SLC™ 8000
Advanced Console Manager
User Guide
Part Number 900-704-R
Revision B October 2014
Download from Www.Somanuals.com. All Manuals Search And Download.
Disclaimer & Revisions
All information contained herein is provided “AS IS.” Lantronix undertakes no obligation to update
the information in this publication. Lantronix does not make, and specifically disclaims, all
warranties of any kind (express, implied or otherwise) regarding title, non-infringement, fitness,
quality, accuracy, completeness, usefulness, suitability or performance of the information provided
herein. Lantronix shall have no liability whatsoever to any user for any damages, losses and
causes of action (whether in contract or in tort or otherwise) in connection with the user’s access or
usage of any of the information or content contained herein. The information and specifications
contained in this document are subject to change without notice.
Operation of this equipment in a residential area is likely to cause interference, in which case the
user, at his or her own expense, will be required to take whatever measures may be required to
correct the interference.
Note: This equipment has been tested and found to comply with the limits for Class A
digital device pursuant to Part 15 of the FCC Rules. These limits are designed to provide
reasonable protection against harmful interference when the equipment is operated in a
commercial environment. This equipment generates, uses, and can radiate radio
frequency energy and, if not installed and used in accordance with this User Guide, may
cause interference to radio communications. Operation of this equipment in a residential
area is likely to cause interference, in which case the user will be required to correct the
interference at his own expense.
Changes or modifications made to this device that are not explicitly approved by Lantronix will void
the user's authority to operate this device.
Revision History
Date
Rev.
A
Comments
March 2014
Preliminary release.
October 2014
B
Initial document for firmware release 7.1.0.0.
SLC™ 8000 Advanced Console Manager User Guide
3
Download from Www.Somanuals.com. All Manuals Search And Download.
Table of Contents
SLC™ 8000 Advanced Console Manager User Guide
4
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
5
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
6
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
7
Download from Www.Somanuals.com. All Manuals Search And Download.
PPP Mode __________________________________________________________163
SLC™ 8000 Advanced Console Manager User Guide
8
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
9
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
10
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
11
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
12
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
15
Download from Www.Somanuals.com. All Manuals Search And Download.
SLC™ 8000 Advanced Console Manager User Guide
16
Download from Www.Somanuals.com. All Manuals Search And Download.
1: About this Guide
Purpose and Audience
8000 Advanced Console Manager. The SLC unit is for IT professionals who must remotely and
devices equipped with a serial port for facilities that are typically remote branch offices or
Summary of Chapters
The remaining chapters in this guide include:
Chapter
Description
Describes the SLC 8000 models, their main features, and the protocols they
support.
Provides technical specifications; describes connection formats and power
supplies; provides instructions for installing the SLC 8000 advanced console
manager in a rack.
Provides instructions for getting your SLC unit up and running and for
configuring required settings.
Describes the web and command line interfaces available for configuring
the SLC 8000 advanced console manager.
The configuration chapters (6-12) provide detailed instructions for using the
web interface and include equivalent command line interface commands.
Chapter 6: Basic Parameters Provides instructions for configuring network ports, firewall and routing
settings, and VPN.
Provides instructions for enabling and disabling system logging, SSH and
Telnet logins, SNMP, SMTP, and the date and time.
Provides instructions for configuring global device port settings, individual
device port settings, and console port settings.
Provides instructions for configuring connections and viewing, updating, or
disconnecting a connection.
Provides instructions for enabling or disabling methods that authenticate
users who attempt to log in via the web, SSH, Telnet, or the console port.
Provides instructions for creating custom menus.
Provides instructions for upgrading firmware, viewing system logs and
diagnostics, generating reports, and defining events. Includes information
about web pages and commands used to shut down and reboot the SLC
8000 advanced console manager.
Shows how to set up and use the SLC unit in three different configurations.
Lists and describes all of the commands available on the SLC command line
interface
SLC™ 8000 Advanced Console Manager User Guide
17
Download from Www.Somanuals.com. All Manuals Search And Download.
1: About this Guide
Chapter (continued)
Description
Provides tips for enhancing SLC security.
Lists safety precautions for using the SLC 8000 advanced console
manager.
Includes adapter pinout diagrams.
Lists the protocols supported by the SLC unit with brief descriptions.
Provides information about the SLC 8000 advanced console manager’s
compliance with industry standards.
Additional Documentation
Visit the Lantronix Web site at www.lantronix.com/support/documentation for the latest
documentation and the following additional documentation.
Document
Description
SLC 8000 Advanced Console Manager
Quick Start
Describes the steps for getting the SLC unit up and running.
SLC 8000 Advanced Console Manager
Online Help for the Command Line
Reference
Provides online help for configuring the SLC 8000
advanced console manager using commands.
SLC 8000 Advanced Console Manager
Online Help for the Web Interface
Provides online help for configuring the SLC 8000
advanced console manager using the web page.
SLC™ 8000 Advanced Console Manager User Guide
18
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
The SLC 8000 advanced console manager enables IT system administrators to manage remote
servers and IT infrastructure equipment securely over the Internet.
IT equipment can be configured, administered, and managed in a variety of ways, but most
devices have one method in common: an RS-232 serial port, sometimes called a console,
auxiliary, or management port. These ports are often accessed directly by connecting a terminal or
laptop to them, meaning that the administrator must be in the same physical location as the
equipment. The SLC 8000 advanced console manager gives the administrator a way to access
them remotely from anywhere there is a network or modem connection.
Many types of equipment can be accessed and administered using console managers including:
Servers: Unix, Linux, Windows, and others.
Networking equipment: Routers, switches, storage networking.
Telecom: PBX, voice switches.
Other systems with serial interfaces: Heating/cooling systems, security/building access
systems, UPS, medial devices.
The key benefits of using console managers:
Saves money: Enables remote management and troubleshooting without sending a
technician onsite. Reduces travel costs and downtime costs.
Saves time: Provides instant access and reduces response time, improving efficiency.
Simplifies access: Enables you to access equipment securely and remotely after hours and
on weekends and holidays—without having to schedule visits or arrange for off-hour access.
Protects assets: Security features provide encryption, authentication, authorization, and
firewall features to protect your IT infrastructure while providing flexible remote access.
The SLC advanced console manager provides features such as convenient text menu
systems, break-safe operation, port buffering (logging), remote authentication, and Secure
Shell (SSH) access. Dial-up modem support ensures access when the network is not
available.
Features
Console Management
Up to 48 RS-232 serial ports for console connectivity
Enables system administrators to remotely manage devices with serial console ports, e.g.,
Linux, Unix, and recent versions of Windows servers, routers, telecom, and switches with RS-
232C (now EIA-232) compatible serial consoles in a 1U-tall rack space. All models have two
Ethernet ports called Eth1 and Eth2 in this document.
Provides data logging, monitoring, and secure access control via the Internet
Power
Universal AC power input (100-240V, 50/60 Hz)
Convection cooled, silent operation, low power consumption
SLC™ 8000 Advanced Console Manager User Guide
19
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
Models
SLC 8048 has the following hardware components:
SLC Chassis: The SLC 8000 advanced console manager has a 1U tall, self-contained rack-
mountable chassis.
Serial Device Ports: Up to forty-eight serial RS-232C (EIA-232) device ports are for remote
console management of the attached equipment. These match the RJ45 pin-outs of the
console ports of many popular devices found in a network environment, and where different
can be converted using Lantronix adapters. See Appendix C: Adapters and Pinouts on page
331 for more information on serial adapters and pin-outs.
Network Ports: The SLC unit has two 10/100/1000 Base-T Ethernet ports (referred to in this
user guide as Eth1 and Eth2)
Console Port: The SLC has a front panel serial console port (RJ45).
SLC 8000 advanced console manager also includes two USB type A ports in the front panel.
Figure 2-1 SLC 8048 Unit (Front Side) - Part Number SLC 804812N-01-S
Figure 2-2 SLC 8048 Unit (Back Side) - Part Number SLC 804812N-01-S
System Features
The SLC 8000 firmware has the following basic capabilities:
Software reversible device port pinouts
Connects up to 48 RS-232 serial consoles
SLC™ 8000 Advanced Console Manager User Guide
20
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
10/100/1000 Base-T Ethernet network compatibility
Buffer logging to file
Email and SNMP notification
ID/Password security, configurable access rights
Secure shell (SSH) security; supports numerous other security protocols
Network File System (NFS) and Common Internet File System (CIFS) support
RAW TCP, Telnet or SSH to a serial port by IP address per port or by IP address and TCP port
number
Configurable user rights for local and remotely authenticated users
Supports an external modem
No unintentional break ever sent to attached servers (Solaris Ready)
Simultaneous access on the same port - “listen” and “direct” connect mode
Local access through a console port
Web administration (using most browsers)
Protocols Supported
The SLC 8000 advanced console manager supports the TCP/IP network protocol as well as:
SSH, Telnet, PPP, NFS, and CIFS for connections in and out of the SLC console manager
SMTP for mail transfer
DNS for text-to-IP address name resolution
SNMP for remote monitoring and management
SCP, FTP and SFTP for file transfers and firmware upgrades
TFTP for firmware upgrades
DHCP and BOOTP for IP address assignment
HTTPS (SSL) for secure browser-based configuration
NTP for time synchronization
LDAP, NIS, RADIUS, CHAP, PAP, Kerberos, TACACS+, and SecurID (via RADIUS) for user
authentication
Callback Control Protocol (CBCP)
IPsec for VPN access
Access Control
The system administrator controls access to attached servers or devices by assigning access
rights to up to 128 user profiles. Each user has an assigned ID, password, and access rights.
Other user profile access options may include externally configured authentication methods such
as NIS and LDAP.
SLC™ 8000 Advanced Console Manager User Guide
21
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
Device Port Buffer
The SLC 8000 unit supports real-time data logging for each device port. The port can save the
data log to a file, send an email notification of an issue, or take no action.
You can define the path for logged data on a port-by-port basis, configure file size and number of
files per port for each logging event, and configure the device log to send an email alert message
automatically to the appropriate parties indicating a particular error.
Configuration Options
You may use the backlit front-panel LCD display for initial setup and configuration and to view
current network, console, and date/time settings, and get internal temperature status.
Both a web interface viewed through a standard browser and a command line interface (CLI) are
available for configuring the SLC settings and monitoring performance.
Hardware Features
The SLC 8000 hardware includes the following:
1U-tall (1.75 inch) rack-mountable appliance
Two 10/100/1000 Base-T network ports with LED for link and activity
Up to 48 RS-232 serial device ports connected via RJ45 wiring
One front panel serial console port for VT100 terminal or PC with emulation with LED for
activity indicators
Two USB Ports
Secure Digital (SD) memory card slot
Front panel LCD display and keypad
256 KB-per-port buffer memory for serial device ports
Software reversible device port pinouts
LCD display and keypad on the front
Universal AC power input (100-240V, 50/60 Hz)
Convection cooled, silent operation, low power consumption
SLC™ 8000 Advanced Console Manager User Guide
22
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
Serial Port Interfaces
All devices attached to the device ports and the console port must support the RS-232C (EIA-232)
standard. RJ45 cabling, like Category 5 or 6 patch cabling, is used for the device port connections
and for the console port. (For pinout information, see the Appendix C: Adapters and Pinouts on
page 331.)
Device ports for the SLC 8000 advanced console manager are reversed by default so that straight-
through RJ45 patch cables may be used to connect to Cisco and Sun RJ45 serial console ports. If
you are replacing an SLC with an SLC 8000 you can either switch the ports to the non-reversed
pinout used by SLC units and use your original cables and adapters, or remove any rolled cables
or adapters and replace them with straight-through RJ45 cables, e.g. Ethernet patch cables.
Note: RJ45 to DB9/DB25 adapters are available from Lantronix.
Device ports and the console port support the following baud-rate options: 300, 600, 1200, 2400,
4800, 9600, 19200, 38400, 57600, 115200 and 230400 baud.
Figure 2-3 Device Ports (Back Side)
Figure 2-4 Console Port (Front Side)
Table 2-5 Console (DTE) Port Pinout
Pin Number
Description
RTS (output)
DTR (output)
TXD (output)
Ground
1
2
3
4
5
6
7
8
Ground
RXD (input)
DSR (input)
CTS (input)
SLC™ 8000 Advanced Console Manager User Guide
23
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
Network Connections
The SLC 8000 network interfaces are 10/100/1000 Base-T Ethernet for use with a conventional
6 patch cable. Additionally, CAT5E or better cables are recommended for 1000 Base Ethernet.
Network parameters must be configured before the SLC console manager can be accessed over the
network.
Note: One possible use for the two Ethernet ports is to have one port on a private,
secure network and the other on a public, unsecured network.
Figure 2-6 Network Connection
SLC™ 8000 Advanced Console Manager User Guide
24
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
USB Interface
The SLC 8000 unit has two 2.0 USB ports (HS, FS, LS).
Figure 2-7 Dual USB Ports
Memory Card Port
The SLC unit has a memory card port on the front panel of the unit which accepts SD cards.
Figure 2-8 Memory Card Port
SLC™ 8000 Advanced Console Manager User Guide
25
Download from Www.Somanuals.com. All Manuals Search And Download.
2: Introduction
Internal Modem
An internal modem can be installed in the SLC 8000 advanced console manager. See Modem
Installation on page 33 for instructions.
Figure 2-9 Internal Modem Location
SLC™ 8000 Advanced Console Manager User Guide
26
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
This chapter provides a high-level procedure for installing the SLC advanced console manager
followed by more detailed information about the SLC connections and power supplies.
Caution: To avoid physical and electrical hazards, please read appendix,
Appendix A: Security Considerations on page 328 before installing the SLC
8000 advanced console managerSLC 8000 advanced console manager.
What's in the Box
In addition to the SLC unit, the following table lists components in the box and their corresponding
part numbers.
Table 3-1 Part Numbers and Descriptions
Part #
Component Description
Quantity
Cables:
200.2070A
200.0062
500-153
RJ45 to DB9F Adapter
RJ45 to RJ45, Cat5, 6.6 ft (2 m)
RJ45 Loopback
1
1
1
Power Cords:
500-041-ACC
For AC Supply Models: AC Power Cord included only
For DC Supply Models: DC Installation Kit only
1 for Single
2 for Dual
083-014-ACC
1
Verify and inspect the contents of the SLC package using the enclosed packing slip or the table
above. If any item is missing or damaged, contact your place of purchase immediately.
Product Information Label
The product information label on the underside of the SLC 8000 advanced console manager
contains the following information about each SLC unit:
Part Number
Serial Number
Serial Number Bar Code
Date Code
Country of Manufacture
SLC™ 8000 Advanced Console Manager User Guide
27
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
Technical Specifications
Table 3-2 SLC Technical Specifications
Description
Component
Serial Interface (Device) (48) RJ45-type 8-conductor connectors which are individually configurable
standard or reversed pinouts
Speed software selectable (300 to 230400 baud)
Note: Device ports for the SLC 8000 advanced console manager are
reversed by default. Do not use rolled cables and adapters when replacing an
SLC 8000 advanced console manager with the SLC 8000 model.
Serial Interface (Console) (1) RJ45-type 8-pin connector (DTE)
Speed software selectable (300 to 230400 baud)
LEDs:
Green light ON indicates data transmission activities
Yellow light ON indicates data receiving activities
Network Interface
(2) 10/100/1000 Base-T RJ45 Ethernet
LEDs:
Green light ON indicates a link at 1000 Base-T
Green light OFF indicates a link at other speeds or no link
Yellow light ON indicates a link is established
Yellow light blinking indicates activity
Power Supply AC
Universal AC power input: 100-240 VAC
(single or dual)
50 or 60 Hz IEC 60320/C19IEC-type regional cord set included
Power Supply DC (dual)
Power Consumption
Dimensions
20V to 72V input
Less than 25 watts
1U, 1.75 in x 17.25 in x 12 in
11.5 lbs or less, depending on options
Weight
Temperature
Operating: 0 to 50°C (32 to 122°F), 30 to 90% RH, non-condensing
Storage: -20 to 80°C (-4 to 176°F), 10 to 90% RH, non-condensing
Relative Humidity
Operating: 10% to 90% non-condensing; 40% to 60% recommended
Storage: 10% to 90% non-condensing
USB Ports
(2) ports, type A, host USB 2.0 (HS, FS, LS)
Memory Card
Single memory card slot supporting:
SD
SDHC
Modem
300 bps to 56K bps data rate
Upstream 48K bps, downstream 56K bps
V.44 data compression (V92MB-U, V92HU)
V.42 bis and MNP-5 data compression
V.29 FastPOS support
Caller ID type I and II for select countries
Agency approvals: Transferable FCC68, CS03 and CTR21 certifications,
IEC60601-1 (Medical Electronics) compliant, CE Marking, IEC60950 approved
SLC™ 8000 Advanced Console Manager User Guide
28
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
Physical Installation
Install the SLC 8000 advanced console manager in an EIA-standard 19-inch rack (1U tall) or as a
desktop unit. The SLC module uses convection cooling to dissipate excess heat.
To install the SLC 8000 advanced console manager in a rack:
1. Place the SLC unit in a 19-inch rack.
Warning: Do not to block the air vents on the sides of the SLC module. If you
mount the SLC advanced console manager in an enclosed rack, we
recommended that the rack have a ventilation fan to provide adequate
airflow through the SLC unit.
3. Choose one of the following options:
-
-
To configure the SLC 8000 advanced console manager using the network, or to monitor
serial devices on the network, connect at least one SLC network port to a network. See
To configure the SLC unit using a dumb terminal or a computer with terminal emulation,
connect the terminal or PC to the SLC console port. See Connecting Terminals (on page
31).
5. Wait approximately a minute for the boot process to complete.
When the boot process ends, the SLC host name and the clock appear on the LCD display.
Connecting to a Device Port
You can connect almost any device that has a serial console port to a device port on the SLC 8000
advanced console manager for remote administration. The console port must support the RS-
232C interface.
Note: Many servers must either have the serial port enabled as a console or the
keyboard and mouse detached. Consult the server hardware and/or software
documentation for more information.
To connect to a device port:
1. Connect one end of the Cat 5 cable to the device port.
2. Connect the other end of the Cat 5 cable to a Lantronix serial console adapter.
information about Lantronix adapters.
SLC™ 8000 Advanced Console Manager User Guide
29
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
Figure 3-3 Device Port Connections (Back Side)
RJ45
CABLE
Table 3-4 Console Port and Device Port (DTE) - Reverse Pinout Disabled
Pin Number Description
1
2
3
4
5
6
7
8
RTS (output)
DTR (output)
TXD (output)
Ground
Ground
RXD (input)
DSR (input)
CTS (input)
Table 3-5 Device Port (DCE) - Reverse Pinout Enabled
Pin Number Description
1
2
3
4
5
6
7
8
CTS (input)
DSR (input)
RXD (input)
Ground
Ground
TXD (output)
DTR (output)
RTS (output)
SLC™ 8000 Advanced Console Manager User Guide
30
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
Modular Expansion for I/O Module
The SLC 8000 advanced console manager supports the flexibility to change the I/O module
Ethernet ports and Bay 3 is the slot beside the power supply module.
Table 3-6 Available I/O Configurations
Connecting to Network Ports
The SLC network ports, 10/100/1000 Base-T Ethernet, allow remote access to the attached
devices and the system administrative functions. Use a standard RJ45-terminated Category 5
cable to connect to the network port. A CAT5e or better cable is recommended for use with a
1000 Base-T Ethernet connection.
Note: One possible use for the two Ethernet ports is to have one port on a private,
secure network, and the other on an unsecured network.
Connecting Terminals
The console port is for local access to the SLC 8000 advanced console manager and the attached
devices. You may attach a dumb terminal or a computer with terminal emulation to the console
port. The SLC console port uses RS-232C protocol and supports VT100 emulation. The default
baud rate is 9600.
To connect the console port to a terminal or computer with terminal emulation, Lantronix offers
optional adapters that provide a connection between an RJ45 jack and a DB9 or DB25 connector.
more information, and our Web site at www.lantronix.com/support and click Cable/Adapter
Lookup on the Support menu.
SLC™ 8000 Advanced Console Manager User Guide
31
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
To connect a terminal:
1. Attach the Lantronix adapter to your terminal (typifcally a PN 200.2066A adapter) or your PC's
serial port (use PN 200.2070A adapter).
2. Connect the Cat 5 cable to the adapter, and connect the other end to the SLC console port.
3. Turn on the terminal or start your computer's communication program (e.g., HyperTerminal for
Windows XP or lower. For recent versions of Windows use a free terminal emulator such as
PuTTY or TeraTerm Pro).
4. Once the SLC 8000 advanced console manager is running, press Enter to establish
connection. You should see the model name and a login prompt on your terminal. You are
connected.
AC Input
The power supply module for the SLC controller accepts AC input voltage of 100-240 VAC, 50/60
HZ. Rear-mounted IEC-type AC power connectors are provided for universal AC power input.
Caution: Disconnect all power supply modules before servicing to avoid electric shock.
Figure 3-7 AC Power Input
SLC™ 8000 Advanced Console Manager User Guide
32
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
Modem Installation
Caution: TO REDUCE THE RISK OF FIRE, USE ONLY NO. 26 AWG OR LARGER (e.g., 24
AWG) UL LISTED OR CSA CERTIFIED TELECOMMUNICATION LINE CORD.
Attention: POUR RÉDUIRE LES RISQUES D'INCENDIE, UTILISER UNIQUEMENT DES
CONDUCTEURS DE TÉLÉCOMMUNICATIONS 26 AWG AU DE SECTION
SUPÉRLEURE.
Warning: RISK OF ELECTRICAL SHOCKS; DISCONNECT ALL POWER AND
PHONE LINES BEFORE SERVICING!
Caution: DEVICES INSIDE THE EQUIPMENT AND THE MODEM ARE ELECTROSTATIC -
SENSITIVE; DO NOT HANDLE EXCEPT AT A STATIC FREE WORKPLACE.
MODEM PART NUMBER
Lantronix 56KINTMODEM-01
MODEM SERVICING INSTRUCTIONS
You will need a medium size Phillips screw driver.
1. Turn off power to the SLC 8000 advanced console manager.
2. Locate the battery modem door on the top of the SLC unit.
3. Unscrew and lift the door off with the screw driver.
SLC™ 8000 Advanced Console Manager User Guide
33
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
4. Take note of the orientation of the modem so that later you can install a new modem correctly
with the same orientation.
5. If there is a modem replacement, carefully lift the old modem out of its socket.
6. Install the new modem with correct orientation.
7. Make sure to have correct pin alignment.
SLC™ 8000 Advanced Console Manager User Guide
34
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
8. Press the modem down to make sure it sits down all the way in the socket.
9. Double-check the new modem placement to make sure it is done properly.
10. Place the battery modem door back.
11. Tighten the door screw.
Battery Replacement
Caution: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE.
DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS.
Attention: II Y A DANGER D'EXPLOSION S'IL Y A REMPLACEMENT INCORRECT DE LA
BATTERIE. REMPLACER UNIQUEMENT AVEC UNE BATTERIE DU MÊME TYPE
OU D'UN TYPE EQUIVALENT RECOMMANDÉ PAR LE CONSTRUCTEUR.
METTRE AU REBUT LES BATTERIES USAGÉES CONFORMÉMENT AUX
INSTRUCTIONS DU FABRICANT.
Caution: DEVICES INSIDE THE EQUIPMENT ARE ELECTROSTATIC -SENSITIVE; DO NOT
HANDLE EXCEPT AT A STATIC FREE WORKPLACE.
Battery Part Numbers
Panasonic BR2032 or equivalent (button cell lithium, non-rechargeable)
Caution: DO NOT USE BATTERY TYPE CR2032 SINCE IT HAS A LOWER OPERATING
TEMPERATURE RANGE.
SLC™ 8000 Advanced Console Manager User Guide
35
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
DISPOSAL OF USED BATTERIES (from battery data sheet)
If not in a large quantity, button cell batteries contain so little Lithium that they do not qualify as
reactive hazardous waste. These batteries are safe for disposal in the normal municipal waste
stream.
If in a large quantity, disposal of button cell batteries should be performed by permitted,
professional firms knowledgeable in Federal, State and local hazardous waste transportation
and disposal requirements.
Caution: RISK OF FIRE, EXPLOSION AND BURNS. DO NOT RECHARGE, CRUSH, HEAT
ABOVE 212°F (100°C) OR INCINERATE.
Battery Replacement Instructions
Warning: RISK OF ELECTRICAL SHOCKS; DISCONNECT ALL POWER AND
PHONE LINE BEFORE SERVICING!
You will need a medium size Phillips screw driver.
1. Turn off power to the SLC 8000 advanced console manager.
2. Locate the battery modem door on the top of the SLC unit.
3. Unscrew and lift the door off with the screw driver.
4. If there is a modem, note the orientation of the modem so that later you can install it back
correctly.
SLC™ 8000 Advanced Console Manager User Guide
36
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
5. If there is a modem, carefully lift the modem out of its socket.
6. Use fingers to lift the battery out of the socket.
Caution: DO NOT USE A METAL OBJECT TO PRY OUT THE BATTERY SINCE IT MAY
SHORT THE BATTERY AND DAMAGE THE BATTERY HOUSING.
7. Install the new battery with the (+) side up making sure the battery sits completely and
securely in the housing.
SLC™ 8000 Advanced Console Manager User Guide
37
Download from Www.Somanuals.com. All Manuals Search And Download.
3: Installation
8. Re-install the modem with correct orientation.
a. Make sure also to have correct pin alignment.
b. Press the modem down to make sure it sits down all the way in the socket.
9. Double-check the battery and modem placements to make sure they are done properly.
10. Place the battery modem door back.
11. Tighten the door screw.
12. Reprogram the SLC system date-time after installing a new battery, if necessary.
SLC™ 8000 Advanced Console Manager User Guide
38
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
This chapter helps get the IP network port up and running quickly, so you can administer the SLC
advanced console manager using your network.
Recommendations
To set up the network connections quickly, we suggest you do one of the following:
Use the front panel LCD display and keypads.
SSH to the command line interface and follow the Quick Setup script on the command line
interface.
Connect to the console port and follow the Quick Setup script on the command line interface.
Note: The first time you power up the SLC unit, Eth1 tries to obtain its IP address via
DHCP. If you have connected Eth1 to the network, and Eth1 is able to acquire an IP
address, you can view this IP address on the LCD or by running the Lantronix
DeviceInstaller™ application. If Eth1 cannot acquire an IP address, you cannot use
Telnet, SSH, or the web interface to run Quick Setup.
IP Address
Your SLC 8000 advanced console manager must have a unique IP address on your network. The
system administrator generally provides the IP address and corresponding subnet mask and
gateway. The IP address must be within a valid range, unique to your network, and in the same
subnet as your PC.
The following table lists the options for assigning an IP address to your SLC unit.
Table 4-1 Methods of Assigning an IP Address
Method
DHCP
Description
A DHCP server automatically assigns the IP address and network settings.
The SLC 8000 advanced console manager is DHCP-enabled by default.
With the Eth1 network port connected to the network, and the SLC unit
powered up, Eth1 acquires an IP address, viewable on the LCD.
At this point, you can use SSH to connect to the SLC console manager or use
the web interface.
BOOTP
Non-dynamic predecessor to DHCP.
Front panel LCD display You manually assign the IP address and other basic network, console, and
and keypads
date/time settings. If desired, you can restore the factory defaults.
Serial port login to
You assign an IP address and configure the SLC unit using a terminal or a PC
command line interface running a terminal emulation program to the SLC serial console port
connection.
SLC™ 8000 Advanced Console Manager User Guide
39
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Method #1 Using the Front Panel Display
Before you begin, ensure that you have:
Unique IP address that is valid on your network (unless automatically assigned)
Subnet mask (unless automatically assigned)
Gateway (unless automatically assigned)
DNS settings (unless automatically assigned)
Date, time, and time zone
Console port settings: baud rate, data bits, stop bits, parity, and flow control
Make sure the SLC advanced console manager is plugged into power and turned on.
Front Panel LCD Display and Keypads
With the SLC unit powered up, you can use the front panel display and buttons to set up the basic
parameters.
Figure 4-2 Front Panel LCD Display and Five Button Keypad (Enter, Up, Down, Left, Right)
The front panel display initially shows the hostname (abbreviated to 14 letters) and the date and
time.
When you click the right-arrow button, the SLC network settings displays. Using the five buttons on
the keypad, you can change the network, console port, and date/time settings and view the
firmware release version. If desired, you can restore the factory defaults.
Note: Have your information handy as the display times out without accepting any
unsaved changes if you take more than 30 seconds between entries.
Any changes made to the network, console port, and date/time settings take effect immediately.
Navigating
The front panel keypad has one Enter button (in the center) and four arrow buttons (up, left, right,
and down). Press the arrow buttons to navigate from one option to another, or to increment or
decrement a numerical entry of the selected option. Use the Enter button to select an option to
change or to save your settings.
SLC™ 8000 Advanced Console Manager User Guide
40
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
The following table lists the SLC navigation actions, buttons, and options.
Table 4-3 LCD Arrow Keypad Actions
Button
Action
Right arrow
To move to the next option (e.g., from Network Settings to Console Settings)
To return to the previous option
Left arrow
Enter (center button)
Up and down arrows
Right or left arrows
Enter
To enter edit mode
Within edit mode, to increase or decrease a numerical entry
Within edit mode, to move the cursor right or left
To exit edit mode
Up and down arrows
To scroll up or down the list of parameters within an option (e.g., from IP
Address to Mask)
Table 4-4 Front Panel Setup Options with Associated Parameters
Left/Right Arrow
Current Eth1
Console Date /
Time
Release
Internal
Temp
User
Strings
Location Device
Ports
Time
Network Port
Settings Settings Settings
User ID & Eth1 IP
Baud Rate, Time Zone Firmware
Reading in
Displays
configured
user
string(s), if
any.
Indicates
the Rack
(RK), Row
(RW) &
Cluster
(CW)
Detects the
Current
TIme
Address
Data Bits,
Stop Bits,
Parity,
versionand Celsius &
connection
state of each
port:
date code
(display
only)
Fahrenheit
Flow
0=No DSR
input signal
detected on
device port
Control
locations.
Up/
Down
Arrow
1=DSRinput
signal
detected on
device port
Eth1
Subnet
Mask
Data Bits
Date/Time Restore
Factory
Defaults
Gateway
DNS1
Stop Bits
Parity
DNS2
Flow
Control
DNS3
disabled for display on the SLC LCD screen. The order of appearance of the screens, if
enabled, along with the elected “Home Page” may vary on the LCD monitor according to
configuration. The internal temperature, user strings, location and device ports LCD
enabling and disabling screens.
SLC™ 8000 Advanced Console Manager User Guide
41
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Entering the Settings
To enter setup information:
1. From the normal display (host name, date and time), press the right arrow button to display
Network Settings. The IP address for Eth1 displays.
Note: If you have connected Eth1 to the network, and Eth1 is able to acquire an IP
address through DHCP, this IP address displays, followed by the letter [D]. Otherwise, the
IP address displays as all zeros (000.000.000.000).
2. Press the Enter button on the keypad to enter edit mode. A cursor displays below one
character of the existing IP address setting.
3. To enter values:
-
-
Use the left or right arrow to move the cursor to the left or to the right position.
Use the up or down arrow to increment or decrement the numerical value.
4. When you have the IP address as you want it, press Enter to exit edit mode, and then press
the down arrow button. The Subnet Mask parameter displays.
Note: You must edit the IP address and the Subnet Mask together for a valid IP address
combination.
5. To save your entries for one or more parameters in the group, press the right arrow button.
The Save Settings? Yes/No prompt displays.
Note: If the prompt does not display, make sure you are no longer in edit mode.
6. Use the left/right arrow buttons to select Yes, and press the Enter button.
7. Press the right arrow button to move to the next option, Console Settings.
8. Repeat steps 2-7 for each setting.
9. Press the right arrow button to move to the next option, Date/Time Settings, and click Enter
to edit the time zone.
-
-
To enter a US time zone, use the up/down arrow buttons to scroll through the US time
zones, and then press Enter to select the correct one.
To enter a time zone outside the US, press the left arrow button to move up to the top level
of time zones. Press the up/down arrow button to scroll through the top level.
A time zone with a trailing slash (such as Africa/) has sub-time zones. Use the right arrow
button to select the Africa time zones, and then the up/down arrows to scroll through them.
Press Enter to select the correct time zone. To move back to the top-level time zone at
any time, press the left arrow.
10. To save your entries, press the right arrow button. The Save Settings? Yes/No prompt
displays.
Note: If the prompt does not display, make sure you are no longer in edit mode.
11. Use the left/right arrow buttons to select Yes, and press the Enter button.
12. To review the saved settings, press the up or down arrows to step through the current settings.
SLC™ 8000 Advanced Console Manager User Guide
42
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
When you are done, the front panel returns to the clock display. The network port resets to the
new settings, and you can connect to your IP network for further administration. You should be
able to SSH to the SLC 8000 advanced console manager through your network connection, or
access the Web interface through a Web browser.
Restoring Factory Defaults
To use the LCD display to restore factory default settings:
1. Press the right arrow button to move to the last option, Release.
2. Use the down arrow to move to the Restore Factory Defaults option. A prompt for the 6-digit
Restore Factory Defaults password displays.
3. Press Enter to enter edit mode.
4. Using the left and right arrows to move between digits and the up and down arrows to change
digits, enter the password (the default password is 999999).
Note: The Restore Factory Defaults password is only for the LCD. You can change it at
the command line interface using the admin keypad passwordcommand.
5. Press Enter to exit edit mode. If the password is valid, a Save Settings? Yes/No prompt
displays.
6. Select Yes and press Enter. When the process is complete, the SLC unit reboots.
Method #2 Quick Setup on the Web Page
network settings. This page displays the first time you log into the SLC 8000 advanced console
To complete the Quick Setup page:
1. Open a web browser (Firefox, Chrome or Internet Explorer web browsers with JavaScript
enabled).
2. In the URL field, type https:// followed by the IP address of your SLC console manager.
Note: The web server listens for requests on the unencrypted (HTTP) port (port 80) and
redirects all requests to the encrypted (HTTPS) port (port 443).
3. Log in using sysadminas the user name and PASSas the password. The first time you log in to
SLC™ 8000 Advanced Console Manager User Guide
43
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Figure 4-5 Quick Setup
Figure 4-6 Home
4. To accept the defaults, select the Accept default Quick Setup settings checkbox on the top
portion of the page and click the Apply button at the bottom of the page. Otherwise, continue
with step 5.
SLC™ 8000 Advanced Console Manager User Guide
44
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
the web interface to configure the SLC further.
5. Enter the following settings:
Network Settings
Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP)
are not currently supported.
Network Setting
Eth 1 Settings
Description
Obtain from DHCP: Acquires IP address, subnet mask, hostname and gateway
from the DHCP server. (The DHCP server may not provide the hostname
gateway, depending on its setup.) This is the default setting. If you select this
option, skip to Gateway.
Obtain from BOOTP: Lets a network node request configuration information from
a BOOTP "server" node. If you select this option, skip to Gateway.
Specify: Lets you manually assign a static IP address, generally provided by the
system administrator.
IP Address
(if specifying)
Enter an IP address that is unique and valid on your network. There is no default.
Enter all IP addresses in dot-quad notation. Do not use leading zeros in the fields
for dot-quad numbers less than 100. For example, if your IP address is
172.19.201.28, do not enter 028for the last segment.
Note: Currently, the SLC 8000 advanced console manager does not support
configurations with the same IP subnet on multiple interfaces (Ethernet or PPP).
Subnet Mask
If specifying an IP address, enter the subnet mask for the network on which the SLC
unit resides. There is no default.
Default Gateway
Hostname
The IP address of the router for this network. There is no default.
The default host name is slcXXXX, where XXXX is the last 4 characters of the
hardware address of Ethernet Port 1. There is a 64-character limit (contiguous
characters, no spaces). The host name becomes the prompt in the command line
interface.
Domain
If desired, specify a domain name (for example, support.lantronix.com). The domain
name is used for host name resolution within the SLC 8000 advanced console
manager. For example, if abcd is specified for the SMTP server, and
mydomain.com is specified for the domain, if abcd cannot be resolved, the SLC unit
attempts to resolve abcd.mydomain.com for the SMTP server.
Date & Time Settings
Date & Time Setting Description
Change Date/Time
Date
Select the checkbox to manually enter the date and time at the SLC unit’s location.
From the drop-down lists, select the current month, day, and year.
From the drop-down lists, select the current hour and minute.
From the drop-down list, select the appropriate time zone.
Time
Time Zone
SLC™ 8000 Advanced Console Manager User Guide
45
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Administrator Settings
Administrator
Setting
Description
Sysadmin Password To change the password (e.g., from the default) enter a Sysadmin Password of up
to 64 characters.
Retype Password
Re-enter the Sysadmin Password above in this field as a confirmation.
6. Click the Apply button to save your entries.
Figure 4-7 Quick Setup Completed in Web Manager
Method #3 Quick Setup on the Command Line Interface
If the SLC 8000 advanced console manager does not have an IP address, you can connect a
dumb terminal or a PC running a terminal emulation program (VT100) to access the command line
or Telnet to connect to the SLC unit.
By default, Telnet is disabled and SSH is enabled. To enable Telnet, use the Services > SSH/Telnet/
To complete the command line interface Quick Setup script:
1. Do one of the following:
-
With a serial terminal connection, power up, and when the command line displays, press
Enter.
-
With a network connection, use an SSH program or Telnet program (if Telnet has been
enabled) to connect to xx.xx.xx.xx (the IP address in dot quad notation), and press
Enter. You should be at the login prompt.
2. Enter sysadminas the user name and press Enter.
3. Enter PASSas the password and press Enter. The first time you log in, the Quick Setup script
runs automatically. Normally, the command prompt displays.
SLC™ 8000 Advanced Console Manager User Guide
46
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Figure 4-8 Beginning of Quick Setup Script
Quick Setup will now step you through configuring a few basic settings.
The current settings are shown in brackets ('[]').
You can accept the current setting for each question by pressing
<return>.
4. Enter the following information at the prompts:
Note: To accept a default or to skip an entry that is not required, press Enter.
CLI Quick Setup
Settings
Description
Config Eth1
Select one of the following:
(1) obtain IP Address from DHCP: The unit will acquire the IP address, subnet
mask, hostname, and gateway from the DHCP server. (The DHCP server may or
may not provide the gateway and hostname, depending on its setup.) This is the
default setting.
(2) obtain IP Address from BOOTP: Permits a network node to request
configuration information from a BOOTP "server" node.
(3) static IP Address: Allows you to assign a static IP address manually. The IP
address is generally provided by the system administrator.
IP Address (if
specifying)
An IP address that is unique and valid on your network and in the same subnet as
your PC. There is no default.
If you selected DHCP or BOOTP, this prompt does not display.
Enter all IP addresses in dot-quad notation. Do not use leading zeros in the fields for
dot-quad numbers less than 100. For example, if your IP address is 172.19.201.28,
do not enter 028 for the last segment.
Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or
PPP) are not currently supported.
Subnet Mask
The subnet mask specifies the network segment on which the SLC 8000 advanced
console manager resides. There is no default. If you selected DHCP or BOOTP, this
prompt does not display.
Default Gateway
Hostname
IP address of the router for this network. There is no default.
The default host name is slc, where XXXXis the last 4 characters of the hardware
address of Ethernet Port 1. There is a 64-character limit (contiguous characters, no
spaces).
Note: The host name becomes the prompt in the command line interface.
Domain
If desired, specify a domain name (for example, support.lantronix.com). The domain
name is used for host name resolution within the SLC unit. For example, if abcd is
specified for the SMTP server, and mydomain.com is specified for the domain, if
abcd cannot be resolved, the SLC 8000 advanced console manager attempts to
resolve abcd.mydomain.com for the SMTP server.
Time Zone
If the time zone displayed is incorrect, enter the correct time zone and press Enter. If
the entry is not a valid time zone, the system guides you through selecting a time
zone. A list of valid regions and countries displays. At the prompts, enter the correct
region and country.
SLC™ 8000 Advanced Console Manager User Guide
47
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
CLI Quick Setup
Settings
Description
Date/Time
If the date and time displayed are correct, type n and continue. If the date and time
are incorrect, type y and enter the correct date and time in the formats shown at the
prompts.
Sysadmin
password
Enter a new sysadmin password.
After you complete the Quick Setup script, the changes take effect immediately.
Figure 4-9 Quick Setup Completed in CLI
Quick Setup will now step you through configuring a few basic settings.
The current settings are shown in brackets ('[]').
You can accept the current setting for each question by pressing
<return>.
____Ethernet Port and Default Gateway___________________________________
The SLC8048 has two ethernet ports, Eth1 and Eth2.
By default, both ports are configured for DHCP.
Configure Eth1: (1) obtain IP Address from DHCP
(2) obtain IP Address from BOOTP
(3) static IP Address
Enter 1-3: [1]
The SLC8048 can be configured to use a default gateway.
Enter gateway IP Address: [none]
____Hostname____________________________________________________________
The current hostname is 'slc', and the current domain is '<undefined>'.
The hostname will be shown in the CLI prompt.
Specify a hostname: [slc]
Specify a domain: [<undefined>]
____Time Zone___________________________________________________________
The current time zone is 'GMT'.
Enter time zone: [GMT]
____Date/Time___________________________________________________________
The current time is Tue Feb 4 11:26:55 2014
Change the current time? [n]
____Sysadmin Password___________________________________________________
Enter new password: [<current password>]
Quick Setup is now complete.
[slc]>
SLC™ 8000 Advanced Console Manager User Guide
48
Download from Www.Somanuals.com. All Manuals Search And Download.
4: Quick Setup
Next Step
After completing quick setup on the SLC 8000 advanced console manager, you may want to
configure other settings. You can use the web page or the command line interface for
configuration.
For information about the web and the command line interfaces, go to Chapter 5: Web and
SLC™ 8000 Advanced Console Manager User Guide
49
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
The SLC advanced console manager offers three interfaces for configuring the SLC unit: a
command line interface (CLI), a web interface, and an LCD with keypads on the front panel. This
chapter discusses the web and command line interfaces.
panel to configure basic network settings and web manager and CLI to perform quick
setup.
Web Manager
A web manager allows the system administrator and other authorized users to configure and
manage the SLC 8000 advanced console manager using most web browsers (Firefox, Chrome or
Internet Explorer web applications with JavaScript enabled). The Web Telnet and Web SSH
features require Java 1.1 (or later) support in the browser. The SLC unit provides a secure,
encrypted web interface over SSL (secure sockets layer).
Note: The web server listens for requests on the unencrypted (HTTP) port (port 80) and
redirects all requests to the encrypted (HTTPS) port (port 443).
SLC™ 8000 Advanced Console Manager User Guide
50
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
The following figure shows a typical web page:
Figure 5-1 Web Page Layout
Port
Number
Bar
Logout
Button
Icons
Tabs
Help
Button
Options
Entry Fields
and Options
Apply Button
The web page has the following components:
Tabs: Groups of settings to configure.
Options: Below each tab are options for specific types of settings.
Note: Only those options for which the currently logged-in user has rights display.
Port Number Bar:
-
-
The light green LCD button allows you to configure the front panel LCD.
The beige SD button allows you to configure the SD card, if a card is inserted. See
SLC™ 8000 Advanced Console Manager User Guide
51
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
-
-
The gray U1 button allows you to configure the upper USB device (flash drive or modem)
plugged into the front panel USB connector. The gray U2 button allows you to configure
The brown MD button allows you to configure the internal modem, if an internal modem is
installed.
-
-
The number buttons allow you to select a port and display its settings. Only ports to which
the currently logged-in user has rights are enabled.
Below the bar are options for use with the port buttons. Selecting a port and the
the WebSSH option displays the WebSSH window for the device port --if Web SSH is
enabled, and if SSH is enabled for the device port. Selecting the port and the Connected
Device button allows access to supported devices such as SLP power managers and/or
SensorSoft temperature and humidity probes connected to the device port.
-
The yellow orange A and B buttons display the status of the power supplies.
Entry Fields and Options: Allow you to enter data and select options for the settings.
Note: For specific instructions on completing the fields on the web pages, see Chapters
5 through 12.
Apply Button: Apply on each web page makes the changes immediately and saves them so
they will be there when the SLC 8000 advanced console manager is rebooted.
Icons: The icon bar above the Main Menu has icons that display the following:
Home page.
Information about the SLC unit and Lantronix contact information.
Configuration site map.
Status of the SLC 8000 advanced console manager.
Help Button: Provides online Help for the specific web page.
Logging in
Only the system administrator or users with web access rights can log into the web manager. More
than one user at a time can log in, but the same user cannot login more than once.
To log in to the SLC web manager:
1. Open a web browser.
2. In the URL field, type https:// followed by the IP address of your SLC 8000 advanced
console manager.
3. To configure the SLC unit, use sysadminas the user name and PASSas the password.
(These are the default values.)
Note: The system administrator may have changed the password using one of the
Quick Setup methods in the previous chapter.
SLC™ 8000 Advanced Console Manager User Guide
52
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
Subsequently, the Lantronix SLC Home page displays. (If you want to display the Quick Setup
page again, click Quick Setup on the main menu.)
Logging Out
To log off the SLC web interface:
1. Click the Logout button located on the upper left part of any user interface page. You are
brought back to the login screen when logout is complete.
Web Page Help
To view detailed information about an SLC web page:
1. Click the Help button to the right of any user interface page. Online Help contents will appear
in a new browser.
Command Line Interface
A command line interface (CLI) is available for entering all the commands you can use with the
SLC 8000 advanced console manager. In this User Guide, after each section of instructions for
using the web interface, you will find the equivalent CLI commands. You can access the command
line interface using Telnet, SSH, or a serial terminal connection.
Note: By default, Telnet is disabled and SSH is enabled. To enable Telnet, use the
Services > SSH/Telnet/Logging web page, a serial terminal connection, or an SSH
The sysadmin user and users with who have full administrative rights have access to the complete
command set, while all other users have access to a reduced command set based on their
permissions.
Logging In
To log in to the SLC command line interface:
1. Do one of the following:
-
With a serial terminal connection, power up, and when the command line displays, press
Enter.
-
If the SLC 8000 advanced console manager already has an IP address (assigned
previously or assigned by DHCP), Telnet (if Telnet has been enabled) or SSH to
xx.xx.xx.xx (the IP address in dot quad notation) and press Enter. The login prompt
displays.
2. To log in as the system administrator for setup and configuration, enter sysadminas the user
name and press Enter.
3. Enter PASSas the password and press Enter. The first time you log in, the Quick Setup script
runs automatically. Normally, the command prompt displays. (If you want to display the Quick
Setup script again, use the admin quicksetupcommand.)
SLC™ 8000 Advanced Console Manager User Guide
53
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
Note: The system administrator may have changed the password using one of the
Quick Setup methods in the previous chapter.
To log in any other user:
1. Enter your SLC user name and press Enter.
2. Enter your SLC password and press Enter.
Logging Out
To log out of the SLC command line interface, type logoutand press Enter.
Command Syntax
Commands have the following format:
<action> <category> <parameter(s)>
where
<action>is set, show, connect, admin, diag, or logout.
<category>is a group of related parameters whose settings you want to configure or view.
Examples are ntp, deviceport, and network.
<parameter(s)>is one or more name-value pairs in one of the following formats:
User must specify one of the values (aa or bb) separated by a
vertical line ( | ). The values are in all lowercase and must be
entered exactly as shown. Bold indicates a default value.
<parameter name> <aa|bb>
User must specify an appropriate value, for example, an IP address.
The parameter values are in mixed case. Square brackets [ ]
indicate optional parameters.
<parameter name> <Value>
Command Line Help
For general Help and to display the commands to which you have rights, type: help
For general command line Help, type: help command line
For more information about a specific command, type help followed by the command. For
example: help set network or help admin firmware
Tips
Type enough characters to identify the action, category, or parameter name uniquely. For
parameter values, type the entire value. For example, you can shorten:
set network port 1 state static ipaddr 122.3.10.1 mask 255.255.0.0
to
se net po 1 st static ip 122.3.10.1 ma 255.255.0.0
Use the Tab key to automatically complete action, category, or parameter names. Type a
partial name and press Tab either to complete the name if only one is possible, or to display
the possible names if more than one is possible. Following a space after the preceding name,
Tab displays all possible names.
SLC™ 8000 Advanced Console Manager User Guide
54
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
Should you make a mistake while typing, backspace by pressing the Backspace key and/or
the Delete key, depending on how you accessed the interface. Both keys work if you use
VT100 emulation in your terminal access program when connecting to the console port. Use
the left and right arrow keys to move within a command.
Use the up and down arrows to scroll through previously entered commands. If desired, select
one and edit it. You can scroll through up to 100 previous commands entered in the session.
To clear an IP address, type 0.0.0.0, or to clear a non-IP address value, type CLEAR.
When the number of lines displayed by a command exceeds the size of the window (the
default is 25), the command output is halted until the user is ready to continue. To display the
next line, press Enter, and to display the page, press the space bar. You can override the
number of lines (or disable the feature altogether) with the set clicommand.
General CLI Commands
The following commands relate to the CLI itself.
To configure the current command line session:
set cli scscommands <enable|disable>
Allows you to use SCS-compatible commands as shortcuts for executing commands:
Note: Settings are retained between CLI sessions for local users and users listed in the
remote users list.
SCS Commands
info
Commands
'show sysstatus'
version
reboot
poweroff
listdev
direct
listen
clear
'admin version'
'admin reboot'
'admin shutdown'
'show deviceport names'
'connect direct deviceport'
'connect listen deviceport'
'set locallog clear'
'connect direct telnet'
'connect direct ssh'
telnet
ssh
To set the number of lines displayed by a command:
set cli terminallines <disable|Number of lines>
Sets the number of lines in the terminal emulation (screen) for paging through text one screenful at
a time, if the SLC 8000 advanced console manager cannot detect the size of the terminal
automatically.
To show current CLI settings:
show cli
SLC™ 8000 Advanced Console Manager User Guide
55
Download from Www.Somanuals.com. All Manuals Search And Download.
5: Web and Command Line Interfaces
To view the last 100 commands entered in the session:
show history
To clear the command history:
set history clear
To view the rights of the currently logged-in user:
show user
Table 5-2 CLI Keyboard Shortcuts
Keyboard Shortcut
Control + [a]
Control + [e]
Control + [b]
Control + [f]
Description
Move to the start of the line.
Move to the end of the line.
Move back to the start of the current word.
Move forward to the end of the next word.
Erase from cursor to the beginning of the line.
Erase from cursor to the end of the line.
Control + [u]
Control + [k]
SLC™ 8000 Advanced Console Manager User Guide
56
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
This chapter explains how to set the following basic configuration settings for the SLC advanced
console manager using the SLC web interface or the CLI:
Network parameters that determine how the SLC 8000 advanced console manager interacts
with the attached network
Firewall and routing
Date and time
Note: If you entered some of these settings using a Quick Setup procedure, you may
update them here.
Requirements
If you assign a different IP address from the current one, it must be within a valid range, unique to
your network, and with the same subnet mask as your workstation.
To configure the unit, you need the following information:
Eth1
Eth2
IP address:
________ - ________ - ________ - ________
________ - ________ - ________ - ________
Subnet mask:
IP address (optional): ________ - ________ - ________ - ________
Subnet mask (optional): ________ - ________ - ________ - ________
Gateway:
DNS:
___________ - ___________ - ___________ - ___________
___________ - ___________ - ___________ - ___________
SLC™ 8000 Advanced Console Manager User Guide
57
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
To enter settings for one or both network ports:
1. Click the Network tab and select the Network Settings option. The following page displays:
Figure 6-1 Network > Network Settings
SLC™ 8000 Advanced Console Manager User Guide
58
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
2. Enter the following information:
Ethernet Interfaces (Eth1 and Eth2)
Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP)
are not currently supported.
Eth 1 Settings
or
Eth 2 Settings
Disabled: If selected, disables the network port.
Obtain from DHCP: Acquires IP address, subnet mask, hostname and gateway
from the DHCP server. (The DHCP server may not provide the hostname
gateway, depending on its setup.) This is the default setting. If you select this
option, skip to Gateway.
Obtain from BOOTP: Lets a network node request configuration information
from a BOOTP "server" node. If you select this option, skip to Gateway.
Specify: Lets you manually assign a static IP address, generally provided by the
system administrator.
IP Address
(if specifying)
Enter an IP address that will be unique and valid on your network. There is no
default.
Enter all IP addresses in dot-quad notation. Do not use leading zeros in the
fields for dot-quad numbers less than 100. For example, if your IP address is
172.19.201.28, do not enter 028 for the last segment.
Note: Currently, the SLC unit does not support configurations with the same IP
subnet on multiple interfaces (Ethernet or PPP).
Subnet Mask
IPv6 Address
If specifying an IP address, enter the network segment on which the SLC unit
resides. There is no default.
Address of the port in IPv6 format.
Note: The SLC 8000 advanced console manager supports IPv6 connections for a
limited set of services: the web, SSH, and Telnet.
IPv6 addresses are written as 8 sets of 4-digit hexadecimal numbers separated by
colons. There are several rules for modifying the address. For example:
1234:0BCD:1D67:0000:0000:8375:BADD:0057may be shortened to
1234:BCD:1D67::8375:BADD:57.
IPv6 Address
(Link Local)
An IPv6 address that is intended only for communications within the segment of a
local network.
Mode
Select the direction (full duplex or half-duplex) and speed (10, 100, or 1000 Mbit) of
data transmission. The default is Auto, which allows the Ethernet port to auto-
negotiate the speed and duplex with the hardware endpoint to which it is
connected.
MTU
Specifies the maximum transmission unit (MTU) or maximum packet size of
packets at the IP layer (OSI layer 3) for the Ethernet port. When fragmenting a
datagram, this is the largest number of bytes that can be used in a packet.
Multicast
Displays the multicast address of the Ethernet port.
Enable IPv6
Ethernet Bonding
Select this box to enable the IPv6 protocol. Disabled by default.
Ethernet 1 and Ethernet 2 can be bonded to support redundancy (Active Backup),
aggregation (802.3ad), and load balancing. Disabled by default. Note that if
Ethernet Bonding is enabled, assigning individual IP Addresses to Device Ports is
not supported.
SLC™ 8000 Advanced Console Manager User Guide
59
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Enable IP
Forwarding
IP forwarding enables network traffic received on one interface (Eth1, Eth2, or an
external/USB modem attached to the SLC unit with an active PPP connection) to
be transferred out another interface (any of the above). The default behavior (if IP
forwarding is disabled) is for network traffic to be received but not routed to another
destination.
Enabling IP forwarding is required if you enable Network Address Translation
(NAT) for any device port modem or USB/ISDN modem. IP forwarding allows a
user accessing the SLC 8000 advanced console manager over a modem to access
the network connected to Eth1 or Eth2.
Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP)
are not currently supported.
Gateway
Default
IP address of the router for this network.
If this has not been set manually, any gateway acquired by DHCP for Eth1 or Eth2
displays.
All network traffic that matches the Eth1 IP address and subnet mask is sent out
Eth1. All network traffic that matches the Eth2 IP address and subnet mask is sent
out Eth 2.
If you set a default gateway, any network traffic that does not match Eth1 or Eth2 is
sent to the default gateway for routing.
DHCP-Acquired
Precedence
Gateway acquired by DHCP for Eth1 or Eth2. View only.
Indicates whether the gateway acquired by DHCP or the default gateway takes
precedence. The default is DHCP Gateway. If the DHCP Gateway is selected and
both Eth1 and Eth2 are configured for DHCP, the SLC unit gives precedence to the
Eth1 gateway.
Alternate
An alternate IP address of the router for this network, to be used if an IP address
usually accessible through the default gateway fails to return one or more pings.
IP Address to Ping
IP address to ping to determine whether to use the alternate gateway.
Ethernet Port to Ping Ethernet port to use for the ping.
Delay between Pings Number of seconds between pings
Number of Failed
Pings
Number of pings that fail before the SLC 8000 advanced console manager uses the
alternate gateway.
Hostname & Name Servers
Hostname
Domain
The default host name is slcXXXX, where XXXXis the last 4 characters of the
hardware address of Ethernet Port 1. There is a 64-character limit (contiguous
characters, no spaces). The host name becomes the prompt in the command line
interface.
If desired, specify a domain name (for example, support.lantronix.com). The domain
name is used for host name resolution within the SLC unit. For example, if abcd is
specified for the SMTP server, and mydomain.com is specified for the domain, if
abcd cannot be resolved, the SLC 8000 advanced console manager attempts to
resolve abcd.mydomain.com for the SMTP server.
SLC™ 8000 Advanced Console Manager User Guide
60
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
DNS Servers
#1 - #3
Configure up to three name servers. #1 is required if you choose to configure DNS
(Domain Name Server) servers.
The first three DNS servers acquired via DHCP through Eth1 and/or Eth2 display
automatically.
DHCP-Acquired DNS Servers
#1 - #3
Displays the IP address of the name servers if automatically assigned by DHCP.
TCP Keepalive Parameters
Start Probes
Number of seconds the SLC unit waits after the last transmission before sending the
first probe to determine whether a TCP session is still alive. The default is 600
seconds (10 minutes).
Number of Probes Number of probes the SLC 8000 advanced console manager sends before closing a
session. The default is 5.
Interval
The number of seconds the SLC unit waits between probes. The default is 60
seconds.
3. To save your entries, click the Apply button. Apply makes the changes immediately and
saves them so they will be there when the SLC 8000 advanced console manager is rebooted.
Ethernet Counters
boot-up. The system automatically updates them.
Note: For Ethernet statistics for a smaller time period, use the diag perfstat
command.
Network Commands
The following CLI commands correspond to the web page entries described above.
To configure Ethernet port 1 or 2:
set network port <1|2> <parameters>
Parameters
mode <auto|10mbit-half|100mbit-half|
10mbit-full|100mbit-full|1000mbit-full>
state <dhcp|bootp|static|disable>
[ipaddr <IP Address> mask <Mask>]
[ipv6addr <IP v6 Address|Prefix>]
To configure up to three DNS servers:
set network dns <1|2|3> ipaddr <IP Address>
SLC™ 8000 Advanced Console Manager User Guide
61
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
To set the default and alternate network gateways:
set network gateway <parameters>
Parameters
default <IP Address>
precedence <dhcp|default>
alternate <IP Address>
pingip <IP Address>
ethport <1 or 2>
pingdelay <1-250 seconds>
failedpings <1-25>
The alternate gateway is used if an IP address usually accessible through the default gateway fails
to return one or more pings.
To set the SLC host name and domain name:
set network host <Hostname> [domain <Domain Name>]
To set TCP Keepalive and IP Forwarding network parameters:
set network <parameters>
Parameters
interval <1-99999 Seconds>
ipforwarding <enable|disable>
probes <Number of Probes>
startprobes <1-99999 Seconds>
To view all network settings:
show network all
To view Ethernet port settings and counters:
show network port <1|2>
To view DNS settings:
show network dns
To view gateway settings:
show network gateway
To view the host name of the SLC 8000 advanced console manager:
show network host
SLC™ 8000 Advanced Console Manager User Guide
62
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
IP Filter
IP filters (also called a rule set) act as a firewall to allow or deny individual or a range of IP
addresses, ports, and protocols. When a network connection is configured to use an IP filter, all
network traffic through that connection is compared, in order, to the rules of that filter. Network
traffic may be allowed to pass, it may be dropped (without notice), or it may be rejected (sends
back an error packet) depending upon the rules of that filter rule set.
Warning: IP filters configuration is a feature for advanced users. Adding and
enabling IP filter sets incorrectly can disable your SLC unit.
Viewing IP Filters
You can view a list of filters and a table showing how each filter is mapped to an interface.
To view a list of IP filters:
1. Click the Network tab and select the IP Filter option. The following page displays:
Figure 6-2 Network > IP Filter
Mapping Rulesets
The administrator can assign an IP Filter Rule Set to a network interface (Ethernet interface), a
modem connected to a device port, or a USB modem or an internal modem (if installed).
To map a ruleset to a network interface:
2. Select the IP filter rule set to be mapped.
SLC™ 8000 Advanced Console Manager User Guide
63
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
3. From the Interface drop-down list, select the interface and click the Map Ruleset button. The
Interface and rule set display in the IP Filter Mappings table.
To delete a mapping:
2. Select the mapping from the list and click the Delete Mappings button. The mapping no
longer displays.
3. Click the Apply button.
Enabling IP Filters
Note: There is no way to enable or disable individual filters.
To enable IP filters:
1. Enter the following:
Enable IP Filter
Packets Dropped
Packets Rejected
Test Timer
Select the Enable IP Filter checkbox to enable all filters, or clear the checkbox
to disable all filters. Disabled by default.
Displays the number of data packets that the filter ignored (did not respond to).
View only.
Displays the number of data packets that the filter sent a “rejected” response to.
View only.
Timer for testing IP Filter rulesets. Select No to disable the timer. Select Yes,
minutes (1-120) to enable the timer and enter the number of minutes the timer
should run. The timer automatically disables the IP Filters when the time
expires.
Time Remaining
Indicates how many minutes are left on the timer before it expires and IP Filters
disabled. View only.
Configuring IP Filters
The administrator can add, edit, delete, and map IP filters.
Note: A configured filter has no effect until it is mapped to a network interface.
To add an IP filter:
SLC™ 8000 Advanced Console Manager User Guide
64
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Figure 6-3 Network > IP Filter Ruleset (Adding/Editing Rulesets)
Rulesets can be added or updated on this page.
2. Enter the following:
Ruleset Name
Name that identifies a filter; may be composed of letters, numbers, and hyphens
only. (The name cannot start with a hyphen.)
Example: FILTER-2
Rule Parameters
IP Address(es)
Specify a single IP address to act as a filter.
Example: 172.19.220.64– this specific IP address only
Subnet Mask
Specify a subnet mask to act determine how much of the address should apply to
the filter.
Example: 255.255.255.255 to specify the whole address should apply.
Protocol
From the drop-down list, select the type of protocol through which the filter will
operate. The default setting is All.
SLC™ 8000 Advanced Console Manager User Guide
65
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Port Range
Enter a range of destination TCP or UDP port numbers to be tested. An entry is
required for TCP, TCP New, TCP Established, and UDP, and is not allowed for
other protocols. Separate multiple ports with commas. Separate ranges of ports by
colons.
Examples:
22 – filter on port 22 only
23,64,80 – filter on ports 23, 64 and 80
23:64,80,143:150 – filter on ports 23 through 64, port 80 and ports 143 through
150
Action
Select whether to Drop, Reject, or Allow communications for the specified IP
address, subnet mask, protocol, and port range. Drop ignores the packet with no
notification. Reject ignores the packet and sends back an error message. Allow
permits the packet through the filter.
Generate rule to
allow service
You may wish to “punch holes” in your filter set for a particular protocol or service.
For instance, if you have configured your NIS server and wish to create an opening
in your filter set, select the NIS option and click the Add Rule button. This entry
adds a new rule to your filter set using the NIS -configured IP address. Other
services and protocols added automatically generate the necessary rule to allow
their use.
3. Click the right arrow
button to add the new rule to the bottom of the Rules list box on the
right. A maximum of 64 rules can be created for each ruleset.
4. To remove a rule from the filter set, highlight that line and click the left
arrow. The rule
populates the rule definition fields, allowing you to make minor changes before reinserting the
rule. To clear the definition fields, click the Clear button.
5. To change the order of priority of the rules in the list box, select the rule to move and use the
up
or down
arrow buttons on the right side of the filter list box.
6. To save, click the Apply button. The new filter displays in the menu tree.
Note: To add another new filter rule set, click the Back to IP Filter link to return to the
Network > IP Filter page.
SLC™ 8000 Advanced Console Manager User Guide
66
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Updating an IP Filter
To update an IP filter rule set:
2. Edit the information as desired and click the Apply button.
Deleting an IP Filter
To delete an IP filter rule set:
1. On the Network > IP Filter page, the administrator selects the IP filter ruleset to be deleted and
clicks the Delete Ruleset button.
IP Filter Commands
The following CLI commands correspond to the web page entries described above.
To enable or disable IP filtering for incoming network traffic:
set ipfilter state
To set IP filter mapping:
set ipfilter mapping <parameters>
Parameters
ethernet <1|2> state <disable>
ethernet <1|2> state <enable> ruleset <Ruleset Name>
deviceport <1..48> state <disable>
deviceport <1..48> state <enable> ruleset <Ruleset Name>
internal modem state <disable>
internal modem state <enable> ruleset <Ruleset Name>
usbport <U1|U2> state <disable>
usbport <U1|U2> state <enable> ruleset <Ruleset Name>
To set IP filter rules:
set ipfilter rules <parameters>
Parameters
add <Ruleset Name>
delete <Ruleset Name>
edit <Ruleset Name> <Edit Parameters>
Edit Parameters:
append
insert <Rule Number>
SLC™ 8000 Advanced Console Manager User Guide
67
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
replace <Rule Number>
delete <Rule Number>
Routing
The SLC 8000 advanced console manager allows you to define static routes and, for networks
using Routing Information Protocol (RIP)-capable routes, to enable the RIP protocol to configure
the routes dynamically.
To configure routing settings:
1. Click the Network tab and select the Routing option. The following page displays:
Figure 6-4 Network > Routing
2. Enter the following:
Dynamic Routing
Enable RIP
Select to enable Dynamic Routing Information Protocol (RIP) to assign routes
automatically. Disabled by default.
RIP Version
Select the RIP version. The default is 2.
SLC™ 8000 Advanced Console Manager User Guide
68
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Static Routing
Enable Static
Routing
Select to assign the routes manually. The system administrator usually provides the
routes. Disabled by default.
To add a static route, enter the IP Address, Subnet Mask, and Gateway for the
route and click the Add/Edit Route button. The route displays in the Static Routes
table. You can add up to 64 static routes.
To edit a static route, select the radio button to the right of the route, change the IP
Address, Subnet Mask, and Gateway fields as desired, and click the Add/Edit
Route button.
To delete a static route, select the radio button to the right of the route and click the
Delete Route button.
3. Click the Apply button.
Note: To display the routing table, status or specific report, see the section,
Equivalent Routing Commands
The following CLI commands correspond to the web page entries described above.
To configure static or dynamic routing:
set routing [parameters]
Parameters
rip <enable|disable>
route <1-64> ipaddr <IP Address> mask <Netmask> gateway <IP Address>
static <enable|disable>
version <1|2|both>
Note: To delete a static route, set the IP address, mask, and gateway parameters to
0.0.0.0.
To set the routing table to display IP addresses (disable) or the corresponding host names
(enable):
show routing [resolveip <enable|disable>] [email <Email Address>]
Note: You can optionally email the displayed information.
VPN
This page can be used to create a Virtual Private Network (VPN) tunnel to the SLC 8000 advanced
console manager for secure communication between the SLC unit and a remote host or gateway.
The SLC 8000 advanced console manager supports IPSec tunnels using Encapsulated Security
Payload (ESP). The SLC unit supports host-to-host, net-to-net, host-to-net, and roaming user
tunnels.
Note: To allow VPN tunnel access if the SLC firewall is enabled, traffic to UDP ports 500
and 4500 from the remote host should be allowed, as well as protocol ESP from the
remote host.
SLC™ 8000 Advanced Console Manager User Guide
69
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
To complete the VPN page:
1. Click the Network tab and select the VPN option. The following page displays:
Figure 6-5 Network > VPN
2. Enter the following:
Enable VPN Tunnel
Name
Select to create a tunnel.
The name assigned to the tunnel. Required to create a tunnel.
Select ethernet port 1 or 2.
Ethernet Port
Remote Host
The IP address of the remote host's public network interface. The special
value of any can be entered if the remote host is a roaming user who may
not have the same IP address each time a tunnel is created. In this case, it
is recommended that the Remote Id also be configured.
SLC™ 8000 Advanced Console Manager User Guide
70
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Remote Id
How the remote host should be identified for authentication. The Id is used
to select the proper credentials for communicating with the remote host.
Remote Hop/Router
Remote Subnet(s)
If the remote host is behind a gateway, this specifies the IP address of the
gateway's public network interface.
One or more subnets behind the remote host, expressed in CIDR notation
(IP address/mask bits). If multiple subnets are specified, the subnets should
be separated by a comma.
Local Id
How the SLC 8000 advanced console manager should be identified for
authentication. The Id is used by the remote host to select the proper
credentials for communicating with the SLC advanced console manager.
Local Hop/
Router
If the SLC unit is behind a gateway, this specifies the IP address of the
gateway's public network interface.
Local Subnet(s)
One or more subnets behind the SLC 8000 advanced console manager,
expressed in CIDR notation (IP address/mask bits). If multiple subnets are
specified, the subnets should be separated by a comma.
IKE Negotiation
The Internet Key Exchange (IKE) protocol is used to exchange security
options between two hosts who want to communicate via IPSec. The first
phase of the protocol authenticates the two hosts to each other and
establishes the Internet Security Association Key Management Protocol
Security Association (ISAKMP SA). The second phase of the protocol
establishes the cryptographic parameters for protecting the data passed
through the tunnel, which is the IPSec Security Association (IPSec SA). The
IPSec SA can periodically be renegotiated to ensure security. The IKE
protocol can use one of two modes: Main Mode, which provides identity
protection and takes longer, or Aggressive Mode, which provides no
identity protection but is quicker. With Aggressive Mode, there is no
negotiation of which cryptographic parameters will be used; each side must
give the correct cryptographic parameters in the initial package of the
exchange, otherwise the exchange will fail. If Aggressive Mode is used, the
IKE Encryption, IKE Authentication, and IKE DH Group must be
specified.
IKE Encryption
The type of encryption, 3DES or AES, used for IKE negotiation. Any can be
selected if the two sides can negotiate which type of encryption to use.
Authentication (IKE)
The type of authentication, SHA1 or MD5, used for IKE negotiation. Any
can be selected if the two sides can negotiate which type of authentication
to use.
DH Group (IKE)
The Diffie-Hellman Group, 2 or 5, used for IKE negotiation. Any can be
selected if the two sides can negotiate which Diffie-Hellman Group to use.
ESP Encryption
The type of encryption, 3DES or AES, used for encrypting the data sent
through the tunnel. Any can be selected if the two sides can negotiate
which type of encryption to use.
Authentication (ESP)
The type of authentication, SHA1 or MD5, used for authenticating data sent
through the tunnel. Any can be selected if the two sides can negotiate
which type of authentication to use.
DH Group (ESP)
The Diffie-Hellman Group, 2 or 5, used for the key exchange for data sent
through the tunnel. Any can be selected if the two sides can negotiate
which Diffie-Hellman Group to use.
SLC™ 8000 Advanced Console Manager User Guide
71
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
Authentication
The type of authentication used by the host on each side of the VPN tunnel
to verify the identity of the other host. For RSA Public Key, each host
generates a RSA public-private key pair, and shares its public key with the
remote host. The RSA Public Key for the SLC 8000 advanced console
manager (which has 2192 bits) can be viewed at either the web or CLI. For
Pre-Shared Key, each host enters the same passphrase to be used for
authentication.
RSA Public Key for
Remote Host
If RSA Public Key is selected for authentication, enter the public key for the
remote host.
Pre-Shared Key
If Pre-Shared Key is selected for authentication, enter the key.
Retype Pre-Shared Key
Perfect Forward Secrecy
If Pre-Shared Key is selected for authentication, re-enter the key.
When a new IPSec SA is negotiated after the IPSec SA lifetime expires, a
new Diffie-Hellman key exchange can be performed to generate a new
session key to be used to encrypt the data being sent through the tunnel. If
this is enabled, it provides greater security, since the old session keys are
destroyed.
Mode Configuration Client If this is enabled, the SLC unit can receive network configuration from the
remote host. This allows the remote host to assign an IP address/netmask
to the SLC advanced console manager side of the VPN tunnel.
XAUTH Client
If this is enabled, the SLC 8000 advanced console manager will send
authentication credentials to the remote host if they are requested. XAUTH,
or Extended Authentication, can be used as an additional security measure
on top of the Pre-Shared Key or RSA Public Key.
XAUTH Login (Client)
XAUTH Password
Retype Password
If XAUTH Client is enabled, this is the login used for authentication.
If XAUTH Client is enabled, this is the password used for authentication.
If XAUTH Client is enabled, this is the password used for authentication.
3. To save, click Apply button.
4. To see a details of the VPN tunnel connection, including the cryptographic algorithms used,
select the View Detailed Status link.
5. To see the last 100 lines of the logs associated with the VPN tunnel, select the View VPN
Logs link.
6. To see the RSA public key for the SLC 8000 advanced console manager (required for
configuring the remote host if RSA Public Keys are being used), select the View SLC RSA
Public Key link.
Configuring an IPsec VPN Tunnel through the CLI
1. Set vpn <parameters>:
tunnel <enable|disable>
ethport <1|2>
auth <rsa|psk>
remotehost <RemoteHost IP Address or name>
remoteid <Authentication name>
remotehop <IP Address>
remotesubnet <one or more subnets in CIDR notation>
localid <Authentication Name>
localhop <IP Address>
SLC™ 8000 Advanced Console Manager User Guide
72
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
localsubnet <one or more subnets in CIDR notation>
ikenegotation <main|aggressive>
ikeenc <any|3des|aes>
ikeauth <any|sha1|md5>
ikedhgroup <any|dh2|dh5>
espenc <any|3des|aes>
espauth <any|sha1|md5>
espdhgroup <any|dh2|dh5>
pfs <enable|disable>
modeconfig <enable|disable>
xauthclient <enable|disable>
xauthlogin <User Login>
2. Enter RSA public key or Pre-Shared Key of remote host: set vpn key
3. Enter XAUTH password: set vpn xauthpassword
4. Display all VPN settings and current status: show vpn [email <Email Address>]
5. Display detailed VPN status: show vpn status [email <Email Address>]
6. Display VPN logs: show vpn viewlog [numlines <Number of Lines][email
<Email Address>]
7. Dispplay RSA public key of the SLC: show vpn rsakey
Security
The SLC 8000 advanced console manager supports a security mode that complies with the FIPS
140-2 standard. FIPS (Federal Information Processing Standard) 140-2 is a security standard
developed by the United States federal government that defines rules, regulations and standards
for the use of encryption and cryptographic services. The National Institute of Standards and
Technology (NIST) maintains the documents related to FIPS at:
http://csrc.nist.gov/publications/PubsFIPS.html
FIPS 140-2 defines four security levels, Level 1 through Level 4. The SLC unit uses a FIPS
module certified at Level 1.
To enable FIPS mode, the Network -> Security -> FIPS Mode flag needs to be enabled and the
SLC unit rebooted. Each time the SLC unit is booted in FIPS mode, it will perform a power up self
test to verify the integrity of the SLC unit's cryptographic module. If there are any issues with the
integrity of the cryptographic module, FIPS mode will be disabled and the SLC unit will be
rebooted into non-FIPS mode.
When the SLC unit is running in FIPS mode, the following protocols will be supported: SSL v3.1/
TLS 1.0, TLS 1.1, TLS 1.2, and SSH v2.
For SSL and TLS, the SLC unit will support the following cipher suites:
AES128-SHA
AES128-SHA256
AES128-GCM-SHA256
AES256-SHA
AES256-SHA256
AES256-GCM-SHA384
SLC™ 8000 Advanced Console Manager User Guide
73
Download from Www.Somanuals.com. All Manuals Search And Download.
6: Basic Parameters
DES-CBC3-SHA
SSL/secure certificates imported for use with the web server or LDAP authentication must use
either the SHA1 or SHA2 hash with a RSA public key of 1024, 2048 or 3072 bits.
When the SLC unit is running in FIPS mode, the following protocols/functions will not be
supported: NIS, Kerberos, RADIUS, TACACS+, Telnet/WebTelnet, WebSSH, IPSec/VPN, SSLv2,
SSH v1, FTP, PPP, CIFS/Samba, TCP (to Device Ports), unencrypted LDAP, and SNMP. If any of
these protocols/functions are enabled prior to enabling FIPS mode, they will be automatically
disabled.
LDAP authentication must be configured with the following:
StartTLS encryption (SSL encryption over port 636 is not supported)
A SSL/secure certificate
Either Bind with Login or a Bind Name and Password
Note: In FIPS mode, passphrases are not supported for SSH keys and SSL certificates.
Figure 6-6 Network > Security
To enable FIPS:
1. Check the Enable FIPS Mode check box on the Networks > Security page.
2. Click Apply. The SLC unit will need to be rebooted to initiate FIPS mode. Once the SLC
module is running in FIPS mode, the Security page, will display all processes that are running
in FIPS mode.
To disable FIPS:
1. Uncheck the Enable FIPS Mode check box on the Networks > Security page.
2. Click Apply. The SLC unit will need to be rebooted for this change to take effect.
SLC™ 8000 Advanced Console Manager User Guide
74
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
System Logging and Other Services
Use the Services tab to:
Configure the amount of data sent to the logs.
Enable or disable SSH and Telnet logins.
Enable a Simple Network Management Protocol (SNMP) agent.
Note: The SLC advanced console manager supports both MIB-II (as defined by RFC
1213) and a private enterprise MIB. The private enterprise MIB provides read-only access
to all statistics and configurable items provided by the SLC unit. It provides read-write
access to a select set of functions for controlling the SLC 8000 advanced console
manager and device ports. See the MIB definition file for details.
Identify a Simple Mail Transfer Protocol (SMTP) server.
Enable or disable SSH and Telnet logins.
Configure an audit log.
View the status of and manage the SLC 8000 advanced console managers on the Secure
Lantronix network.
Set the date and time.
Configure NFS and CIFS shares
Configure the web server
SLC™ 8000 Advanced Console Manager User Guide
75
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
SSH/Telnet/Logging
To configure SSH, Telnet, and Logging settings:
1. Click the Services tab and select the SSH/Telnet/Logging option. The following page
displays.
Figure 7-1 Services > SSH/Telnet/Logging
2. Enter the following settings:
System Logging
In the System Logging section, select one of the following alert levels from the drop-down list for
each message category:
Off: Disables this type of logging.
Error: Saves messages that are output because of an error.
Warning: Saves message output from a condition that may be cause for concern, in addition
to error messages. This is the default for all message types.
SLC™ 8000 Advanced Console Manager User Guide
76
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Info: Saves informative message, in addition to warning and error messages.
Debug: Saves extraneous detail that may be helpful in tracking down a problem, in addition to
information, warning, and error messages.
Network Level
Messages concerning the network activity, for example about Ethernet and routing.
Messages concerning services such as SNMP and SMTP.
Messages concerning user authentication.
Services
Authentication
Device Ports
Diagnostics
General
Messages concerning device ports and connections.
Messages concerning system status and problems.
Any message not in the categories above.
Remote Servers IP address of the remote server(s) where system logs are stored.
(#1 and #2)
The system log is always saved to local SLC storage. It is retained through SLC unit
reboots for files up to 200K. Saving the system log to a server that supports remote
logging services (see RFC 3164) allows the administrator to save the complete system
log history.
Audit Log
Enable Log
Select to save a history of all configuration changes in a circular log. Disabled by
default. The audit log is saved through SLC 8000 advanced console manager reboots.
Size
The log has a default maximum size of 50 Kbytes (approximately 500 entries). You
can set the maximum size of the log from 1 to 500 Kbytes.
Include CLI
Commands
Select to cause the audit log to include the CLI commands that have been executed.
Disabled by default.
Include In System If enabled, the contents of the audit log are added to the system log (under the
Log
General/Info category/level). Disabled by default.
SMTP
Server
IP address of your network’s Simple Mail Transfer Protocol (SMTP) relay server. If an
SMTP server is not specified, the SLC module will attempt to look up the MX record for
the domain in the destination email addresses of outgoing emails.
Sender
The email address of the sender of outgoing emails. The strings "$host" and "$domain"
can be part of the email address - they will be substituted with the actual hostname and
domain. The default is donotreply@$host.$domain.
SSH
Enable Logins
Enables or disables SSH logins to the SLC unit to allow users to access the CLI using
SSH. Enabled by default.
This setting does not control SSH access to individual device ports. (See Device Ports
- Settings (on page 105) for information on enabling SSH access to individual ports.)
Most system administrators enable SSH logins, which is the preferred method of
accessing the system.
Web SSH
Timeout
Enables or disables the ability to access the SLC command Iine interface or device
ports (connect direct) through the Web SSH window. Disabled by default.
If you enable SSH logins, you can cause an idle connection to disconnect after a
specified number of minutes. Select Yes and enter a value of from 1 to 30 minutes.
SLC™ 8000 Advanced Console Manager User Guide
77
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
SSH Port
Allows you to change the SSH login port to a different value in the range of 1 - 65535.
The default is 22.
SSH V1 Logins
Enables or disables SSH version 1 connections to the SLC 8000 advanced console
manager. Enabled by default.
Telnet
Enable Logins
Enables or disables Telnet logins to the SLC unit to allow users to access the CLI
using Telnet. Disabled by default.
This setting does not control Telnet access to individual device ports. (See Device
Ports > Settings (on page 106) for information on enabling Telnet access to individual
ports.) You may want to keep this option disabled for security reasons.
Web Telnet
Enables or disables the ability to access the SLC command Iine interface or device
ports (connect direct) through the Web Telnet window. Disabled by default.
Timeout
If you enable Telnet logins, you can cause an idle connection to disconnect after a
specified number of minutes. Select Yes and enter a value of from 1 to 30 minutes.
Outgoing Telnet
Enables or disables the ability to create Telnet out connections.
Web SSH/Web Telnet Settings
Java Terminal
Deployment
Method used to launch Java applications, either Java Web Start or Applet.
Java Terminal
Buffer Size
Number of lines in the Java terminal window that are available for scrolling back
through output.
Phone Home
Enable
If enabled, allows SLC 8000 advanced console manager to directly contact a vSLM™
management appliance and request addition to the database
IP Address
IP address of the SLM device.
Last Attempt
Displays the date and time of last connection attempt.
(view only)
Results
Indicates whether the attempt was successful.
(view only)
3. To save, click the Apply button.
SNMP
Simple Network Management Protocol (SNMP) is a set of protocols for managing complex
networks. The SLC unit supports both MIB-II (as defined by RFC 1213) and a private enterprise
MIB. The private enterprise MIB provides read-only access to all statistics and configurable items
provided by the SLC unit. It provides read-write access to a select set of functions for controlling
the SLC unit and device ports. See the MIB definition file for details. The SLC MIB definition file
and the top level MIB file for all Lantronix products is accessible from the SNMP web page.
1. Click the Services tab and select the SNMP option. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
78
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-2 Services > SNMP
2. Enter the following:
Enable Agent
Enables or disables SNMP agent, which allows read-only access to the system.
Disabled by default.
Top Level MIB
SLC MIB
Click the link to access the top level MIB file for all Lantronix products.
Click the link to access the SLC MIB definition file for SLC 8000 advanced console
managers and advanced console managers.
SLC™ 8000 Advanced Console Manager User Guide
79
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Enable Traps
Traps are notifications of certain critical events. Disabled by default. This feature is
applicable when SNMP is enabled. Examples of traps that the SLC 8000 advanced
console manager sends include:
Ethernet Port Link Up
Ethernet Port Link Down
Authentication Failure
SLC Booted
SLC Shutdown
Device Port Logging
Power Supply Status
Sysadmin user password changed
The SLC unit sends the traps to the host identified in the NMS field.
NMS #1 (or #2)
When SNMP is enabled, an NMS (Network Management System) acts as a central
server, requesting and receiving SNMP-type information from any computer using
SNMP. The NMS can request information from the SLC 8000 advanced console
manager and receive traps from the SLC unit. Enter the IP address of the NMS server.
Required if you selected Enable Traps.
Location
Contact
Physical location of the SLC 8000 advanced console manager (optional). Useful for
managing the SLC unit using SNMP. Up to 20 characters.
Description of the person responsible for maintaining the SLC 8000 advanced console
manager, for example, a name (optional). Up to 20 characters.
Communities
Read-Only
Read-Write
A string that SNMP agent provides. The default is public.
A string that acts like a password for an SNMP manager to access the read-only data
from the SLC unit SNMP, like a password for an SNMP manager to access the read-
only data the SLC SNMP agent provides, and to modify data where permitted. The
default is private.
Trap
The trap used for outgoing generic and enterprise traps. Traps sent with the Event
trigger mechanism still use the trap community specified with the Event action. The
default is public.
Enable v1/v2
If checked, SNMP version 1 and version 2 (which use the Read-Only and Read-Write
Communities) is enabled. Uncheck to only allow the more secure version 3 to be used
to access the SLC 8000 advanced console manager via SNMP. The default is
enabled.
Alarm Delay
Number of seconds delay between outgoing SNMP traps.
Version 3
Security
Levels of security available with SNMP v. 3.
No Auth/No Encrypt: No authentication or encryption.
Auth/No Encrypt: Authentication but no encryption. (default)
Auth/Encrypt: Authentication and encryption.
Auth with
For Auth/No Encryp or Auth/Encrypt, the authentication method:
MD5: Message-Digest algorithm 5 (default)
SHA: Secure Hash Algorithm
Encrypt with
Encryption standard to use:
DES: Data Encryption Standard (default)
AES: Advanced Encryption Standard
SLC™ 8000 Advanced Console Manager User Guide
80
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
V3 Read-Only User
User Name
SNMP v3 is secure and requires user-based authorization to access SLC MIB objects.
Enter a user ID. The default is snmpuser. Up to 20 characters.
Password/Retype Password for a user with read-only authority to use to access SNMP v3. The default is
Password
SNMPPASS. Up to 20 characters.
Passphrase/
Retype
Passphrase associated with the password for a user with read-only authority. Up to 20
characters.
Passphrase
V3 Read-Write User
User Name
SNMP v3 is secure and requires user-based authorization to access SLC MIB objects.
Enter a user ID for users with read-write authority. The default is snmprwuser. Up to
20 characters.
Password/
Password for the user with read-write authority to use to access SNMP v3. The default
Retype Password is SNMPRWPASS. Up to 20 characters.
Passphrase/
Retype
Passphrase associated with the password for a user with read-write authority. Up to 20
characters.
Passphrase
3. To save, click the Apply button.
SNMP, SSH, Telnet, and Logging Commands
The following CLI commands correspond to the web page entries described above.
To configure services (system logging, SSH and Telnet access, SSH and Telnet timeout,
SNMP agent, email (SMTP) server, and audit log):
set services <one or more services parameters>
Parameters
alarmdelay <1-6000 Seconds>
auditlog <enable|disable>
auditsize <Size in Kbytes>
Range is 1-500 Kbytes.
authlog <off|error|warning|info|debug>
clicommands <enable|disable>
contact <Admin contact info>
devlog <off|error|warning|info|debug>
diaglog <off|error|warning|info|debug>
genlog <off|error|warning|info|debug>
includesyslog <enable|disable>
location <Physical Location>
netlog <off|error|warning|info|debug>
nms1 <IP Address or Name>
nms2 <IP Address or Name>
phonehome <enable|disable>
phoneip <IP Address>
portssh <TCP Port>
rocommunity <Read-Only Community Name>
rwcommunity <Read-Write Community Name>
SLC™ 8000 Advanced Console Manager User Guide
81
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
servlog <off|error|warning|info|debug>
smtpserver <IP Address or Hostname>
snmp <enable|disable>
ssh <enable|disable>
syslogserver1 <IP Address or Name>
syslogserver2 <IP Address or Name>
telnet <enable|disable>
timeoutssh <disable or 1-30>
timeouttelnet <disable or 1-30>
traps <enable|disable>
trapcommunity <Trap Community>
v1ssh <enable|disable>
v1v2 <enable|disable>
v3user <V3 RO User>
v3rwuser <V3 RW User>
v3security <noauth|auth|authencrypt>
v3auth <md5|sha>
v3encrypt <des|aes>
v3password <Password for v3 auth>
v3user <User for v3 auth>
webssh <enable|disable>
webtelnet <enable|disable>
To set SNMP v3 read-only password or passphrase, or read-write password or passphrase:
set services v3password|v3phrase|v3rwpassword|v3rwphrase
To view current services:
show services
NFS and SMB/CIFS
a remote NFS server, or export configurations by means of an exported CIFS share.
Mounting an NFS shared directory on a remote network server onto a local SLC directory enables
the SLC advanced console manager to store device port logging data on that network server. This
configuration avoids possible limitations in the amount of disk space on the SLC unit available for
the logging file(s). You may also save SLC configurations on the network server.
Similarly, use SMB/CIFS (Server Message Block/Common Internet File System), Microsoft's file-
sharing protocol, to export a directory on the SLC 8000 advanced console manager as an SMB/
CIFS share. The SLC unit exports a single read-write CIFS share called "public," with the
subdirectory the config directory, which contains saved configurations and is read-write.
The share allows users to access the contents of the directory or map the directory onto a
Windows computer.
To configure NFS and SMB/CIFS:
1. Click the Services tab and select the NFS/CIFS option. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
82
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-3 Services > NFS & SMB/CIFS
2. Enter the following for up to three directories:
NFS Mounts
Remote Directory
The remote NFS share directory in the format:
nfs_server_hostname or ipaddr:/exported/path
Local Directory
Read-Write
The local directory on the SLC 8000 advanced console manager on which to mount
the remote directory. The SLC unit creates the local directory automatically.
If enabled, indicates that the SLC 8000 advanced console manager can write files to
the remote directory. If you plan to log port data or save configurations to this
directory, you must enable this option.
Mount
Select the checkbox to enable the SLC unit to mount the file to the NFS server.
Disabled by default.
3. Enter the following:
SMB/CIFS Share
Share SMB/CIFS Select the checkbox to enable the SLC 8000 advanced console manager to export an
directory
SMB/CIFS share called “public.” Disabled by default.
Network
Interfaces
Select the network ports from which the share can be seen. The default is for the share
to be visible on both network ports.
SLC™ 8000 Advanced Console Manager User Guide
83
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
CIFS User
Only one user special username (cifsuser) can access the CIFS share. Enter the CIFS
Password/Retype user password in both password fields. The default user password is CIFSPASS.
Password
More than one user can access the share with the cifsuser user name and password
at the same time.
Workgroup
The Windows workgroup to which the SLC unit belongs. Every PC exporting a CIFS
share must belong to a workgroup. Can have up to 15 characters.
4. To save, click the Apply button.
5. Click the Firmware & Configurations link to access the
Firmware & Configurations (on page 227) to save SLC configuration, as desired.
NFS and SMB/CIFS Commands
The following CLI commands correspond to the web page entries described above.
To mount a remote NFS share:
set nfs mount <one or more parameters>
Parameters
locdir <Directory>
mount <enable|disable>
remdir <Remote NFS Directory>
rw <enable|disable>
Enables read/write access to remote directory.
Note: The remdir and locdir parameters are required, but if you specified them
previously, you do not need to provide them again.
To unmount a remote NFS share:
set nfs unmount <1|2|3>
To view NFS share settings:
show nfs
To configure the SMB/CIFS share, which contains the system and device port logs:
set cifs <one or more parameters>
Parameters
eth1 <enable|disable>
eth2 <enable|disable>
state <enable|disable>
workgroup <Windows workgroup>
Note: The admin config command saves SLC configurations on the SMB/CIFS share.
To change the password for the SMB/CIFS share login (default is cifsuser):
set cifs password
SLC™ 8000 Advanced Console Manager User Guide
84
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
To view SMB/CIFS settings:
show cifs
Secure Lantronix Network
Use the Secure Lantronix Network option to view and manage vSLM management appliances,
SLC 8000 advanced console managers, and Lantronix Spider® devices on the local subnet.
Note: Status and statistics shown on the web interface represent a snapshot in time. To
see the most recent data, reload the web page.
To access vSLM management appliances and Lantronix Spider devices on the local
network:
1. Click the Services tab and select the Secure Lantronix Network option. The following page
displays.
SLC™ 8000 Advanced Console Manager User Guide
85
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
2. Access your device or device port through any of the methods below.
To directly access the web interface for a secure Lantronix device:
1. Make sure Web Telnet and Web SSH is enabled for the specific device or device port.
2. Click the IP address of a specific secure Lantronix device to open a new browser page with
the web interface for the selected secure Lantronix device.
3. Log in as usual.
Figure 7-5 IP Address Login Page
To directly access the CLI interface for a device:
1. Click the SSH or Telnet link in the SSH/Telnet to CLI column directly beside the port you
would like to access. A ssh or telnet popup window appears depending on what is clicked.
Figure 7-6 SSH and Telnet Opening File Popups
2. Click OK and login to the CLI interface which appears.
SLC™ 8000 Advanced Console Manager User Guide
87
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-7 SSH or Telnet CLI Session
To directly access a specific port on a particular device:
1. Click a port number in a green square beside the specific device.
c. Enabled port numbers are in a bright green box and will allow you to select either a
WebSSH or a WebTelnet session. If enabled, an ssh or telnet popup window appears
d. Disabled port numbers are in a dark green box and you will see a popup:
Figure 7-8 Disabled Port Number Popup Window
To configure how secure Lantronix devices are searched for on the network:
page. The following web page displays:
SLC™ 8000 Advanced Console Manager User Guide
88
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-9 Services > Secure Lantronix Network > Search Options
2. Enter the following:
Secure Lantronix
Network Search
Select the type of search you want to conduct.
Local Subnet performs a broadcast to detect secure Lantronix devices on the
local subnet.
Manually Entered IP Address List provides a list of IP addresses that may not
respond to a broadcast because of how the network is configured.
Both is the default selection.
IP Address
If you selected Manually Entered IP Address List or Both, enter the IP address of
the secure Lantronix device you want to find and manage.
3. If you entered an IP address, click the Add IP Address button. The IP address displays in the
IP Address List.
4. Repeat steps 2 and 3 for each IP address you want to add.
5. To delete an IP address from the IP Address List, select the address and click the Delete IP
Address button.
6. Click the Apply button. When the confirmation message displays, click Secure Lantronix
secure Lantronix devices resulting from the search. You can now manage these devices.
Secure Lantronix Network Commands
The following commands for the command line interface correspond to the web page entries
described above.
To detect and view all SLC advanced console managers or user-defined IP addresses on
the local network:
set s <one or more parameters>
Parameters
add <IP Address>
delete <IP Address>
SLC™ 8000 Advanced Console Manager User Guide
89
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
search <localsubnet|ipaddrlist|both>
To detect and display all vSLM management appliance and Lantronix Spider devices on the
local network:
show slcnetwork [ipaddrlist <all|Address Mask>]
Note: Without the ipaddrlist parameter, the command searches the network according to
the search setting. With the ipaddrlist parameter, the command displays a sorted list of all
IP addresses or displays the IP addresses that match the mask (for example,
172.19.255.255 would display all IP addresses that start with 172.19).
Date and Time
Use the Date and Time Settings page to specify the local date, time, and time zone at the SLC
location, or enable the SLC unit to use NTP to synchronize with other NTP devices on your
network. Note that changing the date/time and/or timezone, or enabling NTP may affect the user's
ability to login to the web; if this happens, use the CLI admin web restartcommand to restart
the web server.
The CLI show ntpcommand will display the current NTP status if NTP is enabled. The column
headings are as follows: the host names or addresses shown in the remote column correspond to
configured NTP server names; however, the DNS names might not agree if the names listed are
not the canonical DNS names. The refid column shows the current source of synchronization,
while the stcolumn reveals the stratum, tthe type (u = unicast,m = multicast, l =
local, - = don't know), and poll the poll interval in seconds. The when column shows the
time since the peer was last heard in seconds, while the reach column shows the status of the
reachability register (see RFC-1305) in octal. The remaining entries show the latest delay, offset
and jitter in milliseconds. The symbol at the left margin displays the synchronization status of each
peer. The currently selected peer is marked *, while additional peers designated acceptable for
synchronization, but not currently selected, are marked +. Peers marked * and + are included in
the weighted average computation to set the local clock; the data produced by peers marked with
other symbols are discarded.
To set the local date, time, and time zone:
1. Click the Services tab and select the Date & Time option. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
90
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-10 Services > Date & Time
2. Enter the following:
Change Date/Time
Date
Select the checkbox to manually enter the date and time at the SLC location.
From the drop-down lists, select the current month, day, and year.
From the drop-down lists, select the current hour and minute.
Time
Time Zone
From the drop-down list, select the appropriate time zone. For information on each
timezone, see http://en.wikipedia.org/wiki/List_of_tz_database_time_zones
3. To save, click the Apply button.
To synchronize the SLC 8000 advanced console manager with a remote timeserver using
NTP:
1. Enter the following:
Enable NTP
Select the checkbox to enable NTP synchronization. NTP is disabled by default.
SLC™ 8000 Advanced Console Manager User Guide
91
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Synchronize via
Select one of the following:
Broadcast from NTP Server: Enables the SLC unit to accept time
information periodically transmitted by the NTP server. This is the default if
you enable NTP.
Poll NTP Server: Enables the SLC 8000 advanced console manager to query
the NTP Server for the correct time. If you select this option, complete one of
the following:
Local: Select this option if the NTP servers are on a local network, and
enter the IP address of up to three NTP servers. This is the default, and it is
highly recommended.
Public: Select this option if you want to use a public NTP server, and select
the address of the NTP server from the drop-down list. This is not
recommended because of the high load on many public NTP servers. All
more information.) Each public NTP server has its own usage rules --please
refer to the appropriate web site before using one. Our listing them here is
to provide easy configuration but does not indicate any permission for use.
2. To save, click the Apply button.
Date and Time Commands
The following CLI commands correspond to the web page entries described above.
To set the local date, time, and local time zone (one parameter at a time):
set datetime <one date/time parameter>
Parameters
date <MMDDYYhhmm[ss]>
timezone <Time Zone>
Note: If you type an invalid time zone, the system guides you through the process of
selecting a time zone.
To view the local date, time, and time zone:
show datetime
To synchronize the SLC 8000 advanced console manager with a remote time server using
NTP:
set ntp <one or more ntp parameters>
Parameters
localserver1 <IP Address or Hostname>
localserver2 <IP Address or Hostname>
localserver3 <IP Address or Hostname>
poll <local|public>
publicserver <IP Address or Hostname>
state <enable|disable>
sync <broadcast|poll>
SLC™ 8000 Advanced Console Manager User Guide
92
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
To view NTP settings:
show ntp
Web Server
The Web Server page allows the system administrator to:
Configure attributes of the web server.
View and terminate current web sessions.
Import a site-specific SSL certificate.
Enable an iGoogle gadget that displays the status of ports on multiple SLC units.
To configure the Web Server:
1. Click the Services tab and select the Web Server option. The following page appears:
Figure 7-11 Services > Web Server
SLC™ 8000 Advanced Console Manager User Guide
93
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
2. Enter the following fields:
Timeout
Select No to disable Timeout.
Select Yes, minutes (5-120) to enable timeout.
Enter the number of minutes (must be between 30 and 120 minutes) after
which the SLC web session times out. The default is 5.
Note: If a session times out, refresh the browser page and login to a new web
session.
Enable iGoogle Gadget Select the check box to enable an SLC iGoogle gadget. The iGoogle gadget
Web Content
allows an iGoogle user to view the port status of many SLC units on one web
Allow SSLv2 Protocol
Click the checkbox to support SSLv2 protocol. By default, the web supports the
SSLv3/TLSv1 protocol. Changing this option requires a reboot for the change to
take effect.
Cipher
By default, the web uses High/Medium security (128 bits or higher) for the cipher.
This option can be used to configure the web to also support Low security (less
option requires a reboot for the change to take effect.
Group Access
Specify one or more groups to allow access to the web manager user interface.
If undefined, any group can access the web. If one or more groups are specified
(groups are delimited by the characters ',' (comma) or ';' (semicolon)), then any
user who logs into the web must be a member of one of the specified groups,
otherwise access will be denied. Users authenticated via RADIUS may have a
group (or groups) provided by the RADIUS server via the Filter-Id attribute that
overrides the group defined for a user on the SLC. A group provided by a remote
server must be either a single group or multiple groups delimited by the
characters ',' (comma), ';' (semicolon), or '=' (equals) - for example
"group=group1,group2;" or "group1,group2,group3".
Banner
Enter to replace default text displayed on the web manager home page after the
user logs in. May contain up to 1024 characters. Blank by default. To create
additional lines in the banner use the \n character sequence.
Web Sessions
SSL Certificate
Click this link to view, import or reset the SSL Certificate. (See “Services - SSL
3. Click the Apply button to save.
Admin Web Commands
The following CLI commands correspond to the wegb page entries described above.
To configure the timeout for web sessions:
admin web timeout <disable|5-120 minutes>
To configure the web server to use SSLv2 in addition to SSLv3 and TLSv1:
admin web protocol <sslv2|nosslv2>
To configure the strength of the cipher used by the web server
(high is 256 or 128 bit, medium is 128 bit, low is 64, 56 or 40 bit):
admin web cipher <himed|himedlow|fips>
SLC™ 8000 Advanced Console Manager User Guide
94
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
To enable or disable iGoogle Gadget web content:
admin web gadget <enable|disable>
To configure the group that can access the web:
admin web group <Local or Remote Group Name>
To configures the banner displayed on the web home page:
admin web banner <Banner Text>
To define a list of network interfaces the web is available on:
admin web iface <none,eth1,eth2,ppp>
To terminate a web session:
admin web terminate <Session ID>
To view the current sessions and their ID:
admin web show
To import an SSL certificate or reset the web server certificate to the default:
admin web certificate import via <sftp|scp> certfile <Certificate File>
privfile <Private Key File> host <IP Address or Name>
login <User Login> [path <Path to Files>]
admin web certificate reset
admin web certificate show
admin web show [viewslmsessions <enable|disable>]
Services - Web Sessions
To view or terminate current web sessions:
1. On the Services tab, click the Web Server page and click the Web Sessions link to the right.
The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
95
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-12 Web Sessions
2. To terminate, click the check box in the row of the session you want to terminate and click the
Terminate button.
Services - SSL Certificate
SSL certificate, consisting of a public/private key pair used to encrypt HTTP data, is associated
with the web server. You can import a site-specific SSL certificate, if desired.
To view, reset, import, or change an SSL Certificate:
1. On the Services tab, click the Web Server page and click the SSL Certificate link. The
following page displays the current SSL certificate.
SLC™ 8000 Advanced Console Manager User Guide
96
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Figure 7-13 SSL Certificate
2. If desired, enter the following:
Reset to Default
Certificate
To reset to the default certificate, select the checkbox to reset to the default
certificate. Unselected by default.
Import SSL Certificate To import your own SSL Certificate, select the checkbox. Unselected by default.
Import via
From the drop-down list, select the method of importing the certificate (SCP,
SFTP, or HTTPS). The default is SCP.
Certificate Filename
Key Filename
Filename of the certificate.
Filename of the private key for the certificate.
Passphrase /
Retype Passphrase
Enter the passphrase associated with the SSL certificate if the private key is
encrypted.
Host
Path
Login
Host name or IPaddress of the host from which to import the file.
Path of the directory where the certificate will be stored.
User ID to use to SCP or SFTP the file.
SLC™ 8000 Advanced Console Manager User Guide
97
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
Password /
Password to use to SCP or SFTP the file.
Retype Password
3. Click the Apply button.
Note: You must reboot the SLC advanced console manager for the update to take
effect.
Web Server Commands
The following CLI commands correspond to the Web Server page. For more information, see
admin web certificate
admin web certificate reset
admin web cipher
admin web gadget
admin web protocol
admin web timeout
admin web terminate
admin web show
iGoogle Gadgets
You can create iGoogle gadgets that enables you to view the status of the ports of multiple SLC
8000 advanced console managers on one web page.
Anyone with a Google email account (gmail.com) can create an iGoogle gadget for viewing web
pages. There are two types of iGoogle gadgets: public gadgets and private gadgets. The public
gadgets are listed for import on iGoogle web pages. The SLC gadget is a private gadget, whose
location is not publicly advertised.
To set up an SLC iGoogle gadget:
1. Load the following XML code on a web server that is accessible over the Internet. This code
describes how to retrieve information and how to format the data for display.
<?xml version="1.0" encoding="UTF-8" ?>
- <Module>
<ModulePrefs title="__UP_model__ Devport Status"
title_url="http://www.lantronix.com"
directory_title="SLC/ Status" description="Devport
status and counters" scrolling="true" width="400"
height="360" />
<UserPref name="model" display_name="Model" datatype="enum"
default_value="slc">
<EnumValue value="SLC" display_value="SLC" />
<EnumValue value="SLC" display_value="SLC" />
</UserPref>
SLC™ 8000 Advanced Console Manager User Guide
98
Download from Www.Somanuals.com. All Manuals Search And Download.
7: Services
<UserPref name="ip" display_name="IP Address" required="true" />
- <UserPref name="rate" display_name="Refresh Rate"
datatype="enum" default_value="10">
<EnumValue value="1" display_value="1 second" />
<EnumValue value="5" display_value="5 seconds" />
<EnumValue value="10" display_value="10 seconds" />
<EnumValue value="30" display_value="30 seconds" />
<EnumValue value="60" display_value="1 minute" />
<EnumValue value="300" display_value="5 minutes" />
<EnumValue value="600" display_value="10 minutes" />
/UserPref>
<Content type="url" href="http://__UP_ip__/devstatus.htm" />
</Module>
2. On the iGoogle web page, click the Add stuff link.
3. On the new page, click the Add feed or gadget link.
4. In the field that displays, type the URL of the gadget location.
5. Return to the gadget viewing page and complete the SLC gadget configuration fields.
You should see an iGoogle gadget similar to the following:
Figure 7-14 iGoogle Gadget Example
SLC™ 8000 Advanced Console Manager User Guide
99
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
This chapter describes how to configure and use an SLC advanced console manager port
connected to an external device, such as a server or a modem. The next chapter,
external devices and outbound network connections (such as Telnet or SSH) in various
desired.
Connection Methods
A user can connect to a device port in one of the following ways:
1. Telnet or SSH to the Eth1 or Eth2 IP address, or connect to the console port, and log in to the
command line interface. At the command line interface, issue the connect direct or connect
listen commands.
2. If Telnet is enabled for a device port, Telnet to <Eth1 IP address>:< telnet port
number>or <Eth2 IP address>:<telnet port number>, where telnet port number is
uniquely assigned for each device port.
3. If SSH is enabled for a device port, SSH to <Eth1 IP address>:<ssh port number>or
<Eth2 IP address>:<ssh port number>, where ssh port number is uniquely assigned for
each device port.
4. If TCP is enabled for a device port, establish a raw TCP connection to <Eth1 IP
address>:<tcp port number> or <Eth2 IP address>:<tcp port number>, where
tcp port number is uniquely assigned for each device port.
5. If a device port has an IP address assigned to it, you can Telnet, SSH, or establish a raw TCP
connection to the IP address. For Telnet and SSH, use the default TCP port number (23 and
22, respectively) to connect to the device port. For raw TCP, use the TCP port number defined
6. Connect a terminal or a terminal emulation program directly to the device port. If logins are
enabled, the user is prompted for a username/password and logs in to the command line interface.
For #2, #3, #4, #5, and #6, if logins or authentication are not enabled, the user is directly
connected to the device port with no authentication.
For #1 and #6, if logins are enabled, the user is authenticated first, and then logged into the
command line interface. The user login determines permissions for accessing device ports.
Permissions
There are three types of permissions:
1. Direct (or data) mode: The user can interact with and monitor the device port (connect direct
command).
2. Listen mode: The user can only monitor the device port (connect listen command).
3. Clear mode: The user can clear the contents of the device port buffer (set locallog <port>
clear buffer command).
SLC™ 8000 Advanced Console Manager User Guide
100
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
The administrator and users with local user rights may assign individual port permissions to local
users. The administrator and users with remote authentication rights assign port access to users
authenticated by NIS, RADIUS, LDAP, Kerberos and TACACS+.
I/O Modules
The SLC module port configuration can be changed by adding or replacing I/O modules in the I/O
module slots. Any changes to the I/O modules must be done while the SLC unit is powered off.
The following I/O module configurations are supported (Bay 1 is the leftmost bay when viewing the
back of the SLC 8000 advanced console manager where the device ports are located):
Table 8-1 Supported I/O Module Configurations
Model
Bay 1
Bay 2
Bay 3
SLC 8008
SLC 8016
SLC 8024
SLC 8032
SLC 8040
SLC 8048
8 port module
16 port module
8 port module
16 port module
8 port module
16 port module
Empty
Empty
Empty
Empty
16 port module
16 port module
16 port module
16 port module
Empty
Empty
16 port module
16 port module
Note: A 16 port module is shown as "RJ45-16" in the About page in the Web interface
and the output of the admin versioncommand in the CLI, and a 8 port module is shown
as "RJ45-08". For example, I/O Module Type(s): RJ45-08, RJ45-16, and RJ45-16
indicate that the SLC unit has an 8 port I/O module in Bay 1, and 16 port modules in Bay 2
and 3. Please note that only the following configurations are available from Lantronix:
SLC 8008, SLC 8016, SLC 8032 and SLC 8048 modules. The SLC 8024 and SLC 8040
console managers can only be created by adding RJ45-16 modules to an existing SLC
8008 unit.
The number of device ports in a SLC 8000 advanced console manager can be expanded by
adding 16 port I/O modules in slots 2 and 3, or by swapping an 8 port I/O module in Bay 1 for a 16
port module. The configurations listed above are the only valid configurations; if any other
configuration is detected at boot, the SLC unit will still boot, disable use of the device ports, and
provide indications in the boot messages, in the CLI and in the web that the I/O configuration is
invalid. When an invalid configuration is corrected by reconfiguring the I/O modules into a valid
configuration, after the SLC module is powered up and booted, the valid configuration will be
detected and the SLC module ports can be used again.
For the SLC 8024 and SLC 8040 modules, with an 8 port I/O module in Bay 1, the device ports will
be numbered 1-8 and 17-32 (for the SLC 8024 model) and 1-8 and 17-48 (for the SLC 8040
Restoring a configuration to the SLC 8000 advanced console manager will automatically adjust the
number of device ports to reflect the number of ports in the SLC unit the configuration is being
restored to. For example, a configuration that is saved on an SLC 8048 unit and restored to an
SLC 8016 unit will have the last 32 ports removed from the configuration. Conversely, a
configuration that is saved on a SLC 8016 unit and restored to a SLC 8048 unit will have 32 device
ports (with factory default settings) added to the configuration.
SLC™ 8000 Advanced Console Manager User Guide
101
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Device Ports
ports, view a summary of current port modes, establish the maximum number of direct
connections for each device port, and select individual ports to configure.
1. Click the Devices tab and select the Device Ports option. The following page displays:
Figure 8-3 Devices > Device Ports
Current port numbering schemes for Telnet, SSH, and TCP ports display on the left. The list of
ports 1-16 on the right includes the individual ports and their current mode.
Note: For units with more ports, click the buttons above the table to view additional
ports.
Icons that represent some of the possible modes include:
Idle
The port is not in use.
The port is in data/text mode.
An external modem is connected to the port. The user may dial into or out of the port.
Telnet in or SSH in is enabled for the device port. The device port is either waiting for a Telnet
or SSH login or has received a Telnet or SSH login (a user has logged in).
SLC™ 8000 Advanced Console Manager User Guide
103
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To set up Telnet, SSH, and TCP port numbering:
1. Enter the following:
Telnet/SSH/TCP in Port Numbers
Starting Telnet Port Each port is assigned a number for connecting via Telnet. Enter a number (1025-
65528) that represents the first port. The default is 2000 plus the port number. For
example, if you enter 2001, subsequent ports are automatically assigned numbers
2002, 2003, and so on.
Starting SSH Port
Each port is assigned a number for connecting via SSH. Enter a number (1025-
65528) that represents the first port. The default is 3000 plus the port number. For
example, if you enter 3001, subsequent ports are automatically assigned numbers
3002, 3003, and so on.
Starting TCP Port
Each port is assigned a number for connecting through a raw TCP connection. Enter
a number (1025-65528) that represents the first port. The default is 4000 plus the
port number. For example, if you enter 4001, subsequent ports are automatically
numbered 4002, 4003, and so on.
You can use a raw TCP connection in situations where a TCP/IP connection is to
communicate with a serial device. For example, you can connect a serial printer to a
device port and use a raw TCP connection to spool print jobs to the printer over the
network.
Note: When using raw TCP connections to transmit binary data, or where the break
command (escape sequence) is not required, set the Break Sequence of the
respective device port to null (clear it).
Caution: Ports 1-1024 are RFC-assigned and may conflict with services running
on the SLC 8000 advanced console manager. Avoid this range.
2. Click the Apply button to save the settings.
To set limits on direct connections:
1. Enter the maximum number (1-10) of simultaneous direct connections for each device port.
The default is 1.
2. Click the Apply button to save the settings.
To configure a specific port:
1. You have two options:
-
Settings page for the port displays.
-
Click the port number on the green bar at the top of each page.
Global Commands
The following CLI commands correspond to the web page entries described above.
To configure settings for all or a group of device ports:
set deviceport global <one or more parameters>
SLC™ 8000 Advanced Console Manager User Guide
104
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Parameters
sshport <TCP Port>
tcpport <TCP Port>
telnetport <TCP Port>
Port is a port number between 1025 and 65528.
To view global settings for device ports:
show deviceport global
Device Ports - Settings
and if the port connects to an external modem, modem settings as well.
To open the Device Ports - Settings page:
1. You have two options:
-
ports list and click the Configure button.
-
Click the desired port number in the green bar (shown below) at the top of any page:
Figure 8-4 Port Number Bar
SLC™ 8000 Advanced Console Manager User Guide
105
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
2. Enter the following:
Device Port Settings
Port
Displays number of port; displays automatically.
The status of the port; displays automatically.
Mode
Name
The name of the port. Valid characters are letters, numbers, dashes (-), periods,
and underscores ( _ ).
Group Access
If undefined, any group can access the device port. If one or more groups are
specified (groups are delimited by the characters ' ' (space), ',' (comma), or ';'
(semicolon)), then any user who logs into the device port must be a member of one
of the specified groups, otherwise access will be denied. Users authenticated via
RADIUS may have a group (or groups) provided by the RADIUS server via the
Filter-Id attribute that overrides the group defined for a user on the SLC unit. A
group provided by a remote server must be either a single group or multiple groups
delimited by the characters ' ' (space), ',' (comma), ';' (semicolon), or '=' (equals) -
for example "group=group1,group2;" or "group1,group2,group3".
Banner
Text to display when a user connects to a device port by means of Telnet, SSH, or
TCP. If authentication is enabled for the device port, the banner displays once the
user successfully logs in. Blank is the default.
Break Sequence
A series of one to ten characters users can enter on the command line interface to
send a break signal to the external device. A suggested value is Esc+B (escape
key, then uppercase “B” performed quickly but not simultaneously). You would
specify this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed
by a B.
View Port Log Seq
The key sequence used to view the Port Log while in Connect Direct mode. Non-
printing characters can be specified by giving their hexidecimal code (see Break
Sequence above). The default is Esc+V (\x1bV).
View Port Log
Select to allow the user to enter the View Port Log Sequence to view the Port Log
during Connect Direct mode. The default is disabled.
Zero Port Counters
Resets all of the numerical values in the Port Counters table at the bottom of the
page to zero (0).
Logging
Click the Settings link to configure file logging, email logging, and local logging.
Connected to
The type of device connected to the device port. Presently, the SLC 8000
advanced console manager supports Lantronix SLP Power Manager (SLP8
SLP16) ServerTech CDUs and Sensorsoft devices. If the type of device is not
listed, select undefined.
If you select anything other than undefined, click Device Commands. The
appropriate web page displays.
IP Settings
Telnet In
SSH In
TCP in
Enables access to this port through Telnet. Disabled by default.
Enables access to this port through SSH. Disabled by default.
Enables access to this port through a raw TCP connection. Disabled by default:
Note: When using raw TCP connections to transmit binary data, or where the
break command (escape sequence) is not required, set the Break Sequence of
the respective device port to null (clear it).
Port
Automatically assigned Telnet, SSH, and TCP port numbers. You may override
this value, if desired.
SLC™ 8000 Advanced Console Manager User Guide
107
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Authentication
Timeout
If selected, the SLC unit requires user authentication before granting access to
the port. Authenticate is selected by default for Telnet in and SSH in, but not for
TCP in.
To cause an idle Telnet, SSH or TCP connection to disconnect after a specified
number of seconds, select the checkbox and enter a value from 1 to 1800
seconds. The default is no timeout.
Seconds
Number of seconds before a timeout.
IP Address/Netmask
Bits
IP address used for this device port so a user can Telnet, SSH, or establish a raw
TCP connection to this address and connect directly to the device port. The
optional netmask bits specify the netmask to use for the IP address. For
example, for a netmask of 255.255.255.0 specify 24 bits. If the netmask bits are
not specified, a default netmask used for the class of network that the IP address
falls in will be used.
For Telnet and SSH, the default TCP port numbers (22 and 23, respectively) are
used to connect to the device port. For raw TCP, the TCP port number defined
for TCP In to the device port is used.
Web SSH/Telnet
Columns
Number of columns in the Web SSH/Telnet applet when this device port is
accessed via the applet.
Rows
Number of rows in the Web SSH/Telnet applet when this device port is accessed
via the applet.
Data Settings
Note: Check the serial device’s equipment settings and documentation for the proper
settings. The device port and the attached serial device must have the same settings.
Baud
The speed with which the device port exchanges data with the attached serial
device.
From the drop-down list, select the baud rate. Most devices use 9600 for the
administration port, so the device port defaults to this value. Check the equipment
settings and documentation for the proper baud rate.
Data Bits
Number of data bits used to transmit a character. From the drop-down list, select
the number of data bits. The default is 8 data bits.
Stop Bits
The number of stop bit(s) used to indicate that a byte of data has been transmitted.
From the drop-down list, select the number of stop bits. The default is 1.
Parity
Parity checking is a rudimentary method of detecting simple, single-bit errors.
From the drop-down list, select the parity. The default is none.
Flow Control
Enable Logins
A method of preventing buffer overflow and loss of data. The available methods
include none, xon/xoff (software), and rts/cts (hardware). The default is none.
For serial devices connected to the device port, displays a login prompt and
authenticates users. Successfully authenticated users are logged into the
command line interface.
The default is disabled. This is the correct setting if the device port is the endpoint
for a network connection.
Max Direct Connects Enter the maximum number (1-10) of simultaneous connections for the device
port. The default is 1.
SLC™ 8000 Advanced Console Manager User Guide
108
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Show Lines on
Connecting
If enabled, when the user either does a connect direct from the CLI or connects
directly to the port using Telnet or SSH, the SLC outputs up to 24 lines of buffered
data as soon as the serial port is connected.
For example, an SLC user issues a connect direct device 1command
to connect port 1 to a Linux server.
Then the SLC user lscommand to display a directory on the Linux server, then
exits the connection. When the SLC user issues another direct connect
device 1, the last 24 lines of the lscommand is displayed so the user can see
what state the server was left in.
Reverse Pinout
If enabled, swaps the positions of the serial lines, such that the direction of data or
the signal is reversed. For instance, TX is swapped with RX. Enabling Reverse
Pinout facilitates connections to Cisco and Sun style RS-45 console ports using a
straight through Ethernet patch cable, without the need for a rolled cable or
adapter. Enabled by default.
Note: All Lantronix serial adapters are intended to be used with Reverse Pinout
disabled. If you are replacing an original SLC unit with an SLC 8000 advanced
console manager, disable the reverse pinout so you can use the original cables
and adapters.
Hardware Signal Triggers
Check DSR on
Connect
If this setting is enabled, the device port only establishes a connection if DSR
(Data Set Ready) is in an asserted state. DSR should already be in an asserted
state, not transitioning to, when a connection attempt is made. Disabled by default
unless dial-in, dial-out, or dial-back is enabled for the device port.
Disconnect on DSR
If a connection to a device port is currently in session, and the DSR signal
transitions to a de-asserted state, the connection disconnects immediately.
Disabled is the default unless dial-in, dial-out, or dial-back is enabled for the device
port.
Modem Settings (Device Ports)
Note: Depending on the State and Mode you select, different fields are available.
State
Used if an external modem is attached to the device port. If enabling, set the
modem to dial-out, dial-in, dial-back, dial-on-demand, dial-in/host list, dial-back &
dial-on-demand, dial in & dial-on-demand, CBCP Server, and CBCP Client.
information.
Mode
The format in which the data flows back and forth:
Text: In this mode, the SLC advanced console manager assumes that the
modem will be used for remotely logging into the command line. Text mode
can only be used for dialing in or dialing back. Text is the default.
PPP: This mode establishes an IP-based link over the modem. PPP
connections can be used in dial-out mode (e.g., the SLC unit connects to an
external network), dial-in mode (e.g., the external computer connects to the
network that the SLC 8000 advanced console manager is part of), or dial-on-
demand.
Use Sites
Enables the use of site-oriented modem parameters which can be activated by
various modem-related events (authentication, outbound network traffic for dial-
on-demand connections, etc.). Sites can be used with the following modem
states: dial-in, dial-back, dial-on-demand, dial-in & dial-on-demand, dial-back &
dial-on-demand, and CBCP server.
SLC™ 8000 Advanced Console Manager User Guide
109
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Initialization Script
Commands sent to configure the modem may have up to 100 characters. Consult
your modem’s documentation for recommended initialization options. If you do
not specify an initialization script, the SLC unit uses a default initialization string of
AT S7=45 SO=0 L1 V1 X4 &D2 &c1 E1 Q0.
Note: We recommend that the modem initialization script always be preceded
with AT and include E1 V1 x4 Q0 so that the SLC 8000 advanced console
manager may properly control the modem. For information on AT commands,
refer to the modem user guide, or do a web search for at command set.
Modem Timeout
Caller ID Logging
Timeout for all modem connections. Select Yes (default) for the SLC unit to
terminate the connection if no traffic is received during the configured idle time.
Enter a value of from 1 to 9999 seconds. The default is 30 seconds.
Select to enable the SLC advanced console manager to log caller IDs on
incoming calls. Disabled by default.
Note: For the Caller ID ATcommand, refer to the modem user guide.
Modem ATcommand used to initiate caller ID logging by the modem.
Note: For the ATcommand, refer to the modem user guide.
Modem Command
Dial-back Number
Users with dial-back access can dial into the SLC device and enter their login and
password. Once the SLC 8000 advanced console manager authenticates them,
the modem hangs up and dials them back.
Select the phone number the modem dials back on -a fixed number or a number
associated with their login. If you select Fixed Number, enter the number (in the
format 2123456789).
The dial-back number is also used for CBCP client as the number for a user-
Dial-back Delay
Dial-back Retries
For dial-back and CBCP Server, the number of seconds between the dial-in and
dial-out portions of the dialing sequence.
For dial-back and CBCP Server, the number of times the SLC unit will retry the
dial-out portion of the dialing sequence if the first attempt to dial-out fails.
Modem Settings: Text Mode
Timeout Logins
If you selected Text mode, you can enable logins to time out after the connection is
inactive for a specified number of minutes. The default is No. This setting is only
applicable for text mode connections. PPP mode connections stay connected until
either side drops the connection. Disabled by default.
Dial-in Host List
From the drop-down list, select the desired host list. The host list is a prioritized list
of SSH, Telnet, and TCP hosts that are available for establishing outgoing modem
connections or for connect direct at the CLI. The hosts in the list are cycled
through until the SLC 8000 advanced console manager successfully connects to
one.
To establish and configure host lists, click the Host Lists link.
Modem Settings: PPP Mode
Negotiate IP Address
If the SLC unit and/or the serial device have dynamic IP addresses (e.g., IP
addresses assigned by a DHCP server), select Yes. Yes is the default.
If the SLC advanced console manager or the modem have fixed IP addresses,
select No, and enter the Local IP (IP address of the port) and Remote IP (IP
address of the modem).
SLC™ 8000 Advanced Console Manager User Guide
110
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Authentication
Enables PAP or CHAP authentication for modem logins. PAP is the default.
With PAP, users are authenticated by means of the Local Users and any of the
remote authentication methods that are enabled. With CHAP, the CHAP
Handshake fields authenticate the user.
CHAP Handshake
CHAP Auth Uses
The Host/User Name (for UNIX systems) or Secret/User Password (for
Windows systems) used for CHAP authentication. May have up to 128
characters.
For CHAP authentication, determines what is used to validate the CHAP host/
user sent by the remote peer: either the CHAP Host defined for the modem, or
any of the users in the Local Users list.
Same authentication for Select this option to let incoming connections (dial-in) use the same
Dial-in & Dial-on-Demand authentication settings as outgoing connections (dial-on-demand). If this option
(DOD)
is not selected, then the dial-on-demand connections take their authentication
settings from the DOD parameter settings. If DOD Authentication is PAP, then
the DOD CHAP Handshake field is not used.
DOD Authentication
Enables PAP or CHAP authentication for dial-in & dial-on-demand. PAP is the
default. With PAP, users are authenticated by means of the Local Users and
any of the remote authentication methods that are enabled. With CHAP, the
DOD CHAP Handshake fields authenticate the user.
DOD CHAP Handshake
Enable NAT
For DOD Authentication, enter the Host/User Name for UNIX systems) or
Secret/User Password (for Windows systems) used for CHAP authentication.
May have up to 128 characters.
Select to enable Network Address Translation (NAT) for dial-in and dial-out
PPP connections on a per modem (device port or USB port) basis. Users
dialing into the SLC 8000 advanced console manager access the network
connected to Eth1 and/or Eth2.
Dial-out Number
Phone number for dialing out to a remote system or serial device. May have up
to 20 characters. Any format is acceptable.
Remote/Dial-out Login
User ID for dialing out to a remote system. May have up to 32 characters.
Password for dialing out to a remote system. May have up to 64 characters.
Remote/Dial-out
Password
Retype
Re-enter remote/dial-out password for dialing out to a remote system. May
have up to 64 characters.
Restart Delay
The number of seconds after the timeout and before the SLC unit attempts
another connection. The default is 30 seconds.
CBCP Server Allow
No Callback
For CBCP Server state, allows "No Callback" as an option in the CBCP
handshake in addition to User-defined Number and Admin-defined Number.
CBCP Client Type
For CBCP Client, this selects the number that the client would like to use for
callback - either a user-defined number passed to the server (specified by the
Fixed Dial-back Number) or an administrator-defined number determined by
the server based on the login that is PAP or CHAP authenticated.
3. To save settings for just this port, click the Apply button.
4. To save selected settings to ports other than the one you are configuring:
-
-
From the Apply Settings drop-down box, select none, a group of settings, or All.
In to Device Ports, type the device port numbers, separated by commas; indicate a range
of port numbers with a hyphen (e.g., 2, 5, 7-10).
SLC™ 8000 Advanced Console Manager User Guide
111
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Note: It may take a few minutes for the system to apply the settings to multiple ports.
Port Status and Counters
Port Counters describe the status of signals and interfaces. SLC advanced console manager
updates and increments the port counters as signals change and data flows in and out of the
system. These counters help troubleshoot connections or diagnose problems because they give
the user an overview of the state of various parameters. By setting them to zero and then re-
checking them later, the user can view changes in status.
The chart in the middle of the page displays the flow control lines and port statistics for the device
port. The system automatically updates these values. To reset them to zeros, select the Zero port
counters checkbox in the IP Settings section of the page.
Note: Status and statistics shown on the web interface represent a snapshot in time. To
see the most recent data, you must reload the web page.
Table 8-6 Port Status and Counters
Device Ports - SLP / ServerTech CDU Device
ServerTech CDU, SLP power manager, or SLP expansion chassis that expands the number of
power ports.
To open the Device Ports - SLP page:
3. Click the Device Commands link. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
112
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Figure 8-7 Device Ports > SLP / ServerTech CDU
To enter SLP commands:
1. Enter the following:
Number of Outlets
Enter the number of outlets for a ServerTech CDU. This setting is not
applicable for an SLP unit.
Number of Expansion
Outlets
Enter the number of outlets for a ServerTech CDU expansion unit. This setting
is not applicable for an SLP device.
Login
User ID for logging into the SLP unit or ServerTech CDU device.
Password
Enter password for logging into the SLP power manager or ServerTech CDU
device.
Retype Password
Prompt
Re-enter password for logging into the SLP unit or ServerTech CDU device.
Enter the prompt displayed by the SLP unit or ServerTech CDU device. This
will default to a typical prompt for an SLP power manager or ServerTech CDU.
If you are unable to control the SLP unit or ServerTech CDU device, verify that
the prompt is set to the right value.
SLC™ 8000 Advanced Console Manager User Guide
113
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Status/Info
Outlet Status
Note: If there is a master unit and an expansion unit, the master unit is Tower
A and the expansion unit is Tower B.
For Tower A or Tower B, select All Outlets or Single Outlet to view the status
of all outlets or a single outlet of the SLP device. If you select Single Outlet,
enter a value of 1-8 for the SLP8 or 1-16 for the SLP16 device. For the
ServerTech CDU, the valid range of outlets is specified by the Number of
Outlets setting (for Tower A) or the Number of Expansion Outlets setting (for
Tower B).
Click the Outlet Status link to see the status of the selected outlet(s).
Environmental Status
Infeed Status
Click the link to view the environmental status (e.g., temperature and humidity.)
Click the link to view the status of the data the SLP power manager or
ServerTech CDU is receiving.
System Info
Click the link to see system information pertaining to the SLP or ServerTech
CDU device.
Commands
Restart
To restart the SLP power manager or ServerTech CDU device, select the
checkbox.
Control Outlet
For Tower A or Tower B, select All Outlets or Single Outlet, the number of
the outlet to be controlled (1-8 for the SLP8 or 1-16 for the SLP16) and select
the command for the outlet (No Action, On, Off, Cycle Power). No Action is
the default.
2. Click the Apply button.
Device Port - Sensorsoft Device
Devices made by Sensorsoft are used to monitor environmental conditions.
1. In the Connected to drop-down menu above the IP Settings section of the
2. Click the Device Commands link. The following page displays:
Figure 8-8 Devices > Device Ports > Sensorsoft
SLC™ 8000 Advanced Console Manager User Guide
114
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
3. Select a port and enter or view the following information:
Dev Port
Displays the number of the SLC port.
Displays the name of the SLC port.
Device Port Name
Temp
Current temperature (degrees Celsius) on the device the sensor is monitoring.
Low Temp
Enter the temperature (degrees Celsius) permitted on the monitored device below
which the SLC 8000 advanced console manager sends a trap.
High Temp
Use °F
Enter the temperature (degrees Celsius) permitted on the monitored device above
which the SLC unit sends a trap.
Display and set the temperature for this device in degrees Fahrenheit, instead of
Celsius, which is the default.
Humidity (%)
Low Humidity
Current relative humidity on the device the sensor is monitoring.
Enter the relative humidity permitted on the device the sensor is monitoring below
which the sensor sends a trap to the SLC advanced console manager.
High Humidity
Traps
Enter the highest relative acceptable humidity permitted on the device above which
the sensor sends a trap to the SLC unit.
Select to indicate the SLC 8000 advanced console manager should send a trap or
configured Event Alert when the sensor detects an out-of-range configured
threshold.
4. Click the Apply button.
5. To view the status detected by the Sensorsoft, click the Sensorsoft Status link to the right of
the table.
Device Port Commands
The following CLI commands correspond to the web page entries described above.
To configure a single port or a group of ports (for example, set deviceport port 2-5,6,12,15-
16 baud 2400):
set deviceport port <Device Port List or Name> <one or more device port
parameters>
Parameters
auth <pap|chap>
banner <Banner Text>
baud <300-230400>
breakseq <1-10 Chars>
calleridcmd <Modem Command String>
calleridlogging <enable|disable>
chaphost <CHAP Host or User Name>
chapsecret <CHAP Secret or User Password>
The user defines the secret.
checkdsr <enable|disable>
closedsr <enable|disable>
databits <7|8>
device
<none|slp8|slp16|slp8exp8|slp8exp16|slp16exp8|slp16exp16|sensorsoft
|servertech>
dialbackeretries <1-10>
SLC™ 8000 Advanced Console Manager User Guide
115
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
dialbackdelay <PPP Dial-back Delay>
dialinlist <Host List for Dial-in>
dialoutnumber <Phone Number>
dialoutlogin <User Login>
dialbacknumber <usernumber|Phone Number>
dodauth <pap|chap>
dodchaphost <CHAP Host or User Name>
dodchapsecret <CHAP Secret or User Password>
flowcontrol <none|xon/xoff|rts/cts>
group <Local or Remote Group Name>
idletimeout <disable|1-9999 seconds>
ipaddr <IP Address>
initscript <Initialization Script>
A script that initializes a modem.
localipaddr <negotiate|IP Address>
logins <enable|disable>
modemmode <text|ppp>
modemstate <disable|dialout|dialin|dialback|dialondemand|
dialin+dialondemand|dialinhostlist>
modemtimeout <disable|1-9999 seconds>
name <Device Port Name>
nat <enable|disable>
parity <none|odd|even>
remoteipaddr <negotiate|IP Address>
restartdelay <PPP Restart Delay>
reversepinout <enable|disable>
showlines <enable|disable>
sshauth <enable|disable>
sshin <enable|disable>
sshport <TCP Port>
stopbits <1|2>
tcpauth <enable|disable>
tcpin <enable|disable>
tcpport <TCP Port>
telnetauth <enable|disable>
telnetin <enable|disable>
telnetport <TCP Port>
timeoutlogins <disable or 1-30>
usesites <enable|disable>
webcolumns <Web SSH/Telnet Cols>
webrows <Web SSH/Telnet Rows>
To set the dialout password:
set deviceport port <Device Port # or List or Name> dialoutpassword
To view the settings for one or more device ports:
show deviceport port <Device Port List or Name>
SLC™ 8000 Advanced Console Manager User Guide
116
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To view a list of all device port names:
show deviceport names
To view the modes and states of one or more device port(s):
Note: You can optionally email the displayed information.
show portstatus [deviceport <Device Port List or Name>] [email <Email
Address>]
To view device port statistics and errors for one or more ports:
Note: You can optionally email the displayed information.
show portcounters [deviceport <Device Port List or Name>] [email <Email
Address>]
To zero the port counters for one or more device ports:
show portcounters zerocounters <Device Port List or Name>
Device Commands
The following CLI commands correspond to the web page entries described above.
To send commands to (or control) a device connected to an SLC unit port over the serial
port:
Note: Currently the only devices supported for this type of interaction are the SLP power
manager and Sensorsoft devices.
set command <Device Port # or Name or List> <one or more parameters>
Parameters
slp|servertech auth login <User Login>
Establishes the authentication information to log into the SLP or ServerTech CDU attached to the
device port.
slp|servertech restart
Issues the CLI command the SLP or ServerTech CDU uses to restart itself.
slp|servertech outletcontrol state <on|off|cyclepower> [outlet <Outlet
#>][tower <A|B>]
Outlet # is 1-8 for SLP8 and 1-16 for SLP16. For the ServerTech CDU, the valid range of outlets is
specified by the number of outlets settings (for Tower A) or number of expansion outlets settings
(for Tower B) - see below.
The outletcontrolparameters control individual outlets.
slp|servertech outletstate [outlet <Outlet #>] [tower <A|B>]
The outletstate parameter shows the state of all outlets or a single outlet.
slp|servertech envmon
SLC™ 8000 Advanced Console Manager User Guide
117
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Displays the environmental status (e.g., temperature and humidity) of the SLP or ServerTech
CDU.
slp|servertech infeedstatus
Displays the infeed status and load of the SLP or ServerTech CDU.
slp|servertech system
Displays the system configuration information, such as firmware, revision and uptime.
slp|servertech config [prompt <Command Prompt>]
Enter the prompt displayed by the SLP or ServerTech CDU device. This will default to a typical
prompt for an SLP or ServerTech CDU. If you are unable to control the SLP or ServerTech CDU
device, verify that the prompt is set to the right value.
[numoutlets <Number of Outlets>]
[numexpoutlets <Number of Expansion Outlets>]
Enter the number of outlets for a ServerTech CDU main unit or the number of outlets for a Server
Tech CDU expansion unit. This setting is not applicable for an SLP.
sensorsoft lowtemp <Low Temperature in C.>
Sets the lowest temperature permitted for the port.
sensorsoft hightemp <High Temperature in C.>
Sets the hightest temperature permitted for the port.
sensorsoft lowhumidity <Low Humidity %>
Sets the lowest humidity pemitted for the port.
sensorsoft highhumidity <High Humidity %>
Sets the lowest humidity permitted for the port.
sensorsoft traps <enable|disable>
Enables or disables temperature settings as celcius or Fahrenheit.
sensorsoft degrees <celsius|fahrenheit>
Enables or disables traps when specified conditions are met.
sensorsoft status
Displays the status of the port.
Interacting with a Device Port
Once a device port has been configured and connected to an external device such as the console
port of an external server, the data received over the device port can be monitored at the
command line interface with the connect listen command, as follows:
To connect to a device port to monitor it:
connect listen deviceport <Port # or Name>
In addition, you can send data out the device port (for example, commands issued to an external
server) with the connect direct command, as follows:
SLC™ 8000 Advanced Console Manager User Guide
118
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To connect to a device port to monitor and/or interact with it, or to establish an outbound
network connection:
connect direct <endpoint>
endpoint is one of:
deviceport <Port # or Name>
ssh <IP Address> [port <TCP Port>][<SSH flags>]
where:
<SSH flags> is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> port <TCP Port>
telnet <IP Address> [port <TCP Port>]
udp <IP Address> port <UDP Port>
hostlist <Host List>
Note: To escape from the connect directcommand when the endpoint of the
command is deviceport, tcp, or udpand return to the command line interface, type the
escape sequence assigned to the currently logged in user. If the endpoint is telnetor
SSH, logging out returns the user to the command line prompt.
Note: To escape from the connect listen command, press any key.
Setting up a user with an escape sequence is optional. For any NIS, LDAP, RADIUS,
Kerberos, or TACACS+ user, or any local user who does not have an escape sequence
defined, the default escape sequence is Esc+A.
Device Ports - Logging
The SLC products support port buffering of the data on the system's device ports as well as
notification of receiving data on a device port. Port logging is disabled by default. You can enable
more than one type of logging (local, NFS file, email/SNMP, SD card, or USB port) at a time. The
buffer containing device port data is cleared when any type of logging is enabled.
Local Logging
If local logging is enabled, each device port stores 256 Kbytes (approximately 400 screens) of I/O
data in a true FIFO buffer. You may view this data (in ASCII format) at the CLI with the show
stored in RAM and is lost in the event of a power failure if it is not logged using an NFS mount
solution. If the buffer data overflows the buffer capacity, only the oldest data is lost, and only in the
amount of overrun (not in large blocks of memory).
NFS File Logging
Data can be logged to a file on a remote NFS server. Data logged locally to the SLC 8000
advanced console manager is limited to 256 Kbytes and may be lost in the event of a power loss.
Data logged to a file on an NFS server does not have these limitations. The system administrator
can define the directory for saving logged data on a port-by-port basis and configure file size and
number of files per port.
SLC™ 8000 Advanced Console Manager User Guide
119
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
The directory path must be the local directory for one of the NFS mounts. For each logging file,
once the file size reaches the maximum, a new file opens for logging. Once the number of files
reaches the maximum, the oldest file is overwritten. The file naming convention is: <Device Port
Number>_<Device Port Name>_<File number>.log.
Examples:
02_Port-2_1.log
02_Port-2_2.log
02_Port-2_3.log
02_Port-2_4.log
02_Port-2_5.log
USB and SD Card Logging
Data can be logged to a USB flash drive that is loaded into the USB ports or the SD card slot on
the front of the SLC unit and properly mounted. Data logged locally to the SLC advanced console
manager is limited to 256 Kbytes and may be lost in the event of a power loss. Data logged to a
USB flash drive or SD card does not have these limitations. The system administrator can define
the file size and number of files per port. For each logging file, once the file size reaches the
maximum, a new file opens for logging. Once the number of files reaches the maximum, the oldest
file is overwritten. The file naming convention is:
<Device Port Number>_<Device Port Name>_<File number>.log
Examples:
02_Port-2_1.log
02_Port-2_2.log
02_Port-2_3.log
02_Port-2_4.log
02_Port-2_5.log
Email/SNMP Notification
The system administrator can configure the SLC 8000 advanced console manager to send an
email alert message indicating a particular condition detected in the device port log to the
appropriate parties or an SNMP trap to the designated NMS (see Chapter 7: Services on page
75). The email or trap is triggered when a user-defined number of characters in the log from your
server or device is exceeded, or a specific sequence of characters is received.
individual ports.
Sylog Logging
Data can be logged to the system log. If this feature is enabled, the data will appear in the Device
Ports log, under the Info level. The log level for the Device Ports log must be set to Info for the data
To set logging parameters:
1. In the top section of the Device Port Settings page, click the Settings link in the Logging field.
The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
120
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Figure 8-9 Devices > Device Ports - Logging
2. Enter the following:
Local Logging
Local Logging
If you enable local logging, each device port stores 256 Kbytes (approximately 400
screens) of I/O data in a true FIFO buffer. Disabled by default.
Clear Local Log
View Local Log
Select the checkbox to clear the local log.
Click this link to see the local log in text format.
Email/Traps
Email/Traps
Select the checkbox to enable email and SNMP logging. Email logging sends an
email message to pre-defined email addresses or an SNMP trap to the
met. Disabled by default.
SLC™ 8000 Advanced Console Manager User Guide
121
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Send
If you enabled email and SNMP logging, select what type of notification log to
send:
Email (default)
SNMP Trap
Both
Trigger on
Select the method of triggering a notification:
Byte Count: A specific number of bytes of data. This is the default.
Text String Recognition: A specific pattern of characters, which you can
define by a regular expression.
Note: Text string recognition may negatively impact the SLC unit’s performance,
particularly when regular expressions are used.
Byte Threshold
The number of bytes of data the port receives before the SLC unit captures log
data and sends a notification regarding this port. The default is 100 bytes.
In most cases, the console port of your device does not send any data unless
there is an alarm condition. After the SLC 8000 advanced console manager
receives a small number of bytes, it perceives that your device needs some
attention. The SLC unit notifies your technician when that point has been passed,
and the notification includes the logged data.
For example, a threshold preset at 30 characters means that as soon as the SLC
8000 advanced console manager receives 30 bytes of data, it captures log data
and sends an email regarding this port.
Text String
The specific pattern of characters the SLC unit must recognize before sending a
notification to the technician about this port. The maximum is 100 characters. You
may use a regular expression to define the pattern. For example, the regular
expression “abc[def]g” recognizes the strings abcdg, abceg, abcfg.
The SLC 8000 advanced console manager supports GNU regular expressions;
for more information, see:
Email Delay
A time limit of how long (in seconds), after the SLC unit detects the trigger, that
the device port captures data before closing the log file (with a fixed internal buffer
maximum capacity of 1500 bytes) and sending a notification. The default is 60
seconds.
Restart Delay
The number of seconds for the period after the notification has been sent during
which the device port ignores additional characters received. The data is simply
ignored and does not trigger additional alarms until this time elapses. The default
is 60 seconds.
Email to
The complete email address of the message recipient(s) for each device port(s).
Each device port has its own recipient list. To enter more than one email address,
separate the addresses with a single space. You can enter up to 128 characters.
Email Subject
A subject text appropriate for your site. May have up to 128 characters.
The email subject line is pre-defined for each port with its port number. You can
use the email subject to inform the desired recipients of the problem on a certain
server or location (e.g., server location or other classification of your equipment).
This is helpful if the email message goes to the system administrator’s or service
technician's mobile or wireless device (e.g., text messaging by means of email).
Note: The character sequence %d anywhere in the email subject is replaced
with the device port number automatically.
SLC™ 8000 Advanced Console Manager User Guide
122
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Log Viewing Attributes
Display
Select to view either the beginning (Head) or end (Tail) of the log.
Number of lines from the head or tail of the log to display.
Number of Lines
NFS File Logging
NFS File Logging
Select the checkbox to log all data sent to the device port to one or more files on an
external NFS server. Disabled by default.
NFS Log to View
Available log files in the selected NFS Directory to view.
The path of the directory where the log files will be stored.
Directory to Log to
Note: This directory must be a directory exported from an NFS server mounted on
the SLC 8000 advanced console manager Specify the local directory path for the
NFS mount.
Max Number of Files The maximum number of files to create to contain log data to the port. These files
keep a history of the data received from the port. Once this limit is exceeded, the
oldest file is overwritten. The default is 10.
Max Size of Files
The maximum allowable file size in bytes. The default is 2048 bytes. Once the
maximum size of a file is reached, the SLC unit begins generating a new file.
USB / SD Card Logging
USB / SD Card
Logging
Select to enable USB / SD card logging. A USB thumb drive or SD card must be
loaded into one of the ports of the SLC and properly mounted. Disabled by default.
Available log files in the selected USB / SD card slot to view.
Select the USB port or SD card to use for logging.
Log to View
Log To
Max Number of Files The maximum number of files to create to contain log data to the port. These files
keep a history of the data received from the port. Once this limit is exceeded, the
oldest file is overwritten. The default is 10.
Max Size of Files
The maximum allowable file size in bytes. The default is 2048 bytes. Once the
maximum size of a file is reached, the SLC 8000 advanced console manager
begins generating a new file. The default is 2048 bytes.
Syslog Logging
Syslog Logging
Select to enable system logging.
Note: The logging level for the device ports log must be set to Info to view Syslog
Note: Note: To apply the settings to additional device ports, in the Apply settings to
Device Ports field, enter the additional ports, (e.g., 1-3, 5, 6)
3. To apply settings to other device ports in addition to the currently selected port, select the
Apply settings to Device Ports and enter port numbers separated by commas. Indicate a
range of port numbers with a hyphen (e.g., 2, 5, 7-10), and separate ranges with commas.
4. To save, click the Apply button.
SLC™ 8000 Advanced Console Manager User Guide
123
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Logging Commands
The following CLI commands correspond to the web page entries described above.
To configure logging settings for one or more device ports:
set deviceport port <Device Port List or Name> <one or more deviceport
parameters>
Note: Local logging must be enabled for a device port for the locallogcommands to
be executed. To use the set locallog clear command, the user must have permission to
Example:
set deviceport port 2-5,6,12,15-16 baud 2400 locallogging enable
Parameters
emaildelay <Email Delay>
emaillogging <disable|bytecnt|charstr>
emailrestart <Restart Delay>
emailsend <email|trap|both>
emailstring <Regex String>
emailsubj <Email Subject>
emailthreshold <Byte Threshold>
emailto <Email Address>
filedir <Logging Directory>
filelogging <enable|disable>
filemaxfiles <Max # of Files>
filemaxsize <Max Size of Files>
locallogging <enable|disable>
name <Device Port Name>
nfsdir <Logging Directory>
nfslogging <enable|disable>
nfsmaxfiles <Max # of Files>
nfsmaxsize <Size in Bytes>
sysloglogging <enable|disable>
usblogging <enable|disable>
usbmaxfiles <max # of Files>
usbmaxsize <Size in Bytes>
usbport <U1|U2|SD>
To view a specific number of bytes of data for a device port:
show locallog <Device Port # or Name> [bytes <Bytes To Display>]
1 Kbyte is the default.
To clear the local log for a device port:
set locallog clear <Device Port # or Name>
Note: The locallogcommands can only be executed for a device port if local logging is
enabled for the port. The set locallog clearcommand can only be executed if the user
SLC™ 8000 Advanced Console Manager User Guide
124
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Console Port
The console port initially has the same defaults as the device ports. Use the Devices > Console
Port page to change the settings, if desired.
To set console port parameters:
1. Click the Devices tab and select Console Port. The following page displays:
Figure 8-10 Devices > Console Port
2. Change the following as desired:
Baud
The speed with which the device port exchanges data with the attached serial
device.
From the drop-down list, select the baud rate. Most devices use 9600 for the
administration port, so the console port defaults to this value.
Data Bits
Stop Bits
Parity
Number of data bits used to transmit a character. From the drop-down list, select
the number of data bits. The default is 8 data bits.
The number of stop bits that indicate that a byte of data has been transmitted.
From the drop-down list, select the number of stop bits. The default is 1.
Parity checking is a rudimentary method of detecting simple, single-bit errors.
From the drop-down list, select the parity. The default is none.
Flow Control
Timeout
A method of preventing buffer overflow and loss of data. The available methods
include none, xon/xoff (software), and rts/cts (hardware). The default is none.
The number of minutes (1-30) after which an idle session on the console is
automatically logged out. Disabled by default.
Show Lines on
Connecting
If selected, when you connect to the console port with a terminal emulator, you will
see the last lines output to the console, for example, the SLC boot messages or
the last lines output during a CLI session on the console.
SLC™ 8000 Advanced Console Manager User Guide
125
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Group Access
If undefined, any group can access the console port. If one or more groups are
specified (groups are delimited by the characters ' ' (space), ',' (comma), or ';'
(semicolon)), then any user who logs into the console port must be a member of
one of the specified groups, otherwise access will be denied. Users authenticated
via RADIUS may have a group (or groups) provided by the RADIUS server via the
Filter-Id attribute that overrides the group defined for a user on the SLC 8000
advanced console manager. A group provided by a remote server must be either a
single group or multiple groups delimited by the characters ' ' (space), ',' (comma),
';' (semicolon), or '=' (equals) - for example "group=group1,group2;" or
"group1,group2,group3".
3. Click the Apply button to save the changes.
Console Port Commands
The following CLI commands correspond to the web page entries described above.
To configure console port settings:
set consoleport <one or more parameters>
Parameters
baud <300-230400>
databits <7|8>
stopbits <1|2>
group <Local or Remote Group Name>
parity <none|odd|even>
flowcontrol <none|xon/xoff|rts/cts>
showlines <enable|disable>
timeout <disable|1-30>
To view console port settings:
show consoleport
Internal Modem Settings
This section describes how to configure an internal modem in the SLC advanced console
manager. The SLC 8000 internal modem is an optional part. If the modem is installed, a message
will be displayed when the SLC unit is booted:
Internal modem installed.
The presence of the modem will also be displayed in the CLI admin version command, the
subset of the modem functionality available for modems connected to a Device Port and USB
modems. If the internal modem is installed, the Internal Modem web page can be displayed by
selecting the Internal Modem option from the main menu, or by selecting the MD button in the
Port Number Bar on the upper right corner of the web page.
Note: The internal modem only supports Dial-in, Dial-out and Dial-back.
SLC™ 8000 Advanced Console Manager User Guide
126
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Setting Up Internal Modem Storage
To set up internal modem storage in the SLC 8000 advanced console manager:
hand corner once the SLC unit is reboots.
2. Reboot the SLC 8000 advanced console manager.
3. Log into the SLC unit and click Devices.
SLC™ 8000 Advanced Console Manager User Guide
127
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Figure 8-11 Devices > Internal Modem
5. Enter the following fields.
State
Indicates whether the internal is enabled. When enabling, set the modem to
Disabled, Dial-in, Dial-out, and Dial-back. Disabled by default.
SLC™ 8000 Advanced Console Manager User Guide
128
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Mode
The format in which the data flows back and forth.
With Text selected, the SLC unit assumes that the modem will be used for
remotely logging into the command line. Text mode is only for dialing in. This
is the default.
PPP establishes an IP-based link over the modem. PPP connections can be
used in dial-out mode (e.g., the SLC unit connects to an external network) or
dial-in mode (e.g., the external computer connects to the network that the
SLC unit is part of), dial-back (dial-in followed by dial-out), CBCP server and
CBCP client.
Use Sites
Group Access
If undefined, any group can access the modem (text login only). If one or more
groups are specified (groups are delimited by the characters ',' (comma) or ';'
(semicolon)), then any user who logs into the modem must be a member of one
of the specified groups, otherwise access will be denied. Users authenticated
via RADIUS may have a group (or groups) provided by the RADIUS server via
the Filter-Id attribute that overrides the group defined for a user on the SLC unit.
A group provided by a remote server must be either a single group or multiple
groups delimited by the characters ',' (comma), ';' (semicolon), or '=' (equals) -
for example "group=group1,group2;" or "group1,group2,group3".
Initialization Script
Commands sent to configure the modem may have up to 100 characters.
Consult your modem’s documentation for recommended initialization options. If
you do not specify an initialization script, the SLC uses a uses a default
initialization string of:
AT S7=45 SO=0 L1 V1 X4 &D2 &c1 E1 Q0
Note: We recommend that the modem initialization script always be pre-
pended with AT and include E1 V1 x4 Q0 so that the SLC unit may properly
control the modem.
Modem Timeout
Timeout for modem connections. Set to No by default.
To configure the modem connection to time out when no traffic is received
choose Yes and enter a value of 1 to 9999 seconds.
Caller ID Logging
Modem Command
Select to enable the SLC unit to log caller IDs on incoming calls. Disabled by
default.
Modem AT command used to initiate caller ID logging by the modem.
Note: For the AT command, use +VCID=1to enable Caller ID with formatted
presentation, and use +VCID=2 to enable Caller ID with unformatted
presentation. This is subject to subscribing to a Caller ID service for the modem
line.
Check Dial Tone
Dial-back Number
If set to Yes, the SLC will periodically check the modem for a dial tone while
waiting for a dial in (e.g., if the Modem State is set to Dial-in, or if the Modem
State is set to Dial-back and the SLC unit is in the Dial-in portion of the
sequence). The SLC unit can issue a trap or an event can be setup to notify the
user if no dial tone is detected. Set to Yes by default (every 15 minutes).
password. Once the SLC unit authenticates them, the modem hangs up and
dials them back .
Select the phone number the modem dials back on: a fixed number or a
number associated with their login. If you select Fixed Number, enter the
number (in the format 2123456789).
The dial-back number is also used for CBCP client as the number for a user-
Dial-back Delay
For dial-back and CBCP Server, the number of seconds between the dial-in
and dial-out portions of the dialing sequence.
SLC™ 8000 Advanced Console Manager User Guide
129
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Dial-back Retries
Timeout Logins
For dial-back and CBCP Server, the number of times the SLC unit will retry the
dial-out portion of the dialing sequence if the first attempt to dial-out fails.
If you selected text mode, you can enable logins to time out after the
connection is inactive for a specified number of minutes. The default is No. This
setting only applies to text mode connections. PPP mode connections stay
connected until either side drops the connection. Disabled by default.
Negotiate IP Address
If the SLC and/or the serial device have dynamic IP addresses (e.g., IP
addresses assigned by a DHCP server), select Yes. This is the default.
If the SLC unit or the modem have fixed IP addresses, select No, and enter the
Local IP (IP address of the internal modem) and Remote IP (IP address of the
modem).
Authentication
Enables PAP or CHAP authentication for modem logins. PAP is the default.
With PAP, users are authenticated by means of the Local Users and any of the
remote authentication methods that are enabled.
With CHAP, the CHAP Handshake fields authenticate the user.
CHAP Handshake
The Host/User Name (for UNIX systems) or
Secret/User Password (for Windows systems) used for CHAP authentication.
May have up to 128 characters.
CHAP Auth Uses
Enable NAT
For CHAP authentication, determines what is used to validate the CHAP host/
user sent by the remote peer: either the CHAP Host defined for the modem, or
any of the users in the Local Users list.
Select to enable Network Address Translation (NAT) for dial-in and dial-out
PPP connections on a per modem (device port, USB port, or internal modem)
basis. Users dialing into the SLC unit access the network connected to Eth1
and/or Eth2.
Note: IP forwarding must be enabled on the Network - Settings page for NAT
to work.
Dial-out Number
Phone number for dialing out to a remote system or serial device. May have up
to 20 characters. Any format is acceptable.
Remote/Dial-out Login
User ID for authentication when dialing out to a remote system, or if a remote
system requests authentication from the SLC module when it dials in. May have
up to 32 characters.
Remote/Dial-out
Password/ Retype
Password for authentication when dialing out to a remote system, or if a remote
system requests authentication from the SLC unit when it dials in. May have up
to 20 characters.
Restart Delay
The number of seconds after the timeout and before the SLC module attempts
another connection. The default is 30 seconds.
6. Click Apply.
Host Lists
A host list is a prioritized list of SSH, Telnet, and TCP hosts available for establishing incoming
modem connections or for the connect directcommand on the CLI. The SLC unit cycles
through the list until it successfully connects to one.
To add a host list:
1. Click the Devices tab and select the Host Lists option. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
130
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Figure 8-12 Devices > Host Lists
2. Enter the following:
Note: To clear fields in the lower part of the page, click the Clear Host List button.
Host List Id
Displays after a host list is saved.
Enter a name for the host list.
Host List Name
Retry Count
Enter the number of times the SLC advanced console manager should attempt
to retry connecting to the host list.
Authentication
Select to require authentication when the SLC unit connects to a host.
3. You have the following options:
-
-
To save the host list without adding hosts at this time, click the Add Host List button.
To add hosts, enter the following:
Host Parameters
Host
Name or IP address of the host.
Protocol
Port
Protocol for connecting to the host (TCP, SSH, or Telnet).
Port on the host to connect to.
SLC™ 8000 Advanced Console Manager User Guide
131
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Escape Sequence
The escape character used to get the attention of the SSH or Telnet client. It is
optional, and if not specified, Telnet and SSH use their default escape character.
For Telnet, the escape character is either a single character or a two-character
sequence consisting of '^' followed by one character. If the second character is '?',
the DEL character is selected. Otherwise, the second character is converted to a
control character and used as the escape character.
For SSH, the escape character is a single character.
4. Click the right
arrow. The host displays in the Hosts box.
5. Repeat steps 2-4 to add more hosts to the host list.
Note: To clear fields before adding the next host, click the Clear Host Parameters
button.
6. You have the following options:
-
-
-
To remove a host from the host list, select the host in the Hosts box and click the
left arrow.
To give the host a higher precedence, select the host in the Hosts box and click the
up arrow.
To give the host a lower precedence, select the host in the Hosts box and click the
down arrow.
Settings page displays.
SLC™ 8000 Advanced Console Manager User Guide
132
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To view or update a host list:
1. In the Host Lists table, select the host list and click the View Host List button. The list of hosts
display in the Hosts box.
Figure 8-13 View Host Lists
2. View, add, or update the following:
Host List Id
Displays after a host list is saved.
Enter a name for the host list.
Host List Name
Retry Count
Enter the number of times the SLC 8000 advanced console manager should attempt to
retry connecting to the host list.
Authentication
Select to require authentication when the SLC unit connects to a host.
Host Parameters
Host
Name or IP address of the host.
Protocol
Port
Protocol for connecting to the host (TCP, SSH, or Telnet).
Port on the host to connect to SLC advanced console manager
SLC™ 8000 Advanced Console Manager User Guide
133
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Escape Sequence
The escape character used to get the attention of the SSH or Telnet client. It is
optional, and if not specified, Telnet and SSH use their default escape character.
For Telnet, the escape character is either a single character or a two-character
sequence consisting of '^' followed by one character. If the second character is '?',
the DEL character is selected. Otherwise, the second character is converted to a
control character and used as the escape character.
For SSH, the escape character is a single character.
3. You have the following options:
-
-
To add a host to the host list, click the right
To remove a host from the host list, select the host in the Hosts box and click the
left arrow.
To give the host a higher precedence, select the host in the Hosts box and click the
up arrow.
To give the host a lower precedence, select the host in the Hosts box and click the
down arrow.
arrow. The host displays in the Hosts box.
-
-
Settings page displays.
To delete a host list:
1. Select the host list in the Host Lists table.
> Settings page displays.
Host List Commands
The following CLI commands correspond to the web page entries described above.
To configure a prioritized list of hosts to be used for modem dial-in connections:
set hostlist add|edit <Host List Name> [<parameters>]
Parameters
name <Host List Name> (edit only)
retrycount <1-10>
Default is 3.
auth <enable|disable>
To add a new host entry to a list or edit an existing entry:
set hostlist add|edit <Host List Name> entry <Host Number>
[<parameters>]
Parameters
host <IP Address or Name>
protocol <ssh|telnet|tcp>
port <TCP Port>
escapeseq <1-10 Chars>
SLC™ 8000 Advanced Console Manager User Guide
134
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To move a host entry to a new position in the host list:
set hostlist edit <Host List Name> move <Host Number> position <Host
Number>
To delete a host list, or a single host entry from a host list:
set hostlist delete <Host List> [entry <Host Number>]
To display the members of a host list:
show hostlist <all|names|Host List Name>
Scripts
The SLC unit supports two types of scripts:
Interface Scripts which use a subset of the Expect/Tcl scripting language to perform pattern
detection and action generation on Device Port output.
Batch Scripts which are a series of CLI commands. A user can create scripts at the web,
view scripts at the web and the CLI, and utilize scripts at the CLI. For a description of the
All scripts have permissions associated with them; a user who runs a script must have the
permissions associated with the script in order to run the script.
To add a script:
1. Click the Devices tab and select the Scripts option. This page displays.
SLC™ 8000 Advanced Console Manager User Guide
135
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Figure 8-15 Adding or Editing New Scripts
3. Enter the following:
Scripts
Script Name
Type
A unique identifier for the script.
Select Interface for a script that utilizes Expect/Tcl to perform pattern detection
and action generation on Device Port output.
Select Batch for a script of CLI commands.
4. In the User Rights section, select the user Group to which NIS users will belong:
SLC™ 8000 Advanced Console Manager User Guide
137
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
User Rights
Group
Select the group to which the NIS users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user .
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
5. Assign or unassign User Rights for the specific user by checking or unchecking the following
boxes:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage secure Lantronix units (e.g., SLP, Spider, or SLC
devices) on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for NIS users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Configuration
Right to upgrade the firmware on the unit and save or restore a configuration (all
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to configure internal modem settings.
Right to enter device port settings.
Device Port
Operations
Device Port
Right to enter device port configurations.
Configuration
USB
Right to enter modem settings for USB modems and to control USB storage
devices.
SD Card
Right to view and enter settings for SD card.
6. To save, click the Apply button. If the type of script is Interface, the script will be validated
To view or update a script:
1. In the Scripts table, select the script and click the Edit Script button. The page for editing
3. To save, click the Apply button.
SLC™ 8000 Advanced Console Manager User Guide
138
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
To rename a script:
1. In the Scripts table, select the script and enter a new script name in the New Name field.
redisplays.
To delete a script:
1. In the Scripts table, select the script to delete.
> Scripts page redisplays.
To change the permissions for a script:
1. In the Scripts table, select the script and select the new Group and/or Permissions.
redisplays.
To use a script at the CLI:
1. To run an Interface Script on a device port for pattern recognition and action generation, use
the connect script <Script Name> deviceport <Device Port # or Name>
command.
2. To run a Batch Script at the CLI with a series of CLI commands, use the set script
runcli <Script Name>command.
Batch Script Syntax
The syntax for Batch Scripts is exactly the same as the commands that can be typed at the CLI,
with the additions described in this section.
The sleepcommand suspends execution of the script (puts it to 'sleep') for the specified number
of seconds. Syntax:
sleep <value>
The whilecommand allows a loop containing CLI commands to be executed. Syntax:
while {<Boolean expression>} {
CLI command 1
CLI command 2
...
CLI command n
}
Note: The closing left brace '}' must be on a line without any other characters. To
support a whilecommand, the set command, variables, and secondary commands are
also supported.
SLC™ 8000 Advanced Console Manager User Guide
139
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Interface Script Syntax
This section describes the abbreviated scripting syntax for Interface Scripts. This limited syntax
was created to prevent the creation of scripts containing potentially harmful commands. Script
commands are divided into three groups: Primary, Secondary and Control Flow. Primary
commands provide the basic functionality of a script and are generally the first element on a line of
a script, as in:
send_user "Password:"
Secondary commands provide support for the primary commands and are generally not useful by
themselves. For example, the exprcommand can be used to generate a value for a set
command.
set <my_var> [expr 1 + 1]
Control Flowcommands allow conditional execution of other commands based on the results
of the evaluation of a Boolean expression.
Table 8-16 Definitions
Term
Word
Definition
A contiguous group of characters delimited on either side by spaces. Not enclosed
by double quotes.
Primary Command
One of the primary commands listed in this section.
Secondary Command One of the secondary commands defined in this section.
Quoted String
A group of characters enclosed by double quote (") characters. A quoted string
may include any characters, including space characters. If a double quote
character is to be included in a quoted string it must be preceded (escaped) by a
backslash character ('\').
Variable Reference
CLI Command
A word (as defined above) preceded by a dollar sign character ('$').
A quoted string containing a valid CLI showcommand.
Arithmetic Operator
A single character representing a simple arithmetic operation. The character may
be one of the following:
A plus sign (+) representing addition
A minus sign (-) representing subtraction
An asterisk sign (*) representing multiplication
A forward slash (/) representing division
A percent sign (%) representing a modulus
Boolean Expression An expression which evaluates to TRUE or FALSE. A Boolean expression has the
following syntax:
<value> <Boolean operator> <value>
Each can be either a word or a variable reference.
Boolean Operator
A binary operator which expresses a comparison between two operands and
evaluates to TRUE or FALSE. The following Boolean operators are valid:
'<' less than
'>' greater than
'<=' less than or equal to
'>=' greater than or equal to
'==' equal to
'!=' not equal to
SLC™ 8000 Advanced Console Manager User Guide
140
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Primary Commands
These are stand-alonecommands which provide the primary functionality in a script. These
commands may rely on one or more of the Secondary Commands to provide values for some
parameters. The preprocessor will require that these commands appear only as the first element
of a command line. The start of a command line is delimited by any of the following:
The start of a new line of text in the script
A semicolon (';')
A left brace ('{')
Table 8-17 Primary Commands
Command
Description
set
The setcommand assigns a value to a variable. Syntax:
set <variable> <value>
where <variable> is a word, and <value> can be defined in one of the following
ways:
A quoted string
A word
A variable reference
A value generated via one of the string secondary commands (compare,
match, first, etc.)
A value generated via the exprsecondary command
A value generated via the formatsecondary command
A value generated via the expr timestampcommand
unset
scan
This command removes the definition of a variable within a script. Syntax:
unset <variable>
where <variable>is a word.
The scancommand is analogous to the C language scanf(). Syntax:
scan <variable> <format string> <value 1> <value 2> ... <value n>
where <variable>a variable reference, and <format string>is a quoted
string. Each of the <value x>elements will be a word.
sleep
The sleepcommand suspends execution of the script (puts it to 'sleep') for the
specified number of seconds. Syntax:
sleep <value>
where <value> can be a word, a quoted string or a variable reference.
exec
The execcommand executes a single CLI command. Currently only CLI 'show'
commands may be executed via exec. Syntax:
exec <CLI command>
send, send_user
The sendcommand sends output to a sub-process, The send_user
command sends output to the standard output. Both commands have the same
syntax:
send <string>
send_user <string>
where <string>can be either a quoted string or a variable reference.
SLC™ 8000 Advanced Console Manager User Guide
141
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Command
Description
expect, expect_user,
expect_before,
expect_after,
The expectcommand waits for input and attempts to match it against one or
more patterns. If one of the patterns matches the input the corresponding
(optional) command is executed. All expectcommands have the same syntax:
expect_background
expect {<string 1> {command 1} <string 2> {command 2} ... <string n> {command
n}}
where <string x> will either be a quoted string, a variable reference or the
reserved word 'timeout.' The command x is optional, but the curly braces
('{' and '}') are required. If present it must be a primary command.
return
The returncommand terminates execution of the script and returns an optional
value to the calling environment. Syntax:
return <value>
where <value> can be a word or a variable reference.
Secondary Commands
These are commands which provide data or other support to the Primary commands. These
commands are never used by themselves in a script. The preprocessor will require that these
commands always follow a left square bracket ('[') character and be followed on a single line by a
right bracket (']').
SLC™ 8000 Advanced Console Manager User Guide
142
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Table 8-18 Secondary Commands
Description
Command
string
The stringcommand provides a series of string manipulation operations. The
stringcommand will only be used with the setcommand to generate a value for
a variable. There are nine operations provided by the stringcommand. Syntax
(varies by operation):
string compare <str 1> <str 2>
Compare two strings
string match <str 1> <str 2>
Determine if two strings are equal
string first <str needle> <str haystack>
Find and return the index of the first occurrence
of 'str_needle' in 'str_haystack'
string last <str needle> <str haystack>
Find and return the index of the last occurrence of
'str_needle' in 'str_haystack'
string length <str>
Return the length of 'str'
string index <str> <int>
Return the character located at position 'int' in
'str'
string range <str> <int start> <int end>
Return a string consisting of the characters in
'str' between 'int start' and 'int end'
string tolower <str>
Convert <str> to lowercase
string toupper <str>
Convert <str> to uppercase
string trim <str 1> <str 2>
Trim 'str 2' from 'str 1'
string trimleft <str 1> <str 2>
Trim 'str 2' from the beginning of 'str 1'
string trimright <str 1> <str 2>
Trim 'str 2' from the end of 'str 1'
In each of the above operations, each <str *> element can either be a quoted string
or a variable reference. The <int *> elements will be either words or variable
references.
expr
This command evaluates an arithmetic expression and returns the result. The expr
command will only be used in combination with the setcommand to generate a
value for a variable. Syntax:
expr <value> <operation> <value>
Each <value>will be either a word or a variable reference, and <operation> an
arithmetic operation.
SLC™ 8000 Advanced Console Manager User Guide
143
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Command
Description
timestamp
This command returns the current time of day as determined by the SLC . The
timestampcommand will only be used in combination with the setcommand to
produce the value for a variable. Syntax:
timestamp <format>
where <format>is a quoted string.
format
The formatcommand is analogous to the C language sprintf(). The format
command will only be used in combination with the setcommand to produce the
value for a variable. Syntax:
format <format string> <value 1> <value 2> ... <value n>
where <format string> will be a quoted string. Each of the <value x> elements will be
a word, a quoted string or a variable reference.
Control Flow Commands
The control flowcommands allow conditional execution of blocks of other commands. The
preprocessor treats these as Primary commands, allowing them to appear anywhere in a script
that a Primary command is appropriate.
Table 8-19 Control Flow Commands
Command
Description
while
The whilecommand executes an associated block of commands as long as its
Boolean expression evaluates to TRUE. After each iteration the Boolean expression
is re-evaluated; when the Boolean expression evaluates to FALSE execution
passes to the first command following the associated block. Each command within
the block must be a Primary command. Syntax:
while {<Boolean expression>} {
command 1
command 2
...
command n
}
SLC™ 8000 Advanced Console Manager User Guide
144
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Command
Description
if, elseif and else
The if command executes an associated block of commands if its Boolean
expression evaluates to TRUE. Each command within the block must be a Primary
command. Syntax:
if {<Boolean expression>} {
command 1
command 2
...
command n
}
The elseifcommand is used in association with an ifcommand - it must
immediately follow an if or elseifcommand. It executes an associated block of
commands if its Boolean expression evaluates to TRUE. Each command within the
block must be a Primay command. Syntax:
elseif {<Boolean expression>} {
command 1
command 2
...
command n
}
The elsecommand is used in combination with an if or elseifcommand to
provide a default path of execution. If the Boolean expressions for all preceding if
and elseif commands evaluate to FALSE the associated block of commands is
executed. Each command within the block must be a primary command. Syntax:
else {
command 1
command 2
...
command n
}
Sample Scripts
Interface Script—Monitor Port
The Monitor Port (Monport) script connects directly to a device port by logging into the SLC port,
gets the device hostname, loops a couple of times to get port interface statistics, and logs out. The
following is the script:
set monPort 7
set monTime 5
set sleepTime 2
set prompt ">"
set login "sysadmin"
set pwd "PASS"
#Send CR to echo prompt
send "\r"
sleep $sleepTime
#Log in or check for Command Prompt
SLC™ 8000 Advanced Console Manager User Guide
145
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
expect {
#Did not capture "ogin" or Command Prompt
timeout { send_user "Time out login......\r\n"; return }
#Got login prompt
"login" {
send_user "Logging in....\r\n"
send "$login\r"
expect {
timeout { send_user "Time out waiting for pwd
prompt......\r\n"; return }
#Got password prompt
"password" {
#Send Password
send "$pwd\r"
expect {
timeout { send_user "Time out waiting for prompt......\r\n";
return }
$prompt {}
}
}
}
}
#Already Logged in got Command Prompt
$prompt {
send_user "Already Logged....\r\n"
}
}
#Get hostname info
send "show network port 1 host\r"
expect {
timeout { send_user "Time out Getting Hostname 1\r\n"; return }
"Domain" {
#Get Hostname from SLC
set hostname "[string range $expect_out(buffer) [string first
Hostname:
$expect_out(buffer)] [expr [string first Domain
$expect_out(buffer)]-2]]"
}
}
send_user "\r\n\r\n\r\n\r\n"
send_user "Device [string toupper $hostname]\r\n"
send_user
"_________________________________________________________________\r\n"
send_user "Monitored Port: Port $monPort \r\n"
send_user "Monitor Interval Time: $monTime Seconds \r\n"
set loopCtr 0
set loopMax 2
while { $loopCtr < $loopMax } {
#Get current time
SLC™ 8000 Advanced Console Manager User Guide
146
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
The following is the screen output:
slc247glenn]> conn script ex4 deviceport 7
login: Logging in....
sysadmin
sysadmin
Password: PASS
Welcome to the Secure Lantronix Console Manager
Model Number: SLC 48
For a list of commands, type 'help'.
[SLC251glenn]> show network port 1 host
show network port 1 host
___Current Hostname
Settings___________________________________________________
Hostname: SLC251glenn
Domain: support.int.lantronix.com
[SLC251glen
Device HOSTNAME: SLC 251GLENN
________________________________________________________________________
Monitored Port: Port 7
Monitor Interval Time: 5 Seconds
[Current Time:21:16:43]
show portcounter deviceport 7
n]> show portcounter deviceport 7
Device Port: 7 Seconds since zeroed: 1453619
Bytes input: 0 Bytes output: 0
Framing errors: 0 Flow control errors: 0
Overrun errors: 0 Parity errors: 0
[SLC251glenn]>
[Current Time:21:16:58]
show portcounter deviceport 7
show portcounter deviceport 7
Device Port: 7 Seconds since zeroed: 1453634
Bytes input: 0 Bytes output: 0
Framing errors: 0 Flow control errors: 0
Overrun errors: 0 Parity errors: 0
[SLC251glenn]>
Port Counter Monitor Script Ending......
________________________________________________________________________
Login Out.......
logout
Returning to command line
[slc247glenn]>
Batch Script—SLC CLI
This script runs the following SLC CLI commands, then runs the Monport Interface script:
show network port 1 host
show deviceport names
show script
connect script monport deviceport 7
SLC™ 8000 Advanced Console Manager User Guide
147
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
The following is the screen output of the script:
[slc247glenn]> se script runcli cli
[slc247glenn]> show network port 1 host
___Current Hostname
Settings___________________________________________________
Hostname: slc247glenn
Domain: <none>
[slc247glenn]>
[slc247glenn]> show deviceport names
___Current Device Port
Names___________________________________________________
01 - SCS_ALIAS_Test 05 - Port-5
02 - Port-2 06 - Port-6
03 - Port-3 07 - SLC -251
04 - Port-4 08 - Port-8
[slc247glenn]>
[slc247glenn]> show script
___Interface Scripts______Group/
Permissions_____________________________________
getSLC Adm/ad,nt,sv,dt,lu,ra,um,dp,pc,rs,fc,dr,sn,wb,sk,po,do
Test Adm/ad,nt,sv,dt,lu,ra,um,dp,pc,rs,fc,dr,sn,wb,sk,po,do
monport Adm/<none>
___Batch Scripts__________Group/
Permissions_____________________________________
cli Adm/ad,nt,sv,dt,lu,ra,um,dp,pc,rs,fc,dr,sn,wb,sk,po,do
[slc247glenn]>
[slc247glenn]> connect script monport deviceport 7
login: Logging in....
sysadmin
sysadmin
Password: PASS
Welcome to the Secure Lantronix Console Manager
Model Number: SLC 48
For a list of commands, type 'help'.
[SLC251glenn]> show network port 1 host
show network port 1 host
___Current Hostname
Settings___________________________________________________
Hostname: SLC251glenn
Domain: support.int.
Device HOSTNAME: SLC 251GLENN
________________________________________________________________________
Monitored Port: Port 7
Monitor Interval Time: 5 Seconds
[Current Time:21:25:04]
show portcounter deviceport 7
lantronix.com
[SLC251glenn]> show portcounter deviceport 7
Device Port: 7 Seconds since zeroed: 1454120
Bytes input: 0 Bytes output: 0
Framing errors: 0 Flow control errors: 0
Overrun errors: 0 Parity errors: 0
[SLC251glenn]>
SLC™ 8000 Advanced Console Manager User Guide
148
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
[Current Time:21:25:20]
show portcounter deviceport 7
show portcounter deviceport 7
Device Port: 7 Seconds since zeroed: 1454136
Bytes input: 0 Bytes output: 0
Framing errors: 0 Flow control errors: 0
Overrun errors: 0 Parity errors: 0
[SLC251glenn]>
Port Counter Monitor Script Ending......
________________________________________________________________________
Login Out.......
logout
Returning to command line
[slcvz249_glenn]> show script
___Interface Scripts______Group/
Permissions_____________________________________
test3
Def/do
___Batch Scripts__________Group/
Permissions_____________________________________
test1
Adm/
ad,nt,sv,dt,lu,ra,um,dp,ub,rs,fc,dr,sn,wb,sk,po,do
[slcvz249_glenn]>
Sites
A site is a group of site-oriented modem parameters that can be activated by various modem-
related events (authentication on dial-in, outbound network traffic for a dial-on-demand
connection, etc.). The site parameters will override parameters that are configured for a modem.
To use sites with a modem, create one or more sites (described below), then enable Use Sites for
the modem. Sites can be used with the following modem states: dial-in, dial-back, CBCP Server,
dial-on-demand, dial-in & dial-on-demand, and dial-back & dial-on-demand. For more information
To add a site:
1. Click the Devices tab and select the Sites option. The Sites page displays:
2. In the lower section of the page, enter the following:
Note: To clear fields in the lower part of the page, click the Reset Site button.
Site Id
Displays after a site is created.
(view only)
Site Name
Port
Enter a name for the site.
Select the port: None, Internal Modem, Device Port, USB Port U1, or USB
Port U2 the site is assigned to. For dial-on-demand sites, a port must be
SLC™ 8000 Advanced Console Manager User Guide
149
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Login/CHAP Host
CHAP Secret
The login name (for PAP authentication) or CHAP host (for CHAP authentication)
associated with this site. If a modem has sites enabled and the authentication is
successful at dial-in (for modem states dial-in, dial-back, CBCP server, dial-in &
dial-on-demand, or dial-back & dial-on-demand), and the name that was
authenticated matches the Login/CHAP Host, the site parameters will be used for
the remainder of the modem connection.
The CHAP secret associated with this site. If a modem has sites enabled and
CHAP authentication enabled, then at dial-in, if the remote server sends a name
in the CHAP challenge response that matches the CHAP host of a site, the CHAP
secret for the site will be used to authenticate the CHAP challenge response sent
by the remote server.
Authentication
Timeout Logins
The type of authentication, PAP or CHAP, for which this site is applicable. On
dial-in authentication, only sites with the authentication type that matches the
authentication type configured for the modem will be used to try to find a matching
site.
For text dial-in connections, the connection can time out after the connection is
inactive for a specified number of minutes.
Negotiate IP Address If the SLC advanced console managerand the remote server should negotiate the
IP addresses for each side of the PPP connection, select Yes. Select No if the
address of the SLC unit (Local IP) and remote server (Remote IP) need to be
specified.
Static Route IP
Address
The Static Route IP Address, Subnet Mask and Gateway must be configured for
dial-on-demand sites. The SLC 8000 advanced console manager will
automatically dial-out and establish a PPP connection when IP traffic destined for
the network specified by the static route needs to be sent.
Note: Static Routing must be enabled on the Network - Routing page for dial-on-
demand connections.
Static Route Subnet
Mask
The subnet mask for a dial-on-demand connection.
Static Route Gateway The gateway for a dial-on-demand connection.
Dial-out Number
Dial-out Login
The dial-out number must be specified for dial-on-demand sites. This indicates
the phone number to dial when the SLC unit needs to send IP traffice for a dial-
on-demand connection.
User ID for authentication when dialing out to a remote system, or when a remote
system requests authentication from the SLC 8000 unit when it dials in. May have
up to 32 characters. This ID is used for authenticating the SLC 8000 advanced
console manager during the dial-out portion of a dial-back (including CBCP
server) and dial-on-demand.
Dial-out Password
Password for authentication when dialing out to a remote system, or if a remote
system requests authentication from the SLC unit when it dials in. May have up to
64 characters
Retype Password
Dial-back Number
Re-enter password for dialing out to a remote system. May have up to 64
characters.
The phone number to dial on callback for text or PPP dial-back connections. A
site must successfully authenticate, have Allow Dial-back enabled and have a
Dial-back Number defined in order for the site to be used for callback.
Allow Dial-back
Dial-back Delay
If enabled, the site is allowed to be used for dial-back connections.
For dial-back and CBCP Server, the number of seconds between the dial-in and
dial-out portions of the dialing sequence.
Dial-back Retries
For dial-back and CBCP Server, the number of times the SLC unit will retry the
dial-out portion of the dialing sequence if the first attempt to dial-out fails.
SLC™ 8000 Advanced Console Manager User Guide
150
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Modem Timeout
Restart Delay
Timeout for dial-in and dial-on-demand PPP connections. Select Yes (default) for
the SLC 8000 advanced console manager to terminate the connection if no traffic
is received during the configured idle time. Enter a value of from 1 to 9999
seconds. The default is 30 seconds.
The number of seconds after the modem timeout and before the SLC unit
attempts another connection. The default is 30 seconds.
CBCP Server
Allow No Callback
For a CBCP Server site, allows "No Callback" as an option in the CBCP
handshake in addition to User-defined Number and Admin-defined Number.
Enable NAT
Select to enable Network Address Translation (NAT) for PPP connections.
Note: IP forwarding must be enabled on the Network - Settings page for NAT to
work.
3. Click the Add Site button.
To view or update a site:
1. In the Sites table, select the site and click the View Site button. The site attributes are
displayed in the bottom half of the page.
2. Update any of the site attributes.
3. Click the Edit Site button.
To delete a site:
1. Select the site in the Sites table.
2. Click the Delete Site button.
Configures a set of site-oriented modem parameters that can be activated by various modem-
related events (authentication, outbound network traffic for DOD connections, etc.).
The site parameters will override any parameters configuredfor the modem.
Uses sites with a modem, enable 'usesites'. Sites can be used with the following modem states:
dialin, dialback, cbcpserver, dialondemand, dialin+ondemand, and dialback+ondemand.
To create or edit a site:
set site add|edit <Site Name> [<parameters>]
Parameters
name <Site Name> (edit only)
deviceport <Device Port # or Name or none>
usbport <U1|U2>
internal modem
auth <pap|chap>
loginhost <User Login/CHAP Host>
chapsecret <CHAP Secret>
localipaddr <negotiate|IP Address>
remoteipaddr <negotiate|IP Address>
routeipaddr <IP Address>
routemask <Mask>
routegateway <Gateway>
nat <enable|disable>
dialoutnumber <Phone Number>
SLC™ 8000 Advanced Console Manager User Guide
151
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
dialoutlogin <User Login>
dialoutpassword <Password>
allowdialback <enable|disable>
dialbacknumber <Phone Number>
dialbackdelay <Dial-back Delay>
dialbackretries <1-10>
timeoutlogins <disable|1-30 minutes>
modemtimeout <disable|1-9999 secs>
restartdelay <PPP Restart Delay>
cbcpnocallback <enable|disable>
To delete a site:
set site delete <Site Name>
show site <all|names|Site Name>
Modem Dialing States
Dial In
The SLC 8000 advanced console manager waits for a peer to call the SLC unit to establish a text
(command line) or PPP connection.
For text connections, the user will be prompted for a login and password, and will be
authenticated via the currently enabled authentication methods (Local Users, NIS, LDAP, etc).
The site list will be searched for a site that (a) the Login/CHAP Host matches the name that
was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or
matches the port the modem is on.
If a matching site is found, the Timeout Logins parameter configured for the site will be used
for the rest of the dial-in connection instead of the Timeout Logins parameter configured for
the modem. Once authenticated, a CLI session will be initiated, and the user will remain
connected to the SLC 8000 advanced console manager until they either logout of the CLI
session, or (if Timeout Logins is enabled) the CLI session is terminated if it has been idle.
For PPP connections, the user will be authenticated via PAP or CHAP (determined by the
Authentication setting for the modem). For PAP, the Local/Remote User list will be used to
authenticate the login and password sent by the PPP peer, and the site list will be searched for
a site that (a) the Login/CHAP Host matches the name that was authenticated, (b)
Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem
is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP Host and
CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP
peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port
the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC unit,
the Remote/Dial-out Login and Remote/Dial-out Password configured for the modem (not
the site) will be provided as authentication tokens.
If a matching site is found, its Negotiate IP Address, NAT, and Modem Timeout parameters
will be used for the rest of the dial-in connection instead of the parameters configured for the
modem. Once authenticated, a PPP session will be established using either negotiated IP
addresses or specific IP addresses (determined by the Negotiate IP Address setting). The
PPP connection will stay active until no IP traffic is sent for Modem Timeout seconds.
SLC™ 8000 Advanced Console Manager User Guide
152
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Dial-back
The SLC advanced console manager waits for a peer to call the SLC unit, establishes a text
(command line) or PPP connection, authenticates the user, and if the SLC 8000 advanced console
manager is able to determine a dial-back number to use, hangs up and calls the dial-back number
to establish either a text or PPP connection.
For text connections, the user will be prompted for a login and password, and will be
authenticated via the currently enabled authentication methods (Local Users, NIS, LDAP, etc).
The site list will be searched for a site that (a) the Login/CHAP Host matches the name that
was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or
matches the port the modem is on.
If a matching site is found, its Timeout Logins, Dial-back Number, Allow Dial-back, and
Dial-back Delay parameters will be used for the rest of the dial-back connection instead of the
parameters configured for the modem. Once the remote server is authenticated, if Allow Dial-
back is enabled for the site and a Dial-back Number is defined, the SLC unit will hang up and
wait Dial-back Delay seconds before initiating the dial-back. The SLC 8000 advanced
console manager will dial, prompt the user again for a login and password, and a CLI session
will be initiated. The user will remain connected to the SLC unit until they either logout of the
CLI session, or (if Timeout Logins is enabled) the CLI session is terminated if it has been
idle.
For PPP connections, the user will be authenticated via PAP or CHAP (determined by the
Authentication setting for the modem). For PAP, the Local/Remote User list will be used to
authenticate the login and password sent by the PPP peer, and the site list will be searched for
a site that (a) the Login/CHAP Host matches the name that was authenticated, (b)
Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem
is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP Host and
CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP
peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port
the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC 8000
advanced console manager, the Remote/Dial-out Login and Remote/Dial-out Password
configured for the modem (not the site) will be provided as authentication tokens.
If a matching site is found, its Dial-back Number, Allow Dial-back, Dial-back Delay, Dial-
out Login, Dial-out Password, Negotiate IP Address, NAT, and Modem Timeout
parameters will be used for the rest of the dial-back connection instead of the parameters
configured for the modem. Once the remote server is authenticated, if Allow Dial-back is
enabled for the site and a Dial-back Number is defined, the SLC unit will will hang up and wait
Dial-back Delay seconds before initiating the dial-back. The SLC 8000 advanced console
manager will dial, and if the remote peer requests PAP or CHAP authentication, provide the
Dial-out Login and Dial-out Password as authentication tokens. Once authenticated, a PPP
session will be established using either negotiated IP addresses or specific IP addresses
(determined by the Negotiate IP Address setting).
Dial-on-demand
The SLC unit automatically dial outs and establishes a PPP connection when IP traffic destined for
a remote network needs to be sent. It will remain connected until no data packets have been sent
to the peer for a specified amount of time.
When this modem state is initiated, the SLC 8000 advanced console manager searches the site
list for all sites that (a) have a Dial-out Number defined, (b) have a Static Route IP Address,
Static Route Subnet Mask and Static Route Gateway defined, and (c) the Port matches the port
the modem is on. A dial-on-demand connection will be started for each, waiting for IP traffic
destined for a remote network.
When IP traffic needs to be sent, the SLC unit dials the appropriate Dial-out Number for the site,
SLC™ 8000 Advanced Console Manager User Guide
153
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
and if the remote peer requests PAP or CHAP authentication, provides the Dial-out Login and
Dial-out Password as authentication tokens. Once authenticated, a PPP session will be
established using either negotiated IP addresses or specific IP addresses (determined by the
Negotiate IP Address setting). The PPP connection will stay active until no IP traffic is sent for
Modem Timeout seconds. Once the timeout has expired, the PPP connection will be terminated
and will not be reestablished for at least Restart Delay seconds.
Dial-in & Dial-on-demand
A modem is configured to be in two modes: answering incoming calls to establish a PPP
connection, and automatically dialing out to establish a PPP connection when IP traffic destined
for a remote network needs to be sent. When either event occurs (an incoming call or IP traffic
destined for the remote network), the other mode will be disabled.
For Dial-in, the user will be authenticated via PAP or CHAP (determined by the
Authentication setting for the modem). For PAP, the Local/Remote User list will be used to
authenticate the login and password sent by the PPP peer, and the site list will be searched for
a site that (a) the Login/CHAP Host matches the name that was authenticated, (b)
Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem
is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP Host and
CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP
peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port
the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC
advanced console manager, the Remote/Dial-out Login and Remote/Dial-out Password
configured for the modem (not the site) will be provided as authentication tokens.
If a matching site is found, its Negotiate IP Address, NAT, and Modem Timeout parameters
will be used for the rest of the dial-in connection instead of the parameters configured for the
modem. Once authenticated, a PPP session will be established using either negotiated IP
addresses or specific IP addresses (determined by the Negotiate IP Address setting). The
PPP connection will stay active until no IP traffic is sent for Modem Timeout seconds.
For Dial-on-Demand, the SLC unit searches the site list for all sites that (a) have a Dial-out
Number defined, (b) have a Static Route IP Address, Static Route Subnet Mask and Static
Route Gateway defined, and (c) the Port matches the port the modem is on. A dial-on-
demand connection will be started for each, waiting for IP traffic destined for a remote
network. When IP traffic needs to be sent, the SLC 8000 advanced console manager dials the
appropriate Dial-out Number for the site, and if the remote peer requests PAP or CHAP
authentication, provides the Dial-out Login and Dial-out Password as authentication tokens.
Once authenticated, a PPP session will be established using either negotiated IP addresses
or specific IP addresses (determined by the Negotiate IP Address setting). The PPP
connection will stay active until no IP traffic is sent for Modem Timeout seconds. Once the
timeout has expired, the PPP connection will be terminated and will not be reestablished for at
least Restart Delay seconds.
Dial-back & Dial-on-demand
A modem is configured to be in two modes: answering incoming calls to initiate a dial-back, and
automatically dialing out to establish a PPP connection when IP traffic destined for a remote
network needs to be sent. When either event occurs (an incoming call or IP traffic destined for the
remote network), the other mode will be disabled.
For Dial-back, the user will be authenticated via PAP or CHAP (determined by the
Authentication setting for the modem). For PAP, the Local/Remote User list will be used to
authenticate the login and password sent by the PPP peer, and the site list will be searched for
a site that (a) the Login/CHAP Host matches the name that was authenticated, (b)
Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem
SLC™ 8000 Advanced Console Manager User Guide
154
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP Host and
CHAP Secret match the name and secret sent in the CHAP Challenge response by the PPP
peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port
the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC unit,
the Remote/Dial-out Login and Remote/Dial-out Password configured for the modem (not
the site) will be provided as authentication tokens.
If a matching site is found, its Dial-back Number, Allow Dial-back, Dial-back Delay, Dial-
out Login, Dial-out Password, Negotiate IP Address, NAT, and Modem Timeout
parameters will be used for the rest of the dial-back connection instead of the parameters
configured for the modem. Once the remote server is authenticated, if Allow Dial-back is
enabled for the site and a Dial-back Number is defined, the SLC 8000 advanced console
manager will will hang up and wait Dial-back Delay seconds before initiating the dial-back.
The SLC unit will dial, and if the remote peer requests PAP or CHAP authentication, provide
the Dial-out Login and Dial-out Password as authentication tokens. Once authenticated, a
PPP session will be established using either negotiated IP addresses or specific IP addresses
(determined by the Negotiate IP Address setting).
For Dial-on-Demand, the SLC 8000 advanced console manager searches the site list for all
sites that (a) have a Dial-out Number defined, (b) have a Static Route IP Address, Static
Route Subnet Mask and Static Route Gateway defined, and (c) the Port matches the port
the modem is on. A dial-on-demand connection will be started for each, waiting for IP traffic
destined for a remote network.
When IP traffic needs to be sent, the SLC unit dials the appropriate Dial-out Number for the
site, and if the remote peer requests PAP or CHAP authentication, provides the Dial-out
Login and Dial-out Password as authentication tokens. Once authenticated, a PPP session
will be established using either negotiated IP addresses or specific IP addresses (determined
by the Negotiate IP Address setting). The PPP connection will stay active until no IP traffic is
sent for Modem Timeout seconds. Once the timeout has expired, the PPP connection will be
terminated and will not be reestablished for at least Restart Delay seconds.
CBCP Server
Callback Control Protocl (CBCP) is a PPP option that negotiates the use of callback where the
server, after authenticating the client, terminates the connection and calls the client back at a
phone number that is determined by the CBCP handshake. For more information on CBCP, see
http://technet.microsoft.com/en-us/library/cc957979.aspx. CBCP is used primarily by Microsoft
PPP peers. CBCP supports two options for determining the number to dial on callback: the client
can specify a user-defined number for the server to dial on callback, or the client can request the
server use an administrator-defined number to dial on callback. Optionally, some servers may also
allow "no callback" as an option.
For CBCP Server, the SLC 8000 advanced console manager waits for a client to call the SLC unit,
establishes a PPP connection, authenticates the user, and negotiates a dial-back number with the
client using CBCP. If the SLC 8000 advanced console manager is able to determine a dial-back
number to use, it hangs up and calls the dial-back number.
When a call is received, a PPP connection is established, and the user will be authenticated via
PAP or CHAP (determined by the Authentication setting for the modem). For PAP, the Local/
Remote User list will be used to authenticate the login and password sent by the PPP peer, and
the site list will be searched for a site that (a) the Login/CHAP Host matches the name that was
authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the
port the modem is on. For CHAP, the site list will be searched for a site that (a) the Login/CHAP
Host and CHAP Secret match the name and secret sent in the CHAP Challenge response by the
PPP peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port
the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC unit, the
SLC™ 8000 Advanced Console Manager User Guide
155
Download from Www.Somanuals.com. All Manuals Search And Download.
8: Device Ports
Remote/Dial-out Login and Remote/Dial-out Password configured for the modem (not the site)
will be provided as authentication tokens.
If a matching site is found, its CBCP Server Allow No Callback, Dial-back Number, Allow Dial-
back, Dial-back Delay, Dial-out Login, Dial-out Password, Negotiate IP Address, NAT, and
Modem Timeout parameters will be used for the rest of the dial-back connection instead of the
parameters configured for the modem. Once the remote server is authenticated, the CBCP
handshake with the client determines the number to use for dial-back. The SLC 8000 advanced
console manager will present the client with the available options: if Allow Dial-back is enabled
for the site and a Dial-back Number is defined, the administrator-defined option is allowed; if this
is not the case, the user-defined number is allowed. Additionally, if CBCP Server Allow No
Callback is enabled, the client can also select no callback (the PPP connection established at
dial-in will remain up). The client will select from the available callback options. If the SLC unit can
determine a dial-back number to use, it will hang up and wait Dial-back Delay seconds before
initiating the dial-back. The SLC advanced console manager will call back the previously
authenticated remote peer, and if the remote peer requests PAP or CHAP authentication, provide
the Dial-out Login and Dial-out Password as authentication tokens. Once authenticated, a PPP
session will be established using either negotiated IP addresses or specific IP addresses
(determined by the Negotiate IP Address setting).
SLC™ 8000 Advanced Console Manager User Guide
156
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
CLI. This page can be used to configure the thumb drive and modems. The thumb drive or SD
card is useful for firmware updates, saving and restoring configurations and for device port
The SLC advanced console manager supports a variety of thumb drives.
This chapter describes the Web Manager pages and available CLI commands that configure the
SLC USB, ports and SD card. This chapter contains the following sections:
Set Up of USB/SD Card Storage
These checkboxes are a security feature to ensure that access to any USB device or the SD card
is disabled if the box is unchecked. If unchecked, the SLC unit ignores any device plugged into the
port.
To set up USB or SD card storage in the SLC 8000 advanced console manager:
1. Insert any of the supported storage devices into the USB port or the SD card slot on the front
of the SLC unit. You can do this before or after powering up the SLC 8000 advanced console
manager. If the first partition on the storage device is formatted with a file system supported by
the SLC unit (ext2, FAT16 and FAT32), the card mounts automatically.
2. Log into the SLC unit and click Devices.
display appropriate row in the USB ports / SD card table if you have inserted it. If is does not
display and you have inserted it, refresh the web page.
4. View the USB/SD card information and options available on the page:
Port (view only)
Port on the SLC unit where the USB device or SD card is inserted.
Device (view only) Type of USB device or SD card (modem or storage).
Type (view only) Information read from USB device or SD card.
State (view only) Indicates if the device is mounted, and if mounted, how much space is available.
USB Access
Check to enable USB Access. Uncheck to disable USB access.
SD Card Access
Check to enable SD Card Access. Uncheck to disable SD card access.
SLC™ 8000 Advanced Console Manager User Guide
157
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
Figure 9-1 Devices > USB / SD Card
To configure a USB/SD card storage port, from the USB Ports / SD Card table,
1. Click the radio button (on the far right) of a USB or SD card device storage port.
2. Click Configure.
-
-
Figure 9-2 shows the page that displays if a USB storage device is inserted.
Figure 9-3 shows the page that displays if an SD Card is inserted.
Figure 9-2 Devices > USB > Configure
SLC™ 8000 Advanced Console Manager User Guide
158
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
Figure 9-3 Devices > SD Card > Configure
3. Enter the following fields.
Mount
Select the checkbox to mount the first partition of the storage device on
the SLC unit (if not currently mounted). Once mounted, a USB thumb
drive or SD card is used for firmware updates, device port logging and
saving/restoring configurations.
Unmount
Format
To eject the USB thumb drive or SD card from the SLC unit , first
unmount the thumb drive or SD card . Select the checkbox to unmount it.
Warning:
If you eject a thumb drive or SD card from the SLC unit
without unmounting it, subsequent mounts of a USB thumb drive or
SD card in may fail, and you will need to reboot the device to restore
thumb drive or SD card functionality.
Select to:
Unmount the USB/SD card device (if it is mounted)
Remove all existing partitions
Create one partition
Format it with the selected file system (ext2, FAT16 or FAT32)
Mount the USB device
Filesystem
Select Ext2, FAT16 or FAT32, the filesystems the SLC supports.
Filesystem Check
Select to run a filesystem integrity check on the thumb drive. This is
recommended if the filesystem does not mount or if the filesystem has errors.
4. Click Apply.
5. Click the Manage Files on Storage Device link to view and manage files on the selected USB
thumb drive or SD Card. Files on the storage device may then be deleted, downloaded or
SLC™ 8000 Advanced Console Manager User Guide
159
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
To configure the USB Modem port, from the USB Ports table:
1. Click the radio button (on the far right) for Port U1 or U2.
U1, or if Port U2 is selected.
Figure 9-4 Devices > USB > Modem
SLC™ 8000 Advanced Console Manager User Guide
160
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
3. Enter the following fields.
Data Settings
Note: Check the modem’s equipment settings and documentation for the proper
settings. The attached modem must have the same settings.
Baud
The speed with which the device port exchanges data with the attached serial
device.
From the drop-down list, select the baud rate. Most devices use 9600 for the
administration port, so the device port defaults to this value. Check the equipment
settings and documentation for the proper baud rate.
Data Bits
Parity
Number of data bits used to transmit a character. From the drop-down list, select
the number of data bits. The default is 8 data bits.
Parity checking is a rudimentary method of detecting simple, single-bit errors.
From the drop-down list, select the parity. The default is none.
Stop Bits
Flow Control
The number of stop bit(s) used to indicate that a byte of data has been transmitted.
From the drop-down list, select the number of stop bits. The default is 1.
A method of preventing buffer overflow and loss of data. The available methods
include none, xon/xoff (software), and rts/cts (hardware). The default is none.
Modem Settings
Note: Depending on the State and Mode you select, different fields are available.
State
Mode
Indicates whether an external modem is attached to the device port. If enabling,
set the modem to dial-out, dial-in, dial-back, dial-on-demand, dial-in/host list, or
dial in, dial-on-demand, CBCP Server, and CBCP Client. Disabled by default. See
Modem Dialing States (on page 152) for more information.
The format in which the data flows back and forth:
Text: In this mode, the SLC unit assumes that the modem will be used for
remotely logging into the command line. Text mode can only be used for
dialing in or dialing back. Text is the default.
PPP: This mode establishes an IP-based link over the modem. PPP
connections can be used in dial-out mode (e.g., the SLC 8000 advanced
console manager connects to an external network), dial-in mode (e.g., the
external computer connects to the network that the SLC unit is part of), or dial-
on-demand.
Use Sites
Enables the use of site-oriented modem parameters which can be activated by
various modem-related events (authentication, outbound network traffic for dial-
on-demand connections, etc.). Sites can be used with the following modem
states: dial-in, dial-back, dial-on-demand, dial-in & dial-on-demand, dial-back &
dial-on-demand, and CBCP server.
SLC™ 8000 Advanced Console Manager User Guide
161
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
Group Access
If undefined, any group can access the modem (text login only). If one or more
groups are specified (groups are delimited by the characters ' ' (space), ','
(comma), or ';' (semicolon)), then any user who logs into the modem must be a
member of one of the specified groups, otherwise access will be denied. Users
authenticated via RADIUS may have a group (or groups) provided by the
RADIUS server via the Filter-Id attribute that overrides the group defined for a
user on the SLC 8000 advanced console manager. A group provided by a remote
server must be either a single group or multiple groups delimited by the
characters ' ' (space), ',' (comma), ';' (semicolon), or '=' (equals) - for example
"group=group1,group2;" or "group1,group2,group3".
Initialization Script
Commands sent to configure the modem may have up to 100 characters. Consult
your modem’s documentation for recommended initialization options. If you do
not specify an initialization script, the SLC unit uses a default initialization string of
AT S7=45 SO=0 L1 V1 X4 &D2 &c1 E1 Q0.
Note: We recommend that the modem initialization script always be preceded
with AT and include E1 V1 x4 Q0 so that the SLC unit may properly control the
modem.
Modem Timeout
Caller ID Logging
Timeout for all modem connections. Select Yes (default) for the SLC 8000
advanced console manager to terminate the connection if no traffic is received
during the configured idle time. Enter a value of from 1 to 9999 seconds. The
default is 30 seconds.
Select to enable the SLC unit to log caller IDs on incoming calls. Disabled by
default.
Note: For the Caller ID ATcommand, refer to the modem user guide.
Modem ATcommand used to initiate caller ID logging by the modem.
Note: For the ATcommand, refer to the modem user guide.
Modem Command
Dial-back Number
Users with dial-back access can dial into the SLC 8000 advanced console
manager and enter their login and password. Once the SLC unit authenticates
them, the modem hangs up and dials them back.
Select the phone number the modem dials back on -a fixed number or a number
associated with their login. If you select Fixed Number, enter the number (in the
format 2123456789).
The dial-back number is also used for CBCP client as the number for a user-
Dial-back Delay
Dial-back Retries
For dial-back and CBCP Server, the number of seconds between the dial-in and
dial-out portions of the dialing sequence.
Specify the number of times to retry dialing back.
Text Mode
Timeout Logins
If you selected Text mode, you can enable logins to time out after the connection is
inactive for a specified number of minutes. The default is No. This setting is only
applicable for text mode connections. PPP mode connections stay connected until
either side drops the connection. Disabled by default.
Dial-in Host List
From the drop-down list, select the desired host list. The host list is a prioritized list
of SSH, Telnet, and TCP hosts that are available for establishing outgoing modem
connections or for connect direct at the CLI. The hosts in the list are cycled
through until the SLC unit successfully connects to one.
To establish and configure host lists, click the Host Lists link.
SLC™ 8000 Advanced Console Manager User Guide
162
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
PPP Mode
Negotiate IP Address
If the SLC unit and/or the serial device have dynamic IP addresses (e.g., IP
addresses assigned by a DHCP server), select Yes. Yes is the default.
If the SLC unit or the modem have fixed IP addresses, select No, and enter the
Local IP (IP address of the port) and Remote IP (IP address of the modem).
Authentication
Enables PAP or CHAP authentication for modem logins. PAP is the default.
With PAP, users are authenticated by means of the Local Users and any of the
remote authentication methods that are enabled. With CHAP, the CHAP
Handshake fields authenticate the user.
CHAP Handshake
CHAP Auth Uses
The Host/User Name (for UNIX systems) or Secret/User Password (for
Windows systems) used for CHAP authentication. May have up to 128 characters.
For CHAP authentication, determines what is used to validate the CHAP host/
user sent by the remote peer: either the CHAP Host defined for the modem, or
any of the users in the Local Users list.
Same authentication for Select this option to let incoming connections (dial-in) use the same
Dial-in & Dial-on-Demand authentication settings as outgoing connections (dial-on-demand). If this option
(DOD)
is not selected, then the dial-on-demand connections take their authentication
settings from the DOD parameter settings. If DOD Authentication is PAP,
then the DOD CHAP Handshake field is not used.
DOD Authentication
Enables PAP or CHAP authentication for dial-in & dial-on-demand. PAP is the
default. With PAP, users are authenticated by means of the Local Users and
any of the remote authentication methods that are enabled. With CHAP, the
DOD CHAP Handshake fields authenticate the user.
DOD CHAP Handshake
Enable NAT
For DOD Authentication, enter the Host/User Name for UNIX systems) or
Secret/User Password (for Windows systems) used for CHAP authentication.
May have up to 128 characters.
Select to enable Network Address Translation (NAT) for dial-in and dial-out
PPP connections on a per modem (device port or USB port) basis. Users
dialing into the SLC access the network connected to Eth1 and/or Eth2.
Dial-out Number
Phone number for dialing out to a remote system or serial device. May have up
to 20 characters. Any format is acceptable.
Remote/Dial-out Login
User ID for authentication when dialing out to a remote system, or if a remote
system requests authentication from the SLC device when it dials in. May have up
to 32 characters. This ID is used for authenticating the SLC unit during the dial-out
portion of a dial-back (including CBCP server) and dial-on-demand.
Remote/Dial-out Pwd
Password for authentication when dialing out to a remote system, or if a
remote system requests authentication from the SLC unit when it dials in. May
have up to 64 characters.
Retype
Re-enter password for dialing out to a remote system. May have up to 64
characters.
Restart Delay
The number of seconds after the timeout and before the SLC 8000 advanced
console manager attempts another connection. The default is 30 seconds.
CBCP Server
Allow No Callback
For CBCP Server state, allows "No Callback" as an option in the CBCP
handshake in addition to User-defined Number and Admin-defined Number.
CBCP Client Type
For CBCP Client, this selects the number that the client would like to use for
callback - either a user-defined number passed to the server (specified by the
Fixed Dial-back Number) or an administrator-defined number determined by
the server based on the login that is PAP or CHAP authenticated.
SLC™ 8000 Advanced Console Manager User Guide
163
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
IP Settings
Service
The available connection services for this modem port (None, Telnet, SSH, or
TCP). Only one can be active at a time. The default is None.
Telnet Port
SSH Port
TCP Port
Telnet Port Telnet session port number to use if you selected Telnet.
Defaults:
USB Port U1: 2049
USB Port U2: 2050
Range: 1025-65535
The SSH session port number to use if you selected SSH.
Defaults:
USB Port U1: 3049
USB Port U2: 3050
Range: 1025-65535
The TCP (raw) session port number to use if you selected TCP.
Defaults:
USB Port U1: 4049
USB Port U2: 4050
Range: 1025-65535
Authenticate
(checkbox)
If selected, the SLC unit requires user authentication before granting access to
the port. Authenticate is selected by default for Telnet Port and SSH Port, but
not for TCP Port.
4. Click Apply.
Manage Files
To manage files, perform the following steps.
Figure 9-5 Firmware and Configurations - Manage Files (Top of Page)
Rename options.
SLC™ 8000 Advanced Console Manager User Guide
164
Download from Www.Somanuals.com. All Manuals Search And Download.
9: USB/SD Card Port
2. To delete a file, click the check box next to the filename and click Delete File. A confirmation
message displays.
3. To download a file, click the Download File button. Select the file from the list.
4. To rename a file, click the check box next to the filename and enter a new name in the New
File Name field.
5. Click Rename File.
USB Commands
The following CLI commands correspond to the USB port. For more information, see Chapter 14:
set usb access
set usb modem
set usb storage mount
set usb storage unmount
set usb storage dir
set usb storage rename
set usb storage copy
set usb storage delete
set usb storage format
set usb storage fsck
show usb
show usb storage
show usb modem
SD Card Commands
set sdcard access
set sdcard mount
set sdcard unmount
set sdcard format
set sdcard fsck
set sdcard dir
set sdcard rename
set sdcard copy
set sdcard delete
show sdcard
SLC™ 8000 Advanced Console Manager User Guide
165
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
Chapter 8: Device Ports on page 100 described how to configure and interact with an SLC
advanced console server port connected to an external device. This chapter describes how to use
(such as Telnet or SSH) in various configurations.
An SLC unit port attached to an external device can be connected to one of the following
endpoints:
Another device port attached to an external device
Another device port with a modem attached
An outgoing Telnet or SSH session
An outgoing TCP or UDP network connection
This enables the user to set up connections such as those described in the next section. You can
establish a connection at various times:
Immediately. These connections are always re-established after reboot.
At a specified date and time. These connections connect if the date and time have already
passed.
After a specified amount of data or a specified sequence of data passes through the
connection. Following reboot, the connection is not reestablished until the specified data
passes through the connection.
Typical Setup Scenarios for the SLC Unit
Following are typical configurations in which SLC connections can be used, with references to
Terminal Server
In this setup, the SLC 8000 advanced console manager acts as a multiplexer of serial data to a
single server computer. Terminal devices are connected to the serial ports of the SLC unit and
The users of the terminals can access the server as if they were connected directly to it by local
serial ports or a console.
SLC™ 8000 Advanced Console Manager User Guide
166
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
Figure 10-1 Terminal Server
SLC 8000 Advanced Console Manager
Telnet Sessions (via
Network connection)
Serial
Connections
VT100 Terminals
Remote Access Server
In this setup, the SLC 8000 advanced console manager is connected to one or more modems by
the Dial-in option in the Modem Settings section. Most customers use the modems in PPP mode
to establish an IP connection to the SLC unit and either Telnet or SSH into the SLC 8000
advanced console manager. They could also select text mode where, using a terminal emulation
program, a user could dial into the SLC unit and connect to the command line interface.
Figure 10-2 Remote Access Server
SLC 8000 Advanced Console Manager
Internal
Phone System
Network
Network
Connections
Serial
Connections
Modems
Reverse Terminal Server
In this scenario, the SLC 8000 advanced console manager has one or more device ports
connected to one or more serial ports of a mainframe server. Users can access a terminal session
by establishing a Telnet or SSH session to the SLC unit. To configure the SLC console manager,
Figure 10-3 Reverse Terminal Server
PC
Unix Server
SLC 8000 Advanced Console Manager
PC
PC
Serial
Sessions
Telnet/SSH
Sessions
SLC™ 8000 Advanced Console Manager User Guide
167
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
Multiport Device Server
A PC can use the device ports on the SLC unit as virtual serial ports, enabling the ports to act as if
they are local ports to the PC. To use the SLC 8000 advanced console manager in this setup, the
PC requires special software, for example, Com Port Redirector (available on www.lantronix.com)
or similar software).
Figure 10-4 Multiport Device Server
Serial Printer
Windows/
Linux PC
SLC 8000 Advanced Console Manager
Modem
Raw TCP
Sessions
Serial
Connections
Serial
Device
Console Server
For this situation, the SLC unit is configured so that the user can manage a number of servers or
pieces of network equipment using their console ports. The device ports on the SLC 8000
advanced console manager are connected to the console ports of the equipment that the user
would like to manage. To manage a specific piece of equipment, the user can Telnet or SSH to a
specific port or IP address on the SLC unit and be connected directly to the console port of the end
server or device. To configure this setup, set the Enable Telnet In or Enable SSH In option on the
Device Ports > Settings page for the device port in question. The user can implement an extra
remote management capability by adding a modem to one of the device ports and setting the Dial-
into the SLC 8000 advanced console manager using another modem and terminal emulation
program at a remote location.
Figure 10-5 Console Server
Web Server
PC
Switch
SLC 8000 Advanced Console Manager
PC
Router
Telnet/SSH
Sessions
PC
Serial
Terminal
Sessions
Modem
SLC™ 8000 Advanced Console Manager User Guide
168
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
Connection Configuration
To create a connection:
1. Click the Devices tab and select the Connections opton. The following page displays:
Figure 10-6 Devices > Connections
2. For a device port, enter the following:
Outgoing
Connection
Timeout
Select to turn on or turn off the connection timeout:
No for no timeout
Yes for a timeout. Specify the number of seconds in the seconds field.
Port
The number of the device port you are connecting.
This device port must be connected to an external serial device and must not have
command line interface logins enabled, be connected to a modem, or be running a
loopback test.
Note: To see the current settings for this device port, click the Settings link.
Data Flow
Select the arrow showing the direction (bidirectional or unidirectional) the data will flow in
relationship to the device port you are connecting.
SLC™ 8000 Advanced Console Manager User Guide
169
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
to
From the drop-down list, select a destination for the connection: a device port connected
to a serial device, a device port connected to a modem, or an outbound network
connection (Device Port, Modem on Device Port, Telnet, SSH, TCP Port, or UDP
Port).
Note: To see the current settings for a selected device port, click the Settings link.
Hostname
Port
The host name or IP Address of the destination. This entry is required if the to field is set
to Telnet out, SSH out, TCP port, or UDP port.
If the to field is set to Device Port or Modem on Device Port, enter the number of the
device port. For all other options, this is the TCP/UDP port number, which is optional for
Telnet out and SSH out, but required for TCP Port and UDP Port.
Note: If you select Device Port, it must not have command line interface logins
enabled or be running a loopback test. To view the device port's settings, click the
Settings link to the right of the port number.
SSH Out
Options
Select one of the following optional flags to use for the SSH connection.
User: Login ID to use for authenticating on the remote host.
Version: Version of SSH. Select 1 or 2.
Command: Enter a specific command on the remote host (for example, reboot).
Trigger
Select the condition that will trigger a connection. Options include:
Connect now: Connects immediately, or if you reboot the SLC 8000 advanced
console manager, immediately on reboot.
Connect at date/time: Connects at a specified date and time. Use the drop-down
lists to complete the date and time. Upon rebooting, the SLC unit reestablishes the
connection if the date/time has passed.
Auto-connect on characters transferring: Select the arrow indicating the direction
of the data transfer and either the minimum number of characters or a specific
character sequence that will trigger the connection.
You can select the direction of the data transfer only if Data Flow is bidirectional. Upon
rebooting, the SLC 8000 advanced console manager does not reestablish the
connection until the specified data has passed through one of the endpoints of the
connection.
3. To save, click the Apply button.
To view, update, or disconnect a current connection:
Figure 10-7 Current Connections
1. To view details about a connection, hold the mouse over the arrow in the Flow column.
2. To disconnect (delete) a connection, select the connection in the Select column and click the
Terminate button.
3. To reestablish the connection, create the connection again in the top part of the page.
4. To view information about Web connections, click the here link in the text above the table. The
SLC™ 8000 Advanced Console Manager User Guide
170
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
Maintenance > Firmware & Configurations page displays.
Connection Commands
These commands for configuring connections correspond to the web page entries described
above.
To connect to a device port to monitor and/or interact with it, or to establish an outbound
network connection:
connect direct <endpoint>
Endpoint is one of:
deviceport <Port # or Name>
ssh <IP Address or Name> [port <TCP Port>] [<SSH flags>]
where <SSH flags>is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
telnet <IP Address or Name> [port <TCP Port>]
udp <IP Address> [port <UDP Port>]
hostlist <Host List>
To configure initial timeout for outgoing connections:
connect global outgoingtimeout <disable|1-9999 seconds>
Note: This is not a TCP timeout.
To monitor a device port:
connect listen deviceport <Device Port # or Name>
To connect a device port to another device port or an outbound network connection (data
flows in both directions):
connect bidirection <Port # or Name> <endpoint>
Endpoint is one of:
charcount <# of Chars>
charseq <Char Sequence>
charxfer <toendpoint|fromendpoint>
deviceport <Device Port # or Name>
date <MMDDYYhhmm[ss]>
exclusive <enable|disable>
ssh <IP Address or Name> [port <TCP Port] [<SSH flags>]
where <SSH flags> is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
SLC™ 8000 Advanced Console Manager User Guide
171
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
telnet <IP Address or Name> [port <TCP Port>]
trigger <now|datetime|chars>
udp <IP Address> [port <UDP Port>]
Note: If the trigger is datetime (establish connection at a specified date/time), enter the
date parameter. If the trigger is chars (establish connection on receipt of a specified
number or characters or a character sequence), enter the charxfer parameter and either
the charcount or the charseq parameter.
To connect a device port to another device port or an outbound network connection (data
flows in one direction):
connect unidirection <Device Port # or Name> dataflow <toendpoint|
fromendpoint> <endpoint>
Endpoint is one of:
charcount <# of Chars>
charseq <Char Sequence>
datetime <MMDDYYhhmm[ss]>
deviceport <Port # or Name>
exclusive <enable|disable>
ssh <IP Address or Name> [port <TCP Port] >]
<SSH flags>]
where <SSH flags>is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
telnet <IP Address or Name> [port <TCP Port]
trigger <now|datetime|chars>
udp <IP Address> [port <UDP Port>]
Note: If the trigger is datetime (establish connection at a specified date/time), enter the
date parameter. If the trigger is chars (establish connection on receipt of a specified number
or characters or a character sequence), enter either the charcount or the charseq parameter.
To terminate a bidirectional or unidirectional connection:
connect terminate <Connection ID>
To view connections and their IDs:
show connections [email <Email Address>].
You can optionally email the displayed information.
Note: The connection IDs are in the left column of the resulting table. The connection ID
associated with a partiFcular connection may change if connection times out and is restarted.
To display details for a single connection:
show connections connid <Connection ID> [email <Email Address>
You can optionally email the displayed information.
SLC™ 8000 Advanced Console Manager User Guide
172
Download from Www.Somanuals.com. All Manuals Search And Download.
10: Connections
To display global connections:
connect global show
SLC™ 8000 Advanced Console Manager User Guide
173
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Users who attempt to log in to the SLC advanced console manager by means of Telnet, SSH, the
console port, or one of the device ports are granted access by one or more authentication
methods.
The User Authentication page provides a submenu of methods (Local Users, NIS, LDAP,
RADIUS, Kerberos, and TACACS+) for authenticating users attempting to log in. Use this page to
assign the order in which the SLC unit will use the methods. By default, local user authentication is
enabled and is the first method the SLC 8000 advanced console manager uses to authenticate
users. If desired, you can disable local user authentication or assign it a lower precedence.
Note: Regardless of whether local user authentication is enabled, the local user
sysadmin account is always available for login.
Authentication can occur using all methods, in the order of precedence, until a successful
authentication is obtained, or using only the first authentication method that responds (in the event
that a server is down).
If you have the same user name defined in multiple authentication methods, the result is unknown.
Example:
There is an LDAP user "joe" and an NIS user "joe" and the order of authentication methods is:
1. Local Users
2. LDAP
3. NIS
User "joe" tries to log in. Because there is an LDAP user "joe," the SLC unit tries to authenticate
him against his LDAP password first. If he fails to log in, then the SLC 8000 advanced console
manager may (or may not) try to authenticate him against his NIS "joe" user password.
To enable, disable, and set the precedence of authentication methods:
1. From the main menu, select User Authentication. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
174
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-1 User Authentication > Authentication Methods
2. To enable a method currently in the Disabled methods list, select the method and press the
left
arrow to the left of the list. The methods include:
NIS
A network naming and administration system developed by Sun
Microsystems for smaller networks. Each host client or server computer in
the system has knowledge about the entire system. A user at any host can
access files or applications on any host in the network with a single user
identification and password.
(Network Information
System)
NIS uses the client/server model and the Remote Procedure Call (RPC)
interface for communication between hosts. NIS consists of a server, a
library of client programs, and some administrative tools. NIS is often used
with the Network File System (NFS).
LDAP
A set of protocols for accessing information directories, specifically X.500-
based directory services. LDAP runs over TCP/IP or other connection-
oriented transfer services.
(Lightweight Directory
Access Protocol)
RADIUS
An authentication and accounting system used by many Internet Service
Providers (ISPs). A client/server protocol, it enables remote access servers
to authenticate dial-in users and authorize their access to the requested
system or service.
(Remote Authentication
Dial-In User Service)
RADIUS allows a company to maintain user profiles in a central database
that all remote servers can share. It increases security, allowing a company
to set up a policy that can be applied at a single administered network point.
Kerberos
Kerberos is a network authentication protocol that enables two parties to
exchange private information across an unprotected network.
It works by assigning a unique electronic credential, called a ticket, to each
user who logs on to the network. The ticket is embedded in messages to
identify the sender.
SLC™ 8000 Advanced Console Manager User Guide
175
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
TACACS+
TACACS+ allows a remote access server to communicate with an
authentication server to determine whether the user has access to the
network. TACACS+ is a completely new protocol and is not compatible with
TACACS or XTACACS. The SLC 8000 advanced console manager
supports TACACS+ only.
(Terminal Access
Controller Access Control
System)
Local Users
Local accounts on the SLC unit used to authenticate users who log in using
SSH, Telnet, the web, or the console port.
3. To disable a method currently in the Enabled methods list, select the method and click the
right arrow between the lists.
4. To set the order in which the SLC unit will authenticate users, use the up
and down
arrows to the left of the Enabled methods list.
5. For Attempt next method on authentication rejection, you have the following options:
-
-
To enable the SLC 8000 advanced console manager to use all methods, in order of
precedence, until it obtains a successful authentication, select the check box. This is the
default.
To enable the SLC unit to use only the first authentication method that responds (in case a
server is down or unavailable), clear the check box.
6. Click Apply.
Now that you have enabled one or more authentication methods, you must configure them.
Authentication Commands
The following command for the command line interface corresponds to the web page entries
described above.
To set ordering of authentication methods:
Note: Local Users authentication is always the first method used. Any methods omitted
from the command will be disabled.
set auth <one or more parameters>
Parameters
authusenextmethod <enable|disable>
kerberos <1-6>
ldap <1-6>
localusers <1-6>
nis <1-6>
radius <1-6>
tacacs+ <1-6>
To view authentication methods and their order of precedence:
show auth
SLC™ 8000 Advanced Console Manager User Guide
176
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
User Rights
The SLC has three user groups: Administrators, Power Users, and Default Users. Each has a
predefined set of rights; users inherit rights from the user group to which they belong. These rights
are in addition to the current functions that a user can perform at the command line interface:
connect direct/listen
set locallog/password/history/cli
show datetime/deviceport/locallog/portstatus/portcounters/
history/cli/user
The table below shows the mapping of groups and user rights.
Table 11-2 User Types and Rights
User Right
Administrator
Power Users
Default Users
Full Administrative Rights
Networking
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
X
Services
Date/Time
Local Users
Remote Authentication
SSH Keys
User Menus
Device Port Operations
Device Port Configuration
USB
Reboot/Shutdown
Firmware/Configuration
Diagnostics and Reports
Secure Lantronix Network
Web Access
X
X
X
Internal Modem
SD Card
You cannot deny a user rights defined for the group, but you can add or remove all other rights at
any time.
By default, the system assigns new users to the Default Users group, but you can change their
group membership at any time. If you change a user's rights while the user is logged into the web
or CLI, the results do not take effect until the next time the user logs in.
SLC™ 8000 Advanced Console Manager User Guide
177
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Local and Remote User Settings
The system administrator can configure the SLC 8000 advanced console manager to use local
accounts and remote accounts to authenticate users.
1. Click the User Authentication tab and select the Local/Remote Users option. The following
page displays.
Figure 11-3 User Authentication > Local/Remote Users
The top of the page has entry fields for enabling local and remote users and for setting
password requirements. The bottom of the page displays a table listing and describing all local
and remote users.
To enable local and/or remote users:
1) Enter the following:
Enable Local Users
Select to enable all local users except sysadmin. The sysadmin is always
available regardless of how you set the check box. Enabled by default.
Multiple Sysadmin
Web Logins
Select to allow the sysadmin to have multiple simultaneous logins to the web
interface. Disabled by default.
Sysadmin Access
Limited to Console
Port
Select to limit sysadmin logins to the Console Port only. Disabled by default.
Authenticate only
Select the check box to authenticate users listed in the Remote Users list in the
remote users who are lower part of the page. Disabled by default.
in the remote users list
SLC™ 8000 Advanced Console Manager User Guide
178
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
2) Continue to set Local User Passwords:
Complex Passwords Select to enable the SLC unit to enforce rules concerning the password structure
(e.g., alphanumeric requirements, number of characters, punctuation marks).
Disabled by default.
Complexity rules:
Passwords must be at least eight characters long.
They must contain one upper case letter (A-Z), one lower case letter (a-z), one
digit ( 0-9), and one punctuation character (()`~!@#$%%^&*-+=\{}[]:;"'<>,.?/_).
Allow Reuse
Select to enable users to continue to reuse old passwords. If you disable the
check box, they cannot use any of the Reuse History number of passwords.
Enabled by default.
Reuse History
The number of passwords the user must use before reusing an old password. The
default is 4.
For example, if you set reuse history to 4, the user may reuse an old password
after using 4 other passwords.
Password Lifetime
(days)
The number of days until the password expires. The default setting is 90.
Warning Period
(days)
The number of days ahead that the system warns that the user's password will
expire. The default setting is 7.
Max Login Attempts
The number of times (up to 8) the user can attempt to log in unsuccessfully before
the system locks the user out. The default setting is 0 (disabled).
Lockout Period
(minutes)
The number of minutes (up to 90) the locked-out user must wait before trying to
log in to the web interface again. The default setting is 0 (disabled).
2. Click the Apply button.
Adding, Editing or Deleting a User
table or open a page for adding or editing a user.
To add a user:
Authentication > Local/Remote User > Add/Edit User page displays.
SLC™ 8000 Advanced Console Manager User Guide
179
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-4 User Authentication > Local/Remote User > Add/Edit User
2. Enter the following information for the user:
Login
User ID of selected user.
Authentication
Select the type of authenticated user:
Local: User listed in the SLC database.
Remote: User not listed in the SLC database.
UID
A unique numeric identifier the system administrator assigns to each user.
Valid UIDs are 101-4294967295.
Note: The UID must be unique. If it is not, SLC unit automatically increments
it. Starting at 101, the SLC 8000 advanced console manager finds the next
unused UID.
Listen Ports
The device ports that the user may access to view data using the connect
listen command. Enter the port numbers or the range of port numbers (for
example, 1, 5, 8, 10-15). U1 and U2 denote the USB upper and lower ports on
the front of the SLC unit.
Data Ports
The device ports with which the user may interact using the connect direct
command. Enter the port numbers or the range of port numbers.
Clear Port Buffers
The device port buffers the users may clear using the set locallog
clearcommand. Enter the port numbers or the range of port numbers.
SLC™ 8000 Advanced Console Manager User Guide
180
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Enable for Dial-back
Dial-back Number
Escape Sequence
Select to grant a local user dial-back access. Users with dial-back access can
dial into the SLC unit and enter their login and password. Once the SLC 8000
advanced console manager authenticates them, the modem hangs up and
dials them back. Disabled by default.
The phone number the modem dials back on depends on this setting for the
device port. The user is either dialed back on a fixed number (specified on the
Device Port - Settings page), or on a number that is associated with the user’s
login (specified here).
A single character or a two-character sequence that causes the SLC unit to
leave direct (interactive) mode. (To leave listen mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed
quickly but not simultaneously). You would specify this value as \x1bA, which
is hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect directcommand on
the command line interface when the endpoint of the command is deviceport,
tcp, or udp.
Break Sequence
A series of 1-10 characters users can enter on the command line interface to
send a break signal to the external device. A suggested value is Esc+B
(escape key, then uppercase “B” performed quickly but not simultaneously).
You would specify this value as \x1bB, which is hexadecimal (\x) character 27
(1B) followed by a B.
Custom Menu
If custom menus have been created, you can assign a default custom menu to
the user. The custom menu will display at login.
Note: In the Local Users table, if the menu assigned to a local user no longer
exists, it is marked with an asterisk (*).
Display Menu at Login
If custom menus have been created, select to enable the menu to display
when the user logs into the CLI.
Password /
Retype Password
When a user logs into the SLC 8000 advanced console manager, the SLC unit
prompts for a password (up to 64 characters). The sysadmin establishes that
password here.
Password Expires
If not selected, allows the user to keep a password indefinitely. If selected the
user keeps the password for a set period. (See the section, Local and Remote
User Settings (on page 178) for information on specifying the length of time
before the password expires.)
Allow Password Change Select to allow the user to change password.
Change Password on
Next Login
Indicate whether the user must change the password at the next login.
Lock Account
Select to lock the account indefinitely.
Displays the current account status:
Account Status
Active
Locked
Locked (invalid logins)
SLC™ 8000 Advanced Console Manager User Guide
181
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
3. In the User Rights section, select the user group to which local/remote users will belong.
Group
Select the group to which the RADIUS users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
Custom Group: Select a custom group from the drop-down menu.
4. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage Secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
Right to enter settings for SD card.
SD Card
5. Click the Apply button.
6. Click the Back to Local/Remote Users link to return to the Local/Remote User Settings page.
7. Add another user or click the Back to Local/Remote Users link. The Local/Remote Users
page displays with the new user(s) listed in the table.
Note: The logged-in user's name displays at the top of the web page. Only the tabs and
options for which the user has rights display.
SLC™ 8000 Advanced Console Manager User Guide
182
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Shortcut
To add a user based on an existing user:
the top part of the page display the current values for the user.
2. Change the Login to that of the new user. It is best to change the Password too.
3. Click the Apply button.
To edit a local user:
Edit User button. The Local/Remote User Settings page displays.
2. Update values as desired.
3. Click the Apply button.
To delete a local user:
Edit User button. The Local/Remote User Settings page displays.
2. Click the Delete User button.
3. Click the Apply button.
To change the sysadmin password:
Edit User button. The Local/Remote User Settings page displays.
2. Enter the new password in the Password and Retype Password fields.
Note: You can change Escape Sequence and Break Sequence, if desired. You cannot
delete the UID or change the UID, port permissions, or custom menu.
3. Click the Apply button.
Local Users Commands
The following CLI commands correspond to the web page entries described above.
To configure local accounts (including sysadmin) who log in to the SLC 8000 advanced
console manager by means of SSH, Telnet, the Web, or the console port:
set localusers add|edit <User Login> <parameters>
Parameters
allowdialback <enable|disable>
breakseq <1-10 Chars>
changenextlogin <enable|disable>
changepassword <enable|disable>
clearports <Port List>
SLC™ 8000 Advanced Console Manager User Guide
183
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
custommenu <Menu Name>
dataports <Port List>
dialbacknumber <Phone Number>
displaymenu <enable|disable>
escapeseq <1-10 Chars>
group <default|power|admin|Custom Group Name>
listenports <Port List>
passwordexpires <enable|disable>
permissions <Permission List>
uid <User Identifier>
To set whether a complex login password is required:
set localusers complexpasswords <enable|disable>
To enable or disable authentication of local users:
set localusers state <enable|disable>
To set a login password for the local user:
set localusers password <User Login>
To delete a local user:
set localusers delete <User Login>
To view settings for all users or a local user:
show localusers [user <User Login>]
To block (lock out) a user's ability to log in:
set localusers lock <User Login>
Note: This capability is not available on the web page.
To allow (unlock) a user's ability to log in:
set localusers unlock <User Login>
Note: This capability is not available on the web page.
Local User Rights Commands
The following CLI commands correspond to the web page entries described above.
To add a local user to a user group or to change the group the user belongs to:
set localusers add|edit <user> group <default|power|admin>
To set a local user's permissions (not defined by the user group):
set localusers add|edit <user> permissions <Permission List>
SLC™ 8000 Advanced Console Manager User Guide
184
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To view the rights of the currently logged-in user:
show user
Remote User Commands
The following CLI commands correspond to the web page entries described above.
To configure whether remote users who are not part of the remote user list will be
authenticated:
set remoteusers listonlyauth <enable|disable>
To configure attributes for users who log in by a remote authentication method:
set remoteusers add|edit <User Login> [<parameters>]
Parameters
breakseq <1-10 Chars>
clearports <Port List>
dataports <Port List>
escapeseq <1-10 Chars>
group <default|power|admin|Custom Group Name>
listenports <Port List>
permissions <Permissions List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To remove a remote user:
set remoteusers delete <User Login>
To view settings for all remote users:
show remoteusers
To view the rights of the currently logged-in user:
show user
SLC™ 8000 Advanced Console Manager User Guide
185
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
NIS
The system administrator can configure the SLC advanced console manager to use NIS to
authenticate users attempting to log in to the SLC unit through the Web, SSH, Telnet, or the
console port. If NIS does not provide port permissions, you can use this page to grant device port
access to users who are authenticated through NIS.
All NIS users are members of a group that has predefined user rights associated with it. You can
assign additional user rights that are not defined by the group.
To configure the SLC unit to use NIS to authenticate users:
1. Click the User Authentication tab and select the NIS option.
Figure 11-5 User Authentication > NIS
SLC™ 8000 Advanced Console Manager User Guide
186
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
2. Enter the following:
Enable NIS
Displays selected if you enabled this method on the Authentication Methods page.
If you want to set up this authentication method but not enable it immediately, clear
the checkbox.
Note: You can enable NIS here or on the first User Authentication page. If you
enable NIS here, it automatically displays at the end of the order of precedence on
the User Authentication page.
NIS Domain
The NIS domain of the SLC 8000 advanced console manager must be the same as
the NIS domain of the NIS server.
Broadcast for NIS
Server
If selected, the SLC unit sends a broadcast datagram to find the NIS Server on the
local network.
NIS Master Server
The IP address or host name of the master server.
NIS Slave
The IP addresses or host names of up to five slave servers.
Servers #1 -5
Custom Menu
If custom menus have been created you can assign a default custom menu to NIS
users.
Escape Sequence
A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave listen
mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect direct command on the
command line interface when the endpoint of the command is deviceport, tcp, or
udp.
Break
Sequence
A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user Dial-back (on page 153). Users with dial-back access can
dial into the SLC 8000 advanced console manager and enter their login and
password. Once the SLC unit authenticates them, the modem hangs up and dials
them back. Disabled by default.
Dial-back Number
The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the connect direct
command. Enter the port numbers or the range of port numbers (for example, 1, 5,
8, 10-15). U1 and U2 denote the USB upper and lower ports on the front of the SLC
unit.
Listen Ports
The ports users are able to monitor using the connect listen command.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog clear command.
SLC™ 8000 Advanced Console Manager User Guide
187
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
3. In the User Rights section, select the user Group to which NIS users will belong:
Group
Select the group to which the NIS users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user .
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
4. Assign or unassign User Rights for the specific user by checking or unchecking the following
checkboxes:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
Right to enter settings for SD card.
SD Card
5. Click the Apply button.
Note: You must reboot the unit before your changes will take effect.
SLC™ 8000 Advanced Console Manager User Guide
188
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
NIS Commands
These commands for the CLI correspond to the web page entries described above.
To configure the SLC unit to use NIS to authenticate users who log in via the Web, SSH,
Telnet, or the console port:
set nis <one or more parameters>
Parameters
breakseq <1-10 Chars>
broadcast <enable|disable>
clearports <Port List>
dataports <Port List>
domain <NIS Domain Name>
escapeseq <1-10 Chars>
listenports <Port List>
master <IP Address or Hostname>
slave1 <IP Address or Hostname>
slave2 <IP Address or Hostname>
slave3 <IP Address or Hostname>
slave4 <IP Address or Hostname>
slave5 <IP Address or Hostname>
state <enable|disable>
To set group and permissions for NIS users:
set nis group <default|power|admin>
To set permissions for NIS users not already defined by the user rights group:
set nis permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for NIS users:
set nis custommenu <Menu Name>
To view NIS settings:
show nis
SLC™ 8000 Advanced Console Manager User Guide
189
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
LDAP
The system administrator can configure the SLC 8000 advanced console manager to use LDAP to
authenticate users attempting to log in using the Web, Telnet, SSH, or the console port.
LDAP allows SLC unit users to authenticate using a wide variety of LDAP servers, such as
OpenLDAP and Microsoft Active Directory. The LDAP implementation supports LDAP servers that
do not allow anonymous queries.
Users who are authenticated through LDAP are granted device port access through the port
permissions on this page.
All LDAP users are members of a group that has predefined user rights associated with it. You can
add additional user rights that are not defined by the group.
To configure the SLC unit to use LDAP to authenticate users:
1. Click the User Authentication tab and select LDAP. The following page displays.
SLC™ 8000 Advanced Console Manager User Guide
190
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-6 User Authentication > LDAP
2. Enter the following:
Enable LDAP
Displays selected if you enabled this method on the first User Authentication page.
If you want to set up this authentication method but not enable it immediately, clear
the checkbox.
Server
The IP address or host name of the LDAP server.
SLC™ 8000 Advanced Console Manager User Guide
191
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Port
Number of the TCP port on the LDAP server to which the SLC talks. The default is
389.
Base
The name of the LDAP search base (e.g., dc=company, dc=com). May have up to
80 characters.
Bind Name
The name for a non-anonymous bind to an LDAP server. This item has the same
format as LDAP Base. One example is
cn=administrator,cn=Users,dc=domain,dc=com
Bind Password /
Retype Password
Password for a non-anonymous bind. This entry is optional. Acceptable characters
are a-z, A-Z, and 0-9.
The maximum length is 127 characters.
Bind with Login
Select to bind with the login and password that a user is authenticating with. This
requires that the Bind Name contain the $logintoken, which will be replaced with
the current login. For example, if the Bind Name is
uid=$login,ou=People,dc=lantronix,dc=com, and user roberts
logs into the SLC 8000 advanced console manager, LDAP will bind with
uid=roberts,ou=People,dc=lantronix,dc=comand the password
entered by roberts.
User Login Attribute The attribute used by the LDAP server for user logins. If nothing is specified for the
user filter, the SLC unit will use "uid". For AD LDAP servers, the attribute for user
logins is typically "sAMAccountName".
Group Filter
Objectclass
The objectclass used by the LDAP server for groups. If nothing is specified for the
group filter, the SLC 8000 advanced console manager will use "posixGroup". For
AD LDAP servers, the objectclass for groups is typically "Group".
Group Member
Attribute
The attribute used by the LDAP server for group membership. This attribute may be
use to search for a name (ie, "msmith") or a Distinguished Name (ie,
"uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as
appropriate for the LDAP server. If nothing is specified for the group membership
attribute, the SLC unit will use "memberUID" for name and "uniqueMember" for DN.
For AD LDAP servers, the Group Membership Value is typically DN, with the Group
Membership Attribute of "member".
Group Member Value The attribute used by the LDAP server for group membership. This attribute may be
use to search for a name (ie, "msmith") or a Distinguished Name (ie,
"uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as
appropriate for the LDAP server. If nothing is specified for the group membership
attribute, the SLC 8000 advanced console manager will use "memberUID" for
name and "uniqueMember" for DN. For AD LDAP servers, the Group Membership
Value is typically DN, with the Group Membership Attribute of "member".
Use LDAP Schema
Select the check box to obtain remote user attributes (group/permissions and port
access) from an Active Directory server's scheme via the user attribute 'Secure
LantronixPerms' (see details below). Disabled by default.
Active Directory
Support
Select to enable. Active Directory is a directory service from Microsoft that is a part
of Windows 2000 and later versions of Windows. It is LDAP- and Kerberos-
compliant. Disabled by default.
Encrypt Messages
Select Start TLS or SSL to encrypt messages between the SLC unit and the LDAP
server. If Start TLS is selected, the port will automatically be set to 389 and the
StartTLS extension will be used to initiate a secure connection; if SSL is selected,
the port will automatically be set to 636 and a SSL tunnel will be used for LDAP
communication. The port number can be changed to a non-standard LDAP port; if
the port number is set to anything other than 636, Start TLS will be used as the
encryption method. Disabled by default.
SLC™ 8000 Advanced Console Manager User Guide
192
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Certificate Authority A certificate can be uploaded to the SLC unit for peer authentication. If a certificate
is uploaded, all 3 files are required. The Certificate Authority and Certificate File are
in PEM format, eg:
Certificate File
Key File
-----BEGIN CERTIFICATE-----
(certificate in base64 encoding)
-----END CERTIFICATE-----
The Key File is in PEM format, eg:
-----BEGIN RSA PRIVATE KEY-----
(private key in base64 encoding)
-----END RSA PRIVATE KEY-----
Custom Menu
If custom menus have been created, you can assign a default custom menu to
Escape Sequence
A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave listen
mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect direct command on the
command line interface when the endpoint of the command is deviceport, tcp, or
udp.
Break Sequence
A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC unit and enter their login and password. Once the SLC 8000 advanced
console manager authenticates them, the modem hangs up and dials them back.
Disabled by default.
Dial-back Number
The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the connect
direct command. U1 and U2 denote the USB upper and lower ports on the front
of the SLC unit.
Listen Ports
The ports users are able to monitor using the connect listencommand.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog clear
command.
3. In the User Rights section, select the user group to which LDAP users will belong:
Group
Select the group to which the LDAP users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
SLC™ 8000 Advanced Console Manager User Guide
193
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
4. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage secure Lantronix units (e.g., SLP, Spider, or SLC
devices) on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for NIS users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to configure internal modem settings.
Right to enter device port settings.
Device Port
Operations
Device Port
Right to enter device port configurations.
Configuration
USB
Right to enter modem settings for USB.
SD Card
Right to view and enter settings for SD card.
5. Click the Apply button.
Note: You must reboot the unit before your changes will take effect.
LDAP Commands
These commands for the command line interface correspond to the web page entries described
above.
To configure the SLC unit to use LDAP to authenticate users who log in via the Web, SSH,
Telnet, or the console port:
set ldap <one or more parameters>
Parameters
adsupport <enable|disable>
Enables or disables active directory.
base <LDAP Base>
bindname <Bind Name>
breakseq <1-10 Chars>
SLC™ 8000 Advanced Console Manager User Guide
194
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
dataports <Ports List>
listenports <Port List>
clearports <Port List>
escapeseq <1-10 Chars>
bindpassword <Bind Password>
encrypt <enable|disable>
filteruser <User Login Attribute>
filtergroup <Group Objectclass>
grmemberattr <Group Membership Attribute>
grmembervalue <dn|name>
port <TCP Port>
Default is 389.
server <IP Address or Hostname>
state <enable|disable>
To set user group and permissions for LDAP users:
group <default|power|admin>
To set permissions for LDAP users not already defined by the user rights group:
permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for LDAP users:
custommenu <Menu Name>
To set the LDAP bind password:
set ldap bindpassword
To import or delete a certificate:
set ldap certificate import via <sftp|scp> rootfile <Cert Auth File>
certfile <Certificate File> keyfile <Key File>
host <IP Address or Name> login <User Login> [path <Path to Files>]
set ldap certificate delete
To view LDAP settings:
show ldap
SLC™ 8000 Advanced Console Manager User Guide
195
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
RADIUS
The system administrator can configure the SLC 8000 advanced console manager to use RADIUS
to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port.
Users who are authenticated through RADIUS are granted device port access through the port
permissions on this page.
All RADIUS users are members of a group that has predefined user rights associated with it. You
can add additional user rights that are not defined by the group.
To configure the SLC unit to use RADIUS to authenticate users:
1. Click the User Authentication tab and select RADIUS. The following page displays.
Figure 11-7 User Authentication > RADIUS
SLC™ 8000 Advanced Console Manager User Guide
196
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
2. Enter the following:
Enable RADIUS
Displays selected if you enabled this method on the User Authentication page. If
you want to set up this authentication method but not enable it immediately, clear
the checkbox.
Note: You can enable RADIUS here or on the first User Authentication page. If
you enable RADIUS here, it automatically displays at the end of the order of
precedence on the User Authentication page.
RADIUS Server #1
IP address or hostname of the primary RADIUS server. This RADIUS server may
be a proxy for SecurID.
SecurID is a two-factor authentication method based on the user's SecurID token
and pin number. The SecurID token displays a string of digits called a token code
that changes once a minute (some tokens are set to change codes every 30
seconds).
Server #1 Port
Number of the TCP port on the RADIUS server used for the RADIUS service. If you
do not specify an optional port, the SLC unit uses the default RADIUS port (1812).
Server #1 Secret
Text that serves as a shared secret between a RADIUS client and the server (SLC
unit). The shared secret is used to encrypt a password sent between the client and
the server. May have up to 128 characters.
RADIUS Server #2
Server #2 Port
IP address or host name of the secondary RADIUS server. This server can be used
as a SecurID proxy.
Number of the TCP port on the RADIUS server used for the RADIUS service. If you
do not specify an optional port, the SLC 8000 advanced console manager uses the
default RADIUS port (1812).
Server #2 Secret
Text that serves as a shared secret between a RADIUS client and the server (SLC
unit). The shared secret is used to encrypt a password sent between the client and
the server. May have up to 128 characters.
Timeout
Use VSA
The number of seconds (1-30) after which the connection attempt times out. The
default is 30 seconds.
Select the check box to obtain remote user attributes (group/permissions and port
access) from the RADIUS server via the Vendor-Specific Attribute (VSA). For
details on the format of the VSA, see User Attributes & Permissions from LDAP
Custom Menu
If custom menus have been created, you can assign a default custom menu to
RADIUS users.
Escape Sequence
A single character or a two-character sequence that causes the SLC unit to leave
direct (interactive) mode. (To leave listen mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect directcommand on the
command line interface when the endpoint of the command is deviceport,
tcp, or udp.
Break Sequence
A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC 8000 advanced console manager and enter their login and password.
Once the SLC device authenticates them, the modem hangs up and dials them
back. Disabled by default.
SLC™ 8000 Advanced Console Manager User Guide
197
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Dial-back Number
Data Ports
The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
The ports users are able to monitor and interact with using the connect direct
command. U1 and U2 denote the USB upper and lower ports on the front of the
SLC unit.
Listen Port
The ports users are able to monitor using the connect listen command.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog clear
command.
Note: Older RADIUS servers may use 1645 as the default port. Check your RADIUS
server configuration.
3. In the User Rights section, select the user group to which RADIUS users will belong.
Group
Select the group to which the RADIUS users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
4. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage Secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
SLC™ 8000 Advanced Console Manager User Guide
198
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
SD Card
Right to enter settings for SD card.
5. Click the Apply button.
Note: You must reboot the unit before your changes will take effect.
RADIUS Commands
These commands for the command line interface correspond to the web page entries described
above.
To configure the SLC unit to use RADIUS to authenticate users who log in via the Web,
SSH, Telnet, or the console port:
set radius <one or more parameters>
Parameters
breakseq <1-10 Chars>
clearports <Port List>
dataports <Port List>
escapeseq <1-10 Chars>
listenports <Port List>
state <enable|disable>
To identify the RADIUS server(s), the text secret, and the number of the TCP port on the
RADIUS server:
set radius server <1|2> host <IP Address or Hostname> secret <Secret>
[port <TCP Port>]
The default port is 1812.
To set the number of seconds after which the connection attempt times out:
set radius timeout <disable|1-30>
May be 1-30 seconds.
To set user group and permissions for RADIUS users:
set radius group <default|power|admin>
To set permissions for RADIUS users not already defined by the user rights group:
set radius permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for RADIUS users:
set radius custommenu <Menu Name>
SLC™ 8000 Advanced Console Manager User Guide
199
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To view RADIUS settings:
show radius
User Attributes & Permissions from LDAP Schema or RADIUS VSA
Remote user attributes (group/permissions and port access) can be obtained from an Active
Directory server's schema via the user attribute 'secureLinxSLCPerms', or from a RADIUS server's
Vendor-Specific Attribute (see below). This attribute is a set of parameter-value pairs. Each
parameter and value is separated by a space, and a space separates each parameter-value pair.
Whitespace is not supported in the value strings. The parameters that are supported are:
rights - User rights. The value string is a comma-separated list of two letter user permissions.
Example: "nt,wb,ra".
data - Data port access. The value string specifies the list of ports the user has 'direct' access
to. Example: "2,4-18,U1,U2".
listen - Listen port access. The value string specifies the list of ports the user has 'listen'
access to.
clear - Clear port access. The value string specifies the list of port buffers the user has the
right to clear.
group - User group. Valid values for the value string are "default", "power", and "admin", and
any SLC custom group name. If a custom group name is specified and it matches a current
SLC custom group name, any rights attribute will be ignored, and the custom group's rights
(permissions) will be used instead. A group name with spaces cannot be specified.
escseq - Escape sequence. The value string specifies the user's escape sequence. Use "\x"
to specify non-printable characters. For example, "\x1bA" specifies the sequence "ESC-A".
brkseq - Break sequence. The value string specifies the user's break sequence.
menu - Custom user menu. The value string specifies the user's custom user menu.
display - Display custom user menu when a user logs into the CLI. Valid values for the value
string are "yes" and "no".
dbnumber - Dial-back number. The value string specifies the user's dial-back number for
modem dial-back connections.
allowdb - Allow a user to have dial-back access. Valid values for the value string are "yes"
and "no".
RADIUS servers will need to be configured to support the Lantronix Vendor-Specific Attribute. For
example, on a FreeRADIUS server, the dictionary will need be updated with the Lantronix
definition by including the contents below in a file named dictionary.lantronix, and including it in the
RADIUS server dictionary definitions by adding the appropriate $INCLUDE directive to the main
dictionary file.
# dictionary.lantronix
#
# Lantronix SLC Console Manager
# Provides SLC-specific user attributes
#
VENDOR Lantronix 244
BEGIN-VENDOR Lantronix
ATTRIBUTE Lantronix-User-Attributes 1 string
SLC™ 8000 Advanced Console Manager User Guide
200
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
END-VENDOR Lantronix
Once this is complete, the users file can be updated to include the Lantronix VSA for any user:
myuser
Auth-Type := Local, User-Password == "myuser_pwd"
Reply-Message = "Hello, %u",
Lantronix-User-Attributes = "data 1-4 listen 1-6 clear 1-4
group power"
Kerberos
Kerberos is a network authentication protocol that provides strong authentication for client/server
applications by using secret-key cryptography.
The system administrator can configure the SLC 8000 advanced console manager to use
Kerberos to authenticate users attempting to log in using the Web, Telnet, SSH, or the console
port.
Users who are authenticated through Kerberos are granted device port access through the port
permissions on this page.
All Kerberos users are members of a group that has predefined user rights associated with it. You
can add additional user rights that are not defined by the group.
To configure the SLC 8000 advanced console manager to use Kerberos to authenticate
users:
1. Click the User Authentication tab and select the Kerberos option. The following page
displays.
SLC™ 8000 Advanced Console Manager User Guide
201
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-8 User Authentication > Kerberos
2. Enter the following:
Enable Kerberos
Displays selected if you enabled this method on the User Authentication page. If
you want to set up this authentication method but not enable it immediately, clear
the checkbox.
Note: You can enable Kerberos here or on the first User Authentication page. If
you enable Kerberos here, it automatically displays at the end of the order of
precedence on the User Authentication page.
Realm
KDC
Enter the name of the logical network served by a single Kerberos database and a
set of Key Distribution Centers. Usually, realm names are all uppercase letters to
differentiate the realm from the Internet domain. Realm is similar in concept to an
NT domain.
A key distribution center (KDC) is a server that issues Kerberos tickets. A ticket is a
temporary set of electronic credentials that verify the identity of a client for a
particular service.
Enter the KDC in the fully qualified domain format (FQDN). An example is
SLC.local.
KDC IP Address
Enter the IP address of the Key Distribution Center (KDC).
SLC™ 8000 Advanced Console Manager User Guide
202
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
KDC Port
Use LDAP
Port on the KDC listening for requests. Enter an integer with a maximum value of
65535. The default is 88.
Indicate whether Kerberos should rely on LDAP to look up
user IDs and Group IDs. This setting is disabled by default.
Note: Make sure to configure LDAP if you select this option.
Custom Menu
If custom menus have been created, you can assign a default custom menu to
RADIUS users.
Escape Sequence
A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave listen
mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect directcommand on the
command line interface when the endpoint of the command is deviceport,
tcp, or udp.
Break Sequence
A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC 8000 advanced console manager and enter their login and password.
Once the SLC unit authenticates them, the modem hangs up and dials them back.
Disabled by default.
Dial-back Number
The phone number the modem dials back on depends on this setting for the device
port. The user is either dialed back on a fixed number, or on a number that is
associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the connect direct
command. U1 and U2 denote the USB upper and lower ports on the front of the
SLC unit.
Listen Port
The ports users are able to monitor using the connect listencommand.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog clear
command.
3. In the User Rights section, select the user group to which Kerberos users will belong.
Group
Select the group to which the Kerberos users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
4. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
SLC™ 8000 Advanced Console Manager User Guide
203
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
Right to enter settings for SD card.
SD Card
5. Click the Apply button.
Note: You must reboot the unit before your changes will take effect.
Kerberos Commands
These commands for the command line interface correspond to the web page entries described
above.
To configure the SLC unit to use Kerberos to authenticate users who log in via the Web,
SSH, Telnet, or the console port:
set kerberos <one or more parameters>
Parameters
breakseq <1-10 Chars>
clearports <Port List>
dataports <Port List>
escapeseq <1-10 Chars>
ipaddr <Key Distribution Center IP Address>
kdc <Key Distribution Center>
listenports <Port List>
port <Key Distribution Center TCP Port>
realm <Kerberos Realm>
state <enable|disable>
useldapforlookup <enable|disable>
To set user group and permissions for Kerberos users:
set kerberos group <default|power|admin>
SLC™ 8000 Advanced Console Manager User Guide
204
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To set permissions for Kerberos users not already defined by the user rights group:
set kerberos permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for Kerberos users:
set kerberos custommenu <Menu Name>
To view Kerberos settings:
show kerberos
TACACS+
Similar to RADIUS, the main function of TACACS+ is to perform authentication for remote access.
The SLC 8000 advanced console manager supports the TACACS+ protocol (not the older
TACACS or XTACACS protocols).
The system administrator can configure the SLC unit to use TACACS+ to authenticate users
attempting to log in using the Web, Telnet, SSH, or the console port.
Users who are authenticated through Kerberos are granted device port access through the port
permissions on this page.
All Kerberos users are members of a group that has predefined user rights associated with it. You
can add additional user rights that are not defined by the group.
To configure the SLC unit to use TACACS+ to authenticate users:
1. Click the TACACS+ tab and select TACACS+. The following page displays.
SLC™ 8000 Advanced Console Manager User Guide
205
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-9 User Authentication > TACACS+
2. Enter the following:
Enable TACACS+
Displays selected if you enabled this method on the User Authentication page. If
you want to set up this authentication method but not enable it immediately, clear
the checkbox.
You can enable TACACS+ here or on the first User Authentication page. If you
enable TACACS+ here, it automatically displays at the end of the order of
precedence on the User Authentication page.
TACACS+ Servers 1-3 IP address or host name of up to three TACACS+ servers.
Secret
Shared secret for message encryption between the SLC 8000 advanced console
manager and the TACACS+ server. Enter an alphanumeric secret of up to 127
characters.
Encrypt Messages
Custom Menu
Select the checkbox to encrypt messages between the SLC unit and the
TACACS+ server. Selected by default.
If custom menus have been created (see the User Guide), you can assign a
default custom menu to TACACS+ users.
SLC™ 8000 Advanced Console Manager User Guide
206
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Escape Sequence
A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave listen
mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed quickly
but not simultaneously). You would specify this value as \x1bA, which is
hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect directcommand on
the command line interface when the endpoint of the command is deviceport,
tcp, or udp.
Break
Sequence
A series of 1-10 characters users can enter on the command line interface to send
a break signal to the external device. A suggested value is Esc+B (escape key,
then uppercase “B” performed quickly but not simultaneously). You would specify
this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Enable for Dial-back Select to grant a user dial-back access. Users with dial-back access can dial into
the SLC unit and enter their login and password. Once the SLC 8000 advanced
console manager authenticates them, the modem hangs up and dials them back.
Disabled by default.
Dial-back Number
The phone number the modem dials back on depends on this setting for the
device port. The user is either dialed back on a fixed number, or on a number that
is associated with the user’s login (specified here).
Data Ports
The ports users are able to monitor and interact with using the connect direct
command. U1 and U2 denote the USB upper and lower ports on the front of the
SLC unit.
Listen Ports
The ports users are able to monitor using the connect listencommand.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog
clearcommand.
3. In the User Rights section, select the user group to which TACACS+ users will belong.
Group
Select the group to which the TACACS+ users will belong:
Default Users: This group has only the most basic rights. You can specify
additional rights for the individual user.
Power Users: This group has the same rights as Default Users plus Web
Access, Networking, Date/Time, Reboot & Shutdown, and Diagnostics &
Reports.
Administrators: This group has all possible rights.
4. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
SLC™ 8000 Advanced Console Manager User Guide
207
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
User Menus
Web Access
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
Right to enter settings for SD card.
SD Card
5. Click the Apply button.
Note: You must reboot the unit before your changes will take effect.
TACACS+ Commands
These commands for the command line interface correspond to the web page entries described
above.
To configure the SLC unit to use TACACS+ to authenticate users who log in via the Web,
SSH, Telnet, or the console port:
set tacacs+ <one or more parameters>
Parameters
breakseq <1-10 Chars>
clearports <Port List>
dataports <Port List>
encrypt <enable|disable>
escapeseq <1-10 Chars>
listenports <Port List>
secret <TACACS+ Secret>
server1 <IP Address or Name>
server2 <IP Address or Name>
server3 <IP Address or Name>
state <enable|disable>
To set user group and permissions for TACACS+ users:
set tacacs+ group <default|power|admin>
To set permissions for TACACS+ users not already defined by the user rights group:
set tacacs+ permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
SLC™ 8000 Advanced Console Manager User Guide
208
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To remove a permission, type a minus sign before the two-letter abbreviation for a user
right.
To set a default custom menu for TACACS+ users:
set tacacs+ custommenu <Menu Name>
To view TACACS+ settings:
show tacacs+
Groups
The SLC 8000 advanced console manager has 3 pre-defined groups: Administrators, Power
Users, and Default Users. Custom groups can also be created; each custom group is a set of user
attributes and permissions. Local Users and Remote Users defined on the SLC unit can be
assigned to one of the pre-defined groups or a custom group. When a user authenticates, if they
belong to custom group, they will be granted the custom group attributes and permissions, rather
than their individual attributes and permissions. The SLC 8000 advanced console manager
supports querying a LDAP server for groups that a LDAP user is a member of; if any of the LDAP
group names match a (Custom Group Name), the LDAP user will be granted the rights of the
custom group.
A custom group cannot be given the name of one of the pre-defined groups: "Admin", "Power" or
"Default" (or any version of these names where the case of the letters is different) since these
names are used for the SLC pre-defined groups. Any LDAP group that matches one of these pre-
defined group names will be ignored and not used to assign rights to a user.
To configure Groups in the SLC unit:
1. From the main menu, select User Authentication - Groups. The following page displays.
Note: If the fields in the lower part of the page have been populated by viewing another
group, the fields can be cleared by selecting the Reset Group button.
SLC™ 8000 Advanced Console Manager User Guide
209
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-10 User Authentication > Groups
2. Enter the following:
Group Name
Listen Ports
Enter a name for the group.
The ports users are able to monitor using the connect listen
command.
SLC™ 8000 Advanced Console Manager User Guide
210
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Data Ports
The ports users are able to monitor and interact with using the connect direct
command. U1 and U2 denote the USB upper and lower ports on the front of
the SLC unit.
Clear Port Buffers
The ports whose port buffer users may clear using the set locallog
clearcommand.
Enable for
Dial-back
Select to grant a user. Users with dial-back access can dial into the SLC unit
and enter their login and password. Once the SLC 8000 advanced console
manager authenticates them, the modem hangs up and dials them back.
Disabled by default.
Dial-back Number
Escape Sequence
The phone number the modem dials back on depends on this setting for the
device port. The user is either on a fixed number, or on a number that is
associated with the user’s login (specified here).
A single character or a two-character sequence that causes the SLC 8000
advanced console manager to leave direct (interactive) mode. (To leave
listen mode, press any key.)
A suggested value is Esc+A (escape key, then uppercase "A" performed
quickly but not simultaneously). You would specify this value as \x1bA, which
is hexadecimal (\x) character 27 (1B) followed by an A.
This setting allows the user to terminate the connect direct command
on the command line interface when the endpoint of the command is
deviceport, tcp, or udp.
Break Sequence
A series of one to ten characters users can enter on the command line
interface to send a break signal to the external device. A suggested value is
Esc+B (escape key, then uppercase “B” performed quickly but not
simultaneously). You would specify this value as \x1bB, which is
hexadecimal (\x) character 27 (1B) followed by a B.
Custom Menu
If custom menus have been created you can assign a default custom menu
Display Menu at Login
Check the checkbox to display the menu at login.
3. Select or clear the checkboxes for the following rights:
Full Administrative
Networking
Right to add, update, and delete all editable fields.
Right to enter Network settings.
Services
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and
SMTP.
Secure Lantronix
Network
Right to view and manage Secure Lantronix units (e.g., SLP, Spider, or SLC units)
on the local subnet.
Date/Time
Right to set the date and time.
Reboot & Shutdown Right to shut down and reboot the SLC unit.
Local Users
Right to add or delete local users on the system.
Remote
Right to assign a remote user to a user group and assign a set of rights to the user.
Authentication
SSH Keys
Right to set SSH keys for authenticating users.
Right to create a custom user menu for the CLI for LDAP users.
Right to access Web-Manager.
User Menus
Web Access
Diagnostics &
Reports
Right to obtain diagnostic information and reports about the unit.
SLC™ 8000 Advanced Console Manager User Guide
211
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Firmware &
Right to upgrade the firmware on the unit and save or restore a configuration (all
Configuration
settings). Selecting this option automatically selects Reboot & Shutdown.
Internal Modem
Right to update internal modem settings.
Right to control device ports.
Device Port
Operations
Device Port
Right to enter device port settings.
Configuration
USB
Right to enter modem settings for USB devices and control USB storage devices.
Right to enter settings for SD card.
SD Card
4. Click the Add Group button.
To view or update a group:
1. In the Groups table, select the group and click the View Group button. The group attributes
and permissions will be displayed in the lower section of the page.
2. Modify the group attributes and permissions and click the Edit Group button.
To delete a group:
1. Select the group in the Groups table.
2. Click the Delete Group button.
SSH Keys
The SLC 8000 advanced console manager can import and export SSH keys to facilitate shared
key authentication for all incoming and outgoing SSH connections. By using a public/private key
pair, a user can access multiple hosts with a single passphrase, or, if a passphrase is not used, a
user can access multiple hosts without entering a password. In either case, the authentication is
protected against security attacks because both the public key and the private key are required to
authenticate. For both imported and exported SSH keys, the SLC unit supports both RSA and
DSA keys, and can import and export keys in OpenSSH and SECSH formats. Imported and
exported keys are saved with the SLC console manager configuration, and the administrator has
the option of retaining the SSH keys during a reset to factory defaults.
The SLC unit can also update the SSH RSA1, RSA and DSA host keys that the SSH server uses
with site-specific host keys or reset them to the default values.
Imported Keys
Imported SSH keys must be associated with an SLC 8000 advanced console manager local user.
The key can be generated on host "MyHost" for user "MyUser," and when the key is imported into
the SLC unit, it must be associated with either "MyUser" (if "MyUser" is an existing SLC console
manager local user) or an alternate SLC local user. The public key file can be imported via SCP or
FTP; once imported, you can view or delete the public key. Any SSH connection into the SLC unit
from the designated host/user combination uses the SSH key for authentication.
SLC™ 8000 Advanced Console Manager User Guide
212
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Exported Keys
The SLC can generate SSH keys for SSH connections out of the SLC advanced console manager
for any SLC user. The SLC 8000 advanced console manager retains both the private and public
key on the SLC unit, and makes the public key available for export via SCP, FTP, or copy and
paste. The name of the key is used to generate the name of the public key file that is exported (for
example, <keyname>.pub), and the exported keys are organized by user and key name. Once a
key is generated and exported, you can delete the key or view the public portion. Any SSH
connection out of the SLC console manager for the designated host/user combination uses the
SSH key for authentication.
To configure the SLC unit to use SSH keys to authenticate users:
1. From the main menu, select User Authentication - SSH Keys. The following page displays.
SLC™ 8000 Advanced Console Manager User Guide
213
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
2. Enter the following:
Imported Keys (SSH In)
Host & User Associated with Key
These entries are required in the following cases:
-
-
-
The imported key file does not contain the host that the user will be making an SSH
connection from, or
The SLC local user login for the connection is different from the user name the key was
generated from or is not included in the imported key file, or
The imported key file contains multiple keys; in this case, each key must include the user
name and host at the end of the line in the standard <key> <user name>@<host>
format.
If either of these conditions is true, or the imported file is in SECSH format, you must specify the
user and host. The following is an example of a public key file that includes the user and host:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAEEApUHCX9EWsHt+jmUGXa1YC3us
ABYxIXUhSU1N+NU9HNaUADUFfd8LYz8/gUnUSH4Ksm8GRT7/8/Sn9jCVfGPh
UQ== asallaway@winserver
Host
The host name or IP address which will be associated with the SSH Key, typically
the host that the key was generated on. Once imported, the key can be used to
access the SLC from any host, not just the host associated with the key.
User
The User ID of the user being given secure access to the SLC unit.
Host & Login for Import
Import via
Select SCP, FTP, HTTPS, or Copy/Paste as the method for importing the SSH
keys. SCP is the default. If SCP or FTP are selected, the Filename, Host, Path,
Login, and Password fields are filled in. If HTTPS is selected, the Upload File link
will become active to upload a file containing a public key to the SLC. If Copy/Paste
is selected, the public key will be entered into the Filename/Public Key field.
Filename/Public Key The name of the file that was uploaded via HTTPS, or to be copied via SCP or FTP
(may contain multiple keys); or the public key (optionally including "user@host" at
the end) if Copy/Paste is used.
Host
Path
Login
IP address of the remote server from which to SCP or FTP the public key file.
Optional pathname to the public key file.
User ID to use to SCP or FTP the file.
Password to use to SCP or FTP the file.
Password /
Retype Password
Exported Keys (SSH Out)
Export
User
Enables you to export created public keys. Select one of the following:
New Key for User: Enables you to create a new key for a user and export the
public key in a file.
All Previously Created Keys: Does not create any keys, but exports all
previously created public keys in one file.
User ID of the person given secure access to the remote server.
SLC™ 8000 Advanced Console Manager User Guide
215
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Key Name
Name of the key. This will generate the public key filename (e.g., <keyname>.pub).
Select either the RSA or the DSA encryption standard. RSA is the default.
Select the number of bits in the key (1024, 2048, or 4096). The default is 1024.
Key Type
Number of Bits
Passphrase / Retype Optionally, enter a passphrase associated with the key. The passphrase may have
Passphrase
up to 50 characters. The passphrase is an optional password that can be
associated with an SSH key. It is unique to each user and to each key.
SECSH Format
Indicate whether the keys will be exported in SECSH format (by default the key is
exported in OpenSSH format).
Public Key Filename Filename of the public host key.
Host and Login for Export
Export via
Select the method (SCP, FTP, HTTPS, or Copy/Paste) of exporting the key to the
remote server. Copy/Paste, the default, requires no other parameters for export.
Host
IP address of the remote server to which the SLC 8000 advanced console manager
will SCP or FTP the public key file.
Path
Optional path of the file on the host to SCP or FTP the public key too.
User ID to use to SCP or FTP the public key file.
Login
Password /
Password to use to SCP or FTP the public key file.
Retype Password
To view or delete a key:
1. Select the key from the appropriate table. The View and Delete buttons become active.
2. To view the key, click the View button. A pop-up page displays the key.
Imported key for sysadmin@DaveSLM:
ssh-rsa AAAAB3NzaC1yc2EAAAABIwAAAIEAxGxPGY9HsG9VqroDo98B89Cf
haqB6jG//0tTMKkb3zrpPu0HHAXaiVXHAvv7lAte31VTpoXdLAXN0uCvuJLf
aL/LvvGmoEWBuBSu505lQHfL70ijxZWOEVTJGFqUQTSq8Ls3/v3lkUJEX5ln
2AlQx0F40I5wNEC0+m3d5QE+FKc= sysadmin@DaveSLM
3. To delete the key, click the Delete button.
To view, reset, or import SSH RSA1, RSA, And DSA host keys:
1. On the User Authentication - SSH Keys page, click the SSH Server/Host Keys link at the
top right. The following page displays the current host keys. In the example below, the current
keys are the defaults.
SLC™ 8000 Advanced Console Manager User Guide
216
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Figure 11-12 Current Host Keys
2. View or enter the following:
Select the All Keys checkbox to reset all default key(s), or select one or more
checkboxes to reset defaults for RSA1, RSA, or DSA keys. All checkboxes are
unselected by default.
Reset to Default Host
Key
To import a site-specific host key, select the checkbox. Unselected by default.
Import Host Key
Type
From the drop-down list, select the type of host key to import.
From the drop-down list, select the method of importing the host key (SCP or
Import via
SFTP). The default is SCP.
SLC™ 8000 Advanced Console Manager User Guide
217
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Filename of the public host key.
Filename of the private host key.
Public Key Filename
Private Key Filename
Host name or IPaddress of the host from which to import the key.
Path of the directory where the host key will be stored.
User ID to use to SCP or SFTP the file.
Host
Path
Login
Password to use to SCP or SFTP the file.
Password /
Retype Password
3. Click the Apply button.
4. Repeat steps 2-3 for each key you want to import.
5. To return to the SSH Keys page, click the Back to SSH Keys link.
SSH Commands
These commands for the command line interface correspond to the web page entries described
above.
To import an SSH key:
set sshkey import <ftp|scp|copypaste> <one or more parameters>
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[path <Path to Public Key File>]
file <Public Key File>
host <IP Address or Name>
login <User Login>
To export a key:
set sshkey export <ftp|scp|copypaste> <one or more parameters>
Parameters
[format <openssh|secsh>]
[host <IP Address or Name>]
[login <User Login>]
[path <Path to Copy Key>]
bits <1024|2048|4096>
keyname <SSH Key Name>
keyuser <SSH Key User>
type <rsa|dsa>
To export the public keys of all previously created SSH keys:
set sshkey all export <ftp|scp|copypaste> [pubfile <Public Key File>]
[host <IP Address or Name>] [login <User Login>] [path <Path to Copy
Keys>]
SLC™ 8000 Advanced Console Manager User Guide
218
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To delete a key:
set sshkey delete <one or more parameters>
Parameters
keyhost <SSH Key Host>
keyname <SSH Key Name>
keyuser <SSH Key User>
Note: Specify the key user and key host to delete an imported key; specify the keyuser
and keyname to delete an exported key.
To import an SLC host key or to reset a SLC host key to the default:
set sshkey server import type <rsa1|rsa|dsa> via <sftp|scp>
pubfile <Public Key File> privfile <Private Key File>
host <IP Address or Name> login <User Login> [path <Path to Key File>]
To reset defaults for all or selected host keys:
set sshkey server reset [type <all|rsa1|rsa|dsa>]
To display SSH keys that have been imported:
show sshkey import <one or more parameters>
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[viewkey <enable|disable>]
To display SSH keys that have been exported:
show sshkey export <one or more parameters>
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[viewkey <enable|disable>]
To display host keys (public key only):
show sshkey server [type <all|rsa1|rsa|dsa>]
1. Click the Apply button. New entries display in the Imported SSH Keys table and Exported
SSH Keys table, as applicable.
SLC™ 8000 Advanced Console Manager User Guide
219
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
Custom Menus
Users can have custom user menus as their command line interface, rather than the standard CLI
command set. Each custom user menu can contain up to 50 commands ('logout' is always the last
command). Instead of typing each command, the user enters the number associated with the
command. Each command can also have a nickname associated with it, which can be displayed in
the menu instead of the command. The commands showmenu <Menu Name>and returnmenu
can be entered to display another menu from a menu, or to return to the prior menu. The
command returnclican be used to break out of a menu and return to the regular CLI.
To add a custom menu:
1. Click the User Authentication tab and select the Custom Menus option. The Custom Menus
page displays:
SLC™ 8000 Advanced Console Manager User Guide
220
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
2. In the lower section of the page, enter the following:
Note: To clear fields in the lower part of the page, click the Clear Custom Menu button.
Menu Name
Title
Enter a name for the custom menu.
Enter an optional title which will be displayed about the menu at the CLI.
Nicknames
Select to enable nicknames to be displayed in the menu instead of the
commands. If the custom menu will have nicknames, this should also be
selected prior to entering the commands in the web page, as this will facilitate
entry of the nicknames.
Redisplay Menu
Select to redisplay the custom menu each time before the CLI prompt is
displayed.
3. You have the following options:
-
To save the custom menu without any more commands than the default logout
command, click the Add Custom Menu button.
-
To add menu commands, select the QuickEdit Mode box. This will move the cursor from
Command to Nickname and back to Command (if Nicknames is selected), or keep the
cursor on Command (if Nicknames is not selected). Commands (and the optional
nicknames) are added to the Menu Commands/Nicknames list when carriage return is
entered at the Command field (if Nicknames is not selected) or the Nickname field (if
Nicknames is selected). Most browsers have a "Select All" keystroke (such as Control-A)
which allow you to select all of the text in a field; this can be used in conjunction with the
Delete key to clear the contents of a field before entering a new command or nickname.
The Clear Command & Nickname button can also be used to delete the contents of the
Command and Nickname fields.
Commands can also be added to the list when QuickEdit Mode is not selected. Enter the
command and the optional nickname and click the right
arrow. The command will be
added before the logout command (if a command/nickname is not selected in the list) or
will replace the currently selected command/nickname in the list. The Unselect
Command & Nickname button can be used to unselect the currently selected command/
nickname in the list.
5. You also have the following options:
-
To edit a command/nickname in the custom menu, select the command in the
Commands/Nicknames List box and select the left arrow button. Change the
command and/or the nickname, and with the same command still selected in the list,
select the right arrow button.
-
-
To remove a command/nickname from the custom menu, select the command in the
Commands/Nicknames List box and select the Delete Command & Nickname button.
To move a command higher up in the menu (the commands are shown in the order they
will be presented in the custom menu, with command #1 listed first), select the command
in the Commands/Nicknames List box and click the up
To move a command further down in the menu, select the menu in the Commands/
Nicknames List and click the down arrow.
arrow.
-
6. Click the Add Custom Menu button.
SLC™ 8000 Advanced Console Manager User Guide
222
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To view or update a custom menu:
1. In the Custom Menus table, select the custom menu and click the View Custom Menu
button. The custom menu attributes appear in the lower part of the page.
2. Update the menu attributes following the instructions for adding a menu above.
3. Click the Edit Custom Menu button.
To delete a custom menu:
1. Select the custom menu in the Custom Menus table.
2. Click the Delete Custom Menu button.
To create a new custom menu from an existing custom menu:
1. Select the custom menu in the Custom Menus table.
2. Enter a name for the new menu in the New Menu Name field.
3. Click the Copy Custom Menu button.
Custom User Menu Commands
From the current menu, a user can display another menu, thus allowing menus to be nested. The
special command showmenu <Menu Name>displays a specified menu. The special command
returnmenuredisplays the parent menu if the current menu was displayed from a showmenu
command.
The user with appropriate rights creates and manages custom user menus from the command line
interface, but can assign a custom user menu to a user from either the command line or the web
interface.
When creating a custom user menu, note the following limitations:
Maximum of 20 custom user menus
Maximum of 50 commands per custom user menu (logoutis always the last command)
Maximum of 15 characters for menu names
Maximum of five nested menus can be called.
No syntax checking (Enter each command correctly.)
To assign a custom user menu to a local or remote user:
set localusers add|edit <User Login> menu <Menu Name>
To create a new custom user menu or add a command to an existing custom user menu:
set menu add <Menu Name> [command <Command Number>]
To change a command or nickname within an existing custom user menu:
set menu edit <Menu Name> command <Command Number>
set menu edit <Menu Name> nickname <Command Number>
SLC™ 8000 Advanced Console Manager User Guide
223
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
To set the optional title for a menu:
set menu edit <Menu Name> title <Menu Title>
To enable or disable the display of command nicknames instead of commands:
set menu edit <Menu Name> shownicknames <enable|disable>
To enable or disable the redisplay of the menu before each prompt:
set menu edit <Menu Name> redisplaymenu <enable|disable>
To delete a custom user menu or one command within a custom user menu:
set menu delete <Menu Name> [command <Command Number>]
To view a list of all menu names or all commands for a specific menu:
show menu <all|Menu Name>
Example
The system administrator creates two custom user menus, with menu1 having a nested menu
(menu2):
[SLC]> set menu add menu1
Enter optional menu title (<return> for none): Menu1 Title
Specify nickname for each command? [no] y
Enter each command, up to 50 commands ('logout' is always the last
command).
Press <return> when the menu command set is complete.
Command #1: connect direct deviceport 1
Nickname #1: connect Port-1
Command #2: connect direct deviceport 2
Nickname #2: connect Port-2
Command #3: showmenu menu2
Warning: menu 'menu2' does not exist.
Nickname #3: menu2
Command #4:
Command #4: logout
Nickname #4: log off
Custom User Menu settings successfully updated.
[SLC]> set menu add menu2
Enter optional menu title (<return> for none): Menu2 Title
Specify nickname for each command? [no]
Enter each command, up to 50 commands ('logout' is always the last
command).
Press <return> when the menu command set is complete.
Command #1: connect direct deviceport 3
Command #2: connect direct deviceport 4
Command #3: show datetime
Command #4: returnmenu
Command #5:
Command #5: logout
Custom User Menu settings successfully updated.
[SLC]> show menu all
SLC™ 8000 Advanced Console Manager User Guide
224
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
___Custom User
Menus___________________________________________________________
menu1 menu2
[SLC]> show menu menu1
___Custom User
Menus___________________________________________________________
Menu: menu1
Title: Menu1 Title
Show Nicknames: enabled
Redisplay Menu: disabled
Command 1: connect direct deviceport 1
Nickname 1: connect Port-1
Command 2: connect direct deviceport 2
Nickname 2: connect Port-2
Command 3: showmenu menu2
Nickname 3: menu2
Command 4: logout
Nickname 4: log off
[SLC]> show menu menu2
_
__Custom User
Menus___________________________________________________________
Menu: menu2
Title: Menu2 Title
Show Nicknames: disabled
Redisplay Menu: disabled
Command 1: connect direct deviceport 3
Nickname 1: <none>
Command 2: connect direct deviceport 4
Nickname 2: <none>
Command 3: show datetime
Nickname 3: <none>
Command 4: returnmenu
Nickname 4: <none>
Command 5: logout
Nickname 5: <none>
The system administrator 4 configures local user 'john' to use custom menu 'menu1':
[SLC]> set localusers edit john custommenu menu1
Local users settings successfully updated.
[SLC]> show localusers user john
___Current Local Users
Settings________________________________________________
Login: john
Password: <set> UID: 101
Listen Ports: 1-32
Data Ports: 1-32
Clear Ports: 1-32
Escape Sequence: \x1bA Break Sequence: \x1bB
Custom Menu: menu1
Allow Dialback: disabled
Dialback Number: <none>
SLC™ 8000 Advanced Console Manager User Guide
225
Download from Www.Somanuals.com. All Manuals Search And Download.
11: User Authentication
User 'john ' logs into the command line interface, initially sees menu1, executes the command to
jump to nested menu menu2, and then returns to menu1:
Welcome to the SLC-Console Server
Model Number: SLC32
For a list of commands, type 'help'.
[Enter 1-4]> help
Menu1 Title
------------------------------------------------------------------------
1) connect Port-1
2) connect Port-2
[Enter 1-4]> 3
3) menu2
4) log off
Executing: showmenu menu2
[Enter 1-5]> help
Menu2 Title
-----------
1) connect direct deviceport 3
2) connect direct deviceport 4
3) show datetime
4) returnmenu
5) logout
[Enter 1-5]> 3
Executing: show datetime
Date/Time: Tue Sep 7 19:13:35 2004
Timezone: UTC
[Enter 1-5]> 4
Executing: returnmenu
[Enter 1-4]> help
Menu1 Title
------------------------------------------------------------------------
1) connect Port-1
2) connect Port-2
[Enter 1-4]> 4
3) menu2
4) log off
Executing: logout
Logging out...
SLC™ 8000 Advanced Console Manager User Guide
226
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
The system administrator performs maintenance activities and operates the SLC advanced
console manager using the options for the Maintenance tab and additional commands on the
command line interface.
Firmware & Configurations
The Firmware & Configuration page allows the system administrator to:
Configure the FTP, SFTP, or TFTP server that will be used to provide firmware updates and
save/restore configurations. (TFTP is only used for firmware updates.)
Set up the location or method that will be used to save or restore configurations (Local Disk,
FTP, SFTP, NFS, CIFS, USB, HTTPS or SD card). Update the version of the firmware running
on the SLC unit.
Save a snapshot of all settings on the SLC device (save a configuration).
Restore the configuration, either to a previously saved configuration, or to the factory defaults.
SLC™ 8000 Advanced Console Manager User Guide
227
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
2. Enter the following:
Reboot
Select this option to reboot the SLC 8000 advanced console manager
immediately. The default is No.
Note: The front panel LCD displays the “Rebooting the SLC” message, and the
normal boot sequence occurs.
Shutdown
Select this option to shut down the SLC unit. The default is No.
Internal Temperature
Current
Displays current temperature.
Low (°C)
Sets the acceptable minimum for the internal temperature of the SLC 8000
advanced console manager. If the temperature of the SLC device changes to be
outside of this range, the SLC console manager will issue an SNMP trap.
High (°C)
Sets the acceptable maximum for the internal temperature of the SLC unit. If the
temperature of the SLC 8000 advanced console manager changes to be outside
of this range, the SLC unit will issue an SNMP trap.
Calibrate Offset (°C)
An offset for calibrating the internal temperature of the SLC console manager. The
offset will be applied one hour after setting the calibration value. Zeroing the
offset will take effect immediately and will cancel any current and/or pending
calibration.
Site Information
Data Center Rack Row Set these fields to define the rack row the SLC unit is located within a large data
center. The default for these fields is 1.
Data Center Rack
Cluster
Set these fields to define the rack cluster the SLC 8000 advanced console
manager is located within a large data center. The default for these fields is 1.
Data Center Rack
Set these fields to define the rack the SLC unit is located within a large data
center. The default for these fields is 1.
SLC Firmware
Note: The non-active boot bank is updated during the firmware update, without requiring
a reboot. The configuration on the current boot bank may optionally be copied to the non-
active boot bank during the firmware update.
Current Version
Update Firmware
Displays the current firmware version.
To update the SLC firmware, select the checkbox. If you select this option, the
SLC unit reboots after you apply the update. The first time boot for each bank
may take up to 5 minutes. Subsequent boot times will be approximately 2
minutes.
To view a log of all prior firmware updates, click the Firmware Update Log
link.
The name of the firmware update file downloaded from the Lantronix web site.
Firmware Filename
Key
A key for validating the firmware file. The key is provided with the firmware file
(32 hex characters).
SLC™ 8000 Advanced Console Manager User Guide
229
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
From the drop-down list, select the method of loading the firmware. Options are
Load Firmware via
FTP, TFTP, HTTPS, NFS, USB, and SD Card. FTP is the default.
If you select HTTPS, the Upload File link becomes active. Select the link to
open a popup window that allows you to browse to a firmware update file to
upload.
If you select NFS, the mount directory must be specified.
The SD Card option must be selected if an SD card is to be used.
Note: Connections available depend on the model of the SLC unit.
Boot Banks
Displays the version of SLC firmware in bank 1.
Bank 1
Note: The word "current" displays next to the bank from which the SLC
booted.
Displays the version of SLC firmware in bank 2.
Bank 2
Displays the current setting for bank to boot from at next reboot.
If desired, select the alternate bank to boot from at next reboot.
Next Boot Bank
Switch to Bank 2
If checked, will copy the configuration from the current bank to the bank being
updated. The two numbers are automatically generated so that the first
number is the current bank.
Copy configuration
from Bank 1 to Bank 2
during firmware update
If checked, enables you to copy the current boot bank to the alternate boot
bank. This process takes a few minutes to complete.
Copy contents of
Bank 1 to Bank 2
Load Firmware Via Options
Note: Prior to firmware update, the current configuration is saved to the Local Disk
location with the name "before_MMDDYY_HHMM".
HTTPS
Click Upload File to update the SLC firmware.
Select the NFS mounted directory from the drop-down menu.
Click to select USB port.
NFS Mounted Dir
USB Port
FTP/SFTP/TFTP
Server
The IP address or host name of the server used for obtaining updates and saving
or restoring configurations. May have up to 64 alphanumeric characters; may
include hyphens and underscores.
Path
The default path on the server for obtaining firmware update files and getting and
putting configuration save files.
Login
The userid for accessing the FTP server. May be blank.
The FTP user password.
Password /
Retype Password
SLC™ 8000 Advanced Console Manager User Guide
230
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Configuration Management
Configuration
Management
From the option list, select one of the following:
No Save/Restore: Does not save or restore a configuration.
Save Configuration: Saves all settings to file, which can be backed up to a
location that is not on the SLC 8000 advanced console manager.
Restore Factory Defaults: Restores factory defaults. If you select this
option, the SLC unit reboots after you apply the update.
Restore Saved Configuration: Returns the SLC settings to a previously
saved configuration. If you select this option, the SLC console manager
reboots after you apply the update.
Save with Config or
Preserve with Restore
Select the SSH Keys checkbox to save any imported or exported SSH keys.
Select the SSL Certificate checkbox to save an imported certificate.
Select the Scripts checkbox to save any interface or batch scripts. Disabled
by default.
Preserve Configuration Allows the user to keep a subset of the current configuration after restoring a
after Restore
configuration or resetting to factory defaults.
Select the checkbox for each part of the current configuration you want to keep,
for example, Networking, Services, or Device Ports.
Configuration Name to If you selected to save or restore a configuration, enter a name for the
Save to or Restore From configuration file (up to 12 characters).
Location for Save,
Restore, or Manage
If you selected to save or restore a configuration, select one of the following
options:
Manage: This link allows you to view and delete all configurations saved to
the selected location. This feature is available for the Local Disk, NFS
Mounts, CIFS Share, USB, and SD Card locations. See Manage Files on
Local Disk – Saved Configurations: If restoring, select a saved
configuration from the drop-down list.
FTP Server: The FTP server specified in the FTP/SFTP/TFTP section. If you
select this option, select FTP or SFTP to transfer the configuration file.
NFS Mounted Directory: Local directory of the NFS server for mounting
files.
CIFS Share – Saved Configurations: If restoring, select a saved
configuration from the drop-down list.
USB: If a USB device is loaded into one of the USB ports of the SLC 8000
advanced console manager, and properly mounted, the configuration can be
saved to or restored from this location.If you select this option, select the port
in which the USB thumb drive is mounted; then click a saved configuration
from the drop-down list.
HTTPS: For saving, the browser will prompt the user to save the
configuration. For restoring, the configuration will be uploaded to the Local
Disk location.
SD Card: If an SD card is loaded into a card slots of the SLC and properly
mounted, the configuration can be saved to or restored from this location.
3. To view a log of all prior firmware updates, click the Firmware Update Log (blue link near the
center of the web page).
4. Click Apply.
Note: If you selected an option that forces a reboot (restore configuration, update
firmware, or reset factory defaults), the SLC unit automatically reboots at the end of the
process.
SLC™ 8000 Advanced Console Manager User Guide
231
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Figure 12-2 Network > Firmware/Config > Manage
Manage Files
The Manage Files web page allows you to view the firmware and configuration files saved to the
selected location and rename, download or delete any of the files. This feature is available for the
Local Disk, NFS Mounts, CIFS Share, USB, and SD card locations.
To manage files:
Firmware/Config > Manage (on page 232) page appears and displays the name and the time
and date the file was saved.
2. To rename a file, select a file, enter the New File Name, and click the Rename File button.
3. To download a file, select a file and click the Download File button.
4. To delete files, select one or more files and click the Delete File button.
Administrative Commands
These commands for the command line interface correspond to the web page entries described
above.
To reboot the SLC 8000 advanced console manager:
admin reboot
Note: The front panel LCD displays the "Rebooting the SLC" message, and the normal
boot sequence occurs.
To prepare the SLC 8000 advanced console manager to be powered off:
admin shutdown
SLC™ 8000 Advanced Console Manager User Guide
232
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Note: When you use this command to shut down the SLC unit, the LCD front panel
displays "Shutting down the SLC," followed by a pause, and then "Shutdown complete."
When "Shutdown complete" displays, it is safe to power off the SLC 8000 advanced
console manager.
To list current hardware and firmware information:
admin version
To update SLC firmware to a new revision:
Note: The firmware file should be accessible via the settings displayed by admin ftp
show. The SLC 8000 advanced console manager automatically reboots after successful
update.
admin firmware update <ftp|tftp|sftp|nfs|usb|sdcard> file <Firmware
File>
key <Checksum Key> [nfsdir <NFS Mounted
Directory>][usbport <U1|U2>]
To list the current firmware revision:
admin firmware show [viewlog <enable|disable>]
Lists the current firmware revision and optionally displays the log containing details about
firmware updates.
To set the FTP/TFTP/SFTP server used for firmware updates and configuration save/
restore:
admin ftp server <IP Address or Hostname> [login <User Login>] [path
<Directory>]
To view FTP settings:
admin ftp show
To set the FTP server password and prevent it from being echoed:
admin ftp password
To restore the SLC unit to factory default settings:
admin config factorydefaults [savesshkeys <enable|disable>] [savesslcert
<enable|disable>][savescripts<enable|disable>][preserveconfig <Config
Params to Preserve>]
<Config Params to Preserve> is a comma-separated list of current configuration
parameters to retain after the config restore or factorydefaults:
nt – Networking
sv – Services
dt – Date/Time
lu – Local Users
dp – Device Ports
ub – USB Port/SD Card
SLC™ 8000 Advanced Console Manager User Guide
233
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
To restore a saved configuration to the SLC 8000 advanced console manager:
admin config restore <Config Name> location
<local|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS Mounted Dir>]
[usbport <U1|U2>] [savescripts<enable|disable>] [savesshkeys
<enable|disable>] [savesslcert <enable|disable>]
[preserveconfig <Config Params to Prserve>]
<Config Params to Preserve>is a comma-separated list of current configuration
parameters to retain after the config restore or factory defaults:
nt – Networking
sv – Services
dt – Date/Time
lu – Local Users
dp – Device Ports
ub – USB Port/SD Card
To save the current SLC configuration to a selected location:
admin config save <Config Name> location
<local|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS Mounted Dir>] [usbport
<U1|U2>]
To rename a saved configuration:
admin config rename <Config Name> location <local|nfs|cifs|usb|sdcard>
[nfsdir <NFS Mounted Dir>] [usbport <U1|U2>]
To delete a saved configuration:
admin config delete <Config Name> location <local|nfs|cifs|usb|sdcard>
[usbport <U1|U2>]
To list the configurations saved to a location:
admin config show <local|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS
Mounted Dir>] [usbport <U1|U2>]
To set the acceptable range for the internal temperature sensor (an SNMP trap is sent if the
temperature is outside of this range):
set temperature <one or more parameters>
Parameters
low <Low Temperature in C. or F.>
high <High Temperature in C. or F.>
calibrate <Temperature Calibration in C. or F.|cancel>
Note: The calibration offset will be applied one hour after setting the value.
To display the acceptable range and current reading from the internal temperature sensor:
show temperature
SLC™ 8000 Advanced Console Manager User Guide
234
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
System Logs
Services on page 75 for more information about system logs.) You can also clear logs on this
page.
To view system logs:
1. Click the Maintenance tab and select the System Logs option. The following page displays:
Figure 12-3 Maintenance > System Logs
2. Enter the following to define the parameters of the log you would like to view:
Log
Select the type(s) of log you want to view:
All
Network
Services
Authentication
Device Ports
Diagnostics
General
Software
Level
Select the alert level you want to view for the selected log:
Error
Warning
Info
Debug
Starting at
Select the starting point of the range you want to view:
Beginning of Log: to view the log from the earliest available beginning time and
date.
Date: to view the log starting from aspecific starting date and time.
SLC™ 8000 Advanced Console Manager User Guide
235
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Ending at
Select the endpoint of the range you want to view:
End of Log: to view the log from the latest available ending time and date.
Date: to view the log up to the last available log ending date and time.
3. Click the View Log button. Your specified system log displays. For example, if you select the
type All and the level Error, the SLC unit displays a log similar to this:
Figure 12-4 System Logs
To clear system logs:
2. Click the Clear Log button to clear all log information.
System Log Command
The following command for the command line interface corresponds to the web page entries
described above.
To view the system logs containing information and error messages:
show syslog [<parameters>]
SLC™ 8000 Advanced Console Manager User Guide
236
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Parameters
[email <Email Address>]
level <error|warning|info|debug>
log <all|netlog|servlog|authlog|devlog|diaglog|genlog>
display <head|tail> [numlines <Number of Lines>]
startingtime <MMDDYYhhmm[ss]
endtime <MMDDYYhhmm[ss]
Note: The level and time parameters cannot be used simultaneously.
To clear one or all of the system logs:
show syslog clear
<all|netlog|servlog|authlog|devlog|diaglog|genlog>
Audit Log
configuration of the SLC 8000 advanced console manager. The audit log is disabled by default.
configure its maximum size.
Each entry in the log file contains a date/time stamp, user login, and the action performed by the
user. The user may clear the log file and sort the log by date/time, user, and command. The audit
log is saved through SLC reboots.
1. Click the Maintenance tab and select the Audit Log option. The following page displays:
SLC™ 8000 Advanced Console Manager User Guide
237
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Figure 12-5 Maintenance > Audit Log
2. To select a sort option, click the appropriate button:
-
-
-
To sort by date and time, click the sort by Date/Time button (this is the default.)
To sort by user, click the sort by User button.
To sort by command/action, click the sort by Command button.
4. To clear the log, click the Clear Log button.
5. To freeze or stop automatic refreshing of the log, click the Stop Refresh button.
SLC™ 8000 Advanced Console Manager User Guide
238
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Email Log
cleared from here. The email log is saved through SLC reboots.
1. Click the Maintenance tab and select the Email Log option. The following page displays:
Figure 12-6 Maintenance > Email Log
3. To clear the log, click the Clear Log button.
SLC™ 8000 Advanced Console Manager User Guide
239
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Diagnostics
connectivity and device port input/output problems. You can use equivalent commands on the
command line interface.
1. Click the Maintenance tab and select the Diagnostics option. The following page displays:
Figure 12-7 Maintenance > Diagnostics
2. Select Diagnostics from checklist (one or more diagnostic methods you want to run, or select
All to run them all):
ARP Table
Address Resolution Protocol (ARP) table used to view the IP address-to-hardware
address mapping.
Netstat
Displays network connections. If you select the checkbox, select the TCP or UDP protocol,
or select All for both protocols to control the output of the Netstat report.
Host Lookup
Select to verify that the SLC 8000 advanced console manager can resolve the host
name into an IP address (if DNS is enabled). If selected, also enter a host name in the
corresponding Hostname field,
SLC™ 8000 Advanced Console Manager User Guide
240
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Ping
Select to verify that the host is up and running. If selected, also do the following:
Enter a host name in the corresponding Hostname field
Specify Ethernet Port (Both, Eth1 or Eth2)
Check if the IPv6 version of ping should be used.
Send Packet
This option sends an Ethernet packet out one of the Ethernet ports, mainly as a network
connectivity test. For UDP, the number of times the string is sent is equal to the number
of packets sent. For TCP, the number of times the string is sent may (or may not) be
equal to the number of packets sent, because TCP controls how data is packetized and
sent out. Enter the following:
Protocol: Select the type of packet to send (TCP or UDP).
Hostname: Specify a host name or IPaddress of the host to send the packet to.
Port: Specify a TCP or UDP port number of the host to send the packet to.
String: Enter a set of up to 64 characters. The string is encapsulated in the packet (so
you could use a network sniffer to track the packet and, by looking at its contents,
verify that it was sent).
Count: The count is the number of times the string is sent.
Loopback
Specify loopback information:
Device Port
Select either an Internal or External test
SLC Internals
Select to display information on the internal memory, storage and processes of the SLC
8000 advanced console manager.
Figure 12-8 Diagnostics Report
Diagnostic Commands
The following CLI commands correspond to the web page entries described above.
To display the ARP table of IP address-to-hardware address mapping:
diag arp [email <Email Address>]
SLC™ 8000 Advanced Console Manager User Guide
241
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
You can optionally email the displayed information.
To display a report of network connections:
diag netstat [protocol <all|tcp|udp>] [email <Email Address>]
You can optionally email the displayed information.
To resolve a host name into an IP address:
diag lookup <Hostname> [email <Email Address>]
You can optionally email the displayed information.
To test a device port by transmitting data out the port and verifying that it is received
correctly:
diag loopback <Device Port Number or Name>[<parameters>]
Parameters
test <internal|external>
xferdatasize <Size In Kbytes to Transfer>
Default is 1 Kbyte.
Note: A special loopback cable comes with the SLC unit. To test a device port, plug the
cable into the device port and run this command. The command sends the specified
Kbytes to the device port and reports success or failure. The test is performed at 9600
baud. Only an external test requires a loopback cable.
To display the route that packets take to get to a network host:
diag traceroute <IP Address or Hostname>
To verify that the host is up and running:
diag ping|ping6 <IP Address or Name> [<parameters>]
Parameters
ethport <1|2> count <Number of Times to Ping>
The default is 5.
packetsize <Size in Bytes>
The default is 64.
To display performance statistics for an Ethernet port or a device port (averaged over the
last 5 seconds):
diag perfstat [ethport <1|2>] [deviceport <Device Port # or Name>]
To generate and send Ethernet packets:
diag sendpacket host <IP Address or Name> port <TCP or UDP Port Number>
[string <Packet String>] [protocol <tcp|udp>] [count <Number of
Packets>]
SLC™ 8000 Advanced Console Manager User Guide
242
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
The default is 1.
To display all network traffic, applying optional filters:
Note: This command is not available on the web interface.
diag nettrace <one or more parameters>
Parameters
ethport <1|2>
host <IP Address or Name>
numpackets <Number of Packets>
protocol <tcp|udp|icmp>
verbose <enable|disable>
To display information on the internal memory, storage and processes of the SLC 8000
advanced console manager:
diag internals
Note: This command is available on the web interface as SLC Internals under
Maintenance > Diagnostics.
SLC™ 8000 Advanced Console Manager User Guide
243
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Status/Reports
On this page, you can view the status of the SLC ports and power supplies and generate a
selection of reports.
Note: Status and statistics shown on the web interface represent a snapshot in time. To
see the most recent data, you must reload the web page.
1. Click the Maintenance tab and select the Status/Reports option. The following page
displays:
Figure 12-9 Maintenance > Status/Reports
The top half of the page displays the status of each port, power supply, and the internal modem:
-
Green indicates that the port connection or power supply is active and functioning
correctly.
-
Red indicates an error or failure or that the device is off.
2. Select the desired reports to view under View Report:
SLC™ 8000 Advanced Console Manager User Guide
244
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
View Report
All
Displays all reports.
Port Status
Displays the status of each device port: mode, user, any related connections,
and serial port settings.
Port Counters
IP Routes
Displays statistics related to the flow of data through each device port.
Displays the routing table.
Connections
Displays all active connections for the SLC unit: Telnet, SSH, TCP, UDP,
device port, and modem.
System Configuration –
Complete
Displays a complete snapshot of the SLC settings.
System Configuration –
Basic
Displays a snapshot of the SLC unit's basic settings (for example, network,
date/time, routing, services, console port).
System Configuration –
Authentication
Displays a snapshot of authentication settings only (including a list of all
localusers).
System Configuration -
Devices
Displays a snapshot of settings for each device port, USB Port, Modem, and
Host Lists.
displays a list of reports generated.
Figure 12-10 Generated Status/Reports
SLC™ 8000 Advanced Console Manager User Guide
245
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Status Commands
These commands for the command line interface correspond to the web page entries described
above.
To display device port modes and states for one or more ports:
show portstatus [deviceport <Device Port List or Name>] [email <Email
Address>]
You can optionally email the displayed information.
To display a snapshot of configurable parameters:
show sysconfig [display <basic|auth|devices>] [email <Email Address]
You can optionally email the displayed information.
Displays a report of all configurable parameters or a shorter report with basic system settings,
authentication settings, or device settings.
To generate a report for one or more ports:You can optionally email the displayed
information.
show portcounters [deviceport <Device Port List or Name>] [email <Email
Address>]
To display the overall status of all SLC units:
show sysstatus [email <Email Address>]
You can optionally email the displayed information.
To display a list of all current connections:
show connections [email <Email Address>]
You can optionally email the displayed information.
To provide details, e.g., endpoint parameters and trigger, for a specific connection:
show connections connid <Connection ID> [email <Email Address>]
You can optionally email the displayed information.
Note: Use the basic show connections command to obtain the Connection ID.
Emailing Logs and Reports
The following logs and reports can be directly emailed to a specific individual or to Lantronix
Technical Support directly from the log page:
SLC™ 8000 Advanced Console Manager User Guide
246
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
To email a log to an individual:
1. In the Comment field of a particular log or report page, enter a comment (if desired).
2. Select the to field beside the empty field where you then enter the person's email address.
3. Press the Email Output button. An email is immediately sent out and a confirmation appears
on the screen.
Figure 12-11 Emailed Log or Report
To view information about the SLC unit and contact information for Lantronix:
1. Click the
button on the upper right portion of any web page to access the About SLC page
SLC™ 8000 Advanced Console Manager User Guide
247
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Events
may occur in the SLC unit.
1. Click the Maintenance tab and select the Events option. The following page displays:
Figure 12-13 Maintenance > Events
2. Enter the following:
Event Trigger
From the drop-down list, select the type of incident that triggers an event. Currently,
the options are:
Receive Trap
Temperature Over/Under Limit (for Sensorsoft devices)
Humidity Over/Under Limit (for Sensorsoft devices)
Device Port Data Drop
No Internal Modem Dial Tone
Action
From the drop-down list, select the action taken because of the trigger. For
example, the action can be writing an entry into the syslog with details of the event
or sending the trap(s) to the Ethernet or modem connection.
Ethernet
For actions that require an Ethernet connection (for example, Forward All Traps to
Ethernet), select the Ethernet port to use.
SLC™ 8000 Advanced Console Manager User Guide
249
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Modem Connection
on
For actions that require a modem connection (for example, Forward All Traps to a
Modem Connection, select which modem connection to use (Device Port, USB
Port U1, USB Port U2, or the Internal Modem). Connections available depend on
the model of the SLC unit.
NMS/Host to forward For actions that forward a trap, enter the IP address of the computer to forward the
trap to
trap to. The computer does not have to be an SNMP NMS; it just has to be capable
of receiving SNMP traps.
SNMP Community
Forwarded traps are sent with this SNMP community value
There is no default.
SNMP Trap OID
Email Addresses
Enter a unique identifier for an SNMP object. (An SNMP object is anything that can
hold a value and can be read using an SNMP "get" action.) The OID consists of a
string of numbers separated by periods (for example, 1.1.3.2.1). Each number is
part of a group represented by the number on its left.
Enter an email address to receive email alerts.
3. You have the following options:
-
-
-
To add the defined event, click the Add Event button. The event displays in the Events
table at the bottom of the page.
To edit an event, select the event from the Events table and click the Edit Event button.
To delete an event, select the event from the Events table and click the Delete Event
button. A message asks for confirmation. Click OK.
4) To save, click Apply.
Events Commands
To manage the response to events that occur in the SLC 8000 advanced console manager:
admin events add <trigger> <response>
<trigger> is one of:
|receivetrap|templimit|humidlimit|overcurrent|dpdatadrop
<response> is one of:
action <syslog>
action <fwdalltrapseth|fwdseltrapeth> ethport <1|2> nms <SNMP NMS>
community <SNMP Community> [oid <SNMP OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> deviceport <Device Port
# or Name> nms <SNMP NMS> community <SNMP Community> [oid <SNMP
Trap OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> usbport <U1|U2>
nms <SNMP NMS> community <SNMP Community> [oid <SNMP Trap OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> internal modem
nms <SNMP NMS> community <SNMP Community> [oid <SNMP Trap OID>]
action <emailalert> emailaddress <destination email address>
<?xml version="1.0"?><body xmlns="http://www.w3.org/1999/xhtml"
xmlns:xfa="http://www.xfa.org/schema/xfa-data/1.0/"
xfa:APIVersion="Acrobat:11.0.7" xfa:spec="2.0.2" style="font-
size:12.0pt;text-align:left;color:#FF0000;font-weight:normal;font-
style:normal;font-family:Helvetica,sans-serif;font-
stretch:normal"><p dir="ltr"><span dir="ltr" style="font-
style:italic">On behalf of christi </span><spandir="ltr"
style="">insert: <span dir="ltr" style="color:#0A0A0A">action
SLC™ 8000 Advanced Console Manager User Guide
250
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
<fwdalltrapsmodem|fwdseltrapmodem> internal modem
nms <SNMP NMS> community <SNMP Community> [oid
<SNMP Trap OID>]</span></p></body>
action <emailalert> emailaddress <destination email address>
To update event definitions:
admin events edit <Event ID> <parameters>
Parameters
community <SNMP Community>
deviceport <Device Port # or Name>
ethport <1|2>
internal modem
nms <SNMP NMS>
oid <SNMP Trap OID>
usbport <U1|U2>
internal modem
emailaddress <destination email address>
<?xml version="1.0"?><body xmlns="http://www.w3.org/1999/xhtml"
xmlns:xfa="http://www.xfa.org/schema/xfa-data/1.0/"
xfa:APIVersion="Acrobat:11.0.7" xfa:spec="2.0.2" style="font-
size:12.0pt;text-align:left;color:#FF0000;font-weight:normal;font-
style:normal;font-family:Helvetica,sans-serif;font-stretch:normal"><p
dir="ltr"><span dir="ltr" style="font-style:italic">On behalf of
christi </span><spandir="ltr"style="">insert: emailaddress
<destination email address></p></body>
To delete an event:
admin events delete <Event ID>
To view events:
admin events show
LCD/Keypad
The LCD has a series of screens, consisting of 2 lines of 24 characters each. Specific screens and
the display order can be configured. The keypad associated with the LCD can also be configured.
The types of screens include: current time, network settings, console settings, date and time,
release version, location, and custom user strings.
Enabling the Auto-Scroll LCD Screens option enables scrolling through the screens and pausing
the number of seconds specified by the Scroll Delay between each screen. After any input to the
keypad, the LCD waits until the keypad has been idle for the number of seconds specified by the
Idle Delay before scrolling of the screens continues.
To configure the LCD and Keypad:
1. Click the Maintenance tab and select the LCD/Keypad option.
SLC™ 8000 Advanced Console Manager User Guide
251
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Figure 12-14 Maintenance > LCD/Keypad
To configure the LCD:
The screens that are currently enabled are displayed in order in the left Enabled screens list.
1. Select a screen to be removed from the Enabled Screens and click the
button. The
screen moves to the Disabled Screens list to the right.
2. Select a screen to be added from the Disabled Screens list and click the
button. The
screen is added to the Enabled Screens to the left.
3. Select a screen in the Enabled Screens list and click the
or
button to change the
order of the screens.
Note: The User Strings screen displays the 2 lines defined by the User Strings - Line 1
and Line 2 fields. By default, these user strings are blank.
4. Click Apply to save.
To configure the Keypad:
1. Enter the following fields.
Keypad Locked
Select this to lock out any input to the keypad. The default is for
the keypad to be unlocked.
SLC™ 8000 Advanced Console Manager User Guide
252
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
Restore Factory Defaults Password / Enter the 6 digit key sequence entered at the keypad to restore
Retype Password
the SLC unit to factory defaults. The default is 999999.
2. Click Apply to save.
LCD/Keypad Commands
admin keypad
admin keypad password
admin keypad show
admin lcd reset
admin lcd default
admin lcd screens
admin lcd line1
admin lcd scrolling
admin lcd show
Banners
that display to users.
To configure banner settings:
1. Click the Maintenance tab and select Banners option.
Figure 12-15 Maintenance > Banners
SLC™ 8000 Advanced Console Manager User Guide
253
Download from Www.Somanuals.com. All Manuals Search And Download.
12: Maintenance
2. Enter the following fields.
Welcome Banner
Login Banner
Logout Banner
SSH Banner
The text to display on the command line interface before the user logs in. May
contain up to 1024 characters. Single quote and double quote characters are not
supported. Welcome to the SLC is the default.
Note: To create more lines use the \n character sequence.
The text to display on the command line interface after the user logs in. May
contain up to 1024 characters. Single quote and double quote characters are not
supported. Default is blank.
Note: To create more lines, use the \n character sequence.
The text to display on the command line interface after the user logs out. May
contain up to 1024 characters. Single quote and double quote characters are not
supported. Default is blank.
Note: To create more lines use, the \n character sequence.
The text to display when a user logs into the SLC via SSH, prior to authentication.
May contain up to 1024 characters. Single quote and double quote characters are
not supported. Blank by default.
Note: To create more lines use the \n character sequence.
3. Click Apply to save.
Banner Commands
admin banner login
admin banner logout
admin banner show
admin banner ssh
admin banner welcome
SLC™ 8000 Advanced Console Manager User Guide
254
Download from Www.Somanuals.com. All Manuals Search And Download.
13: Application Examples
Each SLC advanced console manager has multiple serial ports and two network ports. Each serial
port can be connected to the console port of an IT device. Using a network port (in-band) or a
modem (out-of-band) for dial-up connection, an administrator can remotely access any of the
connected IT devices using Telnet or SSH.
Figure 13-1 SLC - Console Manager Configuration
SLC 8000 Advanced Console Manager
This chapter includes three typical scenarios for using the SLC unit. The scenarios assume that
the SLC 8000 advanced console manager is connected to the network and has already been
assigned an IP address. In the examples, we use the command line interface. You can do the
same things using the web page interface except for directly interacting with the SLC unit (direct
command).
Telnet/SSH to a Remote Device
The following figure shows a Sun server connected to port 2 of the SLC 8000 advanced console
manager.
Figure 13-2 Remote User Connected to a SUN Server via the SLC unit
Sun Server
Remote User
Internet
SLC 8000 Advanced Console Manager
In this example, the sysadmin would:
1. Display the current settings for device port 2:
[SLC]> show deviceport port 2
SLC™ 8000 Advanced Console Manager User Guide
255
Download from Www.Somanuals.com. All Manuals Search And Download.
13: Application Examples
___Current Device Port
Settings________________________________________________
Number: 2 Name: Port-2
Modem Settings-------------Data Settings----------IP Settings-------
Modem State: disabled
Modem Mode: text
Timeout Logins: disabled Stop Bits: 1
Baud Rate: 9600
Data Bits: 8
Telnet: disabled
Telnet Port: 2002
SSH: disabled
Local IP: negotiate
Remote IP: negotiate
Authentication: PAP
CHAP Host: <none>
CHAP Secret: <none>
NAT: disabled
Parity: none
Flow Control: xon/xoff IP: <none>
Logins: disabled
Break Sequence: \x1bB
Check DSR: disabled
Close DSR: disabled
SSH Port: 3002
Dial-out Login: <none>
Dial-out Password: <none>
Dial-out Number: <none>
Dial-back Number: usernumber
Initialization Script: <none>
Logging Settings----------------------------------------------------
Local Logging: disabled
Email Logging: disabled
Byte Threshold: 100
USB Logging: disabled
Log to: upper slot
Max number of files: 10
Email Delay: 60 seconds Max size of files: 2048
Restart Delay: 60 seconds
Email To: <none>
Email Subject: Port %d Logging
Email String: <none>
NFS File Logging: disabled
Directory to log to: <none>
Max number of files: 10
Max size of files: 2048
2. Change the baud to 57600 and disable flow control:
[SLC]> set deviceport port 2 baud 57600 flowcontrol none
Device Port settings successfully updated.
3. Connect to the device port:
[SLC]> connect direct deviceport 2
4. View messages from the SUN server console:
Mar 15 09:09:44 tssf280r sendmail[292]: [ID 702911 mail.info] starting
daemon (8.12.2+Sun): SMTP+queueing@00:15:00
Mar 15 09:09:44 tssf280r sendmail[293]: [ID 702911 mail.info] starting
daemon (8.12.2+Sun): queueing@00:15:00
Mar 15 14:44:40 tssf280r sendmail[275]: [ID 702911 mail.info] starting
daemon (8.12.2+Sun): SMTP+queueing@00:15:00
Mar 15 14:44:40 tssf280r sendmail[276]: [ID 702911 mail.info] starting
daemon (8.12.2+Sun): queueing@00:15:00
5. Reboot the SUN server:
Reboot
<shutdown messages from SUN>
SLC™ 8000 Advanced Console Manager User Guide
256
Download from Www.Somanuals.com. All Manuals Search And Download.
13: Application Examples
6. Use the escape sequence to escape from direct mode back to the command line interface.
Dial-in (Text Mode) to a Remote Device
This example shows a modem connected to an SLC device port, and a Sun server connected to
another SLC device port. You can configure the modem for text mode dial-in, so a remote user can
dial into the modem using a terminal emulation program and access the Sun server.
(HyperTerminal™, which comes with the Microsoft® Windows™ operating system, is an example
of a terminal emulation program.)
Figure 13-3 Dial-in (Text Mode) to a Remote Device
Sun UNIX Server
Remote User
Serial Cable to Port 2
Modem
Phone System
SLC 8000 Advanced Console Manager
Serial Cable
to Port 1
Phone
Line
In this example, the sysadmin would:
1. Configure the device port that the modem is connected to for dial-in:
[SLC]> set deviceport port 1 modemmode text
Device Port settings successfully updated.
[SLC]> set deviceport port 1 initscript "AT&F&K3&C1&D2%C0A"
Device Port settings successfully updated.
[SLC]> set deviceport port 1 auth pap
Device Port settings successfully updated.
[SLC]> set deviceport port 1 localsecret "password"
Device Port settings successfully updated.
[SLC]> set deviceport port 1 modemstate dialin
Device Port settings successfully updated.
[SLC]>
2. Configure the device port that is connected to the console port of the Sun UNIX server:
[SLC]> set deviceport port 2 baud 57600 flowcontrol none
Device Port settings successfully updated.
3. Dial into the SLC 8000 advanced console manager via the modem using a terminal emulation
program on a remote PC. A command line prompt displays.
4. Log into the SLC unit.
CONNECT 57600
Welcome to the SLC
login: sysadmin
Password:
Welcome to the SLC Console Manager
Model Number: SLC 8048
For a list of commands, type 'help'.
[SLC]>
SLC™ 8000 Advanced Console Manager User Guide
257
Download from Www.Somanuals.com. All Manuals Search And Download.
13: Application Examples
5. Connect to the SUN Unix server using the direct command.
[SLC]> connect direct deviceport 2
SunOS 5.7
login: frank
Password:
Last login: Wed Jul 14 16:07:49 from computer
Sun Microsystems Inc.SunOS 5.7Generic October 1998
SunOS computer 5.7 Generic_123485-05 sun4m sparc SUNW,SPARCstation-20
$
6. Use the escape sequence to escape from direct mode back to the command line interface.
Local Serial Connection to Network Device via Telnet
This example shows a terminal device connected to an SLC device port, and a Sun server
connected over the network to the SLC device. When a connection is established between the
device port and an outbound Telnet session, users can access the Sun server as though they
Figure 13-4 Local Serial Connection to Network Device via Telnet
Sun UNIX Server
SLC 8000 Advanced Console Manager
Internet
Serial Cable
to Device Port 2
In this example, the sysadmin would:
1. Display the current settings for device port 2:
[SLC]> show deviceport port 2
___Current Device Port
Settings________________________________________________
Number: 2 Name: Port-2
Modem Settings-------------Data Settings-----------IP Settings-------
Modem State: disabled
Modem Mode: text
Timeout Logins: disabled Stop Bits: 1
Baud Rate: 9600
Data Bits: 8
Telnet: disabled
Telnet Port: 2002
SSH: disabled
Local IP: negotiate
Remote IP: negotiate
Authentication: PAP
CHAP Host: <none>
CHAP Secret: <none>
NAT: disabled
Parity: none
Flow Control: xon/xoff IP: <none>
Logins: disabled
Break Sequence: \x1bB
Check DSR: disabled
Close DSR: disabled
SSH Port: 3002
Dial-out Login: <none>
Dial-out Password: <none>
Dial-out Number: <none>
Dial-back Number: usernumber
Initialization Script: <none>
SLC™ 8000 Advanced Console Manager User Guide
258
Download from Www.Somanuals.com. All Manuals Search And Download.
13: Application Examples
Logging Settings----------------------------------------------------
Local Logging: disabled
Email Logging: disabled
Byte Threshold: 100
USB Logging: disabled
Log to: upper slot
Max number of files: 10
Email Delay: 60 seconds Max size of files: 2048
Restart Delay: 60 seconds
Email To: <none>
Email Subject: Port %d Logging
Email String: <none>
NFS File Logging: disabled
Directory to log to: <none>
Max number of files: 10
Max size of files: 2048
2. Change the serial settings to match the serial settings for the vt100 terminal - changes baud to
57600 and disables flow control:
[SLC]> set deviceport port 2 baud 57600 flowcontrol none
Device Port settings successfully updated.
3. Create a connection between the vt100 terminal connected to device port 2 and an outbound
telnet session to the server. (The IP address of the server is 192.168.1.1):
[SLC]> connect bidirection 2 telnet 192.168.1.1
Connection settings successfully updated.
4. At the VT100 terminal, hit <return> a couple of times. The Telnet prompt from the server
displays:
Trying 192.168.1.1...
Connected to 192.168.1.1.
Escape character is '^]'.
Sun OS 8.0
login:
At this point, a user can log in and interact with the Sun server at the VT100 terminal as if directly
connected to the server.
SLC™ 8000 Advanced Console Manager User Guide
259
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
After an introduction to using commands, this chapter lists and describes all of the commands
available on the SLC command line interface accessed through Telnet, SSH, or a serial
connection. The commands are in alphabetical order by category.
Introduction to Commands
Following is some information about command syntax, command line help, and tips for using
commands.
Command Syntax
Commands have the following format:
<action> <category> <parameter(s)>
where
<action> is set, show, connect, admin, diag, or logout.
<category> is a group of related parameters whose settings you want to
configure or view. Examples are ntp, deviceport, and network.
<parameter(s)> is one or more name-value pairs in one of the following
formats:
User must specify one of the values (aa or bb) separated by a
vertical line ( | ). The values are in all lowercase and must be
entered exactly as shown. Bold indicates a default value.
<parameter name> <aa|bb>
User must specify an appropriate value, for example, an IP
address. The parameter values are in mixed case. Square brackets
[ ] indicate optional parameters.
<parameter name> <Value>
Table 14-1 Actions and Category Options
Action
Category
set
auth|cifs|cli|command|consoleport|datetime|deviceport|
groups|history|hostlist|intmodem|ipfilter|kerberos|ldap|
localusers|log|menu|network|nfs|nis|ntp|password|radius|
remoteusers|routing|script|sdcard|security|services|site|
slcnetwork|sshkey|tacacs+|temperature|usb|vpn
show
auth|auditlog|cifs|cli|connections|consoleport|datetime|
deviceport|emaillog|groups|history|hostlist|intmodem|
ipfilter|kerberos|ldap|localusers|log|menu|network|nfs|nis|
ntp|portcounters|portstatus|radius|remoteusers|routing|
script|sdcard|security|services|site|slcnetwork|sshkey|
sysconfig|syslog|sysstatus|tacacs+|temperature|usb|user|vpn
connect
bidirection|direct|global|listen|restart|script|terminate
|unidirection
SLC™ 8000 Advanced Console Manager User Guide
260
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Action
Category
(continued)
diag
arp|internals|lookup|loopback|netstat|nettrace|perfstat|ping
|ping6|sendpacket|top|traceroute
admin
logout
banner|clear|config|events|firmware|ftp|keypad|lcd|memory
|quicksetup|reboot|shutdown|site|version|web
Terminates CLI session.
Command Line Help
For general Help and to display the commands to which you have rights, type:
help
For general command line Help, type:
help command line
For more information about a specific command, type help followed by the command, for
example:
help set network or help admin firmware
Tips
Type enough characters to identify the action, category, or parameter name uniquely. For
parameter values, type the entire value. For example, you can shorten:
set network port 1 state static ipaddr 122.3.10.1 mask 255.255.0.0
to
se net po 1 st static ip 122.3.10.1 ma 255.255.0.0
Use the Tab key to automatically complete action, category, or parameter names. Type a
partial name and press Tab either to complete the name if only one is possible, or to display
the possible names if more than one is possible. Following a space after the preceding name,
Tab displays all possible names.
Should you make a mistake while typing, backspace by pressing the Backspace key and/or
the Delete key, depending on how you accessed the interface. Both keys work if you use
VT100 emulation in your terminal access program when connecting to the console port. Use
the left
and right
arrow keys to move within a command.
Use the up
and down
arrows to scroll through previously entered commands. If desired,
select one and edit it. You can scroll through up to 100 previous commands entered in the
session.
To clear an IP address, type 0.0.0.0, or to clear a non-IP address value, type CLEAR.
When the number of lines displayed by a command exceeds the size of the window (the
default is 25), the command output is halted until the user is ready to continue. To display the
next line, press Enter, and to display the page, press the space bar. You can override the
number of lines (or disable the feature altogether) with the set cli command.
SLC™ 8000 Advanced Console Manager User Guide
261
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Keyboard Shortcuts:
Control-a: move to the start of the line
Control-e: move to the end of the line
Control-b: move back to the start of the current word
Control-f: move forward to the end of the next word
Control-u: erase from cursor to the beginning of the line
Control-k: erase from cursor to end of the line
Administrative Commands
admin banner login
Syntax
admin banner login <Banner Text>
Description
Configures the banner displayed after the user logs in.
Note: To go to the next line, type \n and press Enter.
admin banner logout
Syntax
admin banner logout <Banner Text>
Description
Configures the banner displayed after the user logs out.
Note: To go to the next line, type \n and press Enter.
admin banner show
Syntax
admin banner show
Description
Displays the welcome, SSH, login, and logout banners.
SLC™ 8000 Advanced Console Manager User Guide
262
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin banner ssh
Syntax
admin banner ssh <Banner Text>
Description
Configures the banner that displays prior to SSH authorization.
admin banner welcome
Syntax
admin banner welcome <Banner Text>
Description
Configures the banner displayed before the user logs in.
Note: To go to the next line, type \n and press Enter.
admin config delete
Syntax
admin config delete <Config Name> location <local|nfs|cifs|usb|sdcard>
[usbport <U1|U2>] nfsdir <NFS Mounted Directory>
admin config rename <Config Name> location <local|nfs|cifs|usb|sdcard>
[usbport <U1|U2>] nfsdir <NFS Mounted Directory>
Description
Deletes or renames a configuration.
admin config factorydefaults
Syntax
admin config factorydefaults [savesshkeys <enable|disable>] [savesslcert
<enable|disable>] [preserveconfig <Config Params to Preserve>]
[savescripts <enable|disable>]
SLC™ 8000 Advanced Console Manager User Guide
263
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
<Config Params to Preserve> is a comma-separated list of current configuration
parameters to retain after the config restore or factorydefaults:
Networking
Services
nt
sv
dt
lu
dp
ub
Date/Time
Local Users
Device Ports
USB Port/SD Card
Description
Restores the SLC unit to factory default settings.
admin config restore
Syntax
admin config restore <Config Name> location
<local|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS Mounted Dir>] [usbport
<U1|U2>] [preserveconfig <Config Params to Preserve>]
[savesshkeys <enable|disable>]
[savesslcert <enable|disable>]
[savescripts <enable|disable>]
<Config Params to Preserve> is a comma-separated list of current configuration
parameters to retain after the config restore or factorydefaults:
Networking
Services
nt
sv
dt
lu
dp
ub
Date/Time
Local Users
Device Ports
USB Port/SD Card
Description
Restores a saved configuration to the SLC 8000 advanced console manager.
admin config save
Syntax
admin config save <Config Name> location
<default|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS Mounted Dir>]
[usbport <U1|U2>]
[savesshkeys <enable|disable>]
[savesslcert <enable|disable>]
[savescripts <enable|disable>]
SLC™ 8000 Advanced Console Manager User Guide
264
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Saves the current SLC configuration to a selected location.
admin config show
Syntax
admin config show <show|ftp|sftp|nfs|cifs|usb|sdcard> [nfsdir <NFS
Mounted Dir>] [usbport <U1|U2>]
Description
Lists the configurations saved to a location.
admin firmware bootbank
Syntax
admin firmware bootbank <1|2>
Description
Sets the boot bank to be used at the next SLC reboot.
admin firmware show
Syntax
admin firmware show [viewlog <enable|disable>]
Description
Lists the current firmware revision, the boot bank status, and optionally
displays the log containing details about firmware updates.
admin firmware update
Syntax
admin firmware update <ftp|tftp|sftp|nfs|usb|sdcard> file <Firmware
File> key <Checksum Key> [nfsdir <NFS Mounted Dir>] [usbport <U1|U2>]
Description
Updates SLC firmware to a new revision.
You should be able to access the firmware file using the settings admin ftp show displays. The
SLC 8000 advanced console manager automatically reboots after successful update.
SLC™ 8000 Advanced Console Manager User Guide
265
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin ftp password
Syntax
admin ftp password
Description
Sets the FTP server password and prevent it from being echoed.
admin ftp server
Syntax
admin ftp server <IP Address or Hostname> [login <User Login>] [path
<Directory>]
Description
Sets the FTP/TFTP/SFTP server used for firmware updates and configuration save/restore.
admin ftp show
Syntax
admin ftp show
Description
Displays FTP settings.
admin keypad
Syntax
admin keypad <lock|unlock>
Description
Locks or unlocks the LCD keypad.
If the keypad is locked, you can scroll through settings but not change them.
admin keypad password
Syntax
admin keypad password <Password>
Must be 6 digits.
Description
Changes the Restore Factory Defaults password used at the LCD to return the SLC advanced
console server to the factory settings.
SLC™ 8000 Advanced Console Manager User Guide
266
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin keypad show
Syntax
admin keypad show
Description
Displays keypad settings.
admin lcd reset
Syntax
admin lcd reset
Description
Restarts the program that controls the LCD.
admin memory show
Syntax
admin memory show
Description
Displays information about SLC memory usage.
admin memory swap add <Size of Swap in MB> usbport <U1|U1>
Syntax
admin memory swap add <Size of Swap in MB> usbport <U1|U1>
Description
Creates a swap space from an external storage device.
admin memory swap delete
Syntax
admin memory swap delete
Description
Deletes the swap space from an external storage device.
SLC™ 8000 Advanced Console Manager User Guide
267
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin quicksetup
Syntax
admin quicksetup
Description
Runs the quick setup script.
admin reboot
Syntax
admin reboot
Description
Reboots the SLC 8000 advanced console manager.
The front panel LCD displays the “Rebooting the SLC” message, and the normal boot sequence
occurs.
admin shutdown
Syntax
admin shutdown
Description
Prepares the SLC 8000 advanced console manager to be powered off.
When you use this command to shut down the SLC console manager, the LCD front panel
displays the “Shutting down the SLC” message, followed by a pause, and then “Shutdown
complete.” When “Shutdown complete” displays, it is safe to power off the SLC 8000 advanced
console manager.
admin site
Syntax
admin site row <Data Center Rack Row Number>
admin site cluster <Data Center Rack Group Number>
admin site rack <Data Center Rack Number>
Description
Configures information about the site where the SLC 8000 advanced console manager is located.
SLC™ 8000 Advanced Console Manager User Guide
268
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin version
Syntax
admin version
Description
Displays current hardware and firmware information.
admin web certificate
Syntax
admin web certificate import via <sftp|scp> certfile <Certificate File>
privfile <Private Key File> host <IP Address or Name>
login <User Login> [path <Path to Files>]
Description
Imports an SSL certificate.
admin web certificate reset
Syntax
admin web certificate reset
Description
Resets a web certificate.
admin web certificate show
Syntax
admin web certificate show
Description
Displays a web certificate.
admin web gadget
Syntax
admin web gadget <enable|disable>
Description
Enables or disables iGoogle Gadget web content.
SLC™ 8000 Advanced Console Manager User Guide
269
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin web group
Syntax
admin web group <Local or Remote Group Name>
Description
Configures the group that can access the web.
admin web timeout
Syntax
admin web timeout <disable|5-120>
Description
Configures the timeout for web sessions.
admin web terminate
Syntax
admin web terminate <Session ID>
Description
Terminates a web session.
admin web show
Syntax
admin web show [viewslmsessions <enable|disable>]
Description
Displays the current sessions and their ID.
admin web banner
Syntax
admin web banner
Description
Configures the banner displayed on the web home page.
SLC™ 8000 Advanced Console Manager User Guide
270
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin web iface <none,eth1,eth2,ppp>
Syntax
admin web iface <none,eth1,eth2,ppp>
Description
Defines a list of network interfaces the web is available on.
admin web protocol <sslv2|nosslv2>
Syntax
admin web protocol <sslv2|nosslv2>
Description
Configures the web server to use SSLv2 in addition to SSLv3 and TLSv1.
admin web timeout <disable|5-120 minutes>
Syntax
admin web timeout <disable|5-120 minutes>
Description
Configures the timeout for web sessions.
admin web cipher <himed|himedlow|fips>
Syntax
admin web cipher <himed|himedlow|fips>
Description
Configures the strength of the cipher used by the web server (high is 256 or 128 bit, medium is 128
bit, low is 64, 56 or 40 bit, fips is the current FIPS-approved SSL ciphers)
Audit Log Commands
show auditlog
Syntax
show auditlog [command|user|clear]
SLC™ 8000 Advanced Console Manager User Guide
271
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Displays audit log. By default, shows the audit log sorted by date/time. You can sort it by user or
command, or clear the audit log.
Authentication Commands
set auth
Syntax
set auth <one or more parameters>
Parameters
authusenextmethod <enable|disable>
kerberos <1-6>
ldap <1-6>
localusers <1-6>
nis <1-6>
radius <1-6>
tacacs+ <1-6>
Description
Sets ordering of authentication methods.
Local Users authentication is always the first method used. Any methods omitted from the
command are disabled.
show auth
Syntax
show auth
Description
Displays authentication methods and their order of precedence.
show user
Syntax
show user
Description
Displays attributes of the currently logged in user.
SLC™ 8000 Advanced Console Manager User Guide
272
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Kerberos Commands
set kerberos
Syntax
set kerberos <one or more parameters>
Parameters
clearports <Port List>
custommenu <Menu Name>
dataports <Port List>
breakseq <1-10 Chars>
escapeseq <1-10 Chars>
group <default|power|admin>
ipaddr <Key Distribution Center IP Address>
kdc <Key Distribution Center>
listenports <Port List>
permissions <Permission List>
rights.
port <Key Distribution Center TCP Port>
realm <Kerberos Realm>
state <enable|disable>
useldapforlookup <enable|disable>
Description
Configures the SLC 8000 advanced console manager to use Kerberos to authenticate users who
log in via the Web, SSH, Telnet, or the console port.
show kerberos
Syntax
show kerberos
Description
Displays Kerberos settings.
SLC™ 8000 Advanced Console Manager User Guide
273
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
LDAP Commands
set ldap
Syntax
set ldap <one or more parameters>
Parameters
state <enable|disable>
server <IP Address or Name>
port <TCP Port>
base <LDAP Base>
bindname <Bind Name>
bindwithlogin <enable|disable>
useldapschema <enable|disable>
adsupport <enable|disable>
filteruser <User Login Attribute>
filtergroup <Group Objectclass>
grmemberattr <Group Membership Attribute>
grmembervalue <dn|name>
encrypt <starttls|ssl|disable>
dataports <Port List>
listenports <Port List>
clearports <Port List>
escapeseq <1-10 Chars>
breakseq <1-10 Chars>
custommenu <Menu Name>
allowdialback <enable|disable>
dialbacknumber <Phone Number>
group <default|power|admin>
permissions <Permission List>
Default is 389.
user rights.
Description
Configures the SLC 8000 advanced console manager to use LDAP to authenticate users who log
in via the Web, SSH, Telnet, or the console port.
set ldap bindpassword
Description
Set the LDAP bind password.
Syntax
set ldap bindpassword
SLC™ 8000 Advanced Console Manager User Guide
274
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set ldap certificate import|delete
Description
Import or delete an LDAP certificate.
Syntax
set ldap certificate import via <sftp|scp> rootfile <Cert Auth File>
certfile <Certificate File> keyfile <Key File>
host <IP Address or Name> login <User Login> [path <Path to Files>]
set ldap certificate delete
show ldap
Syntax
show ldap
Description
Displays LDAP settings.
Local Users Commands
set localusers add|edit
Syntax
set localusers add|edit <User Login> <one or more parameters>
Parameters
allowdialback <enable|disable>
breakseq <1-10 Chars>
changenextlogin <enable|disable>
changepassword <enable|disable>
clearports <Port List>
dataports <Port List>
dialbacknumber <Phone Number>
displaymenu <enable|disable>
escapeseq <1-10 Chars>
listenports <Port List>
custommenu <Menu Name>
uid <User Identifier>
group <default|power|admin|Custom Group Name>
passwordexpires <enable|disable>
permissions <Permission List>
user rights.
SLC™ 8000 Advanced Console Manager User Guide
275
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Configures local accounts (including sysadmin) who log in to the SLC 8000 advanced console
manager by means of the Web, SSH, Telnet, or the console port.
set localusers allowreuse
Syntax
set localusers allowreuse <enable|disable>
Description
Sets whether a login password can be reused.
set local users complexpasswords
Syntax
set localusers complexpasswords <enable|disable>
Description
Sets whether a complex login password is required.
set localusers state
Syntax
set localusers state <enable|disable>
Description
Enables or disables authentication of local users.
set localusers delete
Syntax
set localusers delete <User Login>
Description
Deletes a local user.
set localusers lifetime
Syntax
set localusers lifetime <Number of Days>
Description
Sets the number of days the login password may be used. The default is 90 days.
SLC™ 8000 Advanced Console Manager User Guide
276
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set localusers maxloginattempts
Syntax
set localusers maxloginattempts <Number of Logins>
Description
Sets the maximum number of login attempts before the account is locked. Disabled by default.
set localusers password
Syntax
set localusers password <User Login>
Description
Sets a login password for the local user.
set localusers periodlockout
Syntax
set localusers periodlockout <Number of Minutes>
Description
Sets the number of minutes after a lockout before the user can try to log in again. Disabled by
default.
set localusers periodwarning
Syntax
set localusers periodwarning <Number of Days>
Description
Sets the number of days the system warns the user that the password will be expiring. The default
is 7 days.
set localusers reusehistory
Syntax
set localusers reusehistory <Number of Passwords>
Description
Sets the number of passwords the user must use before reusing an old password. The default is
4.
SLC™ 8000 Advanced Console Manager User Guide
277
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set localusers state
Syntax
set localusers state <enable|disable>
Description
Enables or disables authentication of local users.
show localusers
Syntax
show localusers [user <User Login>]
Description
Displays local users.
NIS Commands
set nis
Syntax
set nis <one or more parameters>
Parameters
broadcast <enable|disable>
clearports <Port List>
custommenu <Menu Name>
dataports <Port List>
domain <NIS Domain Name>
breakseq <1-10 Chars>
escapeseq <1-10 Chars>
group <default|power|admin>
listenports <Port List>
master <IP Address or Hostname>
permissions <Permission List>
user rights.
slave1 <IP Address or Hostname>
slave2 <IP Address or Hostname>
slave3 <IP Address or Hostname>
slave4 <IP Address or Hostname>
slave5 <IP Address or Hostname>
state <enable|disable>
SLC™ 8000 Advanced Console Manager User Guide
278
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Configures the SLC 8000 advanced console manager to use NIS to authenticate users who log in
via the Web, SSH, Telnet, or the console port.
show nis
Syntax
show nis
Description
Displays NIS settings.
RADIUS Commands
set radius
Syntax
set radius <one or more parameters>
Parameters
state <enable|disable>
clearports <Port List>
custommenu <Menu Name>
dataports <Port List>
breakseq <1-10 Chars>
escapeseq <1-10 Chars>
group <default|power|admin>
listenports <Port List>
permissions <Permission List>
user rights.
timeout <enable|1-30>
Note: Sets the number of seconds after which the connection attempt times out. It may
be 1-30 seconds.
Description
Configures the SLC 8000 advanced console manager to use RADIUS to authenticate users who
log in via the Web, SSH, Telnet, or the console port.
SLC™ 8000 Advanced Console Manager User Guide
279
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set radius server
Syntax
set radius server <1|2> host <IP Address or Hostname> secret <Secret>
[port <TCP Port>]
Description
Identifies the RADIUS server(s), the text secret, and the number of the TCP port on the RADIUS
server.
Note: The default port is 1812.
show radius
Syntax
show radius
Description
Displays RADIUS settings.
TACACS+ Commands
set tacacs+
Syntax
set tacacs+ <one or more parameters>
Parameters
clearports <Port List>
custommenu <Menu Name>
dataports <Port List>
encrypt <enable|disable>
breakseq <1-10 Chars>
escapeseq <1-10 Chars>
group <default|power|admin>
listenports <Port List>
permissions <Permission List>
user rights.
secret <TACACS+ Secret>
server1 <IP Address or Name>
server2 <IP Address or Name>
server3 <IP Address or Name>
SLC™ 8000 Advanced Console Manager User Guide
280
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
state <enable|disable>
Description
Configures the SLC 8000 advanced console manager to use TACACS+ to authenticate users who
log in via the Web, SSH, Telnet, or the console port.
show tacacs+
Syntax
show tacacs+
Description
Displays TACACS+ settings.
User Permissions Commands
set localusers group
Syntax
set localusers add|edit <user> group <default|power|admin>
Description
Adds a local user to a user group or changes the group the user belongs to.
set localusers lock
Syntax
set local users unlock <User Login>
Description
Blocks (locks) a user's ability to login.
set localusers unlock
Syntax
set local users unlock <User Login>
Description
Allows (unlocks) a user's ability to login.
SLC™ 8000 Advanced Console Manager User Guide
281
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set localusers permissions
Syntax
set localusers add|edit <user> permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user
permission.
Description
Sets a local user's permissions (not defined by the user group).
set remoteusers add|edit
Syntax
set remoteusers add|edit <User Login> [<parameters>]
Parameters
dataports <Port List>
breakseq <1-10 Chars>
escapeseq <1-10 Chars>
listenports <Port List>
clearports <Port List>
group <default|power|admin|Custom Group Name>
permissions <Permissions List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.
Description
Sets attributes for users who log in by a remote authentication method.
set remoteusers listonlyauth
Syntax
set remoteusers listonlyauth <enable|disable>
Description
Sets whether remote users who are not part of the remote user list will be authenticated.
SLC™ 8000 Advanced Console Manager User Guide
282
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set remoteusers delete
Syntax
set remoteusers delete <User Login>
Description
Removes a remote user.
show remoteusers
Syntax
show remoteusers
Description
Displays settings for all remote users
set <nis|ldap|radius|kerberos|tacacs+> group
Syntax
set <nis|ldap|radius|kerberos|tacacs> group <default|power|admin>
Description
Sets a permission group for remotely authorized users.
set <nis|ldap|radius|kerberos|tacacs+> permissions
Syntax
set <nis|ldap|radius|kerberos|tacacs> permissions <Permission List>
where
<Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do,
ub, rs, rc, dr, wb, sn, ad, md, sd
Description
Sets permissions not already defined by the assigned permissions group.
show user
Syntax
show user
Description
Displays the rights of the currently logged-in user.
SLC™ 8000 Advanced Console Manager User Guide
283
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
CLI Commands
set cli
Syntax
set cli scscommands <enable|disable>
Description
Allows you to use SCS-compatible commands as shortcuts for executing commands. Enabling
this feature enables it only for the current cli session. It is disabled by default.
Note: Settings are retained between CLI sessions for local users and users listed in the
remote users list.
set cli terminallines
Syntax
set cli terminallines <disable|Number of lines>
Description
Sets the number of lines in the terminal emulation (screen) for paging through text one screenful at
a time, if the SLC 8000 advanced console manager cannot detect the size of the terminal
automatically.
Note: Settings are retained between CLI sessions for local users and users listed in the
remote users list.
set localusers lock
Syntax
set localusers lock <User Login>
Description
Block (lock out) a user’s ability to log in.
set localusers unlock
Syntax
set localusers unlock <User Login>
Description
Allow (unlock) a user’s ability to log in.
SLC™ 8000 Advanced Console Manager User Guide
284
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show cli
Syntax
show cli
Description
Displays current CLI settings.
show user
Syntax
show user
Description
Displays attributes of the currently logged in user.
set history
Syntax
set history clear
Description
Clears the commands that have been entered during the command line interface session.
show history
Syntax
show history
Description
Displays the last 100 commands entered during the session.
Connection Commands
connect bidirection
Syntax
connect bidirection <Port # or Name> <endpoint> <one or more Parameters>
Parameters
Endpoint is one of:
SLC™ 8000 Advanced Console Manager User Guide
285
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
charcount <# of Chars>
charseq <Char Sequence>
charxfer <toendpoint|fromendpoint>
date <MMDDYYhhmm[ss]>
deviceport <Device Port # or Name>
exclusive <enable|disable>
ssh <IP Address or Name> [port <TCP Port>][<SSH flags>]
where <SSH flags> is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
telnet <IP Address or Name> [port <TCP Port>]
trigger <now|datetime|chars>
If the trigger is datetime(establish connection at a specified date/time), enter the date
parameter. If the trigger is chars(establish connection on receipt of a specified number or
characters or a character sequence), enter the charxferparameter and either the charcount
or the charseq parameter.
udp <IP Address> [port <UDP Port>]
Description
Connects a device port to another device port or an outbound network connection (data flows in
both directions).
connect direct
Syntax
connect direct <endpoint>
Parameters
Endpoint is one of:
deviceport <Device Port # or Name>
ssh <IP Address or Name> [port <TCP Port>][<SSH flags>]
where <SSH flags> is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
telnet <IP Address or Name> [port <TCP Port>]
udp <IP Address> [port <UDP Port>
Description
Connects to a device port to monitor and/or interact with it, or establishes an outbound network
connection.
connect global outgoingtimeout
SLC™ 8000 Advanced Console Manager User Guide
286
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Syntax
connect global outgoingtimeout <disable|1-9999 seconds>
Description
Sets the amount of time the SLC 8000 advanced console manager will wait for a response (sign of
life) from an SSH/Telnet server that it is trying to connect to.
Note: This is not a TCP timeout.
connect listen deviceport
Syntax
connect listen deviceport <Device Port # or Name>
Description
Monitors a device port.
connect terminate
Syntax
connect terminate <Connection ID>
Description
Terminates a bidirectional or unidirectional connection.
connect unidirection
Syntax
connect unidirection <Device Port # or Name> dataflow
<toendpointfromendpoint> <endpoint>
Parameters
Endpoint is one of:
charcount <# of Chars>
charseq <Char Sequence>
datetime <MMDDYYhhmm[ss]>
deviceport <Port # or Name>
exclusive <enable|disable>
ssh <IP Address or Name> [port <TCP Port][<SSH flags>]
where <SSH flags> is one or more of:
user <Login Name>
version <1|2>
command <Command to Execute>
tcp <IP Address> [port <TCP Port>]
SLC™ 8000 Advanced Console Manager User Guide
287
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
telnet <IP Address or Name> [port <TCP Port]
trigger <now|datetime|chars>
If the trigger is datetime(establish connection at a specified date/time), enter the date
parameter. If the trigger is chars(establish connection on receipt of a specified number or
characters or a character sequence), enter either the charcountor the charseq parameter.
udp <IP Address> [port <UDP Port>]
Description
Connects a device port to another device port or an outbound network connection (data flows in
one direction).
show connections
Syntax
show connections [email <Email Address>]
Description
Displays connections and their IDs. You can optionally email the displayed information.
The connection IDs are in the left column of the resulting table. The connection ID associated with
a particular connection may change if the connection times out and is restarted.
show connections connid
Syntax
show connections connid <Connection ID> [email <Email Address>]
Description
Displays details for a single connection. You can optionally email the displayed information.
Console Port Commands
set consoleport
Syntax
set consoleport <one or more parameters>
Parameters
baud <300-230400>
databits <7|8>
flowcontrol <none|xon/xoff|rts/cts>
group <Local or Remote Group Name>
parity <none|odd|even>
showlines <enable|disable>
stopbits <1|2>
SLC™ 8000 Advanced Console Manager User Guide
288
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
timeout <disable|1-30>
Description
Configures console port settings.
show consoleport
Syntax
show consoleport
Description
Displays console port settings.
Custom User Menu Commands
When creating a custom user menu, note the following limitations:
Maximum of 20 custom user menus.
Maximum of 50 commands per custom user menu (logoutis always the last command).
Maximum of 15 characters for menu names.
Maximum of five nested menus can be called.
No syntax checking. (Enter each command correctly.)
set localusers
Syntax
set localusers add|edit <User Login> menu <Menu Name>
Description
Assigns a custom user menu to a local user.
set menu add
Syntax
set menu add <Menu Name> [command <Command Number>]
Description
Creates a new custom user menu or adds a command to an existing custom user menu.
set menu edit
Syntax
set menu edit <Menu Name> <parameter>
SLC™ 8000 Advanced Console Manager User Guide
289
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
command <Command Number>
nickname <Command Number>
redisplaymenu <enable|disable>
shownicknames <enable|disable>
title <Menu Title>
Description
Changes a command within an existing custom user menu.
Changes a nickname within an existing custom user menu.
Enables or disables the redisplay of the menu before each prompt.
Enables or disables the display of command nicknames instead of commands.
Sets the optional title for a menu.
set menu delete
Syntax
set menu delete <Menu Name> [command <Command Number>]
Description
Deletes a custom user menu or one command within a custom user menu.
set <nis|ldap|radius|kerberos|tacacs+> custommenu
Syntax
set <nis|ldap|radius|kerberos|tacacs> custommenu <Menu Name>
Description
Sets a default custom menu for remotely authorized users.
show menu
Syntax
show menu <all|Menu Name>
Description
Displays a list of all menu names or all commands for a specific menu.
SLC™ 8000 Advanced Console Manager User Guide
290
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Date and Time Commands
set datetime
Syntax
set datetime <one date/time parameter>
Parameters
date <MMDDYYhhmm[ss]>
timezone <Time Zone>
Note: If you type an invalid time zone, the system guides you through the process of
selecting a time zone.
Description
Sets the local date, time, and local time zone (one parameter at a time).
show datetime
Syntax
show datetime
Description
Displays the local date, time, and time zone.
set ntp
Syntax
set ntp <one or more ntp parameters>
Parameters
localserver1 <IP Address or Hostname>
localserver2 <IP Address or Hostname>
localserver3 <IP Address or Hostname>
poll <local|public>
publicserver <IP Address or Hostname>
state <enable|disable>
sync <broadcast|poll>
Description
Synchronizes the SLC 8000 advanced console manager with a remote time server using NTP.
SLC™ 8000 Advanced Console Manager User Guide
291
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show ntp
Syntax
show ntp
Description
Displays NTP settings.
Device Commands
set command
Syntax
set command <Device Port # or Name or List> <one or more parameters>
Parameters
slp|servertech auth login <User Login>
Establishes the authentication information to log into the SLP power manager or ServerTech CDU
attached to the device port.
slp|servertech restart
Issues the CLI command the SLP or ServerTech CDU uses to restart itself.
slp|servertech outletcontrol state <on|off|cyclepower> [outlet <Outlet
#>][tower <A|B>]
Outlet # is 1-8 for SLP8 and 1-16 for SLP16. For the ServerTech CDU, the valid range of outlets is
specified by the number of outlets settings (for Tower A) or number of expansion outlets settings
(for Tower B) - see below.
The outletcontrol parameters control individual outlets.
slp|servertech outletstate [outlet <Outlet #>] [tower <A|B>]
The outletstate parameter shows the state of all outlets or a single outlet.
slp|servertech envmon
Displays the environmental status (e.g., temperature and humidity) of the SLP power manager or
the ServerTech CDU.
slp|servertech infeedstatus
Displays the infeed status and load of the SLP or ServerTech CDU.
slp|servertech system
Displays the system configuration information, such as firmware, revision and uptime.
slp|servertech config [prompt <Command Prompt>]
SLC™ 8000 Advanced Console Manager User Guide
292
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Enter the prompt displayed by the SLP or ServerTech CDU device. This will default to a typical
prompt for an SLP or ServerTech CDU. If you are unable to control the SLP or ServerTech CDU
device, verify that the prompt is set to the right value.
[numoutlets <Number of Outlets>]
[numexpoutlets <Number of Expansion Outlets>]
Enter the number of outlets for a ServerTech CDU main unit or the number of outlets for a
ServerTech CDU expansion unit. This settings is not applicable for an SLP.
slp|servertech config [prompt <Command Prompt>]
Displays the system configuration information, such as firmware, revision and uptime.
sensorsoft lowtemp <Low Temperature in C.>
Sets the lowest temperature permitted for the port.
sensorsoft hightemp <High Temperature in C.>
Sets the hightest temperature permitted for the port.
sensorsoft lowhumidity <Low Humidity %>
Sets the lowest humidity pemitted for the port.
sensorsoft highhumidity <High Humidity %>
Sets the lowest humidity permitted for the port.
sensorsoft degrees <celsius|fahrenheit>
Enables or disables temperature settings as celcius or fahrenheit.
sensorsoft traps <enable|disable>
Enables or disables traps when specified conditions are met.
sensorsoft status
Displays the status of the port.
Description
Sends commands to (or control) a device connected to an SLC device port over the serial port.
Note: Currently the only devices supported for this type of interaction are the SLP
device, ServerTech CDUs, and Sensorsoft devices.
Device Port Commands
set deviceport port
Description
Sets the dialout password.
SLC™ 8000 Advanced Console Manager User Guide
293
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Syntax
set deviceport port <Device Port List or Name> <one or more device port
parameters>
Example: set deviceport port 2-5,6,12,15-16 baud 2400
Parameters
auth <pap|chap>
banner <Banner Text>
baud <300-230400>
breakseq <1-10 Chars>
calleridcmd <Modem Command String>
calleridlogging <enable| disable>
cbcptype <admin|user>
cbcpnocallback <enable|disable>
chapauth <chaphost|localusers>
chaphost <CHAP Host or User Name>
chapsecret <CHAP Secret or User Password>
The user defines the secret.
checkdsr <enable|disable>
closedsr <enable|disable>
databits <7|8>
device
<none|slp8|slp16slp8exp8|slp8exp16|slp16exp8|slp16exp16|sensorsoft|
servertech>
dialbackdelay <PPP Dial-back Delay>
dialbacknumber <usernumber|Phone Number>
dialbackretries <1-10>
dialoutlogin <User Login>
dialoutnumber <Phone Number>
dodauth <pap|chap>
dodchaphost <CHAP Host or User Name>
dodchapsecret <CHAP Secret or User Password>
flowcontrol <none|xon/xoff|rts/cts>
group <Local or Remote Group Name>
initscript <Initialization Script>
Note: We recommend preceding the initscript with AT and include E1 V1 x4 Q0 so that
the SLC 8000 advanced console manager may properly control the modem.
sshtimeout <disable|1-1800 seconds>
tcptimeout <disable|1-1800 seconds>
telnettimeout <disable|1-1800 seconds>
usesites <enable|disable>
ipaddr <IP Address[/Mask Bits]>
localipaddr <negotiate|IP Address>
logins <enable|disable>
modemmode <text|ppp>
modemstate <disable|dialin|dialout|dialback|dialinhostlist|dialondemand|
dialin+ondemand|dialback+ondemand|cbcpclient|cbcpserver>
modemtimeout <disable|1-9999 seconds>
SLC™ 8000 Advanced Console Manager User Guide
294
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
name <Port Name>
nat <enable|disable>
parity <none|odd|even>
remoteipaddr <negotiate|IP Address>
restartdelay <PPP Restart Delay>
reversepinout<enable|disable>
sshauth <enable|disable>
sshin <enable|disable>
sshport <TCP Port>
stopbits <1|2>
telnetauth <enable|disable>
telnetin <enable|disable>
telnetport <TCP Port>
timeoutlogins <disable or 1-30>
webcolumns <Web SSH/Telnet Cols>
webrows <Web SSH/Telnet Rows>
Description
Configures a single port or a group of ports.
set deviceport global
Syntax
set deviceport global <one or more parameters>
Parameters
sshport <TCP Port>
telnetport <TCP Port>
tcpport <TCP Port>
Description
Configures settings for all or a group of device ports.
show deviceport global
Syntax
show deviceport global
Description
Displays global settings for device ports.
show deviceport names
Syntax
show deviceport names
SLC™ 8000 Advanced Console Manager User Guide
295
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Displays a list of all device port names.
show deviceport port
Syntax
show deviceport port <Device Port List or Name>
Description
Displays the settings for one or more device ports.
show portcounters
Syntax
show portcounters [deviceport <Device Port List or Name>] [email <Email
Address>]
Description
Displays device port statistics and errors for one or more ports. You can optionally email the
displayed information.
show portcounters zerocounters
Syntax
show portcounters zerocounters <Device Port List or Name>
Description
Zeros the port counters for one or more device ports.
show portstatus
Syntax
show portstatus [deviceport <Device Port List or Name>] [email <Email
Address>]
Description
Displays the modes and states of one or more device port(s). You can optionally email the
displayed information.
SLC™ 8000 Advanced Console Manager User Guide
296
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Diagnostic Commands
diag arp
Syntax
diag arp [email <Email Address>]
Description
Displays the ARP table of IP address-to-hardware address mapping. You can optionally email the
displayed information.
diag internals
Syntax
diag internals
Description
Displays information on the internal memory, storage and processes of the SLC 8000 advanced
console manager
Note: This command is available in the CLI but not the web.
diag netstat
Syntax
diag netstat [protocol <all|tcp|udp>] [email <Email Address>]
Description
To display a report of network connections. You can optionally email the displayed information.
diag nettrace
Syntax
diag nettrace <one or more parameters>
Parmeters
ethport <1|2>
host <IP Address or Name>
numpackets <Number of Packets>
protocol <tcp|udp|icmp>
verbose <enable|disable>
SLC™ 8000 Advanced Console Manager User Guide
297
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Displays all network traffic, applying optional filters. This command is not available on the web
page.
diag lookup
Syntax
diag lookup <Hostname> [email <Email Address>]
Description
Resolves a host name into an IP address. You can optionally email the displayed information.
diag loopback
Syntax
diag loopback <Device Port Number or Name>[<parameters>]
Parameters
test <internal|external>
xferdatasize <Size In Kbytes to Transfer>
Default is 1 Kbyte.
Description
Tests a device port by transmitting data out the port and verifying that it is received correctly.
A special loopback cable comes with the SLC 8000 advanced console manager. To test a device
port, plug the cable into the device port and run this command. The command sends the specified
Kbytes to the device port and reports success or failure. The test is performed at 9600 baud. Only
an external test requires a loopback cable.
diag perfstat
Description
Display performance statistics for an Ethernet Port or Device Port, averaged over the last 5
seconds.
Syntax
diag perfstat [ethport <1|2>] [deviceport <Device Port # or Name>]
diag ping|ping6
Description
Verifies if the SLC can reach a host over the network.
diag ping|ping6 <IP Address or Name> [<parameters>]
SLC™ 8000 Advanced Console Manager User Guide
298
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
count <Number Of Times To Ping>
packetsize <Size In Bytes>
ethport <1|2>
diag sendpacket host
Description
Generate and send Ethernet packets.
Syntax
diag sendpacket host <IP Address or Name> port <TCP or UDP Port Number>
[string <Packet String>] [protocol <tcp|udp>]
[count <Number of Packets>]
diag top
Syntax
diag top [parameters]
Description
Displays CPU usage, memory usage and tasks.
Parameters
continuous <enable|disable>
count <Number of Iterations to Display>
delay <Delay in Seconds>
numlines <Number of Lines to Display>
Defaults:
count=1, delay = 5 seconds
diag traceroute
Syntax
diag traceroute <IP Address or Hostname>
Description
Displays the route that packets take to get to a network host.
SLC™ 8000 Advanced Console Manager User Guide
299
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
End Device Commands
slp auth login
Syntax
slp auth login
Parameters
slp auth login <User Login>
Description
Establishes the authentication information to log into the SLP attached to the device port.
slp envmon
Syntax
slp envmon
Description
Displays the environmental status (e.g., temperature and humidity) of the SLP.
slp outletcontrol state
Syntax
slp outletcontrol state
Parameters
slp outletcontrol state <on|off|cyclepower> [outlet <Outlet #>]
Outlet # is 1-8 for SLP8 and 1-16 for SLP16.
Description
The outletcontrol parameters control individual outlets.
slp outletstate [outlet <Outlet #>]
Syntax
slp outletstate [outlet <Outlet #>]
Description
Shows the state of all outlets or a single outlet.
SLC™ 8000 Advanced Console Manager User Guide
300
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
slp restart
Syntax
slp restart
Description
Issues the CLI command the SLP uses to restart itself.
slp system
Syntax
slp system
Description
Displays system information for the SLP.
Events Commands
admin events add
Syntax
admin events add <trigger> <response>
<trigger> is one of:
receivetrap, templimit, humidlimit, nomodemdial, or dpdatadrop.
<response> is one of:
action <fwdalltrapseth|fwdseltrapeth> ethport <1|2> nms <SNMP NMS>
community <SNMP Community> [oid <SNMP OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> deviceport <Device Port #
or Name> nms <SNMP NMS> community <SNMP Community> [oid <SNMP Trap
OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> usbport <u1|u2> nms <SNMP
NMS> community <SNMP Community> [oid <SNMP Trap OID>]
action <fwdalltrapsmodem|fwdseltrapmodem> internal modem
nms <SNMP NMS> community <SNMP Community> [oid <SNMP Trap OID>]
action <emailalert> emailaddress <destination email address>
action <syslog>
Description
Defines events.
SLC™ 8000 Advanced Console Manager User Guide
301
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
admin events delete
Syntax
admin events delete <Event ID>
Description
Deletes an event definition.
admin events edit
Syntax
admin events edit <Event ID> <parameters>
Parameters
community <SNMP Community>
deviceport <Device Port # or Name>
ethport <1|2>
nms <SNMP NMS>
oid <SNMP Trap OID>
usbport <u1|u2>
internal modem
emailaddress <destination email address>
Description
Edits event definitions.
admin events show
Syntax
admin events show
Description
Displays event definitions.
Group Commands
set groups add|edit <Group Name> [<parameters>]
Syntax
set groups add|edit <Group Name> [<parameters>]
SLC™ 8000 Advanced Console Manager User Guide
302
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
dataports <Port List>
listenports <Port List>
clearports <Port List>
escapeseq <1-10 Chars>
breakseq <1-10 Chars>
custommenu <Menu Name>
displaymenu <enable|disable>
allowdialback <enable|disable>
dialbacknumber <Phone Number>
permissions <Permission List>
Note: See 'help user permissions' for information on user rights.
Rename a group:
set groups rename <Group Name> newname <New Group Name>
Delete a group:
set groups delete <Group Name>
show groups [name <Group Name>] members <enable|disable>
Host List Commands
set hostlist add|edit <Host List Name>
Syntax
set hostlist add|edit <Host List Name> [<parameters>]
Parameters
name <Host List Name> (edit only)
retrycount <1-10>
Default is 3.
auth <enable|disable>
Description
Configures a prioritized list of hosts to be used for modem dial-in connections.
set hostlist add|edit <Host List Name> entry
Syntax
SLC™ 8000 Advanced Console Manager User Guide
303
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set hostlist add|edit <Host List Name> entry <Host Number>
[<parameters>]
Parameters
host <IP Address or Name>
protocol <ssh|telnet|tcp>
port <TCP Port>
escapeseq <1-10 Chars>
Description
Adds a new host entry to a list or edit an existing entry.
set hostlist edit <Host List Name> move
Syntax
set hostlist edit <Host List Name> move <Host Number> position <Host
Number>
Description
Moves a host entry to a new position in the host list.
set hostlist delete
Syntax
set hostlist delete <Host List> [entry <Host Number>]
Description
Deletes a host list, or a single host entry from a host list.
show hostlist
Syntax
show hostlist <all|names|Host List Name>
Description
Displays the members of a host list.
SLC™ 8000 Advanced Console Manager User Guide
304
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Internal Modem Commands
Configure the internal modem:
set intmodem <parameters>
Parameters
modemstate <disable|dialin|dialout|dialback> usesites <enable|disable>
modemmode <text|ppp>
group <Local or Remote Group Name>
timeoutlogins <disable|1-30 minutes>
modemtimeout <disable|1-9999 sec>
localipaddr <negotiate|IP Address>
restartdelay <PPP Restart Delay>
remoteipaddr <negotiate|IP Address>
calleridlogging <enable|disable>
auth <pap|chap>
calleridcmd <Modem Command String>
chaphost <CHAP Host or User Name>
initscript <Modem Init Script>
chapsecret <CHAP Secret or User Password>
nat <enable|disable>
chapauth <chaphost|localusers>
checkdialtone <disable|5-600 min>
dialbacknumber <usernumber|Phone Number>
dialoutnumber <Phone Number>
dialbackdelay <PPP Dialback Delay>
dialoutlogin <Remote User Login>
dialbackretries <1-10>
Set the dialout password:
set intmodem dialoutpassword
Display settings for the internal modem:
show intmodem
IP Filter Commands
set ipfilter state
Syntax
set ipfilter state
Description
Enables or disables IP filtering for incoming network traffic.
set ipfilter mapping
SLC™ 8000 Advanced Console Manager User Guide
305
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Syntax
set ipfilter mapping <parameters>
Parameters
ethernet <1|2> state <disable>
ethernet <1|2> state <enable> ruleset <Ruleset Name>
deviceport <1..48> state <disable>
deviceport <1..48> state <enable> ruleset <Ruleset Name>
usbport <u1|u2> state <disable>
usbport <u1|u2> state <enable> ruleset <Ruleset Name>
internal modem state <disable>
internal modem state <enable> ruleset <Ruleset Name>
Description
Maps an IP filter to an interface.
set ip filter rules
Syntax
set ipfilter rules <parameters>
Parameters
add <Ruleset Name>
delete <Ruleset Name>
edit <Ruleset Name> <Edit Parameters>
Edit Parameters:
append
insert <Rule Number>
replace <Rule Number>
delete <Rule Number>
Description
Sets IP filter rules.
Logging Commands
set deviceport port
Syntax
set deviceport port <Device Port List or Name> <one or more deviceport
parameters>
SLC™ 8000 Advanced Console Manager User Guide
306
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
emaildelay <Email Delay>
emaillogging <disable|bytecnt|charstr>
emailrestart <Restart Delay>
emailsend <email|trap|both>
emailstring <Regex String>
emailsubj <Email Subject>
emailthreshold <Byte Threshold>
emailto <Email Address>
filedir <Logging Directory>
filelogging <enable|disable>
filemaxfiles <Max # of Files>
filemaxsize <Max Size of Files>
locallogging <enable|disable>
name <Device Port Name>
nfsdir <Logging Directory>
nfslogging <enable|disable>
nfsmaxfiles <Max # of Files>
nfsmaxsize <Size in Bytes>
usblogging <enable|disable>
usbmaxfiles <Max # of Files>
usbmaxsize <Size in Bytes>
usbport <u1|u2|sd>
sysloglogging <enable|disable>
Description
Configures logging settings for one or more device ports.
Local logging must be enabled for a device port for the locallogcommands to be executed. To
use the set locallog clear command, the user must have permission to clear port buffers
Example
set deviceport port 2-5,6,12,15-16 baud 2400 locallogging enable
show locallog
Syntax
show locallog <Device Port # or Name> [bytes <Bytes To Display>]
Description
Displays a specific number of bytes of data for a device port. 1K is the default.
set locallog clear
Syntax
set locallog clear <Device Port # or Name>
SLC™ 8000 Advanced Console Manager User Guide
307
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Clears the local log for a device port.
The locallogcommands can only be executed for a device port if local logging is enabled for
the port. The set locallog clearcommand can only be executed if the user has permission
set log clear modem
Syntax
set log clear modem
Description
Clear the modem log (the modem log is automatically pruned when it reaches 50K):
set log clear modem
Syntax
set log modem ppplog
Description
Enables PPP activity messages in the modem log.
set log modem ppplog <enable|disable>
Syntax
set log modem pppdebug
Description
Enables PPP debugging messages in the modem log:
set log modem pppdebug <enable|disable>
Syntax
show log modem
Description
View the modem activity log for external modems and USB modems:
show log modem [display <head|tail>][numlines <Number of Lines>]
SLC™ 8000 Advanced Console Manager User Guide
308
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show log local
Syntax
show log local
Description
View the log for local, NFS, or USB logging (NFS and USB use the current logging settings for the
Device Port). Default is to show the log tail:
show log local|nfs|usb|sdcard <Device Port # or Name> [<parameters>]
Parameters
display <head|tail>
numlines <Number of Lines>
bytes <Bytes to Display>
startbyte <Byte Index>
logfile <NFS, USB or SD card Log File>
Defaults: bytes=1000, startbyte=1, numlines=40
Lists the NFS or USB log files, either for a specific device port, or all log files in a USB or NFS
location:
show log files nfs|usb|sdcard [localdir <NFS Mount Local Directory>]
[usbport <U1|U2>]
[deviceport <Device Port # or name>]
Network Commands
set network
Syntax
set network <parameters>
Parameters
interval <1-99999 Seconds>
ipforwarding <enable|disable>
probes <Number of Probes>
startprobes <1-99999 Seconds>
Description
Sets TCP Keepalive and IP Forwarding network parameters.
set network dns
Syntax
set network dns <1|2|3> ipaddr <IP Address>
SLC™ 8000 Advanced Console Manager User Guide
309
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Configures up to three DNS servers.
set network gateway
Syntax
set network gateway <parameters>
Parameters
default <IP Address>
precedence <dhcp|gprs|default>
alternate <IP Address>
pingip <IP Address>
ethport <1 or 2>
pingdelay <1-250 seconds>
failedpings <1-250>
Description
Sets default and alternate gateways. The alternate gateway is used if an IP address usually
accessible through the default gateway fails to return one or more pings.
set network host
Syntax
set network host <Hostname> [domain <Domain Name>]
Description
Sets the SLC host name and domain name.
set network port
Syntax
set network port <1|2> <parameters>
Parameters
mode <auto|10mbit-half|100mbit-half|10mbit-full|100mbit-full>
state <dhcp|bootp|static|disable>
[ipaddr <IP Address> mask <Mask>]
[ipv6addr <IP v6 Address/Prefix>]
Description
Configures Ethernet port 1 or 2.
show network dns
SLC™ 8000 Advanced Console Manager User Guide
310
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Syntax
show network dns
Description
Displays DNS settings.
show network gateway
Syntax
show network gateway
Description
Displays gateway settings.
show network host
Syntax
show network host
Description
Displays the network host name of the SLC 8000 advanced console manager.
show network port
Syntax
show network port <1|2>
Description
Displays Ethernet port settings and counters.
show network all
Syntax
show network all
Description
Displays all network settings.
SLC™ 8000 Advanced Console Manager User Guide
311
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
NFS and SMB/CIFS Commands
set nfs mount
Syntax
set nfs mount <one or more parameters>
Parameters
locdir <Directory>
mount <enable|disable>
remdir <Remote NFS Directory>
rw <enable|disable>
Enables or disables read/write access to remote directory.
Description
Mounts a remote NFS share.
The remdirand locdirparameters are required, but if they have been specified previously, you
do not need to provide them again.
set nfs unmount
Syntax
set nfs unmount <1|2|3>
Description
Unmounts a remote NFS share.
set cifs
Syntax
set cifs <one or more parameters>
Parameters
eth1 <enable|disable>
eth2 <enable|disable>
state <enable|disable>
workgroup <Windows workgroup>
Description
Configures the SMB/CIFS share, which contains the system and device port logs.
The admin config command saves SLC configurations on the SMB/CIFS share.
SLC™ 8000 Advanced Console Manager User Guide
312
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set cifs password
Syntax
set cifs password
Description
Changes the password for the SMB/CIFS share login (default is cifsuser).
show cifs
Syntax
show cifs
Description
Displays SMB/CIFS settings.
show nfs
Syntax
show nfs
Description
Displays NFS share settings.
Routing Commands
set routing
Syntax
set routing [parameters]
Parameters
rip <enable|disable>
route <1-64> ipaddr <IP Address> mask <Netmask> gateway <IP Address>
static <enable|disable>
version <1|2|both>
Description
Configures static or dynamic routing.
To delete a static route, set the IP address, mask, and gateway parameters to 0.0.0.0.
SLC™ 8000 Advanced Console Manager User Guide
313
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show routing
Syntax
show routing [resolveip <enable|disable>] [email <Email Address>]
Description
Sets the routing table to display IP addresses (disable) or the corresponding host names (enable).
You can optionally email the displayed information.
SD Card Commands
Enables or disables access to SD Card devices:
set sdcard access <enable|disable>
Mounts a SD Card for use as a storage device. The SD Card can be used for saving
configurations, firmware updates and device logging.
set sdcard mount
Unmounts a SD Card:
set sdcard unmount
Formats a SD Card:
set sdcard format [filesystem <ext2|fat16|fat32>]
Defaults: filesystem=ext2
Runs a filesystem check on a SD Card (recommended if it does not mount):
set sdcard fsck
Displays a directory listing of a SD Card:
set sdcard dir
Renames a file on a SD Card:
set sdcard rename <Filename> newfile <New Filename>
Copies a file on a SD Card:
set sdcard copy <Filename> newfile <New Filename>
Removes a file on a SD Card:
set sdcard delete <Current Filename>
Displays information about the SD Card device:
show sdcard
SLC™ 8000 Advanced Console Manager User Guide
314
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Security Commands
set security
Description
Configures SLC security and FIPS settings.
Parameters
set security <parameters>
fipsmode
Parameters
fipsmode <enable|disable>
show security
Description
Displays security settings and current status.
Parameters
show security
Services Commands
set services
Syntax
set services <one or more services parameters>
Parameters
alarmdelay <1-6000 Seconds>
auditlog <enable|disable>
auditsize <Size in Kbytes>
Limit is 1-500 Kbytes
authlog <off|error|warning|info|debug>
clicommands <enable|disable>
contact <Admin contact info>
devlog <off|error|warning|info|debug>
diaglog <off|error|warning|info|debug>
genlog <off|error|warning|info|debug>
includesyslog <enable|disable>
SLC™ 8000 Advanced Console Manager User Guide
315
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
location <Physical Location>
netlog <off|error|warning|info|debug>
nms1 <IP Address or Name>
nms2 <IP Address or Name>
phonehome <enable|disable>
phoneip <IP Address>
portssh <TCP Port>
rocommunity <Read-Only Community Name>
rwcommunity <Read-Write Community Name>
Sets a password for an SNMP manager to access the read-only data the SLC SNMP agent
provides and to modify data where permitted.
servlog <off|error|warning|info|debug>
smtpserver <IP Address or Hostname>
snmp <enable|disable>
ssh <enable|disable>
syslogserver1 <IP Address or Name>
syslogserver2 <IP Address or Name>
telnet <enable|disable>
timeoutssh <disable or 1-30>
timeouttelnet <disable or 1-30>
traps <enable|disable>
trapcommunity <Trap Community>
v1ssh <enable|disable>
v1v2 <enable|disable>
v3password <Password for v3 auth>
v3user <User for v3 auth>
v3user <V3 RO User>
v3rwuser <V3 RW User>
v3security <noauth|auth|authencrypt>
v3auth <md5|sha>
v3encrypt <des|aes>
webssh <enable|disable
webtelnet <enable|disable>
Description
Configures services (system logging, SSH and Telnet access, SSH and Telnet timeout, SNMP
agent, email [SMTP] server, and audit log.)
Set SNMP v3 read-only password/passphrase or read-write password/passphrase.
Syntax
set services v3password|v3phrase|v3rwpassword|v3rwphrase
show services
Syntax
show services
SLC™ 8000 Advanced Console Manager User Guide
316
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Displays current services.
SLC Network Commands
set slcnetwork
Syntax
set slcnetwork <one or more parameters>
Parameters
add <IP Address>
delete <IP Address>
search <localsubnet|ipaddrlist|both>
Description
Detects and displays all SLC 8000 advanced console manager or user-defined IP addresses on
the local network.
show slcnetwork
Syntax
show slcnetwork [ipaddrlist <all|Address Mask>]
Description
Detects and displays all SLC 8000 advanced console managers on the local network.
Without the ipaddrlist parameter, the command searches the SLC network. With the
ipaddrlistparameter, the command displays a sorted list of all IP addresses or displays the IP
addresses that match the mask (for example, 172.19.255.255 would display all IP addresses that
start with 172.19).
SSH Key Commands
set sshkey all export
Syntax
set sshkey allexport <ftp|scp|copypaste> [pubfile <Public Key
File>][host <IP Address or Name>] [login <User Login>][path <Path to Copy
Keys>]
SLC™ 8000 Advanced Console Manager User Guide
317
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Exports the public keys all of the previously created SSH keys.
set sshkey delete
Syntax
set sshkey delete <one or more parameters>
Parameters
keyhost <SSH Key Host>
keyname <SSH Key Name>
keyuser <SSH Key User>
Description
Deletes an ssh key.
Specify the keyuserand keyhostto delete an imported key; specify the keyuserand keyname
to delete exported key.
set sshkey export
Syntax
set sshkey export <ftp|scp|copypaste> <one or more parameters>
Parameters
[format <openssh|secsh>]
[host <IP Address or Name>]
[login <User Login>]
[path <Path to Copy Key>]
bits <1024|2048|4096>
keyname <SSH Key Name>
keyuser <SSH Key User>
type <rsa|dsa>
Description
Exports an sshkey.
set sshkey import
Syntax
set sshkey import
Description
set sshkey import <ftp|scp|copypaste> <one or more parameters>
SLC™ 8000 Advanced Console Manager User Guide
318
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[path <Path to Public Key File>]
file <Public Key File>
host <IP Address or Name>
login <User Login>
Description
Imports an SSH key.
set sshkey server import type
Syntax
set sshkey server import type <rsa1|rsa|dsa> via <sftp|scp>
pubfile <Public Key File> privfile <Private Key File>
host <IP Address or Name> login <User Login> [path <Path to Key File>]
Description
Imports an SLC host key.
set sshkey server reset
Syntax
set sshkey server reset [type <all|rsa1|rsa|dsa>]
Description
Resets defaults for all or selected host keys.
show sshkey export
Syntax
show sshkey export <one or more parameters>
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[viewkey <enable|disable>]
Description
Displays all exported keys or keys for a specific user, IP address, or name.
show sshkey import
SLC™ 8000 Advanced Console Manager User Guide
319
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Syntax
show sshkey import <one or more parameters>]
Parameters
[keyhost <SSH Key IP Address or Name>]
[keyuser <SSH Key User>]
[viewkey <enable|disable>]
Description
Displays all keys that have been imported or keys for a specific user, IP address, or name.
show sshkey server
Syntax
show sshkey server [type <all|rsa1|rsa|dsa>]
Description
Displays host keys (public key only).
Status Commands
show connections
Syntax
show connections [email <Email Address>]
Description
Displays a list of current connections. Optionally emails the displayed information. The connection
IDs are in the left column of the resulting table. The connection ID associated with a particular
connection may change if the connection times out and is restarted.
show connections connid
Syntax
show connections connid <Connection ID> [email <Email Address>].
Description
Provides details, for example, endpoint parameters and trigger, for a specific connection.
Optionally emails the displayed information.
Note: Use the basic show connections command to obtain the Connection ID.
SLC™ 8000 Advanced Console Manager User Guide
320
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show portcounters
Syntax
show portcounters [deviceport <Device Port List or Name>] [email <Email
Address>]
Description
Generates a report for one or more ports. Optionally emails the displayed information.
show portstatus
Syntax
show portstatus [deviceport <Device Port List or Name>] [email <Email
Address>]
Description
Displays device port modes and states for one or more ports. Optionally emails the displayed
information.
show sysconfig
Syntax
show sysconfig [display <basic|auth|devices>] [email <Email Address]
Description
Displays a snapshot of all configurable parameters. Optionally emails the displayed information.
show sysstatus
Syntax
show sysstatus [email <Email Address>]
Description
To display the overall status of all SLC units. Optionally emails the displayed information.
System Log Commands
show syslog
Syntax
show syslog [<parameters>]
SLC™ 8000 Advanced Console Manager User Guide
321
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Parameters
[email <Email Address>]
level <error|warning|info|debug>
log <all|netlog|servlog|authlog|devlog|diaglog|genlog>
display <head|tail> [numlines <Number of Lines>]
starttime <MMDDYYhhmm[ss]>
endtime <MMDDYYhhmm[ss]>
Description
Displays the system logs containing information and error messages.
Note: The level, display, and time parameters cannot be used simultaneously.
show syslog clear
Syntax
show syslog clear <all|netlog|servlog|authlog|devlog|diaglog|genlog>
Description
Clears one or all of the system logs.
USB Access Commands
set usb access
Syntax
set usb access <enable|disable>
Description
Enables or disables access to USB devices.
USB Storage Commands
set usb storage dir
Syntax
set usb storage dir <U1|U2>
Description
Views a directory listing of a USB flash drive.
SLC™ 8000 Advanced Console Manager User Guide
322
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set usb storage fsck
Syntax
set usb storage fsck <U1|U2>
Description
Runs a file system check.
set usb storage format
Syntax
set usb storage format <U1|U2> [filesystem <ext2|fat16|fat32>]
Description
Formats a USB flash drive.
set usb storage mount
Syntax
set usb storage mount <U1|U2>
Description
Mounts a USB flash drive in the SLC 8000 advanced console manager for use as a storage
device.
The USB flash drive must be formatted with an ext2 or FAT file system before you mount it.
set usb storage unmount
Syntax
set usb storage unmount <U1|U2>
Description
Unmounts a USB flash drive. Enter this command before removing the USB device.
set usb storage rename
Description
Renames a file on a thumb drive.
Syntax
set usb storage rename <U1|U2> file <Filename> newfile <New Filename>
SLC™ 8000 Advanced Console Manager User Guide
323
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
set usb storage copy
Description
Copies a file on a thumb drive.
Syntax
set usb storage copy <U1|U2> file <Filename> newfile <New Filename>
set usb storage delete
Description
Removes a file on a thumb drive.
Syntax
set usb storage delete <U1|U2> file <Current Filename>
show usb storage
Description
Display product information and settings for any USB thumb drive.
Syntax
show usb storage
USB Modem Commands
set usb modem
Syntax
set usb modem <u1|u2> <parameters>
Parameters
auth <pap|chap>
baud <300-230400>
9600 is the default.
calleridcmd <Modem Command String>
calleridlogging <enable| disable>
chaphost <CHAP Host or User Password>
chapsecret <CHAP Secret or User Password>
chapauth <chaphost|localusers>
databits <7|8>
SLC™ 8000 Advanced Console Manager User Guide
324
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
dialbacknumber <usernumber|Phone Number>
dialbackdelay <PPP Dialback Delay>
dialbackretries <1-10>
dialoutlogin <User Login>
dialoutnumber <Phone Number>
dodauth <pap|chap>
dodchaphost <CHAP Host or User Name>
dodchapsecret <CHAP Secret or User Password>
flowcontrol <none|xon/xoff|rts|cts>
initscript <Initialization Script>
isdnchannel <1|2>
isdnnumber <Phone Number>
localipaddr <negotiate|IP Address>
modemmode <text|ppp>
modemstate <disable|dialout|dialin|dialback|dialondemand|
dialin+dialondemand|cbcpserver|cbcpclient|dialback+ondemand|dialinhostli
st>
modemtimeout <disable|1-9999 seconds>
parity <none|odd|even>
remoteipaddr <negotiate|IP Address>
restartdelay <PPP Restart Delay>
service <none|telnet|ssh|tcp>
sshauth <enable|disable>
sshport <TCP Port>
stopbits <1|2>
tcpauth <enable|disable>
tcpport <TCP Port>
telnetauth <enable|disable>
telnetport <TCP Port>
timeoutlogins <disable|1-30>
Description
Configures a currently loaded USB Modem.
Set the dialout password:
set usb modem <U1|U2> dialoutpassword
Display product information and settings for any USB modem:
show usb modem
VPN Commands
set vpn
Syntax
set vpn
SLC™ 8000 Advanced Console Manager User Guide
325
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
Description
Configures setting for an IPsec VPN tunnel.
Parameters
set vpn <parameters>
name <VPN Tunnel Name>
ethport <1|2>
auth <rsa|psk>
remotehost <Remote Host IP Address or Name>
remoteid <Authentication Name>
remotehop <IP Address>
remotesubnet <one or more subnets in CIDR notation>
localid <Authentication name>
localhop <IP Address>
localsubnet <one or more subnets in CIDR notation>
ikenegotation <main|aggressive>
ikeenc <any|3des|aes>
ikeauth <any|sha1|md5>
ikedhgroup <any|dh2|dh5>
espec <any|3des|aes>
espauth <any|sha1|md5>
espdhgroup <any|dh2|dh5>
pfs <enable|disable>
modeconfig <enable|disable>
xauthclient <enable|disable>
xauthlogin <User Login>
Enter RSA public key or Pre-Shared Key of remote host:
set vpn key
Enter XAUTH password:
set vpn xauthpassword
show vpn
Syntax
show vpn
Description
Shows the settings for the IPsec VPN tunnel.
Parameters
Display all VPN settings and current status:
show vpn [email <Email Address>]
Display detailed VPN status:
show vpn status [email <Email Address>]
Display VPN logs:
SLC™ 8000 Advanced Console Manager User Guide
326
Download from Www.Somanuals.com. All Manuals Search And Download.
14: Command Reference
show vpn viewlog [numlines <Number of Lines] [email <Email Address>]
Display RSA public key of the SLC:
show vpn rsakey
set temperature
Syntax
set temperature
Description
Sets the acceptable range for the internal temperature sensor (an SNMP trap is sent if the
temperature is outside of this range). Temperatures can be entered in either Celsius or
Fahrenheit; to indicate a temperature is Fahrenheit, append the degrees with an ‘F’, i.e., “75F”.
Parameter
set temperature <one or more parameters>
Parameters: low <Low Temperature in C. or F.>
high <High Temperature in C. or F.>
calibrate <Temperature Calibration in C. or F.|cancel>
Note: The calibration offset will be applied one hour after setting the value.
Description
Displays the acceptable range and the current reading from the internal temperature sensor.
show temperature
Syntax
show temperature
Description
Shows the temperature.
SLC™ 8000 Advanced Console Manager User Guide
327
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix A: Security Considerations
The SLC advanced console manager provides data path security by means of SSH or Web/SSL.
Even with the use of SSH/SSL, however, do not assume you have complete security. Securing the
data path is only one measure needed to ensure security. This appendix briefly discusses some
important security considerations.
Security Practice
Develop and document a Security Practice. The Security Practice should state:
The dos and don'ts of maintaining security. For example, the power of SSH and SSL is
compromised if users leave sessions open or advertise their password.
The assumptions that users can make about the facility and network infrastructure, for
example, how vulnerable the CAT 5 wiring is to tapping.
Factors Affecting Security
External factors affect the security provided by the SLC unit, for example:
Telnet sends the login exchange as clear text across Ethernet. A person snooping on a subnet
may read your password.
A terminal to the SLC may be secure, but the path from the SLC 8000 advanced console
manager to the end device may not be secure.
With the right tools, a person with physical access to open the SLC unit may be able to read
the encryption keys.
There is no true test for a denial-of-service attack. There is always a legitimate scenario for a
request storm. A denial-of-service filter locks out some high-performance automated/scripted
requests. The SLC 8000 advanced console manager will attempt to service all requests and
will not filter out potential denial-of-service attacks.
SLC™ 8000 Advanced Console Manager User Guide
328
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix B: Safety Information
Safety Precautions
Please follow the safety precautions described below when installing and operating the SLC
advanced console manager.
Cover
Do not remove the cover of the chassis. There are no user-serviceable parts inside. Opening
or removing the cover may expose you to dangerous voltage that could cause fire or electric
shock. The exception is access to the internal modem and RTC battery. For these you don't
have to remove the chassis cover, but just the battery modem door.
Refer all servicing to Lantronix.
Power Plug
When disconnecting the power cable from the socket, pull on the plug, not the cord.
Always connect the power cord to a properly wired and grounded power source. Do not use
adapter plugs or remove the grounding prong from the cord.
Only use a power cord with a voltage and current rating greater than the voltage and current
rating marked on the SLC unit.
Install the SLC 8000 advanced console manager near an AC outlet that is easily accessible.
Always connect any equipment used with the product to properly wired and grounded power
sources.
To help protect the product from sudden, transient increases and decreases in electrical
power, use a surge suppressor, line conditioner, or uninterruptible power supply (UPS).
Do not connect or disconnect this product during an electrical storm.
Input Supply
Caution: Disconnect all power supply sources before servicing to avoid electric
shock.
Check nameplate ratings to assure there is no overloading of supply circuits that could affect
over current protection and supply wiring.
Grounding
1. Maintain reliable grounding of this product.
2. Pay particular attention to supply connections when connecting to power strips, rather than
directly to the branch circuit.
Fuses
For protection against fire, replace the power-input-module fuse with the same type and rating.
SLC™ 8000 Advanced Console Manager User Guide
329
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix B: Safety Information
Rack
If rack mounted SLC 8000 advanced console managers are installed in a closed or multi-unit rack
assembly, they may require further evaluation by Certification Agencies. The following items must
be considered:
Do not install the SLC unit in a rack in such a way that a hazardous stability condition results
because of uneven loading. A drop or fall could cause injury.
The ambient temperature (Tma) inside the rack may be greater than the room ambient
temperature. Make sure to install the SLC 8000 advanced console manager in an environment
with an ambient temperature less than the maximum operating temperature of the SLC unit.
Install the equipment in a rack in such a way that the amount of airflow required for safe
operation of the equipment is not compromised.
Mount the equipment in the rack so that a hazardous condition is not achieved due to uneven
mechanical loading.
Maintain reliable earthing of rack-mounted equipment. Give particular attention to supply
connections other than direct connections to the branch circuit (e.g. use of power strips).
Before operating the SLC 8000 advanced console manager, make sure the SLC unit is
secured to the rack.
Port Connections
Only connect the network port to an Ethernet network that supports 10/100/1000 Base-T.
Only connect device ports to equipment with serial ports that support EIA-232 (formerly RS-
232C).
Only connect the console port to equipment with serial ports that support EIA-232 (formerly
RS-232C).
SLC™ 8000 Advanced Console Manager User Guide
330
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix C: Adapters and Pinouts
The serial device ports of the SLC products match the RJ45 pinouts of the console ports of many
popular devices found in a network environment. The SLC advanced console manager uses
conventional straight-through Category 5 fully pinned network cables for all connections when
used with Lantronix adapters. The cables are available in various lengths.
In most cases, you will need an adapter for your serial devices. Lantronix offers a variety of RJ45-
to-serial connector adapters for many devices. These adapters convert the RJ45 connection on
the SLC unit to a 9-pin or 25-pin serial connector found on other manufacturers' serial devices or
re-route the serial signals for connections to other devices that use RJ45 serial connectors.
Please check the cabling database on the Lantronix Web site at www.lantronix.com for suggested
cables and adapters for commonly used serial devices.
The console port is wired the same way as the device ports and has the same signal options.
Note: You can view or change the console port settings using the LCDs and keypads on
console portand set consoleportcommands.
The adapters illustrated below are compatible with the Lantronix SLC models.
Figure C-1 RJ45. Receptacle to DB25M DCE Adapter for the SLC unit (PN 200.2066A)
Use PN 200.2066A adapter with a dumb terminal or with many SUN applications.
SLC™ 8000 Advanced Console Manager User Guide
331
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix C: Adapters and Pinouts
Figure C-2 RJ45 Receptacle to DB25F DCE Adapter for the SLC unit (PN 200.2067A)
Figure C-3 RJ45 Receptacle to DB9M DCE Adapter for the SLC unit (PN 200.2069A)
SLC™ 8000 Advanced Console Manager User Guide
332
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix D: Protocol Glossary
BOOTP (Bootstrap Protocol)
Similar to DHCP, but for smaller networks. Automatically assigns the IP address for a specific
duration of time.
CHAP (Challenge Handshake Authentication Protocol)
A secure protocol for connecting to a system; it is more secure than the PAP.
DHCP (Dynamic Host Configuration Protocol)
Internet protocol for automating the configuration of computers that use TCP/IP.
DNS (Domain Name Servers)
A system that allows a network nameserver to translate text host names into numeric IP addresses.
IPsec
A protocol suite for securing Internet Protocol (IP) communications by authenticating and
encrypting each IP packet of a communication session.
Kerberos
A network authentication protocol that provides strong authentication for client/server applications
by using secret-key cryptography.
LDAP (Lightweight Directory Access Protocol)
A protocol for accessing directory information.
NAT (Network Address Translation)
An Internet standard that enables a LAN to use one set of IP addresses for internal traffic and a
second set of addresses for external traffic. This enables a company to shield internal addresses
from the public Internet.
NFS (Network File System)
A protocol that allows file sharing across a network. Users can view, store, and update files on a
remote computer. You can use NFS to mount all or a portion of a file system. Users can access
the portion mounted with the same privileges as the user's access to each file.
NIS (Network Information System)
System developed by Sun Microsystems for distributing system data such as user and host names
among computers on a network.
NMS (Network Management System)
NMS acts as a central server, requesting and receiving SNMP-type information from any computer
using SNMP.
SLC™ 8000 Advanced Console Manager User Guide
334
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix D: Protocol Glossary
NTP (Network Time Protocol)
A protocol used to synchronize time on networked computers and equipment.
PAP (Password Authentication Protocol)
A method of user authentication in which the username and password are transmitted over a
network and compared to a table of name-password pairs.
PPP (Point-to-Point Protocol)
A protocol for creating and running IP and other network protocols over a serial link.
RADIUS (Remote Authentication Dial-In User Service)
An authentication and accounting protocol. Enables remote access servers to communicate with a
central server to authenticate dial-in users and their access permissions. A company stores user
profiles in a central database that all remote servers can share.
SMB/CIFS
(Server Message Block/Common Internet File System): Microsoft's protocol for allowing all
applications as well as Web browsers to share files across the Internet. CIFS runs on TCP/IP and
uses the SMB protocol in Microsoft Windows for accessing files. With CIFS, users with different
platforms and computers can share files without having to install new software.
SNMP (Simple Network Management Protocol)
A protocol that system administrators use to monitor networks and connected devices and to
respond to queries from other network hosts.
SMTP (Simple Mail Transfer Protocol)
TCP/IP protocol for sending email between servers.
SSL (Secure Sockets Layer)
A protocol that provides authentication and encryption services between a web server and a web
browser.
SSH (Secure Shell)
A secure transport protocol based on public-key cryptography.
TACACS+ (Terminal Access Controller Access Control System)
A method of authentication used in UNIX networks. It allows a remote access server to
communicate with an authentication server to determine whether the user has access to the
network.
Telnet
A terminal protocol that provides an easy-to-use method of creating terminal connections to a
network host.
SLC™ 8000 Advanced Console Manager User Guide
335
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix E: Compliance Information
Manufacturer’s Name & Address
Lantronix Inc., 167 Technology Drive, Irvine, CA 92618 USA
Declares that the following product:
Product Name(s): SLC™ Advanced Console Manager
Conforms to the following standards or other normative documents:
Safety: Low Voltage Directive (2006/95/EC)
IEC 60950-1:2005 (2nd Edition); Am 1:2009 + EN 60950-1:2006 + A1:2010 + A11:2009 +
A12:2011
UL 60950-1, 2nd Edition, 2011-12-19 (Information Technology Equipment - Safety - Part 1:
General Requirements)
CSA C22.2 No. 60950-1-07, 1st Edition, 2011-12 (Information Technology Equipment - Safety -
Part 1: General Requirements)
Electromagnetic Emissions
EN 55022: 2011 (IEC/CISPR 22: 2008) FCC Part 15, Subpart B, Class A
EN 61000-3-2: 2006 / A2:2009 and EN 61000-3-3:
Electromagnetic Immunity
EN 55024: 2010 Information Technology Equipment-Immunity Characteristics
EN 61000-4-2: 2008 Electro-Static Discharge Test
EN 61000-4-3: 2010 Radiated Immunity Field Test
EN 61000-4-4: 2012 Electrical Fast Transient Test
EN 61000-4-5: 2014 Power Supply Surge Test
EN 61000-4-6: 2013 Conducted Immunity Test
EN 61000-4-8: 2009 Magnetic Field Test
EN 61000-4-11: 2004 Voltage Dips & Interrupts
Supplementary Information
This Class A digital apparatus complies with Canadian ICES-003 (CSA) and has been verified as
being compliant within the Class A limits of the FCC Radio Frequency Device Rules (FCC Title 47,
Part 15, Subpart B CLASS A), measured to CISPR 22: 2008 limits and methods of measurement
of Radio Disturbance Characteristics of Information Technology Equipment. The product complies
with the requirements of the Low Voltage Directive 72/23/EEC and the EMC Directive 89/336/
EEC.
Additional Agency Approvals and Certifications
VCCI
UL/CUL
C-Tick
CB Scheme
NIST-certified implementation of AES as specified by FIPS 197
SLC™ 8000 Advanced Console Manager User Guide
336
Download from Www.Somanuals.com. All Manuals Search And Download.
Appendix E: Compliance Information
This product carries the CE mark since it has been tested and found compliant with the following
standards:
Safety: EN 60950-1
Emissions: EN 55022 Class A
Immunity: EN 55024
Manufacturer’s Contact
Lantronix, Inc.
167 Technology Drive, Irvine, CA 92618 USA
Tel:949-453-3990
Fax:949-453-3995
RoHS Notice
All Lantronix products in the following families are China RoHS-compliant and free of the following hazardous
substances and elements:
Lead (Pb)
Mercury (Hg)
Polybrominated biphenyls (PBB)
Cadmium (Cd)
Product Family Name
Hexavalent Chromium (Cr (VI))
Polybrominated diphenyl ethers (PBDE)
Toxic or hazardous Substances and Elements
Lead
(Pb)
Mercury Cadmium Hexavalent
Polybrominated
Polybrominated diphenyl
ethers (PBDE)
(Hg)
(Cd)
Chromium (Cr biphenyls (PBB)
(VI))
DSC
EDS
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
0
IntelliBox
MatchPort
Micro
MSS100
PremierWave
SCS
SecureBox
SLB
SLC
SLP
Spider and Spider Duo
UBox
UDS1100 and 2100
WiBox
WiPort
xDirect
xPico
XPort
XPress DR & XPress-
DR+
xPrintServer
xSenso
0
0
0
0
0
0
0
0
0
0
0
0
O: toxic or hazardous substance contained in all of the homogeneous materials for this part is below the limit
requirement in SJ/T11363-2006.
X: toxic or hazardous substance contained in at least one of the homogeneous materials used for this part is above the
limit requirement in SJ/T11363-2006.
SLC™ 8000 Advanced Console Manager User Guide
337
Download from Www.Somanuals.com. All Manuals Search And Download.
|