Page 1 SLC™ 8000 Advanced Console Manager User Guide Part Number 900-704-R Revision R November 2019...
Page 2: Intellectual Property
Online: www.lantronix.com/support Sales Offices For a current list of our domestic and international sales offices, go to the Lantronix web site at www.lantronix.com/about/contact. GNU General Public License Notice This product includes open source software, including software subject to the GNU General Public Licenses (“GPL”).
Page 3: Disclaimer & Revisions
Seller and user shall be noticed that this equipment is suitable for electromagnetic equipments for office work (Class A) and it can be used outside home. Changes or modifications made to this device that are not explicitly approved by Lantronix will void the user's authority to operate this device.
Page 4: Revision History
Revision History Date Rev. Comments March 2014 Preliminary release. October 2014 Initial document for firmware release 7.1.0.0. June 2015 Updated for firmware release 7.2.0.0. Changes include new operating atmosphere information and warning language in Chinese and Korean. Software changes include additions in Telnet, SSH and TCP timeout directions, number of sessions message, idle timeout message, VBUS enabling, assert DTR, run web server, added mounted column information for NFS Mounts, masked CHAP secret and DOD CHAP secret fields, USB devices in...
Page 5 Date Rev. Comments (continued) November 2019 Updated the following: Starting with release 8.0.0.0, added support for CLI commands issued from  ConsoleFlow in bulk Starting with release 8.1.0.0, added VPN interoperability and configuration.  Starting with release 8.3.0.0, newly manufactured factory default SLC units use ...
Page 6: Table Of Contents
Additional Documentation ___________________________________________________ 22 2: Introduction Features ________________________________________________________________ 23 Console Management __________________________________________________ 23 Power _______________________________________________________________ 24 Integration with Other Secure Lantronix Products _____________________________ 24 Hardware ________________________________________________________________ 24 System Features __________________________________________________________26 Protocols Supported ____________________________________________________27 Access Control ________________________________________________________ 27 Device Port Buffer _____________________________________________________27...
Page 7 Modular Expansion for I/O Module Bays ____________________________________ 40 Connecting to Network Ports _____________________________________________41 Connecting Terminals ___________________________________________________ 41 AC Input _____________________________________________________________ 42 Modem Installation _____________________________________________________43 Battery Replacement ___________________________________________________ 46 4: Quick Setup Recommendations ________________________________________________________ 50 Method #1 Using the Front Panel Display _______________________________________51 Front Panel LCD Display and Keypads _____________________________________ 51 Navigating ____________________________________________________________ 51 Entering the Settings ___________________________________________________ 53...
Page 8 Gateway _____________________________________________________________ 76 Fail-Over Settings ______________________________________________________ 76 Fail-Over Cellular Gateway Configuration ___________________________________ 77 Advanced Cellular Gateway Configuration ___________________________________ 78 Fail-Over Cellular Gateway Firmware _______________________________________78 Load Cellular Gateway Firmware Options ___________________________________ 79 Ethernet Counters _____________________________________________________79 Network Commands ____________________________________________________79 IP Filter _________________________________________________________________79 Viewing IP Filters ______________________________________________________ 80 Mapping Rulesets ______________________________________________________ 80 Enabling IP Filters _____________________________________________________80...
Page 9 Secure Lantronix Network __________________________________________________ 127 Browser Issues _______________________________________________________ 130 Troubleshooting Browser Issues _____________________________________________131 Web SSH/Telnet Copy and Paste ________________________________________132 Secure Lantronix Network Commands _____________________________________ 133 Date and Time ___________________________________________________________133 Date and Time Commands ______________________________________________135 Web Server _____________________________________________________________ 135 Admin Web Commands ________________________________________________ 137...
Page 10 Device Ports - Settings ____________________________________________________160 Device Port Settings ___________________________________________________162 IP Settings __________________________________________________________164 Data Settings ________________________________________________________ 165 Hardware Signal Triggers _______________________________________________ 166 Modem Settings (Device Ports) __________________________________________ 167 Modem Settings: Text Mode _____________________________________________168 Modem Settings: PPP Mode ____________________________________________169 Port Status and Counters _______________________________________________ 170 Device Ports - Power Management _______________________________________170 Device Ports - RPMs - Add Device ________________________________________173 Device Port - Sensorsoft Device __________________________________________ 175...
Page 11 Primary Commands ___________________________________________________201 Secondary Commands _________________________________________________ 203 Control Flow Commands _______________________________________________ 204 Custom Script Syntax __________________________________________________ 205 Example Scripts ______________________________________________________ 206 Sites __________________________________________________________________222 Site Commands ______________________________________________________ 225 Modem Dialing States _____________________________________________________225 Dial In ______________________________________________________________ 225 Dial-back ____________________________________________________________ 226 Dial-on-demand ______________________________________________________ 227 Dial-in &...
Page 12 Adding, Editing or Deleting a User ________________________________________257 Shortcut ____________________________________________________________ 261 Local Users Commands ________________________________________________ 261 Remote User Rights Commands _________________________________________ 261 NIS ___________________________________________________________________ 262 NIS Commands ______________________________________________________ 265 LDAP __________________________________________________________________265 LDAP Commands _____________________________________________________269 RADIUS ________________________________________________________________270 RADIUS Commands ___________________________________________________273 User Attributes & Permissions from LDAP Schema or RADIUS VSA _____________273 Kerberos _______________________________________________________________ 274 Kerberos Commands __________________________________________________ 277 TACACS+ ______________________________________________________________ 277...
Page 13 Audit Log _______________________________________________________________ 304 Audit Log Commands __________________________________________________ 305 Email Log ______________________________________________________________ 305 Logging Commands ___________________________________________________305 Diagnostics _____________________________________________________________ 306 Diagnostic Commands _________________________________________________ 309 Status/Reports __________________________________________________________309 View Report _________________________________________________________309 Status Commands ____________________________________________________311 Emailing Logs and Reports _________________________________________________ 311 Events _________________________________________________________________314 Events Commands ____________________________________________________315 LCD/Keypad ____________________________________________________________ 316 Administrative LCD/Keypad Commands ___________________________________ 317 Banners ________________________________________________________________317...
Page 14 Date and Time Commands _________________________________________________ 364 Device Commands _______________________________________________________ 365 Device Port Commands ___________________________________________________366 Diagnostic Commands ____________________________________________________370 Events Commands _______________________________________________________ 375 Group Commands ________________________________________________________ 376 Host List Commands ______________________________________________________ 377 Internal Modem Commands ________________________________________________ 378 IP Filter Commands ______________________________________________________ 379 Logging Commands ______________________________________________________ 380 Network Commands ______________________________________________________ 383 NFS and SMB/CIFS Commands _____________________________________________387...
Page 15 Rack _______________________________________________________________ 418 Port Connections _____________________________________________________418 Appendix C: Adapters and Pinouts Appendix D: Protocol Glossary Appendix E: Compliance Information RoHS, REACH and WEEE Compliance Statement ______________________________ 425 SLC™ 8000 Advanced Console Manager User Guide...
Page 16: List Of Figures
List of Figures Figure 2-1 SLC 8048 Unit (Front Side) - Part Number SLC 804812N-01-S ____________________25 Figure 2-2 SLC 8048 Unit Samples (Back Side) - Part Number SLC80482201S________________ 26 Figure 2-3 Three 16-Port USB I/O Modules Installed in Bays 1, 2, & 3 with Dual Ethernet Port____ 29 Figure 2-4 One 16-Port USB I/O Module Installed in Bay 1 with Dual Ethernet Port _____________29 Figure 2-5 One 16 RJ-45 Serial Port I/O Module (Bay 1) &...
Page 17 Figure 7-7 SSH or Telnet CLI Session _______________________________________________ 129 Figure 7-8 Disabled Port Number Popup Window ______________________________________130 Figure 7-9 Services > Secure Lantronix Network > Search Options_________________________130 Figure 7-10 Services > Date & Time ________________________________________________ 134 Figure 7-11 Services > Web Server ________________________________________________ 136...
Page 18 Figure 10-1 Devices > RPMs ______________________________________________________ 231 Figure 10-2 RPM Shutdown Order __________________________________________________ 232 Figure 10-3 RPM Notifications _____________________________________________________233 Figure 10-4 RPM Raw Data Log ____________________________________________________233 Figure 10-5 RPM Logs ___________________________________________________________234 Figure 10-6 RPM Environmental Log ________________________________________________ 234 Figure 10-7 Device Ports > RPMs - Add Device________________________________________235 Figure 10-8 RPMs - Managed Device________________________________________________ 238 Figure 10-9 RPMs - Outlets _______________________________________________________ 241 Figure 11-1 Terminal Server _______________________________________________________ 246...
Page 19 Figure 13-11 Emailed Log or Report_________________________________________________ 312 Figure 13-12 About SLC __________________________________________________________313 Figure 13-13 Maintenance > Events _________________________________________________ 314 Figure 13-14 Maintenance > LCD/Keypad ____________________________________________316 Figure 13-15 Maintenance > Banners________________________________________________ 317 Figure 14-1 SLC - Console Manager Configuration _____________________________________ 319 Figure 14-2 Remote User Connected to a SUN Server via the SLC unit _____________________319 Figure 14-3 Dial-in (Text Mode) to a Remote Device ____________________________________ 321 Figure 14-4 Local Serial Connection to Network Device via Telnet _________________________322...
Page 20: List Of Tables
List of Tables Table 2-7 Device (DCE Reversed & DTE) Port Pinout ___________________________________ 30 Table 2-9 Console (DTE) Port Pinout ________________________________________________ 30 Table 3-1 What’s in the Box ________________________________________________________ 34 Table 3-2 Optional Accessories _____________________________________________________35 Table 3-4 SLC Technical Specifications ______________________________________________36 Table 3-5 Console Port and Device Port - Reverse Pinout Disabled _________________________ 39 Table 3-6 Device Port - Reverse Pinout Enabled (Default) ________________________________ 39 Table 3-8 Available I/O Module Configurations _________________________________________ 41...
Page 21: 1: About This Guide
About this Guide Purpose and Audience This guide provides the information needed to install, configure, and use the Lantronix SLC™ 8000 advanced console manager. The SLC unit is for IT professionals who must remotely and securely configure and administer servers, routers, switches, telephone equipment, or other devices equipped with a serial port for facilities that are typically remote branch offices or “distributed”...
Page 22: Additional Documentation
Glossary Appendix E: Compliance Provides information about the SLC 8000 advanced console manager’s Information compliance with industry standards. Additional Documentation Visit the Lantronix Web site at www.lantronix.com/support/documentation for the latest documentation and the following additional documentation. Document Description SLC 8000 Advanced Console Manager...
Page 23: 2: Introduction
Introduction The SLC 8000 advanced console manager enables IT system administrators to manage remote servers and IT infrastructure equipment securely over the Internet. IT equipment can be configured, administered, and managed in a variety of ways, but most devices have one of two methods in common: via USB port and/or via an RS-232 serial port, sometimes called a console, auxiliary, or management port.
Page 24: Power
RS-232C (EIA-232) device ports. The serial RJ45 ports match the RJ45 pin- outs of the console ports of many popular devices found in a network environment, and where different can be converted using Lantronix adapters. Up to three 16-port USB I/O modules can be installed to provide a maximum of forty- eight USB I/O device ports.
Page 25: Figure 2-1 Slc 8048 Unit (Front Side) - Part Number Slc 804812N-01-S
One Secure Digital (SD) memory card slot (SD card provided by the user) One RJ11 modem port on the front panel Note: Use of the RJ11 modem port requires installation of an optional modem card (Lantronix part number 56KINTMODEM-01) - see Modem Installation on page LCD display and keypad 256 KB-per-port buffer memory for serial device ports ...
Page 26: System Features
2: Introduction Figure 2-2 SLC 8048 Unit Samples (Back Side) - Part Number SLC80482201S Note: For the SFP modules that Lantronix resells or supports for operation with our SLC console managers, please refer to https://www.lantronix.com/products/sfp/ Dual Ethernet Port Three I/O Modular Device Port Bays...
Page 27: Protocols Supported
2: Introduction No unintentional break ever sent to attached servers (Solaris Ready)  Simultaneous access on the same port - “listen” and “direct” connect mode  Remote power manager (RPM) control of UPS and PDU devices  Local access through a dedicated front panel serial console port ...
Page 28: Device Port And Console Port Interfaces
SLC units and use your original cables and adapters, or remove any rolled cables or adapters and replace them with straight-through RJ45 cables, e.g. Ethernet patch cables. Note: RJ45 to DB9/DB25 adapters are available from Lantronix. For serial pinout information, see the Appendix C: Adapters and Pinouts on page 419.
Page 29: Figure 2-3 Three 16-Port Usb I/O Modules Installed In Bays 1, 2, & 3 With Dual Ethernet Port
2: Introduction Figure 2-3 Three 16-Port USB I/O Modules Installed in Bays 1, 2, & 3 with Dual Ethernet Port Bay 1 Bay 2 Bay 3 Figure 2-4 One 16-Port USB I/O Module Installed in Bay 1 with Dual Ethernet Port Bay 1 Bay 2 Bay 3...
Page 30: Figure 2-6 Sfp Port Leds
2: Introduction Figure 2-6 SFP Port LEDs Table 2-7 Device (DCE Reversed & DTE) Port Pinout DCE Pin DTE Pin Description RTS (output) DTR (output) TXD (output) Ground Ground RXD (input) DSR (input) CTS (input) Figure 2-8 Console Port (Front Side) Table 2-9 Console (DTE) Port Pinout DTE Pin Description...
Page 31: Network Connections
2: Introduction Network Connections The SLC 8000 network interfaces are 10/100/1000 Base-T Ethernet for use with a conventional Ethernet network as shown in 2-10. Use standard RJ45-terminated cables, like Category 5 Figure or 6 patch cable. CAT5E or better cables are recommended for 1000 Base Ethernet. Network parameters must be configured before the SLC console manager can be accessed over the network.
Page 32: Front Panel Usb Ports
2: Introduction Front Panel USB Ports The SLC 8000 unit has two 2.0 USB ports (HS, FS, LS) on the front panel, as seen in Figure 2-12. Figure 2-12 Dual USB Ports Memory Card Port The SLC unit has a memory card port on the front panel of the unit which accepts SD cards. Figure 2-13 Memory Card Port SLC™...
Page 33: Internal Modem
2: Introduction Internal Modem An internal modem can be installed in the SLC 8000 advanced console manager. See Modem for instructions. Installation on page 43 Figure 2-14 Internal Modem Location SLC™ 8000 Advanced Console Manager User Guide...
Page 34: 3: Installation
SLC 8000 Advanced Console Manager Models Part number SLC 8000 Advanced Console Manager depends on SLC Note: *Please visit https://www.lantronix.com/products/lantronix-slc-8000/#tab-order model.* view available SLC models and configurations. See Customize an SLC 8000 on page Cables 200.2070A RJ45 to DB9F Adapter 200.0062...
Page 35: Customize An Slc 8000
3: Installation Table 3-2 Optional Accessories Part Number Component Description International Power Cords: 930-077-R Power Cord, Israel, 250VAC 10A, 8FT, RoHS 930-075-R Power Cord, UK, 250VAC 10A, 8FT, RoHS 930-074-R Power Cord, European, 250VAC 10A, 8FT, RoHS User Swappable Modules FRRJ451601 16 Device Port RS-232 (RJ45) I/O Device Port Module FRUSB1601...
Page 36: Product Label
16-port USB I/O module. May be used with a USB-to-serial adapter to connect a serial device, if  needed. Please contact Lantronix for the list of tested adapters. Caution: USB ports are designed for data traffic only. They are not designed for charging or powering devices.
Page 37 3: Installation Component (continued) Description Serial Interface (Console) (1) RJ45-type 8-pin connector (DTE)  Speed software selectable (300 to 230400 baud)  LEDs:  Green light ON indicates data transmission activities  Yellow light ON indicates data receiving activities  Network Interface (2) 10/100/1000 Base-T RJ45 Ethernet with LED indicators: ...
Page 38: Physical Installation
1. Connect one end of the Cat 5 cable to the device port. 2. Connect the other end of the Cat 5 cable to an RJ45 serial console port or to other port types using a Lantronix serial console adapter. Notes: Device Port Commands to enable or disable reverse pinouts through the CLI.
Page 39: Table 3-5 Console Port And Device Port - Reverse Pinout Disabled
3: Installation Table 3-5 Console Port and Device Port - Reverse Pinout Disabled Pin Number Description RTS (output) DTR (output) TXD (output) Ground Ground RXD (input) DSR (input) CTS (input) Table 3-6 Device Port - Reverse Pinout Enabled (Default) Pin Number Description CTS (input) DSR (input)
Page 40: Modular Expansion For I/O Module Bays
3: Installation Figure 3-7 Sample Device Port Connections (Back Side) Bay 1 Bay 2 Bay 3 16-Port RJ45 16-Port RJ45 I/O Module I/O Module (Part Number (Part Number 16-Port USB FRRJ451601) FRRJ451601) I/O Module (Part Number FRUSB1601) Modular Expansion for I/O Module Bays The SLC 8000 advanced console manager, which provides 3 separate bays, supports the flexibility to change the I/O module configuration by offering a 16-port module for expansion.
Page 41: Connecting To Network Ports
9600 baud, 8 bit data, No parity, 1 stop bit with no flow control. To connect the console port to a terminal or computer with terminal emulation, Lantronix offers optional adapters that provide a connection between an RJ45 jack and a DB9 or DB25 connector.
Page 42: Ac Input
3: Installation To connect a terminal: 1. Attach the Lantronix adapter to your terminal (typically a PN 200.2066A adapter - see C-1) or your PC's serial port (use PN 200. adapter - see Figure Figure C-4). 2. Connect the Cat 5 cable to the adapter, and connect the other end to the SLC console port.
Page 43: Modem Installation
DEVICES INSIDE THE EQUIPMENT AND THE MODEM ARE ELECTROSTATIC -SENSITIVE; DO NOT HANDLE EXCEPT AT A STATIC FREE WORKPLACE. MODEM PART NUMBER Lantronix 56KINTMODEM-01 MODEM SERVICING INSTRUCTIONS You will need a medium size Phillips screw driver. 1. Turn off power to the SLC 8000 advanced console manager.
Page 44 3: Installation 3. Carefully unscrew and lift the door off with the screw driver. 4. Take note of the orientation of the modem in the photograph so that you can install a new modem correctly with the same orientation. 5. If there is a modem replacement, carefully lift the old modem out of its socket. 6.
Page 45 3: Installation 7. Make sure to have correct pin alignment. 8. Press the modem down to make sure it sits down all the way in the socket. 9. Double-check the new modem placement to make sure it is done properly. 10.
Page 46: Battery Replacement
3: Installation Battery Replacement Caution: RISK OF EXPLOSION IF BATTERY IS REPLACED BY AN INCORRECT TYPE. DISPOSE OF USED BATTERIES ACCORDING TO THE INSTRUCTIONS. Attention: II Y A DANGER D'EXPLOSION S'IL Y A REMPLACEMENT INCORRECT DE LA BATTERIE. REMPLACER UNIQUEMENT AVEC UNE BATTERIE DU MÊME TYPE OU D'UN TYPE EQUIVALENT RECOMMANDÉ...
Page 47 3: Installation Battery Replacement Instructions Warning: RISK OF ELECTRICAL SHOCKS; DISCONNECT ALL POWER AND PHONE LINE BEFORE SERVICING! You will need a medium size Phillips screw driver. 1. Turn off power to the SLC 8000 advanced console manager. 2. Locate the battery/modem door on the top of the SLC unit. 3.
Page 48 3: Installation 5. If there is a modem installed, carefully lift the modem out of its socket. 6. Use fingers to lift the battery out of the socket. Caution: DO NOT USE A METAL OBJECT TO PRY OUT THE BATTERY. IT MAY SHORT THE BATTERY AND DAMAGE THE BATTERY HOUSING.
Page 49 3: Installation b. Press the modem down to make sure it sits down all the way in the socket. 9. Double-check the battery and modem placements to make sure they are done properly. 10. Place the battery/modem door back. 11. Carefully tighten the door screw. 12.
Page 50: 4: Quick Setup
DHCP. If you have connected Eth1 to the network, and Eth1 is able to acquire an IP address, you can view this IP address on the LCD or by running the Lantronix Provisioning Manager application. If Eth1 cannot acquire an IP address, you cannot use Telnet, SSH, or the web interface to run Quick Setup.IP Address...
Page 51: Method #1 Using The Front Panel Display
4: Quick Setup Method #1 Using the Front Panel Display Before you begin, ensure that you have: Unique IP address that is valid on your network (unless automatically assigned)  Subnet mask (unless automatically assigned)  Gateway (unless automatically assigned) ...
Page 52: Table 4-3 Lcd Arrow Keypad Actions
4: Quick Setup The following table lists the SLC navigation actions, buttons, and options. Table 4-3 LCD Arrow Keypad Actions Button Action Right arrow To move to the next option (e.g., from Network Settings to Console Settings) Left arrow To return to the previous option Enter (center button) To enter edit mode Up and down arrows...
Page 53: Entering The Settings
4: Quick Setup Note: The individual screens listed from left to right in Table 4-4 Table 4-5 can be enabled or disabled for display on the SLC LCD screen. The order of appearance of the screens, if enabled, along with the elected “Home Page” may vary on the LCD screen according to configuration.
Page 54: Restoring Factory Defaults
4: Quick Setup displays. Note: If the prompt does not display, make sure you are no longer in edit mode. 11. Use the left/right arrow buttons to select Yes, and press the Enter button. 12. To review the saved settings, press the up or down arrows to step through the current settings. When you are done, the front panel returns to the clock display.
Page 55: Method #2 Quick Setup On The Web Page
4: Quick Setup Method #2 Quick Setup on the Web Page After the unit has an IP address, you can use the page to configure the remaining Quick Setup network settings. This page displays the first time you log into the SLC 8000 advanced console manager only.
Page 56: Network Settings
The host name becomes the prompt in the command line interface. Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLC 8000 advanced console manager. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLC unit...
Page 57: Date & Time Settings
4: Quick Setup Date & Time Settings Date & Time Setting Description Change Date/Time Select the checkbox to manually enter the date and time at the SLC unit’s location. Date From the drop-down lists, select the current month, day, and year. Time From the drop-down lists, select the current hour and minute.
Page 58: Method #3 Quick Setup On The Command Line Interface
If the Device ID is not set, the default sysadmin password is the last 8 characters of the serial number. Figure 4-9 Beginning of Quick Setup Script Welcome to the Lantronix SLC8000 Advanced Console Manager Model Number: SLC8032 SLC™ 8000 Advanced Console Manager User Guide...
Page 59 The host name becomes the prompt in the command line interface. Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLC unit. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLC 8000 advanced console manager attempts to resolve abcd.mydomain.com for the SMTP server.
Page 60: Figure 4-10 Quick Setup Completed In Cli
After you complete the Quick Setup script, the changes take effect immediately. Figure 4-10 Quick Setup Completed in CLI Welcome to the Lantronix SLC8000 Advanced Console Manager Model Number: SLC8032 Quick Setup will now step you through configuring a few basic settings.
Page 61: Next Step
4: Quick Setup Next Step After completing quick setup on the SLC 8000 advanced console manager, you may want to configure other settings. You can use the web page or the command line interface for configuration. For information about the web and the command line interfaces, go to Chapter 5: Web and ...
Page 62: 5: Web And Command Line Interfaces
Web and Command Line Interfaces The SLC advanced console manager offers three interfaces for configuring the SLC unit: a command line interface (CLI), a web interface, and an LCD with keypad buttons on the front panel. This chapter discusses the web and command line interfaces. Note: Chapter 4: Quick Setup on page 50 for instructions on using the LCD front...
Page 63: Figure 5-2 Sample Dashboards
5: Web and Command Line Interfaces The web page has the following components: Tabs: Groups of settings to configure.  Options: Below each tab are options for specific types of settings.  Note: Only those options for which the currently logged-in user has rights display. Figure 5-2 Sample Dashboards Dashboard ...
Page 64: Logging In
The Lantronix SLC Quick Setup page displays automatically the first time you log in. Subsequently, the Lantronix SLC Home page displays. (If you want to display the Quick Setup page again, click Quick Setup on the main menu.) Logging Out To log off the SLC web interface: 1.
Page 65: Web Page Help
5: Web and Command Line Interfaces Web Page Help To view detailed information about an SLC web page: 1. Click the Help button to the right of any Web Manager page. Online Help contents will appear in a new browser window. Command Line Interface A command line interface (CLI) is available for entering all the commands you can use with the SLC 8000 advanced console manager.
Page 66: Logging Out
5: Web and Command Line Interfaces To log in any other user: 1. Enter your SLC user name and press Enter. 2. Enter your SLC password and press Enter. Logging Out To log out of the SLC command line interface, type logout and press Enter. Command Syntax Commands have the following format: <action>...
Page 67: Table 5-3 Scs Commands
5: Web and Command Line Interfaces Should you make a mistake while typing, backspace by pressing the Backspace key and/or  the Delete key, depending on how you accessed the interface. Both keys work if you use VT100 emulation in your terminal access program when connecting to the console port. Use the left and right arrow keys to move within a command.
Page 68: Table 5-4 Cli Keyboard Shortcuts
5: Web and Command Line Interfaces To view the last 100 commands entered in the session: show history To clear the command history: set history clear To view the rights of the currently logged-in user: show user Note: For information about user rights, see Chapter 12: User Authentication.
Page 69: 6: Basic Parameters
Basic Parameters This chapter explains how to set the following basic configuration settings for the SLC advanced console manager using the SLC web interface or the CLI: Network parameters that determine how the SLC 8000 advanced console manager interacts  with the attached network Firewall and routing ...
Page 70: Network Port Settings
6: Basic Parameters Network Port Settings Network parameters determine how the SLC unit interacts with the attached network. Use this page to set the following basic configuration settings for the network ports (Eth1 and Eth2). The SLC supports the following types of network interfaces: RJ-45 ports, as part of the standard SLC RJ45 NIC board.
Page 71: Figure 6-1 Network > Network Settings (1 Of 2)
6: Basic Parameters To enter settings for one or both network ports: 1. Click the Network tab and select the Network Settings option. Either the Network > Network or the displays depending on your SLC Settings (1 of 2) Network > Network Settings (2 of 2) 8000 model.
Page 72: Figure 6-2 Network > Network Settings (2 Of 2)
6: Basic Parameters Figure 6-2 Network > Network Settings (2 of 2) SLC™ 8000 Advanced Console Manager User Guide...
Page 73: Ethernet Interfaces (Eth1 And Eth2)
6: Basic Parameters Figure 6-3 Network Settings > SFP NIC Information & Diagnostics 2. Enter the following information: Ethernet Interfaces (Eth1 and Eth2) Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP) are not currently supported. Eth 1 Settings Disabled: If selected, disables the network port.
Page 74 6: Basic Parameters IPv6 Address Address of the port in IPv6 format. (Static) Note: The SLC 8000 advanced console manager supports IPv6 connections for the following services: the web, SSH, Telnet, remote syslog, SNMP, NTP, LDAP, Kerberos, RADIUS, TACACS+, connections to device ports, and diagnostic ping. IPv6 addresses are written as 8 sets of 4-digit hexadecimal numbers separated by colons.
Page 75: Hostname & Name Servers
Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLC unit. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLC 8000 advanced console manager attempts to resolve abcd.mydomain.com for the SMTP server.
Page 76: Gateway
6: Basic Parameters Gateway Default IP address of the IPv4 router for this network. If this has not been set manually, any gateway acquired by DHCP for Eth1 or Eth2 displays. All network traffic that matches the Eth1 IP address and subnet mask is sent out Eth1.
Page 77: Fail-Over Cellular Gateway Configuration
Fail-over Device Select an integrated device to be used as the fail-over gateway. Currently the Lantronix PremierWave XC HSPA+ Cellular Gateway and the Sierra Wireless AirLink ES450 are supported. The HSPA+ gateway must be configured in gateway mode before it can be used as the fail-over gateway. It is recommended that the...
Page 78: Advanced Cellular Gateway Configuration
6: Basic Parameters New Admin For the selected Fail-over Device, the administrator password can be changed on Password/Retype the gateway. The password may have up to 64 characters. To change the Admin Password, click the Change Admin Password checkbox and enter the new password in the New Admin Password and Retype fields.
Page 79: Load Cellular Gateway Firmware Options
6: Basic Parameters Radio Firmware Enter the name of the radio firmware filename exactly as it is represented. Filename Load Firmware via Select the method to load the firmware from the options in the drop-down menu. Options are: FTP, TFTP, SCP, USB, SD Card, and HTTPS. FTP is the default. If you select HTTPS, the Upload File link becomes active.
Page 80: Viewing Ip Filters
6: Basic Parameters Viewing IP Filters You can view a list of filters and a table showing how each filter is mapped to an interface. To view a list of IP filters: 1. Click the Network tab and select the IP Filter option. The following page displays: Figure 6-4 Network >...
Page 81 6: Basic Parameters Note: There is no way to enable or disable individual filters. To enable IP filters: 1. Enter the following: Enable IP Filter Select the Enable IP Filter checkbox to enable all filters, or clear the checkbox to disable all filters. Disabled by default. Packets Dropped Displays the number of data packets that the filter ignored (did not respond to).
Page 82: Configuring Ip Filters
6: Basic Parameters Configuring IP Filters The administrator can add, edit, delete, and map IP filters. Note: A configured filter has no effect until it is mapped to a network interface. See Mapping Rulesets on page 80. To add an IP filter: 1.
Page 83: Rule Parameters
6: Basic Parameters Rule Parameters IP Address(es) Specify a single IP address to act as a filter. Example: 172.19.220.64 – this specific IP address only Subnet Mask Specify a subnet mask to act determine how much of the address should apply to the filter.
Page 84: Deleting An Ip Filter
6: Basic Parameters 1. From the Network > IP Filter page, the administrator selects the IP filter ruleset to be edited and clicks the Edit Ruleset button to return to the Network > IP Filter Ruleset (Adding/Editing Rulesets) page (see Figure 6-5).
Page 85: Dynamic Routing
6: Basic Parameters Dynamic Routing Enable RIP Select to enable Dynamic Routing Information Protocol (RIP) to assign routes automatically. Disabled by default. RIP Version Select the RIP version. The default is 2. Static Routing Enable Static Select to assign the routes manually. The system administrator usually provides the Routing routes.
Page 86 6: Basic Parameters (IKEv1 Aggressive and 3DES_CBC/HMAC_MD5_96/PRF_HMAC_MD5/MODP_1024), when the tunnel will be rekeyed/SA Lifetime (rekeying in 7 hours), the bytes in and out (131 bytes_i (1 pkt, 93s ago), 72 bytes_o (1 pkt, 94s ago)), a dynamic address assigned to the console manager side of the tunnel (child: dynamic and 172.28.28.188), and the subnets on both sides of the tunnel (172.28.28.188/32 === 10.3.0.0/24 10.81.101.0/24 10.81.102.0/24 10.81.103.0/24).
Page 87 6: Basic Parameters (console manager) side of the tunnel based on the network configuration during both fail-over and fail-back. VPN tunnels over an console manager Ethernet interfaces that is configured with an MTU less than 256 may experience issues (traffic loss, etc). To set up a VPN connection: 1.
Page 88: Figure 6-7 Network > Vpn (1 Of 2)
6: Basic Parameters Figure 6-7 Network > VPN (1 of 2) SLC™ 8000 Advanced Console Manager User Guide...
Page 89: Figure 6-8 Network > Vpn (2 Of 2)
6: Basic Parameters Figure 6-8 Network > VPN (2 of 2) 2. Enter the following: Enable VPN Tunnel Select to create a tunnel. Disabling this option will terminate any currently running tunnel. Note: The VPN peer that sends the first packet in tunnel bringup is the initiator or client;...
Page 90 6: Basic Parameters Remote Subnet(s) One or more allowed subnets behind the remote host, expressed in CIDR notation (IP address/mask bits). If multiple subnets are specified, the subnets should be separated by a comma. Up to 10 local subnets supported. Configured subnets of the peers may differ, the protocol narrows it to the greatest common subnet.
Page 91 6: Basic Parameters IKE Negotiation The Internet Key Exchange (IKE) protocol is used to exchange security options between two hosts who want to communicate via IPSec. The first phase of the protocol authenticates the two hosts to each other and establishes the Internet Security Association Key Management Protocol Security Association (ISAKMP SA).
Page 92 6: Basic Parameters ESP Encryption The type of encryption, 3DES , AES, AES192 or AES256, used for encrypting the data sent through the tunnel. Any can be selected if the two sides can negotiate which type of encryption to use. Note: If ESP Encryption, Authentication and DH Group are set to Any, default cipher suite(s) will be used.
Page 93 6: Basic Parameters Authentication The type of authentication used by the host on each side of the VPN tunnel to verify the identity of the other host. For RSA Public Key, each host generates a RSA public-private key pair,  and shares its public key with the remote host.
Page 94 6: Basic Parameters Certificate Authority for A certificate can be uploaded to the SLC unit for peer authentication. The Local Peer certificate for the local peer is used to authenticate any remote peer to the SLC, and contains a Certificate Authority file, a public certificate file, and a Certificate File for Local private key file.
Page 95 6: Basic Parameters XAUTH Client If this is enabled, the SLC unit will send authentication credentials to the remote host if they are requested. XAUTH, or Extended Authentication, can be used as an additional security measure on top of the Pre-Shared Key or RSA Public Key.
Page 96 6: Basic Parameters Custom ipsec.conf A custom ipsec.conf file can be uploaded to the SLC. This file can include Configuration any of the strongSwan options which are not configurable from the UIs. The ipsec.conf file should include one section which conn <Tunnel Name>...
Page 97: Sample Ipsec.conf Files
6: Basic Parameters Sample ipsec.conf Files Sample ipsec.conf files are provided for a variety of tunnel setups and peers. In all examples, any left options are for the console manager/local side of the tunnel, and any right options are for the remote side of the tunnel.
Page 98 6: Basic Parameters Cisco ASA5525x Pre-Shared Key / IKEv1 This configuration is an example of a remote access connection to a Cisco ASA5525 VPN server / responder. Console manager configuration The pre-shared key needs to be configured via the console manager UI. conn ASA5525 keyexchange=ikev1 ike=aes-sha1-modp1536!
Page 99 6: Basic Parameters crypto ipsec security-association pmtu-aging infinite crypto map site2site 10 match address asa-router-vpn set pfs group5 set peer 192.168.1.204 set ikev1 transform-set ipsecvpn crypto map site2site interface outside crypto ikev1 enable outside crypto ikev1 policy 10 authentication pre-share encryption aes hash sha group 5 lifetime 86400...
Page 100 6: Basic Parameters Cisco configuration interface GigabitEthernet0/0 nameif outside security-level 0 ip address 192.168.1.130 255.255.255.0 interface GigabitEthernet0/3 nameif inside security-level 100 ip address 192.168.3.130 255.255.255.0 object-group network local-network network-object 192.168.3.0 255.255.255.0 network-object 192.168.3.250 255.255.255.255 object-group network remote-network network-object 192.168.0.0 255.255.255.0 network-object 192.168.0.222 255.255.255.255 access-list asa-router-vpn extended permit ip object-group local-network object-group remote-network...
Page 101 6: Basic Parameters Cisco ISR 2921 Pre-Shared Key / XAUTH / IKEv2 This configuration is an example of a remote access connection to a Cisco ISR2921 VPN server / responder. Console manager configuration The pre-shared key needs to be configured via the console manager UI. conn ISR2921 keyexchange=ikev2 ike=aes-sha2_384-modp1536!
Page 102: Vpn Commands
6: Basic Parameters group 2 crypto isakmp policy 5 encr 3des authentication pre-share group 5 crypto isakmp policy 10 lifetime 120 crypto isakmp key cisco123 address 192.168.1.100 crypto ipsec transform-set ISR esp-3des esp-sha384-hmac mode tunnel crypto map CM 10 ipsec-isakmp set peer 192.168.1.100 set transform-set ISR set ikev2-profile IKEv2_Profile...
Page 103 6: Basic Parameters integrity of the cryptographic module, FIPS mode will be disabled and the SLC unit will be rebooted into non-FIPS mode. When the SLC unit is running in FIPS mode, the following protocols are supported: TLS 1.0, TLS 1.1, TLS 1.2, and SSH v2.
Page 104: Figure 6-9 Network > Security
6: Basic Parameters Figure 6-9 Network > Security To enable FIPS: Note: The SSH client keyboard-interactive authentication type is not supported while the SLC unit is in FIPS mode. 1. Check the Enable FIPS Mode check box on the Networks > Security page. 2.
Page 105: Performance Monitoring
6: Basic Parameters Performance Monitoring The SLC supports Performance Monitoring probes for analyzing network performance. Probes for DNS Lookup, HTTP Get, ICMP Echo, TCP Connect, UDP Jitter and UDP Jitter VoIP are supported. Up to 15 different probes can be configured. Each probe will run a series of operations, each of which sends a series of packets to a destination host.
Page 106: Figure 6-10 Network > Perf Monitoring
6: Basic Parameters To manage or view status for a Performance Monitoring probe: 1. Click the Network tab and select the Perf Monitoring option. The following page displays. Figure 6-10 Network > Perf Monitoring 2. In the upper section of the page, modify the global Performance Monitoring settings: Number of operations Specifies the number of operation set files to keep for each probe.
Page 107 6: Basic Parameters TCP Connect Starts the TCP Connect responder on the port configured in TCP Port to reply to Responder TCP connect requests. The SLC TCP Connect responder supports one TCP connect sender. When the TCP Connect responder is enabled, the SLC will verify that the responder TCP port is not being used by any other SLC processes.
Page 108: Performance Monitoring - Add/Edit Probe
6: Basic Parameters Performance Monitoring - Add/Edit Probe Performance Monitoring - Add/Edit Probe web page allows a user to add a new Performance Monitoring probe or edit an existing Performance Monitoring probe. To add a new probe or edit an existing probe: 1.
Page 109 6: Basic Parameters 3. Modify the probe settings: Probe Type Select from one of the available probe types: DNS Lookup - Performs a DNS lookup on the hostname specified in the  Destination Host using the Name Server. By default port 53 is always used as the Destination Port.
Page 110: Performance Monitoring - Results
6: Basic Parameters Data Size The size in bytes to use for the payload portion of the packet - this size is in addition to the IPv4 header and the TCP, UDP or ICMP header. Any additional space in the packet that is not used by the protocol will be padded with random data that can be used for data verification (see below).
Page 111 6: Basic Parameters Round Trip Times The results for each packet in an operation can be displayed with the RTT Results link. Each packet will be displayed with the packet start time and any error that resulted from sending the packet.
Page 112: Table 6-12 Error Conditions
6: Basic Parameters For jitter probes, positive (increasing latency) and negative (decreasing latency) statistics are shown, as well as the number of positive or negative jitter samples in each direction, and the sum and (and sum squared) of the positive or negative jitter times. These numbers give a summary of how much variation there was in latency times and if the variation was small or large.
Page 113: Figure 6-13 Performance Monitoring - Operations
6: Basic Parameters Error Condition Description Not Connected A packet could not be sent because the connection to the destination host could not be established, or because the attempt to send the packet failed. Sequence Error A packet response was received with an unexpected sequence number. Possible reasons are: a duplicate packet was received, a response was received after it timed out, a corrupted packet was received and was not detected.
Page 114: Performance Monitoring Commands
6: Basic Parameters the far right in the operation's row. The options that are available for that operation will be ungreyed. Select one of the following options: Refresh Refreshes the information on the Performance Monitoring - Operations page. RTT Results Displays the round trip time (RTT) results for the selected operation in a separate window.
Page 115 6: Basic Parameters and hostname displays in the Hosts/FQDN List. You may add up to 15 hosts. To edit a Host entry, select the radio button next to the host in the Hosts/FQDN List, change the IP address or FQDN fields as desired, and click Add/Edit Hosts. To delete a Host, select the radio button next to the host in the Hosts/FQDN List and click Delete Host.
Page 116: 7: Services
 Configure an audit log.  View the status of and manage the SLC 8000 advanced console managers on the Secure  Lantronix network. Set the date and time.  Configure NFS and CIFS shares.  Configure the web server.
Page 117: Ssh/Telnet/Logging
7: Services SSH/Telnet/Logging To configure SSH, Telnet, and Logging settings: 1. Click the Services tab and select the SSH/Telnet/Logging option. The following page displays. Figure 7-1 Services > SSH/Telnet/Logging 2. Enter the following settings: SLC™ 8000 Advanced Console Manager User Guide...
Page 118: System Logging
7: Services System Logging Alert Levels Select one of the following alert levels from the drop-down list for each message category: Off: Disables this type of logging.  Error: Saves messages that are output because of an error.  Warning: Saves message output from a condition that may be cause for concern, in ...
Page 119: Ssh
7: Services Enable Logins Enables or disables SSH logins to the SLC unit to allow users to access the CLI using SSH. Enabled by default. This setting does not control SSH access to individual device ports. (See Device Ports for information on enabling SSH access to individual ports.) - Settings (on page 160) Most system administrators enable SSH logins, which is the preferred method of accessing the system.
Page 120: Web Ssh/Web Telnet Settings
7: Services Escape Sequence A single character or a two-character sequence that causes the SLC unit to terminate a Telnet client. Currently the Escape Sequence is only used for Web Telnet sessions. The default value is Esc+T (escape key, then uppercase "T" performed quickly but not simultaneously).
Page 121: Figure 7-2 Services > Snmp
SLC unit and device ports. See the MIB definition file for details. The SLC MIB definition file and the top level MIB file for all Lantronix products is accessible from the SNMP web page. 1. Click the Services tab and select the SNMP option. The following page displays: Figure 7-2 Services >...
Page 122 Enables or disables the Simple Network Management Protocol (SNMP) agent, which allows read-only access to the system. Disabled by default. Top Level MIB Click the link to access the top level MIB file for all Lantronix products. (link) SLC MIB (link) Click the link to access the SLC MIB definition file for SLC 8000 advanced console managers and advanced console managers.
Page 123: V1/V2C Communities
7: Services Trap Version When traps are sent, which SNMP version to use when sending the trap: v1, v2c or v3. The default is v2c. NMS #1 (or #2) When SNMP is enabled, an NMS (Network Management System) acts as a central server, requesting and receiving SNMP-type information from any computer using SNMP.
Page 124: V3 User Read-Write
7: Services Passphrase/ Passphrase associated with the password for a user with read-only authority. Up to 20 Retype characters. If this is not specified it will default to the v3 Read-Only Password. Passphrase V3 User Read-Write User Name SNMP v3 is secure and requires user-based authorization to access MIB objects.
Page 125: Figure 7-3 Services > Nfs & Smb/Cifs
7: Services To configure NFS and SMB/CIFS: 1. Click the Services tab and select the NFS/CIFS option. The following page displays: Figure 7-3 Services > NFS & SMB/CIFS 2. Enter the following for up to three directories: NFS Mounts Remote Directory The remote NFS share directory in the format: nfs_server_hostname or ipaddr:/exported/path Local Directory...
Page 126: Smb/Cifs Share
7: Services 3. Enter the following: SMB/CIFS Share Share SMB/CIFS Select the checkbox to enable the SLC 8000 advanced console manager to export an directory SMB/CIFS share called “public.” Disabled by default. Network Select the network ports from which the share can be seen. The default is for the share Interfaces to be visible on both network ports.
Page 127: Secure Lantronix Network
7: Services Secure Lantronix Network Use the Secure Lantronix Network option to view and manage SLC and SLB console managers, SLC 8000 advanced console managers, and Lantronix Spider® devices on the local subnet. Note: Status and statistics shown on the web interface represent a snapshot in time. To see the most recent data, reload the web page.
Page 128: Figure 7-5 Ip Address Login Page
1. Make sure Web Telnet and Web SSH is enabled for the specific device or device port. 2. Click the IP address of a specific secure Lantronix device to open a new browser page with the web interface for the selected secure Lantronix device.
Page 129: Figure 7-7 Ssh Or Telnet Cli Session
Secure Lantronix Page  Click the Services tab, then click the Secure Lantronix Network link (see Figure 7-4.) Select the port you want to configure. Enabled port numbers are in bright green boxes and will allow you to select either a WebSSH or a WebTelnet session.
Page 130: Browser Issues
Please check the Lantronix Knowledge Base at http://ltxfaq.custhelp.com/app/answers/list research any browser errors. To configure how secure Lantronix devices are searched for on the network: 1. Click the Search Options link on the top right of the Services > Secure Lantronix Network page.
Page 131: Troubleshooting Browser Issues
"SLCXYZ.lantronix.com", and the unit website is being accessed in a browser with "https:// SLCXYZ.lantronix.com", the unit needs to be configured with a name server that will allow the unit to perform a reverse lookup on the IP address associated with SLCXYZ.lantronix.com. Failure to perform a reverse lookup on a name may result in name mismatch errors in the browser when it attempts to open the Web SSH or Web Telnet window.
Page 132: Web Ssh/Telnet Copy And Paste
7: Services Certificates -> View Certificates -> Servers, and add an exception for the SLC IP address or hostname, with port 8000. Internet Explorer - When accessing the SLC website with Internet Explorer, and when the  SLC web server is using a self-signed SSL certificate, Explorer will grant access to the Web SSH and Web Telnet terminals if (a) the host name or common name in the self-signed certificate matches the name (or IP address) being used to access the SLC website, and (b) Explorer has imported and trusted the self-signed certficate.
Page 133: Secure Lantronix Network Commands
Enter, the content will be sent to the Web SSH or Web Telnet window. Secure Lantronix Network Commands Go to SLC Network Commands (on page 401) to view CLI commands which correspond to the web page entries described above.
Page 134: Figure 7-10 Services > Date & Time
7: Services Figure 7-10 Services > Date & Time 2. Enter the following: Change Date/Time Select the checkbox to manually enter the date and time at the location. Date From the drop-down lists, select the current month, day, and year. Time From the drop-down lists, select the current hour and minute.
Page 135: Date And Time Commands
7: Services Synchronize via Select one of the following: Broadcast from NTP Server: Enables the SLC unit to accept time  information periodically transmitted by the NTP server. This is the default if you enable NTP. Poll NTP Server: Enables the SLC 8000 advanced console manager to query ...
Page 136: Figure 7-11 Services > Web Server
7: Services Figure 7-11 Services > Web Server 2. Enter the following fields: Timeout Select No to disable Timeout.  Select Yes, minutes (5-120) to enable timeout.  Enter the number of minutes (must be between 30 and 120 minutes) after which the SLC web session times out.
Page 137: Admin Web Commands
7: Services Cipher By default, the web uses High/Medium security (128 bits or higher) for the cipher. This option can be used to configure the web to also support just High security ciphers (256 bit, 168 bit and some 128 bit), or FIPS approved ciphers (see Security.) Changing this option requires a reboot or restarting the web server with the CLI command for the change to take effect.
Page 138: Figure 7-12 Ssl Certificate
7: Services Figure 7-12 SSL Certificate 2. If desired, enter the following: Reset to Default To reset to the default certificate, select the checkbox to reset to the default Certificate certificate. Unselected by default. Root Filename Filename of the imported root or intermediate Certificate Authority. If HTTPS is selected as the method for import, the Upload File link will be selectable to upload a Certificate authority.
Page 139 The locality or city for the custom certificate, e.g. "Irvine". Must be at least 2 characters long. Organization Name The organization or company name for the custom certificate, e.g. "Lantronix". Must be at least 2 characters long. Organization Unit The unit name for the custom certificate, e.g. "Engineering" or "Sales". Must be at Name least 2 characters long.
Page 140: Services - Web Sessions
Services > Web Server ConsoleFlow ConsoleFlow is a cloud or on-premise portal for the centralized management of multiple Lantronix Out-of-band management devices, including and SLC 8000 and SLB devices. A browser based interface (including mobile phone app support) allows an administrator to view status, send commands, view logs and charts and update firmware for an SLC 8000 or SLB.
Page 141 7: Services successful, or the client is disabled. Registration may fail if the Project Tag is invalid, the Device ID is invalid, the Registration Host name cannot be resolved, or the Registration Host is not reachable. Once registration is successful, Status of Client will display Registered with the date and time of registration.
Page 142 7: Services run on the SLC. When the client starts, it will request all probes and scripts that are defined to run on the SLC. The status of the probes and scripts is displayed in the Status of Client. When a script run completes (either for a single manual run or a recurring scheduled run), the status of the script will be retained on the SLC until a new script is initiated from ConsoleFlow and the SLC determines that the maximum number of ConsoleFlow scripts per SLC has been reached;...
Page 143: Figure 7-14 Services > Consoleflow
7: Services Figure 7-14 Services > ConsoleFlow 2. Enter the following: ConsoleFlow Client Enables or disables the ConsoleFlow client. This option is enabled by default, unless an SLC is not configured with a Device ID. When the client is enabled, it will attempt to register with the Registration Host.
Page 144 Long description that is displayed in the ConsoleFlow server UI. Device ID The unique device identifier. The ID is 32 alphanumeric characters. The ID may be provisioned using Lantronix Provisioning Manager (LPM). Contact Lantronix Tech Support for more information on LPM. View-only field. Displays the serial number.
Page 145: Consoleflow Commands
7: Services Messaging Services If enabled, TLS is used for messaging. If Validate certificates with HTTPS is Security enabled for the Registration Host, a certificate authority will be used to validate the HTTPS certificates used for TLS. Enabled by default. Remote Access Idle Timeout Remote Access CLI Remote Access CLI Connection will be idle timed out after a specified number...
Page 146: 8: Usb/Sd Card Port
USB/SD Card Port This chapter describes how to configure storage by using the Devices > USB / SD Card page and CLI. This page can be used to configure the thumb drive and modems. The thumb drive or SD card is useful for firmware updates, saving and restoring configurations and for device port logging.
Page 147: Figure 8-1 Devices > Usb / Sd Card
8: USB/SD Card Port Figure 8-1 Devices > USB / SD Card To configure a USB/SD card storage port, from the USB Ports / SD Card table, 1. Click the radio button (on the far right) of a USB or SD card device storage port. 2.
Page 148: Figure 8-3 Devices > Usb > Configure
8: USB/SD Card Port Figure 8-3 Devices > USB > Configure 3. Enter the following fields. Mount Select the checkbox to mount the first partition of the storage device on the SLC unit (if not currently mounted). Once mounted, a USB thumb drive or SD card is used for firmware updates, device port logging and saving/restoring configurations.
Page 149: Figure 8-4 Devices > Usb > Modem
8: USB/SD Card Port Figure 8-4 Devices > USB > Modem SLC™ 8000 Advanced Console Manager User Guide...
Page 150: Data Settings
8: USB/SD Card Port 3. Enter the following fields. Data Settings Note: Check the modem’s equipment settings and documentation for the proper settings. The attached modem must have the same settings. Baud The speed with which the device port exchanges data with the attached serial device.
Page 151: Text Mode
8: USB/SD Card Port Group Access If undefined, any group can access the modem (text login only). If one or more groups are specified (groups are delimited by the characters ' ' (space), ',' (comma), or ';' (semicolon)), then any user who logs into the modem must be a member of one of the specified groups, otherwise access will be denied.
Page 152: Ppp Mode
8: USB/SD Card Port PPP Mode Negotiate IP Address If the SLC unit and/or the serial device have dynamic IP addresses (e.g., IP addresses assigned by a DHCP server), select Yes. Yes is the default. If the SLC unit or the modem have fixed IP addresses, select No, and enter the Local IP (IP address of the port) and Remote IP (IP address of the modem).
Page 153: Ip Settings
8: USB/SD Card Port IP Settings Service The available connection services for this modem port (None, Telnet, SSH, or TCP). Only one can be active at a time. The default is None. Telnet Port Telnet Port Telnet session port number to use if you selected Telnet. Defaults: USB Port U1: 2049 ...
Page 154: Usb Commands
8: USB/SD Card Port Note: The Delete, Download, and Rename options are at the bottom of the page (Figure 8-5). 2. To delete a file, click the check box next to the filename and click Delete File. A confirmation message displays. 3.
Page 155: 9: Device Ports
Device Ports This chapter describes how to configure and use an SLC advanced console manager port connected to an external device, such as a server or a modem. The subsequent chapter, describes how to use the web page to connect Chapter 11: Connections Devices >...
Page 156: I/O Modules
8-port I/O module in Bay 1, and 16-port modules in Bay 2 and 3. Please note that only the following configurations are available from Lantronix: SLC 8008, SLC 8016, SLC 8032 and SLC 8048 modules. The SLC 8024 and SLC 8040 console managers can only be created by adding 16-port RJ45 modules to an existing SLC 8008 unit.
Page 157: Device Status
9: Device Ports Device Status page displays the status of the SLC ports, USB ports and SD card Devices > Device Status ports. Click the Devices tab and select the Device Status option. The following page displays: Figure 9-2 Devices > Device Status SLC™...
Page 158: Device Ports
9: Device Ports Device Ports On the page, you can set up the numbering of Telnet, SSH, and TCP Devices > Device Ports ports, view a summary of current port modes, establish the maximum number of direct connections for each device port, and select individual ports to configure. 1.
Page 159: Telnet/Ssh/Tcp In Port Numbers
9: Device Ports To set up Telnet, SSH, and TCP port numbering: 1. Enter the following: Telnet/SSH/TCP in Port Numbers Starting Telnet Port Each port is assigned a number for connecting via Telnet. Enter a number (1025- 65528) that represents the first port. The default is 2000 plus the port number. For example, if you enter 2001, port 1 will be 2001 and subsequent 2000 ports are automatically assigned numbers 2001, 2002, and so on.
Page 160: Device Ports - Settings
9: Device Ports Device Ports - Settings On the page, configure IP and data (serial) settings for individual Device Ports > Settings (1 of 2) ports, and if the port connects to an external modem, modem settings as well. To open the Device Ports - Settings page: 1.
Page 161: Figure 9-4 Device Ports > Settings (1 Of 2)
9: Device Ports The following page displays: Figure 9-4 Device Ports > Settings (1 of 2) SLC™ 8000 Advanced Console Manager User Guide...
Page 162: Device Port Settings
9: Device Ports Figure 9-5 Device Ports > Settings (2 of 2) 2. Enter the following: Device Port Settings Port Displays number of port; displays automatically. Mode The status of the port; displays automatically. USB Device This field is only displayed for USB ports. If a USB device is connected to the device port, this displays the USB version, speed, and a short type description for the USB device.
Page 163 9: Device Ports Detect Name Tokens If Detect Port Name is enabled, the SLC will attempt to extract a hostname or other identifier from the device prompt, to use as the device port name. The SLC will extract any name between either the start of a line sent from the device up until one of the tokens, or any part of a prompt that does not include the tokens, as the device port name.
Page 164: Ip Settings
9: Device Ports Zero Port Counters Resets all of the numerical values in the Port Counters table at the bottom of the page to zero (0). Logging & Events Click the Settings link to configure file logging (see Device Ports - Logging and Events on page 177), email logging, local logging, and USB logging.
Page 165: Data Settings
9: Device Ports IP Address/Netmask IP address used for this device port so a user can Telnet, SSH, or establish a raw Bits TCP connection to this address and connect directly to the device port. The optional netmask bits specify the netmask to use for the IP address. For example, for a netmask of 255.255.255.0 specify 24 bits.
Page 166: Hardware Signal Triggers
9: Device Ports Show Lines on If enabled, when the user either does a from the CLI or connect direct Connecting connects directly to the port using Telnet or SSH, the SLC outputs up to 24 lines of buffered data as soon as the serial port is connected. For example, an SLC user issues a command connect direct device 1...
Page 167: Modem Settings (Device Ports)
Enabled by default. Note: Applies to serial RJ45 device ports only. All Lantronix serial adapters are intended to be used with Reverse Pinout disabled. If you are replacing an original SLC unit with an SLC 8000 advanced console manager, disable the reverse pinout so you can use the original cables and adapters.
Page 168: Modem Settings: Text Mode
9: Device Ports Use Sites Enables the use of site-oriented modem parameters which can be activated by various modem-related events (authentication, outbound network traffic for dial- on-demand connections, etc.). Sites can be used with the following modem states: dial-in, dial-back, dial-on-demand, dial-in & dial-on-demand, dial-back & dial-on-demand, and CBCP server.
Page 169: Modem Settings: Ppp Mode
9: Device Ports Modem Settings: PPP Mode Negotiate IP Address If the SLC unit and/or the serial device have dynamic IP addresses (e.g., IP addresses assigned by a DHCP server), select Yes. Yes is the default. If the SLC advanced console manager or the modem have fixed IP addresses, select No, and enter the Local IP (IP address of the port) and Remote IP (IP address of the modem).
Page 170: Port Status And Counters
9: Device Ports 4. To save selected settings to ports other than the one you are configuring: From the Apply Settings drop-down box, select none, a group of settings, or All. In to Device Ports, type the device port numbers, separated by commas; indicate a range of port numbers with a hyphen (e.g., 2, 5, 7-10).
Page 171 9: Device Ports This menu allows the administrator to query status and control any of the power supplies that provide power to the device connected to the device port and change the Baud Rate of the device port. Note: The Baud Rate can be configured while connected to a device port by entering the Power Management Sequence.
Page 172: Figure 9-7 Device Ports - Power Management
9: Device Ports Figure 9-7 Device Ports - Power Management 3. Enter the following: Power Management A series of one to ten characters that will display the Power Management menu Sequence when connected to the device port. The default value is Esc+P (escape key, then uppercase "P").
Page 173: Device Ports - Rpms - Add Device
9: Device Ports Outlet For each managed power supply, enter the outlet on the selected RPM. As an aid to selecting the outlet, click the View Outlets button, then select an outlet from the list and click the Select Outlet button. The managed power supply outlet number will be filled in, as well as the managed power supply outlet name if a name is listed for the outlet and one has not already been defined for the managed power supply.
Page 174: Figure 9-8 Device Ports > Rpms - Add Device
9: Device Ports Figure 9-8 Device Ports > RPMs - Add Device SLC™ 8000 Advanced Console Manager User Guide...
Page 175: Device Port - Sensorsoft Device
9: Device Ports Device Port - Sensorsoft Device Devices made by Sensorsoft are used to monitor environmental conditions. 1. In the Connected to drop-down menu above the IP Settings section of the page, select Sensorsoft. Device Ports > Settings (1 of 2) Note: Sensorsoft temperature/humidity devices are supported with USB-to-serial adapters (ftdi/ pl2303/cp210x) but not supported for use with USB-to-Serial CDC_ACM devices.
Page 176: Device Port Commands
9: Device Ports 4. Click the Apply button. 5. To view the status detected by the Sensorsoft, click the Show Status link in the far right column of the table. Figure 9-10 Sensorsoft Status Device Port Commands Go to Device Port Commands to view CLI commands which correspond to the web page entries described above.
Page 177: Device Ports - Logging And Events
9: Device Ports <SSH flags> is one or more of: user <Login Name> version <1|2> command <Command to Execute> tcp <IP Address> port <TCP Port> telnet <IP Address> [port <TCP Port>] udp <IP Address> port <UDP Port> hostlist <Host List> Notes: To escape from the connect direct command when the endpoint of the command is deviceport, tcp, or udp and return to the command line interface, type the...
Page 178: Usb And Sd Card Logging
9: Device Ports Examples: 02_Port-2_1.log 02_Port-2_2.log 02_Port-2_3.log 02_Port-2_4.log 02_Port-2_5.log USB and SD Card Logging Data can be logged to a USB flash drive that is loaded into the USB ports or the SD card slot on the front of the SLC unit and properly mounted. Data logged locally to the SLC advanced console manager is limited to 256 Kbytes and may be lost in the event of a power loss.
Page 179: Token & Data Detection
9: Device Ports Figure 9-11 Devices > Device Ports - Logging & Events 2. Enter the following: Token & Data Detection Token & Data Select to enable token and data detection on the selected device port, with a set of Detection actions that can be enabled if a data trigger occurs.
Page 180 9: Device Ports Byte Threshold The number of bytes of data the port will receive before the SLC unit will capture log data and initiate the selected actions. The default is 100 bytes. In most cases, the console port of your device does not send any data unless there is an alarm condition.
Page 181: Local Logging
9: Device Ports Local Logging Local Logging If you enable local logging, each device port stores 256 Kbytes (approximately 400 screens) of I/O data in a true FIFO buffer. Disabled by default. Clear Local Log Select the checkbox to clear the local log. View Local Log Click this link to see the local log in text format.
Page 182: Logging Commands
9: Device Ports Apply settings to Device Ports and enter port numbers separated by commas. Indicate a range of port numbers with a hyphen (e.g., 2, 5, 7-10), and separate ranges with commas. 4. To save, click the Apply button. Logging Commands Go to Logging Commands...
Page 183: Console Port Commands
9: Device Ports Parity Parity checking is a rudimentary method of detecting simple, single-bit errors. From the drop-down list, select the parity. The default is none. Flow Control A method of preventing buffer overflow and loss of data. The available methods include none, xon/xoff (software), and rts/cts (hardware).
Page 184: Figure 9-13 Devices > Internal Modem
9: Device Ports Note: Your internal modem will appear in the Sample Dashboards in the upper right hand corner once the SLC unit reboots. 2. Reboot the SLC 8000 advanced console manager. 3. Log into the SLC unit and click Devices. 4.
Page 185 9: Device Ports 5. Enter the following fields. State Indicates whether the internal modem is enabled. When enabling, set the modem to Disabled, Dial-in, Dial-out, and Dial-back. Disabled by default. Mode The format in which the data flows back and forth. With Text selected, the SLC unit assumes that the modem will be used for ...
Page 186 9: Device Ports Dial-back Number Users with Dial-back can dial into the SLC unit and enter their login and password. Once the SLC unit authenticates them, the modem hangs up and dials them back . Select the phone number the modem dials back on: a fixed number or a number associated with their login.
Page 187: Internal Modem Commands
9: Device Ports Internal Modem Commands Go to Internal Modem Commands to view CLI commands which correspond to the web page entries described above. Xmodem The SLC supports using the Xmodem, Ymodem, or Zmodem protocols to send and receive files across serial ports.
Page 188 9: Device Ports 1. Click the Devices tab and select the Xmodem option. The Xmodem page displays: 2. To upload a file to the repository, click the Upload File link and upload a file in the window that is displayed. Upload file size should not exceed 20 MB. The maximum length for the upload file name is 40 characters.
Page 189 9: Device Ports can be opened to view the progress of the send. When the Xmodem protocol is used, the user will be prompted when to start the file receive with the message, “Give your local XMODEM receive command now.” Note: Ymodem transfers may display a line at the end of a successful transfer such as, “Ymodem sectors/kbytes sent: 0/ 0k”, however, the transfer is successful if...
Page 190: Host Lists
9: Device Ports Host Lists A host list is a prioritized list of SSH, Telnet, and TCP hosts available for establishing incoming modem connections or for the connect direct command on the CLI. The SLC unit cycles through the list until it successfully connects to one. To add a host list: 1.
Page 191: Host Parameters
9: Device Ports Host Parameters Host Name or IP address of the host. Protocol Protocol for connecting to the host (TCP, SSH, or Telnet). Port Port on the host to connect to. Escape Sequence The escape character used to get the attention of the SSH or Telnet client. It is optional, and if not specified, Telnet and SSH use their default escape character.
Page 192: Host Parameters
9: Device Ports To view or update a host list: 1. In the Host Lists table, select the host list and click the View Host List button. The list of hosts display in the Hosts box. Figure 9-15 View Host Lists 2.
Page 193: Host List Commands
9: Device Ports Escape Sequence The escape character used to get the attention of the SSH or Telnet client. It is optional, and if not specified, Telnet and SSH use their default escape character. For Telnet, the escape character is either a single character or a two-character sequence consisting of '^' followed by one character.
Page 194: Figure 9-16 Devices > Scripts
9: Device Ports All scripts have permissions associated with them; a user who runs a script must have the permissions associated with the script in order to run the script. To add a script: 1. Click the Devices tab and select the Scripts option. This page displays. Figure 9-16 Devices >...
Page 195: Scripts
9: Device Ports 2. Click the Add Script button. The page for editing script attributes displays. Figure 9-17 Adding or Editing New Scripts 3. Enter the following: Scripts Script Name A unique identifier for the script. SLC™ 8000 Advanced Console Manager User Guide...
Page 196 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., Spider, or SLC devices) on Network the local subnet. Date/Time Right to set the date and time.
Page 197 9: Device Ports 5. To save, click the Apply button. If the type of script is Interface or Custom, the script will be validated before it is saved. Once the script is saved, the main Scripts page is displayed. To view or update a script: 1.
Page 198: Figure 9-18 Custom Scripts - Scheduler
9: Device Ports Figure 9-18 Custom Scripts - Scheduler 2. Enter the following (each Custom Script can be run against one device - CLI or Device Port - with one schedule): Device Type The device - either the CLI or a Device Port - that the script is connected to. State The state of the script’s schedule.
Page 199 9: Device Ports Scripts that are scheduled to start at a specific time will be restarted when the SLC is rebooted  if the script is scheduled to run forever or if the stop time has not expired. After the SLC has booted, there will be a short delay after launching each script before starting ...
Page 200: Script Commands
9: Device Ports to the Power group, the user running the runcli command must belong to the Power or Admin group). For Batch Scripts, if this minimum group requirement is met, the SLC user will temporarily be granted all of the individual rights assigned to the script while the Batch Script is running.
Page 201: Primary Commands
9: Device Ports Table 9-19 Definitions Term Definition Word A contiguous group of characters delimited on either side by spaces. Not enclosed by double quotes. Primary Command One of the primary commands listed in this section. Secondary Command One of the secondary commands defined in this section. Quoted String A group of characters enclosed by double quote (") characters.
Page 202: Table 9-20 Primary Commands
9: Device Ports Table 9-20 Primary Commands Command Description set command assigns a value to a variable. Syntax: set <variable> <value> where <variable> is a word, and <value> can be defined in one of the following ways: A quoted string ...
Page 203: Secondary Commands
9: Device Ports Secondary Commands These are commands which provide data or other support to the Primary commands. These commands are never used by themselves in a script. The preprocessor will require that these commands always follow a left square bracket ('[') character and be followed on a single line by a right bracket (']').
Page 204: Control Flow Commands
9: Device Ports Command Description expr This command evaluates an arithmetic expression and returns the result. The expr command will only be used in combination with the to generate a set command value for a variable. Syntax: expr <value> <operation> <value> Each will be either a word or a variable reference, and <operation>...
Page 205: Custom Script Syntax
9: Device Ports Command Description if, elseif and else command executes an associated block of commands if its Boolean expression evaluates to TRUE. Each command within the block must be a Primary command. Syntax: if {<Boolean expression>} { command 1 command 2 command n command is used in association with an...
Page 206: Example Scripts
9: Device Ports Note: For CLI sessions, a local user name should be given  For Device Port sessions, the $devicePort variable will be used by the SLC to connect  the script to the appropriate Device Port. The -noecho flag may be passed to spawn command.
Page 207 9: Device Ports set sleepTime 2 set prompt ">" set login "sysadmin" set pwd "PASS" #Send CR to echo prompt send "\r" sleep $sleepTime #Log in or check for Command Prompt expect { #Did not capture "ogin" or Command Prompt timeout { send_user "Time out login..\r\n";...
Page 208 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Secure Lantronix Console Manager Model Number: SLC 48 For a list of commands, type 'help'. [SLC251glenn]> show network port 1 host show network port 1 host...
Page 209 [slc247glenn]> connect script monport deviceport 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Secure Lantronix Console Manager Model Number: SLC 48 For a list of commands, type 'help'. [SLC251glenn]> show network port 1 host show network port 1 host...
Page 210 9: Device Ports show portcounter deviceport 7 show portcounter deviceport 7 Device Port: 7 Seconds since zeroed: 1454136 Bytes input: 0 Bytes output: 0 Framing errors: 0 Flow control errors: 0 Overrun errors: 0 Parity errors: 0 [SLC251glenn]> Port Counter Monitor Script Ending..________________________________________________________________________ Login Out..
Page 211 9: Device Ports # spawn the CLI session if {[catch {spawn -noecho clisession -U sysadmin} result]} { abortSession 1 set sessionId $spawn_id # Handle eof expect_after { -i $sessionId eof { myprint "Session unexpectedly terminated." abortSession 2 set timeout 10 log_user 0 # Wait for the first prompt set loggedIn false...
Page 212 9: Device Ports Expect Custom Script - SLC Device Port Session An example of an Expect Custom Script that interacts with a SLC Device Port (in this example a ServerTech PDU is connected to a Device Port): #! expect # Script to get the load of a ServerTech PDU outlet set pduPrompt ">"...
Page 213 9: Device Ports expect "Password:" send "admn\n" # Wait for the first prompt set loggedIn false while {! $loggedIn} { expect { timeout {myprint "Timeout waiting to login"; abortSession 3} "*CDU: " {set loggedIn true} # Detect the prompt exp_send "\n" expect "are:\r\n"...
Page 214 9: Device Ports proc myprint {str} { send_user -- "$str\n" proc abortSession {err} { send_user "Error $err. Terminating session.\n" exit $err if {$argc < 2} { myprint "Usage: script_md_cisco.exp <TFTP Server> <Backup File Name>" abortSession 1 set tftp [lindex $argv 0] set configFile [lindex $argv 1] set enablePassword "secret"...
Page 215 9: Device Ports expect { "*assword: " { send "$enablePassword\r" } ">" { set loggedIn true; set passwordPrompt true; send "enable\r" "#" { set loggedIn true; set execMode true } "Error:*\r\n" { send_user $expect_out(0,string); abortSession 5 } timeout {set cnt [expr {$cnt + 1}] } myprint "Logged in."...
Page 216 9: Device Ports print(now.strftime("%Y-%m-%d %H:%M")) server = sys.argv[1] secret = sys.argv[2] proc = subprocess.Popen(['clisession', '-U', 'sysadmin'], stdin=subprocess.PIPE, stdout=subprocess.PIPE, stderr=subprocess.PIPE) # wait for prompt while True: output_str = proc.stdout.readline() if b'list of commands' in output_str: proc.stdin.write(b'\n') proc.stdin.flush() if b']> ' in output_str: break if b'Invalid local user' in output_str: print("Invalid local user passed to clisession.")
Page 217 9: Device Ports print("RADIUS command returned: " + s2.split("\\n")[0]) proc.stdin.close() proc.terminate() proc.wait() sys.exit(1) print("RADIUS settings updated and enabled.") proc.stdin.close() proc.terminate() proc.wait() sys.exit(0) Python Custom Script - SLC CLI Session An example of a Python Custom Script that uses the Pexpect module to interact with the CLI session and the device ports to detect the prompt on any devices connected to the SLC, and set the device port name to be the same as the device prompt: #! python...
Page 218 9: Device Ports print("Timeout waiting to login.") p.terminate(True) sys.exit(1) elif i == 1: # EOF print("Session unexpectedly terminated.") p.terminate(True) sys.exit(1) elif i == 2: # SLC8000 model number model = p.match.group(1) numPorts = int(model) elif i == 3: # SLB882 model number numPorts = 8 elif i == 4: # prompt loggedIn = True...
Page 219 9: Device Ports 'login:', 'Error: (.*)\r\n', '>'], timeout=10) if i == 0: # Timeout cnt = cnt + 1 if cnt == 3: print("Timeout waiting to connect to DP", devicePort, ".") p.terminate(True) p.wait() break # may need to send a CR to get prompt p.send("\r") elif i == 1: # EOF...
Page 220 9: Device Ports continue print("Detected prompt", devPrompt, ".") # Strip characters not allowed in DP names devPromptStrip = re.sub("[^0-9A-Za-z\._\-]", "", devPrompt) devPromptComplete = devPromptStrip + "-" + str(devicePort) pList.append(devPromptComplete) p.terminate(True) p.wait() devicePort = devicePort + 1 # end of while devicePort <= numPorts: # Connect to the SLC CLI and set the device port names p=pexpect.spawn('clisession -U sysadmin') loggedIn = False...
Page 221 9: Device Ports time.sleep(.500) p.wait() print("Script completed.") sys.exit(0) Tcl Custom Script - SLC CLI Session An example of a Tcl Custom Script that interacts with a CLI session: #! tcl # Script to get the current internal temperature of the SLC # Accepts one optional command line parameter for location set slcTemp "unknown"...
Page 222: Sites
9: Device Ports set gotTemp false while {! $gotTemp} { set len [gets $io line] if {[string first "Current Internal Temperature" $line] != -1} { set slcTemp [string range $line [expr {[string first ":" $line] + 1}] end] set gotTemp true puts "Temperature: $slcTemp"...
Page 223: Figure 9-23 Devices > Sites
9: Device Ports To add a site: 1. Click the Devices tab and select the Sites option. The Sites page displays: Figure 9-23 Devices > Sites 2. In the lower section of the page, enter the following: Note: To clear fields in the lower part of the page, click the Reset Site button. Site Id Displays after a site is created.
Page 224 9: Device Ports Login/CHAP Host The login name (for PAP authentication) or CHAP host (for CHAP authentication) associated with this site. If a modem has sites enabled and the authentication is successful at dial-in (for modem states dial-in, dial-back, CBCP server, dial-in & dial-on-demand, or dial-back &...
Page 225: Site Commands
9: Device Ports Modem Timeout Timeout for dial-in and dial-on-demand PPP connections. Select Yes (default) for the SLC 8000 advanced console manager to terminate the connection if no traffic is received during the configured idle time. Enter a value of from 1 to 9999 seconds.
Page 226: Dial-Back
9: Device Ports The site list will be searched for a site that (a) the Login/CHAP Host matches the name that was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem is on. If a matching site is found, the Timeout Logins parameter configured for the site will be used for the rest of the dial-in connection instead of the Timeout Logins parameter configured for the modem.
Page 227: Dial-On-Demand
9: Device Ports peer, (b) Authentication is set to CHAP, and (c) the Port is set to None or matches the port the modem is on. If the remote peer requests PAP or CHAP authentication from the SLC 8000 advanced console manager, the Remote/Dial-out Login and Remote/Dial-out Password configured for the modem (not the site) will be provided as authentication tokens.
Page 228: Dial-Back & Dial-On-Demand
9: Device Ports addresses or specific IP addresses (determined by the Negotiate IP Address setting). The PPP connection will stay active until no IP traffic is sent for Modem Timeout seconds. For Dial-on-Demand, the SLC unit searches the site list for all sites that (a) have a Dial-out ...
Page 229: Cbcp Server And Cbcp Client
9: Device Ports sent for Modem Timeout seconds. Once the timeout has expired, the PPP connection will be terminated and will not be reestablished for at least Restart Delay seconds. CBCP Server and CBCP Client Callback Control Protocol (CBCP) is a PPP option that negotiates the use of callback where the server, after authenticating the client, terminates the connection and calls the client back at a phone number that is determined by the CBCP handshake.
Page 230: Key Sequences
9: Device Ports with the Authentication setting). For PAP, the Local/Remote list will be used to authenticate the login and password sent by the PPP peer. For CHAP, the CHAP Handshake Host/User Name and Secret/User Password will be used to authenticate CHAP Challenge response sent by the PPP peer.
Page 231: 10: Remote Power Managers
10: Remote Power Managers The SLC supports managing remote power managers (RPMs) for devices from over 140 vendors. The RPMs can be either PDUs or UPSes, and can be managed via SNMP, serial port, network and USB connections. The RPMs web page displays a list of all currently managed RPMs with an overview of their current status, with options to control and view detailed status for each RPM, depending on its supported capabilities.
Page 232: Figure 10-2 Rpm Shutdown Order
10: Remote Power Managers Notifications Displays the notifications configured for each PDU and UPS. See Figure 10-3. Raw Data Displays a window with all of the information returned by the driver when a query for status is requested. This option is available for all RPMs.
Page 233: Figure 10-3 Rpm Notifications
10: Remote Power Managers Figure 10-3 RPM Notifications Figure 10-4 RPM Raw Data Log SLC™ 8000 Advanced Console Manager User Guide...
Page 234: Rpms - Add Device
10: Remote Power Managers Figure 10-5 RPM Logs Figure 10-6 RPM Environmental Log RPMs - Add Device The Add Device page assists the administrator with adding a new managed RPM to the SLC configuration. With over 140 different vendors and nearly 1000 different models that are supported, the key to ensuring the SLC can properly manage a PDU or UPS is selecting the right model (with its associated driver) and any required driver options, especially for USB managed devices.
Page 235: Figure 10-7 Device Ports > Rpms - Add Device
10: Remote Power Managers Figure 10-7 Device Ports > RPMs - Add Device 3. Enter the following: Vendor Select the correct vendor from the drop-down menu. SLC™ 8000 Advanced Console Manager User Guide...
Page 236 10: Remote Power Managers Model Select the Model in the drop-down menu. The drop-down menu will be populated with models supported for the selected vendor above. To the left of each model name is one or two letters in parentheses that indicate the type of control available for the selected model: P - SNMP, S - serial port, U - USB port, N - network.
Page 237: Rpms - Manage Device
10: Remote Power Managers Critical Emails If an email address is specified, under critical conditions (see Critical SNMP Traps above), an email notification will be sent to the email address. The Server and Sender configured in the SMTP settings will be used to send the email.
Page 238 10: Remote Power Managers Figure 10-8 RPMs - Managed Device 3. Enter the following: RPM Id (view only) The unique number associated with the RPM. Name Specify the unique name of the RPM (up to 20 characters). Status (view only) The current status of the RPM.
Page 239 10: Remote Power Managers Current (view only) The total current value for the RPM in Amperes, if this information is provided by the RPM. If the RPM consists of two separate towers or units, each with its own current value, both current values will be displayed, separated by a slash. Input Voltage (view The input voltage for the RPM in Volts, if this information is provided by the RPM.
Page 240: Rpms - Outlets
10: Remote Power Managers Log Status Indicates if the status of the RPM is periodically logged. Select Yes, minutes to log the status periodically and enter a value between 1 and 60 minutes. The logs can be viewed by viewing the RPMs web page and clicking on "Logs". Critical SNMP Traps If enabled, under critical conditions (UPS goes onto battery power, UPS battery is low, UPS forced shutdown in progress, UPS on line power, UPS battery needs to be replaced, RPM is unavailable, communications with RPM lost, communications with...
Page 241: Rpm Shutdown Procedure
10: Remote Power Managers Figure 10-9 RPMs - Outlets 3. To change the state of one or more outlets, select the outlets, and click the Cycle Power, Turn On or Turn Off buttons. The command will be sent to the RPM and the page will refresh. It may take one or two minutes before the new outlet state(s) are reflected on the Outlets page.
Page 242 10: Remote Power Managers BOOST - UPS is boosting incoming voltage  FSD - UPS is in forced shutdown due to a critical condition  Once a UPS is on line power (status is OL) and goes off of line power and onto battery power (status is OB), it may reach a low battery state (status is OB, LB or LB).
Page 243: Optimizing And Troubleshooting Rpm Behavior
10: Remote Power Managers Optimizing and Troubleshooting RPM Behavior This section gives tips on how to optimize the management of specific PDUs and UPSes, and how to troubleshoot any problems with the SLC connecting to and managing an RPM. Sentry3 - Network and Serially Managed PDUs - Some Sentry3 PDUs have a CLI timeout, ...
Page 244: Rpm Commands
10: Remote Power Managers RPM Commands Go to RPM Commands to view CLI commands which correspond to the web page entries described above. SLC™ 8000 Advanced Console Manager User Guide...
Page 245: 11: Connections
11: Connections Chapter 9: Device Ports on page 155 described how to configure and interact with an SLC advanced console server port connected to an external device. This chapter describes how to use page to connect external devices and outbound network connections Devices >...
Page 246: Remote Access Server
11: Connections Figure 11-1 Terminal Server SLC 8000 Advanced Console Manager Server Telnet Sessions (via Network connection) Serial Connections VT100 Terminals Remote Access Server In this setup, the SLC 8000 advanced console manager is connected to one or more modems by its device ports.
Page 247: Multiport Device Server
A PC can use the device ports on the SLC unit as virtual serial ports, enabling the ports to act as if they are local ports to the PC. To use the SLC 8000 advanced console manager in this setup, the PC requires special software, for example, Com Port Redirector (available on www.lantronix.com) or similar software).
Page 248: Connection Configuration
11: Connections Connection Configuration Note: These are advanced connection settings for specific applications. If the SLC 8000 advanced console manager is being used as a console or device server it is unlikely that you will need any of the Connection settings described below. To create a connection: 1.
Page 249 11: Connections Port The number of the device port you are connecting. This device port must be connected to an external serial device and must not have command line interface logins enabled, be connected to a modem, or be running a loopback test.
Page 250: Connection Commands
11: Connections Figure 11-7 Current Connections 1. To view details about a connection, hold the mouse over the arrow in the Flow column. 2. To disconnect (delete) a connection, select the connection in the Select column and click the Terminate button. 3.
Page 251: 12: User Authentication
12: User Authentication Users who attempt to log in to the SLC advanced console manager by means of Telnet, SSH, the console port, or one of the device ports are granted access by one or more authentication methods. The User Authentication page provides a submenu of methods (Local Users, NIS, LDAP, RADIUS, Kerberos, and TACACS+) for authenticating users attempting to log in.
Page 252: Figure 12-1 User Authentication > Authentication Methods
12: User Authentication Figure 12-1 User Authentication > Authentication Methods 2. To enable a method currently in the Disabled methods list, select the method and press the left arrow to the left of the list. The methods include: A network naming and administration system developed by Sun Microsystems for smaller networks.
Page 253: Authentication Commands
12: User Authentication TACACS+ TACACS+ allows a remote access server to communicate with an authentication server to determine whether the user has access to the network. (Terminal Access TACACS+ is a completely new protocol and is not compatible with TACACS or Controller Access Control XTACACS.
Page 254: Table 12-2 User Types And Rights
Device Port Operations Device Port Configuration Reboot/Shutdown Firmware/Configuration Diagnostics and Reports Secure Lantronix Network Web Access Internal Modem RPMs SD Card You cannot deny a user rights defined for the group, but you can add or remove all other rights at any time.
Page 255: Local And Remote User Settings
12: User Authentication Local and Remote User Settings The system administrator can configure the SLC 8000 advanced console manager to use local accounts and remote accounts to authenticate users. 1. Click the User Authentication tab and select the Local/Remote Users option. The following page displays.
Page 256: Sysadmin Account Default Login Values
12: User Authentication Authenticate only Select the check box to authenticate users listed in the Remote Users list in the remote users who are lower part of the page. Disabled by default. in the remote users list Deny access to remote Select the check box to authenticate remote users whose LDAP group or users assigned to TACACS+ priv_lvl map to a SLC custom group, allow SLC access if matched.
Page 257: Adding, Editing Or Deleting A User
12: User Authentication the result: Admin Password Unique to Device: enabled (or disabled). If that string is absent from the result or the result is set to “disabled”, it indicates that the device doesn’t support the device-unique sysadmin password. Note: It is recommended that you change the default passwords on initial setup.
Page 258: Figure 12-4 User Authentication > Local/Remote User > Add/Edit User
12: User Authentication Figure 12-4 User Authentication > Local/Remote User > Add/Edit User 2. Enter the following information for the user: Login User ID of selected user. Authentication Select the type of authenticated user: Local: User listed in the SLC database. ...
Page 259 12: User Authentication Enable for Dial-back Select to grant a local user dial-back access. Users with dial-back access can dial into the SLC unit and enter their login and password. Once the SLC 8000 advanced console manager authenticates them, the modem hangs up and dials them back.
Page 260 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., Spider, or SLC units) on Network the local subnet. Date/Time Right to set the date and time.
Page 261: Shortcut
12: User Authentication Shortcut To add a user based on an existing user: 1. Display the existing user on the User Authentication > Local/Remote Users page. The fields in the top part of the page display the current values for the user. 2.
Page 262: Nis
12: User Authentication The system administrator can configure the SLC advanced console manager to use NIS to authenticate users attempting to log in to the SLC unit through the Web, SSH, Telnet, or the console port. If NIS does not provide port permissions, you can use this page to grant device port access to users who are authenticated through NIS.
Page 263 12: User Authentication 2. Enter the following: Enable NIS Displays selected if you enabled this method on the Authentication Methods page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable NIS here or on the first User Authentication page. If you enable NIS here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 264 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., Spider, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 265: Nis Commands
12: User Authentication NIS Commands Go to NIS Commands to view CLI commands which correspond to the web page entries described above. LDAP The system administrator can configure the SLC 8000 advanced console manager to use LDAP to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. LDAP allows SLC unit users to authenticate using a wide variety of LDAP servers, such as OpenLDAP and Microsoft Active Directory.
Page 266: Figure 12-6 User Authentication > Ldap
12: User Authentication Figure 12-6 User Authentication > LDAP 2. Enter the following: Enable LDAP Displays selected if you enabled this method on the first User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 267 Attribute use to search for a name (ie, "msmith") or a Distinguished Name (ie, "uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as appropriate for the LDAP server. If nothing is specified for the group membership attribute, the SLC unit will use "memberUID" for name and "uniqueMember" for DN.
Page 268 12: User Authentication Encrypt Messages Select Start TLS or SSL to encrypt messages between the SLC unit and the LDAP server. If Start TLS is selected, the port will automatically be set to 389 and the StartTLS extension will be used to initiate a secure connection; if SSL is selected, the port will automatically be set to 636 and a SSL tunnel will be used for LDAP communication.
Page 269: Ldap Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., Spider, or SLC devices) on Network the local subnet. Date/Time Right to set the date and time.
Page 270: Radius
12: User Authentication RADIUS The system administrator can configure the SLC 8000 advanced console manager to use RADIUS to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. Users who are authenticated through RADIUS are granted device port access through the port permissions on this page.
Page 271 12: User Authentication 2. Enter the following: Enable RADIUS Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable RADIUS here or on the first User Authentication page. If you enable RADIUS here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 272 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., Spider, or SLC units) on Network the local subnet. Date/Time Right to set the date and time.
Page 273: Radius Commands
RADIUS servers will need to be configured to support the Lantronix Vendor-Specific Attribute. For example, on a FreeRADIUS server, the dictionary will need be updated with the Lantronix definition by including the contents below in a file named dictionary.lantronix, and including it in the SLC™ 8000 Advanced Console Manager User Guide...
Page 274: Kerberos
VENDOR Lantronix 244 BEGIN-VENDOR Lantronix ATTRIBUTE Lantronix-User-Attributes 1 string END-VENDOR Lantronix Once this is complete, the users file can be updated to include the Lantronix VSA for any user: myuser Auth-Type := Local, User-Password == "myuser_pwd" Reply-Message = "Hello, %u", Lantronix-User-Attributes = "data 1-4 listen 1-6 clear 1-4...
Page 275: Figure 12-8 User Authentication > Kerberos
12: User Authentication Figure 12-8 User Authentication > Kerberos 2. Enter the following: Enable Kerberos Check box displays as checked if this method is enabled on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 276 12: User Authentication KDC Port Port on the KDC listening for requests. Enter an integer with a maximum value of 65535. The default is 88. Use LDAP Indicate whether Kerberos should rely on LDAP to look up user IDs and Group IDs. This setting is disabled by default. Note: Make sure to configure LDAP if you select this option.
Page 277: Kerberos Commands
12: User Authentication Secure Lantronix Right to view and manage secure Lantronix units (e.g.,Spider, or SLC units) on the Network local subnet. Date/Time Right to set the date and time. Reboot & Shutdown Right to shut down and reboot the SLC unit.
Page 278: Tacacs+ Groups
12: User Authentication TACACS+ Groups This section describes how a priv_lvl assigned to a TACACS+ user can be mapped to a SLC custom Groups, which will set the permissions and port rights for a TACACS+ user when they login to the SLC. TACACS+ users are typically configured to have a privilege level 0-15, with each level representing a privilege level that is a superset of the next lower value.
Page 279: Figure 12-9 User Authentication > Tacacs
12: User Authentication Figure 12-9 User Authentication > TACACS+ 2. Enter the following: Enable TACACS+ Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 280 12: User Authentication Authentication The type of service used to pass the authentication tokens (e.g., login and Service password) between the SLC and the TACACS+ server. Options are: ASCII Login (login and password are transmitted in clear, unencrypted text), PPP/PAP (login and password are transmitted in clear, unencrypted text via a PAP protocol packet), and PPP/CHAP (the TACACS+ server sends a challenge that consists of a session ID and an arbitrary challenge string, and the user name and password...
Page 281: Tacacs+ Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., Spider, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 282: Groups
12: User Authentication Groups The SLC 8000 advanced console manager has 3 pre-defined groups: Administrators, Power Users, and Default Users. Custom groups can also be created; each custom group is a set of user attributes and permissions. Local Users and Remote Users defined on the SLC unit can be assigned to one of the pre-defined groups or a custom group.
Page 283: Figure 12-10 User Authentication > Groups
12: User Authentication Figure 12-10 User Authentication > Groups 2. Enter the following: Group Name Enter a name for the group. Listen Ports The ports users are able to monitor using the connect listen command. Data Ports The ports users are able to monitor and interact with using the connect direct command.
Page 284 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., Spider, or SLC units) on Network the local subnet. Date/Time Right to set the date and time.
Page 285: Group Commands
12: User Authentication To view or update a group: 1. In the Groups table, select the group and click the View Group button. The group attributes and permissions will be displayed in the lower section of the page. 2. Modify the group attributes and permissions and click the Edit Group button. To delete a group: 1.
Page 286: Figure 12-11 User Authentication > Ssh Keys
12: User Authentication To configure the SLC unit to use SSH keys to authenticate users: 1. From the main menu, select User Authentication - SSH Keys. The following page displays. Figure 12-11 User Authentication > SSH Keys SLC™ 8000 Advanced Console Manager User Guide...
Page 287: Imported Keys (Ssh In)
12: User Authentication 2. Enter the following: Imported Keys (SSH In) Host & User Associated with Key These entries are required in the following cases: The imported key file does not contain the host that the user will be making an SSH ...
Page 288: Host And Login For Export
12: User Authentication Key Name Name of the key. This will generate the public key filename (e.g., <keyname>.pub). Key Type Select either the RSA or the DSA encryption standard. RSA is the default. Number of Bits Select the number of bits in the key (1024, 2048, 3072, or 4096). The default is 2048.
Page 289: Figure 12-12 Current Host Keys
12: User Authentication Figure 12-12 Current Host Keys 2. View or enter the following: Select the All Keys checkbox to reset all default key(s), or select one or more Reset to Default Host checkboxes to reset defaults for RSA, or DSA keys. All checkboxes are unselected by default.
Page 290: Ssh Commands
12: User Authentication Path Path of the directory where the host key will be stored. User ID to use to SCP or SFTP the file. Login Password / Password to use to SCP or SFTP the file. Retype Password 3. Click the Apply button. 4.
Page 291: Figure 12-13 User Authentication > Custom Menus
12: User Authentication Figure 12-13 User Authentication > Custom Menus 2. In the lower section of the page, enter the following: Note: To clear fields in the lower part of the page, click the Clear Custom Menu button. Menu Name Enter a name for the custom menu.
Page 292 12: User Authentication Nicknames Select to enable nicknames to be displayed in the menu instead of the commands. If the custom menu will have nicknames, this should also be selected prior to entering the commands in the web page, as this will facilitate entry of the nicknames.
Page 293: Custom User Menu Commands
12: User Authentication To delete a custom menu: 1. Select the custom menu in the Custom Menus table. 2. Click the Delete Custom Menu button. To create a new custom menu from an existing custom menu: 1. Select the custom menu in the Custom Menus table. 2.
Page 294: 13: Maintenance
13: Maintenance The system administrator performs maintenance activities and operates the SLC advanced console manager using the options for the Maintenance tab and additional commands on the command line interface. Firmware & Configurations The Firmware & Configuration page allows the system administrator to: Configure the FTP, SFTP, or TFTP server that will be used to provide firmware updates and ...
Page 295: Https Push Configuration Restore
13: Maintenance HTTPS Push Configuration Restore The HTTPS Push Configuration feature allows a saved configuration to be pushed to a SLC via a command line tool such as "curl" that includes the configuration to upload: % curl --insecure --request POST --form "file=@/home/users/admin/ current-slccfg.tgz"...
Page 296: Figure 13-1 Maintenance > Firmware & Configurations
13: Maintenance To configure settings: 1. Click the Maintenance tab. The Maintenance > Firmware & Configurations page displays. Figure 13-1 Maintenance > Firmware & Configurations SLC™ 8000 Advanced Console Manager User Guide...
Page 297: Internal Temperature
5 minutes. Subsequent boot times will be approximately 2 minutes. To view a log of all prior firmware updates, click the Firmware Update Log  link. The name of the firmware update file downloaded from the Lantronix web site. Firmware Filename SLC™ 8000 Advanced Console Manager User Guide...
Page 298: Boot Banks And Bootloader Settings
13: Maintenance A key for validating the firmware file. The key is provided with the firmware file (32 hex characters). Load Firmware Via From the drop-down list, select the method of loading the firmware. Options are FTP, TFTP, HTTPS, NFS, USB, and SD Card. FTP is the default. If you select HTTPS, the Upload File link becomes active.
Page 299: Load Firmware Via Options
13: Maintenance Load Firmware Via Options Note: Prior to firmware update, the current configuration is saved to the Local Disk location with the name "before_MMDDYY_HHMM". HTTPS Click Upload File to update the SLC firmware. NFS Mounted Dir Select the NFS mounted directory from the drop-down menu. USB Port Click to select USB port.
Page 300 13: Maintenance Location for Save, If you selected to save or restore a configuration, select one of the following Restore, or Manage options: Manage: This link allows you to view and delete all configurations saved to  the selected location. This feature is available for the Local Disk, NFS Mounts, CIFS Share, USB, and SD Card locations.
Page 301: Manage Files
13: Maintenance Figure 13-2 Network > Firmware/Config > Manage Manage Files The Manage Files web page allows you to view the firmware and configuration files saved to the selected location and rename, download or delete any of the files. This feature is available for the Local Disk, NFS Mounts, CIFS Share, USB, and SD card locations.
Page 302: System Logs
13: Maintenance System Logs Maintenance > System Logs page allows you to view various system logs. (See Chapter 7: Services on page 116 for more information about system logs.) You can also clear logs on this page. To view system logs: 1.
Page 303: System Log Commands
Figure 13-4 System Logs From a queried system log (e.g., Figure 13-4), you may email this information to a specific individual or to Lantronix Technical Support. See Emailing Logs and Reports (on page 311). To clear system logs: 1. From the Maintenance >...
Page 304: Audit Log
13: Maintenance Audit Log page displays a log of all actions that have changed the Maintenance > Audit Log configuration of the SLC 8000 advanced console manager. The audit log is disabled by default. Use the Services > SSH/Telnet/Logging page (Chapter 7: Services) to enable the audit log and to configure its maximum size.
Page 305: Audit Log Commands
13: Maintenance Audit Log Commands Go to Audit Log Commands to view CLI commands which correspond to the web page entries described above. Email Log Maintenance > Email Log page displays a log of all attempted emails. The log file can be cleared from here.
Page 306: Diagnostics
13: Maintenance Diagnostics page provides methods for diagnosing problems such as network Maintenance > Diagnostics connectivity and device port input/output problems. You can use equivalent commands on the command line interface. 1. Click the Maintenance tab and select the Diagnostics option. The following page displays: Figure 13-7 Maintenance >...
Page 307 13: Maintenance IPv6 Neighbor The IPv6 Neighbor table is used to view a list of neighbor's IPv6 addresses on the same Table network, and their corresponding MAC addresses. Netstat Displays network connections. If you select the checkbox, select the TCP or UDP protocol, or select All for both protocols to control the output of the Netstat report.
Page 308: Figure 13-8 Maintenance > Diagnostics
13: Maintenance iPerf Select to start an iPerf3 server or client to measure network throughput. The server will run in “one-off” mode. This means that it will handle one client connection and then terminate. The server will wait indefinitely for the client to connect. The client will time out if a connection is not made to a server within 15 seconds.
Page 309: Diagnostic Commands
13: Maintenance Diagnostic Commands Go to Diagnostic Commands to view CLI commands which correspond to the web page entries described above. Status/Reports On this page, you can view the status of the SLC ports and power supplies and generate a selection of reports.
Page 310: Figure 13-10 Generated Status/Reports
13: Maintenance Port Status Displays the status of each device port: mode, user, any related connections, and serial port settings. Port Counters Displays statistics related to the flow of data through each device port. IP Routes Displays the routing table. Connections Displays all active connections for the SLC unit: Telnet, SSH, TCP, UDP, device port, and modem.
Page 311: Status Commands
CLI commands which correspond to the web page entries Status Commands described above. Emailing Logs and Reports The following logs and reports can be directly emailed to a specific individual or to Lantronix Technical Support directly from the log page: System Log (Figure 13-4) ...
Page 312: Figure 13-11 Emailed Log Or Report
13: Maintenance Figure 13-11 Emailed Log or Report To view information about the SLC unit and contact information for Lantronix: 1. Click the button on the upper right portion of any web page to access the About SLC page (see Figure 13-12).
Page 313: Figure 13-12 About Slc
13: Maintenance Figure 13-12 About SLC SLC™ 8000 Advanced Console Manager User Guide...
Page 314: Events
13: Maintenance Events On this page, you can define what action you want to take for events that Maintenance > Events may occur in the SLC unit. 1. Click the Maintenance tab and select the Events option. The following page displays: Figure 13-13 Maintenance >...
Page 315: Events Commands
13: Maintenance Outlet When the trigger is set to RPM Load over Threshold, select the outlet that will be monitored for a current that exceeds a defined threshold. The RPM needs to support providing a current level for the selected outlet as part of its status information.
Page 316: Lcd/Keypad
13: Maintenance LCD/Keypad The LCD has a series of screens, consisting of 2 lines of 24 characters each. Specific screens and the display order can be configured. The keypad associated with the LCD can also be configured. Enabling the Auto-Scroll LCD Screens option enables scrolling through the screens and pausing the number of seconds specified by the Scroll Delay between each screen.
Page 317: Administrative Lcd/Keypad Commands
13: Maintenance order of the screens. Note: The User Strings screen displays the 2 lines defined by the User Strings - Line 1 and Line 2 fields. By default, these user strings are blank. 4. Click Apply to save. To configure the Keypad: 1.
Page 318: Administrative Banner Commands
13: Maintenance 2. Enter the following fields. Welcome Banner The text to display on the command line interface before the user logs in. May contain up to 1024 characters. Single quote and double quote characters are not supported. Welcome to the SLC is the default. Note: To create more lines use the \n character sequence.
Page 319: 14: Application Examples
14: Application Examples Each SLC advanced console manager has multiple serial ports and two network ports. Each serial port can be connected to the console port of an IT device. Using a network port (in-band) or a modem (out-of-band) for dial-up connection, an administrator can remotely access any of the connected IT devices using Telnet or SSH.
Page 320 14: Application Examples [SLC]> show deviceport port 2 ___Current Device Port Settings________________________________________________ Number: 2 Name: Port-2 Modem Settings-------------Data Settings----------IP Settings------- Modem State: disabled Baud Rate: 9600 Telnet: disabled Modem Mode: text Data Bits: 8 Telnet Port: 2002 Timeout Logins: disabled Stop Bits: 1 SSH: disabled Local IP: negotiate...
Page 321: Dial-In (Text Mode) To A Remote Device
14: Application Examples <shutdown messages from SUN> 6. Use the escape sequence to escape from direct mode back to the command line interface. Dial-in (Text Mode) to a Remote Device This example shows a phone line connection to the internal modem of the SLC, and a Sun server connected to a device port.
Page 322: Local Serial Connection To Network Device Via Telnet
14: Application Examples 5. Connect to the SUN Unix server using the direct command. [SLC]> connect direct deviceport 2 SunOS 5.7 login: frank Password: Last login: Wed Jul 14 16:07:49 from computer Sun Microsystems Inc.SunOS 5.7Generic October 1998 SunOS computer 5.7 Generic_123485-05 sun4m sparc SUNW,SPARCstation-20 6.
Page 323 14: Application Examples Logging Settings---------------------------------------------------- Local Logging: disabled USB Logging: disabled Email Logging: disabled Log to: upper slot Byte Threshold: 100 Max number of files: 10 Email Delay: 60 seconds Max size of files: 2048 Restart Delay: 60 seconds Email To: <none> Email Subject: Port %d Logging Email String: <none>...
Page 324: 15: Command Reference
15: Command Reference After an introduction to using commands, this chapter lists and describes all of the commands available on the SLC command line interface accessed through Telnet, SSH, or a serial connection. The commands are in alphabetical order by category. Introduction to Commands Following is some information about command syntax, command line help, and tips for using commands.
Page 325: Command Line Help
15: Command Reference Action Category (continued) connect bidirection|direct|global|listen|restart|script|terminate |unidirection diag arp|arp6|internals|iperf|lookup|loopback|netstat|nettrace|pe rfstat|ping|ping6|sendpacket|top|traceroute|usb admin banner|chip|clear|config|events|feature|firmware|ftp|keypad| lcd|memory|quicksetup|reboot|shutdown|site|version|web Terminates CLI session. logout Command Line Help For general Help and to display the commands to which you have rights, type: help For general command line Help, type: help command line For release notes for the current firmware release, type: help release...
Page 326: Administrative Commands
15: Command Reference When the number of lines displayed by a command exceeds the size of the window (the  default is 25), the command output is halted until the user is ready to continue. To display the next line, press Enter, and to display the page, press the space bar. You can override the number of lines (or disable the feature altogether) with the set cli command.
Page 327 15: Command Reference Description Displays the welcome, SSH, login, and logout banners. admin banner ssh Syntax admin banner ssh <Banner Text> Description Configures the banner that displays prior to SSH authorization. admin banner welcome Syntax admin banner welcome <Banner Text> Description Configures the banner displayed before the user logs in.
Page 328 15: Command Reference admin config rename|delete Syntax admin config delete <Config Name> location <local|nfs|cifs|usb|sdcard> [usbport <U1|U2>] [nfsdir <NFS Mounted Directory>] admin config rename <Config Name> location <local|nfs|cifs|usb|sdcard> [usbport <U1|U2>] [nfsdir <NFS Mounted Directory>] Description Deletes or renames a configuration. admin config factorydefaults Syntax admin config factorydefaults [savesshkeys <enable|disable>] [savesslcert <enable|disable>] [preserveconfig <Config Params to Preserve>]...
Page 329 15: Command Reference <Config Params to Preserve> is a comma-separated list of current configuration parameters to retain after the config restore or factorydefaults: Networking Services Date/Time Local Users Remote Authentication Device Ports USB Port/SD Card Description Restores a saved configuration to the SLC 8000 advanced console manager. admin config save Syntax admin config save <Config Name>...
Page 330 15: Command Reference admin firmware bootcount Syntax admin firmware bootcount <0|1> Description Configures bootcount parameter that control how many times the SLC has failed to boot. If this value reaches Boot Limit, the SLC will switch to the alternate boot bank. The SLC will switch to the alternate boot bank only once.
Page 331 15: Command Reference admin firmware watchdog Syntax admin firmware watchdog <disable|180-1800 seconds> Description Configures how long the SLC waits for boot completion before forcing a reboot. admin firmware show Syntax admin firmware show [viewlog <enable|disable>] Description Lists the current firmware revision, the boot bank status, and optionally displays the log containing details about firmware updates.
Page 332 15: Command Reference Description Sets the FTP server password and prevent it from being echoed. admin ftp server Syntax admin ftp server <IP Address or Hostname> [login <User Login>] [path <Directory>] Description Sets the FTP/TFTP/SFTP server used for firmware updates and configuration save/restore. admin ftp show Syntax admin ftp show...
Page 333 15: Command Reference admin keypad show Syntax admin keypad show Description Displays keypad settings. admin lcd reset Syntax admin lcd reset Description Restarts the program that controls the LCD. admin lcd default Syntax admin lcd default Description Restores the LCD screens to their factory default settings. admin lcd screens Syntax admin lcd screens...
Page 334 15: Command Reference admin lcd line1 Syntax admin lcd line1 <1-24 Chars> line2 <1-24 Chars> Description Sets the strings displayed on the LCD user string screen. admin lcd scrolling Syntax admin lcd scrolling <enable|disable> [scrolldelay <Delay in Seconds>] [idledelay <Delay in Seconds>] Description Configures auto-scroll of the LCD screens, including the number of seconds after keypad input before auto-scrolling restarts.
Page 335 15: Command Reference admin quicksetup Syntax admin quicksetup Description Runs the quick setup script. admin reboot Syntax admin reboot Description Immediately terminates all connections and reboots the SLC 8000 advanced console manager. The front panel LCD displays the “Rebooting the SLC” message, and the normal boot sequence occurs.
Page 336 15: Command Reference admin version Syntax admin version Description Displays current hardware and firmware information. admin web certificate import Syntax admin web certificate import via <sftp|scp> [rootfile <Cert Authority File>] certfile <Certificate File> privfile <Private Key File> host <IP Address or Name> login <User Login> [path <Path to Files>] Description Imports an SSL certificate.
Page 337 15: Command Reference admin web group Syntax admin web group <Local or Remote Group Name> Description Configures the group that can access the web. admin web server Syntax admin web server <enable|disable> Description Enables or disables running the web server (TCP ports 80 and 443). admin web sha2 Syntax admin web sha2 <enable|disable>...
Page 338 15: Command Reference admin web show Syntax admin web show [viewcipherlist <enable|disable>] Description Displays the current sessions, with optional extra sessions or current ciphers. admin web banner Syntax admin web banner Description Configures the banner displayed on the web home page. admin web iface Syntax admin web iface <none,eth1,eth2,ppp>...
Page 339 Description Restarts the web server. Warning: The following admin chip commands should only be used under the direction of Lantronix Technical Support. admin chip resetmodem Description Resets the internal modem chip in key system chips. Syntax admin chip resetmodem...
Page 340: Audit Log Commands
15: Command Reference Description Resets the SFP chip in key system chips. Syntax admin chip resetsfp ethport <1|2> Audit Log Commands show auditlog Syntax show auditlog [command|user|clear] Description Displays audit log. By default, shows the audit log sorted by date/time. You can sort it by user or command, or clear the audit log.
Page 341: Kerberos Commands
15: Command Reference show auth Syntax show auth Description Displays authentication methods and their order of precedence. show user Syntax show user Description Displays attributes of the currently logged in user. Kerberos Commands set kerberos Syntax set kerberos <one or more parameters> Parameters allowdialback <enable|disable>...
Page 342: Ldap Commands
15: Command Reference Description Configures the SLC 8000 advanced console manager to use Kerberos to authenticate users who log in via the Web, SSH, Telnet, or the console port. show kerberos Syntax show kerberos Description Displays Kerberos settings. LDAP Commands set ldap Syntax set ldap <one or more parameters>...
Page 343 15: Command Reference Note: User Permissions Commands (on page 351) for information on groups and user rights. Description Configures the SLC 8000 advanced console manager to use LDAP to authenticate users who log in via the Web, SSH, Telnet, or the console port. set ldap bindpassword Description Set the LDAP bind password.
Page 344: Local Users Commands
15: Command Reference Local Users Commands set localusers add|edit Syntax set localusers add|edit <User Login> <one or more parameters> Parameters allowdialback <enable|disable> breakseq <1-10 Chars> changenextlogin <enable|disable> changepassword <enable|disable> clearports <Port List> dataports <Port List> dialbacknumber <Phone Number> displaymenu <enable|disable> escapeseq <1-10 Chars>...
Page 345 15: Command Reference Description Sets whether a complex login password is required. Complex passwords require at least one uppercase character, one lowercase character, one digit, and one non-alphanumeric character. set localusers state Syntax set localusers state <enable|disable> Description Enables or disables authentication of local users. set localusers delete Syntax set localusers delete <User Login>...
Page 346 15: Command Reference Description Sets a login password for the local user. set localusers periodlockout Syntax set localusers periodlockout <Number of Minutes> Description Sets the number of minutes after a lockout before the user can try to log in again. Disabled by default.
Page 347 15: Command Reference Description Sets local users. to console only admin setting. If enabled, the admin user can only log into the SLC via the console, and will be prevented from logging in via the web, SSH or Telnet. show localusers Syntax show localusers [display <brief|extended>] [user <User Login>] Description...
Page 348: Nis Commands
15: Command Reference NIS Commands set nis Syntax set nis <one or more parameters> Parameters allowdialback <enable|disable> broadcast <enable|disable> clearports <Port List> custommenu <Menu Name> dialbacknumber <Phone Number> dataports <Port List> domain <NIS Domain Name> breakseq <1-10 Chars> escapeseq <1-10 Chars> group <default|power|admin>...
Page 349: Radius Commands
15: Command Reference RADIUS Commands set radius Syntax set radius <one or more parameters> Parameters state <enable|disable> allowdialback <enable|disable> clearports <Port List> custommenu <Menu Name> dataports <Port List> dialbacknumber <Phone Number> breakseq <1-10 Chars> escapeseq <1-10 Chars> group <default|power|admin> listenports <Port List> permissions <Permission List>...
Page 350: Tacacs+ Commands
15: Command Reference show radius Syntax show radius Description Displays RADIUS settings. TACACS+ Commands set tacacs+ Syntax set tacacs+ <one or more parameters> Parameters state <enable|disable> server1 <IP Address or Name> server2 <IP Address or Name> server3 <IP Address or Name> encrypt <enable|disable>...
Page 351: User Permissions Commands
15: Command Reference show tacacs+ Syntax show tacacs+ Description Displays TACACS+ settings. User Permissions Commands set localusers group Syntax set localusers add|edit <user> group <default|power|admin|custom group name> Description Adds a local user to a user group or changes the group the user belongs to. set localusers lock Syntax set localusers lock <User Login>...
Page 352: Remote User Commands
15: Command Reference <Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do, ub, rp, rs, rc, dr, wb, sn, ad, md, sd To remove a permission, type a minus sign before the two-letter abbreviation for a user permission.
Page 353 15: Command Reference dialbacknumber <Phone Number> group <default|power|admin|Custom Group Name> permissions <Permissions List> where <Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do, ub, rp, rs, rc, dr, wb, sn, ad, md, sd To remove a permission, type a minus sign before the two-letter abbreviation for a user right.
Page 354: Consoleflow Commands
15: Command Reference Description Removes a remote user. show remoteusers Syntax show remoteusers [display <brief|extended>] [user <User Login>] Description Displays settings for all remote users. set <nis|ldap|radius|kerberos|tacacs+> group Syntax set <nis|ldap|radius|kerberos|tacacs> group <default|power|admin> Description Sets a permission group for remotely authorized users. ConsoleFlow Commands set cflow client Syntax...
Page 355 15: Command Reference Description Enable or disable firmware and configuration updates via ConsoleFlow. set cflow rebootafterupdate Syntax set cflow rebootafterupdate <enable|disable> Description Enable or disable reboots after firmware or configuration updates. set cflow connection Syntax set cflow connection <cloud|onpremise> <one or more parameters> Parameters host <IP Address or Name>...
Page 356 15: Command Reference Description Configure the timeout for the ConsoleFlow Web Terminal sessions. set cflow digitalprobe Syntax set cflow digitalprobe <Device Port # or List or Name> frequency <disable|15-3600 seconds> Description Configures the device port digital probe for determining managed device connection status. set cflow id Syntax set cflow id...
Page 357: Cli Commands
15: Command Reference CLI Commands set cli Syntax set cli scscommands <enable|disable> Commands: info direct <Device Port # or Name> version listen <Device Port # or Name> reboot clear <Device Port # or Name> poweroff telnet <IP Address or Name> listdev ssh <IP Address or Name>...
Page 358: Connection Commands
15: Command Reference show cli Syntax show cli Description Displays current CLI settings. show user Syntax show user Description Displays attributes of the currently logged in user. set history Syntax set history clear Description Clears the commands that have been entered during the command line interface session. show history Syntax show history...
Page 359 15: Command Reference charcount <# of Chars> charseq <Char Sequence> charxfer <toendpoint|fromendpoint> date <MMDDYYhhmm[ss]> deviceport <Device Port # or Name> exclusive <enable|disable> ssh <IP Address or Name> [port <TCP Port>][<SSH flags>] where <SSH flags> is one or more of: user <Login Name> version <1|2>...
Page 360 15: Command Reference connect global outgoingtimeout Syntax connect global outgoingtimeout <disable|1-9999 seconds> Description Sets the amount of time the SLC 8000 advanced console manager will wait for a response (sign of life) from an SSH/Telnet server that it is trying to connect to. Note: This is not a TCP timeout.
Page 361: Console Port Commands
15: Command Reference tcp <IP Address> [port <TCP Port>] telnet <IP Address or Name> [port <TCP Port] trigger <now|datetime|chars> If the trigger is datetime (establish connection at a specified date/time), enter the date parameter. If the trigger is chars (establish connection on receipt of a specified number or characters or a character sequence), enter either the charcount or the charseq parameter.
Page 362: Custom User Menu Commands
15: Command Reference showlines <disable|1-50 lines> stopbits <1|2> timeout <disable|1-30> Description Configures console port settings. show consoleport Syntax show consoleport Description Displays console port settings. Custom User Menu Commands When creating a custom user menu, note the following limitations: Maximum of 20 custom user menus. ...
Page 363 15: Command Reference Syntax set menu edit <Menu Name> <parameter> Parameters command <Command Number> nickname <Command Number> redisplaymenu <enable|disable> shownicknames <enable|disable> title <Menu Title> Description Changes a command within an existing custom user menu. Changes a nickname within an existing custom user menu. Enables or disables the redisplay of the menu before each prompt. Enables or disables the display of command nicknames instead of commands.
Page 364: Date And Time Commands
15: Command Reference show menu Syntax show menu <all|Menu Name> Description Displays a list of all menu names or all commands for a specific menu. Date and Time Commands set datetime Syntax set datetime <one parameter> Parameters date <MMDDYYhhmm[ss]> timezone <Time Zone> Note: If you do not know a valid <Time Zone>, enter 'timezone <invalid time zone>' and you will be guided through selecting one from the available time zones.
Page 365: Device Commands
15: Command Reference poll <local|public> publicserver <IP Address or Hostname> state <enable|disable> sync <broadcast|poll> Description Synchronizes the SLC 8000 advanced console manager with a remote time server using NTP. show ntp Syntax show ntp Description Displays NTP settings. Device Commands set command Syntax set command <Device Port # or Name or List>...
Page 366: Device Port Commands
15: Command Reference Displays the status for all connected Sensorsoft devices and ignores the device port\nlist. Note: The Sensorsoft lowtemp and hightemp settings are given in the scale specified by the degrees setting. Description Sends commands to (or control) a device connected to an SLC device port over the serial port. Note: Currently the only devices supported for this type of interaction are Sensorsoft devices.
Page 367 15: Command Reference dialbackretries <1-10> dialinlist <Host List for Dial-in> dialoutlogin <Remote User Login> dialoutnumber <Phone Number> dodauth <pap|chap> dodchaphost <CHAP Host or User Name> dtrcontrol <none|toggledtr|autodtr> emailsubj <Email Subject> emailto <Email Address> flowcontrol <none|xon/xoff|rts/cts> group <Local or Remote Group Name> idletimeoutmsg <enable|disable>...
Page 368 15: Command Reference sshtimeout <disable|1-3600 seconds> stopbits <1|2> sysloglogging <enable|disable> tcpauth <enable|disable> tcpdatadir <netin|netout|both> tcpin <enable|disable> tcpport <TCP Port> tcptimeout <disable|1-3600 seconds> telnetauth <enable|disable> telnetdatadir <netin|netout|both> telnetin <enable|disable> telnetport <TCP Port> telnetsoftiac <enable|disable> telnettimeout <disable|1-3600 sec> termstr <Termination String> timeoutlogins <disable or 1-30 minutes> tokenaction <List of none,log,trap,email,string,power>...
Page 369 15: Command Reference set deviceport global Syntax set deviceport global <one or more parameters> Parameters sshport <TCP Port> telnetport <TCP Port> tcpport <TCP Port> Description Configures settings for all or a group of device ports. show deviceport global Syntax show deviceport global Description Displays global settings for device ports.
Page 370: Diagnostic Commands
15: Command Reference Description Displays the list of port types (RJ45 or USB) for all device ports. show portcounters Syntax show portcounters [deviceport <Device Port List or Name>] [email <Email Address>] Description Displays device port statistics and errors for one or more ports. You can optionally email the displayed information.
Page 371 15: Command Reference diag internals Syntax diag internals [email <Email Address>] Enable debug printing on the next SLC reboot: diag internals [printapplication <enable|disable> printconnection <enable|disable> printmanagement <enable|disable> Description Displays information on the internal memory, storage and processes of the SLC 8000 advanced console manager.
Page 372 15: Command Reference Description Runs an iPerf server or client to measure network throughput. You can optionally email the output. The SLC uses iPerf version 3.X, which is incompatible with older versions (2.x). diag lookup Syntax diag lookup <Name> [email <Email Address>] Description Resolves a host name into an IP address.
Page 373 15: Command Reference diag nettrace Syntax diag nettrace <one or more parameters> Parameters ethport <1|2> protocol <tcp|udp|icmp|esp> host <IP Address or Name> numpackets <Number of Packets> verbose <low|medium|high|disable> pcapfile <File Name> location <usb:sdcard> [usbport <U1:U2>] Description Displays all network traffic, applying optional filters (the output can be saved to a Wireshark pcap file on external storage).
Page 374 15: Command Reference Syntax diag sendpacket host <IP Address or Name> port <TCP or UDP Port Number> [string <Packet String>] [protocol <tcp|udp>] [count <Number of Packets>] diag top Syntax diag top [parameters] Description Displays CPU usage, memory usage and tasks. Parameters continuous <enable|disable>...
Page 375: Events Commands
15: Command Reference Events Commands admin events add Syntax admin events add <trigger> <response> <trigger> is one of: dpdatadrop, humidlimit, pingfails, receivetrap, rpmload, nomodemdialor templimit. <response> is one of: action syslog action emailalert emailaddress <destination email address> action snmptrap nms <SNMP NMS> community <SNMP Community> action <fwdalltrapseth|fwdseltrapeth>...
Page 376: Group Commands
15: Command Reference Parameters community <SNMP Community> deviceport <Device Port # or Name> ethport <1|2> nms <SNMP NMS> host <IP Address or Name> oid <SNMP Trap OID> outlet <Outlet #> rpm <RPM Id or Name> threshold <Load Percentage|Current in Amps>usbport <u1|u2> internal modem emailaddress <destination email address>...
Page 377: Host List Commands
15: Command Reference Rename a group: set groups rename <Group Name> newname <New Group Name> Delete a group: set groups delete <Group Name> Show one or more groups: show groups [name <Group Name>] members <enable|disable> Host List Commands set hostlist add|edit <Host List Name> Syntax set hostlist add|edit <Host List Name>...
Page 378: Internal Modem Commands
15: Command Reference set hostlist edit <Host List Name> move Syntax set hostlist edit <Host List Name> move <Host Number> position <Host Number> Description Moves a host entry to a new position in the host list. set hostlist delete Syntax set hostlist delete <Host List>...
Page 379: Ip Filter Commands
15: Command Reference initscript <Modem Init Script> nat <enable|disable> chapauth <chaphost|localusers> checkdialtone <disable|5-600 min> dialbacknumber <usernumber|Phone Number> dialoutnumber <Phone Number> dialbackdelay <PPP Dialback Delay> dialoutlogin <Remote User Login> dialbackretries <1-10> Set the modem password and CHAP secret (any extra parameters will be ignored): set intmodem dialoutpassword set intmodem chapsecret Note:...
Page 380: Logging Commands
15: Command Reference Description Maps an IP filter to an interface. set ip filter rules Syntax set ipfilter rules <parameters> Parameters add <Ruleset Name> delete <Ruleset Name> edit <Ruleset Name> <Edit Parameters> Edit Parameters append insert <Rule Number> replace <Rule Number> delete <Rule Number>...
Page 381 15: Command Reference tokendatadetect <enable|disable> tokenstring <Regex String> tokentrigger <bytecnt|charstr> usblogging <enable|disable> usbmaxfiles <Max # of Files> usbmaxsize <Size in Bytes> usbport <u1|u2|sd> sysloglogging <enable|disable> Description Configures logging settings for one or more device ports. Local logging must be enabled for a device port for the locallog commands to be executed. To use the set locallog clear command, the user must have permission to clear port buffers (see Chapter 12: User...
Page 382 15: Command Reference Description Clear the modem log (the modem log is automatically pruned when it reaches 50K): set log modem ppplog Syntax set log modem ppplog <enable|disable> Description Enables PPP activity messages in the modem log. set log modem ppplog <enable|disable> Syntax set log modem pppdebug Description...
Page 383: Network Commands
15: Command Reference startbyte <Byte Index> logfile <NFS, USB or SD card Log File> Defaults: bytes=1000, startbyte=1, numlines=40 Lists the NFS, USB, or SD card log files, either for a specific device port, or all log files in a USB, NFS, or SD card location: show log files nfs|usb|sdcard [localdir <NFS Mount Local Directory>] [usbport <U1|U2>]...
Page 384 15: Command Reference set network dnsipv4prec Syntax set network dnsipv4prec <enable|disable> Description Configures IPv4/IPv6 lookup precedence. set network gateway Syntax set network gateway <parameters> Parameters default <IP Address> ipv6default <IPv6 Address> precedence <dhcp|default> failover <IP Address> pingip <IP Address> ethport <1|2> pingdelay <1-250 seconds>...
Page 385 15: Command Reference Description Set default & fail-over gateways (the fail-over gateway is used if an IP address usually accessible through the default gateway fails to return 1 or more pings), and configure settings for supported fail-over devices. set network host Syntax set network host <Hostname>...
Page 386 15: Command Reference Description Displays DNS settings. show network gateway Syntax show network gateway Description Displays gateway settings. show network host Syntax show network host Description Displays the network host name of the SLC 8000 advanced console manager. show network port Syntax show network port <1|2>...
Page 387: Nfs And Smb/Cifs Commands
15: Command Reference show network all Syntax show network all Description Displays all network settings. NFS and SMB/CIFS Commands set nfs mount Syntax set nfs mount <one or more parameters> Parameters locdir <Directory> mount <enable|disable> remdir <Remote NFS Directory> rw <enable|disable> Enables or disables read/write access to remote directory.
Page 388: Performance Monitoring Commands
15: Command Reference eth2 <enable|disable> state <enable|disable> workgroup <Windows workgroup> Description Configures the SMB/CIFS share, which contains the system and device port logs. The admin config command saves SLC configurations on the SMB/CIFS share. set cifs password Syntax set cifs password Description Changes the password for the SMB/CIFS share login (default is cifsuser).
Page 389 15: Command Reference Description Display global settings and all probes, or a selected probe. show perfmon status Syntax show perfmon status Parameters show perfmon status [probe <Probe Id or Name>] Description Display the running status of all probes or a selected probe. show perfmon operations Syntax show perfmon operations...
Page 390 15: Command Reference show perfmon accumulated Syntax show perfmon accumulated Parameters show perfmon accumulated <Probe Id or Name> [set <Operation Set Number>] [email <Email Address>] Description Display accumulated statistics for last completed operation set or selected set, and optionally email the statistics. set perfmon repo Syntax set perfmon repo <local|usb|sdcard>...
Page 391 15: Command Reference Description Enable responders for UDP echo. set perfmon tcpconnectresp Syntax set perfmon tcpconnectresp <TCP Port Number|disable> Description Enable responders for TCP connect. set perfmon add Syntax set perfmon add <Probe Name> type <dns|http|icmp|tcpconnect|udpecho|udpjitter|udpjittervoip> Parameters name <Probe Name> starttime <now|HH:MM[:SS][MMDD]|afterHH:MM:SS>...
Page 392 15: Command Reference Parameters name <Probe Name> starttime <now|HH:MM[:SS][MMDD]|afterHH:MM:SS> operations <Number of Operations to Perform> frequency <Seconds between Operations> packets <Number of Packets to Send> interval <Milliseconds between Packets> timeout <Milliseconds to Wait for Response> host <Destination IP Address or Name> port <Destination Port>...
Page 393: Routing Commands
15: Command Reference Routing Commands set routing Syntax set routing [parameters] Parameters rip <enable|disable> route <1-64> ipaddr <IP Address> mask <Netmask> gateway <IP Address> static <enable|disable> version <1|2|both> Description Configures static or dynamic routing. To delete a static route, set the IP address, mask, and gateway parameters to 0.0.0.0. show routing Syntax show routing [resolveip <enable|disable>] [email <Email Address>]...
Page 394 15: Command Reference Description Sends a command to control one or more outlets on an RPM. Syntax set rpm command <RPM Id or Name> device <reboot|shutdown> Description Sends a command to control an RPM device. Syntax set rpm command <RPM Id or Name> beeper <mute|enable|disable> Description Sends a command to control an RPM beeper.
Page 395 15: Command Reference Parameters name <New RPM Name> outlets <# of Outlets> ipaddr <IP Address> port <TCP or Device Port> login <RPM Admin Login> rocommunity <SNMP Read-Only Community> rwcommunity <SNMP Read-Write Community> logstatus <disable|1-60 minutes> snmptraps <enable|disable> emailaddress <Email Address> upslowbattery <shutdown|shutdownall|shutdownboth|allowfailure>...
Page 396: Script Commands
15: Command Reference Script Commands set script import Syntax set script import <interface|batch|custom> via <ftp|scp|copypaste> [file <Script File>] [name <Script Name>] [host <IP Address or Name>] [login <User Login>] [path <Path to Script File>] [filetype <expect|tcl|python>] Note: Interface scripts will be given default/do user rights; Batch and Custom scripts will be given admin/ad user rights.
Page 397 15: Command Reference set script runcli Syntax set script runcli <Script Name> [parameters <Command Line Parameters>] [debug <enable|disable>] Description Run a CLI batch or custom script one time (script output will be displayed in the current terminal; custom script output will be saved in the repository). connect script Syntax connect script <Script Name>...
Page 398: Sd Card Commands
15: Command Reference show script status Syntax show script status [script <Script Name>] Description Display the running status of all custom scripts or a single custom script. show script operations Syntax show script operations <Script Name> Description Display list of completed results for a custom script. show script results show script results <Script Name>...
Page 399: Security Commands
15: Command Reference Renames a file on a SD Card: set sdcard rename <Filename> newfile <New Filename> Copies a file on a SD Card: set sdcard copy <Filename> newfile <New Filename> Removes a file on a SD Card: set sdcard delete <Current Filename> Displays information about the SD Card device: show sdcard Security Commands...
Page 400 15: Command Reference Parameters netlog <off|error|warning|info|debug> auditlog <enable|disable> authlog <off|error|warning|info|debug> auditsize <1-500 Kbytes> diaglog <off|error|warning|info|debug> clicommands <enable|disable> servlog <off|error|warning|info|debug> includesyslog <enable|disable> devlog <off|error|warning|info|debug> snmp <enable|disable> genlog <off|error|warning|info|debug> v1 <enable|disable> syslogserver1 <IP Address or Name> v2c <enable|disable> syslogserver2 <IP Address or Name> traps <enable|disable>...
Page 401: Site Commands
15: Command Reference Description Displays current service settings. Site Commands Configure a set of site-oriented modem parameters that can be activated by various modem- related events (authentication, outbound network traffic for DOD connections, etc.). The site parameters will override any parameters configured for the modem. To use sites with a modem, enable 'usesites'.
Page 402: Ssh Key Commands
15: Command Reference Parameters add <IP Address> delete <IP Address> search <localsubnet|ipaddrlist|both> Description Detects and displays all SLC 8000 advanced console manager or user-defined IP addresses on the local network. show slcnetwork Syntax show slcnetwork [ipaddrlist <all|Address Mask>] Description Detects and displays all SLC 8000 advanced console managers on the local network. Without the ipaddrlist parameter, the command searches the SLC network.
Page 403 15: Command Reference Description Deletes an ssh key. Specify the keyuser and keyhost to delete an imported key; specify the keyuser and keyname to delete exported key. set sshkey export Syntax set sshkey export <ftp|sftp|scp|copypaste> <one or more parameters> Parameters [format <openssh|secsh>] [host <IP Address or Name>] [login <User Login>]...
Page 404 15: Command Reference set sshkey server import type Syntax set sshkey server import type <rsa|dsa> via <sftp|scp> pubfile <Public Key File> privfile <Private Key File> host <IP Address or Name> login <User Login> [path <Path to Key File>] Description Imports an SLC host key. set sshkey server reset Syntax set sshkey server reset [type <all|rsa|dsa>]...
Page 405: Status Commands
15: Command Reference Description Displays all keys that have been imported or keys for a specific user, IP address, or name. show sshkey server Syntax show sshkey server [type <all|rsa|dsa>] Description Displays host keys (public key only). Status Commands show connections Syntax show connections [email <Email Address>] Description...
Page 406: System Log Commands
15: Command Reference Description Generates a device port statistics report for one or more ports. Optionally emails the displayed information. show portstatus Syntax show portstatus [deviceport <Device Port List or Name>] [email <Email Address>] Description Displays device port modes and states for one or more ports. Optionally emails the displayed information.
Page 407: Usb Access Commands
15: Command Reference starttime <MMDDYYhhmm[ss]> endtime <MMDDYYhhmm[ss]> Description Displays the system logs containing information and error messages. Note: The level, display, and time parameters cannot be used simultaneously. show syslog clear Syntax show syslog clear <all|netlog|servlog|authlog|devlog|diaglog|genlog> Description Clears one or all of the system logs. USB Access Commands set usb access Syntax...
Page 408: Usb Storage Commands
15: Command Reference Parameters treedisplay <enable|disable> mapdevice <enable|disable> email <Email Address> Defaults: treedisplay=enable Description Displays information about USB buses and the devices connected to them, including the mapping between a USB device and the SLC port. Note: For "mapdevice enable", the port names will displayed at the end of the line in square brackets.
Page 409 15: Command Reference set usb storage mount Syntax set usb storage mount <U1|U2> Description Mounts a USB flash drive in the SLC 8000 advanced console manager for use as a storage device. The USB flash drive must be formatted with an ext2 or FAT file system before you mount it. set usb storage unmount Syntax set usb storage unmount <U1|U2>...
Page 410: Usb Modem Commands
15: Command Reference show usb storage Description Display product information and settings for any USB thumb drive. Syntax show usb storage show usb Description Display currently attached USB devices with product information and settings. Syntax show usb show usb modem Description Display product information and settings for any USB modem: Syntax...
Page 411 15: Command Reference dialbackdelay <PPP Dialback Delay> dialbacknumber <usernumber|Phone Number> dialbackretries <1-10> dialinlist <Host List for Dial-in> dialoutlogin <Remote User Login> dialoutnumber <Phone Number> dodauth <pap|chap> dodchaphost <CHAP Host or User Name> flowcontrol <none|xon/xoff|rts/cts> group <Local or Remote Group Name> initscript <Modem Init Script>...
Page 412: Vpn Commands
15: Command Reference VPN Commands set vpn Syntax set vpn Description Configures setting for an IPsec VPN tunnel. Parameters set vpn <parameters> name <VPN Tunnel Name> auth <rsa|psk|x509> remotehost <Remote Host IP Address or Name> remoteid <Authentication Name> remotehop <IP Address> remotesubnet <one or more subnets in CIDR notation>...
Page 413 15: Command Reference certfile <Certificate File> keyfile <Private Key File> host <IP Address or Name> login <User Login> [path <Path to Files>] set vpn certificate remote via <sftp|scp> [rootfile <Cert Authority File>] certfile <Certificate File> host <IP Address or Name> login <User Login>...
Page 414: Temperature Commands
15: Command Reference Display the uploaded or auto-generated IPSec conf file: show vpn vpnconf Description Shows the settings for the IPsec VPN tunnel. Temperature Commands set temperature Syntax set temperature Description Sets the acceptable range for the internal temperature sensor (an SNMP trap is sent if the temperature is outside of this range).
Page 415: Xmodem Commands
15: Command Reference Xmodem Commands set xmodem repo Syntax set xmodem repo import <Xmodem File> via <ftp|sftp|scp> host <IP Address or Name> login <User Login> [path <Path to Xmodem File>] set xmodem repo rename <Xmodem File> newfile <New Filename> set xmodem repo delete <Xmodem File> Description Manages a repository of files that can be sent to or received from a device port with Xmodem, Ymodem, or Zmodem.
Page 416: Appendix A: Security Considerations
Appendix A: Security Considerations The SLC advanced console manager provides data path security by means of SSH or Web/SSL. Even with the use of SSH/SSL, however, do not assume you have complete security. Securing the data path is only one measure needed to ensure security. This appendix briefly discusses some important security considerations.
Page 417: Appendix B: Safety Information
The exception is access to the internal modem and RTC battery. For these you don't have to remove the chassis cover, but just the battery/modem door. Refer all servicing to Lantronix.  Power Plug When disconnecting the power cable from the socket, pull on the plug, not the cord.
Page 418: Input Supply
Appendix B: Safety Information Do not connect or disconnect this product during an electrical storm.  Input Supply Caution: Disconnect all power supply sources before servicing to avoid electric shock. Check nameplate ratings to assure there is no overloading of supply circuits that could affect ...
Page 419: Figure C-1 Rj45. Receptacle To Db25M Dce Adapter For The Slc Unit (Pn 200.2066A)
Lantronix adapters. The cables are available in various lengths. In most cases, you will need an adapter for your serial devices. Lantronix offers a variety of RJ45- to-serial connector adapters for many devices. These adapters convert the RJ45 connection on the SLC unit to a 9-pin or 25-pin serial connector found on other manufacturers' serial devices or re-route the serial signals for connections to other devices that use RJ45 serial connectors.
Page 420: Figure C-2 Rj45 Receptacle To Db25F Dce Adapter For The Slc Unit (Pn 200.2067A)
Appendix C: Adapters and Pinouts Figure C-2 RJ45 Receptacle to DB25F DCE Adapter for the SLC unit (PN 200.2067A) Figure C-3 RJ45 Receptacle to DB9M DCE Adapter for the SLC unit (PN 200.2069A) SLC™ 8000 Advanced Console Manager User Guide...
Page 421: Figure C-4 Rj45 Receptacle To Db9F Dce Adapter For The Slc Unit (Pn 200.2070A)
Appendix C: Adapters and Pinouts Figure C-4 RJ45 Receptacle to DB9F DCE Adapter for the SLC unit (PN 200.2070A) Use PN 200.2070A adapter with a PC's serial port. Figure C-5 RJ45 Receptacle to DB25M DTE Adapter (PN 200.2073) SLC™ 8000 Advanced Console Manager User Guide...
Page 422: Appendix D: Protocol Glossary
Appendix D: Protocol Glossary BOOTP (Bootstrap Protocol) Similar to DHCP, but for smaller networks. Automatically assigns the IP address for a specific duration of time. CHAP (Challenge Handshake Authentication Protocol) A secure protocol for connecting to a system; it is more secure than the PAP. DHCP (Dynamic Host Configuration Protocol) Internet protocol for automating the configuration of computers that use TCP/IP.
Page 423 Appendix D: Protocol Glossary NTP (Network Time Protocol) A protocol used to synchronize time on networked computers and equipment. PAP (Password Authentication Protocol) A method of user authentication in which the username and password are transmitted over a network and compared to a table of name-password pairs. PPP (Point-to-Point Protocol) A protocol for creating and running IP and other network protocols over a serial link.
Page 424: Appendix E: Compliance Information
Appendix E: Compliance Information Manufacturer’s Name & Address Lantronix Inc., 7535 Irvine Center Drive, Suite100, Irvine, CA 92618 USA Declares that the following product: Product Name(s): SLC™ 8000 Advanced Console Manager Conforms to the following standards or other normative documents: Safety IEC 60950-1:2005 (2nd Edition);...
Page 425: Rohs, Reach And Weee Compliance Statement
Safety: EN 60950-1  Emissions: EN 55022, EN 55032 Class A  Immunity: EN 55024  RoHS, REACH and WEEE Compliance Statement Please visit http://www.lantronix.com/legal/rohs/ for Lantronix’s statement about RoHS, REACH and WEEE compliance. SLC™ 8000 Advanced Console Manager User Guide...

This manual is also suitable for:

Slc 8048 Slc 8016

Lantronix SLC 8000 Series User Manual

1 : about this Guide

2 : Introduction

3 : Installation

4 : Quick Setup

5 : Web and Command Line Interfaces

6 : Basic Parameters

7 : Services

8 : USB/SD Card Port

9 : Device Ports

Quick Links

Troubleshooting

Related Manuals for Lantronix SLC 8000 Series

Summary of Contents for Lantronix SLC 8000 Series