DL manuals
Lantronix
Server
SLM
User manual

Lantronix SLM User manual

Manual is about: Secure Lantronix Management; Virtual Secure Lantronix Management

Page of 370

Download

Print this page

Bookmark us

Part Number 900-386

Revision I October 2012

Secure Lantronix Management (SLM)

Virtual Secure Lantronix Management (vSLM)

Appliance User Guide

1 2 3 4 5 6 7 Next › »

Summary of SLM

Page 1
Part number 900-386 revision i october 2012 secure lantronix management (slm) virtual secure lantronix management (vslm) appliance user guide.
Page 2
Slm user guide 2 copyright & trademark © 2012 lantronix, inc. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any form or by any means without the written permission of lantronix. Lantronix® is a registered trademark and slm™, vslm™ and deviceinstaller™ ...
Page 3
Slm user guide 3 disclaimer the information in this guide may change without notice. The manufacturer assumes no responsibility for any errors that may appear in this guide. Operation of this equipment in a residential area is likely to cause interference, in which case the user, at his or her own e...
Page 4
Slm user guide 4 april 2007 e added capabilities: access slm by mobile phone; discover usb modems; view session log files; change snmp settings for slps in bulk; connect directly to the port of an slc or slb; apply power to multiple ports on an slp; view port logs, make a web channel connection to a...
Page 5
Slm user guide 5 table of contents list of figures ____________________________________________________________14 list of tables _____________________________________________________________19 1: about this guide 23 purpose and audience _____________________________________________________23 chapter...
Page 6
Table of contents slm user guide 6 5: web and command line interfaces 48 web interface ____________________________________________________________48 logging in ____________________________________________________________48 typical slm web page _________________________________________________49 not...
Page 7
Table of contents slm user guide 7 ipsec management ________________________________________________________78 internet key exchange (ike) policies _______________________________________78 viewing a list of ike policies _____________________________________________78 adding an ike policy: _________...
Page 8
Table of contents slm user guide 8 adding an account to the administrators account group _______________________127 adding an account to an ethernet or managed device account group ____________129 updating or deleting an account _________________________________________131 account commands _________...
Page 9
Table of contents slm user guide 9 10: managed devices 190 managed device groups __________________________________________________191 viewing all managed devices ___________________________________________191 viewing managed device groups ________________________________________192 adding a managed...
Page 10
Table of contents slm user guide 10 making an ssh connection to an ethernet or managed device _________________227 making a web channel connection to an slc ______________________________228 making a telnet connection to an ethernet device ___________________________229 connection commands _________...
Page 11
Table of contents slm user guide 11 viewing, deleting, and renaming files ____________________________________273 exporting, uploading, and downloading files _______________________________275 copying files ________________________________________________________277 setting up nfs __________________...
Page 12
Slm user guide 12 administrators, ethernet users and menu only users _________________________316 managed device users ________________________________________________318 date and time commands _________________________________________________320 diagnostic commands _________________________________...
Page 13
Slm user guide 13 appendix d: technical specifications 364 appendix e: compliance 365 slm-01 ________________________________________________________________365 slm-02 ________________________________________________________________366 appendix f: protocol glossary 368.
Page 14
Slm user guide 14 list of figures figure 1-1 rights of ethernet device group and managed device group to devices ___________26 figure 2-1 slm overview __________________________________________________________28 figure 2-2 vslm overview _________________________________________________________28 fig...
Page 15
List of figures slm user guide 15 figure 7-23 add internet key exchange policy page_____________________________________80 figure 7-25 internet key exchange policiy -- configure tab_______________________________82 figure 7-26 vpn connections page _________________________________________________83 ...
Page 16
List of figures slm user guide 16 figure 9-4 manage group page - list tab ____________________________________________140 figure 9-5 add slm device page - configure tab______________________________________141 figure 9-6 add slc device page - configure tab______________________________________141 fi...
Page 17
List of figures slm user guide 17 figure 10-1 virtual managed device_________________________________________________190 figure 10-2 managed device groups page - devices tab _______________________________191 figure 10-4 managed device groups page - list tab ___________________________________192 fi...
Page 18
List of figures slm user guide 18 figure 11-30 slm maintenance page _______________________________________________241 figure 11-35 date & time page ____________________________________________________245 figure 11-38 snmp & syslog page _________________________________________________247 figure 11-...
Page 19
Slm user guide 19 list of tables table 3-3 slm led functions ______________________________________________________33 table 3-7 enter network settings ___________________________________________________36 table 3-9 quick setup script _______________________________________________________38 table 3-...
Page 20
List of tables slm user guide 20 table 8-18 exported keys settings _________________________________________________112 table 8-20 manage ssh keys - slc keys tab _______________________________________113 table 8-25 account group - group tab ______________________________________________119 table 8-...
Page 21
List of tables slm user guide 21 table 11-7 search results - ports __________________________________________________218 table 11-9 search by persistent connection __________________________________________219 table 11-11 search by managed device _____________________________________________220 tabl...
Page 22
List of tables slm user guide 22 table 11-80 file management - cfs tab - local directory ______________________________281 table 11-82 file management - logging tab - port logs ________________________________282 table 11-83 file management - logging tab - audit logs _______________________________2...
Page 23: About This Guide
Slm user guide 23 1: about this guide purpose and audience this guide provides the information needed to install, configure, and use the secure lantronix management appliance (slm) which includes the slm-01, slm-02 and the vslm. The slm enables it professionals to remotely and securely configure and...
Page 24
1: about this guide slm user guide 24 additional documentation visit the lantronix website at www.Lantronix.Com/support/documentation for the latest documentation and the following additional documentation. Chapter 11: operation and maintenance explains how the user can search for devices, access no...
Page 25
1: about this guide slm user guide 25 terminology in this user guide, we use the following terms: term definition ethernet device a lantronix or non-lantronix device that the slm discovers on the network. Ethernet devices include: secure lantronix management devices: members of the secure lantronix ...
Page 26
1: about this guide slm user guide 26 figure 1-1 rights of ethernet device group and managed device group to devices.
Page 27: Introduction
Slm user guide 27 2: introduction the secure lantronix management (slm) appliance is a member of the lantronix secure it management family of products. There are three models of slms: the slm-01 and slm-02 which include both the hardware and software and the vslm, or the virtual, software-only versi...
Page 28
2: introduction slm user guide 28 it management application the following diagram shows how a user can perform management activities through the slm. Figure 2-1 slm overview figure 2-2 vslm overview.
Page 29
2: introduction slm user guide 29 firmware the slm firmware has the following features: access to up to 256 devices user and events logging email notification of trap events, log file events, and ethernet down id/password security, configurable access rights ssh and ssl security external authenticat...
Page 30
2: introduction slm user guide 30 slm hardware the hardware included with the slm-01 and slm-02 have the following features: 1u rack mountable two network ports for conventional ethernet network; uses standard rj45-terminated category 5 cables: slm-01: one 10/100base-t and one 10/100/1000base-t conn...
Page 31
2: introduction slm user guide 31 figure 2-5 product information label. Slm-01 and slm-02 package contents in addition to the slm, the box contains the following items: quick start guide null modem db9 serial cable power cord rack slide kit verify and inspect the contents of the slm package using th...
Page 32: Quick Setup
Slm user guide 32 3: quick setup this chapter provides instructions for installing the slm-01 and slm-02, getting it up and running, and entering basic network settings so you can configure and use the slm on a network. For instructions on setting up the vslm, go to chapter 4: virtual slm deployment...
Page 33
3: quick setup slm user guide 33 connecting to a network port the slm's two network ports allow remote access to slcs, slks, and slps and their attached devices and to system administrative functions. Use a standard rj45-terminated category 5 cable to connect to a network port). Notes: slm one 10/10...
Page 34
3: quick setup slm user guide 34 quick network setup this section helps get the ip network port up and running quickly, so you can administer the slm using your network. Your slm must have a unique ip address on your network. The slm receives an ip address in one of three ways: automatically : the f...
Page 35
3: quick setup slm user guide 35 to use detector to set the ip address: 1. Open the detector software. The lantronix detector window opens. Figure 3-4 lantronix detector window 2. From the timeout drop-down menu (in the toolbar), select the number of milliseconds before the search stops. The default...
Page 36
3: quick setup slm user guide 36 figure 3-5 slm detector device list window 4. If the slm has an automatically assigned ip address and you want to change it, select the slm and click the network settings icon. The enter network settings window displays. Figure 3-6 network settings window the device ...
Page 37
3: quick setup slm user guide 37 6. Click ok. A message confirms that your network configuration has been sent. 7. Click ok. 8. To confirm the change, click the search icon and verify that the unit has new network settings. Note: ip address reassignment is only effective if the cli quick setup or we...
Page 38
3: quick setup slm user guide 38 5. Enter the following information at the prompts: note: to accept a default or to skip an entry that is not required, press enter. Table 3-9 quick setup script script description configure port 1 or 2 select one of the following: obtain ip address from dhcp: the uni...
Page 39
3: quick setup slm user guide 39 figure 3-10 completed quick setup quick setup will now step you through configuring a few basic settings. The current settings are shown in brackets (‘[]’). You can accept the current setting for each question by pressing . ____ethernet port and default gateway______...
Page 40
3: quick setup slm user guide 40 2. In the url field, type https:// followed by the ip address of your slm. 3. Log in using sysadmin as the user name and pass as the password. The slm configuration page opens. Figure 3-11 slm home page to enter settings for one network port: note: for slm-01, networ...
Page 41
3: quick setup slm user guide 41 table 3-13 network port settings 3. To save your entries, click apply. Clicking apply commits these changes immediately. Next, enter network gateway information. To enter gateway information: 1. On the network - settings page, click the gateways tab. The following pa...
Page 42
3: quick setup slm user guide 42 2. Enter the following: table 3-15 network gateway settings note: you have configured only the settings required to get the slm up and running. To complete the network configuration, see chapter 7: network and modem settings . To set the local date, time, and time zo...
Page 43
3: quick setup slm user guide 43 table 3-17 date & time 3. To save, click update. To change the administrator password: the default sysadmin password is pass. 1. On the menu, click accounts > administrators > sysadmin. The following page opens: figure 3-18 account page for sysadmin 2. Enter the new ...
Page 44
3: quick setup slm user guide 44 quick setup command admin quicksetup syntax admin quicksetup description displays the quick setup script on the cli; only the sysadmin account can use this command. Next steps after quickly getting the slm up and running, you can complete the configuration on the web...
Page 45: Virtual Slm Deployment
Slm user guide 45 4: virtual slm deployment the virtual secure lantronix management (vslm) appliance is a virtual appliance that runs under a variety of virtual machine managers, including vmware. Vslm can be downloaded from the lantronix website and launched on a desktop or server, and used to admi...
Page 46
4: virtual slm deployment slm user guide 46 5. Start the vm. To deploy the ovf version: 1. Download the vslm-.Ovf.Zip distribution from the lantronix website. 2. Unpack vslm-3.4b.Ovf.Zip for distribution: vslm-3.4b.Ovf/ vslm-3.4b.Ovf/vslm-3.4b-disk1.Vmdk vslm-3.4b.Ovf/vslm-3.4b.Mf vslm-3.4b.Ovf/vslm...
Page 47
4: virtual slm deployment slm user guide 47 to obtain a permanent vslm license, contact lantronix sales at 800-422-7055. You will need to provide the unique signature for your vslm: [sysadmin@slmb1dc]> admin signature show signature: 6f32deb993d767081dada4ff9a2b27c2.
Page 48
Slm user guide 48 5: web and command line interfaces the slm offers two interfaces for configuring the slm: a web interface and a command line interface (cli). This chapter introduces you to both. Web interface a web interface allows the administrator to configure and manage the slm using most web b...
Page 49
5: web and command line interfaces slm user guide 49 typical slm web page the following figure shows a typical web page: figure 5-1 web page layout the web page has the following components: search fields: enable you to search for devices (e.G., slcs, slps, and slks), ports, managed devices, users a...
Page 50
5: web and command line interfaces slm user guide 50 entry fields and options: enable you to enter data and select configuration options. Update button: makes and saves the changes immediately. Reset button: sets field contents to their original values. Message area: displays messages such as update...
Page 51
5: web and command line interfaces slm user guide 51 web page help to view context sensitive information about any slm web page: 1. Click the help tab. A help page opens for the tab you are viewing. The contents and search buttons are above the pane on the left. Figure 5-4 example of a help page to ...
Page 52
5: web and command line interfaces slm user guide 52 logging out of the web interface a logout link is available in the upper right corner of every page. To log out of the slm web interface: 1. Click logout to the right of the search buttons on the slm page banner. Figure 5-5 logout on the page head...
Page 53
5: web and command line interfaces slm user guide 53 b. Enter your slm password and press enter. Note: when securid is enabled, the user must enter the number on the rsa token. Depending on the state of the user, the login page may require a pin number, passcode, or new token code. Commands commands...
Page 54
5: web and command line interfaces slm user guide 54 command help for general command help, type: help for more information about a specific command, type help followed by the command, for example: help set network or type ? After the command: set network ? Tips type enough characters to identify th...
Page 55
5: web and command line interfaces slm user guide 55 cli commands the following commands relate to the cli itself. Set cli terminallines syntax set cli terminallines description sets the number of lines that display in a page for the auditlog, syslog, portlog, traplog, and device list. Default is 20...
Page 56
5: web and command line interfaces slm user guide 56 you must specify connection id (inbound id) to terminate an outbound connection. Use show connection to view the current connections and their id. Examples connect terminate 3 connect terminate 3 outbound 1 description terminates a user connection...
Page 57
Slm user guide 57 6: configuration and operation overview to best use the slm, review the setup and configuration process outlined below before undertaking the tasks detailed in chapters 6-10. Note: throughout this user guide, the term "administrator" means the person using the sysadmin user name an...
Page 58
6: configuration and operation overview slm user guide 58 network settings authentication services (e.G., snmp and syslog, date and time, and maintenance) device management accounts events file management step 4: auto-detect devices the administrator uses auto-detection methods to find lantronix dev...
Page 59
6: configuration and operation overview slm user guide 59 auto-save: the administrator saves the configuration of one slm on another slm. If there is a need, the second slm can "become" the first slm. Configuration save and restore: the administrator saves and restores system configurations, providi...
Page 60: Network and Modem Settings
Slm user guide 60 7: network and modem settings this chapter is primarily for the administrator. It explains how to enter the network configuration, ipv4 filters, and modem settings for the slm using the slm web interface or the cli. If you used a procedure in chapter 3: quick setup to get your unit...
Page 61
7: network and modem settings slm user guide 61 using the web interface after the unit has an ip address, you can configure network parameters that determine how the slm interacts with the attached network and enter the date, time, and timezone. Note: chapter 5: web and command line interfaces descr...
Page 62
7: network and modem settings slm user guide 62 network port(s) notes: on the slm-02, both network ports 1 and 2 are 10/100/1000base-t. Previous versions of the slm have one 10/100base-t and one 10/100/1000base-t network port. One possible use for the two ethernet ports is to have one port on a priv...
Page 63
7: network and modem settings slm user guide 63 ip address if specifying an ip address, enter an ip address that is within a valid range, unique to your network, and in the same subnet mask as your workstation. There is no default. Note: enter all ip addresses in dot quad notation. Subnet mask if sp...
Page 64
7: network and modem settings slm user guide 64 3. Configure up to three name servers, either by entering the ip addresses or by accepting the ip addresses assigned by dhcp: table 7-5 dns servers 4. Enter the following: ethernet bonding ethernet bonding is a way of joining two ethernet interfaces in...
Page 65
7: network and modem settings slm user guide 65 table 7-6 hostname 5. To save your entries, click the update button. Network gateways you can enter network gateway information. To enter gateway information: 1. On the network - settings page, click the gateways tab. The following page opens: figure 7...
Page 66
7: network and modem settings slm user guide 66 2. Enter the following: table 7-8 network gateway 3. To save your entries, click the update button. Keep alive keep alive settings keep tcp connections active and monitor for connections that are no longer active. To enter keep alive settings: 1. Click...
Page 67
7: network and modem settings slm user guide 67 3. To save your entries, click the submit button. Viewing network statistics you can check ethernet counters for the network port(s). To view network statistics: 1. On the network - settings page, click the statistics tab. The following page opens: fig...
Page 68
7: network and modem settings slm user guide 68 figure 7-12 configuration page - password tab 3. Enter the new password and retype fields. 4. Click the update button. Network commands admin quicksetup syntax admin quicksetup description displays the quick setup script on the cli; only the sysadmin a...
Page 69
7: network and modem settings slm user guide 69 description sets the default gateway. Set network host syntax set network host description sets the slm hostname. Set network port syntax set network port parameters state [ipaddr mask ] mode [ipfilter ] clear removes the ip filter assignment. Descript...
Page 70
7: network and modem settings slm user guide 70 ipv4 filters warning: ipv4 filters configuration is a feature for advanced users. Adding and enabling ipv4 filter sets incorrectly can disable your slm. Ipv4 filters act as a firewall to allow or deny individual or a range of ip addresses, ports, and p...
Page 71
7: network and modem settings slm user guide 71 figure 7-14 new ipv4 filter definition - configure tab note: a new filter set is initialized with a rule to allow all established tcp connections. You may remove this rule from your filter set, but do so with caution as loss of connectivity may result....
Page 72
7: network and modem settings slm user guide 72 3. Click the right arrow button to add the new rule to the bottom of the list box on the right, or click the add filter button to add a predefined rule to the bottom of the list box. 4. To remove a rule from the filter set, highlight that line and clic...
Page 73
7: network and modem settings slm user guide 73 figure 7-16 ipv4 filter - configure tab 2. To delete a filter: note: you may not delete a filter set currently referenced by a network interface or a modem. A. Click the delete button. B. In response to the request for confirmation, click ok. C. Click ...
Page 74
7: network and modem settings slm user guide 74 viewing the system ipv4 filter sets the administrator may view a list of all ipv4 filter sets (user and system) or an individual ipv4 filter set. To view all filter sets: 1. On the menu, click ipv4 filters. The list tab displays. 2. Click the show tab....
Page 75
7: network and modem settings slm user guide 75 setting properties of an ipv4 filter for ipv4 filters to be in effect, the enable ipv4 filters check box must be selected on the properties tab. To enable and test the ipv4 filter: 1. On the menu, click ipv4 filters. The ipv4 filter definitions page di...
Page 76
7: network and modem settings slm user guide 76 4. To save, click the submit button. 5. In response to the confirmation request, click ok. A confirmation message displays in the message area. Note: to determine whether the ipv4 filter is still in test mode, when the test mode was started, and how lo...
Page 77
7: network and modem settings slm user guide 77 description deletes all references to filters. Set ipfilter delete interactive syntax set ipfilter delete interactive description deletes ipv4 filters by interactive mode. Set ipfilter name delete note: type show ipfilter name or show ipfilter index to...
Page 78
7: network and modem settings slm user guide 78 examples show ipfilter show ipfilter name myfilter show ipfilter index 2 description displays ipv4 filter information. Show iptables syntax show iptables description displays all ip filtering rules for all chains. Ipsec management internet protocol sec...
Page 79
7: network and modem settings slm user guide 79 2. View the list of policies and associated information: table 7-22 ike policy exchange information ike policy setting description name name identifying the ike policy. Gateway type ipv4 or ipv6 type of address. Authentication method of verifying data ...
Page 80
7: network and modem settings slm user guide 80 adding an ike policy: the administrator can add an ike policy. To add a new ike policy: 1. On the list tab, click the add new policy button. The configure tab displays. Figure 7-23 add internet key exchange policy page 2. Enter the following informatio...
Page 81
7: network and modem settings slm user guide 81 3. To save your entries, click the submit button. Local peer id type from the drop-down list, select the method of filtering incoming data. Ipv4 : internet protocol version 4 ipv6 : internet protocol version 6 fqdn : fully qualified domain name user em...
Page 82
7: network and modem settings slm user guide 82 updating or deleting an ike policy the administrator can update or delete ike policies. To update or delete a policy: 1. On the list tab, click the edit icon to the left of the policy. The configure tab displays. Figure 7-25 internet key exchange polic...
Page 83
7: network and modem settings slm user guide 83 vpn connections the administrator can view, add, or update one or more virtual private networks (vpns). Each vpn must reference an ike policy. You can only delete an ike policy that is not referenced by a vpn. Viewing a list of vpns the administrator c...
Page 84
7: network and modem settings slm user guide 84 adding a vpn administrators may add vpns. 1. On the list tab, click the new vpn connection button. The configure tab displays. Table 7-28 add vpn connection settings encrypt algorithm method of encrypting data, in ascending order of security level prov...
Page 85
7: network and modem settings slm user guide 85 2. To save, click the submit button. Updating or deleting a vpn to update or delete a vpn: 1. On the list tab, click the edit icon to the left of the policy. The configure tab displays. Figure 7-29 vpn connection -- configure tab 2. To delete a vpn: a....
Page 86
7: network and modem settings slm user guide 86 connecting a vpn to connect a vpn: 1. On the list tab, click the edit icon to the left of the vpn. The vpn connection page displays. 2. Make sure you have updated the connection. 3. Select the active checkbox (if not already selected). 4. Click the con...
Page 87
7: network and modem settings slm user guide 87 figure 7-30 modems page 2. View the following information about each modem: table 7-31 modem - list tab 3. To disconnect a connection, select its check box and click the disconnect button. Configuring a modem the administrator can configure the modem f...
Page 88
7: network and modem settings slm user guide 88 figure 7-32 modem page - configure tab 2. Enter the following information: note: in most cases, you do not need to change these settings. Table 7-33 modem - configure tab 3. To save, click the update button. A confirmation message displays. Modem setti...
Page 89
7: network and modem settings slm user guide 89 enabling or disabling dial-in connections the system administrator can enable the modem to answer incoming calls and can set the mode to use when establishing these connections. To enable or disable dial-in connections to a modem: 1. Click the dial in ...
Page 90
7: network and modem settings slm user guide 90 figure 7-36 modem profiles - list tab 2. View the following information about each connection: table 7-37 modem profile - list tab adding a profile the administrator can define a text or ppp profile for use by an appropriate modem in the system. To add...
Page 91
7: network and modem settings slm user guide 91 1. On the menu, click configuration > network settings > modem management > modem profiles , and then click the add new profile button. The following page opens: figure 7-38 new profile-configure tab 2. Enter the following information: table 7-39 new p...
Page 92
7: network and modem settings slm user guide 92 table 7-40 new profile - configure tab - text mode table 7-41 new profile - configure tab - ppp mode text mode setting description dial-back only select to grant a local user dial-back access. Users with dial-back access can dial into the slm and enter...
Page 93
7: network and modem settings slm user guide 93 updating and deleting a profile the administrator can update or delete profiles. To update or delete a modem profile: 1. On the menu, click configuration > network settings > modem management > modem profiles , and then click the edit icon to the left ...
Page 94
7: network and modem settings slm user guide 94 prior to discovery of the modem; refer to the documentation for your virtualization manager for instructions on connecting a usb device to a vm. To "discover" a usb modem: 1. On the menu, click configuration > network settings > modem management > mode...
Page 95
7: network and modem settings slm user guide 95 clear removes the dial account assignment. Disable disables dial-in. Enable enables dial-in ipfilter ipfilter clear removes the ipfilter assignment. Description configures a currently loaded modem. Show modem syntax show modem description displays all ...
Page 96
7: network and modem settings slm user guide 96 set dialaccount add parameters modemmode if you select text, all other parameters except timeout are ignored. Localipaddr remoteipaddr auth username password nat default is 20. Description creates a new dial account. Set dialaccount delete syntax set d...
Page 98
7: network and modem settings slm user guide 98 syntax show dialaccount mapping description shows dial account used by dial-in and dial-out..
Page 99: User Management
Slm user guide 99 8: user management this chapter is primarily for administrators, who configure authentication methods, add, update, and delete accounts and account groups, and grant account and account group permissions. By default, local authentication is enabled and is the first method the slm u...
Page 100
8: user management slm user guide 100 to enable, disable, and set the precedence of authentication methods: 1. On the menu, click configuration > authentication. The following page opens: figure 8-1 user authentication - configure tab 2. To enable a method currently in the disabled methods list, sel...
Page 101
8: user management slm user guide 101 3. To disable a method currently in the enabled methods list, select the method and click the right arrow between the lists. 4. To set the order in which the slm will authenticate users, click the up and down arrows to the left of the enabled methods list. 5. To...
Page 102
8: user management slm user guide 102 to configure the slm to use nis to authenticate users: 1. On the menu, click configuration > authentication > nis. The following page opens. Figure 8-3 nis authentication page - configure tab 2. Enter the following: table 8-4 nis authentication - configure tab 3...
Page 103
8: user management slm user guide 103 ldap the administrator can configure the slm to use ldap to authenticate users attempting to log in to the slm through the web interface, ssh public key, telnet, or the console port. Ldap allows slm users to authenticate using a wide variety of ldap servers, suc...
Page 104
8: user management slm user guide 104 2. Enter the following: table 8-6 ldap authentication settings 3. To save, click the update button. A confirmation message displays. Ldap authentication setting description server the ip address or host name of the ldap server. Base the name of the ldap search b...
Page 105
8: user management slm user guide 105 radius the administrator can configure the slm to use radius to authenticate users attempting to log in to the slm through the web interface, ssh public key, telnet, or the console port. Note: for a user to log in remotely using radius, the user's account must h...
Page 106
8: user management slm user guide 106 2. Enter the following: table 8-8 radius authentication settings 2. To save, click the update button. When the update is complete, a confirmation message displays. Kerberos kerberos is a network authentication protocol that provides strong authentication for cli...
Page 107
8: user management slm user guide 107 to configure the slm to use kerberos to authenticate users: 1. On the menu, select configuration > authentication > kerberos. The following page opens. Figure 8-9 kerberos authentication page - configure tab 2. Enter the following: table 8-10 kerberos authentica...
Page 108
8: user management slm user guide 108 tacacs+ similar to radius, the main function of tacacs+ is to perform authentication for remote access. The slm supports the tacacs+ protocol (not the older tacacs or xtacacs protocols). The administrator can configure the slm to use tacacs+ to authenticate user...
Page 109
8: user management slm user guide 109 securid securid is a two-factor authentication method based on a securid token and a pin number. An analogous two-factor authentication method is an atm card combined with a pin number. The securid token displays a string of digits called a token code that chang...
Page 110
8: user management slm user guide 110 3. To save, click the submit button. Ssh keys the slm can import and export ssh keys to facilitate shared key authentication for all incoming and outgoing ssh connections. By using a public/private key pair, a user can access multiple hosts with a single passphr...
Page 111
8: user management slm user guide 111 to configure the slm to use ssh keys to authenticate users: 1. On the menu, select configuration > authentication > ssh keys. The following page opens. Figure 8-15 manage ssh keys - slm keys tab 2. To the right of the submit button, click import or export to ind...
Page 112
8: user management slm user guide 112 table 8-17 imported key settings exported keys (ssh out) table 8-18 exported keys settings 4. Click the submit button. The keys display in the list below. 5. To view a user's key, select the user and click the view button. 6. To delete a user's key, select the u...
Page 113
8: user management slm user guide 113 figure 8-19 manage ssh keys - slc/slb keys tab 2. Enter the following information: table 8-20 manage ssh keys - slc keys tab 3. Click the add key button. The key information (except the key itself) displays in the table on the top of the page. 4. To view the key...
Page 114
8: user management slm user guide 114 copy keys if your slm is set up with dual booting, you can move ssh keys from one boot partition to another. To copy a key: 1. On the menu, select configuration > authentication > ssh keys, and then click the copy keys tab. Figure 8-21 manage ssh keys - copy key...
Page 115
8: user management slm user guide 115 authentication can occur using all methods, in the order of their precedence, until a successful authentication is obtained, or using only the first authentication method that responds (in the event that a server is down). Note: if securid is used, no other para...
Page 116
8: user management slm user guide 116 port1 secret1 server2 port2 secret2 description configures the slm to use radius to authenticate users who login to the slm via ssh, telnet, the web, or the console port. Set sshkey delete syntax set sshkey delete keyuser keyhost description deletes an imported ...
Page 117
8: user management slm user guide 117 description displays all radius information. Show sshkey import syntax show sshkey import parameters [keyuser ] [keyhost ] [viewkey ] description displays imported ssh keys. Account groups the administrator organizes accounts into account groups to simplify the ...
Page 118
8: user management slm user guide 118 viewing account groups administrators can view account groups. To view account groups: 1. On the menu, click accounts. The following page opens: figure 8-22 account groups page - accounts tab 2. Click the members tab. A list of existing account groups displays. ...
Page 119
8: user management slm user guide 119 table 8-25 account group - group tab 3. To save, click the add button. A confirmation message displays and the new group displays in the accounts menu tree. 4. To display the list of account groups, click accounts on the menu. The new group is on the list. Updat...
Page 120
8: user management slm user guide 120 the administrator sets parameters for passwords that apply to all accounts. 1. On the account groups page, click the passwords tab. Figure 8-27 account groups page - passwords tab 2. Enter the following information: table 8-28 password requirement settings passw...
Page 121
8: user management slm user guide 121 3. To save, click the update button. When the update is complete, a confirmation message displays. Assigning account group device rights accounts inherit the device rights of the account group to which they belong. Administrators can add or remove permission to ...
Page 122
8: user management slm user guide 122 figure 8-30 ethernet device account group - assign tab this tab displays two lists: permission enabled and permission disabled. Note: you can use ctrl+click to select multiple devices from these lists. 3. To enable access to a device listed in permission denied,...
Page 123
8: user management slm user guide 123 figure 8-32 managed device account group - assign tab 3. To enable permission to read from and write to a managed device connected to an ethernet device port, select it from the permission disabled list and click the top left arrow. The device displays in the co...
Page 124
8: user management slm user guide 124 figure 8-33 account groups - connections tab 2. View the following information: table 8-34 inbound connections table 8-35 outbound connections 2. To terminate a session, select the check box for the inbound or outbound session(s) and click the terminate button. ...
Page 125
8: user management slm user guide 125 parameters [menu description creates a local account group. Group type is administrators, ethernet, managed, or menu user. Set accountgroup edit syntax set accountgroup edit parameters [name ] [menu description modifies an account group. Group type is administra...
Page 126
8: user management slm user guide 126 note: only functions and devices for which the user has rights display in that user's menu on the web interface or on the cli. Viewing accounts 1. On the menu, click accounts. The accounts tab on the account groups page displays a list of authenticated users wit...
Page 127
8: user management slm user guide 127 3. Click the edit icon to the left of a user. The following page opens: figure 8-38 account page - configure tab adding an account to the administrators account group the sysadmin account can add other administrators to the administrators group, assigning a user...
Page 128
8: user management slm user guide 128 figure 8-39 administrator account group - accounts tab 2. Click the add account button at the bottom of the table. The following page opens: figure 8-40 add new account to group - configure tab 3. Enter the following information: table 8-41 add new account to gr...
Page 129
8: user management slm user guide 129 table 8-42 add new account to group - configure tab - permissions 4. To save, click the add button. A confirmation message displays, and the account displays in the administrators group on the menu tree. 5. Click administrators on the menu tree. The account grou...
Page 130
8: user management slm user guide 130 to add an account to an ethernet device, managed device, or menu only account group: note: in this section, we use the example of an ethernet account. 1. On the menu, select the account group. 2. Click the add account button at the bottom of the table. The follo...
Page 131
8: user management slm user guide 131 4. To save, click the add button. A confirmation message displays. 5. Click the account group name on the menu tree. The account displays in the list of accounts and in the list on the accounts tab. Updating or deleting an account administrators can edit the pas...
Page 132
8: user management slm user guide 132 figure 8-45 manage account - configure tab 2. To update the account: a. Make changes as desired. B. Click the update button. 3. To remove the account from the account group: a. Click the delete button. B. In response to the confirmation request, click ok. A mess...
Page 133
8: user management slm user guide 133 set account delete syntax set account delete description deletes a user account. Set account edit syntax set account edit group parameters [email ] [auth [allowdialback ] [dialbacknumber ] [allowpwchange ] [pwneverexpires ] [changepwnextlogin ] description modif...
Page 134
8: user management slm user guide 134 note: type show account all to display the index. Syntax show account index description displays accounts by index number. Show account search syntax note: all searches are case insensitive. Show account search name show account search email examples show accoun...
Page 135: Ethernet Device Management
Slm user guide 135 9: ethernet device management the slm device database contains information about slcs and other secure lantronix management devices (slks, slps, and other slms) connected on the network. It may also contain information about other lantronix and even non-lantronix devices on the ne...
Page 136
9: ethernet device management slm user guide 136 2. Enter the following information: notes: the maximum range of ip addresses to enter is 64k entries. We strongly recommend that you break the intended discovery range into several smaller ranges, to speed up the discovery process. The discovery proce...
Page 137
9: ethernet device management slm user guide 137 3. To add an entry to the current search list, click the right arrow. 4. To remove an entry from the current search list, select the entry and click the delete button. 5. After defining all the searches, click the search button. 6. If desired, check t...
Page 138
9: ethernet device management slm user guide 138 description deletes one of the current auto-detect search filters. Admin autodetect filter ltrx syntax admin autodetect filter ltrx [timeout milliseconds>] example ip range: 192.168.0.1-192.168.0.155 timeout 1500 timeout: default is 1000 ms; range is ...
Page 139
9: ethernet device management slm user guide 139 description sets snmp protocol search filters. Admin autodetect start syntax admin autodetect start parameters [securechannel ] [option } ltrxonly detects only lantronix devices delnonltrx detects only lantronix devices and removes existing non-lantro...
Page 140
9: ethernet device management slm user guide 140 figure 9-3 all ethernet devices page - list tab note: you can sort tables in slm by clicking the text in the column header by which you want to sort. For example, to sort by name, click name. Click the same header again to change between ascending and...
Page 141
9: ethernet device management slm user guide 141 adding a device manually if you know there is a new device on the network, or for some reason, the slm does not auto- detect a device, the administrator can manually add it. To add a device: note: ethernet device pages may differ slightly, depending o...
Page 142
9: ethernet device management slm user guide 142 figure 9-7 add slk device page - configure tab figure 9-8 add slp device page - configure tab.
Page 143
9: ethernet device management slm user guide 143 figure 9-9 add spider device page - configure tab figure 9-10 add other lantronix device page - configure tab.
Page 144
9: ethernet device management slm user guide 144 figure 9-11 add non lantronix device page - configure tab 3. Enter the following as required by the device type: table 9-12 manually added new device details new device setting description name (required) name that identifies the device. Mac address (...
Page 145
9: ethernet device management slm user guide 145 4. Click the add button. 5. Click ethernet devices and then the device group (e.G., slc) to which you added the device. The added device displays at the end of the list and on the menu tree. Updating or deleting ethernet device settings the administra...
Page 146
9: ethernet device management slm user guide 146 figure 9-13 update slc device page - configure tab note: see connecting to ethernet and managed devices (on page 224) for instructions on how to use the active connect buttons. 2. Add or update information as desired. In addition to the fields describ...
Page 147
9: ethernet device management slm user guide 147 2. Click the update button. When the update is complete, a confirmation message displays. To delete the device: 1. Click the delete button. 2. In response to the request for confirmation, click ok. A blank device page opens. 3. Click ethernet devices ...
Page 148
9: ethernet device management slm user guide 148 access any device using any valid protocol with a single mouse click to take advantage of this feature, the user must first determine the physical makeup of the machine room to be managed. How many rows of racks are there? How many clusters exist with...
Page 149
9: ethernet device management slm user guide 149 assigning devices to racks once the racks have been configured, you may now assign the ethernet devices to their respective racks. Click on the assign tab. The ethernet device assignment page shows: figure 9-16 device locator - assign tab on the left ...
Page 150
9: ethernet device management slm user guide 150 viewing ethernet device and rack locations to take advantage of your newly defined machine room, click on the view tab: figure 9-17 device locator - view tab note that racks that are populated a rendered in a pale yellow, rather than the gray of an em...
Page 151
9: ethernet device management slm user guide 151 to list existing persistent connections to a device: 1. On a specific device page, click the percons tab. A list of existing persistent connections displays. Note: you may view all persistent connections to which you have rights by performing a search...
Page 152
9: ethernet device management slm user guide 152 figure 9-19 device page - persistent connection.
Page 153
9: ethernet device management slm user guide 153 to add a persistent connection to a device: 1. On the percons list page, click the add new persistent connection button. The add persistent connection page displays. Figure 9-20 add persistent connection 2. Enter the following information: table 9-21 ...
Page 154
9: ethernet device management slm user guide 154 3. Click the submit button. A confirmation message displays, and the persistent connection displays below the list of the ethernet device's ports on the menu tree. Connection enabled clear this box to define the persistent connection, but not to initi...
Page 155
9: ethernet device management slm user guide 155 to update a persistent connection to a device: 1. On the perscon tab, click the edit icon to the left of the desired connection, or on the menu tree, click the name of the desired connection (below the list of ports for a device). The perscon page dis...
Page 156
9: ethernet device management slm user guide 156 polling only administrators with allow device management set on their account page can access the global polling page. Any administrator or ethernet device user with rights to an ethernet device can change the "poll flag" for the device. This poll fla...
Page 157
9: ethernet device management slm user guide 157 4. To save, click the update button. A confirmation message displays. Slc/slb local connections slc/slb serial connections may be monitored and terminated directly from the slm. On the device page for an slc/slb, simply click on the localcons tab. Tha...
Page 158
9: ethernet device management slm user guide 158 device modem the modem tab allows you to define modem connectivity between the slm and the ethernet device. This can included a ppp profile definition for the slm to use to communicate with the device if the ethernet connection should become severed, ...
Page 159
9: ethernet device management slm user guide 159 - the modem connect button establishes a ppp connection between the slm and the remote ethernet device. It is used when there is a network interruption and the slm needs to contact the ethernet device. Click this button to establish the connection man...
Page 160
9: ethernet device management slm user guide 160 2. From the device session drop-down list, select the log you want to view. 3. Click the view button. The contents of the log display on the display tab. 4. To view an slc or slb audit log, select the audit log from the slc/slb drop-down list and clic...
Page 161
9: ethernet device management slm user guide 161 figure 9-30 all ethernet devices page -- traps tab 2. Review the following information: table 9-31 trap settings to clear or export a trap log: 1. On the top part of the page, enter the following: table 9-32 clear or export trap log settings ethernet ...
Page 162
9: ethernet device management slm user guide 162 2. Click the update button. 3. To clear the table, click the clear trap table button. Properties (ethernet device menu tree) the system administrator can control the display of ethernet device folders in the tree menu. To configure the ethernet device...
Page 163
9: ethernet device management slm user guide 163 4. To save, click the submit button. Port access the port access tab is available for slcs, slbs, slps, spiders and uds/sdss and provides the following: slcs : connection to serial ports. Slbs : connection to serial ports and access to the port page f...
Page 164
9: ethernet device management slm user guide 164 figure 9-36 manage slb group - port access tab color-coded numbered squares represent the ports: - green = serial ports - red = power port on - blue = power port off - gray = power port state unknown (the device may not be responding) 3. You have the ...
Page 165
9: ethernet device management slm user guide 165 figure 9-37 manage slp group - port access tab color-coded numbered squares represent the ports: - blue = power port off - red = power port on - grey = power state unknown (device may not be responding) 3. Click the port whose port page you want to op...
Page 166
9: ethernet device management slm user guide 166 figure 9-38 manage spider group - port access tab 3. Click the screen image to open a spider kvm session to that device. To refresh the port access tab: 1. You have two options: - to refresh the port information automatically every two minutes, select...
Page 167
9: ethernet device management slm user guide 167 figure 9-39 manage uds/sds group - port access tab to have the slm connect two uds/sds ports automatically: 1. Select device 1 from the drop down list. 2. Select the serial port for device 1. 3. Select device 2 from the drop down list. 4. Select the s...
Page 168
9: ethernet device management slm user guide 168 figure 9-40 all ethernet devices page - passwords tab 2. Enter the following: table 9-41 settings to update passwords in bulk 3. Click the update button. A confirmation message displays. Password setting description login enter the login currently use...
Page 169
9: ethernet device management slm user guide 169 changing snmp settings for slc, slb and slps in bulk for security reasons, some companies change snmp communities frequently. The administrator can change the snmp communities for multiple devices at the same time. To change the snmp communities of an...
Page 170
9: ethernet device management slm user guide 170 slm proxy the slm can act as a proxy server, allowing users outside the internal network to connect to devices securely through the slm. You can set most devices to connect through the slm. The slm proxy feature is not limited to connections between t...
Page 171
9: ethernet device management slm user guide 171 ethernet device commands set ethernetdevice assign syntax set ethernetdevice assign group [remove] description assigns or removes permissions for an ethernet device by name. Set ethernetdevice config syntax set ethernetdevice config parameters> parame...
Page 172
9: ethernet device management slm user guide 172 syntax set ethernetdevice port portnumber number> parameters [name ] [state ] (available for slp, slb and spider duo only) powers ethernet device port on or off. Examples to power up slp outlet 2: set eth port slp-sunset po 2 state on you may specify ...
Page 173
9: ethernet device management slm user guide 173 description displays all ethernet devices viewable by the specified user account. Show ethernetdevice accountgroup syntax show ethernetdevice accountgroup description displays all ethernet devices viewable by users whose accounts belong to the specifi...
Page 174
9: ethernet device management slm user guide 174 description displays ethernet devices by index. Show ethernetdevice port syntax show ethernetdevice port all show ethernetdevice port portnumber description finds an ethernet device using device name or ip address and displays port information. Show e...
Page 175
9: ethernet device management slm user guide 175 [eoltranslation ] description creates a new persistent connection set persistent edit syntax set persistent edit parameters [ethernetdevice ] [protocol ] [logging ] [managed ] [active ] parentlogin ] [login ] [password ] [prompt ] [application ] [esca...
Page 176
9: ethernet device management slm user guide 176 the following device may be the name of an ethernet device or the name of a managed device. Persistent connections automatically belong to managed devices that have an ethernet device component that has persistent connections defined. Description disp...
Page 177
9: ethernet device management slm user guide 177 syntax show traplog group [index ] group name: slm, slc, slk, slp, scs, scsx, slb, spdr, wibox, uds, eds, edsmd, xport, pwave, other, non description displays the current trap log information for an ethernet device group by index number. Show traplog ...
Page 178
9: ethernet device management slm user guide 178 show traplog index 3 top 10 displays the first 10 lines of index 3 from the top. Show traplog index 3 tail 15 displays the last 15 lines of index 3 from the tail. Show traplog index 3 lastminutes 5 displays the lines in index 3 from the last 5 minutes...
Page 179
9: ethernet device management slm user guide 179 viewing a list of ports you can view a list of all ports on any ethernet device that has ports (e.G., slc, slk, slp, etc). To view port information: 1. On the device page for the ethernet device, click the ports tab. The following page opens. Figure 9...
Page 180
9: ethernet device management slm user guide 180 adding a port administrators and ethernet device users with rights to a device may add ports to that device. This is useful when a device does not automatically report port information. To add a port: notes: the example below shows how to add an slc p...
Page 181
9: ethernet device management slm user guide 181 figure 9-47 new slc port page - configure tab note: the connection buttons on the right are inactive until you save the port. See connecting to ethernet and managed devices (on page 224) for instructions on using the buttons.) 2. Enter the following i...
Page 182
9: ethernet device management slm user guide 182 table 9-49 new port - configure tab - data settings log time frame for slc v3.1 and later v3.X (but not v4.0): the maximum time frame in hours before a new log file is created. The default setting is 1 hour. For slc v4.0 and later: the maximum time fr...
Page 183
9: ethernet device management slm user guide 183 table 9-50 new port - configure tab - hardware signal triggers table 9-51 new port - configure tab - ip settings 2. Click the add button. A confirmation message displays, and the port is now listed below the ethernet device on the menu tree. Updating ...
Page 184
9: ethernet device management slm user guide 184 figure 9-52 port page - configure tab note: the page below shows and slc port. Devices other than the slc do not display as much information. 2. Click the delete button. 3. In response to the request for confirmation, click ok. A message confirming th...
Page 185
9: ethernet device management slm user guide 185 connecting directly to the port of an slc or slb you can get quick secure channel access to any port on any slc (or slb). To gain quick secure channel access to an slc port: 1. On the manage slc group page, click the port access tab. The following pag...
Page 186
9: ethernet device management slm user guide 186 statistics users authorized to view or interact with the port may view status and statistics about it. To view port status and statistics: 1. On the port page, click the statistics tab. The following page opens: figure 9-56 port page -- statistics tab...
Page 187
9: ethernet device management slm user guide 187 figure 9-57 slp's device page -- ports tab 2. Select the ports whose power you want to power on, power off, or cycle. 3. From the drop-down list at the bottom of the page, select the action you want to take (power on, power off , or cycle power). 4. C...
Page 188
9: ethernet device management slm user guide 188 note: the slc enables you to view three types of logs, while other devices enable you to view only the current session. Table 9-59 port - logs tab 3. Click the view button. The log displays on the display tab. Port commands set ethernetdevice port syn...
Page 189
9: ethernet device management slm user guide 189 parameters note: search entries are not case sensitive. [name ] [portnumber ] examples show ethernetdevice search port name waimea-port show ethernetdevice search port name waimea portnumber 2 description displays all ports that match the criteria ent...
Page 190: 10: Managed Devices
Slm user guide 190 10: managed devices the slm can treat any device connected to a port or connected to the local network as a managed device. Furthermore, multiple managed device objects in the system may be fused into a single managed device to streamline managed device operations and access. For ...
Page 191
10: managed devices slm user guide 191 to create individual managed devices and fuse individual devices into a virtual managed device, you have the following options: on the port or device page: create a new managed device or fuse a new managed device into an existing managed device. On the ports pa...
Page 192
10: managed devices slm user guide 192 viewing managed device groups you can view a list of all the managed device groups and view devices by group. To view a list of managed device groups: on the menu, click a device under managed devices, and then click the list tab. The following page opens: figu...
Page 193
10: managed devices slm user guide 193 figure 10-5 managed device group page - list tab 2. View the information about each device: adding a managed device group the administrator creates custom groups of managed devices and then assigns individual devices to the groups. For example, a group might in...
Page 194
10: managed devices slm user guide 194 figure 10-7 managed device group page - configure tab to update a managed device group: 1. Change the name of the group and click the update button. A confirmation message displays. To remove the managed device group: note: you can only delete a managed device ...
Page 195
10: managed devices slm user guide 195 table 10-9 managed device groups - polling 3. To save the settings, click the update button. Managed device group commands show manageddevice all syntax show manageddevice all show manageddevice description displays information about all managed devices. Show m...
Page 196
10: managed devices slm user guide 196 note: this example shows multiple connections being managed. Figure 10-10 managed device page -- connect tab an icon bar contains a series of icons representing the types of connections the slm can make to managed devices. Buttons above or below the icons enabl...
Page 197
10: managed devices slm user guide 197 2. To identify the port or device on the device server to which the managed device is connected, move the pointer over the icon. 3. To go directly to the port or device page, click the icon. Note: a drop-down list of persistent connections may display below the...
Page 198
10: managed devices slm user guide 198 from a port you can create a managed device from a port on a lantronix device server such as an slc, slk, slp, scs05/20, or scsxx00. The managed device represents the physical device connected to the port. To create a managed device from a port: 1. On the menu,...
Page 199
10: managed devices slm user guide 199 figure 10-13 link to a managed device page - configure tab 4. On the menu, click the name of the new managed device. The managed device page connect tab displays the available connection buttons for the serial connection. Figure 10-14 managed device page - conn...
Page 200
10: managed devices slm user guide 200 figure 10-15 device page - ports tab 2. Select the check box for one or more ports on the slc that will be connected to serial devices. 3. From the drop-down list box at the bottom of the page, select create managed devices. 4. From the for checked ports drop-d...
Page 201
10: managed devices slm user guide 201 from an ethernet device administrators and permitted users can create a managed device from any auto-discovered or manually added ethernet device, such as a server or a switch, and assign it to a managed device group. To create a managed device from an ethernet...
Page 202
10: managed devices slm user guide 202 fusing managed devices while the slm can communicate with a device connected to a port of a lantronix device server (e.G., an slc, slk, or scs05/2) individually, it is often more convenient to communicate from a single web page to a virtual managed device compo...
Page 203
10: managed devices slm user guide 203 the managed device field now displays as a link to the virtual managed device, which has the name of the original managed device. A defuse button displays to the right of the link. Click the button to remove this port from the managed device. If the port was th...
Page 204
10: managed devices slm user guide 204 name of the original managed device. The virtual managed device has taken the name of the existing managed device and still displays in the managed device group. A defuse button displays to the right of the link. Click the button to remove this device from the ...
Page 205
10: managed devices slm user guide 205 4. In response to the confirmation request, click ok. The page redisplays: figure 10-22 managed device group page - list tab (after fusion) the components of the virtual managed device now display on the same row, and a message in the message area confirms the ...
Page 206
10: managed devices slm user guide 206 configuring a modem connection to a managed device it is useful to enable the slm to connect over the telephone should a network connection fail. This is possible if, for example, the slm has an internal or a physically connected modem, and a managed device suc...
Page 207
10: managed devices slm user guide 207 configuring a managed device the administrator and permitted users can configure a managed device. To configure a managed device: 1. On the menu, click the name of the managed device, and then click the configure tab. The following page opens: figure 10-27 mana...
Page 208
10: managed devices slm user guide 208 updating or deleting a managed device the administrator and permitted users can update or delete a managed device. To update a managed device: 1. On the menu, click the managed device. The following page opens: figure 10-30 managed device - configure tab 2. Add...
Page 209
10: managed devices slm user guide 209 set manageddevice config syntax set manageddevice config parameters name powerport state ] [dialout modem to set modem parameters, you must specify the dial-out option. Disconnect modem delete phonenumber ] application ] examples set ma config port-1 name waime...
Page 211
10: managed devices slm user guide 211 description deletes an existing managed device group. The group must be empty. Show device syntax show device note: entries are not case sensitive. Description searches for and displays ethernet or managed devices by device name. For example, if you specify nam...
Page 212
10: managed devices slm user guide 212 show manageddevice index note: type show manageddevice all to display index. Syntax show manageddevice index description displays managed devices by index. Show manageddevice list syntax show manageddevice list description displays all managed devices in short ...
Page 213
10: managed devices slm user guide 213 description finds a managed device-by-device name and modifies device parameters. Set manageddevice index note: type show manageddevice all to display index. Syntax set manageddevice index parameters name powerport state ] (slp, slb and spider duo only) example...
Page 214
Slm user guide 214 11: operation and maintenance depending on permissions, the typical user employs slm to: search for slcs and other ethernet devices, ports, and managed devices. Connect by browser, ssh, or secure channel to secure lantronix management devices and to the managed devices connected t...
Page 215
11: operation and maintenance slm user guide 215 to view or make changes to any item returned in a search, click the edit icon in the leftmost column. (if the search returns the item, you have rights to edit it.) to clear the search fields, click the reset button. To re-sort the list (e.G., alphabet...
Page 216
11: operation and maintenance slm user guide 216 figure 11-3 example of a search by “eds” ethernet device the following information (if available) displays for each device retrieved by the search: table 11-4 device search results device setting description name name of the device (e.G., slc 4.0). Ip...
Page 217
11: operation and maintenance slm user guide 217 the search results - devices page opens, listing all devices that meet the search criteria that you have permission to see. Search for ports to search for a port, you can use two criteria. To search for a port: 1. From the table drop-down list at the ...
Page 218
11: operation and maintenance slm user guide 218 figure 11-6 example of a search by port the following information (if available) displays for each port retrieved by the search that you have permission to see: table 11-7 search results - ports 4. The search results - ports page opens, listing all po...
Page 219
11: operation and maintenance slm user guide 219 search for persistent connections you can search for persistent connections to which you have rights. To search for persistent connections: 1. From the table drop-down list at the top of any page, select persistent connection. 2. From the field drop-d...
Page 220
11: operation and maintenance slm user guide 220 2. From the field drop-down list, select name and the corresponding value. If you omit the value, the search returns all managed devices. 3. Click the search button. The search results - devices page opens, listing all managed devices that meet the se...
Page 221
11: operation and maintenance slm user guide 221 2. From the field drop-down list, select one of the following search fields and enter the corresponding value. If you omit the value, the search returns all devices. Note: searches are not case sensitive. Table 11-12 search for users 3. Click the sear...
Page 222
11: operation and maintenance slm user guide 222 using wildcards you can use sql wildcards when conducting a search: use the percent sign (%) to match zero or more instances of any character. Use the underscore (_) to match any one character. Note: the slm search automatically appends a percent sign...
Page 223
11: operation and maintenance slm user guide 223 description displays accounts that match the email address entered. Show account search name syntax show account search name examples show account search name sys displays all accounts whose name starts with "sys." description displays accounts that m...
Page 224
11: operation and maintenance slm user guide 224 show manageddevice search syntax show manageddevice search parameters note: search entries are not case sensitive. [name ] example show manageddevice search name waimea-port description displays all ports that match the criteria entered. Connecting to...
Page 225
11: operation and maintenance slm user guide 225 managed devices - connection methods the following table shows the methods available for connecting to a managed device. Table 11-17 methods of connecting to managed devices browsing to an ethernet or managed device's web page users can browse directl...
Page 226
11: operation and maintenance slm user guide 226 some non-lantronix devices (notably the avocet dsr1022) require ie 7 to support the browsing feature (from slm to other device). To access the ethernet device's web page interface: 1. On the device page, click the browse http or browse https button. 2...
Page 227
11: operation and maintenance slm user guide 227 3. If prompted, enter your current sysadmin password for the slc. 4. Configure or manage the device as directed by the product's user guide or online help. Following is a list of error codes that may display: table 11-19 secure channel error codes mak...
Page 228
11: operation and maintenance slm user guide 228 if the newly received host key does not match the key in the known_host file, then the user receives a warning that they do not match and is asked whether to replace the old host key information with the new key. (there could be someone trying to impe...
Page 229
11: operation and maintenance slm user guide 229 figure 11-21 web channel connection to an slc making a telnet connection to an ethernet device you can make a telnet connection to the command line interface of any discovered ethernet device. To make a telnet connection: 1. Click the telnet button. A...
Page 230
11: operation and maintenance slm user guide 230 connection commands administrators, ethernet users and menu only users connect device syntax connect device parameters [ modemcallback>] [port ] specify secure to connect through a secure channel. Secure channel is the default method of connection for...
Page 231
11: operation and maintenance slm user guide 231 notes: the device parameter is necessary only to discriminate between two or more persistent connections that are visible to the current user and are using the same name. The devname> following device may be the name of an ethernet device or the name ...
Page 232
11: operation and maintenance slm user guide 232 port is the number of a physical port on the slc. Slc48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the slm dials out to the managed device in ppp, and then connects it via ssh. With modemtelnet...
Page 233
11: operation and maintenance slm user guide 233 figure 11-23 slm services page 2. Enter the following information: table 11-24 slm services - configure tab 3. Click the update button. Slm service setting description https only if selected, allows access to the slm through https only and disallows a...
Page 234
11: operation and maintenance slm user guide 234 banners you can maintain text that is used for the cli. To enter banner text: 1. On the services page, click the banners tab. The following page displays: figure 11-25 services page - banners tab 2. Enter the following information: table 11-26 slm ser...
Page 235
11: operation and maintenance slm user guide 235 ssl the slm has a default secure socket layer (ssl) certificate. The ssl tab enables administrators to view and update ssl certificate information. The ssl certificate, consisting of a public/private key pair used to encrypt http data, is associated w...
Page 236
11: operation and maintenance slm user guide 236 3. Click the submit button. Note: you must reboot the slm for the update to take effect. Status administrators can view the system status on the status tab, and if they desire, email it to another person. To view or email the system status: 1. On the ...
Page 237
11: operation and maintenance slm user guide 237 figure 11-29 services page - status tab.
Page 238
11: operation and maintenance slm user guide 238 continuation of figure 11-29 (part 2 of 3).
Page 239
11: operation and maintenance slm user guide 239 continuation of figure 11-29 (part 3 of 3) 2. To email the status, enter the recipient's email address and click the send report button. Services commands set service auditlog syntax set service auditlog description enables or disables audit logging....
Page 240
11: operation and maintenance slm user guide 240 description enables or disables telnet logging to the slm. Set service ssh syntax set service ssh version description enables or disables ssh logging to the slm. Show service syntax set service description displays service settings. Maintenance the sl...
Page 241
11: operation and maintenance slm user guide 241 figure 11-30 slm maintenance page table 11-31 slm maintenance - general maintenance note: it is recommended that virtual slms be shutdown or restarted using the vslm reboot and shutdown commands available via the web or cli, rather than using the virt...
Page 242
11: operation and maintenance slm user guide 242 table 11-33 slm maintenance - boot banks from the option list, select one of the following: table 11-34 slm maintenance - configuration management boot banks setting description bank 1 version of slm firmware in bank 1. Note: the word "current" displa...
Page 243
11: operation and maintenance slm user guide 243 maintenance commands admin config syntax admin config factorydefaults description restores the slm configuration and device database settings to factory defaults. Admin config rebuilddatabase syntax admin config rebuilddatabase description removes and...
Page 244
11: operation and maintenance slm user guide 244 admin locallog clear traplog group group name: slm, slc, slk, slp, scs, scsx, slb, spdr, wibox, uds, eds, edsmd, xport, pwave, ltrx, or other description clears all of the entries in the auditlog, syslog, or traplog. Admin quicksetup syntax admin quic...
Page 245
11: operation and maintenance slm user guide 245 description shows the progress of background tasks. Show sysconfig syntax show sysconfig [email ] description displays a report of configurable parameters. The output can be emailed. Show sysinfo syntax show sysinfo description displays general system...
Page 246
11: operation and maintenance slm user guide 246 2. Enter the following information: table 11-36 date & time - configure tab 3. To save, click the update button. When the update is complete, a confirmation message displays. To synchronize the slm with a remote timeserver using ntp: 1. Enter the foll...
Page 247
11: operation and maintenance slm user guide 247 description sets the local date, time, and time zone (one parameter at a time). Note: if you type an invalid time zone, the system guides you through the process of selecting a time zone. Show datetime syntax show datetime description displays the loc...
Page 248
11: operation and maintenance slm user guide 248 3. To save, click the update button. When the update is complete, a confirmation message displays. Enable trap reception enables the slm to receive traps from outside and to store and display them on the traps page. Disabled by default. Traps are noti...
Page 249
11: operation and maintenance slm user guide 249 device firmware updates on these pages, you can update the firmware of lantronix's ethernet devices. 1. On the main menu, click services > firmware updates. The following page opens: figure 11-40 device firmware update page - slm tab slm firmware note...
Page 250
11: operation and maintenance slm user guide 250 table 11-42 device firmware update - slm tab - ftp/sftp server 2. Click the update button. Note: to check the progress of the update, click the progress button above the menu. Client file enter or browse to the file where the update is stored. Check l...
Page 251
11: operation and maintenance slm user guide 251 slc/slb firmware to update slc/slb firmware: 1. On the device firmware updates page, click the slc/slb tab. The following page opens: figure 11-43 device firmware update page - slc/slb tab 2. Enter the following information: table 11-44 device firmwar...
Page 252
11: operation and maintenance slm user guide 252 table 11-45 device firmware update - slc/slb tab - ftp/sftp server 3. In the slc/slb devices to update area, select one or more of the slc/slbs managed by the slm . (use ctrl+click for multiple selections.) 4. To update the slc/slbs, click the update ...
Page 253
11: operation and maintenance slm user guide 253 slp firmware to update slp firmware: 1. On the device firmware update page, click the slp tab. The following page opens: figure 11-46 device firmware update - slp tab 2. Enter the following information: table 11-47 device firmware update - slp tab set...
Page 254
11: operation and maintenance slm user guide 254 table 11-48 device firmware update - slp tab - ftp/sftp server 3. In the slp devices to update area, select one or more of the slps managed by the slm . (use ctrl+click for multiple selections.) 4. To update the slps, click the update button. When the...
Page 255
11: operation and maintenance slm user guide 255 figure 11-49 device firmware update page - spider tab 2. Enter the following information: table 11-50 device firmware update - spider 3. In the spider devices to update area, select one or more of the spiders the slm is managing. (use ctrl+click for m...
Page 256
11: operation and maintenance slm user guide 256 figure 11-51 device firmware update page - wibox tab 2. Enter the following information: table 11-52 device firmware update - wibox 3. In the wibox devices to update area, select one or more of the wiboxes the slm is managing. (use ctrl+click for mult...
Page 257
11: operation and maintenance slm user guide 257 uds/sds firmware updates to update firmware on a uds/sds: 1. On the device firmware updates page, click the uds/sds tab. The following page opens: figure 11-53 firmware update page - uds/sds tab 2. Enter the following information: table 11-54 device f...
Page 258
11: operation and maintenance slm user guide 258 managing alternate slms when auto save configuration to other slms is enabled, the slm immediately saves its own configuration to up to eight remote slms. After that, every time the slm configuration has changed, it waits 60 minutes to make sure there...
Page 259
11: operation and maintenance slm user guide 259 managing devices through the actions tab administrators can reboot, shutdown, get log, status, and configuration files, restore configurations, and execute cli commands. Depending on the device, different options will be offered. Using the actions tab...
Page 260
11: operation and maintenance slm user guide 260 get sysconfig restore config get ssh/push ssh read info cli cmd (for cli cmd, you may specify any number of devices.) vip (used to preserve spider vip settings during config restore) 4. Click the progress button to view the status of your commands. Fo...
Page 261
11: operation and maintenance slm user guide 261 getting or restoring a configuration file use the actions tab to get a specific configuration file from one or more slcs or to restore a configuration to one or more slcs. Note: the slm stores files in the files directories. You can display a file fro...
Page 262
11: operation and maintenance slm user guide 262 key2: user-b@host-y key3: user-c@host-z the user enables get ssh key from slc-1 on the slm. As a result, the slm database has the three keys above. The user selects key1 and key3 on the slc actions tab on the slm and enables push ssh key to slc-20 and...
Page 263
11: operation and maintenance slm user guide 263 issuing a cli command use the actions tab to issue a cli command to one or more slcs. Note: commands issued from the actions tab are not interactive. The following command will not work, because the slc cli requires confirmation to continue with group...
Page 264
11: operation and maintenance slm user guide 264 to view the progress of actions running in the background: 1. Click the progress button. The following page opens: figure 11-59 viewing progress of update fw and cli commands 2. View the following information about each task. Table 11-60 manage "slc" ...
Page 265
11: operation and maintenance slm user guide 265 figure 11-61 background task progress - dev status tab 4. To close the background task progress page, click the close tab. Events administrators can configure alarms, triggers, and events on the slm. Examples of events are receiving an snmp trap, a sy...
Page 266
11: operation and maintenance slm user guide 266 to define alarms: 1. On the menu, click events. The following page opens: figure 11-62 event management page - events tab 2. Enter the following information: table 11-63 event management - events tab - alarm type 3. Click the define alarm button. The ...
Page 267
11: operation and maintenance slm user guide 267 table 11-64 event management - events tab - trigger type setting description trigger type select one of the following: received device traps: an incoming trap from a specified ip address. Port log string match (slc/slb): a defined string matches a mon...
Page 268
11: operation and maintenance slm user guide 268 5. In the alarms list to the right, select the alarm(s) to be associated with the selected trigger. 6. Click the define event button. The event displays in the format trigger: alarm in the events list on the page. The trigger displays in the events me...
Page 269
11: operation and maintenance slm user guide 269 figure 11-65 snmp trap configuration (from lantronix tech support faq).
Page 270
11: operation and maintenance slm user guide 270 updating and deleting events administrators and authorized users can update triggers and delete or add alarms for defined events. To update information about the alarm, trigger, or event: 1. On the menu, open the events menu tree and select the event ...
Page 271
11: operation and maintenance slm user guide 271 to delete an event: 1. Select the event from the events list and click the remove event button. A confirmation message displays. 2. Click ok. The event is no longer in the events list. Viewing the event log administrators and authorized users view a l...
Page 272
11: operation and maintenance slm user guide 272 slc/slb fw upgrade files: files for upgrading the slc/slb's firmware. Slp fw upgrade files: files for upgrading the slp's firmware. Spider fw upgrade files: files for upgrading the spider's firmware. Uds/sds fw upgrade files: files for upgrading the u...
Page 273
11: operation and maintenance slm user guide 273 scs05/20 port session files: contain session log files for ssh sessions to scs05/20 device ports. There is no distinction between active and inactive sessions. Device session files: contain session log files for telnet/ssh/secure channel port sessions...
Page 274
11: operation and maintenance slm user guide 274 figure 11-69 slm syslog files page - files tab the available files (of the selected type) display in the list box. 2. Select view and then the file you want to view. 3. Click the submit button. The display tab opens and shows the contents of the selec...
Page 275
11: operation and maintenance slm user guide 275 to delete a file: note: you cannot delete an active syslog file. 1. On the menu, click files and then the type of file. The files of that type in the database display in the list box. 2. Select delete and then the file you want to delete. To select mu...
Page 276
11: operation and maintenance slm user guide 276 figure 11-71 files page to export (copy) a file from the slm to a mapped cifs or nfs directory: 1. Select copy to. The drop-down list box becomes active. Note: copy to is only active if cifs or nfs has been configured or if usb flash memory is install...
Page 277
11: operation and maintenance slm user guide 277 5. If necessary, when requested by your browser, select the destination directory for the file on your client machine. Copying files the administrator and other authorized users can download slm and slc firmware upgrade, configuration, and log files f...
Page 278
11: operation and maintenance slm user guide 278 3. To save, click the submit button. 4. To see the status of the copy process if you are copying multiple files at the same time, click the progress button above the menu. Setting up nfs you can import files from or export files to a remote nfs server...
Page 279
11: operation and maintenance slm user guide 279 table 11-76 file management - nfs tab - remote directory 3. Enter the following information about exporting a file from the slm: note: this information is for exporting nfs shares (the slm functions as an nfs server). This allows remote nfs clients to...
Page 280
11: operation and maintenance slm user guide 280 figure 11-78 file management - cifs tab 2. Enter the following information for importing a file: note: the first three entries are for mounting remote cifs/samba shares (the slm acts as a cifs client). The username and password are required to authent...
Page 281
11: operation and maintenance slm user guide 281 table 11-80 file management - cfs tab - local directory 2. Click the update button. When the update is complete, a confirmation message displays in the bottom part of the page. Setting up log properties the administrator specifies the properties of lo...
Page 282
11: operation and maintenance slm user guide 282 2. Enter the following: table 11-82 file management - logging tab - port logs table 11-83 file management - logging tab - audit logs table 11-84 file management - logging tab - session logs table 11-85 file management - logging tab - system logs setti...
Page 283
11: operation and maintenance slm user guide 283 table 11-86 file management - logging tab - persistent connection logs 3. Click the update button. When the update is complete, a confirmation message displays in the bottom part of the page. Logging commands admin locallog syntax admin locallog clear...
Page 284
11: operation and maintenance slm user guide 284 parameters [lastminutes ] [date ] [date ] description lists portlog files. Examples show portlog lastminutes 5 lists portlog files modified in last 5 minutes. Show portlog date 0205 lists portlog files last modified on 0205. Show portlog date 0205-020...
Page 285
11: operation and maintenance slm user guide 285 displays the part of the portlog by index from the end. [lastminutes ] [date ] [date ] description displays the contents of the portlog file by index. Note: index is the number specified by parameters lastminutes and date. If you specify 0 as number o...
Page 286
11: operation and maintenance slm user guide 286 parameters [lastminutes ] [date ] [date ] description lists portlog files in short form. Show sessionlog syntax show sessionlog type sessiontype: parameters [lastminutes ] [date ] [date ] description lists session log files. Examples show sessionlog l...
Page 287
11: operation and maintenance slm user guide 287 show sessionlog type device index 3 top 10 lastminutes 5 displays the first 10 lines of device session log by the index '3'. To get this index, type show sessionlog type device lastminutes 5. Show syslog syntax show syslog shows the syslog information...
Page 288
Slm user guide 288 12: using slm on a mobile browser slm's wap technology enables you to access the status of your slm from your mobile phone. This chapter familiarizes you with how to do this. For more detailed information about the options, please see the other chapters in this user guide. Require...
Page 289
12: using slm on a mobile browser slm user guide 289 the slm main menu (home page) displays a list of options: using links to select options to select an option: 1. Click the link (blue). For example, click log on the home page to display a menu of logs. Using the keypad to select options note: shor...
Page 290
12: using slm on a mobile browser slm user guide 290 for example, towards the bottom of the portlog details page, the + symbol displays. If you select the +, further details display. If you select the -, the previous page of details displays. Logging out to log out of the slm: 1. Select logout (at t...
Page 291
12: using slm on a mobile browser slm user guide 291 main menu to use the slm menu (main menu): 1. To use the main menu, select one of the following links: status : displays the status of the slm. Devices : displays information about ethernet and managed devices. Log : displays audit, port, system, ...
Page 292
12: using slm on a mobile browser slm user guide 292 status menu the slm status menu has three options: system information, connections, and routes. System information to view the status of the system: 1. On the status menu, select system information or tap the 1 key. The system configuration displa...
Page 293
12: using slm on a mobile browser slm user guide 293 connections to view information about the slm's connections: 1. On the status menu, select connections or tap the 2 key. The connections menu displays. 2. To view individual connections, click the blue link on the connections menu or tap the key n...
Page 294
12: using slm on a mobile browser slm user guide 294 route information to view slm route information: 1. On the status menu, select routes, or tap the 3 key. Device menu the device menu provides access to ethernet devices, unreachable ethernet devices, and managed devices. To view information about ...
Page 295
12: using slm on a mobile browser slm user guide 295 ethernet devices to view information about an ethernet device: 1. From the devices menu, select ethernet devices. The green icon to the right of a device indicates that the device is reachable; the red indicates that the device is unreachable. 2. ...
Page 296
12: using slm on a mobile browser slm user guide 296 ethernet unreachable devices to view ethernet devices to which the slm has not been able to connect: 1. On the devices menu, select ethernet unreachable devices. The ethernet unreachable devices page displays a list of unreachable devices. 2. To v...
Page 297
12: using slm on a mobile browser slm user guide 297 managed devices to obtain information about managed devices: 1. Select managed devices on the devices menu. The managed devices page displays a list of managed devices. 2. Select a managed device to view its details..
Page 298
12: using slm on a mobile browser slm user guide 298 log menu filtering logs the log filter page enables you to view logs matching specified criteria (number of lines and date/ time). The settings are for the current session only. Once you save the filter, it applies for all log commands and is avai...
Page 299
12: using slm on a mobile browser slm user guide 299 view logs to view audit, trap, system, or port logs: 1. Select log on the main menu. The slm log menu displays. 2. Select the type of log you want to see (e.G., tap 2 to see the slm's audit logs)..
Page 300
12: using slm on a mobile browser slm user guide 300 3. Select the log to view details. 4. Select the + button to see more details. 5. Select the + to scroll to see more lines of details. Note: you can set the number of lines you see at a time on the log filter page..
Page 301
Slm user guide 301 appendix a: command reference after an introduction to using commands, this chapter lists and describes all of the commands available on the slm command line interface accessed through ssh, secure channel (slc only), telnet, or a serial connection. The commands are in alphabetical...
Page 302
Appendix a: command reference slm user guide 302 command help for general command help, type: help for more information about a specific command, type help followed by the command, for example: help set network or type ? After the command: set network ? Tips type enough characters to identify the ac...
Page 303
Appendix a: command reference slm user guide 303 authentication commands set auth syntax set auth parameters local nis ldap radius kerberos tacacs+ securid authusenextmethod limitsysadmin description sets ordering of authentication methods and how authentication methods are used. Authentication can ...
Page 304
Appendix a: command reference slm user guide 304 parameters domain broadcast master slave1 slave2 slave3 slave4 slave5 description configures the slm to use nis to authenticate users who log in to the slm via ssh, telnet, the web, or the console port. Set radius syntax set radius state timeout serve...
Page 305
Appendix a: command reference slm user guide 305 parameters led ipaddr user [password ] description control led of hp ilo remote device. Show auth syntax show auth description displays authentication methods in use. Show ldap syntax show ldap description displays all ldap information. Show nis synta...
Page 306
Appendix a: command reference slm user guide 306 syntax show sysinfo description displays system file changes. Show ilo syntax show ilo led status show ilo health parameters ipaddr user [password ] description display health status of hp ilo remote device. Account commands use the following commands...
Page 307
Appendix a: command reference slm user guide 307 syntax set account edit group parameters [email ] [auth [allowdialback ] [dialbacknumber ] [allowpwchange ] [pwneverexpires ] [changepwnextlogin ] description modifies a user account. Set account password syntax set account password note: administrato...
Page 308
Appendix a: command reference slm user guide 308 description displays accounts by index number. Show account search syntax note: all searches are case insensitive. Show account search name show account search email examples show account search name sys description searches for accounts by name or em...
Page 309
Appendix a: command reference slm user guide 309 description displays account group information. Show accountgroup all syntax show accountgroup all show accountgroup description displays information about all account groups. Show accountgroup index note: type show accountgroup all to display the ind...
Page 310
Appendix a: command reference slm user guide 310 example ip range: 192.168.0.1-192.168.0.155 name: public (default) admin autodetect filter show displays the current auto-detect search filters. Description configures or displays the protocol and filters. Admin autodetect start syntax admin autodetec...
Page 311
Appendix a: command reference slm user guide 311 syntax admin config rebuilddatabase description removes and rebuilds the slm configuration and database from scratch, in case of database corruption that cannot be fixed by the factory default. Admin locallog syntax admin locallog clear auditlog admin...
Page 312
Appendix a: command reference slm user guide 312 syntax admin showbootbank description displays the slm boot bank. Admin showoptions syntax admin showoptions description display license options. Admin shutdown syntax admin shutdown description terminates all connections, shuts down the slm, and turn...
Page 313
Appendix a: command reference slm user guide 313 syntax admin web certificate reset admin web certificate show description reset ssl web certificate to default. Displays current ssl web certificate. Show progress syntax show progress description shows the progress of background tasks. Show sysconfig...
Page 314
Appendix a: command reference slm user guide 314 syntax show device index description displays ethernet or managed devices by index. Auto-detect commands admin autodetect filter delete syntax admin autodetect filter delete the command displays an index of current filters. Type the index number of th...
Page 315
Appendix a: command reference slm user guide 315 description displays the current auto-detect search filters. Admin autodetect filter snmp syntax admin autodetect filter snmp [community ] [timeout ] example ip range: 92.168.0.1-192.168.0.155 name: public (default) timeout:default is 100 msec; range ...
Page 316
Appendix a: command reference slm user guide 316 cli commands the following commands relate to the cli itself. Set cli terminallines syntax set cli terminallines description sets the number of lines that display in a page for the auditlog, syslog, portlog, traplog, and device list. Default is 20. Se...
Page 317
Appendix a: command reference slm user guide 317 slc48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the slm dials out to the managed device in ppp, and then connects it via ssh. With modemtelnet option, the slm dials out to the managed device i...
Page 318
Appendix a: command reference slm user guide 318 parameters is one or more of: user version escape the tcp port parameter is the tcp port number; the default is 22. Description connect to any machine/device using standard ssh v1 or v2 protocol. Connect telnet syntax connect telnet [tcpport ] [user ]...
Page 319
Appendix a: command reference slm user guide 319 examples connect device slc-waimea connect device slc-waimea-port-1 connect device slc-waimea ssh connect device slc-waimea port 4 connect device slc-waimea modemssh connect device slc-waimea modemcallback description connects to a managed device thro...
Page 320
Appendix a: command reference slm user guide 320 date and time commands set datetime syntax set datetime parameters date timezone description sets the local date, time, and time zone (one parameter at a time). Note: if you type an invalid time zone, the system guides you through the process of selec...
Page 321
Appendix a: command reference slm user guide 321 example diag nettrace protocol udp verbose 2 description displays all network traffic, applying optional filters. Diag ping syntax diag ping parameters count default is 5. Packetsize default is 64. Description verifies that the slm can reach a host ov...
Page 322
Appendix a: command reference slm user guide 322 description displays information on the internal memory, storage and processes of the slm. Dial account commands set dialaccount add syntax set dialaccount add parameters modemmode note: if you select text, all other parameters except timeout are igno...
Page 324
Appendix a: command reference slm user guide 324 examples show dialaccount show dialaccount name ppp-pap show dialaccount index 2 description displays dial account settings. Show dialaccount mapping syntax show dialaccount mapping description shows dial account used by dial-in and dial-out. Ethernet...
Page 325
Appendix a: command reference slm user guide 325 syntax set ethernetdevice delete finds ethernet device using device name or ip address and deletes the device. Set ethernetdevice delete portnumber number or port number range> port number range , for example, 1-4 finds a port by ethernet device name ...
Page 326
Appendix a: command reference slm user guide 326 syntax show device description searches for and displays ethernet or managed devices by device name. Show device all syntax show device all show device description displays all ethernet and managed devices. Show ethernetdevice account syntax show ethe...
Page 327
Appendix a: command reference slm user guide 327 syntax show ethernetdevice group [firmware] group name: slm, slc, slk, slp, scs, slb, spdr, wibox, uds, eds, edsmd, xport, pwave, ltrx, or other note: ethernet device group names are not case sensitive. Description displays ethernet devices by device ...
Page 328
Appendix a: command reference slm user guide 328 description displays all devices that match the criteria entered. For example, if you specify name slc, the slm searches for all devices whose name starts with slc. Show ethernetdevice unreachablelist syntax show ethernetdevice unreachablelist descrip...
Page 329
Appendix a: command reference slm user guide 329 note: type show ipfilter name or show ipfilter index to display the rule number. Syntax set ipfilter delete name [rule ] example set ipfilter delete myfilter rule 3 description deletes ipv4 filter rule by specified name and rule number. Set ip filter ...
Page 330
Appendix a: command reference slm user guide 330 description displays all ip filtering rules for all chains. Logging commands admin locallog syntax admin locallog clear auditlog admin locallog clear syslog admin locallog clear traplog device admin locallog clear traplog group group name: slm, slc, s...
Page 331
Appendix a: command reference slm user guide 331 syntax show auditlog index index is the number of lines of the log specified by lastminutes and date. If you specify 0 at number of lines, all lines display. Parameters [top ] [tail ] [lastminutes ] [date ] [date ] [loglastminutes ] [logdate ] [logdat...
Page 332
Appendix a: command reference slm user guide 332 show auditlog index 3 tail 0 lastminutes 5 displays all lines of the auditlog in index 3 from the tail. Show auditlog index 3 lastminutes 5 logminutes 10 displays the part of auditlog in index 3 times tamped in the last 10 minutes. Show auditlog index...
Page 333
Appendix a: command reference slm user guide 333 syntax show portlog file shows the port log from the top. Show portlog file tail displays the port log from the bottom (tail). Show portlog file top displays the port log from the top. Description displays the contents of the portlog file by index. De...
Page 334
Appendix a: command reference slm user guide 334 show portlog index 3 lastminutes 5 displays port log by the index '3'. To get this index, type show portlog lastminutes 5. Show portlog index 3 date 0205 displays port log by the index '3'. To get this index, type show portlog date 0205. Show portlog ...
Page 335
Appendix a: command reference slm user guide 335 examples show sessionlog lists device session log files. Show sessionlog type slcportsaved lastminutes 5 lists archived slc port session log files modified in last 5 minutes. Show sessionlog date 0205 lists session log files last modified on 0205. Sho...
Page 336
Appendix a: command reference slm user guide 336 description lists syslog files. Show syslog list syntax show syslog list parameters lastminutes date date description lists syslog files in short form. Show syslog index syntax show syslog index index is the number of lines of the log specified by las...
Page 337
Appendix a: command reference slm user guide 337 show syslog index 3 displays index 3 from the top. Show syslog index 3 top 10 displays the first 10 lines of index 3 from the top. Show syslog index 3 tail 15 displays the last 15 lines of index 3 from the tail. Show syslog index 3 lastminutes 5 displ...
Page 338
Appendix a: command reference slm user guide 338 syntax show traplog group [index ] group name: slm, slc, slk, slp, scs, slb, spdr, wibox, ltrx, or other description displays the current trap log information for an ethernet device group by index number. Show traplog list syntax show traplog list par...
Page 339
Appendix a: command reference slm user guide 339 show traplog index 3 displays index 3 from the top. Show traplog index 3 top 10 displays the first 10 lines of index 3 from the top. Show traplog index 3 tail 15 displays the last 15 lines of index 3 from the tail. Show traplog index 3 lastminutes 5 d...
Page 340
Appendix a: command reference slm user guide 340 description shows saved configuration files. Admin config save file syntax admin config save file description saves the slm configuration to the slm configuration files directory. Admin locallog clear syntax admin locallog clear auditlog admin locallo...
Page 341
Appendix a: command reference slm user guide 341 description terminates all connections, shuts down the slm, and turns off the power. Admin version syntax admin version description displays current application version information. Show progress syntax show progress description shows the progress of ...
Page 342
Appendix a: command reference slm user guide 342 syntax set manageddevice config parameters name powerport state ] [dialout modem to set modem parameters, you must specify the dial-out option. Disconnect modem delete phonenumber ] application ] examples set ma config port-1 name waimea-port-1 specif...
Page 343
Appendix a: command reference slm user guide 343 name powerport state (slp only) delete dialout modem to set modem parameters, you must specify the dial-out option. Disconnect modem phonenumber application examples set ma config port-1 name waimea-port-1 set ma config slp-sunset-port1 powerport 1 st...
Page 344
Appendix a: command reference slm user guide 344 description searches for and displays ethernet or managed devices by device name. For example, if you specify name slc, the slm searches for all ethernet and managed devices whose name starts with slc. Show device all syntax show device all show devic...
Page 345
Appendix a: command reference slm user guide 345 show manageddevice list syntax show manageddevice list description displays all managed devices in short form. Show manageddevice search syntax show manageddevice search parameters note: search entries are not case sensitive. [name ] example show mana...
Page 346
Appendix a: command reference slm user guide 346 parameters name powerport state ] (slp only) example set ma port slp-sunset po 2 state on description finds managed device by index and modifies device parameters. Set manageddevice config disconnect modem syntax set manageddevice config disconnect mo...
Page 347
Appendix a: command reference slm user guide 347 syntax set menu delete description deletes a custom user menu or one command within a custom user menu. Set menu edit syntax set menu edit changes a command within an existing custom user menu. Set menu edit changes a nickname within an existing custo...
Page 348
Appendix a: command reference slm user guide 348 description resets a modem connection. Set modem scan syntax set modem scan description scans a modem. Set modem disconnect note: type show modem to view the current modem connections. Syntax set modem disconnect example set modem disconnect mypcimode...
Page 349
Appendix a: command reference slm user guide 349 description displays all modems. Show modem connection syntax show modem connection parameters [index ] description displays active (established) modem connections. Show modem settings syntax show modem parameters [name ] [index ] description displays...
Page 350
Appendix a: command reference slm user guide 350 syntax set network dns ipaddr description configures up to three dns servers. Set network gateway syntax set network gateway parameters default precedence alternate pingip ethport pingdelay failedpings description sets the default gateway. Set network...
Page 351
Appendix a: command reference slm user guide 351 description displays all network settings. Show network bonding syntax show network bonding description displays network bonding information. Show network port syntax show network port description displays network port 1 and network port 2 connection ...
Page 352
Appendix a: command reference slm user guide 352 syntax set persistent edit parameters [ethernetdevice ] [protocol ] [logging ] [managed ] [active ] [parentlogin ] [login ] [password ] [prompt ] [application ] [escapesequence ] [reconnectdelay ] [eoltranslation ] note: for the edit command, the ethe...
Page 353
Appendix a: command reference slm user guide 353 description displays one or more persistent connections connect persistent syntax connect persistent [device ] note: the device parameter is necessary only to discriminate between two or more persistent connections that are visible to the current user...
Page 354
Appendix a: command reference slm user guide 354 description finds an ethernet device using device name or ip address and displays port information. Show ethernetdevice search port syntax show ethernetdevice search port parameters note: search entries are not case sensitive. [name ] [portnumber ] ex...
Page 355
Appendix a: command reference slm user guide 355 search commands show account search email syntax show account search email example show account search email sys displays all accounts whose email address starts with "sys." description displays accounts that match the email address entered. Show acco...
Page 356
Appendix a: command reference slm user guide 356 parameters note: search entries are not case sensitive. [name ] [portnumber ] examples show ethernetdevice search port name waimea-port show ethernetdevice search port name waimea portnumber 2 description displays all ports that match the criteria ent...
Page 357
Appendix a: command reference slm user guide 357 description enables or disables telnet logging to the slm. Set service sessionlog syntax set service sessionlog description enables or disables session logging. Set service ssh syntax set service ssh version description enables or disables ssh logging...
Page 358
Appendix a: command reference slm user guide 358 description terminates a user connection to the slm session. Use show connection to view the current connections and ids. Show connection syntax show connection description displays active user connections and connection ids. Ssh key commands set sshk...
Page 359
Slm user guide 359 description shows the progress of background tasks..
Page 360
Slm user guide 360 appendix b: security considerations the slm provides data path security by means of ssh, web/ssl, and in the case of slcs, secure channel. Even with the use of these protocols, however, do not assume you have complete security. Securing the data path is only one measure needed to ...
Page 361
Appendix b: security considerations slm user guide 361 table b-2 management table b-3 device access protocol port# type smtp 25 tcp bootp/dhcp 67/68 tcp ntp 123 tcp nis 111 tcp/udp snmp 161/162 udp ldap 389 tcp radius 1645/1812 tcp/udp protocol port# type ftp 20/21 tcp/udp ssh/scp 22 tcp tftp 69 udp...
Page 362
Slm user guide 362 appendix c: safety information safety precautions please follow the safety precautions described below when installing and operating the slm. Cover do not remove the cover of the chassis. There are no user-serviceable parts inside. Opening or removing the cover may expose you to d...
Page 363
Appendix c: safety information slm user guide 363 the ambient temperature inside the rack may be greater than the room ambient temperature. Make sure to install the slm in an environment with an ambient temperature less than the maximum operating temperature of the slm. (see appendix d: technical sp...
Page 364
Slm user guide 364 appendix d: technical specifications you can install the slm either in an eia-standard 19-inch rack (1u tall) or as desktop unit. Following are specifications for the slm hardware, which applies to the slm-01 and slm-02. Table d-1 technical specifications slm-01 slm-02 memory 40 g...
Page 365: Appendix E: Compliance
Slm user guide 365 appendix e: compliance slm-01 (according to iso/iec guide 22 and en 45014) manufacturer's name & address: lantronix inc., 167 technology drive, irvine, ca 92618 usa declares that the following product: product name(s): secure lantronix management appliance (slm-01) conform to the ...
Page 366
Appendix e: compliance slm user guide 366 safety: en 60950 emissions: en 55022 class a immunity: en 55024 manufacturer's contact: lantronix,inc. 167 technology drive, irvine, ca 92618usa tel: 949-453-3990 fax: 949-450-7249 slm-02 (according to iso/iec guide 22 and en 45014) manufacturer's name & add...
Page 367
Appendix e: compliance slm user guide 367 additional agency approvals and certifications: tuv ul/cul this product carries the ce mark since it has been tested and found compliant with the following standards: safety: en 60950 emissions: en 55022 class b immunity: en 55024 manufacturer's contact: lan...
Page 368
Slm user guide 368 appendix f: protocol glossary this glossary provides brief definitions of commonly used protocols. Bootp (bootstrap protocol) similar to dhcp, but for smaller networks. Automatically assigns the ip address for a specific duration of time. Chap (challenge handshake authentication p...
Page 369
Appendix f: protocol glossary slm user guide 369 nfs (network file system) a protocol that allows file sharing across a network. Users can view, store, and update files on a remote computer. You can use nfs to mount all or a portion of a file system. Users can access the portion mounted with the sam...
Page 370
Appendix f: protocol glossary slm user guide 370 sftp (secure file transfer protocol) sftp is a network protocol that provides file access, file transfer, and file management functionalities over a secure ssh data stream. Snmp (simple network management protocol) a protocol that administrators use t...