AMX NI-2000 Programming Manual
  1. Manuals
  2. Brands
  3. AMX Manuals
  4. Controller
  5. NetLinx NI-2000
  6. Programming manual

AMX NI-2000 Programming Manual

Ni series netlinx integrated controllers webconsole & programming guide
Hide thumbs Also See for NI-2000:
Table of Contents

Advertisement

Quick Links

See also: Instruction Manual
W e b C o n s o l e & P r o g r a m m i n g G u i d e
NI Series
NetLinx Integrated Controllers
NI-700/900
NI-2000/3000/4000
NI-2100/3100/4100
NI-3101-SIG
NXC-ME260/64
N e t L i n x I n t e g r a t e d C o n t r o l l e r s
L a s t R e v i s e d : 1 0 / 3 1 / 2 0 0 8

Advertisement

Table of Contents
loading

Related Manuals for AMX NI-2000

Summary of Contents for AMX NI-2000

  • Page 1 W e b C o n s o l e & P r o g r a m m i n g G u i d e NI Series NetLinx Integrated Controllers NI-700/900 NI-2000/3000/4000 NI-2100/3100/4100 NI-3101-SIG NXC-ME260/64 N e t L i n x I n t e g r a t e d C o n t r o l l e r s...
  • Page 2 AMX is not responsible for products returned without a valid RMA number. AMX is not liable for any damages caused by its products or for the failure of its products to perform. This includes any lost profits, lost savings, incidental damages, or consequential damages.

  • Page 3: Table Of Contents

    Table of Contents Overview ...1 NetLinx Integrated Controllers ... 1 About This Document ... 1 Related Documents... 2 Quick Setup and Configuration Overview ... 2 Installation Procedures... 2 Configuration and Communication... 2 Update the On-board Master and Controller Firmware ... 3 Configure NetLinx Security on the NI Controller ...
  • Page 4 System Level Security - IPSec Security Settings ... 33 Configuring Settings ... 34 Uploading an Configuration File... 34 Managing Certificate Files... 34 AMX IPSec Configuration file ... 34 System Security - Group Level ... 35 Adding a New Group ... 35 Group and User Security Access Options Viewing Group Security Settings Details...
  • Page 5 SSL Certificate Options ... 56 Creating an SSL Server Certificate ... 56 SSL Certificate Entries... 57 Displaying SSL Server Certificate Information... 58 Creating a Request for an SSL Certificate ... 58 Self-Generating an SSL Certificate ... 58 Regenerating an SSL Server Certificate Request... 58 Exporting an SSL Certificate Request ...
  • Page 6 Table of Contents LED Disable/Enable Send_Commands ... 84 RS232/422/485 Ports Channels ... 84 RS-232/422/485 Send_Commands ... 84 RS-232/422/485 Send_String Escape Sequences... 88 IR / Serial Ports Channels ... 89 IR RX Port Channels ... 89 IR/Serial Send_Commands ... 89 Input/Output Send_Commands ... 95 Terminal (Program Port/Telnet) Commands ...97 Overview ...
  • Page 7 SpdAddBypass ... 130 SpdAddDiscard ... 131 SpdSetProp ... 132 SpdSetPropAttrib ... 136 spdSetSA ... 137 Manual Key Manager (MKM) ... 138 mkmAddBypass ... 138 mkmAddDiscard ... 139 mkmAddTransport ... 140 mkmAddTunnel ... 141 mkmSetInboundAH ... 142 mkmSetInboundESP ... 143 mkmSetOutboundAH ... 144 mkmSetOutboundESP ...
  • Page 8 Table of Contents NI Series WebConsole & Programming Guide...

  • Page 9: Overview

    Interface section on page 23). These NI Controllers are Duet-compatible and can be upgraded via firmware. Duet is a dual-interpreter firmware platform from AMX which combines the proven reliability and power of NetLinx with the extensive capabilities of the Java of a system that includes the NI-900 and other third party devices by standardizing device and function definitions, defaulting touch panel button assignments, and controlling feedback methods.

  • Page 10: Related Documents

    Title NXI-700/900 NetLinx Integrated Controllers - Hardware Reference Guide NXI-x000 NetLinx Integrated Controllers - Hardware Reference Guide (NI-2000, NI-3000, NI-4000) NXI-x100 NetLinx Integrated Controllers - Hardware Reference Guide (NI-2100, NI-3100, NI-4100) NI-3101-SIG Signature Series NetLinx Integrated Controller - Operation/Reference Guide...

  • Page 11: Update The On-Board Master And Controller Firmware

    Update the On-board Master and Controller Firmware Before using your new NI unit, you must first update your NetLinx Studio to the most recent release. Upgrade the on-board Master firmware through an IP Address via the Ethernet connector (Upgrading the On-board Master Firmware via an IP section on page 15) (IP recommended).
  • Page 12 Overview FIG. 1 Internet Explorer with BonJour plug-in NI Series WebConsole & Programming Guide...
  • Page 13 Overview NI Series WebConsole & Programming Guide...
  • Page 14 Overview NI Series WebConsole & Programming Guide...

  • Page 15: Initial Configuration And Firmware Upgrade

    Preparing the NI Controller for Serial Communication To establish serial communication with the Controller via the PROGRAM (DB9) port: 1. Launch NetLinx Studio 2.x (default location is Start > Programs > AMX Control Disc > NetLinx Studio 2 > NetLinx Studio 2).

  • Page 16: Configuring The Ni Controller For Ethernet Communication

    Initial Configuration and Firmware Upgrade Once Serial communication has been established, use NetLinx Studio to configure the Controller for Ethernet Communication, as described below. Configuring the NI Controller for Ethernet Communication Before continuing, complete the COM port steps above. 1. Use an Ethernet cable to connect the Controller to the LAN to which the PC running NetLinx Studio is connected.

  • Page 17: Obtaining The Ni Controller's Ip Address (Using Dhcp)

    1. Access the Device Addressing dialog (FIG. 2) by selecting Diagnostics > Device Addressing. FIG. 2 NetLinx Studio: Device Addressing dialog (using the ID mode to set the NI Controller’s device value) 2. In the Device field (A in FIG. 2), enter the new value for the NI Controller (range = 0 - 32767). 3.
  • Page 18 Initial Configuration and Firmware Upgrade 1. In NetLinx Studio, select Diagnostics > Network Addresses from the Main menu to access the Network Addresses dialog (FIG. 3). System Address reflects the value set in the Device Addressing tab Used to obtain a Dynamic (DHCP) IP Address FIG.

  • Page 19: Assigning A Static Ip To The Ni Controller

    The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation. Wait until the STATUS LED is the only LED to blink. 11. Press Done once until the Master Reboot Status field reads *Reboot of System Complete*. Verify that these IP values are also entered into the related fields within either the IP Settings section of the System Connection page (on the touch panel) or within the Address field on the web browser.

  • Page 20: Communicating Via An Ip

    Initial Configuration and Firmware Upgrade 8. Click OK to accept the change to the new IP/DNS information. 9. Click the Reboot Master button and select Yes to close the Network Addresses dialog. 10. Click Reboot (from the Tools > Reboot the Master Controller dialog) and wait for the System Master to reboot and retain the newly obtained DHCP Address.
  • Page 21 3. Click the Communications Settings button to open the Communications Settings dialog. 4. Click on the NetLinx Master radio button (from the Platform Selection section) to indicate you are working with a NetLinx Master (such as the NXC-ME260/64 or NI-Series of Integrated Controllers).

  • Page 22: Verifying The Firmware Version On The Master

    Initial Configuration and Firmware Upgrade If the connection fails to establish, a Connection Failed dialog appears. Try selecting a different IP Address if communication fails. Press the Retry button to reconnect using the same communication parameters. Press the Change button to alter your communication parameters and repeat steps 4 thru 18.

  • Page 23: Upgrading The On-Board Master Firmware Via An Ip

    4. If either the on-board NI Master or Integrated Controller is not the latest firmware version, follow the procedures outlined in the following sections to obtain these Kit files from www.amx.com and then transfer the new firmware Kit files to the device.
  • Page 24 5. If the on-board Master firmware being used is not current, download the latest Kit file by first logging in to www.amx.com and then navigating to Tech Center > Firmware Files, where you can locate the desired file from within the NetLinx section of the web page.

  • Page 25: Upgrading The Ni Controller Firmware Via Ip

    5. If the NI Controller firmware being used is not current, download the latest Kit file by first logging in to www.amx.com and then navigating to Tech Center > Firmware Files, where you can locate the desired file from within the NI Series Device (Integrated Controller) section of the web page.
  • Page 26 Initial Configuration and Firmware Upgrade FIG. 8 Sample NetLinx Workspace window (showing separate NI-Master and Controller) 6. Click on the desired Kit file link and after you’ve accepted the Licensing Agreement, verify you have downloaded the Integrated Controller firmware (Kit) file to a known location. 7.

  • Page 27: If The Connection Fails

    The Kit file for the Integrated Controller on the NI-2000/3000/4000 begins with 2105_NI_X000. The Kit file for the Integrated Controller on the NI-2100/3100/4100 begins with 2105_04_NI_X100. The Kit file for the NI-700/900 Series begins with 2105-03_NI_X000 Do not use the 2105-03_NI_X00 Kit file on anything other than an NI-700/900 since each Kit file is specifically configured to function on a specific NI unit.
  • Page 28 5. If the NXC card firmware being used is not current, download the firmware file by first logging in to www.amx.com and then navigate to Tech Center > Firmware Files and from within the NetLinx section of the web page locate the NXC card entries.

  • Page 29: Resetting The Factory Default System And Device Values

    FIG. 11 Select Control Card firmware file for download page (via IP) 15. Press Done once until the Master Reboot Status field reads *Reboot of System Complete*. 16. Cycle power to the Master (unplug and reconnect power to the unit). This process of cycling power acts to reset the updated NetLinx Control Card and detect its new firmware update.
  • Page 30 Initial Configuration and Firmware Upgrade By setting the system to its default value (#1), Modero panels that were set to connect to the Master on another System value will not appear in the OnLine Tree tab of the Workspace window. For example: A Modero touch panel was previously set to System #2.

  • Page 31: Onboard Webconsole User Interface

    Onboard WebConsole User Interface WebConsole UI Overview NetLinx Masters have a built-in WebConsole that allows you to make various configuration settings via a web browser on any PC that has access to the Master. The webconsole consists of a series of web pages that are collectively called the "Master Configuration Manager"...

  • Page 32: Accessing The Webconsole

    Onboard WebConsole User Interface Accessing the WebConsole From any PC that has access to the LAN that the target Master resides on: 1. Open a web browser and type the IP Address of the target Master in the Address Bar. 2.

  • Page 33: Device Network Settings Pages

    Device Network Settings Pages Click on the blue Information (i) icon next to any device listed in the Device Tree to access the Network Settings page for the selected device (FIG. 15). FIG. 15 Example Network Settings page for a sample CV15 connected to the Master Use the options on this page to view/edit the device’s network settings.
  • Page 34 Onboard WebConsole User Interface NI Series WebConsole & Programming Guide...

  • Page 35: Webconsole - Webcontrol Options

    WebConsole - WebControl Options Manage WebControl Connections The WebControl page is accessed by clicking on the WebControl button (FIG. 16). This page allows you to view all touch panels running the G4WebControl application. Each G4WebControl-equipped touch panel connected to this Master is indicated by a link. Click on any of the links to open a new G4WebControl window, displaying the selected panel, using the native resolution of the target panel.
  • Page 36 WebConsole - WebControl Options NI Series WebConsole & Programming Guide...

  • Page 37: Webconsole - Security Options

    WebConsole - Security Options Security Overview The Security System Details page is accessed by clicking on the Security button. This page allows you to view configure and modify the Master’s security settings at three levels: System Level - changes made at this level affect the system globally. See the System Security - System Level section on page 31 for details.

  • Page 38: Default Security Configuration

    Group and User Level pages of the Security section. This username and password information is also used by both G4 touch panels (within the System Connection firmware page) and AMX software applications such as NetLinx Studio v 2.4 to communicate securely with a Master using encrypted communication.

  • Page 39: System Security - System Level

    System Security - System Level System Level Security options provide authorized users the ability to alter the current security options of the entire system assigned to the Master. There are two System Level Security pages, accessible via the System Security Settings and Security Settings links in the System Level Tab: The.

  • Page 40: System Security Access Options

    ICSP connection (among the various AMX products) be encrypted, and that any application or hardware communicating with the Master over ICSP must provide a valid username and password.

  • Page 41: Accepting Changes

    Telnet Access option Telnet Client HTTP Access option Browser Browser or SSL ICSP Connectivity and Encryption option Software & Hardware FIG. 19 Port Communication Settings Accepting Changes Click the Accept button to save changes on this page. Accepting changes is instantaneous and does not require a reboot.

  • Page 42: Configuring Settings

    To delete a Certificate from the Master, select a Certificate in any of the three tabs, and click Delete File. AMX IPSec Configuration file Refer to the Appendix A: IPSec Configuration File section on page 123 for a listing and description of the configuration lines supported by the AMX IPSec Configuration file. NI Series WebConsole & Programming Guide...

  • Page 43: System Security - Group Level

    System Security - Group Level Select the Group Level tab of the Security Page to access the Group Security Details page (FIG. 21). FIG. 21 Group Security Details page The options in this page allow authorized users to assign and alter group properties such as creating, modifying, or deleting a group’s rights, and also allows for the definition of the files/directories accessible by a particular group.

  • Page 44: Group And User Security Access Options

    WebConsole - Security Options FIG. 22 Group Level Security Settings Page (Add a group and modify settings page) If you select a group directory, all lower groups in that tree will be selected. 6. Click the Accept button to save your changes to the target Master. If there are no errors within any of the page parameters, a “Group added successfully”...
  • Page 45 ICSP connection (among the various AMX products) be encrypted, and that any application or hardware communicating with the Master over ICSP must provide a valid username and password.

  • Page 46: Viewing Group Security Settings Details

    WebConsole - Security Options Viewing Group Security Settings Details Click on any Group listed in the Group Security Details page to expand the view to show details for the selected user Group (FIG. 24): FIG. 24 Group Security Details Page Click the Edit button to edit the Security Access options for the selected user group.

  • Page 47: Deleting A Group

    FIG. 25 Group Security Details Page (Edit Group Security Details) The "administrator" group account cannot be modified or deleted. Any properties possessed by groups (ex: access rights, update rights, directory associations, etc.) are inherited by users assigned to that particular group. Unchecking a security option (which is available within the associated group) does not remove that right from the user.

  • Page 48: System Security - User Level

    WebConsole - Security Options System Security - User Level Select the User Level tab of the Security Page to access the User Security Details page (FIG. 26). The options on this page allow authorized users to add/delete User accounts and configure User’s Access rights.

  • Page 49: Viewing And Editing User Security Settings

    FIG. 27 User Security Settings Page (Add/Modify User page) The password must be a unique alpha-numeric character string (4 - 20 characters), and is case sensitive. 6. Enable the security access rights you want to provide to the user. See the Group and User Security Access Options section on page 36 for details.
  • Page 50 WebConsole - Security Options FIG. 28 User Level Security Settings Page (Viewing User Security Settings Details) If you are not logged into the Master, you receive a reminder message: "You must login before Security Settings can be changed". In this case, log into the Master and repeat the previous steps. 3.

  • Page 51: Webconsole - System Options

    WebConsole - System Options System Overview The Manage System page is accessed by clicking on the System button. This page allows you to view and configure various aspects of the NetLinx System, separated by four tabs: Manage System - Options in this tab allow you to view/change the Master’s System Number, Control/Emulate system devices, perform Diagnostics, configure Server settings and set the time/date via the Clock Manager.

  • Page 52: Manage System - System Number

    The Device Addressing dialog will not allow you to alter the NetLinx Master address value. Example: Using an NI-2000 and NI-4100: The NI-2000 could be assigned to System 1 (with an Address of 00000). The NI-4100 could be assigned to System 2 (with an Address of 00000).

  • Page 53: Manage System - Control/Emulate Options

    Manage System - Control/Emulate Options Click the Control/Emulate link (in the Manage System tab) to access the Control/Emulate Options page (FIG. 30). The options on this page allow you to Control or Emulate a device connected to this Master. Device Control/Emulation is accomplished by manipulating a target device’s channels, levels, and sending both send commands and strings to the device.

  • Page 54: Controlling Or Emulating A System Device

    WebConsole - System Options Controlling or Emulating a System Device 1. Select the device that you want to Control or Emulate, via the Device Tree: a. Click the Show Device Tree option to show the Device Tree window (if it is not already enabled).
  • Page 55 Select the On or Off buttons to Emulate Channel ON (CHON) and Channel OFF (CHOFF) messages for the specified <D:P:S>. 4. Select the Push button to Emulate a push/release on the specified channel (not displayed if the Control option is selected). Click and hold the Push button to observe how the device/Master responds to the push message.

  • Page 56: Manage System - Diagnostics Options

    WebConsole - System Options Manage System - Diagnostics Options Click the Diagnostics link (in the Manage System tab) to access the Diagnostics Options page (FIG. 32). The options on this page allow authorized users to enable and monitor various diagnostic messages coming from and going to System Devices.
  • Page 57 information on the selected device (including network configuration details). An example Network Settings page is shown in FIG. 33: c. Click on the Diagnostics link. This opens a Diagnostics Options page for the selected device (FIG. 33). FIG. 33 Select Diagnostics from within a selected Device’s Network Settings page The currently selected device is also indicated in the Device field at the top of the page.
  • Page 58 WebConsole - System Options This opens the Edit Options window (FIG. 34), where you can select which Diagnostics messages to enable or disable for this device. Click to delete this device from the Diagnostics page (disables all diagnostics on this device) FIG.
  • Page 59 Each device is identified here by it’s System Number, Device and Port assignments FIG. 35 Edit Options window All returned messages are displayed in the Incoming Messages window. By default, all messages are refreshed every 5 seconds, as indicated by the Refresh Interval field. Use the Refresh Interval drop-down to specify how often your messages are updated (available values = 2 seconds, 5 seconds, or 10 seconds).

  • Page 60: Diagnostics Options Definitions

    WebConsole - System Options FIG. 36 Edit Options window indicating four devices with Diagnostics enabled You can monitor diagnostics for up to eight System Devices in this page. Diagnostics Options Definitions The following table describes each of diagnostics options that can be enabled via the Edit Options window: Diagnostic Options Diagnostic Option...

  • Page 61: Disabling All Diagnostic Options For A Device

    Diagnostic Options (Cont.) Device Options • Level Changes From • Level Changes To • Strings To • Strings From • Commands To • Commands From • Custom Events From Disabling all Diagnostic Options For a Device There are two ways to disable all diagnostics for a device: In the Edit Options window, select Delete to remove the device from the Diagnostics Options page and disable all diagnostics.

  • Page 62: Manage System - Server Options

    WebConsole - System Options Manage System - Server Options Click the Server link (in the Manage System tab) to access the Server Options page (FIG. 37). The options on this page allow you to: Change the port numbers (used by the Master for various Web services) Configure the SSL settings used on the Master Manage existing and pending license keys, manage the active NetLinx system communication parameters...

  • Page 63: Server Port Settings

    ICSP: The port value used for ICSP data communication among the different AMX software and hard- ware products. This type of communication is used by the various AMX product for communica- tion amongst themselves. Some examples would be: NetLinx Studio communicating with a Master (for firmware or file information updates) and TPDesign4 communicating with a touch panel (for panel page and firmware updates).

  • Page 64: Ssl Certificate Options

    WebConsole - System Options Server Port Settings (Cont.) Feature Description FTP: The default port value used for FTP communication. This port can be disabled/enabled but the value can not be changed. • The default port value is 21. Once any of the server port settings have been modified, press the Accept button to save these changes to the Master.

  • Page 65: Ssl Certificate Entries

    1. Click the Create SSL Certificate link (under SSL Certificate Options) to access the Create SSL Certificate window (FIG. 38). FIG. 38 Create SSL Certificate window 2. Fill out the information in this window, according to the descriptions in the SSL Certificate Entries section below.

  • Page 66: Displaying Ssl Server Certificate Information

    WebConsole - System Options SSL Certificate Entries (Cont.) Entry Organization Name: Name of your business or organization. This is an alpha-numeric string (1 - 50 charac- Organization Unit: City/Location: State/Province: Country Name: Displaying SSL Server Certificate Information Click the Create SSL Certificate link in the Server Options page to open the Create SSL Certificate window.

  • Page 67: Exporting An Ssl Certificate Request

    4. Click Create SSL Certificate to save the newly modified certificate information to the Master. Click Close to exit without making changes to the Master. Only use the Regenerate Certificate option when you have self-generated your own certificate. Do not regenerate an external CA-generated certificate. Exporting an SSL Certificate Request 1.

  • Page 68: Importing An Ssl Certificate

    WebConsole - System Options Importing an SSL Certificate Click the Import SSL Certificate link to import a CA server certificate. Before importing an SSL Certificate you must: First, have a self-generated certificate installed onto your target Master. Second, enable the HTTPS/SSL feature from the Server Options page (FIG. 37), to establish a secure connection to the Master prior to importing the encrypted CA certificate.

  • Page 69: Manage System - Clock Manager Options

    Manage System - Clock Manager Options Click the Clock Manager link (in the Manage System tab) to access the Clock Manager Options page (FIG. 41). The options on this page allow you to enable/disable using a network time source and provide access to Daylight Saving configuration and which NIST servers to use as a reference.

  • Page 70: Setting Daylight Savings Rules

    WebConsole - System Options 2. Click Accept to save these settings to the Master. Setting Daylight Savings Rules 1. In the Daylight Savings tab (FIG. 42), enable Daylight Savings mode by clicking the On button. FIG. 42 Clock Manager Options - Daylight Savings tab 2.

  • Page 71: Selecting A Custom Nist Server

    4. Use the Ends fields to specify when Daylight Savings should end. The Ends rules match the Start rules, and follow the same logic. Select Fixed or by Occurrence, and specify the End date/time information accordingly. 5. Click Accept to save these settings to the Master. Selecting a Custom NIST Server FIG.

  • Page 72: Clock Manager Netlinx Programming Api

    2. Enter the Product ID (certificate number) provided with the product into the Product ID fields. Contact the AMX Sales department with both the product serial number (or certificate number) and the serial number of target Master to register your product and in turn receive the necessary Key information (typically 32 to 36 digits in length) which is then entered into the Key fields on this page.

  • Page 73: Removing A License

    FIG. 45 Manage License - Add a License page Example: AMX Meeting Manager and i!-Voting applications are examples of products that require both a Product serial number and a Master-specific key prior to usage. 4. Press the Accept button to save the information. If there are no errors with the information on this page, a “Key successfully added for Product ID XXXX”...

  • Page 74: System - Manage Netlinx

    WebConsole - System Options System - Manage NetLinx The Manage NetLinx tab displays a list of NetLinx device connected to the Master, and indicates device status (FIG. 46). FIG. 46 System - Manage NetLinx tab The table on this page consists of five columns: NetLinx Device Details Column Description...
  • Page 75 NetLinx Device Details (Cont.) Column Description Indicates the Master or device state: Status: • This Master: Indicates its the target Master currently being used and being browsed to. Its this Master’s web pages which are currently being viewed. • Orphan: Indicates that the device is currently not yet “bound” or assigned to communicate with a particular Master.

  • Page 76: System - Manage Devices

    WebConsole - System Options System - Manage Devices The Manage Devices tab (FIG. 47) contains links to several different device-related pages, as described in the following subsections: FIG. 47 System - Manage Devices (Details for Additional Devices) Manage Devices - Device Options Click the Device Options link (in the Manage Devices tab) to access the Details for Additional Devices page (FIG.

  • Page 77: Managing Device Modules

    This selection is a one-time occurrence - upon the next reboot, the selec- tion is cleared. This option toggles the capability of searching the Internet (either AMX's site or a device specified site) for a device’s compatible Duet modules. This capability is automatically disabled if the Master does not have Inter- net connectivity.

  • Page 78: Manage Devices - Bindings

    WebConsole - System Options Any corresponding module within the /bound directory will not be deleted. Bound modules must be deleted via the Purge Bound Modules on Reset selection described within the Configure Device Bindings section. To browse for a Module file and then upload it to the Master: 1.

  • Page 79: Configuring Application-Defined Devices

    Configuring Application-Defined Devices Elements such as DUET_DEV_TYPE_DISC_DEVICE NetLinx.axi file. The NetLinx.axi file contains both the new API definitions, as well as the pre-defined constants that are used as some of the API arguments (ex: Physical device names are typically prefixed with "dv" and Virtual device names are typically prefixed with "vdv".

  • Page 80: Application Devices And Association Status

    WebConsole - System Options FIG. 49 Manage Device Bindings page - showing the NetLinx code relation This code gives the Master a “heads-up” notification to look for those devices meeting the criteria outlined within the code. Application Devices and Association Status There are two types of application devices: Static Bound application devices and Dynamic application devices: Static Bound application devices specify both a Duet virtual device and its associated Device...

  • Page 81: Viewing Physical Device Properties

    Each entry in the table has one of four buttons to the right of the Physical Device D:P:S assignment: Static Bound application devices will either be blank, or display a Release button: Static Bound application devices that have not yet detected a physical device attached to their associated port have a blank button.

  • Page 82: Manage Devices - User-Defined Devices

    WebConsole - System Options FIG. 50 Manage Device Bindings - Device Properties pop-up Manage Devices - User-Defined Devices Click the User-Defined Devices link (in the Manage Devices tab) to access the User-Defined Devices page (FIG. 51). This page provides a listing with all of the dynamic devices that have been discovered in the system, and allows you to add and delete User-Defined Devices.
  • Page 83 FIG. 52 User-Defined Devices - Add User Defined Device 2. Fill in the device information fields, as described in the following table: User-Defined Device Information Fields Address: Enter the address of the physical device in the Address field. This information can be either the NetLinx Master port value (D:P:S) or an IP Address (#.#.#.#). Category: Use the drop-down list to select the control method associated with the physical target device (IR, IP, Serial, Relay, Other).

  • Page 84: Manage Devices - View All Active Devices

    WebConsole - System Options SDK-Class Types Amplifier AudioConferencer AudioMixer AudioProcessor AudioTape AudioTunerDevice Camera Digital Media Decoder Digital Media Encoder Digital Media Server Digital Satellite System Digital Video Recorder Disc Device DocumentCamera 3. Once you are done creating the profile for the new device, click the Add Property button to access the Name and Value fields property information for association with the new User Defined Device.

  • Page 85: Viewing Physical Device Properties

    Devices page (see the Manage Devices - Device Options section on page 68), the search includes a query of the AMX online database as well as any manufacturer specified URLs that match the IP Address of the physical device for a compatible module.

  • Page 86: Manage Devices - Manage Polled Ports

    WebConsole - System Options Manage Devices - Manage Polled Ports Click the Polled Ports link (in the Manage Devices tab) to access the Manage Polled Ports page (FIG. 55). The options on this page allow you to view/modify settings for all polled ports in the System. FIG.
  • Page 87 FIG. 56 Manage Polled Ports - Edit Port Settings Use the drop-down menus to modify the Port settings. Click Reset to Default Settings to return this port to its default configuration: Default Port Settings Baud Rate: 9600 Data Bits: Parity: None Stop Bits: Flow Control None...
  • Page 88 WebConsole - System Options NI Series WebConsole & Programming Guide...

  • Page 89: Programming

    DEFINE_DEVICE section of your program to work correctly. Refer to the NetLinx Programming Language instruction manual for specifics about declarations and DEFINE_DEVICE information. Port Assignments By NI Model Port Assignments By NI Model NI Model NI-700 NI-900 NI-2000 NI-3000 NI-4000 NI-2100 NI-3100 NI-4100 NI-3101-SIG Master Send_Commands These commands are specific to the Master and not the Controller.
  • Page 90 Programming Master Send_Commands (Cont.) Command G4WC Add G4WebControl devices to Web control list displayed by the Web server in a browser. ~IGNOREEXTERNAL- CLOCKCOMMANDS Set the Master so that it cannot have it’s time set by another device which generates a ‘CLOCK’ command.

  • Page 91: Master Ip Local Port Send_Commands

    Master IP Local Port Send_Commands These commands are specific to the Master and not the Controller. These commands are sent to the DPS 0:1:0 (the Master). A device must first be defined in the NetLinx programming language with values for the Device: Port: System.

  • Page 92: Led Disable/Enable Send_Commands

    Programming LED Disable/Enable Send_Commands The following sections only apply to the integrated controller component of the NIs. The following commands enable or disable the LEDs on the Integrated Controller. In the examples: <DEV> = Port 1 of the device. Sending to port 1 of the NI-700 (affects all ports). LED Send_Commands Command LED-DIS...
  • Page 93 RS-232/422/485 Send_Commands (Cont.) Command B9MON Override and set the current communication settings and parameters on the RS-232 serial port to 9 data bits with one stop bit. CHARD Set the delay time between all transmitted characters to the value specified (in 100 Microsecond increments).
  • Page 94 Programming RS-232/422/485 Send_Commands (Cont.) Command HSOFF Disable hardware handshak- ing (default). HSON Enable RTS (ready-to-send) and CTS (clear-to-send) hardware handshaking. RXCLR Clear all characters in the receive buffer waiting to be sent to the Master. RXOFF Disable the transmission of incoming received charac- ters to the Master (default).
  • Page 95 RS-232/422/485 Send_Commands (Cont.) Command TSET BAUD Temporarily set the RS-232/ 422/485 port's communication parameters for a device. TXCLR Stop and clear all characters waiting in the transmit out buffer and stops transmis- sion. XOFF Disable software handshaking (default). Enable software handshaking.

  • Page 96: Rs-232/422/485 Send_String Escape Sequences

    Programming RS-232/422/485 Send_String Escape Sequences This device also has some special SEND_STRING escape sequences: If any of the 3 character combinations below are found anywhere within a SEND_STRING program instruction, they will be treated as a command and not the literal characters. In these examples: <DEV>...

  • Page 97: Ir / Serial Ports Channels

    IR / Serial Ports Channels IR / Serial Ports Channels CHANNELS: Description 00001 - 00229 IR commands. 00229 - 00253 May be used for system call feedback. 00254 Power Fail. (Used w/ 'PON' and 'POF' commands). 00255 Power status. (Shadows I/O Link channel status). 00256 - 65000 IR commands.
  • Page 98 Programming IR/Serial Send_Commands (Cont.) Command Send IR pulses for the selected channel. Halt and Clear all active or buffered IR commands, and then send a single IR pulse. CTOF Set the duration of the Off time (no signal) between IR pulses for channel and IR function transmissions.
  • Page 99 IR/Serial Send_Commands (Cont.) Command GET BAUD Get the IR port’s current DATA mode communication parameters. GET MODE Poll the IR/Serial port's configuration parameters and report the active mode settings to the device requesting the information. IROFF Halt and Clear all active or buffered IR commands being output on the designated port.
  • Page 100 Programming IR/Serial Send_Commands (Cont.) Command Turn On a device connected to an IR port based on the status of the corresponding I/O Link input. PON (Cont.) PTOF Set the time duration between power pulses in .10-second increments. PTON Set the time duration of the power pulses in .10-second increments Description...
  • Page 101 IR/Serial Send_Commands (Cont.) Command SET BAUD Set the IR port's DATA mode communication parameters. SET IO LINK Link an IR or Serial port to a selected I/O channel for use with the 'DE', 'POD', 'PON', and 'POF' commands. SET MODE Set the IR/Serial ports for IR or Serial-controlled devices.
  • Page 102 Programming IR/Serial Send_Commands (Cont.) Command Transmit the selected chan- nel IR codes in the format/ pattern set by the 'XCHM' send command. XCHM Changes the IR output pat- tern for the 'XCH' send command. Description Syntax: SEND_COMMAND <DEV>,"'XCH <channel>'" Variable: channel = 0 - 999.

  • Page 103: Input/Output Send_Commands

    Input/Output Send_Commands The following Send_Commands program the I/O ports on the Integrated Controller. I/O ports: Port 4 (NI-700). Channels: 1 - 8 I/O channels. I/O Send Commands Command GET INPUT Get the active state for the selected channels. SET INPUT Set the input channel's active state.
  • Page 104 Programming NI Series WebConsole & Programming Guide...

  • Page 105: Terminal (Program Port/Telnet) Commands

    Terminal (Program Port/Telnet) Commands Overview There are two types of terminal communications available on NetLinx Integrated Controllers: Program Port - The "Program" port is a RS232 port located on the rear panel of the Master that allows terminal communication with the Master. This type of terminal communication requires that you are physically connected to the Master to access the configuration options and commands supported.

  • Page 106: Pc Com Port Communication Settings

    4. Press Enter. Unless Telnet security is enabled, a session will begin with a welcome banner: Welcome to NetLinx vX.XX.XXX Copyright AMX Corp. 1999-2006 > If Telnet security is enabled, type in the word login to be prompted for a Username and Password before gaining access to the Master.

  • Page 107: Terminal Commands

    Login: User1 Password: ***** Login not authorized. Please try again. After a delay, another login prompt will be displayed to allow you to try again. If after 5 prompts, the login information is not entered correctly, the following message will be displayed and the connection closed: Login not allowed.
  • Page 108 Displays the DNS configuration of a specific device including: • Domain suffix· • Configured DNS IP Information Example: >DNS LIST [0:1:0] Domain suffix:amx.com The following DNS IPs are configured Entry 1-192.168.20.5 Entry 2-12.18.110.8 Entry 3-12.18.110.7 Enables/Disables echo (display) of typed characters.
  • Page 109 Terminal Commands (Cont.) Command HELP SECURITY ICSPMON ENABLED|DISABLED [PORT] IP STATUS IPSEC ON|OFF|STATUS MSG ON|OFF MSG STATS OFF [D:P:S or NAME,CHAN] NI Series WebConsole & Programming Guide Terminal (Program Port/Telnet) Commands Description Displays security related commands. Note: This command is only available to Program Port terminal ses- sions.
  • Page 110 >PROGRAM INFO -- Program Name Info -- Module Count = 1 Name is i!-PCLinkPowerPointTest -- File Names = 2 1 = C:\Program Files\AMX Applications\i!- PCLinkPowerPoint 2 = C:\Program Files\Common Files\AMXShare\AXIs\NetLinx.axi 2 = Name is MDLPP -- File Names = 2 1 C:\AppDev\i!-PCLink-PowerPoint\i!- PCLinkPowerPointMod.axs...
  • Page 111 Terminal Commands (Cont.) Command PULSE [D:P:S or NAME,CHAN] REBOOT <D:P:S> RENEW DHCP RESETADMINPASSWORD RESET FACTORY ROUTE MODE DIRECT|NORMAL SEND_COMMAND D:P:S or NAME,COMMAND SEND_LEVEL <D:P:S>, <LEVEL ID>,<LEVEL VALUE> NI Series WebConsole & Programming Guide Terminal (Program Port/Telnet) Commands Description Pulses a specified channel on a device on and off. The device can be on any system the Master you are connected to can reach.
  • Page 112 Enter DNS Entry 2 : 12.18.110.8 Enter DNS Entry 3 : 12.18.110.7 You have entered: Domain Name: amx.com DNS Entry 1: 192.168.20.5 DNS Entry 2: 12.18.110.8 DNS Entry 3: 12.18.110.7 Is this correct? Type Y or N and Enter -> Y Settings written.
  • Page 113 Terminal Commands (Cont.) Command SET FTP PORT SET HTTP PORT SET HTTPS PORT SET ICSP PORT SET ICSP TCP TIMEOUT NI Series WebConsole & Programming Guide Terminal (Program Port/Telnet) Commands Description Enables/Disables the Master’s IP port listened to for FTP connections. Note: The Master must be rebooted to enable new settings.
  • Page 114 Terminal (Program Port/Telnet) Commands Terminal Commands (Cont.) Command SET IP <D:P:S> SET LOG COUNT SET QUEUE SIZE Description Sets the IP configuration of a specified device. Enter a Host Name, Type (DHCP or Fixed), IP Address, Subnet Mask, and Gateway IP Address. Note: For NetLinx Central Controllers, the "Host Name"...
  • Page 115 Enter Read community string: public Enter Write community string:private You have entered: Description = NetLinx VxWorks SNMPv1/v2c Agent Contact = AMX LLC Location = Richardson, TX USA Read Community = public Write Community = private Is this correct? Type Y or N and Enter->...
  • Page 116 Terminal (Program Port/Telnet) Commands Terminal Commands (Cont.) Command SET THRESHOLD SET TIME SET TIMELINE LOOPCNT SET UDP BC RATE Description Sets the Master's internal message thresholds. This command will set the thresholds of when particular tasks are pended. The threshold is the number of messages queued before a task is pended.
  • Page 117 Displays a list of devices present on the bus, with their device attributes. Example: >SHOW DEVICE [0:1:0] Local devices for system #1 (This System) ------------------------------------------------------------------- --------- Device (ID)Model (ID)Mfg 00000 (00256)NXC-ME260/64M (00001)AMX Corp. v3.00.312 (PID=0:OID=0) Serial=0,0,0,0,0,0,0,0,0,0,0,0, Physical Address=NeuronID 000531589201 (00256)vxWorks Image (00001) v3.00.312 (PID=0:OID=1) Serial=N/A (00256)BootROM (00001) v3.00.312...
  • Page 118 Terminal (Program Port/Telnet) Commands Terminal Commands (Cont.) Command SHOW LOG SHOW MAX BUFFERS SHOW MEM Description Displays the log of messages stored in the Master's memory. The Master logs all internal messages and keeps the most recent messages. The log contains:· •...
  • Page 119 Terminal Commands (Cont.) Command SHOW NOTIFY SHOW REMOTE SHOW ROUTE NI Series WebConsole & Programming Guide Terminal (Program Port/Telnet) Commands Description Displays the Notify Device List (Master-Master). This is a list of devices (up to 1000) that other systems have requested input from and the types of information needed.
  • Page 120 (00256)vxWorks Image (00001) v2.00.77 (PID=0:OID=1) Serial=N/A (00256)BootROM (00001) v2.00.76 (PID=0:OID=2) Serial=N/A (00256)AXlink I/F uContr(00001) (PID=0:OID=3) Serial=0000000000000000 00096 (00192)VOLUME 3 CONTROL BO(00001)AMX Corp. v2.10 (PID=0:OID=0) Serial=0000000000000000 Physical Address=Axlink 00128 (00188)COLOR LCD TOUCH PAN(00001)AMX Corp. v5.01d (PID=0:OID=0) Serial=0000000000000000 Physical Address=Axlink 05001 (00257)NXI Download (00001)AMX Corp.

  • Page 121: Esc Pass Codes

    ESC Pass Codes There are 'escape' codes in the pass mode. These codes can switch the display mode or exit pass mode. The following 'escape' codes are defined. Escape Pass Codes Command + + ESC ESC + + ESC A + + ESC D + + ESC H Accessing the Security Configuration Options...
  • Page 122 Terminal (Program Port/Telnet) Commands >setup security --- These commands apply to the Security Manager and Database ---- 1) Set system security options for NetLinx Master 2) Display system security options for NetLinx Master 3) Add user 4) Edit user 5) Delete user 6) Show the list of authorized users 7) Add group 8) Edit group...

  • Page 123: Setup Security Menu

    Setup Security Menu The Setup Security menu is described below: Setup Security Menu Command 1) Set system security options for NetLinx Master See the Security Options Menu section on page 116 for descriptions of each menu item. 2) Display system security options for NetLinx Master 3) Add user 4) Edit user...

  • Page 124: Security Options Menu

    Master’s security parameters. This selection enables/disables security of ICSP data being trans- mitted between the target Master and external AMX components (software and hardware such as TPD4 and a Modero Touch Panel). This selection enables/disables the need to require encryption of the ICSP communicated data.

  • Page 125: Edit User Menu

    Edit User Menu The Edit User Menu is accessed whenever you enter the Add user, or Edit user selections from the Setup Security menu. The Edit User Menu options are described in the following table: Edit User Menu Command 1) Change User Password 2) Change Inherits From Group 3) Add Directory Association 4) Delete Directory Association This selection will display any current directory associations...

  • Page 126: Access Rights Menu

    This selection enables/disables the need to require encryption of the ICSP communicated data. If enabled: - All communicating AMX components must authenticate with a valid username and password before beginning communication with the Master. - All communication must be encrypted.

  • Page 127: Edit Group Menu: Add Directory Association

    Edit Group Menu: Add Directory Association 1. At the Edit Group prompt, type 1 to add a new directory association. A Directory Association is a path that defines the directories and/or files that a particular user or group can access via the HTTP (Web) Server on the NetLinx Master. This character string can range from 1 to 128 alpha-numeric characters.

  • Page 128: Default Security Configuration

    Terminal (Program Port/Telnet) Commands Default Security Configuration By default, the NetLinx Master will create the following accounts, access rights, directory associations, and security options. Account 1: Password: Group: Rights: Directory Association: /* Account 2: Password: Group: Rights: Directory Association: none Group 1: Rights: Directory Association: /*...

  • Page 129: Telnet Diagnostics Commands

    Master. This option may be useful in cases where a remote Master is indicating a continuous loss of memory. With Heap Watch enabled, AMX Technical Support may be able to track exactly which task is losing the memory.

  • Page 130: Notes On Specific Telnet/Terminal Clients

    Terminal (Program Port/Telnet) Commands Notes on Specific Telnet/Terminal Clients Telnet and terminal clients will have different behaviors in some situations. This section states some of the known anomalies. Windows Client Programs Anomalies occur when using a Windows client if you are not typing standard ASCII characters (i.e. using the keypad and the ALT key to enter decimal codes).

  • Page 131: Appendix A: Ipsec Configuration File

    The IPSec Configuration file is loaded onto the Master via the Master’s Web interface under Security->IPSec Security Settings. The following are the list of configuration lines supported by the AMX IPSec Configuration file. NI Series WebConsole & Programming Guide Appendix A: IPSec Configuration File...

  • Page 132: Internet Key Exchange (Ike)

    Appendix A: IPSec Configuration File Internet Key Exchange (IKE) ikeAddPeerAuth ikeAddPeerAuth NAME ikeAddPeerAuth – add a peer's authentication information SYNOPSIS ikeAddPeerAuth=configString DESCRIPTION This rule is used to specify IKE authentication information between the host and a peer. This rule may be called multiple times to define a set of peers with which the host will conduct IKE negotiations.
  • Page 133 Config String peerIpAddress,interfaceIpAddress,proposalName,authenticationMethod, Format authenticationInfo Pre-defined The following are proposal names already defined inside the AMX Firmware and available for proposal use in the ikeAddPeerAuth configuration: names mm_g2=mm_3des_sha,mm_3des_md5,mm_des_sha,mm_des_md5 Attributes: DHGROUP=G2, LIFETIME=28800 sec mm_g1=mm_3des_sha,mm_3des_md5,mm_des_sha,mm_des_md5\n" Attributes: DHGROUP=G1, LIFETIME=28800 sec mm_prop1= mm_des_md5 Additional IKE proposals and attributes can be created with the next two API’s.

  • Page 134: Ikesetprop

    Appendix A: IPSec Configuration File ikeSetProp ikeSetProp NAME ikeSetProp – create a Phase 1 proposal SYNOPSIS ikeSetProp=configString DESCRIPTION This rule creates a Phase 1 proposal with previously defined Phase 1 transform names. Rule Value: configString A string formatted as follows: proposalName,transformName,[transformName][,transformName]...

  • Page 135: Ikesetpropattrib

    ikeSetPropAttrib ikeSetPropAttrib NAME ikeSetPropAttrib – set attributes of an IKE Phase 1 proposal SYNOPSIS ikeSetPropAttrib=configString DESCRIPTION This rule sets the attributes for a previously defined IKE Phase 1 proposal. Rule Value: configString A string formatted as follows: proposalName,attributeType,attributeValue,[attributeType,attributeV alue]... proposalName is the name of an existing Phase 1 proposal. Valid attribute type/value pairs are shown in the following table: Attribute Type...

  • Page 136: Security Policy Database (Spd)

    Appendix A: IPSec Configuration File Security Policy Database (SPD) spdAddTransport spdAddTransport NAME spdAddTransport – add a transport mode policy SYNOPSIS spdAddTransport=pConfStr DESCRIPTION This rule adds a transport mode policy. Rule Value: pConfStr A stringValue specifier formatted as follows: protocolSelector[/destinationPort/sourcePort], destinationAddressSelector,sourceAddressSelector,directionality, useSelectors,keyManager,saProposalName where: - protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP).

  • Page 137: Spdaddtunnel

    SpdAddTunnel SpdAddTunnel NAME spdAddTunnel– create a tunnel mode policy in the SPD SYNOPSIS spdAddTunnel=pConfStr DESCRIPTION This rule creates a tunnel mode policy in the SPD. Rule Value: pConfStr A stringValue specifier formatted as follows: protocolSelector[/destinationPort/sourcePort], destinationAddressSelector, sourceAddressSelector,directionality, useSelectors,keyManager,saProposalName, tunnelEndpointAddress where: - protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP).

  • Page 138: Spdaddbypass

    Appendix A: IPSec Configuration File SpdAddBypass SpdAddBypass NAME spdAddBypass– create a bypass policy in the SPD SYNOPSIS spdAddBypass=pConfStr DESCRIPTION This rule creates a bypass policy in the SPD. Rule Value: pConfStr A stringValue specifier formatted as follows: protocolSelector[/destinationPort/sourcePort], destinationAddressSelector, sourceAddressSelector, directionality,mirroring where - protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP).

  • Page 139: Spdadddiscard

    SpdAddDiscard SpdAddDiscard NAME spdAddDiscard – create a discard policy in the SPD SYNOPSIS spdAddDiscard=pConfStr DESCRIPTION This rule creates a discard policy in the SPD. Rule Value: pConfStr A stringValue specifier formatted as follows: protocolSelector[/destinationPort/sourcePort], destinationAddressSelector, sourceAddressSelector, directionality,mirroring where - protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP). - destinationPort is a decValue port number or ANY.

  • Page 140: Spdsetprop

    - transformName is the name of an existing Phase 2 transform. You can specify up to eight transform names. EXAMPLES spdSetProp=proposal_foo,ah_xform Config String proposalName,transformName,[,transformName…] Format Pre-defined The following are Phase II proposal names already defined inside the AMX Firmware and proposal available for use. names ah_g1_transport=ah_sha,ah_md5 Attributes: DHGROUP=G1, ENCAP=TRANSPORT...
  • Page 141 SpdSetProp (Cont.) esp_g1_transport=esp_3des_sha,esp_3des_md5,esp_3des,esp_des_sha,esp_des_md5, esp_des,esp_null_sha,esp_null_md5 Attributes: DHGROUP=G1 ENCAP=TRANSPORT HARDLIFETIME=1800 SOFTLIFETIME,1500 esp_g2_transport=esp_3des_sha,esp_3des_md5,esp_3des,esp_des_sha,esp_des_md5, esp_des,esp_null_sha,esp_null_md5 Attributes= DHGROUP=G2 ENCAP=TRANSPORT HARDLIFETIME=1800 SOFTLIFETIME=1500 esp_g1_tunnel=esp_3des_sha,esp_3des_md5,esp_3des,esp_des_sha,esp_des_md5,esp_ des,esp_null_sha,esp_null_md5 Attributes = DHGROUP=G1 ENCAP=TUNNEL HARDLIFETIME=1800 SOFTLIFETIME=1500 esp_g2_tunnel=esp_3des_sha,esp_3des_md5,esp_3des,esp_des_sha,esp_des_md5,esp_ des,esp_null_sha,esp_null_md5 Attributes= DHGROUP=G2 ENCAP=TUNNEL HARDLIFETIME=1800 SOFTLIFETIME=1500 Pre-defined AH Transforms Phase II ah_sha=AH_SHA transform ah_sha2_256=AH_SHA2-256 names ah_sha2_384=AH_SHA2-384 ah_sha2_512=AH_SHA2-512 ah_md5=AH_MD5...
  • Page 142 Appendix A: IPSec Configuration File SpdSetProp (Cont.) esp_des_sha=ESP_DES,SHA esp_des_md5=ESP_DES,MD5 esp_des_hmac_sha=ESP_DES,HMAC-SHA esp_des_hmac_sha2_256=ESP_DES,HMAC-SHA2-256 esp_des_hmac_sha2_384=ESP_DES,HMAC-SHA2-384 esp_des_hmac_sha2_512=ESP_DES,HMAC-SHA2-512 esp_des_hmac_ripemd=ESP_DES,HMAC-RIPEMD esp_des_aes=ESP_DES,AES-XCBC-MAC esp_des_hmac_md5=ESP_DES,HMAC-MD5 esp_des=ESP_DES esp_aes_cbc_sha=ESP_AES-CBC,SHA esp_aes_cbc_md5=ESP_AES-CBC,MD5 esp_aes_cbc_hmac_sha=ESP_AES-CBC,HMAC-SHA esp_aes_cbc_hmac_sha2_256=ESP_AES-CBC,HMAC-SHA2-256 esp_aes_cbc_hmac_sha2_384=ESP_AES-CBC,HMAC-SHA2-384 esp_aes_cbc_hmac_sha2_512=ESP_AES-CBC,HMAC-SHA2-512 esp_aes_cbc_hmac_ripemd=ESP_AES-CBC,HMAC-RIPEMD esp_aes_cbc_aes=ESP_AES-CBC,AES-XCBC-MAC esp_aes_cbc_hmac_md5=ESP_AES-CBC,HMAC-MD5 esp_aes_cbc=ESP_AES-CBC esp_aes_cbc_192_sha=ESP_AES-CBC,KEY_LENGTH,192,SHA esp_aes_cbc_192_md5=ESP_AES-CBC,KEY_LENGTH,192,MD5 esp_aes_cbc_192_hmac_sha=ESP_AES-CBC,KEY_LENGTH,192,HMAC-SHA esp_aes_cbc_192_hmac_sha2_256=ESP_AES-CBC,KEY_LENGTH,192,HMAC-SHA2-256 esp_aes_cbc_192_hmac_sha2_384=ESP_AES-CBC,KEY_LENGTH,192,HMAC-SHA2-384 esp_aes_cbc_192_hmac_sha2_512=ESP_AES-CBC,KEY_LENGTH,192,HMAC-SHA2-512 esp_aes_cbc_192_hmac_ripemd=ESP_AES-CBC,KEY_LENGTH,192,HMAC-RIPEMD esp_aes_cbc_192_aes=ESP_AES-CBC,KEY_LENGTH,192,AES-XCBC-MAC esp_aes_cbc_192_hmac_md5=ESP_AES-CBC,KEY_LENGTH,192,HMAC-MD5 esp_aes_cbc_192=ESP_AES-CBC,KEY_LENGTH,192 esp_aes_cbc_256_sha=ESP_AES-CBC,KEY_LENGTH,256,SHA esp_aes_cbc_256_md5=ESP_AES-CBC,KEY_LENGTH,256,MD5 esp_aes_cbc_256_hmac_sha=ESP_AES-CBC,KEY_LENGTH,256,HMAC-SHA esp_aes_cbc_256_hmac_sha2_256=ESP_AES-CBC,KEY_LENGTH,256,HMAC-SHA2-256 esp_aes_cbc_256_hmac_sha2_384=ESP_AES-CBC,KEY_LENGTH,256,HMAC-SHA2-384 esp_aes_cbc_256_hmac_sha2_512=ESP_AES-CBC,KEY_LENGTH,256,HMAC-SHA2-512...
  • Page 143 Appendix A: IPSec Configuration File SpdSetProp (Cont.) esp_aes_ctr_192_sha=ESP_AES-CTR,KEY_LENGTH,192,SHA esp_aes_ctr_192_hmac_sha=ESP_AES-CTR,KEY_LENGTH,192,HMAC-SHA esp_aes_ctr_192_hmac_sha2_256=ESP_AES-CTR,KEY_LENGTH,192,HMAC-SHA2-256 esp_aes_ctr_192_hmac_sha2_384=ESP_AES-CTR,KEY_LENGTH,192,HMAC-SHA2-384 esp_aes_ctr_192_hmac_sha2_512=ESP_AES-CTR,KEY_LENGTH,192,HMAC-SHA2-512 esp_aes_ctr_192_hmac_ripemd=ESP_AES-CTR,KEY_LENGTH,192,HMAC-RIPEMD esp_aes_ctr_192_aes=ESP_AES-CTR,KEY_LENGTH,192,AES-XCBC-MAC esp_aes_ctr_192_hmac_md5=ESP_AES-CTR,KEY_LENGTH,192,HMAC-MD5 esp_aes_ctr_192_md5=ESP_AES-CTR,KEY_LENGTH,192,MD5 esp_aes_ctr_256_sha=ESP_AES-CTR,KEY_LENGTH,256,SHA esp_aes_ctr_256_hmac_sha=ESP_AES-CTR,KEY_LENGTH,256,HMAC-SHA esp_aes_ctr_256_hmac_sha2_256=ESP_AES-CTR,KEY_LENGTH,256,HMAC-SHA2-256 esp_aes_ctr_256_hmac_sha2_384=ESP_AES-CTR,KEY_LENGTH,256,HMAC-SHA2-384 esp_aes_ctr_256_hmac_sha2_512=ESP_AES-CTR,KEY_LENGTH,256,HMAC-SHA2-512 esp_aes_ctr_256_hmac_ripemd=ESP_AES-CTR,KEY_LENGTH,256,HMAC-RIPEMD esp_aes_ctr_256_aes=ESP_AES-CTR,KEY_LENGTH,256,AES-XCBC-MAC esp_aes_ctr_256_hmac_md5=ESP_AES-CTR,KEY_LENGTH,256,HMAC-MD5 esp_aes_ctr_256_md5=ESP_AES-CTR,KEY_LENGTH,256,MD5 esp_null_sha=ESP_NULL,SHA esp_null_hmac_sha=ESP_NULL,HMAC-SHA esp_null_hmac_sha2_256=ESP_NULL,HMAC-SHA2-256 esp_null_hmac_sha2_384=ESP_NULL,HMAC-SHA2-384 esp_null_hmac_sha2_512=ESP_NULL,HMAC-SHA2-512 esp_null_hmac_ripemd=ESP_NULL,HMAC-RIPEMD esp_null_aes=ESP_NULL,AES-XCBC-MAC esp_null_hmac_md5=ESP_NULL,HMAC-MD5 esp_null_md5=ESP_NULL,MD5 NI Series WebConsole & Programming Guide...

  • Page 144: Spdsetpropattrib

    Appendix A: IPSec Configuration File SpdSetPropAttrib SpdSetPropAttrib NAME spdSetPropAttrib– set attributes of an IKE Phase 2 proposal SYNOPSIS spdSetPropAttrib=pConfStr DESCRIPTION This rule sets or modifies the attributes of an existing IKE Phase 2 proposal. Rule Value: pConfStr A stringValue specifier formatted as follows: proposalName,attributeType,attributeValue[,attributeType, attributeValue...] - proposalName is the name of an existing Phase 2 proposal.

  • Page 145: Spdsetsa

    EXAMPLES spdSetSA=qm_sa_default,esp_tunnel,1,ah_tunnel,1,esp_tunnel_A,2, esP_tunnel_B,3 spdSetSA=qm_sa_default,esp_transport,1,ah_transport,1 spdSetSA=qm_sa_default,esp_tunnel,1,ah_tunnel,2 Config String saName, proposalName,proposalNumber[,proposalName,proposalNumber…] Format Pre-defined The following are Phase II SA proposal names already defined inside the AMX Firmware and Security available for use. Association qm_sa_g1_transport=esp_g1_transport,1,ah_g1_transport,2 (SA) proposal names qm_sa_g2_transport=esp_g2_transport,1,ah_g2_transport,2 qm_sa_g1_tunnel=esp_g1_tunnel,1,ah_g1_tunnel,2 qm_sa_g2_tunnel=esp_g2_tunnel,1,ah_g2_tunnel,2 NI Series WebConsole &...

  • Page 146: Manual Key Manager (Mkm)

    Appendix A: IPSec Configuration File Manual Key Manager (MKM) mkmAddBypass mkmAddBypass NAME mkmAddBypass – add a bypass Security Association SYNOPSIS mkmAddBypass=cptr_mkm_sa DESCRIPTION This rule adds a bypass Security Association (SA). After adding an SA, mkmCommit must be called to commit the SA to the Security Association Database (SADB). Rule Value: cptr_mkm_sa A string formatted as follows:...

  • Page 147: Mkmadddiscard

    mkmAddDiscard mkmAddDiscard NAME mkmAddDiscard – add a discard Security Association SYNOPSIS mkmAddDiscard=cptr_mkm_sa DESCRIPTION This rule adds a discard Security Association (SA). After adding an SA, mkmCommit must be called to commit the SA to the Security Association Database (SADB). Rule Value: cptr_mkm_sa A string formatted as follows: saNumber...

  • Page 148: Mkmaddtransport

    Appendix A: IPSec Configuration File mkmAddTransport mkmAddTransport NAME mkmAddTransport – add a transport mode Security Association SYNOPSIS mkmAddTransport=cptr_mkm_sa DESCRIPTION This rule adds a transport mode Security Association (SA). After adding an SA and setting the associated transform ID and keys, mkmCommit must be called to commit the SA to the Secu- rity Association Database (SADB).

  • Page 149: Mkmaddtunnel

    mkmAddTunnel mkmAddTunnel NAME mkmAddTunnel – add a tunnel mode Security Association SYNOPSIS mkmAddTunnel=cptr_mkm_sa DESCRIPTION This rule adds a tunnel mode Security Association (SA). After adding an SA and setting the associated transform ID and keys, mkmCommit must be called to commit the SA to the Secu- rity Association Database (SADB).

  • Page 150: Mkmsetinboundah

    Appendix A: IPSec Configuration File mkmSetInboundAH mkmSetInboundAH NAME mkmSetInboundAH – set the transform ID and key for an inbound AH SA SYNOPSIS mkmSetInboundAH=cptr_value_string DESCRIPTION This rule sets the transform ID and key for an inbound AH SA. Rule Value: cptr_value_string A string formatted as follows: saNumber,spi,ahTransformID,key where...

  • Page 151: Mkmsetinboundesp

    mkmSetInboundESP mkmSetInboundESP NAME mkmSetInboundESP – set the transform ID and key for an inbound ESP SA SYNOPSIS mkmSetInboundESP=configuration_string DESCRIPTION This rule sets the transform ID and key for an inbound Encapsulating Security Payload (ESP) Security Association (SA). Rule Value: configuration_string A string formatted as follows: saNumber,spi,espTransformID,attributeType,attributeValue [,attributeType,attributeValue]...

  • Page 152: Mkmsetoutboundah

    Appendix A: IPSec Configuration File mkmSetOutboundAH mkmSetOutboundAH NAME mkmSetOutboundAH – set the transform ID and key for an outbound AH SA SYNOPSIS mkmSetOutboundAH=cptr_value_string DESCRIPTION This rule sets the transform ID and key for an outbound AH SA. Rule Value: cptr_value_string A string formatted as follows: saNumber,spi,ahTransformID,key where...

  • Page 153: Mkmsetoutboundesp

    mkmSetOutboundESP mkmSetOutboundESP NAME mkmSetOutboundESP – set the transform ID and key for an outbound ESP SA SYNOPSIS mkmSetOutboundESP=configuration_string DESCRIPTION This rule sets the transform ID and key for an outbound Encapsulating Security Payload (ESP) Security Association (SA). Rule Value: configuration_string A string formatted as follows: saNumber,spi,espTransformID,attributeType,attributeValue [,attributeType,attributeValue]...

  • Page 154: Sample Ipsec Configuration File

    Appendix A: IPSec Configuration File Sample IPSec Configuration File The following is a sample IPSec configuration file: ikeAddPeerAuth=192.168.220.57,%LOCAL_ADDR%,mm_g2,RSA,new.key.pem,AMXCA, new.cert.pem ikeAddPeerAuth=192.168.220.37,%LOCAL_ADDR%,mm_g2,PSK,password spdAddTransport=ANY,192.168.220.57,%LOCAL_ADDR%,OUT,PACKET,IKE,qm_sa_g2_transport spdAddTransport=ANY,192.168.220.37,%LOCAL_ADDR%,OUT,PACKET,IKE,qm_sa_g2_transport # add bypass for IKE TCP port (500) spdAddBypass=17/500/500,192.168.220.57,%LOCAL_ADDR%,OUT,MIRRORED spdAddBypass=17/500/500,192.168.220.37,%LOCAL_ADDR%,OUT,MIRRORED # add bypass for IPSEC-ESP protocol spdAddBypass=50,192.168.220.57,%LOCAL_ADDR%,OUT,MIRRORED spdAddBypass=50,192.168.220.37,%LOCAL_ADDR%,OUT,MIRRORED # add bypass for IPSEC-AH protocol spdAddBypass=51,192.168.220.57,%LOCAL_ADDR%,OUT,MIRRORED spdAddBypass=51,192.168.220.37,%LOCAL_ADDR%,OUT,MIRRORED...

  • Page 155: Ipsec Web Configuration Interface

    IPSec Web Configuration Interface Once the IPSec Config file for a system has been created on a PC, the configuration of IPSec on a Master is accomplished via its Web interface. The following is a screen shot of the IPSec Security Settings page and descriptions of each field (FIG.
  • Page 156 Appendix A: IPSec Configuration File NI Series WebConsole & Programming Guide...

  • Page 157: Appendix B: Clock Manager Netlinx Programming Api

    Appendix B: Clock Manager NetLinx Programming API Types/Constants The NetLinx.axi file that will ship with NetLinx Studio includes the following types/constants: (*-----------------------------------------------------------------------------------*) (* Added v1.28, Clock Manager Time Offset Structure *) (*-----------------------------------------------------------------------------------*) STRUCTURE CLKMGR_TIMEOFFSET_STRUCT INTEGER HOURS; INTEGER MINUTES; INTEGER SECONDS; (*-----------------------------------------------------------------------------------*) (* Added v1.28, Clock Manager Time Server Entry Structure *) (*-----------------------------------------------------------------------------------*)

  • Page 158: Library Calls

    Appendix B: Clock Manager NetLinx Programming API Library Calls The NetLinx.axi file that ships with NetLinx Studio includes the following Clock Manager-specific library calls: NetLinx.axi - Library Calls CLKMGR_IS_NETWORK_SOURCED() CLKMGR_SET_CLK_SOURCE (CONSTANT INTEGER MODE) CLKMGR_IS_DAYLIGHTSAVINGS_ON() CLKMGR_SET_DAYLIGHTSAVINGS_MODE (CONSTANT INTEGER ONOFF) CLKMGR_GET_TIMEZONE() CLKMGR_SET_TIMEZONE (CONSTANT CHAR TIMEZONE[]) CLKMGR_GET_RESYNC_PERIOD() CLKMGR_SET_RESYNC_PERIOD...
  • Page 159 NetLinx.axi - Library Calls (Cont.) CLKMGR_GET_START_DAYLIGHTSAVINGS_RULE() CLKMGR_SET_START_DAYLIGHTSAVINGS_RULE (CONSTANT CHAR RECORD[]) NI Series WebConsole & Programming Guide Appendix B: Clock Manager NetLinx Programming API Gets a string representation of when Daylight Sav- ings is supposed to START. The Fixed-Date rules have the form: "fixed:DAY,MONTH,HH:MM:SS"...
  • Page 160 Appendix B: Clock Manager NetLinx Programming API NetLinx.axi - Library Calls (Cont.) CLKMGR_GET_END_DAYLIGHTSAVINGS_RULE() CLKMGR_SET_END_DAYLIGHTSAVINGS_RULE (CONSTANT CHAR RECORD[]) Gets a string representation of when Daylight Sav- ings is supposed to END. The Fixed-Date rules have the form: "fixed:DAY,MONTH,HH:MM:SS" with all fields as numeric except for the word "fixed". The Occurrence-Of-Day rules have the form: "occurence:OCCURENCE, DAY-OF-WEEK,MONTH,HH:MM:SS"...
  • Page 161 Terminal (Program Port/Telnet) Commands NI Series WebConsole & Programming Guide...
  • Page 162 It’s Your World - Take Control™ 3000 RESEARCH DRIVE, RICHARDSON, TX 75082 USA • 800.222.0193 • 469.624.8000 • 469-624-7153 fax • 800.932.6993 technical support • www.amx.com...

This manual is also suitable for:

Ni-2100Ni-4000Ni-4100Ni-3000Ni-700Ni-3100 ... Show all

Table of Contents