SERIMUX-SECURE-x
Secure Access Console Switch
Installation and Operation Manual
MAN008 Rev 2/10/2004
NTI
NETWORKTECHNOLOGIESINCORPORATED
Tel:330-562-7070Fax:330-562-1999
1275 Danner DrAurora, OH 44202
www.nti1.com
R
SERIMUX
®
SECURE
Страница 1: ...Secure Access Console Switch Installation and Operation Manual MAN008 Rev 2 10 2004 NTI NETWORK TECHNOLOGIES INCORPORATED Tel 330 562 7070 Fax 330 562 1999 1275 Danner Dr Aurora OH 44202 www nti1 com...
Страница 2: ...ight 2004 by Network Technologies Inc All rights reserved No part of this publication may be reproduced stored in a retrieval system or transmitted in any form or by any means electronic mechanical ph...
Страница 3: ...9 Using the Configuration Menu 9 Configuring SSH 9 Adding Editing and Removing Users 10 Installing and Configuring PC Cards 10 Introduction 10 Compatible PC Cards 10 Adding a Compact flash Card 12 Co...
Страница 4: ...Configuration Menu 35 Network IP Filtering 35 Port IP Filtering 36 Sniff Sessions 36 Authentication 36 Custom and Default Menus 37 Introduction 37 Making Custom Menus 37 Adding Users 37 Creating Menu...
Страница 5: ...igure 2 SERIMUX SECURE Telnet Session Configuration menu 3 Figure 3 WEB Interface Port login screen 4 Figure 4 Attach a workstation to the console port 5 Figure 5 The IP configuration menu 6 Figure 6...
Страница 6: ...igure 54 The Port Access menu through the Configuration menu 40 Figure 55 SERIMUX supports remote dial in access for users 40 Figure 56 Configure port for dial in modem access 41 Figure 57 Configure p...
Страница 7: ...J45 Diagnostic Loop back Plug Mounting Kit AC Power Cable This Owners Manual on CD ROM Quick Start Guide also on CD ROM Discovery Tool on CD ROM Materials Not Supplied but REQUIRED Ethernet cable is r...
Страница 8: ...ion an is enabled 10 PC Card For attachment of optional PCMCIA device memory card LAN Card or modem card 11 RJ45 Connector For attachment of devices to be connected by SERIMUX 12 RJ45 Connector Ethern...
Страница 9: ...URE WEB Interface Main menu Configuration Menu The root user and system administrator have full access to the configuration menu from a Telnet session or a serial connection through the console port F...
Страница 10: ...va applet or Telnet window opens with a login prompt Figure 3 WEB Interface Port login screen Port Access Menu The Port Access Menu provides access to ports It is accessible to all users through the w...
Страница 11: ...ing Apply changes This might be more efficiently used if multiple changes are being made The following topics describe how to do each of these operations One Step Save and Apply Changes To save and ap...
Страница 12: ...tion menu 6 Press ESC when done to return to the main configuration menu 7 Enter number 9 to exit and apply changes Changes are saved and applied immediately There is no need to reboot Configuring HTT...
Страница 13: ...ccess configuration menu appears 4 Choose SSH as the Port access menu protocol Figure 7 Configure the port access menu for SSH 5 Choose Save apply Configuring a Port for SSH 1 Access the web interface...
Страница 14: ...assword for admin is admin 3 Under the System administration heading choose Users administration 4 Choose Add User Edit User or Remove User Add a user Assign a name user group password and shell Edit...
Страница 15: ...resents the same functionality in configuring the SERIMUX as does the web interface excluding the creation of custom menus The configuration menu is navigated by using the number representing the menu...
Страница 16: ...ed in as root enter the configmenu command 4 Choose 6 System administration 1 User administration and then choose an operation to perform Add Remove or Edit 5 Configure the user as required 6 Use the...
Страница 17: ...ss LAN Adapter 11 Mbps Wireless LAN Adapter Modem Cards Manufacturer Description Model Name Specification Billionton Systems Inc FM56C series PCMCIA CARD 56KFaxModem FM56C NFS 5 41 Ambient Intel V 90...
Страница 18: ...nfiguration files Delete all files in ATA IDE Fixed Disk Card Select this button to clear the compact flash card of all files Format ATA IDE Fixed Disk Card The options are EXT2 or FAT formats Select...
Страница 19: ...ration Restore currently saved configuration Click Restore to import the most recently saved configuration Adding a Network Card To install and configure a network card on the SERIMUX do the following...
Страница 20: ...rivacy and is a security protocol for wireless LANs using encryption to protect data transfers If you are unsure of the settings for the wireless card see your network administrator SSID Stands for Se...
Страница 21: ...nfigure a Serial Modem PC card Using the Configuration Menu Adding and Configuring a PC Card To add a modem card compact flash card wireless LAN card or a network card to the SERIMUX using the configu...
Страница 22: ...to the port If data is detected the SERIMUX starts a TCP session as a Telnet or SSH client to a pre defined server The server must be defined by the user before the port can be configured for a Telnet...
Страница 23: ...fined server This mode is most frequently used when users want to use modems to access servers on a network Figure 20 Host Mode Configuration Dial In terminal server mode P C C a r d S E R I M U X S E...
Страница 24: ...rial port using an IP address without having to specify a TCP port Listening TCP port This is the TCP port users will specify to access the port when connecting directly to the port using Telnet or SS...
Страница 25: ...Configuration 3 Choose All or an Individual port Port parameters 4 Fill in the serial port parameters The following are the defaults bps 9600 data bits 8 parity none stop bits 1 flow control none DTR...
Страница 26: ...eters for each menu item 4 Use the ESC key when all parameters are entered to return to the main menu 5 Choose Save changes Port Parameters 1 Access the configuration menu 2 Choose Serial port configu...
Страница 27: ...this chapter Enabling System Logging Services Enable Syslog Server To enable the SERIMUX for system or port logging on a syslog server do the following 1 Access the web interface 2 Under the Network...
Страница 28: ...nfiguring System Logging Services To configure the SERIMUX for system logging do the following 1 Access the web interface 2 Under System status and log choose System logging 3 Choose Enabled for Syste...
Страница 29: ...ial data to the memory of the SERIMUX a compact flash card a syslog server or to an NFS server If the memory is used for port logging all data will be cleared when the system s power is turned OFF Use...
Страница 30: ...you want to view Port logging Using the Configuration Menu System Logging System logging is a two part process First the device being used to record the system logs must be configured Secondly system...
Страница 31: ...UX supports three types of SMTP servers SMTP server without authentication SMTP server with authentication and POP before SMTP The SERIMUX also supports SNMP Simple Network Management Protocol a proto...
Страница 32: ...SERIMUX do the following 1 Access the web interface 2 Under the Network heading choose SMTP configuration 3 Fill in the required fields SMTP with authentication and POP before SMTP require usernames...
Страница 33: ...nerates a trap each time the SERIMUX is started EnableAuthenTrap Indicates whether the SNMP agent process is permitted to generate authentication failure traps EnableLinkUpTrap Determines whether the...
Страница 34: ...port related alerts and notifications The following describes how to configure a port for port event handling 1 Access the web interface 2 Choose Serial port Configuration 3 Choose a port to configure...
Страница 35: ...Configuring SMTP To configure SMTP from the configuration menu do the following 1 Access the Configuration menu 2 Choose Network configuration SMTP configuration Figure 36 Configure SMTP via Configur...
Страница 36: ...remote console or a web browser IP filtering can also be used to control access to individual ports Figure 37 SERIMUX access controlled by IP filtering Console and Web IP Filtering IP filtering is a...
Страница 37: ...e an IP filtering program called IPtables Administrators desiring to add further security by controlling access to the SERIMUX should look at this program Information about IPtables can be found on mo...
Страница 38: ...sequence that ends a sniff session takes the user back to the sniff session menu There are two options for Sniff mode disabled The sniff mode is disabled and no user can enter a sniff session enabled...
Страница 39: ...urns the user to the sniff session menu 3 Take over a main session Converts the user of the current main session to a sniff session user and enables the new user to take over the current main session...
Страница 40: ...ll or an Individual port Authentication 4 From the drop down menu choose an authentication method A configuration screen for that particular authentication method is displayed The following figure dis...
Страница 41: ...d Removing Users on page 48 for details Once the user s password is approved by the authentication server the SERIMUX uses the local permission rights to provide proper access privileges for the user...
Страница 42: ...e following 1 Access the configuration menu 2 Choose Serial port configuration 3 Choose an individual port number or 0 zero for all ports User access control 4 Choose a menu item and enter the desired...
Страница 43: ...the menus Adding Users Users cannot be assigned to a menu until the users have been added to the system To add users do the following 1 Access the web interface 2 Choose Users administration under the...
Страница 44: ...ign a name for a new submenu that this menu item will be assigned or linked to Go to existing submenu Choose an existing submenu from the drop down menu that this menu item will be assigned or linked...
Страница 45: ...thorized users to configure the SERIMUX with the same functionality as is available with the web interface The only functionality missing from the configuration menu is the ability to create custom me...
Страница 46: ...external modems and waits for dial in connections from remote sites If users dial in using a terminal application the SERIMUX accepts the connection and displays a menu of available serials ports In...
Страница 47: ...to a SERIMUX serial port See your modem user manual for more information 6 Choose Save apply Figure 56 Configure port for dial in modem access Adding a PC Modem To install and configure the PC modem o...
Страница 48: ...user connects directly to a port with an IP address and port number Protocol The options are SSH RawTCP and Telnet Telnet SSH break sequence This is a sequence of characters that sends a break charact...
Страница 49: ...then the serial port is configured for dial in terminal server mode In the illustration below port 7 is configured for dial in terminal server mode In terminal server mode the user is connected direc...
Страница 50: ...these changes to the slave units before performing the autoconfigure on the slave ports on the master unit To configure the slave serial ports on the master unit do the following 1 Access the SERIMUX...
Страница 51: ...rameters Enable This shows whether the port is enabled or disabled All ports are enabled by default Source port This is the port number on the master unit Destination port The destination port is the...
Страница 52: ...1 flow control none When the master device autoconfigures a slave device it simply imports the information from the slave unit If other protocols or other port parameters are desired configure the sla...
Страница 53: ...see the man pages on a Linux system Two commands that are very important for saving and applying changes to the configuration files are saveconf The saveconf command saves the configuration files to f...
Страница 54: ...of system administration and include firmware upgrades resetting the unit to defaults and disaster recovery procedures Upgrading the Firmware Web Interface It will be necessary to download the latest...
Страница 55: ...ave the configuration file to i e Local machine under Configuration export type a desired file name in the block provided and export the existing configuration to a desired location for future referen...
Страница 56: ...vice name 3 Enter the name you want to assign the SERIMUX 4 Choose Save apply Adding Editing and Removing Users The system administrator can add remove or edit user files easily from the web interface...
Страница 57: ...pgrade is successful the SERIMUX will reboot automatically If a Firmware upgrade failed warning appears do not reboot the unit but repeat the upgrade process Restoring Factory Defaults You have 5 choi...
Страница 58: ...to reset Setting Date and Time Date and time on the SERIMUX can either be kept internally or by an NFS server To set the parameters for date and time on the SERIMUX do the following 1 Access the conf...
Страница 59: ...the Boot Loader menu choose the number 3 to access the Hardware test Options for several components appear Disaster Recovery The SERIMUX provides a disaster recovery procedure in the event the configu...
Страница 60: ...port used for console traffic is properly set up This includes designating a COM port for console communication and setting the port speed baud appropriately See the next topic below 2 Cable the cons...
Страница 61: ...ing on the Windows Server 2003 serial port and Flow control is set to None Ignore the DTR behavior field c Choose Save apply Accessing the Windows Server 2003 Console Port from the SERIMUX GUI To acce...
Страница 62: ...Hardware Information Introduction This chapter provides information on SERIMUX hardware Among the topics covered are the hardware specifications LED descriptions pinouts for the Ethernet cable and pi...
Страница 63: ...megabytes Flash memory 8 megabytes Size In WxDxH 9 5 x 6 25 x 1 25 Weight 2 5 lbs 1 13 kilograms LED Indicators Use the LED indicators to confirm attachment to the network and that the SERIMUX is able...
Страница 64: ...ers The SERIMUX comes with four cable adapters The following illustrations show cable adapter pin outs Additional adapters can be purchased from NTI DB 25 Male Console Adapter NTI P N DB25M RJ45F T DB...
Страница 65: ...Connected to 2 RxD 1 DCD 7 DTR Connected to 6 DSR 8 RTS Connected to 8 CTS DB 25 Female Console Adapter NTI P N DB25F RJ45F DB 25 Female to RJ45 Pin Assignments RJ45 Signal DB 25F Signal 1 CTS Connec...
Страница 66: ...Do not attempt to service the SERIMUX except when following the instructions from NTI Technical Support personnel In such a case first perform the following actions Turn OFF the SERIMUX Ground yoursel...
Страница 67: ...necessary to use an extension cable use a 3 wire cable with properly grounded plugs To help protect the SERIMUX from transients in electrical power use a surge suppressor line conditioner or uninterru...
Страница 68: ...17 configuring access 41 configuring access configuration menu 42 direct port access 5 disaster recovery 53 DTR settings 19 E EMS support 54 enabling system logging 21 encryption SSH 7 wireless LAN 14...
Страница 69: ...47 saving and applying changes 5 serial modem adding 15 serial port pinouts 58 SMTP configuring 29 SMTP alerts 25 sniff session 32 configuration menu 36 viewing 33 SNMP 26 configuring 27 configuring...
