manualshive.com logo in svg

Lantronix SecureLinx Spider, Руководство пользователя, Страница: 43 / 60

Поделиться
Скачать
Lantronix SecureLinx Spider Скачать руководство пользователя страница 43

9: Device Settings 

 

Rule creation and 
editing 

Spiders come from the factory with one rule defined as an example 
of the rule structure: Rule 1 allows all groups access from source IP 
0.0.0.0 to 255.255.255.255. Additional rules may be entered in the 
edit boxes. The 

Rule Number

 defines where in the evaluation 

sequence this rule is to be applied. The 

Starting

 and 

Ending IP 

Addresses

 define the range over which the rule applies. The 

Group

 defines which user group is affected by this rule. Built-in 

groups include Admin, All, and Unknown (no group assigned.)  As 
additional groups are defined in User Management 

Æ

 Users 

Æ

 

Group Management, these will appear in the pull-down. A rule can 
apply to only one group at a time. The 

Action

 selection chooses 

whether this is to be a Drop or Accept rule.  
 
After a rule has been defined, it needs to be put in the correct place 
in the list. 

Append

 will put the rule at the end of the list. The rule 

number will be changed to reflect the last position on the list. 

Insert

 

will put the rule in the place on the list indicated by the rule number, 
renumbering and moving down the other rules to make room. 

Replace

 deletes the previous rule of that number, and replaces it 

with the new rule. 

Delete

 deletes the rule of that number, and 

moves the others up. Note that for a Delete the fields other than the 
rule number do not need to be filled in. 

Login Limitations 

Enable Single 
Login Limitation 

If this box is checked, each username may only have one logged in 
connection at a time. If unchecked, multiple instances of username 
logins are allowed. 

3. Click 

Apply

 to save settings. Click 

Reset to Def

 to restore system defaults. 

Certificate 

The Spider uses the Secure Socket Layer (SSL) protocol for any encrypted network 
traffic between itself and a connected client. During the connection establishment the 
Spider has to expose its identity to a client using a cryptographic certificate. Upon leaving 
the factory this certificate and the underlying secret key is the same for all Spiders and 
will not match the network configuration where it is installed. The certificate’s underlying 
secret key is also used for securing the SSL handshake.  

It is possible to generate and install a new base64 x.509 certificate that is unique for a 
particular Spider. The Spider is able to generate a new cryptographic key and the 
associated Certificate Signing Request (CSR) that needs to be certified by a certification 
authority (CA).  

To create and install a SSL certificate: 

1. Select 

Device Settings

Æ

Certificate

 from the Main Menu. The Certificate Signing 

Request window displays. 

SecureLinx Spider User Guide 

43

 

 

Содержание SecureLinx Spider

Страница 1: ...Part Number 900 495 Revision A March 2007 SecureLinx Spider User Guide ...

Страница 2: ...s A copy of the GNU General Public License is available on the Lantronix Web Site at http www lantronix com or by visiting http www gnu org copyleft gpl html You can also obtain it by writing to the Free Software Foundation Inc 59 Temple Place Suite 330 Boston MA 02111 1307 USA Contacts Lantronix Corporate Headquarters 15353 Barranca Parkway Irvine CA 92618 USA Phone 949 453 3990 Fax 949 453 3995 ...

Страница 3: ...autioned that changes and modifications made to the equipment without approval of the manufacturer could void the user s authority to operate this equipment Changes or modifications to this device not explicitly approved by Lantronix will void the user s authority to operate this device The information in this guide may change without notice The manufacturer assumes no responsibility for any error...

Страница 4: ..._____________________________ 16 Network Environment________________________________________________ 16 Power____________________________________________________________ 17 4 Web Browser Access 18 5 Remote System Control 20 KVM Console______________________________________________________ 20 TELNET SSH______________________________________________________ 27 6 Virtual Media 29 Floppy Image _______...

Страница 5: ...hentication_______________________________________________ 47 Event Log_________________________________________________________ 48 SNMP____________________________________________________________ 49 10 Maintenance 51 Device Information__________________________________________________ 51 Event Log_________________________________________________________ 52 11 Firmware Updates and Resets 53 Update...

Страница 6: ...of one target computer system by one or more remote users Additional Documentation The following guide is available on the product CD or the Lantronix Web site www lantronix com Document Description Spider View User Guide Details instructions on using the Spider View utility SecureLinx Spider Quick Start Guide Provides an overview of using the Spider SecureLinx Spider User Guide 6 ...

Страница 7: ...onding connectors An optional external AC DC power supply is available The Spider differs from other KVM over IP switches in several ways Unlike rack mount KVM over IP switches the allocation of one Spider per computer allows add as you grow scalability and guarantees non blocked BIOS level access to mission critical servers regardless of the number of remote users or servers that need access Also...

Страница 8: ...ose to the Spider emulates a physically attached keyboard and mouse to spoof the computer into thinking the user is sitting next to it Host Computer Technical Specifications Security Secure encryption of keyboard mouse and video data IP Source Address Filtering Remote Authentication LDAP RADIUS Active Directory User Group management with permissions control Configurable port numbers HTTP HTTPS Tel...

Страница 9: ... 100Base T Ethernet Port with activity indicators RJ45 Cascade One 10 100Base T Ethernet Port with activity indicators RJ45 Serial RS 232 up to 115 200 bps Keyboard Mouse PS 2 or USB Video HD15 VGA Environmental Operating 0º to 45º C 32º to 115º F Storage 20º to 70º C 4º to 158º F Humidity 0 to 95 RH non condensing Heat Dissipation 4 Watts 14 BTU hr Power Requirements Input 5 VDC 8A max server pow...

Страница 10: ...2 Introduction Figure 1 Spider Cable Dimensions SecureLinx Spider User Guide 10 ...

Страница 11: ...ouse may be selected via software Spider Serial Port The RS 232 port on the Spider is used for initial configuration of setup parameters but it can subsequently be used to connect to a target s COM port The Spider allows remote users to Telnet or SSH to that port eliminating the need for a separate box to perform serial command line management Alternatively the serial port can be used for PPP conn...

Страница 12: ...nterface to both the Spider and the server via one cable Connecting to the attached computer s main LAN port If physical isolation of management data and user data is not a concern a single LAN cable can provide connectivity to both Spider and computer conserving a switch or router port Aggregating any other Ethernet connection as a general purpose switch port Batch versus individual setup It may ...

Страница 13: ...it ID Orange Optionally lit to assist in finding unit 1 Plug the RJ45 end of the included serial cable into the Spider s serial port Plug the DB9F end into the serial COM port of a PC laptop running a terminal emulation e g HyperTerminal The default serial port settings are 115200 bits per second 8 data bits no parity 1 stop bit no flow control 2 The Spider is typically powered by the attached ser...

Страница 14: ...ts In order to minimize power consumed in the server and attached Spider set the monitored server s video resolution to the minimum necessary for your remote monitoring application 1024x768 is recommended or 800x600 if connecting the Spider over a wide area network rather than a LAN 1280x1024 may be used for applications demanding higher resolution however it consumes more network bandwidth The ot...

Страница 15: ...unt in order to get natural mouse to cursor tracking Use the USB keyboard mouse when supported by the target computer Unlike the PS 2 interface a USB mouse uses absolute coordinates rather than relative coordinates and hence does not present the difficulties in translation between local and remote systems On the PS 2 model Spider when the keyboard mouse interface is set to Auto it will first attem...

Страница 16: ...f the loop is broken it activates both connections so that data can flow in both directions All Spiders will be accessible except the one immediately downstream from the break or down unit Do not try this without Spanning Tree in place Client Setup Two mechanisms are provided for monitoring Spider connected targets at client systems Spider View is a standalone Windows application that can locate m...

Страница 17: ... second USB port or the PS 2 ports The Spider will not start up until both Pwr1 and Pwr2 LEDs are on It then begins to blink the SysOK LED which will continue to blink while the boot process continues The Spider is Linux based and takes about a minute to boot When the SysOK LED is on steady the Spider is up and ready to communicate The Spider can also derive power from an external DC supply DC sup...

Страница 18: ...lication on Windows refer to the Spider View User Guide This section refers to the Spider connection via a web browser 1 Access the Spider over the network using a web browser by entering https for a secure SSL connection or http for an insecure connection and its IP address in the address bar The browser must accept cookies for login 2 Enter your user name default is sysadmin and password default...

Страница 19: ...on and user database You may then set the unit up for either local or remote authentication for other users and define their permission level As sysadmin you may also make changes to the hardware settings establish configuration parameters and perform maintenance operations SecureLinx Spider User Guide 19 ...

Страница 20: ...le to launch the Lantronix Spider Remote Console The Remote Console window may open in the foreground or in the background If it launches in the background click on the icon to bring the window to the front 2 Alternatively launch the Remote Console from the Home page by clicking the link above Remote Console Preview The Remote Console window shows a real time replica of the video output from the t...

Страница 21: ...e in the Remote Console window If the resolution is such that the screen does not fit scroll bars are available in the Remote Console window to move the viewport around within the target s screen The virtual screen size of the target may also be scaled down to match the Remote Console window Button Keys Along the top there are Button Keys that have been defined to send special keycodes directly to...

Страница 22: ...f bytes per second incoming and outgoing to the window An indication of the number of frames per second fps updated is also displayed Incoming data is generally comprised of video updates Outgoing data is generally comprised of keystrokes and mouse movements When the target screen is not changing In should be low or zero If not click the auto adjust button The amount of network traffic is a functi...

Страница 23: ...ewport and that the tops align as well If not the local and remote cursors will always have a fixed offset of that amount even if the USB interface is used Clicking the Auto Video Adjustment one or more times typically cures any offset Fast Sync and Intelligent Sync The Spider uses two different algorithms for re synchronizing local and remote cursors Use the Fast Sync button on the toolbar to cor...

Страница 24: ...dard video formats with the complete list in B Supported Video Formats When it first enters the Remote Console window it recognizes and locks onto the video in order to provide a picture as soon as possible Once within the window click the Auto Video Adjustment button once or twice to provide a greater degree of optimization The Auto Adjustment process analyzes the timing of the incoming video s h...

Страница 25: ...ected from the OptionsÆScaling selection 100 is the default which may result in a viewport smaller than the virtual screen and is moved around with scroll bars 25 and 50 selections are optimal for viewing several target systems concurrently Keyboard Functions The Spider provides a number of useful functions for mapping or translating between the local keyboard keycodes and the emulated keyboard pr...

Страница 26: ... Remote Console window The Monitor Only state is shown in the lower right corner of the Remote Console status bar The user must have the appropriate permissions to change this setting Exclusive Access When Options Æ Exclusive Access is checked no other client may open a Remote Console window to this Spider Any open Remote Console windows on other clients will be disconnected The Exclusive Access s...

Страница 27: ...ions Passthrough Use When using Telnet SSH in passthrough mode the Spider just acts as a conduit for the serial data traveling between the client system and whatever is connected to the serial port This may be a COM port on the remote computer or a serially controlled power strip or anything else with an RS 232 port 1 From the client system use a Telnet or SSH utility to connect to the IP address ...

Страница 28: ... Spider will reply with a Welcome and status followed by a command line prompt From the command line selections are Help displays a list of commands Version displays the current Spider firmware version number Terminal enter passthrough to serial port mode Logout terminates the Telnet or SSH connection 4 Enter terminal or t to open the connection to the serial port 5 Send and receive serial data be...

Страница 29: ... Floppy Disk option allows uploading a floppy disk image to the Spider which then appears to the attached computer as a physical floppy drive The desired floppy image file will be uploaded from the client system or from a network drive accessible to the client system The file must be structured as a floppy image To make a floppy image search for and use a utility such as dd or rawwrite The maximum...

Страница 30: ...l as the ability to see that computer over the network from the Spider The connection remains mounted until the current user logs out or the Spider is rebooted Other client systems logging into the Spider will see the active image in all Virtual Media pages To access a CD ROM image 1 From the Main Menu select Virtual Media ÆCD ROM Image to open the Image on Windows Share page 2 Enter the Share hos...

Страница 31: ...o disable USB mass storage unless an image is loaded This option may be unselected to use virtual media options Only one active virtual media image is available at a time To configure virtual media options 1 From the Main Menu select Virtual Media Æ Options to open the Virtual Media Options window 2 Select or deselect Disable USB Mass Storage if no image is loaded 3 Click Apply to save settings Cl...

Страница 32: ...ser may log in In both of these cases the user name must be defined on the Spider where it has its permissions assigned Local User Management On a Spider each user name has associated with it settings and permissions Settings affect how the user interfaces with the Remote Console Permissions allow or forbid the user from performing various actions on the Spider s web pages A newly assigned user ha...

Страница 33: ...ds User Management Existing users To modify or copy an existing user select that user from the drop down menu and click Lookup New user name Enter the new user s name Minimum 1 character Full user name Enter the full name of the configured user Minimum 1 character Password Enter the password for the user Minimum 4 characters Confirm Password Re enter the password for the user Email address Optiona...

Страница 34: ...e Enter the new group s name 5 Click Create to add the new group Click Modify to change an existing group Click Copy to create a new group based on the selected existing group Click Delete to delete an existing group User Permissions To modify user permissions 1 Select User ManagementÆPermissions from the Main Menu The User Group Permissions window displays 2 From the pull down menu select a User ...

Страница 35: ...he type of network connection On a LAN where bandwidth is not an issue compression is not required and the speed of updates can be maximized For other connections the optimum user interaction needs to trade off image quality and update speed to fit the size of the pipe Because various users may be accessing the Spider over different connections these parameters are applied on a user by user basis ...

Страница 36: ...esponsiveness to changes deteriorates but required bandwidth is reduced Remote Console Type Default Java VM Select this option to use Java on the client system launching the applet If no Java environment is installed the console window will not launch The default is enabled Sun Microsystems Java Browser Plugin Force the system to use the platform independent Sun version instead when launching the ...

Страница 37: ...Click Reset to Def to reset values back to default Keyboard Mouse To modify the keyboard and mouse settings 1 Select KVM SettingsÆKeyboard Mouse from the Main Menu The Keyboard Mouse Settings window displays 2 Modify the following fields Host Interface Host Interface In general the USB interface is preferred because it provides superior mouse tracking The Host Interface pull down provides for thre...

Страница 38: ...m 3 Click Apply to save settings Click Reset to Def to restore values to system defaults Video The Spider works by capturing and digitizing the analog video coming from the attached computer This analog video may have more or less low level electrical noise present depending on the nature of the video card or embedded video controller When viewed on a monitor this noise if random is invisible as t...

Страница 39: ...8 KVM Settings 2 Select the Noise Filter level from the drop down menu 3 Click Apply to save settings Click Reset to Def to restore system defaults SecureLinx Spider User Guide 39 ...

Страница 40: ...rect when making changes from a remote site To modify network settings 1 Select Device SettingsÆNetwork from the Main Menu The Network window displays 2 Modify the following fields Basic Network Settings IP auto configuration Select DHCP or BOOTP to fetch network settings from the appropriate type of server Select NONE for a fixed IP address Preferred Host Name DHCP only DHCP servers can register ...

Страница 41: ...twork traffic generated through the Spider s primary Ethernet port in kbit s If left blank there is no bandwidth limitation applied Enable Telnet SSH access For security the default is having Telnet and SSH disabled Check the appropriate box es and set up the serial port for Telnet SSH to use the Telnet console Disable Setup Protocol Spider View uses a special protocol to locate and set up Spider ...

Страница 42: ...ages the keyboard mouse and video data may be encrypted Select Off to use no encryption Select Try for the Spider to attempt to make an encrypted connection but will back off to unencrypted if one cannot be established Select Force for an encrypted connection to be made or an error will be reported Group Based Access Control Enable Group Based System Access When this box is checked the rules for I...

Страница 43: ...new rule Delete deletes the rule of that number and moves the others up Note that for a Delete the fields other than the rule number do not need to be filled in Login Limitations Enable Single Login Limitation If this box is checked each username may only have one logged in connection at a time If unchecked multiple instances of username logins are allowed 3 Click Apply to save settings Click Rese...

Страница 44: ...Country ISO code The country where the organization is located This is the two letter ISO code e g US for the United States Email The email address of a contact person responsible for the Spider and its security Challenge password Certain certification authorities require a challenge password to authorize later changes on the certificate e g revocation of the certificate The minimal length of this...

Страница 45: ... set up accordingly for example using the Windows Network Connection Wizard Change the following parameters as necessary Serial Line Speed Most modems support 115200 bps Modem Init String The initialization string sent out to set up the modem If you have a special modem or are going through a PBX requiring an access sequence the string may be modified Consult the modem s manual on the AT command s...

Страница 46: ...Main Menu The Date Time Settings window displays 2 Modify the following fields UTC Offset Time servers deliver time as Coordinated Universal Time UTC or Greenwich Mean Time Select the appropriate offset in hours from the pull down menu User Specified Time Manually input the current date and time The Spider keeps time as long as power is applied It has an internal calendar but does not know about d...

Страница 47: ...entication is selected the Spider will communicate with a Microsoft Active Directory Novell Directory Service or generic LDAP server for user authentication The user profile must be set up in the local database as described in Local User Management but no password is stored locally When a user attempts to log in the Spider contacts the specified LDAP server which will either approves or denies acc...

Страница 48: ... a RADIUS client A shared secret is used to verify that RADIUS messages are sent by a RADIUS enabled device that is configured with the same shared secret and to verify that the RADIUS message has not been modified in transit message integrity Enter a maximum of 128 alpha numeric characters and symbols such as an exclamation point or an asterisk Authentication Port The port the RADIUS server liste...

Страница 49: ...s text field in the Event Log Settings These emails contain the same description strings as the internal log file and the mail subject contains the event class In order to use this log destination specify an SMTP Server the Receiving Email Address and Sender Email Address Enter the mail server and SMTP port as serverip port SNMP Logging enabled If selected the Spider sends an SNMP trap to a specif...

Страница 50: ...P Agent Click the checkbox to enable the Spider SNMP agent Read Community Enter the SNMP read community name The default is public Write Community Enter the SNMP read write community name No default is configured System Location Enter the system location System Contact Enter the contact name for the system Click here to view the SNMP MIB Click the link to view the SNMP MIB 3 Click Apply to save se...

Страница 51: ...dow displays 2 Connected Users displays the IP address of all connected users and their level of activity It also shows whether the user is connected to the Remote Console and if so whether exclusive access mode is activated 3 System Identifier displays whether a Spider s LED is lit Each Spider has an orange LED which can be lit by remote control making it easier to locate By default the LED is of...

Страница 52: ...tenance Event Log To view the current event log 1 Select MaintenanceÆEvent Log from the Main Menu The Event Log window displays 2 Navigate between logs by clicking Prev and Next SecureLinx Spider User Guide 52 ...

Страница 53: ...rn to the login page To update Spider firmware 1 Download the firmware file to the client system s local drive or an accessible network drive 2 From the Main Menu select MaintenanceÆUpdate Firmware The Firmware Upload page displays 3 Click Browse In the pop up window navigate and locate the firmware file 4 Click Upload to copy the file into the Spider s local memory When uploaded correctly the Fir...

Страница 54: ... into the Spider as sysadmin 2 From the Main Menu select MaintenanceÆUnit Reset The Unit Reset page displays 3 Click Reset for Keyboard Mouse USB or Video Engine button to clear and reset the subsystem Resetting subsystems does not terminate connected users 4 To perform a complete reset click Reset for Reset Device A prompt displays requesting confirmation A complete reset closes all user connecti...

Страница 55: ...vent the access to the Remote Console TCP port 443 If there is a proxy server between the Spider and your host then you may not be able to transfer the video data using RFB Check the settings of the Spider and choose a different server port used for RFB transfer A Java Runtime Environment may not be installed or may be disabled 4 The video quality is bad or the picture is grainy Enter the Remote C...

Страница 56: ... the Spider to factory defaults Use the serial interface with a terminal emulator program Within 2 seconds of booting the Spider enter the Esc key a few times to get a Î prompt Enter Defaults 10 Cannot upload the signed SSL certificate in MacOS X If an internal error occurs while uploading the signed certificate either changes the extension of the file to txt or adds a file helper using the Intern...

Страница 57: ...rmats for the Spider Resolution x y Refresh Rates Hz 640x340 70 85 640x400 56 85 640x480 60 67 72 75 85 720x400 70 85 800x600 56 60 70 72 75 85 832x624 75 1024x768 60 70 72 75 85 1152x864 75 1152x870 75 1152x900 66 76 1280x960 60 1280x1024 60 SecureLinx Spider User Guide 57 ...

Страница 58: ...antronix com Firmware downloads FAQs and the most up to date documentation are available at http www lantronix com support When you report a problem please provide the following information Your name and your company name address and phone number Lantronix model number Lantronix serial number Firmware version Description of the problem Target computer interface PS 2 or USB and video format Status ...

Страница 59: ...eLinx Spider Conform to the following standards or other normative documents UL CUL CSA 22 2 No 60950 1 03 UL 60950 1 CE IEC 60950 1 C Tick FCC Part 15 Equipment Class A VCCI V 3 2006 04 Class A AS NZS CISPR 22 2006 Class A EN55022 1998 A1 2000 A2 2003 Class A EN61000 3 2 2000 A2 2005 Class A EN61000 3 3 1995 A1 2001 EN55024 1998 A1 2001 A2 2003 Pb free components SecureLinx Spider User Guide 59 ...

Страница 60: ...acement media to the customer In no event will Lantronix be responsible to the user in contract in tort including negligence strict liability or otherwise for any special indirect incidental or consequential damage or loss of equipment plant or power system cost of capital loss of profits or revenues cost of replacement power additional expenses in the use of existing software hardware equipment o...

Отзывы:

Нет отзывов