Digi Connect SP User Manual page 38

PAP: Password Authentication Protocol

•
Client Certificate Use: When the TLS is protocol is enabled, a client certificate and private key must be installed
on the Digi device.
Certificate: Click Browse to select a client certificate file. Then click the next Browse to select a private key

file.
Private Key File: If the private key file is encrypted, a password must be specified.

•
Trusted Certificates: Adds and lists trusted certificates.
Verify server certificates: Enable to verify that certificates received from an authentication server or access

point are signed by a trusted certificate authority (CA). Standard CAs are built in. Additional trusted certificates
may be added.
Trusted Certificate File: To add additional trusted certificates, click Browse to select a certificate file to

upload to the Digi device, then click Upload.
•
Installed Certificates: Shows which client certificates have been added and are in use.
Network services settings
The Network Services page shows a set of common network services that are available for Digi devices, and the
network port on which the service is running.
You can enable and disable common network services and configure the TCP port on which the network service
listens. Disabling services may be done for security purposes. That is, you can disable certain services so the device
runs only those services specifically needed. To improve device security, you can disable non-secure services such as
telnet.
It is usually best to use the default network port numbers for these services because they are well known by most
applications.
CAUTION!
Supported network services and their default network port numbers
In Digi devices that have multiple serial ports, the network port number defaults for various services are set based on
the following formula:
base network port number
For example, the telnet passthrough service is set to network port 2001 for serial port 1, 2002 for serial port 2, 2003 for
serial port 3, etc.
If a network port is changed for a particular service, that is the only network port number that changes. That change
does not carry over to the other network ports. For example, if the network port number for telnet passthrough is
changed from 2001 to 3001, that does not mean that the other network ports will change to 3002, 3003, etc.
There are two types of network services available:
•
Basic services, which are accessed by connecting to a particular well-known network port.
•
Passthrough services, in which a particular serial port is set up for a particular type of service. To use the service,
users must both use the correct protocol and specify the correct network port. For example, assuming default
service ports and using a Linux host, here is how a user would access the SSH and telnet passthrough services:
Digi Connect Family and ConnectPort TS Family User Guide
Exercise caution in enabling and disabling network services, particularly disabling them. Changing
certain settings can render a Digi Connect device inaccessible. For example, disabling Advanced Digi
Discovery Protocol (ADDP) prevents a network from discovering the device, even if it is actually
connected. Disabling HTTP and HTTPS disables access to the web interface. Disabling basic services
such as telnet, rlogin, etc. makes the Command-Line interface inaccessible.
+
serial port number
38