manualshive.com logo in svg

Lantronix SLC 8000 Series, User Manual

The Lantronix SLC 8000 Series offers an advanced solution for remote management of servers and IT equipment. Ensure efficient operations by accessing user manuals effortlessly with our free download option at manualshive.com. Simplify troubleshooting and enhance productivity with the help of our comprehensive user manual.

Share
Download
background image

12: User Authentication

SLC™ 8000 Advanced Console Manager User Guide

290

3. Click the 

Apply

 button.

4. Repeat steps 2-3 for each key you want to import.
5. To return to the SSH Keys page, click the 

Back to SSH Keys

 link.

SSH Commands

Go to 

SSH Key Commands

 to view CLI commands that correspond to the web page entries 

described above.

Custom Menus

Users can have custom user menus as their command line interface, rather than the standard CLI 

command set. Each custom user menu can contain up to 50 commands ('logout' is always the last 

command). Instead of typing each command, the user enters the number associated with the 

command. Each command can also have a nickname associated with it, which can be displayed in 

the menu instead of the command. The commands 

showmenu <Menu Name>

 and

 returnmenu 

can be entered to display another menu from a menu, or to return to the prior menu. The 

command 

returncli

 can be used to break out of a menu and return to the regular CLI.

To add a custom menu:

1. Click the 

User Authentication

 tab and select the 

Custom Menus

 option. The Custom Menus 

page displays:

Path

Path of the directory where the host key will be stored. 

Login

User ID to use to SCP or SFTP the file.

Password / 

Retype Password

Password to use to SCP or SFTP the file.

Summary of Contents for SLC 8000 Series

Page 1: ...Part Number 900 704 R Revision R November 2019 SLC 8000 Advanced Console Manager User Guide ...

Page 2: ...766 Phone 949 453 3990 Fax 949 453 3995 Technical Support Online www lantronix com support Sales Offices For a current list of our domestic and international sales offices go to the Lantronix web site at www lantronix com about contact GNU General Public License Notice This product includes open source software including software subject to the GNU General Public Licenses GPL Lantronix will provid...

Page 3: ...rence Note This equipment has been tested and found to comply with the limits for Class A digital device pursuant to Part 15 of the FCC Rules These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment This equipment generates uses and can radiate radio frequency energy and if not installed and used in accordanc...

Page 4: ...Authority Certificate File Key File for Local Peer SA Lifetime Remote and Dead Peer settings under Network VPN Enable v1 v2c Trap Version Alarm Delay to SNMP and Trap User Name Password and Passphrase under SNMP Services Added ability change and reset BootCount BootDelay and BootLimit September 2017 G Updated part number February 2018 H Updated for firmware release 7 5 0 0 March 2018 J Updated to ...

Page 5: ... 0 added support for CLI commands issued from ConsoleFlow in bulk Starting with release 8 1 0 0 added VPN interoperability and configuration Starting with release 8 3 0 0 newly manufactured factory default SLC units use a device unique default password for local user sysadmin accounts Date continued Rev Comments ...

Page 6: ..._________________________________24 Integration with Other Secure Lantronix Products _____________________________24 Hardware ________________________________________________________________24 System Features __________________________________________________________26 Protocols Supported ____________________________________________________27 Access Control ________________________________________...

Page 7: ...___________________________________57 Method 3 Quick Setup on the Command Line Interface ___________________________58 Next Step _______________________________________________________________61 5 Web and Command Line Interfaces 62 Web Manager ____________________________________________________________62 Logging in ____________________________________________________________64 Logging Out _______...

Page 8: ...________________85 Static Routing _________________________________________________________85 Routing Commands ____________________________________________________85 VPN Settings _____________________________________________________________85 Sample ipsec conf Files _________________________________________________97 VPN Commands ______________________________________________________102 Security _...

Page 9: ... Commands ________________________________________________137 Services SSL Certificate _______________________________________________137 Services Web Sessions _______________________________________________140 ConsoleFlow ____________________________________________________________140 ConsoleFlow Commands _______________________________________________145 8 USB SD Card Port 146 Set Up of USB SD C...

Page 10: ..._____________178 Syslog Logging _______________________________________________________178 Token Data Detection ________________________________________________179 Local Logging ________________________________________________________181 Log Viewing Attributes _________________________________________________181 NFS File Logging _____________________________________________________181 USB SD Card ...

Page 11: ... Remote Power Managers 231 Devices RPMs _________________________________________________________231 RPMs Add Device ___________________________________________________234 RPMs Manage Device ___________________________________________________237 RPMs Outlets __________________________________________________________240 RPM Shutdown Procedure _________________________________________________241 Opt...

Page 12: ...ed Keys _______________________________________________________285 Exported Keys _______________________________________________________285 Imported Keys SSH In ________________________________________________287 Host Login for Import _________________________________________________287 Exported Keys SSH Out _______________________________________________287 Host and Login for Export _____________...

Page 13: ...________321 Local Serial Connection to Network Device via Telnet ____________________________322 15 Command Reference 324 Introduction to Commands _________________________________________________324 Command ___________________________________________________________324 Command Line Help ___________________________________________________325 Tips ___________________________________________________...

Page 14: ..._____________________________________________________399 Site Commands __________________________________________________________401 SLC Network Commands __________________________________________________401 SSH Key Commands _____________________________________________________402 Status Commands ________________________________________________________405 System Log Commands ______________________...

Page 15: ..._____________________________418 Port Connections _____________________________________________________418 Appendix C Adapters and Pinouts 419 Appendix D Protocol Glossary 422 Appendix E Compliance Information 424 RoHS REACH and WEEE Compliance Statement ______________________________425 ...

Page 16: ...______________42 Figure 4 2 Front Panel LCD Display and Five Button Keypad Enter Up Down Left Right ______51 Figure 4 6 Quick Setup ____________________________________________________________55 Figure 4 7 Quick Setup Completed in Web Manager _____________________________________57 Figure 4 8 Home _________________________________________________________________58 Figure 4 9 Beginning of Quick Set...

Page 17: ..._________________________________147 Figure 8 3 Devices USB Configure_______________________________________________148 Figure 8 4 Devices USB Modem ________________________________________________149 Figure 8 5 Firmware and Configurations Manage Files _________________________________153 Figure 9 2 Devices Device Status _________________________________________________157 Figure 9 3 Devices Devic...

Page 18: ..._________________________________255 Figure 12 4 User Authentication Local Remote User Add Edit User _____________________258 Figure 12 5 User Authentication NIS _______________________________________________262 Figure 12 6 User Authentication LDAP _____________________________________________266 Figure 12 7 User Authentication RADIUS ___________________________________________270 Figure 12 8 Use...

Page 19: ...______________319 Figure 14 2 Remote User Connected to a SUN Server via the SLC unit _____________________319 Figure 14 3 Dial in Text Mode to a Remote Device ____________________________________321 Figure 14 4 Local Serial Connection to Network Device via Telnet _________________________322 Figure C 1 RJ45 Receptacle to DB25M DCE Adapter for the SLC unit PN 200 2066A ________419 Figure C 2 RJ45 R...

Page 20: ..._____52 Table 4 4 Front Panel Setup Options with Associated Parameters __________________________52 Table 4 5 Front Panel Setup Options continued ________________________________________52 Table 5 3 SCS Commands ________________________________________________________67 Table 5 4 CLI Keyboard Shortcuts ___________________________________________________68 Table 6 12 Error Conditions ______________...

Page 21: ...rovide detailed instructions for using the web interface and include equivalent command line interface commands Chapter 6 Basic Parameters Provides instructions for configuring network ports firewall and routing settings and VPN Chapter 7 Services Provides instructions for enabling and disabling system logging SSH and Telnet logins SNMP SMTP and the date and time Chapter 8 USB SD Card Port Provide...

Page 22: ... 8000 advanced console manager Appendix C Adapters and Pinouts Includes adapter pinout diagrams Appendix D Protocol Glossary Lists the protocols supported by the SLC unit with brief descriptions Appendix E Compliance Information Provides information about the SLC 8000 advanced console manager s compliance with industry standards Document Description SLC 8000 Advanced Console Manager Quick Start Gu...

Page 23: ...d troubleshooting without sending a technician onsite Reduces travel costs and downtime costs Saves time Provides instant access and reduces response time improving efficiency Simplifies access Enables you to access equipment securely and remotely after hours and on weekends and holidays without having to schedule visits or arrange for off hour access Protects assets Security features provide encr...

Page 24: ...forty eight USB I O device ports A combination of 16 port USB I O modules and 16 port RJ45 I O modules can be installed to provide up to forty eight serial RJ45 ports and or USB type A ports according to the type and number of I O modules installed on the back of the SLC unit Note The SLC8008 ships with an 8 port serial module that must be installed in the first bay This module is not available se...

Page 25: ...y card slot SD card provided by the user One RJ11 modem port on the front panel Note Use of the RJ11 modem port requires installation of an optional modem card Lantronix part number 56KINTMODEM 01 see Modem Installation on page 43 LCD display and keypad 256 KB per port buffer memory for serial device ports Software reversible device port pinouts Either universal AC power input 100 240V 50 60 Hz or...

Page 26: ...ity configurable access rights Secure shell SSH security supports numerous other security protocols Network File System NFS and Common Internet File System CIFS support RAW TCP Telnet or SSH to a serial port by IP address per port or by IP address and TCP port number Configurable user rights for local and remotely authenticated users Supports an external modem The SLC 8000 supports the use of sing...

Page 27: ...ation Callback Control Protocol CBCP IPsec for VPN access For brief descriptions of these protocols see Appendix D Protocol Glossary on page 422 Access Control The system administrator controls access to attached servers or devices by assigning access rights to up to 128 user profiles Each user has an assigned ID password and access rights Other user profile access options may include externally c...

Page 28: ...l pinout information see the Appendix C Adapters and Pinouts on page 419 Device ports and the console port support the following baud rate options 300 600 1200 2400 4800 9600 19200 38400 57600 115200 and 230400 baud USB Interface The SLC unit can contain up to up to three I O modules comprised of 16 port USB I O module s and or 16 port RJ45 I O module s installed in the three module bays available...

Page 29: ...O Modules Installed in Bays 1 2 3 with Dual Ethernet Port Figure 2 4 One 16 Port USB I O Module Installed in Bay 1 with Dual Ethernet Port Figure 2 5 One 16 RJ 45 Serial Port I O Module Bay 1 Two 16 USB I O Module Bays 2 3 with Dual SFP Port Bay 1 Bay 2 Bay 3 Bay 1 Bay 2 Bay 3 Bay 1 Bay 2 Bay 3 ...

Page 30: ...t Pinout Figure 2 8 Console Port Front Side DCE Pin DTE Pin Description 8 1 RTS output 7 2 DTR output 6 3 TXD output 5 4 Ground 4 5 Ground 3 6 RXD input 2 7 DSR input 1 8 CTS input Table 2 9 Console DTE Port Pinout DTE Pin Description 1 RTS output 2 DTR output 3 TXD output 4 Ground 5 Ground 6 RXD input 7 DSR input 8 CTS input ...

Page 31: ...twork parameters must be configured before the SLC console manager can be accessed over the network Note One possible use for the two Ethernet ports is to have one port on a private secure network and the other on a public unsecured network The SLC 8000 can also be equipped with a factory installed NIC Ethernet RJ45 or SFP ports The NIC with SFP ports can support single multi mode fiber or copper ...

Page 32: ... Panel USB Ports The SLC 8000 unit has two 2 0 USB ports HS FS LS on the front panel as seen in Figure 2 12 Figure 2 12 Dual USB Ports Memory Card Port The SLC unit has a memory card port on the front panel of the unit which accepts SD cards Figure 2 13 Memory Card Port ...

Page 33: ...8000 Advanced Console Manager User Guide 33 Internal Modem An internal modem can be installed in the SLC 8000 advanced console manager See Modem Installation on page 43 for instructions Figure 2 14 Internal Modem Location ...

Page 34: ...ariants ship with 110V North American AC power cord s TAA Compliant models available replace the S with G in the SKUs above e g SLC80321201G for 16 Port RS 232 RJ45 Single AC Supply Part Number Component Description SLC 8000 Advanced Console Manager Models Part number depends on SLC model SLC 8000 Advanced Console Manager Note Please visit https www lantronix com products lantronix slc 8000 tab or...

Page 35: ... gateway 6 Protect investment with various extended warranty and service options Part Number Component Description International Power Cords 930 077 R Power Cord Israel 250VAC 10A 8FT RoHS 930 075 R Power Cord UK 250VAC 10A 8FT RoHS 930 074 R Power Cord European 250VAC 10A 8FT RoHS User Swappable Modules FRRJ451601 16 Device Port RS 232 RJ45 I O Device Port Module FRUSB1601 16 Device Port USB I O ...

Page 36: ...ersible pinouts 8 or 16 ports per I O module Speed software selectable 300 to 230400 baud Note Serial RJ45 device ports for the SLC 8000 advanced console manager are reversed by default Do not use rolled cables and adapters when replacing an SLC console manager with the SLC 8000 model USB 2 0 Interface Device Up to 48 USB type A Host as up to three 16 port USB I O modules can be installed HS FS an...

Page 37: ...Hz IEC 60320 C14 Power Supply DC dual 20V to 72V input Power Consumption Less than 25W with 48 RS232 serial ports Less than 45W with 48 USB ports Dimensions 1U 1 75 in x 17 25 in x 12 in Weight 12 1 lbs with 48 serial ports 11 8 lbs with 48 USB ports Temperature Operating 0 to 50 C 32 to 122 F Storage 30 to 80 C 22 to 176 F Relative Humidity Operating 10 to 90 non condensing Storage 10 to 95 non c...

Page 38: ... Connecting Terminals on page 41 4 Connect the power cord and apply power See AC Input on page 42 5 Wait approximately one minute for the boot process to complete When the boot process ends the SLC host name and the clock appear on the LCD display Now you are ready to configure the network settings as described in Chapter 4 Quick Setup Connecting to a Device Port You can connect almost any device ...

Page 39: ... 2 Connect the other end of the USB cable to a USB console port Figure 3 7 shows a sample I O module installation with two 16 port RJ45 I O modules and one 16 port USB I O module and how the device ports correspond to the buttons on the Dashboard Pin Number Description 1 RTS output 2 DTR output 3 TXD output 4 Ground 5 Ground 6 RXD input 7 DSR input 8 CTS input Pin Number Description 1 CTS input 2 ...

Page 40: ...he bays Bay 1 Bay 2 and Bay 3 must be populated in consecutive order Bay 1 is the slot next to the Ethernet ports and Bay 3 is the slot beside the power supply module See Figure 3 7 and Table 3 8 When device ports are unused or unsupported they do not appear in the Dashboard See Sample Dashboards Note See the SLC 8000 I O Module Installation Guide for information on installing I O modules Bay 1 Ba...

Page 41: ... One possible use for the two Ethernet ports is to have one port on a private secure network and the other on an unsecured network Connecting Terminals The console port is for local access to the SLC 8000 advanced console manager and the attached devices You may attach a dumb terminal or a computer with terminal emulation to the console port The SLC console port uses RS 232C protocol and supports ...

Page 42: ...nning press Enter to establish connection You should see the model name and a login prompt on your terminal 5 On a factory default SLC you may log in using sysadmin as the user name and the last 8 characters of the Device ID for newly manufactured units that come installed with 8 3 0 0 or later or PASS for all older units as the password AC Input The power supply module for the SLC controller acce...

Page 43: ...ÉCOMMUNICATIONS 26 AWG AU DE SECTION SUPÉRLEURE Warning RISK OF ELECTRICAL SHOCKS DISCONNECT ALL POWER AND PHONE LINES BEFORE SERVICING Caution DEVICES INSIDE THE EQUIPMENT AND THE MODEM ARE ELECTROSTATIC SENSITIVE DO NOT HANDLE EXCEPT AT A STATIC FREE WORKPLACE MODEM PART NUMBER Lantronix 56KINTMODEM 01 MODEM SERVICING INSTRUCTIONS You will need a medium size Phillips screw driver 1 Turn off powe...

Page 44: ...e door off with the screw driver 4 Take note of the orientation of the modem in the photograph so that you can install a new modem correctly with the same orientation 5 If there is a modem replacement carefully lift the old modem out of its socket 6 Install the new modem with correct orientation ...

Page 45: ...5 7 Make sure to have correct pin alignment 8 Press the modem down to make sure it sits down all the way in the socket 9 Double check the new modem placement to make sure it is done properly 10 Place the battery modem door back 11 Carefully tighten the door screw ...

Page 46: ...T AT A STATIC FREE WORKPLACE Battery Part Numbers Panasonic BR2032 or equivalent button cell lithium non rechargeable Caution DO NOT USE BATTERY TYPE CR2032 SINCE IT HAS A LOWER OPERATING TEMPERATURE RANGE DISPOSAL OF USED BATTERIES from battery data sheet If not in a large quantity button cell batteries contain so little Lithium that they do not qualify as reactive hazardous waste These batteries...

Page 47: ...NE BEFORE SERVICING You will need a medium size Phillips screw driver 1 Turn off power to the SLC 8000 advanced console manager 2 Locate the battery modem door on the top of the SLC unit 3 Carefully unscrew and lift the door off with the screw driver 4 If there is a modem installed note the orientation of the modem so that later you can install it back correctly ...

Page 48: ...o lift the battery out of the socket Caution DO NOT USE A METAL OBJECT TO PRY OUT THE BATTERY IT MAY SHORT THE BATTERY AND DAMAGE THE BATTERY HOUSING 7 Install the new battery with the side up making sure the battery sits completely and securely in the housing 8 Re install the modem with correct orientation a Make sure also to have correct pin alignment ...

Page 49: ...o make sure it sits down all the way in the socket 9 Double check the battery and modem placements to make sure they are done properly 10 Place the battery modem door back 11 Carefully tighten the door screw 12 If necessary reprogram the SLC system date time after installing a new battery ...

Page 50: ...tup IP Address Your SLC 8000 advanced console manager must have a unique IP address on your network The system administrator generally provides the IP address and corresponding subnet mask and gateway The IP address must be within a valid range and unique to your network If a valid gateway address has not been assigned the IP address must be on the same subnet as workstations connecting to the SLC...

Page 51: ...own Left Right The front panel display initially shows the hostname abbreviated to 14 letters and the date and time When you click the right arrow button the SLC network settings displays Using the five buttons on the keypad you can change the network console port and date time settings and view the firmware release version If desired you can restore the factory defaults Note Have your information...

Page 52: ...rrows To scroll up or down the list of parameters within an option e g from IP Address to Mask Left Right Arrow Table 4 5 Front Panel Setup Options continued Current Time Eth1 Network Settings Console Port Settings Date Time Settings Release Serial Number ID User ID Current Time Eth1 IP Address Baud Rate Data Bits Stop Bits Parity Flow Control Time Zone Firmware version and date code display only ...

Page 53: ...ou have the IP address as you want it press Enter to exit edit mode and then press the down arrow button The Subnet Mask parameter displays Note You must edit the IP address and the Subnet Mask together for a valid IP address combination 5 To save your entries for one or more parameters in the group press the right arrow button The Save Settings Yes No prompt displays Note If the prompt does not d...

Page 54: ...can change it at the command line interface using the CLI admin keypad password command The front panel Factory Default password and sysadmin password should be recorded and stored in a secure place accessible by at least two authorized system administrators Recovering an SLC if both of these passwords are unknown is cumbersome and time consuming 5 Press Enter to exit edit mode If the password is ...

Page 55: ...rowser updates 2 In the URL field type https followed by the IP address of your SLC console manager Note The web server listens for requests on the unencrypted HTTP port port 80 and redirects all requests to the encrypted HTTPS port port 443 3 Log in using sysadmin as the user name and the last 8 characters of the Device ID for newly manufactured units that come installed with 8 3 0 0 or later or ...

Page 56: ... if specifying Enter an IP address that is unique and valid on your network There is no default Enter all IP addresses in dot quad notation Do not use leading zeros in the fields for dot quad numbers less than 100 For example if your IP address is 172 19 201 28 do not enter 028 for the last segment octet Note Currently the SLC 8000 advanced console manager does not support configurations with the ...

Page 57: ...me Select the checkbox to manually enter the date and time at the SLC unit s location Date From the drop down lists select the current month day and year Time From the drop down lists select the current hour and minute Time Zone From the drop down list select the appropriate time zone Administrator Setting Description Sysadmin Password To change the password e g from the default enter a Sysadmin P...

Page 58: ...rial terminal connection power up and when the command line displays press Enter With a network connection use an SSH client or Telnet program if Telnet has been enabled to connect to xx xx xx xx the IP address in dot quad notation and press Enter You should be at the login prompt 2 Enter sysadmin as the user name and press Enter 3 Enter the last 8 characters of the Device ID for newly manufacture...

Page 59: ...last octet Note Configurations with the same IP subnet on multiple interfaces Ethernet or PPP are not currently supported Subnet Mask The subnet mask specifies the network segment on which the SLC 8000 advanced console manager resides There is no default If you selected DHCP or BOOTP this prompt does not display Default Gateway IP address of the router for this network There is no default Hostname...

Page 60: ... Address from DHCP 2 obtain IP Address from BOOTP 3 static IP Address Enter 1 3 1 The SLC8032 can be configured to use a default gateway Enter gateway IP Address none ____Hostname____________________________________________________________ The current hostname is slc0348 and the current domain is undefined The hostname will be shown in the CLI prompt Specify a hostname slc0348 Specify a domain und...

Page 61: ...advanced console manager you may want to configure other settings You can use the web page or the command line interface for configuration For information about the web and the command line interfaces go to Chapter 5 Web and Command Line Interfaces To continue configuring the SLC unit go to Chapter 6 Basic Parameters ...

Page 62: ...ministrator and other authorized users to configure and manage the SLC 8000 advanced console manager using most web browsers Firefox Chrome or Internet Explorer web applications with the latest browser updates The SLC unit provides a secure encrypted web interface over SSL secure sockets layer Note The web server listens for requests on the unencrypted HTTP port port 80 and redirects all requests ...

Page 63: ...ws you to configure the upper USB device flash drive or modem plugged into the front panel USB connector The gray U2 button allows you to configure the lower USB device plugged into the front panel USB connector See Chapter 8 USB SD Card Port on page 146 The brown MD button allows you to configure the internal modem if an internal modem is installed The blue E1 and E2 buttons display the Network N...

Page 64: ... rights can log into the Web Manager More than one user at a time can log in but the same user cannot login more than once To log in to the SLC Web Manager 1 Open a web browser 2 In the URL field type https followed by the IP address of your SLC 8000 advanced console manager 3 To configure the SLC unit log in using sysadmin as the user name and the last 8 characters of the Device ID for newly manu...

Page 65: ...duced command set based on their permissions Logging In To log in to the SLC command line interface 1 Do one of the following With a serial terminal connection power up and when the command line displays press Enter If the SLC 8000 advanced console manager already has an IP address assigned previously or assigned by DHCP Telnet if Telnet has been enabled or SSH to xx xx xx xx the IP address in dot...

Page 66: ...about a specific command type help followed by the command For example help set network or help admin firmware Tips Type enough characters to identify the action category or parameter name uniquely For parameter values type the entire value For example you can shorten set network port 1 state static ipaddr 122 3 10 1 mask 255 255 0 0 to se net po 1 st static ip 122 3 10 1 ma 255 255 0 0 Use the Ta...

Page 67: ...he page press the space bar You can override the number of lines or disable the feature altogether with the set cli command General CLI Commands The following commands relate to the CLI itself To configure the current command line session set cli scscommands enable disable Allows you to use SCS compatible commands as shortcuts for executing commands Note Settings are retained between CLI sessions ...

Page 68: ... user show user Note For information about user rights see Chapter 12 User Authentication Table 5 4 CLI Keyboard Shortcuts Keyboard Shortcut Description Control a Move to the start of the line Control e Move to the end of the line Control b Move back to the start of the current word Control f Move forward to the end of the next word Control u Erase from cursor to the beginning of the line Control ...

Page 69: ... Requirements If you assign a different IP address from the current one it must be within a valid range and unique to your network If a valid gateway address has not been assigned the IP address must be on the same subnet as workstations connecting to the SLC 8000 over the network To configure the unit you need the following information Eth1 IP address ________ ________ ________ ________ Subnet ma...

Page 70: ...w Light Blinking indicates link activity A variety of SFP modules installed in the SLC SFP NIC board In the web UI port banner bar these are represented as and in a variety of colors Single mode 1000 BASE LX optical SFPs are shown in yellow as Multi mode 1000 BASE SX optical SFPs are shown as RJ45 1000 BASE T SFPs are shown in blue as A port with no SFP module is shown in white as F1 A port with a...

Page 71: ...etwork Settings 1 of 2 or the Network Network Settings 2 of 2 displays depending on your SLC 8000 model Figure 6 1 Network Network Settings 1 of 2 Note The SFP NIC Info Diagnostics link in the Network Network Settings 1 of 2 image above only appears in SLC units equipped with an SFP NIC board The SFP NIC Info Diagnostics link brings you to the Network Settings SFP NIC Information Diagnostics page ...

Page 72: ...6 Basic Parameters SLC 8000 Advanced Console Manager User Guide 72 Figure 6 2 Network Network Settings 2 of 2 ...

Page 73: ...p to Gateway Obtain from BOOTP Lets a network node request configuration information from a BOOTP server node If you select this option skip to Gateway Specify Lets you manually assign a static IP address generally provided by the system administrator IP Address if specifying Enter an IP address that will be unique and valid on your network There is no default Enter all IP addresses in dot quad no...

Page 74: ...C 2460 and the maximum size is 1500 bytes HW Address Displays the hardware address of the Ethernet port Multicast Displays the multicast address of the Ethernet port Enable IPv6 Select this box to enable the IPv6 protocol If changed the SLC unit will need to reboot Enabled by default IP Forwarding If enabled IP forwarding enables IPv4 network traffic received on one interface Eth1 Eth2 or an exter...

Page 75: ... for host name resolution within the SLC unit For example if abcd is specified for the SMTP server and mydomain com is specified for the domain if abcd cannot be resolved the SLC 8000 advanced console manager attempts to resolve abcd mydomain com for the SMTP server 1 3 Configure up to three name servers with an IPv4 or IPv6 address 1 is required if you choose to configure DNS Domain Name Server s...

Page 76: ...h2 are configured for DHCP the SLC unit gives precedence to the Eth1 gateway IPv6 Default Indicates the IP address of the IPv6 router for this network Fail over Gateway IP Address The fail over gateway is a backup default gateway used when it is determined through a fail over trigger that the primary default gateway is no longer a viable route A fail over event happens when a Ping device reachable...

Page 77: ...slog at the Debug level If there are errors retrieving status or updating the configuration check messages in the Network syslog the device administrator login password connectivity to the device and the firmware version of the fail over device the minimum required firmware version for HSPA is 8 1 0 0 and for Sierra Wireless ES450 it is 4 9 2 For the HSPA gateway if the firmware is updated and new...

Page 78: ...ox For the HSPA and Sierra gateways enable a lock so that the SIM card used by the gateway cannot be used by anyone who does not have the PIN Pin for SIM Card Retype For the HSPA and Sierra gateways the PIN number for the SIM card used by the gateway May have up to 8 characters SIM PUK Retype For the HSPA gateway the SIM Personal Unblocking Key May have up to 16 characters The Sierra gateway does ...

Page 79: ...dministrator uses the Network IP Filter page to view add edit delete and map IP filters Warning IP filters configuration is a feature for advanced users Adding and enabling IP filter sets incorrectly can disable access to your SLC unit Radio Firmware Filename Enter the name of the radio firmware filename exactly as it is represented Load Firmware via Select the method to load the firmware from the...

Page 80: ... if installed To map a ruleset to a network interface 1 Click the Network tab and select the IP Filter option The Network IP Filter page displays 2 Select the IP filter rule set to be mapped 3 From the Interface drop down list select the desired network interface and click the Map Ruleset button The Interface and rule set display in the IP Filter Mappings table To delete a mapping 1 Click the Netw...

Page 81: ...umber of data packets that the filter ignored did not respond to View only Packets Rejected Displays the number of data packets that the filter sent a rejected response to View only Test Timer Timer for testing IP Filter rulesets Select No to disable the timer Select Yes minutes 1 120 to enable the timer and enter the number of minutes the timer should run The timer automatically disables the IP F...

Page 82: ...rface See Mapping Rulesets on page 80 To add an IP filter 1 On the Network IP Filter page click the Add Ruleset button The following page displays Figure 6 5 Network IP Filter Ruleset Adding Editing Rulesets Rulesets can be added or updated on this page 2 Enter the following Ruleset Name Name that identifies a filter may be composed of letters numbers and hyphens only The name cannot start with a ...

Page 83: ... a single MAC address to act as a filter Example 10 7d 1a 33 5c e1 Protocol From the drop down list select the type of protocol through which the filter will operate The default setting is All Port Range Enter a range of destination TCP or UDP port numbers to be tested An entry is required for TCP TCP New TCP Established and UDP and is not allowed for other protocols Separate multiple ports with c...

Page 84: ...rk IP Filter page the administrator selects the IP filter ruleset to be deleted and clicks the Delete Ruleset button IP Filter Commands Go to IP Filter Commands to view CLI commands which correspond to the web page entries described above Routing The SLC 8000 advanced console manager allows you to define static routes and for networks using Routing Information Protocol RIP capable routes to enable...

Page 85: ...lable on the strongSwan Wiki NAT Traversal is handled automatically without any special configuration VPN related routes are installed in a separate table and can be viewed in the detailed VPN status or in the IP Routes table When a tunnel is up the amount of data passed through the tunnel can be viewed in the status with the bytes_i bytes input and bytes_o bytes output counters An example of the ...

Page 86: ... 188 32 10 3 0 0 24 10 81 101 0 24 10 81 102 0 24 10 81 103 0 24 The SLC loads a subset of the available strongSwan plugins If an option is given in a custom ipsec config file that requires a plugin that is not loaded by the SLC this may cause an error during tunnel negotiation The loaded plugins can be viewed in the VPN Status when the VPN tunnel is enabled Sample ipsec conf Files are provided fo...

Page 87: ...on the network configuration during both fail over and fail back VPN tunnels over an console manager Ethernet interfaces that is configured with an MTU less than 256 may experience issues traffic loss etc To set up a VPN connection 1 Click the Network tab and select the VPN option The following page displays ...

Page 88: ...6 Basic Parameters SLC 8000 Advanced Console Manager User Guide 88 Figure 6 7 Network VPN 1 of 2 ...

Page 89: ... will act as a responder or server If the console manager side of the tunnel is started after the remote peer the console manager will act as a initiator client and may not automatically reconnect when the remote peer disconnects and is brought back up Name The name assigned to the tunnel Required to create a tunnel Remote Peer The IP address or FQDN of the remote host s public network interface T...

Page 90: ...omatic keying during negotiation If the SLC initiates the connection setup the routing table will be queried to determine the correct local IP address In case the SLC is responding to a connection setup then any IP address that is assigned to a local interface will be accepted Local Id How the SLC unit should be identified for authentication The Id is used by the remote host to select the proper c...

Page 91: ...ly the accepted values are IKEv1 IKEv2 and Any Default is IKEv2 Any uses IKEv2 when initiating but will accept any protocol version while responding It is recommended that any IKE Encryption or ESP Encryption parameters that are selected be supported by the IKE Version that is used Refer to the list of IKEv1 and IKEv2 cipher suites for more information IKE Encryption The type of encryption 3DES AE...

Page 92: ...a matching proposal is found tunnel negotiation will proceed Below is an example of no matching proposal in the log messages charon 04 CFG received proposals ESP AES_CBC_128 HMAC_SHA2_256_128 ECP_256 NO_EXT_SEQ charon 04 CFG configured proposals ESP AES_CBC_128 AES_CBC_192 AES_CBC_256 HMAC_SHA2_256_128 HMAC_SHA2_384_192 HMAC_SHA2_512_256 HMAC_SHA1_96 AES_XCBC_96 NO_EXT_SE charon 04 IKE no matching...

Page 93: ...will be displayed and a tunnel will not be initiated It is possible to override this behavior but it is not recommended RSA Public Key for Remote Peer If RSA Public Key is selected for authentication the remote peer s public key can be uploaded or deleted If a public key has been uploaded this field will display key installed The peer RSA public key must be in Privacy Enhanced Mail PEM format e g ...

Page 94: ...ill disable PFS Using PFS introduces no significant performance overhead unless rekeying is done more than 80 IPsec SAs per second SA Lifetime How long a particular instance of a connection should last from successful negotiation to expiry in seconds Normally the connection is renegotiated via the keying channel before it expires The formula for how frequently rekeying renegotiation is done is rek...

Page 95: ...le to be able to push configuration information such as the private IP address a DNS server s IP address and so forth to the client This option defines which mode is used pull where the config is pulled from the peer the default or push where the config is pushed to the peer Push mode is not supported with IKEv2 Force Encapsulation In some cases for example when ESP packets are filtered or when a ...

Page 96: ...C Any authentication tokens pre shared keys RSA keys X 509 certificates required by the custom ipsec conf must be configured through the SLC UIs and must be configured or installed before a tunnel is brought up with an uploaded ipsec conf file When a tunnel is started with a custom ipsec conf file the authentication tokens required for the authby parameter are verified to exist before the tunnel i...

Page 97: ...ote access connection to a Cisco VPN server responder that uses XAUTH and MODECFG to authenticate and push dynamic IP addresses and DNS servers to a VPN client The use of aggressive mode requires that ike and esp algorithms be specified and exactly match what the Cisco server is expecting Console manager configuration The pre shared key and the XAUTH password need to be configured via the console ...

Page 98: ...ype tunnel Cisco configuration Note Main or aggressive mode is determined by the SLC side of the tunnel and does not require any change in the Cisco configuration interface GigabitEthernet0 0 nameif outside security level 0 ip address 192 168 1 130 255 255 255 0 interface GigabitEthernet0 3 nameif inside security level 100 ip address 192 168 3 130 255 255 255 0 object group network local network n...

Page 99: ...ipsec attributes ikev1 pre shared key Cisco ASA5525x Pre Shared Key IKEv2 This configuration is an example of a remote access connection to a Cisco ASA5525 VPN server responder The aggressive setting can be either yes or no the Cisco ASA will honor the peer configuration Console manager configuration The pre shared key needs to be configured via the console manager UI conn ASA5525 keyexchange ikev...

Page 100: ... network access list ASA SLC ACCESS extended permit ip object group local network object group remote network route outside 192 168 0 0 255 255 255 0 192 168 1 204 1 route inside 192 168 3 250 255 255 255 255 192 168 3 250 1 crypto ipsec ikev2 ipsec proposal IPSECv2 protocol esp encryption 3des protocol esp integrity sha 256 crypto ipsec security association pmtu aging infinite crypto map CM 20 ma...

Page 101: ...8 0 0 24 modeconfig pull right 192 168 1 102 rightsubnet 192 168 2 0 24 dpddelay 0 dpdtimeout 120 dpdaction restart auto start type tunnel Cisco configuration crypto ikev2 proposal PROP encryption aes cbc 128 integrity sha256 group 2 crypto ikev2 policy ikev2policy proposal PROP crypto ikev2 keyring KEYRING peer ALL address 0 0 0 0 0 0 0 0 pre shared key local cisco123 pre shared key remote cisco1...

Page 102: ...andard FIPS Federal Information Processing Standard 140 2 is a security standard developed by the United States federal government that defines rules regulations and standards for the use of encryption and cryptographic services The National Institute of Standards and Technology NIST maintains the documents related to FIPS at http csrc nist gov publications PubsFIPS html FIPS 140 2 defines four se...

Page 103: ...128 GCM SSH AEAD AES 256 GCM SSH AES128 CTR AES256 CTR AES192 CTR SSH Keys imported for use with SSH authentication must use a RSA public key of 1024 2048 or 3072 bits SSH Keys exported by the SLC must use a RSA public key of 2048 or 3072 bits When the SLC unit is running in FIPS mode the following protocols functions will not be supported NIS Kerberos RADIUS TACACS Telnet WebTelnet WebSSH IPSec V...

Page 104: ...2 Click Apply The SLC unit will need to be rebooted to initiate FIPS mode Once the SLC module is running in FIPS mode the Security page will display all processes that are running in FIPS mode To disable FIPS 1 Uncheck the Enable FIPS Mode check box on the Networks Security page 2 Click Apply The SLC unit will need to be rebooted for this change to take effect When rebooted after disabling FIPS mo...

Page 105: ...for external USB thumb drive or SD 200 operations can be stored per probe Responders The SLC can act as a responder for probes that require a responder to answer packets that are sent from the SLC UDP jitter UDP jitter VoIP UDP Echo and TCP Connect The SLC UDP jitter responder can support packet responses for up to 15 UDP jitter or UDP jitter VoIP probes The UDP Echo and TCP Connect can support pa...

Page 106: ...nce probes have been run and operation set files have been generated changing the repository will cause all of the existing files to be moved from the old repository directory to the new repository directory It is recommended that the repository only be changed when probes are not actively running If external storage is used for the repository it is recommended that the external storage device not...

Page 107: ...or the selected probe State Restart Allows the state of a probe to be controlled the user can Restart a completed or running probe When a probe is added it will automatically start running depending on how the probe start time is configured Once a probe has run all of its configured operations it will be in the Complete state If the SLC is rebooted all probes will automatically be restarted Edit P...

Page 108: ...obe To add a new probe or edit an existing probe 1 Click the Network tab and select the Perf Monitoring option The Network Perf Monitoring page displays 2 To add a new probe in the lower section of the page select the Add Probe link To edit an existing probe select a probe by clicking the radio button to the right in the probe s row then select the Edit Probe button In both cases the following pag...

Page 109: ...ets to send for each probe For DNS Lookup probes this is the number of lookups to perform For HTTP Get probes this is the number of HTTP Gets to perform For TCP Connect probes this is the number of TCP connections to perform The valid range is 1 1000 for the Local repository and 1 2000 for a USB or SD card repository The default is 10 packets Interval between Packets Interval between packets in mi...

Page 110: ...o a default payload size will be used for the probes as follows ICMP Echo 56 bytes UDP Jitter VoIP G 729A 32 bytes UDP Jitter all others 64 bytes TCP Connect and UDP Echo 256 bytes Verify Data If enabled indicates that the SLC should verify if there is data corruption in the reply packets This parameter is only supported for ICMP Echo UDP Echo UDP Jitter and UDP Jitter VoIP probes Timeout How long...

Page 111: ...peration udpjitter_170628_002049 dat Pkt Time Src To Dst Time Dst To Src Time Result 1 17 06 28 00 20 49 621 31029 usec 44191 usec OK 2 17 06 28 00 20 49 717 35409 usec 44170 usec OK 3 17 06 28 00 20 49 808 35558 usec 34120 usec OK 4 17 06 28 00 20 49 898 25500 usec 34175 usec OK 5 17 06 28 00 20 49 988 35210 usec 34196 usec OK 6 17 06 28 00 20 50 079 25517 usec 34177 usec OK 7 17 06 28 00 20 50 1...

Page 112: ...e Min Avg Max 1 7 20 msec Positive Number Of Sum of All Sum of All Squared 13 100 1090 msec Negative Min Avg Max 1 5 20 msec Negative Number Of Sum of All Sum of All Squared 17 96 1018 msec Jitter Destination to Source Number of Samples 49 Positive and Negative Min Avg Max 10 3 20 msec Positive Min Avg Max 10 12 20 msec Positive Number Of Sum of All Sum of All Squared 7 90 1300 msec Negative Min A...

Page 113: ...er it timed out a corrupted packet was received and was not detected Verify Data Error A response was received for a packet with payload data that does not match the expected data DNS Server Timeout A DNS lookup could not be completed because the SLC could not connect to the DNS name server DNS Lookup Error A DNS lookup failed the requested hostname could not be resolved This is not considered a p...

Page 114: ...sh Refreshes the information on the Performance Monitoring Operations page RTT Results Displays the round trip time RTT results for the selected operation in a separate window The results show the time that the packet was sent the total round trip time for non jitter probes or the source to destination time and destination to source time for jitter probes and the status for the packet OK successfu...

Page 115: ...N List You may add up to 15 hosts To edit a Host entry select the radio button next to the host in the Hosts FQDN List change the IP address or FQDN fields as desired and click Add Edit Hosts To delete a Host select the radio button next to the host in the Hosts FQDN List and click Delete Host 3 Click Apply ...

Page 116: ...rivate enterprise MIB provides read only access to all statistics and configurable items provided by the SLC unit It provides read write access to a select set of functions for controlling the SLC 8000 advanced console manager and device ports See the MIB definition file for details Identify a Simple Mail Transfer Protocol SMTP server Enable or disable SSH and Telnet logins Configure an audit log ...

Page 117: ...r User Guide 117 SSH Telnet Logging To configure SSH Telnet and Logging settings 1 Click the Services tab and select the SSH Telnet Logging option The following page displays Figure 7 1 Services SSH Telnet Logging 2 Enter the following settings ...

Page 118: ... Note If the SLC is unable resolve the Remote Server hostnames or contact the Remote Servers to send syslog messages the syslog messages that cannot be sent to a Remote Server may appear on the SLC console port RPM Log Size The maximum size in Kbytes that RPM logs can grow to before they are pruned When the file is pruned it will be pruned to 50 of the RPM Log Size Other Log Size The maximum size ...

Page 119: ... disables support for DSA keys for incoming and outgoing connections for the SLC unit Any imported or exported DSA keys will be retained but will not be visible on the web or the CLI Enabled by default Use only SHA2 and Higher Enables or disables support for only SHA2 and higher ciphers for incoming connections for the SLC unit Disabled by default Enabling this option will also disable MACs with t...

Page 120: ...e default value is Esc T escape key then uppercase T performed quickly but not simultaneously You would specify this value as x1bT which is hexadecimal x character 27 1B followed by a T A control character can be specified with the hexadecimal number for the control character for example Control E can be specified as x05 Note that some browsers do not report key press events if Control is pressed ...

Page 121: ... device ports See the MIB definition file for details The SLC MIB definition file and the top level MIB file for all Lantronix products is accessible from the SNMP web page 1 Click the Services tab and select the SNMP option The following page displays Figure 7 2 Services SNMP ...

Page 122: ...a 1 3 6 1 4 1 244 1 1 0 5 slcEventDevicePortSLMConfig 1 3 6 1 4 1 244 1 1 0 6 slcEventDevicePortDeviceLowTemp 1 3 6 1 4 1 244 1 1 0 7 slcEventDevicePortDeviceHighTemp 1 3 6 1 4 1 244 1 1 0 8 slcEventDevicePortDeviceLowHumidity 1 3 6 1 4 1 244 1 1 0 9 slcEventDevicePortDeviceHighHumidity 1 3 6 1 4 1 244 1 1 0 10 slcEventDevicePortDeviceError 1 3 6 1 4 1 244 1 1 0 11 slcEventUSBAction 1 3 6 1 4 1 24...

Page 123: ...for SNMP v1 and v2c The default is public Read Write A string that acts like a password for an SNMP manager to access the read only data from the SLC unit SNMP like a password for an SNMP manager to access the read only data the SLC SNMP agent provides and to modify data where permitted The Read Write Community is used for SNMP v1 and v2c The default is private Trap The trap used for outgoing gene...

Page 124: ...he share allows users to access the contents of the directory or map the directory onto a Windows computer Passphrase Retype Passphrase Passphrase associated with the password for a user with read only authority Up to 20 characters If this is not specified it will default to the v3 Read Only Password User Name SNMP v3 is secure and requires user based authorization to access SLC MIB objects Enter ...

Page 125: ...h Local Directory The local directory on the SLC 8000 advanced console manager on which to mount the remote directory The SLC unit creates the local directory automatically Read Write If enabled indicates that the SLC 8000 advanced console manager can write files to the remote directory If you plan to log port data or save configurations to this directory you must enable this option Mount Select t...

Page 126: ...vanced console manager to export an SMB CIFS share called public Disabled by default Network Interfaces Select the network ports from which the share can be seen The default is for the share to be visible on both network ports CIFS User Password Retype Password Only one user special username cifsuser can access the CIFS share Enter the CIFS user password in both password fields The default user pa...

Page 127: ...local subnet Note Status and statistics shown on the web interface represent a snapshot in time To see the most recent data reload the web page To access SLC and SLB console managers and Lantronix Spider devices on the local network 1 Click the Services tab and select the Secure Lantronix Network option The following page displays Figure 7 4 Services Secure Lantronix Network 2 Access your device o...

Page 128: ...H or Telnet popup window for Java appears see Figure 7 6 before login Click OK to dismiss this popup window and continue on to the login For SLC console managers with 7 3 0 0 firmware releases and later the SSH or Telnet popup window is bypassed and you are brought directly to the login in a non Java based browser window see Figure 7 7 For tips on troubleshooting browser issues for the non Java ba...

Page 129: ...abled port numbers are in bright green boxes and will allow you to select either a WebSSH or a WebTelnet session If enabled an SSH or Telnet popup window appears depending on what is clicked For SLC console managers with 7 2 0 0 firmware releases and earlier an SSH or Telnet popup window for Java appears see Figure 7 6 before login Click OK to dismiss this popup window and continue on to the login...

Page 130: ...se at http ltxfaq custhelp com app answers list to research any browser errors To configure how secure Lantronix devices are searched for on the network 1 Click the Search Options link on the top right of the Services Secure Lantronix Network page The following web page displays Figure 7 9 Services Secure Lantronix Network Search Options 2 Enter the following Secure Lantronix Network Search Select...

Page 131: ...b SSH or Web Telnet requests are sent For example if a unit is configured with a SSL certificate for the name SLCXYZ lantronix com and the unit website is being accessed in a browser with https SLCXYZ lantronix com the unit needs to be configured with a name server that will allow the unit to perform a reverse lookup on the IP address associated with SLCXYZ lantronix com Failure to perform a rever...

Page 132: ...ose Close the Internet Options dialog with either OK or Cancel Refresh the Internet Explorer web page with the SLC website When the message There is a problem with this website s security certificate choose Continue to this website not recommended Click on the red Certificate Error at the right of the URL address bar and select View certificates In the dialog that displays click on Install Certifi...

Page 133: ...o use NTP to synchronize with other NTP devices on your network Note that changing the date time and or timezone or enabling NTP may affect the user s ability to login to the web if this happens use the CLI admin web restart command to restart the web server The CLI show ntp command will display the current NTP status if NTP is enabled The column headings are as follows the host names or addresses...

Page 134: ...ly enter the date and time at the SLC location Date From the drop down lists select the current month day and year Time From the drop down lists select the current hour and minute Time Zone From the drop down list select the appropriate time zone For information on each timezone see http en wikipedia org wiki List_of_tz_database_time_zones Enable NTP Select the checkbox to enable NTP synchronizati...

Page 135: ...nit to accept time information periodically transmitted by the NTP server This is the default if you enable NTP Poll NTP Server Enables the SLC 8000 advanced console manager to query the NTP Server for the correct time If you select this option complete one of the following Local Select this option if the NTP servers are on a local network and enter the IPv4 or IPv6 address of up to three NTP serv...

Page 136: ...he CLI or by asking your system administrator to terminate your active web session To view or terminate current web sessions click the Web Sessions link See Services SSL Certificate To view import or reset the SSL Certificate click the SSL Certificate link See Services SSL Certificate Enable TLS v1 0 Protocol By default the web supports the TLS v1 0 protocol Uncheck this to disable the TLS v1 0 pr...

Page 137: ... SHA2 and higher ciphers Changing this option requires a reboot or restarting the web server with the CLI command admin web restart for the change to take effect Group Access Specify one or more groups to allow access to the Web Manager user interface If undefined any group can access the web If one or more groups are specified groups are delimited by the characters comma or semicolon then any use...

Page 138: ...Unselected by default Root Filename Filename of the imported root or intermediate Certificate Authority If HTTPS is selected as the method for import the Upload File link will be selectable to upload a Certificate authority Import SSL Certificate To import your own SSL Certificate select the checkbox Unselected by default Import via From the drop down list select the method of importing the certif...

Page 139: ...es specific to your site select the checkbox The SHA256 hashing algorithm will be used to generate the certificate Unselected by default Number of Bits The number of bits to use when generating the certificate 2048 3072 or 4096 Number of Days The number of days that the certificate can be used before it expires up to 7500 days Country Name The two letter country code for the custom certificate e g...

Page 140: ...loud server or on premise server sending status updates responding to commands sent by the server An SLC device requires a unique Device ID to communicate with the ConsoleFlow portal The ID is viewable in the ConsoleFlow settings If a device is not already pre configured with the ID the ID must be provisioned using Lantronix Provisioning Manager LPM See the Provisioning Manager User Guide at https...

Page 141: ...nges to device attributes at the interval defined by Interval between Status Updates Each time a status update is published Status of Client will display Status with the date and time the status was sent The client also accepts command messages from the ConsoleFlow server to perform actions such as reboot or shutdown Each time a message is received Status of Client will display Message received wi...

Page 142: ...anaged Device will be set to Connected if no response is received the Managed Device status will be set to Disconnected This feature is disabled by default for all device ports and can be enabled for individual device ports via the CLI the frequency that the newline character is sent can be configured Digital probes that are enabled will only run while the ConsoleFlow client is running If a digita...

Page 143: ...with the Registration Host If this is successful the client will attempt to establish a connection with the Messaging Host The General log see SSH Telnet Logging on page 117 will contain messages about connections made to the Registration Host and Messaging Host Status of Client displays the last time of actions performed by the client Note that when the client is disabled it may take as long as 3...

Page 144: ...fault Connect to Cloud If enabled the SLC ConsoleFlow client uses Cloud server settings for registration Otherwise it uses On Premise server settings Enabled by default i e By default ConsoleFlow Active connection is to Cloud Device Name The device name displayed in the ConsoleFlow server UI Valid characters are alphanumeric characters dash and underscore _ The default is the device type SLC with ...

Page 145: ...ation Host a certificate authority will be used to validate the HTTPS certificates used for TLS Enabled by default Remote Access CLI Timeout Remote Access CLI Connection will be idle timed out after a specified number of seconds as defined in the Seconds field to the right Enter a value from 1 to 1800 seconds The default is 600 seconds Remote Access Device Port Timeout Remote Access Device Port Co...

Page 146: ...rage in the SLC 8000 advanced console manager 1 Insert any of the supported storage devices into the USB port or the SD card slot on the front of the SLC unit You can do this before or after powering up the SLC 8000 advanced console manager If the first partition on the storage device is formatted with a file system supported by the SLC unit ext2 FAT16 and FAT32 the card mounts automatically 2 Log...

Page 147: ...d storage port from the USB Ports SD Card table 1 Click the radio button on the far right of a USB or SD card device storage port 2 Click Configure Figure 8 2 shows the page that displays if a USB storage device is inserted Figure 8 3 shows the page that displays if an SD Card is inserted Figure 8 2 Devices SD Card Configure ...

Page 148: ...d Once mounted a USB thumb drive or SD card is used for firmware updates device port logging and saving restoring configurations Unmount To eject the USB thumb drive or SD card from the SLC unit first unmount the thumb drive or SD card Select the checkbox to unmount it Warning If you eject a thumb drive or SD card from the SLC unit without unmounting it subsequent mounts of a USB thumb drive or SD...

Page 149: ...8 USB SD Card Port SLC 8000 Advanced Console Manager User Guide 149 Figure 8 4 Devices USB Modem ...

Page 150: ... bits The default is 1 Flow Control A method of preventing buffer overflow and loss of data The available methods include none xon xoff software and rts cts hardware The default is none State Indicates whether an external modem is attached to the device port If enabling set the modem to dial out dial in dial back dial on demand dial in host list or dial in dial on demand CBCP Server and CBCP Clien...

Page 151: ...elect to enable the SLC unit to log caller IDs on incoming calls Disabled by default Note For the Caller ID AT command refer to the modem user guide Modem Command Modem AT command used to initiate caller ID logging by the modem Note For the AT command refer to the modem user guide Dial back Number Users with dial back access can dial into the SLC 8000 advanced console manager and enter their login...

Page 152: ...P Handshake For DOD Authentication enter the Host User Name for UNIX systems or Secret User Password for Windows systems used for CHAP authentication May have up to 128 characters Enable NAT Select to enable Network Address Translation NAT for dial in and dial out PPP connections on a per modem device port or USB port basis Users dialing into the SLC access the network connected to Eth1 and or Eth...

Page 153: ...The default is None Telnet Port Telnet Port Telnet session port number to use if you selected Telnet Defaults USB Port U1 2049 USB Port U2 2050 Range 1025 65535 SSH Port The SSH session port number to use if you selected SSH Defaults USB Port U1 3049 USB Port U2 3050 Range 1025 65535 TCP Port The TCP raw session port number to use if you selected TCP Defaults USB Port U1 4049 USB Port U2 4050 Rang...

Page 154: ... click the Download File button Select the file from the list 4 To rename a file click the check box next to the filename and enter a new name in the New File Name field 5 Click Rename File USB Commands Go to USB Access Commands USB Device Commands USB Storage Commands and USB Modem Commands to view CLI commands which correspond to the web page entries described above SD Card Commands Go to SD Car...

Page 155: ... device port establish a raw TCP connection to Eth1 IP address tcp port number or Eth2 IP address tcp port number where tcp port number is uniquely assigned for each device port 5 If a device port has an IP address assigned to it you can Telnet SSH or establish a raw TCP connection to the IP address For Telnet and SSH use the default TCP port number 23 and 22 respectively to connect to the device ...

Page 156: ...dules in Bay 2 and Bay 3 or by swapping an 8 port I O module in Bay 1 for a 16 port module The configurations listed above are the only valid configurations if any other configuration is detected at boot the SLC unit will still boot disable use of the device ports and provide indications in the boot messages in the CLI and in the web that the I O configuration is invalid When an invalid configurat...

Page 157: ...er User Guide 157 Device Status The Devices Device Status page displays the status of the SLC ports USB ports and SD card ports 1 Click the Devices tab and select the Device Status option The following page displays Figure 9 2 Devices Device Status ...

Page 158: ... TCP ports display on the left The list of ports 1 16 on the right includes the individual ports and their current mode Note For units with more ports click the buttons above the table to view additional ports Icons that represent some of the possible modes include Idle The port is not in use The port is in data text mode Note You may set up ports to allow Telnet access using the IP Setting per De...

Page 159: ...5 65528 that represents the first port The default is 2000 plus the port number For example if you enter 2001 port 1 will be 2001 and subsequent 2000 ports are automatically assigned numbers 2001 2002 and so on Starting SSH Port Each port is assigned a number for connecting via SSH Enter a number 1025 65528 that represents the first port The default is 3000 plus the port number For example if you ...

Page 160: ...ons Dashboard Make sure the Configuration radio button directly beneath the Dashboard is selected and click the desired port number in the Dashboard The Dashboard is located on the upper right corner of each Web Manager page see Chapter 5 Web Page Layout Device Ports Page Click the Devices tab then click the Device Ports link Select the port you want to configure and then click the Configure butto...

Page 161: ...9 Device Ports SLC 8000 Advanced Console Manager User Guide 161 The following page displays Figure 9 4 Device Ports Settings 1 of 2 ...

Page 162: ...g or powering devices Overcurrent conditions may disrupt operations Name The name of the port Valid characters are letters numbers dashes periods and underscores _ Detect Port Name If enabled the SLC will attempt to detect the hostname of the device connected to the device port and set the device port name to the detected hostname Many devices use their hostname or another identifier as the device...

Page 163: ...n connecting to a device port that indicates how many users are currently connected to the device port Disabled by default Idle Timeout Msg If enabled a message will be displayed to a user when their connection to a device port will be terminated soon due to the connection being idle Disabled by default Note When the Idle Timeout Msg is enabled the terminal application timeout values for Telnet SS...

Page 164: ...P in Enables access to this port through a raw TCP connection Disabled by default Note When using raw TCP connections to transmit binary data or where the break command escape sequence is not required set the Break Sequence of the respective device port to null clear it Port Automatically assigned Telnet SSH and TCP port numbers You may override this value if desired The value must be unique on th...

Page 165: ...sessions e g logout or exit The string may contain multiple commands separated by a newline n character This is a security mechanism used to close sessions that are inadvertently left open by users Baud The speed with which the device port exchanges data with the attached serial device From the drop down list select the baud rate Most devices use 9600 for the administration port so the device port...

Page 166: ...erver was left in USB Channel Applies to USB device ports only When a dual channel USB device is connected to the device port this allows the user to select which of the channels is the active channel used for all connections Only one channel can be active at any time Enter the number 1 or 2 The default is 1 Check DSR on Connect If this setting is enabled the device port only establishes a connect...

Page 167: ...lt Note Applies to serial RJ45 device ports only All Lantronix serial adapters are intended to be used with Reverse Pinout disabled If you are replacing an original SLC unit with an SLC 8000 advanced console manager disable the reverse pinout so you can use the original cables and adapters USB VBUS For USB Device Ports only If enabled the USB VBUS signal provides power to the USB device attached t...

Page 168: ... to the modem user guide Modem Command Modem AT command used to initiate caller ID logging by the modem Note For the AT command refer to the modem user guide Dial Back Number Users with dial back access can dial into the SLC device and enter their login and password Once the SLC 8000 advanced console manager authenticates them the modem hangs up and dials them back Select the phone number the mode...

Page 169: ...ith PAP users are authenticated by means of the Local Users and any of the remote authentication methods that are enabled With CHAP the DOD CHAP Handshake fields authenticate the user DOD CHAP Handshake For DOD Authentication enter the Host User Name for UNIX systems or Secret User Password for Windows systems used for CHAP authentication May have up to 128 characters Enable NAT Select to enable N...

Page 170: ...he system automatically updates these values To reset them to zeros select the Zero port counters checkbox in the IP Settings section of the page Note Status and statistics shown on the web interface represent a snapshot in time To see the most recent data you must reload the web page Status may display N A if SLC is unable to dynamically determine the connected inserted device Device Ports Power ...

Page 171: ...configured while connected to a device port by entering the Power Management Sequence This will display the Power Management and Baud Rate menu which provides an option to set the Baud Rate To configure power management settings for a device port 1 Connect to a specific port on the Devices Device Ports page according to instructions in To open the Device Ports Settings page on page 160 2 Click the...

Page 172: ...connected to the device port The default value is Esc P escape key then uppercase P This value is specified as x1bP which is hexidecimal x character 27 1B followed by a P See Key Sequences on page 230 for notes on key sequence precedence and behavior RPM For each managed power supply select a RPM most likely a PDU which has outlets that can be individually controlled and which provides power to th...

Page 173: ...list and click the Select Outlet button The managed power supply outlet number will be filled in as well as the managed power supply outlet name if a name is listed for the outlet and one has not already been defined for the managed power supply A unique name for the managed power supply name is required this is what will be displayed on the Power Management menu Name For each managed power supply...

Page 174: ...9 Device Ports SLC 8000 Advanced Console Manager User Guide 174 Figure 9 8 Device Ports RPMs Add Device ...

Page 175: ...rap High Temp Enter the temperature degrees Celsius permitted on the monitored device above which the SLC unit sends a trap Use F Display and set the temperature for this device in degrees Fahrenheit instead of Celsius which is the default Humidity Current relative humidity on the device the sensor is monitoring Low Humidity Enter the relative humidity permitted on the device the sensor is monitor...

Page 176: ...Port Once a device port has been configured and connected to an external device such as the console port of an external server the data received over the device port can be monitored at the command line interface with the connect listen command as follows To connect to a device port to monitor it connect listen deviceport Port or Name In addition you can send data out the device port for example c...

Page 177: ...ble more than one type of logging local NFS file token and data detection SD card or USB port at a time The buffer containing device port data is cleared when any type of logging is enabled Local Logging If local logging is enabled each device port stores 256 Kbytes approximately 400 screens of I O data in a true FIFO buffer You may view this data in ASCII format at the CLI with the show locallog ...

Page 178: ...ng convention is Device Port Number _ Device Port Name _ File number log Examples 02_Port 2_1 log 02_Port 2_2 log 02_Port 2_3 log 02_Port 2_4 log 02_Port 2_5 log Token Data Detection The system administrator can configure the device log to detect when a user defined string or number of characters is received from the device and automatically perform one or more actions send a message to the system...

Page 179: ...th a set of actions that can be enabled if a data trigger occurs The default is disabled Trigger on Select the method of triggering an action Data Byte Count A specific number of bytes of data This is the default Token Character String A specific pattern of characters which you can define by a regular expression Note Token Character String recognition may negatively impact the SLC unit s performan...

Page 180: ...he state of one or more of the device port power supplies can be changed Email to The email address of the message recipient s for an email alert To enter more than one email address separate the addresses with a single space You can enter a total of 128 characters Email Subject A subject text appropriate for your site May have up to 128 characters The email subject line is pre defined for each po...

Page 181: ...nsole manager Specify the local directory path for the NFS mount Max Number of Files The maximum number of files to create to contain log data to the port These files keep a history of the data received from the port Once this limit is exceeded the oldest file is overwritten The default is 10 Max Size of Files The maximum allowable file size in bytes The default is 2048 bytes Once the maximum size...

Page 182: ...ngs if desired To set console port parameters 1 Click the Devices tab and select Console Port The following page displays Figure 9 12 Devices Console Port 2 Change the following as desired Baud The speed with which the device port exchanges data with the attached serial device From the drop down list select the baud rate Most devices use 9600 for the administration port so the console port default...

Page 183: ...orage in the SLC 8000 advanced console manager 1 Insert an internal modem into the SLC unit according to the instructions in Modem Installation on page 43 Parity Parity checking is a rudimentary method of detecting simple single bit errors From the drop down list select the parity The default is none Flow Control A method of preventing buffer overflow and loss of data The available methods include...

Page 184: ...odem will appear in the Sample Dashboards in the upper right hand corner once the SLC unit reboots 2 Reboot the SLC 8000 advanced console manager 3 Log into the SLC unit and click Devices 4 Click Internal Modem Figure 9 13 shows the page that displays Figure 9 13 Devices Internal Modem ...

Page 185: ...e Filter Id attribute that overrides the group defined for a user on the SLC unit A group provided by a remote server must be either a single group or multiple groups delimited by the characters comma semicolon or equals for example group group1 group2 or group1 group2 group3 Initialization Script Commands sent to configure the modem may have up to 100 characters Consult your modem s documentation...

Page 186: ...and Remote IP IP address of the modem Authentication Enables PAP or CHAP authentication for modem logins PAP is the default With PAP users are authenticated by means of the Local Users and any of the remote authentication methods that are enabled With CHAP the CHAP Handshake fields authenticate the user CHAP Handshake The Host User Name for UNIX systems or Secret User Password for Windows systems ...

Page 187: ...nary Starting Zmodem send of 117K file update bin Sending update bin Bytes Sent 117988 BPS 919 Transfer complete An example of receiving the same file with Zmodem from device port 4 using the CLI slc431d se xmodem receive 4 protocol zmodem xfer binary Starting Zmodem receive of file specified by protocol Receiving update bin 0 Bytes received 117988 117988 BPS 937 Transfer complete Note When perfor...

Page 188: ...ht of the file in the Xmodem Files Repository list enter the new file name in the New File Name field and click the Rename File button 4 To delete a file select the box to the right of the file in the Xmodem Files Repository list and click the Delete button 5 To send a file select the box to the right of the file in the Xmodem Files Repository list and complete the following fields 6 Click the Sen...

Page 189: ...e receive If a file with the same name already exists in the repository and Receive Overwrite is not enabled the transfer will abort without overwriting the existing file Protocol Select whether to use the Xmodem Ymodem or Zmodem protocol Xmodem is a very rudimentary protocol that sends files in 128 byte blocks padding the resulting file if necessary Ymodem and Zmodem expand upon Xmodem by includi...

Page 190: ...ge displays Figure 9 14 Devices Host Lists 2 Enter the following Note To clear fields in the lower part of the page click the Clear Host List button 3 You have the following options To save the host list without adding hosts at this time click the Add Host List button To add hosts enter the following Host List Id Displays after a host list is saved Host List Name Enter a name for the host list Ret...

Page 191: ...ed Telnet and SSH use their default escape character For Telnet the escape character is either a single character or a two character sequence consisting of followed by one character If the second character is the DEL character is selected Otherwise the second character is converted to a control character and used as the escape character For SSH the escape character is a single character Note When ...

Page 192: ...ost Parameters Host List Id Displays after a host list is saved Host List Name Enter a name for the host list Retry Count Enter the number of times the SLC 8000 advanced console manager should attempt to retry connecting to the host list Authentication Select to require authentication when the SLC unit connects to a host Host Name or IP address of the host Protocol Protocol for connecting to the h...

Page 193: ...ts are Expect Tcl or Python scripts which use most of the Expect Tcl Python scripting language can be run against the CLI or a Device Port and can be scheduled to run at periodic intervals with the results from each run saved to a file in a repository Up to 10 Custom Scripts can be created Each Custom Script run is an operation and the results from each operation can be viewed Up to 50 script resu...

Page 194: ... scripts have permissions associated with them a user who runs a script must have the permissions associated with the script in order to run the script To add a script 1 Click the Devices tab and select the Scripts option This page displays Figure 9 16 Devices Scripts ...

Page 195: ...ced Console Manager User Guide 195 2 Click the Add Script button The page for editing script attributes displays Figure 9 17 Adding or Editing New Scripts 3 Enter the following Scripts Script Name A unique identifier for the script ...

Page 196: ...the CLI below Full Administrative Right to add update and delete all editable fields Networking Right to enter Network settings Services Right to enable and disable system logging SSH and Telnet logins SNMP and SMTP Secure Lantronix Network Right to view and manage secure Lantronix units e g Spider or SLC devices on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to...

Page 197: ...e the script attributes see To add a script above 3 To save click the Apply button To rename a script 1 In the Scripts table select the script and enter a new script name in the New Name field 2 Click the Rename Script button The script will be renamed and the Devices Scripts page redisplays To delete a script 1 In the Scripts table select the script to delete 2 Click the Delete Script button Afte...

Page 198: ... device either the CLI or a Device Port that the script is connected to State The state of the script s schedule A script must be Enabled in order for the script scheduler to begin running the schedule Once a script has been scheduled and enabled it can be Disabled in this state the script manager will continue to update the scheduled run time for a script but the script will not be run or produce...

Page 199: ... to view operations for and click Script Operations 2 The Custom Scripts Operations page displays with a list of any results that have been generated for a script in reverse date time order Any of the results can be viewed by selecting the operation and clicking Script Results To delete the completed operations runs for a custom script 1 In the Scripts table select the script to view operations fo...

Page 200: ... of seconds Syntax sleep value The while command allows a loop containing CLI commands to be executed Syntax while Boolean expression CLI command 1 CLI command 2 CLI command n Note The closing left brace must be on a line without any other characters To support a while command the set command variables and secondary commands are also supported Interface Script Syntax This section describes the abb...

Page 201: ... may include any characters including space characters If a double quote character is to be included in a quoted string it must be preceded escaped by a backslash character Variable Reference A word as defined above preceded by a dollar sign character CLI Command A quoted string containing a valid CLI show command Arithmetic Operator A single character representing a simple arithmetic operation Th...

Page 202: ...ds Syntax sleep value where value can be a word a quoted string or a variable reference exec The exec command executes a single CLI command Currently only CLI show commands may be executed via exec Syntax exec CLI command send send_user The send command sends output to a sub process The send_user command sends output to the standard output Both commands have the same syntax send string send_user s...

Page 203: ... 1 str 2 Determine if two strings are equal string first str needle str haystack Find and return the index of the first occurrence of str_needle in str_haystack string last str needle str haystack Find and return the index of the last occurrence of str_needle in str_haystack string length str Return the length of str string index str int Return the character located at position int in str string r...

Page 204: ...ill only be used in combination with the set command to produce the value for a variable Syntax timestamp format where format is a quoted string format The format command is analogous to the C language sprintf The format command will only be used in combination with the set command to produce the value for a variable Syntax format format string value 1 value 2 value n where format string will be a...

Page 205: ...pe Expect Tcl or Python otherwise the script will be invalid 4 The script should include a spawn command to connect the script to either a SLC CLI session or a SLC Device Port session Refer to the following spawn command syntax if elseif and else The if command executes an associated block of commands if its Boolean expression evaluates to TRUE Each command within the block must be a Primary comma...

Page 206: ... scripts that spawn clisession only be used with the set script runcli command and not the connect script command and that scripts that spawn portsession only be used with the connect script command and not the set script runcli command 6 The script cannot contain commands which spawn or fork other commands read or write files on the SLC filesystem or interrogate the SLC filesystem The list of com...

Page 207: ...expect timeout send_user Time out waiting for prompt r n return prompt Already Logged in got Command Prompt prompt send_user Already Logged r n Get hostname info send show network port 1 host r expect timeout send_user Time out Getting Hostname 1 r n return Domain Get Hostname from SLC set hostname string range expect_out buffer string first Hostname expect_out buffer expr string first Domain expe...

Page 208: ...d Port Port 7 Monitor Interval Time 5 Seconds Current Time 21 16 43 show portcounter deviceport 7 n show portcounter deviceport 7 Device Port 7 Seconds since zeroed 1453619 Bytes input 0 Bytes output 0 Framing errors 0 Flow control errors 0 Overrun errors 0 Parity errors 0 SLC251glenn Current Time 21 16 58 show portcounter deviceport 7 show portcounter deviceport 7 Device Port 7 Seconds since zero...

Page 209: ...do monport Adm none ___Batch Scripts__________Group Permissions_____________________________ cli Adm ad nt sv dt lu ra um dp pc rs fc dr sn wb sk po do rp slc247glenn slc247glenn connect script monport deviceport 7 login Logging in sysadmin sysadmin Password PASS Welcome to the Secure Lantronix Console Manager Model Number SLC 48 For a list of commands type help SLC251glenn show network port 1 hos...

Page 210: ...___Group Permissions_____________________________ test1 Adm ad nt sv dt lu ra um dp ub rs fc dr rp sn wb sk po do slcvz249_glenn Expect Custom Script SLC CLI Session An example of an ExpectCustom Script that interacts with a SLC CLI session expect script to get the current internal temperature of the SLC accepts one optional command line parameter for location set slcPrompt set slcTemp unknown set...

Page 211: ...me myprint Need to specify U abortSession 4 set loggedIn true exp_send n expect timeout myprint Timeout waiting for CLI prompt abortSession 3 re n r r set slcPrompt expect_out 1 string Run the temperature command exp_send show temperature n expect timeout myprint Timeout waiting for temperature abortSession 3 re Current Internal Temperature r n set slcTemp expect_out 1 string myprint Temperature s...

Page 212: ... err send_user Error err Terminating session n exit err set now clock seconds set date clock format now format D R myprint Load of ServerTech PDU outlet B1 at date spawn the port session on a device port if catch spawn noecho portsession p devicePort result abortSession 1 set sessionId spawn_id Handle eof expect_after i sessionId eof myprint Session unexpectedly terminated abortSession 2 set timeo...

Page 213: ...t expect_out 1 string Run the ostat command exp_send ostat b1 n expect Outlet Power r n expect ID Watts r n expect timeout myprint Timeout waiting for load abortSession 3 re B1 s S s S s S set pduLoad expect_out 1 string myprint Outlet B1 Load pduLoad Amps expect pduPrompt exp_send logout n sleep 5 close exit 0 Expect Custom Script SLC Device Port Session An example of an Expect Custom Script that...

Page 214: ...conds set date clock format now format D R myprint Backing up Cisco Server to tftp configFile at date spawn the port session on a device port if catch spawn noecho portsession p devicePort result abortSession 2 set sessionId spawn_id Handle eof expect_after i sessionId eof myprint Session unexpectedly terminated abortSession 3 log_user 0 Send carriage return see if we are connected set loggedIn fa...

Page 215: ...ut waiting for backup to complete abortSession 6 send exit r sleep 5 close exit 0 Python Custom Script SLC CLI Session An example of a Python Custom Script that interacts with a CLI session python Script to set the RADIUS authentication settings of the SLC Sets the first RADIUS server and secret and enables RADIUS Note passing secret as a command line parameter is a security vulnerability Usage sc...

Page 216: ... wait sys exit 1 Run the RADIUS command s set radius server 1 host server secret secret n b bytearray s encode proc stdin write b proc stdin flush while True output_str proc stdout readline if b RADIUS settings successfully updated in output_str break elif b set radius not in output_str RADIUS command returned an error s1 str output_str s2 s1 split r 1 print RADIUS command returned s2 split n 0 pr...

Page 217: ...vice connected to a SLC or SLB device port and set the device port name to the prompt Punctuation characters are removed and the device port number is appended to the name Prompts ending in are detected For example for a Cisco device attached to device port 3 and displays this prompt engcisco_cat3560 the name for device port 3 will be set to engcisco_cat3560 3 import pexpect import datetime import...

Page 218: ... Number of device ports numPorts Terminate the CLI session p sendline logout time sleep 500 p wait skipPorts False devicePort 1 pList if numPorts 24 or numPorts 40 Adjust port numbering for SLC8024 and SLC8040 skipPorts True numPorts numPorts 8 Loop through device ports connect and try to detect the prompt while devicePort numPorts if skipPorts and devicePort 9 and devicePort 16 devicePort deviceP...

Page 219: ...mpt True elif i 3 error from portsession print p match group 1 decode utf 8 p terminate True p wait break elif i 4 prompt gotPrompt True end if while not gotPrompt if not gotPrompt devicePort devicePort 1 pList append continue Detect the prompt devPrompt p send n i p expect pexpect TIMEOUT pexpect EOF r n timeout 10 if i 0 or i 1 Timeout or EOF print Timeout waiting for the prompt on DP devicePort...

Page 220: ...0 d r n Model Number SLB882 r n timeout 10 if i 0 Timeout print Timeout waiting to login p terminate True sys exit 1 elif i 1 EOF print Session unexpectedly terminated p terminate True sys exit 1 elif i 4 prompt loggedIn True devicePort 1 while devicePort numPorts if skipPorts and devicePort 9 and devicePort 16 devicePort devicePort 1 continue if len pList devicePort 1 0 Detected a prompt set it p...

Page 221: ...there any command line parameters if argc 0 set location lindex argv 0 set now clock seconds set date clock format now format D R if argc 0 puts Internal temperature of the location SLC at date else puts Internal temperature of the SLC at date set io open clisession U sysadmin r set loggedIn false while loggedIn set len gets io line if string first Invalid local user line 1 puts Invalid local user...

Page 222: ... can be activated by various modem related events authentication on dial in outbound network traffic for a dial on demand connection etc The site parameters will override parameters that are configured for a modem To use sites with a modem create one or more sites described below then enable Use Sites for the modem Sites can be used with the following modem states dial in dial back CBCP Server dia...

Page 223: ...e following Note To clear fields in the lower part of the page click the Reset Site button Site Id view only Displays after a site is created Site Name Enter a name for the site Port Select the port None Internal Modem Device Port USB Port U1 or USB Port U2 the site is assigned to For dial on demand sites a port must be selected For any other sites the port selection can be set to None See Modem D...

Page 224: ...anager will automatically dial out and establish a PPP connection when IP traffic destined for the network specified by the static route needs to be sent Note Static Routing must be enabled on the Network Routing page for dial on demand connections Static Route Subnet Mask The subnet mask for a dial on demand connection Static Route Gateway The gateway for a dial on demand connection Dial out Numb...

Page 225: ...s section describes how each modem state that supports sites operates when sites are enabled Dial In The SLC 8000 advanced console manager waits for a peer to call the SLC unit to establish a text command line or PPP connection For text connections the user will be prompted for a login and password and will be authenticated via the currently enabled authentication methods Local Users NIS LDAP etc ...

Page 226: ...Negotiate IP Address setting The PPP connection will stay active until no IP traffic is sent for Modem Timeout seconds Dial back The SLC advanced console manager waits for a peer to call the SLC unit establishes a text command line or PPP connection authenticates the user and if the SLC 8000 advanced console manager is able to determine a dial back number to use hangs up and calls the dial back nu...

Page 227: ...the appropriate Dial out Number for the site and if the remote peer requests PAP or CHAP authentication provides the Dial out Login and Dial out Password as authentication tokens Once authenticated a PPP session will be established using either negotiated IP addresses or specific IP addresses determined by the Negotiate IP Address setting The PPP connection will stay active until no IP traffic is ...

Page 228: ...t to None or matches the port the modem is on For CHAP the site list will be searched for a site that a the Login CHAP Host and CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP peer b Authentication is set to CHAP and c the Port is set to None or matches the port the modem is on If the remote peer requests PAP or CHAP authentication from the SLC unit the Remote ...

Page 229: ...umber to use for dial back The SLC unit will present the client with the available options if the authenticated user is a Local Remote User with Allow Dial back enabled and a Dial back Number defined the administrator defined option is allowed if this is not the case the user defined number is allowed Additionally if CBCP Server Allow No Callback is enabled the client can also select no callback t...

Page 230: ...o a device port both the Power Menu and the option to display Port Log will be displayed with the Power Menu taking precedence and processing user input If any of the key sequences are set to the same value the precedence used to process the key sequences is Escape Sequence Power Management Sequence View Port Log Sequence It is also recommended that the key sequences not share a significant amount...

Page 231: ...eleted via the CLI For notes on optimizing the management of specific devices see Optimizing and Troubleshooting RPM Behavior on page 243 Devices RPMs To control or view status for an RPM 1 Click the Devices tab and select the RPMs option The RPMs page displays Figure 10 1 Devices RPMs 2 In the lower section of the page select an RPM by clicking on the radio button to the far right in the RPM s ro...

Page 232: ...n for the selected RPM This option is available for all RPMs Outlets Displays the RPMs Outlets page for RPMs that support individual outlet control and status Beeper Enable Mute Disable If the RPM has a beeper than can be controlled these options allow the administrator to Enable Mute or Disable the beeper If you try to use Mute to silence a beeper and the beeper continues to sound the UPS most li...

Page 233: ...10 Remote Power Managers SLC 8000 Advanced Console Manager User Guide 233 Figure 10 3 RPM Notifications Figure 10 4 RPM Raw Data Log ...

Page 234: ...selecting the right model with its associated driver and any required driver options especially for USB managed devices On the Devices RPMs page access the Device Ports RPMs Add Device page to configure a new managed remote power manager RPM for the SLC configuration Note The Device Ports RPMs Add Device page with the same functionality can also be accessed through the Devices Device Ports page To...

Page 235: ...10 Remote Power Managers SLC 8000 Advanced Console Manager User Guide 235 Figure 10 7 Device Ports RPMs Add Device 3 Enter the following Vendor Select the correct vendor from the drop down menu ...

Page 236: ...he RPM device these are extra options which may be required to make the driver work The most frequent use of the driver options is for USB devices the vendor and product ID may be required so that the SLC can find the correct device on the USB bus or in the event that the default driver options do not work with the RPM The vendor and product ID may be automatically filled in if a USB Device is sel...

Page 237: ...S that has reached a low battery state Shutdown all UPSes shutdown all UPSes managed by the SLC Allow battery failure allow the battery to completely fail which may result in the unsafe shutdown of the devices it provides power to Shutdown both SLC UPSes shutdown both UPSes that provide power to the SLC including the UPS with that has reached a low battery state some SLCs have dual power supplies ...

Page 238: ...all RPMs provide a model string If the device normally provides the device model and becomes unreachable or does not provide a model string the Model is derived from the supported model list strings of Outlets Specify the number of outlets on the RPM maximum of 120 outlets Outlets On view only The number of outlets that are currently turned on if this information is provided by the RPM F W Version...

Page 239: ...ery life Beeper Status view only For UPS devices only Displays the current state of the UPS beeper Managed via view only Displays the method used to control the RPM device SNMP Network Serial Port USB port IP Address For SNMP and Network Telnet managed RPMs specify the IP address of the RPM Port For network Telnet managed RPMs this is assumed to be port 23 if left blank or it can be filled in with...

Page 240: ...onfigured in SNMP settings This requires that SNMP traps be enabled Critical Emails If an email address is specified under critical conditions see Critical SNMP Traps above an email notification will be sent to the email address The Server and Sender configured in the SMTP settings will be used to send the email Low Battery For UPS devices only Indicates the behavior to take when the UPS reaches a...

Page 241: ... SLC reaches a low battery state When one UPS reaches a low battery state the SLC can be configured to allow the UPS to continue to run until its battery fails completely to shutdown just the UPS with the low battery or to shutdown one or more UPSes UPS type RPMs can report the following states OL On line power OB On battery power LB Low battery HB High battery RB The battery needs to be replaced ...

Page 242: ... be shutdown but will continued to be monitored in case it comes back online Shutdown all UPSes The SLC will begin shutting down all UPSes with a non zero Shutdown Order shutting down UPSes with a shutdown order of 1 first UPSes with a shutdown order of 2 second etc Any UPS which provides power to the SLC is always forced to have its Shutdown Order set to 50 which the highest and last Shutdown Ord...

Page 243: ...aining steps SNMP Settings For SNMP managed devices verify the IP Address Read Community and Write Community settings are correct Reverse Pinout Setting For serially managed devices verify the Reverse Pinout setting located in the Device Port Settings page is set correctly VendorId and ProductId Driver Options For USB managed devices verify the vendorid and productid shown in the RPM driver option...

Page 244: ...10 Remote Power Managers SLC 8000 Advanced Console Manager User Guide 244 RPM Commands Go to RPM Commands to view CLI commands which correspond to the web page entries described above ...

Page 245: ...iately These connections are always re established after reboot At a specified date and time These connections connect if the date and time have already passed After a specified amount of data or a specified sequence of data passes through the connection Following reboot the connection is not reestablished until the specified data passes through the connection Typical Setup Scenarios for the SLC U...

Page 246: ...it and connect to the command line interface Figure 11 2 Remote Access Server Reverse Terminal Server In this scenario the SLC 8000 advanced console manager has one or more device ports connected to one or more serial ports of a mainframe server Users can access a terminal session by establishing a Telnet or SSH session to the SLC unit To configure the SLC console manager select the Enable Telnet ...

Page 247: ... manage a specific piece of equipment the user can Telnet or SSH to a specific port or IP address on the SLC unit and be connected directly to the console port of the end server or device To configure this setup set the Enable Telnet In or Enable SSH In option on the Device Ports Settings 1 of 2 page for the device port in question The user can implement an extra remote management capability by ad...

Page 248: ...device server it is unlikely that you will need any of the Connection settings described below To create a connection 1 Click the Devices tab and select Connections The following page displays Figure 11 6 Devices Connections 2 For a device port enter the following Outgoing Connection Timeout Select to turn on or turn off the connection timeout No for no timeout Yes for a timeout Specify the number...

Page 249: ...er options this is the TCP UDP port number which is optional for Telnet out and SSH out but required for TCP Port and UDP Port Note If you select Device Port it must not have command line interface logins enabled or be running a loopback test To view the device port s settings click the Settings link to the right of the port number SSH Out Options Select one of the following optional flags to use ...

Page 250: ... the connection in the Select column and click the Terminate button 3 To reestablish the connection create the connection again in the top part of the page 4 To view information about Web connections click the here link in the text above the table The Maintenance Firmware Configurations page displays Connection Commands Go to Connection Commands to view CLI commands which correspond to the web pag...

Page 251: ...urity purposes full administrative access to the SLC via the default sysadmin local user account can be limited to only the front console port of the SLC device See Limiting Sysadmin User Access on page 54 Authentication can occur using all methods in the order of precedence until a successful authentication is obtained or using only the first authentication method that responds in the event that ...

Page 252: ...le System NFS LDAP Lightweight Directory Access Protocol A set of protocols for accessing information directories specifically X 500 based directory services LDAP runs over TCP IP or other connection oriented transfer services RADIUS Remote Authentication Dial In User Service An authentication and accounting system used by many Internet Service Providers ISPs A client server protocol it enables re...

Page 253: ...led one or more authentication methods you must configure them Authentication Commands Go to Authentication Commands to view CLI commands which correspond to the web page entries described above User Rights The SLC has three user groups Administrators Power Users and Default Users Each has a predefined set of rights users inherit rights from the user group to which they belong These rights are in ...

Page 254: ... If you change a user s rights while the user is logged into the web or CLI the results do not take effect until the next time the user logs in User Right Administrator Power Users Default Users Full Administrative Rights X Networking X X Services X Date Time X X Local Users X Remote Authentication X SSH Keys X User Menus X Device Port Operations X Device Port Configuration X USB X Reboot Shutdown...

Page 255: ...ing and describing all local and remote users To enable local and or remote users 1 Enter the following Enable Local Users Select to enable all local users except sysadmin The sysadmin user is always available regardless of how you set the check box Enabled by default Multiple Sysadmin Web Logins Select to allow the sysadmin to have multiple simultaneous logins to the web interface Disabled by def...

Page 256: ...up or TACACS priv_lvl map to a SLC custom group allow SLC access if matched Disabled by default Complex Passwords Select to enable the SLC unit to enforce rules concerning the password structure e g alphanumeric requirements number of characters punctuation marks Disabled by default Complexity rules Passwords must be at least eight characters long They must contain one upper case letter A Z one lo...

Page 257: ...a secure place accessible by at least two authorized system administrators Recovering an SLC if both of these passwords are unknown is cumbersome and time consuming To change the sysadmin password see the next topic Adding Editing or Deleting a User To restore the SLC unit to factory defaults see Firmware Configurations on page 294 Adding Editing or Deleting a User Through this User Authentication...

Page 258: ...ue If it is not SLC unit automatically increments it Starting at 101 the SLC 8000 advanced console manager finds the next unused UID Listen Ports The device ports that the user may access to view data using the connect listen command Enter the port numbers or the range of port numbers for example 1 5 8 10 15 U1 and U2 denote the USB upper and lower ports on the front of the SLC unit Data Ports The...

Page 259: ...and line interface to send a break signal to the external device A suggested value is Esc B escape key then uppercase B performed quickly but not simultaneously You would specify this value as x1bB which is hexadecimal x character 27 1B followed by a B See Key Sequences on page 230 for notes on key sequence precedence and behavior Custom Menu If custom menus have been created you can assign a defa...

Page 260: ... editable fields Networking Right to enter Network settings Services Right to enable and disable system logging SSH and Telnet logins SNMP and SMTP Secure Lantronix Network Right to view and manage Secure Lantronix units e g Spider or SLC units on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to shut down and reboot the SLC unit Local Users Right to add or delete ...

Page 261: ...tion Local Remote Users page select the user and click the Add Edit User button The Local Remote User Settings page displays 2 Click the Delete User button 3 Click the Apply button To change the sysadmin password 1 On the User Authentication Local Remote Users page select sysadmin and click the Add Edit User button The Local Remote User Settings page displays 2 Enter the new password in the Passwo...

Page 262: ...le port If NIS does not provide port permissions you can use this page to grant device port access to users who are authenticated through NIS All NIS users are members of a group that has predefined user rights associated with it You can assign additional user rights that are not defined by the group To configure the SLC unit to use NIS to authenticate users 1 Click the User Authentication tab and...

Page 263: ...B followed by an A This setting allows the user to terminate the connect direct command on the command line interface when the endpoint of the command is deviceport tcp or udp See Key Sequences on page 230 for notes on key sequence precedence and behavior Break Sequence A series of 1 10 characters users can enter on the command line interface to send a break signal to the external device A suggest...

Page 264: ... Network Right to view and manage secure Lantronix units e g Spider or SLC units on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to shut down and reboot the SLC unit Local Users Right to add or delete local users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of rights to the user SSH Keys Right to set SSH keys ...

Page 265: ...o authenticate using a wide variety of LDAP servers such as OpenLDAP and Microsoft Active Directory The LDAP implementation supports LDAP servers that do not allow anonymous queries Users who are authenticated through LDAP are granted device port access through the port permissions on this page All LDAP users are members of a group that has predefined user rights associated with it You can add add...

Page 266: ... Guide 266 Figure 12 6 User Authentication LDAP 2 Enter the following Enable LDAP Displays selected if you enabled this method on the first User Authentication page If you want to set up this authentication method but not enable it immediately clear the checkbox ...

Page 267: ...The objectclass used by the LDAP server for groups If nothing is specified for the group filter the SLC 8000 advanced console manager will use posixGroup For AD LDAP servers the objectclass for groups is typically Group Group Member Attribute The attribute used by the LDAP server for group membership This attribute may be use to search for a name ie msmith or a Distinguished Name ie uid msmith ou ...

Page 268: ...ave direct interactive mode To leave listen mode press any key A suggested value is Esc A escape key then uppercase A performed quickly but not simultaneously You would specify this value as x1bA which is hexadecimal x character 27 1B followed by an A This setting allows the user to terminate the connect direct command on the command line interface when the endpoint of the command is deviceport tc...

Page 269: ...elnet logins SNMP and SMTP Secure Lantronix Network Right to view and manage secure Lantronix units e g Spider or SLC devices on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to shut down and reboot the SLC unit Local Users Right to add or delete local users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of right...

Page 270: ... Users who are authenticated through RADIUS are granted device port access through the port permissions on this page All RADIUS users are members of a group that has predefined user rights associated with it You can add additional user rights that are not defined by the group To configure the SLC unit to use RADIUS to authenticate users 1 Click the User Authentication tab and select RADIUS The fol...

Page 271: ...al port the SLC 8000 advanced console manager uses the default RADIUS port 1812 Server 2 Secret Text that serves as a shared secret between a RADIUS client and the server SLC unit The shared secret is used to encrypt a password sent between the client and the server May have up to 128 characters Timeout The number of seconds 1 30 after which the connection attempt times out The default is 30 secon...

Page 272: ... which the RADIUS users will belong Default Users This group has only the most basic rights You can specify additional rights for the individual user Power Users This group has the same rights as Default Users plus Web Access Networking Date Time Reboot Shutdown and Diagnostics Reports Administrators This group has all possible rights Full Administrative Right to add update and delete all editable...

Page 273: ... group name If a custom group name is specified and it matches a current SLC custom group name any rights attribute will be ignored and the custom group s rights permissions will be used instead A group name with spaces cannot be specified escseq Escape sequence The value string specifies the user s escape sequence Use x to specify non printable characters For example x1bA specifies the sequence E...

Page 274: ... power Kerberos Kerberos is a network authentication protocol that provides strong authentication for client server applications by using secret key cryptography The system administrator can configure the SLC 8000 advanced console manager to use Kerberos to authenticate users attempting to log in using the Web Telnet SSH or the console port Users who are authenticated through Kerberos are granted ...

Page 275: ...end of the order of precedence on the User Authentication page Realm Enter the name of the logical network served by a single Kerberos database and a set of Key Distribution Centers Usually realm names are all uppercase letters to differentiate the realm from the Internet domain Realm is similar in concept to an NT domain KDC A key distribution center KDC is a server that issues Kerberos tickets A...

Page 276: ...c B escape key then uppercase B performed quickly but not simultaneously You would specify this value as x1bB which is hexadecimal x character 27 1B followed by a B Enable for Dial back Select to grant a user dial back access Users with dial back access can dial into the SLC 8000 advanced console manager and enter their login and password Once the SLC unit authenticates them the modem hangs up and...

Page 277: ...Network Right to view and manage secure Lantronix units e g Spider or SLC units on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to shut down and reboot the SLC unit Local Users Right to add or delete local users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of rights to the user SSH Keys Right to set SSH keys f...

Page 278: ...sociated with the TACACS user The priv_lvl or priv lvl is the only attribute sent from the TACACS server that the SLC will recognize and utilize The privilege level number will be used to map to a SLC custom user group by finding a group with a name that ends in the same number as the priv_lvl For example a SLC group called admin15 will map to any TACACS users with priv_lvl equal to 15 a SLC group...

Page 279: ...re or on the first User Authentication page If you enable TACACS here it automatically displays at the end of the order of precedence on the User Authentication page TACACS Servers 1 3 IPv4 or IPv6 address or host name of up to three TACACS servers Secret Retype Secret Shared secret for message encryption between the SLC 8000 advanced console manager and the TACACS server Enter an alphanumeric sec...

Page 280: ...n assign a default custom menu to TACACS users Escape Sequence A single character or a two character sequence that causes the SLC 8000 advanced console manager to leave direct interactive mode To leave listen mode press any key A suggested value is Esc A escape key then uppercase A performed quickly but not simultaneously You would specify this value as x1bA which is hexadecimal x character 27 1B ...

Page 281: ...logins SNMP and SMTP Secure Lantronix Network Right to view and manage secure Lantronix units e g Spider or SLC units on the local subnet Date Time Right to set the date and time Reboot Shutdown Right to shut down and reboot the SLC unit Local Users Right to add or delete local users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of rights to the...

Page 282: ...er supports querying a LDAP server for groups that a LDAP user is a member of if any of the LDAP group names match a Custom Group Name the LDAP user will be granted the rights of the custom group A custom group cannot be given the name of one of the pre defined groups Admin Power or Default or any version of these names where the case of the letters is different since these names are used for the ...

Page 283: ...rts on the front of the SLC unit Clear Port Buffers The ports whose port buffer users may clear using the set locallog clear command Enable for Dial back Select to grant a user Users with dial back access can dial into the SLC unit and enter their login and password Once the SLC 8000 advanced console manager authenticates them the modem hangs up and dials them back Disabled by default Dial back Nu...

Page 284: ...eckbox to display the menu at login Full Administrative Right to add update and delete all editable fields Networking Right to enter Network settings Services Right to enable and disable system logging SSH and Telnet logins SNMP and SMTP Secure Lantronix Network Right to view and manage Secure Lantronix units e g Spider or SLC units on the local subnet Date Time Right to set the date and time Rebo...

Page 285: ...inistrator has the option of retaining the SSH keys during a reset to factory defaults The SLC unit can also update the SSH RSA and DSA host keys that the SSH server uses with site specific host keys or reset them to the default values Imported Keys Imported SSH keys must be associated with an SLC 8000 advanced console manager local user The key can be generated on host MyHost for user MyUser and ...

Page 286: ...0 Advanced Console Manager User Guide 286 To configure the SLC unit to use SSH keys to authenticate users 1 From the main menu select User Authentication SSH Keys The following page displays Figure 12 11 User Authentication SSH Keys ...

Page 287: ...ss the SLC from any host not just the host associated with the key User The User ID of the user being given secure access to the SLC unit Import via Select SCP SFTP FTP HTTPS or Copy Paste as the method for importing the SSH keys SCP is the default If SCP SFTP or FTP are selected the Filename Host Path Login and Password fields are filled in If HTTPS is selected the Upload File link will become ac...

Page 288: ...SA or the DSA encryption standard RSA is the default Number of Bits Select the number of bits in the key 1024 2048 3072 or 4096 The default is 2048 Passphrase Retype Passphrase Optionally enter a passphrase associated with the key The passphrase may have up to 50 characters The passphrase is an optional password that can be associated with an SSH key It is unique to each user and to each key See K...

Page 289: ... All checkboxes are unselected by default Import Host Key To import a site specific host key select the checkbox Unselected by default Type From the drop down list select the type of host key to import Import via From the drop down list select the method of importing the host key SCP or SFTP The default is SFTP Public Key Filename Filename of the public host key Private Key Filename Filename of th...

Page 290: ...st command Instead of typing each command the user enters the number associated with the command Each command can also have a nickname associated with it which can be displayed in the menu instead of the command The commands showmenu Menu Name and returnmenu can be entered to display another menu from a menu or to return to the prior menu The command returncli can be used to break out of a menu an...

Page 291: ...Authentication Custom Menus 2 In the lower section of the page enter the following Note To clear fields in the lower part of the page click the Clear Custom Menu button Menu Name Enter a name for the custom menu Title Enter an optional title which will be displayed about the menu at the CLI ...

Page 292: ...currently selected command nickname in the list 4 To add more commands to the custom menu repeat step 3 5 You also have the following options To edit a command nickname in the custom menu select the command in the Commands Nicknames List box and select the left arrow button Change the command and or the nickname and with the same command still selected in the list select the right arrow button To ...

Page 293: ...ys a specified menu The special command returnmenu redisplays the parent menu if the current menu was displayed from a showmenu command The user with appropriate rights creates and manages custom user menus from the command line interface but can assign a custom user menu to a user from either the command line or the web interface When creating a custom user menu note the following limitations Max...

Page 294: ... to acquire a default configuration from a DHCP server and TFTP server when it is booted At boot time before the normal startup process a unit will attempt to acquire network parameters and a configuration file first over Eth1 and then over Eth2 The unit will broadcast on the Eth1 network port for a DHCP server on the local subnet requesting DHCP options TFTP Server DHCP option 66 and Boot Filenam...

Page 295: ...owing separated by commas network datetime services localusers devports usb rpms remoteauth connections events ipfilter groups hostlist nfscifs maintenance sites scripts slcnetwork consoleport menus sshkeys or sslcerts comment optional comment to include in the system log and audit log If spaces are included in the comment they should be URL encoded as shown in this bash script bin bash url https ...

Page 296: ...tenance SLC 8000 Advanced Console Manager User Guide 296 To configure settings 1 Click the Maintenance tab The Maintenance Firmware Configurations page displays Figure 13 1 Maintenance Firmware Configurations ...

Page 297: ...er The offset will be applied one hour after setting the calibration value Zeroing the offset will take effect immediately and will cancel any current and or pending calibration Data Center Rack Row Set these fields to define the rack row the SLC unit is located within a large data center The default for these fields is 1 Data Center Rack Cluster Set these fields to define the rack cluster the SLC...

Page 298: ...it switches to the alternate boot bank Boot Delay how many seconds the bootloader pauses before booting the SLC Default is 3 seconds range is 3 1800 seconds Boot Limit how many times the SLC will fail to boot before switching to the alternate boot bank After the SLC fails to boot 2 times Boot limit so it has attempted to boot Boot Limit times on each bank the SLC will go into advanced recovery mod...

Page 299: ...a location that is not on the SLC 8000 advanced console manager If Tarball Format is checked the configuration will be saved in the old insecure compressed tar file format instead of the password protected zip file format Restore Factory Defaults Restores factory defaults If you select this option the SLC unit reboots after you apply the update Restore Saved Configuration Returns the SLC settings ...

Page 300: ...configuration from the drop down list FTP Server The FTP server specified in the FTP SFTP TFTP section If you select this option select FTP or SFTP to transfer the configuration file NFS Mounted Directory Local directory of the NFS server for mounting files CIFS Share Saved Configurations If restoring select a saved configuration from the drop down list USB If a USB device is loaded into one of th...

Page 301: ...displays the name and the time and date the file was saved 2 To rename a file select a file enter the New File Name and click the Rename File button 3 To download a file select a file and click the Download File button 4 To delete files select one multiple files or all files and click the Delete File button A verification message showing files deleted will appear Click Back to Manage Files to retu...

Page 302: ...isplays Figure 13 3 Maintenance System Logs 2 Enter the following to define the parameters of the log you would like to view Log Select the type s of log you want to view All Network Services Authentication Device Ports Diagnostics General Software Level Select the alert level you want to view for the selected log Error Warning Info Debug Starting at Select the starting point of the range you want...

Page 303: ...or to Lantronix Technical Support See Emailing Logs and Reports on page 311 To clear system logs 1 From the Maintenance System Logs page select Maintenance System Logs 2 Click the Clear Log button to clear all log information System Log Commands Go to System Log Commands to view CLI commands which correspond to the web page entries described above Ending at Select the endpoint of the range you wan...

Page 304: ...clear the log file and sort the log by date time user and command The audit log is saved through SLC reboots 1 Click the Maintenance tab and select the Audit Log option The following page displays Figure 13 5 Maintenance Audit Log 2 To select a sort option click the appropriate button To sort by date and time click the sort by Date Time button this is the default To sort by user click the sort by ...

Page 305: ...red from here The email log is saved through SLC reboots 1 Click the Maintenance tab and select the Email Log option The following page displays Figure 13 6 Maintenance Email Log 2 To email this log follow the instructions in Emailing Logs and Reports on page 311 3 To clear the log click the Clear Log button Logging Commands Go to Logging Commands USB Device Commands USB Storage Commands and USB M...

Page 306: ...You can use equivalent commands on the command line interface 1 Click the Maintenance tab and select the Diagnostics option The following page displays Figure 13 7 Maintenance Diagnostics 2 Select Diagnostics from checklist one or more diagnostic methods you want to run or select All to run them all IPv4 ARP Table The IPv4 Address Resolution Protocol ARP table used to view the IP address to hardwa...

Page 307: ...the number of times the string is sent is equal to the number of packets sent For TCP the number of times the string is sent may or may not be equal to the number of packets sent because TCP controls how data is packetized and sent out Enter the following Protocol Select the type of packet to send TCP or UDP Hostname Specify a host name or IPaddress of the host to send the packet to Port Specify a...

Page 308: ...ll run with a default set of TCP packets Set server port to listen on connect to default 5201 p port n Format to report f format kmgtKMGT Pause n seconds between reports i interval n Bind to a host an interface or multicast address B bind More detailed output V verbose Output in JSON format J json Note The options below are supported on the client only Set length of buffer to n default 8 KB l leng...

Page 309: ...rface represent a snapshot in time To see the most recent data you must reload the web page 1 Click the Maintenance tab and select the Status Reports option The following page displays Figure 13 9 Maintenance Status Reports The top half of the page displays the status of each port power supply and the internal modem Green indicates that the port connection or power supply is active and functioning...

Page 310: ... each device port IP Routes Displays the routing table Connections Displays all active connections for the SLC unit Telnet SSH TCP UDP device port and modem System Configuration Complete Displays a complete snapshot of the SLC settings System Configuration Basic Displays a snapshot of the SLC unit s basic settings for example network date time routing services console port System Configuration Aut...

Page 311: ...ctly emailed to a specific individual or to Lantronix Technical Support directly from the log page System Log Figure 13 4 Audit Log Figure 13 5 Email Log Figure 13 6 Diagnostic Reports Figure 13 8 Status Reports Figure 13 10 To email a log to an individual 1 In the Comment field of a particular log or report page enter a comment if desired 2 Select the to field beside the empty field where you the...

Page 312: ...Manager User Guide 312 Figure 13 11 Emailed Log or Report To view information about the SLC unit and contact information for Lantronix 1 Click the button on the upper right portion of any web page to access the About SLC page see Figure 13 12 ...

Page 313: ...13 Maintenance SLC 8000 Advanced Console Manager User Guide 313 Figure 13 12 About SLC ...

Page 314: ...e Receive Trap Temperature Over Under Limit for Sensorsoft devices Humidity Over Under Limit for Sensorsoft devices Device Port Data Drop No Internal Modem Dial Tone Ping Host Fails RPM Load Over Threshold Host to Ping When the trigger is set to Ping Host Fails enter the hostname IPv4 address or IPv6 address of the host to ping The host will be pinged every 2 minutes RPM When the trigger is set to...

Page 315: ...90 Action From the drop down list select the action taken because of the trigger For example the action can be writing an entry into the syslog with details of the event or sending the trap s to the Ethernet or modem connection Syslog Forward All Traps to Ethernet Forward Selected Trap to Ethernet Forward all Traps to a Modem Connection Forward Selected Trap to a Modem Connection Email Alert SNMP ...

Page 316: ...idle for the number of seconds specified by the Idle Delay before scrolling of the screens continues To configure the LCD and Keypad 1 Click the Maintenance tab and select the LCD Keypad option Figure 13 14 Maintenance LCD Keypad To configure the LCD The screens that are currently enabled are displayed in order in the left Enabled screens list 1 Select a screen to be removed from the Enabled Scree...

Page 317: ...mands to view CLI commands which correspond to the web page entries described above Banners The Maintenance Banners page allows the system administrator to customize text messages that display to users To configure banner settings 1 Click the Maintenance tab and select Banners option Figure 13 15 Maintenance Banners Keypad Locked Select this to lock out any input to the keypad The default is for t...

Page 318: ...text to display on the command line interface after the user logs in May contain up to 1024 characters Single quote and double quote characters are not supported Default is blank Note To create more lines use the n character sequence Logout Banner The text to display on the command line interface after the user logs out May contain up to 1024 characters Single quote and double quote characters are...

Page 319: ...SLC unit The scenarios assume that the SLC 8000 advanced console manager is connected to the network and has already been assigned an IP address In the examples we use the command line interface You can do the same things using the web page interface except for directly interacting with the SLC unit direct command Telnet SSH to a Remote Device The following figure shows a Sun server connected to p...

Page 320: ...ogging disabled Log to upper slot Byte Threshold 100 Max number of files 10 Email Delay 60 seconds Max size of files 2048 Restart Delay 60 seconds Email To none Email Subject Port d Logging Email String none NFS File Logging disabled Directory to log to none Max number of files 10 Max size of files 2048 2 Change the baud to 57600 and disable flow control SLC set deviceport port 2 baud 57600 flowco...

Page 321: ...ort port 1 initscript AT F K3 C1 D2 C0A Device Port settings successfully updated SLC set deviceport port 1 auth pap Device Port settings successfully updated SLC set deviceport port 1 localsecret password Device Port settings successfully updated SLC set deviceport port 1 modemstate dialin Device Port settings successfully updated SLC 2 Configure the device port that is connected to the console p...

Page 322: ...re directly connected to it See Chapter 11 Connections on page 245 Figure 14 4 Local Serial Connection to Network Device via Telnet In this example the sysadmin would 1 Display the current settings for device port 2 SLC show deviceport port 2 ___Current Device Port Settings________________________________________________ Number 2 Name Port 2 Modem Settings Data Settings IP Settings Modem State dis...

Page 323: ... vt100 terminal changes baud to 57600 and disables flow control SLC set deviceport port 2 baud 57600 flowcontrol none Device Port settings successfully updated 3 Create a connection between the vt100 terminal connected to device port 2 and an outbound telnet session to the server The IP address of the server is 192 168 1 1 SLC connect bidirection 2 telnet 192 168 1 1 Connection settings successful...

Page 324: ... name aa bb User must specify one of the values aa or bb separated by a vertical line The values are in all lowercase and must be entered exactly as shown Bold indicates a default value parameter name Value User must specify an appropriate value for example an IP address The parameter values are in mixed case Square brackets indicate optional parameters Action Category set auth cflow cifs cli comm...

Page 325: ...play the possible names if more than one is possible Following a space after the preceding name Tab displays all possible names Should you make a mistake while typing backspace by pressing the Backspace key and or the Delete key depending on how you accessed the interface Both keys work if you use VT100 emulation in your terminal access program when connecting to the console port Use the left and ...

Page 326: ...e Control e move to the end of the line Control b move back to the start of the current word Control f move forward to the end of the next word Control u erase from cursor to the beginning of the line Control k erase from cursor to end of the line Administrative Commands admin banner login Syntax admin banner login Banner Text Description Configures the banner displayed after the user logs in Note...

Page 327: ...s the banner displayed before the user logs in Note To go to the next line type n and press Enter admin config checksum Syntax admin config checksum Description Displays a checksum for the current configuration Can be used to determine if the configuration has changed admin config copy Syntax admin config copy current Config Name location local nfs cifs usb sdcard nfsdir NFS Mounted Directory usbp...

Page 328: ...rt enable disable preserveconfig Config Params to Preserve savescripts enable disable Config Params to Preserve is a comma separated list of current configuration parameters to retain after the config restore or factorydefaults Description Restores the SLC unit to factory default settings admin config restore Syntax admin config restore Config Name location local ftp sftp nfs cifs usb sdcard nfsdi...

Page 329: ...fsdir NFS Mounted Dir usbport U1 U2 savesshkeys enable disable savesslcert enable disable savescripts enable disable Description Saves the current SLC configuration to a selected location admin config show Syntax admin config show local ftp sftp nfs cifs usb sdcard nfsdir NFS Mounted Dir usbport U1 U2 Description Lists the configurations saved to a location admin firmware bootbank Syntax admin fir...

Page 330: ...on Configures bootlimit parameters that control how many times the SLC will fail to boot before switching to the alternate boot bank After the SLC fails to boot 2 times Boot limit so it has attempted to boot Boot Limit times on each bank the SLC will go into advanced recovery mode which may require support from Technical Support to resolve so that the SLC can be booted again Default is 3 boots ran...

Page 331: ...ntaining details about firmware updates admin firmware update Syntax admin firmware update ftp tftp sftp nfs usb sdcard file Firmware File key Checksum Key nfsdir NFS Mounted Dir usbport U1 U2 Description Updates SLC firmware to a new revision You should be able to access the firmware file using the settings admin ftp show displays if FTP TFTP or SFTP are used to load the firmware file The SLC 800...

Page 332: ... firmware updates and configuration save restore admin ftp show Syntax admin ftp show Description Displays FTP settings admin keypad Syntax admin keypad lock unlock Description Locks or unlocks the LCD keypad If the keypad is locked you can scroll through settings but not change them admin keypad password Syntax admin keypad password Must be 6 digits Description Changes the Restore Factory Default...

Page 333: ...he program that controls the LCD admin lcd default Syntax admin lcd default Description Restores the LCD screens to their factory default settings admin lcd screens Syntax admin lcd screens zero or more parameters Parameters currtime 1 9 network 1 9 console 1 9 datetime 1 9 release 1 9 devports 1 9 location 1 9 temp 1 9 userstrings 1 9 Description Sets which screens will be displayed on the LCD an...

Page 334: ... Seconds Description Configures auto scroll of the LCD screens including the number of seconds after keypad input before auto scrolling restarts admin memory show Syntax admin memory show Description Displays information about SLC memory usage admin memory swap add Syntax admin memory swap add Size of Swap in MB usbport U1 U2 Description Creates a swap space from an external storage device admin m...

Page 335: ...epares the SLC 8000 advanced console manager to be powered off When you use this command to shut down the SLC console manager the LCD front panel displays the Shutting down the SLC message followed by a pause and then Shutdown complete When Shutdown complete displays it is safe to power off the SLC 8000 advanced console manager admin site Syntax admin site row Data Center Rack Row Number admin sit...

Page 336: ...st IP Address or Name login User Login path Path to Files Description Imports an SSL certificate admin web certificate reset Syntax admin web certificate reset Description Resets the web server to the default SSL certificate admin web certificate custom Syntax admin web certificate custom Description Generates a custom self signed SSL certificate The SHA256 hashing algorithm will be used to genera...

Page 337: ...admin web server enable disable Description Enables or disables running the web server TCP ports 80 and 443 admin web sha2 Syntax admin web sha2 enable disable Description Enables using only SHA2 and higher ciphers admin web timeout Syntax admin web timeout disable 5 120 Description Configures the timeout for web sessions admin web terminate Syntax admin web terminate Session ID Description Termin...

Page 338: ...ption Configures the banner displayed on the web home page admin web iface Syntax admin web iface none eth1 eth2 ppp Description Defines a list of network interfaces the web is available on admin web cipher Syntax admin web cipher high himed fips Description Configures the strength of the cipher used by the web server high is 256 168 and some 128 bit medium is 128 bit admin web sha2 Syntax admin w...

Page 339: ... TLS v1 1 admin web restart Syntax admin web restart Description Restarts the web server Warning The following admin chip commands should only be used under the direction of Lantronix Technical Support admin chip resetmodem Description Resets the internal modem chip in key system chips Syntax admin chip resetmodem admin chip reseti2cmux Description Resets the I2C Mux chip in key system chips Synta...

Page 340: ...it log By default shows the audit log sorted by date time You can sort it by user or command or clear the audit log Authentication Commands set auth Syntax set auth one or more parameters Parameters authusenextmethod enable disable kerberos 1 6 ldap 1 6 localusers 1 6 nis 1 6 radius 1 6 tacacs 1 6 Description Sets ordering of authentication methods Local Users authentication is always the first me...

Page 341: ...arameters Parameters allowdialback enable disable clearports Port List custommenu Menu Name dataports Port List dialbacknumber Phone Number breakseq 1 10 Chars escapeseq 1 10 Chars group default power admin ipaddr Key Distribution Center IP Address kdc Key Distribution Center listenports Port List permissions Permission List Note See User Permissions Commands on page 351 for information on groups ...

Page 342: ...e disable server1 IP Address or Name server2 IP Address or Name port TCP Port base LDAP Base bindname Bind Name bindwithlogin enable disable useldapschema enable disable adsupport enable disable filteruser User Login Attribute filtergroup Group Objectclass grmemberattr Group Membership Attribute grmembervalue dn name encrypt starttls ssl disable dataports Port List listenports Port List clearports...

Page 343: ...ssword Description Set the LDAP bind password Syntax set ldap bindpassword set ldap certificate import Description To upload X 509 PEM certificate for Start TLS encrypted connections Syntax set ldap certificate import via sftp scp rootfile Cert Auth File certfile Certificate File keyfile Key File host IP Address or Name login User Login path Path to Files set ldap certificate delete Description To...

Page 344: ...er Identifier group default power admin Custom Group Name passwordexpires enable disable permissions Permission List Note See User Permissions Commands on page 351 for information on groups and user rights Remove Escape Break Sequences for users making raw binary connections to Device Ports Description Configures local accounts including sysadmin who log in to the SLC 8000 advanced console manager...

Page 345: ...isables authentication of local users set localusers delete Syntax set localusers delete User Login Description Deletes a local user set localusers lifetime Syntax set localusers lifetime Number of Days Description Sets the number of days the login password may be used The default is 90 days set localusers maxloginattempts Syntax set localusers maxloginattempts Number of Logins Description Sets th...

Page 346: ...ning Number of Days Description Sets the number of days the system warns the user that the password will be expiring The default is 7 days set localusers reusehistory Syntax set localusers reusehistory Number of Passwords Description Sets the number of passwords the user must use before reusing an old password The default is 4 set localusers multipleadminlogins Syntax set localusers multipleadminl...

Page 347: ...ocalusers lock Syntax set localusers lock User Login Description Blocks locks a user s ability to login set localusers unlock Syntax set localusers unlock User Login Description Allows unlocks a user s ability to login set localusers permissions Syntax set localusers add edit user permissions Permission List where Permission List is one or more of nt sv dt lu ra sk um dp do ub rp rs rc dr wb sn ad...

Page 348: ...lt power admin listenports Port List master IP Address or Hostname permissions Permission List Note See User Permissions Commands on page 351 for information on groups and user rights slave1 IP Address or Hostname slave2 IP Address or Hostname slave3 IP Address or Hostname slave4 IP Address or Hostname slave5 IP Address or Hostname state enable disable Description Configures the SLC 8000 advanced ...

Page 349: ...t Note See User Permissions Commands on page 351 for information on groups and user rights timeout enable 1 30 Note Sets the number of seconds after which the connection attempt times out It may be 1 30 seconds Description Configures the SLC 8000 advanced console manager to use RADIUS to authenticate users who log in via the Web SSH Telnet or the console port set radius server Syntax set radius se...

Page 350: ...otocol Protocol for Service timeout 1 10 seconds dataports Port List listenports Port List clearports Port List escapeseq 1 10 Chars breakseq 1 10 Chars custommenu Menu Name allowdialback enable disable dialbacknumber Phone Number group default power admin permissions Permission List Note See User Permissions Commands on page 351 for information on groups and user rights Set the TACACS secret any ...

Page 351: ...ower admin custom group name Description Adds a local user to a user group or changes the group the user belongs to set localusers lock Syntax set localusers lock User Login Description Blocks locks a user s ability to login set localusers unlock Syntax set local users unlock User Login Description Allows unlocks a user s ability to login set localusers permissions Syntax set localusers add edit u...

Page 352: ...s kerberos tacacs permissions Permission List where Permission List is one or more of nt sv dt lu ra sk um dp do ub rp rs rc dr wb sn ad md sd Description Sets permissions not already defined by the assigned permissions group show user Syntax show user Description Displays the rights of the currently logged in user Remote User Commands set remoteusers add edit Syntax set remoteusers add edit User ...

Page 353: ...n method Access to authenticated remote users whose LDAP group or TACACS priv_lvl map to a SLC custom group set remoteusers listonlyauth Syntax set remoteusers listonlyauth enable disable Description Configure whether remote users who are not part of the remote user list will be authenticated set remoteusers denyaccessnocustomgroup Syntax set remoteusers denyaccessnocustomgroup enable disable Desc...

Page 354: ...ption Sets a permission group for remotely authorized users ConsoleFlow Commands set cflow client Syntax set cflow client enable disable Description Configure interaction with ConsoleFlow management server The communication with the server is enabled by default and can be disabled set cflow statusinterval Syntax set cflow statusinterval 1 60 minutes fwconfiginterval 1 72 hours Description Set inte...

Page 355: ...e or more parameters Parameters host IP Address or Name port TCP Port secureport enable disable validatecerts enable disable mqttstate enable disable mqtthost IP Address or Name mqttport TCP Port mqttsecurity enable disable projecttag Project Tag Description Configure ConsoleFlow Cloud or On Premise settings set cflow devicename Syntax set cflow devicename Device Name description Device Descriptio...

Page 356: ...equency disable 15 3600 seconds Description Configures the device port digital probe for determining managed device connection status set cflow id Syntax set cflow id Description Set the device ID set cflow key Syntax set cflow key Description Set the ConsoleFlow key show cflow Syntax show cflow show cflow status show cflow perfmon show cflow scripts show cflow probes show cflow clicommands Descri...

Page 357: ...ote Settings are retained between CLI sessions for local users and users listed in the remote users list set cli menu Description If a menu is associated with the current user and the menu was not displayed at login start will run the menu Users with full administrative or menu user rights can also specify the name of any menu to run Syntax set cli menu start Menu Name set cli terminallines set cl...

Page 358: ... currently logged in user set history Syntax set history clear Description Clears the commands that have been entered during the command line interface session show history Syntax show history Description Displays the last 100 commands entered during the session Connection Commands connect bidirection Syntax connect bidirection Port or Name endpoint one or more Parameters Parameters Endpoint is on...

Page 359: ...nection on receipt of a specified number or characters or a character sequence enter the charxfer parameter and either the charcount or the charseq parameter udp IP Address port UDP Port Description Connects a device port to another device port or an outbound network connection data flows in both directions connect direct Syntax connect direct endpoint Parameters Endpoint is one of deviceport Devi...

Page 360: ...eviceport Syntax connect listen deviceport Device Port or Name Description Monitors a device port connect terminate Syntax connect terminate Connection ID Description Terminates a connection connect unidirection Syntax connect unidirection Device Port or Name dataflow toendpoint fromendpoint endpoint Parameters Endpoint is one of charcount of Chars charseq Char Sequence datetime MMDDYYhhmm ss devi...

Page 361: ...ws in one direction show connections Syntax show connections email Email Address Description Displays connections and their IDs You can optionally email the displayed information The connection IDs are in the left column of the resulting table The connection ID associated with a particular connection may change if the connection times out and is restarted show connections connid Syntax show connec...

Page 362: ...ns Maximum of 20 custom user menus Maximum of 50 commands per custom user menu logout is always the last command Maximum of 15 characters for menu names Maximum of five nested menus can be called No syntax checking Enter each command correctly set localusers Syntax set localusers add edit User Login custom menu Menu Name Description Assigns a custom user menu to a local user set menu add Syntax se...

Page 363: ...t Enables or disables the display of command nicknames instead of commands Sets the optional title for a menu set menu delete Syntax set menu delete Menu Name command Command Number Description Deletes a custom user menu or one command within a custom user menu set nis ldap radius kerberos tacacs custommenu Syntax set nis ldap radius kerberos tacacs custommenu Menu Name Description Assigns a custo...

Page 364: ...e Time Zone Note If you do not know a valid Time Zone enter timezone invalid time zone and you will be guided through selecting one from the available time zones Description Sets the local date time and local time zone one parameter at a time show datetime Syntax show datetime Description Displays the local date time and time zone set ntp Syntax set ntp one or more ntp parameters Parameters locals...

Page 365: ... Parameters sensorsoft lowtemp Low Temperature Sets the lowest temperature permitted for the port sensorsoft hightemp High Temperature Sets the hightest temperature permitted for the port sensorsoft lowhumidity Low Humidity Sets the lowest humidity pemitted for the port sensorsoft highhumidity High Humidity Sets the lowest humidity permitted for the port sensorsoft degrees celsius fahrenheit Enabl...

Page 366: ...ax set deviceport port Device Port or List or Name one or more device port parameters Example set deviceport port 2 5 6 12 15 16 baud 2400 Parameters actiondelay Action Delay actionrestart Restart Delay assertdtr enable disable auth pap chap banner Banner Text baud 300 230400 breakseq 1 10 Chars bytethreshold of Characters calleridcmd Modem Command String calleridlogging enable disable cbcptype ad...

Page 367: ...e disable minimizelatency enable disable modemmode text ppp modemstate disable dialin dialout dialback dialinhostlist dialondemand dialin ondemand dialback ondemand cbcpclient cbcpserver modemtimeout disable 1 9999 seconds name Device Port Name nat enable disable newusermsg enable disable nfsdir Logging Directory nfslogging enable disable nfsmaxfiles Max of Files nfsmaxsize Size in Bytes numsessio...

Page 368: ...rts Set the modem password and CHAP secrets any extra parameters will be ignored set deviceport port Device Port or List or Name dialoutpassword set deviceport port Device Port or List or Name chapsecret set deviceport port Device Port or List or Name dodchapsecret Reset a device port terminating and restarting all relevant connections set deviceport port Device Port or List or Name reset Configur...

Page 369: ...roup of device ports show deviceport global Syntax show deviceport global Description Displays global settings for device ports show deviceport names Syntax show deviceport names Description Displays a list of all device port names show deviceport port Syntax show deviceport port Device Port List or Name display ip data modem logging device Description Displays the settings for one or more device ...

Page 370: ...tcounters zerocounters Syntax show portcounters zerocounters Device Port List or Name Description Zeros the port counters for one or more device ports show portstatus Syntax show portstatus deviceport Device Port List or Name email Email Address Description Displays the modes and states of one or more device port s You can optionally email the displayed information Diagnostic Commands diag arp Syn...

Page 371: ...ce or multicast address B bind host More detailed output V verbose Output in JSON format J json Options below are supported on client only Set length of buffer to n default 8 KB l length n KMG Use UDP rather than TCP u udp TCP window size socket buffer size w window n KMG Set TCP SCTP maximum segment size MTU M set mss n Set TCP SCTP no delay disabling Nagle s Algorithm N no delay Set bandwith to ...

Page 372: ...o Transfer Defaults test external xferdatasize 1K Description Tests a device port by transmitting data out the port and verifying that it is received correctly A special loopback cable comes with the SLC 8000 advanced console manager To test a device port plug the cable into the device port and run this command The command sends the specified Kbytes to the device port and reports success or failur...

Page 373: ...pcap file on external storage This command is available in the CLI but not the web diag perfstat Description Display performance statistics for an Ethernet Port or Device Port averaged over the last 5 seconds Must specify an Ethernet Port or Device Port Syntax diag perfstat ethport 1 2 deviceport Device Port or Name diag ping ping6 Description Verifies if the SLC can reach a host over the network ...

Page 374: ...ds numlines Number of Lines to Display Defaults count 1 delay 5 seconds diag traceroute Syntax diag traceroute IP Address or Hostname Description Displays the route that packets take to get to a network host diag usb Syntax diag usb parameters Description To display information about USB buses and the devices connected to them including the mapping between a USB device and the SLC port For mapdevi...

Page 375: ...dseltrapeth ethport 1 2 nms SNMP NMS community SNMP Community oid SNMP OID action fwdalltrapsmodem fwdseltrapmodem deviceport Device Port or Name nms SNMP NMS community SNMP Community oid SNMP Trap OID action fwdalltrapsmodem fwdseltrapmodem usbport U1 U2 nms SNMP NMS community SNMP Community oid SNMP Trap OID action fwdalltrapsmodem fwdseltrapmodem internal modem nms SNMP NMS community SNMP Commu...

Page 376: ...address Description Edits event definitions admin events show Syntax admin events show Description Displays event definitions Group Commands set groups add edit Group Name parameters Syntax set groups add edit Group Name parameters Parameters dataports Port List listenports Port List clearports Port List escapeseq 1 10 Chars breakseq 1 10 Chars custommenu Menu Name displaymenu enable disable allow...

Page 377: ...hostlist add edit Host List Name parameters Parameters name Host List Name edit only retrycount 1 10 Default retrycount 3 auth enable auth enable disable Description Configures a prioritized list of hosts to be used for modem dial in connections set hostlist add edit Host List Name entry Syntax set hostlist add edit Host List Name entry Host Number parameters Parameters host IP Address or Name pro...

Page 378: ... list show hostlist Syntax show hostlist all names Host List Name Description Displays the members of a host list Internal Modem Commands Configure the internal modem set intmodem parameters Parameters auth pap chap calleridcmd Modem Command String calleridlogging enable disable modemstate disable dialin dialout dialback usesites enable disable modemmode text ppp group Local or Remote Group Name t...

Page 379: ...ded with AT and include E1 V1 x4 Q0 so that the SLC may properly control the modem Display settings for the internal modem show intmodem IP Filter Commands set ipfilter state Syntax set ipfilter state enable disable testtimer disable 1 120 minutes Description Enables or disables IP filtering for incoming network traffic set ipfilter mapping Syntax set ipfilter mapping parameters Parameters etherne...

Page 380: ...filter rules Logging Commands set deviceport port Syntax set deviceport port Device Port List or Name one or more deviceport parameters Parameters actiondelay Action Delay actionrestart Restart Delay bytethreshold of Characters emailsubj Email Subject emailto Email Address locallogging enable disable nfsdir Logging Directory nfslogging enable disable nfsmaxfiles Max of Files nfsmaxsize Size in Byt...

Page 381: ...clear port buffers see Chapter 12 User Authentication Example set deviceport port 2 5 6 12 15 16 locallogging enable show locallog Syntax show locallog Device Port or Name bytes Bytes To Display startbyte Byte Index Description Displays a specific number of bytes of data for a device port 1K is the default set locallog clear Syntax set locallog clear Device Port or Name Description Clears the loca...

Page 382: ...ables PPP debugging messages in the modem log set log modem pppdebug enable disable Syntax show log modem Description View the modem activity log for external modems and USB modems show log modem display head tail numlines Number of Lines show log local Syntax show log local Description View the log for local NFS or USB logging NFS and USB use the current logging settings for the Device Port Defau...

Page 383: ... usbport U1 U2 deviceport Device Port or name Network Commands set network Syntax set network parameters Parameters startprobes 1 99999 Seconds probes Number of Probes interval 1 99999 Seconds ipforwarding enable disable ip6forwarding enable disable Description Sets TCP Keepalive and IP Forwarding network parameters set network bonding Syntax set network bonding disabled active backup 802 3ad load...

Page 384: ...in Fail over Device Admin Login faildevcelluser Fail over Device SIM Login faildevcellpwd Fail over Device SIM Password faildevcelldialstr Fail over Device Dialup Str faildevcellroam enable disable Transfer firmware update files to the SLC to initiate a firmware update on the fail over device set network gateway faildevupdate ftp sftp scp usb sdcard gwfile Firmware File radiofile Radio File usbpor...

Page 385: ...scription Sets the SLC host name and domain name set network fqdnlist Syntax set network fqdnlist 1 15 ipaddr IP Address fqdn hostname Description Updates the local hosts table for DNS lookup of FQDNs set network port Syntax set network port 1 2 parameters Parameters state dhcp bootp static disable ipaddr IP Address mask Mask ipv6addr IPv6 Address Prefix mode auto 10mbit half 100mbit half 10mbit f...

Page 386: ... host Syntax show network host Description Displays the network host name of the SLC 8000 advanced console manager show network port Syntax show network port 1 2 Description Displays Ethernet port settings and counters show network ipv6 Syntax show network ipv6 Description Displays all ipv6 settings show network sfp Syntax show network sfp Description Displays network port 1 and port 2 SFP diagnos...

Page 387: ...ectory mount enable disable remdir Remote NFS Directory rw enable disable Enables or disables read write access to remote directory Description Mounts a remote NFS share The remdir and locdir parameters are required but if they have been specified previously you do not need to provide them again set nfs unmount Syntax set nfs unmount 1 2 3 Description Unmounts a remote NFS share set cifs Syntax se...

Page 388: ...in config command saves SLC configurations on the SMB CIFS share set cifs password Syntax set cifs password Description Changes the password for the SMB CIFS share login default is cifsuser show cifs Syntax show cifs Description Displays SMB CIFS settings show nfs Syntax show nfs Description Displays NFS share settings Performance Monitoring Commands show perfmon Syntax show perfmon Parameters sho...

Page 389: ...selected probe show perfmon operations Syntax show perfmon operations Parameters show perfmon operations Probe Id or Name Description Display list of completed operation sets for a probe set perfmon results Syntax set perfmon results Parameters show perfmon results Probe Id or Name set Operation Set Number display head tail numlines Number of Lines email Email Address Description Display round tri...

Page 390: ...elected set and optionally email the statistics set perfmon repo Syntax set perfmon repo local usb sdcard usbport U1 U2 Description Set repository where probe operations are stored set perfmon keep Syntax set perfmon keep Number of Operations to Keep Description Set number of operations stored for each probe set perfmon udpjitterresp Syntax set perfmon udpjitterresp enable disable Description Enab...

Page 391: ...me starttime now HH MM SS MMDD afterHH MM SS operations Number of Operations to Perform frequency Seconds between Operations packets Number of Packets to Send interval Milliseconds between Packets timeout Milliseconds to Wait for Response host Destination IP Address or Name port Destination Port precision milli micro datasize Payload Data Size in Bytes verifydata enable disable codec g729a g711ala...

Page 392: ...rt precision milli micro datasize Payload Data Size in Bytes verifydata enable disable codec g729a g711alaw g711mulaw tos none Type of Service interface none eth1 eth2 nameserver IPv4 Address Description Edit an existing probe set perfmon delete Syntax set perfmon delete Probe Id or Name data all of Sets to Keep Description Delete a probe or delete all operation data for a probe or delete all but ...

Page 393: ... the IP address mask and gateway parameters to 0 0 0 0 show routing Syntax show routing resolveip enable disable email Email Address Description Sets the routing table to display IP addresses disable or the corresponding host names enable You can optionally email the displayed information RPM Commands set rpm add Syntax set rpm add RPM Name Description Adds an RPM to be managed prompts will guide ...

Page 394: ...or Name action restart set rpm driver RPM Id or Name action debug level 1 2 3 set rpm driver RPM Id or Name action show set rpm driver RPM Id or Name action viewoutput email Email Address display head tail numlines Number of Lines Description Control and debug the RPM driver if the driver is not properly communicating with the PDU or UPS restart the driver restart the driver with debug output to a...

Page 395: ...9 powertoslc enable disable driveropts Driver Options Override Description Configure and control Remote Power Managers RPMs including PDUs and UPSes set rpm password Syntax set rpm password RPM Id or Name Description Set RPM administrative password show RPM Syntax show rpm type ups pdu config sdorder notify device RPM Name or Id data raw logs envmon Note The show rpm envmon command for RPM configu...

Page 396: ...e script will be the same as the file name if it is a valid script name otherwise a script name must be specified for import Description Import a script set script update Syntax set script update interface batch custom name Script Name group default power admin permissions Permission List Note See help user permissions for information on groups and user rights Description Update a script set scrip...

Page 397: ... to a Device Port and run it one time script output will be displayed in the current terminal custom script output will be saved in the repository set script schedule Syntax set script schedule Script Name device cli Device Port or Name state enable disable delete parameters Cmd Line Parameters starttime now HH MM MMDD afterHH MM frequency Hours Days between each operation stoptime forever HH MM M...

Page 398: ...mail Address Description Display the results for the last completed custom script operation or a selected operation and optionally email the results SD Card Commands Enables or disables access to SD Card devices set sdcard access enable disable Mounts a SD Card for use as a storage device The SD Card can be used for saving configurations firmware updates and device logging set sdcard mount Unmount...

Page 399: ... Card set sdcard delete Current Filename Displays information about the SD Card device show sdcard Security Commands set security Description Configures SLC security and FIPS settings Parameters set security parameters fipsmode Parameters fipsmode enable disable show security Description Displays security settings and current status Parameters show security Services Commands set services Syntax se...

Page 400: ...net enable disable contact Admin Contact Info escapeseqtelnet 1 10 Chars rocommunity Read Only Community outgoingtelnet enable disable rwcommunity Read Write Community ssh enable disable trapcommunity Trap Community portssh TCP Port v3user v3 RO User timeoutssh disable 1 30 minutes v3rwuser v3 RW User sshdatadir netin netout both v3trapuser v3 Trap User dsakeys enable disable v3security noauth aut...

Page 401: ...ly deviceport Device Port or Name or none dialoutnumber Phone Number usbport U1 U2 dialoutlogin User Login internal modem allowdialback enable disable auth pap chap dialbacknumber Phone Number loginhost User Login CHAP Host dialbackdelay Dial back Delay localipaddr negotiate IP Address dialbackretries 1 10 remoteipaddr negotiate IP Address timeoutlogins disable 1 30 minutes routeipaddr IP Address ...

Page 402: ...parameter the command searches the SLC network With the ipaddrlist parameter the command displays a sorted list of all IP addresses or displays the IP addresses that match the mask for example 172 19 255 255 would display all IP addresses that start with 172 19 SSH Key Commands set sshkey all export Syntax set sshkey allexport ftp sftp scp copypaste pubfile Public Key File host IP Address or Name ...

Page 403: ...meters format openssh secsh host IP Address or Name login User Login path Path to Copy Key bits 1024 2048 3072 4096 keyname SSH Key Name keyuser SSH Key User type rsa dsa Description Exports an sshkey set sshkey import Syntax set sshkey import Description set sshkey import ftp sftp scp copypaste one or more parameters Parameters keyhost SSH Key IP Address or Name keyuser SSH Key User path Path to ...

Page 404: ...t Syntax set sshkey server reset type all rsa dsa Description Resets defaults for all or selected host keys show sshkey export Syntax show sshkey export one or more parameters Parameters keyhost SSH Key IP Address or Name keyname SSH Key Name keyuser SSH Key User viewkey enable disable Description Displays all exported keys or keys for a specific user IP address or name show sshkey import Syntax s...

Page 405: ...ly emails the displayed information The connection IDs are in the left column of the resulting table The connection ID associated with a particular connection may change if the connection times out and is restarted show connections connid Syntax show connections connid Connection ID email Email Address Description Provides details for example endpoint parameters and trigger for a specific connecti...

Page 406: ...yed information show sysconfig Syntax show sysconfig display basic auth devices email Email Address Description Displays a snapshot of all configurable parameters Optionally emails the displayed information show sysstatus Syntax show sysstatus email Email Address Description To display the overall status of all SLC units Optionally emails the displayed information System Log Commands show syslog S...

Page 407: ...imultaneously show syslog clear Syntax show syslog clear all netlog servlog authlog devlog diaglog genlog Description Clears one or all of the system logs USB Access Commands set usb access Syntax set usb access enable disable Description Enables or disables access to USB devices USB Device Commands show usb devices Syntax show usb devices Description Displays all usb devices with the port each de...

Page 408: ...es will displayed at the end of the line in square brackets To see a list of USB devices with vendor id and product id use treedisplay disable USB Storage Commands set usb storage dir Syntax set usb storage dir U1 U2 subdir Directory Path Description Views a directory listing of a USB flash drive set usb storage fsck Syntax set usb storage fsck U1 U2 Description Runs a file system check on a thumb...

Page 409: ...orage unmount Syntax set usb storage unmount U1 U2 Description Unmounts a USB flash drive Enter this command before removing the USB device set usb storage rename Description Renames a file on a thumb drive Syntax set usb storage rename U1 U2 file Filename newfile New Filename set usb storage copy Description Copies a file on a thumb drive Syntax set usb storage copy U1 U2 file Filename newfile Ne...

Page 410: ...ngs Syntax show usb show usb modem Description Display product information and settings for any USB modem Syntax show usb modem USB Modem Commands set usb modem Syntax set usb modem u1 u2 parameters Parameters auth pap chap baud 300 115200 9600 is the default calleridcmd Modem Command String calleridlogging enable disable cbcpnocallback enable disable cbcptype admin user chapauth chaphost localuse...

Page 411: ...out disable 1 9999 sec nat enable disable parity none odd even remoteipaddr negotiate IP Address restartdelay PPP Restart Delay service none telnet ssh tcp sshauth enable disable sshport TCP Port stopbits 1 2 tcpauth enable disable tcpport TCP Port telnetauth enable disable telnetport TCP Port timeoutlogins disable 1 30 minutes usesites enable disable Description Configures a currently loaded USB ...

Page 412: ...any 3des aes aes192 aes256 ikeauth any sha1 md5 sha2_256 sha2_384 sha2_512 ikedhgroup any dh2 dh5 dh14 dh15 dh16 dh17 dh18 dh19 ikever ikev1 ikev2 espec any 3des aes aes192 aes256 espauth any sha1 md5 sha2_256 sha2_384 sha2_512 sha2_256_96 espdhgroup any dh2 dh5 dh14 dh15 dh16 dh17 dh18 dh19 lifetime SA Lifetime in Seconds xauthclient enable disable xauthlogin User Login ciscounity enable disable ...

Page 413: ...rrsaaction delete Download IPSec conf file VPN tunnel must be enabled to generate ipsec conf for download can be customized and uploaded to access more strongSwan options set vpn confaction download via sftp scp host IP address or Name login User Login path Directory for Download Upload IPSec conf file to the SLC set vpn confaction upload via sftp scp host IP address or Name login User Login conff...

Page 414: ...de of this range Temperatures can be entered in either Celsius or Fahrenheit to indicate a temperature is Fahrenheit append the degrees with an F i e 75F Parameter set temperature one or more parameters Parameters low Low Temperature in C or F high High Temperature in C or F calibrate Temperature Calibration in C or F cancel Note The calibration offset will be applied one hour after setting the va...

Page 415: ...device port with Xmodem Ymodem or Zmodem The maximum file size is 20 MB and the maximum total repository size is 25 MB set xmodem send receive Syntax set xmodem send Device Port or Name file Xmodem File protocol xmodem ymodem zmodem xfer binary ascii set xmodem receive Device Port or Name file Xmodem File protocol xmodem ymodem zmodem xfer binary ascii overwrite enable disable Description Send or ...

Page 416: ... facility and network infrastructure for example how vulnerable the CAT 5 wiring is to tapping Factors Affecting Security External factors affect the security provided by the SLC unit for example Telnet sends the login exchange as clear text across Ethernet A person snooping on a subnet may read your password A terminal to the SLC may be secure but the path from the SLC 8000 advanced console manag...

Page 417: ...ериcтикой Cover Do not remove the cover of the chassis There are no user serviceable parts inside Opening or removing the cover may expose you to dangerous voltage that could cause fire or electric shock The exception is access to the internal modem and RTC battery For these you don t have to remove the chassis cover but just the battery modem door Refer all servicing to Lantronix Power Plug When ...

Page 418: ...erature Make sure to install the SLC 8000 advanced console manager in an environment with an ambient temperature less than the maximum operating temperature of the SLC unit See Technical Specifications on page 36 Install the equipment in a rack in such a way that the amount of airflow required for safe operation of the equipment is not compromised Mount the equipment in the rack so that a hazardou...

Page 419: ...ices These adapters convert the RJ45 connection on the SLC unit to a 9 pin or 25 pin serial connector found on other manufacturers serial devices or re route the serial signals for connections to other devices that use RJ45 serial connectors The console port is wired the same way as the device ports and has the same signal options Note You can view or change the console port settings using the LCD...

Page 420: ...rs and Pinouts SLC 8000 Advanced Console Manager User Guide 420 Figure C 2 RJ45 Receptacle to DB25F DCE Adapter for the SLC unit PN 200 2067A Figure C 3 RJ45 Receptacle to DB9M DCE Adapter for the SLC unit PN 200 2069A ...

Page 421: ...SLC 8000 Advanced Console Manager User Guide 421 Figure C 4 RJ45 Receptacle to DB9F DCE Adapter for the SLC unit PN 200 2070A Use PN 200 2070A adapter with a PC s serial port Figure C 5 RJ45 Receptacle to DB25M DTE Adapter PN 200 2073 ...

Page 422: ...entication for client server applications by using secret key cryptography LDAP Lightweight Directory Access Protocol A protocol for accessing directory information NAT Network Address Translation An Internet standard that enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic This enables a company to shield internal addresses from the...

Page 423: ...ations as well as Web browsers to share files across the Internet CIFS runs on TCP IP and uses the SMB protocol in Microsoft Windows for accessing files With CIFS users with different platforms and computers can share files without having to install new software SNMP Simple Network Management Protocol A protocol that system administrators use to monitor networks and connected devices and to respon...

Page 424: ...E GB9254 2008 China Radio Disturbance Characteristics Compliance for ITE Electromagnetic Immunity EN 55024 2010 Information Technology Equipment Immunity Characteristics EN 61000 4 2 2008 KN 61000 4 2 Electro Static Discharge Test EN 61000 4 3 2010 KN 61000 4 3 Radiated Immunity Field Test EN 61000 4 4 2012 KN 61000 4 4 Electrical Fast Transient Test EN 61000 4 5 2014 KN 61000 4 5 Power Supply Sur...

Page 425: ...ied by FIPS 197 CCC KC Note Not available in some hardware configurations This product carries the CE mark since it has been tested and found compliant with the following standards Safety EN 60950 1 Emissions EN 55022 EN 55032 Class A Immunity EN 55024 RoHS REACH and WEEE Compliance Statement Please visit http www lantronix com legal rohs for Lantronix s statement about RoHS REACH and WEEE complia...

Reviews:

No comments

Related manuals for SLC 8000 Series

Cadac S-Type Installation & User Manual preview
S-Type
Brand: Cadac Pages: 74
VOX electronics MX-9108 Operating Instructions Manual preview
MX-9108
Brand: VOX electronics Pages: 67
TC Electronic INFINITE SAMPLE SUSTAINER Quick Start Manual preview
INFINITE SAMPLE SUSTAINER
Brand: TC Electronic Pages: 7
J. Rockett Audio Designs EL HOMBRE Quick Start Manual preview
EL HOMBRE
Brand: J. Rockett Audio Designs Pages: 2
Sottoriva VELA 90-130/1 Instruction Book preview
VELA 90-130/1
Brand: Sottoriva Pages: 49
Wharfedale Pro Titan 12 ACTIVE Operating Manual And User Manual preview
Titan 12 ACTIVE
Brand: Wharfedale Pro Pages: 33
Clatronic Profi Cook UM 290 Instruction Manual & Guarantee preview
Profi Cook UM 290
Brand: Clatronic Pages: 54
Boss F1 Phaser Instructions Manual preview
F1 Phaser
Brand: Boss Pages: 6
Mission Pigtronix User Manual preview
Pigtronix
Brand: Mission Pages: 2
Zelmer ZHM2459I User Manual preview
ZHM2459I
Brand: Zelmer Pages: 52
Mackie 1402-VLZ PRO Owner'S Manual preview
1402-VLZ PRO
Brand: Mackie Pages: 51
Sound Devices 688 User Manual preview
688
Brand: Sound Devices Pages: 210
SoundCraft dc 2000 User Manual preview
dc 2000
Brand: SoundCraft Pages: 199
Barnstead International Maxi-Mix 1329 Series Operation Manual preview
Maxi-Mix 1329 Series
Brand: Barnstead International Pages: 8
HAMILTON BEACH/PROCTOR SILEX 62510 User Manual preview
62510
Brand: HAMILTON BEACH/PROCTOR SILEX Pages: 22
Hamilton Beach 62647 Instructions Manual preview
62647
Brand: Hamilton Beach Pages: 12
Whirlwind MIX-5S Specifications preview
MIX-5S
Brand: Whirlwind Pages: 1
Gemini 15 Quick Installation Manual preview
15
Brand: Gemini Pages: 4

Brands by name

Popular brands

Load more brands