- DL manuals
- Lantronix
- Server
- SLC16
- User Manual
Lantronix SLC16 User Manual
Summary of SLC16
Page 1
Part no. 900-449 rev. H march 2010 securelinx tm console manager (slc) user guide securelinx slc8 securelinx slc16 securelinx slc32 securelinx slc48.
Page 2
Securelinx slc user guide 2 copyright and trademark © 2004, 2005, 2006, 2007, 2008, 2009, and 2010 lantronix. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any form or by any means without the written permission of lantronix. Printed in the united stat...
Page 3
Securelinx slc user guide 3 notes: this equipment has been tested and found to comply with the limits for class a digital device pursuant to part 15 of the fcc rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercia...
Page 4
Securelinx slc user guide 4 table of contents copyright and trademark ____________________________________________________ 2 warranty _________________________________________________________________ 2 open source software ______________________________________________________ 2 contacts ___________...
Page 5
Securelinx slc user guide 5 table of contents 5: web and command line interfaces 39 web interface_____________________________________________________________ 39 logging in ____________________________________________________________ 41 logging off ___________________________________________________...
Page 6
Securelinx slc user guide 6 table of contents permissions ______________________________________________________________ 79 device status _____________________________________________________________ 79 device ports______________________________________________________________ 80 port status and cou...
Page 7
Securelinx slc user guide 7 table of contents multiport device server _________________________________________________ 129 console server _______________________________________________________ 129 connection configuration___________________________________________________ 130 connection commands _...
Page 8
Securelinx slc user guide 8 table of contents status/reports commands ______________________________________________ 185 events _________________________________________________________________ 185 events commands ____________________________________________________ 186 banners _____________________...
Page 9
Securelinx slc user guide 9 table of contents routing commands _______________________________________________________ 241 script commands_________________________________________________________ 242 services commands ______________________________________________________ 243 slc network commands___...
Page 10
Securelinx slc user guide 10 list of figures figure 2-1 lantronix slc48 with pc card slots_________________________________________ 19 figure 2-2 lantronix slc48 with usb port_____________________________________________ 19 figure 2-3 device port connections _________________________________________...
Page 11
Securelinx slc user guide 11 list of figures figure 8-8 device ports - logging ___________________________________________________ 94 figure 8-9 console port page_______________________________________________________ 98 figure 8-10 host lists page ___________________________________________________...
Page 12
Securelinx slc user guide 12 list of figures figure 14-2 remote user connected to a sun server via the slc ________________________ 190 figure 14-3 connection to sun unix server__________________________________________ 192 figure 14-4 terminal device connection to the slc __________________________...
Page 13
Securelinx slc user guide 13 list of tables table 1-1 chapter/appendix and summary ____________________________________________ 14 table 1-1 conventions used in this book _____________________________________________ 15 table 2-1 slc part numbers, models, and descriptions ___________________________...
Page 14: 1: About This Guide
Securelinx slc user guide 14 1: about this guide this guide provides the information needed to install, configure, and use the products in the lantronix securelinx tm console manager (slc) family. It is for it professionals who must remotely and securely configure and administer servers, routers, sw...
Page 15: Conventions
1: about this guide securelinx slc user guide 15 conventions table 1-1 lists and describes the conventions used in this book. 11: connections provides instructions for configuring connections and viewing, updating, or disconnecting a connection. 12: user authentication provides instructions for enab...
Page 16: Additional Documentation
1: about this guide securelinx slc user guide 16 additional documentation visit the lantronix web site at www.Lantronix.Com/support/documentation for the latest documentation and the following additional documentation: slc quick start —describes the steps for getting the slc up and running; provided...
Page 17: 2: Overview
Securelinx slc user guide 17 2: overview securelinx slc console managers are members of the lantronix securelinx it management family of products. These products offer systems administrators and other it professionals a variety of tools to securely access and manage their resources. Lantronix has be...
Page 18
2: overview securelinx slc user guide 18 two ethernet ports are useful when you want to use one port on a private, secure network and the other on a public, unsecured network. Table 2-1 lists the part numbers, models, and descriptions. The products differ in the number of device ports provided, usb ...
Page 19: System Features
2: overview securelinx slc user guide 19 figure 2-1 lantronix slc48 with pc card slots figure 2-2 lantronix slc48 with usb port system features the slc has the following capabilities: connects up to 48 rs-232 serial consoles 10base-t/100base-tx ethernet network compatibility buffer logging to file e...
Page 20
2: overview securelinx slc user guide 20 configurable user rights for local and remotely authenticated users supports an internal pc card modem, usb modem, or an external modem no unintentional break ever sent to attached servers (solaris ready) simultaneous access on the same port - “listen” and “d...
Page 21: Hardware Features
2: overview securelinx slc user guide 21 hardware features the slc hardware includes the following: 1u-tall (1.75 inches) rack-mountable secure console server two 10base-t/100base-tx network ports up to 48 rs-232 serial device ports connected via category 5 (rj45) wiring one serial console port for ...
Page 22
2: overview securelinx slc user guide 22 figure 2-4 console port connection network connections the slc network interfaces are 10base-t/100base-tx connectors for use with a conventional ethernet network as shown in figure 2-5 . Use standard rj45-terminated category 5 cables. Network parameters must ...
Page 23
2: overview securelinx slc user guide 23 usb port note: this usb port is only supported on slc -03 part numbers. The slc has a usb port as shown in figure 2-7 . Figure 2-7 slc with usb interface.
Page 24: 3: Installation
Securelinx slc user guide 24 3: installation this chapter provides a high-level procedure for installing the slc followed by more detailed information about the slc connections and power supplies. Caution: to avoid physical and electrical hazards, please be sure to read c: safety information on page...
Page 25: Technical Specifications
3: installation securelinx slc user guide 25 verify and inspect the contents of the slc package using the enclosed packing slip or the table above. If any item is missing or damaged, contact your place of purchase immediately. Product information label the product information label on the underside ...
Page 26
3: installation securelinx slc user guide 26 warning: be careful not to block the air vents on the sides of the unit. If you mount the slc in an enclosed rack, we recommended that the rack have a ventilation fan to provide adequate airflow through the unit. 2. Connect serial devices to the slc devic...
Page 27
3: installation securelinx slc user guide 27 figure 3-1 cat 5 cable connection connecting to network ports the slc network ports, 10base-t/100base-tx, allow remote access to the attached devices and the system administrative functions. Use a standard rj45-terminated category 5 cable to connect to th...
Page 28
3: installation securelinx slc user guide 28 the slc0xx12n models have a single supply/input, while the slc0xx22n models have dual inputs and dual supplies. The power connector also houses a replaceable protective fuse (fast- blow 4.0a, maximum 250v ac) and the on/off switch. In addition, we provide...
Page 29: 4: Quick Setup
Securelinx slc user guide 29 4: quick setup this chapter helps get the ip network port up and running quickly, so you can administer the slc using your network. It contains the following sections: recommendations ip address next step recommendations to set up the network connections quickly, we sugg...
Page 30
4: quick setup securelinx slc user guide 30 method # 1 using the front panel display before you begin, ensure that you have: unique ip address that is valid on your network (unless automatically assigned) subnet mask (unless automatically assigned) gateway dns settings date, time, and time zone cons...
Page 31
4: quick setup securelinx slc user guide 31 table 4-3 front panel setup options with associated parameters entering the settings to enter setup information: 1. From the normal display (host name, date and time), press the right arrow button to display network settings . The ip address for eth1 displ...
Page 32
4: quick setup securelinx slc user guide 32 use the up or down arrow to increment or decrement the numerical value. 4. To toggle between a dhcp and static ip address, place the cursor over the [d] or [n] and press the up and down arrows . 5. When you have the ip address as you want it, press enter t...
Page 33
4: quick setup securelinx slc user guide 33 3. Press enter to enter edit mode. 4. Using the left and right arrows to move between digits and the up and down arrows to change digits, enter the password (the default password is 999999). Note: the restore factory defaults password is only for the lcd. ...
Page 34
4: quick setup securelinx slc user guide 34 figure 4-2 quick setup tab 4. To accept the defaults, select the accept default quick setup settings checkbox in the top portion of the page and click the apply button at the bottom of the page. Otherwise, continue with step 5. Note: once you click apply o...
Page 35
4: quick setup securelinx slc user guide 35 date & time settings administrator settings 6. To save your entries, click the apply button. Method # 3 quick setup on the command line interface if the slc does not have an ip address, you can connect a dumb terminal or a pc running a terminal emulation p...
Page 36
4: quick setup securelinx slc user guide 36 to complete the quick setup: 1. Do one of the following: with a serial terminal connection, power up, and when the command line displays, press enter . With a network connection, use an ssh program or telnet program (if telnet has been enabled) to connect ...
Page 37
4: quick setup securelinx slc user guide 37 after you complete the quick setup script, the changes take effect immediately as shown in figure 4-4 . Subnet mask the subnet mask specifies the network segment on which the slc resides. There is no default. If you selected dhcp or bootp, this prompt does...
Page 38: Next Step
4: quick setup securelinx slc user guide 38 figure 4-4 completed quick setup 5. To logout, type logout at the prompt and press enter . Next step after quick starting the slc, you may want to configure other settings. You can use the web page or the command line interface for configuration. For infor...
Page 39: Web Interface
Securelinx slc user guide 39 5: web and command line interfaces this chapter describes the interfaces for configuring the slc that are: command line interface (cli) and the web manager. You can also use the front panel lcd which is described in 4: quick setup. This chapter contains the following sec...
Page 40
5: web and command line interfaces securelinx slc user guide 40 figure 5-1 web page layout the web page has the following components: tabs: groups of settings to configure. Options: below each tab are options for specific types of settings. Only those options for which the currently logged-in user h...
Page 41: Command Line Interface
5: web and command line interfaces securelinx slc user guide 41 - configuration site map. - status of the slc. Help button: provides online help for the specific web page. Logout button: closes slc. Logging in only the system administrator or users with web access rights can log into the web page. M...
Page 42
5: web and command line interfaces securelinx slc user guide 42 the sysadmin user and users with who have full administrative rights have access to the complete command set, while all other users have access to a reduced command set based on their permissions. Logging in to log into the slc command ...
Page 43
5: web and command line interfaces securelinx slc user guide 43 1. Usb commands are only accessible on slc usb part number -03. Command line help for general help and to display the commands to which you have rights, type “help.” for general cli help, type “help command line”. For more information a...
Page 44
5: web and command line interfaces securelinx slc user guide 44 to clear an ip address, type 0.0.0.0 , or to clear a non-ip address value, type clear . When the number of lines displayed by a command exceeds the size of the window (the default is 25), the command output is halted until the user is r...
Page 45
5: web and command line interfaces securelinx slc user guide 45 to view the last 100 commands entered in the session: show history to clear the command history: set history clear to view the rights of the currently logged-in user: show user note: for information about user rights, see 12: user authe...
Page 46: 6: Basic Parameters
Securelinx slc user guide 46 6: basic parameters this chapter describes how to set the following basic configuration settings for the slc using the slc web interface or cli: network parameters that determine how the slc interacts with the attached network firewall and routing date and time note: if ...
Page 47
6: basic parameters securelinx slc user guide 47 ethernet bonding the slc supports dual ethernet interfaces. Typically both ethernet interfaces are configured to work as independent network interfaces and given unique ip addresses and fixed mac addresses. The ethernet bonding feature “bonds” the int...
Page 48
6: basic parameters securelinx slc user guide 48 figure 6-1 network web page.
Page 49
6: basic parameters securelinx slc user guide 49 2. Enter the following fields. Ethernet interfaces note: configurations with the same ip subnet on multiple interfaces (ethernet or ppp) are not currently supported. Eth1/eth2 settings disabled: if selected, disables the network port. Defaults are eth...
Page 50
6: basic parameters securelinx slc user guide 50 gateway ethernet bonding use the pull-down menu to select and configure one of the following: disabled active backup 802.3 transmit load balancing note: bonding requires a static ip address. Default ip address of the router for this network. If this h...
Page 51
6: basic parameters securelinx slc user guide 51 hostname & name servers 3. Click the apply button. Changes take effect immediately and are saved for the next session after the slc reboots. Ethernet counters in the middle of the network settings page, statistics display for each slc ethernet port si...
Page 52: Ip Filters
6: basic parameters securelinx slc user guide 52 network commands the following cli commands correspond to the network settings page. For more information, see 15: command reference . Set network (on page 231) set network bonding (on page 231) set network dns (on page 231) set network gateway (on pa...
Page 53
6: basic parameters securelinx slc user guide 53 figure 6-3 ip filter page 1. Enter the following fields. 2. Click the apply button. Note: you cannot enable or disable individual filters. Configuring ip filters rulesets the administrator can add, edit, delete, and map ip filter rulesets. Note: a con...
Page 54
6: basic parameters securelinx slc user guide 54 figure 6-4 adding network ip filter rulesets 2. Enter the ruleset name . The ruleset name identifies a filter. The name can be letters, numbers, and hyphens only but cannot start with a hyphen. For example, filter-2. 3. Enter following fields. Rule pa...
Page 55
6: basic parameters securelinx slc user guide 55 4. Click the right arrow button to add the new rule and its parameters to the bottom of the rules list box on the right. 5. To modify a ruleset, highlight its name in the rules list box and click the left arrow . The rule populates the rule definition...
Page 56
6: basic parameters securelinx slc user guide 56 viewing ip filter rulesets and mapping you can view a list of filter rulesets and a table showing how each filter is mapped to an interface. You can also view the status of the configured filter rulesets. The status page displays the number of incomin...
Page 57: Routing
6: basic parameters securelinx slc user guide 57 figure 6-6 ip filter status ip filter commands the following cli commands correspond to the network - ip filter status page. For more information, see 15: command reference . Set ipfilter state (on page 224) set ipfilter mapping (on page 223) set ip f...
Page 58
6: basic parameters securelinx slc user guide 58 figure 6-7 routing page 2. Enter the following fields. 3. Click the apply button. To view the ip routing table: 1. Click the ip routes report link. Figure 6-8 shows the page that displays. Enable rip select to enable dynamic routing information protoc...
Page 59
6: basic parameters securelinx slc user guide 59 figure 6-8 status/reports page 2. Click the ip routes checkbox and generate report . You can also generate reports for port status and counters, connections, and system configurations in this page. Routing commands the following cli commands correspon...
Page 60: 7: Services
Securelinx slc user guide 60 7: services this chapter describes how to use the services web page to perform the following tasks: configure the amount of data sent to the logs. Enable or disable ssh and telnet logins. Enable a simple network management protocol (snmp) agent. Identify a simple mail tr...
Page 61
7: services securelinx slc user guide 61 figure 7-1 ssh/telnet/logging page 2. Enter the following fields. System logging in system logging , select one of the following alert levels from the drop-down list for each category: off: disables this type of logging. Info: saves informative message, in ad...
Page 62
7: services securelinx slc user guide 62 ssh telnet authentication specifies that messages concerning user authentication get logged. Device ports specifies that messages concerning device ports and connections get logged. Diagnostics specifies that messages concerning system status and problems get...
Page 63
7: services securelinx slc user guide 63 audit log web ssh/web telnet smtp phone home 3. To save, click the apply button. Ssh, telnet, and logging commands the following cli commands correspond to the ssh/telnet/logging page. For more information, see 15: command reference . Set services (on page 24...
Page 64: Snmp
7: services securelinx slc user guide 64 snmp simple network management protocol (snmp) is a set of protocols for managing complex networks. 1. Click the services tab and select the snmp option. Figure 7-2 shows the page that displays. Figure 7-2 snmp page 2. Enter the following fields. Enable agent...
Page 65
7: services securelinx slc user guide 65 communities version 3 enable traps traps are notifications of certain critical events. Disabled by default. This feature is applicable when snmp is enabled. Examples of traps that the slc sends include: ethernet port link up ethernet port link down authentica...
Page 66: Nfs and Smb/cifs
7: services securelinx slc user guide 66 v3 read-only user v3 read-write user 3. Click the apply button. Snmp commands the following cli commands correspond to the snmp page. For more information, see 15: command reference . Set services (on page 243) set services trapenable (on page 244) nfs and sm...
Page 67
7: services securelinx slc user guide 67 similarly use smb/cifs, microsoft file-sharing protocol, to export a directory on the slc as an smb/cifs share. The slc exports a single read-write cifs share called “public, ” with two subdirectories: logs directory, which contains the system logs and the de...
Page 68: Securelinx Network
7: services securelinx slc user guide 68 smb/cifs share 3. Click the apply button. Nfs and smb/cifs commands the following cli commands correspond to the nfs & smb/cifs page. For more information, see 15: command reference . Set nfs mount (on page 234) set nfs unmount (on page 234) set cifs (on page...
Page 69
7: services securelinx slc user guide 69 figure 7-4 securelinx network page with local subnet addressing 2. Click a device ip address in the column labeled ip address/web interface . A separate browser opens at the device home page after you have logged in. In the separate browser page, you can mana...
Page 70
7: services securelinx slc user guide 70 figure 7-5 telnet session to configure how securelinx devices are searched for on the network: 1. Click the search options link on the top right of the securelinx network page. Figure 7-6 shows the page that displays. Figure 7-6 securelinx network - search op...
Page 71: Date and Time
7: services securelinx slc user guide 71 2. Enter the following fields. 3. If you entered an ip address, click the add ip address button. The ip address displays in the ip address list. 4. Repeat steps 2 and 3 for each ip address you want to add. 5. To delete an ip address from the ip address list, ...
Page 72
7: services securelinx slc user guide 72 figure 7-7 date & time page 1. Enter the following fields. Change date/ time select the checkbox to manually enter the date and time at the slc location. Date select the current month, day, and year from the drop-down lists. Time select the current hour and m...
Page 73: Web Server
7: services securelinx slc user guide 73 2. Click the apply button. Date and time commands the following cli commands correspond to the date & time page. For more information, see 15: command reference . Set datetime (on page 213) set ntp (on page 213) show ntp (on page 213) web server the web serve...
Page 74
7: services securelinx slc user guide 74 3. Click the apply button. To view or terminate web sessions: 1. Click the web sessions link. Figure 7-9 shows the page that displays. Figure 7-9 web server - web sessions page 2. To terminate, click the check box in the row of the session you want to termina...
Page 75
7: services securelinx slc user guide 75 figure 7-10 web server - ssl certificate page 2. Enter the following fields. Reset to default certificate to reset to the default certificate, select the checkbox to reset to the default certificate. Unselected by default. Import ssl certificate to import you...
Page 76: Google Gadgets
7: services securelinx slc user guide 76 3. Click the apply button. 4. Reboot the slc for the update to take effect. 5. Click the back to web server link to return to the web server page. Web server commands the following cli commands correspond to the web server page. For more information, see 15: ...
Page 77
7: services securelinx slc user guide 77 enumvalue value =” 1 ” display_value =” 1 second ” /> enumvalue value =” 5 ” display_value =” 5 seconds ” /> enumvalue value =” 10 ” display_value =” 10 seconds ” /> enumvalue value =” 30 ” display_value =” 30 seconds ” /> enumvalue value =” 60 ” display_valu...
Page 78: 8: Devices
Securelinx slc user guide 78 8: devices this chapter describes how to view the device status, configure devices, and use an slc device port connected to an external device, such as a server or a modem. 11: connections describes how to use the connections page to connect external devices and outbound...
Page 79: Permissions
8: devices securelinx slc user guide 79 for #1 and #6, if logins are enabled, the user is authenticated first, and then logged into the command line interface. The user login determines permissions for accessing device ports. Permissions there are three types of permissions: direct (or data) mode: t...
Page 80: Device Ports
8: devices securelinx slc user guide 80 device ports on the device ports page, you can set up the numbering of telnet, ssh, and tcp ports, view current port modes, and select individual ports to configure. 1. Click the devices tab and select the device ports option. Figure 8-2 shows the page that di...
Page 81
8: devices securelinx slc user guide 81 to set up telnet, ssh, and tcp port numbers: 1. Enter the following fields. Caution: ports 1-1024 are rfc-assigned and may conflict with services running on the slc. Avoid this range. 2. Click the apply button. To configure a specific port: 1. Select the port ...
Page 82
8: devices securelinx slc user guide 82 figure 8-3 device ports - settings page or click the port number on the green bar at the top of each page (shown here). The same page displays as in figure 8-3 ..
Page 83
8: devices securelinx slc user guide 83 to enter device port settings: 1. Enter the following fields. Ip settings port (view only) displays the port number. Mode (view only) displays the port status automatically. Name assign the port name. Valid characters are letters, numbers, dashes (-), periods,...
Page 84
8: devices securelinx slc user guide 84 data settings note: check the serial device equipment settings and documentation for the proper settings. The device port and the attached serial device must have the same settings. Ssh in enables access to this port through ssh. Disabled by default. Port: aut...
Page 85
8: devices securelinx slc user guide 85 hardware signal triggers modem settings note: depending on the state and mode you select, different fields are available. Enable logins displays a login prompt and authenticates users for serial devices connected to the device port. Successfully authenticated ...
Page 86
8: devices securelinx slc user guide 86 modem settings: text mode modem settings: ppp mode initialization script commands sent to configure the modem may have up to 100 characters. Consult your modem’s documentation for recommended initialization options. If you do not specify an initialization scri...
Page 87
8: devices securelinx slc user guide 87 2. Click the apply button. To save selected settings to ports other than the one you are configuring: 1. From the apply settings drop-down box at the bottom of the device ports - settings page, select none , general , ip , data , modem , or all . 2. In to devi...
Page 88
8: devices securelinx slc user guide 88 figure 8-4 modem log port status and counters port status and counters list the status of signals and interfaces. Slc updates and increments the port counters as signals change and data flows in and out of the system. These counters help troubleshoot connectio...
Page 89
8: devices securelinx slc user guide 89 figure 8-5 port status and counters section device port – slp on the device ports – slp page, configure commands to send to an slp or slp expansion chassis that expands the number of power ports. To open the device ports – slp page: 1. In the connected to fiel...
Page 90
8: devices securelinx slc user guide 90 to configure slp: 1. Enter the following fields. Slp status/info slp commands 2. Click the apply button. Device port – sensorsoft device devices made by sensorsoft are used to monitor environmental conditions. To access the sensorsoft device: 1. In the connect...
Page 91
8: devices securelinx slc user guide 91 figure 8-7 device ports - sensorsoft to configure sensorsoft settings: 1. Select a port and enter the following fields. 2. Click the apply button. To view the status detected by the sensorsoft: 1. Click the sensorsoft status link to the right of the table. Dev...
Page 92: Device Ports – Logging
8: devices securelinx slc user guide 92 device port commands the following cli commands correspond to the device ports page. For more information, see 15: command reference . Set deviceport port (on page 214) set deviceport global (on page 217) set command (on page 214) connect listen (on page 208) ...
Page 93
8: devices securelinx slc user guide 93 02_port-2_4.Log 02_port-2_5.Log pc card logging note: the pc card logging feature is only supported on slc -02 part numbers. Data can be logged to a pc card compact flash that is loaded into one of the pc card slots on the front of the slc and properly mounted...
Page 94
8: devices securelinx slc user guide 94 figure 8-8 device ports - logging 2. Enter the following fields. Local logging email traps local logging enable local logging and each device port stores 256 kbytes (approximately 400 screens) of i/o data in a true fifo buffer. Disabled by default. Clear local...
Page 95
8: devices securelinx slc user guide 95 log viewing attributes trigger on select the method of triggering a notification: byte count : a specific number of bytes of data. This is the default. Text string recognition : a specific pattern of characters, which you can define by a regular expression. No...
Page 96
8: devices securelinx slc user guide 96 nfs file logging pc card logging note: this pc card logging feature is only supported on slc -02 part numbers. Usb logging note: this usb logging feature is only supported on slc -03 part numbers. Nfs file logging select the checkbox to log all data sent to th...
Page 97: Console Port
8: devices securelinx slc user guide 97 syslog logging note: to apply the settings to additional device ports, in the apply settings to device ports field,enter the additional ports, (e.G., 1-3, 5, 6) 3. To apply settings to other device ports in addition to the currently selected port, select the a...
Page 98
8: devices securelinx slc user guide 98 figure 8-9 console port page 2. Enter the following fields. 3. Click the apply button. Console port commands the following cli commands correspond to the console port page. For more information, see 15: command reference . Status (view only) displays the statu...
Page 99: Host Lists
8: devices securelinx slc user guide 99 set consoleport (on page 210) show consoleport (on page 211) host lists a host list is a prioritized list of ssh, telnet, and tcp hosts available for establishing incoming modem connections or for the connect direct command on the cli. The slc cycles through t...
Page 100
8: devices securelinx slc user guide 100 host parameters 3. Click the right arrow . The host displays in the hosts box. 4. Repeat steps 2-4 to add more hosts to the host list. Note: to clear fields before adding the next host, click the clear host parameters button. 5. Click the add host list button...
Page 101: Scripts
8: devices securelinx slc user guide 101 to view or update a host list: 1. In the host lists table, select the host list and click the view host list button. Host list commands the following cli commands correspond to the host lists page. For more information, see 15: command reference . Set hostlis...
Page 102
8: devices securelinx slc user guide 102 figure 8-11 scripts page 2. Click the add button. Figure 8-11 shows the page that displays..
Page 103
8: devices securelinx slc user guide 103 figure 8-12 adding new scripts page 3. Enter the following fields. Script name a unique identifier for the script. Type select interface for a script that utilizes expect/tcl to perform pattern detection and action generation on device port output. Select bat...
Page 104
8: devices securelinx slc user guide 104 4. Click the apply button. If your interface script gets validated before it is saved. Once the script is saved, the main scripts page displays. To view or update a script: 1. In the scripts table, select the script and click the edit script button. The page ...
Page 105
8: devices securelinx slc user guide 105 interface script syntax this section describes the abbreviated scripting syntax for interface scripts. This limited syntax was created to prevent the creation of scripts containing potentially harmful commands. Script commands are divided into three groups: p...
Page 106
8: devices securelinx slc user guide 106 == equal to != not equal to primary commands these are stand-alone commands which provide the primary functionality in a script. These commands may rely on one or more of the secondary commands to provide values for some parameters. The preprocessor will requ...
Page 107
8: devices securelinx slc user guide 107 exec the exec command executes a single cli command. Currently only cli 'show' commands may be executed via exec. Syntax: exec send, send_user the send command sends output to a sub-process, the send_user command sends output to the standard output. Both comm...
Page 108
8: devices securelinx slc user guide 108 find and return the index of the last occurrence of 'str_needle' in 'str_haystack' string length return the length of 'str' string index return the character located at position 'int' in 'str' string range return a string consisting of the characters in 'str'...
Page 109
8: devices securelinx slc user guide 109 control flow commands the control flow commands allow conditional execution of blocks of other commands. The preprocessor treats these as primary commands, allowing them to appear anywhere in a script that a primary command is appropriate. While the while com...
Page 110
8: devices securelinx slc user guide 110 command n } sample scripts interface script—monitor port the monitor port (monport) script connects directly to a device port by logging into the slc port, gets the device hostname, loops a couple of times to get port interface statistics, and logs out. The f...
Page 111
8: devices securelinx slc user guide 111 } #already logged in got command prompt $prompt { send_user "already logged....\r" } } #get hostname info send "show network port 1 host\r" expect { timeout { send_user "time out getting hostname 1\r"; return } "domain" { #get hostname from slc set hostna...
Page 112
8: devices securelinx slc user guide 112 the following is the screen output: batch script—slc cli this script runs the following slc cli commands, then runs the monport interface script: show network port 1 host show deviceport names show script connect script monport deviceport 7 slb247glenn]> conn...
Page 113
8: devices securelinx slc user guide 113 the following is the screen output of the script: [slb247glenn]> se script runcli cli [slb247glenn]> show network port 1 host ___current hostname settings___________________________________________________ hostname: slb247glenn domain: [slb247glenn]> [slb247g...
Page 114: 9: Pc Cards
Securelinx slc user guide 114 9: pc cards this chapter describes how to configure storage by using the pc card web page and cli. The pc card page can be used to configure compact flash storage and modem/isdn pc cards. A compact flash is useful for saving and restoring configurations and for device p...
Page 115: Modem Settings
9: pc cards securelinx slc user guide 115 figure 9-2 pc card - storage page 4. Enter the following fields. 5. Click the apply button. Modem settings to enter modem settings for a pc card, perform the following steps. 1. Insert any of the supported modem or isdn cards (see www.Lantronix.Com/slc ) int...
Page 116
9: pc cards securelinx slc user guide 116 2. Click the devices tab and select the pc card option. 3. Click the radio button in the pc card slots table that shows a modem installed. 4. Click the configure button. Figure 9-3 shows the page that displays. Figure 9-3 pc card - modem/isdn page.
Page 117
9: pc cards securelinx slc user guide 117 5. Enter the following fields. Slot (view only) displays the slot position. Device (view only) displays the device type. Type (view only) displays the card type. Firmware version (view only) displays the current firmware version. State (view only) displays t...
Page 118
9: pc cards securelinx slc user guide 118 data settings isdn settings note: these fields are disabled if the pc card inserted is not an isdn card. Gsm/gprs settings these settings are only active when a gsm/gprs pc card modem is in the appropriate slot. Notes: please consult your wireless carrier co...
Page 119
9: pc cards securelinx slc user guide 119 text mode ppp mode gsm bearer svc. Command to select the bearer service, data rate, and connection element to use when data call originate. Auto-acquire dns select to enable the slc to acquire up to three dns servers by means of gprs. Enabled by default. Neg...
Page 120
9: pc cards securelinx slc user guide 120 ip settings enable nat select to enable network address translation (nat) for dial-in and dial-out ppp connections on a per modem (device port or pc card) basis. Users dialing into the slc access the network connected to eth1 and/or eth2. Note: ip forwarding...
Page 121: Pc Card Commands
9: pc cards securelinx slc user guide 121 6. Click the apply button. To view the log of all modem activity: 1. Click the view modem log link. Pc card commands the following cli commands correspond to the pc card. For more information, see 15: command reference . Pccard storage copy (on page 237) pcc...
Page 122: 10: Usb Port
Securelinx slc user guide 122 10: usb port this chapter describes how to configure storage by using the usb web page and cli. The usb web page can be used to configure the thumb drive and modems. The thumb drive is useful for saving and restoring configurations and for device port logging (see devic...
Page 123
10: usb port securelinx slc user guide 123 for port u1. 5. Click configure . Figure 10-2 shows the page that displays. Figure 10-2 usb - storage page 6. Enter the following fields. Port (view only) slot on the slc for the usb device. Device (view only) type of device (modem or storage). Type (view o...
Page 124
10: usb port securelinx slc user guide 124 7. Click apply . Manage firmware and configuration files to manage the firmware and configuration files, perform the following steps. 1. Click the manage files on the thumb drive link on the usb - storage page. Figure 10-3 firmware and configurations - mana...
Page 125
10: usb port securelinx slc user guide 125 figure 10-4 firmware and configurations - manage files (bottom of page) 2. To delete a file, click the check box next to the filename and click delete file . A confirmation message displays. 3. To download a file, click the download button. Select the file ...
Page 126
10: usb port securelinx slc user guide 126 set usb storage format (on page 252) show usb (on page 252) show usb storage (on page 252) show usb modem (on page 253).
Page 127: 11: Connections
Securelinx slc user guide 127 11: connections this chapter describes how to use the connections web page to connect external devices and outbound network connections, such as telnet or ssh, in various configurations. For information about how to configure devices to interact with an slc device port ...
Page 128
11: connections securelinx slc user guide 128 figure 11-1 terminal server remote access server figure 11-2 shows the slc connected to one or more modems by its device ports. Configure the device ports on the device ports - settings web page by selecting the dial-in option in the modem settings secti...
Page 129
11: connections securelinx slc user guide 129 multiport device server figure 11-4 shows a pc connected to the device ports on the slc as virtual serial ports, enabling the ports to act as if they are local ports to the pc. Configure the slc for this setup by using special software, for example, com ...
Page 130: Connection Configuration
11: connections securelinx slc user guide 130 figure 11-5 console server connection configuration to create a connection: 1. Click the devices tab and connections . Figure 11-6 shows the page that displays. Pc pc pc web server switch router modem slc console manager telnet/ssh sessions.
Page 131
11: connections securelinx slc user guide 131 figure 11-6 connections page 2. Enter the following fields. Outgoing connection timeout enable an outgoing timeout by clicking the yes radio button and specifying the seconds. The range is 1 to 9999 seconds. The default is 5 seconds. Connect: deviceport ...
Page 132
11: connections securelinx slc user guide 132 3. Click the apply button. To view, update, or disconnect a current connection: the bottom of the connections page displays current connections as shown in figure 11-7 . Figure 11-7 current connections section of the connections page to view details abou...
Page 133
11: connections securelinx slc user guide 133 to reestablish the connection: 1. Create the connection again in the top part of the page. To view information about web connections: 1. Click the here link in the text above the table. The firmware & configurations - web sessions page displays. Connecti...
Page 134: 12: User Authentication
Securelinx slc user guide 134 12: user authentication this chapter describes authentication methods for users who attempt to log into the slc by telnet, ssh, the console port, or one of the device ports. It includes descriptions of user rights, nis, ldap, radius, kerberos, and tacacs+ options. The c...
Page 135: User Rights
12: user authentication securelinx slc user guide 135 user “joe” tries to login. Because there is an ldap user named “joe,” the slc tries to authenticate that user by using the ldap password first. If that login fails, then the slc may or may not try to authenticate the user by using the nis passwor...
Page 136: Authentication Methods
12: user authentication securelinx slc user guide 136 see local/remote user settings on page 139 for information about assigning rights to users. Authentication methods to enable, disable, and set the precedence of authentication methods: 1. Click the user authentication tab and the authentication m...
Page 137
12: user authentication securelinx slc user guide 137 3. Click the apply button. To disable a method in the enabled methods list: 1. Select the method and click the right arrow between the lists. To set the order in which the slc authenticates: 1. Use the up and down arrows to the left of the enable...
Page 138: Local and Remote Users
12: user authentication securelinx slc user guide 138 local and remote users the system administrator can configure the slc to use local/remote accounts to authenticate users. 1. Click the user authentication tab and local/remote users option. Figure 12-2 shows the page that displays. Figure 12-2 lo...
Page 139: Local/remote User Settings
12: user authentication securelinx slc user guide 139 2. Click the apply button. Local/remote user settings you can add, edit, or delete a local or remote user. To add a user: 1. On the local/remote users page, click the add/edit user button. Figure 12-3 shows the page that displays. Authenticate on...
Page 140
12: user authentication securelinx slc user guide 140 figure 12-3 local/remote user settings page 2. Enter the following fields. Login user id of selected user. Authentication select the type of authenticated user: local: user listed in the slc database. Remote: user not listed in the slc database. ...
Page 141
12: user authentication securelinx slc user guide 141 3. Assign rights to users. Each user is a member of a group that has a predefined user rights associated with it. You can assign or remove additional rights to the individual user. Dial-back number the phone number the modem dials back on depends...
Page 142
12: user authentication securelinx slc user guide 142 4. Click the apply button. 5. Click the back to local/remote users link to return to the local/remote user settings page. Add another user or click the back to local/remote users link. The local/remote users page displays with the new user listed...
Page 143
12: user authentication securelinx slc user guide 143 3. Click the apply button. To delete a local user: 1. On the local/remote users page, select the user and click the add/edit user button. The local/remote user settings page displays. 2. Click the delete user button. 3. Click the apply button. To...
Page 144: Nis
12: user authentication securelinx slc user guide 144 nis the system administrator can configure the slc to use nis to authenticate users attempting to log in to the slc through the web, ssh, telnet, or the console port. If nis does not provide port permissions, you can use this page to grant device...
Page 145
12: user authentication securelinx slc user guide 145 2. Enter the following fields. Enable nis displays selected if you enabled this method on the authentication methods page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: you can enable ni...
Page 146
12: user authentication securelinx slc user guide 146 3. In the user rights section, select the user group to which nis users will belong. 4. Select or clear the checkboxes for the following rights. 5. Click the apply button. Note: you must reboot the slc before your changes take effect. Group selec...
Page 147: Ldap
12: user authentication securelinx slc user guide 147 nis commands the following cli commands correspond to the nis page. For more information, see 15: command reference . Set nis (on page 235) show nis (on page 236) ldap ldap allows authentication of slc users using a wide variety of ldap servers, ...
Page 148
12: user authentication securelinx slc user guide 148 figure 12-5 ldap page 2. Enter the following fields. Enable ldap displays as checked if you enabled this method in the user authentication methods page. If you want to set up this authentication method but not enable it immediately, clear the che...
Page 149
12: user authentication securelinx slc user guide 149 bind with login select to bind with the login and password that a user is authenticating with. This requires that the bind name contain the $login token, which will be replaced with the current login. For example, if the bind name is uid=$login,o...
Page 150
12: user authentication securelinx slc user guide 150 3. In the user rights section, select the user group to which ldap users belong. 4. Select or clear the checkboxes for the following rights. 5. Click the apply button. Note: you must reboot the slc before your changes take effect. Group select th...
Page 151: Radius
12: user authentication securelinx slc user guide 151 user attributes and permissions from ldap schema remote user attributes (group/permissions and port access) can be obtained from an active directory server schema via the user attribute securelinxslcperms. This attribute is a set of parameter-val...
Page 152
12: user authentication securelinx slc user guide 152 figure 12-6 radius page 2. Enter the following fields. Enable radius displays selected if you enabled this method on the user authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox....
Page 153
12: user authentication securelinx slc user guide 153 note: older radius servers may use 1645 as the default port. Check your radius server configuration. 3. In the user rights section, select the user group to which radius users belong. Radius server #2 ip address or host name of the secondary radi...
Page 154
12: user authentication securelinx slc user guide 154 4. Select or clear the checkboxes for the following rights. 5. Click the apply button. Note: you must reboot the slc before your changes take effect. Radius commands the following cli commands correspond to the radius page. For more information, ...
Page 155: Kerberos
12: user authentication securelinx slc user guide 155 kerberos kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography. The system administrator can configure the slc to use kerberos to authenticate users attem...
Page 156
12: user authentication securelinx slc user guide 156 2. Enter the following fields. Enable kerberos displays selected if you enabled this method on the user authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: you can enable ...
Page 157
12: user authentication securelinx slc user guide 157 3. In the user rights section, select the user group to which kerberos users will belong. 4. Select or clear the checkboxes for the following rights. 5. Click the apply button. Note: you must reboot the slc before your changes take effect. Clear ...
Page 158: Tacacs+
12: user authentication securelinx slc user guide 158 kerberos commands the following cli commands correspond to the kerberos page. For more information, see 15: command reference . Set kerberos (on page 225) show kerberos (on page 225) tacacs+ similar to radius, the main function of tacacs+ is to p...
Page 159
12: user authentication securelinx slc user guide 159 figure 12-8 tacacs+ page 2. Enter the following fields. Enable tacacs+ displays selected if you enabled this method on the user authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbo...
Page 160
12: user authentication securelinx slc user guide 160 3. In the user rights section, select the user group to which tacacs+ users belong. 4. Select or clear the checkboxes for the following rights: escape sequence a single character or a two-character sequence that causes the slc to leave direct (in...
Page 161: Ssh Keys
12: user authentication securelinx slc user guide 161 5. Click the apply button. Note: you must reboot the unit before your changes will take effect. Tacacs+ commands the following cli commands correspond to the tacacs+ page. For more information, see 15: command reference . Set tacacs+ (on page 249...
Page 162
12: user authentication securelinx slc user guide 162 the public key file can be imported via scp or ftp; once imported, you can view or delete the public key. Any ssh connection into the slc from the designated host/user combination uses the ssh key for authentication. Exported keys the slc can gen...
Page 163
12: user authentication securelinx slc user guide 163 figure 12-9 ssh keys page 2. Enter the following fields..
Page 164
12: user authentication securelinx slc user guide 164 imported keys (ssh in) host & login for import exported keys (ssh out) host & user associated with key these entries are required in the following cases: the imported key file does not contain the host that the user will be making an ssh connecti...
Page 165
12: user authentication securelinx slc user guide 165 host and login for export to view or delete a key: 1. Select the key from the appropriate table. The view and delete buttons become active. 2. To view the key, click the view button. A pop-up page displays the key. 3. To delete the key, click the...
Page 166
12: user authentication securelinx slc user guide 166 figure 12-10 ssh server/host keys page 2. Enter the following fields. Reset to default host key select the all keys checkbox to reset all default key(s), or select one or more checkboxes to reset defaults for rsa1 , rsa , or dsa keys. All checkbo...
Page 167: Custom User Menus
12: user authentication securelinx slc user guide 167 3. Click the apply button. Ssh commands the following cli commands correspond to the sshkeys page. For more information, see 15: command reference . Set sshkey allexport (on page 245) set sshkey delete (on page 245) set sshkey export (on page 246...
Page 168
12: user authentication securelinx slc user guide 168 the system administrator configures local user “john” to use custom menu “menu1”: [slc]> set menu add menu1 enter optional menu title ( for none): menu1 title specify nickname for each command? [no] y enter each command, up to 50 commands ('logou...
Page 169
12: user authentication securelinx slc user guide 169 user “john” logs into the command line interface, initially sees menu1, executes the command to jump to nested menu menu2, and then returns to menu1: creating custom menus has the following limitations: maximum of 20 custom user menus. Maximum of...
Page 170: 13: Maintenance
Securelinx slc user guide 170 13: maintenance this chapter describes the tasks that the system administrator performs by using the pages of the maintenance tab and additional commands on the command line interface. It contains the following sections: firmware and configurations system logs audit log...
Page 171
13: maintenance securelinx slc user guide 171 figure 13-1 firmware & configurations page 2. Enter the following fields. General reboot select this option to reboot the slc immediately. The default is no . Note: the front panel lcd displays the “rebooting the slc” message, and the normal boot sequenc...
Page 172
13: maintenance securelinx slc user guide 172 slc firmware load firmware via options internal temperature- current/low/high sets the acceptable range for the internal temperature of the slc. If the temperature of the slc changes to be outside of this range, the slc will issue an snmp trap. Data cent...
Page 173
13: maintenance securelinx slc user guide 173 boot banks configuration management password & retype password the ftp user password. Bank 1 version of slc firmware in bank 1. Note: the word “current” displays next to the bank the slc booted from. Bank 2 version of slc firmware in bank 2. Next boot ba...
Page 174
13: maintenance securelinx slc user guide 174 3. Click the apply button. Note: if you selected an option that forces a reboot (restore configuration, update firmware, or reset factory defaults), the slc automatically reboots at the end of the process. To manage configuration files: the manage option...
Page 175
13: maintenance securelinx slc user guide 175 figure 13-2 firmware & configurations - manage configuration files page 2. To download files, click the download file button. A file download window opens to confirm the download. 3. To rename files, check the box of the file that you want to rename and ...
Page 176: System Logs
13: maintenance securelinx slc user guide 176 admin config save (on page 199) admin config show (on page 199) system logs the system logs page allows you to view and clear system logs. See 7: services for more information about system logs. To view system logs: 1. Click the maintenance tab and selec...
Page 177
13: maintenance securelinx slc user guide 177 figure 13-4 system log output page 4. To email the system log to an individual: a. In the comment field, enter a comment (if desired). B. Select to and enter the person’s email address. C. Press the email output button. 5. To email the system log to lant...
Page 178: Audit Log
13: maintenance securelinx slc user guide 178 system logs commands the following cli commands correspond to the system logs page. For more information, see 15: command reference . Show syslog (on page 248) show syslog clear (on page 248) audit log the audit log web page displays a log of all actions...
Page 179: Email Log
13: maintenance securelinx slc user guide 179 email log the email log web page displays a log of all emails that have been sent by the slc, a count of the number of emails sent, the number of bytes sent, and the number of email errors. Use the ssh/telnet/logging page to configure the email (smtp) se...
Page 180
13: maintenance securelinx slc user guide 180 figure 13-7 diagnostics page 2. Enter the following fields. Select diagnostics select one or more diagnostic methods you want to run, or select all to run them all. Arp table address resolution protocol (arp) table used to view the ip address-to- hardwar...
Page 181
13: maintenance securelinx slc user guide 181 3. Click the run diagnostics button. Figure 13-8 shows the page that displays. Figure 13-8 diagnostics report page 4. To view a report, click the link for that report. The links display at the top left of the page. Send packet this option sends an ethern...
Page 182: Status/reports
13: maintenance securelinx slc user guide 182 5. To email the report to an individual: a. In the comment field, enter a comment (if desired). B. Select to and enter the email address. C. Press the email output button. 6. To email the report to lantronix technical support: a. In the comment field, en...
Page 183
13: maintenance securelinx slc user guide 183 figure 13-9 status/reports page 2. Enter the following fields. View report 3. Click the generate report button. In the upper left, the report page displays a list of reports generated as shown in figure 13-10 . View report select as many of the reports a...
Page 184
13: maintenance securelinx slc user guide 184 figure 13-10 generated reports page 4. To view a report, click the link for that report. 5. To email the report to lantronix technical support: a. In the comment field, enter a comment (if desired). B. Select to: lantronix tech support c. Call lantronix ...
Page 185: Events
13: maintenance securelinx slc user guide 185 status/reports commands the following cli commands correspond to the status/reports page. For more information, see 15: command reference . Show sysconfig (on page 248) show sysstatus (on page 248) show connections (on page 210) show connections connid (...
Page 186
13: maintenance securelinx slc user guide 186 2. Enter the following fields. 3. Choose one of the following options: to add the defined event, click the add event button. The event displays in the events table at the bottom of the page. To edit an event, select the event from the events table and cl...
Page 187: Banners
13: maintenance securelinx slc user guide 187 banners the banners page allows the system administrator to customize text messages that display to users. To configure banner settings: 1. Click banners. Figure 13-12 shows the page that displays. Figure 13-12 banners page 1. Enter the following fields....
Page 188: Lcd and Keypad
13: maintenance securelinx slc user guide 188 admin banner show (on page 197) admin banner ssh (on page 197) admin banner welcome (on page 198) lcd and keypad the lcd has a series of screens, consisting of 2 lines of 24 characters each. Specific screens and the display order can be configured. The k...
Page 189
13: maintenance securelinx slc user guide 189 to configure the lcd: 1. Select a screen and click the up arrow or the down arrow to change the order of the screens. 2. Select a screen to be removed and click the right arrow . The screen moves to the disabled screens list. 3. Select a screen from the ...
Page 190: 14: Application Examples
Securelinx slc user guide 190 14: application examples each slc has multiple serial ports and two network ports as shown in figure 14-1 . Each serial port can be connected to the console port of a device. Using a network in-band port or an out-of- band modem for a dial-up connection, an administrato...
Page 191
14: application examples securelinx slc user guide 191 in the example below, the system administrator performs the following steps: 1. Display the settings for device port 2 by using the show deviceport command. 2. Change the baud to 57600 and disable flow control by using the baud and flowcontrol p...
Page 192
14: application examples securelinx slc user guide 192 dial-in (text mode) to a remote device the example in figure 14-3 shows a modem connected to the slc device port 1, and a sun server connected to the slc device port 2. You can configure the modem for text mode dial-in, so a remote user can dial...
Page 193
14: application examples securelinx slc user guide 193 4. Log into the slc. 5. Connect to the sun unix server using the connect direct command. 6. Use the escape sequence to escape from direct mode back to the command line interface. Local serial connection to network device via telnet figure 14-4 s...
Page 194
14: application examples securelinx slc user guide 194 the system administrator performs the following steps. 1. Display the settings for device port 2 by using the show deviceport command. 2. Change the serial settings to match the serial settings for the vt100 terminal by using the baud and flowco...
Page 195: 15: Command Reference
Securelinx slc user guide 195 15: command reference this chapter lists and describes all of the commands available on the slc command line interface (cli) accessed by using telnet, ssh, or a serial connection. In addition to the commands, this chapter contains the following sections: introduction to...
Page 196
15: command reference securelinx slc user guide 196 user must specify an appropriate value, for example, an ip address. The parameter values are in mixed case. Square brackets [ ] indicate optional parameters. Command line actions and categories table 15-1 lists the actions and categories for each a...
Page 197: Deprecated Commands
15: command reference securelinx slc user guide 197 to clear an ip address, type 0.0.0.0 , or to clear a non-ip address value, type clear . When the number of lines displayed by a command exceeds the size of the window (the default is 25), the command output is halted until youare ready to continue....
Page 198
15: command reference securelinx slc user guide 198 admin banner welcome syntax admin banner welcome description configures the banner displayed before the user logs in. Note: to go to the next line, type and press enter. Admin clear syntax admin clear tmpdir description resets system resources a...
Page 199
15: command reference securelinx slc user guide 199 note: the config params to preserve get contained as a comma-separated list of current configuration parameters that are kept after the config restore or factorydefaults. Description restores the factory default settings. Admin config restore synta...
Page 200
15: command reference securelinx slc user guide 200 admin firmware bootbank syntax admin firmware bootbank description sets the boot bank to be used at the next slc reboot. Applies to dual-boot slcs only. Admin firmware copybank syntax admin firmware copybank description copies the boot bank from th...
Page 201
15: command reference securelinx slc user guide 201 admin ftp show syntax admin ftp show description displays ftp settings. Admin keypad syntax admin keypad description locks or unlocks the lcd keypad. If the keypad is locked, you can scroll through settings but not change them. Admin keypad passwor...
Page 202
15: command reference securelinx slc user guide 202 admin lcd line1 syntax admin lcd line1 line2 description sets the strings displayed on the lcd user string screen. Admin lcd screens syntax admin lcd screens parameters currtime network console datetime release devports location userstrings descrip...
Page 203
15: command reference securelinx slc user guide 203 description runs the quick setup script. Admin reboot syntax admin reboot description terminates all connections and reboots the slc. The front panel lcd displays the “rebooting the slc” message, and the normal boot sequence occurs. Admin site synt...
Page 204
15: command reference securelinx slc user guide 204 admin web certificate syntax admin web certificate import via certfile privfile host login [path ] description imports an ssl certificate. Admin web certificate reset syntax admin web certificate reset description resets a web certificate. Admin we...
Page 205: Audit Log Commands
15: command reference securelinx slc user guide 205 admin web timeout syntax admin web timeout description configures the timeout for web sessions. Admin web terminate syntax admin web terminate description terminates a web session. Admin web show syntax admin web show [viewslmsessions ] description...
Page 206: Cli Commands
15: command reference securelinx slc user guide 206 tacacs+ description sets ordering of authentication methods. Local users authentication is always the first method used. Any methods omitted from the command are disabled. Show auth syntax show auth description displays authentication methods and t...
Page 207: Connection Commands
15: command reference securelinx slc user guide 207 description starts a menu if the menu associated with the user does not display. Set cli terminallines syntax set cli terminallines description sets the number of lines in the terminal emulation screen for paging through text one screen at a time, ...
Page 208
15: command reference securelinx slc user guide 208 date charcount charseq charxfer is one or more of: user version command note: if the trigger is datetime (establish connection at a specified date/time), enter the date parameter. If the trigger is chars (establish connection on receipt of a specif...
Page 209
15: command reference securelinx slc user guide 209 connect global outgoingtimeout syntax connect global outgoingtimeout description sets the amount of time the slc will wait for a response (sign of life) from an ssh/telnet server that it is trying to connect to. Connect global show syntax connect g...
Page 211: Custom User Menu Commands
15: command reference securelinx slc user guide 211 timeout description configures console port settings. Show consoleport syntax show consoleport description displays console port settings. Custom user menu commands users can have custom user menus as their command line interface, rather than the s...
Page 212: Date and Time Commands
15: command reference securelinx slc user guide 212 description creates a new custom user menu or adds a command to an existing custom user menu. Set menu copy syntax set menu copy description make a copy of an existing menu. Set menu edit syntax set menu edit parameters command nickname redisplayme...
Page 213: Device Commands
15: command reference securelinx slc user guide 213 set datetime syntax set datetime parameters date timezone note: if you do not have a valid , enter “timezone ” and the system guides you through the process of selecting a time zone. Description sets the local date, time, and local time zone (one p...
Page 214: Device Port Commands
15: command reference securelinx slc user guide 214 set command syntax set command parameters slp auth login slp restart slp outletcontrol state [outlet #>][tower ] (outlet # is 1-8 for slp8 and 1-16 for slp16. The outletcontrol parameters control individual outlets.) slp outletstate [outlet ] [towe...
Page 216
15: command reference securelinx slc user guide 216 modemtimeout name nat nfsdir nfslogging nfsmaxfiles nfsmaxsize parity pccardlogging pccardmaxfiles pccardmaxsize pcccardslot portlogseq remoteipaddr restartdelay showlines slmlogging slmnms slmthreshold slmtime sshauth sshin sshport sshtimeout stop...
Page 217
15: command reference securelinx slc user guide 217 usbport viewportlog webcolumns webrows note: a group of device ports can be configured by specifying a comma-separated list of ports (i.E., '1-4,8,10-12') or 'all'. Remove breakseq for device ports connected to raw binary connections. The logging l...
Page 218: Diagnostic Commands
15: command reference securelinx slc user guide 218 description displays the settings for one or more device ports. Show portcounters syntax show portcounters [deviceport ] [email address>] description displays device port statistics and errors for one or more ports. You can optionally email the dis...
Page 219
15: command reference securelinx slc user guide 219 diag lookup syntax diag lookup [email ] description resolves a host name into an ip address. You can optionally email the displayed information. Diag loopback syntax diag loopback [] parameters test external > xferdatasize size in kbytes to transfe...
Page 221: Email Log Commands
15: command reference securelinx slc user guide 221 email log commands show emaillog syntax show emaillog [email ] description display the email log. Show emaillog clear syntax show emaillog clear description clear the email log. Events commands admin events add syntax admin events add is one of: re...
Page 222: Host List Commands
15: command reference securelinx slc user guide 222 admin events edit syntax admin events edit parameters community deviceport ethport nms oid pccardslot emailaddress description edits event definitions. Admin events show syntax admin events show description displays event definitions. Host list com...
Page 223: Ip Filter Commands
15: command reference securelinx slc user guide 223 protocol port escapeseq description adds a new host entry to a list or edit an existing entry. Set hostlist delete syntax set hostlist delete [entry ] description deletes a host list, or a single host entry from a host list. Set hostlist edit synta...
Page 224
15: command reference securelinx slc user guide 224 description maps an ip filter to an interface. Set ip filter rules syntax set ipfilter rules parameters: add delete edit append insert replace delete description sets ip filter rules. Set ipfilter state syntax set ipfilter state [testtimer ] descri...
Page 225: Kerberos Commands
15: command reference securelinx slc user guide 225 description displays the rulesets for the ip filters. Show ipfilter status syntax show ipfilter status description displays the ip filter status. Kerberos commands set kerberos syntax set kerberos parameters breakseq clearports custommenu allowdial...
Page 226: Ldap Commands
15: command reference securelinx slc user guide 226 description displays kerberos settings. Ldap commands set ldap syntax set ldap parameters adsupport disable > base bindname bindpassword bindwithlogin useldapschema breakseq clearports custommenu disable > base bindname bindpassword bindwithlogin u...
Page 228
15: command reference securelinx slc user guide 228 set localusers consoleonlyadmin syntax set localusers consoleonlyadmin description sets console-only admin usage. Set localusers delete syntax set localusers delete description deletes a local user. Set localusers lifetime syntax set localusers lif...
Page 229
15: command reference securelinx slc user guide 229 set localusers password syntax set localusers password description sets a login password for the local user. Set localusers periodlockout syntax set localusers periodlockout description sets the number of minutes after a lockout before the user can...
Page 230: Log Commands
15: command reference securelinx slc user guide 230 log commands set log clear syntax set log clear description clears the device port local buffer. Local logging must be enabled for a device port in order to use this command. Set log clear modem syntax set log clear modem description clears the mod...
Page 231: Network Commands
15: command reference securelinx slc user guide 231 defaults bytes:1000 startbyte:1 numlines:40 description views the log for local, nfs, or pc card logging. Nfs and pc card use the current logging settings for the device port. The default is to show the tail of the log. Show log modem syntax show l...
Page 233
15: command reference securelinx slc user guide 233 show network all syntax show network all description displays all network settings. Show network bonding syntax show network bonding description displays network connections that are bonded. Show network dns syntax show network dns description disp...
Page 235: Nis Commands
15: command reference securelinx slc user guide 235 description unmounts a remote nfs share. Show cifs syntax show cifs description displays smb/cifs settings. Show nfs syntax show nfs description displays nfs share settings. Nis commands set nis syntax set nis parameters breakseq broadcast clearpor...
Page 236: Pc Card Commands
15: command reference securelinx slc user guide 236 state description configures the slc to use nis to authenticate users who log in via the web, ssh, telnet, or the console port. Show nis syntax show nis description displays nis settings. Pc card commands pccard modem syntax pccard modem parameters...
Page 238
15: command reference securelinx slc user guide 238 pccard storage delete syntax pccard storage delete file description removes a file on a compact flash card. Pccard storage dir syntax pccard storage dir description views a directory listing of a compact flash card. Pccard storage format syntax pcc...
Page 239: Radius Commands
15: command reference securelinx slc user guide 239 show pccard syntax show pccard description displays currently loaded pc cards with product information and settings. Show pccard storage syntax show pccard storage description displays product information and settings for any pc card compact flash....
Page 240: Remote Users Commands
15: command reference securelinx slc user guide 240 description configures the slc to use radius to authenticate users who log in via the web, ssh, telnet, or the console port. Set radius server syntax set radius server host secret [port ] description identifies the radius server, the text secret, a...
Page 241: Routing Commands
15: command reference securelinx slc user guide 241 description sets attributes for users who log in by a remote authentication method. Set remoteusers delete syntax set remoteusers delete description removes a remote user. Set remoteusers listonlyauth syntax set remoteusers listonlyauth description...
Page 242: Script Commands
15: command reference securelinx slc user guide 242 show routing syntax show routing [sort ] [display ] [resolveip disable >] [email ] description sets the routing table to display ip addresses (disable) or the corresponding host names (enable). You can email the displayed information. Script comman...
Page 243: Services Commands
15: command reference securelinx slc user guide 243 set script update syntax set script update name [group ] [permissions ] description updates a script. Show script syntax show script [type [name ]] description display list of device port (interface) scripts or cli (batch) scripts, or view the cont...
Page 244
15: command reference securelinx slc user guide 244 rocommunity rwcommunity servlog smtpsender smtpserver snmp ssh syslogserver1 syslogserver2 telnet timeoutssh timeouttelnet traps trapcommunity v1ssh webssh webtelnet v3auth v3encrypt v3password v3phrase v3rwpassword v3rwphrase v3rwuser v3security v...
Page 245: Slc Network Commands
15: command reference securelinx slc user guide 245 show services syntax show services description displays current services. Slc network commands set slcnetwork syntax set slcnetwork parameters add delete search description detects and displays all slc or user-defined ip addresses on the local netw...
Page 246
15: command reference securelinx slc user guide 246 parameters keyhost keyname keyuser description deletes an ssh key. Specify the keyuser and keyhost to delete an imported key; specify the keyuser and keyname to delete exported key. Set sshkey export syntax set sshkey export copypaste > parameters ...
Page 247
15: command reference securelinx slc user guide 247 description imports an slc host key. Set sshkey server reset syntax set sshkey server reset [type ] description resets defaults for all or selected host keys. Show sshkey export syntax show sshkey export parameters [keyhost ] [keyuser ] [viewkey ] ...
Page 248: Status Commands
15: command reference securelinx slc user guide 248 status commands show sysconfig syntax show sysconfig [display ] [email description displays a snapshot of all configurable parameters. Optionally emails the displayed information. Show sysstatus syntax show sysstatus [email ] description to display...
Page 250: Usb Commands
15: command reference securelinx slc user guide 250 show temperature syntax show temperature description displays the acceptable range and the current reading from the internal temperature sensor. Usb commands set usb access syntax set usb access description enables or disables access to usb devices...
Page 251
15: command reference securelinx slc user guide 251 note: it is recommended that the initscript be prepended with 'at' and include 'e1 v1 x4 q0' so that the slc may properly control the modem. Description configures a currently loaded usb modem. Set usb storage dir syntax set usb storage dir descrip...
Page 253: User Permissions Commands
15: command reference securelinx slc user guide 253 show usb modem syntax show usb modem description display product information and settings for any usb modem. User permissions commands each user is a member of a group (default users, power users, administrators) and has a set of user rights associ...
Page 254: A: Bootloader
Securelinx slc user guide 254 a: bootloader the slc provides a bootload command interface. This interface is only accessible through the slc console port. Accessing the bootloader to access the bootloader cli: 1. Power up the slc. 2. Type x15 within 10 seconds of power up. The bootloader halts the b...
Page 255
A: bootloader securelinx slc user guide 255 administrator commands in addition to the commands that the user can issue, the administrator can issue the following commands: imagecopy copies an image of the drive from the lower pcmcia device to the internal cf card. Passwd provides a new password for ...
Page 256: B: Security Considerations
Securelinx slc user guide 256 b: security considerations the slc provides data path security by means of ssh or web/ssl. Do not assume that you have complete security, however. Securing the data path is only one way to ensure security. This appendix briefly discusses some important security consider...
Page 257: C: Safety Information
Securelinx slc user guide 257 c: safety information this appendix describes the safety precautions that should be followed when installing and operating the slc. It contains the following sections: cover power plug input supply grounding fuses rack port connections cover do not remove the cover of t...
Page 258: Grounding
C: safety information securelinx slc user guide 258 grounding maintain reliable grounding of this product. Pay particular attention to supply connections when connecting to power strips, rather than directly to the branch circuit. Install dc-rated equipment only under the following conditions: - con...
Page 259: Port Connections
C: safety information securelinx slc user guide 259 port connections only connect the network port to an ethernet network that supports 10base-t/100base-t. Only connect device ports to equipment with serial ports that support eia-232 (formerly rs- 232c). Only connect the console port to equipment wi...
Page 260: D: Adapters and Pinouts
Securelinx slc user guide 260 d: adapters and pinouts the serial device ports of the slc products match the rj45 pinouts of the console ports of many popular devices found in a network environment. The slc uses conventional straight-through category 5 fully pinned network cables for all connections ...
Page 261
D: adapters and pinouts securelinx slc user guide 261 figure d-2 rj45 receptacle to db25f dce adapter for the slc (pn 200.2067a).
Page 262
D: adapters and pinouts securelinx slc user guide 262 figure d-3 rj45 receptacle to db9m dce adapter for the slc (pn 200.2069a).
Page 263
D: adapters and pinouts securelinx slc user guide 263 figure d-4 rj45 receptacle to db9f dce adapter for the slc (pn 200.2070a) use pn 200.2070a adapter with a pc serial port..
Page 264
D: adapters and pinouts securelinx slc user guide 264 figure d-5 rj45 to rj45 adapter for netra/sun/cisco and slp (pns 200.2225 and adp010104-01) note: the cable ends of the adp010104-01 are an rj45 socket on one end and a rj45 plug on the other instead of rj45 sockets on both ends. Use this adapter...
Page 265: E: Protocol Glossary
Securelinx slc user guide 265 e: protocol glossary bootp (bootstrap protocol) similar to dhcp, but for smaller networks. Automatically assigns the ip address for a specific duration of time. Chap (challenge handshake authentication protocol) a secure protocol for connecting to a system; it is more s...
Page 266
E: protocol glossary securelinx slc user guide 266 for text connections, the user will be prompted for a login and password, and will be authenticated via the currently the currently enabled authentication methods (local users, nis, ldap, etc). Once authenticated, the slc will use the dial-back numb...
Page 267
E: protocol glossary securelinx slc user guide 267 using the local ip and the remote ip . The ppp connection will stay active until no ip traffic for the remote ip is sent for modem timeout seconds. Once the timeout has expired, the ppp connection will be terminated and will not be reestablished for...
Page 268
E: protocol glossary securelinx slc user guide 268 the slc will request the type of number defined by cbcp client type - either an admin- defined number (the cbcp server determines the number to call) or a user-defined number (the slc will provide the fixed dial-back number as the number to call). I...
Page 269
E: protocol glossary securelinx slc user guide 269 radius (remote authentication dial-in user service) an authentication and accounting protocol. Enables remote access servers to communicate with a central server to authenticate dial-in users and their access permissions. A company stores user profi...
Page 270: F: Compliance Information
Securelinx slc user guide 270 f: compliance information the following information specifies compliance information in accordance with iso/iec guide 22 and en 45014). Manufacturer name and address lantronix inc., 167 technology, irvine, ca 92618 usa declares that the following product: product names:...
Page 271
F: compliance information securelinx slc user guide 271 c-tick cb scheme nist-certified implementation of aes as specified by fips 197 this product carries the ce mark since it has been tested and found compliant with the following standards: safety: en 60950 emissions: en 55022 class a immunity: en...
Page 272
F: compliance information securelinx slc user guide 272 0: toxic or hazardous substance contained in all of the homogeneous materials for this part is below the limit requirement in sj/ t11363-2006. X: toxic or hazardous substance contained in at least one of the homogeneous materials used for this ...
Page 273
Securelinx slc user guide 273 g: dc connector instructions the -48vdc plug connector is provided to make the input power connectors for your console server. The -48vdc input source should be circuit breaker or fuse protected at 5 amps. Input voltage: -48vdc (acceptable range of -40 to -60 vdc) max. ...
Page 274
G: dc connector instructions securelinx slc user guide 274 3. Using a small screwdriver, press the slot to release the spring pressure for each conductor (as shown in figure g-2 ) and insert the wire. When the wire is in position, release the pressure on the screwdriver to securely capture the wire....
Page 275
G: dc connector instructions securelinx slc user guide 275 figure g-5 dc power cord into the slc b. Turn on your -48vdc power source. C. Turn on the power switch of the slc console server. 7. Follow the setup instructions in your slc manual to use your product..
Page 276: H: Ldap Schemas
Securelinx slc user guide 276 h: ldap schemas this appendix describes the procedure for defining individual user permissions from a windows active directory (ad) server to use with the lantronix securelinx console manager (slc) firmware version 5.4 or greater. The procedure outlined in this appendix...
Page 277
H: ldap schemas securelinx slc user guide 277 figure h-1 programs window 3. Click start > run > mmc. 4. Click ok. Figure h-2 shows the window that displays. Figure h-2 mmc window 5. On the file menu, click add/remove snap-in. Figure h-3 shows the window that displays..
Page 278
H: ldap schemas securelinx slc user guide 278 figure h-3 snap-in window 6. Under available snap-ins, click active directory schema > add > ok. Figure h-4 shows the directory that displays. Figure h-4 active directory schema 7. To save this console, click save on the file menu. Figure h-5 shows the w...
Page 279
H: ldap schemas securelinx slc user guide 279 8. In the save as dialog box, do one of the following: a. To place the snap-in in the administrative tools folder, in file name box, type a name for the snap-in, and then click save. Figure h-6 shows the folder that displays. Figure h-6 administrative to...
Page 280
H: ldap schemas securelinx slc user guide 280 figure h-8 new attribute window 3. Click continue on the warning screen. 4. For both the common name and ldap display name, use securelinxslcperms in exactly that form (case included). Figure h-9 shows the window that displays. Figure h-9 create new attr...
Page 281
H: ldap schemas securelinx slc user guide 281 adding the attribute to the users group in windows 1. Highlight the classes folder in the console tree on the left. Figure h-10 shows the files that display. Figure h-10 classes folder 2. In the right pane, scroll down to user. Figure h-11 shows the wind...
Page 282
H: ldap schemas securelinx slc user guide 282 figure h-12 class user properties window 4. Under the attributes tab, click on add. Figure h-13 shows the window that displays. Figure h-13 user properties window 5. Find the securelinxslcperms attribute, highlight it, and click on ok..
Page 283
H: ldap schemas securelinx slc user guide 283 figure h-14 select schema object window 6. Click on ok on the window underneath. 7. Click on file and click on save. 8. Exit out of mmc. Adding the permissions to the individual user 1. Open adsi edit (if you start typing adsi in the search line in windo...
Page 284
H: ldap schemas securelinx slc user guide 284 figure h-15 adsi edit window 2. Expand the console tree until you get to the listing of users. Figure h-16 shows the folder that displays. Figure h-16 adsi edit window, cn=users folder 3. Right click on the user for whom you wish to configure permissions...
Page 285: Values to Use
H: ldap schemas securelinx slc user guide 285 figure h-17 shows the properties window. Figure h-17 properties window 4. Under the attribute editor tab, scroll down to securelinxslcperms. 5. Highlight it and click on the edit button. Figure h-18 shows the window that displays. Figure h-18 atribute ed...
Page 286: String Format
H: ldap schemas securelinx slc user guide 286 group escseq brkseq menu for rights , you can enable the following: fa : full administrative nt : networking sv : services lu : local users ra : remote authentication dt : date/time sk : ssh keys um : user menus dp : device ports configuration do : devic...
Page 287
H: ldap schemas securelinx slc user guide 287 figure h-19 string attribute editor window.