Lantronix SCSxx05, SCSxx20 User Manual
SCSxx05/SCSxx20
Secure Console Server
User Guide
Models SCS3205, SCS4805, SCS820, SCS1620
with Firmware v4.3 and later
Part No. 900-287
Rev. D April 2004
Copyright & Trademark
© 2003, Lantronix. All rights reserved. No part of the contents of this book may
be transmitted or reproduced in any form or by any means without the written
permission of Lantronix. Printed in the United States of America.
Lightwave Communications is a Lantronix Inc. Company. Ethernet is a trademark
of XEROX Corporation. UNIX is a registered trademark of The Open Group.
Windows 95, Windows 98, Windows 2000, and Windows NT are trademarks of
Microsoft Corporation. Netscape is a trademark of Netscape Communications
Corporation.
LINUX GPL Compliance
Certain portions of source code for the software supporting the SCSxx05™ and
SCSxx20™
published by the Free Software Foundation and may be redistributed and
modified under the terms of the GNU GPL. A machine readable copy of the
corresponding portions of GPL licensed source code are available at the cost of
distribution.
Such source code is distributed WITHOUT ANY WARRANTY, INCLUDING
ANY IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A
PARTICULAR PURPOSE. See the GNU General Public License for more
details.
are licensed under the GNU General Public License (GPL) as
A copy of the GNU General Public License is available on the Lantronix Web Site
at http://www.lantronix.com/
You can also obtain it by writing to the Free Software Foundation, Inc. 59 Temple
Place, Suite 330, Boston, MA 02111-1307 USA.
or by visiting http://www.gnu.org/copyleft/gpl.html
Contacts
Lantronix Corporate Headquarters
15353 Barranca Parkway
Irvine, CA 92618, USA
Phone: 949-453-3990
Fax: 949-453-3995
Technical Support
Phone: 800-422-7044 or 949-453-7198
Fax: 949-450-7226
Fax: 949-450-7226
Online: www.lantronix.com/support
Email: support@lantronix.com
Sales Offices
For a current list of our domestic and international sales offices, go to the
Lantronix web site at http://www.lantronix.com/about/contact/index.html
i
Disclaimer & Revisions
Operation of this equipment in a residential area is likely to cause interference in
which case the user, at his or her own expense, will be required to take whatever
measures may be required to correct the interference.
Note: This equipment has been tested and found to comply with the
limits for Class A digital device pursuant to Part 15 of the FCC Rules.
These limits are designed to provide reasonable protection against
harmful interference when the equipment is operated in a commercial
environment. This equipment generates, uses, and can radiate radio
frequency energy and, if not installed and used in accordance with this
User Guide, may clause interference to radio communications. Operation
of this equipment in a residential area is likely to cause interference, in
which case the user will be required to correct the interference at his own
expense.
The user is cautioned that changes and modifications made to the
equipment without approval of the manufacturer could void the user’s
authority to operate this equipment.
Changes or modifications to this device not explicitly approved by Lantronix will
void the user's authority to operate this device.
The information in this guide may change without notice. The manufacturer
assumes no responsibility for any errors that may appear in this guide.
Date Part No Rev. Comments
8/03 900-287 B
10/03 900-287 C
4/04 900-287 D
Combined SCSxx05 and SCSxx20 products (firmware v.4.3
and later) in one user guide. Updated warranty information.
Added safety precautions in English and multiple languages;
revised declarations of conformity.
Removed Web interface.
ii
Safety Precautions
Please follow the safety precautions described below when installing and
operating the SCSxx05/SCSxx20 Secure Console Server.
Cover
Do not remove the cover of the chassis. There are no user-serviceable
Refer all servicing to Lantronix.
Service personnel: Dispose of used batteries according to the
Power Plug
When disconnecting the power cable from the socket, pull on the plug,
Always connect the power cord to a properly wired and grounded power
Only use a power cord with a voltage and current rating greater than the
Install the unit near an AC outlet that is easily accessible.
Always connect any equipment used with the product to properly wired
To help protect the product from sudden, transient increases and
Do not connect or disconnect this product during an electrical storm.
Grounding
parts inside. Opening or removing the cover may expose you to
dangerous voltage that could cause fire or electric shock.
instructions. There is a risk of explosion if the battery is replaced with an
incorrect type.
not the cord.
source. Do not use adapter plugs or remove the grounding prong from
the cord.
voltage and current rating marked on the unit.
and grounded power sources.
decreases in electrical power, use a surge suppressor, line conditioner,
or uninterruptible power supply (UPS).
Maintain reliable grounding of this product.
Pay particular attention to supply connections when connecting to power
strips, rather than directly to the branch circuit.
Fuses
For protection against fire, replace the power-input-module fuse with the
same type and rating.
Rack
Do not install the unit in a rack in such a way that a hazardous stability
condition results because of uneven loading. A drop or fall could cause
injury.
Before operating the SCS, make sure the SCS is secured to the rack.
Port Connections
Only connect the network port to an Ethernet network that supports
10Base-T/100Base-TX.
Only connect device ports to equipment with serial ports that support
EIA-232 (formerly RS-232C).
Only connect the terminal port to equipment with serial ports that support
EIA-232 (formerly RS-232C).
iii
Precauciones de seguridad
Al instalar y utilizar el servidor seguro de consola SCSxx05/SCSxx20, observe
las precauciones de seguridad que se describen a continuación.
Tapa
No retire la tapa del chasis. En el interior no hay ninguna pieza que el
usuario deba manipular. Abrir o retirar la tapa puede exponer al usuario
a tensiones peligrosas que pueden causar fuego o electrocución. Si la
batería se sustituye por una de tipo incorrecto, puede producirse una
explosión.
Confíe todas las actividades de mantenimiento o reparación a Lantronix.
Personal de mantenimiento: Deshágase de las baterías usadas de
acuerdo con las instrucciones. Si la batería se sustituye por una de tipo
incorrecto, puede producirse una explosión.
Enchufe de alimentación
Al desconectar el cable de alimentación de la toma, tire del enchufe, no
del propio cable.
Conecte siempre el cable de alimentación a una toma eléctrica
correctamente cableada y conectada a tierra. No use adaptadores de
enchufes ni elimine la patilla de toma de tierra del cable.
Use sólo un cable de alimentación adecuado para unos valores de
tensión e intensidad superiores a la tensión y la intensidad indicados en
la unidad.
Instale la unidad cerca de un toma de CA de fácil acceso.
Conecte siempre cualquier equipo que se use con el producto a tomas
eléctricas correctamente cableadas y conectadas a tierra.
Para proteger el producto contra aumentos y descensos transitorios
bruscos de la alimentación eléctrica, use un supresor de sobrecargas
momentáneas, un acondicionador de línea, o una fuente de alimentación
ininterrumpida (UPS).
No conecte ni desconecte este producto durante una tormenta eléctrica.
Toma de tierra
Mantenga este producto conectado en todo momento a una toma de
tierra fiable.
Preste especial atención a las conexiones de alimentación cuando se
conecta a regletas de terminales, en lugar de hacerlo directamente al
circuito derivado.
Fusibles
Para proteger la unidad contra el fuego, cuando sea necesario sustituya
el fusible del módulo de entrada de alimentación por otro del mismo tipo
y capacidad.
Bastidor
No instale la unidad en un bastidor (rack) de manera que quede en un
equilibrio inestable peligroso debido a el reparto irregular del peso. La
caída de la unidad podría causar lesiones.
Antes de utilizar el servidor seguro de consola (SCS), verifique que el
SCS está bien fijado al bastidor.
iv
Conexiones de puertos
Conecte el puerto de red solamente a una red Ethernet compatible con
10Base-T/100Base-TX.
Conecte los puertos de dispositivos solamente a equipos con puertos
serie compatibles con EIA-232 (antes, RS-232C).
Conecte el puerto terminal solamente a equipos con puertos serie
compatibles con EIA-232 (antes, RS-232C).
Précautions relatives à la sécurité
Pour des raisons de sécurité, respectez les précautions suivantes lorsque vous
installez et utilisez un équipement de la gamme Secure Console Server
SCSxx05/SCSxx20.
Boîtier
Ne déposez jamais le boîtier du châssis. Aucun élément interne de cet
appareil ne peut être réparé ou remplacé par l’utilisateur. En ouvrant le
boîtier, vous vous exposeriez à un risque d’électrocution ou d’incendie.
Confiez toute opération d'entretien ou de dépannage à du personnel
agréé par Lantronix.
Personnel d’entretien : Respectez les instructions relatives à la mise au
rebut des batteries usagées. Il y a risque d’explosion si la batterie est
remplacée par une autre batterie de type incorrect.
Prise d’alimentation secteur
Pour débrancher le câble d’alimentation électrique, tirez sur la prise, pas
sur le cordon.
Veillez à toujours brancher le câble d’alimentation électrique à une prise
correctement câblée avec mise à la terre. N’utilisez pas d’adaptateur, et
ne démontez pas la fiche de terre du câble.
Utilisez uniquement un câble d’alimentation électrique certifié pour une
tension et une intensité supérieures à la tension et à l’intensité
nominales de l’équipement.
Installez cet équipement à proximité d’une prise électrique aisément
accessible.
Veillez à toujours brancher tout équipement utilisé avec celui-ci à une
prise correctement câblée avec mise à la terre.
Pour protéger ce produit des fluctuations de tension et des transitoires
du courant électrique, il est conseillé d’utiliser une protection contre les
surtensions, un filtre de secteur ou un onduleur avec batterie (UPS).
Veillez à ne pas laisser cet équipement connecté au secteur durant un
orage.
Mise à la terre
Veillez à préserver une mise à la terre fiable de ce produit.
Prêtez particulièrement attention aux connexions d’alimentation si vous
raccordez cet équipement à une prise multiple au lieu de le brancher
directement sur le circuit principal.
v
Fusibles
Pour assurer la protection contre l’incendie, remplacez toujours le fusible
du module d’alimentation électrique par un modèle du même type et de
la même capacité.
Rack
N’installez pas cet équipement dans un rack si une mauvaise répartition
des masses risque de provoquer l’instabilité du rack. Toute chute risque
de provoquer des blessures.
Avant de mettre le SCS en service, veillez à ce qu’il soit fermement fixé
dans le rack.
Connexions
Veillez à ne connecter le port réseau qu’un un réseau Ethernet prenant
en charge les standards 10Base-T/100Base-TX.
Veillez à ne connecter les ports pour périphériques qu’à des
équipements prenant en charge le standard EIA-232 (anciennement
dénommé RS-232C).
Veillez à ne connecter le port pour terminal qu’à un équipement doté
d’un port série prenant en charge le standard EIA-232 (anciennement
dénommé RS-232C).
Sicherheitshinweise
Beachten Sie bei der Installation und beim Betrieb des Secure Console Server
SCSxx05/SCSxx20 die nachstehenden Sicherheitshinweise.
Abdeckung
Nehmen Sie nicht die Abdeckung des Gehäuses ab. Im Gerät befinden
sich keine vom Benutzer wartbaren Teile. Durch Öffnen oder Entfernen
der Abdeckung können Sie gefährlichen Spannungen ausgesetzt
werden, die einen Brand verursachen oder einen elektrischen Schlag
bewirken könnten.
Überlassen Sie alle Wartungsarbeiten Lantronix.
Wartungspersonal: Entsorgen Sie alte Batterien gemäß den
Anweisungen. Wird die Batterie durch eine falsche Batterie ersetzt,
besteht Explosionsgefahr.
Netzstecker
Ziehen Sie, um das Gerät vom Netz zu trennen, am Stecker und nicht
am Kabel.
Stecken Sie das Anschlusskabel immer in eine korrekt verdrahtete und
geerdete Steckdose ein. Verwenden Sie keine Adapterstecker und
entfernen Sie nicht den Schutzkontakt vom Stecker.
Verwenden Sie nur ein Anschlusskabel, das für eine höhere Spannung
und einen höheren Strom ausgelegt ist als auf dem Gerät angegeben.
Stellen Sie das Gerät in der Nähe einer frei zugänglichen Steckdose auf.
Schließen Sie Geräte, die in Verbindung mit dem Produkt eingesetzt
werden, nur an korrekt verdrahteten und geerdeten Steckdosen an.
Schützen Sie das Produkt mit einer Überspannungsschutzvorrichtung,
einem Netzentstörgerät oder einer unterbrechungsfreien
Stromversorgung (USV) vor vorübergehenden Spannungsanstiegen und
-abfällen.
vi
Während eines Gewitters dürfen Sie das Gerät nicht anschließen oder
vom Netz trennen.
Erdung
Schließen Sie das Gerät an einem zuverlässigen Erdungspunkt an.
Achten Sie besonders auf die einwandfreie Verbindung, wenn der
Anschluss über eine Steckdosenleiste und nicht direkt am Endstromkreis
erfolgt.
Sicherungen
Ersetzen Sie die Netzteilsicherung nur durch eine Sicherung desselben
Typs und derselben Nennstromstärke, um die Gefahr eines Brandes zu
vermeiden.
Rack
Achten Sie beim Einbau des Geräts in ein Rack darauf, dass dieses
gleichmäßig belastet wird, damit die Stabilität gewährleistet ist. Das
herunterfallende Gerät kann beschädigt werden oder Verletzungen
verursachen.
Überprüfen Sie das SCS vor Inbetriebnahme auf festen Sitz im Rack.
Portanschlüsse
Schließen Sie den Netzwerkport nur an eine Ethernet-Netzwerk an, von
dem 10Base-T/100Base-TX unterstützt wird.
Schließen Sie die Geräteports nur an Geräte mit seriellen Ports an, die
EIA-232 (früher RS-232C) unterstützen.
Schließen Sie den Konsolenport nur an Geräte mit seriellen Ports an, die
EIA-232 (früher RS-232C) unterstützen.
Меры предосторожности
При установке и эксплуатации защищенного консольного сервера (Secure
Console Server) SCSxx05/SCSxx20 соблюдайте описанные ниже меры
предосторожности.
Крышка
Не снимайте крышку с рамы. Внутри нет деталей, которые должны
обслуживаться пользователем. При открытии или удалении крышки
вы можете подвергнуть себя опасности воздействия высокого
напряжения, которое способно вызвать пожар или электрический
удар.
По всем вопросам техобслуживания обращайтесь к компании
Lantronix.
Обслуживающий персонал: удаляйте все использованные батареи в
соответствии с инструкциями. Если существующая батарея
заменяется на батарею другого типа, существует риск
возникновения пожара.
Вилка электропитания
При отсоединении силового кабеля из розетки держите его за вилку,
а не за шнур.
Всегда вставляйте силовой шнур в заземленную и снабженную
правильной электропроводкой розетку. Не используйте вилкипереходники или не удаляйте заземляющий штырь со шнура.
vii
Используйте только шнур питания, у которого номинальные
значения напряжения и тока превышают номинальные значения
напряжения и тока, указанные на устройстве.
Установите устройство вблизи розетки переменного тока, к которой
имеется легкий доступ.
Всегда подсоединяйте любое оборудование, используемое вместе с
изделием, к заземленным источникам питания с правильной
электропроводкой.
Для защиты изделия от неожиданных неустановившихся
увеличений и уменьшений электрической мощности используйте
ограничитель перенапряжений, устройство защиты от электрических
помех или источник бесперебойного питания.
Не подсоединяйте это изделие во время грозы.
Заземление
Это изделие постоянно должно иметь надежное заземление.
При подсоединении к шинам питания особое внимание обращайте
на соединения питания, а не на ответвление цепи.
Предохранители
Для защиты от пожара, заменяйте предохранитель модуля подвода
питания на предохранитель такого же типа, рассчитанный на
аналогичный номинальный ток.
Стойка
Не устанавливайте устройство на стойку так, чтобы возникала
опасность нарушения стабильности из-за неравномерной нагрузки.
Падение может привести к травме.
До работы с SCS убедитесь в том, что SCS закреплен на стойке.
Соединения портов
Сетевой порт подсоединяйте только к сети Ethernet,
поддерживающей 10Base-T/100Base-TX.
Порты устройства подсоединяйте только к оборудованию с
последовательными портами, поддерживающими EIA-232 (прежнее
название RS-232C).
Терминальный порт подсоединяйте только к оборудованию с
последовательными портами, поддерживающими EIA-232 (прежнее
название RS-232C).
viii
ix
x
xi
xii
xiii
xiv
Contents
Safety Precautions _____________________________________________________ iii
1: Introduction ___________________________________________________ 1-1
SCSxx05 and SCSxx20_________________________________________________ 1-1
Hardware Features ____________________________________________________ 1-3
System Features ______________________________________________________ 1-4
Protocol Support ______________________________________________________ 1-4
System Components ___________________________________________________ 1-5
Connection Formats ___________________________________________________ 1-5
Access Control _______________________________________________________ 1-6
Device Port Buffer _____________________________________________________ 1-7
Technical Specifications ________________________________________________ 1-8
Product Information Label _______________________________________________ 1-9
System Resource Information ___________________________________________ 1-10
Copyright & Trademark________________________________________________________ i
LINUX GPL Compliance _______________________________________________________ i
Contacts ___________________________________________________________________ i
Disclaimer & Revisions ________________________________________________________ii
Serial Devices _____________________________________________________________ 1-5
Network __________________________________________________________________ 1-6
Modem (SCSxx20) _________________________________________________________ 1-6
Power Manager____________________________________________________________ 1-6
256K FIFO Buffer __________________________________________________________ 1-7
Port Data Logging __________________________________________________________ 1-7
Logging to File_____________________________________________________________ 1-7
Email Notification __________________________________________________________ 1-7
2: Installation ____________________________________________________ 2-1
Physical Installation____________________________________________________ 2-1
Power ______________________________________________________________ 2-2
AC Input _________________________________________________________________ 2-2
DC Input _________________________________________________________________ 2-2
Connecting a Terminal _________________________________________________ 2-3
Connecting to a Device Port _____________________________________________ 2-4
Connecting the Network Port_____________________________________________ 2-5
Connecting the Modem Port (SCSxx20) ____________________________________ 2-5
Power Manager Interface _______________________________________________ 2-6
3: Quick Start ____________________________________________________ 3-1
Before You Begin _____________________________________________________ 3-1
Method #1 – Using the Front Panel Display _________________________________ 3-2
Navigating ________________________________________________________________ 3-2
Entering the Settings________________________________________________________ 3-2
Method # 2- Using Telnet _______________________________________________ 3-4
4: Configuration __________________________________________________ 4-1
xv
Connecting Using Telnet or Your Serial Terminal _____________________________ 4-2
Logging in as System Administrator _______________________________________ 4-2
Accessing the Setup Menu ______________________________________________ 4-2
Navigating ________________________________________________________________ 4-3
Done Option ______________________________________________________________ 4-4
Configuring Hostname and IP Address _____________________________________ 4-4
Configuring Timezone __________________________________________________ 4-6
Configuring DNS ______________________________________________________ 4-8
Configuring Services ___________________________________________________ 4-9
Enabling/Disabling Web Configuration ____________________________________ 4-10
Configuring NTP _____________________________________________________ 4-10
Configuring Email Relay _______________________________________________ 4-11
Configuring Timeouts _________________________________________________ 4-11
Configuring Modem (SCSxx20 Only) _____________________________________ 4-12
Configuring CHAP Secrets _____________________________________________ 4-15
Configuring PAP Secrets_______________________________________________ 4-16
Configuring User Authentication _________________________________________ 4-16
Configuring NIS___________________________________________________________ 4-17
Configuring LDAP _________________________________________________________ 4-18
Configuring RADIUS ________________________________________________________ 4-1
Configuring Global Port Permissions ___________________________________________ 4-1
Done User Authentication ____________________________________________________ 4-2
Configuring NFS Mount_________________________________________________ 4-2
Configuring Firewall (Packet Filtering)______________________________________ 4-4
Configuring Device Ports________________________________________________ 4-5
Device Port Configuration Options _____________________________________________ 4-6
Device Port Menu __________________________________________________________ 4-6
Device Port Names _________________________________________________________ 4-6
Device Port Parameters _____________________________________________________ 4-7
Device Logging Parameters _________________________________________________ 4-10
Done Device Ports ________________________________________________________ 4-14
Updating Software____________________________________________________ 4-14
Using Done _________________________________________________________ 4-16
Saving _____________________________________________________________ 4-17
Rebooting __________________________________________________________ 4-17
5: Web Interface __________________________________________________ 5-1
Accessing the Web Interface_____________________________________________ 5-1
Web Configuration Utility Main Page_______________________________________ 5-2
Configurable Parameters________________________________________________ 5-2
Web Access Delay ____________________________________________________ 5-3
Saving Web Interface Entries ____________________________________________ 5-4
Exiting ______________________________________________________________ 5-4
6: Modem Setup __________________________________________________ 6-1
Installing a Modem Card ________________________________________________ 6-1
Initializing the Modem __________________________________________________ 6-1
xvi
7: System Administrator and User Functions __________________________ 7-1
System Administrator Functions __________________________________________ 7-1
Security and Passwords _____________________________________________________ 7-1
Changing the Sysadmin Password _____________________________________________ 7-1
Changing the Root Password _________________________________________________ 7-2
If You Misplace the Sysadmin Password ________________________________________ 7-3
User Access and Functions______________________________________________ 7-3
Network Port Access________________________________________________________ 7-3
Terminal Port Access _______________________________________________________ 7-4
Modem Module ____________________________________________________________ 7-4
Selecting a Device Port______________________________________________________ 7-4
Direct Mode_______________________________________________________________ 7-5
Logging Out_______________________________________________________________ 7-6
8: Commands ____________________________________________________ 8-1
Summary of Commands ________________________________________________ 8-1
System Commands ____________________________________________________ 8-2
SAVE____________________________________________________________________ 8-2
reboot ___________________________________________________________________ 8-2
poweroff _________________________________________________________________ 8-3
help _____________________________________________________________________ 8-3
alias_____________________________________________________________________ 8-3
setup ____________________________________________________________________ 8-3
passwd __________________________________________________________________ 8-4
break ____________________________________________________________________ 8-4
changes__________________________________________________________________ 8-4
config-save _______________________________________________________________ 8-4
config-restore _____________________________________________________________ 8-4
install-modem _____________________________________________________________ 8-4
man _____________________________________________________________________ 8-4
modem-hangup ____________________________________________________________ 8-4
info _____________________________________________________________________ 8-4
reset-modem______________________________________________________________ 8-5
scp______________________________________________________________________ 8-5
sftp _____________________________________________________________________ 8-5
ssh______________________________________________________________________ 8-5
ssh-keygen _______________________________________________________________ 8-5
syslog ___________________________________________________________________ 8-5
timeout __________________________________________________________________ 8-6
unsaved__________________________________________________________________ 8-6
version___________________________________________________________________ 8-6
Device Commands ____________________________________________________ 8-7
devices __________________________________________________________________ 8-7
editdev___________________________________________________________________ 8-7
listdev ___________________________________________________________________ 8-7
connections _______________________________________________________________ 8-8
cat ______________________________________________________________________ 8-8
clear ____________________________________________________________________ 8-8
xvii
less _____________________________________________________________________ 8-8
logout ___________________________________________________________________ 8-8
User Management Commands ___________________________________________ 8-9
listusers __________________________________________________________________ 8-9
adduser __________________________________________________________________ 8-9
edituser _________________________________________________________________ 8-10
deluser _________________________________________________________________ 8-11
editbrk __________________________________________________________________ 8-11
editesc__________________________________________________________________ 8-11
passwd _________________________________________________________________ 8-11
User Commands _____________________________________________________ 8-12
select___________________________________________________________________ 8-12
direct ___________________________________________________________________ 8-12
telnetconfig ______________________________________________________________ 8-12
listen ___________________________________________________________________ 8-12
clear ___________________________________________________________________ 8-12
exit_____________________________________________________________________ 8-12
logout __________________________________________________________________ 8-12
Break Sequence __________________________________________________________ 8-12
Escape Sequence_________________________________________________________ 8-12
Advanced Sysadmin Commands ________________________________________ 8-13
Using ssh Keys and keygen Procedures _______________________________________ 8-13
Mounting File Systems During Boot ___________________________________________ 8-14
Mounting File Systems Dynamically Using autofs ________________________________ 8-15
9: Port Access ___________________________________________________ 9-1
Telnet to Serial Port Feature _____________________________________________ 9-1
Accessing Serial Ports ______________________________________________________ 9-1
Assigning an IP Port Number to a Serial Port_____________________________________ 9-3
Testing __________________________________________________________________ 9-4
Saving the Changes to Flash _________________________________________________ 9-4
IP Address per Serial Port Feature ________________________________________ 9-5
Setting the IP Addresses ____________________________________________________ 9-5
Testing __________________________________________________________________ 9-7
Saving the Changes to Flash _________________________________________________ 9-8
Final Testing ______________________________________________________________ 9-8
Bypassing Authentication ____________________________________________________ 9-9
A: Unix Command Help ____________________________________________ A-1
less command_____________________________________________________________ A-1
vi Editor Commands ________________________________________________________ A-3
B: Hexadecimal Conversion Chart ___________________________________ B-1
C: Pinouts and Adapters ___________________________________________ C-1
SCSxx05 ____________________________________________________________C-2
SCSxx05 Pinouts __________________________________________________________C-2
SCSxx05 Adapters _________________________________________________________ C-3
SCSxx20 ___________________________________________________________C-12
SCSxx20 Pinouts _________________________________________________________C-12
xviii
SCSxx20 Adapters ________________________________________________________ C-13
D: Compliance and Warranty Information _____________________________ D-1
Compliance Information (1) ______________________________________________D-1
Compliance Information (2) ______________________________________________D-3
Warranty ____________________________________________________________D-4
xix
11:: IInnttrroodduuccttiioonn
The Lantronix SCS family of Secure Console Servers enables IT professionals to
remotely and securely configure and administer servers, routers, switches,
telephone equipment, or other devices equipped with a serial port.
This chapter introduces you to the Lantronix SCSxx05 and SCSxx20 products. It
includes the following topics:
Topic Page
SCSxx05 and SCSxx20 1-1
Hardware Features 1-3
System Features 1-4
Protocol Support 1-4
System Components 1-5
Connection Formats 1-5
Access Control 1-6
Device Port Buffer 1-7
Technical Specifications i1-8
Product Information Label 1-9
System Resource Information 1-10
SCSxx05 and SCSxx20
The Lantronix SCSxx05 and SCSxx20 are console servers offering
authentication and secure encryption. These SCS models offer a compact
solution for remote and local management of up to 48 devices (e.g., servers,
routers, and switches) with RS-232C (now EIA-232) compatible serial consoles in
a 1U-tall rack space. You can access the attached devices with keyboard
commands from a local terminal, through a network, or through a dial-up
connection.
1-1
SCSxx05/SCSxx20 User Guide 1: Introduction
Figure 1-1. SCS4805 – 48 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered
This User Guide covers the following products:
Model SCS820 - AC or DC Powered 8-Port Secure Console Server
Model SCS1620 - AC or DC Powered 16-Port Secure Console Server
Model SCS3205 - AC Powered 32-Port Secure Console Server
Model SCS4805 - AC Powered 48-Port Secure Console Server
The SCS4805 is depicted above; the other models are similar. The products
differ only in the number of device ports provided and in AC or DC power and
modem availability. The SCSxx20 models have dual entry redundant power
supplies for mission critical applications. They are available in AC or DC powered
versions and can include an optional internal modem. In general, we refer to this
product family as SCS products.
Figure 1-2. SCS3205 - 32 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered
1-2
SCSxx05/SCSxx20 User Guide 1: Introduction
Figure 1-3. SCS1620A – 16 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered
Figure 1-4. SCS820 – 8 Device Ports, 1 Network Port, 1 Terminal Port, AC Powered
Hardware Features
1U-tall (1.75 inches) rack-mountable secure console server
One 10Base-T/100Base-TX network port for connection to your IP
network
Up to 48 RS232 serial device ports connected via Category 5 (RJ45)
wiring
One serial terminal port (console port) for VT100 terminal or PC with
emulation
(Optional) One modem module, for analog dial-up connections
(SCSxx20 only)
256KB-per-port buffer memory for device ports; logging supported
Front panel 2-line backlit LCD display and pushbutton controls
128MB flash memory; 128MB RAM; field-upgradeable
Universal AC power input (100-240V, 50/60 Hz)
–48VDC power option (SCSxx20 only)
Convection cooled, silent operation, low power consumption
Support for PCU8 power control unit
1-3
SCSxx05/SCSxx20 User Guide 1: Introduction
System Features
Ability to connect up to 48 RS-232 serial consoles
10Base-T/100Base-TX IP network compatible
Buffer logging to file
ID/Password security, configurable access rights
Email notification
Secure shell (SSH) security
Open Lightweight Directory Access Protocol (LDAP)
Network File System (NFS) support
Network Information Service (NIS) capable for centrally managed
permissions
Ability to Telnet to a serial port by IP address per port or by IP address
and TCP port number
Ability to work with an external modem (SCSxx05 and SCSxx20) and
optional internal modem (SCSxx20)
No unintentional break ever sent to attached servers (Solaris Ready
Certified)
Simultaneous access on the same port - "listen" mode
Local access through terminal port
Built-in setup routine for simple setup and administration
Web administration (using any modern browser)
Protocol Support
The SCS supports the TCP/IP network protocol as well as:
SSH, Telnet, and PPP for connections in and out of the SCS
DNS for text-to-IP address name resolution
SNMP for remote monitoring and management
FTP for file transfers and firmware upgrades
TFTP for firmware upgrades
DHCP for IP address assignment
HTTP/HTTPS for easy browser-based configuration
NTP for time synchronization
LDAP, NIS, RADIUS, CHAP, and PAP for user authentication
CHAP (Challenge Handshake Authentication Protocol)
A secure protocol for connecting to a system; more secure than the PAP.
DHCP (Dynamic Host Configuration Protocol)
Internet protocol for automating the configuration of computers that use TCP/IP.
DNS (Domain Name Servers)
A system that allows a network nameserver translate text host names into
numeric IP addresses.
1-4
SCSxx05/SCSxx20 User Guide 1: Introduction
LDAP (Lightweight Directory Access Protocol)
A set of protocols for accessing information directories.
NFS (Network File System)
A protocol that allows file sharing across a network.
NIS
(Network Information System)
A network-naming and administration system for smaller networks.
NTP (Network Time Protocol)
A protocol used to synchronize time on networked computers and equipment.
PAP (Password Authentication Protocol)
A method of user authentication in which the username and password are
transmitted over a network and compared to a table of name-password pairs.
PPP (Point to Point Protocol)
A mechanism for creating and running IP and other network protocols over a
serial link.
RADIUS (Remote Authentication Dial-In User Service)
An authentication and accounting system used by many Internet Service
Providers (ISPs).
SNMP (Simple Network Management Protocol)
Commands that allow system administrators to monitor and manage nodes on a
LAN (Local Area Network) and respond to queries from other network hosts. One
community name can be configured with read/write access.
SSH (Secure Shell)
A secure transport protocol based on public-key cryptography.
Telnet
A terminal protocol that provides an easy-to-use method of creating terminal
connections to a network host.
System Components
All system components are enclosed in a rack-mountable metal chassis. The
chassis has 8, 16, 32, or 48 device ports, one terminal port, and one network
port. An optional modem module is available for the SCSxx20 that you can add
at any time. The front panel features an LCD display and pushbuttons for access
to some system information.
Connection Formats
All physical connections to the product are made to the rear panel using industrystandard cabling and connectors. All serial connections and network
connections use conventional Category 5 (Cat5) cabling (RJ45 jacks). Required
cables and adapters for certain servers, switches, and other products are
available from Lantronix (see http://www.lantronix.com/
.)
Serial Devices
1-5
SCSxx05/SCSxx20 User Guide 1: Introduction
All devices attached to both the device ports and the terminal port must support
the RS-232C (EIA-232) standard. Category 5 cabling with RJ45 connections is
used for the device port connections and for the terminal port.
Device ports (numbered from port 1 to port 48) support seven baud rate options:
2400, 4800, 9600, 19200, 38400, 57600, and 115200 baud.
Network
The SCS network interface is a 10Base-T/100Base-TX connector, for use with a
conventional TCP/IP network using standard RJ45-terminated Category 5
cables. The system administrator must configure the network parameters before
the SCS can be accessed over the network.
Modem (SCSxx20)
The optional modem module connects to a conventional telephone line using
standard RJ11 modular telephone cable. The analog modem on the card
connects at speeds up to 38,400 baud. Any PPP features require a modem.
With the modem installed, the SCSxx20 supports:
Plain Text TTY
PPP connection, with PAP or CHAP authentication
Callback connection
Note: Both the SCSxx05 and the SCSxx20 can work with an external
modem.
Power Manager
The SCSxx20 has an extra power manager port for connection to the Lantronix
Power Control Unit (PCU8). However, any available device port may be used as
the power manager port on the SCSxx05 and SCSxx20.
Figure 1-5. SCS4805 Rear Panel Connections for Network, Terminal (Console), and Device Ports
Access Control
The system administrator controls access to attached servers or devices by
assigning access rights to up to 128 user profiles. Each user has an assigned ID,
password, and access rights. Other access options may include externally
configured authentication methods such as NIS and LDAP.
1-6
SCSxx05/SCSxx20 User Guide 1: Introduction
Device Port Buffer
The SCS products support port data buffering of the messages on the system's
device ports. Port buffers are enabled by default.
256K FIFO Buffer
Each device port stores 256 KB (approximately 400 screens) of I/O data in a true
FIFO buffer. You may view this data while the user is not directly interacting with
the attached device.
Buffered data is not normally stored in memory and will be lost in the event of a
power failure if it is not logged using an NFS mount solution (see Port Data
Logging, below). If the buffer data overflows the buffer capacity, only the oldest
data will be lost, and only in the amount of overrun (not in large blocks of
memory).
Port Data Logging
The SCS supports real-time data logging for each device port. The port can save
the data log to a file, send an email notification of an issue, or take no action.
SAVE (a system administrator command, discussed later) does not affect the
buffer log files. Logging the data to an NFS mount location ensures that the
device port data will be maintained (elsewhere) in the event of a power failure.
Logging to File
Data can be logged either to a file on the SCS or to a file on a remote NFS
server. Data logged to a local SCS file is limited in size by the available space on
the SCS, and may be lost in the event of a power loss. Data logged to a file on
an NFS server does not have these limitations. The system administrator can
define the path for logged data on a port-by-port basis and configure file size and
number of files per port for each logging event.
Email Notification
The system administrator can configure the device log to automatically send an
email alert message to the appropriate parties indicating a particular error. The
email is triggered when a user-defined number of characters in the log from your
server or device is exceeded.
1-7
SCSxx05/SCSxx20 User Guide 1: Introduction
Technical Specifications
Table 1-1. SCSxx05 Technical Specifications
CPU, Memory
Serial Interface
(Device)
Serial Interface
(Terminal)
Network Interface
Power Supply
Dimensions
Weight
Temperature
Relative Humidity
Heat Flow Rate
AMD SC520 133 MHz
128 MB FLASH Card Memory (non-volatile)
128MB RAM
256K FIFO Buffer RAM per Device Port
RJ45-type 8-conductor connector (DTE default; configurable)
Speed software selectable (2400 to 115,200 baud)
Software selectable EIA-232 (formerly RS-232C)
RJ45-type 8-pin connector (DTE default)
Speed software selectable (2400 to 115,200 baud)
Software selectable EIA-232 (formerly RS-232C)
10Base-T/100Base-TX RJ45 Ethernet
Universal AC Power input, 100-240VAC 50/60 Hz
IEC-type regional cord set included
SCS3205: 1U, 1.75 in x 17.25 in x 12.25 in (4.45 cm x 43.8 cm x 31.1 cm)
SCS4805: 1U, 1.75 in x 17.25 in x 14.75 in (4.45 cm x 43.8 cm x 37.5 cm)
SCS3205: 4.5 kg (10 lbs)
SCS4805: 5.0 kg (11 lbs)
Operating: 0 to 50 °C (32 to 122 °F), 30 to 90 %RH, non-condensing
Storage: -20 to 70 °C (-4 to 158 °F), 10 to 90 %RH, non-condensing
Operating: 10% to 90% non-condensing; 40% to 60% recommended
Storage: 10% to 90% non-condensing
62 BTU/hr.
1-8
SCSxx05/SCSxx20 User Guide 1: Introduction
Table 1-2. SCSxx20 Technical Specifications
CPU, Memory
Serial Interface
(Device)
Serial Interface
(Terminal)
Network Interface
Modem (optional)
Power Supply AC Power:
Dimensions
Weight
Temperature
AMD SC520 133 MHz
128 MB FLASH Card Memory (non-volatile)
128MB RAM (includes 256K FIFO Buffer RAM per device port)
RJ45-type 8-conductor connector (DCE default; configurable)
Speed software selectable (2400 to 115,200 baud)
Software selectable EIA-232 (formerly RS-232C)
RJ45-type 8-pin connector (DCE default)
Speed software selectable (2400 to 115,200 baud)
Software selectable EIA-232 (formerly RS-232C)
10Base-T/100Base-TX RJ45 Ethernet
RJ11C connector; analog POTS format; 38,400 baud max
Universal AC Power input, 100-240VAC 50/60 Hz
IEC-type regional cord set included
DC Power:
-48 VDC only, externally fused
SCS820: 1U, 1.75 in x 17.25 in x 12.25 in (4.45 cm x 43.8 cm x 31.1 cm)
SCS1620: 1U, 1.75 in x 17.25 in x 13.00 in (4.45 cm x 43.8 cm x 33.0 cm)
SCS820: 4.8 kg (10.6 lbs)
SCS1620: 5.0 kg (11 lbs)
Operating: 0 to 50 °C (32 to 122 °F), 30 to 90 %RH, non-condensing
Storage: -20 to 70 °C (-4 to 158 °F), 10 to 90 %RH, non-condensing
Relative Humidity
Heat Flow Rate
Operating: 10% to 90% non-condensing; 40% to 60% recommended
Storage: 10% to 90% non-condensing
75 BTU/hr.
Product Information Label
The product information label on the underside of the unit contains the following
information about your specific unit:
Bar Code
Serial Number/Date Code
Regulatory Certifications and Statements
Manufacturer's Contact Information
1-9
SCSxx05/SCSxx20 User Guide 1: Introduction
System Resource Information
The SCS is programmable using OS-level commands and options. The system
administrator configures the product using a command-line interface or one of
several prepared scripts.
Numerous resources on the Internet (and elsewhere) provide information about
security options, programming tools and techniques, and configuration advice. A
few of the Internet sites are listed below:
SSH info: www.openSSH.org
RFC's (the standards and details behind the Internet): www.rfc-editor.org
PuTTY, a free Win32 Telnet/SSH Client (recommended):
http://www.chiark.greenend.org.uk/~sgtatham/putty/
Security: www.bastille-linux.org
An online manual on Linux security:
http://www.linuxdoc.org/LDP/solrhe/Securing-Optimizing-Linux-RHEdition-v1.3/
The following sites have more information about Linux (from basic to advanced):
www.kernel.org
www.tldp.org
http://www.linuxlinks.org/
1-10
Loading...