manualshive.com logo in svg

Crestron e-Control, Reference Manual

Crestron e-Control is a user-friendly automation system that allows you to control your devices with ease. Access the Reference Manual for detailed instructions on how to maximize its features. Download the manual for free from manualshive.com to get started on customizing your smart home experience.

Share
Download
background image

Software  

Crestron 

e-Control

®

 

Secure Sockets Layer 

 

Crestron 2-Series control systems are the first in the AV industry to provide built-in 
support for SSL, 

S

ecure 

S

ockets 

L

ayer, the de facto standard for protecting Web-

based communication between clients and servers. SSL is a protocol that provides a 
secure channel for communication between two machines. The secure channel is 
transparent, which means that it passes the data through, unchanged. The data is 
encrypted between the client and the server, but the data that one end writes is 
exactly what the other end reads. The SSL protocol uses TCP as the medium of 
transport. 

SSL ensures that the connection between a Web browser and Web server is secure by 
providing 

authentication

 and 

encryption

. Authentication confirms that servers, and 

sometimes clients, are who they say they are. Encryption creates a secure “tunnel” 
between the two, which prevents unauthorized access to the system. 

The secure tunnel that SSL creates is an encrypted connection that ensures that all 
information sent between the client and server remains private. SSL also provides a 
mechanism for detecting if someone has altered the data in transit. If at any point 
SSL detects that a connection is not secure, it will terminate the connection and the 
client and server will have to establish a new, secure connection. 

SSL uses both 

public-key

 and 

symmetric key

 encryption techniques. Public keys are 

a component of public-key cryptographic systems. The sender of a message uses a 
public key to encrypt data; the recipient of the message can only decrypt the data 
with the corresponding private key. Public keys are known to everybody, while 
private keys are secret and only known to the recipient of the message. Since only the 
server has access to its private key, only the server can decrypt the information. This 
is how the information remains confidential and tamper-proof while in transit across 
the network.  

An SSL transaction consists of two distinct parts: the key exchange, and the bulk data 
transfer. The SSL Handshake Protocol handles key exchange and the SSL Record 
Protocol handles the bulk data transfer.  

The key exchange (SSL handshake protocol) begins with an exchange of messages 
called the SSL handshake. During the handshake, the server authenticates itself to the 
client using public-key encryption techniques. Then the client and the server create a 
set of symmetric keys that they use during that session to encrypt and decrypt data 
and to detect if someone has tampered with the data. Symmetric key encryption is 
much faster than public-key encryption, while public-key encryption provides strong 
authentication techniques. 

Once the key exchange is complete, the client and the server use this session key to 
encrypt all communication between them. They do this encryption with a 

cipher

, or 

symmetric key encryption algorithm, such as RC4 or DES. This is the function of the 
SSL Record Protocol. There are two types of ciphers, symmetric and asymmetric. 
Symmetric ciphers require the same key for encryption and decryption, whereas with 
asymmetric ciphers, data can be encrypted using a public key, but decrypted using a 
private key. 

SSL supports a variety of ciphers that it uses for authentication, transmission of 
certificates, and establishing session keys. SSL-enabled devices can be configured to 
support different sets of ciphers, called 

cipher suites

12  

  Crestron e-Control® 

Reference Guide – DOC. 6052 

Summary of Contents for e-Control

Page 1: ...Crestron e Control Reference Guide...

Page 2: ...by the Technical Documentation department at Crestron Electronics Inc 15 Volvo Drive Rockleigh NJ 07647 1 888 CRESTRON All brand names product names and trademarks are the property of their respectiv...

Page 3: ...SSL Configuration 20 Ethernet Touchpanels 24 IP Table Setup 26 Using the PING Utility to Test an Internet Connection 30 AUTONEGOT Command 31 INTERFACES TO E CONTROL 31 Third Party Interfaces and the...

Page 4: ...APPENDIX E FAQ FOR IT MIS PROFESSIONALS 62 SOFTWARE LICENSE AGREEMENT 64 RETURN AND WARRANTY POLICIES 66 Merchandise Returns Repair Service 66 ii Crestron e Control Reference Guide DOC 6052...

Page 5: ...maintain Support for both 10 and 100Mbps products and half and full duplex transmission Support for static and dynamic IP addressing Control systems with built in Web server capability allowing device...

Page 6: ...puters used by thousands of people Wide Area Networks WANs such as the Internet combine multiple LANs that are geographically separate Switch or Hub Network Cable The development of standard networkin...

Page 7: ...stron control systems such as the MP2E come with an Ethernet network card already built in whereas others like the PRO2 require separate purchase of a C2ENET card shown in the figure TPS touchpanels c...

Page 8: ...or switch This is because the send and receive connections on the hub or switch are the reverse of those on the device s network card or adapter Thus data goes straight from a send connection on the...

Page 9: ...s Thus if five devices are connected to five ports each port can only transfer data at a rate of 2Mbps because 10 divided by 5 equals 2 A 100Mbps 10 port hub with 10 devices connected to it shares the...

Page 10: ...he public side can also be a corporate or residential LAN with the internal side being a sub network within that LAN LAN Router Internet Modem Switch WAN The router s firewall NAT or Network Address T...

Page 11: ...uipment can transfer data over Ethernet without prior advertising or need to negotiate a connection UDP has minimal overhead each datagram on the network is composed of just a small header and the con...

Page 12: ...can have up to 254 hosts IP Subnet Masking Applying a subnet mask to an IP address allows an Internet router to identify the network and node parts of the address The 1s in the mask represent the net...

Page 13: ...lt gateway address can be set to 0 0 0 0 Otherwise you would specify the internal LAN address of the router Static and Dynamic IP Addressing Static and dynamic IP addressing are two different methods...

Page 14: ...ISP You would then use the router s network configuration screens to define the range of static IP addresses available on the LAN side If you are installing e Control in a corporate LAN the network ad...

Page 15: ...l access a server machine on the internal LAN if the router or NAT is configured for port mapping Port mapping is a mechanism that makes specific services available to the WAN without exposing other a...

Page 16: ...y Public keys are known to everybody while private keys are secret and only known to the recipient of the message Since only the server has access to its private key only the server can decrypt the in...

Page 17: ...natively self signed certificates can be generated for secure Web servers but self signed certificates do not provide the same functionality as CA signed certificates Browsers will not automatically r...

Page 18: ...ret using the server s private key 6 Now that both the browser and the Web server have the same master secret they use this master secret to create keys for the encryption and MAC message authenticati...

Page 19: ...guration parameters applied specifically to all clients that obtain a lease within a particular scope Some commonly used options include IP addresses for default gateways routers WINS servers and DNS...

Page 20: ...COM 1 Select the PC COM port COM 1 COM 8 Baud rate 115200 for 2 Series processors 57600 for X Series Parity None Number of data bits 8 Number of stop bits 1 Hardware handshaking RTS CTS enabled Softw...

Page 21: ...2ENET 1 and C2ENET 2 cards The C2ENET cards provide two configuration options one for LAN A and the other for LAN B With the C2ENET 1 card values should only be entered for LAN A For static IP address...

Page 22: ...u choose from the private IP address classes described earlier The network addresses of LAN A and LAN B cannot be the same For example if the same subnet mask is applied to both IP addresses and the r...

Page 23: ...to be entered Note that the domain supplied by the DHCP server will overwrite the domain that is indicated in this field Advanced Settings optional 1 Click the Advanced button to set optional paramet...

Page 24: ...he control system Here the Viewport title bar will display the new communication settings i e Connected to ConferenceRoom crestron com on Port 41795 2 Series SSL Configuration This section describes t...

Page 25: ...Enable SSL 4 Select Self Signed Certificate and click OK to reboot the control system 5 This generates a self signed certificate that you can use temporarily while you obtain a CA signed certificate A...

Page 26: ...the SYS directory with a der extension as sys srv_key der The procedure for backing up the private key is described in the next section The csr text file is in the following format BEGIN NEW CERTIFICA...

Page 27: ...tor such as Notepad and copy and paste the text between the Begin new certificate request and End new certificate request delimiters before sending the file to the CA The time it takes to receive the...

Page 28: ...te may then download the root certificate onto the server Uploading the root certificate is identical to the procedure for uploading signed certificate The only difference is that the root certificate...

Page 29: ...9 IPMASK 255 255 255 0 DEFROUTER 0 0 0 0 For dynamic IP addressing the commands are ADDMASTER IP ID control system address FQDN specifies the IP ID of the touchpanel and the static IP address or full...

Page 30: ...method creates what is referred to as a default IP Table as follows 1 For Ethernet Remote Processing and TPS Panels Double click the Ethernet remote processor or TPS panel in the SIMPL Windows Configu...

Page 31: ...system The Ethernet ISC symbol is described in detail in the section titled Interfaces to e Control 7 With X Series control systems the Device Settings dialog box provides a drop down list for select...

Page 32: ...ontrol system it will overwrite the previously loaded IP Table Each Ethernet device in the SIMPL Windows program also has an IP Table called a master list which sets the device s IP ID and specifies t...

Page 33: ...The CEN TVAV can accept commands from only one control system thus the IP Table should have only one entry that is set as master For other CEN devices the procedure for setting the IP information diff...

Page 34: ...will give the following results Pinging 164 109 174 244 with 32 bytes of data Reply from 164 109 174 244 bytes 32 time 260ms TTL 255 Reply from 164 109 174 244 bytes 32 time 221ms TTL 255 Reply from 1...

Page 35: ...egardless of how cleverly programmed or sophisticated a given system is if it lacks a quality user interface it is unlikely to be used to its full potential Crestron offers a variety of user interface...

Page 36: ...ystem The gateway would also translate feedback from the control system and send it back to the browser To accommodate the broad range of possible configurations and third party interfaces Crestron pr...

Page 37: ...ge that contains an applet that applet s code is transferred to your system and executed by the browser s Java Virtual Machine JVM Crestron distributes a copy of the latest Microsoft JVM with each ver...

Page 38: ...wnloaded no further page updates are necessary meaning that the run time performance will be the same as with a touchpanel To create an XPANEL project simply select XPANEL as the panel type in VT Pro...

Page 39: ...les folder of the Device Library and the symbol detail is defined identically to a touchpanel symbol That is all the join numbers you define in the VT Pro e project map to signals on the symbol detail...

Page 40: ...server that is built into the 2 Series processor or CNXENET card you can use the Crestron Viewport You can also use the Viewport to upload Web pages to Compact Flash for 2 Series only 1 From the Viewp...

Page 41: ...into the Memory Expansion slot of the control system the control system will look for the HTML directory and automatically load the Web pages to the Web server The HTML directory must also include a...

Page 42: ...ne This will open the e Control 2 screen and display the message The connection to hardware was not established Click Settings on the Options menu and enter the IP address or fully qualified domain na...

Page 43: ...trol system Each Web browser initiates a connection to the gateway This configuration supports however many connections for which the CNX EGWY is licensed 192 168 1 XXX Ethernet Network CIP TCP IP TCP...

Page 44: ...ts a maximum of 30 simultaneous connections The CNXENET card supports up to five simultaneous connections Web browser Connected to http 192 168 1 200 192 168 1 XXX Ethernet Network Control System Gate...

Page 45: ...tiveCNX control has the capability to connect to the e Control gateway send and receive digital analog and serial signals using the same join number scheme as a touchpanel Each ActiveCNX control in a...

Page 46: ...ates the connection In the configuration shown below the ActiveCNX control resides on the same PC as the CNX EGWY Here the ActiveCNX control uses the Connect command to start the connection while the...

Page 47: ...m The e Control gateway receives the packets and performs the translation to CIP PC 192 168 1 3 ActiveCNX Control Connect IP Address 192 168 1 7 IP ID 05 192 168 1 XXX Ethernet Network Control System...

Page 48: ...Devices PC 192 168 1 4 ActiveCNX Control Connect IP Address 192 168 1 7 IP ID 07 PC CNX Gateway 192 168 1 9 CIP TCP IP TCP IP The ActiveCNX control can also communicate directly with a CEN device In t...

Page 49: ...ied domain name of the target control system That is in System A an Ethernet ISC symbol with IP ID 08 would be assigned the IP address or FQDN of System B The Ethernet ISC symbol in System B would lik...

Page 50: ...d amount of time expressed in bits per second bps Bit A binary digit The value 0 or 1 used in the binary numbering system Also the smallest form of data Boot To cause the computer to start executing i...

Page 51: ...ne after the other Transmitted signals go to the first device then to the second and so on Database A database is a collection of data that is organized so that its contents can easily be accessed man...

Page 52: ...rotocol software running in the computer it is designed for a specific NIC and is installed during the initial installation of a network compatible client or server operating system Dynamic IP Address...

Page 53: ...as a way to distinguish the box and the electronic circuitry and components of a computer from the program you put in it to make it do things The program came to be known as the software Hub The devi...

Page 54: ...MAC Media Access Control address is a unique number assigned by the manufacturer to any Ethernet networking device such as a network adapter that allows the network to identify it at the hardware leve...

Page 55: ...y used in PCs Macintoshes and workstations It was designed primarily by Intel and first appeared on PCs in late 1993 PCI provides a high speed data path between the CPU and peripheral devices video di...

Page 56: ...is known as a virtual private network VPN PrintServer A hardware device that enables a printer to be located anywhere in the network RIP Routing Information Protocol A simple routing protocol that is...

Page 57: ...the Internet It can also be used as a communications protocol in a private network either an intranet or an extranet When you are set up with direct access to the Internet your computer is provided wi...

Page 58: ...e cable VLAN Virtual LAN A logical association that allows users to communicate as if they were physically connected to a single LAN independent of the actual physical configuration of the network Vir...

Page 59: ...l means that the Transport layer looks to see if data is coming from more than one application and integrates each application s data into a single stream for the physical network Layer 3 Network The...

Page 60: ...network if it is willing to accept information from the local device Layer 4 Application Layer 4 combines the Session Presentation and Application layers of the OSI model Protocols for specific functi...

Page 61: ...Crestron e Control Software Appendix C Control System Timing Data X Series Control Systems Reference Guide DOC 6052 Crestron e Control 57...

Page 62: ...Software Crestron e Control 58 Crestron e Control Reference Guide DOC 6052...

Page 63: ...Crestron e Control Software Reference Guide DOC 6052 Crestron e Control 59...

Page 64: ...Network Address Translator NAT NATREMote Enable disable NAT Remote Config PING Ping remote node REMMaster Remove an entry from IP table REMPortmap Remove a port map from the NAT table SHOWPORTMAP Disp...

Page 65: ...country code SN Full state or province name LN Locality or city name ON Organization or company name OUN Organizational Unit name or division SN site name or domain name EA Email address This command...

Page 66: ...tus of all Crestron control processors on the network Web interface The Crestron control processor comes with a built in Web server that is used for serving up Web pages that communicate with the prog...

Page 67: ...hat many diverse clients connect to the processor over IP it may be desired to configure the systems for static IP addresses as would a web server or a router Crestron Control Systems also provide DHC...

Page 68: ...ands data or instructions from or to another computer b for local campus or wide area network internet or web hosting services or c pursuant to any rental sharing or service bureau arrangement The Sof...

Page 69: ...inety 90 days from the date of receipt and b that any hardware accompanying the Software will be subject to its own limited warranty as stated in its accompanying written material Crestron shall at it...

Page 70: ...vered This warranty extends to products purchased directly from CRESTRON or an authorized CRESTRON dealer Purchasers should inquire of the dealer regarding the nature and extent of the dealer s warran...

Page 71: ...Crestron e Control Software This page intentionally left blank Reference Guide DOC 6052 Crestron e Control 67...

Page 72: ......

Page 73: ...Crestron e Control Software This page intentionally left blank Reference Guide DOC 6052 Crestron e Control 69...

Page 74: ...Crestron Electronics Inc Reference Guide DOC 6052 15 Volvo Drive Rockleigh NJ 07647 7 03 Tel 888 CRESTRON Fax 201 767 7576 Specifications subject to www crestron com change without notice...

Reviews:

No comments

Related manuals for e-Control

MAGIX VIDEO EASY3hd Manual preview
VIDEO EASY3hd
Brand: MAGIX Pages: 88
Adobe CAPTIVATE 2 Use Manual preview
CAPTIVATE 2
Brand: Adobe Pages: 306
PS Audio PowerPlay Programming Manual preview
PowerPlay
Brand: PS Audio Pages: 6
M-Audio Heavy Guitars Quick Start Manual preview
Heavy Guitars
Brand: M-Audio Pages: 4
Citrix MetaFrame MetaFrame Presentation Server Reviewer'S Manual preview
MetaFrame MetaFrame Presentation Server
Brand: Citrix Pages: 97
F-SECURE ANTI-VIRUS LINUX CLIENT SECURITY - Administrator'S Manual preview
ANTI-VIRUS LINUX CLIENT SECURITY -
Brand: F-SECURE Pages: 208
Billion English CO1 User Manual preview
English CO1
Brand: Billion Pages: 42
ARTEX 570-2225 Manual preview
570-2225
Brand: ARTEX Pages: 33
Symantec pcAnywhere Administrator'S Manual preview
pcAnywhere
Brand: Symantec Pages: 105
Symantec Norton Personal Firewall 2003 User Manual preview
Norton Personal Firewall 2003
Brand: Symantec Pages: 151
Symantec SERVICEDESK 7.0 MR2 Implementation Manual preview
SERVICEDESK 7.0 MR2
Brand: Symantec Pages: 188
Denon DP-200USB Owner'S Manual preview
DP-200USB
Brand: Denon Pages: 29
Solid State Logic Soundscape Mixer Reference Manual preview
Soundscape Mixer
Brand: Solid State Logic Pages: 109
DigiDesign Pro Tools Reference Manual preview
Pro Tools
Brand: DigiDesign Pages: 886
MACROMEDIA CONTRIBUTE Manual preview
CONTRIBUTE
Brand: MACROMEDIA Pages: 21
RADVision OnLAN User Manual preview
OnLAN
Brand: RADVision Pages: 12
KAPERSKY ANTI-VIRUS 5.6 - FOR NOVELL NETWARE Administrator'S Manual preview
ANTI-VIRUS 5.6 - FOR NOVELL NETWARE
Brand: KAPERSKY Pages: 130
TC Electronic Filtroid Manual preview
Filtroid
Brand: TC Electronic Pages: 9

Brands by name

Popular brands

Load more brands