Perle Systems IOLAN CSS User Manual

Download

Page 1

IOLAN

SDS/SCS/STS

Command Line Interface

Reference Guide

Version 3.6

Part #5500210-13

September 2008

Page 2

Copyright Statement This document must not be reproduced in any way whatsoever, either printed or electronically, without the consent of: Perle Systems Limited,

60 Renfrew Drive Markham, ON Canada L3R 0E1

Perle reserves the right to make changes without further notice, to any products to improve reliability, function, or design.

Perle, the Perle logo, and IOLAN are trademarks of Perle Systems Limited. Microsoft, Windows 98, Windows NT, Windows 2000, Windows Server 2003, Windows XP, Windows Vista, and

Internet Explorer are trademarks of Microsoft Corporation. Perle Systems Limited, 2005-2008.

FCC Note The IOLAN Device Server has been found to comply with the limits for a Class A digital

device, pursuant to Part 15 of the FCC rules. These limits are designed to provide reasonable protection against harmful interference when the equipment is operated in a commercial environment. This equipment generates, uses, and can radiate radio frequency energy and, if not installed and used in accordance with the instructions in this Guide, may cause harmful interference to radio communications. Operation of this equipment in a residential area is likely to cause harmful interference, in which case the user will be required to correct the interference at his/her own expense.

EN 55022: 1998, Class A, Note

WARNING This is a Class A product. In a domestic environment this product may cause radio interference in which case the user may be required to take adequate measures.

Caution: the IOLAN Device Server is approved for commercial use only.

WARNING The IOLAN Device Server SDS T models operate in an ambient air temperature above 70 oC. However, at 70 oC and above, a burn hazard exists if the metal case is touched without proper hand protection.

Page 3

Table of Content s

Preface ...............................................................................15

About This Book ........................................................................ 15

Intended Audience..................................................................... 15

Typeface Conventions............................................................... 15

Contacting Technical Support.................................................. 16

Making a Technical Support Query ......................................................16

Who To Contact................................................................................. 16

Have Your Product Information Ready .............................................. 16

Making a support query via the Perle web page................................ 16

Repair Procedure....................................................................................17

Feedback on this Manual....................................................................... 17

Chapter 1 Introduction......................................................19

CLI Conventions ........................................................................ 19

Command Syntax...................................................................................19

Command Shortcuts..............................................................................20

Command Options . ................................................................................ 20

Chapter 2 Server Commands...........................................21

Server Commands..................................................................... 21

Set Console.............................................................................................21

Set Custom-App .....................................................................................21

Set Port-Buffering...................................................................................22

Set Server................................................................................................23

Set SSL Server........................................................................................26

Set Service.............................................................................................. 27

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 3

Page 4

Show Console.........................................................................................28

Show Custom-App..................................................................................28

Show Server............................................................................................28

Show Port-Buffering...............................................................................28

Show Modbus..........................................................................................28

Hardware Commands.................................................................29

Set Ethernet.............................................................................................29

Show Hardware.......................................................................................29

SSH Server Commands .............................................................29

Set SSH-Server........................................................................................29

Show SSH-Server....................................................................................30

SSL/TLS Commands ..................................................................30

Set SSL Server........................................................................................30

Set SSL Server Cipher-suite..................................................................32

Show SSL ................................................................................................33

Modbus Commands ...................................................................33

Set Modbus Gateway..............................................................................33

Show Modbus..........................................................................................34

Authentication Commands........................................................34

Set Authentication..................................................................................34

Set Authentication Local........................................................................35

Set Authentication Kerberos .................................................................35

Set Authentication LDAP .......................................................................35

Set Authentication NIS...........................................................................36

Add RADIUS............................................................................................36

Delete RADIUS ........................................................................................37

Set Authentication RADIUS ...................................................................37

Set Authentication TACACS+................................................................37

Set Authentication SecurID....................................................................38

Show Authentication..............................................................................38

4 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 5

TruePort Baud Commands ....................................................... 39

Set TruePort Remap-Baud..................................................................... 39

Show TruePort........................................................................................ 39

Email Commands....................................................................... 40

Set Email-Alert Server............................................................................ 40

Show Email-Alert Server........................................................................40

Clustering Commands............................................................... 41

Add Clustering Slave-IP.........................................................................41

Delete Clustering Slave-IP.....................................................................41

Set Clustering Slave-IP.......................................................................... 41

Show Clustering Slave-IP...................................................................... 42

Dynamic DNS Commands......................................................... 42

Set Dynamic-DNS................................................................................... 42

Set Dynamic-DNS SSL...........................................................................43

Set Dynamic-DNS SSL Cipher-Suite..................................................... 44

Show Dynamic-DNS............................................................................... 45

PCI Commands .......................................................................... 45

Set PCI Card............................................................................................45

Show PCI.................................................................................................45

Set PCI Wireless-WAN ...........................................................................46

Show Wireless-WAN ..............................................................................46

IPv6 Commands......................................................................... 46

Set IPv6....................................................................................................46

Show IPv6................................................................................................47

Add Custom-IPv6....................................................................................47

Set Custom-IPv6..................................................................................... 48

Delete Custom-IPv6................................................................................ 49

IPv6 Router Advertisements..................................................... 49

Set IPv6-Router-Advertisement.............................................................49

Show IPv6-Router-Advertisement.........................................................50

Page 6

Chapter 3 User Commands ..............................................51

Commands for Users Logged Into the IOLAN.........................51

Admin.......................................................................................................51

Help..........................................................................................................51

Kill Line....................................................................................................51

Kill Session..............................................................................................51

Logout......................................................................................................51

Menu.........................................................................................................52

Ping..........................................................................................................52

Resume....................................................................................................52

Rlogin.......................................................................................................52

Screen......................................................................................................52

Set Termtype...........................................................................................53

Set User ...................................................................................................53

Set User Session.....................................................................................54

Show Line Users.....................................................................................55

SSH...........................................................................................................55

Syslog Console.......................................................................................56

Show Sessions........................................................................................56

Show Termtype.......................................................................................56

Start.......................................................................................................... 56

Telnet .......................................................................................................57

Version.....................................................................................................58

Configuring Users ......................................................................58

Add User..................................................................................................58

Delete User..............................................................................................58

Set Default User......................................................................................58

Set User ...................................................................................................62

Set User Session.....................................................................................65

Show Default User..................................................................................65

Show User ...............................................................................................66

6 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 7

Chapter 4 Line Commands...............................................67

1-Port vs. 2-Port+ Line Commands.......................................... 67

Line Commands......................................................................... 67

Set Line....................................................................................................67

Set Line Interface....................................................................................71

Set Line Service......................................................................................73

Set Modem ..............................................................................................75

Set Termtype........................................................................................... 76

Show Line................................................................................................76

Line Service Commands ........................................................... 76

Set Custom-App .....................................................................................76

Set Rlogin-Client.....................................................................................77

Set Telnet-Client..................................................................................... 77

Set SSH-Client ........................................................................................ 78

Set PPP....................................................................................................79

Set PPP Dynamic-DNS...........................................................................83

Set SLIP...................................................................................................84

Set UDP ................................................................................................... 85

Set Vmodem............................................................................................86

Set Vmodem-Phone................................................................................88

Set SSL Line............................................................................................88

Set SSL Line Cipher-suite......................................................................90

Set Modbus-Slave Line.......................................................................... 91

Set Modbus-Master Line........................................................................91

Set Power-Management Line.................................................................92

Set Multihost Line...................................................................................93

Set Line Initiate-Connection..................................................................93

Show Custom-App ................................................................................. 93

Show Interface........................................................................................ 93

Show Power-Management.....................................................................93

Show PPP................................................................................................94

Show Rlogin-Client................................................................................. 94

Show SLIP............................................................................................... 94

Page 8

Show SSH-Client.....................................................................................94

Show Telnet-Client..................................................................................94

Show Modbus..........................................................................................94

Show UDP................................................................................................94

Show Vmodem........................................................................................94

Show Vmodem-Phone............................................................................94

Modem Commands ....................................................................95

Add Modem . ............................................................................................95

Delete Modem..........................................................................................95

Set Modem...............................................................................................95

Show Modems.........................................................................................95

Email Commands .......................................................................96

Set Email-Alert Line................................................................................96

Show Email-Alert Line............................................................................97

Packet Forwarding Commands.................................................97

Set Packet-Forwarding Line...................................................................97

Show Packet-Forwarding Line.............................................................100

Chapter 5 Network Commands......................................101

SNMP Commands.....................................................................101

Add Community....................................................................................101

Add Trap................................................................................................101

Delete Community ................................................................................102

Delete Trap ............................................................................................102

Set SNMP...............................................................................................102

Set SNMP V3-Security..........................................................................103

Show SNMP...........................................................................................104

TFTP Commands......................................................................104

Set Server TFTP....................................................................................104

8 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 9

Hosts Commands .................................................................... 104

Add Host................................................................................................104

Delete Host............................................................................................104

Set Host.................................................................................................105

Show Hosts. .......................................................................................... 105

DNS/WINS Commands ............................................................ 105

Add DNS. ............................................................................................... 105

Add WINS.............................................................................................. 105

Delete DNS............................................................................................ 106

Delete WINS .......................................................................................... 106

Show DNS ............................................................................................. 106

Show Server..........................................................................................106

Show WINS............................................................................................106

Gateway Commands................................................................ 107

Add Gateway. ........................................................................................ 107

Delete Gateway.....................................................................................108

Set Gateway.......................................................................................... 108

Show Gateways.................................................................................... 108

Logging Commands................................................................ 109

Set Syslog............................................................................................. 109

Show Syslog......................................................................................... 109

RIP Commands ........................................................................ 110

Add RIP..................................................................................................110

Delete RIP..............................................................................................110

Set RIP...................................................................................................111

Show RIP...............................................................................................111

Show RIP Peers.................................................................................... 112

IPsec Commands..................................................................... 112

Add IPsec..............................................................................................112

Set IPsec................................................................................................112

Show IPsec............................................................................................115

IPsec...................................................................................................... 115

Page 10

IPv6 Tunnels .............................................................................115

Add IPv6tunnel......................................................................................115

Set IPv6tunnel.......................................................................................116

Show IPv6tunnel...................................................................................116

Delete IPv6tunnel..................................................................................116

L2TP/IPsec ................................................................................117

Set L2TP.................................................................................................117

Show LT2P.............................................................................................119

VPN Exceptions........................................................................119

Add VPN Exception ..............................................................................119

Set VPN Exception................................................................................119

Delete VPN Exception...........................................................................120

Show VPN Exception............................................................................120

Chapter 6 Time Commands............................................121

Server Commands....................................................................121

Set Time.................................................................................................121

Set Timezone.........................................................................................121

Show Time.............................................................................................121

Show Timezone.....................................................................................121

SNTP Commands .....................................................................122

Add SNTP ..............................................................................................122

Delete SNTP...........................................................................................122

Set SNTP................................................................................................122

Show SNTP............................................................................................123

Show SNTP-Info....................................................................................123

Time/Date Setting Commands.................................................123

Set Date..................................................................................................123

Set Summertime....................................................................................123

Set Summertime Fixed.........................................................................124

Set Summertime Recurring..................................................................124

Show Date..............................................................................................125

Show Summertime................................................................................125

10 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 11

Chapter 7 Administration Commands...........................127

Bootup Commands.................................................................. 127

Reboot................................................................................................... 127

Reset......................................................................................................127

Reset Factory........................................................................................ 127

Save....................................................................................................... 127

Set Bootup ............................................................................................ 128

Show ARP ............................................................................................. 128

Show Bootup ........................................................................................ 128

TFTP File Transfer Commands............................................... 128

Netload .................................................................................................. 128

Netsave..................................................................................................129

Keys and Certificates Commands.......................................... 130

Netload .................................................................................................. 130

Netsave..................................................................................................131

MOTD Commands.................................................................... 132

Set MOTD .............................................................................................. 132

Show MOTD .......................................................................................... 132

Chapter 8 Statistics Commands....................................133

Configuration Statistics .......................................................... 133

Show Netstat . ........................................................................................ 133

Show Netstat Statistics........................................................................ 133

Show Modbus Statistics......................................................................134

Show Routes.........................................................................................134

Run-Time Statistics ................................................................. 134

Delete Arp..............................................................................................134

Show Arp...............................................................................................134

Show Serial........................................................................................... 134

Uptime ................................................................................................... 134

Page 12

Chapter 9 IOLAN+ User Commands..............................135

IOLAN+ ......................................................................................135

Chapter 10 I/O Commands .............................................137

Global I/O Commands..............................................................137

Set IO UDP.............................................................................................137

Set IO Failsafe.......................................................................................138

Set IO Modbus.......................................................................................138

Set IO Temperature-Scale....................................................................138

Set Line......................................................................................138

Set Line Service....................................................................................138

Set IOChannel...........................................................................139

Set IOChannel Mode.............................................................................139

Set IOChannel Digital I/O......................................................................139

Set IOChannel Digital Input..................................................................140

Set IOChannel Digital Input (Serial Pins)............................................141

Set IOChannel Digital Output...............................................................142

Set IOChannel Digital Output (Serial Pins).........................................143

Set IOChannel Relay.............................................................................144

Set IOChannel Analog (True Analog)..................................................145

Set IOChannel Analog (Temperature).................................................146

Kill IOChannel .......................................................................................148

Show IO..................................................................................................149

Show IOChannel ...................................................................................149

I/O Channel Control Commands.............................................149

Digital Output........................................................................................149

Digital Input...........................................................................................150

Relay ......................................................................................................150

Analog Input..........................................................................................150

Calibrating Analog Input (Analog/Temperature) ...................150

Calibrate Analog ...................................................................................150

Reset Calibration ..................................................................................150

12 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 13

Chapter 11 Power Commands .......................................151

Power Commands.................................................................... 151

Glossary...........................................................................153

Page 14

14 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 15

Preface

About This Book

This guide provides the information you need to:

z configure the IOLAN using the Command Line Interface (CLI)

Intended Audience

This guide is for administrators who will be configuring the IOLAN. Some prerequisite knowledge is needed to understand the concepts and examples in this guide:

z If you are using an external authentication application(s), working knowledge of the

authentication application(s).

z Knowledge of TFTP, the transfer protocol the IOLAN uses.

Typeface Conventions

Most text is presented in the typeface used in this paragraph. Other typefaces are used to help you identify certain types of information. The other typefaces are:

Typeface Example Usage

At the C: prompt, type:

add host

Set the value to TRUE. The typeface used for TRUE is also used when referring to

subscribe project subject

run yourcode.exec

IOLAN User’s Guide This typeface indicates a book or document title. See About This Book on page 15 for

more information.

This typeface is used for code examples and system-generated output. It can represent a line you type in, or a piece of your code, or an example of output.

an actual value or identifier that you should use or that is used in a code example.

The italicized portion of these examples shows the typeface used for variables that are placeholders for values you specify. This is found in regular text and in code examples as shown. Instead of entering you enter your own value, such as for

yourcode, enter the name of your program.

This indicates a cross-reference to another chapter or section that you can click on to jump to that section.

stock_trader, and

project,

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 15

Page 16

Contacting Technical Support

Making a Technical Support Query

Who To Contact

Note:

If you bought your product from a registered Perle supplier, you must contact their Technical Support department; they are qualified to deal with your problem.

Perle offers free technical support to Perle Authorised Distributors and Registered Perle Resellers.

Have Your Product Information Ready

When you make a technical support enquiry please have the following information ready:

Item Write Details Here

Product Name Problem Description

Your Name Company Name and

Address

Country Phone Number Fax Number Email Address

Making a support query via the Perle web page

If you have an internet connection, please send details of your problem to Technical Support using the email links provided on the Perle web site in the

Click here to access our website at the following URL: http://www.perle.com

16 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Support/Services area.

Page 17

Repair Procedure

Before sending a IOLAN for repair, you must contact your Perle supplier. If, however, you boug ht your product directly from Perle you can contact directly.

Customers who are in Europe, Africa or Middle East can submit repair details via a website form. This form is on the Perle website,

Click here to access our web site at the following URL: http://www.perle.com/support_services/rma_form.asp

Feedback on this Manual

If you have any comments or suggestions for im proving this manual please email Perle using the following address:

Email: ptac@perle.com

Please include the title, part number and date of the manual (you can find these on the title page at the front of this manual).

Contacting Technical Support

www.perle.com, in the Support/Services area.

Page 18

Contacting Technical Support

18 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 19

Introduction Chapter 1

This book provides the command line interface (CLI) options available for the IOLAN. The commands are grouped by function.

CLI Conventions

This section explains how to interpret the CLI syntax. If you are an existing IOLAN+ customer and would like to configure the IOLAN in the native IOLAN+ interface, you can type the command

iolan+ to display and use the native IOLAN+ interface (you must have User Level Admin). See

your IOLAN+ User Guide for information on using the IOLAN+ interface.

Command Syntax

Each command is broken down into several categories:

z Description—Provides a brief explanation of how the command is used. z User Level—Shows which user level(s) (Restricted, Normal, and/or Admin) can issue the

command. Some commands have options that are available for one user level and not for another level; this usually occurs when a command is valid for both Normal and Admin user levels, where the Admin user level command will have extended opt io ns.

z Syntax—Shows the actual command line options. The options can be typed in any order on the

command line. The syntax explanation will use the following command to break down the command syntax:

– Square brackets ([]) show the options that are available for the command. You can type a

command with each option individually, or string options together in any order you want. For example,

set service dhcp/bootp on telnetd off

– Angle brackets (<>) show that the text inside the brackets is a description for a variable

value that you must fill in according to your requirements. In the you must determine the values for

subnet-bit-length, if you wish to specify them and not use their defaults (default values

provided in the Options description). The angle brackets can also contain a range that can be used.

– The pipe (|) shows an ’or’ condition. For example, valid values for telnetd are either on or

off.

z Options—Provides an explanation of each of the options for a command and the default value if

there is one. Some commands do not have any options, so this category is absent.

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 19

domain, internet, name, password-limit, and

set server command,

Page 20

CLI Conventions

Command Shortcuts

When you type a command, you can specify the shortest unique version of th at command or you can press the

ESC or TAB key to complete the command. For example, the following command:

set telnet-client map-to-crlf off

can be typed as:

set tel map off

or, you can use the ESC key to complete the lines as you go along:

set tel<ESC>net-client ma<ESC>p-to-c rlf off

where the ESC key was pressed to complete the option as it was typed.

Command Options

When you are typing commands on the command line (while connected to the IOLAN), you can view the options by typing a question mark ( what options are available/valid. For example:

DS$ set vmodem ? failure-string host port style success-string suppress DS$ set vmodem failure-string ? <text> 30 characters maximum DS$ set vmodem failure-string "Vmodem failed" ? failure-string host port style success-string suppress Or press Enter to confirm command DS$ set vmodem failure-string "Vmodem failed" DS$ show vmodem Host Host Port Success String Failure String "Vmodem failed" Suppress Off Style Numeric DS$

?), ESC, or TAB key after any part of the command to see

20 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 21

Server Commands Chapter 2

This chapter defines all the CLI commands associated with configuring the IOLAN server parameters.

Server Commands

Set Console

Description Sets the flow control and baud rate on IOLAN models that have a dedicated console

port.

User Level Admin Syntax

Options flow

set console [flow none|soft|hard]

[speed 9600|19200|38400|57600|115200]

For IOLAN models that have a dedicated console port, defines whether the data flow is handled by using software (

Soft), hardware (Hard), or no (None) flow control.

Set Custom-App

Description You can create a custom application that can run on the IOLAN using the Perle SDK. User Level Admin Syntax

Options program-command-line

speed

For IOLAN models that have a dedicated console port, specifies the baud rate of the line connected to the console port.

set custom-app server program-command-line <command>

The name of the SDK program executable that has been already been downloaded to the IOLAN, plus any parameters you want to pass to the program. Maximum of 80 characters. Use the to manage the files that you have downloaded to the IOLAN. For example, using sample

outraw -s 0 192.168.2.1:10001 Acct:10001

if you were starting the application on the Server (notice the Line 1).

outraw program, you would type:

shell CLI command as described in the SDK Programmer’s Guide

-s 0 parameter specifies

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 21

Page 22

Server Commands

Set Port-Buffering

Description Configures port buffering. User Level Admin Syntax

Options duplicate-nfs-to-syslog

set port-buffering [duplicate-nfs-to-syslog on|off]

When enabled, buffered data is sent to the syslog host to be viewed on the host’s monitor. The default is off.

key-stroke-buffering

When enabled, key strokes that are sent from the network host to the serial device on the IOLAN’s serial port are buffered. The default is off.

mode

Specifies where the port buffer log is kept, either Off, Local, Remote, or Both. If

Remote or Both is selected, you must specify an NFS server location for the port buffer

log.

nfs-directory

The directory and/or subdirectories where the Remote Port Buffering files will be created. This field is used when Port Buffering

Mode is set to Remote or Both. For

multiple IOLANs using the same NFS host, it is recommended that each IOLAN have its own unique directory to house the remote port log files. The default is

/device_server/portlogs.

nfs-encryption

Determines if the data sent to the NFS host is sent encrypted or in the clear across the LAN. The default is set of

Off.

NOTE: When NFS encryption is enabled, the Decoder utility software is required to be installed on the NFS host for decrypting the data to a readable format. The Decoder utility software can be found on the installation CD-ROM and on the

www.perle.com

website.

nfs-host

The NFS host that the IOLAN will use for its Remote Port Buffering feature. The IOLAN will open a file on the NFS host for each reverse SSH or reverse Telnet line, and send any port data to be written to those files. The default is

None. This field is

required when Mode is set to Remote or Both.

time-stamp

Enable/disable time stamping of the port buffer data.

view-port-buffer-string

The string (up to 8 characters) used by a a session connected to a serial port to display the port buffer for that particular serial port. You can specify control (unprintable) codes by putting the decimal value in angle brackets < > (for example, The default is

~view.

Escape b is <027>b).

22 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 23

Set Server

Description Sets server parameters. User Level Admin Syntax

set server [auto-obtain-dns on|off] [auto-obtain-gw on|off]

[auto-obtain-wins on|off] [banner on|off] [break on|off] [bypass-password on|off] [dhcp-update-dns on|off] [domain <string>] [flush-on-close on|off] [line-menu-string <string>] [monitor-connection-every <1-32767>] [name <string>] [netmask <IPV4_address>] [oem-login on|off] [password-limit <0-10>] [prompt-with-name on|off] [ip-filter on|off] [session-escape-string <string>] [single-telnet on|off] [monitor-connection-every <seconds>] [active-standby on|off] [miimon <milliseconds>] [updelay <milliseconds>] [power-management-menu-string <string>]

set server internet [eth1|eth2] <IPV4_address> [netmask]

set server internet [eth1|eth2] dhcp/bootp on dhcp-update-dns on

domain-prefix <text>

set server internet [eth1|eth2] dhcp/bootp on dhcp-update-dns off

Server Commands

set server internet [eth1|eth2] dhcp/bootp off <IPV4_address>

[<netmask>]

set server tftp [retry <integer>] [timeout <integer>]

set server ssl-passphrase

Options auto-obtain-dns

When DHCP/BOOTP is enabled, you can enable this option to have the IOLAN receive the DNS IP address from the DHCP/BOOTP server.

auto-obtain-gw

When DHCP/BOOTP is enabled, you can enable this option to have the IOLAN receive the Default Gateway IP address from the DHCP/BOOTP server.

auto-obtain-wins

When DHCP/BOOTP is enabled, you can enable this option to have the IOLAN receive the WINS IP address from the DHCP/BOOTP server.

banner

This parameter concerns the banner information (product name/software version). This banner information is presented to a user with a login prompt. For security reasons, you can turn off the display of this information. The default is

break

Enables/disables proprietary inband SSH break signal processing as well as the existing Reverse Te l net break signal. Th is param eter can also enable/disable the out-of-band break signals for TruePort. The default value is

Off.

bypass-password

When set, authorised users who do not have a password set, with the exception of the Admin user, WILL NOT be prompted for a password at login with

Authentication.

Local

Server Commands 23

Page 24

Server Commands

dhcp-update-dns

The DHCP server will update the DNS server when the IOLAN requests a DHCP IP address (the communication between the DNS server and the DHCP server must already be set up in your network).

dhcp/bootp

Enables the DHCP/BOOTP client process in the IOLAN. By default, this is disabled/off. If this is enabled, the server IP address parameter is disabled.

domain

Unique name for your domain, your location in the global network. Like Hostname, it is a symbolic, rather than a numerical, identifier.

domain-prefix

(SCS models only) A domain prefix to uniquely identify the Ethernet interface to the DNS when the IOLAN has two Ethernet interfaces. The format of the Ethernet interface will take the form of <Server Name>.<Domain Prefix>.<Domain Name> or <Server Name>.<Domain Prefix>, depending on what is configured.

flush-on-close

When enabled, deletes any pending outbound data when a port is closed; as opposed to maintaining the port to send pending data. The default value is

Off.

internet

The IOLAN’s unique IPv4 network IP address. If you are using the IOLAN in an IPv6 network, use the

set ipv6 command.

internet [eth1|eth2]

Dual Ethernet SCS models require that you specify which Ethernet connection you are setting, either

eth1 or eth2.

name

You must supply a name for the IOLAN.

netmask

The network subnet mask. For example, 255.255.0.0.

line-menu-string

The string used to access to the Easy Port Access menu without disconnecting the initial reverse SSH or reverse Telnet session.The default string is ~menu.

monitor-connection-every

Specify how often, in seconds, the IOLAN will send a TCP keepalive. This only applies to line service types that support the keepalive feature. The default interval is every 30 seconds

oem-login

When set, and a custom language file is in use, the login prompt will use the string defined in the language file as the login prompt instead of the default prompt, login:.

24 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 25

Server Commands

password-limit

The number of attempts a user is allowed to enter a password for a serial port connection from the network, before the connection is terminated and the user has to attempt to login again. For users logging into the serial port, if this limit is exceeded, the serial port is disabled for 5 minutes. A user with Admin level rights can restart the serial port, bypassing the timeout, by issuing a kill on the disabled serial port. The default value is

prompt-with-name

Displays the Server Name field value instead of default product name. When enabled, the

Server Name is displayed in the IOLAN login prompt, CLI prompt, WebManager

ip-filter

A security feature that when enabled, the IOLAN will only accept data from hosts configured in the IOLAN’s

Host Table with an IP address (hosts configured with a

Fully Qualified Domain Name, FQDN, will not be able to access the IOLAN when this option is enabled). The default value is

Off.

single-telnet

Sets all reverse connections (raw, SSH, and telnet) to a one connection at a time mode. In this mode of operation, the IOLAN will only allow for a single TCP connection at a time to exist for each serial port configured for a reverse connection type. Subsequent connection attempts will be refused until all of the following conditions are met:

z No active connection to serial port exists and at least 1 second has passed since the

last connection was terminated.

z All data from the previous connection on the serial port has been transmitted.

The IOLAN has logic to automatically detect when a reverse connection is no longer active. When this happens, the connection is reset and the server can go back to a listening for an incoming connection state.

Applications using Single Telnet need to be aware that there can be some considerable delay between a network disconnection and the port being available for the next connection attempt; this is to allow any data sent on prior connections to be transmitted out of the serial port. Application network retry logic needs to accommodate this feature. The default value is

Off.

active-standby

(SCS only) Enables/disables the feature of automatically assigning the Ethernet 1 IP address to Ethernet 2 if Ethernet 1 should fail to communicate to the network.

miimon

(SCS only) The interval in which the active interface is checked to see if it is still communicating. The default is 100 ms.

updelay

(SCS only) The time that the IOLAN will wait to make the secondary interface (Ethernet 2) active after it has been detected as up.

power-management-menu-string

Users accessing the IOLAN through reverse sessions can enter the string to bring up a power bar management menu. This string can be up to 8 characters. Control characters can be specified by putting their decimal value within angled brackets. The default value is

<016> or Ctrl-p on the keyboard.

Server Commands 25

Page 26

Server Commands

session-escape-string

A configurable string that allows access to a port to view the multisession screen options, allowing the various options while accessing the particular port on the IOLAN. You can specify control (unprintable) codes by putti ng the decimal value in angle brackets < > (for example, (

<026>s in decimal).

ESC-b is <027>b). The default value is Ctrl-z s

retry

The number of times the IOLAN will retry to transmit a TPFT packet to/from a host when no response is received. Enter a value between 0 and 5. The default is 5. A value of 0 (zero) means that the IOLAN will not attempt a retry should TFTP fail.

timeout

The time, in seconds, that the IOLAN will wait for a successful transmit or receipt of TFTP packets before retrying a TFTP transfer. Enter a value between 3 and 10. The default is

3 seconds.

ssl-passphrase

This is the SSL/TLS passphrase used to generate an encrypted RSA/DSA private key. This private key and passphrase are required for both HTTPS and SSL/TLS connections, unless an unencrpyted private key was generated, then the SSL passphrase is not required. Make sure that you download the SSL private key and certificate if you are using the secure HTTP option (HTTPS) or SSL/TLS. If both RSA and DSA private keys are downloaded to the IOLAN, they need to be generated using the same SSL passphrase for both to work.

Set SSL Server

Description Sets the default SSL/TLS parameters for the server. User Level Admin Syntax

Options version

set ssl server [version any|tslv1|sslv3] [type client|server]

Specify whether you want to use:

z Any—The IOLAN will try a TLSv1 connection first. If that fails, it will try an

SSLv3 connection. If that fails, it will try an SSLv2 connection.

z TLSv1—The connection will use only TLSv1. z SSLv3—The connection will use only SSLv3.

The default is Any. type

Specify whether the IOLAN will act as an SSL/TLS client or server. The default is

Client. verify-peer

Enable this option when you want the Validation Criteria to match the Peer Certificate for authentication to pass. If you enable this option, you need to download an SSL/TLS certificate authority (CA) list file to the IOLAN.

26 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 27

Server Commands

validation-criteria

Any values that are entered in the validation criteria must match the peer certificate for an SSL connection; any fields left blank will not be validated against the peer certificate.

country

A two character country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

state-province

Up to a 128 character entry for the state/province; for example, IL. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

locality

Up to a 128 character entry for the location; for example, a city. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation

Up to a 64 character entry for the organisation; for example, Accounting. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Set Service

organisation-unit

Up to a 64 character entry for the unit in the organisation; for example, Payroll. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

common-name

Up to a 64 character entry for common name; for example, the host name or fully qualified domain name. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Up to a 64 character entry for an email address; for example, acct@anycompany.com. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Description Sets server service parameters. User Level Admin Syntax

set service [routed on|off] [telnetd on|off] [sshd on|off]

Options routed

Route daemon process in the IOLAN on port 520.

telnetd

Telnet daemon process in the IOLAN on port 23.

sshd

SSH daemon process in the IOLAN on port 22.

Server Commands 27

Page 28

Server Commands

httpd

HTTP daemon process in the IOLAN on port 80.

snmpd

SNMP daemon process in the IOLAN on port 161.

spcd

SPC (TruePort) daemon process in the IOLAN that supports TruePort Full Mode on UDP port 668. You can still communicate with the IOLAN in Lite Mode when this service is disabled.

sntp

Simple Network Time Protocol client process in the IOLAN.

httpsd

Secure HTTP daemon process in the IOLAN on port 443.

syslog

Syslog client process in the IOLAN.

dmgrd

Show Console

Description For IOLAN models that have a dedicated console port, this command displays the User Level Admin

Syntax

Show Custom-App

Description Shows the custom application server settings. User Level Admin Syntax

Show Server

DeviceManager daemon process in the IOLAN. If you disable this service, you will not be able to connect to the IOLAN with the DeviceManager application. DeviceManagerD listens on port 33812 and sends on port 33813.

modbusd

Modbus daemon process in the IOLAN on port 502.

ipsec

IPsec daemon process in the IOLAN listening and sending on UDP port 500. This is disabled by default.

configured parameters of the console port.

show console

show custom-app server

Description Shows the parameters set for the server. User Level Admin, Normal Syntax

show server

Show Port-Buffering

Description Shows the port buffering settings. User Level Normal, Admin Syntax

28 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

show port-buffering

Page 29

Show Modbus

Description Shows the Modbus settings for the gateway. User Level Normal, Admin Syntax

show modbus gateway

Hardware Commands

Set Ethernet

Description Sets the hardware configuration for the Ethernet port(s). User Level Admin Syntax

Options eth1|eth2

set ethernet [eth1|eth2] speed-and-duplex

You must specify the Ethernet interface if you have an SCS model with dual Ethernet.

Define the Ethernet connection speed at one of the following (desktop models don’t support 1000 Mbps):

z auto—automatically detects the Ethernet interface speed and duplex z 10 Mbps Half Duplex

z 10 Mbps Full Duplex z 100 Mbps Half Duplex z 100 Mbps Full Duplex z 1000 Mbps Full Duplex

Hardware Commands

Show Hardware

Description Shows the hardware resources, Ethernet link status, date and time. User Level Normal, Admin Syntax

show hardware

SSH Server Commands

Set SSH-Server

See Keys and Certificates in the IOLAN User’s Guide for information about the keys and certificates that need to be uploaded or downloaded with the IOLANs SSH server.

Description Configures the IOLANs SSH server. User Level Admin Syntax

Options authentication rsa

set ssh-server [authentication rsa on|off]

set ssh-server cipher [3des on|off] [blowfish on|off]

[cast on|off] [aes on|off] [arcfour on|off]

An authentication method used by SSH version 1 and 2. Use RSA authentication for the SSH session.

Server Commands 29

Page 30

SSH Server Commands

authentication dsa

An authentication method used by SSH version 2. Use DSA authentication for the SSH session.

authentication password

The user types in a password for authentication.

authentication keyboard-interactive

The user types in a password for authentication.Used for SSH2 only.

compression

Requests compression of all data. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks.

verbose

Displays debug messages on the terminal.

break-string

The break string used for inband SSH break signal processing. A break signal is generated on a specific serial port only when the server's break option is enabled and the user currently connected using reverse SSH has typed the break string exactly. The default is set to

~break, where ~ is tilde; the break string can be up to eight characters.

Show SSH-Server

Description Shows the SSH server settings. User Level Admin Syntax

ssh1

Allows the user’s client to negotiate an SSH-1 connection, in addition to SSH-2.

cipher

Specify which ciphers the IOLAN’s SSH server can use to negotiate data encryption with an SSH client session.

show ssh-server

30 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 31

SSL/TLS Commands

Set SSL Server

Description Sets the default SSL/TLS parameters for the server. User Level Admin Syntax

Options version

set ssl server [version any|tslv1|sslv3] [type client|server]

Specify whether you want to use:

z Any—The IOLAN will try a TLSv1 connection first. If that fails, it will try an

SSLv3 connection. If that fails, it will try an SSLv2 connection.

z TLSv1—The connection will use only TLSv1. z SSLv3—The connection will use only SSLv3.

The default is Any.

SSL/TLS Commands

type

Specify whether the IOLAN will act as an SSL/TLS client or server. The default is

Client. verify-peer

validation-criteria

Any values that are entered in the validation criteria must match the peer certificate for an SSL connection; any fields left blank will not be validated against the peer certificate.

country

A two character country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

state-province

Up to a 128 character entry for the state/province; for example, IL. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

locality

Up to a 128 character entry for the location; for example, a city. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation

Up to a 64 character entry for the organisation; for example, Accounting. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Server Commands 31

Page 32

SSL/TLS Commands

organisation-unit

Up to a 64 character entry for the unit in the organisation; for example, Payroll. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

common-name

Up to a 64 character entry for an email address; for example, acct@anycompany.com. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Set SSL Server Cipher-suite

Description Sets the default SSL/TLS cipher suite parameters. User Level Admin Syntax

Options option1|option2|option3|option4|option5

set ssl server cipher-suite

option1|option2|option3|option4|option5 encryption any|aes|3des|des|arcfour|arctwo|none min-key-size 40|56|64|128|168|256 max-key-size 40|56|64|128|168|256 key-exchange any|rsa|edh-rsa|edh-dss|adh hmac any|sha1|md5

Sets the priority of the cipher suite, with option1 being highest priority and option5 lowest priority.

encryption

Select the type of encryption that will be used for the SSL connection:

z Any—Will use the first encryption format that can be negotiated. z AES z 3DES z DES z ARCFOUR z ARCTWO z None—Removes any values defined for the cipher option.

The default value is Any. min-key-size

The minimum key size value that will be used for the specified encryption type. The default is 40.

max-key-size

The maximum key size value that will be used for the specified encryption type. The default is 256.

32 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 33

Modbus Commands

key-exchange

The type of key to exchange for the encryption format:

z Any—Any key exchange that is valid is used (this does not, however, include ADH

keys).

z RSA—This is an RSA key exchange using an RSA key and certificate. z EDH-RSA—This is an EDH key exchange using an RSA key and certificate. z EDH-DSS—This is an EDH key exchange using a DSA key and certificate. z ADH—This is an anonymous key exchange which does not require a private key

or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.

The default is Any.

hmac

Select the key-hashing for message authentication method for your encryption type:

z Any z MD5 z SHA1

The default is Any.

Show SSL

Description Shows the SSL/TLS settings/information. User Level Normal, Admin Syntax

show ssl

Modbus Commands

Set Modbus Gateway

Description Sets the Modbus parameters for the IOLAN when it is operating as a Modbus Gateway. User Level Admin Syntax

Options addr-mode

set modbus gateway [addr-mode embedded|re-mapped]

[broadcast on|off] [char-timeout <number>] [req-next-delay <number>] [exceptions on|off] [idle-timer <number>] [mess-timeout <number>] [port <TCP/UDP_port>] [req-queuing on|off] [remapped-id <1-247>] [ssl on|off]

Determines if the original UID address will be embedded in the transmission header or if a specified (remapped) UID will be embedded in the transmission header.

broadcast

When enabled, a UID of 0 (zero) indicates that the message will be broadcast to all Modbus Slaves. The default is Off.

char-timeout

Used in conjunction with the Modbus RTU protocol, specifies how long to wait, in milliseconds, after a character to determine the end of frame. The default is 30 ms.

Server Commands 33

Page 34

Modbus Commands

req-next-delay

A delay, in milliseconds, to allow serial slave(s) to re-enable receivers before issuing next Modbus Master request. The default is 50 ms.

exceptions

When enabled, an exception message is generated and sent to the initiating Modbus device when any of the following conditions are encountered: there is an invalid UID, the UID is not configured in the Gateway, there is no free network connection, there is an invalid message, or the target device is not answering the connection attempt. The default is On.

idle-timer

Specifies the number of seconds that must elapse without any network or serial traffic before a connection is dropped. If this parameter is set to 0 (zero), a connection will not be dropped (with the following exceptions: the TCP KeepAlive causes the connection to be dropped or the Modbus device drops the connection). The default is 10 seconds.

mess-timeout

Time to wait, in milliseconds, for a response message from a Modbus TCP or serial slave (depending if the Modbus Gateway is a Master Gateway or Slave Gateway, respectively) before sending a Modbus exception. The default is 1000 ms.

Show Modbus

Description Displays the Modbus Gateway parameters. User Level Admin Syntax

port

The network port number that the Slave Gateway will listen on for both TCP and UDP messages. The default is 502.

req-queuing

When enabled, allows multiple, simultaneous me ssages to be queu e d and processed in order of reception. The default is

On.

remapped-id

Specify the UID that will be inserted into the message header for the Slave Modbus serial device. Valid values are 1-247.

ssl

When enabled, messages over the TCP connection are encrypted vis SSL/TLS.

show modbus gateway

show modbus slave|master <line_number>

34 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 35

Authentication Commands

Set Authentication

Description Sets the authentication method for the IOLAN. User Level Admin Syntax

Options primary

set authentication type primary|secondary

The first authentication method that the IOLAN attempts. Some type of authentication must be done by the IOLAN, therefore,

Authentication Method

secondary

If the Primary Authentication Method fails, the next authentication method that the IOLAN attempts. You can choose to use authentication methods in combination. For example, you can specify the

Secondary Authentication Method as RADIUS. Therefore, some users can be defined

in the IOLAN (

Local) others in RADIUS.

Authentication Commands

None is not a valid option for the Primary

Primary Authentication Method as Local and the

Specify the authentication method that the IOLAN will use to authenticate users (this must already be set up in your network).

secondary-as-backup

When enabled, the Secondary Authentication method will be tried only when the IOLAN cannot communicate with the Primary Authentication server.

auth-admin-user-local

When enabled, the IOLAN will only authenticate the admin user in the local user database, regardless of any external authentication methods configured. When disabled, a user called admin must exist when only external authentication methods are configured, or you will not be able to access the IOLAN as the admin user, except through the console port. The default is

Set Authentication Local

Description Configures local authentication settings. When you configure the IOLAN to

authenticate users locally, you can require that the users be configured in the User table. You can also enable the using any user name, but they will only get authenticated if they match the password configured for the

User Level Admin Syntax

Options guest-mode

set authentication local [guest-mode on|off] [password <text>]

Allow users who are not defined in the User database to log into the IOLAN with any user ID and the specified password.

User’s configuration.

on.

Guest mode. This mode allows users to log into the IOLAN

Guest account.

Guest users inherit their settings from the Default

password

The password that Guest users must use to log into the IOLAN.

Server Commands 35

Page 36

Authentication Commands

Set Authentication Kerberos

Description Configures Kerberos authentication settings. User Level Admin Syntax

set authentication kerberos [kdc-domain <string>]

[port <TCP_port>] [realm <string>]

Options kdc-domain

The name of a host running the KDC (Key Distribution Center) for the specified realm. The host name that you specify must either be defined in the IOLAN’s (with an IP address) or be resolvable by a DNS server.

port

The port that the Kerberos server listens to for authentication requests. If no port is specified, the default port 88 is used.

realm

The Kerberos realm is the Kerberos host domain name, in upper-case letters.

Set Authentication LDAP

Description Configures LDAP authentication settings. User Level Admin Syntax

Options base

set authentication ldap [base <string>]

[host <hostname/IP_addr>] [port <TCP_port>] [tls on|off] [tls-port <TCP_port>]

The domain component (dc) that is the starting point for the search for user authentication.

Host Table

host

The name or IP address of the LDAP host. If you use a host name, that host must either have been defined in the IOLAN’s a DNS server. If you are using

Host Table (with an IP address) or be resolvable by

TLS, you must enter the same string you used to create

the LDAP certificate that resides on your LDAP server.

port

The port that the LDAP host listens to for authentication requests. The default port is

389.

tls

Enables/disables the Transport Layer Security (TLS) with the LDAP host.

tls-port

Specify the port number that LDAP will use for TLS. The default is port 636.

36 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 37

Set Authentication NIS

Description Sets NIS authentication parameters. User Level Admin Syntax

Options domain

set authentication nis [domain <string>] [primary <config_host>]

[secondary <config_host>]

The NIS domain name.

primary

The primary NIS host that is used for authentication.

secondary

The secondary NIS host that is used for authentication, should the primary NIS host fail to respond.

Add RADIUS

Description Adds an accounting or authentication RADIUS host. User Level Admin Syntax

Options accounting-host

add radius accounting-host <config_host> secret add radius auth-host <config_host> secret

The first time this command is entered, this is the name of the primary RADIUS accounting host.

The second time this command is entered, this is the name of the secondary RADIUS authentication host.

Authentication Commands

Delete RADIUS

Description Deletes an accounting or authentication RADIUS host. User Level Admin Syntax

Options accounting

auth-host

The first time this command is entered, this is the name of the primary RADIUS authentication host.

The second time this command is entered, this is the name of the secondary RADIUS authentication host, should the first RADIUS host fail to respond.

secret

The secret (password) shared between the IOLAN and the RADIUS authentication host. After typing the command secret and pressing Enter, you will be prompted to enter

the secret and then re-enter the secret.

delete radius accounting <accounting_host> delete radius authentication <authentication_host>

Deletes the specified accounting host from the RADIUS authentication settings.

authentication

Deletes the specified authentication host from the RADIUS authentication settings.

Server Commands 37

Page 38

Authentication Commands

Set Authentication RADIUS

Description Sets RADIUS parameters. User Level Admin Syntax

Options accounting

set authentication radius [accounting on|off]

[acct-authenticator on|off] [acct-port <UDP_port>] [auth-port <UDP_port>] [nas-identifier <nas_id>] [nas-ip-address auto|specify <ipv4_address>] [nas-ipv6-address auto|specify <ipv6_address>] [retry <integer>] [timeout <integer>]

Enables/disables RADIUS accounting.

acct-authenticator

Enables/disables whether or not the IOLAN validates the RADIUS accounting response.

acct-port

The port that the RADIUS host listens to for accounting requests. The default port is

1813.

auth-port

The port that the RADIUS host listens to for authentication requests. The default port is

1812.

nas-identifier

This is the string that identifies the Network Address Server (NAS) that is originating the Access-Request to authenticate a user.

Field Format: Maximum 31 characters, including spaces nas-ip-address auto

When specified, the IOLAN will send the IOLAN’s Ethernet 1 IPv4 address to the RADIUS server. This is the default.

nas-ip-address specify <ipv4_address>

When specified, the IOLAN will send the specified IPv4 address to the RADIUS server. The default is 0.0.0.0.

nas-ipv6-address auto

When specified, the IOLAN will send the IOLAN’s IPv6 address to the RADIUS server. This is the default.

nas-ipv6-address specify <ipv6_address>

When specified, the IOLAN will send the specified IPv6 address to the RADIUS server.

retry

The number of times the IOLAN tries to connect to the RADIUS server before erroring out. Valid values are 0-255. The default is 5.

timeout

The time, in seconds, that the IOLAN waits to receive a reply after sending out a request to a RADIUS accounting or authentication host. If no reply is received before the timeout period expires, the IOLAN will retry the same host up to and including the number of retry attempts. Valid values are 1-2 55. The default is

3 seconds.

38 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 39

Set Authentication TACACS+

Description Configures TACACS+ authentication setti ngs. User Level Admin Syntax

Options port

set authentication tacacs+ [port <TCP_port>]

[primary <config_host>] [secondary <config_host>] [secret <string>]

The port number that TA CACS+ listens to fo r auth entication requests. The default port number is 49.

primary

The primary TAC ACS+ host that is used for authentication.

secondary

The secondary TACACS+ host that is used for authentication, should the primary TACACS+ host fail to respond.

secret

The TACACS+ shared secret is used to encrypt/decrypt TACACS+ packets in communications between two devices. The shared secret may be any alphanumeric string. Each shared secret must be configured on both client and server sides.

Authentication Commands

Set Authentication SecurID

Description Configures SecurID authentication settings. User Level Admin Syntax

Options primary host

set authentication securid primary [host <config_host>]

[port <TCP_port>] [encryption des|sdi] [legacy on|off]

set authentication securid replica [host <config_host>]

[port <TCP_port>] [encryption des|sdi] [legacy on|off]

set authentication securid reset secret

The first SecurID server that is tried for user authentication.

replica host

If the first SecurID server does not respond to an authentication request, this is the next SecurID server that is tried for user authentication.

port

The port number that SecurID listens to for authentication requests. The default port number is 5500.

encryption

You can specify either SDI or DES encryption for SecurID server communication. The default is SDI encryption.

legacy

If you are running SecurID 3.x or 4.x, you need to run in Legacy Mode. If you are running SecurID 5.x or above, do not select

Legacy Mode.

reset secret

Resets the SecurID secret (password) in the IOLAN.

Server Commands 39

Page 40

TruePort Baud Commands

Show Authentication

Description Shows the authentication settings. If you type just the show authentication

command, the configured primary and secondary authentication methods are displayed.

User Level Admin Syntax

Displays the authentication settings for the specified authentication method.

TruePort Baud Commands

Set TruePort Remap-Baud

Description This command allows for the remapping of the baud rate being specified by the Serial

application to a different value on the physical serial port on the IOLAN.

User Level Admin Syntax

Options 50|75|110|134|150|200|300|600|1200|1800|2400|4800|9600|19200|38400

set trueport remap-baud

50|75|110|134|150|200|300|600|1200|1800|2400|4800|9600|19200| 38400 50|75|110|134|150|200|300|600|1200|1800|2400|4800|9600|19200| 38400|57600|115200|230400|28800|[custom <baud_rate]

Show TruePort

Description Shows the IOLAN TruePort remapping table. User Level Normal, Admin Syntax

The configured baud rate of the TruePort client.

50|75|110|134|150|200|300|600|1200|1800|2400|4800|9600|19200|38400| 57600|115200|230400|28800|[custom <baud_rate>]

The actual baud rate that runs between the IOLAN and the connected serial device. You can also specify a custom baud rate; valid values are 50 - 1843200.

show trueport

40 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 41

Email Commands

Set Email-Alert Server

Description Configures email alert settings for the server. User Level Admin Syntax

Options from

set email-alert server [from <email_addr>]

This will be the contents of the from field in the generated email. This field will be specified in the from field of the email message sent by the IOLAN.

level

Choose the event level that triggers an email notification:

z Emergency z Alert z Critical z Error z Warning z Notice z Info z Debug

The list is in decreasing order of priority ( selecting the lowest notification level; therefore, when you select an email notification for all events that trigger a message.

Email Commands

Emergency has the highest priority). You are

Debug, you will get

mode

Determines whether or not email notification is turned on. Default is Off.

An email address or list of email addresses that will receive the email notification.

reply-to

The email address to whom all replies to the email notification should go.

smtp-host

The SMTP host (email server) that will process the email notification request. This can be either a host name defined in the IOLAN host table or the SMTP host IP address.

subject

A text string, which can contain spaces, that will display in the Subject field of the email notification.

If the text string contains spaces, enclose the string in quotes.

Show Email-Alert Server

Description Shows how the server email alert is configured. User Level Admin Syntax

show email-alert server

Server Commands 41

Page 42

Clustering Commands

Add Clustering Slave-IP

Description Adds a slave IOLAN to the clustering group. User Level Admin Syntax

Options <IPv4_address>

add clustering slave-ip <IPv4_address>

number-of-ports 1|2|4|8|16|24|32|48 [protocol telnet|ssh] [starting-master-tcp-port <10001-65535>] [starting-slave-ds-port <10001-65535>]

Specify the IP address of the clustering slave you wish to modify. This clustering slave must already exist in the clustering group. The IP address must be in a valid IPv4 format.

number-of-ports

Specify the port number that you wish to modify on this clustering slave.

protocol

Specify the protocol that will be used to access the Slave IOLAN port, SSH or Telnet.

starting-master-tcp-port

Specify this parameter if you wish to change the name associated with this slave port.

starting-slave-ds-port

Specify this parameter if you wish to change the slave-ds-port associated with this slave port. This should match the port number configured for this port on the salve IOLAN.

Delete Clustering Slave-IP

Description Deletes a Slave IOLAN from the clustering group. Type

delete clustering slave-ip ? to get a list of Slave IOLAN IP addresses.

User Level Admin Syntax Option <IPv4_address>

delete clustering slave-ip <IPv4_address>

Specify the IP address of the clustering slave you wish to modify. This clustering slave must already exist in the clustering group. The IP address must be in a valid IPv4 format.

42 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 43

Set Clustering Slave-IP

Description Modify the parameter associated with a specific port in a clustering group. User Level Admin Syntax

Options <IPv4_address>

set clustering slave-ip <IPv4_address> port <number>

[master-tcp-port <10001-65535>] [name <port_name>] [protocol telnet|ssh|not-used] [slave-ds-port <10001-65535>]

Specify the IP address of the clustering slave you wish to modify. This clustering slave must already exist in the clustering group. The IP address must be in a valid IPv4 format.

port

Specify the port number that you wish to modify on this clustering slave.

master-tcp-port

Specify this parameter if you wish to change the name associated with this slave port.

name

Specify this parameter if you wish to change the name associated with this slave port.

protocol

Specify this parameter if you wish to change the protocol used to access this slave port. Valid options are SSH, Telnet or not used if you wish to disable access to this port.

Clustering Commands

slave-ds-port

Specify this parameter if you wish to change the slave-ds-port associated with this slave port. This should match the port number configured for this port on the salve IOLAN.

Show Clustering Slave-IP

Description Show a Slave IOLANs clustering group settings. Type

show clustering slave-ip ? to get a list of Slave IOLAN IP addresses.

User Level Admin Syntax

Options <IPv4_address>

show clustering slave-ip <IPv4_address> [get-port-names]

[get-port-names-and-save]

Specify the IP address of the clustering slave you wish to modify. This clustering slave must already exist in the clustering group. The IP address must be in a valid IPv4 format.

get-port-names

Retrieves the port/line names from the specified Slave IOLAN.

get-port-names-and-save

Retrieves the port/line names from the specified Slave IOLAN and saves them in the Slave IOLAN clustering configuration.

Server Commands 43

Page 44

Dynamic DNS Commands

Set Dynamic-DNS

Description Configures the dynamic DNS parameters. User Level Admin Syntax

Options connection-method

set dynamic-dns [on|off]

Specify how the IOLAN is going to connect to the DynDNS.org server, via HTTP, HTTP through Port 8245, or HTTPS.

hostname

Specify the registered hostname with DynDNS.org that will be updated with the IOLAN’s IP address should it change. Put in the full name; for example, mydeviceserver.dyndns.org.

username

Specify the user name used to access the DynDNS.org server.

password

Specify the password used to access the DynDNS.org server.

system-type

Specify how your account was set up with DynDNS.org, using a Dynamic, Static, or Custom IP address schema.

wildcard

Adds an alias to *.yourhost.ourdomain.ext pointing to the same IP address as entered for

Set Dynamic-DNS SSL

Description Sets the SSL/TLS parameters for the connection between the IOLAN and the DNS

server.

User Level Admin Syntax

Options verify-peer

set dynamic-dns ssl [verify-peer on|off]

yourhost.ourdomain.ext.

validation-criteria

Any values that are entered in the validation criteria must match the peer certificate for an SSL connection; any fields left blank will not be validated against the peer certificate.

44 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 45

Dynamic DNS Commands

country

A two character country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

state-province

Up to a 128 character entry for the state/province; for example, IL. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

locality

Up to a 128 character entry for the location; for example, a city. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation

Up to a 64 character entry for the organisation; for example, Accounting. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation-unit

Up to a 64 character entry for the unit in the organisation; for example, Payroll. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

common-name

Up to a 64 character entry for an email address; for example, acct@anycompany.com. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

Server Commands 45

Page 46

Dynamic DNS Commands

Set Dynamic-DNS SSL Cipher-Suite

Description Sets the SSL/TLS cipher suite parameters for the connection between the IOLAN and

the DNS server.

User Level Admin Syntax

Options option1|option2|option3|option4|option5

set dynamic-dns ssl cipher-suite

Sets the priority of the cipher suite, with option1 being highest priority and option5 lowest priority.

encryption

Select the type of encryption that will be used for the SSL connection:

z Any—Will use the first encryption format that can be negotiated. z AES z 3DES z DES z ARCFOUR z ARCTWO z None—Removes any values defined for the cipher option.

The default value is Any. min-key-size

The minimum key size value that will be used for the specified encryption type. The default is 40.

max-key-size

The maximum key size value that will be used for the specified encryption type. The default is 256.

key-exchange

The type of key to exchange for the encryption format:

z Any—Any key exchange that is valid is used (this does not, however, include ADH

keys).

or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.

The default is Any.

46 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 47

hmac

Select the key-hashing for message authentication method for your encryption type:

z Any z MD5 z SHA1

The default is Any.

Show Dynamic-DNS

Description Shows the dynamic DNS settings. User Level Admin Syntax

show dynamic-dns

PCI Commands

Set PCI Card

Description Sets the type of card in the PCI slot. User Level Admin Syntax

Option card

set pci card none|modem|wireless-wan

Specify the type of card which is inserted in the PCI slot. Choices are modem for an IOLAN modem card, the default modem if no card is inserted in the PCI slot.

PCI Commands

wireless-wan for a wireless WAN card. Choose none or leave

Show PCI

Description Displays the PCI line settings. User Level Admin Syntax

show pci

Server Commands 47

Page 48

PCI Commands

Set PCI Wireless-WAN

Description Configures the wireless WAN parameters. User Level Admin Syntax

Options access-point-name

set pci wireless-wan [access-point-name <name>]

Specify the APN required by your internet provider to access their network. See the internet provider documentation for more information.

init-string

Specify the initialisation string required by your internet service provider for your wireless WAN card.

model

Specify the wireless WAN card you are using. If the wireless WAN card yo u are using is not listed, try the standard driver. If that does not work, look at the Perle website for a custom driver.

Show Wireless-WAN

Description Displays the wireless WAN settings. User Level Admin Syntax

password

Specify the password required by your internet provider to access their network.

phone-number

Specify the phone number provided by your service provider to access their wireless network. The phone number will probably take a format similar to

*99***1#.

user

Specify the name required by your internet provider to access their network.

show wireless-wan

48 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 49

IPv6 Commands

Set IPv6

Description Configures the basic IPv6 settings. User Level Admin Syntax

Options dhcpv6-settings

set ipv6 [dhcpv6-settings ipv6-address on|off]

Determines the types of information that the IOLAN will accept from the DHCPv6 server, IPv6 address(es) and/or network prefix(es).

ivp6-address

When enabled, the IOLAN will accept IPv6 address(es) from the DHCPv6 server. This is

off by default.

network-prefix

When enabled, the IOLAN will accept the network prefix from the DHCPv6 server. This is

IPv6 Commands

off by default.

Show IPv6

eth1|eth2

Configures the IPv6 settings for the IOLAN’s Ethernet interface 1 and/or Ethernet interface 2 (SCS models only) connection(s).

enable-ipv6-addressing

When enabled, you can configure the IOLAN to obtain the IPv6 address(es) using IPv6 Autoconfiguration or a DHCPv6 server.

Default: Enabled obtain-using auto-ipv6|dhcpv6

z auto-ipv6—When enabled, the IOLAN will send out a Router Solicitation

message. If a Router Advertisement message is received, the IOLAN will configure the IPv6 address(es) and configuration parameters based on the information contained in the advertisement. If no Router Advertisement message is received, the IOLAN will attempt to connect to a DHCPv6 server to obtain IPv6 addresses and other configuration parameter s. This is the default.

z dhcpv6—When enabled, requests IPv6 address(es) and configuration information

from the DHCPv6 server.

Description Shows the IPv6 settings. User Level Admin Syntax Option eth1|eth2

show ipv6 [eth1|eth2]

Displays the configuration IPv6 information for the specified Ethernet interface.

Server Commands 49

Page 50

IPv6 Commands

Add Custom-IPv6

Description User Level Admin Syntax

Options eth1|eth2

add custom-ipv6 [eth1|eth2] method auto

network-prefix <network_prefix> [prefix-bits <0-64>] [router-advertisement on|off]

add custom-ipv6 [eth1|eth2] method manual

ipv6-address <ipv6_address> [prefix-bits <0-128>] [router-advertisement on|off]

Configures the custom IPv6 settings for the IOLAN’s Ethernet interface 1 or Ethernet interface 2 (SCS models only) interface.

method auto

When this option is specified, the IOLAN will derive an IPv6 address from the entered network prefix and the IOLAN’s MAC address. This is the default option.

network-prefix

Specify the IPv6 network prefix. The IOLAN will derive the complete IPv6 address from the entered network prefix and the IOLAN’s MAC address.

prefix-bits (auto)

Specify the network prefix bits for the IPv6 address.

Range: 0-64 Default: 64

method manual

Specify this option when you want to enter a specific IPv6 address.

ipv6-address

Specify the complete IPv6 address.

Field Format: IPv6 address prefix-bits (manual)

Specify the network prefix bits for the IPv6 address.

Range: 0-128 Default: 64

router-advertisement

When enabled, the IPv6 address is advertised when the IPv6-router-advertisement parameter is enabled.

50 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 51

Set Custom-IPv6

Description Configures custom IPv6 network and IP addresses. User Level Admin Syntax

Options eth1|eth2

IPv6 Commands

set custom-ipv6 [eth1|eth2] <config_ipv6_address> method auto

network-prefix <network_prefix> [prefix-bits <0-64>] [router-advertisement on|off]

set custom-ipv6 [eth1|eth2] <config_ipv6_address> method manual

ipv6-address <ipv6_address> [prefix-bits <0-128>] [router-advertisement on|off]

Configures the custom IPv6 settings for the IOLAN’s Ethernet interface 1 or Ethernet interface 2 (SCS models only) interface.

method auto

When this option is specified, the IOLAN will derive an IPv6 address from the entered network prefix and the IOLAN’s MAC address. This is the default option.

network-prefix

Specify the IPv6 network prefix. The IOLAN will derive the complete IPv6 address from the entered network prefix and the IOLAN’s MAC address.

Delete Custom-IPv6

Description Deletes the specified custom IPv6 address. To see a list of configured IPv6 addresses, User Level Admin

Syntax Option eth1|eth2

prefix-bits (auto)

Specify the network prefix bits for the IPv6 address.

Range: 0-64 Default: 64

method manual

Specify this option when you want to enter a specific IPv6 address.

ipv6-address

Specify the complete IPv6 address.

Field Format: IPv6 address prefix-bits (manual)

Specify the network prefix bits for the IPv6 address.

Range: 0-128 Default: 64

router-advertisement

When enabled, the IPv6 address is advertised when the IPv6-router-advertisement parameter is enabled.

type the command

delete custom-ipv6 <config_ipv6_address> [eth1|eth2]

delete custom-ipv6 ?.

Deletes the specified custom IPv6 address. You must specify the Ethernet interface for SCS models.

Server Commands 51

Page 52

IPv6 Router Advertisements

Set IPv6-Router-Advertisement

Description Configures IPv6 router advertisements. User Level Admin Syntax

Options ipv6-router-advertisement

set ipv6-router-advertisement [eth1|eth2] on|off [dhcpv6 off|on]

[dhcpv6-cfg-options off|on]

When enabled, the IOLAN will periodically send IPV6 Router Advertisement messages and respond to Router Solicitation messages. The Router Advertisement message can be configured to contain any of the following information:

z DHCPv6—Use the DHCPv6 server to obtain additional IPV6 address(es) and

configuration parameters.

z DHCPv6 Configuration Options—Use DHCPv6 server to obtain additional

configuration parameters.

z Network Prefixes—Advertise the selected custom configured network prefixes.

Default: Disabled eth1|eth2

Configures the IPv6 router advertisement settings for the IOLAN’s Ethernet interface 1 or Ethernet interface 2 (SCS models only) interface.

dhcpv6

When enabled, the Router Advertisement message indicates to use the DHCPv6 server for obtaining additional IPv6 addresses and configuration parameters.

Default: Disabled dhcpv6-cfg-options

When enabled, the Router Advertisement message indicates to use the DHCPv6 server to obtain additional configuration parameters.

Default: Disabled

Show IPv6-Router-Advertisement

Description Displays the IPv6 router advertisement settings. User Level Admin Syntax Option eth1|eth2

show ipv6-router-advertisement [eth1|eth2]

Displays the IPv6 router advertisement settings for the IOLAN’s Ethernet interface 1 or Ethernet interface 2 (SCS models only) interface.

52 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 53

User Commands Chapter 3

This chapter defines all the CLI commands available to users who are logged into the IOLAN.

Commands for Users Logged Into the IOLAN

Admin

Description Changes a Normal-level user to the Admin user. When you press Enter after you type

this command, you will be prompted for the Admin password.

User Level Normal Syntax

Help

Description Displays help on using the command line interface (CLI). User Level Restricted, Normal, Admin Syntax

admin

help

Kill Line

Kill Session

Logout

Description Restarts a line. On IOLANs with more than 1 port, you can specify a port number and

then a range of ports; for example, also be used to reset the internal modem on the IOLAN. The internal modem is addressed as last serial port +1 (i.e., on an SDS 3M, the modem is line 4). On single port models, use the command

User Level Normal, Admin Syntax

Description Kills an active session. User Level Restricted, Normal, Admin Syntax

Options 1|2|3|4

Description Logs the user out from the IOLAN. User Level Restricted, Normal, Admin Syntax

kill line *|<number>|<number range>

Note: the * is a wildcard meaning all lines.

kill session 1|2|3|4

The number of the session you want to kill.

logout

kill line 4, 10-13, 15. This command can

kill line.

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 51

Page 54

Commands for Users Logged Into the IOLAN

Ping

Description This command checks to see if a given host is reachable via an IP message. The

specific message used is called a ping.

User Level Normal, Admin Syntax

Options <hostname/IP_address>

ping <hostname/IP_address> [<packet_size>] [<#_of_packets>]

The name (DNS resolvable host name) or IP address of the machine you are trying to ping.

<packet_size>

Enter the number of data bytes to be sent. The default is 100 bytes.

<#_of_packets>

Enter the number of the packets you want to send. The default is 10.

Resume

Rlogin

Screen

Description Resumes a started session. User Level Restricted, Normal, Admin Syntax

Options 1|2|3|4

Description Starts an rlogin session to the specified host/IP address. User Level Normal, Admin Syntax

Options <hostname/IP_address>

resume 1|2|3|4

The number of the session you want to resume.

rlogin <hostname/IP_address> [termtype <terminal_name>]

[user <string>]

The name of the target host.

termtype

Type of terminal attached to this line; for example, ansi or wyse60.

user

The name of the user logging into the rlogin session.

Description Switches from a command line based interface to Menu mode of operation. User Level Restricted, Normal, Admin Syntax

52 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

screen

Page 55

Set Termtype

Description Sets the type of terminal being used for the current session. User Level Normal, Admin Syntax

Commands for Users Logged Into the IOLAN

set termtype

Specifies the type of terminal connected to the line:

z Dumb z WYSE60 z VT100 z ANSI z TVI925 z IBM3151TE z VT320 (specifically supporting VT320-7) z HP700 (specifically supporting HP700/44) z Term1, Term2, Term3 (user-defined terminals)

Set User

Description Sets the current users settings. User Level Normal, Admin Syntax

set user . [hotkey-prefix <00-7f>] [language english|customlang]

[routing none|send|listen|send-and-listen] [password]

Options hotkey-prefix

The prefix that a user types to control the current session. The default value is hex 01, which corresponds to

z ^a number—To switch from one session to another, press ^a and then the required

Ctrl-a (^a) (hex value 02 would be Ctrl-b (^b), etc.):

session number. For example, will return you to the IOLAN Menu.

z ^a n—Display the next session. The current session will remain active. The lowest

numbered active session will be displayed.

z ^a p—Display the previous session. The current session will remain active. The

highest numbered active session will be displayed.

z ^a m—To exit a session and return to the IOLAN. You will be returned to where

you left off. The session will be left running.

z ^a l—(Lowercase L) Locks the line until the user unlocks it. The user is prompted

for a password (any password, excluding spaces) and locks the line. Next, the user must retype the password to unlock the line.

z ^r—When you switch from a session back to the Menu, the screen may not be

redrawn correctly. If this happens, use this command to redraw it properly. This is always

The

User Hotkey Prefix value overrides the Line Hotkey Prefix value. You can use the

Hotkey Prefix keys to lock a line only when the line Lock parameter is On.

Ctrl R, regardless of the Hotkey Prefix.

^a 2 would switch you to session 2. Pressing ^a 0

language

You can specify whether a user will use English or Customlang as the language that appears in the Menu, CLI, or WebManager. The IOLAN supports one custom language that must be downloaded to the IOLAN; otherwise,

Customlang defaults to English.

User Commands 53

Page 56

Commands for Users Logged Into the IOLAN

routing

Determines the routing mode used for RIP packets on the PPP and SLIP interfaces for this user. Values are:

z None—RIP packets are neither received nor sent by the IOLAN. z Send—RIP packets can only be sent by the IOLAN. z Listen—RIP packets can only be received by the IOLAN. z Send and Listen—RIP packets are sent and received by the IOLAN.

password

The password the user will need to enter to login to the IOLAN. This case-sensitive field accepts a maximum of 16 characters.

Set User Session

Description Sets the current users session settings. User Level Normal, Admin Syntax

set user . session 1|2|3|4|* [auto on|off]

[type off|telnet|rlogin|ssh]

set user . session 1|2|3|4|* telnet-options [host <config_host>]

[port <TCP_port>] [termtype <terminal_name>] [line-mode on|off] [map-cr-crlf on|off] [local-echo on|off] [echo <00-7f>] [eof <00-7f>] [erase <00-7f>] [intr <00-7f>] [quit <00-7f>]

set user . session 1|2|3|4|* rlogin-options [host <config_host>]

[termtype <terminal_name>]

set user . session 1|2|3|4|* ssh-options [host <config_host>]

set user . session 1|2|3|4|* ssh-options

ssh-2-cipher-list <3des blowfish cast aes arcfour>

Options session

Specifies the session number (or all, *) that you are configuring.

auto

Specify whether or not the session(s) will start automatically when the user logs into the IOLAN.

telnet-options

See Set Telnet-Client in the IOLAN Us er’s Guide.

rlogin-options

See Set Rlogin-Client in the IOLAN User’s Guide.

ssh-options

See Set SSH-Client in the IOLAN User’s Guide.

54 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 57

Show Line Users

Description Shows the users who are on the line. User Level Admin Syntax

SSH

Description Starts an SSH session to the specified host/IP address. User Level Normal, Admin Syntax

Options <hostname/IP_address>

Commands for Users Logged Into the IOLAN

show line users

ssh <hostname/IP_address> [<TCP_port>]

The name (resolvable via DNS) or IP address of the host you wish to connect to with SSH.

<TCP_port>

The port number the target host is listening on for incoming connections. The default for SSH is port number 22.

termtype

Type of terminal attached to this line; for example, ANSI or WYSE60.

authentication rsa

An authentication method used by SSH version 1 and 2. When enabled, an SSH client session will try to authenticate via RSA.

authentication dsa

An authentication method used by SSH version 2. When enabled, an SSH client session will try to authenticate via DSA.

authentication keyboard-interaction

The user types in a password for authentication.Used for SSH2 only.

compression

Requests compression of all data. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks.

protocol

Specify whether you are using SSH-1, SSH-2, or a combination of the two protocols, SSH-2, SSH-1.

ssh-1-cipher

Select the encryption method (cipher) that you want to use for your SSH version 1 connection:

z 3DES z Blowfish

User Commands 55

Page 58

Commands for Users Logged Into the IOLAN

ssh-2-cipher-list

Select the order of negotiation for the encryption method (ciphers) that the IOLAN will use for the SSH version 2 connection:

z 3DES z Blowfish z AES z Arcfour z CAST

user

The name of the user logging into the SSH session.

verbose

Displays debug messages on the terminal.

Syslog Console

Description Starts/stops or displays the status of the syslog console. User Level Admin Syntax

syslog console start|stop

Options start|stop

Show Sessions

Description Shows available sessions. User Level Restricted, Normal, Admin Syntax

Show Termtype

Description Shows the terminal type for the current session. User Level Admin Syntax

Start

Description Starts a predefined session. Only inactive sessions are displayed. User Level Restricted, Normal, Admin Syntax

Options 1|2|3|4

syslog console status

Start or stop console logging. When console logging is enabled, syslog messages will be echoed to the current console. These messages are filtered based on the level set in the (remote) syslog options.

status

Displays the current console logging status (enabled or disabled).

show sessions

show termtype

start 1|2|3|4

The number of the session that you want to start.

56 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 59

Telnet

Commands for Users Logged Into the IOLAN

Description Starts a telnet session to the specified host/IP address. User Level Normal, Admin Syntax

telnet <hostname/IP_address> [<TCP_port>]

[termtype <terminal_name>] [line-mode on|off] [map-cr-crlf on|off] [local-echo on|off] [echo <00-7f>] [eof <00-7f>] [erase <00-7f>] [intr <00-7f>] [quit <00-7f>] [escape <00-7f>]

Options <hostname/IP_address>

The name (resolvable via DNS) or IP address of the host you wish to connect to with Telnet.

<TCP_port>

The port number the target host is listening on for incoming connections. The default for Telnet is port number 23.

termtype

Type of terminal attached to this line; for example, ANSI or WYSE60.

line-mode

When On, keyboard input is not sent to the remote host until Enter is pressed, otherwise input is sent every time a key is pressed. Default is

Off.

map-cr-crlf

Maps carriage returns (CR) to carriage return line feed (CRLF). The default value is

Off.

local-echo

Toggles between local echo of entered characters and suppressing local echo. Local echo is used for normal processing, while suppressing the echo is convenient for entering text that should not be displayed on the screen, such as passwords. This parameter can only be used when

Line Mode is On. Default is Off.

echo

Defines the echo character. When Line Mode is On, typing the echo character echoes the text locally and sends only completed lines to the host. This value is in hexadecimal with a default value of

5 (ASCII value ^E).

eof

Defines the end-of-file character. When Line Mode is On, entering the EOF character as the first character on a line sends the character to the remote host. This value is in hexadecimal with a default value of

4 (ASCII value ^D).

erase

Defines the erase character. When Line Mode is Off, typing the erase character erases one character. This value is in hexadecimal with a default value of 8 (ASCII value ^H).

intr

Defines the interrupt character. Typing the interrupt character interrupts the current process. This value is in hexadecimal with a default value of

3 (ASCII value ^C).

quit

Defines the quit character. Typing the quit character closes and exits the current telnet session. This value is in hexadecimal with a default value of

1c (ASCII value FS).

User Commands 57

Page 60

Configuring Users

escape

Defines the escape character. Returns you to the command line mode. This value is in hexadecimal with a default value of

Version

Description Displays firmware version and build. User Level Normal, Admin Syntax

version

Configuring Users

Add User

Description For units with 4 or less serial ports, you can configure up to 4 users. For units with 8 or

more serial ports, the maximum number of users which can be added is 48. This is in addition to the

User Level Admin Syntax

Option <username>

add user <username>

The name of the user, without spaces. When you finish the command and press Enter, you will be prompted to enter and re-enter a password for the user.

1d (ASCII value GS).

admin user.

Delete User

Description Deletes a user. User Level Admin Syntax

Option <config_user>

delete user <config_user>

You can see a list of users that can be deleted by typing delete user ?. You can not delete the

admin user.

58 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 61

Set Default User

Description Configures the Default User. When adding a new user, the profile of the default user

User Level Admin Syntax

Options callback

Configuring Users

will be used to assign the values of the various parameters of the new user. For example if you set the their service parameter will be set to

set default user [callback on|off] [framed-compression on|off]

service parameter of the default user to ppp, when a new user is added,

ppp.

When On, enter a phone number for the IOLAN to call the user back (the Callback parameter is unrelated to the

Line Dial parameter).

Note: the IOLAN will allow callback only when a user is authenticated. If the protocol over the link does not provide authentication, there will be no callback. Therefore, when the

Line Service is set to PPP, you must use either PAP or CHAP, because these

protocols provide authentication. The default is The IOLAN supports another type of callback,

configurable when the

Line Service is set to PPP.

Off.

Roaming Callback, which is

framed-compression

Used for User Service PPP or SLIP, determines whether Van Jacobsen Compression is used on the link. VJ compression is a means of reducing the standard TCP/IP header from 40 octets to approximately 5 octets. This gives a significant performance improvement, particularly when interactive applications are being used. For example, when the user is typing, a single character can be passed over the link with a packet as small as 5 octets as opposed to 40 octets when no JV compression is used. VJ Compression has little effect on other types of links, such as ftp, where the packets are much larger. The

Compression value set for a Line. The default is Off.

Framed Compression value will be used in preference to the VJ

framed-ip

Used for User Service PPP or SLIP, sets the IP address of the remote user. Enter the address in dot decimal notation as follows:

z 255.255.255.254 (default)—The IOLAN will use the Remote IP Address set in

the PPP settings for the line.

z 255.255.255.255—When the User Service is PPP, the IOLAN will allow the

remote machine to specify its IP address (overriding the Remote IP Address configured in the line, will use the

z n.n.n.n—(where n is a number) Enter the IP address of your choice. This IP

Remote IP Address set for the line (no negotiation).

PPP settings). When the User Service is SLIP, the IOLAN

address will then be used in preference to the Remote IP Address set for a line.

framed-interface-id

Used for User Service PPP, sets the IPv6 address of the remote user.

User Commands 59

Page 62

Configuring Users

framed-mtu

Used for User Service PPP or SLIP, specifies the maximum size of packets, in bytes, being transferred across the link. On noisy links it might be preferable to fragment large packets being transferred over the link, since there will be quicker recovery from errors. Depending on whether you have selected a

User Service of SLIP or PPP, details are as

follows:

z PPP—Framed MTU will be the maximum size of packets that the IOLAN port will

accept. This value is negotiated between the two ends of the link. The valid range is 64-1500. The default value is

z SLIP—Framed MTU will be the maximum size of packets being sent by the

1500 bytes.

IOLAN. The IOLAN will send SLIP packets in the range 256-1500 bytes. The default value is

The

Framed MTU value will be used in preference to the MTU/MRU values set for a

Line.

256 bytes.

hotkey-prefix

The prefix that a user types to control the current session. The default value is hex 01, which corresponds to

z ^a number—To switch from one session to another, press ^a and then the required

session number. For example,

Ctrl-a (^a) (hex value 02 would be Ctrl-b (^b), etc.):

^a 2 would switch you to session 2. Pressing ^a 0

will return you to the IOLAN Menu.

z ^a n—Display the next session. The current session will remain active. The lowest

numbered active session will be displayed.

z ^a p—Display the previous session. The current session will remain active. The

highest numbered active session will be displayed.

z ^a m—To exit a session and return to the IOLAN. You will be returned to where

you left off. The session will be left running.

z ^a l—(Lowercase L) Locks the line until the user unlocks it. The user is prompted

for a password (any password, excluding spaces) and locks the line. Next, the user must retype the password to unlock the line.

z ^r—When you switch from a session back to the Menu, the screen may not be

redrawn correctly. If this happens, use this command to redraw it properly. This is always

The

User Hotkey Prefix value overrides the Line Hotkey Prefix value. You can use the

Hotkey Prefix keys to lock a line only when the line Lock parameter is On.

Ctrl R, regardless of the Hotkey Prefix.

idle-timer

The amount of time, in seconds, that the Idle Timer will run. Use this timer to close a connection because of inactivity. When the

Idle Timer expires, because there has been

no exchange of data within the specified time, the IOLA N will close the connection. The default value is

0 (zero), meaning that the Idle Timer will not expire (the

connection is open permanently). The maximum value is 4294967

Idle Timer

will override the Line Idle Timer, with the exception of reverse SSH or

reverse Telnet sessions.

host-ip

For outbound User Services such as Telnet, Rlogin, or SSH, this is the target host name or IP address. If no IP address is specified, the configuration will be used. The default is

Host IP value in the Default User

0.0.0.0. or None.

language

60 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Customlang defaults to English.

seconds. The User

Page 63

Configuring Users

level

The access that a user is allowed:

z Admin—The admin level user has total access to the IOLAN. You can create more

than one admin user account but we recommend that you only have one. They can monitor and configure the IOLAN.

z Normal—The Normal level user has limited access to the IOLAN. Limited CLI

commands and Menu access are available with the ability to configure the user’s own configuration settings.

z Restricted—The Restricted level user can only access predefined sessions or

access the Easy Port Access menu.

z Menu—The menu level user will only be able to access predefined session or

access the Easy Port Access menu. The Easy Port Access allows the user to connect to the accessible line without disconnecting their initial connection to the IOLAN. Does not have any access to CLI commands.

netmask

This is used for the PPP or SLIP Service types. Only used for IPv4. If the remote user is on a subnet, enter the network’s subnet mask. For example, a subnet mask of

255.255.0.0.

line-access

Specifies the user access rights to each IOLAN device line. Options are:

z Read/Write—Users are given read and write access to the line. z Read In—Users are given access to read only outbound data, data that is going

from the IOLAN to the device.

z Read Out—Users are given access to read only inbound data, data that is going

from the device to the IOLAN.

Users can read data going in both directions by selecting both the

Out options. The on|off option is only for 1-port models. You can disable line access

in 2-port + models by specifying

0 (zero).

Read In and Read

phone-number

The phone number the IOLAN will dial to callback the user (you must have set

Callback to On). Enter the number without spaces. To change the phone number,

overwrite the previous entry; to clear the phone number, set it to "" (double quotes without a space).

routing

Determines the routing mode used for RIP packets on the PPP and SLIP interfaces for this user. Values are:

service

The type of service that the user will use.

User Commands 61

Page 64

Configuring Users

Set User

sess-timer

The amount of time, in seconds, that the Session Timer will run. Use this timer to forcibly close a user’s session (connection). When the IOLAN will end the connection. The default value is

Session Timer expires, the

0 (zero), meaning that the session

timer will not expire (the session is open permanently, or until the user logs out). The maximum value is 4294967

Session Timer

, with the exception of reverse SSH or reverse Telnet sessions.

seconds. The User Session Timer will override the Line

port .For outbound User Services such as Telnet, SSH, TCP clear or SSL raw, this is the

target port number. The default value will change based on the type of

Service selected;

the most common known port numbers are used as the default values.

access-clustered-ports

When enabled, allows the user access to IOLANs that have been configured in the clustering group. The default is on.

Description Sets users settings. Normal-level users can configure only their own settings.

Admin-level users can configure any users settings, including their own (with the exception of their User Level, which must stay at Admin).

User Level Normal, Admin Syntax

Admin User Only

set user . [hotkey-prefix <00-7f>] [language english|customlang]

[password] [routing none|send|listen|send-and-listen]

set user .|<username>|* [callback on|off]

Options callback

When On, enter a phone number for the IOLAN to call the user back (the Callback parameter is unrelated to the

Line Dial parameter).

Note: the IOLAN will allow callback only when a user is authenticated. If the protocol over the link does not provide authentication, there will be no callback. Therefore, when the

Line Service is set to PPP, you must use either PAP or CHAP, because these

protocols provide authentication. The default is The IOLAN supports another type of callback,

configurable when the

Line Service is set to PPP.

Off.

Roaming Callback, which is

62 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 65

Configuring Users

framed-compression

Compression value set for a Line. The default is Off.

Framed Compression value will be used in preference to the VJ

framed-ip

Used for User Service PPP or SLIP, sets the IP address of the remote user. Enter the address in dot decimal notation as follows:

z 255.255.255.254 (default)—The IOLAN will use the Remote IP Address set in

the

PPP settings for the line.

z 255.255.255.255—When the User Service is PPP, the IOLAN will allow the

remote machine to specify its IP address (overriding the Remote IP Address configured in the line, will use the

z n.n.n.n—(where n is a number) Enter the IP address of your choice. This IP

Remote IP Address set for the line (no negotiation).

address will then be used in preference to the

PPP settings). When the User Service is SLIP, the IOLAN

Remote IP Address set for a line.

framed-interface-id

Used for User Service PPP, sets the IPv6 address of the remote user.

framed-mtu

User Service of SLIP or PPP, details are as

follows:

z PPP—Framed MTU will be the maximum size of packets that the IOLAN port will

accept. This value is negotiated between the two ends of the link. The valid range is 64-1500. The default value is

z SLIP—Framed MTU will be the maximum size of packets being sent by the

1500 bytes.

IOLAN. The IOLAN will send SLIP packets in the range 256-1500 bytes. The default value is

The

Framed MTU value will be used in preference to the MTU/MRU values set for a

Line.

256 bytes.

User Commands 63

Page 66

Configuring Users

hotkey-prefix

The prefix that a user types to control the current session. The default value is hex 01, which corresponds to

z ^a number—To switch from one session to another, press ^a and then the required

session number. For example,

Ctrl-a (^a) (hex value 02 would be Ctrl-b (^b), etc.):

^a 2 would switch you to session 2. Pressing ^a 0

will return you to the IOLAN Menu.

z ^a n—Display the next session. The current session will remain active. The lowest

numbered active session will be displayed.

z ^a p—Display the previous session. The current session will remain active. The

highest numbered active session will be displayed.

z ^a m—To exit a session and return to the IOLAN. You will be returned to where

you left off. The session will be left running.

z ^a l—(Lowercase L) Locks the line until the user unlocks it. The user is prompted

for a password (any password, excluding spaces) and locks the line. Next, the user must retype the password to unlock the line.

z ^r—When you switch from a session back to the Menu, the screen may not be

redrawn correctly. If this happens, use this command to redraw it properly. This is always

The

User Hotkey Prefix value overrides the Line Hotkey Prefix value. You can use the

Hotkey Prefix keys to lock a line only when the line Lock parameter is On.

Ctrl R, regardless of the Hotkey Prefix.

idle-timer

The amount of time, in seconds, that the Idle Timer will run. Use this timer to close a connection because of inactivity. When the

Idle Timer expires, because there has been

no exchange of data within the specified time, the IOLA N will close the connection. The default value is connection is open permanently). The maximum value is 4294967

Idle Timer

will override the Line Idle Timer, with the exception of reverse SSH or

0 (zero), meaning that the Idle Timer will not expire (the

seconds. The User

reverse Telnet sessions.

host-ip

For outbound User Services such as Telnet, Rlogin, or SSH, this is the target host name or IP address. If no IP address is specified, the configuration will be used. The default is

Host IP value in the Default User

0.0.0.0. or None.

language

Customlang defaults to English.

level

The access that a user is allowed:

z Admin—The admin level user has total access to the IOLAN. You can create more

than one admin user account but we recommend that you only have one. They can monitor and configure the IOLAN.

z Normal—The Normal level user has limited access to the IOLAN. Limited CLI

commands and Menu access are available with the ability to configure the user’s own configuration settings.

z Restricted—The Restricted level user can only access predefined sessions or

access the Easy Port Access menu.

z Menu—The menu level user will only be able to access predefined session or

64 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 67

Configuring Users

netmask

This is used for the PPP or SLIP Service types. Only used for IPv4. If the remote user is on a subnet, enter the network’s subnet mask. For example, a subnet mask of

255.255.0.0.

password

The password the user will need to enter to login to the IOLAN. This case-sensitive field accepts a maximum of 16 characters.

line-access

Specifies the user access rights to each IOLAN device line. Options are:

z Read/Write—Users are given read and write access to the line. z Read In—Users are given access to read only outbound data, data that is going

from the IOLAN to the device.

z Read Out—Users are given access to read only inbound data, data that is going

from the device to the IOLAN.

Users can read data going in both directions by selecting both the

Out options. The on|off option is only for 1-port models. You can disable line access

in 2-port + models by specifying

0 (zero).

Read In and Read

phone-number

The phone number the IOLAN will dial to callback the user (you must have set

Callback to On). Enter the number without spaces. To change the phone number,

overwrite the previous entry; to clear the phone number, set it to

"" (double quotes

without a space).

routing

Determines the routing mode used for RIP packets on the PPP and SLIP interfaces for this user. Values are:

service

The type of service that the user will use.

sess-timer

The amount of time, in seconds, that the Session Timer will run. Use this timer to forcibly close a user’s session (connection). When the IOLAN will end the connection. The default value is

Session Timer expires, the

0 (zero), meaning that the session

timer will not expire (the session is open permanently, or until the user logs out). The maximum value is 4294967

Session Timer, with the exception of reverse SSH or reverse Telnet sessions.

seconds. The User Session Timer will override the Line

port .For outbound User Services such as Telnet, SSH, TCP clear or SSL raw, this is the

target port number. The default value will change based on the type of Service selected; the most common known port numbers are used as the default values.

access-clustered-ports

When enabled, allows the user access to IOLANs that have been configured in the clustering group. The default is on.

User Commands 65

Page 68

Configuring Users

Set User Session

Description Configures a users session settings. See Set User Session on page 54 for a description User Level Admin

Syntax

of the options.

set user .|<username>|* session 1|2|3|4|* [auto on|off]

[type off|telnet|rlogin|ssh]

set user .|<username>|* session 1|2|3|4|* telnet-options

[host <config_host>] [port <TCP_port>] [termtype <terminal_name>] [line-mode on|off] [map-cr-crlf on|off] [local-echo on|off] [echo <00-7f>] [eof <00-7f>] [erase <00-7f>] [intr <00-7f>] [quit <00-7f>]

set user .|<username>|* session 1|2|3|4|* rlogin-options

[host <config_host>] [termtype <terminal_name>]

set user .|<username>|* session 1|2|3|4|*

Show Default User

Description Shows the Default Users settings. User Level Admin Syntax

Show User

Description Shows user configuration settings. User Level Admin Syntax

Options <configured_user>

set user .|<username>|* session 1|2|3|4|* ssh-options

ssh-2-cipher-list <3des blowfish cast aes arcfour>

show default user

show user <configured_user>|.

Show the settings for the specified user. .

Show the settings for the current user.

66 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 69

Line Commands Chapter 4

This chapter defines all the CLI commands associated with configuring the IOLAN’s line parameters.

1-Port vs. 2-Port+ Line Commands

If you are using a 1-port IOLAN, the admin user does not have the option of using the number or all (*) options in the line commands, as there is only one line. In a 2-port+ IOLAN, the admin user must specify lines.

. (current line), <number> (line number), or * (sets value for all lines) when configuring

Line Commands

Set Line

Description Configures line parameters. The set line command does not work on modem

ports/lines on models that have an internal modem.

User Level Normal, Admin Syntax

Admin User Only

Options mode

set line . [data-bits 5|6|7|8]

set line .|<number>|* ... [mode enabled|disabled] [break on|off]

Enables/disables a line (available only on 2-port+ models). The default is enabled.

data-bits

Specifies the number of bits in a byte. The default is 8.

IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6 67

Page 70

Line Commands

connection-method

Determines how a modem will work on the line. Select from the following options:

z Direct Connect—Indicates that there is not a modem on the line. This is the

default.

z Dial In—Specify this option when a user is remote and will be dialing in via

modem or ISDN TA.

z Dial Out—Specify this option when a modem is attached to the serial port and is

being used to dial out.

z Dial In/Out—Specify this option when the IOLAN is being used as a router

(depending on which end of the link your IOLAN is situated and how you want to initiate the communication).

z MS Direct-Host—Specify this option when the serial port is connected to a

Microsoft Guest device.

z MS Direct-Guest—Specify this option when the serial port is connected to a

Microsoft Host device.

Line Service must be set to PPP for this option.

idle-timer

Enter a time period, in seconds, for which the Idle Timer will run. Use this timer to close a connection because of inactivity. When the

Idle Timer expires, the IOLAN will

end the connection. The maximum value is 4294967 seconds (about 49 days). The default value of

0 (zero) means the Idle Timer will not expire, so the connection is

permanently open.

line-name

Provide a name for the line so it can be easily identified. The Remote Port Buffering logging feature uses the

Line Name when creating a file on the remote NFS server.

modem-name

The name of the predefined modem that is used on this line.

pages

For DSLogin line service, this is the number of video pages the terminal supports. Valid values are 1-7. The default is

5 pages.

parity

Specifies if you are using Even, Odd, or No parity on the line. If you want to force a parity type, you can specify Mark for 1or Space for 0.

phone-number

The phone number to use when Connection Method is set to Dial Out.

rev-sess-security

Enables/disables login/password authentication, locally or externally, on reverse Telnet connections. The default is

Off.

sess-time

Enter a time, in seconds, for which the Session Timer will run. Use this timer to forcibly close the session (connection). When the

Session Timer expires, the IOLAN

will end the connection. The default value is 0 seconds so the port will never timeout. The maximum value is 4294967 seconds (about 49 days).

68 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 71

Line Commands

break

Specifies how a break is interpreted:

z off—The IOLAN ignores the break key completely and it is not passed through to

the host. This is the default setting.

z local—The IOLAN deals with the break locally. If the user is in a session, the

break key has the same effect as a hot key.

z remote—When the break key is pressed, the IOLAN translates this into a telnet

break signal which it sends to the host machine.

z break-interrupt—On some systems such as SunOS, XENIX, and AIX, a break

received from the peripheral is not passed to the client properly. If the client wishes to make the break act like an interrupt key (for example, when the stty options

-ignbrk and brkintr are set).

map-cr-crlf

When Line Service Printer is selected, defines the default end-of-line terminator as CR-LF (ASCII carriage-return line-feed) when enabled. Default is

Off.

data-logging

When enabled, serial data will be buffered if the TCP connection is lost. When the TCP connection is re-established, the buffered serial data will be sent to its destination (this option is not available when

Monitor DSR, Monitor DCD, or Multihost is enabled).

The data buffer is 4K for desktop models and 32K for rack mount models. If the data buffer is filled, incoming serial data will overwrite the oldest data.

The default is

off.

flowin

Determines if input flow control is to be used. Default is On. This is active only when

Line Flow Control is set to Soft, Hard, or Both.

flowout

Determines if output flow control is to be used. Default is On. This is active only when

Line Flow Control is set to Soft, Hard, or Both.

hotkey-prefix

The prefix that a user types to lock a line or redraw the Menu. The default value is hex

01, which corresponds to Ctrl-a (^a) (hex value 02 would be Ctrl-b (^b), etc.):

z ^a l—(Lowercase L) Locks the line until the user unlocks it. The user is prompted

for a password (any password, excluding spaces) and locks the line. Next, the user must retype the password to unlock the line.

z ^r—When you switch from a session back to the Menu, the screen may not be

redrawn correctly. If this happens, use this command to redraw it properly. This is always

You can use the

On.

Ctrl R, regardless of the Hotkey Prefix.

Hotkey Prefix key to lock a line only when the Line Lock parameter is

initial

Specifies the initial interface a user navigates when logging into the line; either the

Menu or a prompt for the CLI. The default is CLI.

Line Commands 69

Page 72

Line Commands

keepalive

Enables a per-connection TCP keepalive feature. After the configured number of seconds, the connection will send a gratuitous ACK to the network peer, thus either ensuring the connection stays active OR causing a dropped connection condition to be recognized.

This parameter needs to be used in conjunction with server parameter, monitor-connection-every. The interval determines how long the IOLAN will wait during inactivity before "testing" the connection. It should be noted that if a network connection is accidentally dropped, it can take as long as the specified interval before anyone can reconnect to the serial port.

lock

When enabled, the user can lock his terminal with a password using the Hotkey Prefix (default Ctrl-a) ^a l (lowercase L). The IOLAN prompts the user for a password and a confirmation.

microsoft-sac-support

When enabled, the user can lock his terminal with a password using the Hotkey Prefix (default Ctrl-a) ^a l (lowercase L). The IOLAN prompts the user for a password and a confirmation.

motd

Enables/disables the message of the day on the line.

multisessions

This parameter defines the maximum number of additional reverse sessions which will be allowed for this line allowing more control as to how the total reverse sessions are allocated. This is on top of the main reverse session to the line.

The total number of reverse sessions on the IOLAN are dependent on the model:

z 1-port: 0-3 z 2-port: (4 x #-of-ports) -1 z STS/SDS 4+ ports: (2 x #-of-ports) -1 z SCS 4+ ports: (2 x (#-of-ports + 1)) -1

user

For DSLogin line service, makes this a line that is dedicated to the specified user. Only this user will be able to log in on this line and they won’t need to enter their login name

- just their password. When the

Line Service is set to Direct or Silent Rlogin, the User

parameter is used as the Rlogin user name (since Rlogin will not prompt you for a user name).

nouser

Blanks out the User parameter, in case you want to change a dedicated user line to an undedicated line.

reset

Resets the terminal type connected to the line when a user logs out.

dial-timeout

The number of seconds the IOLAN will wait to establish a connection to a remote modem. The default value is

45 seconds.

dial-retries

The number of times the IOLAN will attempt to re-establish a connection with a remote modem. The default value is

70 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 73

Line Commands

stop-bits

Specifies the number of stop bits that follow a byte. The 1.5 option is only available on the 1-port and 2-port models, but not on the modem of the SDS1M or SDS3M models.

term-type

Specifies the type of terminal connected to the line:

z Dumb z WYSE60 z VT100 z ANSI z TVI925 z IBM3151TE z VT320 (specifically supporting VT320-7) z HP700 (specifically supporting HP700/44) z Term1, Term2, Term3 (user-defined terminals)

line-termination

Used with EIA-422 and EIA-485 on SDS 8-port+ IOLAN models, specifies whether or not the line requires termination. When termination is required, you need to terminate the line at both ends of the connection.

internet-address

Used with reverse sessions, users can access serial devices connected to the IOLAN by the specified Internet Address (or host name that can be resolved by a DNS). You must reboot the IOLAN for the

Internet Address to take affect (the kill line option does not

apply to this parameter). This parameter must be in IPv4 format.

Line Commands 71

Page 74

Line Commands

Set Line Interface

The SCS and STS IOLAN models only support the EIA-232 interface and therefore does not require the

interface parameter, instead you can just set the parameters for the EIA-232 interface.

Description Configures line interface (hardware) parameters. User Level Admin Syntax

set line .|<number>|* interface eia-232 [monitor-dcd on|off]

[monitor-dsr on|off] [flow none|soft|hard|both] [speed 50|75|110|134|150|200|300|600|1200|1800|2400|4800|9600| 19200|38400|57600|115200|230400|28800|custom <baud_rate>]

set line .|<number>|* interface eia-422

[flow none|soft|hard|both] [speed 50|75|110|134|150|200|300|600|1200|1800|2400|4800| 9600|19200|38400|57600|115200|230400|28800| custom <baud_rate>]]

set line .|<number>|* interface eia-485-half-duplex

[tx-driver-control auto|rts] [flow none|soft] [echo-suppression on|off]] [speed 50|75|110|134|150|200|300|600|1200|1800|2400|4800| 9600|19200|38400|57600|115200|230400|28800|custom <baud_rate>]

set line .|<number>|* interface eia-485-full-duplex

[tx-driver-control auto|rts] [flow none|soft] [speed 50|75|110|134|150|200|300|600|1200|1800|2400|4800| 9600|19200|38400|57600|115200|230400|28800|custom <baud_rate>]

Options eia-232 | eia-422 | eia-485-half-duplex|eia-485-full-duplex

Specifies the type of serial line that is being used with the IOLAN. Specify either EIA-232, EIA-422, EIA-485-half-duplex, or EIA-485-full-duplex. The STS and SCS models support only EIA-232.

monitor-dcd

Specifies whether the RS-232 signal DCD (Data Carrier Detect) should be monitored. This is used with modems or any other device that sends a DCD signal. When it is monitored and the IOLAN detects a DCD signal, the line service is started. Default is

Off. If both Monitor DCD and Monitor DSR are enabled, both signals must be detected

before the line service is started.

monitor-dsr

Specifies whether the RS-232 signal DSR (data set ready) should be monitored. This is used with modems or any device that sends a DSR signal. When it is monitored and the IOLAN detects a DSR signal, the line service is started. Default is

DCD and Monitor DSR are enabled, both signals must be detected before the line

service is started.

flow

Defines whether the data flow is handled by the software (Soft), hardware (Hard),

Both, or None. If you are using SLIP, set to Hard only. If you are using PPP, set to

either

Soft or Hard (Hard is recommended). If you select Soft with PPP, you must set

the

ACCM parameter when you configure PPP for the Line.

Off. If both Monitor

tx-driver-control

Used with a EIA-485 serial interface, if your application supports RTS (Request To Send), select this option. Otherwise, select

72 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Auto. Default is Auto.

Page 75

Set Line Service

Description Sets the service for the line. For services that need further configuration, see Line

User Level Admin Syntax

Line Commands

duplex

Specify whether the line is Full Duplex (communication both ways at the same time) or

Half Duplex (communication in one direction at a time).

echo-suppression

This parameter applies only to EIA-485 Half Duplex mode. All characters will be echoed to the user and transmitted across the serial ports. Some EIA-485 applications require local echo to be enabled in order to monitor the loopback data to determine that line contention has occurred. If your application cannot handle loopback data, echo suppression should be

On. The default is echo suppression Off.

speed

Specifies the baud rate of the line; keep in mind that speed is affected by the length of the cable. You can also specify a custom baud rate; valid values are 50 - 1843200.

Service Commands on page 77 to find the Line Service that you want to configure.

SSL/TLS can be enabled for the following Line Services: DSLogin, Raw, Bidir, VModem, Server Tunnel, Client Tunnel, Modbus Master, Custom App, and TruePort.

set line .|<number>|* service bidir <config_host> <server_port>

<host_port>

set line .|<number>|* service direct|silent rlogin <config_host>

set line .|<number>|* service direct raw <config_host>

<host_port>

set line .|<number>|* service silent raw <config_host>

<host_port> [multihost all|backup <config_backup_host> <host_port>|none]

set line .|<number>|* service direct|silent telnet|ssh

<config_host> [<host_port>]

set line .|<number>|* service reverse raw [multihost on|off]|

ssh|telnet <server_port>

set line .|<number>|* service client-tunnel <config_host>

<host_port>

set line .|<number>|* service server-tunnel <server_port>

vmodem|modbus-master|modbus-slave|custom-app|power-management

set line .|<number>|* service trueport client-initiated off

<config_host> <host_port> [signal-active on|off] [multihost all|backup <config_backup_host> <host_port>|none]

set line .|<number>|* service trueport client-initiated on

<server_port> [signal-active on|off] [multihost on|off]

Line Commands 73

Page 76

Line Commands

Options bidir

This service allows the IOLAN listen for incoming TCP connection and if needed, initiate a TCP connection.

<config_host>

The name of the target host. The host must exist in the IOLAN host table.

<server_port>

The IOLAN port number.

<host_port>

The port number the target host is listening on for incoming connections.

direct

Direct connections bypass the IOLAN, enabling the user to log straight into a specific host. A direct connection is recommended where a user logging in to the IOLAN is not required. It is also recommended where multiple sessions are not a requirement. The message must press a key to display the host login prompt. The message is redisplayed on logout.

silent

Silent connections are the same as direct connections, except they are permanently established. The host login prompt is displayed on the screen. Logging out redisplays this prompt. Silent connections, unlike direct connections, however, make permanent use of pseudo tty resources and therefore consume host resources even when not in use.

Press return to continue is displayed on the users screen. The user

rlogin

Sets the line for a remote login connection.

raw

Creates a connection where no authentication takes place and data is passed unchanged.

telnet

Sets the line for a telnet connection.

ssh

Sets the line for an SSH connection.

reverse

Enables a TCP/IP host to establish a login connection on an external machine attached to a port. For example, to access machines like protocol converters, statistical multiplexors, or machines like routers, firewalls, servers, etc.

client-tunnel

Sets the line for a client tunnel connection.

dslogin

The default connection. The IOLAN displays a login on that line. For example,

DSLogin is used when a System Administrator configures the IOLAN, providing

authentication of a user before starting a

User Service of SLIP, or users starts a

session(s) from the IOLAN to hosts.

printer

Using the IOLAN as a printer server. For example, remote printing using LPD (port

515) or RCP (port 514).

74 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 77

ppp

Sets the port to a dedicated PPP line.

slip

Sets the port in SLIP mode.

udp

Sets the line to listen for and/or send UDP data.

vmodem

The IOLAN port behaves as if it were a modem to the attached device.

server-tunnel

Sets the line for a server tunnel connection.

modbus-master

Sets the line to act as a Modbus master.

custom-app

Sets the line to use the custom application created with the SDK.

power-management

Line Commands

Indicates that there is a power bar connection to this serial line.

trueport

Sets the line to communicate with the TruePort utility. You must install the TruePort utility on the host machine.

client-initiated

When this option is turned on, the IOLAN will wait for a connection from the TruePort host (see the TruePort documentation for information on how to set up this feature on the TruePort host). When this option is turned off, the IOLAN will initiate the connection to the TruePort host. The default is off.

signal-active

This option has the following impact based on the state of the TruePort connection:

z TruePort Lite Mode—When enabled, the EIA-232 signals remain active before,

during, and after the TruePort connection is established. When disabled, the EIA-232 signals remain inactive when there is no TruePort connection and active when there is a TruePort connection.

z TruePort Full Mode—When enabled, the EIA-232 signals remain active before

and after the TruePort connection and the TruePort client will control the state of the signals during the established TruePort connection. When disabled, the EIA-232 signals remain inactive before and after the TruePort connection and the TruePort client will control the state of the signals during the established TruePort connection.

Default: Enabled multihost

Used for connections coming from the network to the serial port for TruePort or Raw services, allows multiple hosts to connect to the serial device.

multihost all|backup <config_backup_host> <tcp_port>|none

Used for connections going from the serial port to the network for TruePort or Silent Raw services, allows the serial device to communicate to either all the hosts in the multihost list or a primary/backup host schema (see Configuring Multi ple Hosts in the IOLAN User’s Gu ide for a more detailed explanation).

Line Commands 75

Page 78

Line Commands

Set Modem

Description Sets the modem initialization strings for a defined modem. If you wish to add a new User Level Admin

Syntax Options <modem_name>

Set Termtype

Description Sets the terminal type for the current terminal session. term1, term2, and term3 refer to

User Level Restricted, Normal, Admin Syntax

modem, use the

set modem <modem_name> <init_string>

add modem command.

Predefined modem name.

<init_string>

Specify the initialization string for the modem. This can be up to 60 characters long, but cannot include spaces.

the user-uploadable custom terminal definitions. If these are not present, the default is wyse60.

set termtype

Show Line

Specifies the type of terminal connected to the line:

z Dumb z WYSE60 z VT100 z ANSI z TVI925 z IBM3151TE z VT320 (specifically supporting VT320-7) z HP700 (specifically supporting HP700/44) z Term1, Term2, Term3 (user-defined terminals)

Description Shows the line settings/information. User Level Admin Syntax

show line <number>|*

76 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 79

Line Service Commands

Set Custom-App

Description You can create a custom application that can run on a specific serial line in IOLAN

using the Perle SDK.

User Level Admin Syntax Options program-command-line

Set Rlogin-Client

set custom-app line .|<number>|* program-command-line <command>

outraw -s 0 192.168.2.1:10001 Acct:10001

if you were starting the application on the Server (notice the Line 1).

outraw program, you would type:

shell CLI command as described in the SDK Programmer’s Guide

Line Service Commands

-s 0 parameter specifies

Description Configures the Rlogin parameters for the specified line. When the IOLAN initiates an User Level Normal, Admin

Syntax Option termtype

Set Telnet-Client

Description Configures the Telnet parameters for the specified line. When the IOLAN initiates a User Level Normal, Admin

Syntax

Options termtype

rlogin connection to a host, it is acting as a rlogin client.

set rlogin-client line .|<number>|* termtype <terminal_name>

Type of terminal attached to this line; for example, ansi or wyse60.

Telnet connection to a host, it is acting as a Telnet client.

set telnet-client line .|<number>|* [termtype <terminal_name>]

[line-mode on|off] [map-cr-crlf on|off] [local-echo on|off] [echo <00-7f>] [eof <00-7f>] [erase <00-7f>] [intr <00-7f>] [quit <00-7f>] [escape <00-7f]

Type of terminal attached to this line; for example, ANSI or WYSE60.

line-mode

When On, keyboard input is not sent to the remote host until Enter is pressed, otherwise input is sent every time a key is pressed. Default is Off.

map-cr-crlf

Maps carriage returns (CR) to carriage return line feed (CRLF). The default value is

Off.

local-echo

Line Mode is On. Default is Off.

Line Commands 77

Page 80

Line Service Commands

echo

Defines the echo character. When Line Mode is On, typing the echo character echoes the text locally and sends only completed lines to the host. This value is in hexadecimal with a default value of

5 (ASCII value ^E).

eof

4 (ASCII value ^D).

erase

Defines the erase character. When Line Mode is Off, typing the erase character erases one character. This value is in hexadecimal with a default value of

8 (ASCII value ^H).

intr

Defines the interrupt character. Typing the interrupt character interrupts the current process. This value is in hexadecimal with a default value of

3 (ASCII value ^C).

quit

Defines the quit character. Typing the quit character closes and exits the current telnet session. This value is in hexadecimal with a default value of

1c (ASCII value FS).

Set SSH-Client

Description Configures the SSH parameters for the specified line. When the IOLAN initiates a SSH User Level Normal, Admin

Syntax

Options termtype

escape

Defines the escape character. Returns you to the command line mode. This value is in hexadecimal with a default value of

1d (ASCII value GS).

connection to a host, it is acting as a SSH client.

set ssh-client line .|<number>|* [termtype <terminal_name>]

set ssh-client line .|<number>|*

ssh-2-cipher-list <3des blowfish cast aes arcfour>

Type of terminal attached to this line; for example, ANSI or WYSE60.

protocol

Specify the SSH protocol you want to use for the connection, SSH-1, SSH-2, or either, SSH2/1.

compression

Requests compression of all data. Compression is desirable on modem lines and other slow connections, but will only slow down things on fast networks.

verbose

Displays debug messages on the terminal.

78 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 81

Line Service Commands

auto-login

Creates an automatic SSH login, using the Name and Password values.

name

The user’s name when Auto Login is enabled.

password

The user’s password when Auto Login is enabled.

ssh-1-cipher

Select the encryption method (cipher) that you want to use for your SSH version 1 connection:

z 3DES z Blowfish

ssh-2-cipher-list

Select the order of negotiation for the encryption method (ciphers) that the IOLAN will use for the SSH version 2 connection:

z 3DES z Blowfish z AES z Arcfour z CAST

authentication rsa

An authentication method used by SSH version 1 and 2. When enabled, an SSH client session will try to authenticate via RSA.

authentication dsa

An authentication method used by SSH version 2. When enabled, an SSH client session will try to authenticate via DSA.

authentication keyboard-interactive

The user types in a password for authentication.Used for SSH2 only.

Line Commands 79

Page 82

Line Service Commands

Set PPP

Description Configures the Lines PPP settings. User Level Admin Syntax

Options accm

set ppp wireless-wan|line .|<number>|* [accm <8_hex_digits>]

[address-comp on|off] [auth-tmout <integer>] [challenge-interval <integer>] [cr-retry <integer>] [cr-timeout <integer>] [ipaddr-neg on|off] [ipv6-global-network-address <IPv6_network_prefix>] [ipv6-local-interface <interface_id>] [ipv6-remote-interface <interface_id>] [lipaddr <IPV4_address>] [magic-neg on|off] [mru <64-1500>] [nak-retry <integer>] [netmask <IPV4_address>] [password <string>] [proto-comp on|off] [ripaddr <IPV4_address>] [roaming-callback on|off] [authentication none|pap|chap] [routing none|send|listen|send-and-listen] [rpassword <string>] [ruser <string>] [tr-retry <integer>] [tr-tmout <integer>] [user <string>] [vj-comp on|off]

Specifies the ACCM (Asynchronous Control Character Map) characters that should be escaped from the data stream. This is entered as a 32-bit hexadecimal number with each bit specifying whether or not the corresponding character should be escaped. The bits are specified as the most significant bit first and are numbered 31-0. Thus if bit 17 is set, the 17th character should be escaped, that is, 0x11 (XON). So entering the value 000a0000 will cause the control characters 0x11 (XON) and 0x13 (XOFF) to be escaped on the link, thus allowing the use of XON/XOFF (software) flow control. If you have selected

000a0000 for the ACCM. The default value is 00000000, which means no characters

Soft Flow Control on the Line, you must enter a value of at least

will be escaped.

address-comp

This determines whether compression of the PPP Address and Control fields take place on the link. The default is

On. For most applications this should be enabled.

auth-tmout

The timeout, in minutes, during which successful PAP or CHAP authentication must take place (when PAP or CHAP is turned On). If the timer expires before the remote end has been authenticated successfully, the link will be terminated.

challenge-interval

The interval, in minutes, for which the IOLAN will issue a CHAP re-challenge to the remote end. During CHAP authentication, an initial CHAP challenge takes place, and is unrelated to CHAP re-challenges. The initial challenge takes place even if re-challenges are disabled. Some PPP client software does not work with CHAP re-challenges, so you might want to leave the parameter disabled in the IOLAN. The default value is

0 (zero),

meaning CHAP re-challenge is disabled.

cr-retry

The maximum number of times a configure request packet will be re-sent before the link is terminated.

cr-timeout

The maximum time, in seconds, that LCP (Link Control Protocol) will wait before it considers a

configure request packet to have been lost.

80 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 83

Line Service Commands

ipaddr-neg

Specifies whether or not IP address negotiation will take place. IP address negotiation is where the IOLAN allows the remote end to specify its IP address. The default value is

Off. When On, the IP address specified by the remote end will be used in preference to

the

Remote IP Address set for a Line. When Off, the Remote IP Address set for the

Line will be used.

ipv6-global-network-prefix

You can optionally specify an IPv6 global network prefix that the IOLAN will advertise to the device at the other end of the PPP link. Enter the IPv6 network prefix in the

aaaa:bbbb:cccc:dddd:: format.

ipv6-local-interface

The local IPv6 interface identifier of the IOLAN end of the PPP link. For routing to work, you must enter a local IP address. Choose an address that is part of the same network or subnetwork as the remote end. Do not use the IOLAN’s (main) IP address in this field; if you do so, routing will not take place correctly. The first 64 bits of the Interface Identifier must be zero, therefore, ::abcd:abcd:abcd:abcd is the expected format.

ipv6-remote-interface

The remote IPv6 interface identifier of the remote end of the PPP link. Choose an address that is part of the same network or subnetwork as the IOLAN. If you set the

PPP parameter IP Address Negotiation to On, the IOLAN will ignore the remote IP

address value you enter here and will allow the remote end to specify its IP address. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-Interface-ID is set in the RADIUS file, the IOLAN will use the value in the

RADIUS file in preference to the value configured here. The first 64 bits of the Interface Identifier must be zero, therefore, ::abcd:abcd:abcd:abcd is the expected format.

lipaddr

The IPV4 IP address of the IOLAN end of the PPP link. For routing to work, you must enter a local IP address. Choose an address that is part of the same network or subnetwork as the remote end; for example, if the remote end is address

192.101.34.146, your local IP address can be 192.101.34.145. Do not use the IOLAN’s (main) IP address in this field; if you do so, routing will not take place correctly.

magic-neg

Determines if a line is looping back. If enabled (On), random numbers are sent on the link. The random numbers should be different, unless the link loops back. The default is

Off.

mru

The Maximum Receive Unit (MRU) parameter specifies the maximum size of PPP packets that the IOLAN’s port will accept. Enter a value between 64 and 1500 bytes; for example, 512. The default value is

1500. If your user is authenticated by the IOLAN,

the MRU value will be overridden if you have set a Framed MTU value for the user. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-MTU is set

in the RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here.

nak-retry

The maximum number of times a configure NAK packet will be re-sent before the link is terminated.

Line Commands 81

Page 84

Line Service Commands

netmask

The network subnet mask. For example, 255.255.0.0. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-Netmask is set in the RADIUS file, the

IOLAN will use the value in the RADIUS file in preference to the value configured here.

password

This field defines the password which is associated with the user defined by the user parameter. It is used to authenticate a user connecting to the IOLAN. You can enter a maximum of 16 alphanumeric characters.

proto-comp

This determines whether compression of the PPP Protocol field takes place on this link. The default is

On.

ripaddr

The IPV4 IP address of the remote end of the PPP link. Choose an address that is part of the same network or subnetwork as the IOLAN. If you set the PPP parameter IP Address Negotiation to On, the IOLAN will ignore the remote IP address value you enter here and will allow the remote end to specify its IP address. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-Address is set in the

RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here. The exception to this rule is a RADIUS file of

255.255.255.254; this value allows the IOLAN to use the remote IP

Framed-Address value in the

address value configured here.

roaming-callback

A user can enter a telephone number that the IOLAN will use to callback him/her. This feature is particularly useful for a mobile user. Roaming callback can only work when the

User Callback parameter is set to On. Roaming callback therefore overrides (fixed)

User Callback.To use Roaming Callback, the remote end must be a Microsoft

Windows OS that supports Microsoft’s Callback Control Protocol (CBCP). The user is allowed 30 seconds to enter a telephone number after which the IOLAN ends the call. The default is

Off.

routing

Determines the routing mode (RIP, Routing Informati on Protocol) used on the PPP interface as one of the following options:

z None—Disables RIP over the PPP interface. z Send—Sends RIP over the PPP interface. z Listen—Listens for RIP over the PPP interface. z Send and Listen—Sends RIP and listens for RIP over the PPP interface.

This is the same function as the users. Default is

None.

Framed-Routing attribute for RADIUS authenticated

rpassword

The rpassword is the password which is associated with the user defined by ruser. It is used to authenticate a user connecting to the IOLAN. You can enter a maximum of 16 alphanumeric characters.

82 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 85

Line Service Commands

ruser

This field is used to authenticate a user connecting to this line. It is used in conjunction with the rpassword field. By specifying a name here, this line becomes dedicated to that user only. If left blank, the internal user database will be used to authenticate the connection and any user configured will be able to access this line. You can enter a maximum of sixteen alphanumeric characters.

This option does not work with external authentication.

authentication

The type of authentication that will be done on the link: None, PAP, or CHAP. The default is

CHAP. You can use PAP or CHAP to authenticate a port or user on the

IOLAN, from a remote location, or authenticate a remote client/device, from the IOLAN (not commonly used for

Dial Out).

PAP is a one time challenge of a client/device requiring that it respond with a valid username and password. A timer operates during which successful authentication must take place. If the timer expires before the remote end has been authenticated successfully, the link will be terminated.

CHAP challenges a client/device at regular intervals to validate itself with a username and a response, based on a hash of the secret (password). A timer operates during which successful authentication must take place. If the timer expires before the remote end has been authenticated successfully, the link will be terminated.

When setting either have the same setting. For example, if the IOLAN is set to set to

CHAP, the connection will be refused.

PAP and CHAP, make sure the IOLAN and the remote client/device

PAP, but the remote end is

tr-retry

The maximum number of times a terminate request packet will be re-sent before the link is terminated.

tr-tmout

The maximum time, in seconds, that LCP (Link Control Protocol) will wait before it considers a

terminate request packet to have been lost.

user

This field is used by a remote peer to authenticate a PPP connection on this line. It is used in conjunction with the password field. You can enter a maximum of sixteen alphanumeric characters.

vj-comp

This determines whether Van Jacobson Compression is used on this link. The default is

On. If your user is authenticated by the IOLAN, this VJ compression value will be

overridden if you have set the User Frame d Compression On. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-Compression is set in

the RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here.

Line Commands 83

Page 86

Line Service Commands

Set PPP Dynamic-DNS

Description This option is only available when IP address negotiation (ipaddr-neg) is on. When

enabled, the IOLAN will automatically update the DNS server with the specified host name and negotiated IP address for the PPP session.

User Level Admin Syntax

set ppp line .|<number>|* dynamic-dns [on|off]

[hostname <hostname>] [username <username>] [password <password>]

Options hostname

Specify the host name that will be updated with the PPP session’s IP address on the DynDNS.org server .

username

Specify the user name used to access the DynDNS.org server.

password

Specify the password used to access the DynDNS.org server.

Set SLIP

Description Configures the lines SLIP settings. User Level Admin Syntax

set slip line .|<number>|* [lipaddr <IPV4_address>]

[mtu <256-1006>] [netmask <IPV4_address>] [ripaddr <IPV4_address>] [vj-comp on|off] [routing none|send|listen|send-and-listen]

Options lipaddr

The IPv4 address of the IOLAN end of the SLIP link. For routing to work you must enter an IP address in this field. Choose an address that is part of the same network or subnetwork as the remote end; for example, if the remote end is address

192.101.34.146, your local IP address can be 192.101.34.145. Do not use the IOLAN’s (main) IP address in this field; if you do so, routing will not take place correctly.

mtu

The Maximum Transmission Unit (MTU) parameter restricts the size of individual SLIP packets being sent by the IOLAN. Enter a value between 256 and 1500. The default value is

256. If your user is authenticated by the IOLAN, this MTU value will

be overridden when you have set a authenticated by RADIUS and the RADIUS parameter Framed-MTU is set in the RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here.

netmask

The network subnet mask. For example, 255.255.0.0. If your user is authenticated by RADIUS and the RADIUS parameter Framed-Netmask is set in the RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here.

Framed MTU value for the user. If your user is

ripaddr

The IPv4 address of the remote end of the SLIP link. Choose an address that is part of the same network or subnetwork as the IOLAN. If your user is authenticated by the IOLAN, this remote IP address will be overridden if you have set a for the user. If your user is authenticated by RADIUS and the RADIUS parameter

Framed-Address is set in the RADIUS file, the IOLAN will use the value in the

RADIUS file in preference to the value configured here.

84 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Framed IP Address

Page 87

Line Service Commands

vj-comp

This determines whether Van Jacobson compression is used on this link; that is, whether you are using SLIP or C-SLIP (compressed SLIP). The choices are On (C-SLIP) or Off (SLIP). The default is

On. C-SLIP greatly improves the performance of interactive

traffic, such as Telnet or Rlogin. If your user is authenticated by the IOLAN, this VJ compression value will be

overridden if you have set a authenticated by RADIUS and the RADIUS parameter

Framed Compression value for a user. If your user is

Framed-Compression is set in

the RADIUS file, the IOLAN will use the value in the RADIUS file in preference to the value configured here.

routing

Determines the routing mode (RIP, Routin g Information Protocol) used on the SLIP interface as one of the following options:

z None—Disables RIP over the SLIP interface. z Send—Sends RIP over the SLIP interface. z Listen—Listens for RIP over the SLIP interface. z Send and Listen—Sends RIP and listens for RIP over the SLIP interface.

This is the same function as the users. Default is

None.

Framed-Routing attribute for RADIUS authenticated

Set UDP

Description Configures the UDP settings for the serial line. User Level Normal, Admin Syntax

set udp line .|<number>|* entry 1|2|3|4

both auto-learn|specific <UDP_port> [<start_IP_address>] [<end_IP_address>]

set udp line .|<number>|* entry 1|2|3|4 in

any-port|auto-learn|specific <UDP_port> [<start_IP_address>] [<end_IP_address>]

[<start_IP_address>] [<end_IP_address>]

Options entry 1|2|3|4

Selects which of the 4 available entries we wish to define/modify. For each entry the user can specify a different IP address range, UDP port and direction of data flow.

Line Commands 85

Page 88

Line Service Commands

both|in|out|none

The direction in which information is received or relayed:

z None—UDP service not enabled. z In—LAN to serial. The IOLAN will listen on port value configured in the DS Port

parameter for messages coming from the learned or configured port.

z Out—Serial to LAN. The IOLAN will forward data received on the serial port to

the IP address range, UDP port configured for this entry.

z Both—Messages are relayed in both directions. For messages coming from the

LAN to the serial device, IOLAN will listen on the port value configured in the

parameter for messages coming from the learned or configured port. Fo r

Port

messages going from the serial device to the LAN, the IOLAN will forward the data to the IP address range and UDP port configured for this entry. If

auto-learn

is enabled, the IOLAN must receive a UDP message before it can send one, since the UDP port number is learned from the received message.

auto-learn

The IOLAN will only listen to the first port that it receives a UDP packet from. Applicable when set to

In or Both.

any-port

The IOLAN will receive messages from any port sending UDP packets. Applicable when set to

In.

Set Vmodem

specific

The port that the IOLAN will use to relay messages to servers/hosts or the port from which the IOLAN will receive messages to be forwarded to the serial port.. This option works with any setting except port configured by the

None. The IOLAN will listen for UDP packets on the

DS Port parameter.

<start_IP_address>

The first host IP address in the range of IP addresses (for IPV4 or IPV6) that the IOLAN will listen for messages from and/or send messages to.

<end_IP_address>

The last host IP address in the range of IP addresses (for IPV4, not required for IPV6) that the IOLAN will listen for messages from and/or send messages to.

Description Configures the vmodem settings for the serial line. SSL/TLS can be enabled and

configured for this Line Service.

User Level Admin Syntax

set vmodem line .|<number>|* [echo on|off]

Options echo

When enabled, echoes back characters that are typed in (equivalent to ATE0/ATE1 commands). Disabled by default.

86 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 89

Line Service Commands

failure-string

String that is sent to the serial device when a connection fails. If no string is entered, then the string NO CARRIER will be sent.

host

The target host name.

init-string

You can specify additional vmodem commands that will affect how vmodem starts. The following commands are supported: ATQn, ATVn, ATEn, ATS0, AT&Z1, AT&Sn, AT&Rn, AT&Cn, AT&F, ATS2, ATS12, and ATDS1.

See VModem Initialisation Commands in the IOLAN User’s Guide for a more detailed explanation of the support initialisation commands.

mode

Auto mode establishes the connection when the line becomes active. You must supply the AT command or phone number that will start the connection; see

Set

Vmodem-Phone on page 89 for the command parameters to set the AT command or

phone number.

port

The port number the target host is listening on for messages.

response-delay

The amount of time, in milliseconds, before an AT respo nse is sent to the requ esting device. The default is 250 ms.

signals dcd

Controls the state of the DCD signal.

z always-high = DCD signal will always stay high. z follow-connection = DCD signal will be high when an end to end connection is

established and low when it is not.

Since the IOLAN does not have a physical DCD pin, you need to re-map the DTR or RTS signal to DCD to have the signal present. (see next option).

signals dtr

You can specify how the DTR signal pin acts during your modem applicatio n connection, as itself (DTR), as DCD, or as RI.

signals rts

You can specify how the RTS signal pin acts during your modem application connection, as itself (RTS), as DCD, or as RI.

Line Commands 87

Page 90

Line Service Commands

style

One of the following:

z Verbose—Return codes (strings) are sent to the connected device. z Numeric—The following characters can be sent to the connected device:

0 OK 1 CONNECTED 2 RING 3 NO CARRIER 4 ERROR 6 ITERFACE DOWN 7 CONNECTION REFUSED 8 NO LISTNER

success-string

String that is sent to the serial device when a connection succeeds. If no string is entered, then the string

CONNECT 9600.

CONNECT will be sent with the connecting speed, for example

suppress

When enabled, the connection success/failure indication strings are sent to the connected device, otherwise these indications are suppressed. The default is disabled.

88 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 91

Set Vmodem-Phone

Description This command associates a phone number with an IP address and TCP port. This

User Level Admin Syntax

Options entry

Line Service Commands

enables the existing modem application to issue a dial command with a phone number. The phone number will be search in this table and if an exact match is found, the associated IP address and TCP port will be used to establish the connection. This is a universal command, meaning that all VModem lines will access to the entries defined here. 1-port models support up to 4 entries, all other desktop models support up to 8 entries, and rack-mount models support up to 48 entries.

set vmodem-phone entry <number> phone-number <string>

<IP_address> <TCP_port>

set vmodem-phone entry <number> delete

Specify the entry number in the vmodem phone number table.

phone-number

Specify the phone number that your application uses to connect to remote location. Enter the number exactly as it is issued by your application.

<IP_address>

Specify the IP address of the remote host that is receiving the vmodem connection.

Set SSL Line

<TCP_port>

Specify the TCP port that the remote host is lisening on for the vmodem connection

delete

Deletes the specified entry from the phone number table.

Description Sets the SSL/TLS parameters for the line. SSL/TLS can be enabled for the following

Line Services: DSLogin, Raw, Bidir, VModem, Server T unnel, Client Tunnel, Modbus Master, Custom App and Trueport.

User Level Admin Syntax

set ssl line .|<number>|* [enable on|off] [use-server on|off]

Options enable

Activates the SSL/TLS settings for the line.

use-server

Uses the SSL/TLS server configuration for the line.

version

Specify whether you want to use:

z Any—The IOLAN will try a TLSv1 connection first. If that fails, it will try an

SSLv3 connection. If that fails, it will try an SSLv2 connection.

z TLSv1—The connection will use only TLSv1. z SSLv3—The connection will use only SSLv3.

The default is Any.

Line Commands 89

Page 92

Line Service Commands

type

Specify whether the IOLAN will act as an SSL/TLS client or server. The default is

Client. verify-peer

validation-criteria

Any values that are entered in the validation criteria must match the peer certificate for an SSL connection; any fields left blank will not be validated against the peer certificate.

country

A two character country code; for example, US. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

state-province

Up to a 128 character entry for the state/province; for example, IL. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

locality

Up to a 128 character entry for the location; for example, a city. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation

Up to a 64 character entry for the organisation; for example, Accounting. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

organisation-unit

Up to a 64 character entry for the unit in the organisation; for example, Payroll. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

common-name

Up to a 64 character entry for an email address; for example, acct@anycompany.com. This field is case sensitive in order to successfully match the information in the peer SSL/TLS certificate.

90 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 93

Set SSL Line Cipher-suite

Description Sets the SSL/TLS cipher suite parameters for the line. User Level Admin Syntax

Options option1|option2|option3|option4|option5

set ssl line .|<number>|* cipher-suite

Sets the priority of the cipher suite, with option1 being highest priority and option5 lowest priority.

encryption

Select the type of encryption that will be used for the SSL connection:

z Any—Will use the first encryption format that can be negotiated. z AES z 3DES z DES z ARCFOUR z ARCTWO z None—Removes any values defined for the cipher option.

The default value is Any.

Line Service Commands

min-key-size

The minimum key size value that will be used for the specified encryption type. The default is 40.

max-key-size

The maximum key size value that will be used for the specified encryption type. The default is 256.

key-exchange

The type of key to exchange for the encryption format:

z Any—Any key exchange that is valid is used (this does not, however, include ADH

keys).

or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.

The default is Any.

hmac

Select the key-hashing for message authentication method for your encryption type:

z Any z MD5 z SHA1

The default is Any.

Line Commands 91

Page 94

Line Service Commands

Set Modbus-Slave Line

Description Sets the Modbus slave parameters for the line. User Level Admin Syntax

set modbus-slave line .|<number>|* [crlf on|off]

[protocol rtu|ascii] [uid-range <uid_range>]

Options crlf

When Modbus/ASCII is selected, adds a CR/LF to the end of the transmission; most Modbus devices require this option. The default is

protocol

Specify the protocol that is used between the Modbus Master(s) and Modbus Slave(s), either RTU or ASCII.

uid-range

You can specify a range of UIDs (1-247), in addition to individual UIDs. The form at is comma delimited; for example, 2-35, 50, 100-103.

Set Modbus-Master Line

Description Sets the Modbus master parameters for the line. SSL/TLS can be enabled and

configured for this Line Service.

User Level Admin Syntax

Options crlf

set modbus-master line .|<number>|* [crlf on|off]

[protocol rtu|ascii] [[entry <number> [port <port>] [protocol udp|tcp] [range-mode gateway|host] [slave-ip <IP_address>] [uid-range <start_uid> <end_uid>]]

When Modbus/ASCII is selected, adds a CR/LF to the end of the transmission; most Modbus devices require this option. The default is

On.

protocol

Specify the protocol that is used between the Modbus Master(s) and Modbus Slave(s), either RTU or ASCII.

entry

You can specify up to 16 Modbus Slave Remote IP Mapping entries (the UIDs must not overlap).

port

The destination port of the remote Modbus TCP Slave that the IOLAN will connect to.

protocol

Specify the protocol that is used between the Modbus Master and Modbus Slave(s), either TCP or UDP.

range-mode

If you specify Host, the IP address is used for the first UID specified in the range. The last octect in the IPv4 address is then incremented for subsequent UID’s in that range. The

Host option is not applicable for IPv6 addresses. If you specify Gateway, the

Modbus Master Gateway will use the same IP address when connecting to all the remote Modbus slaves in the specified UID range.

92 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 95

slave-ip

The IP address of the TCP/Ethernet Modbus Slave.

uid-range

When Range Mode is Host and you have sequential Modbus Slave IP addresses (for example, 10.10.10.1, 10.10.10.2, 10.10.10.3, etc.), you can specify a UID range and the IOLAN will automatically increment the last digit of the configured IP address. Therefore, you can specify a UID range of 1-100, and the IOLAN will route Master Modbus messages to all Modbus Slaves with IP addresses of 10.10.10.1 - 10.10.10.100.

Set Power-Management Line

Description Configures the power management settings for the line. User Level Admin Syntax

Options model

set power-management line .|<number>|*

[model rps820|rps830|rps1620|rps1630] [name <bar_name>]

set power-management line .|<number>|* plug <1-8|1-16>

[default-state on|off] [name <plug_name>] [power-up-interval .5|1|2|5|15|30|60|120|180|300] [serial-line <number>]

Specify the power bar model, either RPS820, RPS830, RPS1620, RPS1630.

Line Service Commands

name (power bar name)

Specify a name for the RPS.

plug

Specify the power bar plug number you are configuring.

default-state

Sets the default state of the plug, either on or off. The default is off.

name (plug name)

Specify a name for the plug to make it easier to recognize and manage.

power-up-interval

Specify the amount of time, in seconds, that the power bar will wait before powering up a plug. This can be useful if you have peripherials that need to be started in a specific order.

serial-line

Associate a serial line(s) connected to a serial device that is plugged into the power bar on that plug.

Line Commands 93

Page 96

Line Service Commands

Set Multihost Line

Description Configures multiple hosts or a primary/backup host schema for Silent Raw, Reverse

User Level Admin Syntax

Options entry

Raw, or Client-Inititated TruePort service types (multihost must be enabled by the line service type for this to take effect, see enable multihost).

set multihost line <number> entry <number> host <host> <TCP_port>

set multihost line <number> entry <number> delete

You can specify up to 49 hosts in the multihost table.

host <host>

Specify the preconfigured host that will be in the multihost list.

<TCP_port>

Specify the TCP port that the IOLAN will use to communicate to the Host.

delete

Deletes the specified entry from the multihost table.

Set Line Service on page 73 for the command to

Set Line Initiate-Connection

Description Determines how the connection is initiated for Direct Telnet, Direct SSH, Direct Raw,

and Direct Rlogin.

User Level Admin Syntax

Options any-char

set line <number>|* initiate-connection

any-char|specific-char <hex>

Initiates a connection to the specified host when any data is received by the serial port.

specific-char <hex>

Initiates a connection to the specified host only when the specified character is received by the serial port.

Show Custom-App

Description Shows the custom application line settings. User Level Admin Syntax

show custom-app line .|<number>|*

Show Interface

Description Shows the network interface information. User Level Admin Syntax

show interface [brief|ppp|slip|ethernet]

Show Power-Management

Description Shows the power management settings for a line. User Level Admin Syntax

94 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

show power-management line <number>

Page 97

Show PPP

Description Shows the PPP line settings. User Level Admin Syntax

Show Rlogin-Client

Description Show the rlogin-client settings for the line. User Level Normal, Admin Syntax

Show SLIP

Description Show the SLIP settings for the line. User Level Admin Syntax

Show SSH-Client

Description Shows the SSH client settings for the line. User Level Admin Syntax

Line Service Commands

show ppp line <number>|wireless-wan

show rlogin-client line <number>

show slip line <number>

show ssh-client line <number>

Show Telnet-Client

Description Shows the telnet client settings for a line. User Level Admin Syntax

show telnet-client line <number>

Show Modbus

Description Shows the Modbus settings for a line. User Level Admin Syntax

show modbus master|slave <number>

Show UDP

Description Shows the UDP settings for the line. User Level Admin Syntax

show udp line <number>

Show Vmodem

Description Show the vmodem settings for the line. User Level Normal, Admin Syntax

show vmodem line <number>

Show Vmodem-Phone

Description Show the vmodem-phone entries. User Level Normal, Admin Syntax

show vmodem-phone

Line Commands 95

Page 98

Modem Commands

Add Modem

Description Adds a modem. User Level Admin Syntax

Options <modem_name>

Delete Modem

Description Deletes a modem. User Level Admin Syntax

Option <config_modem_name>

add modem <modem_name> <initialization_string>

The name of the modem. Do not use spaces.

<initialization_string>

The initialisation string of the modem; see your modem’s documentation.

delete modem <config_modem_name>

You can see a the list of modems that can be dele ted by typing delete modem ?.

Set Modem

Description Sets the modem initialization strings for a defined modem. If you wish to add a new User Level Admin

Syntax Options <modem_name>

Show Modems

Description Shows the IOLAN modem table. User Level Normal, Admin Syntax

modem, use the

set modem <modem_name> <init_string>

Predefined modem name.

<init_string>

Specify the initialization string for the internal modem.

show modems

add modem command.

96 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Page 99

Email Commands

Set Email-Alert Line

Description This command configures email alert parameters for the line. User Level Admin Syntax

Options from

set email-alert line <number>|* [from <email_addr>]

This field will be specified in the from field of the email message sent by the IOLAN.

level

Choose the event level that triggers an email notification:

z Emergency z Alert z Critical z Error z Warning z Notice z Info z Debug

The list is in decreasing order of priority ( selecting the lowest notification level; therefore, when you select an email notification for all events that trigger a message.

Email Commands

Emergency has the highest priority). You are

Debug, you will get

mode

Determines whether or not email notification is turned on. Default is Off.

An email address or list of email addresses that will receive the email notification.

reply-to

The email address to whom all replies to the email notification should go.

smtp-host

The SMTP host (email server) that will process the email notification request. This can be either a host name defined in the IOLAN host table or the SMTP host IP address.

subject

A text string, which can contain spaces, that will display in the Subject field of the email notification.

use-server

Determines whether you want the Line to inherit the Email Alert settings from the

Server Email Alert. If this is enabled, Server and Line notification events will have the

same

Email Alert setting.

Line Commands 97

Page 100

Packet Forwarding Commands

Show Email-Alert Line

Description Shows how the line email alert is configured. User Level Admin Syntax

show email-alert line <number>

Packet Forwarding Commands

Set Packet-Forwarding Line

Description The Packet Forwarding feature allows you to control how the data coming from a serial

device is packetized before forwarding the packet onto the LAN network. This command configures packet forwarding options for serial devices attached to the serial line. The command is broken up into logical flows that can be configured; if you configure both the packet options and the frame definition options, the frame definition options will take precedence. If any of the packet options that are configured are met, the packet transmission is triggered.

User Level Admin Syntax

set packet-forwarding line <number>|* mode minimize-latency

set packet-forwarding line <number>|* mode

optimize-network-throughput

set packet-forwarding line <number>|* mode

prevent-message-fragmentation delay-between-messages <0-65535>

set packet-forwarding line <number>|*

mode custom-on-specific-events [enable-end-trigger1 on|off] [enable-end-trigger2 on|off] [end-trigger1 <0x0-FF>] [end-trigger2 <0x0-FF>] [force-transmit-timer <number>] [forwarding-rule trigger1|trigger+1|trigger+2|strip-trigger] [idle-timer <number>] [packet-size <number>]

set packet-forwarding line <number>|*

Options minimize-latency

This option ensures that any data received on the serial port will immediately be forwarded to the LAN. Select this option for timing-sensitive applications.

optimize-network-throughput

This option provides optimal network usage while ensuring that the application performance is not compromised. Select this option when you want to minimize overall packet count, such as when the connection is over a WAN.

prevent-message-fragmentation

This option detects the message, packet, or data blocking characteristics of the serial data and preserves it throughout the communication. Select this option for message-based applications or serial devices that are sensitive to inter-character delays within these messages.

98 IOLAN SDS/SCS/STS CLI Reference Guide, Version 3.6

Perle Systems IOLAN CSS User Manual

Specifications and Main Features

Frequently Asked Questions

User Manual

Table of Content s

Preface

About This Book

Intended Audience

Typeface Conventions

Contacting Technical Support

Making a Technical Support Query

Repair Procedure

Feedback on this Manual

Introduction Chapter 1

CLI Conventions

Command Syntax

Command Shortcuts

Command Options

Server Commands Chapter 2

Server Commands

Set Console

Set Custom-App

Set Port-Buffering

Set Server

Set SSL Server

Set Service

Show Console

Show Custom-App

Show Server

Show Port-Buffering

Show Modbus

Hardware Commands

Set Ethernet

Show Hardware

SSH Server Commands

Set SSH-Server

Show SSH-Server

SSL/TLS Commands

Set SSL Server

Set SSL Server Cipher-suite

Modbus Commands

Show SSL

Set Modbus Gateway

Show Modbus

Authentication Commands

Set Authentication

Set Authentication Local

Set Authentication Kerberos

Set Authentication LDAP

Set Authentication NIS

Add RADIUS

Delete RADIUS

Set Authentication RADIUS

Set Authentication TACACS+

Set Authentication SecurID

TruePort Baud Commands

Show Authentication

Set TruePort Remap-Baud

Show TruePort

Email Commands

Set Email-Alert Server

Show Email-Alert Server

Clustering Commands

Add Clustering Slave-IP

Delete Clustering Slave-IP

Set Clustering Slave-IP

Show Clustering Slave-IP

Dynamic DNS Commands

Set Dynamic-DNS

Set Dynamic-DNS SSL

Set Dynamic-DNS SSL Cipher-Suite

Show Dynamic-DNS

PCI Commands

Set PCI Card

Show PCI

Set PCI Wireless-WAN

Show Wireless-WAN

IPv6 Commands

Set IPv6

Show IPv6