background image

Phihong USA Corporation • 47800 Fremont Blvd. Fremont, CA 94538 • Tel: 1.510.445.0100 Fax: 1.510.445.1678

www.phihong.com or www.midspans.com

-51-

4. 

Load Security Certificates

4.1 

Load Certificates into the Midspan SNMP card

Now that the certificates have been generated, they need to be uploaded into the midspan as well as 
your internet browser (IE7, IE8, and Mozilla Firefox 3.0 and later).

Open the folder containing the certificates. They will be located at c:\x509\certs.

Ensure connection with your midspan via SNMP, then in a new windows browser window enter the 
following: ftp://xxx.xxx.xxx.xxx, where the x’s represent the URL of your midspan. You will need to log 
in as you would through normal http:// access.

Figure 54: Midspan Directory

Summary of Contents for POE125U-8N

Page 1: ...Phihong Midspan POE GUI User Manual SNMP v3 v2 v1 Rev 1 2 PES12781 Compliant Models POE125U 8N POE370U 480 8N POE370U 480 16N POE370U 480 24N POE576U 8ATN POE576U 16ATN POE576U 24AFATN ...

Page 2: ... hardware used on the Midspan The information is held to be accurate and reliable from time of print Please be advised that product development and revisions are still in course of action Phihong cannot be held responsible for involuntary error exclusions inaccuracies or following changes of printed material Phihong reserves the right to make changes to products and to their specifications as desc...

Page 3: ...stem Control and Information 18 4 3 GUI Port Description 20 4 4 GUI Parametric Information 22 5 Midspan Troubleshooting 23 6 Appendix A Optional RPS option R 24 B Optional NIC Interface option N 1 NIC Interface Setup 25 2 Advanced Setup Options 27 3 Controller Setup 28 3 1 System Administration 29 3 2 SNMP Settings 33 4 DHCP Client Dynamic and Static Mode Setup 36 5 Setup NIC Midspan with Phihong ...

Page 4: ...tions 13 Figure 15 GUI Setup 15 Figure 16 PC to Midspan Connection via USB RS232 15 Figure 17 USB Block Diagram 16 Figure 18 GUI Main Window 17 Figure 19 GUI Connection Information 17 Figure 20 System Setup Control System Information and Port Commands 18 Figure 21 System Update 19 Figure 22 Port Description 20 Figure 23 LED Key Port Status 21 Figure 24 Parametric Information 22 Figure 25 DC Power ...

Page 5: ... 47 Figure 49 Cygwin Choose Download Site 47 Figure 50 Cygwin Installation Directory Screen 48 Figure 51 Cygwin Installation Progress 48 Figure 52 Cygwin Command Prompt Screen 49 Figure 53 Cygwin Command Prompt Screen Continued 50 Figure 54 Midspan Directory 51 Figure 55 Loading Certificate to Midspan 52 Figure 56 Certificate Import Wizard 53 Figure 57 Select Certificate Store 54 Figure 58 View Ce...

Page 6: ...rocedures and instructions can be found in the Midspan User Manual To download a copy of the Manual visit www phihong com 3 To prevent the Midspan from overheating do not operate the product in an area that exceeds the maximum recommended ambient temperature of 40 C Allow at least 3 to 4 inches of clearance around all ventilation openings 4 In order to Support the Midspan weight do not stack the c...

Page 7: ...es Verfahren wird zusammen mit allen weiteren Vorgängen und Anweisungen im Benutzerhandbuch für das Midspan Device beschrieben Sie Können das Benutzerhandbuch unter www phihong com herunterladen 3 Um das Midspan Device vor Überhitzung zu schübenutzen Sie das Produkt nicht in Räumen die maximale empfohlene Umgebungstemperatur von 40 C überschreiten Lassen Sie um alle Lüftungsöffnungen herum mindest...

Page 8: ...bottom row Data Power Data Figure 3 Connectors and Indicators NIC Port USB Port AC LED RPS LED Rear Side of the Midspan Figure 4 The Rear Side of the Midspan Pin Description 1 47VDC to 57VDC 2 Current Share 3 47VDC to 57VDC 4 47VDC to 57VDC 5 Not Used 6 47VDC to 57VDC Figure 5 DC Power Connector DC IN Molex 6 pin p n 39 30 0060 or equivalent DC IN Mate Molex 39 01 2065 pin p n 39 00 0077 Figure 6 ...

Page 9: ...t comply with SEV ASE 1011 Denmark The supply plug must comply with section 108 2 D1 standard DK2 1a or DK2 5a United Kingdom The Midspan is covered by General Approval section 16 16 060 NS G 12345 J100003 for indirect connection to a public telecommunication system France and Peru IT equipment cannot power this device In the case of an IT powered device the unite needs to be powered by 230V throu...

Page 10: ...d Figure 9 USB Cable Figure 10 USB Cable Connected Figure 11 AC Power Cord 2 4 Connecting USB and Power Cables USB cable The USB cable is connected to the USB connector located in the front side of the Midspan and a USB port on your PC laptop AC power cord The AC power cable is connected to the AC power connector located in the rear side of the Midspan and the power outlet Ethernet and USB cables ...

Page 11: ...ions 2 6 LED Indicator Cold Start a AC LED turns green remains on b NIC LED turns green red green turns off red turns off unless connected c 24 Ports with ports connected LED turns orange green orange green turns off LED turns green individually ports 1 9 17 ports 2 10 18 ports 3 11 19 ports 4 12 20 ports 5 13 21 ports 6 14 22 ports 7 15 23 ports 8 16 24 All 24 Ports are connected LED remains gree...

Page 12: ...but enabled NIC LED Indicates NIC is disconnected form Network N A Indicates NIC is connected to Network N A AC LED Indicates Midspan is not powered Indicates Midspan is powered N A N A 2 7 Rack Mounting Installation Figure 12 Rack Mounted Midspan Front Figure 13 Rack Mounting Bracket and screws side rear Position the Midspan on the rack Arrange the mounting bracket to the corresponding screw hole...

Page 13: ...cal Specifications Figure 14 Technical Specifications Mechanical Specifications Dimensions 17 25 inch 438 mm length 8 98 inch 228 mm width 1 75 inch 44 5 mm height Environmental Specifications Temperature Relative Humidity Operating 0ºC to 40ºC Operating 5 to 90 Non Operating 25ºC to 65ºC Non Operating 5 to 90 Contact Phihong Sales for this option ...

Page 14: ... for 115V AC at Max Load 60A for 230V AC at Max Load DC Input Voltage Range R Option 47V DC to 57V DC DC Input Current 8 7A Max AC Output Voltage POE370U POE576U 480 560 560 50V DC 56V DC 56V DC Max Load Current 0 32A 0 275A 0 65A Output Power per Port POE370U 15 4W not to exceed total output power POE576U AT 33 6W not to exceed total output power POE576U AFAT Ports 1 8 33 6W Ports 9 24 15 4W not ...

Page 15: ... Please follow the Installation Wizard to install the Phihong GUI for your model and the USB to Serial Com Port driver The USB to Serial Com Port driver is necessary for communicating between the Midspan via a Communication Port on the PC Example of the Setup File Figure 15 GUI Setup Note Please refer to the Phihong website to insure you are installing the latest version of the Phihong GUI The exa...

Page 16: ...ation port Wait for the PC to respond USB Port PC The PC automatically detects the newly installed hardware This function is called Plug Play available with a USB connection The PC quickly identifies the connection as Serial Com Windows will automatically install your device on an available serial COM port Changes may be made via Device Manager Section 3 2 discusses Device Manager 3 2 USB Block Di...

Page 17: ...is used to configure and manage the PoE midspan system If you have successfully installed the Phihong GUI and USB driver Please locate the Phihong Midspan POE GUI on your desktop or from your Start Menu 4 1 GUI Main Window Step 1 Choose connection type Figure 18 GUI Main Window Step 2 A Com Port number will be selected automatically then press Search POE and highlight the midspan Figure 19 GUI Con...

Page 18: ...Please allow the GUI a few seconds to respond to the commands selected DO NOT click or check any commands simultaneously If a command is selected more than once within two seconds the GUI may not respond properly The Save Parameters to Flash button will save system and port parameters to flash memory so that they can be used to the firmware across reboots of the μP The Restore Factory Defaults but...

Page 19: ... Blvd Fremont CA 94538 Tel 1 510 445 0100 Fax 1 510 445 1678 www phihong com or www midspans com 19 During the Download In Progress the GUI function buttons will be temporarily disabled Figure 21 System Update Example of the firmware file ...

Page 20: ... description on the GUI screen If you click Cancel the previous description will be set for that particular port Click Send Port Control to send the descriptions to the system To make this permanent the user must click Save Parameters to Flash Enable This check box can administratively enable or disable the selected port If Enable Disable All Port check box is selected all ports will be enabled In...

Page 21: ...phihong com or www midspans com 21 The different colored LEDs show the status of the individual ports A Yellow LED shows the port is detecting or ready to be connected A Red LED shows the port as Disable Error A Green LED shows that the port is connected to a compliant load Figure 23 LED key Port Status ...

Page 22: ...ered resistance R of the port in ohms Current mA This value represents the current I of the port in milliamperes Voltage V This value represents the voltage V of the port Power mW This value represents the power of the port in milliwatts Class Current mA This value represents the class current of the port in milliamperes Determined Class This value represents the class of the discovered device Not...

Page 23: ...eters 2 Assure Ports are connected to a Network The GUI window does not update port status Click System Reset and wait for the System to Reboot Others Please verify the following 1 Power is applied to the Midspan 2 The network Ethernet cable is connected to the Data port 3 The power device Ethernet cable is connected to the Data Power port 4 Proper type of Ethernet cable is used do not use crossov...

Page 24: ...7VDC to 57VDC 5 Not Used 6 47VDC to 57VDC DC Power Connector DC IN Molex 6 pin p n 39 30 0060 or equivalent DC IN Mate Molex 39 01 2065 pin p n 39 00 0077 Parameters Specifications DC Input Voltage Range R option 47VDC to 57VDC DC Input Current POE370U POE576U 8 7A max 14A Max Output power per port POE370U 15 4W POE576U AT 33 6W POE576U AFAT Ports 1 8 33 6W 9 24 15 4W Total Output Power supported ...

Page 25: ... website for updates If you choose to use your own SNMP console please rename the SNMP MIB text file to the file extension that matches your SNMP Console Follow the instructions for your SNMP Console to install the MIB file Please check the Phihong website www midspans com occasionally for the latest updates for the MIB and SNMP Firmware Example of a SNMP Firmware file please check out website for...

Page 26: ... NOTE Your IP Address may be different from the example shown below 3 Execute etm exe Ethernet Manager tool 4 Assuming the connection path between your PC and the Midspan is adequate the Ethernet Manager tool will detect your SNMP device Figure 27 Ethernet Manager 5 If your device is not found check the connection and click View Refresh ...

Page 27: ... Click Setup Login Default User admin Default Password leave area blank NOTE If you forget your login password please contact Phihong Sales for further instructions For up to date contact information please visit our website www phihong com Users need to be aware that the Username and Password are both Case Sensitive If the login screen is not the one featured above but a blue screen then please s...

Page 28: ...ler Setup Figure 29 Controller Main Window Port Status The main window of the controller is a simple GUI that allows the user to enable and disable midspan ports It is also a limited display of parametric information A more complete list of parametric information is available using Phihong s GUI software available on the website www midspans com ...

Page 29: ...f you change the Administrator name and password users should ensure that it is written down in safe place for reference Click to make any changes permanent Click to reboot the system with the new changes This may take a few minutes depending on the connection speed Check the Midspan IP Address again as it may have change depending on the user settings for DHCP Client Click to review or make addit...

Page 30: ...et work server DHCP mode Enabled or User defined DHCP mode disabled Subnet mask 255 255 255 0 Four groups of numbers assigned by the Network server DHCP mode enabled or user defined DHCP mode disabled Gateway address 192 168 0 1 Four groups of numbers assigned by the Network server DHCP mode enabled or user defined DHCP mode disabled DNS Server 168 95 192 1 Four groups of numbers assigned to the n...

Page 31: ...he file may be renamed to user specifications Figure 31 Controller Firmware Backup Firmware Update click Update to install the most recent firmware for your midspan or to re install a firmware that was backed up Before proceeding with this step users should ensure that the connection between the PC and Midspan is secure and will not be interrupted as this may take a few minutes Figure 32 Controlle...

Page 32: ...rmware Update to ensure their midspan is operating with the most current software Users need also be aware of the version of SNMP card currently installed on their midspan The firmware for SNMPv3 may not be installed on a midspan with a SNMPv2 card and vice versa Restore Default Settings This function is used to revert back to the default settings for the Firmware This will undo any changes that y...

Page 33: ...nt that the user is running This version is V3 Get Community String Public Option to set to public or private Set Community String Private Option to set to public or private User Admin Logon name that may be defined by the user If changed the information should be written in a safe place for future reference Authentication Mode HMAC MD5 Option to set encryption to HMAC MD5 or HMAC SHA1 Authenticat...

Page 34: ...g through the Windows Firewall Please configure the Windows Firewall settings to allow incoming Network Connections by adding a specific program i e the SNMP Console If the user is using the Authentication and Privacy passwords they must remember these to use the Phihong GUI Open the Phihong GUI and locate and click setting Figure 35 GUI Connection Information A pop up for the User Security Parame...

Page 35: ... midspans com 35 If you wish to run your SNMP device in Static mode you can also configure your IP Address and Subnet Mask through the Ethernet Manager tool etm exe Click Config IP Address NOTE From the System Setup menu in the Controller your DHCP Client setting must be Disable Figure 37 Ethernet Manager Set IP Address ...

Page 36: ...the DHCP Enabled is Yes it is in Dynamic mode an IP address is automatically assigned by the network To change to static the user must manually set the IP Address Subnet mask and Gateway Address for your PC Click to open the Local Area Connection Properties and double click the Internet Protocol Version 4 to obtain the general information to set the IP Address Subnet Mask Gateway Address and prefe...

Page 37: ...rch from to locate the midspan Use the ETM Figure 40 GUI User Security Parameters OR NOTE Ensure that you are using either the community string or SNMPv3 encrypted passwords set using the Controller System setup or the GUI will not detect the midspan To verify the IP Address for your midspan use the Ethernet Manager tool mentioned in earlier sections The default password for both AuthPassword and ...

Page 38: ...nd click to select device Figure 42 GUI Connection Information NOTE The IP address will be saved internally for the next use Figure 43 GUI Main Window All features except for the Firmware Download are supported Please refer to section 4 Midspan GUI of this document for the full description of the Phihong GUI features To update firmware using SNMP please refer to section 7 Controller Setup ...

Page 39: ...ting this object at a value disable 1 disables detection mechanism for all ports 1 3 6 1 24852 2 2 6 0 poeSystemHWVersion DisplayString Read Only System hardware version for the main board 1 3 6 1 24852 2 2 7 0 poeSystemNumberOfchannel INTEGER Read only Number of ports available in the system 1 3 6 1 24852 2 2 8 0 poeSystemProductPartNumber INTEGER Read only Displays the product part number 1 3 6 ...

Page 40: ... port 1 3 6 1 24852 2 3 1 3 1 24 poePortControlMaxPower INTEGER Read Write This command specifies the max power in watts to the port 6 1 4 1 24852 2 3 1 4 1 0 poePortCurrentStatus INTEGER undercurrent 1 overcurrent 2 both 3 ok 4 Describes a current port status related to the power gen eration the value undercurrent 1 indicated that the port current is below the minimal value since the attribute wa...

Page 41: ...werDetectionControl INTEGER Read Write Command controls the port power detection control 1 3 6 1 4 1 24852 2 3 1 10 1 24 powPortPowerPriority INTEGER Critical 1 High 2 Low 3 Sets port priority 1 3 6 1 4 1 24852 2 3 1 11 1 24 powerPortPower INTEGER Read only Port Power reading in mWatts 1 3 6 1 4 1 24852 2 3 1 12 1 24 poePortVoltage INTEGER Read only Port Voltage reading in Volts 1 3 6 1 4 1 24852 ...

Page 42: ...852 2 5 6 poePortDisconnectTrap NOTIFICATION PortDisconnectTrap 1 3 6 1 4 1 24852 2 5 7 poePortVoltageFailTrap NOTIFICATION Port Voltage Fail Trap This function is currently disabled Reserved for future use 1 The NIC Interface Midspan performs under the TCP IP UDP port of 161 UDP port 161 for SNMP is an official IANA registered EDP port number While attempting to connect to the NIC Interface Midsp...

Page 43: ...from the Controller Setup is Disabled allowing all access Connection within the same Network Domain Please refer to the diagram above for Building 1 For instance The NIC Interface Midspan is connected to the Network Domain of 192 169 1 xxx located on the 1st floor All Computer connected to the Network Domain of 192 168 1 xxx can communicate with the NIC Interface Midspan The NIC Interface Midspan ...

Page 44: ...For instance The NIC Interface Midspan is connected to the Network Domain of Building 1 192 168 1 xxx would like to communicate with the NIC Interface Midspan from Building 1 Building 1 must configure the main Network server to allow access from an outside source in this case Building 2 Building 1 must be able to support UDP port 161 for SNMP Once the access is allowed Building 2 can communicate w...

Page 45: ...ertificate Software under SNMPv3 Firmware openssl 0 9 81 also available at www openssl org source openssl 0 9 81 tar gz f07 123 also available at www metavert com phihong uClinux Step 1 Copy the folder x509 to c x509 To locate this folder please open the folder f07 123 that you downloaded from our support page then open f07 then open app Step 2 Ensure that the SNMPv3 firmware is up to date Check t...

Page 46: ... www midspans com 46 Click the Install from Internet radio button then click Next Figure 47 Cygwin Installation Directory Screen Figure 46 Cygwin Choose Installation Screen Select a Directory where you would like the cygwin software installed The default is C cygwin Select for All Users as recommended then click Next ...

Page 47: ...ong com or www midspans com 47 Figure 48 Cygwin Connection Type Screen Figure 49 Cygwin Choose Download Site Select the Direct Connection radio button then click Next Select a webpage to download the software from The first in the list http cygwin mirrors hoobly com is sufficient Now click Next to download ...

Page 48: ...may run the Cygwin command prompt to start generating the appropriate Certificate Click the View button located in the upper right hand corner once to get to the screen below Scroll down till you find openssl The OpenSSL runtime environment and click Skip till you get 0 9 8l tar Click next to begin the installation Figure 50 Cygwin Installation Directory Screen Figure 51 Cygwin Installation Progre...

Page 49: ...e desktop to run the command prompt The following steps to generate the new certificate need to be followed exactly Step 1 enter the following cd c x509 and press the enter key Step 2 enter the following bash x509 sh and press the enter key Step 3 enter a capital N to make new certificate If the letter is not capitalized the command prompt may not follow the command Figure 52 Cygwin Command Prompt...

Page 50: ...or www midspans com 50 Follow the on screen directions Not all information needs to be entered To leave as default leave blank Enter the midspan IP address when prompted for an IP address Finish to generate the two valid certificate files boa ssl crt and boa ssl pem Figure 53 Cygwin Command Prompt Screen continued ...

Page 51: ...d they need to be uploaded into the midspan as well as your internet browser IE7 IE8 and Mozilla Firefox 3 0 and later Open the folder containing the certificates They will be located at c x509 certs Ensure connection with your midspan via SNMP then in a new windows browser window enter the following ftp xxx xxx xxx xxx where the x s represent the URL of your midspan You will need to log in as you...

Page 52: ...ont CA 94538 Tel 1 510 445 0100 Fax 1 510 445 1678 www phihong com or www midspans com 52 Open the folders Flash then config then ssl Now copy the files boa ssl crt and boa ssl pem from the folder x509 certs Figure 55 Loading Certificate to Midspan ...

Page 53: ...to the Midspan you will need to upload a certificate into the web browser of your choice See the next section 4 3 for Mozilla Firefox Locate the file rootca crt and double click it to start the installation process file is located in c x509 Root When prompted press the radio put next to Place all certificates in the following store then hit the browse button to choose a store location Figure 56 Ce...

Page 54: ...Select the folder Trusted Publishers and press OK Click Next to install the certificate Figure 57 Select Certificate Store Once the upload process is complete it is important to restart the midspan Disconnect from the AC power for 10 seconds then reconnect If not using Mozilla Firefox skip to section 5 to start the connection via SSL TSL ...

Page 55: ...0 445 0100 Fax 1 510 445 1678 www phihong com or www midspans com 55 4 3 Load Certificates into Mozilla Firefox Open the Firefox web browser and select options under the Tools menu Under the Advanced section click the button View Certificates Figure 58 View Certificates ...

Page 56: ...d and click Import A new window will appear to select the appropriate certificate Locate the file rootca crt located in the folder root under x509 and click Open Figure 59 Load Root Certificate Figure 60 Downloading Certificate A new Certificate Manager window will appear Make sure that all of the radio boxes are checked then click OK The certificate should now be properly loaded into Mozilla Fire...

Page 57: ...webpage http XXX XXX XX XXX where XXX XXX XX XXX is the IP address of your midspan Access the System page to alter the Device Configuration Under the LAN heading there will be an option for SSL The default option is set to Disable Click the down arrow to change the settings to Enable Click save and reboot the midspan to restart with SSL Figure 61 Enabling SSL ...

Page 58: ...58 6 Access via SSL The webpage will now display an error message saying that there is no connection to this page The midspan may no longer be accessed via http You must now use the webpage https XXX XXX XX XXX where XXX XXX XX XXX is the IP address of your midspan You may now login with the secure connection Figure 62 Access via SSL ...

Page 59: ...t for this option as the IP address will remain constant and 2 Ensure that you are accessing via https and not the normal http Without the additional s the web based GUI will not open I ve completed all the steps and the certificate isn t working 1 Regenerate the security certificate An error may have occurred 2 Check the IP address has not changed 3 Regenerate a Root certificate Please see Sectio...

Page 60: ...process of generating your security certificates to be loaded into the midspan Generating the Root Certificate is a similar process Double click the Cygwin icon on the desktop to run the command prompt The following steps to generate the new certificate need to be followed exactly Step 1 enter the following cd c x509 and press the enter key Step 2 enter the following bash x509 sh and press the ent...

Page 61: ...e Ensure that you are entering the exact same information that was entered for the security certificate If there is not an exact match the certificates will read as invalid Once Press any key to continue appears on the screen the new root is ready to be loaded into the internet browser Please review section 4 of this appendix for a refresher Figure 64 Regenerate Root Certificate Continued ...

Page 62: ...nt share with the rectifiers There are no protocols or procedures associated with it other than it s designed only to work with our rectifier system and even then its not perfect sharing due to the inrush limiting components inside the midspan located on the DC input Q What type of Display Properties settings are required to run the Phihong SMNP v3 GUI A 16 Bit 1024 X 768 pixels 1280 X 1024 pixels...

Reviews: