Lantronix SecureLinx SLC8, SecureLinx SLC16, SecureLinx SLC32, SecureLinx SLC48 User Manual
SecureLinxTM Console Manager (SLC)
User Guide
SecureLinx SLC8
SecureLinx SLC16
SecureLinx SLC32
SecureLinx SLC48
Part No. 900-449
Rev. H March 2010
Copyright and Trademark
© 2004, 2005, 2006, 2007, 2008, 2009, and 2010 Lantronix. All rights re served. No part of the
contents of this book may be transmitted or reproduced in any form or by any means without the
written permission of Lantronix. Printed in the United States of America.
Ethernet is a trademark of XEROX Corporation. UNIX is a registered trademark of The Open
Group. Windows 95, Windows 98, Windows 2000, Windows 2003, and Windows NT are
trademarks of Microsoft Corporation. Netscape is a trademark of Netscape Communications
Corporation.
Warranty
For details on the Lantronix warranty replacement policy, please go to our web site at
http://www.lantronix.com/support/warranty.
Open Source Software
Some applications are Open Source software licensed under the Berkeley Software Distribution
(BSD) license or the GNU General Public License (GPL) as published by the Free Software
Foundation (FSF). Redistribution or incorporation of BSD or GPL licensed software into hosts
other than this product must be done under their terms. A machine readable copy of the
corresponding portions of GPL licensed so ur ce code is availa b le at th e co st of dis trib u tio n.
Such Open Source Software is distributed WITHOUT ANY WARRANTY, INCLUDING ANY
IMPLIED WARRANTY OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE.
See the GPL and BSD for details.
A copy of the licenses is available from Lantronix. The GNU General Public License is available at
http://www.gnu.org/licenses/.
Contacts
Lantronix Corporate Headquarters
167 Technology Drive
Irvine, CA 92618, USA
Toll Free: 800-526-8766
Phone: 949-453-3990
Fax: 949-450-7249
Technical Support
Online: www.lantronix.com/support
Sales Offices
For a current list of our domestic and international sales offices, go to the Lantronix web site at
www.lantronix.com/about/contact.
Disclaimer and Revisions
Operation of this equipment in a residential area is likely to cause interference, in which case the
user, at his or her own expense, will be required to take whatever measures may be required to
correct the interference.
SecureLinx SLC User Guide 2
Notes:
This equipment has been tested and found to comply with the limits for Class A digital device
pursuant to Part 15 of the FCC Rules. These limits are designed to provide reasonable
protection against harmful interference when the equipment is operated in a commercial
environment.
This equipment generates, uses, and can radiate radio frequency energy an d, if not installed
and used in accordance with this User Guide, may clause interference to radio
communications. Operation of this equipment in a residential area is likely to cause
interference, in which case the user will be required to correct the interference at his own
expense.
The user is cautioned that changes and modifications made to the equipment without approva l
of the manufacturer could void the user’s authority to operate this equipment.
Changes or modifications to this device not explicitly approved by Lantronix will void the user's
authority to operate this device.
The information in this guide may change without notice. The manufacturer assumes no
responsibility for any errors that may appear in this guide. For the latest revision of product
documents, please check our online documentation at www.lantronix.com/support/documentation
Revision History
.
Date Rev. Comments
6/06 A Initial Release
8/06 B Added event configuration, local/remote user authentication precedence, firmware
update via HTTPS, complex passwords, and port permissions for remote users.
1/07 C Added dial-in & dial-on-demand modem state, IP filters, active directory to LDAP
section, and additional TACACS+ servers.
4/07 D Added ability to import site-specific SSL certificates and SSH host keys, to display a
list of web sessions, to set an IP filter timer, and to save system logs across reboots.
Enabled dual boot-up.
8/07 E Added gateway page, phone home; alarm delay; SSH v1 logins; trap community;
configuration manage option; system logs beginning and end dates, device port
logging to syslog.
4/08 F New web page design with tabbed menus.
Added support for the following: Sensorsoft devices; SecureID over Radius;
command and status of the SLP expansion chassis; escape and break sequences for
remote users; password aging, iGoogle Gadget; SNMP v3 encryption; ability to copy
boot bank; host lists for outgoing modem and direct connection at the CLI; new option
for local users to display a custom menu at login.
1/10 G Added support for Interface and Batch Scripting, Ethernet Bonding, configurable LCD
screens and scrolling, redesigned SLC Network web page, Email Log, Firmware
Update vi PC Card and NFS, SLC Temperature, and PPP dialback (including
CallBack Control Protocol).
3/10 H Updated for USB support that was added in firmware 5.5.
SecureLinx SLC User Guide 3
Table of Contents
Copyright and Trademark ____________________________________________________2
Warranty _________________________________________________________________2
Open Source Software ______________________________________________________2
Contacts _________________________________________________________________2
Disclaimer and Revisions ____________________________________________________2
Revision History ______________________________ _____________________________3
1: About This Guide 14
Chapter Summaries________________________________________________________14
Conventions______________________________________________________________15
Additional Documentation ___________________________________________________16
2: Overview 17
SLC Models and Part Numbers ___________________________________________ ____17
System Features __________________________________________________________19
Protocols Supported ____________________________________________________20
Access Control ________________________________________________________20
Device Port Buffer ______________________________________________________20
Configuration Options ___________________________________________________20
Hardware Features ________________________________________________________21
Serial Connections _____________________________________________________21
Network Connections ___________________________________________________22
PC Card Interface ______________________________________________________22
USB Port _____________________________________________________________23
3: Installation 24
What’s in the Box______________________________________________________ ____24
Product Information Label ________________________________________________25
Technical Specifications_____________________________________________________25
Physical Installation ________________________________________________________25
Connecting to Device Ports_______________________________________________26
Connecting to Network Ports______________________________________________27
Connecting to Terminals _________________________________________________27
Power _______________________________________________________________27
4: Quick Setup 29
Recommendations_________________________________________________________29
IP Address _______________________________________________________________ 29
Front Panel LCD Display and Pushbuttons __________________________________30
Navigating ____________________________________________________________30
Entering the Settings____________________________________________________31
Restoring Factory Defaults _______________________________________________32
Next Step ________________________________________________________________38
SecureLinx SLC User Guide 4
Table of Contents
5: Web and Command Line Interfaces 39
Web Interface_____________________________________________________________39
Logging In ____________________________________________________________41
Logging Off ___________________________________________________________41
Web Page Help ________________________________________________________41
Command Line Interface _____________________________________ _______________41
Logging In ____________________________________________________________42
Logging Out___________________________________________________________42
Command Syntax ______________________________________________________42
Command Line Help ____________________________________________________43
Tips _________________________________________________________________43
General CLI Commands _________________________________________________44
6: Basic Parameters 46
Requirements for IP Address Assignment_______________________________________46
Network Settings __________________________________________________________46
Ethernet Bonding_______________________________________________________47
Ethernet Counters ______________________________________________________51
Network Commands ____________________________________________________52
IP Filters_________________________________________________________________ 52
Enabling IP Filters ______________________________________________________52
Configuring IP Filters Rulesets ____________________________________________53
Viewing IP Filter Rulesets and Mapping _____________________________________56
IP Filter Commands_____________________________________________________57
Routing__________________________________________________________________57
Routing Commands_____________________________________________________59
7: Services 60
SSH/Telnet/Logging________________________________________________________60
SSH, Telnet, and Logging Commands______________________________________63
SNMP ___________________________________________________________________64
SNMP Commands______________________________________________________66
NFS and SMB/CIFS____________________________________________________ ____66
NFS and SMB/CIFS Commands___________________________________________68
SecureLinx Network________________________________________________________68
SecureLinx Network Commands___________________________________________71
Date and Time ____________________________________________________________71
Date and Time Commands _______________________________________________73
Web Server ______________________________________________________________73
Web Server Commands _________________________________________________ 76
Google Gadgets___________________________________________________________76
8: Devices 78
Connection Methods _______________________________________________________78
SecureLinx SLC User Guide 5
Table of Contents
Permissions ______________________________________________________________79
Device Status_____________________________________________________________79
Device Ports______________________________________________________________80
Port Status and Counters ________________________________________________88
Device Port – SLP____________________________________ __________________89
Device Port – Sensorsoft Device___________________________________________90
Device Port Commands__________________________________________________92
Device Ports – Logging _____________________________________________________92
Local Logging _________________________________________________________92
NFS File Logging_______________________________________________________92
PC Card Logging_______________________________________________________93
USB Port Logging ______________________________________________________93
Email/SNMP Notification _________________________________________________93
Syslog Logging ________________________________________________________93
Logging Commands ____________________________________________________97
Console Port _____________________________________________________________97
Console Port Commands ________________________________________________98
Host Lists ________________________________________________________________99
Host List Commands___________________________________________________101
Scripts _________________________________________________________________101
Batch Script Syntax____________________________________________________104
Interface Script Syntax _________________________________________________105
Definitions ___________________________________________________________105
Primary Commands____________________________________________________106
Secondary Commands _________________________________________________107
Control Flow Commands________________________________________________109
Sample Scripts ______________________________ _________________________110
9: PC Cards 114
Set Up of PC Card Storage _________________________________________________114
Modem Settings__________________________________________________________ 115
PC Card Commands ______________________________________________________121
10: USB Port 122
Set Up of USB Storage ____________________________________________________122
Manage Firmware and Configuration Files _____________________________________124
USB Commands ______________________________________________________125
11: Connections 127
Types of Endpoints and Connections _________________________________________127
Typical Configurations of SLC Connections_____________________________________127
Terminal Server____________________________________ ___________________127
Remote Access Server _________________________________________________128
Reverse Terminal Server________________________________________________128
SecureLinx SLC User Guide 6
Table of Contents
Multiport Device Server_________________________________________________129
Console Server _______________________________________________________129
Connection Configuration___________________________________________________130
Connection Commands_________________________________________________133
12: User Authentication 134
Overview of Authentication _________________________________________________134
User Rights _____________________________________________________________135
Authentication Methods ____________________________________________________136
Authentication Commands ______________________________________________137
Local and Remote Users ___________________________________________________138
Local/Remote User Settings ________________________________________________139
Local/Remote Users Commands__________________________________________143
NIS____________________________________________________________________ 144
NIS Commands_______________________________________________________147
LDAP __________________________________________________________________147
Schema Permissions versus Default User Rights____ _________________________147
User Attributes and Permissions from LDAP Schema__________________________151
LDAP Commands _____________________________________________________151
RADIUS ________________________________________________________________151
RADIUS Commands ___________________________________________________154
Kerberos________________________________________________________________155
Kerberos Commands___________________________________________________158
TACACS+ ______________________________________________________________158
TACACS+ Commands__________________________________________________161
SSH Keys_______________________________________________________________161
Imported Keys ________________________________________________________161
Exported Keys________________________________________________________162
SSH Commands ______________________________________________________167
Custom User Menus ______________________________________________________167
Custom User Menus Commands__________________________________________169
13: Maintenance 170
Firmware and Configurations________________________________________________170
Firmware and Configurations Commands___________________________________175
System Logs ____________________________________________________________ 176
System Logs Commands _______________________________________________178
Audit Log _______________________________________________________________178
Audit Log Commands __________________________________________________178
Email Log_______________________________________________________________ 179
Email Log Commands__________________________________________________179
Diagnostics______________________________________________________________179
Diagnostics Commands_________________________________________________182
Status/Reports ___________________________________________________________182
SecureLinx SLC User Guide 7
Table of Contents
Status/Reports Commands ______________________________________________185
Events _________________________________________________________________185
Events Commands ____________________________________________________186
Banners ________________________________________________________________187
Banner Commands ____________________________________________________187
LCD and Keypad _________________________________________________________188
LCD/Keypad Commands________________________________________________189
14: Application Examples 190
Telnet/SSH to a Remote Device _____________________________________________190
Dial-in (Text Mode) to a Remote Device _______________________________________192
Local Serial Connection to Network Device via Telnet ____________________________193
15: Command Reference 195
Introduction to Commands__________________________________________________195
Command Syntax _____________________________________________________195
Command Line Actions and Categories ____________________________________196
Tips ________________________________________________________________196
Deprecated Commands____________________________________________________197
Administrative Commands__________________________________________________197
Audit Log Commands______________________________________________________205
Authentication Commands__________________________________________________205
CLI Commands __________________________________________________________206
Connection Commands ____________________________________________________207
Console Port Commands___________________________________________________210
Custom User Menu Commands______________________________________________211
Date and Time Commands _________________________________________________212
Device Commands________________________________________________________213
Device Port Commands____________________________________________________214
Diagnostic Commands_____________________________________________________218
Email Log Commands _____________________________________________________221
Events Commands_____________________________________________________ ___221
Host List Commands ______________________________________________________222
IP Filter Commands _______________________________________________________223
Kerberos Commands______________________________________________________225
LDAP Commands ________________________________________________________226
Local Users Commands____________________________________________________227
Log Commands __________________________________________________________230
Network Commands_______________________________________________________231
NFS and SMB/CIFS Commands _____________________________________________234
NIS Commands __________________________________________________________235
PC Card Commands ______________________________________________________236
RADIUS Commands ______________________________________________________239
Remote Users Commands__________________________________________________240
SecureLinx SLC User Guide 8
Table of Contents
Routing Commands _______________________________________________________241
Script Commands_________________________________________________________242
Services Commands ______________________________________________________243
SLC Network Commands___________________________________________________245
SSH Key Commands______________________________________________________245
Status Commands ________________________________________________________248
System Log Commands____________________________________________________248
TACACS+ Commands_____________________________________________________248
Temperature Commands___________________________________________________ 249
USB Commands _________________________________________________________250
User Permissions Commands _______________________________________________253
A: Bootloader 254
Accessing the Bootloader __________________________________________________254
Bootloader Commands ____________________________________________________254
User Commands ______________________________________________________254
Administrator Commands ______________________________________ _________255
B: Security Considerations 256
Security Practice _________________________________________________________256
Factors Affecting Security __________________________________________________256
C: Safety Information 257
Cover __________________________________________________________________257
Power Plug______________________________________________________________257
Input Supply_____________________________________________________________257
Grounding ______________________________________________________________ 258
Fuses __________________________________________________________________258
Rack___________________________________________________________________258
Port Connections _________________________________________________________ 259
D: Adapters and Pinouts 260
E: Protocol Glossary 265
F: Compliance Information 270
G: DC Connector Instructions 273
H: LDAP Schemas 276
Installing Schema Support in Window AD Server ________________________________276
Creating the Lantronix SecureLinx SLC Schema Attribute _________________________279
Adding the Attribute to the Users Group in Windows______________________________281
Adding the Permissions to the Individual User___________________________________283
Values to Use____________________________________________________________285
String Format _________________________________________ ___________________286
SecureLinx SLC User Guide 9
List of Figures
Figure 2-1 Lantronix SLC48 with PC Card Slots_________________________________________19
Figure 2-2 Lantronix SLC48 with USB Port_____________________________________________19
Figure 2-3 Device Port Connections__________________________________________________21
Figure 2-4 Console Port Connection__________________________________________________22
Figure 2-5 Network Connection _____________________________________________________22
Figure 2-6 PC Card Interface _______________________________________________________22
Figure 2-7 SLC with USB Interface___________________________________________________23
Figure 3-1 CAT 5 Cable Connection__________________________________________________27
Figure 3-2 AC Power Input and Power Switch (SLCxxxx2N) _______________________________28
Figure 3-3 DC Power Inputs and Power Switch (SLCxxx24T) ______________________________28
Figure 4-1 Front Panel LCD Display and Arrow Pushbuttons_______________________________30
Figure 4-2 Quick Setup Tab ________________________________________________________34
Figure 4-3 Quick Setup Screen Using CLI _____________________________________________36
Figure 4-4 Completed Quick Setup___________________________________________________38
Figure 5-1 Web Page Layout _______________________________________________________40
Figure 6-1 Network Web Page ______________________________________________________48
Figure 6-2 Ethernet Counters Example________________________________________________51
Figure 6-3 IP Filter Page___________________________________________________________53
Figure 6-4 Adding Network IP Filter Rulesets___________________________________________54
Figure 6-5 IP Filter Page Displaying Rulesets and Mappings_______________________________56
Figure 6-6 IP Filter Status__________________________________________________________57
Figure 6-7 Routing Page___________________________________________________________58
Figure 6-8 Status/Reports Page _____________________________________________________59
Figure 7-1 SSH/Telnet/Logging Page_________________________________________________61
Figure 7-2 SNMP Page____________________________________________________________64
Figure 7-3 NFS and SMB/CIFS Page_________________________________________________67
Figure 7-4 SecureLinx Network Page with Local Subnet Addressing_________________________69
Figure 7-5 Telnet Session__________________________________________________________70
Figure 7-6 SecureLinx Network - Search Options Page___________________________________70
Figure 7-7 Date & Time Page_______________________________________________________72
Figure 7-8 Web Server Page _____________________________________ __________________73
Figure 7-9 Web Server - Web Sessions Page __________________________________________74
Figure 7-10 Web Server - SSL Certificate Page_________________________________________75
Figure 7-11 iGoogle Gadget Page ___________________________________________________77
Figure 8-1 Device Status Page_______ _______________________________________________ 79
Figure 8-2 Device Ports Page_______________________________________________________80
Figure 8-3 Device Ports - Settings Page_______________________________________________82
Figure 8-4 Modem Log ____________________________________________________________88
Figure 8-5 Port Status and Counters Section___________________________________________89
Figure 8-6 Device Ports - SLP Page__________________________________________________89
Figure 8-7 Device Ports - Sensorsoft _________________________________________________91
SecureLinx SLC User Guide 10
List of Figures
Figure 8-8 Device Ports - Logging ___________________________________________________94
Figure 8-9 Console Port Page_______________________________________________________98
Figure 8-10 Host Lists Page ________________________________________________________99
Figure 8-11 Scripts Page ________________________________________ _________________102
Figure 8-12 Adding New Scripts Page _______________________________________________103
Figure 9-1 PC Card Page _________________________________________________________114
Figure 9-2 PC Card - Storage Page _________________________________________________115
Figure 9-3 PC Card - Modem/ISDN Page_____________________________________________116
Figure 10-1 USB Main Page_______________________________________________________122
Figure 10-2 USB - Storage Page ___________________________________________________123
Figure 10-3 Firmware and Configurations - Manage Files (Top of Page)_____________________124
Figure 10-4 Firmware and Configurations - Manage Files (Bottom of Page) __________________125
Figure 11-1 Terminal Server____________________________________ ___________________128
Figure 11-2 Remote Access Server _________________________________________________128
Figure 11-3 Reverse Terminal Server_______________________________________ _________128
Figure 11-4 Multiport Device Server______________________________ ___________________129
Figure 11-5 Console Server _______________________________________________________130
Figure 11-6 Connections Page_____________________________________________________131
Figure 11-7 Current Connections Section of the Connections Page ________________________132
Figure 12-1 Authentication Methods Page ____________________________________________136
Figure 12-2 Local/Remote Users Page_______________________________________________138
Figure 12-3 Local/Remote User Settings Page______________________ ___________________140
Figure 12-4 NIS Page____________________________________________________________144
Figure 12-5 LDAP Page __________________________________________________________148
Figure 12-6 RADIUS Page ________________________________________________________152
Figure 12-7 Kerberos Page________________________________________________________155
Figure 12-8 TACACS+ Page_______________________________________________________159
Figure 12-9 SSH Keys Page_______________________________________________________163
Figure 12-10 SSH Server/Host Keys Page____________________________________________166
Figure 13-1 Firmware & Configurations Page__________________________________________171
Figure 13-2 Firmware & Configurations - Manage Configuration Files Page __________________175
Figure 13-3 System Logs Page_____________________ ________________________________176
Figure 13-4 System Log Output Page________________________________________________177
Figure 13-5 Audit Log Page _______________________________________________________178
Figure 13-6 Email Log Page_______________________________________________________179
Figure 13-7 Diagnostics Page______________________________________________________180
Figure 13-8 Diagnostics Report Page________________________________________________181
Figure 13-9 Status/Reports Page ___________________________________________________183
Figure 13-10 Generated Reports Page_______________________________________________184
Figure 13-11 Events Page ________________________________________________________185
Figure 13-12 Banners Page _________________________________________________ ______187
Figure 13-13 LCD/Keypad Page____________________________________________________188
Figure 14-1 SLC Console Manager _________________________________________________190
SecureLinx SLC User Guide 11
List of Figures
Figure 14-2 Remote User Connected to a SUN Server via the SLC ________________________190
Figure 14-3 Connection to SUN UNIX Server__________________________________________192
Figure 14-4 Terminal Device Connection to the SLC ____________________________________193
Figure D-1 RJ45 Receptacle to DB25M DCE Adapter for the SLC (PN 200.2066A) ____________260
Figure D-2 RJ45 Receptacle to DB25F DCE Adapter for the SLC (PN 200.2067A) ____________261
Figure D-3 RJ45 Receptacle to DB9M DCE Adapter for the SLC (PN 200.2069A) _____________262
Figure D-4 RJ45 Receptacle to DB9F DCE Adapter for the SLC (PN 200.2070A) _____________263
Figure D-5 RJ45 to RJ45 Adapter for Netra/Sun/Cisco and SLP (PNs 200.2225 and
ADP010104-01) ________________________________________________________________264
Figure G-1 Connector Kit Contents__________________________________________________273
Figure G-2 Wire Connections ______________________________________________________273
Figure G-3 Plug Parts to Assemble__________________________________________________274
Figure G-4 Verification of the Power Source___________________________________________274
Figure G-5 DC Power Cord into the SLC _____________________________________________275
Figure H-1 Programs Window______________________________________________________277
Figure H-2 MMC Window _________________________________________________________277
Figure H-3 Snap-In Window _______________________________________________________278
Figure H-4 Active Directory Schema_________________________________________________278
Figure H-5 Console Root _________________________________________________________278
Figure H-6 Administrative Tools Folder_______________________________________________279
Figure H-7 Save As Window_______________________________________________________279
Figure H-8 New Attribute Window___________________________________________________280
Figure H-9 Create New Attribute Object Window _______________________________________280
Figure H-10 Classes Folder _______________________________________________________281
Figure H-11 User Class Window____________________________________________________281
Figure H-12 Class User Properties Window___________________________________________282
Figure H-13 User Properties Window________________________________________________282
Figure H-14 Select Schema Object Window___________________________________________283
Figure H-15 ADSI Edit Window ____________________________________________________284
Figure H-16 ADSI Edit Window, CN=Users Folder______________________________________284
Figure H-17 Properties Window ____________________________________________________285
Figure H-18 Atribute Editor Window _________________________________________________285
Figure H-19 String Attribute Editor Window ___________________________________________287
SecureLinx SLC User Guide 12
List of Tables
Table 1-1 Chapter/Appendix and Summary ____________________________________________14
Table 1-1 Conventions Used in This Book _____________________________________________15
Table 2-1 SLC Part Numbers, Models, and Descriptions__________________________________18
Table 3-1 Component Part Numbers and Descriptions ___________________________________24
Table 3-2 Components and Descriptions ______________________________________________25
Table 4-1 Methods of Assigning an IP Address _________________________________________29
Table 4-2 LCD Arrow Pushbutton Actions _____________________________________________31
Table 4-3 Front Panel Setup Options with Associated Parameters __________________________31
Table 5-1 Actions and Category Options ______________________________________________43
Table 5-2 SCS and SLC Commands _________________________________________________44
Table 12-1 User Group Rights _____________________________________________________135
Table 15-1 Actions and Category Options _________________________________________ ___196
Table F-1 Lantronix Product Family Names and Toxic/Hazardous Substances and Elements ____272
SecureLinx SLC User Guide 13
1: About This Guide
This guide provides the information needed to install, configure, and use the products in the
Lantronix SecureLinx
TM
remotely and securely configure and administer servers, routers, switches, telephone equipment,
or other devices equipped with a serial port.
Note: The features and functionality described in this document specific to PC Card use
are supported on SLC -02 part numbers. The features and functionality specific to USB
port use are supported on SLC -03 part numbers.
This chapter contains the following sections:
Chapter Summaries
Conventions
Additional Documentation
Chapter Summaries
Table 1-1 lists and summarizes each chapter and appendix.
Table 1-1 Chapter/Appendix and Summary
Chapter/Appendix Summary
2: Overview
Console Manager (SLC) family. It is for IT professionals who must
Describes the SLC models, main features, and supported protocols.
3: Installation Provides technical specifications; describes connection formats and power
supplies; provides instructions for installing the unit in a rack.
4: Quick Setup Provides instructions for getting your unit up and running and for
configuring required settings.
5: Web and Command
Line Interfaces
6: Basic Parameters Provides instructions for configuring network ports, firewall and routing
7: Services Provides instructions for enabling and disabling system logging, SSH and
8: Devices Provides instructions for configuring global device port settings, individual
9: PC Cards Provides instructions for configuring storage (Compact Flash) and
10: USB Port Provides instructions for configuring USB storage devices (thumb drive) or
Describes the web and command line interfaces available for configuring
the unit.
Note: Chapters 7: Services, 8: Devices, 9: PC Cards, 10: USB Port,
11: Connections, and 12: User Authentication provide detailed
instructions for using the web interface and include command line
interface commands.
settings, and date and time.
Telnet logins, SNMP, SMTP, and the date and time.
device port settings, and console port settings.
modem/ISDN PC cards.
USB modems.
SecureLinx SLC User Guide 14
1: About This Guide
Table 1-1 Chapter/Appendix and Summary (continued)
Chapter/Appendix Summary
11: Connections Provides instructions for configuring connections and viewing, updating, or
disconnecting a connection.
12: User Authentication Provides instructions for enabling or disabling methods that authenticate
users who attempt to log in via SSH, Telnet, or the console port. Provides
instructions for creating custom menus.
13: Maintenance Provides instructions for upgrading firmware, viewing system logs and
diagnostics, generating reports, and defining events. Includes information
about web pages and commands used to shut down and reboot the SLC.
14: Application Examples Shows how to set up and use the SLC in three different configurations.
15: Command Reference Lists and describes all of the commands available on the SLC command
line interface
A: Bootloader Lists and describes the commands available for the bootloader command
line interface.
B: Security
Considerations
C: Safety Information Lists safety precautions for using the SLC.
D: Adapters and Pinouts Includes adapter pinout diagrams.
E: Protocol Glossary Lists the protocols supported by the SLC with brief descriptions.
F: Compliance Information Provides information about the SLC compliance with industry standards.
G: DC Connector
Instructions
H: LDAP Schemas Provides information about configuring LDAP schemas in Windows active
Conventions
Table 1-1 lists and describes the conventions used in this book.
Table 1-1 Conventions Used in This Book
Convention Description
Bold text Default parameters.
Brackets [ ] Optional parameters.
Provides tips for enhancing SLC security.
Provides -48VDC plug connector instructions for the SLC.
directory.
Angle Brackets < > Possible values for parameters.
Pipe | Choice of parameters.
SecureLinx SLC User Guide 15
1: About This Guide
Table 1-1 Conventions Used in This Book (continued)
Convention Description
Warning Warning: Means that you are in a situation that could
cause equipment damage or bodily injury. Befo re you work
on any equipment, you must be aware of the hazards
involved with electrical circuitry and familiar with standard
practices for preventing accidents.
Note Note: Means take notice. Notes contain helpful suggestions,
information, or references to material not covered in the publication.
Caution Caution: Means you might do something that could result in faulty
equipment operation, or loss of data.
Screen Font
(Courier New)
CLI terminal sessions and examples of CLI input.
Additional Documentation
Visit the Lantronix web site at www.lantronix.com/support/documentation for the latest
documentation and the following additional documentation:
SLC Quick Start—Describes the steps for getting the SLC up and running; provided on the
CD and in printed form.
SLC Online Help for the Command Line Interface—Provides online help for configuring the
SLC using commands.
SLC Online Help for the We b In te rfa ce —Provid es onlin e help for con figur ing the SLC using
the web page.
Detector™ Online Help—Provides online help for assigning a static IP address to the SLC
using the Detector™ tool on the product CD.
SecureLinx SLC User Guide 16
2: Overview
SecureLinx SLC Console Managers are members of the Lantronix SecureLinx IT Management
family of products. These products offer systems administrators and other IT professionals a
variety of tools to securely access and manage their resources. Lantr onix has been an innovator in
this market with terminal servers and secure console servers, as well as other remote access
devices. The SLC Console Managers build on that foundation and offer new features and
capabilities.
IT equipment can be configured, administered, and managed in a variety of ways, but most
devices have one method in common: an RS-232 serial port, sometimes called a console,
auxiliary, or management port. These ports are often accessed directly by connecting a terminal or
laptop to them, meaning that the administrator must be in the same physical location as the
equipment. SLC Console Managers give the administrator a way to access them remotely from
anywhere there is a network or modem connection.
Many types of equipment can be accessed and administered using Console Managers inclu din g:
Servers: Unix, Linux, Windows 2003, and others.
Networking equipment: Routers, switches, storage networking.
Telecom: PBX, voice switches.
Other systems with serial interfaces: Heating/cooling systems, security/building access
systems, UPS, medial devices.
The key benefits of using Console Managers:
Saves money: Enables remote management and troubleshooting without sending a
technician onsite. Reduces travel costs and down tim e co sts .
Saves time: Provides instant access and reduces response time, improving efficiency.
Simplifies access: Enables you to access equipment securely and remotely after hours and
on weekends and holidays—without having to schedule visits or arrange for off-hour access.
Protects assets: Security features provide encryption, authentication, authorization, and
firewall features to protect your IT infrastructure while providing flexible remote access.
SLC console servers provide features such as convenient text menu systems, break-safe
operation, port buffering (logging), remote authentication, an d Secure Shell (SSH) access. Dial -up
modem support ensures access when the network is not available.
This chapter contains the following sections:
SLC Models and Part Numbers
System Features
Hardware Features
SLC Models and Part Numbers
The SLC models offer a compact solution for remote and local management of up to 48 devices,
for example, servers, routers, and switches with RS-232C (now EIA-232) compatible serial
consoles in a 1U-tall rack space. All models have two Ethernet ports called Eth1 and Eth2 in this
document. There are two groups of models with different part numbers - one group of models with
a USB port (part number -03) and one group of models with PC Card slots (part number -02).
SecureLinx SLC User Guide 17
2: Overview
Two Ethernet ports are useful when you want to use on e port on a private, secure network an d the
other on a public, unsecured network.
Table 2-1 lists the part numbers, models, and descriptions.
Table 2-1 SLC Part Numbers, Models, and Descriptions
Part Number
USB
SLC00812N-03 SLC00812N-02 SLC8: 8 port, Single AC Supply Secure Console Manager
SLC01612N-03 SLC01612N-02 SLC16: 16 Port, Single AC Supply Secure Console
SLC03212N-03 SLC03212N-02 SLC32: 32 Port, Single AC Supply Secure Console
SLC04812N-03 SLC04812N-02 SLC48: 48 Port, Single AC Supply Secure Console
SLC00822N-03 SLC00822N-02 SLC8: 8 Port, Dual AC Supply Secure Console Manager
SLC01622N-03 SLC01622N-02 SLC16: 16 Port, Dual AC Supply Secure Console
SLC03222N-03 SLC03222N-02 SLC32: 32 Port, Dual AC Supply Secure Console
SLC04822N-03 SLC04822N-02 SLC48: 48 Port, Dual AC Supply Secure Console
Part Number
PC Card Slots
Model and Description
Manager
Manager
Manager
Manager
Manager
Manager
SLC00824N-03 SLC00824N-02 SLC8: 8 Port, Dual DC Supply Secure Console Manager
SLC01624N-03 SLC01624N-02 SLC16: 16 Port, Dual DC Supply Secure Console
Manager
SLC03224N-03 SLC03224N-02 SLC32: 32 Port, Dual DC Supply Secure Console
Manager
SLC04824N-03 SLC04824N-02 SLC48: 48 Port, Dual DC Supply Secure Console
Manager
The products differ in the number of device ports provided, USB port or PC Card slots, and AC or
DC power availability. Some models have dual entry redundant power supplies for mission critical
applications. These models are available in AC or DC powered versions. Figure 2-1 depicts the
SLC48 with PC Card slot (a part number -02) and Figure 2-2 depicts the SLC48 with USB port (a
part number -03).
SecureLinx SLC User Guide 18
Figure 2-1 Lantronix SLC48 with PC Card Slots
1u Tall
Self-Contained
Rack-Mountable
Chassis
Two-line Display Front Panel Pushbuttons Two PC Card Slots RS232 Port
Two 10/100
Network Ports
RS-232 Device Ports
(1 - 48)
Dual DC
Power
Inputs
Two-line Display
Front Panel Pushbuttons
USB Port
RS232 Port
Figure 2-2 Lantronix SLC48 with USB Port
2: Overview
System Features
The SLC has the following capabilities:
Connects up to 48 RS-232 serial consoles
10Base-T/100Base-TX Ethernet network compatibility
Buffer logging to file
SecureLinx SLC User Guide 19
Email and SNMP notification
ID/Password security, configurable access rights
Secure shell (SSH) security; supports numerous other security protocols
Network File System (NFS) and Comm on Internet File System (CIFS) support
Telnet or SSH to a serial port by IP address per port or by IP address and TCP port number
Configurable user rights for local and remotely authenticated users
Supports an internal PC Card modem, USB modem, or an external modem
No unintentional break ever sent to attached servers (Solaris Ready)
Simultaneous access on the same port - “listen” and “direct” connect mode
Local access through a console port
Web administration (using most browsers)
Protocols Supported
The SLC supports the TCP/IP network protocol as well as:
SSH, Telnet, PPP, NFS, and CIFS for connections in and out of the SLC
SMTP for mail transfer
DNS for text-to-IP address name resolution
SNMP for remote monitoring and management
FTP and SFTP for file transfers and firmware upgrades
TFTP for firmware upgrades
2: Overview
DHCP and BOOTP for IP address assignment
HTTPS (SSL) for secure browser-based configuration
NTP for time synchronization
LDAP, NIS, RADIUS, CHAP, PAP, Kerberos, TACACS+, and SecurID (via RADIUS) for user
authentication
Callback Control Protocol (CBCP)
For descriptions of the protocols, see E: Protocol Glossary.
Access Control
The system administrator controls access to attached servers or devices by assigning access
rights to up to 128 user profiles. Each user has an assigned ID, password, and access rights.
Other user profile access options may include externally configured authentication methods such
as NIS and LDAP.
Device Port Buffer
The SLC supports real-time data logging for each device port. The port can save the data log to a
file, send an email notification of an issue, or take no action.
You can define the path for logged data on a port-by-port basis, configure file size and number of
files per port for each logging event, and configure the device log to send an email alert message
automatically to the appropriate parties indicating a particular error.
Configuration Options
You may use the backlit front-panel LCD display for initial setup and later to view and configure
current network, console, and date/time settings.
Both a web interface viewed through a standard browser and a command line interface (CLI) are
available for configuring the SLC settings and monitoring performance.
SecureLinx SLC User Guide 20
Hardware Features
The SLC hardware includes the following:
1U-tall (1.75 inches) rack-mountable secure console server
Two 10Base-T/100Base- TX network ports
Up to 48 RS-232 serial device ports connected via Category 5 (RJ45) wiring
One serial console port for VT100 terminal or PC with emulation
Two PC Card slots or one USB port
256 Kbytes-per-port buffer memory for device ports
LCD display and keypad on the front
Universal AC power input (100-240V, 50/60 Hz); options include single input, single supply or
dual input, redundant supplies
-48 VDC power input, dual input, redundant power supplies
Convection cooled, silent operation, low power consumption
Note: For more detailed information, see Technical Specifications on page 25.
2: Overview
All physical connections use industry-standard cabling and connectors. The network and serial
ports are on the rear panel of the SLC, and the console port is on the front. Required cables and
adapters for certain servers, switches, and other produ cts are available from Lantronix at
www.lantronix.com.
Serial Connections
All devices attached to the device ports and the console port must support the RS-232C (EIA-232)
standard. Category 5 cabling with RJ45 connections i s used for the device port connections and
for the console port. For pinout information, see D: Adapters and Pinouts on page 260.
Note: RJ45 to DB9/DB25 adapters are available from Lantronix.
Device ports and the console port support eight baud-rate options: 300, 600, 1200, 2400, 4800,
9600, 19200, 38400, 57600, and 115200 baud. The ports are shown in Figure 2-3 and Figure 2-4.
Figure 2-3 Device Port Connections
SecureLinx SLC User Guide 21
2: Overview
Figure 2-4 Console Port Connection
Network Connections
The SLC network interfaces are 10Base-T/100Base-TX connectors for use with a conventional
Ethernet network as shown in Figure 2-5. Use standard RJ45-terminated Category 5 cables.
Network parameters must be configured before the SLC can be accessed over the network.
Figure 2-5 Network Connection
PC Card Interface
Note: This PC Card interface is only supported on SLC -02 part numbers.
The SLC has two PC Card slots as shown in F igure 2-6. Lantronix qualifies cards continuously and
publishes a list of qualified cards on the Lantronix web site.
Figure 2-6 PC Card Interface
SecureLinx SLC User Guide 22
USB Port
Note: This USB port is only supported on SLC -03 part numbers.
The SLC has a USB port as shown in Figure 2-7.
Figure 2-7 SLC with USB Interface
2: Overview
SecureLinx SLC User Guide 23
3: Installation
This chapter provides a high-level proc ed ur e fo r in stalling the SLC followed by more detailed
information about the SLC connections and power supplies.
Caution: To avoid physical and electrical hazards, please be sure to read C: Safety
Information on page 257 before installing the SLC.
It contains the following sections:
What’s in the Box
Technical Specifications
Physical Installation
What’s in the Box
In addition to the SLC, Table 3-1 lists the components in the box and part numbers.
Table 3-1 Component Part Numbers and Descriptions
Component Part # Description
Adapters
200.2066A Adapter: DB25M (DCE), Sun w/DB25 female
200.2067A Adapter: DB25F (DCE) to RJ45, Sun w/DB25 male and some HP9000s
200.2069A Adapter: DB9M (DCE) to RJ45, SGI Onyx
200.2070A Adapter: DB9F (DCE) to RJ45, HP9000, SGI Origin, IBM RS6000, and PC-based
Linux servers
ADP010104-01 Adapter: RJ45 rolled serial, Cisco, and Sun Netra
Note: An optional adapter for an external modem is available from Lantronix. The part number is
200.2073 and description is DB25M (DCE) to RJ45.
Cables
200.0063 Cable: RJ45 to RJ45, 6.6 ft (2 m)
500-153 Cable: Loopback
Power Cords
500-041 For single AC models: one AC power cord
For dual AC models: two AC power cords
083-011 For dual DC models: one accessory kit, containing DC plug connectors and
instructions
Documentation
CD Case Quick Start Guide and SecureLinx Console Manager User Guide
SecureLinx SLC User Guide 24
Verify and inspect the contents of the SLC package using the enclosed packing slip or the table
above. If any item is missing or damaged, contact your place of purchase immediately.
Product Information Label
The product information label on the underside of the unit contains the following information about
each specific unit:
Part Number
Serial Numb er Bar Code
Serial Number and Date Code
Regulatory Certifications and Statements
Technical Sp ecifications
Table 3-2 lists the SLC technical specifications.
Table 3-2 Components and Descriptions
Component Description
Serial Interface (Device) RJ45-type 8-conductor connector (DTE) Speed software selectable (300
3: Installation
to 115,200 baud)
Serial Interface (Console) RJ45-type 8-pin connector (DTE) Speed software selectable (300 to
Network Interface 10Base-T/100Base-TX RJ45 Ethernet
Power Supply Universal AC power input: 100-240 VAC, 50 or 60 Hz IEC-type regional
Power Consumption Less than 20 watts
Dimensions 1U, 1.75 in x 17.25 in x 12 in
Weight 10 lbs or less, depending on the options
Temperature Operating: 0 to 50 °C (32 to 122 °F), 30 to 90% RH, non-condensing
Relative Humidity Operating: 10% to 90% non-condensing; 40% to 60% recommended
Heat Flow Rate 68 BTU per hour
Install the SLC in an EIA-standard 19-inch rack (1U tall) or as a desktop unit. The SLC uses
convection cooling to dissipate excess heat.
Physical Installation
115,200 baud)
cord set included
DC power input: -24 to -60 VDC
Storage: -20 to 70 °C (-4 to 158 °F), 10 to 90% RH, non-condensing
Storage: 10% to 90% non-condensing
To install the unit in a rack:
1. Place the unit in a 19-inch rack.
SecureLinx SLC User Guide 25
3: Installation
Warning: Be careful not to block the air vents on the sides of the unit. If you
mount the SLC in an enclosed rack, we recommended t hat the rack have
a ventilation fan to provide adequate airflow through the unit.
2. Connect serial devices to the SLC device ports. See Connecting to Device Ports on page 26.
3. Install any PC Cards or USB devices that you intend to use. If you install a modem card,
connect to the phone line. See 9: PC Cards or 10:USB Port. You have the following options:
a. To configure the SLC using the network, or to mo nitor serial devices on the network,
connect at least one SLC network port to a network. See Connecting to Network Ports on
page 27.
b. To configure the SLC using a dumb terminal or a computer with terminal emulation,
connect the terminal or PC to the SLC console port. See Connecting to Terminals on page
27.
4. Connect the power cord, and apply power. See Power on page 27.
5. Wait approximately a minute and a half for the boot process to complete. When the boot
process ends, the SLC host name and the clock appear on the LCD display.
Now you are ready to configure the network settings as described in 4: Quick Setup.
Connecting to Device Ports
You can connect any device that has a serial console port to a device port on the SLC for remote
administration. The console port must support the RS-232C interface.
Note: Many servers must have the serial port enabled as a console or the keyboard an d
mouse detached. Consult the server hardware and/or software documentation for more
information.
To connect to a device port:
1. Connect one end of the Cat 5 cable to the device port.
2. Connect the other end of the Cat 5 cable to a Lantronix serial console adapte r .
Note: To connect a device port to a Lantronix SLP, use the rolled serial cable provided
with the unit, a 200.2225 adapter and Cat 5 cabling, or the ADP010104 adapter that
eliminates the need for an additional Cat5 patch cable between the adapter and the
connected equipment. See D: Adapters and Pinouts on page 260 for more information
about Lantronix adapters.
3. Connect the adapter to the serial console of the serial device as shown in Figure 3-1.
SecureLinx SLC User Guide 26
3: Installation
Figure 3-1 CAT 5 Cable Connection
Connecting to Network Ports
The SLC network ports, 10Base-T/100Base-TX, allow remote a ccess to th e atta ched de vices a nd
the system administrative functions. Use a standard RJ45-terminated Category 5 cable to connect
to the network port.
Note: One possible use for the two Ethernet ports is to have one port on a private,
secure network, and the other on an unsecured network.
Connecting to Terminals
The console port is for local access to the SLC and the attached devices. Yo u ma y attach a d umb
terminal or a computer with terminal emulation to the console port. The SLC consol e port uses RS232C protocol and supports VT100 emulation. The default baud rate is 9600.
To connect the console port to a terminal or computer with terminal emulation, Lantronix offers
optional adapters that provide a connection between an RJ45 jack and a DB9 or DB25 connector.
The console port is configured as DTE. For more information, see D: Adapters and Pinouts on
page 260 and go to the Lantronix web site at www.lantronix.com/support and click Cable/Adapter
Lookup on the Support menu.
To connect a terminal:
1. Attach the Lantronix adapter to your terminal (use PN 200.2066A adapter) or your PC's serial
port (use PN 200.2070A adapter).
2. Connect the Cat 5 cable to the adapter, and connect the other end to the SLC console port.
3. Turn on th e terminal or start your computer ’s communication progr am (e.g., HyperTermin al for
Windows).
4. Once the SLC is running, press Enter to establish connection. You should see the model
name and a login prompt on your terminal. You are connected.
Power
The SLC consumes less than 20W of electrical power.
AC Input
The SLC has a universal auto-switching AC power supply. The power supply accepts AC input
voltage between 100 and 240 VAC with a frequency of 50 or 60 Hz. Rear-mounted IEC-type AC
power connector(s) are provided for universal AC power input (North American cord provided).
SecureLinx SLC User Guide 27
3: Installation
The SLC0xx12N models have a single supply/input, while the SLC0xx22N models have dual
inputs and dual supplies. The power connector also houses a replaceable protective fuse (fastblow 4.0A, maximum 250V AC) and the on/off switch. In addition, we provide the SLC0xx22 N with
a “Y” cord. See the SLC models listed in Table 3-2 on page 25.
Figure 3-2 shows the AC power inputs and power switch.
Figure 3-2 AC Power Input and Power Switch (SLCxxxx2N)
Note: The SLC48 with dual AC does not have an on/off switch.
DC Input
The DC version of the SLC accepts standard –48 VDC power. The SLC0xx24T mod els accept two
DC power inputs for supply redundancy. Lantronix pr ovides the DC power connections using
industry standard Wago connectors. One set of connectors is included with the SLC. You can
order additional connectors (part number 721-103/031-000) from the Wago catalog at
http://www.wagocatalog.com/okv3/index.asp?lid=1&cid=1&str_from_home=first. Figure 3-3 shows
the DC power inputs and power switch.
Figure 3-3 DC Power Inputs and Power Switch (SLCxxx24T)
SecureLinx SLC User Guide 28
4: Quick Setup
This chapter helps get the IP network port up and running quickly, so you can administer the SLC
using your network. It contains the following sections:
Recommendations
IP Address
Next Step
Recommendations
To set up the network connections quickly, we suggest you do one of the following:
Use the front panel LCD display and pushbuttons.
Complete the Quick Setup web page on the web interface.
SSH to the command line interface and follow the Quick Setup script on the command line
interface.
Connect to the console port and follow the Quick Setup script on the command line interface.
Note: The first time you power up the SLC, Eth1 tries to obtain its IP address via DHCP.
If you have connected Eth1 to the network, and Eth1 is able to acquire an IP address, you
can view this IP address on the LCD or by running the Detector tool on the product CD. If
Eth1 cannot acquire an IP address, you cannot use Telnet, SSH, or the web interface to
run Quick Setup.
IP Address
Your SLC must have a unique IP address on your network. The system administrator generally
provides the IP address and corresponding subnet mask and gateway. The IP address must be
within a valid range, unique to your network, and in the same subnet as your PC. Table 4-1 lists
the options for assigning an IP address to your unit.
Table 4-1 Methods of Assigning an IP Address
Method Description
DHCP A DHCP server automatically assigns the IP addres s and ne tw o r k
BOOTP Similar to DHCP but for smaller networks.
Detector™ A Windows-based application on the product CD for viewing a DHCP-
Front panel LCD display
and pushbuttons
settings. The SLC is DHCP-enabled by default.
With the Eth1 network port connected to the network, and the SLC
powered up, Eth1 acquires an IP address, viewable on the LCD.
At this point, you can Telnet into the SLC, or use the web interface.
provided IP address or for assigning a static IP address to the SLC. You
can use Detector only if you have not already assigned a static IP address
by another method. For more information, see Detector’s online help.
You manually assign the IP address and other basic network, console,
and date/time settings. If desired, you can restore the factory defaults.
SecureLinx SLC User Guide 29
Table 4-1 Methods of Assigning an IP Address (continued)
Method Description
4: Quick Setup
Serial port login to
command line interface
You assign an IP address and configure the SLC using a terminal or a PC
running a terminal emulation program to the unit’s serial console port
connection.
Method # 1 Using the Front Panel Display
Before you begin, ensure that you have:
Unique IP address that is valid on your network (unless automatically assigned)
Subnet mask (unless automatically assigned)
Gateway
DNS settings
Date, time, and time zone
Console port settings: baud rate, data bits, stop bits, parity, and flow control
Make sure the SLC is plugged into power and turned on.
Front Panel LCD Display and Pushbuttons
With the SLC powered up, you can use the front panel display and pushbuttons to set up th e basic
parameters. Figure 4-1 shows the front panel.
Figure 4-1 Front Panel LCD Display and Arrow Pushbuttons
The front panel display initially shows the host name and the date and time . Usin g th e five
pushbuttons, you can change the network, console port, and date/time settings an d view the
firmware release version. If desired, you can restore the factory defaults.
Note: Have your information handy as the display times out without accepting any
unsaved changes if you take more than 30 seconds between entries.
Any changes made to the network, console port, and date/time settings take effect immediately.
Navigating
The front panel has one Enter button (in the center) and four arrow buttons (up, left, right, and
down). Press the arrow buttons to navigate from one option to another, or to increment or
decrement a numerical entry of the selected option. Use the Enter button to select an option to
change or to save your settings. Table 4-2 and Table 4-3 list the actions, buttons, and options.
SecureLinx SLC User Guide 30
Loading...