backup device. If you select the source device
instead of the backup device and vice versa, you will overwrite your data with stale data.
5. Follow the on-screen instructions to start the backup process.
6. When the backup process completes, verify that your backup device contains the backup
data you expect.

More Information
To learn more about how to use Retrospect, go to one of the following sources:
• (Mac) http://www.emcinsignia.com/products/homeandoffice/retroformac/
• (Windows) http://www.emcinsignia.com/products/homeandoffice/retroforwin/

Troubleshooting Tips
If you have problems with using Retrospect, go to http://kb.dantz.com.

Backing Up Data Using Retrospect 79

Changing RAID Level
To learn about the various RAID options, go to “RAID Level Comparisons” on page 138.
Caution: These procedure remove all data on the YM appliance.
To configure or change your RAID level through YMC utility:

1. From the YMC utility, click Storage. The Storage Setup window appears.
To launch the YMC utility, see “Launching YMC Utility” on page 7.
2. Double-click on the YM appliance that you want to change. The Configuration Wizard
Login window appears.
3. Log on to the wizard, and click Edit. The Changing Storage Settings window appears.
4. Select the radio button that corresponds to the RAID level that you want on the YM
appliance, and click Apply. A message appears, informing you that this process removes
user all.
To configure or change your RAID level through YMM:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
3. In the Network Storage Configuration pane, click Edit.
4. Click Edit. The Quick Network Storage window appears.
Note: Ensure that you choose the logical disk. If you do not choose the logical disk, you can
proceed through the configuration windows, but the YMM provides error messages later in the
configuration and halts you from performing the reconfiguration.
5. Configure or change your settings, and click Apply. A message appears, informing you that
this process removes user all.
Figure 9.4 shows the settings to configure four disk drives for RAID 5. The various areas
include:

Figure 9.4 RAID 5 Configuration

80 P400 Series User’s Manual for YM Software v3.0

 Table 9.1 lists the RAID requirements.
Table 9.1 RAID Requirements
Single No RAID There are no requirements.
Stripe RAID 0 Requires a minimum of two disk drives to build.
Mirror RAID 1 Requires an even number of disk drives to build.
Parity RAID 5 Requires a minimum of three disk drives to build.

Scrubbing Disks for Disk Block Failures

Disk scrubbing is a preventative measure, and increases the reliability of a RAID system. RAID
protects you against data loss. Unlike most low-end, inexpensive NAS devices, the YM
appliance provides an additional reliability feature, Masterpiece RAID DST TM (Disk
Scrubbing Technology). For detailed information about how RAID DST works, go to “About
Disk Scrubbing” on page 143.
All RAID configurations that have redundancy benefit from disk scrubbing. RAID DST is
enabled by default. If any of the following statements are true about your configuration, your
data is especially vulnerable to block failures:
• You do not access most of your data often.
• You leave your YM appliance powered off for a long period of time.
Adhere to the following guidelines when you perform disk scrubbing:
• Scrub your disks every four months.
• Do not use disk scrubbing excessively. Disk scrubbing inherently puts stress on disks. The
YM appliance’s RAID DST defaults represent best practices for disk scrubbing.
• Only scrub the disks when you need to power on the YM appliance for other reasons, unless
you leave your YM appliance powered off for an extended period of time. Powering on a
system puts stress on disk drives. This stress is one reason RAID is important.
If you have a NO RAID, RAID 0, JBOD, Single Disks configuration, there is no need to use
RAID DST. Those configurations do not provide any data redundancy, so the RAID system
cannot fix any block failures that RAID DST detects. For more information about RAID, go to
“Understanding RAID and Disk Scrubbing” on page 137.
The time that RAID DST requires to complete its scrubbing depends on the size of the logical
disk(s).
To change disk scrubbing schedule:

Note: Disk scrubbing generates disk activity; therefore, performance degradation exists during
the disk scrubbing process. However, this performance degradation has a minimal impact on
users because disk scrubbing occurs when the YM appliance is idle.
1. From the YMM, click Storage > RAID DST.
2. Click Edit.
3. Select the Schedule radio button, choose the month, days, and hour that you want the RAID
DST to run, and click Apply. The defaults encourage best practices.

Scrubbing Disks for Disk Block Failures 81

 To run disk scrubbing immediately:

1. From the YMM, click Storage > RAID DST.

2. Click Run RAID DST. When this process completes, the progress bar indicates 100%.
To disable disk scrubbing:

1. From the YMM, click Storage > RAID DST.

2. Click Edit.
3. Select the No Schedule radio button, and click Apply.

Task Overview: Identifying and Fixing Disk Drive Failures and

RAID Problems
The following sections and procedures provide information to help your identify and fix disk
drive failures and RAID problems:
• “Task Overview: Identifying and Fixing Disk Drive Failures and RAID Problems”
• “Determining a Disk Drive Failure”
• “Task Overview: Replacing a Failed Disk Drive”
• “Rebuilding Data”
• “Reformatting Disk Drives”
• “Monitoring Progress of Data Rebuild”
• “Changing a Boot Disk”
Note: To protect disk drives, minimize ESD (Electrostatic Discharge) as outlined in
“Electrostatic Discharge” on page 15.
You must respond to disk drive and RAID failures to prevent data loss. Identifying and fixing
hardware or RAID failures involves the following sequence of tasks:
Task Instructions
1. Identify the failed disk drive or “Determining a Disk Drive Failure”
RAID problem.
2. Do one of the following, “Rebuilding Data”
depending on the problem: “Task Overview: Replacing a Failed Disk Drive”
•Rebuild the data.
•Replace the failed disk drive
(including a boot disk) and
rebuild the data.
3. Monitor rebuild process. “Monitoring Progress of Data Rebuild”
To learn about RAID, go to “Understanding RAID and Disk Scrubbing” on page 137.

82 P400 Series User’s Manual for YM Software v3.0

Determining a Disk Drive Failure
When the YM appliance detects a disk drive failure, the corresponding LED turns off. The four
LEDs labeled HDD1-HDD4, as seen in Figure 9.5, represent the four disk drives installed in the
YM appliance.

Figure 9.5 Disk Drive LEDs

As Table 9.2 outlines, the output of each LED indicates a specific condition.
Table 9.2 Interpreting Disk Drive Status LEDs
LED OFF Corresponding HDD not installed
LED ON Corresponding HDD installed but not being accessed
LED Blinking Corresponding HDD in use

To determine a disk drive failure:

1. Check the disk drive LEDs on the front of the YM appliance as seen in Figure 9.5.
• If an LED is off, your disk drive might be bad.
• If an LED is not off, your disk drive might not need to be replaced.
2. Log on to YMM. Go to “Logging On To YMM” on page 8.
3. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
4. In the Windows Network Global Options pane, verify the status of the IDE Devices.
The Windows Network Global Options pane lists each of the disk drives in the YM
appliance, the disk drives’ current status, and the logical disk with which the disk drives are
associated.
• If a disk drive is highlighted in red, as shown in Table 9.6 on page 84, record the hard
drive number and the logical drive(s) to which it belongs. This disk drive might be bad.
Go to Step 5.

Determining a Disk Drive Failure 83

 • If a disk drive is not highlighted in red, your disk drive is operational and does not need
to be replaced. Do not continue with this procedure as you identified that there is no
RAID or disk drive problem.

Figure 9.6 Degraded RAID5 Configuration

5. Do the following:
a. Rebuild the data on the bad drive. To rebuild the data, go to “Rebuilding Data” on
page 90.
b. If the rebuild does not result in a healthy disk drive status, replace the bad drive with a
new drive and rebuild the data. To replace a failed disk drive, go to “Task Overview:
Replacing a Failed Disk Drive” on page 85.
Return To return to the task overview for this task, go to “Task Overview: Identifying and Fixing Disk
To Task Drive Failures and RAID Problems” on page 82.
Overview

84 P400 Series User’s Manual for YM Software v3.0

Task Overview: Replacing a Failed Disk Drive
The YM appliance has four IDE hard disk drive bays, each designed to accept an IDE disk drive
in a vertical position, oriented with the circuit board side of the drive towards the front of the
YM appliance. The drive bays are identified as HDD1, HDD2, HDD3, and HDD4, starting from
the front of the YM appliance.
The following illustrations provide a side view and top view of the YM appliance with the
chassis removed.

Figure 9.7 Side View

Figure 9.8 Top View with HDD and Cables

Tools: To perform this procedure, you need the following equipment:
• (Optional) Power screwdriver with Phillips head set to a low torque-level
• Manual Phillips-head screwdriver
Caution: Do not use the power screwdriver when you install the disk drives on the side where
the ribbon cables are attached as you can damage the ribbon cables.
A replace a failed disk drive, perform the following sequence of tasks:
Task Instructions
1. Remove the failed disk drive. “To remove the failed disk drive” on page 86
2. Install the new disk drive. “To install the new disk drive” on page 88

Task Overview: Replacing a Failed Disk Drive 85

Removing a Failed Disk Drive
To remove the failed disk drive:

1. From the YMM, click System > Boot Disk. The Boot Disk window appears.
2. Do one of the following:
• If the Current Boot Disk is not the disk drive you need to replace, go to Step 4.
• If the Current Boot Disk is the disk drive you need to replace, change the boot disk. To
change a boot disk, go to “Changing a Boot Disk” on page 92.
3. Power off the YM appliance.
4. Remove the 5 screws that secure the cover to the rear panel.
5. Push the rear panel away with your thumbs while using your fingers to pull the top cover
toward you, clearing the security loop, before lifting off the cover.
6. Do one of the following based on the failed disk drive that you are removing:
• If HDD #1 failed, go to “HDD1”
• If HDD #2 failed, go to “HDD2”
• If HDD #3 failed, go to “HDD3”
• If HDD #4 failed, go to “HDD4”

HDD1 a. Disconnect HDD #1 ribbon cable from the disk drive, resting the ribbon
cable on the support bar.
b. Unscrew the mounting screws that secure HDD #1 to slot frame. There are
three screws per drive:
• With the YM appliance in an upright position, unscrew the two mounting
screws on the right side of the slot frame.
• Place the YM appliance on the side opposite the board, and remove the two
mounting screws on the left side of the slot frame.
Caution: Carefully remove the screw so that you do not drop the screw in the
enclosure.
c. Disconnect the HDD #1 power connector from the disk drive.
d. Slide the disk drive out of the HDD #1 slot.
HDD2 a. Disconnect HDD #1 and HDD #2 ribbon cables from the disk drive, resting
the ribbon cables on the support bar.
b. Unscrew the mounting screws that secure HDD #2 to slot frame. There are
three screws per drive:
• With the YM appliance in an upright position, unscrew the two mounting
screws on the right side of the slot frame.
• Place the YM appliance on the side opposite the board, and remove the two
mounting screws on the left side of the slot frame.
Caution: Carefully remove the screws so that you do not drop the screw in the
enclosure.
c. Disconnect the HDD #1 and HDD #2 power connectors from the disk drive.
d. Slide the disk drive out of the HDD #2 slot.

86 P400 Series User’s Manual for YM Software v3.0

 HDD3 a. Disconnect HDD #1 ribbon cable from the system board and from the disk
drive to access the mounting screws, removing the ribbon cable from the
chassis.
b. Disconnect HDD #2 and HDD #3 ribbon cables from the disk drive, resting
the ribbon cables on the support bar.
c. Fold HDD #2 ribbon cables under the support bar to access the mounting
screws.
d. Unscrew the mounting screws that secure HDD #3 to slot frame. There are
three screws per drive:
• With the YM appliance in an upright position, unscrew the two mounting
screws on the right side of the slot frame.
• Place the YM appliance on the side opposite the board, and remove the two
mounting screws on the left side of the slot frame.
Caution: Carefully remove the screws so that you do not drop the screw in the
enclosure.
e. Disconnect the HDD #1, HDD #2, and HDD #3 power connectors from the
disk drive.
f. Slide the disk drive out of the HDD #3 slot.
HDD4 a. Disconnect HDD #1, HDD #2, HDD #3, and HDD #4 ribbon cables from
the disk drive, resting the ribbon cables on the support bar.
b. Unscrew the mounting screws that secure HDD #4 to slot frame. There are
three screws per drive:
• With the YM appliance in an upright position, unscrew the two mounting
screws on the right side of the slot frame.
• Place the YM appliance on the side opposite the board, and remove the two
mounting screws on the left side of the slot frame.
Caution: Carefully remove the screws so that you do not drop the screw in the
enclosure.
c. Disconnect the HDD #1, HDD #2, HDD #3, and HDD #4 power connectors
from the disk drive.
d. Slide the disk drive out of the HDD #4 slot.

Return To return to the task overview for this task, go to “Task Overview: Replacing a Failed Disk
To Task Drive” on page 85.
Overview

Removing a Failed Disk Drive 87

Installing a New Disk Drive
To install the new disk drive:

1. Configure the new disk drive as a Master in accordance with the drive manufacturer’s
instructions regarding jumper settings.
2. Using one of the four HDD labels that shipped with YM appliance, record identification
information for the new disk drive.
Each label has a number (HDD1—HDD4) and color (red, green, blue, yellow). If, for
example, HDD2 is the disk drive you intend to replace, use the HDD2 (green) label.
3. Attach the HDD label to the top (connector end) of the new disk drive.
4. Do one of the following based on the new disk drive that you are installing:
• If HDD #1 failed, go to “HDD1”
• If HDD #2 failed, go to “HDD2”
• If HDD #3 failed, go to “HDD3”
• If HDD #4 failed, go to “HDD4”

HDD1 a. With the connector pins facing up, slide the new disk drive into the HDD
#1 slot.
b. Secure the HDD #1 to the slot frame, using the mounting screws that you
removed in Step b of “To remove the failed disk drive” on page 86.
c. Connect the HDD #1 power connector to the disk drive.
d. Connect the HDD #1 ribbon cable to the disk drive, label facing up.
HDD2 a. With the connector pins facing up, slide the new disk drive into the
HDD #2 slot.
b. Secure the HDD #2 to the slot frame, using the mounting screws that you
removed in Step b of “To remove the failed disk drive” on page 86.
c. Working from HDD #2 to HDD #1 (back to front), connect the power
connector to the disk drives.
d. Working from HDD #2 to HDD #1 (back to front), connect each ribbon
cable to its appropriate drive, label facing up.

88 P400 Series User’s Manual for YM Software v3.0

 HDD3 a. With the connector pins facing up, slide the new disk drive into the
HDD #3 slot.
b. Secure the HDD #3 to the slot frame, using the mounting screws that you
removed in Step b of “To remove the failed disk drive” on page 86.
c. Working from HDD #3 to HDD #1 (back to front), connect the power
connectors to the disk drives.
d. Reconnect HDD #1 ribbon cable to the system board.
e. Slide HDD #1 and HDD #2 ribbon cables under the support bar, resting
the ribbon cables on the support bar.
f. Working from HDD #3 to HDD #1 (back to front), connect each ribbon
cable to its appropriate drive, label facing up.
HDD4 a. With the connector pins facing up, slide the new disk drive into the
HDD #4 slot.
b. Secure the HDD #4 to the slot frame, using the mounting screws that you
removed in Step b of “To remove the failed disk drive” on page 86.
c. Working from HDD #4 to HDD #1 (back to front), connect the power
connectors to the disk drives.
d. Working from HDD #4 to HDD #1 (back to front), connect each ribbon
cable to its appropriate drive, label facing up.

5. Reinstall the top cover and secure the rear panel with the original five screws. Do not
over-tighten the screws.
6. Power on the YM appliance.
Next Rebuild the data. Go to “Rebuilding Data” on page 90.
Step
Return To return to the task overview for this task, go to “Task Overview: Replacing a Failed Disk
To Task Drive” on page 85.
Overview

Installing a New Disk Drive 89

Rebuilding Data
You need to rebuild data on a disk drive if any of the following scenarios are true:
• A disk drive is offline, and you want to determine if a rebuild corrects the problem.
Sometimes during a write operation RAID identifies a problem with the data and forces the
disk drive to become unavailable. A rebuild can fix the problem.
• You confirmed that a disk drive failed. You replaced the disk drive in a Mirrored
(RAID 1 +0) or Parity (RAID 5) array, and now want to rebuild the data. You must rebuild
data on a disk drive to ensure data redundancy.
The YM appliance enters a degraded RAID mode after you replace a failed hard drive in a
redundant (RAID 1, 1+0, or 5) array. The RAID array returns to normal mode after the RAID
rebuilds. During the rebuild, you can write and read data on the YM appliance, but you must
wait for the FAULT LED to stop flashing. The FAULT LED stops flashing 30 minutes to 1 hour
from the start of the rebuild process. The storage configuration does not change during the
rebuild process.
Note: The length of the rebuild process depends on the amount of data on the YM appliance.
Table 9.3 provides some estimates. These estimates are based on a one-terabyte YM appliance.
During the rebuild process, the array functions properly, but the YM appliance’s performance
diminishes.
Table 9.3 Building RAID: Time Estimates
RAID Level Estimated Time (in a one-terabyte appliance)
No RAID • Cannot rebuild because no redundant data exists.
• Must reformat disk drives. Go to “Reformatting Disk Drives” on
page 91.
RAID 0 • Cannot rebuild because no redundant data exists.
• Must reformat disk drives. Go to “Reformatting Disk Drives” on
page 91.
RAID 1 • 2 hours
RAID 1+0 • 2 hours
RAID 5 • 8 hours

To rebuild data on a disk drive:

1. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
2. In the Network Storage Configuration pane, click Edit.
3. Select the logical disk(s) that you want to repair.You do not need to specify the physical
disk drive.
4. Select Repair selected disk radio button.
5. Click Apply. A confirmation window appears.
6. Verify your selection and click Accept.
Note: You can monitor the rebuild process. To view the rebuild process status, go to
“Monitoring Progress of Data Rebuild”.
7. After the configuration process completes, click OK

90 P400 Series User’s Manual for YM Software v3.0

 The rebuild process regenerates the data onto a new disk. A mirroring array must copy the
contents of the good drive over to the replacement drive. A parity array regenerates the entire
contents of the replacement drive. These procedures are time-consuming.
The impact on performance during the rebuild process depends on the type of RAID on the
array. When an array enters a degraded state due to a failed drive, the array must compensate for
the loss of a hard drive. In a mirrored array, one fully intact drive remains and, therefore,
performance is the same as for a single non-RAID drive. However in a parity array,
performance is degraded because the drive’s lost information needs to be regenerated from the
parity data at the same time that data is being accessed from the array.
Next Monitor the rebuild process. Go to “Rebuilding Data” on page 90.
Step

Reformatting Disk Drives

Caution: If you reformat the disk drives, you will remove all your data on the disk drives, and
this data cannot be recovered unless you have a backup of the data.
Use this procedure when:
• A new set of disk drives have been installed.
• You want to change your RAID configuration.
• Failed disks (one or more) have been replaced in a Non-RAID or RAID 0 (Striped) array.
The length of the reformat process depends on the size of the disk drives in the YM appliance.
Table 9.4 provides some estimates. These estimates are based on a one-terabyte YM appliance.
Table 9.4 Reformat Disk Drives: Time Estimates
RAID Level Estimated Time (in a one-terabyte appliance)
No RAID • 30 minutes
RAID 0 • 30 minutes
RAID 1 • 30 minutes
RAID 1+0 • 30 minutes
RAID 5 • 30 minutes

To reformat disk drives:

1. If applicable, back up existing data to another machine. In formatting the disk drives, this
procedure deletes all data on the disk(s) being configured.
2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
3. In the Network Storage Configuration pane, click Edit.
4. Select the logical disk(s) that you want to reformat.
5. Check the type of RAID storage system to build. YMM automatically suggests a proper
physical disk setting or selects your previous RAID level and disk drives. Make
adjustments as appropriate.
6. Select Format selected disks radio button and click Apply. A confirmation window appears.
7. Verify your selection and click Accept.

Reformatting Disk Drives 91

 8. After the configuration process completes, click OK. The Quick Network Storage Status
windows appears.

Monitoring Progress of Data Rebuild

To monitor progress of data rebuild:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Storage > Quick Network Storage. The Quick Network Storage
Status window appears.
3. Click the Show RAID Status.
• RAID status U indicates that the disk drive is up.
• RAID status — indicates that the disk drive is down.
• Resync status indicates percentage complete, amount remaining, and time left during
the RAID build and repair process.

Changing a Boot Disk

The YM appliance enhances system reliability by storing redundant system images on each
disk. A copy of all system and configuration files resides on a reserved partitions of all detected
disk drives. Only one functioning drive (a boot disk) is required for the YM appliance to boot
up and provide services. You can change the boot disk that the YM appliance uses.
Normally, you do not need to make changes to the boot disk. However, you need to change the
boot disk under the following circumstances:
• If a disk drive failed, and it is the boot disk. If you need to replace a disk drive that is also a
boot disk, go to “Task Overview: Replacing a Failed Disk Drive” on page 85.
• If you want to access data from an older disk that has a different configuration from the
current disk, you must select the old disk as the boot disk and reboot the YM appliance.
To change the boot disk without reboot:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Boot Disk. The Boot Disk window appears.
3. Click Edit.
4. Select the boot disk from the drop-down menu.
5. Select the Change Boot Disk checkbox.
6. Click Apply.
7. When prompted, click Yes to continue, or No to abort.
The YM appliance remembers the change without rebooting.
To change the boot disk with reboot:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Boot Disk. The Boot Disk window appears.

92 P400 Series User’s Manual for YM Software v3.0

3. Click Edit.
4. Select the boot disk from the drop-down menu.
5. Select the Change Boot Disk checkbox and the Reboot System checkbox.
6. Click Apply.
7. When prompted, click Yes to continue, or No to abort.
The YM appliance remembers the new boot disk and boots using the new boot disk that you
selected.

Changing a Boot Disk 93

 10
Connecting Remotely To Appliance
Chapter9

You can connect remotely to your network to access a computer or a YM appliance that is
connected to your computer by using a Virtual Private Network (VPN).
Once you connect remotely to the LAN, you can access the YM appliance or computer through
your web browser. You can also use the YM appliance’s support for remote desktop control to
access a computer on the VPN.
This chapter covers the following topics:
• “About Creating VPN Connections To Appliance”
• “Task Overview: Establishing Road Warrior Connections With PPTP”
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC”
• “Task Overview: Establishing Road Warrior Connections With IPSEC”
• “Task Overview: Establishing Net-To-Net Connections”
• “Accessing a Computer or Appliance on VPN Through Web Browser”
• “Task Overview: Initiating Remote Desktop Control”

Connecting Remotely To Appliance 95

About Creating VPN Connections To Appliance
VPN (Virtual Private Network) enables you to send data securely between two locations across
the Internet. There are two ways to connect to a VPN:
• “Road Warrior Connections”
• “Net-To-Net Connections”

Road Warrior Connections

Use a Road Warrior connection to connect remotely to your office from a coffee shop, hotel,
airport, or other temporary location through the Internet.When you establish a Road Warrior
connection, your computer receives a temporary IP address. This temporary IP address is
characteristic of a Road Warrior connection. Your computer receives a different IP address each
time you change locations. Your computer will never receive that same IP address even if you
return to that location days later.
For example, if you connect to your home office from a hotel room, your computer receives a
temporary IP address. If you then leave the hotel and, upon arrival at the airport, try to connect
to your home office, your PC receives a different IP address from the IP address that the PC
received at the coffee shop.
VPN software enables this type of connection. To configure a Road Warrior connection, go to
“Planning Road Warrior Connections” on page 99.

Net-To-Net Connections
Use a Net-to-Net connection to connect a branch office to a corporate headquarters through the
Internet. When you establish a Net-to-Net connection from your branch office to your
company’s corporate headquarters, both the branch router and the corporate router connect to a
local ISP. The ISP connects both locations to the Internet. The VPN software uses the local ISP
connections and the Internet to create a virtual private network (or tunnel) between the branch
router and corporate router.
VPN hardware (routers) enables this type of connection. To configure a Net-to-Net connection,
go to “Planning Net-To-Net Connections” on page 116.
Note: The YM appliance supports up to 10 tunnels. However, the more tunnels you have, the
slower the connection speed per tunnel.

96 P400 Series User’s Manual for YM Software v3.0

Task Overview: Establishing Road Warrior Connections With
PPTP
To establish a “Road Warrior Connections” with PPTP connection type, perform the following
sequence of tasks:
Task Instructions
1. Plan your VPN if you have not already done so. “Planning Road Warrior Connections” on
page 99
2. Establish the VPN Connection:
a. Set up the VPN on the YM appliance. “Configuring Appliance for Road Warrior
Connections” on page 104
b. Create a user account for the user that will “Administering User Accounts in Workgroup
initiate the VPN connection. Environment” on page 47
c. Create the VPN connection. “Creating the VPN Connection Using
Windows Connection” on page 109
d. Configure the VPN connection, and connect to “Configuring PPTP Connections and Initiating
the YM appliance. Road Warrior Connection To Appliance” on
page 110

Task Overview: Establishing Road Warrior Connections With

L2TP-IPSEC
To establish a “Road Warrior Connections” with L2TP-IPSEC, perform the following sequence
of tasks:
Task Instructions
1. Plan your VPN if you have not already done so. “Planning Road Warrior Connections” on
page 99
2. Establish the VPN Connection:
a. If PC is running Windows XP, create the “Creating the Registry Key” on page 103
registry key.
b. Set up the VPN on the YM appliance. “Configuring Appliance for Road Warrior
Connections” on page 104
c. Create a user account for the user that will “Administering User Accounts in Workgroup
initiate the VPN connection. Environment” on page 47
d. Generate the certificate for the client. “Requesting Certificates From Appliance” on
page 106
e. Import the certificate. “Importing the Certificate for Windows
Connection Software” on page 107
f. Create the VPN connection. “Creating the VPN Connection Using
Windows Connection” on page 109
g. Configure the VPN connection, and connect to “Configuring L2TP-IPSEC Connections and
the YM appliance. Initiating Road Warrior Connection To
Appliance” on page 113

Task Overview: Establishing Road Warrior Connections With PPTP 97

Task Overview: Establishing Road Warrior Connections With
IPSEC
To establish a “Road Warrior Connections” with the IPSEC connection type, perform the
following sequence of tasks:
Task Instructions
1. Plan your VPN if you have not already done so. “Planning Road Warrior Connections” on
page 99
2. Establish the VPN Connection:
a. Set up the VPN on the YM appliance. “Configuring Appliance for Road Warrior
Connections” on page 104
b. Create a user account for the user that will “Administering User Accounts in Workgroup
initiate the VPN connection. Environment” on page 47
c. Generate the certificate for the client. “Requesting Certificates From Appliance” on
page 106
d. Install SafeNet® SoftRemote® Software. For product documentation, go to
http://www.safenet-inc.com
e. Import the certificate. Import a CA Certificate in SoftRemote Online
Help
f. Create the VPN connection. Add and Configure a Connection in
SoftRemote Online Help
Note: You must define the connection using the YM
appliance’s IP Subnet, not the IP Address or the IP
Address Range. The YM appliance supports the IP
Subnet only.
g. Configure the VPN connection, and connect to Add and Configure a Connection in
the YM appliance. SoftRemote Online Help

98 P400 Series User’s Manual for YM Software v3.0

Task Overview: Establishing Net-To-Net Connections
To establish a “Net-To-Net Connections”, perform the following sequence of tasks:
Task Instructions
1. Plan your VPN. “Planning Net-To-Net Connections” on page 116
2. Establish VPN Connection:
a. Configure router. “Configuring Router for Net-To-Net
Connections” on page 118
b. Connect to the gateway. “Initiating Net-To-Net Connection” on page 123

Planning Road Warrior Connections

To plan your Road Warrior connection:

1. Verify that the client’s operating system is supported. Go to “Supported Operating

Systems” on page 100.
2. Choose the client software. Go to “Supported Client Software” on page 100.
3. Choose either a PPTP connection type or an L2TP-IPSEC connection type. Go to
“Supported Connection Types and Road Warrior Configurations” on page 101.
4. Configure your network if you have not already done so. Go to “Example Configurations”
on page 20.
5. Determine the YM appliance’s WAN IP address (Public IP address) and LAN IP address
(Private IP address). Record these IP addresses, and have this information available when
you configure VPN. Go to “Identifying Appliance IP Addresses” on page 28.
6. If you intend to configure VPN from a remote location, you must enable external access on
the YM appliance before you access the YM appliance from a remote location. Go to
“Enabling External Access Control” on page 74.
7. If you want the YM appliance as your VPN router, but not your gateway as shown in Figure
10.2, set up the router to port forward NetBIOS traffic and VPN services to the YM
appliance:
Note: Currently, PPTP is the only connection type that supports the configuration that is
outlined in Figure 10.2.

Task Overview: Establishing Net-To-Net Connections 99

 a. Enable WAN access on the router. To learn how to enable WAN access, go to your
Linksys or NetGear documentation. As the following example shows, the Block WAN
Request radio button enables and disables external access on a Linksys router.

b. Port forward VPN requests from the router to the YM appliance. To learn how to port
forward, go to your Linksys or NetGear documentation.
c. Port forward NetBIOS traffic to the YM appliance. The Start Port is 137 and the Finish
Port is 139. Use the TCP/UPD as the protocol type. Although Linksys routers forward
NetBIOS traffic by default, NetGear routers do not.
Return To return to the task overview for this task, go to:
To Task
Overview • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97
• “Task Overview: Establishing Road Warrior Connections With IPSEC” on page 98

Supported Operating Systems

To establish a Road Warrior connection, the computer that you use at the temporary location to
make the connection requires one of the following supported operating systems:
• Windows XP Professional SP2
• Windows 2000
Note: Windows XP Home is not supported.

Supported Client Software

To establish a Road Warrior connection, the computer that you use at the temporary location to
make the connection requires client software. The following client software is supported:
• Windows Connection. Bundled with the supported operating systems that are outlined in
“Supported Operating Systems” on page 100. Windows Connection supports PPTP
connection type (also called protocol) and L2TP-IPSEC connection type. If you do not want
to add to the cost of your VPN, use Windows Connection.
• SafeNet SoftRemote Version 10.0. This version runs on Windows XP only. SoftRemote
provides additional security features beyond the connection types that Windows Connection
offers. SoftRemote supports IPSEC connection type. Unlike Windows Connection, this
software is not bundled with your Windows operating system.

100 P400 Series User’s Manual for YM Software v3.0

Supported Routers
If you want the YM appliance as your VPN router, but not your gateway as shown in Figure
10.2, you can use any router as your gateway so long as that router supports VPN pass-through
functionality.

Supported Connection Types and Road Warrior Configurations

The YM appliance supports three connection types, and these connection types encrypt all data
that travels on the VPN:
• PPTP
• L2TP-IPSEC
• IPSEC
Choose a connection type based on the following comparison:
Note: PPTP and L2TP-IPSEC cannot be online simultaneously. If you want to establish a VPN
connection using PPTP, you must disconnect the L2TP-IPSEC connection and vice versa.
Table 10.1 Connection Type Comparison
Characteristic PPTP L2TP-IPSEC IPSEC
Security strength. Good Excellent Excellent
Time required to set up. 30 minutes 1 hour 1 hour
Uses certificates, providing additional No Yes Yes
security. However, you do not need to
spend money on a Certificate Authority
(CA) because the YM appliance has a
built-in CA.
Allows multiple connections to the same Yes No No
VPN from the same temporary location. If
you and another coworker connecting to
the same network want to work from the
same cafe, use PPTP.
• Does not require that a YM appliance Yes No No
be the Internet gateway. Allows the YM
appliance to reside behind another
router. If you want to use IPSEC, then
replace the gateway with a YM
appliance as shown in Figure 10.1.
• If you want to use PPTP, you can use
your current gateway as outlined in
Figure 10.2.
Available with Windows XP Professional. Yes Yes No
Connects to a YM appliance that is in NAS Yes No No
Only mode.
Connects to a YM appliance that is in Yes Yes Yes
Router mode or Firewall mode.
Connects to a YM appliance that is in No No No
Proxy mode.

Planning Road Warrior Connections 101

 Use the following configuration if you do not have an existing network or you intend to replace
your router with a YM appliance.

Figure 10.1 Road Warrior Configuration: Example #1

Use the following configuration if you do not want to replace your existing gateway.

Figure 10.2 Road Warrior Configuration: Example #2

102 P400 Series User’s Manual for YM Software v3.0

Creating the Registry Key
Perform this procedure if the PC is running Windows XP Professional SP2. Windows 2000
already have the registry key defined. Moreover, PPT connection types do not require a registry
key. This procedure assume that you intend to configure an L2TP-IPSEC connection type.
To create or modify registry key:

Note: By default, Windows 2000 defines the registry key.

1. Launch the Registry Editor:
a. Click Start and Run.
b. Type regedit, and click OK.
2. Locate and click on the following registry subkey subfolder:
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\IPSec
3. Save a backup copy of the registry subkey subfolder.
4. Click Edit > New > DWORD Value, name the file
AssumeUDPEncapsulationContextOnSendRule, and press Enter.
5. Right-click the AssumeUDPEncapsulationOnSendRule file, and click Modify.
6. In the Value Data Box type one of the following values:

0 Default
1 Configures Windows so that your computer can establish
security associations with servers that are behind network
address translators.
2 Configures Windows so that your computer can establish
security associations when both the Windows SP2-based
client computer and the server are behind network
address translators.

7. Click OK, and close the Registry Editor window.

8. Restart the computer.
Return To return to the task overview for this task, go to “Task Overview: Establishing Road Warrior
To Task Connections With L2TP-IPSEC” on page 97.
Overview

Creating the Registry Key 103

Configuring Appliance for Road Warrior Connections
For a list of supported connection type and configurations, go to “Road Warrior Connections”
on page 96.
PPTP and L2TP-IPSEC cannot be online simultaneously. If you want to establish a VPN
connection using PPTP, you must disconnect the L2TP-IPSEC connection and vice versa.
To configure YM appliance for Road Warrior connection:
Before Plan your VPN as outlined in “Planning Road Warrior Connections” if you have not already
You done so.
Begin
1. Log on to YMM. Go to “Logging On To YMM” on page 8.
2. From the YMM, click Security > VPN. The Virtual Private Network Setup window
appears.
3. Click VPN Setup. The Virtual Private Network Setup window appears.
4. In the Roadwarrior Services pane, select the radio button that corresponds to the connection
type that you want the VPN connection to use.
PPTP and L2TP-IPSEC cannot be online simultaneously. If you want to establish a VPN
connection using PPTP, you must disconnect the L2TP-IPSEC connection and vice versa.
5. Do not select the Reset Certificate Authority checkbox.
Caution: The Reset Certificate Authority checkbox revokes all certificates that have been
issued by the YM appliance. If, for some reason, an unauthorized person accesses your network,
you might want to revoke all certificates if you cannot identify how a person obtained access.
6. Do one of the following to enable the VPN connection:
• For IPSEC connections, skip to Step 7. IPSEC connections do not require a Virtual IP
range.
• For PPTP and L2TP-IPSEC connections, specify a Virtual IP range.
When you connect to a VPN from a temporary location (for example, a cafe), your computer
receives an IP address from the cafe’s router. When you connect to the remote location, the YM
appliance (VPN router) provides another IP address, and this IP address is called a Virtual IP
address.
Therefore, when you configure the YM appliance as a VPN router, you must provide the YM
appliance a range of IP addresses that the YM appliance can assign computers that want to
connect to the VPN. You can accept the default IP address range that YMM provides or specify
your own range. The range must comply with the following requirements:
• Must be compatible with the LAN.
• Cannot include the IP address of the YM appliance’s LAN.
• Cannot include static IP addresses that are already assigned to other devices (for
example, a printer).
• (YM appliance is VPN Router, Not Gateway) Cannot conflict with the router’s DHCP
Server at the temporary location (for example, the cafe). Most routers have a default
LAN IP address of 192.168.1.1. To prevent network conflicts, as outlined in Figure
10.3, change the router’s LAN IP address on the remote location (for example, the
office) to 10.0.2.0. Then, set the Virtual IP Range of the YM appliance to 10.0.2.201 to
10.0.2.211, assuming this range does not conflict with static IP addresses that you have

104 P400 Series User’s Manual for YM Software v3.0

 already assigned. The YM appliance supports up to 10 tunnels. This guideline applies
to PPTP connections only because PPTP is the only connection type that supports a
router in front of a YM appliance as outlined in Table 10.1 on page 101.

Figure 10.3 Preventing Network Conflicts in VPN Configurations

• (YM appliance is both VPN Router and Gateway) Cannot conflict with the IP address
range (x.y.z.100 to x.y.z.200) available to the YM appliance’s DHCP Server. If, for
example, the default LAN address of the YM appliance is 172.16.1.1, the starting
address of the DHCP service is 172.16.1.100, and the ending IP address is
172.16.1.200. Therefore, specify a Virtual IP Range of 172.16.1.201 to 172.16.1.211,
assuming this range does not conflict with static IP addresses that you have already
assigned. The YM appliance supports up to 10 tunnels.
7. Click Apply. The screen refreshes. If you do not receive an error message, the VPN
connection is enabled on the YM appliance.
Return To return to the task overview for this task, go to:
To Task
Overview • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97
• “Task Overview: Establishing Road Warrior Connections With IPSEC” on page 98

Configuring Appliance for Road Warrior Connections 105

Requesting Certificates From Appliance
PPTP connection type does not require a certificate. This procedure assumes that you intend to
configure an L2TP-IPSEC connection type.
Every user that wants to initiate a VPN connection must have a certificate that authorizes the
user to connect. This certificate must reside in a specific location on the user’s PC. The YM
appliance is the Certificate Authority (CA), assigning all such certificates. For this software
release, other CAs, such as Verisign, cannot be a CA. With the YM appliance as the CA, you do
not need to pay for a certificate or spend the time to request one from a third party.
To generate the certificate:
Before Set up the VPN connection as outlined in “Requesting Certificates From Appliance” on
You page 106. Also, ensure that the user that will initiate the VPN connection has a user account on
Begin the YM appliance. To create a user account, go to “Administering User Accounts in Workgroup
Environment” on page 47.
1. From the YMM, click Security > VPN. The Virtual Private Networks window appears. If
there are VPN connections online, this window displays those connections. Otherwise, the
window indicates No Active Connections.
2. Click User Setup. The VPN Certificates window appears.
3. For the user that will initiate the VPN connection, do the following:
a. In the VPN Certificates Status pane, click Certify User. The YM appliance creates a
certificate for that user, and a Revoke User button replaces the Certify User button.
b. Click Download, and save the file to a temporary location on the remote PC’s desktop.
You can rename this file if you want.
Return To return to the task overview for this task, go to:
To Task
Overview • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97.
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97
• “Task Overview: Establishing Road Warrior Connections With IPSEC” on page 98

106 P400 Series User’s Manual for YM Software v3.0

Importing the Certificate for Windows Connection Software
PPTP connection types do not require a certificate. This procedure assumes that you intend to
configure an L2TP-IPSEC connection type.
To import the certificate for Windows Connection software:
Before Request the certificate as outlined in “Requesting Certificates From Appliance” on page 106.
You
Begin 1. Log on to the client as Administrator. To import a certificate, you must have Administrator
privileges.
2. Launch Microsoft Management Console (mmc): For example, in Windows XP, perform the
following steps as shown in Figure 10.4:
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type mmc and press Enter.

Figure 10.4 Launching Microsoft Management Console

3. Add the Certificates snap-in to mmc:
a. From mmc, click File > Add/Remove Snap-in, and click Add.
b. Select the Certificates snap-in, click Add.
c. Select the Computer account radio button, and click Next. Microsoft requires that you
associate certificates with computers, not users.
d. Select Local computer radio button, click Finish.
e. In the Add Standalone Snap-in window, click Close.
f. In the Add/Remove Snap-in window, click OK.
4. Import the certificate that you downloaded from the YM appliance:
a. From mmc, expand the Trusted Root Certification Authorities folder.
The Trusted Root Certification Authorities folder contains a
Certificates subfolder as Figure 10.5 shows.

Figure 10.5 Locating Certificates Subfolder

b. Right-click on the Certificates subfolder, click All Tasks from the context menu,
and then click Import. The Certificate Import Wizard launches.

Importing the Certificate for Windows Connection Software 107

 c. Click Next. The File to Import wizard appears.
d. Click Browse, and change Files of type to Personal Information Exchange
(*.pfx,*.p12).
e. Select the certificate (the username.p12 file) that you downloaded in “Requesting
Certificates From Appliance” on page 106, and click Open.The File to Import wizard
appears.
f. Click Next, and type export in the password field. This password is the default
password that the YM appliance assigns the certificate. This password protects the
certificate file.
Caution: Do not select the Place all certificates in the following store: Personal radio button
as this location is incorrect.
g. Select Automatically select the certificate store radio button, click Next, and click
Finish. You receive The import was successful message.
h. Click OK.
5. From mmc, verify that the VPM at Yellow Machine certificate is in the correct
locations.
a. Right-click on the Personal\Certificates folder, click Refresh. A certificate
appears as shown in Figure 10.6.
b. Right-click on the Trusted Root Certification Authorities\
Certificates folder, click Refresh. A certificate appears as shown in Figure 10.7.

Figure 10.6 Locating Certificate in Personal\Certificates

Figure 10.7 Locating Certificate in Trusted Root CA\Certificates

6. Save the mmc console as you might need to return to the Certificate Manager, and then
close the mmc console.
Note: The snap-in puts all certificates in cache memory. Therefore, if you need to delete a
certificate, delete the mmc console that you saved, and perform this procedure again.

108 P400 Series User’s Manual for YM Software v3.0

 Return To return to the task overview for this task, go to:
To Task
Overview • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97

Creating the VPN Connection Using Windows Connection

To create VPN connection using Windows Connection:

1. Start the New Connection Wizard: Start > Programs > Accessories > Communications >
New Connection Wizard.
2. Click Next.
3. Select the Connect to the network at my workplace radio button, and click Next.
4. Select the Virtual Private Network connection radio button, and click Next.
5. In the Company Name field enter a name that describes this connection, and click Next.
6. Select the Do not dial the initial connection radio button, and click Next.
7. Enter the YM appliance’s WAN IP address (Public IP address) or hostname, and click Next.
• If the IP address is static, simply enter this IP address.
• If the IP address is dynamic, enter the hostname. To specify a Dynamic DNS, go to
“Using Dynamic DNS With Appliance” on page 32.
8. Select the My use only radio button, and click Next.
9. Select the Add a shortcut to this connection to my desktop checkbox, and click Finish.
Return To return to the task overview for this task, go to:
To Task
Overview • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97

Creating the VPN Connection Using Windows Connection 109

Configuring PPTP Connections and Initiating Road Warrior
Connection To Appliance
The YM appliance does not support more than one Road Warrior connection behind the same
router at the temporary location (for example, the cafe) if the VPN connection uses
L2TP-IPSEC. However, if you use PPTP, the YM appliance supports multiple Road Warrior
connections behind the same router.
Windows XP enables you to use certificates or preshared keys as authentication mechanisms.
Windows 2000 supports certificates only. The YM appliance does not support preshared keys
for Road Warrior connections, but does support certificates.
To configure PPTP connection and connect to the YM appliance using Windows
Connection:
Before • Create the connection as outlined in “Creating the VPN Connection Using Windows
You Connection” on page 109.
Begin
• Disable the following on your PC:
• Anti-virus or worm detection programs
• Windows firewall
• Pop-up blocker software
1. Ensure that you can connect to the YM appliance: from a DOS prompt.
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ping YMApplianceWANIPAddress and press Enter. If
the YM appliance does not respond with a Reply message such as the message shown
below, fix the connection before you proceed.

2. Double-click on the connection icon (shortcut) that you created in Step 9 of “Creating the
VPN Connection Using Windows Connection” on page 109.
3. From the Connection window, click Properties.
4. Click the General tab, and verify the YM appliance’s WAN IP address (Public IP address)
or hostname.
5. Click the Security tab.
6. Select Advanced (customer settings) radio button, and click Settings. The Advanced
Security Settings window appears.

110 P400 Series User’s Manual for YM Software v3.0

7. Specify data encryption instructions:
a. In the Data encryption drop-down list, select Require encryption.
b. Select the Microsoft CHAP Version 2 checkbox and deselect all other protocols as
shown in Figure 10.8, and click OK.

Figure 10.8 Specifying Data Encryption Instructions

8. Click IPSec Settings, deselect the Use pre-shared key for authentication checkbox, click
OK.
• Windows XP enables you to use certificates or preshared keys as authentication
mechanisms. Windows 2000 supports certificates only.
• The YM appliance does not support preshared keys for Road Warrior connections. The
YM appliance supports certificates.
9. Specify the VPN connection type:
a. Click the Networking tab.
b. From the Type of VPN drop-down list, choose PPTP VPN.
c. In the list box, select Internet Protocol (TCP/IP) checkbox and, if installed, deselect
NWLink IPX/SPX/NetBIOS, and click OK.
10. Enter the user name and password as entered in YMM, and click Connect.
The software connects your computer, verifies your user name and password, registers your
computer, and authenticates. Upon a successfully VPN connection, the authentication
window disappears.

Configuring PPTP Connections and Initiating Road Warrior Connection To Appliance 111
 11. Right-click on the connection icon to view the status of the connection. The connection icon
is in the system tray, which is located in the lower, right corner of the screen.
Next Now that you have a VPN tunnel, access a computer or YM appliance:
Step
• “Accessing a Computer or Appliance on VPN Through Web Browser” on page 124
• “Task Overview: Initiating Remote Desktop Control” on page 125
Return To return to the task overview for this task, go to “Task Overview: Establishing Road Warrior
To Task Connections With PPTP” on page 97.
Overview

Troubleshooting Tips
• Ensure that you are not using preshared keys as outlined in Step 8 of “To configure PPTP
connection and connect to the YM appliance using Windows Connection”. This tip resolves
most problems.
• Ensure that you specified the correct data encryption settings as outlined in Step 7 of “To
configure PPTP connection and connect to the YM appliance using Windows Connection”.
• Ensure that you specified the correct IP address or hostname as outlined in Step 7 of “To
create VPN connection using Windows Connection”.
• If the network clients and the YM appliance do not appear through My Network Places, or
you receive a Not Found message when you try to access a YM appliance from a browser,
your router might not be forwarding NetBIOS traffic. To correct this problem, go to Step 7 of
“Planning Road Warrior Connections” on page 99.
• If you have a broadband modem that is connected to your router, that modem might be
blocking all VPN requests. If you cannot access your router’s administrative console
remotely, the modem might be configured as your gateway. Some modern modems are
pre-configured as a gateway. If the modem is your gateway, ask your ISP how to convert the
modem from a gateway to a bridge.

112 P400 Series User’s Manual for YM Software v3.0

Configuring L2TP-IPSEC Connections and Initiating Road
Warrior Connection To Appliance
The YM appliance does not support more than one Road Warrior connection behind the same
router at the temporary location (for example, the cafe) if the VPN connection uses
L2TP-IPSEC. However, if you use PPTP, the YM appliance supports multiple Road Warrior
connections behind the same router.
Windows XP enables you to use certificates or preshared keys as authentication mechanisms.
Windows 2000 supports certificates only. The YM appliance does not support preshared keys
for Road Warrior connections, but does support certificates.
To configure L2TP-IPSEC connection and connect to the YM appliance using
Windows Connection:
Before • Create the connection as outlined in “Creating the VPN Connection Using Windows
You Connection” on page 109.
Begin
• Disable the following on your PC:
• Anti-virus or worm detection programs
• Windows firewall
• Pop-up blocker software
1. Ensure that you can connect to the YM appliance: from a DOS prompt.
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ping YMApplianceWANIPAddress and press Enter. If
the YM appliance does not respond with a Reply message such as the message shown
below, fix the connection before you proceed.

2. Start the connection that you created in “Creating the VPN Connection Using Windows
Connection” on page 109. If you chose to add a shortcut in Step 9, this connection appears
as an icon on your desktop.
3. From the Connection window, click Properties.
4. In the General tab, verify the YM appliance’s WAN IP address (Public IP address) or
hostname.
5. Click the Security tab.
6. Select Advanced (customer settings) radio button, and click Settings. The Advanced
Security Settings window appears.
7. Specify data encryption instructions:
a. In the Data encryption drop-down list, select Optional encryption. Because
L2TP-IPSEC connection type performs the encryption, additional encryption is
unnecessary.

Configuring L2TP-IPSEC Connections and Initiating Road Warrior Connection To Appliance 113
 b. Select any protocol (Microsoft CHAP Version 2) as shown in Figure 10.8 or accept the
defaults, and click OK. The window requires as least one protocol even though
L2TP-IPSEC ignores all protocols.

Figure 10.9 Specifying Data Encryption Instructions

c. If the following message appears, click Yes.

8. Click IPSec Settings, deselect the Use pre-shared key for authentication checkbox, click
OK.
• Windows XP enables you to use certificates or preshared keys as authentication
mechanisms. Windows 2000 supports certificates only.
• The YM appliance does not support preshared keys for Road Warrior connections. The
YM appliance supports certificates.

114 P400 Series User’s Manual for YM Software v3.0

 9. Specify the VPN connection type:
a. Click the Networking tab.
b. From the Type of VPN drop-down list, choose L2TP IPSec VPN.
c. In the list box, select Internet Protocol (TCP/IP) checkbox and, if installed, deselect
NWLink IPX/SPX/NetBIOS, and click OK.
10. Enter the user name and password as entered in YMM, and click Connect.
The software connects your computer, verifies your user name and password, registers your
computer, and authenticates. Upon a successfully VPN connection, the following
authentication window disappears.
11. Right-click on the connection icon to view the status of the connection. The connection icon
is in the system tray, which is located in the lower, right corner of the screen.
Next Now that you have a VPN tunnel, access a computer or YM appliance:
Step
• “Accessing a Computer or Appliance on VPN Through Web Browser” on page 124
• “Task Overview: Initiating Remote Desktop Control” on page 125
Return To return to the task overview for this task, go to “Task Overview: Establishing Road Warrior
To Task Connections With L2TP-IPSEC” on page 97.
Overview

Troubleshooting Tips
If you cannot connect:
• Ensure that you are not using preshared keys as outlined in Step 8 of “To configure
L2TP-IPSEC connection and connect to the YM appliance using Windows Connection”.
This mistake is the most common problem.
• Ensure that you specified the correct data encryption settings as outlined in Step 7 of “To
configure L2TP-IPSEC connection and connect to the YM appliance using Windows
Connection”.
• Ensure that you specified the correct IP address or hostname as outlined in Step 7 of “To
create VPN connection using Windows Connection”.
• Regenerate and import the certificate because the Certificate Authority might have revoked
the certificate. This tip is likely to apply if you were able to connect before, and now you are
no longer able to connect. If you see a Revoke User button, as Step 3 of “Requesting
Certificates From Appliance” states, the certificate has not been revoked.

Configuring L2TP-IPSEC Connections and Initiating Road Warrior Connection To Appliance 115
Planning Net-To-Net Connections
To plan your Net-to-Net connection:

1. Identify your router, and upgrade your router firmware if you do not have a supported
version. Go to “Supported Routers and Connection Types” on page 116.
2. Verify that the YM appliance supports your VPN configuration. Go to “Supported
Net-To-Net Configurations” on page 117.
3. Determine the YM appliance’s WAN IP address (Public IP address) and LAN IP address
(Private IP address). Record these IP addresses, and have this information available when
you configure VPN. Go to “Identifying Appliance IP Addresses” on page 28.
4. If you intend to configure VPN from a remote location, you must enable external access on
the YM appliance before you access the YM appliance from a remote location. Go to
“Enabling External Access Control” on page 74.
Return To return to the task overview for this task, go to “Task Overview: Establishing Net-To-Net
To Task Connections” on page 99.
Overview

Supported Routers and Connection Types

To establish a Net-to-Net connection, your computer connects through one the following
supported routers:
Table 10.2 Net-To-Net: Supported Routers and Connection Types
Security Mode
Connection
Type NAS Only Router Mode Firewall Proxy Mode
Mode Mode
IPSEC No Yes Yes No
Routers
YM appliance Linksys BEFSX41/BEFVP41 NetGear FVS318
Yes Yes Yes

• Linksys BEFSX41 VPN router with firmware version 1.50.18 at minimum.

• Linksys BEFVP41 VPN router with firmware version 1.00.13 at minimum.
• NetGear FVS318 VPN router with firmware version v3.0_20 at minimum.
• YM appliance with YM Software v3.0 at minimum.

116 P400 Series User’s Manual for YM Software v3.0

Supported Net-To-Net Configurations
The gateway on the endpoint must support VPN pass-through functionality. By default, in
Firewall mode and Proxy mode, VPN pass-through is enabled on the YM appliance. The
supported routers that are identified in “Supported Routers and Connection Types” on page 116
have VPN pass-through functionality.
The following illustrations show a Net-to-Net connection between two different locations. This
connection creates one WAN between these two sites.
• Figure 10.10 shows that you can have a mixed environment whereby one endpoint has a
supported Linksys or NetGear router and the other endpoint has a YM appliance as the
gateway.
• Figure 10.11 shows that the YM appliance can be the gateway on either endpoint. You can
completely replace the gateways in your existing environment with a YM appliance.

Figure 10.10 Net-to-Net Connection: Example #1

.

Figure 10.11 Net-to-Net Connection: Example #2

Planning Net-To-Net Connections 117

Configuring Router for Net-To-Net Connections
To configure the VPN gateway on each endpoint, choose among the following procedures:
• “To configure a Linksys router for a Net-to-Net connection”
• “To configure NetGear router for a Net-to-Net connection”
• “Initiating Net-To-Net Connection”
To configure YM appliance for a Net-to-Net connection:

By default, in Firewall mode, VPN pass-through is enabled on the YM appliance.

Before Plan your VPN as outlined in “Task Overview: Establishing Net-To-Net Connections”.
You
Begin 1. Ensure that you can connect to the YM appliance:
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ping YMApplianceWANIPAddress and press Enter. If
the YM appliance does not respond with a Reply message such as the message shown
below, fix the connection before you proceed.

2. Log on to YMM. Go to “Logging On To YMM” on page 8.

3. From the YMM, click Security > VPN. The Virtual Private Network window appears.
If there are VPN connections online, this window displays those connections. Otherwise,
the widows indicates No Active Connections.
4. Click VPN Setup. The Virtual Private Network Setup window appears.
5. In the IPSEC Net-to-Net Services pane, select the Create New? Yes radio button.

118 P400 Series User’s Manual for YM Software v3.0

 6. Specify the values in the required fields. Figure 10.12 provides an example in which the
YM appliance is an endpoint to Figure 10.15.

Figure 10.12 Configuring YM Appliance for Net-To-Net Connection

7. Click Apply.
Return To return to the task overview for this task, go to “Task Overview: Establishing Net-To-Net
To Task Connections” on page 99.
Overview
To configure a Linksys router for a Net-to-Net connection:
Before Plan your VPN as outlined in “Task Overview: Establishing Net-To-Net Connections”. For a
You list of supported firmware versions and models, go to “Task Overview: Establishing Road
Begin Warrior Connections With L2TP-IPSEC”.

1. Ensure that you can connect to the YM appliance:

a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ping YMApplianceWANIPAddress and press Enter. If
the YM appliance does not respond with a Reply message such as the message shown
below, fix the connection before you proceed.

Configuring Router for Net-To-Net Connections 119

 2. Define the connection by specifying the value for the required fields. Figure 10.13 shows an
example endpoint in which the other endpoint is Figure 10.12.

Figure 10.13 Configuring Linksys Router for Net-To-Net Connection

3. Follow the on-screen instructions to save your changes.
Return To return to the task overview for this task, go to “Task Overview: Establishing Net-To-Net
To Task Connections” on page 99.
Overview
To configure NetGear router for a Net-to-Net connection:
Before Plan your VPN as outlined in “Task Overview: Establishing Net-To-Net Connections”. For a
You list of supported firmware versions and models, go to “Task Overview: Establishing Road
Begin Warrior Connections With L2TP-IPSEC”.
1. Ensure that you can connect to the YM appliance:
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ping YMApplianceWANIPAddress and press Enter. If
the YM appliance does not respond with a Reply message such as the message shown
below, fix the connection before you proceed.

120 P400 Series User’s Manual for YM Software v3.0

2. Create the IKE policy as outlined in Figure 10.14.

Figure 10.14 Creating IKE Policy for NetGear Router

Configuring Router for Net-To-Net Connections 121

 3. Define the connection by specifying the value for the required fields. Figure 10.14 shows an
example endpoint in which the other endpoint is outlined in Figure 10.12.

Figure 10.15 Configuring NetGear Router for Net-To-Net Connection

4. Initiate the VPN connection as outlined in your NetGear documentation.
Next To connect to the gateway, after configuring both endpoints, go to “Initiating Net-To-Net
Step Connection” on page 123.
Return To return to the task overview for this task, go to “Task Overview: Establishing Net-To-Net
To Task Connections” on page 99.
Overview

122 P400 Series User’s Manual for YM Software v3.0

Initiating Net-To-Net Connection
Before Ensure that the both endpoints are configured.
You
Begin To initiate a Net-to-Net connection from a YM appliance:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click Security > VPN. The Virtual Private Network window appears.
If there are VPN connections configured, this window displays those connections.
Otherwise, the widows indicates No Active Connections. Figure 10.16 lists an
example in which an IPSEC Net-To-Net connection is configured.

Figure 10.16 Initiating a VPN Connection on the YM Appliance

3. In the pane that corresponds to your connection type and the specific tunnel that you want
to activate, click Connect. The Status indicates Connected.
Next Initiate the connection for the other endpoint using that router’s connect button or command.Go
Step to your Linksys or NetGear documentation. After you connect and have a VPN tunnel, access a
computer or YM appliance:
• “Accessing a Computer or Appliance on VPN Through Web Browser” on page 124
• “Task Overview: Initiating Remote Desktop Control” on page 125

Initiating Net-To-Net Connection 123

Accessing a Computer or Appliance on VPN Through Web
Browser
With Road Warrior connections, you cannot use the YMC utility to find a YM appliance on a
VPN. You must use your web browser. Currently, the YMC utility can only search for YM
appliances on the LAN (for example, the cafe’s LAN), not the Virtual LAN (for example, the
office). In a future release, the YM appliance might be able to search on both networks.
To access a computer or YM appliance on VPN through a web browser:

1. If you want to access a YM appliance on the VPN, determine and record that YM
appliance’s LAN IP address (Private IP address). Go to “Identifying Appliance IP
Addresses” on page 28.
2. If you want to access a computer on the VPN, determine and record that computer’s IP
address:
a. From the Start menu, go to Programs > Accessories > Command Prompt.
b. From a DOS prompt, type ipconfig and press Enter.

3. Launch your Internet browser.

4. Type //YMapplianceLANIPaddress or //ComputerIPAddress in the address field of the web
browser and click Go. The computer’s disk or YM appliance’s logical disk appears in the
browser window.

5. Simply double-click on the disk to access the YM appliance’s or computer’s storage, or

drag and drop files into the folder(s).

124 P400 Series User’s Manual for YM Software v3.0

About Remote Desktop Control
The YM appliance supports Remote Desktop Control (RDC) through Microsoft’s Remote
Desktop software. RDC enables you to use any computer’s (client) mouse and keyboard to
interact with another computer (host) through the Internet and in real-time. RDC enables you to
transfer files between these two computers. You can also run the host’s applications on the
client computer without having software installed on the client computer.

Task Overview: Initiating Remote Desktop Control

To initiate remote desktop control, perform the following sequence of tasks:
Task Instructions
1. Plan Your VPN if you have not already done so. “Planning To Connect Remotely To a
Computer” on page 125
2. Enable Windows Remote Desktop Control “Enabling Remote Desktop Control” on
software. page 126
3. Set up Windows Firewall to allow exceptions. “Configuring Windows Firewall To Allow
Access” on page 127
4. Connect client to host computer. “Connecting Client to Host Computer” on
page 127

Planning To Connect Remotely To a Computer

The computer at the temporary location is the client computer. The computer at the remote
location is the host computer.
To plan to connect remotely to a computer:
Before For security, establish a VPN connection:
You
Begin • “Task Overview: Establishing Road Warrior Connections With PPTP” on page 97
• “Task Overview: Establishing Road Warrior Connections With L2TP-IPSEC” on page 97
• “Task Overview: Establishing Road Warrior Connections With IPSEC” on page 98

1. Ensure that the host, which contains the files that you want to access, has Microsoft
Windows XP Professional installed. Microsoft Windows XP Professional bundles Remote
Desktop software.

About Remote Desktop Control 125

 2. Determine and record the name of the host computer.
a. From the host computer, click Start > My Computer.
b. Right-click on My Computer and select Properties in the context menu.
c. Click the Computer Name tab. Figure 10.17 shows an example where the host’s
computer name is aakridge.

Figure 10.17 \Determining Host’s Computer Name

d. Write down the computer name, and close the System Properties window.

Enabling Remote Desktop Control

Perform this procedure on the host computer. The computer at the temporary location is the
client computer. The computer at the remote location is the host computer.
To enable remote desktop control:

1. Ensure that you are signed in as Administrator.

2. On the host computer, click Start > Control Panel, and double-click on System icon.
3. Click the Remote tab, select the Allow users to connect remotely to this computer
checkbox, and click OK. The computer is now enabled to allow remote access.

126 P400 Series User’s Manual for YM Software v3.0

Configuring Windows Firewall To Allow Access
Perform this procedure on the host computer. Use this procedure if you intend to use Windows
Firewall on the host computer. The computer at the temporary location is the client computer.
The computer at the remote location is the host computer.
To set up Windows Firewall to allow exceptions:

1. On the host computer, click Start > Control Panel, double-click on Security Center icon.
2. Under Manage security settings for, click Windows Firewall.
3. If selected, deselect the Don't allow exceptions checkbox.
4. Click the Exceptions tab, and select the Remote Desktop checkbox.
5. Click OK, and then close the Windows Security Center window. Your host computer is
now set up to allow remote access.
6. Close Control Panel.

Connecting Client to Host Computer

Perform this procedure on the client computer. The computer at the temporary location is the
client computer. The computer at the remote location is the host computer.
To initiate remote desktop control:

1. On the client computer, click Start > All Programs > Accessories > Communications, and
click Remote Desktop Connection.
2. In the Computer box, type the host’s computer name, which you recorded in “Planning To
Connect Remotely To a Computer” on page 125.
3. Click Connect. Log On to Windows dialog box appears.
4. Type your user name, password, and domain (if required), and then click OK.
The Remote Desktop window opens, and you see the desktop settings, files, and programs
that are on your host computer, which in this example is your work computer. Your host
computer remains locked, and nobody can access it without a password. In addition, no one
will be able to see the work you are doing remotely.
Tip: To disconnect from the host computer, simply log off using the Start menu.

Troubleshooting Tips
If you cannot locate a computer on the network:
• Turn off the firewall on the computer that you want to connect to, if you are connecting using
VPN with SoftRemote. Unlike PPTP and L2TP-IPSEC, IPSEC cannot penetrate a firewall.
• Ensure that the computer that you want to connect to is powered on.
• Leave this computer running, locked, and connected to the corporate network with Internet
access.

Configuring Windows Firewall To Allow Access 127

 11
Monitoring Appliance
Chapter10

This chapter covers the following topics:

• “Identifying Appliance Uptime and Software Version”
• “Updating System Time”
• “Monitoring Storage Status”
• “Monitoring LAN Ports”
• “Monitoring Power To Appliance”
• “Configuring a UPS”
• “Enabling and Disabling System Warning Notifications”
• “Changing Appliance’s Language Setting”

Monitoring Appliance 129

Identifying Appliance Uptime and Software Version
Identify the YM appliance’s software version to compare the YM appliance’s software version
against new software releases. If your YM appliance has an outdated software version, consider
upgrading to receive the latest enhancements. To upgrade the YM appliance, go to the P400
Series Installation and Upgrade Guide for YM Software v3.0.
To identify YM appliance uptime and software version:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Status. The System Status window appears.
3. Observe the following information:
• Date and time
• Host name and uptime
• YMM and kernel versions
• Release date

Updating System Time

E-mail, backup, Internet cache, and event logs depend on an accurate system time stamp. The
YM appliance uses an Internet-based Network Time Protocol (NTP) service to automatically
update a YM appliance’s clock if that YM appliance has an Internet connection. The clock is set
when you initially set up the YM appliance on your network. The YM appliance updates its
clock under the following circumstances:
• You disconnect the YM appliance or reconnect it to the network
• You reboot the YM appliance.
The NTP server verifies and, if necessary, updates the YM appliance based on the time zone,
which you set manually in the YM appliance. For more information about the NTP service that
the YM appliance uses, go to http://ntp.isc.org.
Recommendation: Although you have the option to disable NTP, Anthology Solutions
recommends that you keep this feature enabled. If you set the system date and time incorrectly,
record tracking will be inaccurate and you might experience denial of some services. If NTP is
enabled, you do not need to manually adjust for Daylight Savings Time if the YM appliance
resides in an area that observes Daylight Savings Time.
To set the proper time zone:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Time. The System Time window appears.
3. In the Time Zone pane, click Edit.
4. Select a city in your time zone, and click Apply.

130 P400 Series User’s Manual for YM Software v3.0

 To disable NTP service:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Time. The System Time window appears.
3. In the Date & Time pane, click Edit.
4. Select the Yes radio button.
5. From the drop-down lists, select the date and time, and click Apply.

Monitoring Storage Status

Table 11.1 lists status messages that are available through YMM. To avoid data loss, if the
Storage Status message displays as Faulty or Inactive, you must replace the faulty drive and
repair RAID as soon as possible.
To monitor storage status:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Status. The System Status window appears.
3. Observe the value in the Storage Status field, and use the following definitions to
understand the storage status:
Table 11.1 Storage Status Messages
OK Normal Operation
Faulty RAID System falls back to degraded mode and displays the Faulty RAID
message when it detects a faulty device in a mirror array or parity array
during normal operation.
Inactive RAID System shows Inactive RAID when it detects a malfunction of one or
more physical drives in a Stripe array or a malfunction of two or more
physical disk drives in a mirror array or parity array.
Degraded RAID The system enters a degraded state when a disk drive fails. The disk drive
remains in a degraded state until you replace the faulty disk drive and the
RAID rebuilds. The system displays a Degraded RAID message
during recovery and rebuilding of the RAID system. Also, if a faulty disk
is detected when you power on the YM appliance, these messages warn
you of that faulty disk.

4. If the status indicates Faulty, Inactive, or Dregraded, use the procedures in

“Determining a Disk Drive Failure” on page 83 to determine the corrective action.

Monitoring Storage Status 131

Monitoring LAN Ports
To monitor LAN ports:

1. From the YMM, click Network > LAN Ports. The LAN Ports status window appears.
2. Observe the values in the LAN Port Status pane, and use the following definitions to
understand the status of the LAN switch ports on the rear panel of the YM appliance:

Link Status
This field shows whether or not a device is connected to a port.

Connected A PC is connected to the port.

Disconnected No device is connected to the port.

Speed
This field shows the speed of each connection. Speed recognizes the current condition and
adjusts settings accordingly. The term is often used with communications and networking, in
which line speeds from both sides of the transmission are sensed, and the highest speed that can
be accommodated is chosen. For example, Ethernet 10/100 cards, hubs and switches adjust the
speed of the line to either 10 Mbps or 100 Mbps, depending on the situation.
The YM appliance's LAN switch senses the highest link speed that the network can
accommodate and automatically adjusts the settings to select that link speed.

10Mbps The maximum speed of the connection is 10Mbps.

100Mbps The maximum speed of the connection is 100Mbps.

Duplex
This field shows the type of connection. The YM appliance's LAN switch automatically adjusts
the settings to select the optimal link type.

Half At a given moment, the connected device can either receive or send
packets.
Full The connected device can send and receive packets simultaneously.

Block Status
This field shows whether or not the port is blocked. Click Edit to open or block specific ports.
Click Apply to save.

Opened Connection to this port is allowed.

Blocked Connection to this port is disallowed.

132 P400 Series User’s Manual for YM Software v3.0

Monitoring Power To Appliance
Recommendation: Anthology Solutions recommends that you enable external power supply
monitoring if you have a UPS installed.
By default, the power supply monitoring feature is disabled.
• Enable external power supply monitoring so that in the event of a power outage, you receive
information on the state of your UPS. There is an insignificant reduction in performance with
this monitoring feature. To install a UPS, go to “Configuring a UPS” on page 134.
• Disable external power supply monitoring if you do not have a UPS installed or if you want
to eliminate the insignificant reduction in performance with this monitoring feature. Monitor
power to the YM appliance through the YMM. The System Power window provides the
following information:
Table 11.2 Monitoring System Power
Monitoring Shows if communication to the UPS has been enabled or disabled.
UPS Model Shows the UPS model name.
Power Status The values On Line and On Battery indicates whether power is being
drawn from the main outlet or the UPS battery.
Capacity Load Shows actual load percentage out of total UPS capacity.
Battery Charge Shows percentage of battery charged.
Battery Time Left Shows how long the UPS can support all connected equipment if a
power outage occurs.

To enable or disable external power supply monitoring:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > System Power. The System Power window appears.
3. Click Edit.
4. Do one of the following:
• Select Yes and click Apply to enable Power Supply Monitoring.
• Select No and click Apply to disable Power Supply Monitoring.
The confirmation window appears.
5. Click Yes to continue, or No to abort.

Monitoring Power To Appliance 133

Configuring a UPS
For power supply monitoring and graceful system shut down, the YM appliance supports
APC’s Smart-UPS® models that use a serial connection. To learn about the advantages of a
UPS, go to “Uninterruptible Power Supply” on page 16.
To configure a UPS:

1. Connect the power cord to a receptacle on the UPS and plug the other end of the power cord
into a wall outlet or power strip.
2. Connect the power cord to a receptacle on the rear panel of the YM appliance and plug the
other end of the power cord into the UPS.
3. Connect the serial cable from the serial port on the rear panel of the YM appliance and
connect the other end to the serial port on the UPS.

Figure 11.1 Connecting a UPS

When powering up, first turn on the UPS, then power on the YM appliance.
4. Enable power supply monitoring. Go to “Monitoring Power To Appliance” on page 133.

134 P400 Series User’s Manual for YM Software v3.0

Enabling and Disabling System Warning Notifications
You can specify up to three e-mail addresses for your notifications. You must assign at least one
e-mail address to turn the notification feature on. The YM appliance sends notification
messages to the e-mail addresses that you specify when abnormal events or conditions occur.
The events that trigger notification are as follows:
Table 11.3 System Warning Notifications
Hard Disk Usage The storage level of any disk drive reaches the given threshold. A
reaches threshold recommended threshold setting in a normal environment is 90, i.e.,
when disk usage hits 90%, notification will be sent to the defined
administrator's e-mail address(es). Notification for this event can be
disabled by setting the value of Disk Usage Threshold to 0 (not
recommended).
System Log The YM appliance checks system logs hourly (i.e., syslog, maillog, etc.)
Check and sends a notification summary to the administrator's e-mail
address(es). You can disable this notification feature if the log check is
not required.
Hard Disk Fault If the YM appliance detects any disk drive fault, then warning
messages will be sent to the administrator's e-mail address(es). This
notification or warning cannot be disabled.

To enable or change system warning notification settings:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Administration. The Administration window appears.
3. In the System Warning Notifier pane, click Edit. The Edit System Warning Notifier
window appears.
4. Specify your notification settings, and click Apply.

Troubleshooting Tips
If you do not receive notifications under expected conditions, ensure that your Internet Service
Provider’s spam application is not classifying the YM appliance’s e-mails as spam. The YM
appliance’s e-mail address is root@yellowmachinestorage.yellowmachine.com.

Changing Appliance’s Language Setting

The YM appliance supports multiple languages. The default language is English.
To choose a different language:

1. Log on to YMM. Go to “Logging On To YMM” on page 8.

2. From the YMM, click System > Administration. The Administration window appears.
3. In the Language pane, click Edit. The Language Setting window appears.
4. Choose your language selection from the drop-down menu, and click Apply.

Enabling and Disabling System Warning Notifications 135

 12
Understanding RAID and Disk Scrubbing
Chapter11

This chapter contains the following sections:

• “About RAID”
• “RAID Level Comparisons”
• “About Disk Scrubbing”
For more information about RAID, go to the following procedures:
• To repair a RAID array, go to “Rebuilding Data” on page 90.
• To check RAID status, go to “Monitoring Progress of Data Rebuild” on page 92.

About RAID
RAID (Redundant Array of Independent Disks). RAID combines multiple disk drives into an
array of disk drives that appears as a single logical drive. The benefits of RAID depend on the
configuration you choose for your specific environment, but benefits can include improved
performance or fault tolerance or both.
Note: The more redundancy, the lower the total storage capacity for the given number of
drives, and the lower your chances of losing your important data.
The YM appliance ships with four disk drives pre-configured for RAID 5. This configuration
provides reliability and security for your data. RAID 5 is striping plus parity. The four physical
drives are configured as a single logical disk so that the data is written (striped) across all four
drives. Total storage capacity appears to you as a single, large drive.
With RAID 5, the data is striped across all four drives. When the data is written to all four
drives a parity block is created. The parity block is a numerical code. If one of the four disk
drives fail, the parity block enables the system to completely rebuild itself from the information
on the remaining three drives.
When the data is written to the drive, a parity block is created to protect the data. The parity
block provides the ability to cross-check the data for accuracy. If the check fails during a read or
write operation, the data is deemed inaccurate and an error is returned. Parity also ensures that if
a hard disk drive fails, you can completely recover data and the YM appliance rebuilds based on
the three surviving disk drives.
Caution: You cannot recover the data if a second disk fails before the YM appliance recovers
the data. Therefore, replace a failed disk immediately.
Besides pre-configured RAID 5, the YM appliance also supports RAID 1, Mirroring, and
RAID 0, Striping; or of course, you can choose a non-RAID configuration. RAID is always
constructed matching the capacity of the smallest hard disk drive.
Recommendation: Anthology Solutions recommends that all drives are of the same size so
that drive space is not wasted.

Understanding RAID and Disk Scrubbing 137

 The RAID system must also be configured prior to putting any data on the disk drives. If you
configure a RAID system after data has been saved, you will lose all the data on the disk drives
during this reformatting process.
To configure disk drives for RAID, go to “Reformatting Disk Drives” on page 91.

RAID Level Comparisons

This section discusses the following RAID levels:
• “No RAID”
• “RAID 0, Striping”
• “RAID 1, Mirroring”
• “RAID 5, Striping plus Parity Mode”
RAID consumes disk space, especially for RAID levels that add redundancy for recovery
purposes. The following table shows the approximate disk space available for data use when
configured for the various RAID levels.
Table 12.1 RAID Level Overhead
RAID 1 TB 1.6 TB Reason
Level Appliance Appliance
RAID 0 860GB 1459GB Space for system and RAID operations.
430GB 730GB System and RAID operations. Free space is
RAID 1
halved for data duplication.
430GB 730GB System and RAID operations. Free space is
RAID 1+0
halved for data duplication.
650GB 1094GB Space for system and RAID operations, including
RAID 5
parity.

138 P400 Series User’s Manual for YM Software v3.0

No RAID
Without RAID, each disk drive is seen as a separate volume under Windows. There is no
redundancy and no recovery function implemented other than what Windows provides.
Once the data is erased or a failure occurs, you run the risk of losing all the data stored on the
drive. Figure 12.1 demonstrates this configuration.

Figure 12.1 No RAID

RAID Level Comparisons 139

 RAID 0, Striping
With Striping, data is spread across all drives, resulting in higher data throughput. Since no
redundant information is stored, performance is improved, but the failure of any disk in the
array results in data loss.
The improved performance works to great benefit in applications such as video streaming,
especially when the goal is simply to view the data. A system must have 2 or more disk drives
to implement a striped configuration. Figure 12.2, “RAID 0, Striping” demonstrates this storage
configuration.

Figure 12.2 RAID 0, Striping

140 P400 Series User’s Manual for YM Software v3.0

RAID 1, Mirroring
Mirroring provides full redundancy by writing all data to two drives. This configuration is the
absolute safest in terms of data security.
RAID 1 can also improve performance during reads by providing parallel access paths to the
data instead of the normal serial access method (much like multiple toll booths are better than
one), although performance tends to be slower on writes compared to a single non-RAID drive.
The trade-off to safety is that total drive capacity is cut in half. A system must have an even
number of disk drives to implement a mirrored configuration. Figure 12.3, “RAID 1, Mirroring”
demonstrates this storage configuration.

Figure 12.3 RAID 1, Mirroring

RAID Level Comparisons 141

 RAID 5, Striping plus Parity Mode
This configuration distributes the data and the parity data across all four drives. Parity
information allows recovery from the failure of any single drive.
The performance of reads and writes is a little slower than Striping due to cross-checking for
accuracy with reads and updating the parity data with each write. A system must have 3 or more
disks to implement a parity configuration. Figure 12.4, “RAID 5, Striping plus Parity”
demonstrates this configuration.

Figure 12.4 RAID 5, Striping plus Parity

142 P400 Series User’s Manual for YM Software v3.0

About Disk Scrubbing
RAID 1 and RAID 5 configurations provide you data redundancy, and protect you against the
loss of a mirror or disk. However, if you lose a disk or mirror, and the RAID system needs to
recover all data on a surviving disk or mirror, that surviving disk or mirror must not have any
disk block failures to succeed. To ensure a successful recovery, use the disk scrubber
periodically. If a disk drive or mirror fails and you have a failed block on the surviving disk, you
will not be able to recreate the data that resides on that block.
A file makes up many blocks, and these block are scattered about on a disk. A RAID system is
not aware of a disk block failure until the RAID system reads that specific disk block—when
you open a file. A disk scrubber initiates a read operation on all user data on the YM appliance.
The disk scrubber does not read unused data blocks. If the disk scrubber detects a disk block
failure, the disk scrubber notifies the RAID system, and the RAID system fixes the problem if
possible.
Note: Disk scrubbing generates I/O; therefore, performance degradation exists during the disk
scrubbing process. However, this performance degradation has a minimal impact on users
because disk scrubbing occurs when the YM appliance is idle.
To enable disk scrubbing, go to “Scrubbing Disks for Disk Block Failures” on page 81.

Disk Scrubbing Operations on RAID 5 Configurations

If the disk scrubber identifies a block error, the RAID system performs the following sequence
of tasks:
1. Reads the data from the remaining data blocks and parity block.
2. Reconstructs the data on the bad data block.
3. Writes the data to a new data block.
4. Expires the bad data block.
However, in the rare case that the disk scrubber identifies a block error on both the data block
and the corresponding block, the RAID system cannot fix the block error, and the RAID system
cannot recreate the lost data.

Disk Scrubbing Operations on RAID 1 Configurations

If the disk scrubber identifies a block error, the RAID system performs the following sequence
of tasks:
1. Reads the data from the mirror block.
2. Writes the data to a new data block.
3. Expires the bad data block.
However, in the rare case that the disk scrubber identifies a block failure on both the data block
and the corresponding mirror block, the RAID system cannot recreate the block, and you lose
the data on that block.

About Disk Scrubbing 143

 A
System Configuration Worksheet
Chapter12

Use the following worksheet to record your system configuration.

Table A.1 System Configuration Worksheet
Menu Items Factory Default Your Site Configuration
System Configuration
System Time Time Zone GMT+8 Pacific Standard
Date & Time 8:00 PST
Administration Warning Notifier • E-mail: Not set
• Disk usage: Not set
• Syslog check: Disabled
YMM Control from • NAS Only mode: N/A
WAN • Router mode: N/A
• Proxy mode: Not Allowed
• Firewall mode: Not Allowed
YMM Idle Timeout Disabled
User Configuration
User Accounts user name:password postman:postman
Super User superuser:password admin:admin
Accounts
Group Accounts Not set
Network Configuration
Network LAN Interface Enabled
Interfaces LAN DHCP Client Enabled

DHCP Server Disabled

Network WAN Interface Disabled
Interfaces WAN Address if Static Not set
DHCP Client Not set
ADSL User Name User dependent
ADSL Password User dependent
Default Gateway Assigned automatically w/
DHCP client setting, User
dependent w/ Static IP address.

System Configuration Worksheet 145

 Table A.1 System Configuration Worksheet
Menu Items Factory Default Your Site Configuration
Host Host Name YMLast6DigitsOfMACaddress
Configuration
Domain Name www.yellowmachine.net
DNS Server DHCP Client

Security Configuration
Quick Network Choices are: Network NAS Only Mode
Security Attached Storage
(NAS) Only, Router,
Firewall, or Proxy
Modes
Web Access Proxy mode required Not set
Control
Storage Share Configuration
Quick Network Server Description YellowMachine
Storage Work Group Workgroup
Default Share Share
Storage Configuration
Logical Disks Type Physical Disk
Logical Disk 1 1RAID 5 (parity) HDD1, 2, 3, 4
Logical Disk 2
Logical Disk 3
Logical Disk 4
Mail Disk System Default
User Access Permission Policy
Logical Disks Read Only (x) Read/Write (x)
Logical Disk 1
Logical Disk 2
Logical Disk 3
Logical Disk 4
1. US default setting

146 P400 Series User’s Manual for YM Software v3.0

 B
Creating a Postman Account in Outlook
Chapter1

The default super user, postman, is a reserved account for e-mail administration. You can set up
a postman account in Outlook or Outlook Express to receive warning and status messages from
YMM and to review archived e-mails (a feature of the “Proxy” security mode).
To set up a postman account in Outlook or Outlook Express:

1. From Outlook, click Tools > E-mail Accounts.

2. Select Add an e-mail account, and click Next.
3. Select POP3 as Server Type, and click Next. The Internet E-mail Settings (POP3) window
appears.
4. Enter postman in the Your Name field, and click Next as shown in Figure B.1.
5. Do one of the following in the E-mail Address field:
• If you have a domain name, enter
postman@YellowMachineHostName.YourDomainName.com
• If you do not have your own domain name, enter
postman@IPaddressofYellowMachineAppliance
6. Click Next.
7. Enter either the YM appliance’s HostName.DomainName or LAN address as the Incoming
mail server. The default LAN address is 172.16.1.1.
8. Enter the YM appliance’s HostName.DomainName LAN address as the Outgoing mail
server. The default LAN address is 172.16.1.1.
9. Click Next.
10. Enter postman as the Account name.
11. Enter postman as the Password.
12. Click Next and Finish.

Creating a Postman Account in Outlook 147

 Figure B.1 Outlook E-mail Account for Postman

148 P400 Series User’s Manual for YM Software v3.0

 Index

A Emergency Power static, 151

Accounts Switch, 11 IPSEC, 35, 98
group, 50 Environmental
superuser, 49 requirements, 13 J
user, 47 Events, 130 Journaling FS, 57
Active Directory, 151 EXT2, 57
Altitude, 14 EXT3, 57 L
Auto-negotiate, 132 L2TP-IPSEC, 97
F LAN settings, 29
B FAT16, 54 Language setting, 135
Backups, 75, 130 FAT32, 54 LEDs, 10
Blinking LED, 10 File system Limitations, 54
Blocking ports, 132 checking, 57 Log files, 130
Boot disk, 92 recovery, 17 Logical drives, 137
Files
C copying, 65 M
Cache, 130 deleting, 65 Mac, 4, 55
Capacity, 3, 63 renaming, 65 MAC address, 38
Certificate Authority, 104, sharing, 65 Mac OS X, 13, 54, 64
106 transfering, 55 MODE button, 9
Certificates Firefox, 13 Modem, 12
creating, 106 Folders
copying, 65
revoking, 104, 106 N
Character restrictions, 54 creating, 65
NAS Only mode, 69
Clock, 130 deleting, 65
NAT, 69
Connections, 31 permissions, 66
Network configuration
Cooling system, 15 sharing, 65
resetting, 9
FTP, 34, 56
NFS, 37, 54
D NTFS, 54
Daylight Savings Time, 130 G NTP, 130
DHCP Gateway, 25, 27
Group accounts, 50
functionality, 23 O
IP range, 27, 105 Outlook, 70
Dimensions, 14 H
Directories HFS Plus, 54
P
renaming, 65 Hostname
Password, 108
Disks changing, 31
resetting, 9
capacity, 58, 63 registering, 32
Performance, 12, 27, 29, 54,
failure, 137 Humidity, 14
55, 57, 90, 91, 96, 143
installing, 85 Permission policies, 62
DNS servers, 32 I Planning worksheet, 145
Domain controller, 151 Idle timeout, 74 Postman account, 147
Domain name, 31 Images, 92 Power requirements, 16
Dynamic DNS, 32, 56 Incompatible network Powering off appliance, 11,
settings, 29 17
E Internet gaming, 33 Powering on appliance, 11
Electrical specifications, 16 IP address PPTP, 35, 97
Electrostatic Discharge, 15 changing, 31 Proxy mode, 69
E-mail, 73, 130, 135 dynamically, 151

Index 149
 Q W
Quotas, 58 Web access control, 71
Webmail, 72
R Websites, 72
Rebooting appliance, 18 Weight, 14
Recovery, 17 Workgroup, 42, 63
Redundancy, 92
Remote Desktop Y
Control, 125 YMC, 3
Replacing disks, 85 YME, 3
Retrospect YMM, 3
backups, 75
installing, 75
Root password, 9
Router mode, 69

S
Safety, i
Samba, 37, 54
Security
modes, 69
Serial port, 12
Shock specification, 15
Size, 14
Special characters, 54
Speed, 132
Storage Only mode, 69
Superuser accounts, 49
System requirements, 13, 14

T
Telnet, 34
Temperature, 14
Time, 130
Timeouts, 74

U
UDP, 35
UPS, 12, 133
User accounts, 47

V
Vibration specification, 15
VoIP, 33
Voltage, 11
VPN, 33
tunnels, 96, 105

150 P400 Series User’s Manual for YM Software v3.0

 Glossary

Term Definition
DHCP Client A Dynamic Host Configuration Protocol (DHCP) client
is a PC or other network device that obtains its IP
address automatically from a DHCP server.
DHCP Server A DHCP server assigns new IP addresses to other
network devices dynamically, so that the administrator
does not need to perform this task manually each time a
device is added to the network. Dynamically assigned
IP addresses can change each time a PC or other device
is turned on and requests an IP address of the DHCP
server.
DNS Domain Name Service. DNS translates Internet
hostnames (such as www.mycompany.com) to the
corresponding IP address (for example, 192.168.1.119)
and performs the reverse translation.
Domain controller A domain controller is a computer that runs Windows
Active Directory. This computer manages user access to
the network, enabling users to log on and access shared
resources.
IP Address IP stands for Internet Protocol. Every device on a
network, including the YM appliance and any PCs,
servers, and routers use this protocol. Each device has a
unique IP address. You can assign an IP address either
automatically through a DHCP server or manually.
• If manually assigned, you must type in the IP address
before the device can connect to the network.
• If automatically (“dynamically”) assigned, the
addresses are assigned when the device connects to
the network.
LAN IP Address This address is the private IP address assigned to a
computer or router.
PPPoE Point-to-Point Protocol over Ethernet (PPPoE) is a
broadband connection that provides user name and
password authentication and data transport.
Router A router connects your Local Area Network (LAN), or
the group of PCs in your home or office, to the Wide
Area Network (WAN), in other words, to the Internet.
Since a router is a device that connects to two
networks—one for the LAN side and one for the WAN
side—the router needs two IP addresses. A router can
be a DHCP server, supplying IP addresses to clients on
the network.

Glossary 151
 Term Definition
Static IP Address A static IP address is a fixed IP address that you assign
manually to a PC or other network device. Using a static
IP address ensures that the IP address does not change
until you change it.
Subnet Mask Short for subnetwork mask. A subnet mask is a method
of dividing a network of IP addresses into groups. A
common example of a subnet mask used is
255.255.255.0.
WAN IP Address This address is the public IP address of a router.

152 P400 Series User’s Manual for YM Software v3.0

Anthology Solutions, Inc.
Tel: (408) 454-6700
Fax: (408) 970-4731
www.anthologysolutions.com
or
www.YellowMachine.com

Sales: sales@YellowMachine.com or Toll-free (877) 936-5600

Customer Service: support@YellowMachine.com or Toll-free (877) 976-5600

22-0031-001