background image

 

 

 

SecureLinx SLC User Guide 

 

6

 

Terminal Server ____________________________________________________________ 83

 

Remote Access Server_______________________________________________________ 83

 

Reverse Terminal Server _____________________________________________________ 84

 

Multiport Device Server ______________________________________________________ 84

 

Console Server_____________________________________________________________ 85

 

Connection Configuration _______________________________________________ 86

 

Connection Commands ______________________________________________________ 88

 

10: User Authentication 

91

 

Authentication Commands ____________________________________________________ 93

 

Setting up Local Users__________________________________________________ 94

 

Local Users Commands ______________________________________________________ 97

 

User Permissions______________________________________________________ 98

 

Local User Rights Commands ________________________________________________ 100

 

Remote User Permissions ______________________________________________ 100

 

Remote User Commands____________________________________________________ 103

 

NIS ________________________________________________________________ 104

 

NIS Commands ___________________________________________________________ 106

 

LDAP ______________________________________________________________ 107

 

LDAP Commands__________________________________________________________ 110

 

RADIUS ____________________________________________________________ 111

 

RADIUS Commands _______________________________________________________ 113

 

Kerberos ___________________________________________________________ 114

 

Kerberos Commands _______________________________________________________ 117

 

 __________________________________________________________ 118

 

 Commands ______________________________________________________ 120

 

SSH Keys___________________________________________________________ 121

 

Imported Keys ____________________________________________________________ 121

 

Exported Keys ____________________________________________________________ 121

 

SSH Commands___________________________________________________________ 124

 

Custom User Menus __________________________________________________ 125

 

Custom User Menu Commands _______________________________________________ 125

 

Example _________________________________________________________________ 127

 

11: PC Card 

130

 

PC Card Commands _______________________________________________________ 136

 

12: Maintenance and Operation 

139

 

SLC Maintenance ____________________________________________________ 139

 

Administrative Commands ___________________________________________________ 143

 

System Logs ________________________________________________________ 145

 

System Log Command______________________________________________________ 147

 

Audit Log ___________________________________________________________ 147

 

Diagnostics _________________________________________________________ 148

 

Diagnostic Commands ______________________________________________________ 151

 

Status/Reports _______________________________________________________ 153

 

Status Commands _________________________________________________________ 155

 

Events _____________________________________________________________ 156

 

Events Commands _________________________________________________________ 157

 

Содержание SLC48

Страница 1: ...Part No 900 449 Rev B August 2006 SecureLinxTM Console Manager SLC User Guide SecureLinx SLC8 SecureLinx SLC16 SecureLinx SLC32 SecureLinx SLC48...

Страница 2: ...tributed and modified under the terms of the GNU GPL A machine readable copy of the corresponding portions of GPL licensed source code is available at the cost of distribution Such source code is dist...

Страница 3: ...User Guide may clause interference to radio communications Operation of this equipment in a residential area is likely to cause interference in which case the user will be required to correct the inte...

Страница 4: ...____________________________ 18 Product Information Label ____________________________________________________ 19 Technical Specifications ________________________________________________ 19 Physical...

Страница 5: ...lent Services Commands _______________________________________________ 56 NFS and SMB CIFS____________________________________________________ 57 NFS and SMB CIFS Commands ____________________________...

Страница 6: ...13 Kerberos ___________________________________________________________ 114 Kerberos Commands _______________________________________________________ 117 TACACS _______________________________________...

Страница 7: ...________ 180 CLI Commands ______________________________________________________ 182 Connection Commands ________________________________________________ 184 Console Port Commands_____________________...

Страница 8: ...5 Cable Connection 21 Figure 3 2 AC Power Input and Power Switch SLCxxxx2N 22 Figure 3 3 DC Power Inputs and Power Switch SLCxxx24T 22 Figure 4 1 Front Panel LCD Display and Five Pushbuttons Enter Up...

Страница 9: ...3 Installation Provides technical specifications describes connection formats and power supplies provides instructions for installing the unit in a rack 4 Quick Setup Provides instructions for gettin...

Страница 10: ...ard Adapter used as a storage device 12 Maintenance and Operation Provides instructions for upgrading firmware viewing system logs and diagnostics generating reports and defining events Includes infor...

Страница 11: ...he steps for getting the SLC up and running provided on the CD and in printed form SLC Online Help for the Command Line Interface Provides online help for configuring the SLC using commands SLC Online...

Страница 12: ...modem connection Many types of equipment can be accessed and administered using Console Managers including Servers Unix Linux Windows 2003 and others Networking equipment routers switches storage net...

Страница 13: ...2 Port Single AC Supply Secure Console Manager SLC04812N 02 SLC48 48 Port Single AC Supply Secure Console Manager SLC00822N 02 SLC8 8 Port Dual AC Supply Secure Console Manager SLC01622N 02 SLC16 16 P...

Страница 14: ...ternet File System CIFS support Telnet or SSH to a serial port by IP address per port or by IP address and TCP port number Configurable user rights for local and remotely authenticated users Supports...

Страница 15: ...er profiles Each user has an assigned ID password and access rights Other user profile access options may include externally configured authentication methods such as NIS and LDAP Device Port Buffer T...

Страница 16: ...For more detailed information see Technical Specifications on page 19 All physical connections use industry standard cabling and connectors The network and serial ports are on the rear panel of the S...

Страница 17: ...onventional Ethernet network Use standard RJ45 terminated Category 5 cables Network parameters must be configured before the SLC can be accessed over the network Figure 2 4 Network Connection PC Card...

Страница 18: ...0 2070A Adapter DB9F DCE to RJ45 HP9000 SGI Origin IBM RS6000 and PC based Linux servers 200 2225 Adapter RJ45 to RJ45 rolled Cisco and Sun Netra Note An optional adapter for external modems is also a...

Страница 19: ...able 300 to 115 200 baud Network Interface 10Base T 100Base TX RJ45 Ethernet Power Supply Universal AC power input 100 240 VAC 50 or 60 Hz IEC type regional cord set included DC power input 24 to 60 V...

Страница 20: ...6 Wait approximately a minute and a half for the boot process to complete When the boot process ends the SLC host name and the clock appear on the LCD display Now you are ready to configure the netwo...

Страница 21: ...emulation The default baud rate is 9600 To connect the console port to a terminal or computer with terminal emulation Lantronix offers optional adapters that provide a connection between an RJ45 jack...

Страница 22: ...rotective fuse fast blow 4 0A maximum 250V AC and the on off switch In addition we provide the SLC0xx22N with a Y cord See SLC Models on page 13 Figure 3 2 AC Power Input and Power Switch SLCxxxx2N No...

Страница 23: ...r the web interface to run Quick Setup IP Address Your SLC must have a unique IP address on your network The system administrator generally provides the IP address and corresponding subnet mask and ga...

Страница 24: ...utomatically assigned Gateway DNS settings Date time and time zone Console port settings baud rate data bits stop bits parity and flow control Make sure the SLC is plugged in to power and turned on Fr...

Страница 25: ...ton Within edit mode to increase or decrease a numerical entry up and down arrows Within edit mode to move the cursor right or left right or left arrows To exit edit mode Enter To scroll up or down th...

Страница 26: ...7 for each setting 9 Press the right arrow button to move to the next option Date Time Settings and click Enter to edit the time zone a To enter a US time zone use the up down arrow buttons to scroll...

Страница 27: ...No prompt displays 6 To initiate the process for restoring factory defaults select Yes When the process is complete the SLC reboots Method 2 Quick Setup on the Web Page After the unit has an IP addre...

Страница 28: ...h Eth1 and Eth2 are enabled If you select DHCP skip to Default Gateway Obtain from BOOTP Lets a network node request configuration information from a BOOTP server node If you select this option skip t...

Страница 29: ...mpt in the command line interface Domain If desired specify a domain name for example support lantronix com Date Time Settings Change Date Time Select the checkbox to manually enter the date and time...

Страница 30: ...nter sysadmin as the user name and press Enter 3 Enter PASS as the password and press Enter The first time you log in the Quick Setup script runs automatically Normally the command prompt displays Fig...

Страница 31: ...64 character limit contiguous characters no spaces Note The host name becomes the prompt in the command line interface Domain If desired specify a domain name for example support lantronix com The do...

Страница 32: ...ss Enter Next Step After quick starting the SLC you may want to configure other settings You can use the web page or the command line interface for configuration For information about the web and the...

Страница 33: ...k Setup includes instructions for using the LCD to configure basic network settings Web Interface A web interface allows the system administrator and other authorized users to configure and manage the...

Страница 34: ...nd display its settings The E1 and E2 buttons display the Network Settings page The A and B buttons display the status of the power supplies Note Only ports to which the currently logged in user has r...

Страница 35: ...vigator 6 x and above or Internet Explorer 5 5 and above 2 In the URL field type https followed by the IP address of your SLC 3 To configure the SLC use sysadmin as the user name and PASS as the passw...

Страница 36: ...ssions Logging in To log in to the SLC command line interface 1 Do one of the following With a serial terminal connection power up and when the command line displays press Enter If the SLC already has...

Страница 37: ...The parameter values are in mixed case Square brackets indicate optional parameters Table 5 1 Actions and Category Options Action Category set network firewall routing datetime ntp services nfs cifs m...

Страница 38: ...if more than one is possible Following a space after the preceding name Tab displays all possible names Should you make a mistake while typing backspace by pressing the Backspace key and or the Delet...

Страница 39: ...eport listen connect listen deviceport clear set locallog clear telnet connect direct telnet ssh connect direct ssh To set the number of lines displayed by a command set cli terminallines disable Numb...

Страница 40: ...ck Setup procedure you may update them here Requirements If you assign a different IP address from the current one it must be within a valid range unique to your network and with the same subnet mask...

Страница 41: ...Network Settings The following page displays 2 Enter the following information for one or both network ports Eth1 and Eth2 Eth1 and Eth2 Settings Note Configurations with the same IP subnet on multipl...

Страница 42: ...If specifying an IP address enter the network segment on which the SLC resides There is no default Eth1 and Eth2 Mode Select the direction full duplex or half duplex and speed 10 or 100Mbit of data t...

Страница 43: ...ding is required if you enable Network Address Translation NAT for any device port modem or PC Card ISDN modem IP forwarding allows a user accessing the SLC over a modem to access the network connecte...

Страница 44: ...ly makes the changes immediately and saves them so they will be there when the SLC is rebooted Ethernet Counters The Network Settings page displays statistics for each of the SLC s Ethernet ports sinc...

Страница 45: ...nds ipforwarding enable disable probes Number of Probes startprobes 1 99999 Seconds To view all network settings show network all To view Ethernet port settings and counters show network port 1 2 To v...

Страница 46: ...ct Reply with connection denied on denied ports default To ignore an attempt without sending a response select Ignore connection attempts on denied ports Invisible to ping Select the checkbox to enabl...

Страница 47: ...smbcifs ssh telnet denyport http https smbcifs ssh telnet invisibletoping enable disable rejectmethod reply ignore state enable disable To view firewall settings show firewall Routing The SLC allows y...

Страница 48: ...IP Address Subnet Mask and Gateway for the route and click the Add Edit Route button The route displays in the Static Routes table You can add up to 64 static routes To edit a static route select the...

Страница 49: ...static route set the IP address mask and gateway parameters to 0 0 0 0 To set the routing table to display IP addresses disable or the corresponding host names enable show routing resolveip enable di...

Страница 50: ...itted by the NTP server This is the default if you enable NTP Poll NTP Server Enables the SLC to query the NTP Server for the correct time If you select this option complete one of the following Local...

Страница 51: ...one Note If you type an invalid time zone the system guides you through the process of selecting a time zone To view the local date time and time zone show datetime To synchronize the SLC with a remot...

Страница 52: ...the MIB definition files for the private enterprise MIB The private enterprise MIB provides read only access to all statistics and configurable items provided by the SLC It provides read write access...

Страница 53: ...or concern in addition to error messages This is the default for all message types Error Saves messages that are output because of an error Debug Saves extraneous detail that may be helpful in trackin...

Страница 54: ...ds that have been executed Disabled by default Include In System Log If enabled the contents of the audit log are added to the system log under the General Info category level Disabled by default 3 En...

Страница 55: ...want to keep this option disabled for security reasons Timeout If you enable Telnet logins you can cause an idle connection to disconnect after a specified number of minutes Select Yes and enter a val...

Страница 56: ...an SNMP manager to access the read only data the SLC SNMP agent provides and to modify data where permitted The default is private V3 User SNMP v3 is secure and requires user based authorization to a...

Страница 57: ...nt services show services NFS and SMB CIFS Use the NFS SMB CIFS page if you want to save configuration and logging data onto a remote NFS server or export configuration and logging data by means of an...

Страница 58: ...page displays 2 Enter the following for up to three directories NFS Mounts Remote Directory The remote NFS share directory in the format nfs_server_hostname or ipaddr exported path Local Directory Th...

Страница 59: ...hare with the cifsuser user name and password at the same time Workgroup The Windows workgroup to which the SLC belongs Every PC exporting a CIFS share must belong to a workgroup Can have up to 15 cha...

Страница 60: ...one or more parameters Parameters eth1 enable disable eth2 enable disable state enable disable workgroup Windows workgroup Note The admin config command saves SLC configurations on the SMB CIFS share...

Страница 61: ...Eth1 IP address ssh port number or Eth2 IP address ssh port number where ssh port number is uniquely assigned for each device port 4 If TCP is enabled for a device port establish a raw TCP connection...

Страница 62: ...mand The administrator and users with local user rights may assign individual port permissions to local users The administrator and users with remote authentication rights assign port access to users...

Страница 63: ...For example if you enter 2001 subsequent ports are automatically assigned numbers 2002 2003 and so on Starting SSH Port Each port is assigned a number for connecting via SSH Enter a number 1025 65535...

Страница 64: ...figure settings for all or a group of device ports set deviceport global one or more parameters Parameters maxdirect 1 10 Sets the maximum number of direct connections for each device port sshport TCP...

Страница 65: ...us of the port displays automatically Name The name of the port Valid characters are letters numbers dashes periods and underscores _ Banner Text to display when a user connects to a device port by me...

Страница 66: ...elnet In Enables access to this port through Telnet Disabled by default Enable SSH In Enables access to this port through SSH Disabled by default Enable TCP in Enables access to this port through a ra...

Страница 67: ...vailable methods include none xon xoff software and RTS CTS hardware The default is none Enable Logins For serial devices connected to the device port displays a login prompt and authenticates users S...

Страница 68: ...Disabled by default Note For the Caller ID AT command refer to the modem user guide Modem Command Modem AT command used to initiate caller ID logging by the modem Note For the AT command refer to the...

Страница 69: ...he number of seconds after the timeout and before the SLC attempts another connection The default is 30 seconds Dial out Number Phone number for dialing out to a remote system or serial device May hav...

Страница 70: ...figure a single port or a group of ports Example set deviceport port 2 5 6 12 15 16 baud 2400 set deviceport port Device Port List or Name one or more device port parameters Parameters auth pap chap b...

Страница 71: ...enable disable telnetport TCP Port timeoutlogins disable or 1 30 To view the settings for one or more device ports show deviceport port Device Port List or Name To view a list of all device port name...

Страница 72: ...logging into the SLP Password Retype Password Password for logging into the SLP SLP Status Info Outlet Status Select All Outlets or Single Outlet to view all the status of all outlets or a single out...

Страница 73: ...s the CLI command the SLP uses to restart itself slp outletcontrol state on off cyclepower outlet Outlet Outlet is 1 8 for SLP8 and 1 16 for SLP16 The outletcontrol parameters control individual outle...

Страница 74: ...pe sequence defined the default escape sequence is Esc A Device Ports Logging The SLC products support port buffering of the data on the system s device ports as well as notification of receiving data...

Страница 75: ...erly mounted see 11 PC Card Data logged locally to the SLC is limited to 256 Kbytes and may be lost in the event of a power loss Data logged to a PC Card Compact Flash does not have these limitations...

Страница 76: ...x to clear the local log View Local Log Click this link to see the local log in text format Email SNMP Traps Email Traps Select the checkbox to enable email and SNMP logging Email logging sends an ema...

Страница 77: ...Delay A time limit of how long in seconds after the SLC detects the trigger that the device port captures data before closing the log file with a fixed internal buffer maximum capacity of 1500 bytes...

Страница 78: ...path for the NFS mount Max Number of Files The maximum number of files to create to contain log data to the port These files keep a history of the data received from the port Once this limit is excee...

Страница 79: ...port parameters Parameters emaildelay Email Delay emaillogging disable bytecnt charstr emailrestart Restart Delay emailsend email trap both emailstring Regex String emailsubj Email Subject emailthresh...

Страница 80: ...vice Ports Console Port The following page displays 2 Change the following as desired Baud The speed with which the device port exchanges data with the attached serial device From the drop down list s...

Страница 81: ...dle session on the console is automatically logged out Disabled by default 3 Click Apply to save the changes Console Port Commands The following CLI commands correspond to the web page entries describ...

Страница 82: ...evice port attached to an external device Another device port with a modem attached An outgoing Telnet or SSH session An outgoing TCP or UDP network connection This enables the user to set up connecti...

Страница 83: ...cess the server as if they were connected directly to it by local serial ports or a console Remote Access Server In this setup the SLC is connected to one or more modems by its device ports Configure...

Страница 84: ...e Enable Telnet In or Enable SSH In option on the Device Ports Settings web page Multiport Device Server A PC can use the device ports on the SLC as virtual serial ports enabling the ports to act as i...

Страница 85: ...ddress on the SLC and be connected directly to the console port of the end server or device To configure this setup set the Enable Telnet In or Enable SSH In option on the Device Ports Settings web pa...

Страница 86: ...port you are connecting This device port must be connected to an external serial device and must not have command line interface logins enabled be connected to a modem or be running a loopback test No...

Страница 87: ...ns Select one of the following optional flags to use for the SSH connection User Login ID to use for authenticating on the remote host Version Version of SSH Select 1 or 2 Command Enter a specific com...

Страница 88: ...the top part of the page Connection Commands These commands for configuring connections correspond to the web page entries described above To connect to a device port to monitor and or interact with i...

Страница 89: ...ow datetime chars udp IP Address port UDP Port Note If the trigger is datetime establish connection at a specified date time enter the date parameter If the trigger is chars establish connection on re...

Страница 90: ...quence enter either the charcount or the charseq parameter To terminate a bidirectional or unidirectional connection connect terminate Connection ID To view connections and their IDs Note The connecti...

Страница 91: ...al user authentication is enabled the local user sysadmin account is always available for login Authentication can occur using all methods in the order of precedence until a successful authentication...

Страница 92: ...y Access Protocol A set of protocols for accessing information directories specifically X 500 based directory services LDAP runs over TCP IP or other connection oriented transfer services RADIUS Remot...

Страница 93: ...ns To enable the SLC to use all methods in order of precedence until it obtains a successful authentication select the check box This is the default To enable the SLC to use only the first authenticat...

Страница 94: ...2 Enter the following Enable Local Users Select to enable all local users except sysadmin The sysadmin is always available regardless of how you set the check box Complex Passwords Select to enable th...

Страница 95: ...or on a number that is associated with the user s login specified here 3 Enter information about the specific functions the user will be permitted to access Listen Ports The device ports that the user...

Страница 96: ...n page 94 The logged in user s name displays above the menu The menu displays only the options for which the user has rights To add a user based on an existing user 1 In the Local Users list select th...

Страница 97: ...ers Parameters allowdialback enable disable breakseq 1 10 Chars clearports Port List custommenu Menu Name dataports Port List dialbacknumber Phone Number escapeseq 1 10 Chars group default power admin...

Страница 98: ...Power Users Default Users Full Administrative Rights y Networking y y Services y Date Time y y Local Users y Remote Authentication y SSH Keys y User Menus y Device Ports y PC Card y Reboot Shutdown y...

Страница 99: ...g Date Time Reboot Shutdown and Diagnostics Reports Administrators This group has all possible rights 3 Select or clear the checkboxes for the following rights Full Administrative Right to perform any...

Страница 100: ...displays only the options for which the user has rights Local User Rights Commands The following CLI commands correspond to the web page entries described above To add a local user to a user group or...

Страница 101: ...to authenticate users listed in the Remote Users list in the lower part of the page Disabled by default Remote Login User ID of selected user The remote authentication method validates this ID Group...

Страница 102: ...iguration all settings Diagnostics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the local subnet Web Access Right to access We...

Страница 103: ...ete User button 3 Click Apply Remote User Commands The following CLI commands correspond to the web page entries described above To configure whether remote users who are not part of the remote user l...

Страница 104: ...SLC through the Web SSH Telnet or the Console port If NIS does not provide port permissions you can use this page to grant device port access to users who are authenticated through NIS All NIS users...

Страница 105: ...ge 125 you can assign a default custom menu to NIS users Data Ports The ports users are able to monitor and interact with using the connect direct command Listen Port The ports users are able to monit...

Страница 106: ...tics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the local subnet Web Access Right to access Web Manager 5 Click Apply Note Y...

Страница 107: ...LDAP to authenticate users attempting to log in using the Web Telnet SSH or the console port LDAP allows SLC users to authenticate using a wide variety of LDAP servers such as OpenLDAP and Microsoft A...

Страница 108: ...Authentication page If you want to set up this authentication method but not enable it immediately clear the checkbox Server The IP address or host name of the LDAP server Port Number of the TCP port...

Страница 109: ...isten command Clear Port Buffers The ports whose port buffer users may clear using the set locallog clear command 3 In the User Rights section select the user group to which LDAP users will belong Gro...

Страница 110: ...re your changes will take effect LDAP Commands These commands for the command line interface correspond to the web page entries described above To configure the SLC to use LDAP to authenticate users w...

Страница 111: ...g in using the Web Telnet SSH or the console port Users who are authenticated through RADIUS are granted device port access through the port permissions on this page All RADIUS users are members of a...

Страница 112: ...up to 128 characters RADIUS Server 2 IP address or host name of the secondary RADIUS server Server 2 Port Number of the TCP port on the RADIUS server used for the RADIUS service If you do not specify...

Страница 113: ...users on the system Remote Authentication Right to assign a remote user to a user group and assign a set of rights to the user SSH Keys Right to set SSH keys for authenticating users User Menus Right...

Страница 114: ...v dt lu ra sk um dp pc rs rc dr wb sn ad To remove a permission type a minus sign before the two letter abbreviation for a user right To set a default custom menu for RADIUS users set radius custommen...

Страница 115: ...the end of the order of precedence on the User Authentication page Realm Enter the name of the logical network served by a single Kerberos database and a set of Key Distribution Centers Usually realm...

Страница 116: ...og clear command 3 In the User Rights section select the user group to which Kerberos users will belong Group Select the group to which the Kerberos users will belong Default Users This group has only...

Страница 117: ...ds for the command line interface correspond to the web page entries described above To configure the SLC to use Kerberos to authenticate users who log in via the Web SSH Telnet or the console port se...

Страница 118: ...o use TACACS to authenticate users attempting to log in using the Web Telnet SSH or the console port Users who are authenticated through Kerberos are granted device port access through the port permis...

Страница 119: ...lt custom menu to TACACS users Data Ports The ports users are able to monitor and interact with using the connect direct command Listen Port The ports users are able to monitor using the connect liste...

Страница 120: ...Selecting this option automatically selects Reboot Shutdown Diagnostics Reports Right to obtain diagnostic information and reports about the unit SLC Network Right to view and manage SLCs on the loca...

Страница 121: ...nd the administrator has the option of retaining the SSH keys during a reset to factory defaults Imported Keys Imported SSH keys must be associated with an SLC local user The key can be generated on h...

Страница 122: ...SLC local user login for the connection is different from the user name the key was generated from or is not included in the imported key file If either of these conditions is true or the imported fi...

Страница 123: ...ther the RSA or the DSA encryption standard RSA is the default Number of Bits Select the number of bits in the key 512 or 1024 The default is 512 Passphrase Retype Passphrase Optionally enter a passph...

Страница 124: ...ey File host IP Address or Name login User Login To export a key set sshkey export ftp scp copypaste one or more parameters Parameters format openssh secsh host IP Address or Name login User Login pat...

Страница 125: ...ociated with the command Each command can also have a nickname that can display in the menu instead of the command From the current menu a user can display another menu thus allowing menus to be neste...

Страница 126: ...d Number set menu edit Menu Name nickname Command Number To set the optional title for a menu set menu edit Menu Name title Menu Title To enable or disable the display of command nicknames instead of...

Страница 127: ...optional menu title return for none Menu2 Title Specify nickname for each command no Enter each command up to 50 commands logout is always the last command Press return when the menu command set is c...

Страница 128: ...tings________________________________________________ Login john Password set UID 101 Listen Ports 1 32 Data Ports 1 32 Clear Ports 1 32 Escape Sequence x1bA Break Sequence x1bB Custom Menu menu1 Allo...

Страница 129: ...10 User Authentication SecureLinx SLC User Guide 129 Menu1 Title 1 connect Port 1 3 menu2 2 connect Port 2 4 log off Enter 1 4 4 Executing logout Logging out...

Страница 130: ...lete list To set up PC Card storage in the SLC 1 Insert any of the supported PC Cards into either of the PC Card bays on the front of the SLC You can do this before or after powering up the SLC If the...

Страница 131: ...fail and you will need to reboot the SLC to restore PC Card functionality Format Select to unmount the Compact Flash if it is mounted remove all existing partitions create one partition on the Compact...

Страница 132: ...Card SecureLinx SLC User Guide 132 4 Enter the following Modem Settings State Select to indicate whether to disable the PC Card or set it for dial in dial out dial back or dial on demand Disabled by d...

Страница 133: ...ization script always be preceded with AT and include E1 V1 x4 Q0 so that the SLC may properly control the modem Caller ID Logging Select to enable the SLC to log caller IDs on incoming calls Note For...

Страница 134: ...to Eth1 and or Eth2 Note IP forwarding must be enabled on the Network Settings page for NAT to work Dial out Number Phone number for dialing out to a remote system or serial device May have up to 20 c...

Страница 135: ...et PDP context parameter values GSM Bearer Svc Command to select the bearer service data rate and connection element to use when data call originate Negotiated IP IP address associated with the GPRS c...

Страница 136: ...Lower PC Card Slot 4050 Range 1025 65535 Authenticate If selected the SLC requires user authentication before granting access to the port Authenticate is selected by default for Telnet Port and SSH P...

Страница 137: ...Number dialoutlogin User Login dialoutnumber Phone Number dialoutpassword Password flowcontrol none xon xoff rts cts gsmautodns enable disable gsmbearerservice GSM Bearer Service gsmcompression enabl...

Страница 138: ...11 PC Card SecureLinx SLC User Guide 138 stopbits 1 2 tcpauth enable disable tcpport TCP Port telnetauth enable disable telnetport TCP Port timeoutlogins disable 1 30...

Страница 139: ...Maintenance page allows the system administrator to Configure the FTP SFTP or TFTP server that will be used to provide firmware updates and save restore configurations TFTP is only used for firmware u...

Страница 140: ...lt is No Note The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs Shutdown Select this option to shut down the SLC The default is No Welcome Banner The text...

Страница 141: ...administrator to terminate your active web session SLC Firmware Update Firmware To update the SLC firmware select the checkbox If you select this option the SLC reboots after you apply the update Loa...

Страница 142: ...tore From If you selected to save or restore a configuration enter a name for the configuration file up to 12 characters Location to Save to or Restore From If you selected to save or restore a config...

Страница 143: ...ibed above To reboot the SLC admin reboot Note The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs To add welcome login and logout banners admin banner login...

Страница 144: ...rrent firmware revision admin firmware show To lock or unlock the LCD keypad Note If the keypad is locked users can scroll through settings but not change them admin keypad lock unlock To change the R...

Страница 145: ...onfig Config Params to Prserve Config Params to Preserve is a comma separated list of current configuration parameters to retain after the config restore or factorydefaults nt Networking lu Local User...

Страница 146: ...he following Log Select the type s of log you want to view Level Select the alert level you want to view for the selected log 3 Click the View Log button The log displays For example if you select the...

Страница 147: ...mmand for the command line interface corresponds to the web page entries described above To view the system logs containing information and error messages show syslog parameters Parameters email Email...

Страница 148: ...o sort by command action click the Command button 3 To clear the log click the Clear Log button Diagnostics The Diagnostics web page provides methods for diagnosing problems such as network connectivi...

Страница 149: ...nd Packet This option sends an Ethernet packet out one of the Ethernet ports mainly as a network connectivity test Enter the following Protocol Select the type of packet to send Hostname Specify a hos...

Страница 150: ...for that report 5 To email the report s to an individual a In the Comment field enter a comment if desired b Select to and enter the person s email address c Press the Email Output button 6 To email t...

Страница 151: ...tstat protocol all tcp udp email Email Address To resolve a host name into an IP address You can optionally email the displayed information diag lookup Hostname email Email Address To test a device po...

Страница 152: ...ged over the last 5 seconds diag perfstat ethport 1 2 deviceport Device Port or Name To generate and send Ethernet packets diag sendpacket host IP Address or Name port TCP or UDP Port Number string Pa...

Страница 153: ...orts The following page displays The top half of the page displays the status of each port and the power supplies Green indicates that the port connection or power supply is active and functioning cor...

Страница 154: ...ime routing services console port System Configuration Authentication Displays a snapshot of authentication settings only including a list of all localusers System Configuration Devices Displays a sna...

Страница 155: ...f configurable parameters You can optionally email the displayed information show sysconfig display basic auth devices email Email Address Displays a report of all configurable parameters or a shorter...

Страница 156: ...xample the action can be writing an entry into the syslog with details of the event or sending the trap s to the Ethernet or modem connection Ethernet For actions that require an Ethernet connection f...

Страница 157: ...n The Events page displays the event To delete an event select the event from the Events table and click the Delete Event button A message asks for confirmation Click OK 4 To save click Apply Events C...

Страница 158: ...the web page To view and manage SLCs on the local network 1 From the main menu select SLC Network The following page displays 2 To manage an SLC click its IP Address A separate browser page takes the...

Страница 159: ...er they are Telnet enabled or SSH enabled and lists their Telnet and SSH port numbers Note For the links to work you must enable Web Telnet or Web SSH for the SLC see 7 Services b To open a Telnet ses...

Страница 160: ...is configured The default is Both IP Address If you selected Manually Entered IP Address List or Both enter the IP address of the SLC you want to find and manage 3 If you entered an IP address click...

Страница 161: ...both To detect and display all SLCs on the local network show slcnetwork ipaddrlist all Address Mask Note Without the ipaddrlist parameter the command searches the SLC network according to the search...

Страница 162: ...up connection an administrator can remotely access any of the connected IT devices using Telnet or SSH Figure 13 1 SLC Console Manager Configuration This chapter includes three typical scenarios for u...

Страница 163: ...abled Local IP negotiate Parity none SSH Port 3002 Remote IP negotiate Flow Control xon xoff IP none Authentication PAP Logins disabled CHAP Host none Break Sequence x1bB CHAP Secret none Check DSR di...

Страница 164: ...essages from SUN 6 Use the escape sequence to escape from direct mode back to the command line interface Dial in Text Mode to a Remote Device This example shows a modem connected to an SLC device port...

Страница 165: ...Dial into the SLC via the modem using a terminal emulation program on a remote PC A command line prompt displays 4 Log into the SLC CONNECT 57600 Welcome to the SLC login sysadmin Password Welcome to...

Страница 166: ...ettings IP Settings Modem State disabled Baud Rate 9600 Telnet disabled Modem Mode text Data Bits 8 Telnet Port 2002 Timeout Logins disabled Stop Bits 1 SSH disabled Local IP negotiate Parity none SSH...

Страница 167: ...00 terminal connected to device port 2 and an outbound telnet session to the server The IP address of the server is 192 168 1 1 slc connect bidirection 2 telnet 192 168 1 1 Connection settings success...

Страница 168: ...ings you want to configure or view Examples are ntp deviceport and network parameter s is one or more name value pairs in one of the following formats parameter name aa bb User must specify one of the...

Страница 169: ...er values type the entire value For example you can shorten set network port 1 state static ipaddr 122 3 10 1 mask 255 255 0 0 to se net po 1 st static ip 122 3 10 1 ma 255 255 0 0 Use the Tab key to...

Страница 170: ...res the banner displayed after the user logs in Note To go to the next line type n and press Enter admin banner logout Syntax admin banner logout Banner Text Description Configures the banner displaye...

Страница 171: ...ve is a comma separated list of current configuration parameters to retain after the config restore or factorydefaults nt Networking lu Local Users sv Services dp Device Ports dt Date Time pc PC Card...

Страница 172: ...word Description Sets the FTP server password and prevent it from being echoed admin ftp server Syntax admin ftp server IP Address or Hostname login User Login path Directory Description Sets the FTP...

Страница 173: ...iption Reboots the SLC The front panel LCD displays the Rebooting the SLC message and the normal boot sequence occurs admin shutdown Syntax admin shutdown Description Prepares the SLC to be powered of...

Страница 174: ...sessions and their ID Audit Log Commands show auditlog Syntax show auditlog command user clear Description Displays audit log By default shows the audit log sorted by date time You can sort it by user...

Страница 175: ...re parameters Description Configures the SLC to use Kerberos to authenticate users who log in via the Web SSH Telnet or the console port Parameters ipaddr Key Distribution Center IP Address kdc Key Di...

Страница 176: ...or the console port Parameters port TCP Port server IP Address or Hostname state enable disable Default is 389 adsupport enable disable base LDAP Base bindname Bind Name bindpassword Bind Password cle...

Страница 177: ...s add edit User Login one or more parameters Description Configures local accounts including sysadmin who log in to the SLC by means of the Web SSH Telnet or the console port Parameters allowdialback...

Страница 178: ...SLC to use NIS to authenticate users who log in via the Web SSH Telnet or the console port Parameters broadcast enable disable clearports Port List custommenu Menu Name dataports Port List domain NIS...

Страница 179: ...Port List group default power admin listenports Port List permissions Permission List Note See User Permissions Commands on page 180 for information on groups and user rights timeout enable 1 30 Sets...

Страница 180: ...Port List permissions Permission List Note See User Permissions Commands on page 180 for information on groups and user rights secret TACACS Secret server IP Address or Hostname state enable disable s...

Страница 181: ...eters dataports Port List listenports Port List clearports Port List group default power admin permissions Permissions List where Permission List is one or more of nt sv dt lu ra sk um dp pc rs rc dr...

Страница 182: ...sions Permission List where Permission List is one or more of nt sv dt lu ra sk um dp pc rs rc dr wb sn ad Description Sets permissions not already defined by the assigned permissions group show user...

Страница 183: ...SLC cannot detect the size of the terminal automatically show cli Syntax show cli Description Displays current CLI settings show user Syntax show user Description Displays attributes of the currently...

Страница 184: ...user Login Name version 1 2 command Command to Execute tcp IP Address port TCP Port telnet IP Address or Name port TCP Port trigger now datetime chars If the trigger is datetime establish connection...

Страница 185: ...Description Terminates a bidirectional or unidirectional connection connect unidirection Syntax connect unidirection Device Port or Name dataflow toendpoint fromendpoint endpoint Description Connects...

Страница 186: ...You can optionally email the displayed information The connection IDs are in the left column of the resulting table The connection ID associated with a particular connection may change if the connecti...

Страница 187: ...Description Assigns a custom user menu to a local user set menu add Syntax set menu add Menu Name command Command Number Description Creates a new custom user menu or adds a command to an existing cus...

Страница 188: ...rs show menu Syntax show menu all Menu Name Description Displays a list of all menu names or all commands for a specific menu Date and Time Commands set datetime Syntax set datetime one date time para...

Страница 189: ...NTP settings Device Port Commands set deviceport port Syntax set deviceport port Device Port List or Name one or more device port parameters Example set deviceport port 2 5 6 12 15 16 baud 2400 Descr...

Страница 190: ...d preceding the initscript with AT and include E1 V1 x4 Q0 so that the SLC may properly control the modem ipaddr IP Address localipaddr negotiate IP Address logins enable disable modemmode text ppp mo...

Страница 191: ...ort names show deviceport port Syntax show deviceport port Device Port List or Name Description Displays the settings for one or more device ports show portcounters Syntax show portcounters deviceport...

Страница 192: ...dress mapping You can optionally email the displayed information diag netstat Syntax diag netstat protocol all tcp udp email Email Address Description To display a report of network connections You ca...

Страница 193: ...aceroute Syntax diag traceroute IP Address or Hostname Description Displays the route that packets take to get to a network host End Device Commands set command Syntax set command Device Port or Name...

Страница 194: ...NMS community SNMP Community oid SNMP Trap OID action fwdalltrapsmodem fwdseltrapmodem pccardslot upper lower nms SNMP NMS community SNMP Community oid SNMP Trap OID action syslog Description Defines...

Страница 195: ...Description Displays firewall settings Logging Commands set deviceport port Syntax set deviceport port Device Port List or Name one or more deviceport parameters Description Configures logging settin...

Страница 196: ...maxfiles Max of Files pccardmaxsize Size in Bytes pccardslot upper lower show locallog Syntax show locallog Device Port or Name bytes Bytes To Display Description Displays a specific number of bytes o...

Страница 197: ...yntax set network gateway parameters Description Sets default gateway and indicates whether the gateway acquired by DHCP or the default gateway takes precedence Parameters default IP Address precedenc...

Страница 198: ...ays the network host name of the SLC show network port Syntax show network port 1 2 Description Displays Ethernet port settings and counters show network all Syntax show network all Description Displa...

Страница 199: ...cifs one or more parameters Description Configures the SMB CIFS share which contains the system and device port logs Note The admin config command saves SLC configurations on the SMB CIFS share Parame...

Страница 200: ...on Formats a Compact Flash card pccard storage mount Syntax pccard storage mount upper lower Description Mounts a Compact Flash card in the SLC for use as a storage device The Compact Flash card must...

Страница 201: ...service GSM Bearer Service gsmcompression enable disable gsmcontext GPRS Context Id gsmdialoutmode gprs gsm gsmpin GSM GPRS PIN Number idletimeout disable 1 9999 seconds initscript Initialization Scri...

Страница 202: ...he routing table to display IP addresses disable or the corresponding host names enable You can optionally email the displayed information Services Commands set services Syntax set services one or mor...

Страница 203: ...disable ssh enable disable syslogserver1 IP Address or Name syslogserver2 IP Address or Name telnet enable disable timeoutssh disable or 1 30 timeouttelnet disable or 1 30 traps enable disable v1ssh e...

Страница 204: ...lay all IP addresses that start with 172 19 SSH Key Commands set sshkey delete Syntax set sshkey delete one or more parameters Description Deletes an ssh key Specify the keyuser and keyhost to delete...

Страница 205: ...hkey export one or more parameters Description Displays all exported keys or keys for a specific user IP address or name Parameters keyhost SSH Key IP Address or Name keyuser SSH Key User viewkey enab...

Страница 206: ...ommand to obtain the Connection ID show portcounters Syntax show portcounters deviceport Device Port List or Name email Email Address Description Generates a report for one or more ports Optionally em...

Страница 207: ...stem Log Commands show syslog Syntax show syslog parameters Description Displays the system logs containing information and error messages Parameters email Email Address level error warning info debug...

Страница 208: ...that users can make about the facility and network infrastructure for example how vulnerable the CAT 5 wiring is to tapping Factors Affecting Security External factors affect the security provided by...

Страница 209: ...ly accessible Always connect any equipment used with the product to properly wired and grounded power sources To help protect the product from sudden transient increases and decreases in electrical po...

Страница 210: ...at a hazardous stability condition results because of uneven loading A drop or fall could cause injury The ambient temperature Tma inside the rack may be greater than the room ambient temperature Make...

Страница 211: ...ntronix The cables are available in various lengths In most cases you will need an adapter for your serial devices Lantronix offers a variety of RJ45 to serial connector adapters for many devices Thes...

Страница 212: ...User Guide 212 RJ45 Receptacle to DB25M DCE Adapter for the SLC PN 200 2066A Use PN 200 2066A adapter with a dumb terminal or with many SUN applications 5 6 7 2 20 4 8 3 RJ45 DB25 Male Pin 1 Gnd 4 Rx...

Страница 213: ...C Adapters and Pinouts SecureLinx SLC User Guide 213 RJ45 Receptacle to DB25F DCE Adapter for the SLC PN 200 2067A 5 6 7 2 20 4 8 3 RJ45 DB25 Female Pin 1 Rx 6 DSR 7 CTS 8 Gnd 5 Tx 3 RTS 1 DTR 2 1...

Страница 214: ...C Adapters and Pinouts SecureLinx SLC User Guide 214 RJ45 Receptacle to DB9M DCE Adapter for the SLC PN 200 2069A 8 6 5 3 4 7 1 2 RJ45 DB9 Male Pin 1 Gnd 4 Rx 6 DSR 7 CTS 8 Gnd 5 Tx 3 RTS 1 DTR 2 1...

Страница 215: ...x SLC User Guide 215 RJ45 Receptacle to DB9F DCE Adapter for the SLC PN 200 2070A Use PN 200 2070A adapter with a PC s serial port 1 8 2 6 4 5 6 3 7 4 8 7 1 5 3 2 RJ45 DB9 Female Pin 1 Gnd 4 Rx 6 DSR...

Страница 216: ...and SLP PNs 200 2225 and ADP010104 01 Note The cable ends of the ADP010104 01 are an RJ45 socket on one end and a RJ45 plug on the other instead of RJ45 sockets on both ends Use this adapter for SLP...

Страница 217: ...cation for client server applications by using secret key cryptography LDAP Lightweight Directory Access Protocol A protocol for accessing directory information NAT Network Address Translation An Inte...

Страница 218: ...l in users and their access permissions A company stores user profiles in a central database that all remote servers can share SMB CIFS Server Message Block Common Internet File System Microsoft s pro...

Страница 219: ...stem A method of authentication used in UNIX networks It allows a remote access server to communicate with an authentication server to determine whether the user has access to the network Telnet A ter...

Страница 220: ...pment Immunity Characteristics IEC61000 4 2 1995 Electro Static Discharge Test IEC61000 4 3 1996 Radiated Immunity Field Test IEC61000 4 4 1995 Electrical Fast Transient Test IEC61000 4 5 1995 Power S...

Страница 221: ...mplementation of AES as specified by FIPS 197 This product carries the CE mark since it has been tested and found compliant with the following standards Safety EN 60950 Emissions EN 55022 Class A Immu...

Страница 222: ...dia to Lantronix Lantronix will ship the replacement media to the customer In no event will Lantronix be responsible to the user in contract in tort including negligence strict liability or otherwise...

Отзывы: