Home » Lantronix Manuals » Electronics Accessories » Lantronix SLC 8000 » Manual Viewer

Lantronix SLC 8000 User Guide - Page 84

Version 3, V3 Read-Only User, V3 Read-Write User, SNMP, SSH, Telnet, and Logging Commands

Add to My Manuals
Save this manual to your list of manuals

Page 84 highlights

7: Services Version 3 Security Auth with Encrypt with Levels of security available with SNMP v. 3.  No Auth/No Encrypt: No authentication or encryption.  Auth/No Encrypt: Authentication but no encryption. (default)  Auth/Encrypt: Authentication and encryption. For Auth/No Encryp or Auth/Encrypt, the authentication method:  MD5: Message-Digest algorithm 5 (default)  SHA: Secure Hash Algorithm Encryption standard to use:  DES: Data Encryption Standard (default)  AES: Advanced Encryption Standard V3 Read-Only User User Name SNMP v3 is secure and requires user-based authorization to access SLC MIB objects. Enter a user ID. The default is snmpuser. Up to 20 characters. Password/Retype Password for a user with read-only authority to use to access SNMP v3. The default is Password SNMPPASS. Up to 20 characters. Passphrase/ Retype Passphrase Passphrase associated with the password for a user with read-only authority. Up to 20 characters. V3 Read-Write User User Name SNMP v3 is secure and requires user-based authorization to access SLC MIB objects. Enter a user ID for users with read-write authority. The default is snmprwuser. Up to 20 characters. Password/ Password for the user with read-write authority to use to access SNMP v3. The default Retype Password is SNMPRWPASS. Up to 20 characters. Passphrase/ Retype Passphrase Passphrase associated with the password for a user with read-write authority. Up to 20 characters. 3. To save, click the Apply button. SNMP, SSH, Telnet, and Logging Commands The following CLI commands correspond to the web page entries described above. To configure services (system logging, SSH and Telnet access, SSH and Telnet timeout, SNMP agent, email (SMTP) server, and audit log): set services Parameters alarmdelay auditlog auditsize Range is 1-500 Kbytes. authlog clicommands SLC™ 8000 Advanced Console Manager User Guide 84

Section	Page
SLC 8000 Advanced Console Manager User Guide	1
Intellectual Property	2
Warranty	2
Open Source Software	2
Contacts	2
Disclaimer & Revisions	3
User Information	3
Revision History	3
Table of Contents	4
List of Figures	13
List of Tables	16
1: About this Guide	17
Purpose and Audience	17
Summary of Chapters	17
Additional Documentation	18
2: Introduction	19
Features	19
Console Management	19
Power	20
Hardware	20
System Features	21
Protocols Supported	22
Access Control	22
Device Port Buffer	22
Configuration Options	22
Device Port Interfaces	23
RS-232 RJ45 Interface	23
USB Interface	23
Network Connections	25
Front Panel USB Ports	26
Memory Card Port	26
Internal Modem	27
3: Installation	28
What's in the Box	28
Product Information Label	28
Technical Specifications	29
Physical Installation	30
To install the SLC 8000 advanced console manager in a rack:	30
Connecting to a Device Port	31
To connect to a serial RJ45 device port:	31
To connect to a USB device port:	32
Modular Expansion for I/O Module Bays	33
Connecting to Network Ports	33
Connecting Terminals	34
To connect a terminal:	34
AC Input	34
Modem Installation	35
MODEM PART NUMBER	35
MODEM SERVICING INSTRUCTIONS	35
Battery Replacement	38
Battery Part Numbers	38
DISPOSAL OF USED BATTERIES (from battery data sheet)	38
Battery Replacement Instructions	38
4: Quick Setup	42
Recommendations	42
IP Address	42
Method #1 Using the Front Panel Display	43
Before you begin, ensure that you have:	43
Front Panel LCD Display and Keypads	43
Navigating	43
Entering the Settings	45
Restoring Factory Defaults	46
To use the LCD display to restore factory default settings:	46
Method #2 Quick Setup on the Web Page	46
To complete the Quick Setup page:	46
Network Settings	48
Date & Time Settings	48
Administrator Settings	49
Method #3 Quick Setup on the Command Line Interface	49
To complete the command line interface Quick Setup script:	49
Next Step	52
5: Web and Command Line Interfaces	53
Web Manager	53
Logging in	55
To log in to the SLC Web Manager:	55
Logging Out	55
To log off the SLC web interface:	55
Web Page Help	55
To view detailed information about an SLC web page:	55
Command Line Interface	55
Logging In	56
To log in to the SLC command line interface:	56
To log in any other user:	56
Logging Out	56
Command Syntax	56
Command Line Help	57
Tips	57
To configure the current command line session:	57
To set the number of lines displayed by a command:	58
To show current CLI settings:	58
To view the last 100 commands entered in the session:	58
To clear the command history:	58
To view the rights of the currently logged-in user:	58
6: Basic Parameters	59
Requirements	59
To enter settings for one or both network ports:	60
Ethernet Interfaces (Eth1 and Eth2)	61
Gateway	62
Hostname & Name Servers	62
DNS Servers	63
DHCP-Acquired DNS Servers	63
TCP Keepalive Parameters	63
Ethernet Counters	63
Network Commands	63
To configure Ethernet port 1 or 2:	63
Parameters	63
To configure up to three DNS servers:	63
To set the default and alternate network gateways:	64
To set the SLC host name and domain name:	64
To set TCP Keepalive and IP Forwarding network parameters:	64
To view all network settings:	64
To view Ethernet port settings and counters:	64
To view DNS settings:	64
To view gateway settings:	64
To view the host name of the SLC 8000 advanced console manager:	64
IP Filter	65
Viewing IP Filters	65
To view a list of IP filters:	65
Mapping Rulesets	65
To map a ruleset to a network interface:	65
To delete a mapping:	66
Enabling IP Filters	66
To enable IP filters:	66
Configuring IP Filters	67
To add an IP filter:	67
Rule Parameters	68
Updating an IP Filter	68
To update an IP filter rule set:	68
Deleting an IP Filter	69
To delete an IP filter rule set:	69
IP Filter Commands	69
To enable or disable IP filtering for incoming network traffic:	69
To set IP filter mapping:	69
To set IP filter rules:	69
Routing	70
To configure routing settings:	70
Dynamic Routing	70
Static Routing	70
Equivalent Routing Commands	71
To configure static or dynamic routing:	71
To set the routing table to display IP addresses (disable) or the corresponding host names (enable):	71
VPN	71
To complete the VPN page:	72
Configuring an IPsec VPN Tunnel through the CLI	75
Security	75
To enable FIPS:	77
To disable FIPS:	77
7: Services	78
System Logging and Other Services	78
SSH/Telnet/Logging	79
System Logging	79
Audit Log	80
SMTP	80
SSH	80
Telnet	81
Web SSH/Web Telnet Settings	81
Phone Home	81
SNMP	82
Communities	83
Version 3	84
V3 Read-Only User	84
V3 Read-Write User	84
SNMP, SSH, Telnet, and Logging Commands	84
To configure services (system logging, SSH and Telnet access, SSH and Telnet timeout, SNMP agent, email (SMTP) server, and audit log):	84
To set SNMP v3 read-only password or passphrase, or read-write password or passphrase:	85
To view current services:	85
NFS and SMB/CIFS	86
To configure NFS and SMB/CIFS:	86
SMB/CIFS Share	87
NFS and SMB/CIFS Commands	87
To mount a remote NFS share:	87
To unmount a remote NFS share:	88
To view NFS share settings:	88
To configure the SMB/CIFS share, which contains the system and device port logs:	88
To change the password for the SMB/CIFS share login (default is cifsuser):	88
To view SMB/CIFS settings:	88
Secure Lantronix Network	88
To access vSLM management appliances, SLC and SLB console managers, and Lantronix Spider devices on the local network:	88
To directly access the web interface for a secure Lantronix device:	90
To directly access the CLI interface for a device:	90
To directly access a specific port on a particular device:	91
To configure how secure Lantronix devices are searched for on the network:	92
Secure Lantronix Network Commands	93
To detect and view all SLC advanced console managers or user-defined IP addresses on the local network:	93
To detect and display all SLC and SLB console managers and Lantronix Spider devices on the local network:	93
Date and Time	93
To set the local date, time, and time zone:	94
To synchronize the SLC 8000 advanced console manager with a remote timeserver using NTP:	94
Date and Time Commands	95
To set the local date, time, and local time zone (one parameter at a time):	95
To view the local date, time, and time zone:	95
To synchronize the SLC 8000 unit with a remote time server using NTP:	95
To view NTP settings:	95
Web Server	96
To configure the Web Server:	96
Admin Web Commands	97
To configure the timeout for web sessions:	97
To configure the strength of the cipher used by the web server	98
To enable or disable iGoogle Gadget web content:	98
To configure the group that can access the web:	98
To enable or disable the web server (TCP ports 80 and 443):	98
To configure the banner displayed on the web home page:	98
To define a list of network interfaces the web is available on:	98
To terminate a web session:	98
To view the current sessions and their ID:	98
To restart the web server:	98
To import an SSL certificate or reset the web server certificate to the default:	98
Services - Web Sessions	99
To view or terminate current web sessions:	99
Services - SSL Certificate	99
To view, reset, import, or change an SSL Certificate:	99
iGoogle Gadgets	101
To set up an SLC iGoogle gadget:	101
8: Device Ports	103
Connection Methods	103
Permissions	103
I/O Modules	104
Device Status	105
Device Ports	106
To set up Telnet, SSH, and TCP port numbering:	107
Telnet/SSH/TCP in Port Numbers	107
To set limits on direct connections:	107
To configure a specific port:	107
Global Commands	108
To configure settings for all or a group of device ports:	108
To view global settings for device ports:	108
Device Ports - Settings	109
To open the Device Ports - Settings page:	109
Device Port Settings	111
IP Settings	112
Data Settings	113
Hardware Signal Triggers	113
Modem Settings (Device Ports)	114
Modem Settings: Text Mode	115
Modem Settings: PPP Mode	115
Port Status and Counters	117
Device Ports - SLP / ServerTech CDU Device	117
To open the Device Ports - SLP page:	117
To enter SLP commands:	118
Status/Info	119
Commands	119
Device Port - Sensorsoft Device	119
Device Port Commands	120
To configure a single port or a group of ports (for example, set deviceport port 2-5,6,12,15- 16 baud 2400):	120
To set the dialout password and CHAP secrets:	121
To view the settings for one or more device ports:	122
To view a list of all device port names:	122
To view a list of all device port types (RJ45 or USB):	122
To view the modes and states of one or more device port(s):	122
To view device port statistics and errors for one or more ports:	122
To zero the port counters for one or more device ports:	122
Device Commands	122
To send commands to (or control) a device connected to an SLC unit port over the serial port:	122
Interacting with a Device Port	124
To connect to a device port to monitor it:	124
To connect to a device port to monitor and/or interact with it, or to establish an outbound network connection:	124
Device Ports - Logging	124
Local Logging	125
NFS File Logging	125
USB and SD Card Logging	125
Email/SNMP Notification	125
Sylog Logging	126
To set logging parameters:	126
Local Logging	126
Email/Traps	127
Log Viewing Attributes	128
NFS File Logging	128
USB / SD Card Logging	128
Syslog Logging	128
Logging Commands	129
To configure logging settings for one or more device ports:	129
To view a specific number of bytes of data for a device port:	129
To clear the local log for a device port:	130
Console Port	130
To set console port parameters:	130
Console Port Commands	131
To configure console port settings:	131
To view console port settings:	131
Internal Modem Settings	132
Setting Up Internal Modem Storage	132
To set up internal modem storage in the SLC 8000 advanced console manager:	132
Internal Modem Commands	136
Parameters	136
Host Lists	137
To add a host list:	137
Host Parameters	138
To view or update a host list:	138
Host Parameters	139
To delete a host list:	140
Host List Commands	140
To configure a prioritized list of hosts to be used for modem dial-in connections:	140
To add a new host entry to a list or edit an existing entry:	140
To move a host entry to a new position in the host list:	140
To delete a host list, or a single host entry from a host list:	140
To display the members of a host list:	141
Scripts	141
To add a script:	141
Scripts	143
User Rights	144
To view or update a script:	144
To rename a script:	145
To delete a script:	145
To change the permissions for a script:	145
To use a script at the CLI:	145
Set Script CLI Commands	145
To run a CLI batch script:	145
To import a script:	145
To rename a script:	145
To delete a script	146
To connect an interface script to a Device Port and run it:	146
To display list of Device Port (interface) scripts or CLI (batch) scripts, or view the contents of a script:	146
Show Script CLI Commands	146
To run a CLI batch script:	146
To import a script:	146
To rename a script:	146
To delete a script	146
To connect an interface script to a Device Port and run it:	146
To display list of Device Port (interface) scripts or CLI (batch) scripts, or view the contents of a script:	146
Batch Script Syntax	147
Interface Script Syntax	147
Primary Commands	148
Secondary Commands	150
Control Flow Commands	151
Sample Scripts	152
Interface Script—Monitor Port	152
Batch Script—SLC CLI	154
Sites	156
To add a site:	157
To view or update a site:	159
To delete a site:	159
To create or edit a site:	159
To set the site password and CHAP secret:	160
To add passwords to a site:	160
To delete a site:	160
To display details for all sites, the names of all sites, or details for just one site:	160
Modem Dialing States	160
Dial In	160
Dial-back	161
Dial-on-demand	162
Dial-in & Dial-on-demand	162
Dial-back & Dial-on-demand	163
CBCP Server	164
9: USB/SD Card Port	165
Set Up of USB/SD Card Storage	165
To set up USB or SD card storage in the SLC 8000 advanced console manager:	165
To configure a USB/SD card storage port, from the USB Ports / SD Card table,	166
To configure the USB Modem port, from the USB Ports table:	168
Data Settings	169
Modem Settings	169
Text Mode	170
PPP Mode	171
IP Settings	172
Manage Files	172
USB Commands	173
SD Card Commands	173
10: Connections	174
Typical Setup Scenarios for the SLC Unit	174
Terminal Server	174
Remote Access Server	175
Reverse Terminal Server	175
Multiport Device Server	176
Console Server	176
Connection Configuration	177
To create a connection:	177
To view, update, or disconnect a current connection:	178
Connection Commands	179
To connect to a device port to monitor and/or interact with it, or to establish an outbound network connection:	179
To configure initial timeout for outgoing connections:	179
To monitor a device port:	179
To connect a device port to another device port or an outbound network connection (data flows in both directions):	179
To connect a device port to another device port or an outbound network connection (data flows in one direction):	180
To terminate a bidirectional or unidirectional connection:	181
To view connections and their IDs:	181
To display details for a single connection:	181
To display global connections:	181
11: User Authentication	182
To enable, disable, and set the precedence of authentication methods:	182
Authentication Commands	184
To set ordering of authentication methods:	184
To view authentication methods and their order of precedence:	184
User Rights	185
Local and Remote User Settings	186
To enable local and/or remote users:	186
Adding, Editing or Deleting a User	187
To add a user:	187
Shortcut	191
To add a user based on an existing user:	191
To edit a local user:	191
To delete a local user:	191
To change the sysadmin password:	191
Local Users Commands	191
To configure local accounts (including sysadmin) who log in to the SLC 8000 advanced console manager by means of SSH, Telnet, the Web, or the console port:	191
To configure settings for local user passwords and logins:	192
To enable or disable authentication of local users:	192
To set a login password for the local user:	192
To delete a local user:	192
To view settings for all users or a local user:	192
To allow (unlock) or block (lock) to a user's ability to log in:	192
Local User Rights Commands	192
To add a local user to a user group or to change the group the user belongs to:	192
To set a local user's permissions (not defined by the user group):	192
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	193
To view the rights of the currently logged-in user:	193
Remote User Commands	193
To configure whether remote users who are not part of the remote user list will be authenticated:	193
To configure attributes for users who log in by a remote authentication method:	193
Parameters	193
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	193
To remove a remote user:	193
To view settings for all remote users:	194
To view the rights of the currently logged-in user:	194
NIS	194
To configure the SLC unit to use NIS to authenticate users:	194
NIS Commands	197
To configure the SLC unit to use NIS to authenticate users who log in via the Web, SSH, Telnet, or the console port:	197
To set group and permissions for NIS users:	197
To set permissions for NIS users not already defined by the user rights group:	197
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	197
To set a default custom menu for NIS users:	197
To view NIS settings:	197
LDAP	198
To configure the SLC unit to use LDAP to authenticate users:	198
LDAP Commands	202
To configure the SLC unit to use LDAP to authenticate users who log in via the Web, SSH, Telnet, or the console port:	202
To set user group and permissions for LDAP users:	203
To set permissions for LDAP users not already defined by the user rights group:	203
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	203
To set a default custom menu for LDAP users:	203
To set the LDAP bind password:	203
To import or delete a certificate:	203
To view LDAP settings:	204
RADIUS	204
To configure the SLC unit to use RADIUS to authenticate users:	204
RADIUS Commands	207
To configure the SLC unit to use RADIUS to authenticate users who log in via the Web, SSH, Telnet, or the console port:	207
To identify the RADIUS server(s), the text secret, and the number of the TCP port on the RADIUS server:	208
To set the number of seconds after which the connection attempt times out:	208
To set user group and permissions for RADIUS users:	208
To set permissions for RADIUS users not already defined by the user rights group:	208
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	208
To set a default custom menu for RADIUS users:	208
To view RADIUS settings:	208
User Attributes & Permissions from LDAP Schema or RADIUS VSA	208
Kerberos	210
To configure the SLC 8000 advanced console manager to use Kerberos to authenticate users:	210
Kerberos Commands	213
To configure the SLC unit to use Kerberos to authenticate users who log in via the Web, SSH, Telnet, or the console port:	213
To set user group and permissions for Kerberos users:	213
To set permissions for Kerberos users not already defined by the user rights group:	213
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	213
To set a default custom menu for Kerberos users:	213
To view Kerberos settings:	213
TACACS+	214
To configure the SLC unit to use TACACS+ to authenticate users:	214
TACACS+ Commands	216
To configure the SLC unit to use TACACS+ to authenticate users who log in via the Web, SSH, Telnet, or the console port:	216
To set user group and permissions for TACACS+ users:	217
To set permissions for TACACS+ users not already defined by the user rights group:	217
To remove a permission, type a minus sign before the two-letter abbreviation for a user right.	217
To set a default custom menu for TACACS+ users:	217
To view TACACS+ settings:	217
Groups	217
To configure Groups in the SLC unit:	217
To view or update a group:	220
To delete a group:	220
Group Commands	220
Syntax	220
Parameters	220
SSH Keys	221
Imported Keys	221
Exported Keys	221
To configure the SLC unit to use SSH keys to authenticate users:	222
Imported Keys (SSH In)	223
Host & User Associated with Key	223
Host & Login for Import	223
Exported Keys (SSH Out)	223
Host and Login for Export	224
To view or delete a key:	224
To view, reset, or import SSH RSA1, RSA, And DSA host keys:	224
SSH Commands	226
To import an SSH key:	226
To export a key:	226
To export the public keys of all previously created SSH keys:	226
To delete a key:	227
To import an SLC host key or to reset a SLC host key to the default:	227
To reset defaults for all or selected host keys:	227
To display SSH keys that have been imported:	227
To display SSH keys that have been exported:	227
To display host keys (public key only):	227
Custom Menus	228
To add a custom menu:	228
To view or update a custom menu:	229
To delete a custom menu:	230
To create a new custom menu from an existing custom menu:	230
Custom User Menu Commands	230
To assign a custom user menu to a local or remote user:	230
To create a new custom user menu or add a command to an existing custom user menu:	230
To change a command or nickname within an existing custom user menu:	230
To set the optional title for a menu:	230
To enable or disable the display of command nicknames instead of commands:	230

Match case Limit results 1 per page

7: Services

SLC™ 8000 Advanced Console Manager User Guide

Version 3

V3 Read-Only User

V3 Read-Write User

To save, click the

Apply

button.

SNMP, SSH, Telnet, and Logging Commands

The following CLI commands correspond to the web page entries described above.

To configure services (system logging, SSH and Telnet access, SSH and Telnet timeout,

SNMP agent, email (SMTP) server, and audit log):

set services <one or more services parameters>

Parameters

alarmdelay <1-6000 Seconds>

auditlog <enable|

disable

auditsize <Size in Kbytes>

Range is 1-500 Kbytes.

authlog <off|error|warning|info|debug>

clicommands <enable|

disable

Security

Levels of security available with SNMP v. 3.



No Auth/No Encrypt:

No authentication or encryption.



Auth/No Encrypt:

Authentication but no encryption. (default)



Auth/Encrypt:

Authentication and encryption.

Auth with

For

Auth/No Encryp

Auth/Encrypt

, the authentication method:



MD5:

Message-Digest algorithm 5 (default)



SHA:

Secure Hash Algorithm

Encrypt with

Encryption standard to use:



DES:

Data Encryption Standard (default)



AES:

Advanced Encryption Standard

User Name

SNMP v3 is secure and requires user-based authorization to access

SLC

MIB objects.

Enter a user ID. The default is

snmpuser

. Up to 20 characters.

Password/Retype

Password

Password for a user with read-only authority to use to access SNMP v3. The default is

SNMPPASS

. Up to 20 characters.

Passphrase/

Retype

Passphrase

Passphrase associated with the password for a user with read-only authority. Up to 20

characters.

User Name

SNMP v3 is secure and requires user-based authorization to access

SLC

MIB objects.

Enter a user ID for users with read-write authority. The default is

snmprwuser

. Up to

20 characters.

Password/

Retype Password

Password for the user with read-write authority to use to access SNMP v3. The default

SNMPRWPASS

. Up to 20 characters.

Passphrase/

Retype

Passphrase

Passphrase associated with the password for a user with read-write authority. Up to 20

characters.