Lantronix 900-560 User Manual

Download

XPort Pro

User Guide

Part Number 900-560

Revision D April 2012

Copyright & Trademark

© 2012 Lantronix. All rights reserved. No part of the contents of this book may be transmitted or reproduced in any form or by any means without the wr itten permission of Lantron ix. Printed in the United States of America.

Ethernet is a trademark of XEROX Corporation. UNIX is a registered trademark of The Open Group. Windows is a trademark of Microsoft Corporation.

Warranty

For details on the Lantronix warranty replacement policy, please go to our web site at

www.lantronix.com/support/warranty

Patents

Patent #4,972,470; other patents pending.

Contacts

Lantronix Corporate Headquarters

167 Technology Drive Irvine, CA 92618, USA

Toll Free: 800-526-8766 Phone: 949-453-3990 Fax: 949-450-7249

Technical Support

Online: www.lantronix.com/support

Sales Offices

For a current list of our domestic and international sales offices, go to the Lantronix web site at

www.lantronix.com/about/contact

Disclaimer

Note: This product has been designed to comply with the limits for a Class B digital

device pursuant to Part 15 of FCC and EN5502 2:1998 Rules when pr operly enclosed and grounded. These limits are designed to provide reasonable protection against such intererence radio interference in a residential installation. This equipm ent generates, uses, and can radiate radio frequency energy, and if not installed and used in accordance with this guide, may cause interference to radio communications. See Appendix C -

Compliance on page 148.

The information in this guide may change without notice. The manufacturer assumes no responsibility for any errors that may appear in this guide.For the latest revision of this product document, please check our online documentation at www.lantronix.com/support/documentation

XPort Pro User Guide 2

Revision History

Date Rev. Comments

September 2009 A Initial Document December 2010 B Updated for firmware version 5.2.0.0R20. Added support for Modbus

protocol, configurable MTU, and additional VIP tunnel connect

protocols; as well as improvements to SNMP, logging, and SSL. March 2011 C Updated SDRAM information. April 2012 D Added part number information. Updated for firmware version

5.2.0.1R5.

XPort Pro User Guide 3

List of Figures _____________________________________________________________9 List of Tables _____________________________________________________________11

1: About This Guide 13

Chapter and Appendix Summaries ____________________________________________13 Additional Documentation ___________________________________________________14

2: Introduction 15

Key Features _____________________________________________________________15 Applications ______________________________________________________________16 Protocol Support _________________________________________________________16 Evolution OS™ __________________ _________________________________________16 Additional Features ________________________________________________________17

Modem Emulation ______________________________________________________17 Web-Based Configuration and Troubleshooting _______________________________17 Command-Line Interface (CLI) ____________________________________________17 VIP Access ___________________________________________________________17 SNMP Management ____________________________________________________17 XML-Based Architecture and Device Control _________________________________17 Really Simple Syndication (RSS) __________________________________________17 Enterprise-Grade Security _______________________________________________18 Terminal Server/Device Management ______________________________________18

Troubleshooting Capabilities _____________________________________________18 Configuration Methods _____________________________________________________19 Addresses and Port Numbers ________________________________________________19

Hardware Address _____________________________________________________19

IP Address ___________________________________________________________19

Port Numbers _________________________________________________________19 Product Information Label _________________________________________________ __20

3: Using DeviceInstaller 21

Accessing XPort Pro Using DeviceInstaller _____________________________________21 Device Details Summary ____________________________________________________21

4: Configuration Using Web Manager 23

Accessing Web Manager _________________________________________ __________23

Device Status Page ____________________________________________________24 Web Manager Page Components _____________________________________________25 Navigating the Web Manager ________________________________________________26

XPort Pro User Guide 4

5: Network Settings 28

Network 1 (eth0) Interface Status _____________________________________________28 Network 1 (eth0) Interface Configuration _______________________________________29 Network 1 Ethernet Link ____________________________________________________31

6: Line and Tunnel Settings 32

Line Settings _____________________________________________________________32

Line Statistics _________________________________________________________32

Line Configuration _____________________________________________________33

Line Command Mode ___________________________________________________35 Tunnel Settings __________________________________________________________ 36

Tunnel – Statistics _____________________________________________________37

Tunnel – Serial Settings _________________________________________________39

Tunnel – Packing Mode _________________________________________________40

Tunnel – Accept Mode __________________________________________________43

Tunnel – Connect Mode _________________________________________________46

Tunnel – Disconnect Mode _______________________________________________51

Tunnel – Modem Emulation ______________________________________________52

7: Terminal and Host Settings 55

Terminal Settings _________________________________________________________55

Line Terminal Configuration ______________________________________________55

Network Terminal Configuration ___________________________________________56 Host Configuration ________________________________________________________57

8: Configurable Pin Manager 59

Overview ________________________________________________________________59

Default Groups ________________________________________________________59

Custom Groups _______________________________________________________59 CPM: CP (Configurable Pins) ________________________________________________59

View CPs ____________________________________________________________60 CPM: Groups ____________________________________________________________62

View Groups __________________________________________________________62

9: Service Settings 66

DNS Settings _____________________________________________________________66 PPP Settings ____________________________________________________________ 67 SNMP Settings ___________________________________________________________69 FTP Settings ____________________________________________________________70 TFTP Settings ___________________________________________________________ 71 Syslog Settings ___________________________________________________________72 HTTP Settings ____________________________________________________________73

XPort Pro User Guide 5

HTTP Statistics ________________________________________________________74

HTTP Configuration ____________________________________________________75

HTTP Authentication ___________________________________________________77 RSS Settings _____________________________________________________________78 LPD Settings _____________________________________________________________79

LPD Statistics _________________________________________________________79

LPD Configuration _____________________________________________________80

10: Security Settings 82

SSH Settings _____________________________________________________________82

SSH Server Host Keys _________________________________________________83

SSH Server Authorized Users ____________________________________________ 87

SSH Client Known Hosts ________________________________________________89

SSH Client Users ______________________________________________________90 SSL Settings _____________________________________________________________92

SSL Cipher Suites _____________________________________________________92

SSL Certificates _______________________________________________________93

SSL RSA or DSA ______________________________________________________93

SSL Certificates and Private Keys _________________________________________93

SSL Utilities __________________________________________________________94

SSL Configuration _____________________________________________________95

11: Modbus 98

CP Control via Modbus _____________________________________________________98 Serial Transmission Mode __________________________________________________100 Modbus Statistics ________________________________________________________101 Modbus Configuration _____________________________________________________102

12: Maintenance and Diagnostics Settings 103

Filesystem Settings _______________________________________________________103

Filesystem Statistics ___________________________________________________103

Filesystem Browser ___________________________________________________104 Protocol Stack Settings ____________________________________________________106

TCP Settings ________________________________________________________107

IP Settings __________________________________________________________108

ICMP Settings ________________________________________________________109

ARP Settings ________________________________________________________110

SMTP Settings _______________________________________________________111 IP Address Filter _________________________________________________________112 Query Port _____________________________________________________________113 Diagnostics _____________________________________________________________114

Hardware ___________________________________________________________114

XPort Pro User Guide 6

MIB-II Statistics _______________________________________________________115

IP Sockets __________________________________________________________116

Ping _______________________________________________________________116

Traceroute __________________________________________________________117

Log ________________________________________________________________118

Memory _____________________________________________________________ 120

Buffer Pools _________________________________________________________ 121

Processes ___________________________________________________________121 System Settings _________________________________________________________123

13: Advanced Settings 125

Email Settings ___________________________________________________________125

Email Statistics _______________________________________________________125

Email Configuration ___________________________________________________126 Command Line Interface Settings ____________________________________________128

CLI Statistics _________________________________________________________128

CLI Configuration _____________________________________________________128 XML Settings ____________________________________________________________130

XML: Export Configuration ______________________________________________131

XML: Export Status ____________________________________________________132

XML: Import Configuration ______________________________________________133

14: VIP Settings 139

Obtaining a Bootstrap File __________________________________________________139 Importing the Bootstrap File ________________________________________________139 Enabling VIP ____________________________________________________________140 Configuring Tunnels to Use VIP _____________________________________________140 Virtual IP (VIP) Statistics ___________________________________________________140 Virtual IP (VIP) Counters ___________________________________________________141 Virtual IP (VIP) Configuration _______________________________________________141

15: Branding the XPort Pro 143

Web Manager Customization _______________________________________________143 Short and Long Name Customization _________________________________________143

16: Updating Firmware 144

Obtaining Firmware _______________________________________________________144 Loading New Firmware ____________________________________________________144

XPort Pro User Guide 7

Appendix A - Technical Support 145

Appendix B - Binary to Hexadecimal Conversions 146

Converting Binary to Hexadecimal ___________________________________________146

Conversion Table _____________________________________________________146

Scientific Calculator ___________________________________________________147

Appendix C - Compliance 148

Index 150

XPort Pro User Guide 8

List of Figures

Figure 2-2 Sample Hardware Address ________________________________________________19 Figure 2-3 Product Label___________________________________________________________20 Figure 4-1 Prompt for User Name and Password________________________________________23 Figure 4-2 Web Manager Home Page ________________________________________________24 Figure 4-3 Components of the Web Manager Page______________________________________25 Figure 5-1 Network 1 (eth0) Interface Status ___________________________________________28 Figure 5-2 Network 1 (eth0) Interface Configuration______________________________________29 Figure 5-4 Network 1 Ethernet Link __________________________________________________31 Figure 6-1 Line 1 Statistics _________________________________________________________32 Figure 6-2 Line 1 Configuration______________________________________________________33 Figure 6-4 Line 1 Command Mode___________________________________________________35 Figure 6-6 Tunnel 1 Statistics_____________________________ __________________________38 Figure 6-7 Tunnel 1 Serial Settings___________________________________________________39 Figure 6-9 Tunnel 1 Packing Mode (Mode = Disable) ____________________________________40 Figure 6-10 Tunnel 1 Packing Mode (Mode = Timeout)___________________________________41 Figure 6-11 Tunnel 1 Packing Mode (Mode = Send Character)_____________________________41 Figure 6-13 Tunnel 1 Accept Mode___________________________________________________44 Figure 6-15 Tunnel 1 - Connect _____________________________________________________47 Figure 6-17 Host 1, Host 2, Host 3 Exchanged__________________________________________50 Figure 6-18 Tunnel 1 Disconnect Mode _______________________________________________51 Figure 6-21 Tunnel 1 Modem Emulation_______________________________________________54 Figure 7-1 Terminal on Line Configuration_____________________________________________55 Figure 7-3 Terminal on Network Configuration__________________________________________56 Figure 7-5 Host Configuration_______________________________________________________57 Figure 8-1 CPM: CPs _____________________________________________________________60 Figure 8-4 CPM: Groups____________________________________ _______________________62 Figure 8-6 CPM: Group Status ______________________________________________________63 Figure 9-1 DNS Settings___________________________________________________________66 Figure 9-2 PPP Configuration Settings________________________________________________68 Figure 9-4 SNMP Configuration _____________________________________________________69 Figure 9-6 FTP Configuration _______________________________________________________70 Figure 9-8 TFTP Configuration______________________________________________________71 Figure 9-10 Syslog _______________________________________________________________73 Figure 9-12 HTTP Statistics ________________________________________________________74 Figure 9-13 HTTP Configuration_____________________________________________________75 Figure 9-15 HTTP Authentication ____________________________________________________77 Figure 9-17 RSS_________________________________________________________________79 Figure 9-19 LPD Statistics _________________________________________________________80 Figure 9-20 LPD Configuration______________________________________________________80 Figure 10-1 SSH Server: Host Keys (Upload Keys) ______________________________________83 Figure 10-3 SSH Server: Host Keys (Upload Keys) ______________________________________85 Figure 10-5 SSH Server: Host Keys (Create New Keys) __________________________________86 Figure 10-7 SSH Server: Authorized Users ____________________________________________88 Figure 10-9 SSH Client: Known Hosts ________________________________________________89 Figure 10-11 SSH Client: Users _____________________________________________________90 Figure 10-14 SSL ______________________________________________________ __________95 Figure 11-5 Modbus Statistics______________________________________________________101 Figure 11-6 Modbus Configuration __________________________________________________102 Figure 12-1 Filesystem Statistics _____________________________________________ ______103 Figure 12-2 Filesystem Browser____________________________________________________105

XPort Pro User Guide 9

Figure 12-4 TCP Protocol_________________________________________________________107 Figure 12-6 IP Protocol _______________________________________________ ___________108 Figure 12-8 ICMP Protocol ________________________________________________________109 Figure 12-10 ARP Protocol Page ___________________________________________________110 Figure 12-12 SMTP______________________________________________________________111 Figure 12-14 IP Address Filter Configuration __________________________________________112 Figure 12-16 Query Port Configuration_______________________________________________113 Figure 12-17 Diagnostics: Hardware_________________ ________________________________114 Figure 12-18 MIB-II Network Statistics _______________________________________________115 Figure 12-20 IP Sockets __________________________________________________________116 Figure 12-21 Diagnostics: Ping_____________________________________________________117 Figure 12-23 Diagnostics: Traceroute________________________________________________118 Figure 12-25 Diagnostics: Log _____________________________________________________119 Figure 12-26 Diagnostics: Log (Filesystem) ___________________________________________119 Figure 12-27 Diagnostics: Log (Line 1)_______________________________________________119 Figure 12-28 Diagnostics: Memory__________________________________________________120 Figure 12-29 Diagnostics: Buffer Pools_________________ ______________________________121 Figure 12-30 Diagnostics: Processes________________________________________________122 Figure 12-31 System_____________________________________________________________123 Figure 13-1 Email Statistics _______________________________________________________125 Figure 13-2 Email Configuration____________________________________________________126 Figure 13-4 CLI Statistics _________________________________________________________128 Figure 13-5 CLI Configuration_____________________________________________ _________129 Figure 13-7 XML: Export Configuration_______________________________________________131 Figure 13-9 XML: Export Status ____________________________________________________132 Figure 13-11 XML: Import Configuration______________________________________________133 Figure 13-12 XML: Import Configuration from External File _______________________________134 Figure 13-13 XML: Import from Filesystem ___________________________________________135 Figure 13-14 XML: Import Configuration from Filesystem ________________________________136 Figure 13-15 XML: Import Line(s) from Single Line Settings on the Filesystem________________137 Figure 14-1 VIP Status ___________________________________________________________140 Figure 14-2 VIP Counters_________________________________________________________141 Figure 14-4 VIP Configuration Page________________________________ _________________141 Figure 16-1 Update Firmware______________________________________________________144

XPort Pro User Guide 10

List of Tables

Table 2-1 XPort Pro Part Numbers___________________________________________________15 Table 3-1 Device Details Summary___________________________________________________21 Table 4-4 Summary of Web Manager Pages ___________________________________________26 Table 5-3 Network 1 (eth0) Interface Configuration ______________________________________30 Table 5-5 Network 1 Ethernet Link ___________________________________________________31 Table 6-3 Line Configuration________________________________________________________34 Table 6-5 Line Command Mode _____________________________________________________ 35 Table 6-8 Tunnel - Serial Settings____________________________________________________39 Table 6-12 Tunnel Packing Mode____________________________________________________42 Table 6-14 Tunnel Accept Mode_____________________________________________________44 Table 6-16 Tunnel Connect Mode____________________________________________________48 Table 6-19 Tunnel Disconnect Mode _________________________________________________51 Table 6-20 Modem Emulation Commands and Descriptions _______________________________52 Table 6-22 Tunnel Modem Emulation_________________________________________________54 Table 7-2 Terminal on Line 1 Configuration ____________________________________________56 Table 7-4 Terminal on Network Configuration __________________________________________57 Table 7-6 Host Configuration _______________________________________________________ 58 Table 8-2 CPM CPs Current Configuration_____________________________________________60 Table 8-3 CPM CPs Status_________________________________________________________61 Table 8-5 CPM Groups Current Configuration __________________________________________63 Table 8-7 Group Status____________________________________________________________64 Table 9-3 PPP Configuration _______________________________________________________68 Table 9-5 SNMP _________________________________________________________________69 Table 9-7 FTP Settings____________________________________________________________70 Table 9-9 TFTP Server____________________________________________________________72 Table 9-11 Syslog________________________________________________________________73 Table 9-14 HTTP Configuration _____________________________________________________75 Table 9-16 HTTP Authentication_____________________________________________________ 77 Table 9-18 RSS__________________________________________________________________79 Table 9-21 LPD Configuration_______________________________________________________81 Table 10-2 SSH Server Host Keys Settings - Upload Keys Method__________________________84 Table 10-4 SSH Server Host Keys Settings - Upload Keys Method__________________________85 Table 10-6 SSH Server Host Keys Settings - Create New Keys Method______________________86 Table 10-8 SSH Server Authorized User Settings _______________________________________88 Table 10-10 SSH Client Known Hosts ________________________________________________89 Table 10-12 SSH Client Users ______________________________________________________91 Table 10-13 Supported Cipher Suites_________________________________________________92 Table 10-15 SSL_________________________________________________________________96 Table 11-1 6 Byte Header of Modbus Application Protocol ________________________________98 Table 11-2 Modbus Local Slave Functions - Query ______________________________________98 Table 11-3 Modbus Local Slave Functions - Response ___________________________________99 Table 11-4 Modbus Transmission Modes_____________________________________________100 Table 11-7 Modbus Configuration_____________________________________________ ______102 Table 12-3 Filesystem Browser_____________________________________________________106 Table 12-5 TCP Protocol Settings___________________________________________________107 Table 12-7 IP Protocol Settings____________________________________________________108 Table 12-9 ICMP Settings_________________________________________________________109 Table 12-11 ARP Settings_________________________________________________________110 Table 12-13 SMTP Settings _______________________________________________________111 Table 12-15 IP Address Filter Settings_______________________________________________112

XPort Pro User Guide 11

Table 12-19 Requests for Comments (RFCs)__________________________________________115 Table 12-22 Diagnostics: Ping _____________________________________________________ 117 Table 12-24 Diagnostics: Traceroute ________________________________________________118 Table 12-32 System _____________________________________________________________123 Table 13-3 Email Configuration_____________________________________________________127 Table 13-6 CLI Configuration ______________________________________________________129 Table 13-8 XML Export Configuration________________________________________________131 Table 13-10 XML Export Status ____________________________________________________132 Table 13-16 XML: Import Line(s) from Single Line Settings_______________________________138 Table 14-3 VIP Counters__________________________________________________________141 Table 14-5 VIP Settings __________________________________________________________142 Table 18-1 Binary to Hexadecimal Conversion Table____________________________________146

XPort Pro User Guide 12

1: About This Guide

This guide provides the information needed to configure, use, and update the XPort Pro device server. It is intended for software developers and system integrators who are embedding th e XPort Pro in their designs.

Chapter and Appendix Summaries

A summary of each chapter is provided below.

Chapter Description

Chapter 2: Introduction Main features of the product and the protocols it supports.

Includes technical specifications.

Chapter 3: Using DeviceInstaller Instructions for viewing the current configuration using

DeviceInstaller.

Chapter 4: Configuration Using Web Manager Instructions for accessing Web Manager and using it to

configure settings for the device.

Chapter 5: Network Settings Instructions for using the web interface to configure

Ethernet settings.

Chapter 6: Line and Tunnel Settings Instructions for using the web interface to configure line and

tunnel settings.

Chapter 7: Terminal and Host Settings Instructions for using the web interface to configure terminal

and host settings.

Chapter 8: Configurable Pin Manager Information about the Configurable Pin Manager (CPM) and

how to set the configurable pins to work with a device.

Chapter 9: Service Settings Instructions for using the web interface to configure settings

for DNS, SNMP, FTP, and other services.

Chapter 10: Security Settings Instructions for using the web interface to configure SSH

and SSL security settings.

Chapter 11: Modbus Instructions for using the web interface to configure

Modbus.

Chapter 12: Maintenance and Diagnostics Settings Instructions for using the web interface to maintain the

device, view statistics, files, and logs, and diagnose problems.

Chapter 13: Advanced Settings Instructions for using the web interface to configure email,

CLI, and XML settings.

Chapter 14: VIP Settings Information about Virtual IP (VIP) features available on the

device and instructions for using the web interface to configure the VIP settings.

Chapter 15: Branding the XPort Pro Instructions for customizing the device. Chapter 16: Updating Firmware Instructions for obtaining the latest firmware and updating

the device.

Appendix A - Technical Support Instructions for contacting Lantronix Technical Support. Appendix B - Binary to Hexadecimal Conversions Instructions for converting binary values to hexadecimals. Appendix C - Compliance Lantronix compliance information.

XPort Pro User Guide 13

Additional Documentation

Visit the Lantronix web site at www.lantronix.com/support/documentation for the latest documentation and the following additional documentation.

Document Description

XPort Pro Integration Guide Information about the XPort Pro hardware, testing the XPort Pro

XPort Pro Command Reference

XPort Pro Universal Demo Board Quick Start

XPort Pro Universal Demo Board User Guide

DeviceInstaller Online Help Instructions for using the Lantronix Windows-based utility to locate

Com Port Redirector Quick Start and Online Help

1: About This Guide

using the demonstration board, and integrating the XPort Pro into your product.

Instructions for accessing Command Mode (the command line interface) using a Telnet connection or through the serial port. Detailed information about the commands. Also provides details for XML configuration and status.

Instructions for getting the XPort Pro demonstration board up and running.

Information for using the XPort Pro on the demo board.

the device and to view its current settings. Instructions for using the Lantronix Windows-based utility to create

virtual com ports.

Secure Com Port Redirector User Guide

Instructions for using the Lantronix Windows-based utility to create secure virtual com ports.

XPort Pro User Guide 14

2: Introduction

Table 2-1 XPort Pro Part Numbers

Part Numbers SDRAM Operating System

XPP1002000-01R 8 MB Evolution XPP100200S-01R 8 MB Evolution XPPDK1000-EVO-01 8 MB Evolution XPP1002000-02R 16 MB Evolution XPP100200S-02R 16 MB Evolution XPPDK1000-EVO-02 16 MB Evolution XPP1003000-01R 8 MB Linux XPP100300S-01R 8 MB Linux XPPDK1000-LNX-01 8 MB Linux XPP1003000-02R 16 MB Linux XPP100300S-02R 16 MB Linux XPPDK1000-LNX-02 16 MB Linux

This chapter introduces the Lantronix . It provides an overview of the products, lists their key features, and describes the applications for which they are suited.

The

XPort Pro embedded Ethernet Device Server is a complete network-enabling solution in a

13.50 (0.531) X 16.25 (0.640) X 33.90 (1.335) package. This miniature device server empowers original equipment manufacturers (OEMs) to go to market quickly and easily with Ethernet networking and web page serving capabilities built into their products. [DIMS = mm (in.)]

This chapter contains the following sections:

 Applications  Protocol Support  Evolution OS™  Additional Features  Configuration Methods  Addresses and Port Numbers  Product Information Label

Key Features

Note: Consult the Integration Guide for more detailed hardware information.

 Power Supply: Regulated 3.3V input

required.

 Controller: A Lantronix DSTni-EX CPU

with 256 kilobytes (KB) zero wait state SRAM and 16 KB of boot ROM.

 Memory: 16 MB Flash and 8/16 MB

SDRAM (see Table 2-1 to the right).

 Temperature Range: Operates over an

extended temperature range of -40°C to +85°C.

XPort Pro User Guide 15

 Ethernet: 10/100 megabits per second

(Mbps) Ethernet transceiver

 Serial Ports: One full RS232-supporting

high-speed serial port with all hardware handshaking signals. Baud rate is software selectable

Note: The standard baud rate of 460800 bps is not supported.

 Configurable IO Pins (CPs): Up to three pins are configurable as general purpose I/Os if no

modem control signal is used on serial ports. Not 5V tolerant.

 Interface Signals: 3.3V-level interface signals.

(300 bps to 921600 bps).

Applications

 The XPort Pro device server connects serial devices such as those listed below to Ethernet

networks using the IP protocol family.

 ATM machines  CNC controllers  Data collection devices  Universal Power Supply (UPS) management unit  Telecommunications equipment  Handheld instruments  Data display devices  Security alarms and access control devices  Modems  Time/attendance clocks and terminals

2: Introduction

Protocol Support

The XPort Pro device server contains a full-featured TCP/IP stack. Supported protocols include:

 ARP, IP, UDP, TCP, ICMP, BOOTP, DHCP, AutoIP, Telnet, DNS, FTP, TFTP, HTTP/HTTPS,

SSH, SSL/TLS, SNMP, SMTP, RSS, PPP and Syslog for network communications and management.

 TCP, UDP, TCP/AES, UDP/AES, Telnet, SSH and SSL/TLS for tunneling to the serial port.  TFTP, FTP, and HTTP for firmware upgrades and uploading files.

Evolution OS™

The XPort Pro incorporates the Lantronix Evolution OS™. Key features of the Evolution OS™ include:

 Built-in Web server for configuration and troubleshooting from Web-based browsers  CLI configurability  SNMP management  XML data transport and configurability  Really Simple Syndication (RSS) information feeds  Enterprise-grade security with SSL and SSH  Comprehensive troubleshooting tools

XPort Pro User Guide 16

Additional Features

Modem Emulation

In modem emulation mode, the XPort Pro can replace dial-up modems. The unit accepts modem AT commands on the serial port, and then establishes a network connection to the end device, leveraging network connections and bandwidth to eliminate dedicated modems and phone lines.

Web-Based Configuration and Troubleshooting

Built upon Internet-based standards, the XPort Pro enables you to configure, manage, and troubleshoot through a browser-based interface accessible anytime from anywhere. All configuration and troubleshooting options are launched from a web interface. You can access all functions via a Web browser, for remote access. As a result, you de crease downtime (using the troubleshooting tools) and implement configuration changes (using the configuration tools).

Command-Line Interface (CLI)

Making the edge-to-enterprise vision a reality, the XPort Pro with the Evolution OS™ uses industry-standard tools for configuration, communication, and control. For example, the Evolution OS™ uses a Command Line Interface (CLI) whose syntax is very similar to that used by data center equipment such as routers and hubs.

2: Introduction

VIP Access

Virtual IP Access is the Lantronix technology that solves the access-through-firewall problem. With VIP Access, the XPort Pro can act as a ManageLinx DSC and provide direct access to your equipment behind a firewall.

SNMP Management

The XPort Pro supports full SNMP management, making it ideal for applications where device management and monitoring are critical. These features allow networks with SNMP capabilities to correctly diagnose and monitor XPort Pro device servers.

XML-Based Architecture and Device Control

XML is a fundamental building block for the future growth of M2M networks. The XPort Pro supports XML-based configuration setup records that make device configuration transparent to users and administrators. The XML is easily editable with a standard text or XML editor.

Really Simple Syndication (RSS)

The XPort Pro supports Really Simple Syndication (RSS) for streaming and managing on-line content. RSS feeds all the configuration changes that occur on the device. An RSS aggregator then reads (polls) the feed. More powerful than simple email alerts, RSS uses XML as an underlying Web page transport and adds intelligence to the networked device, while not taxing already overloaded email systems.

XPort Pro User Guide 17

2: Introduction

Enterprise-Grade Security

Evolution OS™ provides the XPort Pro the highest level of networking security possible. This ‘data center grade’ protection ensures that each device on the M2M network carries the same level of security as traditional IT networking equipment in the corporate data center.

With built-in SSH and SSL, secure communications can be established between the serial ports and the remote end device or application. By protecting the privacy of serial data transmitte d across public networks, users can maintain their existing investment in serial technology, while taking advantage of the highest data-protection levels possible.

SSH and SSL are able to do the following:

 Verify the data received came from the proper source  Validate that the data transferred from the source over the network has not changed when it

arrives at its destination (shared secret and hashing)

 Encrypt d ata to protect it from prying eyes and nefarious individuals  Provide the ability to run popular M2M protocols over a secure SSH or SSL connection

In addition to keeping data safe and accessible, the XPort Pro has robust defenses to hostile Internet attacks such as denial of service (DoS), which can be used to take down the network. Moreover, the XPort Pro cannot be used to bring down other devices on the network.

You can use the XPort Pro with the Lantronix Secure Com Port Redirector (SCPR) to encrypt COM port-based communications between PCs and virtually any electronic device. SCPR is a Windows application that creates a secure communications path over a network between the computer and serial-based devices that are traditionally controlled via a COM port. With SCPR installed at each computer, computers that were formerly “h ard-wired” by serial cabling for security purposes or to accommodate applications that only understood serial data can instead communicate over an Ethernet network or the Internet.

Terminal Server/Device Management

Remote offices can have routers, PBXs, servers and other networking equipment that require remote management from the corporate facility. The XPort Pro easily attaches to the serial ports on a server, Private Branch Exchange (PBX), or other networking equipment to deliver central, remote monitoring and management capability.

Troubleshooting Capabilities

The XPort Pro offers a comprehensive diagnostic toolset that lets you troubleshoot problems quickly and easily. Available from the Web Manager, CLI, and XML interfaces, the diagnostic to ols let you:

 View critical hardware, memory, MIB-II, buffer pool, and IP socket info rmation.  Perform ping and traceroute operations.  Conduct forward or backup DNS lookup operations.  View all processes currently running on the XPort Pro, including CPU utilization and total stack

space available.

XPort Pro User Guide 18

Configuration Methods

After installation, the XPort Pro requires configuration. For the unit to operate correctly on a network, it must have a unique IP address on the network. There are four basic methods for logging into the XPort Pro and assigning IP addresses and other configurable settings:

DeviceInstaller: Configure the IP address and related settings and view current settings on the XPort Pro using a Graphical User Interface (GUI) on a PC attached to a network. See Using

DeviceInstaller (on page 21).

Web Manager: Through a web browser, configure the XPort Pro settings using the La ntronix Web Manager. See Configuration Using Web Manager (on page 23).

Command Mode: There are two methods for accessing Command Mode (CLI): making a Telnet connection or connecting a terminal (or a PC running a terminal emulation program) to the unit’s serial port. (See the XPort Pro Command Reference Guide for instructions and available commands.)

XML: The XPort Pro supports XML-based configuration and setup records that make device configuration transparent to users and administrators. XML is easily editable with a standard text or XML editor. (See the XPort Pro Command Reference Guide for instructions and commands.)

2: Introduction

Addresses and Port Numbers

Hardware Address

The hardware address is also referred to as the Ethernet address or M AC addre s s. The first thr ee bytes of the Ethernet address are fixed and read 00-20-4A, identifying the unit as a Lantronix product. The fourth, fifth, and sixth bytes are unique numbers assigned to each unit.

Figure 2-2 Sample Hardware Address

00-20-4A-14-01-18 or 00:20:4A:14:01:18

IP Address

Every device connected to an IP network must have a unique IP add ress. This address references the specific unit.

Port Numbers

Every TCP connection and every UDP datagram is defined by a destination and source IP address, and a destination and source port nu mber. For example, a Telnet serv er commonly u ses port number 23.

The following is a list of the default server port numbers running on the XPort Pro:

 TCP Port 22: SSH Server (Command Mode configuration)  TCP Port 23: Telnet Server (Command Mode configuration)  TCP Port 80: HTTP (Web Manager configuration)  TCP Port 443: HTTPS (Web Manager configuration)  UDP Port 161: SNMP  TCP Port 21: FTP

XPort Pro User Guide 19

 UDP Port 69: TFTP

Part Number

Product ID (name)

MAC Address

Revision

 UDP Port 30718: LDP (Lantronix Discovery Protocol) port  TCP/UDP Port 10001: Tunnel 1

Note: Multi-port products include one or more additional supported ports and tunnels

with default sequential numbering. For instance: TCP/UDP Port 10002: Tunnel 2, TCP/ UDP Port 10003: Tunnel 3, etc.

Product Information Label

The product information label on the unit contains the following information about the specific unit:

 Bar Code  Product ID (name)  Produ ct Revision  Part Number  Hardware Address (MAC Address or Serial Number)

2: Introduction

Figure 2-3 Product Label

XPort Pro User Guide 20

3: Using DeviceInstaller

This chapter covers the steps for locating a device and viewing its properties and details.

DeviceInstaller is a free utility program provided by Lantronix that discovers, configures, upgrades and manages Lantronix Device Servers. It can be downloaded from the Lantronix website at

www.lantronix.com/support/downloads.html

the IP address, related settings or for more advanced features, see the DeviceInstaller online help.

Note: AutoIP generates a random IP address in the range of 169.254.0.1 to

169.254.255.254 if no BOOTP or DHCP server is found.

Accessing XPort Pro Using DeviceInstaller

Note: Make note of the MAC address. It is needed to locate the XPort Pro using

DeviceInstaller.

1. Click Start > All Programs > Lantronix > DeviceInstaller > DeviceInstaller. When DeviceInstaller starts, it will perform a network device search.

2. Click Search to perform additional searches, as desired.

3. Expand the XPort Pro folder by clicking the + symbol next to the XPort Pro folder icon. The list of available Lantronix XPort Pro devices appears.

. For instructions on using DeviceInstaller to configure

4. Select the XPort Pro unit by expanding its entry and clicking on its hardware (MAC) address to view its configuration.

5. On the right page, click the Device Details tab. The current XPort Pro configuration appears. This is only a subset of the full configuration; the complete configuration may be accessed via Web Manager, CLI, or XML.

Device Details Summary

Note: The settings are Display Only in this table unless otherwise noted.

Table 3-1 Device Details Summary

Current Settings Description

Name Name identifying the XPort Pro. DHCP Device Name Shows the name associated with the XPort Pro’ current IP address, if

Group Configurable field. Enter a group to categorize the XPort Pro. Double-

Comments Configurable field. Enter comments for the XPort Pro. Double-click the

the IP address was obtained dynamically.

click the field, type in the value, and press Enter to complete. This group name is local to this PC and is not visible on other PCs or laptops using DeviceInstaller.

field, type in the value, and press Enter to complete. This description or comment is local to this PC and is not visible on other PCs or laptops using DeviceInstaller.

XPort Pro User Guide 21

3: Using DeviceInstaller

Current Settings (continued) Description

Device Family Shows the XPort Pro device family type as “XPort”. Type Shows the specific device type, such as “XPort Pro”. ID Shows the XPort Pro ID embedded within the unit. Hardware Address Shows the XPort Pro hardware (MAC) address. Firmware Version Shows the firmware cu rren t ly i nst al l e d on th e XPort Pro. Extended Firmware Version Provides additional information on the firmware version. Online Status Shows the XPort Pro status as Online, Offline, Unreachable (the XPort

Pro is on a different subnet), or Busy (the XPort Pro is currently performing a task).

IP Address Shows the XPort Pro current IP address. To change the IP address,

click the Assign IP button on the DeviceInstaller menu bar.

IP Address was Obtained Displays “Dynamically” if the XPort Pro automatically received an IP

address (e.g., from DHCP). Displays “Statically” if the IP address was configured manually.

If the IP address was assigned dynamically, the following fields appear:

 Obtain via DHCP with value of True or False.  Obtain via BOOTP with value of True or False.

Subnet Mask Shows the subnet mask specifying the network segment on which the

XPort Pro resides.

Gateway Shows the IP address of the router of this network. There is no default. Number of Ports Shows the number of serial ports on this XPort Pro. Supports Configurable Pins Shows True, indicating configurable pins are available on the XPort

Pro.

Supports Email Triggers Shows True, indicating email triggers are available on the XPort Pro. Telnet Enabled Indicates whether Telnet is enabled on this XPort Pro. Telnet Port Shows th e XPort Pro port for Telnet sessions. Web Enabled Indicates whether Web Manager access is enabled on this XPort Pro. Web Port Shows the XPort Pro port for Web Manager configuration. Firmware Upgradable Shows True, indicating the XPort Pro firmware is upgradable as newer

versions become available.

XPort Pro User Guide 22

4: Configuration Using Web Manager

This chapter describes how to configure the XPort Pro using Web Manager, the Lantronix browser-based configuration tool. The unit’s configuration is stored in nonvolatile memory and is retained without power. All changes take effect immediately, unless otherwise noted. It contains the following sections:

 Accessing Web Manager  Web Manager Page Components  Navigating the Web Manager  Summary of Web Manager Pages

Accessing Web Manager

Note: You can also access the Web Manager by selecting the Web Configuration tab on

the DeviceInstaller window.

To access Web Manager, perform the following steps:

1. Open a standard web browser. Lantronix supports the latest version of Internet Explorer, Mozilla Suite, Mozilla Firefox, Safari, Chrome or Opera.

2. Enter the IP address of the XPort Pro in the address bar. The IP address may have been assigned manually using DeviceInstaller (see the XPort Pro Quick Start Guide) or automatically by DHCP.

Figure 4-1 Prompt for User Name and Pas s wo rd

3. Enter your username and password.The factory-default username is “admin” and the factorydefault password is “PASS.” The Device Status web page shown in Figure 4-2 displays configuration, network settings, line settings, tunneling settings, and product information.

Note: The Logout button is available on any web page. Logging out of the web page

would force re-authentication to take place the next time the web page is accessed.

XPort Pro User Guide 23

4: Configuration Using Web Manager

Device Status Page

The Device Status page is the first page that appears after you log into the Web Manager. It also appears when you click Status in the Main Menu.

Figure 4-2 Web Manager Home Page

XPort Pro User Guide 24

Web Manager Page Components

Menu Bar

Links to subpages

Items to configure

Information and Help Area

Header

Configuration and/or Status Area

Footer

Logout button

The layout of a typical Web Manager page is below.

Figure 4-3 Components of the Web Manager Page

4: Configuration Using Web Manager

The menu bar always appears at the left side of the page, regardless of the page shown. The menu bar lists the names of the pages available in the Web Mana ger. To bring up a page, click it in the menu bar.

The main area of the page has these additional sections:

 At the very top, many pages, such as the one in the example above, enable you to link to

sub pages. On some pages, you must also select the item you are configuring, such as a

XPort Pro User Guide 25

line or a tunnel.

 In the middle of many pages, you can select or enter new configuration settings. Some

pages show status or statistics in this area rather than allow you to enter settings.

 At the bottom of most pages, the current configuration is displayed. In some cases, you

can reset or clear a setting.

 The information or help area shows information or instructions associated with the page.  A Logout link is available at the upper right corner of every web page. In Chrome or

Safari, it is necessary to close out of the browser to logout. If necessary, reopen the browser to log back in.

 The foote r ap pe ars a t the ve ry bottom of the page. It contains copyright information and a

link to the Lantronix home page.

Navigating the Web Manager

The Web Manager provides an intuitive point-and-click interface. A menu bar on the left side of each page provides links you can click to navigate from one page to another. Some pages are read-only, while others let you change configuration settings.

4: Configuration Using Web Manager

Note: There may be times when you must reboot the XPort Pro for the new

configuration settings to take effect. The chapters that follow indicate when a change requires a reboot.

Table 4-4 Summary of Web Manager Pages

Web Manager Page

Status Shows product information and network, line, and tunneling

CLI Shows Command Line Interface (CLI) statistics and lets you

CPM Shows information about the Configurable Pins Manager (CPM)

Diagnostics Lets you perform various diagnostic procedures. 114 DNS Shows the current configuration of the DNS subsystem and the

Email Shows email statistics and lets you clear th e email log, configure

Filesystem Shows file system statistics and lets you browse the file system to

FTP Shows statistics and lets you change the current configuration for

Host Lets you view and change settings for a host on the network. 57

Description See

Page

settings.

128

change the current CLI configuration settings.

and how to set the configurable pins and pin groups to work with a device.

DNS cache.

125

email settings, and send an email.

103

view a file, create a file or directory, upload files using HTTP, copy a file, move a file, or perform TFTP actions.

the File Transfer Protocol (FTP) server.

HTTP Shows HyperText Transfer Protocol (HTTP) statistics and lets you

change the current configuration and authentication settings.

XPort Pro User Guide 26

4: Configuration Using Web Manager

Web Manager Page (continued)

IP Address Filter Lets you specify all the IP addresses and subnets that are allowed

Line Shows statistics and lets you change the current configuration and

LPD Shows LPD (Line Printer Daemon) Queue statistics and lets you

Modbus Shows the current connection status of the Modbus servers

Network Shows status and lets you configure the network interface. 28 PPP Lets you configure a network link using Point-to-Point Protocol

Protocol Stack Lets you perform lower level network stack-specific activities. 106 Query Port Lets you change configuration settings for the query port. 113 RSS Lets you change current Really Simple Syndication (RSS)

SNMP Lets you change the current Simple Network Management

SSH Lets you change the configuration settings for SSH server host

SSL Lets you upload an existing certificate or create a new self-signed

Syslog Lets you specify the severity of events to log and the server and

System Lets you reboot device , restore fa ctory defaults, upload new

Terminal Lets you change current settings for a terminal. 55

Description See

Page

112

to send data to this device.

Command mode settings of a serial line.

configure the LPD and print a test page.

listening on the TCP ports and lets you configure the Modbus settings.

(PPP) over a serial line.

settings.

Protocol (SNMP) configuration settings.

keys, SSH server authorized users, SSH client known hosts, and SSH client users.

certificate.

ports to which the syslog should be sent.

123

firmware, and change the device long and short names.

TFTP Shows statistics and lets you change the current configuration for

the Trivial File Transfer Protocol (TFTP) server.

Tunnel Lets you change the current configuration settings for a tunnel. 36 VIP Lets you configure Virtual IP addresses to be used in Tunnel

Accept Mode and Tunnel Connect Mode.

XML Lets you export XML configuration and status records, and import

XML configuration records.

139

130

XPort Pro User Guide 27

5: Network Settings

This chapter describes how to access, view, and configure network settings from the Network web page. The Network web page contains sub-menus that enable you to view and configure the Ethernet network interface and link.

This chapter contains the following sections:

 Network 1 (eth0) Interface Status  Network 1 (eth0) Interface Configuration  Network 1 Ethernet Lin k

Network 1 (eth0) Interface Status

This page shows the status of the Ethernet network interface.

To view the network interface status:

1. Click Network on the menu.

2. Then click Network 1, Interface, and Status at the top of the page. The Network 1 (eth0) Interface Status page appears.

Figure 5-1 Network 1 (eth0) Interface Status

XPort Pro User Guide 28

Network 1 (eth0) Interface Configuration

This page shows the configuration settings for the Ether net con nection and lets you change these settings.

To view and configure network interface settings:

1. Click Network 1 > Interface > Configuration at the top of the page. The Network 1 (eth0) Interface Configuration page appears.

Figure 5-2 Network 1 (eth0) Interface Configuration

5: Network Settings

2. Enter or modify the following settings:

XPort Pro User Guide 29

Table 5-3 Network 1 (eth0) Interface Configuration

5: Network Settings

Network 1 Interface

Description Configuration Settings

BOOTP Client Select On or Off. At boot up, the device will attempt to obtain an IP address from a

BOOTP server.

Notes:

 Overrides the configured IP address, network mask, gateway, hostname, and

domain.

 When DHCP is On, the system automatically uses DHCP, regardless of whether

BOOTP Client is On.

DHCP Client Select On or Off. At boot up, the device will attempt to lease an IP address from a

DHCP server and maintain the lease at regular intervals.

Note: Overrides BOOTP, the configured IP address, network mask, gateway,

hostname, and domain.

IP Address Enter the device static IP address.

You may enter it alone, in CIDR format, or with an explicit mask.

The IP address consists of four octets separated by a period and is used if BOOTP and

DHCP are both set to Off. Changing this value requires you to reboot the device.

Note: Whe n DHCP is enabled, the device tries to obtain an IP address from DHCP. If

it cannot, the device uses an AutoIP address in the range of 169.254.xxx.xxx.

Default Gateway Enter the IP address of the router for this network. Or, clear the field (appears as

<None>). This address is only used for static IP address configuration. Hostname Enter the device hostname. It must begin with a letter, continue with a sequence of

letters, numbers, and/or hyphens, and end with a letter or number.

Domain Enter the device domain name. DHCP Client ID Enter the ID if the DHCP server uses a DHCP ID. The DHCP server’s lease table

shows IP addresses and MAC addresses for devices. The lease table shows the Client

ID, in hexadecimal notation, instead of the device MAC address. Primary DNS IP address of the primary name server. This entry is required if you choose to configure

DNS (Domain Name Server) servers.

Secondary DNS IP address of the secondary name server. MTU When DHCP is enabled, the MTU size is (usually) provided with the IP address. When

not provided by the DHCP server, or using a static configuration, this value is used. The

MTU size can be from 576 to 1500 bytes.

3. Click Submit to save changes. Some changes to th e following settings require a reb oot for the changes to take effect:

 BOOTP Client  DHCP Client  IP Address  DHCP Client ID

Note: If DHCP or BOOTP fails, AutoIP intervenes and assigns an add ress.A new DHCP

negotiation is attempted every 5 minutes to obtain a new IP address. When the DHCP is enabled, any configured static IP address is ignored.

XPort Pro User Guide 30

Network 1 Ethernet Link

This page shows the current negotiated Ethernet settings and lets you change the speed and duplex settings.

To view and configure the Ethernet link:

1. Click Network on the menu bar and then click Network 1 > Link at the top of the page. The Network 1 (eth0) Ethernet Link page appears.

 If coming from another Network page, click Network 1 > Link at the top of the page.

5: Network Settings

Figure 5-4 Network 1 Ethernet Link

The Status table shows the current negotiated settings. The Configuration table shows the current range of allowed settings.

2. Enter or modify the following settings:

Table 5-5 Network 1 Ethernet Link

Network 1-Ethernet Link Settings

Speed Select the Ethernet link speed. Default is Auto. Duplex Select the Ethernet link duplex mode. Default is Auto.

Description

3. Click Submit. The changes take effect immediately.

Note: The following section describes the steps to view and configure Line 1 settings;

these steps apply to other line instances of the device.

XPort Pro User Guide 31

6: Line and Tunnel Settings

Note: The number of lines and tunnels

available for viewing and configuration differ between Lantronix DeviceLinx products. For example, an XPort Pro and EDS1100 support only one line while other device networking products (such as , EDS2100, EDS4100, XPort AR, EDS8/16PS and EDS8/16/32PR) provide additional lines and tunnels.

This chapter describes how to view and configure lines and tunnels. It contains the following sections:

 Line Settings  Tunnel Settings

Line Settings

View statistics and configure serial interfaces by using the Line web page. Serial interfaces are referred to as lines in this user guide, and a differen t nu m be r of lines, from 1 to 32 , ma y be available for selection depending on your product.

The following sub-menus may be used for a selected line number:

 Line Statistics—Displays statistics for the selected line number. For example, the bytes

received and transmitted, breaks, flow control, parity errors, etc.

 Line Configuration—Enables the change of the name, interface, protocol, baud rates, and

parity, etc.

 Line Command Mode—Enables the types of modes, wait time, serial strings, signon

message, etc.

The following sections describe the steps to view and configure specific line number settings. These instructions also apply to additional line instances of the device.

Line Statistics

This read-only web page shows the status and statistics for the serial line selected at the top of this page.

1. Select Line on the menu bar. The Line web page appears.

2. Select a line number at the top of the page.

3. Select Statistics. The Line Statistics page for the selected line appears.

4. Repeat above steps as desired, according to additional line(s) available on your

XPort Pro User Guide 32

product.

Figure 6-1 Line 1 Statistics

6: Line and Tunnel Settings

Note: The Interface

option is only supported in XPort Pro, EDS4100, EDS1100 and EDS2100.

Line Configuration

This page shows the configuration settings for the serial line selected at the top of the page and lets you change the settings for that serial line.

To configure a specific line:

1. Select Line on the menu bar, if you are not already in the Line web page.

2. Select a line number at the top of the page.

3. Select Configuration. The Configuration page for the selected line appears.

Figure 6-2 Line 1 Configuration

XPort Pro User Guide 33

4. Enter or modify the following settings:

Table 6-3 Line Configuration

6: Line and Tunnel Settings

Line - Configuration Settings

Name If the Terminal Login Menu feature is being used, enter the name for the

Interface Select the interface type from the drop-down menu. The default is RS232.

State Indicates whether the current line is enabled. To change the status, select

Protocol Select the protocol from the drop-down menu. The default is Tunnel. Baud Rate Select the baud rate from the drop-down menu. The default is 9600. Parity Select the parity from the drop-down menu. The default is None. Data Bits Select the number of data bits from the drop-down menu. The default is 8. Stop Bits Select the numbe r of stop bits from the drop-down menu. The default is 1. Flow Control Select the flow control from the drop-down menu. The default is None. Xon Char Specify the character to use to start the flow of data when Flow Control is

Xoff Char Specify the character to use to stop the flow of data when Flow Control is

Gap Timer The driver forwards received serial bytes after the Gap Timer delay from

Threshold The driver will also forward received characters after Threshold bytes have

Description

line. Leaving this field blank will disable this line from appearing in the Terminal Login Menu. The default Name is blank. See Terminal and Host

Settings on page 55 for related configuration information.

Note: This option is only supported in XPort Pro, EDS4100, EDS1100 and

EDS2100.

Enabled or Disabled from the drop-down menu.

set to Software. Prefix a decimal character with \ or a hexadecimal character with 0x, or provide a single printable character. The default Xon char is 0x11.

set to Software. Prefix a decimal character with \ or a hexadecimal character with 0x, or provide a single printable character. The default Xoff char is 0x13.

the last character received. By default, the delay is four character periods at the current baud rate (minimum 1 ms).

been received.

5. Click Submit.

6. Repeat above steps as desired, according to additional line(s) available on your product.

XPort Pro User Guide 34

6: Line and Tunnel Settings

Line Command Mode

Setting the Command Mode enables the CLI on the serial line.

To configure Command Mode on a specific line:

1. Select Line on the menu bar, if you are not already in the Line web page.

2. Select a line number at the top of the page.

3. Select Command Mode. The Command Mode page for the selected line appears.

Figure 6-4 Line 1 Command Mode

4. Enter or modify the following settings:

Table 6-5 Line Command Mode

Line – Command Mode Settings

Mode Select the method of enabling Command Mode or choose to disable Command

Wait Time Enter the wait time for the serial string during boot-up in milliseconds.

Description

Mode.

 Always = immediately enables Command Mode for the serial line.  Use Serial String = enables Command Mode when the serial string is read

on the serial line during boot time.

 Use CP Group = enables Command Mode based on the status of a CP

Group. When the value matches the current value of the group, Command Mode is enabled on the serial line.

 Use both Serial String and CP Group = the serial string and the value of

the CP group must be matched to enable Command Mode.

 Disabled = turns off Command Mode.

XPort Pro User Guide 35

6: Line and Tunnel Settings

Line – Command Mode Settings (continued)

Serial String Enter the serial string characters. Select a string type.

Echo Serial String Select Yes to enable echoing of the serial string at boot-up. CP Group Enter the name and decimal value of the CP Group. When the value matches

Signon Message Enter the boot-up signon message. Select a string type.

Description

 Text = string of bytes that must be read on the Serial Line during boot time to

enable Command Mode. It may contain a time element in x milliseconds, in the format {x}, to specify a required delay.

 Binary = string of characters representing byte values where each

hexadecimal byte value starts with \0x and each decimal byte value starts with \.

the current value of the group, Command Mode is enabled on the Serial Line.

 Text = string of bytes sent on the serial line during boot time.  Binary = one or more byte values separated by commas. Each byte value

may be decimal or hexadecimal. Start hexadecimal values with 0x.

Note: This string will be output on the serial port at boot, regardless of whether

command mode is enabled or not.

5. Click Submit.

6. Repeat above steps as desired, according to additional line(s) available on your product.

Tunnel Settings

Note: The number of lines and tunnels available for viewing and configuration differ

between Lantronix DeviceLinx products. For example, an XPort Pro and EDS1100 support only one line while other device networking products (such as , EDS2100, EDS4100, XPort AR, EDS8/16PS and EDS8/16/32PR) provide additiona l lines an d tunnels.

Tunneling allows serial devices to communicate over a network, without “being aware” of the devices which establish the network connection between them.Tunneling parameters are configured using the Web Manager or Command Mode Tunnel Menu. See Configuration Using

Web Manager (on page 23) or the XPort Pro Command Reference for the full list of commands.

The XPort Pro supports two tunneling connections simultaneously per serial port. One of these connections is Connect Mode; the other connection is Accept Mode. The connections on one serial port are separate from those on another serial port.

 Connect Mode: the XPort Pro actively makes a connection. The receiving node on the

network must listen for the Connect Mode’s connection. Connect Mode is disabled by default.

 Accept Mode: the XPort Pro listens for a connection. A node on the network initiates the

connection. Accept Mode is enabled by default.

 Disconnect Mode: this mode defines how an open connection stops the forwarding of data.

The specific parameters to stop the connection are configurable. Once the XPort Pro Disconnect Mode observes the defined event occur, it will disconnect both Accept Mode and Connect Mode connections on that port.

XPort Pro User Guide 36

6: Line and Tunnel Settings

When any character comes in through the serial port, it gets copied to both the Connect Mode connection and the Accept Mode connection (if both are active).

View statistics and configure a specific tunnel by using the Tunnel web page. When you select Tunnel from the Main Menu, tunnels available for your product will display. Select a specific tunnel to configure.

The following sub-menus listed may be used to configure a specific tunnel:

 Tunnel – Statistics  Tunnel – Serial Settings  Tunnel – Packing Mode  Tunnel – Accept Mode  Tunnel – Connect Mode  Tunnel – Disconnect Mode  Tunnel – Modem Emulation

The following sections describe the steps to view and configure specific tunnel number settings. These instructions also apply to additional tunnel menu options.

Tunnel – Statistics

Displays statistics for the specific tunnel. For example, Completed Accepts, Completed Connects, Disconnects, Dropped Accepts, Dropped Connects, etc. The XPort Pro logs statistics for tunneling. The Dropped statistic shows connections ended by the remote location. The Disconnects statistic shows connections ended by the XPort Pro.

To display statistics for a specific tunnel:

1. Select Tunnel on the menu bar. The Tunnel web page appears.

2. Select a tunnel number at the top of the page.

3. Select Statistics. The Tunnel Statistics page for the specific tunnel appears. If a particular tunnel is connected, the following becomes available:

 Identifying information about the tunnel connection (i.e., “Connect 1 Counters”)  Address of connection (i.e., “local:10001 -> 172.22.22.22.10001”)  Kill Connection(s) link: Click this link to terminate this active tunnel connection, as

desired.

 Octets forwarded from Serial  Octets forwarded form Network  Uptime

XPort Pro User Guide 37

4. Repeat above steps as desired, according to additional tunnel(s) available on your product.

Additional information appear s for each active tunnel connection including a link allowing you to terminate the connection.

Figure 6-6 Tunnel 1 Statistics

6: Line and Tunnel Settings

XPort Pro User Guide 38

6: Line and Tunnel Settings

Tunnel – Serial Settings

Serial line settings are configurable for the corresponding serial line of the specific tunnel. Configure the buffer size to change the maximum amount of data the serial port stores. For any active connection, the device sends the data in the buffer.

The modem control signal DTR on the selected line may be continuously asserted or asserted only while either an Accept Mode tunnel or a Connect Mode tunnel is connected.

To configure serial settings for a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Serial Settings. The Serial Settings page for the specific tunnel appears.

Figure 6-7 Tunnel 1 Serial Settings

4. View or modify the following settings:

Table 6-8 Tunnel - Serial Settings

Tunnel - Serial Settings Description

Line Settings (display only) Current serial settings for the line. Protocol (display only) The protocol being used on the line. In this case, T unnel.

XPort Pro User Guide 39

6: Line and Tunnel Settings

Tunnel - Serial Settings Description

DTR Select when to assert DTR.

 Unasserted = never asserted  TruPort = asserted whenever either a connect or an accept mode tunnel

connection is active with the Telnet Protocol RFC2217 saying that the remote DSR is asserted.

 Asserted while connec ted = asserted whenever either a connect or an

accept mode tunnel connection is active.

 Continuously asserted = asserted regardless of the status of a tunnel

connection.

5. Click Submit.

6. Repeat above steps as desired, according to additional tunnel(s) available on your product.

Tunnel – Packing Mode

Packing Mode takes data from the serial port, packs it together, and sends it over the network. Packing can be configured based on threshold (size in bytes, timeout (milliseconds), or a single character.

Size is set by modifying the threshold field. When the number of bytes reaches the threshold, a packet is sent immediately.

The timeout field is used to force a packet to be sent after a maximum time. The packet is sent even if the threshold value is not reached.

When Send Character is configured, a single printable character or control character read on the Serial Line forces the packet to be sent immediately. There is an optional trailing character parameter which can be specified. It can be a single printable character or a co ntrol character.

To configure the Packing Mode for a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Packing Mode. The Packing Mode page for the specific tunnel appears.

Figure 6-9 Tunnel 1 Packing Mode (Mode = Disable)

Depending on the Mode selection, different configurable parameters for the specific tunnel number are presented to the user. The following figures show the display for each of th e three

XPort Pro User Guide 40

packing modes.

6: Line and Tunnel Settings

Figure 6-10 Tunnel 1 Packing Mode (Mode = Timeout)

Figure 6-11 Tunnel 1 Packing Mode (Mode = Send Character)

4. Enter or modify the following settings:

XPort Pro User Guide 41

Table 6-12 Tunnel Packing Mode

6: Line and Tunnel Settings

Tunnel - Packing Mode

Description

Settings

Mode  Select Disable to disable Packing Mode completely.

 Select Timeout to send data after the specified time has

elapsed.

 Select Send Character to send the queued data when the send

character is received.

Threshold

(Appears for both Timeout and Send Character Modes)

Timeout

(Appears for Timeout Mode)

Send the queued data when the number of queued bytes reaches the threshold. When the buffer fills to this specified amount of data in bytes (and the timeout has not elapsed), the device packs the data and sends it out; applies only if the Packing Mode is not Disabled.

Enter a time, in milliseconds, for the device to send the queued data after the first character was received. Specifies the time duration in milliseconds; applies only if the Packing Mode is Timeout.

Send Character

(Appears for Send Character Mode)

Enter the send character (single printable or control). Upon receiving this character, the device sends out the queued data. The data is packed until the specified send character is encountered. Similar to a start or stop character, the device packs the data until it sees the send character. The device then sends the packed data and the send character in the packet. Applies only if the Packing Mode is Send Character.

Trailing Character

(Appears for Send Character Mode)

Enter the trailing character (single printable or control). This character is sent immediately following the send character. This is an optional setting. If a trailing character is defined, this character is appended to data put on the network immediately following the send character.

5. Click Submit.

6. Repeat above steps as desired, according to additional tunnel(s) available on your product.

XPort Pro User Guide 42

6: Line and Tunnel Settings

Tunnel – Accept Mode

Controls how a specific tunnel number behaves when a connection attempt originates from the network. In Accept Mode, the XPort Pro waits for a connection from the network. The configurable local port is the port the remote device connects to for this connection. There is no remote port or address. The default local port is 10001 for serial port 1 and increases sequentially for each additional serial port, if supported.

Accept Mode supports the following protocols:

 SSH (the XPort Pro is the server in Accept Mode). When using this protocol, the SSH

server host keys and at least one SSH authorized user must be configured.

 SSL  TCP  AES encryption over TCP  Telnet (T he XPort Pro supports IAC codes. It drops the IAC codes when Telnetting and

does not forward them to the serial port).

Accept Mode has the following states:

 Disabled (never a connection)  Enabled (always listening for a connection)  Active if it receives any character from the serial port  Active if it receives a specific (configurable) character from the serial port (same start

character as Connect Mode’s start character)

 Modem control signal (when the modem control pin is asserted on the serial line

corresponding to the tunnel)

 Modem emulation

To configure the Accept Mode of a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Accept Mode. The Accept Mode page for the specific tunnel appears.

XPort Pro User Guide 43

Figure 6-13 Tunnel 1 Accept Mode

Note: The CP Output

option is only supported in XPort Pro and XPort AR.

6: Line and Tunnel Settings

Tunnel - Accept Mode Settings

Mode Sel ect the method used to start a tunnel in Accept mode. Choices are:

Local Port Enter the port number for use as the local port. The defaults are port 10001 for

Protocol Select the protocol type for use with Accept Mode. The default protocol is TCP. If

TCP Keep Alive Enter the time, in seconds, the device waits during a silent connection before

4. Enter or modify the following settings:

Table 6-14 Tunnel Accept Mode

Description

 Disabled = do not accept an incoming connection.  Always = accept an incoming connection (default)  Any Character = start waiting for an incoming connection when any

character is read on the serial line.

 Start Character = start waiting for an incoming connection when the start

character for the specific tunnel is read on the serial line.

 Modem Control Asserted = start waiting for an incoming connection as long

as the Modem Control pin (DSR) is asserted on the serial line until a connection is made.

 Modem Emulation = start waiting for an incoming connection when triggered

by modem emulation AT commands. Connect mode must also be set to Modem Emulation.

Tunnel 1. Additional tunnels, if supported, increase sequentially.

you select TCP AES you will need to configure the AES keys.

checking if the currently connected network device is still on the network. If the unit then gets no response after 8 attempts, it drops that connection.

XPort Pro User Guide 44

6: Line and Tunnel Settings

Tunnel - Accept Mode Settings (continued)

Flush Serial Data Select Enabled to flush the serial data buffer on a new connection. Block Serial Data Block Network

Password Enter a password that clients must send to the device within 30 seconds from

Email on Connect Select whether the device sends an email when a connection is made. Select

Email on Disconnect Select whether the device sends an email when a connection is closed. Select

CP Output Identifies a CP or CP Group whose value should change when a connection is

Description

Select On to block, or not tunnel, serial data transmitted to the Select On to block, or not tunnel, network data transmitted to the

opening a network connection to enable data transmission. The password can have up to 31 characters and must contain only alphanumeric

characters and punctuation. When set, the password sent to the device must be terminated with one of the following: (a) 0x0A (LF), (b) 0x00, (c) 0x0D 0x0A (CR LF), or (d) 0x0D 0x00.

None if you do not want to send an email. Otherwise, select the Email profile to use for sending.

established and dropped.

 Connection value—Specifies the value to set the CP Group to when a

connection is established.

 Disconnection value—Specifies the value to set the CP Group to when the

connection is closed.

device.

5. Click Submit.

6. Repeat above steps as desired, according to additional tunnel(s) available on your product.

XPort Pro User Guide 45

6: Line and Tunnel Settings

Note: While in the “Any Character” or “Start

Character” connection modes, the XPort Pro waits and retries the connection if the connection cannot be made. Once it makes a connection and then disconnects, it will not reconnect until it sees another character or the start character again (depending on the configured setting).

Tunnel – Connect Mode

Connect Mode defines how the device makes an outgoing connection through a specific tunnel. When enabled, Connect Mode is always on and atte mpting a network connection if the connection mode condition warrants it. For Connect Mode to fu nct i on , it must:

 Be enabled  Have a remote host configured  Have a remote port configured

Enter the remote host address as an IP address or DNS name. The XPort Pro device will make a connection only if it can resolve the address. For DNS names, the XPort Pro will re-evaluate the address after being established for 4 hours. If re-evaluation results in a different address, it will close the connection.

Connect Mode supports the following protocols:

 TCP  AES encryption over TCP and UDP

When setting AES encryption, both the encrypt key and the decrypt key must be specified. The encrypt key is used for data sent out. The decrypt key is used for receiving data. Both of the keys may be set to the same value.

 SSH

To configure SSH, the SSH client username must be configured. In Connect Mode, the XPort Pro is the SSH client. Ensure the XPort Pro SSH client username is configured on the remote SSH server before using it with the XPort Pro.

 SSL  UDP

Is only available in Connect Mode because it is a connectionless protocol. F or Connect Mode using UDP, the XPort Pro accepts packets from any device on the network. It will send packets to the last device that sent it packets.

 Telnet

Note: The Local Port in Connect Mode is independent of the port configured in Accept

Mode.

There are six different connect modes:

 Disable

No connection is attempted.

 Always

A connection is always attempted.

 Any Character

A connection is attempted if it detects any character from the serial port.

 Start Character

XPort Pro User Guide 46

A connection is attempted if it detects a specific and configurable character from the serial port.

6: Line and Tunnel Settings

Note: The VIP and Host

Mode options are supported

in all products except XPort AR.

The CP Output option is only supported in XPort Pro and XPort AR.

 Modem Control Asserted

A connection is attempted when the modem control pin is asserted in the serial line.

 Modem Emulation

A connection is attempted by an ATD command.

To configure Connect Mode for a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Connect Mode. The Connect Mode page for the specific tunnel appears.

Figure 6-15 Tunnel 1 - Connect

XPort Pro User Guide 47

4. Enter or modify the following settings:

Table 6-16 Tunnel Connect Mode

6: Line and Tunnel Settings

Tunnel – Connect Mode

Description

Settings

Mode Select the method to be used to attempt a connection to a remote host or

device. Choices are:

 Always = a connection is attempted until one is made. If the connection gets

disconnected, the XPort Pro retries until it makes a connection. (default)

 Disable = an outgoing connection is never attempted.  Any Character = a connection is attempted when any character is read on

the serial line.

 Start Character = a connection is attempted when the start character for the

specific tunnel is read on the serial line.

 Modem Control Asserted = a connection is attempted as long as the

Modem Control pin (DSR) is asserted, until a connection is made.

 Modem Emulation = a connection is attempted when triggered by modem

emulation AT commands.

Local Port Enter the port for use as the local port. A random port is selected by default.

Once you have configured a number, click the Random link in the Current Configuration to switch back to random.

Host

Click <None> in the Host field to configure the Host parameters.

 VIP = Enabling the VIP directs the tunnel to connect to a remote Lantronix

Virtual IP identified by the VIP Name. When VIP is enabled, the Host 2 field displays. Default is Disabled.

 VIP Name = Displays configured VIP name. Used only if VIP is enabled.  Address = Enter the remote Host Address as an IP address or DNS name. It

designates the address of the remote host to connect to. Displays configured IP address or DNS address, used only if VIP is disabled.

 Port = Enter the port for use as the Host Port. It designates the port on the

remote host to connect to. Displays configured Port.

 Protocol = Select the protocol type for use with Connect Mode. The default

protocol is TCP. Additional fields may need to be completed depending on protocol chosen for the host.:

 For SSH, also enter an SSH Username.  For SSL, also select Enabled or Disabled for Validate Certificate.

Note: If security is a

concern, it is highly recommended that SSH be used. When using SSH, both the SSH Server Host Keys and SSH Server Authorized Users must be configured.

 For SSL, TCP, TCP AES and Telnet, use the TCP Keep Alive field to

adjust the value.

 For TCP AES, enter the AES Encrypt and AES Decrypt Keys. Both of

keys may be set to the same value.

 For UDP, there are no additional fields to complete. In this mode, the

device accepts packets from any device on the network and sends packets to the last device that sent it packets.

 For UDP AES, enter the AES Encrypt and AES Decrypt Keys.

 SSH Username = Displays configured username, used only if SSH protocol

is selected.

 TCP Keep Alive = Default is 45000 milliseconds. Enter zero to disable and

blank the value to restore the default.

 AES Encrypt/Decrypt Key = Displays presence of key, used only if protocol

with AES is selected.

XPort Pro User Guide 48

6: Line and Tunnel Settings

Tunnel – Connect Mode

Description

Settings (continued)

Host Mode Select the host mode if you have more than one host configured:

 Sequential  Simultaneous

Note: See C onnecting Multiple Hosts on page 50 for more information.

Reconnect Timer Enter the reconnect time in milliseconds. The device attempts to reconnect after

this amount of time after failing a connection or exiting an existing connection. This behavior depends upon the Disconnect Mode.

Note:

 When you configure Tunnel - Connect Mode, you can specify a number

of milliseconds to attempt to reconnect after a dropped connection has occurred. The default is 1500 milliseconds.

 The Reconnect Timer only applies if a Disconnect Mode is configured.

With a Disconnect Mode set, the device server maintains a connection until the disconnect mode condition is met (at which time the device server closes the connection). If the tunnel is dropped due to conditions beyond the device server, the device server attempts to re-establish a failed connection when the specified reconnect interval reaches its limit.

 Any network-side disconnect is considered an error and a reconnect is

attempted without regard to the Connect Mode settings. Simultaneous Connect Mode connections require some Disconnect Mode

configurations or the connections will never terminate. See Tunnel –

Disconnect Mode on page 51 for more information about the parameters.

 If Disconnect Mode is disabled and the network connection is dropped,

then the re-establishment of a tunnel connection is governed by the configured Connect Mode settings.

Flush Serial Data Select whether to flush the serial line when a connection is made. Choices are:

 Enabled = flush the serial line when a connection is made.  Disabled = do not flush the serial line. (default)

Block Serial Select Enabled to block (not tunnel) serial data transmitted to the device. This

is a debugging tool that causes serial data sent to the device to be ignored.

Block Network Select Enabled to block (not tunnel) network data transmitted to the device.

This is a debugging tool that causes network data sent to the device to be ignored.

Email on Connect Select whether the device sends an email when a connection is made. Select

None if you do not want to send an email. Otherwise, select the Email profile to use.

Email on Disconnect Select whether the device sends an email when a connection is closed. Select

None if you do not want to send an email. Otherwise, select the Email profile to use.

CP Output Identifies a CP or CP Group whose value should change when a connection is

established and when it is dropped.

 Connection value—Specifies the value to set the CP Group to when a

connection is established.

 Disconnection value—Specifies the value to set the CP Group to when the

connection is closed.

5. Click Submit. The host is configured. A second host appears underneath the newly configured host.Repeat these steps to configure additional hosts as necessary. XPort Pro

XPort Pro User Guide 49

supports configuration of up to sixteen hosts.

Note: The CP Output option is only supported in

XPort Pro and XPort AR.

Figure 6-17 Host 1, Host 2, Host 3 Exchanged

Connecting Multiple Hosts

If more than one host is configured, a Host Mode option appears. Host Mode controls how multiple hosts will be accessed. For XPort Pro, the Connect Mode supports up to sixteen Hosts. Hosts may be accessed sequentially or simultaneously:

 Sequential – Sequential

host lists establish a prioritized list of tunnels. The host specified as Host 1 will be attempted first. If that fails, it will proceed to Host 2, 3, etc, in the order they are specified. When a connection drops, the cycle starts again with Host 1 and proceeds in order. Establishing the host order is accomplished with host list promotion (see Host List

Promotion on page 50).

Sequential is the default Host Mode.

6: Line and Tunnel Settings

 Simultaneous – A tunnel

will connect to all hosts accepting a connection. Connections occur at the same time to all listed hosts. The device can support a maximum of 64 total aggregate connections.

Host List Promotion

This feature allows Host IP promotion of individual hosts in the overall sequence.

To promote a specific Host:

1. Click the icon in the desired Host field, for example Host 2 and Host 3.

2. The selected Host(s) exchanges its place with the Host above it.

3. Click Submit. The hosts change sequence.

XPort Pro User Guide 50

6: Line and Tunnel Settings

Tunnel – Disconnect Mode

Relates to the disconnection of a specific tunnel. Disconnect Mode ends Accept Mode and Connect Mode connections. When disconnecting, the XPort Pro shuts down the specific tunnel connection gracefully.

The following settings end a specific tunnel connection:

 The XPort Pro receives the stop character.  The timeout period has elapsed and no activity is going in or out of the XPort Pro. Both

Accept Mode and Connect Mode must be idle for the time frame.

 The XPort Pro observes the modem control inactive setting.

Note: To clear data out of the serial buffers upon a disconnect, enable “Flush Serial Data”.

To configure the Disconnect Mode for a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Disconnect Mode. The specific tunnel Disconnect Mode page appears.

Figure 6-18 Tunnel 1 Disconnect Mode

4. Enter or modify the following settings:

Table 6-19 Tunnel Disconnect Mode

Tunnel – Disconnect Mode Settings

Stop Character Enter the stop character in ASCII, hexadecimal, or decimal notation.

Description

Select <None> to disable.

XPort Pro User Guide 51

6: Line and Tunnel Settings

Tunnel – Disconnect Mode Settings

Modem Control Select Enabled to disconnect when the modem control pin is not

Timeout Enter a time, in milliseconds, for the device to disconnect on a Timeout.

Flush Serial Data Select Enabled to flush the serial data buffer on a disconnection.

Description

asserted on the serial line.

The value 0 (zero) disables the idle timeout.

5. Click Submit.

6. Repeat above steps as desired, according to additional tunnel(s) available on your product.

Tunnel – Modem Emulation

A tunnel in Connect Mode can be initiated using modem commands incoming from the Serial Line. This page enables you to configure the modem emulation settings when you select Modem Emulation as the Tunnel Connect Mode type.The Modem Emulation Command Mode supports the standard AT command set. For a list of available commands from the serial or Telnet login, enter AT?. Use ATDT, ATD, and ATDP to establish a connection. All of these commands behave like a modem. For commands that are valid but not applicable to the XPo rt Pro, an “OK” message is sent (but the command is silently ignored).

The XPort Pro attempts to make a Command Mode connection as per the IP/DNS/port numbers defined in Connect Mode. It is possible to override the remote address, as well as the remote port number.

The following table lists and describes the available commands.

Table 6-20

Command Description

+++ Switches to Command Mode if entered from serial port during connection. AT? Help. ATDT<Address Info> Establishes the TCP connection to socket (<ipaddress>:<port>). ATDP<Address Info> See ATDT. ATD Like ATDT. Dials default Connect Mode remote address and port. ATD<Address Info> Sets up a TCP connection. A value of 0 begins a command line interface

ATO Switches to data mode if connection still exists. Vice versa to '+++'. ATEn Switches echo in Command Mode (off - 0, on - 1). ATH Disconnects the network session. ATI Shows modem information. ATQn Quiet mode (0 - enable results code, 1 - disable results code.) ATVn Verbose mode (0 - numeric result codes, 1 - text result codes.)

Modem Emulation Commands and Descriptions

session.

ATXn Command does nothing and returns OK status. ATUn Accept unknown commands. (n value of 0 = off. n value of 1 = on.)

XPort Pro User Guide 52

6: Line and Tunnel Settings

Table 6-20

Command (continued) Description

AT&V Display current and saved settings. AT&F Reset settings in NVR to factory defaults. AT&W Save active settings to NVR. ATZ Restores the current state fro m the setup settings. ATS0=n Accept incoming connection.

ATA Answer incoming connection (if ATS0 is 2 or greater). A/ Repeat last valid command.

Modem Emulation Commands and Descriptions (continued)

 N value of 0—Disable  N value of 1—Connect automatically  N value of 2+—Connect with ATA command.

For commands that can take address information (ATD, ATDT, ATDP), the destination address can be specified by entering the IP Address, or entering the IP Address and port number. For example, <ipaddress>:<port>. The port number cannot be entered on its own.

For ATDT and ATDP commands less than 255 characters, the XPort Pro replaces the last segment of the IP address with the configured Connect Mode remote station address. It is po ssible to use the last two segments also, if they are under 255 characters. For exampl e, if the ad dress is

100.255.15.5, entering “ATDT 16.6” results in 100.255.16.6.

When using ATDT and ATDP, enter 0.0.0.0 to switch to the Command Line Interface (CLI). Once the CLI is exited by using the CLI exit command, the XPort Pro re verts to modem emulation mode. By default, the +++ characters are not passed through the connection. Turn on this capability using the modem echo pluses command.

To configure modem emulation for a specific tunnel:

1. Select Tunnel on the menu bar, if you are not already in the Tunnel web page.

2. Select a tunnel number at the top of the page.

3. Select Modem Emulation. The Modem Emulation page for the specific tunnel appears.

XPort Pro User Guide 53

Figure 6-21 Tunnel 1 Modem Emulation

6: Line and Tunnel Settings

4. Enter or modify the following settings:

Table 6-22 Tunnel Modem Emulation

Tunnel- Modem Emulation Settings

Echo Pluses Select Enabled to echo +++ when entering modem Command Mode. Echo Commands Select Enabled to echo the modem commands to the console. Verbose Response Select Enabled to send modem response codes out on the serial line. Response Type Select the type of response code: Text or Numeric. Error Unknown

Commands

Incoming Connection

Connect String Enter the connect string. This modem initialization string prepares the modem for

Display Remote IP Selects whether the incoming RING sent on the Serial Line is followed by the IP

Description

Select whether an ERROR or OK response is sent in reply to unrecognized AT commands. Choices are:

 Enabled = ERROR is returned for unrecognized AT commands.  Disabled = OK is returned for unrecognized AT commands. Default is Disabled.

Select whether Incoming Connection requests will be disabled, answered automatically, or answered manually. Default is Disabled.

communications. It is a customized string sent with the “CONNECT” modem response code.

address of the caller. Default is Disabled.

5. Click Submit.

6. Repeat above steps as desired, according to additional tunnel(s) available on your product.

XPort Pro User Guide 54

7: Terminal and Host Settings

This chapter describes how to view and configure the Terminal Login Connect Menu and associated Host configuration. It contains the following sections:

 Terminal Settings  Host Configuration

The Terminal Login Connect Menu feature allows the XPort Pro device to present a menu of predefined connections when the device is accessed via telnet, ssh, or a serial port. From the menu, a user can choose one of the presented options and the device au tomatically makes the predefined connection.

The Terminal page controls whether a Telnet, SSH, or serial port connection presents the CLI or the Login Connect Menu. By default, the CLI is presented when the device is accessed. When configured to present the Login Connect Menu, the hosts configured via the Hosts page, and named serial lines are presented.

Terminal Settings

This page shows configuration settings for each terminal connection method. You can configure whether each serial line or the telnet/SSH server presents a CLI or a Login Connect menu when a connection is made.

Line Terminal Configuration

To configure a specific line to support an attached terminal:

1. Select Terminal on the menu bar. The Terminal web page appears.

2. Select the line number at the top of the page connected to the terminal you want to configure. The default is Line 1.

Figure 7-1 Terminal on Line Configuration

3. Enter or modify the following settings:

XPort Pro User Guide 55

Table 7-2 Terminal on Line 1 Configuration

7: Terminal and Host Settings

Terminal on Line Configuration Settings

Terminal Type Enter text to describe the type of terminal. The text will be sent to a host via IAC.

Exit Connect Menu Select whether to display a choice for the user to exit the Login Connect Menu

Send Break Enter a Send Break control character, e.g., <control> Y, or blank to disable.

Break Duration Enter how long the break should last in milliseconds. Echo Applies only to Connect Mode Telnet connections, not to Accept Mode. Only

Description

Note: IAC means, “interpret as command.” It is a way to sen d commands over

the network such as send break or start echoing.

 Enabled = shows the Login Connect Menu.  Disabled = shows the CLI

and reach the CLI. Choices are:

 Enabled = a choice allows the user to exit to the CLI.  Disabled = there is no exit to the CLI.

When the Send Break control character is received from the network on its way to the serial line, it is not sent to the line; instead, the line output is forced to be inactive (the break condition).

disable Echo if your terminal echoes, in which case you will see double of each character typed.

4. Click Submit to save changes.

5. Repeat above steps as desired, according to the additional line(s) available on your product.

Network Terminal Configuration

To configure menu features applicable to CLI access via the network:

1. Select Terminal on the menu bar, if you are not already in the Terminal web page.

2. Select Network at the top of the page. The Configuration submenu is automatically selected. The Terminal Configuration page appears for the network.

Figure 7-3 Terminal on Network Configuration

XPort Pro User Guide 56

3. Enter or modify the following settings:

Table 7-4 Terminal on Network Configuration

7: Terminal and Host Settings

Terminal on Network Configuration Settings

Terminal Type Enter text to describe the type of terminal. The text will be sent to a host via IAC.

Exit Connect Menu Select whether to display a choice for the user to exit the Login Connect Menu

Echo Applies only to Connect Mode Telnet connections, not to Accept Mode. Only

Description

Note: IAC means, “interpret as command.” It is a way to send commands over

the network such as send break or start echoing.

 Enabled = shows the Login Connect Menu.  Disabled = shows the CLI

and reach the CLI. Choices are:

 Enabled = a choice allows the user to exit to the CLI.  Disabled = there is no exit to the CLI.

disable Echo if your terminal echoes, in which case you will see double of each character typed.

4. Click Submit to save changes.

Host Configuration

This Host web page is where you may view and modify current settings for a selected remote host.

To configure a selected remote host:

1. Select Host on the menu bar. The Host web page appears.

2. Select a specific host number at the top of the page. The Host Configuration page for the selected host appears.

Figure 7-5 Host Configuration

XPort Pro User Guide 57

7: Terminal and Host Settings

3. Enter or modify the following settings:

Table 7-6 Host Configuration

Host Settings Description

Name Enter a name for the host. This name appears on the Login Connect

Menu. To leave a host out of the menu, leave this field blank.

Protocol Select the protocol to use to connect to the host. Choices are:

 Telnet  SSH

Note: SSH keys must be loaded or created on the SSH page for the

SSH protocol to work.

SSH Username Appears if you selected SSH as the protocol. Enter a username to

select a pre-configured Username/Password/Key (configured on the SSH: Client Users page), or leave it blank to be prompted for a username and password at connect time.

Remote Address Enter an IP address for the host to which the device will connect. Remote Port Enter the port on the host to which the device will connect.

4. Click Submit to save changes.

5. Repeat above steps as desired, according to additional host(s) available on your product.

XPort Pro User Guide 58

8: Configurable Pin Manager

The Configurable Pin Manager is responsible for assignment and control of the configurable pins (CPs) available on the XPort Pro. There are three configurable pins on the XPort Pro.

You can configure the CPs by making them part of a group. A CP Group may consist of one or more CPs. This increases flexibility when incorporating the XPort Pro into another system.

This chapter contains the following sections:

 Overview  CPM: CP (Configurable Pins)  CPM: Groups

Overview

Each CP is associated with an external hardware pin. CPs can be configured and used as digital inputs or outputs.

When used as input, device functionality can be triggered based on the state of a CP. For example, an email can be sent when a CP is asserted to a preconfigured level. When used as an output, logic levels of the CP can be manipulated when a preconfigured event occurs on the device server, such as when a tunnel connection is accepted.

CPs are configured and manipulated within a group. Each group is named and is referenced in the feature that is triggering a CP or being triggered by a CP. Sophisticated use of CPs can be accommodated by adding more than one CP into a group.

Default Groups

XPort Pro has several predefined CP groups used to assign a CP to a needed function. For instance, when working with an RS485 driver that requires a signal to be asserted when in half– duplex mode, the CP that is driving that signal (chosen by the engineer designing the circuit) is added to the default group named Line1_RS485_HDpx. The XPort Pro asserts the CP at the correct time via the default group.

Custom Groups

The email, tunneling, and CLI features can interact with CPs. This is accomplished by creating a custom group and adding CPs of your choice into that group. Once a CP group is created and populated with one or more CPs, actions can be triggered when the CPs match a specified value. CPs can be placed in any bit position within a group, allowing for sophisticated use of the available CPs.

CPM: CP (Configurable Pins)

Each CP is associated with an external hardware pin. CPs can trigger an outside event, like sending an email message or starting Command Mode on a serial Line.

The CPM web page is used to experimentally configure the sta te of the CPs. CPs can be changed to be a digital input or a digital output, and whether it is asserted high or low. Changes made on this page do not persist through a reboot.

XPort Pro User Guide 59

8: Configurable Pin Manager

Rules for configuring a CP are as follows. A CP:

 Can be in any number of groups.  Can be only in one active group. Two groups with the same CP cannot be enabled at the

same time.

 Becomes locked and is not configurable if it is in an enabled group. Disable the group to

change the CP configuration.

When you are ready to permanently configure the CPs, use the CPM Groups web page. See

CPM: Groups on page 62.

View CPs

1. Select CPM on the menu bar and then CPs at the top of the page. The CPM: CPs page appears.

Figure 8-1 CPM: CPs

The Current Configuration table shows the current settings for each CP.

Table 8-2 CPM CPs Current Configuration

CPM – CPs Current Configuration

CP Indicates the configurable pin number.

Description

XPort Pro User Guide 60

8: Configurable Pin Manager

CPM – CPs Current

Description

Configuration

Ref Indicates the hardware pin number associated with the CP. Configured As Shows the CP configuration. A CP configured as Input is set to read

input. A CP configured as Output drives data out of the device.

Value Indicates the current status of the CP:

 1 = asserted  0 = de-asserted  Inv = the CP logic is inverted

Groups Indicates the number of groups in which the CP is a member. Active In Group Shows the group in which the CP is active. A CP can be a member of

several groups. However, it may only be active in one group.

2. Select a CP number (CP column) in the Current Configuration table to display the status of that pin. The CP Status table shows the information about the CP.

Table 8-3 CPM CPs Status

CPM – CPs Status Description

Name Shows the CP number. State Shows the current enable state of the CP. Type Indicates whether the CP is set for input or output. Value Shows the last bit in the CP current value. Bit Visual display of the 32 bit placeholders for a CP. Level A “+” symbol indicates the CP is asserted (the voltage is high).

A “-“indicates the CP voltage is low.

I/O Indicates the current status of the pin:

 I = input  O = output  <blank> = unassigned

Logic An “I” indicates the CP is inverted. Binary Shows the assertion value of the corresponding bit. CP# Shows the CP number. Groups Lists the groups in which the CP is a member.

Note: To modify a CP, all groups in which it is a member must be disabled.

To change a CP output value:

1. Select the CP number (in CP column) from the current configuration table.

2. Enter the CP value in the CP Status table.

3. Click Set. The changed CP value appears in the current configuration table.

To change a CP configuration:

1. Select the CP number (in CP column) from the current configuration table.

2. Select the CP configuration from the Type drop-down list in the CP Status table.

XPort Pro User Guide 61

3. (If necessary) Select the Assert Low checkbox.

4. Click Change.

Note: These changes to a CP are not saved in FLASH. Instead, these settings are used

when the CP is added to a CP Group. When the CP Group is saved, its CP settings are saved with it. Thus, a particular CP may be defined as “Input” in one group but as “Output” in another. Only one group containing a particular CP may be enabled at once.

CPM: Groups

The CP Groups page allows for the adding, removing and managing of CP gro ups. Groups can be created or deleted. CPs can be added to or removed from groups. A group, based on its state, can trigger outside events such as sending email messages. Only an enabled group can be a trigger.

View Groups

1. Select CPM on the menu bar an d then Groups at the top of the pag e. The CPM: Groups page appears.

8: Configurable Pin Manager

Figure 8-4 CPM: Groups

2. The Current Configuration table shows the current settings for each CP group.

XPort Pro User Guide 62

Table 8-5 CPM Groups Current Configuration

Figure 8-6 CPM: Group Status

8: Configurable Pin Manager

CPM – Groups Current Configuration

Group Name Shows the CP group’s name. State Indicates whether the group is enabled or disabled. CP Info Indicates the number of CPs assigned to this particular group.

To display the status of a specific group:

1. Select CPM > Groups.

2. Select the CP group name in the Current Configuration table.

Description

XPort Pro User Guide 63

Table 8-7 Group Status

8: Configurable Pin Manager

CPM – Groups Page Group Status

Name Shows the CP Group name. State Shows the current state of the CP group. Locked groups are Lantronix

Value Shows the CP group’s current value. Bit Displays the individual bit positions for the available CPs. Level Indicates the voltage level of the CP. A plus sign (+) indicates the CP bit

I/O Indicates the current status of the pin:

Logic Indicates the logic level of the CP. An "I" indicates the CP is inverted.

Binary Shows the assertion value of the corresponding bit. An X means that

CP# Shows the configurable pin number and its bit position in the CP group.

Description

default groups and cannot be deleted. Use the button in this field to enable or disable the group.

is asserted (the voltage is high). A minus sign (-) indicates the CP voltage is low.

 I = input  O = output  <blank> = unassigned

A blank field indicates that the CP is not inverted.

the group is disabled or the bit is unassigned in the group

To create a custom CP group:

1. Select CPM > Groups.

2. Enter a group name in the Create Group field.

3. Click Submit.

To add a CP to a Group

1. Select CPM > Groups.

2. Select a specific Group Name to select it. The Group Status information for the group appears in a table below the current configuration.

3. Select a CP from the drop-down list. beneath the Group Status table.

4. Select a bit position from the drop-down list.

5. Select Input or Output from the drop-down list.

6. Check the Assert Low checkbox to specify negative logic (inverted assertion), as desired. This box is unchecked by default.

7. Click Add to complete adding the CP to the group.

To delete a custom CP group:

1. Select CPM > Groups.

2. Select a custom CP Group Name from the drop-down list beside the current configuration table.

3. Click the red X next to the corresponding Name in the Group Status table.

XPort Pro User Guide 64

8: Configurable Pin Manager

To enable or disable a CP group:

1. Select CPM > Groups.

2. Select the Group name in the table representing the group you wish to enable. The Group Status information for this group appears in a table below.

3. Click Enable to enable, as appropriate.

4. Click Disable to disable, as appropriate.

To set a CP group’s value:

1. Create a custom group and add a CP to it.

2. Select CPM > Groups.

3. Select the custom group from the current configuration table.

4. Enter a Group Status Value.

5. Click Set.

To remove a CP from a Group:

1. Select CPM > Groups.

2. Select a the group in the Group Name column that contains the CP to be removed.

3. Select the CP from the drop-down list beside the Remove button.

4. Click Remove.

XPort Pro User Guide 65

9: Service Settings

This chapter describes the available services and how to configure each. It contains the following sections:

 DNS Settings  PPP Settings  SNMP Settings  FTP Settings  TFTP Settings  Syslog Settings  HTTP Settings  RSS Settings  LPD Settings

DNS Settings

The primary and secondary domain name system (DNS) addresses come from the active interface. The static addresses from the Network Interface Configuration page may be overridden by DHCP or BOOTP. The DNS web page enables you to view the status and cache.

When a DNS name is resolved using a forward lookup, the results are stored in the DNS cache temporarily. The XPort Pro checks this cache when performing forward lookups. Each item in the cache eventually times out and is removed automatically after a certain period, or you can delete it manually.

To view the DNS status:

1. Select DNS on the menu bar. The DNS page appears.

Figure 9-1 DNS Settings

XPort Pro User Guide 66

To find a DNS Name or IP Address:

1. Enter either a DNS name or an IP address.

2. Click Lookup.

 When a DNS name is resolved, the results appear in the DNS cache.  When an IP address is resolved, the results appear in a text below the Lookup field.

To clear cache entries:

1. Click Remove All to remove all listed cache entries.

2. Click Delete next to a specirfic cache entry to remove only that one.

PPP Settings

Point-to-Point Protocol (PPP) establishes a direct connection between two nodes. It defines a method for data link connectivity between devices using physical layers (such as serial lines).

The XPort Pro supports two types of PPP authentication: Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP). Both of these au thentication methods require the configuration of a username and password.

9: Service Settings

PAP authentication offers a straightforward method for the peer to determine its identity. Upon the link establishment, the user ID and password are repeatedly sent to the authenticator until it is acknowledged or the connection is terminated. However, PAP is not a strong authentication process. There is no protection against trial-and-error attacks. The peer is responsible for the frequency of the authentication comm un ica tio n att em pts.

CHAP is a more secure method than PAP. It works by sending a challenge message to the connection requestor. Using a one-way hash function, the requestor responds with its value. If the value matches the server’s own calculations, authentication is provided. Otherwise, the conn ection is terminated.

Note: RFC1334 defines both CHAP and PAP.

The XPort Pro also supports authentication scheme of “None” when no authentication is required during link negotiation.

Since the XPort Pro does not support Network Addr ess and Port Translati on (NAPT), static routing table entries must be added to the serial-side and network- side devices (both of which are exter nal devices).

Use the XPort Pro Web Manager or CLI to configure a network link using PPP over a serial line. Turn off Connect Mode, Accept Mode, and Command mode before enabling PPP. The XPort Pro device acts as the server side of the PPP link; it can require authentication and assign an IP address to the peer. Upon PPP configuration, IP packets are routed between Ethernet and PPP interfaces.

The XPort Pro does not perform network address translation (NAT) between the serial-side network interface and the Ethernet/WLAN network interface. Therefore, to pass packets through the XPort Pro, a static route must be configured on both the PPP Peer device and the remote device it wishes to communicate with. The static route in the PPP Peer device must use the PPP Local IP Address as its gateway, and the static route in the remote device must use the network interface IP Address of the XPort Pro as its gateway.

XPort Pro User Guide 67

9: Service Settings

Note: The following section describes the steps to configure PPP 1 (PPP on serial line

1); these steps also apply to any line instance of the device.

To configure PPP:

1. Select PPP on the menu bar. The PPP web page appears.

2. Select a line number at the top of the page. The PPP Configuration page for the selected line number appears.

Figure 9-2 PPP Configuration Settings

3. Enter or modify the following settings:

Table 9-3 PPP Configuration

PPP Configuration Settings Description

Local IP Address Enter the IP address assigned to the device’s PPP interface. Peer IP Address Enter the IP address assigned to the peer (when requested during

negotiation).

Authentication Mode Choose the authenticati on mode:

 None = no authentication is required  PAP = Password Authentication Protocol  CHAP = Challenge Handshake Authentication Protocol  MS-CHAP = Microsoft Challenge-Handshake Authentication

Protocol

 MS-CHAPV2 = Microsoft Challenge-Handshake Authentication

Protocol Version 2

Username Enter a username if authentication is to be used on the PPP

interface. The peer must be configured to use the same username.

Password Enter a password if authentication is to be used on the PPP

interface. The peer must be configured to use the same password.

4. Click Submit.

XPort Pro User Guide 68

5. Repeat above steps as desired, according to additional line(s) available on your product.

SNMP Settings

Simple Network Management Protocol (SNMP) is a network management tool that monitors network devices for conditions that need attention. The SNMP service responds to SNMP requests and generates SNMP Traps.

This page is used to configure the SNMP agent.

To configure SNMP:

1. Select SNMP on the menu bar. The SNMP page opens and shows the current SNMP configuration.

9: Service Settings

Figure 9-4 SNMP Configuration

2. Enter or modify the following settings:

Table 9-5 SNMP

SNMP Settings Description

State Select Enabled to enable SNMP. Read Community Enter the SNMP read-only community string. Write Community Enter the SNMP read/write community string. System Contact Enter the name of the system contact. System Name Enter the system name.

XPort Pro User Guide 69

SNMP Settings (continued) Description

System Description Enter the system description. System Location Enter the system location. Traps State Select Enabled to enable the transmission of SNMP Traps.

Traps Primary Destination Enter the primary SNMP trap host. Traps Secondary

Destination

3. Click Submit.

FTP Settings

The FTP web page shows the current File Transfer Protocol (FTP) configuration and various statistics about the FTP server.

9: Service Settings

The Cold Start trap is sent on device boot up, and the Linkdown trap is sent when the device is rebooted from software control.

Enter the secondary SNMP trap host.

To configure FTP:

1. Select FTP on the menu bar. The FTP page opens to display the current configuration.

Figure 9-6 FTP Configuration

2. Enter or modify the following settings:

Table 9-7 FTP Settings

FTP Settings Description

State Select Enabled to enable the FTP server. Admin Username Enter the username to use when logging in via FTP.

XPort Pro User Guide 70

FTP Settings Description

Admin Password Enter the password to use when logging in via FTP.

3. Click Submit.

TFTP Settings

In the TFTP web page, you can configure the serve r and view the statistics about the Trivial File Transfer Protocol (TFTP) server.

To configure TFTP:

1. Select TFTP on the menu bar. The TFTP page opens to display the current configuration.

9: Service Settings

Figure 9-8 TFTP Configuration

XPort Pro User Guide 71

9: Service Settings

2. Enter or modify the following settings:

Table 9-9 TFTP Server

TFTP Settings Description

State Select Enabled to enable the TFTP server. Allow TFTP File Creation Select whether to allow the creation of new files stor ed on the TFTP server. Allow Firmware Update Specifies whether or not the TF TP Server is allo wed to accept a firmware

update for the device. An attempt to update firmware is recognized based on the name of the file.

Note: TFTP canno t authenticate the client, so the device is open to

malicious update.

Allow XCR Import Specifies whether the TFTP server is allowed to accept an XML con figuration

file for update. An attempt to import configuration is recognized based on the name of the file.

Note: TFTP canno t authenticate the client, so the device is open to

malicious update.

3. Click Submit.

Syslog Settings

The Syslog web page shows the current configuration and statistics of the system log.

To configure the Syslog:

Note: The syslog file is always saved to local storage, but it is not retained through

reboots. Saving the syslog file to a server that supports remote logging services (see RFC

3164) allows the administrator to save the complete syslog history. The default port is 514.

1. Select Syslog on the menu bar. The Syslog page opens to display the current configuration.

XPort Pro User Guide 72

Figure 9-10 Syslog

2. Enter or modify the following settings:

Table 9-11 Syslog

9: Service Settings

Syslog Settings Description

State Select to enable or disable the syslog. Host Enter the IP address of the remote server to which system logs are sent

Local Port Enter the number of the local port on the device from which system logs

Remote Port Enter the number of the port on the remote server that supports logging

Severity Log Level From the drop-down box, select the minimum level of system message

3. Click Submit.

HTTP Settings

Hypertext Transfer Protocol (HTTP) is the transport protocol for communica ting hypertext documents on the Internet. HTTP defines how messages are formatted and transmitted. It also defines the actions web servers and browsers should take in response to different commands. HTTP Authentication enables the requirement of usernames and passwords for access to the XPort Pro device.

for storage.

are sent.

services. The default is 514.

the device should log. This setting applies to all syslog facilities. The drop-down list is in descending order of severity (e.g., Emergency is more severe than Alert.)

This page has three links at the top for viewing statistics and for viewing and changing configuration and authentication settings.

 HTTP Statistics—Viewing statistics such as bytes received and transmitted, bad requests,

authorizations required, etc.

XPort Pro User Guide 73

9: Service Settings

 HTTP Configuration—Configuring and viewing the current configuration.  HTTP Authentication—Configuring and viewing the authentication.

HTTP Statistics

To view HTTP statistics:

This page shows various statistics about the HTTP server.

1. Select HTTP on the menu bar and then Statistics at the top of the pag e. Th e HTTP Statistics page appears.

Figure 9-12 HTTP Statistics

Note: The HTTP log is a scrolling log, with the last Max Log Entries cached and

viewable. You can change the maximum number of entries that can be viewed on the HTTP Configuration Page.

XPort Pro User Guide 74

9: Service Settings

HTTP Configuration

On this page you may change HTTP configuration settings.

To configure HTTP:

1. Select HTTP on the menu bar and then Configuration at the top of the page. The HTTP Configuration page opens.

Figure 9-13 HTTP Configuration

2. Enter or modify the following settings:

Table 9-14 HTTP Configuration

HTTP Configuration Settings

State Select Enabled to enable the HTTP server. Port Enter the port for the HTTP server to use. The default is 80. Secure Port Enter the port for the HTTPS server to use. The default is 443. The HTTP

Description

server only listens on the HTTPS Port when an SSL certificate is configured.

XPort Pro User Guide 75

9: Service Settings

HTTP Configuration

Description

Settings (continued)

Secure Protocols Select to enable or disable the following protocols:

 SSL3 = Secure Sockets Layer version 3  TLS1.0 = Transport Layer Security version 1.0. TLS 1.0 is the successor

of SSL3 as defined by the IETF.

 TLS1.1 = Transport Layer Security version 1.1

The protocols are enabled by default.

Note: A server certificate and associated private key need to be installed in

the SSL configuration section to use HTTPS.

Max Timeout Enter the maximum time for the HTTP server to wait when receiving a

request. This prevents Denial-of-Service (DoS) attacks. The default is 10 seconds.

Max Bytes Enter the maximum number of bytes the HTTP server accepts when

receiving a request. The default is 40 KB (this prevents DoS attacks).

Logging State Select Enabled to enable HTTP server logging. Max Log Entries Sets the maximum number of HTTP server log entries. Only the last Max

Log Entries are cached and viewable.

Log Format Set the log format string for the HTTP server. Follow these Log Format

rules:

 %a - remote IP address (could be a proxy)  %b - bytes sent excluding headers  %B - bytes sent excluding headers (0 = '-')  %h - remote host (same as '%a')  %{h}i - header contents from request (h = header string)  %m - request method  %p - ephemeral local port value used for request  %q - query string (prepend with '?' or empty '-')  %t - timestamp HH:MM:SS (same as Apache '%(%H:%M:%S)t' or

'%(%T)t')

 %u - remote user (could be bogus for 401 status)  %U - URL path info  %r - first line of request (same as '%m %U%q <version>')  %s - return status

Authentication Timeout

The timeout period applies if the selected authentication type is either Digest or SSL/Digest. After this period of inactivity, the client must authenticate again.

3. Click Submit.

XPort Pro User Guide 76

9: Service Settings

HTTP Authentication

HTTP Authentication enables you to require usernames and pa sswords to access specific web pages or directories on the XPort Pro' built-in web server.

To configure HTTP authentication settings:

1. Select HTTP on the menu bar and then Authentication at the top of the page. The HTTP Authentication page opens.

Figure 9-15 HTTP Authentication

2. Enter or modify the following settings:

Table 9-16 HTTP Authentication

HTTP Authentication Settings

URI Enter the Uniform Resource Identifier (URI).

Realm Enter the domain, or realm, used for HTTP. Required with the

Description

Note: The URI must begin with ‘/’ to refer to the filesystem.

URI field.

XPort Pro User Guide 77

9: Service Settings

HTTP Authentication Settings (continued)

Auth Type Select the authentication type:

Username

Description

 None = no authentication is necessary.  Basic = encodes passwords using Base64.  Digest = encodes passwords using MD5.  SSL = the page can only be accessed over SSL (no password

is required).

 SSL/Basic = the page is accessible only over SSL and

encodes passwords using Base64.

 SSL/Digest = the page is accessible only over SSL and

encodes passwords using MD5.

Note: When changing the parameters of Digest or SSL Digest

authentication, it is often best to close and reopen the browser to ensure it does not attempt to use cached authentication information.

Enter the Username used to access the URI. More than one

Username per URI is permitted.

Click Submit and enter the next Username as necessary.

Password Enter the Password for the Username.

3. Click Submit.

4. To delete the URI and users, click Delete in the current configuration table.

Note: The URI, realm, username, and password are user-specified, free-form fields. The

URI must match the directory created on the XPort Pro file system.

RSS Settings

Really Simple Syndication (RSS) (sometimes referred to as Rich Site Summary) is a method of feeding online content to Web users. Instead of actively searching for XPort Pro configuration changes, RSS feeds permit viewing only relevant and new information regarding changes made to the XPort Pro via an RSS publisher. The RSS feeds may also be stored to the file system cfg_log.txt file.

To configure RSS settings:

1. Select RSS on the menu bar. The RSS page opens and shows the current RSS configuration.

XPort Pro User Guide 78

Figure 9-17 RSS

2. Enter or modify the following settings:

Table 9-18 RSS

RSS Settings Description

RSS Feed Select On to enable RSS feeds to an RSS publisher. Persistent Select On to enable the RSS feed to be written to a file (cfg_log.txt)

and to be available across reboots.

Max Entries Sets the maximum number of log entries. Only the last Max Entries

are cached and viewable.

9: Service Settings

3. Select Submit.

4. In the Current Status table, view and clear stored RSS Feed entries, as necessary.

LPD Settings

The XPort Pro device acts as a print server if a printer gets connected to one of its serial ports. Selecting the Line Printer Daemon (LPD) link in the Main Menu displays the LPD web page. The LPD web page has three sub-menus for viewing print queue statistics, changing print queue configuration, and printing a test page. Because the LPD lines operate independently, you can specify different configuration settings for each .

LPD Statistics

This read-only page shows various statistics about the LPD server.

To view LPD statistics for a specific LPD line:

5. Select LPD on the menu bar. The LPD web page appears.Select an L PD line at the top of the page.Select Statistics. The LPD Statistics page for the selected LPD line appears.Repeat above steps as desired, according to additional LPD(s) available on your product.

XPort Pro User Guide 79

9: Service Settings

Figure 9-19 LPD Statistics

LPD Configuration

Here you can change LPD configuration settings.

To configure LPD settings for a specific LPD line:

6. Select LPD on the menu bar, if you are not already at the LPD web page.Select a LPD line at the top of the page.Select Configuration. The LPD Configuration for the selected LPD line appears.

Figure 9-20 LPD Configuration

7. Enter or modify the following settings:

XPort Pro User Guide 80

Table 9-21 LPD Configuration

9: Service Settings

LPD Configuration Settings

Banner Select Enabled to print the banner even if the print job does not specify to do so. Selected

Binary Select Enabled for the device to pass the entire file to the printer unchanged. Otherwise,

Start of Job Select Enabled to print a "start of job" string before sending the print data. End of Job Select Enabled to send an "end of job" string. Formfeed Select Enabled to force the printer to advance to the next page at the end of each print job. Convert Newlines Select Enabled to convert single newlines and carriage returns to DOS-style line endings. SOJ String If Start of Job (above) is enabled, enter the string to be sent to the printer at the beginning

EOJ String If End of Job (above) is enabled, enter the string to send at the end of a print job. The limit

Queue Name To change the name of the print queue, enter a new name. The name cannot have white

Description

by default.

the device passes only valid ASCII and valid control characters to the printer. Valid control characters include the tab, linefeed, formfeed, backspace, and newline characters. All others are stripped. Disabled by default.

of a print job. The limit is 100 characters. Indicate whether the string is in text or binary format.

is 100 characters. Indicate whether the string is in text or binary format.

space in it and is limited to 31 characters. The default is LPDQueueX (for line number X)

8. Click Submit. Repeat above steps as desired, according to additional LPD lines available on your product.

XPort Pro User Guide 81

10: Security Settings

The XPort Pro device supports Secure Shell (SSH) and Secure Sockets Layer (SSL). SSH is a network protocol for securely accessing a remote device. SSH provides a secure, encrypted communication channel between two hosts over a network. It provides authentication and message integrity services.

Secure Sockets Layer (SSL) is a protocol that manages data transmission security over the Internet. It uses digital certificates for authentication and cryptography against eavesdropping and tampering. It provides encryption and message integrity services. SSL is widely used for secure communication to a web server. SSL uses certificates and private keys.

Note: The XPort Pro supports SSLv3 and its successors, TLS1.0 and TLS1.1. An

incoming SSlv2 connection attempt is answered with an SSlv3 response. If the initiator also supports SSLv3, SSLv3 handles the rest of the connection.

This chapter contains the following sections:

 SSH Server Host Keys  SSH Server Authorized Users  SSH Client Known Hosts  SSH Client Users  SSL Cipher Suites  SSL Certificates  SSL RSA or DSA  SSL Certificates and Private Keys  SSL Utilities  SSL Configuration

SSH Settings

SSH is a network protocol for securely accessing a remote device over an encrypted channel. This protocol manages the security of internet data transmission between two hosts over a network by providing encryption, authentication, and message integrity services.

Two instances require configuration: when the XPort Pro is the SSH server and when it is an SSH client. The SSH server is used by the CLI (Command Mode) and for tunneling in Accept Mode. The SSH client is for tunneling in Connect Mode.

To configure the XPort Pro as an SSH server, there are two requirements:

 Defined Host Keys: both private and public keys are required. These keys are used for the

Diffie-Hellman key exchange (used for the underlying encryption protocol).

 Defined Users: these users are permitted to connect to the XPort Pro SSH server.

This page has four links at the top for viewing and changing SSH server host keys, SSH server authorized keys, SSH client known hosts, and SSH client users.

XPort Pro User Guide 82

10: Security Settings

SSH Server Host Keys

SSH Host Keys can be obtained in a few different ways:

 Uploading keys via PUTTY or other tools which generate RFC4716 format keys.  Creating keys through the EDS.

The steps for creating or uploading keys is described below.

To upload SSH server host keys generated from PuTTY:

1. Create the keys with puttygen.exe. The keys are in PuTTY format.

2. Use puttygen.exe again to convert the private key to Open SSH format as follows: a. Import the private key using "Conversions…Import key." b. Create a new file using "Conversions…Export OpenSSH key."

3. Use ssh-keygen to convert the public key to OpenSSH format.

ssh-keygen -i -f putty_file > openssh_file

4. Select SSH on the menu bar and SSH Server: Host Keys at the top of the page. The SSH Server Host Keys page appears.

Figure 10-1 SSH Server: Host Keys (Upload Keys)

5. Enter or modify the following settings in the part of the screen related to uploading keys:

XPort Pro User Guide 83

10: Security Settings

Table 10-2 SSH Server Host Keys Settings - Upload Keys Method

SSH Server: Host Keys Settings (continued)

Private Key Enter the path and name of the existing private key you

Public Key Enter the path and name of the existing public key you want

Key Type Select a key type to use for the new key:

Description

want to upload or use the Browse button to select the key. Be sure the private key will not be compromised in transit. This implies the data is uploaded over some kind of secure private network.

to upload or use the Browse button to select the key.

 RSA = use this key with the SSH1 and SSH2 protocols.  DSA = use this key with the SSH2 protocol.

6. Click Submit.

To upload SSH server host RFC4716 format keys:

1. Use any program that can produce keys in the RFC4716 format.

2. Use ssh-keygen to convert the format to OpenSSH.

ssh-keygen -i -f RFC4716_file > output_file

Note: If the keys do not exist, follow directions under To create new SSH server host

keys (on page 86).

3. Select SSH on the menu bar and SSH Server: Host Keys at the top of the page. The SSH Server Host Keys page appears.

XPort Pro User Guide 84

Figure 10-3 SSH Server: Host Keys (Upload Keys)

10: Security Settings

4. Enter or modify the following settings in the part of the screen related to uploading keys:

Table 10-4 SSH Server Host Keys Settings - Upload Keys Method

SSH Server: Host Keys Settings (continued)

Private Key Enter the path and name of the existing private key you

Public Key Enter the path and name of the existing public key you want

Key Type Select a key type to use for the new key:

Description

want to upload or use the Browse button to select the key. Be sure the private key will not be compromised in transit. This implies the data is uploaded over some kind of secure private network.

to upload or use the Browse button to select the key.

 RSA = use this key with the SSH1 and SSH2 protocols.  DSA = use this key with the SSH2 protocol.

5. Click Submit.

Note: SSH keys may be created on another computer and uploaded to the XPort Pro.

For example, use the following command using Open SSH to create a 1024-bit DSA key pair: ssh-keygen –b 1024 –t dsa

XPort Pro User Guide 85

10: Security Settings

To create new SSH server host keys

Note: Generating new keys with large bit size results in longer key generation times.

1. Select SSH on the menu bar and SSH Server: Host Keys at the top of the page. The SSH Server Host Keys page appears.

Figure 10-5 SSH Server: Host Keys (Create New Keys)

2. Enter or modify the following settings in the part of the screen related to creating new keys:

Table 10-6 SSH Server Host Keys Settings - Create New Keys Method

SSH Server: Host Keys Settings

Key Type Select a key type to use:

Description

 RSA = use this key with SSH1 and SSH2 protocols.  DSA = use this key with the SSH2 protocol.

Note: RSA is more secure.

XPort Pro User Guide 86

10: Security Settings

SSH Server: Host Keys Settings (continued)

Bit Size Select a bit length for the new key:

Description

 512  768  1024

Using a larger bit size takes more time to generate the key. Approximate times are:

 10 seconds for a 512 bit RSA Key  15 seconds for a 768 bit RSA Key  1 minute for a 1024 bit RSA Key  30 seconds for a 512 bit DSA Key  1 minute for a 768 bit DSA Key  2 minutes for a 1024 bit DSA Key

Note: So me SSH clients require RSA host keys to be at

least 1024 bits long. This device generates keys up to 1024 bits long. It can work with larger keys (up to 2048 bit) if they are imported or otherwise created.

3. Click Submit.

Note: SSH Keys from other programs may be converted to the required XPort Pro

format. Use Open SSH to perform the conversion.

SSH Server Authorized Users

On this page you can change SSH server settings for Authorized Users. SSH Server Authorized Users are accounts on the XPort Pro that can be used to log into the XPort Pro using SSH. For instance, these accounts can be used to SSH into the CLI or open an SSH connection to a device port. Every account must have a password.

The user's public keys are optional and only necessary if public key authentication is required. Using public key authentication allows a connection to be made without the password being asked.

Under Current Configuration, User has a Delete User link, and Public RSA Key and Public DSA Key have View Key and Delete Key links. If you click a Delete link, a message asks whether you are sure you want to delete this information. Click OK to proceed or Cancel to cancel the operation.

To configure the SSH server for authorized users:

1. Select SSH on the menu bar and then Server Authorized Users at the top of the page. The SSH Server: Authorized Users page appears.

XPort Pro User Guide 87

Figure 10-7 SSH Server: Authorized Users

10: Security Settings

2. Enter or modify the following settings:

Table 10-8 SSH Server Authorized User Settings

SSH Server: Authorized Users Settings

Username Enter the name of the user authorized to access the SSH server. Password Enter the password associated with the username. Public RSA Key Enter the path and name of the existing public RSA key you want

Public DSA Key Enter the path and name of the existing public DSA key you want

Description

to use with this user or use the Browse button to select the key. If authentication is successful with the key, no password is required.

3. Click Submit.

Note: When uploading the security keys, ensure the keys are not compromised in

transit.

XPort Pro User Guide 88

10: Security Settings

SSH Client Known Hosts

On this page you can change SSH client settings for known hosts.

Note: You do not have to complete the fields on this page for communication to occur.

However, completing them adds another layer of security that protects against Man-InThe-Middle (MITM) attacks.

To configure the SSH client for known hosts:

1. Select SSH on the menu bar and then Client Known Hosts at the top of the page. The SSH Client: Known Hosts page appears.

Figure 10-9 SSH Client: Known Hosts

2. Enter or modify the following settings:

Table 10-10 SSH Client Known Hosts

SSH Client: Known Hosts Settings

Server Enter the name or IP address of a known host. If you enter a server name,

Public RSA Key Enter the path and name of the existing public RSA key you want to use

Public DSA Key Enter the path and name of the existing public DSA key you want to use

Description

the name should match the name of the server used as the Remote Address in Connect mode tunneling.

with this known host or use the Browse button to select the key.

Note: These settings are not required for communication. They protect against Man-In-

The-Middle (MITM) attacks.

3. Click Submit.

4. In the Current Configuration table, delete currently stored settings as necessary.

XPort Pro User Guide 89

10: Security Settings

SSH Client Users

On this page you can change SSH client settings for users. To configure the XPort Pro as an SSH client, an SSH client user must be both configured and also exist on the remote SSH server.

SSH client known users are used by all applications that play the role of an SSH client, specifically tunneling in Connect Mode. At the very least, a password or key pair must be configured for a user. The keys for public key authentication can be created elsewhere and uploaded to the device or automatically generated on the device. If uploading existing keys, be sure the private key will not be compromised in transit. This implies the data is uploaded over some kind of secure private network.

Note: If you are providing a key by uploading a file, make sure that the key is not

password protected.

To configure the SSH client users:

1. Select SSH on the menu bar and then SSH Client Users at the top of the page. The SSH Client: Users page appears.

Figure 10-11 SSH Client: Users

XPort Pro User Guide 90

2. Enter or modify the following settings:

Table 10-12 SSH Client Users

10: Security Settings

SSH Client: Users

Description

Settings

Username Enter the name that th e device uses to connect to a SSH server. Password Enter the password associated with the username. Remote Command Enter the command that can be executed remotely. Default is shell, which tells the

SSH server to execute a remote shell upon connection. This command can be changed to anything the remote host can perform.

Private Key Enter the name of the existing private key you want to use with this SSH client user.

You can either enter the path and name of the key, or use the Browse button to select the key.

Public Key Enter the path and name of the existing public key you want to use with this SSH

client user or use the Browse button to select the key.

Note: If the user public key is known on the remote SSH server, the SSH se rver

does not require a password. The Remote Command is provided to the SSH server upon connection. It specifies the application to execute upon connection. The default is a command shell.

Note: Configuri ng the SSH client’s known hosts is optional. It prevents Man-In-The-

Middle (MITM) attacks

Key Type Select the key type to be used. Choices are:

 RSA = use this key with the SSH1 and SSH2 protocols.  DSA = use this key with the SSH2 protocol.

Create New Keys Username Enter the name of the user associated with the new key. Key Type Select the key type to be used for the new key. Choices are:

 RSA = use this key with the SSH1 and SSH2 protocols.  DSA = use this key with the SSH2 protocol.

Bit Size Select the bit length of the new key:

 512  768  1024

Using a larger Bit Size takes more time to generate the key. Approximate times are:

 10 seconds for a 512 bit RSA Key  15 seconds for a 768 bit RSA Key  1 minute for a 1024 bit RSA key  30 seconds for a 512 bit DSA key  1 minute for a 768 bit DSA key  2 minutes for a 1024 bit DSA key

Note: Some SSH clients require RSA host keys to be at least 1024 bits long. This

device generates keys up to 1024 bits long. It can work with larger keys (up to 2048 bit) if they are imported or otherwise created.

3. Click Submit.

4. In the Current Configuration table, delete currently stored settings as necessary.

XPort Pro User Guide 91

SSL Settings

Secure Sockets Layer (SSL) is a protocol for managing the security of data transmission over the Internet. It provides encryption, authentication, and message integrity services. SSL is widely used for secure communication to a web server.

Certificate/Private key combinations can be obtai ned from an external Certificate Authority (CA) and downloaded into the unit. Self-signed certificates with associated private key can be generated by the device server itself.

For more information regarding Certificates and how to obtain them, see SSL Certificates and

Private Keys (on page 93).

SSL uses digital certificates for authentication and cryptography against eavesdropping and tampering. Sometimes only the server is authenticated, sometimes both server and client. The XPort Pro can be server and/or client, depending on the application. Public key encryption systems exchange information and keys and set up the encrypted tunnel.

Efficient symmetric encryption methods encrypt the data going through the tunnel after it is established. Hashing provides tamper detection.

Applications that can make use of SSL are Tunneling, Secure Web Server, and WLAN interface. The XPort Pro supports SSlv3 and its successors, TLS1.0 and TLS1.1.

10: Security Settings

Note: An incoming SSlv2 connection attempt is answered with an SSlv3 response. If the

initiator also supports SSLv3, SSLv3 handles the rest of the connection.

SSL Cipher Suites

The SSL standard defines only certain combinations of certificate type, key exchange method, symmetric encryption, and hash method. Such a combination is called a cipher suite. Supported cipher suites include the following:

Table 10-13 Supported Cipher Suites

Certificate Key Exchange Encryption Hash

DSA DHE 3DES SHA1 RSA RSA 128 bits AES SHA1 RSA RSA Triple DES SHA1 RSA RSA 128 bits RC4 MD5 RSA RSA 128 bits RC4 SHA1 RSA 1024 bits RSA 56 bits RC4 MD5 RSA 1024 bits RSA 56 bits RC4 SHA1 RSA 1024 bits RSA 40 bits RC4 MD5

Whichever side is acting as server decides which cipher suite to use for a connection. It is usually the strongest common denominator of the cipher suite lists supported by both sides.

XPort Pro User Guide 92

10: Security Settings

SSL Certificates

The goal of a certificate is to authenticate its sender. It is analogous to a paper document that contains personal identification information and is signed by an authority, for example a notary or government agency.

The principles of Security Certificate required that in order to sign other certificates, the authority uses a private key. The published authority certificate contains the matching pub lic key that allows another to verify the signature but not recreate it.

The authority’s certificate can be signed by itself, resulting in a self-signed or trusted-root certificate, or by another (higher) authority, resulting in an intermediate authority certificate. You can build up a chain of intermediate authority certificates, and the last certification will always be a trusted-root certificate.

An authority that signs another certificates is also called a Certificate Authority (CA). The last in line is then the root-CA. VeriSign is a famous example of such a root-CA. Its certificate is often built into web browsers to allow verifying the identity of website serv er s, wh ic h ne e d to ha ve certificates signed by VeriSign or another public CA. Since obtaining a certificate signed by a CA that is managed by another company can be expensive, it is possible to have your own CA. Tools exist to generate self-signed CA certificates or to sign other certificates.

A certificate request is a certificate that has not been signed and only contains the identifying information. Signing it makes it a certificate. A certificate is also used to sign any message transmitted to the peer to identify the originator and prevent tampering while transported.

When using HTTPS, SSL Tunneling in Accept mode, and/or EAP-TLS, the XPort Pro needs a personal certificate with a matching private key to identify itself and sign its messages. When using SSL Tunneling in Connect mode and/or EAP-TLS, EAP-TTLS or PEAP, the XPort Pro needs the authority certificate that can authenticate users with which it wishes to communicate.

SSL RSA or DSA

As mentioned above, the certificates contain a public key. Different key exchange methods require different public keys and thus different styles of certificate. The XPort Pro supports key exchange methods that require a RSA-style certificate and key exchange methods that require a DSA-style certificate. If only one of these certificates is stored in the XPort Pro, only those key exchange methods that can work with that style certificate are enabled. RSA is sufficient in most cases.

SSL Certificates and Private Keys

You can obtain a certificate by completing a certificate request and sending it to a certificate authority that will create a certificate/key combo, usually for a fee. Or generate your own. A few utilities exist to generate self-signed certificates or sign certificate requests. The XPort Pro also has the ability to generate its own self-signed certificate/key combo.

You can use XML to export the certificate in PEM format, b ut you cannot export the ke y. Hence the internal certificate generator can only be used for certificates that are to identify that particular XPort Pro.

Certificates and private keys can be stored in several file formats. Best known are PKCS12, DER and PEM. Certificate and key can be in the same file or in separate files. The key can be encrypted with a password or not. The XPort Pro currently only accepts separate PEM files. The key needs to be unencrypted.

XPort Pro User Guide 93

10: Security Settings

SSL Utilities

Several utilities exist to convert between the formats.

OpenSSL

Open source set of SSL related command line utilities. It can act as server or client. It can generate or sign certificate requests. It can convert all kinds of formats. Executables are available for Linux and Windows. To generate a self-signed RSA certificate/key combo use the following commands in the order shown:

openssl req –x509 –nodes –days 365 –newkey rsa:1024 –keyout mp_key.pem –out mp_cert.pem

Note: Signing other certificate requests is also possible with OpenSSL. See

www.openssl.org

Steel Belted RADIUS

Commercial RADIUS server by Juniper Networks that provides a GUI administration interface. It also provides a certificate request and self-signed certificate generator. The self-signed certificate has extension .sbrpvk and is in the PKCS12 format. OpenSSL can convert this into a PEM format certificate and key by using the following commands in the order shown:

or www.madboa.com/geek/openssl for more information.

openssl pkcs12 -in sbr_certkey.sbrpvk -nodes -out sbr_certkey.pem

The sbr_certkey.pem file contains both certifi cate and key. If l oading the SBR certificate into XPort Pro as an authority, you will need to edit it.

1. Open the file in any plain text editor.

2. Delete all info before the following: “----- BEGIN CERTIFICATE-----“

3. Delete all info after the following: “----- END CERTIFICATE-----“

4. Save as sbr_cert.pem. SBR accepts trusted-root certificates in the DER format.

5. Again, OpenSSL can convert any format into DER by using the following commands in the order shown:

openssl x509 -inform pem -in mp_cert.pem -outform der -out mp_cert.der

Note: With SBR, when the identity information includes special characters such as

dashes and periods, SBR changes the format it uses to store these strings and becomes incompatible with the current XPort Pro release. We will add support for this and other formats in future releases. Free RADIUS—Linux open-source RADIUS server. It is versatile, but complicated to configure.

Free RADIUS

Free RADIUS is a Linux open-source RADIUS server. It is versatile, but complicated to configure.

XPort Pro User Guide 94

SSL Configuration

To configure SSL settings:

1. Select SSL from the main menu. The SSL page appears.

Figure 10-14 SSL

10: Security Settings

XPort Pro User Guide 95

10: Security Settings

2. Enter or modify the following settings:

Table 10-15 SSL

SSL Settings Description

Upload Certificate New Certificate This certificate identifies the device to peers. It is used for HTTPS and SSL

Tunneling. Enter the path and name of the certificate you want to upload, or use the

Browse button to select the certificate. RSA or DSA certificates with 512 to 1024 bit public keys are allowed.

The format of the file must be PEM. The file must start with “-----BEGIN CERTIFICATE-----“ and end with “-----END CERTIFICATE-----“. Some Certificate Authorities add comments before and/or after these lines. Those need to be deleted before upload.

New Private Key Enter the path and name of the private key you want to upload, or use the

Browse button to select the private key. The key needs to belong to the

certificate entered above. The format of the file must be PEM. The file must start with “-----BEGIN

RSA PRIVATE KEY-----” and end with “-----END RSA PRIVATE KEY-----”. Read DSA instead of RSA in case of a DSA key. Some Certificate Authorities add comments before and/or after these lines. Those need to be deleted before upload.

Upload Authority Certificate Authority One or more authority certificates are needed to verify a peer's identity. It is

used for SSL Tunneling. These certificates do not require a private key. Enter the path and name of the certificate you want to upload, or use the

Browse button to select the certificate. RSA or DSA certificates with 512 to 1024 bit public keys are allowed.

The format of the file must be PEM. The file must start with “-----BEGIN CERTIFICATE-----” and end with “-----END CERTIFICATE-----”. Some Certificate Authorities add comments before and/or after these lines. Those need to be deleted before upload.

Create New Self-Signed Certificate Country (2 Letter Code) Enter the 2-letter country code to be assigned to the new self-signed

certificate.

Examples: US for United States and CA for Canada

State/Province Enter the state or province to be assigned to the new self-signed certificate. Locality (City) Enter the city or locality to be assigned to the new self-signed certificate. Organization Enter the organization to be associated with the new self-sig ned certificate.

Example: If your company is called Widgets, and you are setting up a web

server for the Sales department, enter Widgets for the organization.

Organization Unit Enter the organizational unit to be associated with the new self-signed

certificate. Example: If your company is setting up a web server for the Sales

department, enter Sales for your organizational unit.

XPort Pro User Guide 96

10: Security Settings

SSL Settings (continued) Description

Common Name Enter the same name that the user will enter when requesting your web

site. Example: If a user enters

http://www.widgets.abccompany.com to

access your web site, the Common Name would be

www.widgets.abccompany.com.

Expires Enter the expiration date, in mm/dd/yyyy format, for the new self-signed

certificate.

Example: An expiration date of May 9, 2010 is entered as 05/09/2010.

Key length Select the bit size of the new self-signed certificate. Choices are:

 512 bits  768 bits  1024 bits

The larger the bit size, the longer it takes to generate the key. Approximate times are:

 10 seconds for a 512-bit RSA key  30 seconds for a 768-bit RSA key  1 minute for a 1024-bit RSA key  30 seconds for a 512-bit DSA key  2 minutes for a 768-bit DSA key  6 minute for a 1024-bit DSA key

Type Select the type of key:

 RSA = Public-Key Cryptography algorithm based on large prime

numbers, invented by Rivest Shamir and Adleman. Used for encryption and signing.

 DSA = Digital Signature Algorithm also based on large prime numbers,

but can only be used for signing. Developed by the US government to avoid the patents on RSA.

3. Click Submit.

XPort Pro User Guide 97

11: Modbus

Modbus ASCII/RTU based serial slave devices can be connected via the ethernet through an existing Modbus TCP/IP network. Any device having access to a given Modbus implementation will be able to perform full range of operations that the implementation supports. Modbus/TCP use a reserved TCP port of 502 and include a single byte function code (1=255) preceded by a 6 byte header:

Table 11-1 6 Byte Header of Modbus Application Protocol

Transaction ID (2 bytes) Identification of request/response transaction - copied by slave Protocol ID (2 bytes) 0 - Modbus protocol Length (2 bytes) Number of following bytes includes the unit identifier Address (1 byte) Identification of remove slave

CP Control via Modbus

Default groups are mapped to Modbus registers. CPs added to groups will result in the CP being read and written based on the reading or writing to the register which maps to that CP group. Default Modbus group names include:

 Modbus_Ctl_In  Modbus_Ctl_Out

Note: Refer to Chapter 8: CPM: Groups on page 62 for instructions on add ing a CP to a

Group.

When the Modbus slave address is set to 0xFF, the message is addressed to the internal default groups and thus processed by the XPort Pro. The Modbus 'local slave' supported functions are listed in the table below.

Table 11-2 Modbus Local Slave Functions - Query

Name Number Address

Hi [0]

Read Coils 0x01 0x00 0x00-0x02

Read Input status

Read Holding Registers

Read Input Registers

0x02 0x00 0x00-0x02

0x03 0x00 0x00-0x02

0x04 0x00 0x00-0x02

Address Lo [1]

Starting CP CP1 – CP3

Data Hi [2]

0x00 0x01-0x03

Data Lo [3]

No of CPs to output

Bytes

Value [5]

Count [4]

N/A N/A

XPort Pro User Guide 98

11: Modbus

Name Number Address

Hi [0]

Force Single Coil 0x05 0x00 0x00-0x02

Preset Single Register

Force Multiple Coils

Preset Multiple Registers

Read/Write 4X Registers

0x06 0x00 0x00-0x02

0x0F 0x00 0x00-0x02

0x10 0x00 0x00-0x02

0x17 0x00 0x00-0x02

0x00 0x01-0x03

Address Lo [1]

Output CP CP1 – CP3

CP1 – CP3

Starting CP CP1 – CP3

Starting CP CP1 – CP3 to

read

Quantity to write

Data Hi [2]

0xff (set CPx to 1) or

0x00 (set CPx to 0)

0x00 0x00 or 0x01 N/A N/A

0x00 0x01-0x03

0x02-0x06 (Quantity to

write) * 2

Data Lo [3]

0x00 N/A N/A

No of CPs to set

Quantity to read

Max [6].. 0x00, 0x0Y 0x00 ,0x0Y 0x00, 0x0Y Y = 0 or 1

Bytes

Value [5]

Count [4]

0x01 0B00000xyz

CP values ,Lo CP# in low bit

0x02-0x06 (No of CPs

to set) * 2

0x00 0x00-0x02

Max [6].. 0x00, 0x0Y 0x00 ,0x0Y 0x00, 0x0Y Y = 0 or 1

Starting CP CP1 – CP3 to

write

Table 11-3 Modbus Local Slave Functions - Response

Name Number Byte

Count

Read Coils

Read Input status

Read Holding Registers

Read Input Registers

Force Single Cell

Preset Single Register

0x01 0x01 0B00000xyz

0x02 0x01 0B00000xyz

0x03 0x02-0x06 0x00 Starting CP

0x04 0x02-0x06 0x00 Starting CP

0x05 Echo query Echo query Echo query Echo

0x06 Echo query Echo query Echo query Echo

Data [0] Data [1] Data

[2]

N/A N/A N/A N/A N/A

CP output values ,Lo CP# in high bit

N/A N/A N/A N/A N/A

CP output values ,Lo CP# in high bit

0x00 Next CP or

Value 0x00 or 0x01

0x00 Next CP or

Value 0x00 or 0x01

query

Data [3] Data

Data [5]

[4]

End CP value 0x00 or 0x01

N/A N/A N/A

0x00 End CP value

0x00 or 0x01

0x00 End CP value

0x00 or 0x01

XPort Pro User Guide 99

11: Modbus

Name Number Byte

Data [0] Data [1] Data

Count

Force Multiple Coil

Preset Multiple Registers

Read/ Write 4X Registers

0x0F Echo query Echo query Echo query Echo

0x10 Echo query Echo query Echo query Echo

0x17 0x02-0x06

(Quantity of Read) * 2

Max [6].. 0x00, 0x0Y 0x00 ,0x0Y 0x00, 0x0Y Y = 0 or 1

Serial Transmission Mode

Evolution products can be set up to communi cate o n standard Modbus ne tworks using either RTU or ASCII. Users select the desired mode and serial port communication parameters (baud rate, parity mode, etc) during the line configurat ion .

Table 11-4 Modbus Transmission Modes

[2]

query

Data [3] Data

Data [5]

[4]

N/A N/A N/A

RTU ASCII

 Address: 8 bits (0 to 247 decimal, 0 is used

for broadcast)

 Function: 8 bits (1 to 255, 0 is not valid)  Data: N X 8 bits (N=0 to 252 bytes)  CRC Check: 16 bits

 Address: 2 CHARS  Function: 2 CHARS  Data: N CHARS (N=0 to 252 CHARS)  LRC Check: 2 CHARS

The Modbus web pages allow you to check Modbus status and make configuration ch anges. This chapter contains the following sections:

 Modbus Statistics  Modbus Configuration

XPort Pro User Guide 100

Lantronix 900-560 User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Copyright & Trademark

Warranty

Patents

Contacts

Disclaimer

Revision History

Table of Contents

List of Figures

List of Tables

1: About This Guide

Chapter and Appendix Summaries

Additional Documentation

2: Introduction

Key Features

Applications

Protocol Support

Evolution OS™

Additional Features

Modem Emulation

Web-Based Configuration and Troubleshooting

Command-Line Interface (CLI)

VIP Access

SNMP Management

XML-Based Architecture and Device Control

Really Simple Syndication (RSS)

Enterprise-Grade Security

Terminal Server/Device Management

Troubleshooting Capabilities

Configuration Methods

Addresses and Port Numbers

Hardware Address

IP Address

Port Numbers

Product Information Label

3: Using DeviceInstaller

Accessing XPort Pro Using DeviceInstaller

Device Details Summary

4: Configuration Using Web Manager

Accessing Web Manager

To access Web Manager, perform the following steps:

Device Status Page

Web Manager Page Components

Navigating the Web Manager

5: Network Settings

Network 1 (eth0) Interface Status

To view the network interface status:

Network 1 (eth0) Interface Configuration

To view and configure network interface settings:

Network 1 Ethernet Link

To view and configure the Ethernet link:

6: Line and Tunnel Settings

Line Settings

Line Statistics

Line Configuration

To configure a specific line:

Line Command Mode

Tunnel Settings

Tunnel – Statistics

To display statistics for a specific tunnel:

Tunnel – Serial Settings

To configure serial settings for a specific tunnel:

Tunnel – Packing Mode

To configure the Packing Mode for a specific tunnel:

Tunnel – Accept Mode

To configure the Accept Mode of a specific tunnel:

Tunnel – Connect Mode

To configure Connect Mode for a specific tunnel:

Connecting Multiple Hosts

Host List Promotion

Tunnel – Disconnect Mode

To configure the Disconnect Mode for a specific tunnel:

Tunnel – Modem Emulation

To configure modem emulation for a specific tunnel:

7: Terminal and Host Settings

Terminal Settings

Line Terminal Configuration