Home
/
Lantronix
/
SLC48
/
User Manual

Lantronix SLC48, User Manual

Share

Page: 98 / 222

background image

10: User Authentication

SecureLinx SLC User Guide

98

User Permissions

The SLC has three default user groups: Administrators, Power Users, and Default Users.
Each has a predefined set of rights: users inherit rights from the user group to which they
belong. These rights are in addition to the current functions that a user can perform at the
CLI:

connect direct/listen

set locallog/password/history/cli

show datetime/deviceport/locallog/portstatus/portcounters/
history/cli/user

The table below shows the mapping of groups and user rights.

Table 10-1. User Group Rights

User Right

Administrators Power Users

Default Users

Full Administrative Rights

y

Networking

y

y

Services

y

Date/Time

y

y

Local Users

y

Remote Authentication

y

SSH Keys

y

User Menus

y

Device Ports

y

PC Card

y

Reboot/Shutdown

y

y

Firmware/Configuration

y

Diagnostics and Reports

y

y

SLC Network

y

Web Access

y

You cannot deny a user rights defined for the group, but you can add or remove all other
rights at any time.

Note:

You cannot change the rights associated with each group; a future release will

provide that functionality.

By default, the system assigns new users to the Default Users group, but you can change
their group membership at any time. If you change a user's rights while the user is logged
into the web or CLI, the results do not take effect until the next time the user logs in.

To assign user rights:

«
...
96
97
98
99
100
...
»

Summary of Contents for SLC48

Page 1: ...Part No 900 449 Rev B August 2006 SecureLinxTM Console Manager SLC User Guide SecureLinx SLC8 SecureLinx SLC16 SecureLinx SLC32 SecureLinx SLC48...

Page 2: ...tributed and modified under the terms of the GNU GPL A machine readable copy of the corresponding portions of GPL licensed source code is available at the cost of distribution Such source code is dist...

Page 3: ...User Guide may clause interference to radio communications Operation of this equipment in a residential area is likely to cause interference in which case the user will be required to correct the inte...

Page 4: ...____________________________ 18 Product Information Label ____________________________________________________ 19 Technical Specifications ________________________________________________ 19 Physical...

Page 5: ...lent Services Commands _______________________________________________ 56 NFS and SMB CIFS____________________________________________________ 57 NFS and SMB CIFS Commands ____________________________...

Page 6: ...13 Kerberos ___________________________________________________________ 114 Kerberos Commands _______________________________________________________ 117 TACACS _______________________________________...

Page 7: ...________ 180 CLI Commands ______________________________________________________ 182 Connection Commands ________________________________________________ 184 Console Port Commands_____________________...

Page 8: ...5 Cable Connection 21 Figure 3 2 AC Power Input and Power Switch SLCxxxx2N 22 Figure 3 3 DC Power Inputs and Power Switch SLCxxx24T 22 Figure 4 1 Front Panel LCD Display and Five Pushbuttons Enter Up...

Page 9: ...3 Installation Provides technical specifications describes connection formats and power supplies provides instructions for installing the unit in a rack 4 Quick Setup Provides instructions for gettin...

Page 10: ...ard Adapter used as a storage device 12 Maintenance and Operation Provides instructions for upgrading firmware viewing system logs and diagnostics generating reports and defining events Includes infor...

Page 11: ...he steps for getting the SLC up and running provided on the CD and in printed form SLC Online Help for the Command Line Interface Provides online help for configuring the SLC using commands SLC Online...

Page 12: ...modem connection Many types of equipment can be accessed and administered using Console Managers including Servers Unix Linux Windows 2003 and others Networking equipment routers switches storage net...

Page 13: ...2 Port Single AC Supply Secure Console Manager SLC04812N 02 SLC48 48 Port Single AC Supply Secure Console Manager SLC00822N 02 SLC8 8 Port Dual AC Supply Secure Console Manager SLC01622N 02 SLC16 16 P...

Page 14: ...ternet File System CIFS support Telnet or SSH to a serial port by IP address per port or by IP address and TCP port number Configurable user rights for local and remotely authenticated users Supports...

Page 15: ...er profiles Each user has an assigned ID password and access rights Other user profile access options may include externally configured authentication methods such as NIS and LDAP Device Port Buffer T...

Page 16: ...For more detailed information see Technical Specifications on page 19 All physical connections use industry standard cabling and connectors The network and serial ports are on the rear panel of the S...

Page 17: ...onventional Ethernet network Use standard RJ45 terminated Category 5 cables Network parameters must be configured before the SLC can be accessed over the network Figure 2 4 Network Connection PC Card...

Page 18: ...0 2070A Adapter DB9F DCE to RJ45 HP9000 SGI Origin IBM RS6000 and PC based Linux servers 200 2225 Adapter RJ45 to RJ45 rolled Cisco and Sun Netra Note An optional adapter for external modems is also a...

Page 19: ...able 300 to 115 200 baud Network Interface 10Base T 100Base TX RJ45 Ethernet Power Supply Universal AC power input 100 240 VAC 50 or 60 Hz IEC type regional cord set included DC power input 24 to 60 V...

Page 20: ...6 Wait approximately a minute and a half for the boot process to complete When the boot process ends the SLC host name and the clock appear on the LCD display Now you are ready to configure the netwo...

Page 21: ...emulation The default baud rate is 9600 To connect the console port to a terminal or computer with terminal emulation Lantronix offers optional adapters that provide a connection between an RJ45 jack...

Page 22: ...rotective fuse fast blow 4 0A maximum 250V AC and the on off switch In addition we provide the SLC0xx22N with a Y cord See SLC Models on page 13 Figure 3 2 AC Power Input and Power Switch SLCxxxx2N No...

Page 23: ...r the web interface to run Quick Setup IP Address Your SLC must have a unique IP address on your network The system administrator generally provides the IP address and corresponding subnet mask and ga...

Page 24: ...utomatically assigned Gateway DNS settings Date time and time zone Console port settings baud rate data bits stop bits parity and flow control Make sure the SLC is plugged in to power and turned on Fr...

Page 25: ...ton Within edit mode to increase or decrease a numerical entry up and down arrows Within edit mode to move the cursor right or left right or left arrows To exit edit mode Enter To scroll up or down th...

Page 26: ...7 for each setting 9 Press the right arrow button to move to the next option Date Time Settings and click Enter to edit the time zone a To enter a US time zone use the up down arrow buttons to scroll...

Page 27: ...No prompt displays 6 To initiate the process for restoring factory defaults select Yes When the process is complete the SLC reboots Method 2 Quick Setup on the Web Page After the unit has an IP addre...

Page 28: ...h Eth1 and Eth2 are enabled If you select DHCP skip to Default Gateway Obtain from BOOTP Lets a network node request configuration information from a BOOTP server node If you select this option skip t...

Page 29: ...mpt in the command line interface Domain If desired specify a domain name for example support lantronix com Date Time Settings Change Date Time Select the checkbox to manually enter the date and time...

Page 30: ...nter sysadmin as the user name and press Enter 3 Enter PASS as the password and press Enter The first time you log in the Quick Setup script runs automatically Normally the command prompt displays Fig...

Page 31: ...64 character limit contiguous characters no spaces Note The host name becomes the prompt in the command line interface Domain If desired specify a domain name for example support lantronix com The do...

Page 32: ...ss Enter Next Step After quick starting the SLC you may want to configure other settings You can use the web page or the command line interface for configuration For information about the web and the...

Page 33: ...k Setup includes instructions for using the LCD to configure basic network settings Web Interface A web interface allows the system administrator and other authorized users to configure and manage the...

Page 34: ...nd display its settings The E1 and E2 buttons display the Network Settings page The A and B buttons display the status of the power supplies Note Only ports to which the currently logged in user has r...

Page 35: ...vigator 6 x and above or Internet Explorer 5 5 and above 2 In the URL field type https followed by the IP address of your SLC 3 To configure the SLC use sysadmin as the user name and PASS as the passw...

Page 36: ...ssions Logging in To log in to the SLC command line interface 1 Do one of the following With a serial terminal connection power up and when the command line displays press Enter If the SLC already has...

Page 37: ...The parameter values are in mixed case Square brackets indicate optional parameters Table 5 1 Actions and Category Options Action Category set network firewall routing datetime ntp services nfs cifs m...

Page 38: ...if more than one is possible Following a space after the preceding name Tab displays all possible names Should you make a mistake while typing backspace by pressing the Backspace key and or the Delet...

Page 39: ...eport listen connect listen deviceport clear set locallog clear telnet connect direct telnet ssh connect direct ssh To set the number of lines displayed by a command set cli terminallines disable Numb...

Page 40: ...ck Setup procedure you may update them here Requirements If you assign a different IP address from the current one it must be within a valid range unique to your network and with the same subnet mask...

Page 41: ...Network Settings The following page displays 2 Enter the following information for one or both network ports Eth1 and Eth2 Eth1 and Eth2 Settings Note Configurations with the same IP subnet on multipl...

Page 42: ...If specifying an IP address enter the network segment on which the SLC resides There is no default Eth1 and Eth2 Mode Select the direction full duplex or half duplex and speed 10 or 100Mbit of data t...

Page 43: ...ding is required if you enable Network Address Translation NAT for any device port modem or PC Card ISDN modem IP forwarding allows a user accessing the SLC over a modem to access the network connecte...

Page 44: ...ly makes the changes immediately and saves them so they will be there when the SLC is rebooted Ethernet Counters The Network Settings page displays statistics for each of the SLC s Ethernet ports sinc...

Page 45: ...nds ipforwarding enable disable probes Number of Probes startprobes 1 99999 Seconds To view all network settings show network all To view Ethernet port settings and counters show network port 1 2 To v...

Page 46: ...ct Reply with connection denied on denied ports default To ignore an attempt without sending a response select Ignore connection attempts on denied ports Invisible to ping Select the checkbox to enabl...

Page 47: ...smbcifs ssh telnet denyport http https smbcifs ssh telnet invisibletoping enable disable rejectmethod reply ignore state enable disable To view firewall settings show firewall Routing The SLC allows y...

Page 48: ...IP Address Subnet Mask and Gateway for the route and click the Add Edit Route button The route displays in the Static Routes table You can add up to 64 static routes To edit a static route select the...

Page 49: ...static route set the IP address mask and gateway parameters to 0 0 0 0 To set the routing table to display IP addresses disable or the corresponding host names enable show routing resolveip enable di...

Page 50: ...itted by the NTP server This is the default if you enable NTP Poll NTP Server Enables the SLC to query the NTP Server for the correct time If you select this option complete one of the following Local...

Page 51: ...one Note If you type an invalid time zone the system guides you through the process of selecting a time zone To view the local date time and time zone show datetime To synchronize the SLC with a remot...

Page 52: ...the MIB definition files for the private enterprise MIB The private enterprise MIB provides read only access to all statistics and configurable items provided by the SLC It provides read write access...

Page 53: ...or concern in addition to error messages This is the default for all message types Error Saves messages that are output because of an error Debug Saves extraneous detail that may be helpful in trackin...

Page 54: ...ds that have been executed Disabled by default Include In System Log If enabled the contents of the audit log are added to the system log under the General Info category level Disabled by default 3 En...

Page 55: ...want to keep this option disabled for security reasons Timeout If you enable Telnet logins you can cause an idle connection to disconnect after a specified number of minutes Select Yes and enter a val...

Page 56: ...an SNMP manager to access the read only data the SLC SNMP agent provides and to modify data where permitted The default is private V3 User SNMP v3 is secure and requires user based authorization to a...

Page 57: ...nt services show services NFS and SMB CIFS Use the NFS SMB CIFS page if you want to save configuration and logging data onto a remote NFS server or export configuration and logging data by means of an...

Page 58: ...page displays 2 Enter the following for up to three directories NFS Mounts Remote Directory The remote NFS share directory in the format nfs_server_hostname or ipaddr exported path Local Directory Th...

Page 59: ...hare with the cifsuser user name and password at the same time Workgroup The Windows workgroup to which the SLC belongs Every PC exporting a CIFS share must belong to a workgroup Can have up to 15 cha...

Page 60: ...one or more parameters Parameters eth1 enable disable eth2 enable disable state enable disable workgroup Windows workgroup Note The admin config command saves SLC configurations on the SMB CIFS share...

Page 61: ...Eth1 IP address ssh port number or Eth2 IP address ssh port number where ssh port number is uniquely assigned for each device port 4 If TCP is enabled for a device port establish a raw TCP connection...

Page 62: ...mand The administrator and users with local user rights may assign individual port permissions to local users The administrator and users with remote authentication rights assign port access to users...

Page 63: ...For example if you enter 2001 subsequent ports are automatically assigned numbers 2002 2003 and so on Starting SSH Port Each port is assigned a number for connecting via SSH Enter a number 1025 65535...

Page 64: ...figure settings for all or a group of device ports set deviceport global one or more parameters Parameters maxdirect 1 10 Sets the maximum number of direct connections for each device port sshport TCP...

Page 65: ...us of the port displays automatically Name The name of the port Valid characters are letters numbers dashes periods and underscores _ Banner Text to display when a user connects to a device port by me...

Page 66: ...elnet In Enables access to this port through Telnet Disabled by default Enable SSH In Enables access to this port through SSH Disabled by default Enable TCP in Enables access to this port through a ra...

Page 67: ...vailable methods include none xon xoff software and RTS CTS hardware The default is none Enable Logins For serial devices connected to the device port displays a login prompt and authenticates users S...

Page 68: ...Disabled by default Note For the Caller ID AT command refer to the modem user guide Modem Command Modem AT command used to initiate caller ID logging by the modem Note For the AT command refer to the...

Page 69: ...he number of seconds after the timeout and before the SLC attempts another connection The default is 30 seconds Dial out Number Phone number for dialing out to a remote system or serial device May hav...

Page 70: ...figure a single port or a group of ports Example set deviceport port 2 5 6 12 15 16 baud 2400 set deviceport port Device Port List or Name one or more device port parameters Parameters auth pap chap b...

Page 71: ...enable disable telnetport TCP Port timeoutlogins disable or 1 30 To view the settings for one or more device ports show deviceport port Device Port List or Name To view a list of all device port name...

Page 72: ...logging into the SLP Password Retype Password Password for logging into the SLP SLP Status Info Outlet Status Select All Outlets or Single Outlet to view all the status of all outlets or a single out...

Page 73: ...s the CLI command the SLP uses to restart itself slp outletcontrol state on off cyclepower outlet Outlet Outlet is 1 8 for SLP8 and 1 16 for SLP16 The outletcontrol parameters control individual outle...

Page 74: ...pe sequence defined the default escape sequence is Esc A Device Ports Logging The SLC products support port buffering of the data on the system s device ports as well as notification of receiving data...

Page 75: ...erly mounted see 11 PC Card Data logged locally to the SLC is limited to 256 Kbytes and may be lost in the event of a power loss Data logged to a PC Card Compact Flash does not have these limitations...

Page 76: ...x to clear the local log View Local Log Click this link to see the local log in text format Email SNMP Traps Email Traps Select the checkbox to enable email and SNMP logging Email logging sends an ema...

Page 77: ...Delay A time limit of how long in seconds after the SLC detects the trigger that the device port captures data before closing the log file with a fixed internal buffer maximum capacity of 1500 bytes...

Page 78: ...path for the NFS mount Max Number of Files The maximum number of files to create to contain log data to the port These files keep a history of the data received from the port Once this limit is excee...

Page 79: ...port parameters Parameters emaildelay Email Delay emaillogging disable bytecnt charstr emailrestart Restart Delay emailsend email trap both emailstring Regex String emailsubj Email Subject emailthresh...

Page 80: ...vice Ports Console Port The following page displays 2 Change the following as desired Baud The speed with which the device port exchanges data with the attached serial device From the drop down list s...

Page 81: ...dle session on the console is automatically logged out Disabled by default 3 Click Apply to save the changes Console Port Commands The following CLI commands correspond to the web page entries describ...

Page 82: ...evice port attached to an external device Another device port with a modem attached An outgoing Telnet or SSH session An outgoing TCP or UDP network connection This enables the user to set up connecti...

Page 83: ...cess the server as if they were connected directly to it by local serial ports or a console Remote Access Server In this setup the SLC is connected to one or more modems by its device ports Configure...

Page 84: ...e Enable Telnet In or Enable SSH In option on the Device Ports Settings web page Multiport Device Server A PC can use the device ports on the SLC as virtual serial ports enabling the ports to act as i...

Page 85: ...ddress on the SLC and be connected directly to the console port of the end server or device To configure this setup set the Enable Telnet In or Enable SSH In option on the Device Ports Settings web pa...

Page 86: ...port you are connecting This device port must be connected to an external serial device and must not have command line interface logins enabled be connected to a modem or be running a loopback test No...

Page 87: ...ns Select one of the following optional flags to use for the SSH connection User Login ID to use for authenticating on the remote host Version Version of SSH Select 1 or 2 Command Enter a specific com...

Page 88: ...the top part of the page Connection Commands These commands for configuring connections correspond to the web page entries described above To connect to a device port to monitor and or interact with i...

Page 89: ...ow datetime chars udp IP Address port UDP Port Note If the trigger is datetime establish connection at a specified date time enter the date parameter If the trigger is chars establish connection on re...

Page 90: ...quence enter either the charcount or the charseq parameter To terminate a bidirectional or unidirectional connection connect terminate Connection ID To view connections and their IDs Note The connecti...

Page 91: ...al user authentication is enabled the local user sysadmin account is always available for login Authentication can occur using all methods in the order of precedence until a successful authentication...

Page 92: ...y Access Protocol A set of protocols for accessing information directories specifically X 500 based directory services LDAP runs over TCP IP or other connection oriented transfer services RADIUS Remot...

Page 93: ...ns To enable the SLC to use all methods in order of precedence until it obtains a successful authentication select the check box This is the default To enable the SLC to use only the first authenticat...

Page 94: ...2 Enter the following Enable Local Users Select to enable all local users except sysadmin The sysadmin is always available regardless of how you set the check box Complex Passwords Select to enable th...

Page 95: ...or on a number that is associated with the user s login specified here 3 Enter information about the specific functions the user will be permitted to access Listen Ports The device ports that the user...

Page 96: ...n page 94 The logged in user s name displays above the menu The menu displays only the options for which the user has rights To add a user based on an existing user 1 In the Local Users list select th...

Page 97: ...ers Parameters allowdialback enable disable breakseq 1 10 Chars clearports Port List custommenu Menu Name dataports Port List dialbacknumber Phone Number escapeseq 1 10 Chars group default power admin...

Page 98: ...Power Users Default Users Full Administrative Rights y Networking y y Services y Date Time y y Local Users y Remote Authentication y SSH Keys y User Menus y Device Ports y PC Card y Reboot Shutdown y...

Page 99: ...g Date Time Reboot Shutdown and Diagnostics Reports Administrators This group has all possible rights 3 Select or clear the checkboxes for the following rights Full Administrative Right to perform any...

Page 100: ...displays only the options for which the user has rights Local User Rights Commands The following CLI commands correspond to the web page entries described above To add a local user to a user group or...

Page 101: ...to authenticate users listed in the Remote Users list in the lower part of the page Disabled by default Remote Login User ID of selected user The remote authentication method validates this ID Group...

Page 102: ...iguration all settings Diagnostics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the local subnet Web Access Right to access We...

Page 103: ...ete User button 3 Click Apply Remote User Commands The following CLI commands correspond to the web page entries described above To configure whether remote users who are not part of the remote user l...

Page 104: ...SLC through the Web SSH Telnet or the Console port If NIS does not provide port permissions you can use this page to grant device port access to users who are authenticated through NIS All NIS users...

Page 105: ...ge 125 you can assign a default custom menu to NIS users Data Ports The ports users are able to monitor and interact with using the connect direct command Listen Port The ports users are able to monit...

Page 106: ...tics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the local subnet Web Access Right to access Web Manager 5 Click Apply Note Y...

Page 107: ...LDAP to authenticate users attempting to log in using the Web Telnet SSH or the console port LDAP allows SLC users to authenticate using a wide variety of LDAP servers such as OpenLDAP and Microsoft A...

Page 108: ...Authentication page If you want to set up this authentication method but not enable it immediately clear the checkbox Server The IP address or host name of the LDAP server Port Number of the TCP port...

Page 109: ...isten command Clear Port Buffers The ports whose port buffer users may clear using the set locallog clear command 3 In the User Rights section select the user group to which LDAP users will belong Gro...

Page 110: ...re your changes will take effect LDAP Commands These commands for the command line interface correspond to the web page entries described above To configure the SLC to use LDAP to authenticate users w...

Page 111: ...g in using the Web Telnet SSH or the console port Users who are authenticated through RADIUS are granted device port access through the port permissions on this page All RADIUS users are members of a...

Page 112: ...up to 128 characters RADIUS Server 2 IP address or host name of the secondary RADIUS server Server 2 Port Number of the TCP port on the RADIUS server used for the RADIUS service If you do not specify...

Page 113: ...users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of rights to the user SSH Keys Right to set SSH keys for authenticating users User Menus Right...

Page 114: ...v dt lu ra sk um dp pc rs rc dr wb sn ad To remove a permission type a minus sign before the two letter abbreviation for a user right To set a default custom menu for RADIUS users set radius custommen...

Page 115: ...the end of the order of precedence on the User Authentication page Realm Enter the name of the logical network served by a single Kerberos database and a set of Key Distribution Centers Usually realm...

Page 116: ...og clear command 3 In the User Rights section select the user group to which Kerberos users will belong Group Select the group to which the Kerberos users will belong Default Users This group has only...

Page 117: ...ds for the command line interface correspond to the web page entries described above To configure the SLC to use Kerberos to authenticate users who log in via the Web SSH Telnet or the console port se...

Page 118: ...o use TACACS to authenticate users attempting to log in using the Web Telnet SSH or the console port Users who are authenticated through Kerberos are granted device port access through the port permis...

Page 119: ...lt custom menu to TACACS users Data Ports The ports users are able to monitor and interact with using the connect direct command Listen Port The ports users are able to monitor using the connect liste...

Page 120: ...Selecting this option automatically selects Reboot Shutdown Diagnostics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the loca...

Page 121: ...nd the administrator has the option of retaining the SSH keys during a reset to factory defaults Imported Keys Imported SSH keys must be associated with an SLC local user The key can be generated on h...

Page 122: ...SLC local user login for the connection is different from the user name the key was generated from or is not included in the imported key file If either of these conditions is true or the imported fi...

Page 123: ...ther the RSA or the DSA encryption standard RSA is the default Number of Bits Select the number of bits in the key 512 or 1024 The default is 512 Passphrase Retype Passphrase Optionally enter a passph...

Page 124: ...ey File host IP Address or Name login User Login To export a key set sshkey export ftp scp copypaste one or more parameters Parameters format openssh secsh host IP Address or Name login User Login pat...

Page 125: ...ociated with the command Each command can also have a nickname that can display in the menu instead of the command From the current menu a user can display another menu thus allowing menus to be neste...

Page 126: ...d Number set menu edit Menu Name nickname Command Number To set the optional title for a menu set menu edit Menu Name title Menu Title To enable or disable the display of command nicknames instead of...

Page 127: ...optional menu title return for none Menu2 Title Specify nickname for each command no Enter each command up to 50 commands logout is always the last command Press return when the menu command set is c...

Page 128: ...tings________________________________________________ Login john Password set UID 101 Listen Ports 1 32 Data Ports 1 32 Clear Ports 1 32 Escape Sequence x1bA Break Sequence x1bB Custom Menu menu1 Allo...

Page 129: ...10 User Authentication SecureLinx SLC User Guide 129 Menu1 Title 1 connect Port 1 3 menu2 2 connect Port 2 4 log off Enter 1 4 4 Executing logout Logging out...

Page 130: ...lete list To set up PC Card storage in the SLC 1 Insert any of the supported PC Cards into either of the PC Card bays on the front of the SLC You can do this before or after powering up the SLC If the...

Page 131: ...fail and you will need to reboot the SLC to restore PC Card functionality Format Select to unmount the Compact Flash if it is mounted remove all existing partitions create one partition on the Compact...

Page 132: ...Card SecureLinx SLC User Guide 132 4 Enter the following Modem Settings State Select to indicate whether to disable the PC Card or set it for dial in dial out dial back or dial on demand Disabled by d...

Page 133: ...ization script always be preceded with AT and include E1 V1 x4 Q0 so that the SLC may properly control the modem Caller ID Logging Select to enable the SLC to log caller IDs on incoming calls Note For...

Page 134: ...to Eth1 and or Eth2 Note IP forwarding must be enabled on the Network Settings page for NAT to work Dial out Number Phone number for dialing out to a remote system or serial device May have up to 20 c...

Page 135: ...et PDP context parameter values GSM Bearer Svc Command to select the bearer service data rate and connection element to use when data call originate Negotiated IP IP address associated with the GPRS c...

Page 136: ...Lower PC Card Slot 4050 Range 1025 65535 Authenticate If selected the SLC requires user authentication before granting access to the port Authenticate is selected by default for Telnet Port and SSH P...

Page 137: ...Number dialoutlogin User Login dialoutnumber Phone Number dialoutpassword Password flowcontrol none xon xoff rts cts gsmautodns enable disable gsmbearerservice GSM Bearer Service gsmcompression enabl...

Page 138: ...11 PC Card SecureLinx SLC User Guide 138 stopbits 1 2 tcpauth enable disable tcpport TCP Port telnetauth enable disable telnetport TCP Port timeoutlogins disable 1 30...

Page 139: ...Maintenance page allows the system administrator to Configure the FTP SFTP or TFTP server that will be used to provide firmware updates and save restore configurations TFTP is only used for firmware u...

Page 140: ...lt is No Note The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs Shutdown Select this option to shut down the SLC The default is No Welcome Banner The text...

Page 141: ...administrator to terminate your active web session SLC Firmware Update Firmware To update the SLC firmware select the checkbox If you select this option the SLC reboots after you apply the update Loa...

Page 142: ...tore From If you selected to save or restore a configuration enter a name for the configuration file up to 12 characters Location to Save to or Restore From If you selected to save or restore a config...

Page 143: ...ibed above To reboot the SLC admin reboot Note The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs To add welcome login and logout banners admin banner login...

Page 144: ...rrent firmware revision admin firmware show To lock or unlock the LCD keypad Note If the keypad is locked users can scroll through settings but not change them admin keypad lock unlock To change the R...

Page 145: ...onfig Config Params to Prserve Config Params to Preserve is a comma separated list of current configuration parameters to retain after the config restore or factorydefaults nt Networking lu Local User...

Page 146: ...he following Log Select the type s of log you want to view Level Select the alert level you want to view for the selected log 3 Click the View Log button The log displays For example if you select the...

Page 147: ...mmand for the command line interface corresponds to the web page entries described above To view the system logs containing information and error messages show syslog parameters Parameters email Email...

Page 148: ...o sort by command action click the Command button 3 To clear the log click the Clear Log button Diagnostics The Diagnostics web page provides methods for diagnosing problems such as network connectivi...

Page 149: ...nd Packet This option sends an Ethernet packet out one of the Ethernet ports mainly as a network connectivity test Enter the following Protocol Select the type of packet to send Hostname Specify a hos...

Page 150: ...for that report 5 To email the report s to an individual a In the Comment field enter a comment if desired b Select to and enter the person s email address c Press the Email Output button 6 To email t...

Page 151: ...tstat protocol all tcp udp email Email Address To resolve a host name into an IP address You can optionally email the displayed information diag lookup Hostname email Email Address To test a device po...

Page 152: ...ged over the last 5 seconds diag perfstat ethport 1 2 deviceport Device Port or Name To generate and send Ethernet packets diag sendpacket host IP Address or Name port TCP or UDP Port Number string Pa...

Page 153: ...orts The following page displays The top half of the page displays the status of each port and the power supplies Green indicates that the port connection or power supply is active and functioning cor...

Page 154: ...ime routing services console port System Configuration Authentication Displays a snapshot of authentication settings only including a list of all localusers System Configuration Devices Displays a sna...

Page 155: ...f configurable parameters You can optionally email the displayed information show sysconfig display basic auth devices email Email Address Displays a report of all configurable parameters or a shorter...

Page 156: ...xample the action can be writing an entry into the syslog with details of the event or sending the trap s to the Ethernet or modem connection Ethernet For actions that require an Ethernet connection f...

Page 157: ...n The Events page displays the event To delete an event select the event from the Events table and click the Delete Event button A message asks for confirmation Click OK 4 To save click Apply Events C...

Page 158: ...the web page To view and manage SLCs on the local network 1 From the main menu select SLC Network The following page displays 2 To manage an SLC click its IP Address A separate browser page takes the...

Page 159: ...er they are Telnet enabled or SSH enabled and lists their Telnet and SSH port numbers Note For the links to work you must enable Web Telnet or Web SSH for the SLC see 7 Services b To open a Telnet ses...

Page 160: ...is configured The default is Both IP Address If you selected Manually Entered IP Address List or Both enter the IP address of the SLC you want to find and manage 3 If you entered an IP address click...

Page 161: ...both To detect and display all SLCs on the local network show slcnetwork ipaddrlist all Address Mask Note Without the ipaddrlist parameter the command searches the SLC network according to the search...

Page 162: ...up connection an administrator can remotely access any of the connected IT devices using Telnet or SSH Figure 13 1 SLC Console Manager Configuration This chapter includes three typical scenarios for u...

Page 163: ...abled Local IP negotiate Parity none SSH Port 3002 Remote IP negotiate Flow Control xon xoff IP none Authentication PAP Logins disabled CHAP Host none Break Sequence x1bB CHAP Secret none Check DSR di...

Page 164: ...essages from SUN 6 Use the escape sequence to escape from direct mode back to the command line interface Dial in Text Mode to a Remote Device This example shows a modem connected to an SLC device port...

Page 165: ...Dial into the SLC via the modem using a terminal emulation program on a remote PC A command line prompt displays 4 Log into the SLC CONNECT 57600 Welcome to the SLC login sysadmin Password Welcome to...

Page 166: ...ettings IP Settings Modem State disabled Baud Rate 9600 Telnet disabled Modem Mode text Data Bits 8 Telnet Port 2002 Timeout Logins disabled Stop Bits 1 SSH disabled Local IP negotiate Parity none SSH...

Page 167: ...00 terminal connected to device port 2 and an outbound telnet session to the server The IP address of the server is 192 168 1 1 slc connect bidirection 2 telnet 192 168 1 1 Connection settings success...

Page 168: ...ings you want to configure or view Examples are ntp deviceport and network parameter s is one or more name value pairs in one of the following formats parameter name aa bb User must specify one of the...

Page 169: ...er values type the entire value For example you can shorten set network port 1 state static ipaddr 122 3 10 1 mask 255 255 0 0 to se net po 1 st static ip 122 3 10 1 ma 255 255 0 0 Use the Tab key to...

Page 170: ...res the banner displayed after the user logs in Note To go to the next line type n and press Enter admin banner logout Syntax admin banner logout Banner Text Description Configures the banner displaye...

Page 171: ...ve is a comma separated list of current configuration parameters to retain after the config restore or factorydefaults nt Networking lu Local Users sv Services dp Device Ports dt Date Time pc PC Card...

Page 172: ...word Description Sets the FTP server password and prevent it from being echoed admin ftp server Syntax admin ftp server IP Address or Hostname login User Login path Directory Description Sets the FTP...

Page 173: ...iption Reboots the SLC The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs admin shutdown Syntax admin shutdown Description Prepares the SLC to be powered of...

Page 174: ...sessions and their ID Audit Log Commands show auditlog Syntax show auditlog command user clear Description Displays audit log By default shows the audit log sorted by date time You can sort it by user...

Page 175: ...re parameters Description Configures the SLC to use Kerberos to authenticate users who log in via the Web SSH Telnet or the console port Parameters ipaddr Key Distribution Center IP Address kdc Key Di...

Page 176: ...or the console port Parameters port TCP Port server IP Address or Hostname state enable disable Default is 389 adsupport enable disable base LDAP Base bindname Bind Name bindpassword Bind Password cle...

Page 177: ...s add edit User Login one or more parameters Description Configures local accounts including sysadmin who log in to the SLC by means of the Web SSH Telnet or the console port Parameters allowdialback...

Page 178: ...SLC to use NIS to authenticate users who log in via the Web SSH Telnet or the console port Parameters broadcast enable disable clearports Port List custommenu Menu Name dataports Port List domain NIS...

Page 179: ...Port List group default power admin listenports Port List permissions Permission List Note See User Permissions Commands on page 180 for information on groups and user rights timeout enable 1 30 Sets...

Page 180: ...Port List permissions Permission List Note See User Permissions Commands on page 180 for information on groups and user rights secret TACACS Secret server IP Address or Hostname state enable disable s...

Page 181: ...eters dataports Port List listenports Port List clearports Port List group default power admin permissions Permissions List where Permission List is one or more of nt sv dt lu ra sk um dp pc rs rc dr...

Page 182: ...sions Permission List where Permission List is one or more of nt sv dt lu ra sk um dp pc rs rc dr wb sn ad Description Sets permissions not already defined by the assigned permissions group show user...

Page 183: ...SLC cannot detect the size of the terminal automatically show cli Syntax show cli Description Displays current CLI settings show user Syntax show user Description Displays attributes of the currently...

Page 184: ...user Login Name version 1 2 command Command to Execute tcp IP Address port TCP Port telnet IP Address or Name port TCP Port trigger now datetime chars If the trigger is datetime establish connection...

Page 185: ...Description Terminates a bidirectional or unidirectional connection connect unidirection Syntax connect unidirection Device Port or Name dataflow toendpoint fromendpoint endpoint Description Connects...

Page 186: ...You can optionally email the displayed information The connection IDs are in the left column of the resulting table The connection ID associated with a particular connection may change if the connecti...

Page 187: ...Description Assigns a custom user menu to a local user set menu add Syntax set menu add Menu Name command Command Number Description Creates a new custom user menu or adds a command to an existing cus...

Page 188: ...rs show menu Syntax show menu all Menu Name Description Displays a list of all menu names or all commands for a specific menu Date and Time Commands set datetime Syntax set datetime one date time para...

Page 189: ...NTP settings Device Port Commands set deviceport port Syntax set deviceport port Device Port List or Name one or more device port parameters Example set deviceport port 2 5 6 12 15 16 baud 2400 Descr...

Page 190: ...d preceding the initscript with AT and include E1 V1 x4 Q0 so that the SLC may properly control the modem ipaddr IP Address localipaddr negotiate IP Address logins enable disable modemmode text ppp mo...

Page 191: ...ort names show deviceport port Syntax show deviceport port Device Port List or Name Description Displays the settings for one or more device ports show portcounters Syntax show portcounters deviceport...

Page 192: ...dress mapping You can optionally email the displayed information diag netstat Syntax diag netstat protocol all tcp udp email Email Address Description To display a report of network connections You ca...

Page 193: ...aceroute Syntax diag traceroute IP Address or Hostname Description Displays the route that packets take to get to a network host End Device Commands set command Syntax set command Device Port or Name...

Page 194: ...NMS community SNMP Community oid SNMP Trap OID action fwdalltrapsmodem fwdseltrapmodem pccardslot upper lower nms SNMP NMS community SNMP Community oid SNMP Trap OID action syslog Description Defines...

Page 195: ...Description Displays firewall settings Logging Commands set deviceport port Syntax set deviceport port Device Port List or Name one or more deviceport parameters Description Configures logging settin...

Page 196: ...maxfiles Max of Files pccardmaxsize Size in Bytes pccardslot upper lower show locallog Syntax show locallog Device Port or Name bytes Bytes To Display Description Displays a specific number of bytes o...

Page 197: ...yntax set network gateway parameters Description Sets default gateway and indicates whether the gateway acquired by DHCP or the default gateway takes precedence Parameters default IP Address precedenc...

Page 198: ...ays the network host name of the SLC show network port Syntax show network port 1 2 Description Displays Ethernet port settings and counters show network all Syntax show network all Description Displa...

Page 199: ...cifs one or more parameters Description Configures the SMB CIFS share which contains the system and device port logs Note The admin config command saves SLC configurations on the SMB CIFS share Parame...

Page 200: ...on Formats a Compact Flash card pccard storage mount Syntax pccard storage mount upper lower Description Mounts a Compact Flash card in the SLC for use as a storage device The Compact Flash card must...

Page 201: ...service GSM Bearer Service gsmcompression enable disable gsmcontext GPRS Context Id gsmdialoutmode gprs gsm gsmpin GSM GPRS PIN Number idletimeout disable 1 9999 seconds initscript Initialization Scri...

Page 202: ...he routing table to display IP addresses disable or the corresponding host names enable You can optionally email the displayed information Services Commands set services Syntax set services one or mor...

Page 203: ...disable ssh enable disable syslogserver1 IP Address or Name syslogserver2 IP Address or Name telnet enable disable timeoutssh disable or 1 30 timeouttelnet disable or 1 30 traps enable disable v1ssh e...

Page 204: ...lay all IP addresses that start with 172 19 SSH Key Commands set sshkey delete Syntax set sshkey delete one or more parameters Description Deletes an ssh key Specify the keyuser and keyhost to delete...

Page 205: ...hkey export one or more parameters Description Displays all exported keys or keys for a specific user IP address or name Parameters keyhost SSH Key IP Address or Name keyuser SSH Key User viewkey enab...

Page 206: ...ommand to obtain the Connection ID show portcounters Syntax show portcounters deviceport Device Port List or Name email Email Address Description Generates a report for one or more ports Optionally em...

Page 207: ...stem Log Commands show syslog Syntax show syslog parameters Description Displays the system logs containing information and error messages Parameters email Email Address level error warning info debug...

Page 208: ...that users can make about the facility and network infrastructure for example how vulnerable the CAT 5 wiring is to tapping Factors Affecting Security External factors affect the security provided by...

Page 209: ...ly accessible Always connect any equipment used with the product to properly wired and grounded power sources To help protect the product from sudden transient increases and decreases in electrical po...

Page 210: ...at a hazardous stability condition results because of uneven loading A drop or fall could cause injury The ambient temperature Tma inside the rack may be greater than the room ambient temperature Make...

Page 211: ...ntronix The cables are available in various lengths In most cases you will need an adapter for your serial devices Lantronix offers a variety of RJ45 to serial connector adapters for many devices Thes...

Page 212: ...User Guide 212 RJ45 Receptacle to DB25M DCE Adapter for the SLC PN 200 2066A Use PN 200 2066A adapter with a dumb terminal or with many SUN applications 5 6 7 2 20 4 8 3 RJ45 DB25 Male Pin 1 Gnd 4 Rx...

Page 213: ...C Adapters and Pinouts SecureLinx SLC User Guide 213 RJ45 Receptacle to DB25F DCE Adapter for the SLC PN 200 2067A 5 6 7 2 20 4 8 3 RJ45 DB25 Female Pin 1 Rx 6 DSR 7 CTS 8 Gnd 5 Tx 3 RTS 1 DTR 2 1...

Page 214: ...C Adapters and Pinouts SecureLinx SLC User Guide 214 RJ45 Receptacle to DB9M DCE Adapter for the SLC PN 200 2069A 8 6 5 3 4 7 1 2 RJ45 DB9 Male Pin 1 Gnd 4 Rx 6 DSR 7 CTS 8 Gnd 5 Tx 3 RTS 1 DTR 2 1...

Page 215: ...x SLC User Guide 215 RJ45 Receptacle to DB9F DCE Adapter for the SLC PN 200 2070A Use PN 200 2070A adapter with a PC s serial port 1 8 2 6 4 5 6 3 7 4 8 7 1 5 3 2 RJ45 DB9 Female Pin 1 Gnd 4 Rx 6 DSR...

Page 216: ...and SLP PNs 200 2225 and ADP010104 01 Note The cable ends of the ADP010104 01 are an RJ45 socket on one end and a RJ45 plug on the other instead of RJ45 sockets on both ends Use this adapter for SLP...

Page 217: ...cation for client server applications by using secret key cryptography LDAP Lightweight Directory Access Protocol A protocol for accessing directory information NAT Network Address Translation An Inte...

Page 218: ...l in users and their access permissions A company stores user profiles in a central database that all remote servers can share SMB CIFS Server Message Block Common Internet File System Microsoft s pro...

Page 219: ...stem A method of authentication used in UNIX networks It allows a remote access server to communicate with an authentication server to determine whether the user has access to the network Telnet A ter...

Page 220: ...pment Immunity Characteristics IEC61000 4 2 1995 Electro Static Discharge Test IEC61000 4 3 1996 Radiated Immunity Field Test IEC61000 4 4 1995 Electrical Fast Transient Test IEC61000 4 5 1995 Power S...

Page 221: ...mplementation of AES as specified by FIPS 197 This product carries the CE mark since it has been tested and found compliant with the following standards Safety EN 60950 Emissions EN 55022 Class A Immu...

Page 222: ...dia to Lantronix Lantronix will ship the replacement media to the customer In no event will Lantronix be responsible to the user in contract in tort including negligence strict liability or otherwise...

Reviews:

No comments

Related manuals for SLC48

Sun Fire X2100 M2

Brand: Sun Microsystems Pages: 128

Brand: AXIOMTEK Pages: 58

Brand: Santec Pages: 40

Brand: NMS Communications Pages: 22

Brand: RackSolutions Pages: 8

Brand: Autonomic Pages: 17

Brand: StarTech.com Pages: 24

PRIMERGY TX140 S2

Brand: Fujitsu Pages: 86

PRIMERGY TX150 S3

Brand: Fujitsu Pages: 95

PRIMERGY TX150 S6

Brand: Fujitsu Pages: 118

Brand: Fujitsu Pages: 305

PRIMERGY TX150 S6

Brand: Fujitsu Pages: 127

PRIMERGY TX140 S2

Brand: Fujitsu Pages: 332

PRIMERGY TX150 S4

Brand: Fujitsu Pages: 97

PRIMERGY TX150 S7

Brand: Fujitsu Pages: 120

PRIMERGY TX140 S1p

Brand: Fujitsu Pages: 9

PRIMERGY TX2550 M4

Brand: Fujitsu Pages: 563

AlphaServer ES47

Brand: HP Pages: 76

Brands by name

0 1 2 3 4 5 6 7 8 9 A B C D E F G H I J K L M N O P Q R S T U V W X Y Z

Popular brands

Load more brands