manualshive.com logo in svg

Lantronix SLM, Руководство пользователя

Поделиться
Скачать
Lantronix SLM Скачать руководство пользователя страница 101

8: User Management

SLM User Guide

101

3. To disable a method currently in the Enabled methods list, select the method and click the 

right arrow between the lists.

4. To set the order in which the SLM will authenticate users, click the up and down arrows to the 

left of the Enabled methods list.

5. To instruct the SLM to attempt authentication using the next configured method in the list 

when an authentication method responds to, and fails, a login, select the Attempt next method 

on authentication rejection check box.

6. Check the box to Limit sysadmin account logins to the system console.
7. Click the 

Apply

 button.

Now that you have enabled one or more authentication methods, you must configure them.

NIS

The administrator can configure the SLM to use NIS to authenticate users attempting to log in to 

the SLM through the web interface, SSH, Telnet, or the console port.

Note:

For a user to log in remotely using NIS, the user's account must have remote 

access (Remote Only or Local & Remote), or there must be an account defined whose 
login name is NIS. See 

Accounts on page 125

 for information on setting up accounts.

Kerberos

Kerberos is a network authentication protocol that enables two parties to exchange 

private information across an unprotected network.
It works by assigning a unique electronic credential, called a ticket, to each user who 

logs on to the network. The ticket is embedded in messages to identify the sender.

 
(Terminal Access 
Controller Access 
Control System)

 allows a remote access server to communicate with an authentication 

server to determine whether the user has access to the network.  is a 

completely new protocol and is not compatible with TACACS or XTACACS. The SLM 

supports  only.

SecurID

SecurID is a two-factor authentication method based on the user's SecurID token 

and pin number. The SecurID token displays a string of digits called a token code 

that changes once a minute (some tokens are set to change codes every 30 

seconds).
Select RADIUS if a RADIUS server is used as a proxy for SecurID. Select SecurID if 

a native SecurID server is used.

User 
Authentication 
Setting

Description

Содержание SLM

Страница 1: ...Part Number 900 386 Revision I October 2012 Secure Lantronix Management SLM Virtual Secure Lantronix Management vSLM Appliance User Guide ...

Страница 2: ... as published by the Free Software Foundation FSF Redistribution or incorporation of BSD or GPL licensed software into hosts other than this product must be done under their terms A machine readable copy of the corresponding portions of GPL licensed source code is available at the cost of distribution Such Open Source Software is distributed WITHOUT ANY WARRANTY INCLUDING ANY IMPLIED WARRANTY OF M...

Страница 3: ...ications to this device not explicitly approved by Lantronix will void the user s authority to operate this device The information in this guide may change without notice The manufacturer assumes no responsibility for any errors that may appear in this guide Revision History Date Rev Comments September 2005 A Initial Release June 2006 B User Interface Enhancements Improved usability device port se...

Страница 4: ...Psec Management IKE Policies and VPN Connections SecurID authentication WiBox and UDS firmware updates enhanced SLM update feature port access for SLC SLB SLP and Spider SLM proxy additional trigger types for events more file types to manage April 2008 G Added capabilities Persistent connection keep alive TN3270 and call back April 2011 H New look and feel add support for XPort EDS EDS MD Premier ...

Страница 5: ... SLM _________________________________________________________32 Connecting a Terminal to the Console Port __________________________________32 Connecting to a Network Port _____________________________________________33 Connecting to the Power Supply __________________________________________33 Monitoring the LEDs ____________________________________________________33 Quick Network Setup ________...

Страница 6: ...Step 3 Set Up User Account Groups and Accounts ______________________________57 Step 4 Auto Detect Devices ________________________________________________58 Step 5 Associate Account Groups with Ethernet and Managed Devices ______________58 Step 6 Manage Devices ___________________________________________________58 Step 7 Maintain the SLM ___________________________________________________58 7 Net...

Страница 7: ..._94 Dial Account Commands ____________________________________________________95 8 User Management 99 User Authentication Methods ________________________________________________99 NIS ________________________________________________________________101 LDAP ______________________________________________________________103 RADIUS ____________________________________________________________105 Kerbe...

Страница 8: ..._____________________________157 Device Modem __________________________________________________________158 Viewing Session Audit Log Files Ping and SNMP Walk ______________________159 Traps ______________________________________________________________160 Properties Ethernet Device Menu Tree ___________________________________162 Port Access _______________________________________________________...

Страница 9: ...Managed Device Group Page _________________204 Configuring a Modem Connection to a Managed Device _______________________206 Configuring a Managed Device ______________________________________________207 Updating or Deleting a Managed Device ___________________________________208 Managed Device Commands _______________________________________________208 Administrators Ethernet Account Users and Me...

Страница 10: ..._____253 Spider Firmware ______________________________________________________254 WiBox Firmware ______________________________________________________255 UDS SDS Firmware Updates ____________________________________________257 Managing Alternate SLMs __________________________________________________258 Managing Devices Through the Actions Tab ___________________________________259 Using the Act...

Страница 11: ..._______________________________________________293 Route Information _____________________________________________________294 Device Menu ____________________________________________________________294 Ethernet Devices _____________________________________________________295 Ethernet Unreachable Devices ___________________________________________296 Managed Devices ________________________________...

Страница 12: ... Commands ________________________________________________________346 Modem Commands _______________________________________________________347 Network Commands ______________________________________________________349 Persistent Connection Commands ___________________________________________351 Port Commands _________________________________________________________353 Search Commands ____________...

Страница 13: ...hnical Specifications 364 Appendix E Compliance 365 SLM 01 ________________________________________________________________365 SLM 02 ________________________________________________________________366 Appendix F Protocol Glossary 368 ...

Страница 14: ...________________42 Figure 3 18 Account Page for Sysadmin ______________________________________________43 Figure 5 1 Web Page Layout _______________________________________________________49 Figure 5 2 Tree Structure __________________________________________________________49 Figure 5 3 Note for an Account Group ________________________________________________50 Figure 5 4 Example of a Help Page ...

Страница 15: ...______________________________111 Figure 8 19 Manage SSH Keys SLC SLB Keys Tab ___________________________________113 Figure 8 21 Manage SSH Keys Copy Keys Tab_______________________________________114 Figure 8 22 Account Groups Page Accounts Tab _____________________________________118 Figure 8 23 Account Groups Page Members Tab _____________________________________118 Figure 8 24 Account Group P...

Страница 16: ..._________________________________157 Figure 9 26 Device Page Modem Tab ______________________________________________158 Figure 9 28 Device Page Utilities Tab ______________________________________________159 Figure 9 30 All Ethernet Devices Page Traps Tab ____________________________________161 Figure 9 33 All Ethernet Devices Page Properties Tab_________________________________162 Figure 9 35 Ma...

Страница 17: ...____________________________204 Figure 10 22 Managed Device Group Page List Tab After Fusion ________________________205 Figure 10 23 Virtual Managed Device after Fusion _____________________________________205 Figure 10 24 Managed Device Page Configure Tab ___________________________________205 Figure 10 25 Managed Device Page Modem Tab_____________________________________206 Figure 10 27 Managed...

Страница 18: ...uing a CLI Command _______________________________________________263 Figure 11 59 Viewing Progress of Update FW and CLI Commands_________________________264 Figure 11 61 Background Task Progress Dev Status Tab ______________________________265 Figure 11 62 Event Management Page Events Tab____________________________________266 Figure 11 65 SNMP Trap Configuration from Lantronix Tech Support FAQ _...

Страница 19: ...___________________________79 Table 7 24 Add Internet Key Exchange Policy Configure Tab _____________________________80 Table 7 27 VPN Connection Settings ________________________________________________83 Table 7 28 Add VPN Connection Settings _____________________________________________84 Table 7 31 Modem List Tab _______________________________________________________87 Table 7 33 Modem Config...

Страница 20: ..._________________________161 Table 9 32 Clear or Export Trap Log Settings _________________________________________161 Table 9 34 All Ethernet Devices Properties Tab ______________________________________162 Table 9 41 Settings to Update Passwords in Bulk _____________________________________168 Table 9 43 Settings to Update SNMPs in Bulk ________________________________________169 Table 9 46 Devi...

Страница 21: ...______________________________________246 Table 11 39 SNMP Syslog Configure ____________________________________________247 Table 11 41 Device Firmware Update SLM Tab ______________________________________249 Table 11 42 Device Firmware Update SLM Tab FTP SFTP Server ______________________250 Table 11 44 Device Firmware Update SLC SLB Tab __________________________________251 Table 11 45 Device Fi...

Страница 22: ...ction Logs _________________283 Table 12 1 Navigation Summary ___________________________________________________290 Table 12 2 Log Filter by Last and Date Time __________________________________________298 Table A 1 Command Syntax ______________________________________________________301 Table A 2 Actions and Category Options _____________________________________________301 Table B 1 Administrati...

Страница 23: ...ne Interfaces Describes the web and command line interfaces available for configuring the unit Note The configuration chapters 6 9 provide detailed instructions for using the web interface and include command line interface commands Chapter 6 Configuration and Operation Overview Outlines the process of setting up and using the SLM and explains the responsibilities of administrators and other user ...

Страница 24: ... all of the commands used on the SLM command line interface Appendix B Security Considerations Provides tips for enhancing SLM security Appendix C Safety Information Lists safety precautions for using the SLM Appendix D Technical Specifications Lists information about the SLM hardware Appendix E Compliance Provides information about the SLM s compliance with industry standards Appendix F Protocol ...

Страница 25: ...evice such as a Unix server that has one or more of its connections e g serial power or KVM exposed to allow control and configuration changes by Managed Device Users A managed device belongs to a Managed Device Group Managed Device Group A group created to allow logical clustering of managed devices e g devices of the same type or devices in the same physical location A managed device may not be ...

Страница 26: ...1 About This Guide SLM User Guide 26 Figure 1 1 Rights of Ethernet Device Group and Managed Device Group to Devices ...

Страница 27: ... manages Lantronix and non Lantronix devices It auto detects and then displays them in a single concise view through a web or a command line interface CLI A user can search the web view for a desired device or device port in the case of an SLC or SLK and then connect to a found device or port without using a separate interface With an SLC the user logs in only once to the SLM and then any subseque...

Страница 28: ...2 Introduction SLM User Guide 28 IT Management Application The following diagram shows how a user can perform management activities through the SLM Figure 2 1 SLM Overview Figure 2 2 vSLM Overview ...

Страница 29: ...C ports from the web view Auto discovery of devices and other Lantronix and non Lantronix Ethernet devices Support for an internal PCI or external USB modem SNMP MIB2 SNMP trap target Mobile phone WAP browser access Protocols Supported In addition to supporting the TCP IP network protocol the SLM supports SSH for connections in and out of the SLM SMTP for mail transfer SNMP for remote monitoring a...

Страница 30: ...t voltage of 100 to 240 VAC with 50 or 60 Hz Operating temperature range of 50 F to 95 F PCI expansion slot DB25F parallel port currently disabled SLM 02 only USB ports SLM 01 has three SLM 02 has four Note For more detailed information see the Appendix D Technical Specifications Figure 2 3 Front View of SLM Figure 2 4 Back View of SLM The vSLM supports the following virtual hardware features Two ...

Страница 31: ...n addition to the SLM the box contains the following items Quick Start Guide Null modem DB9 serial cable Power cord Rack slide kit Verify and inspect the contents of the SLM package using the enclosed packing slip or the list above If any item is missing or damaged contact your place of purchase immediately ...

Страница 32: ...nit If you mount the SLM in an enclosed rack we recommend that the rack have a ventilation fan to provide adequate airflow through the unit 2 For initial configuration connect a terminal or a computer with terminal emulation to the console port See Connecting a Terminal to the Console Port below 3 Connect the power cord and apply power See Connecting to the Power Supply on page 33 4 Wait approxima...

Страница 33: ... input voltage between 100 and 240 VAC with a frequency of 40 or 60 Hz A rear mounted IEC type AC power connector provides universal AC power input North American cord provided Monitoring the LEDs The SLM has five LEDs on the front panel to signal information during boot up and while the SLM is running Figure 3 2 LEDs on Front of SLM Table 3 3 SLM LED Functions LED Function Power Steady green when...

Страница 34: ...set up the SLM quickly so you can use it on your network you must first enter some basic information about one network port and the network IP address if not already assigned ______ ______ ______ ______ Subnet mask if not already assigned ______ ______ ______ ______ Gateway ______ ______ ______ ______ Using Detector Note The Detector software is located under the Secure Lantronix Management SLM pr...

Страница 35: ...software The Lantronix Detector window opens Figure 3 4 Lantronix Detector Window 2 From the Timeout drop down menu in the toolbar select the number of milliseconds before the search stops The default is 500 3 Click the Search icon A list of Lantronix Ethernet devices on the network displays ...

Страница 36: ... Enter Network Settings window displays Figure 3 6 Network Settings Window The Device Type and MAC Address Ethernet Address fields identify the unit 5 Enter the following information Table 3 7 Enter Network Settings Setting Description IP Address An IP address that will be unique and valid on your network and in the same subnet as your PC There is no default Note Enter all IP addresses in dot quad...

Страница 37: ...ine interface Quick Setup script Note Chapter 5 Web and Command Line Interfaces describes the command line interface in detail 1 Do one of the following With a serial terminal connection power up and when the command line displays press Enter With a network connection use an SSH program to connect to xx xx xx xx the IP address in dot quad notation and press Enter The login prompt displays 2 Type s...

Страница 38: ...If you selected DHCP or BOOTP this prompt does not display Note Enter all IP addresses in dot quad notation Subnet Mask The subnet mask specifies the network segment on which the SLC resides There is no default If you selected DHCP or BOOTP this prompt does not display Gateway IP Address IP address of the router for this network Hostname The default host name is SLM The host name can be a short ho...

Страница 39: ...___________ The current time zone is US Pacific Enter time zone US Pacific ____Date Time___________________________________________________________ The current time is Thu Jul 26 15 05 35 2007 Change the current time n ____Sysadmin Password___________________________________________________ New password current password Network settings will be updated the current terminal may not work Please re c...

Страница 40: ...Figure 3 11 SLM Home Page To enter settings for one network port Note For SLM 01 Network Port 1 is 10 100 1000Base T while Network Port 2 is 10 100Base T For SLM 02 both Network Ports 1 and 2 are 10 100 1000Base T 1 On the menu in the pane on the left click Configuration Network Settings The following page opens Figure 3 12 Network Settings Page 2 Enter the following information for one network po...

Страница 41: ... The DHCP server may provide the gateway depending on its setup This is the default setting for Network Port 1 If you select this option skip to step 3 Obtain from BOOTP Lets a network node request configuration information from a BOOTP server node Skip to step 3 Specify Requires you to assign a static IP address manually The administrator generally provides the IP address IP Address If specifying...

Страница 42: ... this network If this has not been set manually any gateway assigned by DHCP for Network Port 1 or Network Port 2 displays All network traffic that matches the Network Port 1 IP address and subnet mask goes out Network Port 1 All network traffic that matches the Network Port 2 IP address and subnet mask goes out Network Port 2 If you set a default gateway the SLM sends any network traffic that doe...

Страница 43: ...assword can be up to 128 characters and is case sensitive 3 Click the Update button When the update is complete a confirmation message displays Date and Time Setting Description Change Date Time Select the check box to manually enter the date and time at the SLM s location Date From the drop down lists select the current month day and year Time From the drop down lists select the current hour and ...

Страница 44: ... the CLI only the sysadmin account can use this command Next Steps After quickly getting the SLM up and running you can complete the configuration on the web pages To learn more about the interfaces go to Chapter 5 Web and Command Line Interfaces To continue configuring the SLM for your needs start with Chapter 7 Network and Modem Settings ...

Страница 45: ...on VMware ESX and ESXi both virtual machine managers that support importing the OVF format Minimum Hardware Requirements 3 0 Ghz or faster single core speed RAM 2GB Disk Space 60 GB Ethernet 1 Bridged Deployment Instructions Below are instructions for deploying a vSLM VM from the VMware or OVF distribution Refer to the documentation for your virtualization manager for specific instructions on open...

Страница 46: ...re username sysadmin and password PASS After logging in the settings for the first network interface can be displayed with the command show network port 1 The web interface can be accessed with the URL https IP Address of the first network interface At this point you can follow the instructions from Chapter 3 Quick Setup for Quick Setup starting with Using Quick Setup on the Command Line Interface...

Страница 47: ... User Guide 47 To obtain a permanent vSLM license contact Lantronix Sales at 800 422 7055 You will need to provide the unique signature for your vSLM sysadmin SLMB1DC admin signature show Signature 6f32deb993d767081dada4ff9a2b27c2 ...

Страница 48: ...cess to some non Lantronix devices require IE 7 Logging in To log in to the SLM web interface 1 Open a web browser Internet Explorer 6 0 and later or Firefox 1 5 and later with JavaScript enabled 2 In the URL field type https followed by the IP address of your SLM 3 To configure the SLM use sysadmin as the user name and PASS as the password These are the default values Notes The administrator may ...

Страница 49: ...views but does not populate the page Clicking the folder or document icon causes the tree structure to toggle between expanded and contracted views for folders and populates the page Clicking the text only populates the page the tree structure remains unchanged Tabs Display a series of pages related to a particular entity e g account group network settings and Ethernet devices Home Button Displays...

Страница 50: ...sion to view the entity can view notes about it In this example we add a note to an account group To view add update and delete a note 1 On the page for the entity to which you want to add a note e g Account Group page click the Notes tab The following page opens Figure 5 3 Note for an Account Group 2 In the text box type the information you want to associate with the entity 3 Do one of the follow...

Страница 51: ...ns for the tab you are viewing The Contents and Search buttons are above the pane on the left Figure 5 4 Example of a Help Page To search for information 1 Click the Search button A search field displays 2 Enter the word s you want to search for and press Enter Note You can also enter the word in the search field to the left of the Lantronix logo and press Enter ...

Страница 52: ...mands and vice versa The sysadmin user has access to the complete command set while all other users have access to a reduced command set Logging into the CLI To log in to the SLM command line interface 1 Do one of the following With a serial terminal connection power up and when the command line displays press Enter If the SLM already has an IP address manually assigned previously or assigned by D...

Страница 53: ...fault value parameter name Value Specify an appropriate value for example a device group name This User Guide shows parameter values in mixed case to indicate they are case sensitive For example if you saved a device group name in mixed case you must enter it in mixed case if you saved it in lowercase you must enter it in lowercase Square brackets Indicate optional parameters Action Category set n...

Страница 54: ...elete key depending on how you accessed the interface Both keys work if you use VT100 emulation in your terminal access program when connecting to the console port Use the left and right arrow keys to move within a command Use the up and down arrows to scroll through previously entered commands If desired select one and edit it You can scroll through up to 100 previous commands entered in the sess...

Страница 55: ...or the auditlog syslog portlog traplog and device list Default is 20 set history clear Syntax set history clear Description Clears the CLI command history show cli Syntax show cli Description Displays the terminal lines settings show history Syntax show history Description Displays the 100 most recent CLI commands Session Commands connect terminate Syntax connect terminate connect ID one or more p...

Страница 56: ... connection to view the current connections and their ID Examples connect terminate 3 connect terminate 3 outbound 1 Description Terminates a user connection to the SLM session Use show connection to view the current connections and IDs show connection Syntax show connection Description Displays active user connections and connection IDs ...

Страница 57: ...nce activities Updates SLM firmware and configurations Configures properties of the log files Manages syslog portlog auditlog upgrade configuration session and trap files Configures an SNMP agent Configures and views events Updates firmware on Lantronix Ethernet devices SLM WiBox UDS Spider SLP and SLC Step 1 Configure Network Settings The administrator enters the network settings that enable the ...

Страница 58: ...t device s ports to which they will have access In the case of SLC SCS Console Servers permissions also allow specific account groups listen only access or full bidirectional control Step 6 Manage Devices The user selects Ethernet devices from the menu s tree structure or enters search criteria to search for Ethernet devices ports and managed devices The user then views port settings if the device...

Страница 59: ...ery successful login logout and command on the command line interface and web is logged into a database table The administrator reads this information from the CLI or web and creates an audit report for one or multiple users Events The administrator defines alarms and triggers that constitute an event Events are sent to specific users or recorded on the syslog or on another device through an SNMP ...

Страница 60: ...r ________ ________ ________ ________ Your SLM must have a unique IP address on your network If you assign an IP address manually it must be within a valid range and unique to your network The administrator generally provides this information The SLM receives an IP address in one of the following ways Automatically The first time you power up the SLM Network Port 1 tries to obtain its IP address a...

Страница 61: ...Chapter 5 Web and Command Line Interfaces describes the web interface in detail To log in 1 Open a web browser Internet Explorer 7 0 and later or Firefox 15 0 and later with JavaScript enabled 2 In the URL field type https followed by the IP address of your SLM 3 Log in using sysadmin as the user name and PASS as the password The SLM Configuration page opens Figure 7 1 SLM Configuration Page SLM 0...

Страница 62: ...owing page opens Figure 7 3 Network Settings Page 2 Enter the following information for one or both network ports Table 7 4 Network Port Settings Network Port Setting Description Network Port Settings Disabled This is the default setting for Network Port 2 Obtain from DHCP Acquires IP address subnet mask and gateway from the DHCP server The DHCP server may provide the gateway depending on its setu...

Страница 63: ...0 8375 BADD 0057 may be shortened to 1234 BCD 1D67 8375 BADD 57 Note The SLM stores all IP addresses internally using IPv6 format When rendering these addresses for display the SLM uses IPv4 unless the address cannot be displayed in that format in which case it uses shortened IPv6 MAC Address display only Also referred to as the Hardware or Ethernet address Port IPv6 display only IPv6 addresses ac...

Страница 64: ...to send data from Note Both 802 3ad bonding modes require that both network interfaces share the same speed duplex modes This rule is currently enforced by the web interface but not by the CLI Adaptive Load Balancing This mode determines which interface to send data from by looking at the current load on each interface It also controls which interface will receive a response by modifying the SLM s...

Страница 65: ...ation 1 On the Network Settings page click the Gateways tab The following page opens Figure 7 7 Network Settings Gateways Tab Hostname Setting Description Hostname The default hostname is SLM You can specify a fully qualified domain name for example SLM lantronix com There is a 64 character limit contiguous characters no spaces Note The hostname becomes the prompt in the command line interface ...

Страница 66: ...P for Network Port 1 or Network Port 2 The default setting is None Precedence Indicates whether the gateway assigned by DHCP or the default gateway takes precedence The default setting is Default If you select DHCP and both network ports are configured for DHCP the SLM gives precedence to the Network Port 1 gateway Alternate An alternate IP address of the router for this network to be used if an I...

Страница 67: ...n locally not using remote authentication may change passwords at any time unless the administrator has disabled this option To change your password 1 On the menu click Configuration The Configuration Home page opens 2 Click the Password tab The following page opens Network Statistic Setting Description Bytes Number of bytes received or transmitted through this Ethernet interface Packets Number of...

Страница 68: ...Description Displays the quick setup script on the CLI only the sysadmin account can use this command set network dns Syntax set network dns 1 2 3 ipaddr IP Address Description Configures up to three DNS servers set network gateway Syntax set network gateway parameters Parameters default IP Address precedence dhcp default alternate IP Address pingip IP Address ethport 1 or 2 pingdelay 1 250 second...

Страница 69: ... mask Mask mode auto 10mbit half 100mbit half 10mbit full 100mbit full ipfilter IPv4 Filter Name CLEAR CLEAR removes the IP filter assignment Description Configures Network Port 1 or 2 show network all Syntax show network all Description Displays all network settings show network port Syntax show network port l 2 Description Displays Network Port 1 and Network Port 2 connection information show ne...

Страница 70: ... 1 On the menu click Configuration Network Settings IPv4 Filters The following page displays a list of existing filters Figure 7 13 IPv4 Filter Definitions List Tab 2 View the list of filters and the associated comments Adding an IPv4 Filter Note User created IPv4 filter sets display on the menu tree and are composed of one or more filter rules When a network connection or modem is configured to u...

Страница 71: ... select the type of protocol if any through which the filter will operate The default setting is All Port Range Enter a range of destination port numbers to be tested An entry is required for TCP TCP New TCP Established and UDP and is not allowed for other protocols Separate multiple ports with commas Separate ranges of ports by colons Examples 22 filter on port 22 only 23 64 80 filter on ports 23...

Страница 72: ... Deleting an IPv4 Filter The administrator can update or delete IPv4 filters To update or delete an IPv4 filter 1 On the List tab click the Edit icon to the left of the filter The Configure tab displays Save as new filter definition Select to make small changes to an existing filter set and then save it as a new filter set If you select this option you must supply a Filter Name that does not alrea...

Страница 73: ...eferenced by a network interface or a modem a Click the Delete button b In response to the request for confirmation click OK c Click IPv4 Filters on the menu tree The deleted filter is no longer on the menu tree or listed on the List tab 3 To update an IPv4 filter a Edit the information as desired b Click the Update button A confirmation message displays ...

Страница 74: ...Pv4 filter set To view all filter sets 1 On the menu click IPv4 Filters The List tab displays 2 Click the Show tab The following page opens Figure 7 17 IPv4 Filter Definitions Show Tab To view an individual IPv4 filter set 1 On the menu click the individual filter set name The IPv4 Filter page for the filter set displays 2 Click the Show tab Figure 7 18 IPv4 Filter Show Tab ...

Страница 75: ...ties tab To enable and test the IPv4 filter 1 On the menu click IPv4 Filters The IPv4 Filter Definitions page displays 2 Click the Properties tab Figure 7 19 IPv4 Filter Definitions Properties Tab 3 Enter the following Table 7 20 IPv4 Filter Definitions Properties Tab IPv4 Filter Setting Description Enable IPv4 Filters To enable the filters select the check box Disabled by default ...

Страница 76: ...abled A zero 0 in this field indicates that filtering will not be automatically disabled and the Enable IPv4 Filters state you specified will take place immediately A non zero value is the number of minutes until IPv4 filters are disabled whether or not a lockout condition occurs Example You set this value to 5 and enable IPv4 filters If your system locks up because of a bad filter set definition ...

Страница 77: ...e number Syntax set ipfilter delete name Name rule rule number Example set ipfilter delete MyFilter rule 3 Description Deletes IPv4 filter rule by specified name and rule number set ip filter state Syntax set ipfilter state enable disable Description Enables or disables IPv4 filters set ipfilter test Syntax set ipfilter test number of minutes Description Enables or disables IPv4 filter test mode s...

Страница 78: ...otocol Security IPsec for the SLM includes IKE policy for internet key exchanges and Virtual Private Network connections Internet Key Exchange IKE Policies The administrator can view add and update one or more IKE policies Viewing a List of IKE Policies The administrator can view IKE Policies To view a list of available IKE policies 1 On the menu click IPsec Management IKE Policies The following p...

Страница 79: ...r Email Email address of the local user Remote Peer ID Type Remote host or gateway identification type Certificate Note This feature will be available in a future release PFS Perfect Forward Secrecy PFS ensures that a given IPsec SA key was not derived from any other secret such as another key Enabled by default DH Group Diffie Hellman key group DHx used for an encryption key Authentication Algori...

Страница 80: ...s Type From the drop down list select the version of the Internet Protocol used for theaddress IPv4 Internet Protocol version 4 default IPv6 Internet Protocol version 6 Remote Gateway Address Enter the IP address of the remote end of the gateway Authentication Method From the drop down list select the method of verifying data integrity PSK Pre Shared Key uses a password exchange and matching proce...

Страница 81: ...PFS Select the checkbox to enable PFS Perfect Forward Secrecy PFS ensures that a given IPsec SA key was not derived from any other secret such as another key Enabled by default DH Group Initial Diffie Hellman value MODP1024 MODP1536 MODP2048 Authentication Algorithm From the drop down list select an algorithm for verifying data integrity SHA1 Secure Hash Algorithm 1 MD5 Message Digest 5 SHA2 256 2...

Страница 82: ...figure tab displays Figure 7 25 Internet Key Exchange Policiy Configure Tab 2 To delete a policy Note You may not delete a policy currently referenced by a VPN a Click the Delete button b In response to the request for confirmation click OK c Click IKE Policies on the menu bar 3 To update a policy a Edit the information as desired b Click the Update button A confirmation message displays 4 To save...

Страница 83: ...7 27 VPN Connection Settings VPN Connection Setting Description Name Name that identifies VPN IKE Policy IKE policy that references this VPN Encapsulation Mode Tunnel mode Used when the remote peer is an IPSec gateway Host mode Used when the remote peer is an IPsec host Remote Address Type Subnet type The subnet that is the destination of the IPsec traffic Single The single host that is the destin...

Страница 84: ...sed when the remote peer is an IPSec gateway Host mode Used when the remote peer is an IPsec host Network Port Select the network port connecting to the VPN Protocols Select the protocol used in the VPN connection ALL All of the listed protocols are used TCP Transmission Control Protocol UDP User Datagram Protocol ICMP Internet Control Message Protocol ICMPv6 Internet Control Message Protocol vers...

Страница 85: ...the menu bar 3 To update a policy a Edit the information as desired b Click the Update button A confirmation message displays 4 To save your entries click the Save button Authentication Algorithm From the drop down list select the algorithm for verifying data integrity None SHA1 MD5 SHA2 256 Encryption Algorithm From the drop down list select the method of encrypting data 3DES Data Encryption Stan...

Страница 86: ...om either the web interface or the CLI A user dialing in from a remote computer in text mode can access the CLI on the SLM A user dialing in from a remote computer in PPP mode can access the CLI and the web interface on the SLM Depending on the PPP settings the user may access all devices that the SLM has access to as well A user can dial out from the CLI and the web interface in PPP mode Viewing ...

Страница 87: ...e of modem e g PCI or USB Baud Communication speed between the SLM and a modem Data Bits Number of data bits used to transmit a character Parity Type of parity checking Parity checking detects simple single bit errors Stop Bits Number of stop bit s used to indicate that a byte of data has been transmitted Flow Control Method of preventing buffer overflow and loss of data Mount Point Name of the se...

Страница 88: ...4 D2 C1 E1 Q0 Note We recommend that the modem initialization script always be preceded with AT and include E1 V1 x4 Q0 so that the SLM can properly control the modem Baud Communication speed between the SLM and the modem From the drop down list select the baud rate The default setting is 115200 Data Bits Number of data bits used to transmit a character From the drop down list select the number of...

Страница 89: ... 7 35 Modem Dial In Tab 3 To save click the Submit button A confirmation message displays Viewing a List of Profiles The administrator can view a list of modem connections 1 On the menu click Configuration Network Settings Modem Management Modem Profiles The following page opens Modem Setting Description Profile From the drop down list select the desired profile The default is none IPv4 Filter Fro...

Страница 90: ...tions e g the SLM connects to an external network You can dial out from both the CLI and the web interface Timeout Indicates whether the connection times out logins after the connection is inactive for a specified number of minutes 1 30 Negotiate If Yes the remote device or PC specifies the local SLM IP and remote addresses If No the SLM assigns the local SLM IP and remote IP addresses Local IP IP...

Страница 91: ...ablishes an IP based link over the modem Dial out mode uses PPP connections e g the SLM connects to an external network You can dial out from both the CLI and the web interface Timeout Logins For both Text and PPP modes you can enable logins to time out after the connection is inactive for a specified number of minutes 1 30 Call Back Select to enable this security feature When the SLM user calls a...

Страница 92: ...y dial in using dial back SLM dials back to the number defined on the Modem connection page Dial Back Number Enter the phone number the modem dials back on It can be a fixed number or a number associated with the user s login If you select Fixed Number enter the number in the format 2123456789 Employ User Account Settings Select to indicate that the SLM takes dial back rules from the local user ac...

Страница 93: ... c Click Modem Profiles on the menu tree The deleted connection is no longer on the menu tree or listed on the List tab 3 To update a profile a Edit the information as desired b Click the Update button A confirmation message displays Note For information about configuring a dial out profil see Configuring a Modem Connection to a Managed Device on page 206 Discovering a USB Modem The system adminis...

Страница 94: ...ote You may only use this command when the modem is completely stuck Wait for minimum timeout period 3 minutes before you use this command when You dial out via PPP and encounter no dial tone You dial out via PPP and encounter a busy signal Syntax reset modem connection Description Resets a modem connection set modem disconnect Note Type show modem to view the current modem connections Syntax set ...

Страница 95: ...show modem Syntax show modem Description Displays all modems show modem connection Syntax show modem connection parameters Parameters index number Description Displays active established modem connections show modem settings Syntax show modem parameters Parameters name Modem Name index number Description Displays modem settings show modem status Syntax show modem status Description Displays the st...

Страница 96: ...Dial Account Name Description Delete a dial account set dialaccount edit Syntax set dialaccount edit Dial Account Name parameters Parameters modemmode text ppp localipaddr negotiate IP Address remoteipaddr negotiate IP Address auth pap chap username User Name password Password nat enable disable forcedialback disable enable apply only text mode dialbacknumber dial back number CLEAR apply only text...

Страница 97: ...odem Modem Name phonenumber phonenumber application ssh telnet http none Description Finds managed device by index and modifies dial account settings To set modem parameters you must specify a dial out option set modem edit Syntax set modem edit Modem Name dialin Dial Account Name CLEAR disable enable Description Modifies a dial in account name show dialaccount Note Type show dialaccount to displa...

Страница 98: ...7 Network and Modem Settings SLM User Guide 98 Syntax show dialaccount mapping Description Shows dial account used by dial in and dial out ...

Страница 99: ...o individual users or user groups provides another level of security The authentication method selection on the SLM does not affect devices or SLM interaction with devices Note For a user to be authenticated using one of the remote methods the user s account must be configured for remote access Remote Only or Local Remote or there must be an account defined whose login name is the same as the prot...

Страница 100: ...es the client server model and the Remote Procedure Call RPC interface for communication between hosts NIS consists of a server a library of client programs and some administrative tools NIS is often used with the Network File System NFS LDAP Lightweight Directory Access Protocol A set of protocols for accessing information directories specifically X 500 based directory services LDAP runs over TCP...

Страница 101: ...y or Local Remote or there must be an account defined whose login name is NIS See Accounts on page 125 for information on setting up accounts Kerberos Kerberos is a network authentication protocol that enables two parties to exchange private information across an unprotected network It works by assigning a unique electronic credential called a ticket to each user who logs on to the network The tic...

Страница 102: ...in of the NIS server Master Server required The IP address or hostname of the master server Slave Server 1 5 The IP addresses or hostnames of up to five slave servers Broadcast for Server Select the check box for the SLM to send a broadcast datagram to find the NIS Server on the local network Enabled Displays selected if you previously enabled this method on the User Authentication page or on this...

Страница 103: ... the format SLM_xxxxx AND an account group exists on the SLM named xxxxx without the SLM_ prefix then a user logging into the SLM using LDAP authentication will have an account automatically created for them in the matching account group and the user will inherit all permissions assigned to that group Example user dsmith has an account on the LDAP server and is a member of group SLM_musers The acc...

Страница 104: ...m length is 127 characters Port Number of the TCP port on the LDAP server to which the SLM talks The default setting is 389 Active Directory Support Select to enable Active Directory is a directory service from Microsoft that is a part of Windows 2000 and later versions of Windows It stores information about network resources within a domain It is LDAP and Kerberos compliant Disabled by default En...

Страница 105: ...a user to log in remotely using RADIUS the user s account must have remote access Remote Only or Local Remote or there must be an account defined whose login name is RADIUS See Accounts on page 125 for information on setting up accounts To configure the SLM to use RADIUS to authenticate users 1 On the menu click Configuration User Authentication RADIUS The following page opens Figure 8 7 RADIUS Au...

Страница 106: ...US port 1812 Note Older RADIUS servers may use 1645 as the default port Check your RADIUS server configuration Server 1 Secret Text that serves as a shared secret between a RADIUS client and the server SLM The shared secret is used to encrypt a password sent between the client and the server May have up to 128 characters Server 2 IP address or hostname of the secondary RADIUS server Server 2 Port ...

Страница 107: ...ickets A ticket is a temporary set of electronic credentials that verify the identity of a client for a particular service Enter the KDC in the fully qualified domain name format FQDN An example is SLC local IP Address Enter the IP address of the Key Distribution Center KDC Port Port on the KDC listening for requests Enter an integer with a maximum value of 65535 The default setting is 88 Use LDAP...

Страница 108: ...gure 8 11 TACACS Authentication Page Configure Tab 2 Enter the following Table 8 12 TACACS Authentication Settings 3 To save click the Update button A confirmation message displays TACACS Authentication Setting Description Servers 1 3 IP address or host name of up to three TACACS servers Secret Shared secret for message encryption between the SLM and the TACACS server Enter an alphanumeric secret ...

Страница 109: ...figure the SLM to use SecurID to authenticate users 1 On the menu select Configuration Authentication SecurID The following page opens Figure 8 13 SecurID Authentication Page 2 Enter the following information Table 8 14 SecurID Authentication Settings SecurID Authentication Setting Description sdconf rec Upload new sdconf rec Configuration file generated by the SecurID server To upload this file f...

Страница 110: ...is imported you can view or delete the public key Any SSH connection into the SLM from the designated host user combination uses the SSH key for authentication Exported Keys The SLM can generate SSH keys for SSH connections out of the SLM for any SLM user The SLM retains both the private and public key on the SLM and makes the public key available for export through SCP FTP or copy and paste The n...

Страница 111: ...om which the user will be making an SSH connection The SLM local user login for the connection is different from the user name from which the key was generated or is not included in the imported key file If either of these conditions is true or the imported file is in SECSH format you must specify the host and user The following is an example of a public key file that includes the host and user ss...

Страница 112: ... connections to the SLM will be made User User ID of the person given secure access to the remote server Import via Select SCP or FTP as the method for importing the SSH keys The default is SCP Filename Name of the public key file for example mykey pub Exported Key Setting Description User User ID of the person given secure access to the remote server Key Type Select either the RSA or the DSA encr...

Страница 113: ...jMssgp1S6 TTf YWzHCr1mX yRUyA I9VXb9cI2r9uqIlMk GVTgpI 8YERnAsQ9AeRfy 20MXOSGg895 tdBW6piLKWoJ5P6NRcXsFJScmowGXNU4snUpk2cvVNyGiVMe9jb454fb080 lphmMrJMUPY X3uG22Qsm0KZGosnLFKtYzimDaOoRQ2QI9my19i baFX9RiH2yda vLmBsTchaEx30Dp7Pw baHi7gf8Rb9Q 5 To delete one or more keys a Select the check box for each key to be deleted and click the Delete button b In response to the request for confirmation click OK...

Страница 114: ...ing Copy SSH keys from current boot bank to alternate boot bank Copy SSH keys from alternate boot bank to current boot bank 3 Click the Submit button 4 To return to the original settings click the Reset button Authentication Commands set auth Syntax set auth one or more parameters Parameters local 1 7 nis 1 7 ldap 1 7 radius 1 7 kerberos 1 7 tacacs 1 7 securid 1 7 authusenextmethod enable disable ...

Страница 115: ...ndname Bind Name bindpassword Bind Password adsupport enable disable encrypt enable disable Description Configures the SLM to use LDAP to authenticate users who log in to the SLM via SSH Telnet the web or the console port set nis Syntax set nis one or more parameters Parameters enable disable domain NIS Domain Name broadcast enable disable master IP Address or Name slave1 IP Address or Name slave2...

Страница 116: ...ete Syntax set sshkey delete keyuser SSH Key User keyhost SSH Key Host Description Deletes an imported SSH key set sshkey import Syntax set sshkey import copypaste Note RSA keys must be 1024 bits Description Imports an SSH key show auth Syntax show auth Description Displays authentication methods in use show ldap Syntax show ldap Description Displays all LDAP information show nis Syntax show nis D...

Страница 117: ...not delete or rename the Administrators Group although they can add additional accounts to it Administrators have access to configuration events logs and files can create groups of managed devices and interact with Ethernet and managed devices Administrators can log into both the web interface and the CLI Ethernet Device Account Groups Can interact with SLCs SLKs SLPs and other SLMs other Lantroni...

Страница 118: ...ounts The following page opens Figure 8 22 Account Groups Page Accounts Tab 2 Click the Members tab A list of existing account groups displays Figure 8 23 Account Groups Page Members Tab Adding an Account Group 1 On the Account Groups page click the Group tab The following page opens Figure 8 24 Account Group Page Group Tab 2 Enter the following ...

Страница 119: ...ename an account group but not change its type You cannot delete an account group if it contains any accounts delete the accounts first a Click the Delete button b In response to the request for confirmation click OK A blank Group tab opens c Click Accounts on the menu tree The deleted group is no longer on the menu tree or listed on the Members tab 3 To update the name of an account group a Edit ...

Страница 120: ...mber of times the user can attempt to log in unsuccessfully before the system locks the user out The default setting is 0 disabled Lockout Time minutes The number of minutes the locked out user must wait before trying to log in to the web interface again The default setting is 0 disabled Session Length minutes The number of minutes a session can be idle before it times out The minimum is five minu...

Страница 121: ...device s ports Ethernet Device Account Groups Can view configure and interact with specific Ethernet devices their ports and the managed devices connected to the ports Managed Device Account Groups Can view configure and interact with specific managed devices Menu Only Account Groups Can view and interact with specific managed devices according to the menu they have permission to use To assign per...

Страница 122: ...nabled list and click the right arrow The device is now in the Permission Disabled list 5 Click the Update button When the update is complete a confirmation message displays When the user logs in only Ethernet and managed devices for which the user has permission display in the menu tree To assign permissions to a Managed Device Account Group The administrator assigns permissions that allow a Mana...

Страница 123: ...st 5 To disable permission for a managed device select it from the Connect Direct Devices or Listen only Devices list and click the corresponding right arrow The device displays in the Permission Disabled list 6 Click the Update button When the update is complete a confirmation message displays When the user logs in only managed devices for which the user has permission display on the menu tree Vi...

Страница 124: ...Account Group Commands set accountgroup add Syntax set accountgroup add Group Name type ethernet managed menu parameters Inbound Connection Setting Description User Account User name for logging in to the SLM U I Type of interface web or command line the user is logged in to Location IP address of the client Last Access Date and time the user last accessed the SLM Minutes Idle Number of minutes si...

Страница 125: ...how accountgroup name Group Name Description Displays account group information show accountgroup all Syntax show accountgroup all show accountgroup Description Displays information about all account groups show accountgroup index Note Type show accountgroup all to display the index Syntax show accountgroup index number Description Displays account groups by index number Accounts The Accounts page...

Страница 126: ... and prioritize authentication methods and to configure related settings Config Services Indicates whether the user has permission to configure services such as date and time and SNMP Agent syslog and to update SLCs to which the user has access Device Management Indicates whether the user has permission to configure settings for auto detecting devices and ports and for managing alternate SLMs Conf...

Страница 127: ... Accounts Administrators The following page opens Synchronize When the Push Passwords check box on the Maintenance page is selected the SLM uses the password on all accounts with Synchronize Password enabled to update accounts on remote SLMs SLCs SCSxx05 20s and SLPs The accounts must have access rights to and local user accounts on the devices Note SLP password synchronization uses SSH and CLI co...

Страница 128: ...gging into the SLM Must be alphanumeric start with an alpha character and may include an underscore _ Password and Retype User s password for logging in to the SLM Email User s email address Allow Password Change Select to allow user to change passwords Enabled by default Password Never Expires Selected by default Select to allow the user to use current password indefinitely Selected by default Ch...

Страница 129: ...e SLM for any reason causes it to ignore user account password changes made but not yet pushed Enable Dial Back Users with dial back access can dial into the SLM and enter their login and password Once the SLC authenticates them the modem hangs up and dials them back Dial Back Number Select the phone number the modem dials back on It can be a fixed number or a number associated with their login If...

Страница 130: ...ount to Group Configure Tab Account Setting Description Name User ID for logging into the SLM Must be alphanumeric start with an alpha and may include an underscore _ Password and Retype User s password for logging in to the SLM Email User s email address Allow Password Change Select to allow the user to change passwords Selected by default Password Never Expires Select to allow the user to use th...

Страница 131: ...xx05 20s and SLPs The accounts must have access rights to and local user accounts on the devices Note SLP password synchronization uses SSH and CLI commands not an SNMP command so you must provide the sysadmin login and password in the SLP device page for SLP password synchronization to work Rebooting the SLM for any reason causes it to ignore user account password changes made but not yet pushed ...

Страница 132: ... in the menu The user is no longer listed Account Commands Use the following commands to configure local accounts including sysadmin to authenticate users who login to the SLM by means of SSH Telnet the web or the console port set account add Syntax set account add User Name group Group Name admin parameters Parameters email Email Address auth local remote localremote disable allowdialback enable ...

Страница 133: ...e disable changepwnextlogin enable disable Description Modifies a user account set account password Syntax set account password User Name Note Administrators with permission to change passwords must enter the username Other users may not enter a username they are changing their own password Description Configures a user account s password for the SLM show account Syntax show account User Name show...

Страница 134: ...account index number Description Displays accounts by index number show account search Syntax Note All searches are case insensitive show account search name name show account search email email address Examples show account search name sys Description Searches for accounts by name or email address ...

Страница 135: ...x SCS05 20 devices within a specified IP range and SNMP to detect all other devices within a specified IP range Auto Detecting Devices Auto detect enables the SLM to search for and register Ethernet devices automatically When the SLM detects an Ethernet device it also scans the device for ports and port information You only need to define search protocols and parameters once they are saved for use...

Страница 136: ...t group by routers on different subnets Once SLM gets a discovery response from members it queries each individual device for further information Note See RFC1112 for a description of the basic IGMP protocol IP address Specify the subnet e g 255 255 255 255 to be searched or if specifying a range of IP addresses the IP address at the beginning of the range in which the SLM is to detect devices Opt...

Страница 137: ... the name to the value the device returns Auto Detect Commands admin autodetect filter delete Syntax admin autodetect filter delete The command displays an index of current filters Type the index number of the filter you want to delete and press Enter SCS05 20 discovery on IP range To locate Lantronix SCS05 20 products on the network specify Starting IP Address The IP address at the beginning of t...

Страница 138: ...lter scs Syntax admin autodetect filter scs IP range timeout number of milliseconds Example IP range 192 168 0 1 192 168 0 155 timeout default is 100 msec range is 100 60000 msec Description Sets SCS discovery protocol search filters admin autodetect filter show Displays the current auto detect search filters Syntax admin autodetect filter show Description Displays the current auto detect search f...

Страница 139: ...t device process using the protocol and filters configured show progress Syntax show progress Description Shows the progress of background tasks Ethernet Devices The SLM enables you to list all devices groups of devices and individual devices in the SLM database These devices have been auto detected or added manually This section shows how the Administrator and Ethernet Device Account groups add d...

Страница 140: ...tween ascending and descending order If there is more data in a table than fits on the screen scroll forward and backward through the data To list all Ethernet devices of a specific type To list all SLCs managed by the SLM click Ethernet Devices SLC on the menu tree The following page opens Figure 9 4 Manage Group Page List Tab To list devices in any other device group e g SLK SLP or Other Lantron...

Страница 141: ...n the menu tree click Ethernet Devices and then the type of device you are adding e g SLC SLK Spider or Other Lantronix 2 Click the Add tab Depending on the device type one of the following pages or a similar page displays Note The connection buttons on the right are inactive until the Ethernet device has been added to the system See Connecting to Ethernet and Managed Devices on page 224 for instr...

Страница 142: ...9 Ethernet Device Management SLM User Guide 142 Figure 9 7 Add SLK Device Page Configure Tab Figure 9 8 Add SLP Device Page Configure Tab ...

Страница 143: ...9 Ethernet Device Management SLM User Guide 143 Figure 9 9 Add Spider Device Page Configure Tab Figure 9 10 Add Other Lantronix Device Page Configure Tab ...

Страница 144: ...talled e g city building or room FW Version Release number of the firmware Secure Channel view only Indicates whether the SLM has a Lantronix secure channel connection from the web interface to the command line interface of an SLC and its ports The default is No Link Status view only Indicates whether or when the SLM polled the connection from the SLM to the device Login not on SLM User name for l...

Страница 145: ... Read Community SLC SLB SLP only An SNMP community is the group to which devices and management stations running SNMP belong The default setting is public SNMP Write Community SLC SLB SLP only A string that acts like a password for an SNMP manager to modify data where permitted SNMP Trap Community SLC SLB SLP only A string that is sent along when a trap is broadcast Only management devices that ar...

Страница 146: ...formation as desired In addition to the fields described on Configuring a Managed Device on page 207 enter the following for SLCs SLBs SCSs SLMs and SLPs Table 9 14 SLC Device Settings Device Setting Description Managed Device If desired create a managed device from the Ethernet device For more information see Creating Individual Managed Devices on page 197 Note This field is unavailable if no Man...

Страница 147: ...ll attempt to update its internal database by interrogating the physical device The SLM must have a Secure Channel established to the Ethernet device or provide the sysadmin login and password of the Ethernet devices for this function to work Currently the SLM can read the following information SLC SLC host name firmware version device port names device port parameters e g baud flow control and th...

Страница 148: ...l be presented with Figure 9 15 Device Locator Configure Tab Enter these values in the Define Room section and presses Submit The racks are all created and assigned names based upon their location For instance if the machine room is defined with 3 rows 2 clusters per row and 5 racks per cluster then 30 rack objects will be added to the database Each rack object will be assigned a name in the forma...

Страница 149: ...from the drop down note Row Cluster and Position number then select one or more of the Available Devices in the rightmost list and use the left pointing arrow to move them to the Current Devices list Finally click on the Update button to send these changes to the database Note that devices may be moved between the Current Devices list and Available Devices list one or more at a time by using Ctrl ...

Страница 150: ... that the SLM can make to that device note that due to actual configuration settings some of these connections may not complete One additional note once a device has been placed in a rack a link appears on that device s configuration page By clicking on that link the Device Locator View page is brought up with its rack highlighted in red and all devices in that rack populated in the table below Pe...

Страница 151: ...isting persistent connections displays Note You may view all Persistent Connections to which you have rights by performing a search Figure 9 18 Device Page PerCons Search To view a specific persistent connection to a device 1 On a specific device page click the PerCons tab see Figure 9 18 2 click the Edit icon to the left of the connection The PerCons page opens ...

Страница 152: ...9 Ethernet Device Management SLM User Guide 152 Figure 9 19 Device Page Persistent Connection ...

Страница 153: ...nt Connection Setting Description Name required Name that identifies the persistent connection Protocol From the drop down list select the protocol used to make the persistent connection The options available depend on the type of Ethernet device Secure Channel SLC SLB Spider and SLM only SSH Telnet TN3270 A special Telnet program that connects to mainframes It is only available if the Ethernet De...

Страница 154: ...e Parent Ethernet Device view only Name of the Ethernet device to which the persistent connection is made Last Established view only Indicates when the persistent connection was made Managed Device Available If the parent Ethernet device of this persistent connection is being managed as part of a managed device then users with access to that managed device will also be able to connect into this pe...

Страница 155: ...he list of ports for a device The PersCon page displays Figure 9 22 Edit Persistent Connection 2 Add or update the information as desired 3 Click the Submit button To delete a persistent connection to a device 1 On the PersCon tab click the Edit icon the left of the desired connection OR On the menu tree click the name of the desired connection at the end of the list of ports for a device The Pers...

Страница 156: ...vices The All Ethernet Devices page opens 2 Click the Polling tab The following page opens Figure 9 23 All Ethernet Devices Polling Tab 3 Enter the following information Table 9 24 Poll Settings Ethernet Device Setting Description Periodically poll Select to have the SLM poll Ethernet devices on the network at regular intervals Disabled by default If you select this option then any Ethernet device...

Страница 157: ...utton and click on the Terminate button The window will refresh to show the selected connections no longer active Auto Connection Fail Count The following conditions are required for the SLM to automatically connect to the SLC through a modem Ethernet device polling is enabled The SLC device has polling enabled for itself The SLC has a modem connection and phone number configured The SLC has reach...

Страница 158: ...owing information Table 9 27 Device Modem Tab 3 Click the Update button A Modem Connect or in the case of an SLC SLB a Call Back button may display The Call Back button allows you to open a window to the SLC SLB view the connection and type commands Device Setting Description Modem From the drop down list select a specific modem for the Ethernet device to use The default is Any For PPP connections...

Страница 159: ...session log files 1 On the Device page click the Utilities tab The following page opens Figure 9 28 Device Page Utilities Tab Device session log file names have the following format hostname _ host_mac_address device_port_number username connection_type date_and_time log where Table 9 29 Device Session Log File Name Components Device Setting Description hostname Up to the first 8 characters of the...

Страница 160: ...page 288 Traps Traps are notifications of events sent from one device to another The traps listed below are those sent by other devices SLMs SLCs SLPs and SLKs and received by the SLM This feature is applicable when you select Enable Traps Reception on the SNMP Agent page Examples of traps the SLM can receive include SNMP Generic Traps Cold Start Warm Start Ethernet Link Down Ethernet Link Up Auth...

Страница 161: ... down device authentication failure it is derived from the trap Trap Community Community value Device Name of the device sending the trap it is derived by associating the sender s IP address to a device name in the SLM database Description Message text in the trap Contents The entire contents of the SNMP trap Trap Log Setting Description Clear Trap Log Select the check box to clear the trap log Ex...

Страница 162: ...devices of a type currently in the SLM database select its checkbox Note Check boxes are active only if you change the display mode to Don t Detect Ethernet Device Setting Description Ethernet Device Groups For each device group select one of the following options from the drop down list Always Device folder displays whether populated or not This is the default setting for the SLM SLC SLK and SLP ...

Страница 163: ...an SLC port 1 On the menu click Ethernet Devices SLC The Manage SLC Group page opens 2 Click the Port Access tab A list of all SLCs displays along with all of their ports Numbered squares represent the ports Note Hovering over a port reveals the port name Figure 9 35 Manage SLC Group SLC Tab 3 Click the SLC port to open a Secure Channel connection To connect to an SLB port or access its port page ...

Страница 164: ...ding 3 You have the following options To open a Secure Connection with a serial port click the corresponding green square To open an SLB port page click the corresponding red or blue square To access an SLP port page 1 On the menu click Ethernet Devices SLP The Manage SLP Group page displays 2 Click the Port Access tab A list of all SLPs displays along with all of their ports and the power load of...

Страница 165: ...ate unknown device may not be responding 3 Click the port whose port page you want to open To gain KVM access to a device connected to a Spider 1 On the menu click Ethernet Devices Spider The Manage Spider Group page displays 2 Click the Port Access tab All Spiders in the system display as boxes with IP addresses Some boxes may display the current view of the device the Spider is controlling ...

Страница 166: ...utomatically every two minutes select the Auto Refresh check box and click the Refresh button To refresh the port information once clear the Auto Refresh check box and click the Refresh button To manage UDS SDS port connections 1 On the menu click Ethernet Devices UDS SDS The Manage UDS SDS Group page opens 2 Click the Port Access tab A list of all current UDS and SDS port connections displays alo...

Страница 167: ...will be offered in a future release To delete a connection check the box to the right of the connection to be terminated and click on the Delete button Updating Passwords in Bulk The administrator and Ethernet device users can perform bulk password updates on multiple devices in the local database These changes can also be pushed to remote SLM SLC SLP and SCS05 20 devices The user has access to th...

Страница 168: ...you want to change Current Password Enter the password currently used by the devices whose password you want to change New Password and Retype Password Enter a new password for accessing the devices SLM SLC SLK SLP SCS05 20 SCSxx00 SLB Spider WiBox UDS SDS EDS EDS MD XPort Premier Wave Other Lantronix Non Lantronix Select the check box for each type of device whose password you want to change Push...

Страница 169: ...age displays Note To clear all values before saving click the Reset button SNMP Setting Description SNMP Read Community An SNMP community is the group to which devices and management stations running SNMP belong The default setting is public Because SSH to SLP authentication may take a long time this setting allows the user to choose SNMP support which is faster SNMP Write Community A string that ...

Страница 170: ...et Devices page displays 2 Click the SLM Proxy tab The tab displays a list of all the Ethernet Devices with a column for each method of connection Figure 9 44 All Ethernet Devices SLM Proxy Tab Three types of check boxes display on the page Active check boxes in the HTTP and HTTPS columns Inactive selected check boxes indicate devices that are automatically set for proxy Inactive unselected check ...

Страница 171: ...disconnect modem name Device Name ipaddr IP Address location Location login Loginname model Model readinfo sshport TCP Port for SSH tnport TCP Port for Telnet tn3270lu Logical Unit version Version Description Finds Ethernet devices by device name or IP address and modifies device parameters set ethernetdevice config Syntax set ethernetdevice config Device Name or IP Address one or more parameters ...

Страница 172: ...th port slp sunset po 1 3 6 8 14 state on Description Finds a port by device name or IP address with the port number and modifies port parameters set ethernetdevice sync Syntax set ethernetdevice sync Device Name or IP Address action read write Description Finds an Ethernet device using device name or IP address and synchronizes device information show device Note Entries are not case sensitive Sy...

Страница 173: ... config Syntax show ethernetdevice config Device Name or IP Address Description Finds an Ethernet device using device name or IP address and displays device information show ethernetdevice firmware Syntax show ethernetdevice firmware Description Displays firmware versions of all Ethernet devices managed by the SLM show ethernetdevice group Syntax show ethernetdevice group Group Name firmware group...

Страница 174: ...sensitive Example show ethernetdevice search device name slc firmware 4 Description Displays all devices that match the criteria entered For example if you specify name slc the SLM searches for all devices whose name starts with slc Persistent Connection Commands set persistent add Syntax set persistent add persistentConnectionName ethernetdevice ethernetDeviceName IP one or more parameters Parame...

Страница 175: ...necessary only to discriminate between two or more persistent connections that are visible to the current user and are using the same name Description Modifies an existing persistent connection set persistent delete Syntax set persistent delete persistentConnectionName ethernetdevice ethernetDeviceName IP Note For the delete command the ethernetdevice parameter is necessary only to discriminate be...

Страница 176: ...ollowing device may be the name of an Ethernet device or the name of a managed device Persistent connections automatically belong to managed devices that have an Ethernet device component that has persistent connections defined Description Connect to an existing persistent connection Trap Commands show traplog index Syntax show traplog index number Description Displays all current trap log informa...

Страница 177: ...ify 0 at number of lines all lines display Parameters top number of lines tail number of lines lastminutes minutes date MMDD date MMDD MMDD loglastminutes minutes logdate MMDD logdate MMDD MMDD If you specify both the date and time the SLM ignores the date Description Displays the specified part of the traplog by index Examples show traplog Lists traplog files show traplog lastminutes 5 Lists trap...

Страница 178: ...of the traplog from the last 5 minutes show traplog index 3 tail 0 lastminutes 5 Displays all lines of the traplog in index 3 from the tail show traplog index 3 lastminutes 5 logminutes 10 Displays the part of traplog in index 3 times tamped in the last 10 minutes show traplog index 3 date 0205 Displays the part of traplog in index 3 times stamped on 0205 Ports Administrators and Ethernet device u...

Страница 179: ...On the Device page for the Ethernet device click the Ports tab The following page opens Figure 9 45 Device Ports Tab 2 View the following information about each port Table 9 46 Device Ports Tab Port Setting Description Name Name of the Ethernet device port Port Number Number of the Ethernet device port e g a number between 1 and 48 for the SLC 48 Console Name of the parent Ethernet device ...

Страница 180: ...nabled Indicates whether logging has been enabled for this port Note To enable or disable port logging for one or more ports select the check box for each affected port and select Enable Port Logging or Disable Port Logging from the drop down list at the bottom of the page Only SLC devices that have established a secure channel connection can have ports with logging enabled Log Time Frame For SLC ...

Страница 181: ...ffers all unassigned ports up to 16 above the current highest port number Parent Ethernet Device view only Name of the Ethernet device Name Name of the port e g name of the device to which it is attached Parent Device Type view only Ethernet device type e g SLC SLM SLK Log Enabled Indicates whether logging is enabled on the port Disabled by default Note To enable or disable port logging for one or...

Страница 182: ...to the external device A suggested value is Esc B escape key then uppercase B performed quickly but not simultaneously You would specify this value as x1bB which is hexadecimal x character 27 1B followed by a B Managed Device Not active when you are adding a port Data Setting Description Baud The speed with which the device port exchanges data with the attached serial device From the drop down lis...

Страница 183: ...enabled for the device port Disconnect on DSR If a connection to a device port is currently in session and the DSR signal transitions to a de asserted state the connection disconnects immediately Disabled is the default unless dial in dial out or dial back is enabled for the device port IP Setting Description Enable Telnet In Enables access to this port through Telnet Disabled by default Enable SS...

Страница 184: ...on to the fields completed when adding a port complete the following fields Table 9 53 Port Configure Tab 2 Click the Update button When the update is complete a confirmation message displays Note Port configuration fields differ depending on the parent device type Port Setting Description Managed Device If desired create a managed device from the port See Creating Individual Managed Devices on pa...

Страница 185: ...ss to any port on any SLC or SLB To gain quick secure channel access to an SLC port 1 On the Manage SLC Group Page click the Port Access tab The following page displays Figure 9 54 Manage SLC Group Page Port Access Page 2 Click the desired port on the specific SLC The following page displays Figure 9 55 Connection to Selected SLC Port ...

Страница 186: ... 9 56 Port Page Statistics Tab The page displays port status and counters 2 To see the current statistics click the Refresh button 3 To clear the port counters select the Clear port counters check box and click the Refresh button Applying Power to SLP Ports on a Single Device You can power on power off or cycle power on multiple ports on an SLP To manage power on multiple ports of an SLP 1 On the ...

Страница 187: ...m of the page select the action you want to take Power On Power Off or Cycle Power 4 Click the Update button Viewing Port Logs Depending on the type of device you can view one or more port and session logs on the Port page To view logs 1 On the Port page click the Logs tab The following page displays Figure 9 58 Port Page Logs Tab 2 To view a log select the log from the appropriate drop down list ...

Страница 188: ...nset po 2 state on Description Finds a port by device name or IP address along with the port number and modifies port parameters show ethernetdevice port Syntax show ethernetdevice port Device Name or IP Address all show ethernetdevice port Device Name or IP Address portnumber Port Number Description Finds an Ethernet device using device name or IP address and displays port information show ethern...

Страница 189: ...ays all ports that match the criteria entered show port Syntax show port name Type show port all to display index Example show port slc displays all Ethernet ports whose name starts with slc Description Searches Ethernet ports by port name and displays port information show port all Syntax show port all show port Displays all Ethernet ports show port index Note Type show port all to display index ...

Страница 190: ...may be connected to an SLC by a serial port to an SLP by a power connector and to an SLK by a KVM port You could manage these three individual managed devices separately However if you fuse the individual managed devices into one virtual managed device you can then manage the SLC SLP and SLK connections from a single SLM web page Each virtual managed device in the SLM system can include a connecti...

Страница 191: ...administrator may want to create groups by location type of device or user A Managed Device Group may include devices attached to the ports of several different Ethernet devices The administrator creates custom groups of managed devices and then assigns individual devices to the groups For example a group called Lab 1 might include all devices attached to the ports of Ethernet devices being tested...

Страница 192: ...ed device Device Name of a local Ethernet device Managed Device Type Type of managed device e g Solaris Server or Linux Server Note If the managed device type is set to Windows a Remote Desktop option becomes available If set to Linux Server the a VNC option becomes available Managed Group Name of the Managed Device Group to which the managed device belongs Modem Name of the modem if any to be use...

Страница 193: ...u click Managed Devices and then click the Add tab The following page opens Figure 10 6 New Managed Device Group Page Configure Tab 2 In the Name field enter the name of the Managed Device Group 3 Click the Add button 4 Expand Managed Devices on the menu tree The custom group displays as a folder Note A managed device may belong to only one Managed Device Group Updating or Deleting a Managed Devic...

Страница 194: ...2 In response to the confirmation request click OK A message confirming the deletion displays The menu no longer displays the Managed Device Group Configuring Polling Settings The system administrator or permitted user can specify polling settings for the Managed Device Group The SLM polls the Managed Device Group s connections according to these settings To configure polling settings 1 On the men...

Страница 195: ...ctly to a managed device The method depends on the type of Lantronix device server or modem connected to the managed device The ability to connect also depends on the user s permissions To view connection methods to a managed device 1 On the menu select the managed device The following page opens Polling Setting Description Periodically poll Select the check box to enable periodic polling of the M...

Страница 196: ... Connecting to Ethernet and Managed Devices on page 224 Table 10 11 Connection Icons and Buttons on the Connect Tab Icon Connection Buttons Description Network connection Enables the SLM to connect to a managed device directly by means of HTTP HTTPS Secure Channel Web Channel SSH Connection or Telnet Note If the managed device incorporates a local Ethernet device and that device type is set to Win...

Страница 197: ...les the SLM to control power on the managed device through an SLP port Two power connections are available Note If the SLM detects that the power is on then only the Power Off and Cycle Power buttons display If the SLM detects that the power is off only the Power On button displays If the state of the power connection is not known all buttons display but you also get a message letting you know tha...

Страница 198: ...le we show a port on an SLC Figure 10 12 Port Page Configure Tab 2 Leave New Device in the Managed Device drop down list and select the Managed Device Group to which the new device will belong 3 Click the Create button The managed device field displays as a link to the managed device s configuration page and the menu tree lists the new managed device in the assigned Managed Device Group A Defuse b...

Страница 199: ...s for the serial connection Figure 10 14 Managed Device Page Connect Tab In a similar manner you can create individual managed devices from SLP ports and SLK connectors From a Ports List You can create one or more managed devices from an Ethernet device s ports list In this example we show ports on an SLC To create one or more managed devices on the Ports page 1 On the Device page click the Ports ...

Страница 200: ...reate Managed Devices 4 From the for checked ports drop down list box select the Managed Device Group to which the selected managed device s will belong 5 Click the Update button 6 Ine response to the confirmation request click OK The menu tree displays the new managed device s in the assigned Managed Device Group 7 If desired repeat step 2 through step 6 above to create managed devices and assign...

Страница 201: ...e will belong 3 Click the Create button When the page redisplays the Managed Device field displays as a link to the new managed device and the assigned Managed Device Group in the menu lists the new managed device A Defuse button displays to the right of the link 4 Click the Defuse button to remove this device from the managed device as desired If the device was the only component of the managed d...

Страница 202: ...roup page fuse several existing managed devices at once Guidelines Follow the guidelines below when fusing managed devices The managed devices must be in the same Managed Device Group A virtual managed device can consist of only one device local one SLC port one SLK or Spider port two SLP ports and one modem Fusing a Port with an Existing Managed Device The Port Configure tab provides an opportuni...

Страница 203: ... connection buttons above the Ethernet icon and one below the KVM icon enabling you to connect to the physical managed device through the network and the SLK connection Fusing an Ethernet Device with an Existing Managed Device The physical device to which a Lantronix device server or a modem is connected may be fused with an existing managed device To fuse a device with an existing managed device ...

Страница 204: ...ed device into the original managed device in the examples above the Connect tab would look like this Figure 10 20 Virtual Managed Device on Managed Device Page Connect Tab Fusing Managed Devices on the Managed Device Group Page Another place to fuse individual managed devices is on the Managed Device Group page Here you use a single web page to fuse multiple managed devices at the same time To us...

Страница 205: ...ame remains but the other fused components do not 5 On the menu click the virtual managed device The Connect tab displays the components of the virtual managed device each with the button s for connecting directly to each component Figure 10 23 Virtual Managed Device after Fusion 6 Click the Configure tab to see the list of managed devices that make up the virtual managed device Figure 10 24 Manag...

Страница 206: ... that the managed device has been updated Modem Connection Setting Description Modem From the drop down list select the modem or set to Any to allow the SLM to choose the modem Connection From the drop down list select the type of modem connection Disabled by default For information about types of modem connections see on Modem Management on page 86 Application From the drop down list select the a...

Страница 207: ...Device Name of an optional local Ethernet device that is being managed Device Type From the drop down list select the type of device Examples are Cisco IOS EMS Firewall Solaris Server and Switch Unknown is the default Note If you set the type to Windows the Remote Desktop button displays on the Connect Tab If the type is set to Linux Server then a VNC button is offered Managed Device Group To chan...

Страница 208: ...tab displays 2 Check the managed devices that you wish to delete and click Delete button at the bottom of the page Managed Device Commands Administrators Ethernet Account Users and Menu Only Users set manageddevice add Syntax set manageddevice add managedDeviceName group ManagedDeviceGroup parameters Parameters ethernetdevice ethernetDevice IP port portName portNumber Description Create a new mana...

Страница 209: ... renames it to waimea port 1 set ma config slp sunset port1 state off Specifies a managed device name slp sunset port1 and turns the power off Description Finds a managed device by device name and modifies device parameters set manageddevice defuse Syntax set manageddevice defuse managedDeviceName device serial power1 power2 kvm Description Defuses an Ethernet device or port from an existing manag...

Страница 210: ...ma index 1 dialout myaccount modem pci s4 phone 3334444 If you set dialout myaccount first and then decide to set modem and phonenumber later you still must specify dialout myaccount or dialout enable set ma index 1 dialout myaccount set ma index 1 dialout enable modem pci s4 phone 3334444 set ma index 1 disconnect modem Description Finds managed device by index and modifies device parameters set ...

Страница 211: ...all show device Description Displays all Ethernet and managed devices show manageddevice account Syntax show manageddevice account accountName Description Displays all managed devices viewable by a user account show manageddevice accountgroup Syntax show manageddevice accountgroup accountGroupName Description Displays all managed devices viewable by an account group show manageddevice all Syntax s...

Страница 212: ... are not case sensitive name Port Name Example show manageddevice search name waimea port Description Displays all ports that match the criteria entered Managed Device Users set manageddevice config Syntax set manageddevice config Device Name one or more parameters Parameters name New Name state on off cyclepower available for SLP SLB and Spider Duo only Powers managed device on or off Examples se...

Страница 213: ... set ma port slp sunset po 2 state on Description Finds managed device by index and modifies device parameters set manageddevice config Device Name disconnect modem Syntax set manageddevice config Device Name disconnect modem Description Finds managed device by name and disconnects modem set manageddevice index number disconnect modem Note Type show manageddevice all to display index Syntax set ma...

Страница 214: ...rator performs the following maintenance activities Update SLM firmware and configurations Configure and manage log files Configure an SNMP agent View events Update SLC firmware Searching for Ethernet Devices Ports Persistent Connections Managed Devices and Users All pages in the web interface have three search fields at the top Administrators and Ethernet Device Account groups can search by Ether...

Страница 215: ... all devices Note Searches are not case sensitive Table 11 2 Available Search Fields 2 Click the Search button The Search Results Devices page opens listing all devices that meet the search criteria that you have permission to see Ethernet Device Setting Description Device Fields Name The name of the device for which you are searching You need type only as many characters as will identify the devi...

Страница 216: ...e Channel Key Yes indicates that a secure channel has been established between the SLM and the device The Channel Key does not indicate whether or not there is an active secure channel communication session but instead indicates whether or not a secure channel was established to the device in the past enabling the SLM to connect to the device without using a password Note Behind the scenes the sec...

Страница 217: ... are case insensitive Table 11 5 Search by Port 3 Click the Search button The Search Results Ports page opens listing all ports that meet the search criteria that you have permission to see SSH Port Port assigned for SSH access if applicable Rack The name of the rack RrrCccPpp where rr row cc cluster and pp position in the form of a link that will take you to the Device Locator page Port Setting D...

Страница 218: ...Number of the port Console Name of the Ethernet device Log Enabled For SLC SLB devices shows logging status Log Time Frame For SLC v3 1 and later v3 x but not v4 0 The maximum time frame in hours before a new log file is created The default setting is 1 hour For SLC v4 0 and later The maximum time frame in seconds before the SLC sends data to the SLM The default setting is 30 seconds Max Log Size ...

Страница 219: ...if available displays for each persistent connection Table 11 9 Search by Persistent Connection Search for Managed Devices To search for a managed device Administrators Ethernet Device Account group members and Managed Device Account Group members can search by name To search for managed devices on the network 1 From the Table drop down list at the top of any page select Managed Device Persistent ...

Страница 220: ...etween 1 and 48 for the SLC 48 that is connected to the managed device s console port Power Port 1 Number or name of an SLP s power port that is connected to the managed device s power connector Power Port 2 Number or name of an SLP s second power port that is connected to the managed device s power connector KVM Port Number or name of an SLK KVM port that is connected to the managed device s KVM ...

Страница 221: ...ogging in to the SLM Email Address User s email address may be used for event notification Config Network Yes indicates the user can open the Network Settings page and configure network settings Config Authentication Yes indicates the user can select and prioritize authentication methods and related settings Config Services Yes indicates the user can configure services such as date and time and SN...

Страница 222: ... No allows the user to keep a password indefinitely Next Login Yes requires the user to change the password the next time the user logs in You may change this setting at any time Synchronize Yes indicates that if the user s password has changed since the last synchronization the SLM will update that new password on all SLMs SLCs SCSxx05 20s and SLPs Last Access Date and time the user last logged i...

Страница 223: ...ensitive name Device Name ipaddr IP Address location location firmware version number Example show ethernetdevice search device name slc firmware 4 Description Displays all devices that match the criteria entered For example if you specify name slc the SLM searches for all devices whose name starts with slc show ethernetdevice search port Syntax show ethernetdevice search port one or more paramete...

Страница 224: ...ine whether an account group can manage or just listen to the device Connection methods offered on a Managed Device depend on what is being managed as well as the device types doing the management For instance if a Linux Server is being managed then a VPN connection button displays If a Windows box is being managed then Remote Desktop is offered Other connection methods are offered according to th...

Страница 225: ...ry with the file iefix reg which can be downloaded under the Secure Lantronix Management Appliance SLM product group at the Lantronix website www lantronix com support downloads You must run this file on the client machine that runs IE Further Spider X X X X X X SCS05 20 X X X SCSxx00 X X X X WiBox X X UDS SDS X X EDS X X X X EDS MD X X X X XPort X X X X Premier Wave X X X X Other Lantronix X X X ...

Страница 226: ... supply the password when logging into the SLM If you use SSH you have to supply the password every time Before connecting to an SLC or to another SLM through the secure channel the administrator must first establish the secure channel connection to the Ethernet device SLC or SLM only The administrator attempts to connect to the Ethernet device through the SLM secure channel connection and supplie...

Страница 227: ...eived key that was stored in the known_host file If the newly received host key matches the key in the known_host file then the authentication process login and password continues Major Code Minor Code Description 1 40 Could not connect to SLC 1 41 Network connection to SLC broken during login 1 50 Error opening secure channel key 1 51 Error reading secure channel key 3 62 Error removing old secur...

Страница 228: ...click the SSH Connection button A Java applet runs 2 In response to the prompts enter the user name and password for the device Figure 11 20 SSH Login to SLC 3 Configure or manage the device as directed by the device s User Guide or online Help Making a Web Channel Connection to an SLC The web channel feature uses the existing secure channel key to the SLC to authenticate through the web interface...

Страница 229: ...ce You can make a Telnet connection to the command line interface of any discovered Ethernet device To make a Telnet connection 1 Click the Telnet button A Java applet runs and then the Telnet command line interface displays Figure 11 22 Telnet Connection 2 Configure or manage the device as directed by the device s User Guide or online Help ...

Страница 230: ...ects it via SSH With modemtelnet option the SLM dials outto the managed device inPPP and then connects it via Telnet With the modemcallback option when the SLM user calls an SLC and logs in the SLC hangs up and calls the user back The SLM then logs in again This feature is currently available in text mode only Examples connect device slc waimea connect device slc waimea port 1 connect device slc w...

Страница 231: ...more of user Login Name version 1 2 escape Character The TCP PORT parameter is the TCP port number the default is 22 Description Connect to any machine device using standard SSH V1 or V2 protocol connect telnet Syntax connect telnet IP Address tcpport TCP Port user Login Name tcpport is the TCP port number the default is 23 Description Connects to a device by means of standard Telnet show connecti...

Страница 232: ...ble in text mode only Examples connect device slc waimea connect device slc waimea port 1 connect device slc waimea ssh connect device slc waimea port 4 connect device slc waimea modemssh connect device slc waimea modemcallback Description Connects to a managed device through a secure channel connect index Note Type show managedevice all to display the index Syntax connect index number secure ssh ...

Страница 233: ... the SLM Mobile Browser on page 288 Enable Audit Log If selected enables the SLM to log all actions that have changed the configuration of the SLM Disabled by default Enable SSH Logins If selected enables the SLM to allow users to access the CLI using SSH Enabled by default Enable SSH v1 Logins If selected enables the SLM to allow users to access the CLI using SSH version 1 SSH Port Allows you to ...

Страница 234: ...splays Figure 11 25 Services Page Banners Tab 2 Enter the following information Table 11 26 SLM Services Banners 3 Click the Update button Note Use the Reset button to clear the entries SLM Service Setting Description Welcome Enter the text to display at CLI connection Login Enter the text to display upon successful login to the CLI Logout Enter the text to display upon logout from the CLI ...

Страница 235: ...import or change an SSL Certificate 1 On the Services page click the SSL tab The current certificate displays Figure 11 27 Services SSL Tab 2 Enter the following Table 11 28 SLM Services SSL Tab SSL Certificate Setting Description Reset to Default Certificate To reset to the default certificate select the checkbox to reset to the default certificate Unselected by default Import SSL Certificate To ...

Страница 236: ...n the Services page click the Status tab The following page displays the status information Certificate Filename Filename of the certificate Key Filename Filename of the private key for the certificate Host Host name or IPaddress of the host from which to import the file Path Path of the directory where the certificate will be stored Login User User ID to use to SCP or SFTP the file Password Retyp...

Страница 237: ...11 Operation and Maintenance SLM User Guide 237 Figure 11 29 Services Page Status Tab ...

Страница 238: ...11 Operation and Maintenance SLM User Guide 238 Continuation of Figure 11 29 part 2 of 3 ...

Страница 239: ... of 3 2 To email the status enter the recipient s email address and click the Send Report button Services Commands set service auditlog Syntax set service auditlog enable disable Description Enables or disables audit logging set service telnet Syntax set service telnet enable disable ...

Страница 240: ...inistrators to Reboot or shut down the SLM Save a snapshot of all database settings configuration configured users and discovered devices on the SLM or the user s client machine Restore the configuration either to a previously saved configuration or to the factory defaults Update user passwords on selected SLMs SLCs SLBs SLPs and SCS05 20s password synchronization View the firmware version on two ...

Страница 241: ...to terminate all connections and reboot the SLM immediately Shutdown Select this option to terminate all connections shut down the SLM immediately and turn off the power Password Synchronization Setting Description Push Passwords When the Push Passwords check box on the Maintenance page is selected the SLM uses the password on all accounts with Synchronize Password enabled to update accounts on re...

Страница 242: ...g defaults select one or more of the following options Preserve Network Settings This option preserves the settings on the Network Settings and the Services page Preserve User Accounts Preserve Devices Ports This option preserves Ethernet and managed devices and their groups Preserve SSH Keys This option preserves existing SSH Keys in the database for use with the restored system The four preserve...

Страница 243: ...s saved configuration files admin locallog clear Syntax admin locallog clear auditlog admin locallog clear syslog admin locallog clear traplog device Device Name or IP Address Save Configuration to Client Saves all settings to a file on the clientsystem which you can back up to a location not on the SLM The SLM sends the file containing the state of the system to the client machine for storage The...

Страница 244: ...oot Syntax admin reboot Description Terminates all connections and reboots the SLM admin securechannel regenkey Syntax admin securechannel regenkey Description Regenerates the secure channel key Note With this command you lose access to established secure channels therefore the SLM first requests confirmation that you want to regenerate the securechannel key admin shutdown Syntax admin shutdown De...

Страница 245: ...The output can be emailed show sysinfo Syntax show sysinfo Description Displays general system information Date and Time You can specify the current date time and time zone at the SLM s location or the SLM can use NTP to synchronize with an NTP server on your network To set the local date time and time zone 1 On the menu click Configuration Services Date Time The following page opens Figure 11 35 ...

Страница 246: ... From the drop down list select the appropriate time zone SLM Up Time Indicates how long the SLM has been up and running Setting Description Enable NTP Select the check box to enable NTP synchronization NTP is disabled by default Synchronize via Select one of the following Broadcast from NTP Server Enables the SLM to accept time information periodically transmitted by the NTP server This is the de...

Страница 247: ...ime Description Displays the local date time and time zone SNMP Syslog Administrators can configure a Simple Network Management Protocol SNMP agent to allow users read only access to the system 1 On the menu click Configuration Services SNMP Syslog The following page opens Figure 11 38 SNMP Syslog Page 2 Enter the following information Table 11 39 SNMP Syslog Configure Setting Description SNMP Age...

Страница 248: ...P authentication may take a long time this setting allows the user to choose SNMP support which is faster Contact optional Description of the person responsible for maintaining the SLM for example a name Trap Community Only management devices that are listening for the specified trap community process the trap Management devices that are not listening for that trap community ignore the trap V3 Use...

Страница 249: ...ng information Table 11 41 Device Firmware Update SLM Tab Setting Description Current Version view only Number of the firmware release on the SLM Load Firmware via From the drop down list select the method of loading the firmware Options are FTP SFTP and Local File FTP is the default Note The Local File option is active only when at least one file exists in the SLM FW Upgrade Files directory Firmw...

Страница 250: ...Server to see if a firmware update file is available for your system If one is present then an additional option Lantronix Server displays in the Load Firmware via drop down list Setting Description FTP Server The IP address or host name of the server used for obtaining updates May have up to 64 alphanumeric characters and may include hyphens and underscores Path The default path on the server for...

Страница 251: ...n SLC SLB and TFTP on SLC SLB The SLM commands the SLC SLB to download the SLC SLB firmware file directly from a server to the SLC SLB FTP on SLM and SFTP on SLM The SLM first checks to see whether the SLM firmware file already exists on the SLM local hard disk If not the SLM downloads it using FTP or SFTP The SLM stores the firmware file locally securely copies the file to the selected SLC SLBs a...

Страница 252: ...Server The IP address or host name of the server used for obtaining updates May have up to 64 alphanumeric characters and may include hyphens and underscores Path The default path on the server for obtaining firmware update files May be blank Login The user name for accessing the FTP server Password and Confirm Password The FTP user password Connect Timeout secs The number of seconds after which t...

Страница 253: ...nd the SLP to download the SLP firmware file to the SLP directly from a server Select FTP on SLM or SFTP on SLM for the SLM to first check to see whether the SLP firmware file already exists on the SLM local hard disk If not the SLM downloads it using FTP or SFTP The SLM stores the firmware file locally then the SLM serves as the FTP server and allows the SLP to download the firmware file from the...

Страница 254: ...ating the firmware file Lantronix provides the key with the firmware file 32 hex characters Local File From the drop down list select the firmware update from the Files SLP Upgrade Files directory Client File Enter or browse to the file where the update is stored Setting Description FTP Server The IP address or host name of the server used for obtaining updates May have up to 64 alphanumeric chara...

Страница 255: ...isplays Note To check the progress of the update click the Progress button above the menu WiBox Firmware To update firmware on a WiBox 1 On the Device Firmware Updates page click the WiBox tab Setting Description Load Firmware via From the drop down list select the method of loading the firmware You have the following options HTTP From Client Note The Local File option is active only when at least...

Страница 256: ...he update click the Progress button above the menu Setting Description Load Firmware via From the drop down list select the method of loading the firmware You have the following options HTTP From Client Note The Local File option is active only when at least one file exists in the WiBox FW Upgrade Files directory Local File From the drop down list select the firmware update file stored on the SLM ...

Страница 257: ...omplete a confirmation message displays Note To check the progress of the update click the Progress button above the menu Setting Description Load Firmware via From the drop down list select the method of loading the firmware You have the following options HTTP From Client Note The Local File option is active only when at least one file exists in the UDS SDS FW Upgrade Files directory Local File F...

Страница 258: ...save click the Update button When the update is complete a confirmation message displays 4 To reset to original values click the Reset button Setting Description Auto save configuration to other SLMs From the drop down lists select up to eight SLMs on which automatically saved configuration files will be stored Disabled by default Note For SLMs to populate the drop down lists they must have a secu...

Страница 259: ... action on multiple or all devices or different actions on multiple devices 1 On the menu click Ethernet Devices and select a specific device group The Manage selected device group Group page opens 2 Click the Actions tab The following page opens for SLC SLB Note that this page will differ for Spider and UDS devices Figure 11 57 Manage SLC Group Actions Tab 3 To perform an action on all of the lis...

Страница 260: ...or the SLC 2 Click the Submit button Getting a Log File Use the Actions tab to get a syslog or audit log file from one or more SLCs Notes The SLM stores files in the Files directories You can display a file from the appropriate Files directory The file name format is first 8 characters of SLC host name _ last 8 characters of MAC Address YYMMDD_hhmm type of logfile For example the syslog file retri...

Страница 261: ...e or more SLCs To get a sysconfig system status file 1 Select the Get Sysconfig check box for the SLC 2 Click the Submit button Getting or Pushing SSH Keys Use the Actions tab to retrieve or export SSH keys from or to one or more SLCs Note To view SSH keys click Configuration Authentication SSH Keys on the menu and then click the SLC Keys tab Get SSH key retrieves all the imported public SSH keys ...

Страница 262: ...the SSH select the Overwrite check box at the top of the page 2 Select the Push SSH check box for the SLC 3 Click the Submit button Reading Information Use the Actions tab to update the SLM s database with SLC device and port information To read information from SLCs 1 Select the checkboxes for the SLCs to read 2 Click the Submit button Note This is the same as the Read info from devices check box...

Страница 263: ...llowing commands will not work because the SLC CLI does not send status settings successfully updated which lets the SLM know that the command was successful show anything Examples of commands that do work are se de po 1 baud 9600 set cli terminallines disable To issue a CLI command 1 Select the CLI Cmd check box for the SLC Figure 11 58 Issuing a CLI Command 2 In the CLI command field at the bott...

Страница 264: ...wing Progress of Update FW and CLI Commands 2 View the following information about each task Table 11 60 Manage SLC Group Actions Tab 3 To view details of the last device action status of the SLMs SLCs SLPs SCS click the Dev Status tab The following page opens Setting Description Name Name of the task Status Informational text Progress Percentage of the task that is complete ...

Страница 265: ...s device port buffering syslogs event logs access logs user access and audit logs The alarm could send an email to a user send an SNMP trap or write to a log file local syslog or remote syslog Event Management Administrators configure alarms and triggers An alarm is a notification that may take the form of an email trap or syslog A trigger is something that happens to set off an alarm assigned to ...

Страница 266: ...l address with details of the event that has been triggered trap Sends a notification of a critical event to a specified IP address syslog Writes an entry into the syslog with details of the event IP email address For an Email alarm The email address where notifications go For a trap The IP address of the device to which notifications go For a syslog Leave blank Community For a trap The SNMP commu...

Страница 267: ...polling failed When polling is enabled on a device the Poll check box on the device page the SLM constantly checks on the device to see if that device is reachable syslog string match Enter the text string for the string match in the oid string eth port field This is the trigger when a syslog string matches the specified string This is a very powerful trigger because the SLM can act as a syslog se...

Страница 268: ... 2 1 Each number is part of a group represented by the number on its left string Series of characters that match a monitored device s audit log syslog or port log The OID string match supports partial match The string match for a port log could be an exact string or a regular expression For example String reboot will match port logs containing reboot String RE abc 0 9 will match port logs containi...

Страница 269: ...11 Operation and Maintenance SLM User Guide 269 Figure 11 65 SNMP Trap Configuration from Lantronix Tech Support FAQ ...

Страница 270: ...alarms until it is reactivated 3 Click the Update button To add an additional alarm You may add an alarm only if there are available alarms that are not already assigned to the trigger You can add more alarms on the main Event Management page 1 From the Available Alarms list select another alarm 2 Click the Add Alarm button The alarm now displays in the Current Alarms list To delete an alarm On th...

Страница 271: ...ng the Event Log Administrators can clear the event log To display current log information 1 Click the Refresh button To clear the event log 1 Click the Clear Event Log button A message requesting confirmation displays 2 In response to the confirmation message click OK Files Administrators can display and manage log upgrade configuration session and trap files of Ethernet devices Note To retrieve ...

Страница 272: ...config Files Viewable system configuration of SLM managed Spider devices UDS SDS Sysconfig Files Viewable system configuration of SLM managed UDS devices UDS SDS Applet Files Applet files for installation on UDS devices Log Files SLM Syslog Files Contain information about all activity on the SLM for example login attempts alarms and diagnostics SLM Auditlog Files Every successful login logout and ...

Страница 273: ..._and_time log where Table 11 68 File Format For edge device based logging the filename is made up of only three of these fields hostname _ host_mac_address device_port_number log Viewing Deleting and Renaming Files In this section we show how to view delete and rename files In our example we use an SLM syslog file To view a file 1 On the menu click Files and then the file type you want to view The...

Страница 274: ...Files Page Files Tab The available files of the selected type display in the list box 2 Select View and then the file you want to view 3 Click the Submit button The Display tab opens and shows the contents of the selected file Figure 11 70 SLM Syslog Files Page Display Tab ...

Страница 275: ...e the menu To rename a file Note You cannot rename an active syslog file 1 On the menu click Files and then the type of file you want to rename The files of that type display in the list box 2 Select Rename and then the file you want to rename 3 To rename a file to a name already in use in the directory select the Overwrite existing file check box Note If you try to rename a file to a name already...

Страница 276: ...e the status of the copy process if you are copying multiple files at the same time click the Progress button above the menu To upload a file from the client machine to the SLM 1 On the menu click Files and then the file type you want to upload 2 Select Upload 3 Click the Browse button and locate the file on your client machine to upload 4 If this is an SLM FW Upgrade or SLC FW Upgrade which also ...

Страница 277: ...er Table 11 74 File Management Copy Tab FTP SFTP Server Setting Description File type to copy From the drop down list select the type file to copy The default setting is SLM FW Upgrade Copy file from Select the type of server from which to copy The default setting is SFTP Note If you set up NFS and CIFS or if a USB flash memory is installed then they display in this list Filename Name of the firmw...

Страница 278: ...FS Tab 2 Enter the following information for importing a file Note The first three lines are for mounting remote NFS directories the SLM functions as an NFS client Once the directory is mounted the SLM can import files from that share point Path The default path on the server forobtaining firmware upgrade files and getting and putting configuration save files Login The user ID for accessing the FT...

Страница 279: ... permissions To set up CIFS 1 On the menu click Files and then the CIFS tab The following page opens Setting Description Remote directory The remote NFS share directory in the format nfs_server_hostname_or_ipaddr nfs_mount_point where nfs_mount_point is the path to the exported NFS directory on the remote NFS server Local directory The local directory on the SLM on which to mount the remote direct...

Страница 280: ... from the SLM Note This information is for the CIFS share that we can export the SLM acts as a CIFS server Setting Description Remote directory The remote directory to be imported in the format server_name_or_ip sharepoint Local directory The local directory on the SLM on which to mount the remote directory The SLM creates the local directory automatically Username User name required to authentica...

Страница 281: ...From the drop down list select the directory you want the SLM to export Disabled is the default setting Network port 1 and Network port 2 Select the network ports from which you can see the share Normal usage is to make the share visible in both network ports but the boxes are unchecked by default Workgroup The Windows workgroup to which the PC importing the CIFS share belongs Can have up to 15 ch...

Страница 282: ...og file will be created for each edge device and all user interaction will be merged into a single log file and individual user keystrokes will be identified Setting Description Maximum File Size KB Maximum size for each SLM audit log file in kilobytes The default is 64 Maximum log space GB Maximum space used for all SLM audit log files in gigabytes The default is 5 On log space exhausted Select o...

Страница 283: ...slog or traplog show auditlog Syntax show auditlog Displays the audit log from the bottom show auditlog tail Displays the audit log from the bottom tail show auditlog top Displays the audit log from the top Description Displays the audit log Default is tail show portlog Syntax show portlog Lists all port log files show portlog parameters Lists port log files as specified by parameters Setting Desc...

Страница 284: ...lay index Syntax show portlog file index Shows the port log from the top show portlog file index tail Displays the port log from the bottom tail show portlog file index top Displays the port log from the top Description Displays the contents of the portlog file by index Default is top show portlog index Syntax Note Type show portlog to display index show portlog index number Displays part of portl...

Страница 285: ...ex 3 tail 15 Displays the last 15 lines of specified port log from tail show portlog index 3 lastminutes 5 Displays port log by the index 3 To get this index type show portlog lastminutes 5 show portlog index 3 date 0205 Displays port log by the index 3 To get this index type show portlog date 0205 show portlog index 3 date 0205 0209 Displays port log by the index 3 To get this index type show por...

Страница 286: ...show sessionlog type scsport index 3 Displays the specified SCS05 20 port session log from the top show sessionlog type device index 3 top 10 Displays the first 10 lines of the specified device session log from the top show sessionlog type device index 3 tail 15 Displays the last 15 lines of specified device session log from the end show sessionlog type device index 3 lastminutes 5 Displays device...

Страница 287: ...index Syntax show traplog index number Description Displays all current trap log information The index number displays detailed information about a selected trap log show traplog device Note Type show traplog to display the index Syntax show traplog device Device Name or IP address index number Description Displays the current trap log information for an Ethernet device using name IP address or in...

Страница 288: ...e If you want to access the SLM WAP site via SSL https your phone browser must support SSL An example of such a browser is Opera Mini Your phone s browser does not need to support cookies or JavaScript Your wireless provider may charge you Depending on your service plan Check with your provider for more information about fees associated with accessing the Internet from your mobile phone Using the ...

Страница 289: ... Shortcut keys only work with a true WAP browser not browsers such as IE or FireFox 1 When a number precedes an option tap the number on the keypad to open the link For example to select Managed Devices in the example above tap the 3 key Obtaining More Data A plus and or a minus button may display at the bottom of a page If there is a select it or tap the star key to advance to the next page of de...

Страница 290: ...ious page of details displays Logging Out To log out of the SLM 1 Select Logout at the top right of each page Table 12 1 Navigation Summary To Select on the browser page Tap on the keypad Return to the Home page Home bottom of page 0 zero Select menu option Link blue When a number precedes an option the number on the keypad See more details if available star key Return to previous details pound ke...

Страница 291: ... of the SLM Devices Displays information about Ethernet and Managed devices Log Displays audit port system and trap logs The menu for the selected category opens Return to the previous page Back bottom of page Back or its equivalent on your phone Return to a menu Name of menu if at bottom of page Log out Logout top of any page To Select on the browser page Tap on the keypad ...

Страница 292: ...e 292 Status Menu The SLM Status menu has three options System Information Connections and Routes System Information To view the status of the system 1 On the Status Menu select System Information or tap the 1 key The system configuration displays ...

Страница 293: ... view information about the SLM s connections 1 On the Status Menu select Connections or tap the 2 key The Connections menu displays 2 To view individual connections click the blue link on the Connections menu or tap the key number displayed to the left of the option ...

Страница 294: ...formation 1 On the Status Menu select Routes or tap the 3 key Device Menu The Device Menu provides access to Ethernet devices unreachable Ethernet devices and Managed Devices To view information about the devices the SLM is managing 1 On the Main menu select Devices The Devices menu displays ...

Страница 295: ...nformation about an Ethernet device 1 From the Devices menu select Ethernet Devices The green icon to the right of a device indicates that the device is reachable the red indicates that the device is unreachable 2 Select the unit you want to view Details about the device display ...

Страница 296: ...eachable Devices To view Ethernet devices to which the SLM has not been able to connect 1 On the Devices menu select Ethernet Unreachable Devices The Ethernet Unreachable Devices page displays a list of unreachable devices 2 To view device details select the device ...

Страница 297: ...er SLM User Guide 297 Managed Devices To obtain information about managed devices 1 Select Managed Devices on the Devices menu The Managed Devices page displays a list of managed devices 2 Select a managed device to view its details ...

Страница 298: ...enu The Log Filter page displays 2 Select one or both of the following Table 12 2 Log Filter by Last and Date Time 3 Select the Save button Example If you set Filter by last to 5 in log filter page and enable the filter only the last 5 lines of a log file displays When you select it displays 10 2X5 if available When a user select again it displays 15 3X5 if available Minus works in the other direc...

Страница 299: ... Mobile Browser SLM User Guide 299 View Logs To view audit trap system or port logs 1 Select Log on the Main menu The SLM Log menu displays 2 Select the type of log you want to see e g tap 2 to see the SLM s audit logs ...

Страница 300: ...rowser SLM User Guide 300 3 Select the log to view details 4 Select the button to see more details 5 Select the to scroll to see more lines of details Note You can set the number of lines you see at a time on the Log filter page ...

Страница 301: ...y a vertical line The values are all lowercase and must be entered exactly as shown Bold indicates a default value parameter name Value Specify an appropriate value for example a device group name This User Guide shows parameter values in mixed case to indicate they are case sensitive For example if you saved a device group name in mixed case you must enter it in mixed case if you saved it in lowe...

Страница 302: ... how you accessed the interface Both keys work if you use VT100 emulation in your terminal access program when connecting to the console port Use the left and right arrow keys to move within a command Use the up and down arrows to scroll through previously entered commands If desired select one and edit it You can scroll through up to 100 previous commands entered in the session When the number of...

Страница 303: ...on is obtained or using only the first authentication method that responds in the event that a server is down Note If SecurID is used no other parameters can be used Any methods omitted from the set auth command will be disabled if at least one method is selected set ldap Syntax set ldap one or more parameters Parameters state enable disable server IP Address or Name port TCP Port base LDAP Base b...

Страница 304: ...rt set radius Syntax set radius one or more parameters state enable disable timeout 1 30 seconds server1 IP Address or Name port1 TCP Port secret1 Secret server2 IP Address or Name port2 TCP Port secret2 Secret Description Configures the SLM to use RADIUS to authenticate users who login to the SLM via SSH Telnet the web or the console port set sshkey delete Syntax set sshkey delete keyuser SSH Key...

Страница 305: ...methods in use show ldap Syntax show ldap Description Displays all LDAP information show nis Syntax show nis Description Displays all NIS information show radius Syntax show radius Description Displays all RADIUS information show sshkey import Syntax show sshkey import one or more parameters Parameters keyuser SSH Key User keyhost SSH Key IP Address or Name viewkey enable disable Description Displ...

Страница 306: ...ts including sysadmin to authenticate users who login to the SLM by means of SSH Telnet the web or the console port set account add Syntax set account add User Name group Group Name admin parameters Parameters email Email Address auth local remote localremote disable allowdialback enable disable dialbacknumber dial back number allowpwchange enable disable pwneverexpires enable disable changepwnext...

Страница 307: ...t password Syntax set account password User Name Note Administrators with permission to change passwords must enter the username Other users may not enter a username they are changing their own password Description Configures a user account s password for the SLM show account Syntax show account User Name show account user User Name Description Displays account information by user name show accoun...

Страница 308: ... Syntax set accountgroup add Group Name type ethernet managed menu parameters Parameters menu Menu Name Description Creates a local account group Group type is Administrators Ethernet Managed or Menu User set accountgroup edit Syntax set accountgroup edit Group Name one or more parameters Parameters name new name menu Menu Name CLEAR Description Modifies an account group Group type is Administrato...

Страница 309: ...tive Commands admin autodetect filter Syntax admin autodetect filter delete Deletes one of the current auto detect search filters The command displays an index of current filters Type the index number of the filter you want to delete and press Enter admin autodetect filter ltrx IP subnet Sets Lantronix discovery protocol search filters admin autodetect filter scs IP range timeout number of millise...

Страница 310: ...banner welcome Banner Text admin banner login Banner Text admin banner logout Banner Text Description Configures the banner displayed before login welcome after login or after logout To insert line feeds in the banner use the n character sequence admin banner show Syntax admin banner show Description Displays the banner configuration admin copybank Syntax admin copybank Description Copies the SLM ...

Страница 311: ...tion Clears all of the entries in the auditlog or syslog or traplog admin option Syntax admin option Option Name value Option Value Description Adds license options admin quicksetup Syntax admin quicksetup Description Displays the quick setup script on the CLI only the sysadmin account can use this command admin reboot Syntax admin reboot Description Terminates all connections and reboots the SLM ...

Страница 312: ... shuts down the SLM and turns off the power admin switch bank Syntax admin swithchbank bank 1 2 Description Switches the SLM to the next boot bank admin signature restore Syntax admin signature restore Description Restores signature information to the system admin signature show Syntax admin signature show Description Displays signature information admin version Syntax admin version Description Di...

Страница 313: ...iption Displays a report of configurable parameters The output can be emailed All Devices Commands show device Note Entries are not case sensitive Syntax show device device name Description Searches for and displays Ethernet or managed devices by device name For example if you specify name slc the SLM searches for all Ethernet and managed devices whose name starts with slc show device all Syntax s...

Страница 314: ... Syntax admin autodetect filter ltrx IP range timeout number of milliseconds Example IP range 192 168 0 1 192 168 0 155 timeout 1500 timeout default is 1000 ms range is 1000 60000 ms Description Sets Lantronix discovery protocol search filters The ending IP address is optional admin autodetect filter scs Syntax admin autodetect filter scs IP range timeout number of milliseconds Example IP range 19...

Страница 315: ...s Parameters securechannel default password option ltrxonly delnonltrx ltrxonly detects only Lantronix devices delnonltrx detects only Lantronix devices and removes existing non Lantronix devices Examples admin autodetect start securechannel default Attempts secure channel using the default password admin autodetect start securechannel mypass option delnonltrx Attempts secure channel using passwor...

Страница 316: ... cli Description Displays the terminal lines settings show history Syntax show history Description Displays the 100 most recent CLI commands Connection Commands Administrators Ethernet Users and Menu Only Users connect device Syntax connect device Device Name or IP Address one or more parameters Parameters secure ssh telnet tn3270 serial modem modemssh modemtelnet modemcallback port port Specify s...

Страница 317: ...modemcallback Description Connects to an Ethernet device managed device or device port connect index number Note Type show device all to display the index Syntax connect index number secure ssh telnet serial modem modemssh modemtelnet modemcallback Description Connects a device by index number connect persistent Syntax connect persistent persistentConnectionName device devname IP Notes The device ...

Страница 318: ...ice Syntax connect device Device Name secure ssh telnet serial modem modemssh modemtelnet modemcallback po rt port Specify secure to connect through a secure channel Secure channel is the default method of connection for SLC SLB SLC ports and SLM and SSH is the default for other devices Port is the number of a physical port on the SLC SLC48 has ports 1 to 48 Modem connection is available for manag...

Страница 319: ...dex number secure ssh telnet serial modem modemssh modemtelnet modemcallback Description Connects to a device by index number connect remote Syntax connect remote show connections connect remote terminate Parameters Device Name or IP Address id connectionid Description Displays or terminates user connections on a remote Ethernet device The specified device must exist in the SLM database connect wa...

Страница 320: ...atetime Syntax show datetime Description Displays the local date time and time zone Diagnostic Commands diag arp Syntax diag arp Description Displays the ARP table for mapping IP addresses to hardware addresses diag netstat Syntax diag netstat tcp udp all statistics Description Displays output IP routing table and optionally network connections and statistics diag nettrace Syntax diag nettrace one...

Страница 321: ...rifies that the SLM can reach a host over the network diag ping6 Syntax diag ping6 IP Address or Name one or more parameters Parameters interface interface name count Number of Times to Ping Default is 5 packetsize Size in Bytes Default is 64 Examples diag ping6 fe80 214 85ff fec0 928e interface eth1 Description Verifies that the SLM can reach a host over the network diag traceroute Syntax diag tr...

Страница 322: ...p chap username User Name password Password nat enable disable timeout disable 1 30 minutes Default is 20 Description Creates a new dial account set dialaccount delete Syntax set dialaccount delete Dial Account Name Description Delete a dial account set dialaccount edit Syntax set dialaccount edit Dial Account Name parameters Parameters modemmode text ppp localipaddr negotiate IP Address remoteipa...

Страница 323: ...ccount settings for a managed device set manageddevice index Note Type show manageddevice all to display index Syntax set manageddevice index number dialout Dial Account Name enable disable modem Modem Name phonenumber phonenumber application ssh telnet http none Description Finds managed device by index and modifies dial account settings To set modem parameters you must specify a dial out option ...

Страница 324: ...etAccoutGroup remove Description Assigns or removes permissions for an Ethernet device by name set ethernetdevice config Syntax set ethernetdevice config Device Name or IP Address one or more parameters Parameters delete dialout Dial Account Name enable disable phonenumber phone number disconnect modem name Device Name ipaddr IP Address location Location login Loginname model Model readinfo sshpor...

Страница 325: ... set ethernetdevice port Syntax set ethernetdevice port Device Name or IP Address portnumber port number or list one or more parameters Parameters name New Port Name state on off cyclepower available for SLP only Powers Ethernet device port on or off Note Only SLP outlet action supports a port list Examples To power up SLP outlet 2 set eth port slp sunset po 2 state on To power up SLP outlet port ...

Страница 326: ...evice accountgroup Syntax show ethernetdevice accountgroup Description Displays all Ethernet devices viewable by users whose accounts belong to the specified account group show ethernetdevice all Syntax show ethernetdevice all Description Displays all Ethernet device information show ethernetdevice config Syntax show ethernetdevice config Device Name or IP Address Description Finds an Ethernet dev...

Страница 327: ...yntax show ethernetdevice list Description Displays all Ethernet devices in short form show ethernetdevice port Syntax show ethernetdevice port Device Name or IP Address all show ethernetdevice port Device Name or IP Address portnumber Port Number Description Finds an Ethernet device using device name or IP address and displays port information show ethernetdevice search device Syntax show etherne...

Страница 328: ...x Note Type show ethernetdevice unreachablelist to display index Syntax show ethernetdevice unreachablelist index number Description Displays unreachable ethernet devices by index IPv4 Filter Commands set ipfilter delete Syntax set ipfilter delete Name Example set ipfilter delete MyFilter Description Deletes IPv4 filter set by specified name set ipfilter delete all Syntax set ipfilter delete all D...

Страница 329: ...ber set ip filter state Syntax set ipfilter state enable disable Description Enables or disables IPv4 filters set ipfilter test Syntax set ipfilter test number of minutes Description Enables or disables IPv4 filter test mode show ipfilter Note Type show ipfilter to display index Syntax show ipfilter parameters Parameters name Filter Name index number Examples show ipfilter show ipfilter name MyFil...

Страница 330: ...og group group name group name SLM SLC SLK SLP SCS LTRX SLB SPDR WiBox or other Description Clears all of the entries in the auditlog syslog or traplog Audit Log show auditlog Syntax show auditlog parameters Parameters tail default top lastminutes minutes date MMDD date MMDD MMDD Description Lists audit log files show auditlog list Syntax show auditlog list parameters Parameters lastminutes minute...

Страница 331: ...fied in the last 5 minutes show auditlog date 0205 Lists auditlog files last modified on 0205 show auditlog date 0205 0209 Lists auditlog files last modified between 0205 and 0209 show auditlog index 3 Displays index 3 from the top show auditlog index 3 top 10 Displays the first 10 lines of index 3 from the top show auditlog index 3 tail 15 Displays the last 15 lines of index 3 from the tail show ...

Страница 332: ...w eventlog Syntax show eventlog Description Lists the event log files Port Log show portlog Syntax show portlog Lists all port log files show portlog parameters Lists port log files as specified by parameters Parameters lastminutes minutes date MMDD date MMDD MMDD Description Lists portlog files Examples show portlog lastminutes 5 Lists portlog files modified in last 5 minutes show portlog date 02...

Страница 333: ...log index number parameters Parameters top number of lines Displays the part of portlog by index from the top tail number of lines Displays the part of the portlog by index from the end lastminutes minutes date MMDD date MMDD MMDD Description Displays the contents of the portlog file by index Note Index is the number specified by parameters lastminutes and date If you specify 0 as number of lines ...

Страница 334: ...by the index 3 To get this index type show portlog lastminutes 5 show portlog index 3 tail 0 lastminutes 5 Displays the portlog by the index 3 from tail To get this index type show portlog lastminutes 5 show portlog list Syntax show portlog list show portlog list parameters Parameters lastminutes minutes date MMDD date MMDD MMDD Description Lists portlog files in short form Session Log show sessio...

Страница 335: ...ion log from the end show sessionlog type device index 3 lastminutes 5 Displays device session log by the index 3 To get this index type show portlog lastminutes 5 show sessionlog type slcportsaved index 3 date 0205 Displays archived SLC port sessionlog by the index 3 To get this index type show sessionlog type slcportsaved date 0205 show sessionlog type device index 3 date 0205 0209 Displays devi...

Страница 336: ...ify 0 at number of lines all lines display Parameters top number of lines tail number of lines lastminutes minutes date MMDD date MMDD MMDD loglastminutes minutes logdate MMDD logdate MMDD MMDD If you specify both the date and time the SLM ignores the date Description Displays the specified part of the syslog by index Examples show syslog Lists syslog files show syslog lastminutes 5 Lists syslog f...

Страница 337: ...ndex 3 between the dates 0205 to 0209 show syslog index 3 top 10 lastminutes 5 Displays the first 10 lines of index 3 of the syslog from the last 5 minutes show syslog index 3 tail 0 lastminutes 5 Displays all lines of the syslog in index 3 from the tail show syslog index 3 lastminutes 5 logminutes 10 Displays the part of syslog in index 3 time stamped in the last 10 minutes show syslog index 3 da...

Страница 338: ...ters index is the number of lines of the log specified by lastminutes and date If you specify 0 at number of lines all lines display Parameters top number of lines tail number of lines lastminutes minutes date MMDD date MMDD MMDD loglastminutes minutes logdate MMDD logdate MMDD MMDD If you specify both the date and time the SLM ignores the date Description Displays the specified part of the traplo...

Страница 339: ...f index 3 of the traplog from the last 5 minutes show traplog index 3 tail 0 lastminutes 5 Displays all lines of the traplog in index 3 from the tail show traplog index 3 lastminutes 5 logminutes 10 Displays the part of traplog in index 3 times tamped in the last 10 minutes show traplog index 3 date 0205 Displays the part of traplog in index 3 times stamped on 0205 Maintenance Commands admin confi...

Страница 340: ...P SCS LTRX SLB SPDR WiBox or other Description Clears all of the entries in the auditlog syslog or traplog admin quicksetup Syntax admin quicksetup Description Displays the quick setup script on the CLI only the sysadmin account can use this command admin reboot Syntax admin reboot Description Terminates all connections and reboots the SLM admin securechannel regenkey Syntax admin securechannel re...

Страница 341: ... report of configurable parameters The output can be emailed Managed Devices Administrators Ethernet Account Users and Menu Only Users set manageddevice add Syntax set manageddevice add managedDeviceName group ManagedDeviceGroup parameters Parameters ethernetdevice ethernetDevice IP port portName portNumber Description Create a new managed device from the specified Ethernet device or port set mana...

Страница 342: ...managed device name slp sunset port1 and turns the power off Description Finds a managed device by device name and modifies device parameters set manageddevice defuse Syntax set manageddevice defuse managedDeviceName device serial power1 power2 kvm Description Defuses an Ethernet device or port from an existing managed device set manageddevice fuse Syntax set manageddevice fuse managedDeviceName e...

Страница 343: ... specify dialout myaccount or dialout enable set ma index 1 dialout myaccount set ma index 1 dialout enable modem pci s4 phone 3334444 set ma index 1 disconnect modem Description Finds managed device by index and modifies device parameters set manageddevice index n defuse Syntax set manageddevice index n defuse device serial power1 power2 kvm Description Defuses an Ethernet device or port from an ...

Страница 344: ...n Displays all managed devices viewable by a user account show manageddevice accountgroup Syntax show manageddevice accountgroup accountGroupName Description Displays all managed devices viewable by an account group show manageddevice all Syntax show manageddevice all show manageddevice Description Displays information about all managed devices show manageddevice config Syntax show manageddevice c...

Страница 345: ...set manageddevice config Syntax set manageddevice config Device Name one or more parameters Parameters name New Name state on off cyclepower available for SLP only Powers managed device on or off Examples set ma config port 1 name waimea port 1 Specifies a managed device name port 1 and renames it to waimea port 1 set ma config slp sunset port1 state off Specifies a managed device name slp sunset ...

Страница 346: ...2 disconnect modem Description Finds a managed device by index number and disconnects modem Menu Commands Users can have custom user menus as their command line interface rather than the standard CLI command set Each custom user menu can contain up to 50 commands logout is always the last command Instead of typing each command the user enters the number associated with the command Each command can...

Страница 347: ...les or disables display of command nicknames instead of commands set menu edit Menu Name redisplaymenu enable disable Enables or disables redisplay of menu before each prompt Description Changes menu properties show menu Syntax show menu Menu Name show menu name Menu Name show menu all Description Shows a list of all menu names or all commands for a specific menu Note To see assignments to account...

Страница 348: ...l out connection set modem edit Syntax set modem edit Modem Name parameters Parameters name New Name baud 300 115200 flowcontrol none xon xoff rts cts initscript Modem Initialization Script defaultinitscript Modem Default Initialization Script dialin Dial Account Name CLEAR disable enable CLEAR removes the dial account assignment disable disables dial in enable enables dial in ipfilter IPv4 Filter...

Страница 349: ...ers name Modem Name index number Description Displays modem settings show modem status Syntax show modem status Description Displays the status of the modem Network Commands admin quicksetup Syntax admin quicksetup Description Displays the quick setup script on the CLI only the sysadmin account can use this command set network bonding Syntax set network bonding disabled active backup 802 3ad 2 802...

Страница 350: ... 2 pingdelay 1 250 seconds failedpings 1 250 Description Sets the default gateway set network host Syntax set network host Hostname Description Sets the SLM hostname set network port Syntax set network port 1 2 parameters Parameters state dhcp bootp static disable ipaddr IP Address mask Mask mode auto 10mbit half 100mbit half 10mbit full 100mbit full ipfilter IPv4 Filter Name CLEAR CLEAR removes t...

Страница 351: ...onnection Commands set persistent add Syntax set persistent add persistentConnectionName ethernetdevice ethernetDeviceName IP one or more parameters Parameters protocol Secure SSH Telnet TN3270 default SSH logging enable disable default disable managed enable disable default enable active enable disable default enable parentlogin enable disable default disable login loginAccount password loginPass...

Страница 352: ...isting persistent connection set persistent delete Syntax set persistent delete persistentConnectionName ethernetdevice ethernetDeviceName IP Note For the delete command the ethernetdevice parameter is necessary only to discriminate between two or more persistent connections that are visible to the current user and are using the same name Description Deletes a persistent connection show persistent...

Страница 353: ...ed Description Connect to an existing persistent connection Port Commands set ethernetdevice port Syntax set ethernetdevice port Device Name or IP Address portnumber port number or list one or more parameters Parameters name New Port Name state on off cyclepower available for SLP only Powers Ethernet device port on or off Note Only SLP outlet action supports a port list Examples To power up SLP ou...

Страница 354: ...rnetdevice search port name waimea port show ethernetdevice search port name waimea portnumber 2 Description Displays all ports that match the criteria entered show port Note Type show port all to display index Syntax show port name Example show port slc displays all Ethernet ports whose name starts with slc Description Searches Ethernet ports by port name and displays port information show port a...

Страница 355: ...hose name starts with sys Description Displays accounts that match the name entered show ethernetdevice search device Syntax show ethernetdevice search device one or more parameters Parameters Note Search entries are not case sensitive name Device Name ipaddr IP Address location location firmware version number Example show ethernetdevice search device name slc firmware 4 Description Displays all ...

Страница 356: ...vice search Syntax show manageddevice search one or more parameters Parameters Note Search entries are not case sensitive name Port Name Examples show manageddevice search name waimea port Description Displays all ports that match the criteria entered Services Commands set service auditlog Syntax set service auditlog enable disable Description Enables or disables audit logging set service https Sy...

Страница 357: ...H logging to the SLM set service wap Syntax set service wap enable disable Description Enables or disables WAP access to SLM show service Syntax set service Description Displays service settings Session Commands connect terminate Syntax connect terminate connect ID one or more parameters Parameters outbound outbound ID You must specify connection ID inbound ID to terminate an outbound connection U...

Страница 358: ...t sshkey delete Syntax set sshkey delete keyuser SSH Key User keyhost SSH Key Host Description Deletes an imported SSH key set sshkey import Syntax set sshkey import copypaste Note RSA keys must be 1024 bits Description Imports an SSH key show sshkey import Syntax show sshkey import one or more parameters Parameters keyuser SSH Key User keyhost SSH Key IP Address or Name viewkey enable disable Des...

Страница 359: ...SLM User Guide 359 Description Shows the progress of background tasks ...

Страница 360: ...Factors Affecting Security External factors affect the security provided by the SLM for example A terminal to the SLM may be secure but the path from the SLM to the end device may not be secure With the right tools a person having physical access to open the SLM may be able to read the encryption keys There is no true test for a denial of service attack there is always a legitimate scenario for a ...

Страница 361: ... Management Table B 3 Device Access Protocol Port Type SMTP 25 TCP BOOTP DHCP 67 68 TCP NTP 123 TCP NIS 111 TCP UDP SNMP 161 162 UDP LDAP 389 TCP RADIUS 1645 1812 TCP UDP Protocol Port Type FTP 20 21 TCP UDP SSH SCP 22 TCP TFTP 69 UDP SNMP 161 162 UDP LDP 30718 UDP ...

Страница 362: ...quipment used with the product to properly wired and grounded power sources To help protect the product from sudden transient increases and decreases in electrical power use a surge suppressor line conditioner or uninterruptible power supply UPS Do not connect or disconnect this product during an electrical storm Input Supply Disconnect all power supply sources before servicing to avoid electric s...

Страница 363: ...f the equipment is not compromised Mount the equipment in the rack so that a hazardous condition is not achieved due to uneven mechanical loading Maintain reliable earthing of rack mounted equipment Give particular attention to supply connections other than direct connections to the branch circuit e g use of power strips Before operating the SLM make sure the SLM is secured to the rack Port Connec...

Страница 364: ...100Base T RJ45 One 10 100 1000Base T RJ45 Two 10 100 1000Base T RJ45 Dimensions 1U 43 x 429 x 584 mm 1 7 H x 16 9 x 23 in 1U 44 x 424 x 356 mm 1 7 H x 16 7 x 14 in Weight 12 7 kg 28 lb 10 5 kg 23 lb Console RS 232 DB9 RS 232 DB9 Power Supply 100 240 VAC 50 60 Hz 100 240 VAC 50 60 Hz Temperature Operating 10 C to 35 C 50 F to 95 F Storage 40 C to 70 C 140 F to 158 F Operating 10 C to 35 C 50 F to 9...

Страница 365: ...s A limits of the FCC Radio Frequency Device Rules FCC Title 47 Part 15 Subpart B CLASS A measured to CISPR 22 1993 limits and methods of measurement of Radio Disturbance Characteristics of Information Technology Equipment The product complies with the requirements of the Low Voltage Directive 72 23 EEC and the EMC Directive 89 336 EEC Additional Agency Approvals and Certifications This product ca...

Страница 366: ...roduct Product Name s Secure Lantronix Management Appliance SLM 02 Conform to the following standards or other normative documents Safety UL 60950 EN 60950 CE Mark EU Directive 73 23 EEC IEC IEC 60950 Electromagnetic Immunity FCC Class B EN61000 3 2 3 3 EN55022 Class B EN55024 Immunity CE Mark EU Directive 89 336 EEC CISPR 22 Class B CISPR 24 Supplementary Information This Class B digital apparatu...

Страница 367: ...TUV UL CUL This product carries the CE mark since it has been tested and found compliant with the following standards Safety EN 60950 Emissions EN 55022 Class B Immunity EN 55024 Manufacturer s Contact Lantronix Inc 167 Technology Drive Irvine CA 92618 USA Tel 949 453 3990 Fax 949 450 7249 ...

Страница 368: ...meric IP addresses FTP File Transfer Protocol A standard network protocol used to transfer files from one host or to another host over a TCP based network such as the Internet HTTPS A widely used communications protocol for secure communication over a computer network with especially wide deployment on the Internet Kerberos A network authentication protocol that provides strong authentication for ...

Страница 369: ... table of name password pairs PPP Point to Point Protocol A protocol for creating and running IP and other network protocols over a serial link RADIUS Remote Authentication Dial In User Service An authentication and accounting protocol Enables remote access servers to communicate with a central server to authenticate dial in users and their access permissions A company stores user profiles in a ce...

Страница 370: ...col TCP IP protocol for sending email between servers SSL Secure Sockets Layer A protocol that provides authentication and encryption services between a web server and a web browser SSH Secure Shell A secure transport protocol based on public key cryptography TACACS Terminal Access Controller Access Control System A method of authentication used in UNIX networks It allows a remote access server to...

Отзывы:

Нет отзывов

Бренды по названию

Популярные бренды

Загрузить еще бренды