Download Print this page

Lantronix EMG 8500 User Manual

Edge management gateway

Hide thumbs Also See for EMG 8500:

User manual (416 pages)

,

Quick start manual (2 pages)

,

Quick start manual (2 pages)

Table Of Contents

Advertisement

Quick Links

Download this manual

EMG™ Edge Management Gateway

User Guide

EMG 8500

EMG 7500

EMG 7500W

Part Number PMD-00008

Revision R January 2025

Table of Contents

Advertisement

Troubleshooting

Need help?

Need help?

Do you have a question about the EMG 8500 and is the answer not in the manual?

Questions and answers

Summary of Contents for Lantronix EMG 8500

Page 1 EMG™ Edge Management Gateway User Guide EMG 8500 EMG 7500 EMG 7500W Part Number PMD-00008 Revision R January 2025...
Page 2: Intellectual Property
Technical Support Online: https://www.lantronix.com/support Sales Offices For a current list of our domestic and international sales offices, go to the Lantronix web site at https://www.lantronix.com/about-us/contact. Open Source Software Some applications are Open Source software licensed under the Berkeley Software Distribution (BSD) license, the GNU General Public License (GPL) as published by the Free Software Foundation (FSF), or the Python Software Foundation (PFS) License Agreement for Python 2.7.3...
Page 3: Disclaimer & Revisions
Seller and user shall be noticed that this equipment is suitable for electromagnetic equipments for office work (Class A) and it can be used outside home. Changes or modifications made to this device that are not explicitly approved by Lantronix will void the user's authority to operate this device.
Page 4: Revision History
Added internal analog modem support, including alternate network path  support, with fail-over and fail-back. Note: EMG 8500 firmware cannot be installed on EMG 7500, and vice versa. July 2020 Updated for firmware release 8.4.0.0R9. It contains the following software changes for EMG 8500 and EMG 7500: For the cellular modem that acquires the IP address dynamically, if the IP ...
Page 5 Upgraded system log format from RFC3164 to RFC5424  Updated IP filter rule limit in a ruleset to 256 rules  Added capability to disable Discovery Server for Secure Lantronix Network  Added support for saving sysinfo files in a CLI batch script ...
Page 6: Table Of Contents
Applications ______________________________________________________________ 26 Protocol Support __________________________________________________________27 Configuration Methods _____________________________________________________27 Product Information Label ___________________________________________________ 28 EMG 8500 Hardware Components ____________________________________________ 29 EMG 7500 / EMG 7500W Hardware Components ________________________________ 30 System Features __________________________________________________________31 Access Control ________________________________________________________ 31 Device Port Buffer _____________________________________________________31...
Page 7 Modem Installation ________________________________________________________ 64 5: Quick Setup Recommendations ________________________________________________________ 65 IP Address _______________________________________________________________ 65 Lantronix Provisioning Manager ______________________________________________66 Method #1 Quick Setup on the Web Page ______________________________________ 66 Network Settings ______________________________________________________ 68 Date & Time Settings ___________________________________________________ 68 Administrator Settings __________________________________________________ 69...
Page 8 Logging Out __________________________________________________________77 Web Page Help _______________________________________________________ 77 Command Line Interface ____________________________________________________77 Logging In ____________________________________________________________ 77 Logging Out __________________________________________________________78 Command Syntax ______________________________________________________ 78 Command Line Help ____________________________________________________78 Tips _________________________________________________________________78 General CLI Commands _________________________________________________ 79 _______________________________________________________________________80 7: Networking Requirements ____________________________________________________________ 81 Network Port Settings ______________________________________________________ 82 Ethernet Interfaces (Eth1 and Eth2) ________________________________________86 Gateway _____________________________________________________________ 88...
Page 9 VLANs _________________________________________________________________125 VLAN Commands _____________________________________________________126 DHCP _________________________________________________________________126 DHCP Server Settings _________________________________________________ 128 DHCP Relay Settings __________________________________________________ 129 DHCP Commands ____________________________________________________129 IP Filter ________________________________________________________________130 Viewing IP Filters _____________________________________________________130 Mapping Rulesets _____________________________________________________130 Enabling IP Filters ____________________________________________________131 Configuring IP Filters __________________________________________________ 132 Rule Parameters ______________________________________________________ 133 Updating an IP Filter ___________________________________________________134 Deleting an IP Filter ___________________________________________________134 IP Filter Commands ___________________________________________________134...
Page 10 Secure Lantronix Network __________________________________________________ 181 Browser Issues _______________________________________________________ 184 Troubleshooting Browser Issues _________________________________________ 185 Web SSH/Telnet Copy and Paste ________________________________________187 Secure Lantronix Network Commands _____________________________________ 187 Date and Time ___________________________________________________________188 Date and Time Commands ______________________________________________190 Web Server _____________________________________________________________ 191 Admin Web Commands ________________________________________________ 193...
Page 11 Data Settings ________________________________________________________ 221 Hardware Signal Triggers _______________________________________________222 Modem Settings (Device Ports) __________________________________________ 223 Modem Settings: Text Mode _____________________________________________224 Modem Settings: PPP Mode ____________________________________________224 Port Status and Counters _______________________________________________226 Device Ports - Power Management _______________________________________226 Device Port - Sensorsoft Device __________________________________________ 229 Device Port Commands ________________________________________________ 231 Device Commands ____________________________________________________231 Interacting with a Device Port _______________________________________________232...
Page 12 Dial-in & Dial-on-demand _______________________________________________259 Dial-back & Dial-on-demand _____________________________________________260 CBCP Server and CBCP Client __________________________________________ 260 CBCP Server ________________________________________________________ 260 CBCP Client _________________________________________________________261 Key Sequences ______________________________________________________ 261 11: Power Management Integrated PDU Management _______________________________________________263 Power Commands ____________________________________________________266 Remote Power Managers __________________________________________________ 266 Devices - RPMs _________________________________________________________266 RPMs - Add Device ___________________________________________________270 RPMs - Manage Device ___________________________________________________273...
Page 13 Local and Remote User Settings ____________________________________________325 Sysadmin Account Default Login Values ___________________________________ 326 Adding, Editing or Deleting a User ________________________________________327 Shortcut ____________________________________________________________ 331 Local Users Commands ________________________________________________ 331 Remote User Rights Commands _________________________________________ 331 NIS ___________________________________________________________________ 332 NIS Commands ______________________________________________________ 334 LDAP __________________________________________________________________335 LDAP Commands _____________________________________________________339 RADIUS ________________________________________________________________340...
Page 14 Configuration Management _____________________________________________375 Manage Files ________________________________________________________ 377 Administrative Commands ______________________________________________377 System Logs ____________________________________________________________ 378 System Log Commands ________________________________________________ 379 Audit Log _______________________________________________________________ 380 Audit Log Commands __________________________________________________ 380 Email Log ______________________________________________________________ 381 Logging Commands ___________________________________________________381 Diagnostics _____________________________________________________________ 382 Diagnostic Commands _________________________________________________ 385 Status/Reports __________________________________________________________385 View Report _________________________________________________________386 Status Commands ____________________________________________________387...
Page 15 Cellular Modem Commands ________________________________________________ 435 Percepxion Commands ____________________________________________________436 CLI Commands __________________________________________________________440 Connection Commands ____________________________________________________442 Console Port Commands __________________________________________________ 446 Custom User Menu Commands _____________________________________________446 Email Commands ________________________________________________________ 448 Date and Time Commands _________________________________________________ 449 Device Commands _______________________________________________________ 451 Device Port Commands ___________________________________________________452 DHCP Commands ________________________________________________________ 456 DIO Commands _________________________________________________________457 Diagnostic Commands ____________________________________________________458...
Page 16 Temperature Commands __________________________________________________ 513 Xmodem Commands _____________________________________________________515 Appendix A: Security Considerations Security Practice _________________________________________________________516 Factors Affecting Security __________________________________________________ 516 Security Best Practices ____________________________________________________516 Appendix B: Safety Information Safety Precautions _______________________________________________________ 518 Cover ______________________________________________________________ 518 Power Plug __________________________________________________________518 Input Supply _________________________________________________________519 Grounding ___________________________________________________________519 Rack Mounting _______________________________________________________ 519 Wall Mounting ________________________________________________________ 519...
Page 17 List of Figures Figure 2-1 EMG 8500 Edge Management Gateway (front view) ____________________________ 24 Figure 2-2 EMG 7500 Edge Management Gateway (front view) ____________________________ 25 Figure 2-3 Product Label (EMG 8500 shown)___________________________________________ 28 Figure 2-4 EMG 8500 Unit (front side) ________________________________________________ 29...
Page 18 Figure 8-7 SSH or Telnet CLI Session _______________________________________________183 Figure 8-8 Disabled Port Number Popup Window ______________________________________184 Figure 8-9 Services > Secure Lantronix Network - Search Options _________________________185 Figure 8-10 Services > Date & Time ________________________________________________ 189 Figure 8-11 Services > Web Server ________________________________________________ 191...
Page 19 Figure 10-2 Devices > Device Status ________________________________________________ 213 Figure 10-3 Devices > Device Ports _________________________________________________ 214 Figure 10-4 Device Ports > Settings (1 of 2)___________________________________________ 217 Figure 10-5 Device Ports > Settings (2 of 2)___________________________________________ 218 Figure 10-7 Device Ports - Power Management ________________________________________228 Figure 10-8 Devices >...
Page 20 Figure C-5 RJ45 Receptacle to DB25M DTE Adapter (PN 200.2073) _______________________ 523 Figure E-4 EMG 8500, EU Declaration of Conformity____________________________________ 532 Figure E-5 EMG 8500 EU Declaration of Conformity, continued ___________________________533 Figure E-6 EMG 7500 EU Declaration of Conformity ____________________________________ 534...
Page 21 Table 2-14 LED Indicators _________________________________________________________ 36 Table 3-1 EMG 8500 Parts ________________________________________________________ 39 Table 3-2 EMG 8500 User Replaceable Device Modules _________________________________39 Table 3-3 EMG 8500 Technical Specifications _________________________________________ 41 Table 3-6 Console Port and Device Port - Reverse Pinout Disabled _________________________ 46...
Page 22: 1: About This Guide
About this Guide Purpose and Audience This guide provides the information needed to install, configure, and use the Lantronix EMG™ edge management gateway. The EMG gateway is for IT professionals who must remotely and securely configure and administer servers, routers, switches, telephone equipment, or other devices equipped with a serial port for facilities that are typically remote branch offices or “distributed”...
Page 23: Additional Documentation
Document Description EMG 8500 Quick Start Guide or EMG 7500 Provides accessories and part number information, Quick Start Guide hardware installation instructions, directions to connect the EMG unit, and network IP configuration information.
Page 24: 2: Introduction
FRUs (field replaceable units) The EMG 8500 unit can accommodate up to two user swappable I/O modules (4 port serial RJ45 and/or 4 port serial USB) or one I/O module and one Ethernet switch (4 LAN ports) on the front side of the EMG 8500 unit.
Page 25: Emg 7500 Overview
RJ45 RS-232 or USB Type A serial console connections  EMG 8500 provides up to 8 serial RJ45 RS-232 or USB Type A console connections. EMG 7500 provides up to 8 serial RJ45 RS-232 or USB Type A console connections.
Page 26: Performance Monitoring
Modular design  EMG 8500 offers two user swappable I/O modules (front only) and two user swappable connectivity modules (back only). EMG 7500 / EMG 7500W offers one I/O module (front) and one I/O or connectivity module plus optional internal cellular modem (back).
Page 27: Protocol Support
2: Introduction Protocol Support The EMG supports the following protocols: TCP/IP network protocol  SSH, TLS, Telnet and TCP for connections in and out of device ports  DHCP and BOOTP for dynamic IP address assignment  DNS for IP address name resolution ...
Page 28: Product Information Label
Country of Manufacturing Origin  Hardware Address (MAC address or serial number)  Device ID (used to connect to Percepxion)  Figure 2-3 Product Label (EMG 8500 shown) Manufacturing QR Code Date Code Product Part Number Product Revision Country of...
Page 29: Emg 8500 Hardware Components
2: Introduction EMG 8500 Hardware Components Figure 2-4 EMG 8500 Unit (front side) Two I/O Module Device Console Port DIO Port Micro Port Bays SD Card USB Port LEDs The appearance and function of the EMG unit will depend upon the type(s) of I/O modules installed in the bays.
Page 30: Emg 7500 / Emg 7500W Hardware Components
2: Introduction EMG 7500 / EMG 7500W Hardware Components Figure 2-6 EMG 7500 / EMG 7500W Unit (front side) LEDs Console Port Dual WAN One I/O Device Ethernet Ports Port Module USB Port The appearance and function of the EMG unit will depend upon the type of I/O module installed.
Page 31: System Features
Figure 2-8 EMG 7500 Unit with USB I/O Module (back side) System Features This section describes the system features for the EMG edge management gateway. Most features are common to EMG 8500 and EMG 7500 / EMG 7500W, however, differences between the models are noted. Access Control The system administrator controls access to attached servers or devices by assigning access rights to up to 128 user profiles.
Page 32: Device Port Interfaces
The serial RJ45 ports match the RJ45 pinouts of the console ports of many popular devices found in a network environment, and where different can be converted using Lantronix adapters. The RJ45 ports have software reversible pinouts to switch between digital terminal equipment (DTE) and digital communications equipment (DCE) applications.
Page 33: I/O Modules
 When installing the Ethernet Switch module in the EMG 8500, it must only be installed on the front of the unit in the I/O module bays. Bay 1 must be populated with an I/O module and Bay 2 must be populated with the Ethernet Switch module.
Page 34: Network Connections
Network Connections Dual WAN Ethernet Port and Dual SFP Port The EMG 8500 is equipped with two WAN Ethernet ports and two SFP ports. The EMG 7500 / EMG 7500W is equipped with two WAN Ethernet ports only. The EMG network interfaces are 10/100/1000 BASE-T for use with a conventional Ethernet...
Page 35: Connectivity Modules
The LTE cellular modem module supports one micro SIM card, provided by the local subscribed Internet service provider (ISP). On the EMG 8500, the micro SIM card slot is located on the inside of the cellular modem module, as shown in 2-13.
Page 36: Front Panel Leds
SIM card LTE cellular module Wi-Fi Module One Wi-Fi module may be installed in either connectivity slot on the back of the EMG 8500 unit. Connectivity Module Installation. The EMG 7500W is offered with the option of a pre-installed Wi-Fi module. See Figure 2-7.
Page 37 2: Introduction Description State and Color Behavior Connectivity status Solid Green Indicates one of the following conditions: (bottom LED) There are no connectivity modules installed  An LTE modem module is installed and is  disabled An LTE modem module is installed and has a ...
Page 38: Digital Io Port
(terminal block) for use with sensors. The DIO port requires an adapter, which is available and sold separately. Figure 2-15 shows the DIO adapter installed on the EMG 8500 with the DIO port pin order and pin definition. Figure 2-15 Digital I/O Port Pin Number Pin Definition...
Page 39: 3: Emg 8500 Installation
Appendix B: Safety Information before installing the EMG. EMG 8500 Package Contents The EMG 8500 package includes the following items. Verify and inspect the contents using the enclosed packing slip. If any item is missing or damaged, contact your place of purchase immediately.
Page 40: Ordering Information
For RJ45 ports, you may use a straight-through RJ45 patch cable to connect to Cisco and Sun RJ45 serial console ports. For USB ports, use a cable with a USB Type A connector For information about Lantronix adapters, see Appendix C: Adapters and Pinouts.
Page 41: Hardware Specifications
4 port USB I/O module. May be used with a USB-to-serial adapter to connect a serial device, if  needed. Please contact Lantronix for the list of tested adapters. Caution: USB ports are designed for data traffic only. They are not designed for charging or powering devices.
Page 42: Physical Installation
3: EMG 8500 Installation Component (continued) Description Temperature Operating: 0 to 50°C (32 to 122°F)  Storage: -20 to 80°C (-4 to 176°F)  Relative Humidity Operating: 10% to 90% non-condensing  Storage: 10% to 90% non-condensing  Front USB Port (1) port, type A, host USB 2.0 (HS, FS, LS) for use with flash drive...
Page 43: Rack Mount Installation
Rack Mount Installation shows two possible rack mount configurations. Figure 3-4 Figure 3-4 EMG 8500 Rack Mount Dimensions 1. Attach the brackets on the sides of the EMG unit using a screwdriver and the screws provided with the mounting kit.
Page 44: Wall Mount Installation
3: EMG 8500 Installation Wall Mount Installation shows the wall mount and keyhole mount configuration. Figure 3-5 Figure 3-5 EMG 8500 Wall Mount Dimensions (1) Wall mount (2) Keyhole mount Wall Mount and Keyhole Mount Instructions Walls Requiring Anchors These instructions are for mounting the EMG to walls made of solid concrete, block, brick, or plasterboard.
Page 45 3: EMG 8500 Installation Walls Not Requiring Anchors These instructions are for mounting the EMG to walls made of solid wood at least two (2) inches thick. (1) Wall mount: 1. Locate the place where you want to mount the unit and mark four holes using your EMG mount as a guide for the screws.
Page 46: Connecting To A Device Port
1. Connect one end of the cable to the device port. 2. Connect the other end of the cable to an RJ45 serial console port on the serial device or use a Lantronix serial console adapter to connect it to other port types. Notes: Device Port Commands to enable or disable reverse pinouts through the CLI.
Page 47: Connecting To Network Ports
3: EMG 8500 Installation To connect to a USB device port: 1. Connect the USB type A connector of a USB cable to a device port. 2. Connect the other end of the USB cable to a USB console port.
Page 48: Power Input
3: EMG 8500 Installation To connect the console port to a terminal or computer with terminal emulation, Lantronix offers optional adapters that provide a connection between an RJ45 jack and a DB9 or DB25 connector. The console port is configured as DTE (non-reversed RJ45). See Appendix C: Adapters and for more information.
Page 49: Modular Expansion For I/O Module Bays
3: EMG 8500 Installation Figure 3-9 Power Input Pin assignments Pin 1: Input voltage 9-30 VDC Pin 2: reserved Pin 3: Ground Pin 4: Earth Ground Modular Expansion for I/O Module Bays The EMG module configuration can be changed by adding or replacing I/O modules in the I/O module bays.
Page 50: I/O Module Or Ethernet Switch Module Installation
3: EMG 8500 Installation Figure 3-10 Available I/O Module Configurations for EMG 8500 I/O Module or Ethernet Switch Module Installation The EMG module configuration can be changed by adding or replacing RJ45, USB, or Ethernet Switch modules in the I/O module bays.
Page 51: Modular Expansion For Connectivity Module Bays
3: EMG 8500 Installation the housing. 5. The module will sit flush with the EMG chassis. 6. Tighten the screw on the module with your fingers. Be careful not to over tighten it. 7. To verify the new module is recognized, connect power to the EMG, wait for it to boot, and log into the Web Manager.
Page 52: Connectivity Module Installation
3: EMG 8500 Installation Warning: The EMG must be powered off when installing or replacing the modules. Not powering off the device before changing the module will void the manufacturer warranty. Warning: Install the cellular, Wi-Fi, or dialup modem module on the back only of the EMG unit.
Page 53 3: EMG 8500 Installation the housing. 5. The module will sit flush with the EMG chassis. 6. Tighten the screw on the module with your fingers. Be careful not to over tighten it. 7. Insert and screw in the antennas to the module with your fingers.
Page 54: Modem Installation
3: EMG 8500 Installation Modem Installation Note: Modem installation information applies when the dialup modem module is installed in the EMG unit. Caution: TO REDUCE THE RISK OF FIRE, USE ONLY NO. 26 AWG OR LARGER (e.g., 24 AWG) UL LISTED OR CSA CERTIFIED TELECOMMUNICATION LINE CORD.
Page 55: 4: Emg 7500 / Emg 7500W Installation
Wall mount kit  Rail mount kit  Ordering Information Go to https://www.lantronix.com/products/lantronix-emg-7500/. User Supplied Items To complete your installation you will need the following items: Medium size Phillips screwdriver to install the mounting brackets to the EMG unit, if applicable ...
Page 56: Hardware Specifications
4 port USB I/O module. May be used with a USB-to-serial adapter to connect a serial device, if  needed. Please contact Lantronix for the list of tested adapters. Caution: USB ports are designed for data traffic only. They are not designed for charging or powering devices.
Page 57: Physical Installation
4: EMG 7500 / EMG 7500W Installation Component (continued) Description Front USB Port (1) port, type A, host USB 2.0 (HS, FS, LS) for use with flash drive  Rear Memory Card (1) Secure Digital (micro SD) memory card slot supporting: ...
Page 58: Rack Mount Installation
4: EMG 7500 / EMG 7500W Installation Rack Mount Installation shows two possible rack mount configurations. shows the rack mount screw Figure 4-3 Figure 4-4 placement. Figure 4-3 EMG 7500 Rack Mount Configurations Figure 4-4 EMG 7500 Rack Mount Screw Placement 1.
Page 59: Wall Mount Installation
4: EMG 7500 / EMG 7500W Installation Wall Mount Installation shows the wall mount and keyhole mount configuration. Figure 4-5 Figure 4-5 Wall Mount Configuration Wall Mount and Keyhole Mount Instructions Walls Requiring Anchors These instructions are for mounting the EMG to walls made of solid concrete, block, brick, or plasterboard with anchors.
Page 60: Connecting To A Device Port
1. Connect one end of the cable to the device port. 2. Connect the other end of the cable to an RJ45 serial console port on the serial device or use a Lantronix serial console adapter to connect it to other port types. Notes: Device Port Commands to enable or disable reverse pinouts through the CLI.
Page 61: Figure 4-8 Emg 7500 (Front Side)
4: EMG 7500 / EMG 7500W Installation Pin Number Description Ground RXD (input) DSR (input) CTS (input) Table 4-7 Device Port - Reverse Pinout Enabled (Default) Pin Number Description CTS (input) DSR (input) RXD (input) Ground Ground TXD (output) DTR (output) RTS (output) shows the front side of an EMG 7500 with a 4-port RJ45 device port module.
Page 62: Connecting To Network Ports
No flow control  To connect the console port to a terminal or computer with terminal emulation, Lantronix offers optional adapters that provide a connection between an RJ45 jack and a DB9 or DB25 connector. The console port is configured as DTE (non-reversed RJ45). See Appendix C: Adapters and for more information.
Page 63: Power Input
4: EMG 7500 / EMG 7500W Installation Power Input The EMG 7500 / EMG 7500W unit has a DC input jack connector for applying 9 to 30 VDC. The unit ships with an external AC (90W, 100-240V, 50/60 Hz) 12 VDC power supply. (See EMG 7500 Package Contents.)
Page 64: Modem Installation
4: EMG 7500 / EMG 7500W Installation Modem Installation Note: Modem installation information applies when the dialup modem module is installed in the EMG unit. Caution: TO REDUCE THE RISK OF FIRE, USE ONLY NO. 26 AWG OR LARGER (e.g., 24 AWG) UL LISTED OR CSA CERTIFIED TELECOMMUNICATION LINE CORD.
Page 65: 5: Quick Setup
DHCP. If you have connected Eth1 to the network, and Eth1 is able to acquire an IP address, you can view this IP address by running the Lantronix Provisioning Manager application. If Eth1 cannot acquire an IP address, you cannot use Telnet, SSH, or the web interface to run Quick Setup.
Page 66: Lantronix Provisioning Manager
1. Launch Lantronix Provisioning Manager: 2. If this is the first time you have launched Lantronix Provisioning Manager, you may need to proceed through an initial setup. 3. Locate the EMG in the device list. The device’s firmware version, serial number, IP address, and MAC address will be shown.
Page 67: Figure 5-2 Quick Setup
5: Quick Setup 3. Log in using sysadmin as the user name and the last 8 characters of the Device ID (for newly manufactured units that come installed with 8.2.0.1 or later) or PASS (for older units) as the password. The first time you log in to the EMG unit, the Quick Setup page automatically displays.
Page 68: Network Settings
The host name becomes the prompt in the command line interface. Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the EMG. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the EMG unit attempts to resolve abcd.mydomain.com...
Page 69: Administrator Settings
5: Quick Setup Administrator Settings Administrator Description Setting Sysadmin Password To change the password (e.g., from the default) enter a Sysadmin Password of up to 64 characters. Note: As a security measure, we recommend that you change the default sysadmin password initially and then change the password periodically. Retype Password Re-enter the Sysadmin Password above in this field as a confirmation.
Page 70: Method #2 Quick Setup On The Command Line Interface
If the Device ID is not set, the default system password is the last 8 characters of the serial number. Figure 5-5 Beginning of Quick Setup Script Welcome to the Lantronix Edge Management Gateway Model Number: EMG851000 Quick Setup will now step you through configuring a few basic settings.
Page 71: Figure 5-6 Quick Setup Completed In Cli
The host name becomes the prompt in the command line interface. Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the EMG unit. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the EMG attempts to resolve abcd.mydomain.com for...
Page 72: Next Step
5: Quick Setup (3) static IP Address Enter 1-3: [1] The EMG851000 can be configured to use a default gateway. Enter gateway IP Address: [none] ____Hostname____________________________________________________________ The current hostname is 'emgfcf0', and the current domain is '<undefined>'. The hostname will be shown in the CLI prompt. Specify a hostname: [emgfcf0] Specify a domain: [<undefined>] ____Time Zone___________________________________________________________...
Page 73 5: Quick Setup To configure limited sysadmin user access: 1. Enable the Sysadmin access limited to Console Port option on the Local/Remote Users web page. 2. Enable a remote authentication method (such as TACACS+ or LDAP) and configure the remote authentication method to be first in the order of methods used. 3.
Page 74: 6: Web And Command Line Interfaces
Web and Command Line Interfaces The EMG offers a web interface (Web Manager) and a command line interface (CLI) for configuring the EMG unit . Note: Chapter 5: Quick Setup for instructions on configuring basic network settings using the Web Manager and CLI quick setup. Web Manager A Web Manager allows the system administrator and other authorized users to configure and manage the EMG using most web browsers (Firefox, Chrome, Safari or Internet Explorer web...
Page 75: Figure 6-2 Sample Dashboard
6: Web and Command Line Interfaces Note: Only those options for which the currently logged-in user has rights display. Dashboard  The Dashboard buttons allow you to view and configure EMG ports and interfaces. The appearance of the dashboard will vary according to the I/O and connectivity modules installed in the EMG and the type of network interface installed.
Page 76: Logging In
Icons: The icon bar above the Main Menu has icons that display the following:  Home page. Information about the EMG unit and Lantronix contact information. Configuration site map. Status of the EMG. Help Button: Provides online Help for the specific web page.
Page 77: Logging Out
6: Web and Command Line Interfaces page displays automatically the first time you log in. Subsequently, the Home Quick Setup page displays. (If you want to display the page again, click Quick Setup on the main Quick Setup menu.) Logging Out To log off the EMG web interface: 1.
Page 78: Logging Out
6: Web and Command Line Interfaces Note: If the Device ID is not set, the default sysadmin password is the last 8 characters of the serial number. Note: The system administrator may have changed the password using one of the Quick Setup methods in the previous chapter.
Page 79: General Cli Commands
The following commands relate to the CLI itself. To configure the current command line session: set cli scscommands <enable|disable> Allows you to use Lantronix Secure Console Server (SCS)-compatible commands as shortcuts for executing commands: Note: Settings are retained between CLI sessions for local users and users listed in the remote users list.
Page 80: Table 6-4 Cli Keyboard Shortcuts
6: Web and Command Line Interfaces Sets the number of lines in the terminal emulation (screen) for paging through text one screenful at a time, if the EMG unit cannot detect the size of the terminal automatically. set cli allusers <enable|disable> To globally enable or disable the terminallines feature for all users.
Page 81: 7: Networking
Networking This chapter explains how to set the following network settings for the EMG using the web interface or the CLI: Network Port Settings  Cellular Modem Settings  Wireless Settings  Ethernet Switch  VLANs  DHCP  IP Filter ...
Page 82: Network Port Settings
7: Networking Network Port Settings Network parameters determine how the EMG unit interacts with the attached network. Use this page to set the following basic configuration settings for the network ports (Eth1 and Eth2), configure advanced network settings, and configure a Fail-over Device Virtual Interfaces.
Page 83 7: Networking To enter settings for one or both network ports: 1. Click the Network tab and select the Network Settings option. The Network > Network displays. Settings (1 of 2) Network > Network Settings (2 of 2) EMG™ Edge Management Gateway User Guide...
Page 84: Figure 7-1 Network > Network Settings (1 Of 2)
7: Networking Figure 7-1 Network > Network Settings (1 of 2) EMG™ Edge Management Gateway User Guide...
Page 85: Figure 7-2 Network > Network Settings (2 Of 2)
7: Networking Figure 7-2 Network > Network Settings (2 of 2) Note: The SFP NIC Info & Diagnostics link brings you to the Network Settings > SFP NIC Information & Diagnostics page. EMG™ Edge Management Gateway User Guide...
Page 86: Ethernet Interfaces (Eth1 And Eth2)
7: Networking Figure 7-3 Network Settings > SFP NIC Information & Diagnostics 2. Enter the following information: Ethernet Interfaces (Eth1 and Eth2) Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP) are not currently supported. Eth1 Settings Disabled: If selected, disables the network port.
Page 87 7: Networking IPv6 Address IPv6 address with global scope that is generated by address auto configuration. (Global) The address is generated from a combination of router advertisements and MAC address to create a unique IPv6 address. This field is read only. Note: This field will not appear in the absence of an IPv6 global address.
Page 88: Gateway
7: Networking Ethernet Bonding Ethernet 1 and Ethernet 2 can be bonded to support redundancy (Active Backup), aggregation (802.3ad), and load balancing. The Ethernet Bonding status link displays detailed information about the bonding interface when bonding is enabled. Disabled by default. If Ethernet Bonding is enabled, assigning individual IP Addresses to Device Ports is not supported.
Page 89: Fail-Over Settings
7: Networking Fail-Over Settings Fail-over Gateway An alternate IP address of the router for this network, to be used if an IP address IP Address usually accessible through the default gateway fails to return one or more pings. Note: the Fail-over Gateway is not supported when DHCP is used on the primary interface because fail-back needs a consistent IP address to use for updating the routing table.
Page 90: Tcp Keepalive Parameters
7: Networking Fail-over Port The network interface to use for fail-over. The Fail-over Gateway IP Address should either be accessible via this interface or assigned directly to this interface. Select Eth2 (the default), Cellular if a Cellular modem FRU is installed, WLAN if a Wi-Fi FRU is installed or Internal Modem if a Internal modem is installed.
Page 91: Fail-Over Cellular Gateway Configuration
If PIN or PUK is required by HSPA but not supplied by console manager then a syslog message and a non fatal error message will be generated. The Lantronix G520 Series (G52x) gateway must be configured before it can be used as the fail-over gateway. The default admin user password must be changed to a new password, and the DHCP server must be disabled.
Page 92 The minimum required firmware version for the HSPA+ gateway is 8.1.0.0 and for the Sierra Wireless ES450 gateway is 4.9.2 and for the Lantronix G520 Series (G52x) gateway is 2.1.0.0. For the HSPA+ gateway, if the firmware is updated and new items are added to the status output by the gateway, the new items will automatically be displayed on the console manager.
Page 93: Advanced Cellular Gateway Configuration
SIM card used by the gateway. May have up to 8 characters. SIM status in case of Lantronix G520 Series (G52x) gateway is not verified in SLC, SLC directly forwards the request to Lantronix G520 Series (G52x) gateway.
Page 94: Fail-Over Cellular Gateway Firmware
EMG using the method selected by the Load Firmware via option. Once the file(s) have been transferred to the EMG, the EMG will initiate the firmware update on the gateway. The Lantronix G520 Series (G52x) gateway firmware upgrade may take 3 to 6 minutes.
Page 95: Ethernet Counters
7: Networking Ethernet Counters page displays statistics for each of the EMG Ethernet Network > Network Settings (1 of 2) ports since boot-up. The system automatically updates them. Note: For Ethernet statistics for a smaller time period, use the diag perfstat command.
Page 96: Figure 7-4 Hostname & Name Servers
Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the EMG unit. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the EMG attempts to resolve abcd.mydomain.com for...
Page 97: Fqdn List
7: Networking Prefer IPv4 DNS If enabled, IPv4 DNS records will be preferred when DNS hostname lookups are Records performed. Otherwise IPv6 records will be preferred (when IPv6 is enabled). Enabled by default. DNS Source IPv4 The Source IPv4 Address can be used to configure which interface (and source Address IPv4 address) is used for sending DNS packets.
Page 98 7: Networking SSH out connections: CLI SSH out connections using the connect direct ssh command can  select which interface to use with the iface parameter. NTP packets: by default, no interface is defined for NTP traffic and all available network ...
Page 99 7: Networking Another device on the 192.168.84.0/24 network (for example 192.168.84.2) would need to add a static route so that traffic between 192.168.84.2 and 192.168.44.100 can be routed. For example, for Linux devices, this command would be issued on 192.168.84.2: ip route add 192.168.44.100/32 via 192.168.84.100 To configure a virtual interface: 1.
Page 100: Virtual Interface Commands
7: Networking Virtual Interface Commands Go to to view CLI commands which correspond to the web page Virtual Interface Commands entries described above. Cellular Modem Settings The EMG supports the use of one internal LTE cellular modem installed in the EMG unit. The Cellular Settings web page allows the user to configure parameters that determine how the EMG cellular modem network behaves.
Page 101: Figure 7-5 Network > Cellular Modem Settings Page
7: Networking Figure 7-5 Network > Cellular Modem Settings Page 2. Enter the following information: EMG™ Edge Management Gateway User Guide...
Page 102: Cellular Interface
7: Networking Cellular Interface Cell Settings Disabled: If selected, disables the cellular interface. Default is enabled for DHCP. Obtain from DHCP: Acquires IP address and subnet mask from DHCP. If the cellular modem is configured for DHCP and is used as the Fail-over Gateway, when the IP address of the cellular modem changes, the IP address of the Fail-over Gateway will be automatically updated to be the same as the new cellular modem IP address.
Page 103: Cellular Modem Firmware
7: Networking IPv6 Enable or disable IPv6 support. Disabled by default. Some cellular connections may not acquire an IPv4 address if IPv6 is enabled. Specifies the Maximum Transmission Unit (or Maximum Packet Size) of packets at the IP layer (OSI layer 3) for the cellular connection. When fragmenting a datagram, this is the largest number of bytes that can be used in a packet.
Page 104 7: Networking IMEi: the International Mobile Equipment Identity number of the modem  IMEi SV: the International Mobile Equipment Identity software version  FSN: the Factory Serial Number of the modem  +GCAP: the capabilities of the modem, for example, GSM communications ...
Page 105: Firmware Over The Air (Fota)
7: Networking Current & Preferred Images: the preferred and current firmware and carrier images  Firmware Over the Air (FOTA) This section contains information on how to update the cellular modem radio firmware via FOTA. This process requires a Sierra Wireless AirVantage account.
Page 106 7: Networking EMG device that was just registered. This will open a new page with detailed information about the EMG device, with a System Communication pane at the top that shows the last time the device was communicated with, and a System Info section containing a Synchronization button. Click this button to Synchronize the current state of the EMG with the portal.
Page 107: Cellular Modem Commands
7: Networking this will be the default selection of Upgrade to the latest firmware, however you may want to choose a different version based on what the current firmware version is on the EMG device, which can be viewed with the CLI command show cellular or the Cellular Modem Status web page: Current &...
Page 108 7: Networking ETSI (Europe without EN 300 440 support), EN440 (Europe with EN 300 440 support), AU (Australia) and WW (World Mode). Warning: This is an Advanced Configuration parameter. Each time the region is changed it is programmed into the radio, which can be done a maximum of ~10 times;...
Page 109 7: Networking LEAP: Lightweight Extensible Authentication Protocol (LEAP) uses dynamic WEP keys and  mutual authentication with a modified version of MS-CHAP between the EMG and a RADIUS server. EAP-TLS: uses TLS and Public key Infrastructure (PKI) to set up authentication with a ...
Page 110: Figure 7-6 Update Wifi Firmware
7: Networking Wireless Firmware The Wireless radio firmware can be updated if necessary. Normally, it is updated along with the new EMG releases in conjunction with updating the wireless driver. The firmware consists of a pair of files ending with .bin and .db. The Update WiFi Firmware page allows the user to upload a new version of firmware, or to reset to the current firmware version that is the default firmware for the current EMG release.
Page 111: Troubleshooting
7: Networking FTP/SFTP/SCP Server The IP address or host name of the server used for obtaining updates, saving, or restoring configurations. It may consist of 64 alphanumeric characters, hyphens, and underscores. Path The default path on the server for obtaining firmware update files. Login/ Password/Retype The user login credentials of the server.
Page 112: Figure 7-7 Network > Wireless Settings
7: Networking Figure 7-7 Network > Wireless Settings 2. Enter the following information: EMG™ Edge Management Gateway User Guide...
Page 113 7: Networking Wireless Mode Select the mode that WiFi should operate in. Wireless Client: If selected, enables the EMG to act as a wireless client of a WLAN network. In order to connect to a WLAN network, a WLAN profile for that network needs to exist and be enabled. The default is for the wireless client to be disabled Wireless Access Point: If selected, enables the access point to scan for wireless clients and allow them to connect and authenticate to the...
Page 114: Figure 7-8 Network > Wireless Settings > Wlan Profiles
7: Networking Interface Counters This table shows statistics for data received by and transferred from the wireless client interface. Wireless Interface Log Click the View Wireless Interface Log link to see diagnostic information for the wireless client. WLAN Profiles In order to connect to a WLAN network, a WLAN profile for that network needs to exist and be enabled.
Page 115 7: Networking 4. Enter the following information: Profile Name Profile name, up to 32 characters long. Valid characters are letters, numbers, space ( ), dash (-), period (.) and underscore (_). Network Name (SSID) Enter the Service Set Identifier or network name for the WLAN network. The SSID can contain up to 32 characters (the characters '/', '\', '"' and '|' are not allowed).
Page 116 7: Networking WEP Security Parameters If the WEP security suite is selected, these authentication parameters can be selected and configured: Authentication: Select Open for a connection that establishes without first checking for matching encryption keys (if keys do not match, data may be dropped or become garbled and prevent connectivity on the IP level), or Shared for a connection that compares encryption keys of both parties as a form of authentication (if mismatches occur, no...
Page 117 7: Networking WPA/WPA2 Security If WPA2/WPA Mixed Mode security suite is selected, these Parameters authentication parameters can be selected and configured: Authentication: Select PSK for a connection where the same key must be configured on both on the EMG side and on the access point side, or IEEE 802.1X for a connection that is authenticated with a RADIUS server that is part of the network.
Page 118 7: Networking IEEE 802.1X Parameters, PEAP: Protected EAP uses server-side public key certificates to continued authenticate the EMG with a RADIUS server. PEAP authentication creates an encrypted TLS tunnel between the EMG and the server. The exchange of information is encrypted and stored in the tunnel ensuring the user credentials are kept secure.
Page 119: Wireless Access Point Settings
7: Networking IEEE 802.1X Parameters, PEAP Configuration: Enter a User Name and Password that can be continued authenticated by the RADIUS server. The User Name and Password can be up to 63 characters long, and all printable characters are supported. Select the PEAP Inner Authentication used in the TLS tunnel, which can be EAP-MSCHAPv2, EAP-TLS or EAP-MD5.
Page 120: Figure 7-9 Network > Wireless Settings > Access Point Settings
7: Networking To configure the wireless access point: 1. On the Wireless Settings page, click the Configure Access Point link. 2. The following page is displayed. Figure 7-9 Network > Wireless Settings > Access Point Settings 3. Enter the following information: State Displays the current state of the access point.
Page 121: Ethernet Switch
7: Networking Channel Selection Select the channel through which the access point will operate: Auto allows the radio to select a channel; or Manual allows the user to specify the channel on which the access point will operate. Security Suite Select the authentication method for connecting to the access point: None for no security (not recommended), WPA for WiFi Protected Access, or WPA2 for WiFi Protected Access II security with AES-...
Page 122: Figure 7-10 Network > Ethernet Switch
7: Networking Configure Ports and View Status: configure the speed and duplex on each port, and see the  link status View Port Statistics: view frame statistics (errors, unicast, broadcast, etc) and frame details  (undersize, collisions, etc.) View MAC address table: view static and dynamic MAC address table entries ...
Page 123: Port Statistics
7: Networking Figure 7-11 Network > Switch > Configure Port Settings 3. Complete the following: Name User definable name for the port. The name can be up to 30 characters long and contain letters, numbers, underscore, hyphen and period. Enabled Select this box to enable the port and allow devices to connect to it.
Page 124 7: Networking Rx - Broadcast The number of good frames received that have a Broadcast destination MAC address. Rx - Multicast The number of good frames received that have a Multicast destination MAC address. This does not include frames counted in Rx - Pause nor does it include frames counted in Rx - Broadcast.
Page 125: Switch Commands
7: Networking Tx - FCSErr The number of frames transmitted with an invalid FCS. Whenever a frame is modified during transmission (e.g., to add or remove a tag) the frame's original FCS is inspected before a new FCS is added to a modified frame. If the original FCS is invalid, the new FCS is made invalid too and this counter is incremented.
Page 126: Vlan Commands
7: Networking Forwarding Information DB (FID) - The FID maps learned MAC addresses to ingress port  VLAN IDs. Multiple databases are used to isolate MAC addresses by VLAN or by port so the same MAC address can appear multiple times in the address database with different port mappings.
Page 127 7: Networking DHCP Server: DHCP Server provides IP addresses and other networking parameters to  devices connected to the Ethernet Switch that are running DHCP clients. The server can provide IP address, subnet mask, primary DNS IP address, secondary DNS IP address, gateway and domain.
Page 128: Dhcp Server Settings
7: Networking Figure 7-12 Network > DHCP 2. Complete the following: Switch IP Address The internal IP address assigned to the Ethernet Switch. Switch Subnet Mask The internal subnet mask assigned to the Ethernet Switch. Mode Select the type of DHCP service for devices connected to the Ethernet Switch: Server to run a DHCP server that provides IP addresses to clients, or Relay to relay DHCP requests between devices and a DHCP server on the network.
Page 129: Dhcp Relay Settings
7: Networking Gateway An optional gateway (default router) IP address that may be provided to DHCP clients on the Ethernet Switch. Domain An optional domain that may be provided to DHCP clients on the Ethernet Switch. Maximum length is 64 characters. Lease Time The lease duration that will be provided in a DHCP Lease Offer to a DHCP client.
Page 130: Ip Filter
7: Networking IP Filter IP filters (also called a rule set) act as a firewall to allow or deny an individual MAC address or individual or a range of IP addresses, ports, and protocols. When a network connection is configured to use an IP filter, all network traffic through that connection is compared, in order, to the rules of that filter.
Page 131: Enabling Ip Filters
7: Networking To map a ruleset to a network interface: 1. Click the Network tab and select the IP Filter option. The page displays. Network > IP Filter 2. Select the IP filter rule set to be mapped. 3. From the Interface drop-down list, select the desired network interface and click the Map Ruleset button.
Page 132: Configuring Ip Filters
7: Networking Configuring IP Filters The administrator can add, edit, delete, and map IP filters. Note: A configured filter has no effect until it is mapped to a network interface. See Mapping Rulesets on page 130. To add an IP filter: 1.
Page 133: Rule Parameters
7: Networking Rule Parameters IP Address(es) Specify a single IP address to act as a filter. Example: – this specific IP address only 172.19.220.64 Subnet Mask Specify a subnet mask to determine how much of the address should apply to the filter.
Page 134: Updating An Ip Filter
7: Networking Updating an IP Filter To update an IP filter rule set: 1. From the page, the administrator selects the IP filter rule set to be edited Network > IP Filter and clicks the Edit Ruleset button to return to the Network >...
Page 135: Routing
7: Networking Routing The Routing feature allows you to define static routes and, for networks using Routing Information Protocol (RIP)-capable routes, to enable the RIP protocol to configure the routes dynamically. Up to 64 IPv4 static routes and 64 IPv6 static routes can be configured. To configure routing (RIP and IPv4 static routes): 1.
Page 136: Ipv6 Static Routing
7: Networking IP Address / Used to manually configure a single IPv4 static route. Subnet Mask / To add a static route, enter the IP Address, Subnet Mask, and Gateway for the  Gateway route and click the Add/Edit Route button. The route displays in the IPv4 Static Routes table.
Page 137: Routing Commands
7: Networking 3. Enter the following information: IPv6 Address / Used to manually configure a single IPv4 static route. IPv6 Gateway To add a static route, enter the IPv6 Address (including prefix/mask bits), and IPv6  Gateway for the route and click the Add/Edit IPv6 Route button. IPv6 addresses are written as 8 sets of 4-digit hexadecimal numbers separated by colons, followed by a forward slash and mask bits, for example 1234:0BCD:1D67:0000:0000:8375:BADD:0057/64.
Page 138: Figure 7-16 Network > Forwarding
7: Networking Figure 7-16 Network > Forwarding 2. Complete the following: Ethernet Port Select which port to create the listening connection on: Select 1 for Eth1, 2, for Eth2, or Cellular for the cellular connection. Diagnostics Incoming TCP Port Enter a unique (currently unused) TCP port to listen on. The Netstat tool can be used to view all in-use TCP ports.
Page 139: Vpn Settings
7: Networking VPN Settings This page can be used to create a Virtual Private Network (VPN) tunnel to the EMG for secure communication between the EMG unit and a remote host or gateway. The EMG supports IPSec tunnels using Encapsulated Security Payload (ESP). The EMG unit supports host-to-host, net-to- net, host-to-net, and roaming user tunnels.
Page 140 7: Networking The EMG loads a subset of the available strongSwan plugins. If an option is given in a custom ipsec.config file that requires a plugin that is not loaded by the EMG, this may cause an error during tunnel negotiation. The loaded plugins can be viewed in the VPN Status when the VPN tunnel is enabled.
Page 141: Figure 7-17 Network > Vpn (1 Of 2)
7: Networking Figure 7-17 Network > VPN (1 of 2) EMG™ Edge Management Gateway User Guide...
Page 142: Figure 7-18 Network > Vpn (2 Of 2)
7: Networking Figure 7-18 Network > VPN (2 of 2) 2. Enter the following: Enable VPN Tunnel Select to create a tunnel. Disabling this option will terminate any currently running tunnel. Note: The VPN peer that sends the first packet in tunnel bringup is the initiator or client;...
Page 143 7: Networking Remote Peer The IP address or FQDN of the remote host's public network interface. The special value of any can be entered to signify an address to be filled in by automatic keying during negotiation. The console manager will act as a responder/server.
Page 144 7: Networking Local Subnet(s) One or more subnets behind the EMG, expressed in CIDR notation (IP address/mask bits). If multiple subnets are specified, the subnets should be separated by a comma. Up to 10 local subnets supported. Configured subnets of the peers may differ, the protocol narrows it to the greatest common subnet.
Page 145 7: Networking ESP Encryption The type of encryption, 3DES , AES, AES192 or AES256, used for encrypting the data sent through the tunnel. Any can be selected if the two sides can negotiate which type of encryption to use. Note: If ESP Encryption, Authentication and DH Group are set to Any, default cipher suite(s) will be used.
Page 146 7: Networking Authentication The type of authentication used by the host on each side of the VPN tunnel to verify the identity of the other host. For RSA Public Key, each host generates a RSA public-private key pair,  and shares its public key with the remote host. The RSA Public Key for the EMG (which has 4096 bits) can be viewed at either the web or CLI.
Page 147 7: Networking Certificate Authority for A certificate can be uploaded to the EMG unit for peer authentication. The Local Peer certificate for the local peer is used to authenticate any remote peer to the EMG, and contains a Certificate Authority file, a public certificate file, and a Certificate File for Local private key file.
Page 148 7: Networking Mode Config In remote access scenarios, it is highly desirable to be able to push configuration information such as the private IP address, a DNS server's IP address, and so forth, to the client. This option defines which mode is used: pull where the config is pulled from the peer (the default), or push where the config is pushed to the peer.
Page 149 7: Networking Custom ipsec.conf A custom ipsec.conf file can be uploaded to the EMG. This file can include Configuration any of the strongSwan options which are not configurable from the UIs. The file should include one section ipsec.conf conn <Tunnel Name> which defines the tunnel parameters.
Page 150: Sample Ipsec.conf Files
7: Networking To see the RSA public key for the EMG (required for configuring the remote host if RSA Public  Keys are being used), and the RSA public key for the remote peer, select the View console manager and Remote Peer RSA Public Key link. To see the X.509 Certificates for the local peer and the remote peer, select the View X.509 ...
Page 151 7: Networking Cisco ASA5525x Pre-Shared Key / IKEv1 This configuration is an example of a remote access connection to a Cisco ASA5525 VPN server / responder. EMG configuration The pre-shared key needs to be configured via the console manager UI. conn ASA5525 keyexchange=ikev1 ike=aes-sha1-modp1536!
Page 152 7: Networking crypto ipsec security-association pmtu-aging infinite crypto map site2site 10 match address asa-router-vpn set pfs group5 set peer 192.168.1.204 set ikev1 transform-set ipsecvpn crypto map site2site interface outside crypto ikev1 enable outside crypto ikev1 policy 10 authentication pre-share encryption aes hash sha group 5 lifetime 86400...
Page 153 7: Networking Cisco configuration interface GigabitEthernet0/0 nameif outside security-level 0 ip address 192.168.1.130 255.255.255.0 interface GigabitEthernet0/3 nameif inside security-level 100 ip address 192.168.3.130 255.255.255.0 object-group network local-network network-object 192.168.3.0 255.255.255.0 network-object 192.168.3.250 255.255.255.255 object-group network remote-network network-object 192.168.0.0 255.255.255.0 network-object 192.168.0.222 255.255.255.255 access-list asa-router-vpn extended permit ip object-group local-network object-group remote-network access-list ASA-SLC-ACCESS extended permit ip object-group local-network...
Page 154 7: Networking Cisco ISR 2921 Pre-Shared Key / XAUTH / IKEv2 This configuration is an example of a remote access connection to a Cisco ISR2921 VPN server / responder. Console manager configuration The pre-shared key needs to be configured via the console manager UI. conn ISR2921 keyexchange=ikev2 ike=aes-sha2_384-modp1536!
Page 155: Vpn Commands
7: Networking group 2 crypto isakmp policy 5 encr 3des authentication pre-share group 5 crypto isakmp policy 10 lifetime 120 crypto isakmp key cisco123 address 192.168.1.100 crypto ipsec transform-set ISR esp-3des esp-sha384-hmac mode tunnel crypto map CM 10 ipsec-isakmp set peer 192.168.1.100 set transform-set ISR set ikev2-profile IKEv2_Profile match address VPN-TRAFFIC...
Page 156: Performance Monitoring
7: Networking Performance Monitoring The EMG supports Performance Monitoring probes for analyzing network performance. Probes for DNS Lookup, HTTP Get, ICMP Echo, TCP Connect, UDP Jitter and UDP Jitter VoIP are supported. Up to 15 different probes can be configured. Each probe will run a series of operations, each of which sends a series of packets to a destination host.
Page 157: Figure 7-19 Network > Perf Monitoring
7: Networking To manage or view status for a Performance Monitoring probe: 1. Click the Network tab and select the Perf Monitoring option. The following page displays. Figure 7-19 Network > Perf Monitoring 2. In the upper section of the page, modify the global Performance Monitoring settings: Number of operations Specifies the number of operation set files to keep for each probe.
Page 158 7: Networking UDP Echo Responder Starts the UDP Echo responder on the port configured in UDP Port to reply to UDP echo packets. The EMG UDP Echo responder supports one UDP echo sender. When the UDP Echo responder is enabled, the EMG will verify that the responder UDP port is not being used by any other EMG processes, including port 1967 which is reserved for the UDP Jitter responder.
Page 159: Performance Monitoring - Add/Edit Probe
7: Networking Performance Monitoring - Add/Edit Probe web page allows a user to add a new Performance Performance Monitoring - Add/Edit Probe Monitoring probe or edit an existing Performance Monitoring probe. To add a new probe or edit an existing probe: 1.
Page 160 7: Networking 3. Modify the probe settings: Probe Type Select from one of the available probe types: DNS Lookup - Performs a DNS lookup on the hostname specified in the  Destination Host using the Name Server. By default port 53 is always used as the Destination Port.
Page 161 7: Networking Data Size The size in bytes to use for the payload portion of the packet - this size is in addition to the IPv4 header and the TCP, UDP or ICMP header. Any additional space in the packet that is not used by the protocol will be padded with random data that can be used for data verification (see below).
Page 162: Performance Monitoring - Results
7: Networking Performance Monitoring - Results The Performance Monitoring - Operations page displays all of the operations that have been saved for a selected probe. The probe ID and name are shown at the top of the web page. From this page, the user may select any operation to view its round trip time (RTT) results, or the accumulated statistics for all round trip times in an operation.
Page 163 7: Networking Accumulated Statistics A summary of all round trip time and any error conditions is displayed. The display will vary for non-jitter and jitter results. For example, non-jitter accumulated results will show: Latest Accumulated Statistics Probe 1/ICMP, operation icmp_190709_154501.dat: Operation Type: ICMP Echo to 172.19.100.17, Ethernet Port: both 10 packets sent 500 ms apart, timeout 200 ms...
Page 164: Table 7-21 Error Conditions Detected By Probes
7: Networking Positive Min/Avg/Max: 0/0/0 msec Positive Number Of/Sum of All/Sum of All Squared: 0/0/0 msec Negative Min/Avg/Max: 0/0/0 msec Negative Number Of/Sum of All/Sum of All Squared: 0/0/0 msec Number of Successes: 10 Number of Errors: 0 Lost Packet: 0 (0%) Out of Sequence: 0 Late Arrival: 0 Miscellaneous Error: 0...
Page 165: Figure 7-22 Performance Monitoring - Operations
7: Networking To view results for a Performance Monitoring probe: 1. Click the Network tab and select the Perf Monitoring option. The Network > Perf Monitoring page displays. 2. Select a probe from the table in the lower part of the page and select the Operations link. The Performance Monitoring - Operations page displays.
Page 166: Performance Monitoring Commands
7: Networking Performance Monitoring Commands Go to to view CLI commands which correspond to the web Performance Monitoring Commands page entries described above. EMG™ Edge Management Gateway User Guide...
Page 167: 8: Services
Identify a Simple Mail Transfer Protocol (SMTP) server.  Configure an audit log.  Configure NFS and CIFS shares.  View the status of and manage the EMGs on the Secure Lantronix network.  Set the date and time.  Configure the web server. ...
Page 168: Figure 8-1 Services > Ssh/Telnet/Logging
8: Services Figure 8-1 Services > SSH/Telnet/Logging 2. Enter the following settings: EMG™ Edge Management Gateway User Guide...
Page 169: System Logging
8: Services System Logging Note: Firmware version 9.0.0.0 and prior versions use syslog format defined by RFC3164. Firmware versions 9.1.0.0 and later use syslog format defined by RFC5424. Alert Levels Select one of the following alert levels from the drop-down list for each message category: Off: Disables this type of logging.
Page 170: Ssh
8: Services Enable Logins Enables or disables SSH logins to the EMG unit to allow users to access the CLI using SSH. Enabled by default. This setting does not control SSH access to individual device ports. (See Device Ports for information on enabling SSH access to individual ports.) - Settings Most system administrators enable SSH logins, which is the preferred method of accessing the system.
Page 171: Web Ssh/Web Telnet Settings
8: Services Escape Sequence A single character or a two-character sequence that causes the EMG unit to terminate a Telnet client. Currently the Escape Sequence is only used for Web Telnet sessions. The default value is Esc+T (escape key, then uppercase "T" performed quickly but not simultaneously).
Page 172: Discovery Server
See the MIB definition file for details. The EMG MIB definition file and the top level MIB file for all Lantronix products is accessible from the SNMP web page. The SLC8000 and EMG share the same MIB definition file, although not every object in the MIB applies to both models.
Page 173: Figure 8-2 Services > Snmp (1 Of 2)
8: Services Figure 8-2 Services > SNMP (1 of 2) EMG™ Edge Management Gateway User Guide...
Page 174: Figure 8-3 Services > Snmp (2 Of 2)
Enables or disables the Simple Network Management Protocol (SNMP) agent, which allows read-only access to the system. Disabled by default. Top Level MIB Click the link to access the top level MIB file for all Lantronix products. (link) EMG MIB (link) Click the link to access the EMG MIB definition file for EMGs.
Page 175 8: Services Enable Traps Traps are notifications of certain critical events. Disabled by default. This feature is applicable when SNMP is enabled. Traps that the EMG unit sends include: coldStart (generic trap 0, OID 1.3.6.1.6.3.1.1.5.1)  linkDown (generic trap 2, OID 1.3.6.1.6.3.1.1.5.3) ...
Page 176: V1/V2C Communities
8: Services Port Indicates the port number of the traps sent over TLS. It is the port number preceding the Enable TLS port number. For example, if the Enable TLS port is 10161, the Enable Traps over TLS port number will be 10162. Traps Source IPv4 The Traps Source IPv4 Address can be used to configure the interface (and which Address...
Page 177: Version 3
8: Services Version 3 Security Levels of security available with SNMP v3. No Auth/No Encrypt: No authentication or encryption.  Auth/No Encrypt: Authentication but no encryption. (default)  Auth/Encrypt: Authentication and encryption.  Auth with For Auth/No Encrypt or Auth/Encrypt, the authentication method: MD5: Message-Digest algorithm 5 (default) ...
Page 178: Version 3 Tls (Over Tcp)
8: Services Version 3 TLS (over TCP) SNMP v3 over TLS requires three X.509 certificate files for authenticating the EMG SNMP agent with a client or tool that queries the agent for information. SNMP v3 also requires two X.509 certificate files for authenticating the EMG client application that issues traps with the NMS application that receives traps.
Page 179: Services Commands
 the certificate. FQDN: The DNS name mentioned in the field of the subjectAltName  certificate. For example, abc.lantronix.com. IP Address: The IP address mentioned in the field of the subjectAltName  certificate. For example, 10.0.1.150. Common Name: The common name mentioned in the certificate. For example, ...
Page 180: Figure 8-4 Services > Nfs & Smb/Cifs
8: Services The share allows users to access the contents of the directory or map the directory onto a Windows computer. Users can also access the device port local buffers from the CIFS share. To configure NFS and SMB/CIFS: 1. Click the Services tab and select the NFS/CIFS option. The following page displays: Figure 8-4 Services >...
Page 181: Smb/Cifs Share
NFS and SMB/CIFS Commands entries described above. Secure Lantronix Network Use the Secure Lantronix Network option to view and manage Lantronix IT management (ITM) devices on the local subnet. Note: Status and statistics shown on the web interface represent a snapshot in time. To see the most recent data, reload the web page.
Page 182: Figure 8-5 Services > Secure Lantronix Network
To directly access the web interface for a secure Lantronix device: 3. On the Secure Lantronix Network page, click the IP address of a specific secure Lantronix device to open a new browser page with the web interface for the selected device.
Page 183: Figure 8-6 Ip Address Login Page
1. Make sure that Web Telnet or Web SSH is enabled for the specific device. 2. On the Secure Lantronix Network page, click the SSH or Telnet link in the SSH/Telnet to CLI column directly beside the device you would like to access.
Page 184: Browser Issues
Secure Lantronix Page Click the Services tab, then click the Secure Lantronix Network link (see Figure 8-5.) Select the port you want to configure. Enabled port numbers are in bright green boxes and will allow you to select either a WebSSH or a WebTelnet session.
Page 185: Troubleshooting Browser Issues
5. To delete an IP address from the IP Address List, select the address and click the Delete IP Address button. 6. Click the Apply button. When the confirmation message displays, click Secure Lantronix Network on the main menu. The page displays the Services >...
Page 186 "EMGXYZ.lantronix.com", and the unit website is being accessed in a browser with "https:// EMGXYZ.lantronix.com", the unit needs to be configured with a name server that will allow the unit to perform a reverse lookup on the IP address associated with EMGXYZ.lantronix.com. Failure to perform a reverse lookup on a name may result in name mismatch errors in the browser when it attempts to open the Web SSH or Web Telnet window.
Page 187: Web Ssh/Telnet Copy And Paste
Paste from browser option in the right-click menu to paste content from the system clipboard into a text field in a popup, and after hitting Enter, the content will be sent to the Web SSH or Web Telnet window. Secure Lantronix Network Commands Go to SLC Network Commands to view CLI commands which correspond to the web page entries described above.
Page 188: Date And Time
8: Services Date and Time Use the Date and Time Settings page to specify the local date, time, and time zone at the EMG location, or enable the EMG unit to use NTP to synchronize with other NTP devices on your network.
Page 189: Figure 8-10 Services > Date & Time
8: Services 1. Click the Services tab and select the Date & Time option. The following page displays: Figure 8-10 Services > Date & Time 2. Enter the following: Change Date/Time Select the checkbox to manually enter the date and time at the EMG location. Date From the drop-down lists, select the current month, day, and year.
Page 190: Date And Time Commands
8: Services Synchronize via Select one of the following: Broadcast from NTP Server: Enables the EMG unit to accept time  information periodically transmitted by the NTP server. This is the default if you enable NTP. Poll NTP Server: Enables the EMG to query the NTP Server for the correct ...
Page 191: Web Server
8: Services Web Server The Web Server supports all versions of the TLS protocol (TLSv1.0, TLSv1.1, TLSv1.2 and TLSv1.3), but due to security concerns, does not support any versions of the SSL protocol. TLSv1.0 and TLSv1.1 can be disabled. In addition to providing user access to the web interface, the web server also provides a REST API interface.
Page 192 8: Services 2. Enter the following fields: Timeout Select No to disable Timeout.  Select Yes, minutes (5-120) to enable timeout.  Enter the number of minutes (must be between 30 and 120 minutes) after which the EMG web session times out. The default is 30. Note: If a session times out, refresh the browser page and login to a new web session.
Page 193: Admin Web Commands
8: Services Admin Web Commands Go to to view CLI commands which correspond to the web page entries Administrative Commands described above. Services - SSL Certificate Services > Web Server page enables you to view and update SSL certificate information. The SSL certificate, consisting of a public/private key pair used to encrypt HTTP data, is associated with the web server.
Page 194: Figure 8-12 Web Server - Ssl Certificate
8: Services Figure 8-12 Web Server - SSL Certificate 2. If desired, enter the following: Reset to Default To reset to the default certificate, select the checkbox to reset to the default Certificate certificate. Unselected by default. Root Filename Filename of the imported root or intermediate Certificate Authority. If HTTPS is selected as the method for import, the Upload File link will be selectable to upload a Certificate authority.
Page 195 The locality or city for the custom certificate, e.g. "Irvine". Must be at least 2 characters long. Organization Name The organization or company name for the custom certificate, e.g. "Lantronix". Must be at least 2 characters long. Organization Unit The unit name for the custom certificate, e.g. "Engineering" or "Sales". Must be at Name least 2 characters long.
Page 196: Services - Web Sessions
8: Services Services - Web Sessions page enables you to view and terminate current web sessions. Services > Web Server To view or terminate current web sessions: 1. On the Services tab, click the Web Server page and click the Web Sessions link to the right. The following page displays: Figure 8-13 Web Server - Web Sessions 2.
Page 197: Percepxion
8: Services Percepxion Percepxion is a cloud or on-premise portal for the centralized management of multiple Lantronix ITM devices. A browser based interface (including mobile phone app support) allows an administrator to view status, send commands, view logs and charts and update firmware. Each Lantronix device can communicate with the cloud server or on-premise server, sending status updates and responding to commands sent by the server.
Page 198 8: Services or shutdown. Each time a message is received, Status of Client will display Message received with the date and time the message was received. 4. Firmware and Configuration Updates The client checks for firmware and configuration updates at the interval defined by Interval between FW and Config Checks.
Page 199 8: Services second, and this may result in the Device Port Connection Status being set to Disconnected. 8. CLI Commands CLI commands can be issued to a set of console managers from Percepxion. CLI commands which require user input for a confirmation or prompt, or require some other user interaction ('connect direct' or diag commands) are not supported.
Page 200: Figure 8-15 Services > Percepxion
8: Services Figure 8-15 Services > Percepxion EMG™ Edge Management Gateway User Guide...
Page 201 8: Services 2. Enter the following: Percepxion Client Enables or disables the Percepxion client. This option is enabled by default, unless an EMG is not configured with a Device ID. When the client is enabled, it will attempt to register with the Registration Host. If this is successful, the client will attempt to establish a connection with the Messaging Host.
Page 202: Device Attributes
Long description that is displayed in the Percepxion server UI. Device ID The unique device identifier. The ID is 32 alphanumeric characters. The ID may be provisioned using Lantronix Provisioning Manager (LPM). Contact Lantronix Tech Support for more information on LPM. Displays the serial number.
Page 203: Percepxion Commands
8: Services Remote Access Idle Timeout Remote Access CLI Remote Access CLI Connection will be idle timed out after a specified number Timeout of seconds as defined in the Seconds field to the right. Enter a value from 1 to 1800 seconds.
Page 204: 9: Usb/Sd Card Port
USB/SD Card Port This chapter describes how to configure SD cards, storage (thumb drive), and USB serial devices. A thumb drive or SD card is useful for firmware updates, saving and restoring configurations and for device port logging. See Firmware & Configurations.
Page 205: Figure 9-1 Devices > Usb / Sd Card
9: USB/SD Card Port Figure 9-1 Devices > USB / SD Card To configure a USB/SD card storage port: 1. Insert any of the supported storage devices into the USB port or the SD card slot on the front of the EMG unit. 2.
Page 206: Figure 9-2 Devices > Usb > Configure
9: USB/SD Card Port Figure 9-2 Devices > USB > Configure Figure 9-3 Devices > SD Card > Configure 5. Enter the following fields. Mount Select the checkbox to mount the first partition of the storage device on the EMG unit (if not currently mounted). Once mounted, a USB thumb drive or SD card is used for firmware updates, device port logging and saving/restoring configurations.
Page 207: Manage Files
9: USB/SD Card Port Unmount To eject the USB thumb drive or SD card from the EMG unit , first unmount the thumb drive or SD card . Select the checkbox to unmount it. Warning: If you eject a thumb drive or SD card from the EMG unit without unmounting it, subsequent mounts of a USB thumb drive or SD card in may fail, and you will need to reboot the device to restore thumb drive or SD card functionality.
Page 208: Usb Serial Settings
9: USB/SD Card Port Figure 9-4 Firmware and Configurations - Manage Files Note: The Delete, Download, and Rename options are at the bottom of the page (Figure 9-4). 2. To delete a file, click the check box next to the filename and click Delete File. A confirmation message displays.
Page 209: Figure 9-5 Devices > Usb/Sd Card - Serial Port
9: USB/SD Card Port Figure 9-5 Devices > USB/SD Card - Serial Port 4. Select the USB serial device from the USB Ports table and click Configure. The USB - Serial configuration page is displayed. Figure 9-6 Devices > USB/SD Card > USB - Serial 5.
Page 210: Data Settings
9: USB/SD Card Port Data Settings Baud The speed with which the device port exchanges data with the attached serial device. From the drop-down list, select the baud rate. Most devices use 9600 for the administration port, so this is the default. Check the equipment settings and documentation for the proper baud rate.
Page 211: 10: Device Ports
10: Device Ports This chapter describes how to configure and use an EMG port connected to an external device, such as a server or a modem. This chapter also describes how to configure the console port. describes how to use the web page to connect Chapter 13: Connections Devices >...
Page 212: I/O Modules
10: Device Ports 3. Clear mode: The user can clear the contents of the device port buffer (set locallog <port> clear buffer command). The administrator and users with local user rights may assign individual port permissions to local users. The administrator and users with remote authentication rights assign port access to users authenticated by NIS, RADIUS, LDAP, Kerberos and TACACS+.
Page 213: Device Status
10: Device Ports Device Status page displays the status of the EMG ports, the USB port and SD Devices > Device Status card port. Click the Devices tab and select the Device Status option. The following page displays: Figure 10-2 Devices > Device Status Device Ports On the page, you can set up the numbering of Telnet, SSH, and TCP...
Page 214: Telnet/Ssh/Tcp In Port Numbers
10: Device Ports Figure 10-3 Devices > Device Ports Current port numbering schemes for Telnet, SSH, and TCP ports display on the left. The list of ports on the right includes the individual ports and their current mode. Note: Icons that represent some of the possible modes include: Idle The port is not in use.
Page 215: Device Port Global Commands
10: Device Ports Starting TCP Port Each port is assigned a number for connecting through a raw TCP connection. Enter a number (1025-65528) that represents the first port. The default is 4000 plus the port number. For example, if you enter 4001, port 1 will be 4001 and subsequent 4000 ports are automatically assigned numbers 4001, 4002, and so on.
Page 216: Device Ports - Settings
10: Device Ports Device Ports - Settings On the page, configure IP and data (serial) settings for individual Device Ports > Settings (1 of 2) ports, and if the port connects to an external modem, modem settings as well. To open the Device Ports - Settings page: 1.
Page 217: Figure 10-4 Device Ports > Settings (1 Of 2)
10: Device Ports The following page displays: Figure 10-4 Device Ports > Settings (1 of 2) EMG™ Edge Management Gateway User Guide...
Page 218: Device Port Settings
10: Device Ports Figure 10-5 Device Ports > Settings (2 of 2) 2. Enter the following: Device Port Settings Port Displays number of port; displays automatically. Mode The status of the port; displays automatically. USB Device This field is only displayed for USB ports. If a USB device is connected to the device port, this displays the USB version, speed, and a short type description for the USB device.
Page 219 10: Device Ports Detect Port Name If enabled, the EMG will attempt to detect the hostname of the device connected to the device port, and set the device port name to the detected hostname. Many devices use their hostname or another identifier as the device prompt, and the EMG can extract this name from the prompt using the Detect Name Tokens.
Page 220: Ip Settings
10: Device Ports Break Sequence A series of one to ten characters users can enter on the command line interface to send a break signal to the external device. A suggested value is Esc+B (escape key, then uppercase “B” performed quickly but not simultaneously). You would specify this value as \x1bB, which is hexadecimal (\x) character 27 (1B) followed by a B.
Page 221: Data Settings
10: Device Ports Seconds Enter a value from 1 to 3600 seconds if selecting the Telnet, SSH or TCP Timeout checkbox to the left. The default is 600 seconds. Note: When the Idle Timeout Msg is enabled, the terminal application timeout values for Telnet, SSH and TCP should be set to a value greater than 15 seconds.
Page 222: Hardware Signal Triggers
10: Device Ports Parity Parity checking is a rudimentary method of detecting simple, single-bit errors. From the drop-down list, select the parity. The default is none. Flow Control A method of preventing buffer overflow and loss of data. The available methods include none, xon/xoff (software), and rts/cts (hardware).
Page 223: Modem Settings (Device Ports)
Ethernet patch cable, without the need for a rolled cable or adapter. Enabled by default. Note: Applies to serial RJ45 device ports only. All Lantronix serial adapters are intended to be used with Reverse Pinout disabled. USB VBUS For USB Device Ports only.
Page 224: Modem Settings: Text Mode
10: Device Ports Initialization Script Commands sent to configure the modem may have up to 100 characters. Consult your modem’s documentation for recommended initialization options. If you do not specify an initialization script, the EMG unit uses a default initialization string AT S7=45 SO=0 &D2...
Page 225 10: Device Ports Authentication Enables PAP or CHAP authentication for modem logins. PAP is the default. With PAP, users are authenticated by means of the Local Users and any of the remote authentication methods that are enabled. With CHAP, the CHAP Handshake fields authenticate the user.
Page 226: Port Status And Counters
10: Device Ports Port Status and Counters Port Counters describe the status of signals and Table 10-6 Port Status and Counters interfaces. EMG updates and increments the port counters as signals change and data flows in and out of the system. These counters help troubleshoot connections or diagnose problems because they give the user an overview of the state of various parameters.
Page 227 10: Device Ports --------------------------------------------- Power Management and Baud Rate Menu --------------------------------------------- RPM/outlet>>> trippOUT4 sentry3OUT15 A. Status E. Turn On H. Turn On B. Help F. Turn Off I. Turn Off C. Set Baud G. Power Cycle J. Power Cycle D. Quit This menu allows the administrator to query status and control any of the power supplies that provide power to the device connected to the device port and change the Baud Rate of the device port.
Page 228: Figure 10-7 Device Ports - Power Management
10: Device Ports Figure 10-7 Device Ports - Power Management 3. Enter the following: Power Management A series of one to ten characters that will display the Power Management menu Sequence when connected to the device port. The default value is Esc+P (escape key, then uppercase "P").
Page 229: Device Port - Sensorsoft Device
10: Device Ports Outlet For each managed power supply, enter the outlet on the selected RPM. As an aid to selecting the outlet, click the View Outlets button, then select an outlet from the list and click the Select Outlet button. The managed power supply outlet number will be filled in, as well as the managed power supply outlet name if a name is listed for the outlet and one has not already been defined for the managed power supply.
Page 230: Figure 10-8 Devices > Device Ports - Sensorsoft
10: Device Ports Figure 10-8 Devices > Device Ports - Sensorsoft 4. Select a port and enter or view the following information: Dev Port Displays the number of the EMG port. Device Port Name Displays the name of the EMG port. Curr Temp Current temperature (degrees Celsius) on the device the sensor is monitoring.
Page 231: Device Port Commands
10: Device Ports Figure 10-9 Sensorsoft Status Device Port Commands Go to to view CLI commands which correspond to the web page entries Device Port Commands described above. Device Commands Go to to view CLI commands which correspond to the web page entries Device Commands described above.
Page 232: Interacting With A Device Port
10: Device Ports Interacting with a Device Port Once a device port has been configured and connected to an external device such as the console port of an external server, the data received over the device port can be monitored at the command line interface with the connect listen command, as follows: To connect to a device port to monitor it: connect listen deviceport <Port # or Name>...
Page 233: Device Ports - Logging And Events
10: Device Ports Device Ports - Logging and Events The EMG products support port buffering of the data on the system's device ports as well as notification of receiving data on a device port. Port logging is disabled by default. You can enable more than one type of logging (local, NFS file, token and data detection, SD card, or USB port) at a time.
Page 234: Token/Data Detection
10: Device Ports Token/Data Detection The system administrator can configure the device log to detect when a user-defined string or number of characters is received from the device, and automatically perform one or more actions: send a message to the system log, send an SNMP trap, send an email alert, send a string to the device, or control one of the power supplies associated with the device.
Page 235: Token & Data Detection
10: Device Ports Figure 10-10 Devices > Device Ports - Logging & Events 2. Enter the following: Token & Data Detection Token & Data Select to enable token and data detection on the selected device port, with a set of Detection actions that can be enabled if a data trigger occurs.
Page 236 10: Device Ports Byte Threshold The number of bytes of data the port will receive before the EMG unit will capture log data and initiate the selected actions. The default is 100 bytes. In most cases, the console port of your device does not send any data unless there is an alarm condition.
Page 237: Local Logging
10: Device Ports Local Logging Local Logging If you enable local logging, each device port stores 256 Kbytes (approximately 400 screens) of I/O data in a true FIFO buffer. Disabled by default. Clear Local Log Select the checkbox to clear the local log. View Local Log Click this link to see the local log in text format.
Page 238: Logging Commands
10: Device Ports 3. To apply settings to other device ports in addition to the currently selected port, select the Apply settings to Device Ports and enter port numbers separated by commas. Indicate a range of port numbers with a hyphen (e.g., 2, 5, 7-10), and separate ranges with commas. 4.
Page 239: Console Port Commands
10: Device Ports Stop Bits The number of stop bits that indicate that a byte of data has been transmitted. From the drop-down list, select the number of stop bits. The default is 1. Parity Parity checking is a rudimentary method of detecting simple, single-bit errors. From the drop-down list, select the parity.
Page 240: Internal Modem
10: Device Ports Internal Modem The internal modem is an optional part. If the modem is installed, a message will be displayed when the unit boots: Internal modem installed. The presence of the modem will also be displayed in the CLI admin version command, the page, and the System Configuration report.
Page 241: Figure 10-12 Devices > Internal Modem
10: Device Ports Figure 10-12 Devices > Internal Modem 2. Complete or view the following sections: Text Mode Mode. State Indicates whether the internal modem is enabled. When enabling, set the modem to dial-out, dial-in, dial-back, and dial-on-demand. Disabled by default. For more information on the different dialing types, see Modem Dialing States.
Page 242 10: Device Ports Mode The format in which the data flows back and forth. With Text selected, the EMG unit assumes that the modem will be used for  remotely logging into the command line. Text mode is only for dialing in. This is the default.
Page 243 10: Device Ports Dial-back Number Users with Dial-back can dial into the EMG unit and enter their login and password. Once the EMG unit authenticates them, the modem hangs up and dials them back . Select the phone number the modem dials back on: a fixed number or a number associated with their login.
Page 244: Internal Modem Commands
DIO Port DIO port applies to EMG 8500 only. The front of the EMG unit has two Digital Inputs and one Relay Output. DIO ports can be used in Events as a trigger (inputs) or an action (relay output). Specifications for the DIO port: Two configurable inputs suitable for TTL input levels and tolerant up to 30VDC input voltage.
Page 245: Dio Commands
10: Device Ports State (view only) Displays the current state of the port: on or off. Normal State Defines the typical or normal state of the DIO Input port. This setting is used for Events. 2. Change the following Front Relay port fields: Name The name of the port.
Page 246: Xmodem
10: Device Ports Xmodem The EMG supports using the Xmodem, Ymodem, or Zmodem protocols to send and receive files across serial ports. An Xmodem repository on the EMG holds files that can be sent or have been received. In order to use one of the protocols, the device port that will be used must not be currently in use for any other purpose.
Page 247 10: Device Ports To manage the Xmodem repository, send files or receive files: 1. Click the Devices tab and select the Xmodem option. The Xmodem page displays: 2. To upload a file to the repository, click the Upload File link and upload a file in the window that is displayed.
Page 248: Xmodem Commands
10: Device Ports 6. Click the Send File to Device Port button. The send will be initiated, and the Status window can be opened to view the progress of the send. When the Xmodem protocol is used, the user will be prompted when to start the file receive with the message, “Give your local XMODEM receive command now.”...
Page 249: Host Lists
10: Device Ports Host Lists A host list is a prioritized list of SSH, Telnet, and TCP hosts available for establishing incoming modem connections or for the connect direct command on the CLI. The EMG unit cycles through the list until it successfully connects to one. To add a host list: 1.
Page 250 10: Device Ports Protocol Protocol for connecting to the host (TCP, SSH, or Telnet). Port Port on the host to connect to. Escape Sequence The escape character used to get the attention of the SSH or Telnet client. It is optional, and if not specified, Telnet and SSH use their default escape character.
Page 251: Figure 10-14 Devices >View Host Lists
10: Device Ports To view or update a host list: 1. In the Host Lists table, select the host list and click the View Host List button. The list of hosts display in the Hosts box. Figure 10-14 Devices >View Host Lists 2.
Page 252: Host List Commands
10: Device Ports Escape Sequence The escape character used to get the attention of the SSH or Telnet client. It is optional, and if not specified, Telnet and SSH use their default escape character. For Telnet, the escape character is either a single character or a two-character sequence consisting of '^' followed by one character.
Page 253: Sites
10: Device Ports Sites A site is a group of site-oriented modem parameters (or modem profile) that can be activated by various modem-related events (authentication on dial-in, outbound network traffic for a dial-on- demand connection, etc.). The site parameters will override parameters that are configured for a modem.
Page 254 10: Device Ports Note: To clear fields in the lower part of the page, click the Reset Site button. Site Id Displays after a site is created. (view only) Site Name Enter a name for the site. Port Select the port: None, Internal Modem, Device Port, or USB Port U1 the site is assigned to.
Page 255: Site Commands
10: Device Ports Dial-back Number The phone number to dial on callback for text or PPP dial-back connections. A site must successfully authenticate, have Allow Dial-back enabled and have a Dial-back Number defined in order for the site to be used for callback. Allow Dial-back If enabled, the site is allowed to be used for dial-back connections.
Page 256 10: Device Ports never hangs up, this can result in dial-in access to the console manager being blocked until the administrator resolves this issue). A maximum of 20 access lists can be created. To use an access list with a modem, create one or more access lists (described below), then assign the access list to the console manager internal modem or an external USB modem.
Page 257: Access List Commands
10: Device Ports Allowed Phone Numbers The list of phone numbers that are allowed to dial into a modem. Each access list must contain at least one phone number, and can have up to a maximum of 100 numbers. Enter numbers in the Phone Number field and click the right arrow to add numbers to the list.
Page 258: Dial-Back
10: Device Ports authenticate the login and password sent by the PPP peer, and the site list will be searched for a site that (a) the Login/CHAP Host matches the name that was authenticated, (b) Authentication is set to PAP, and (c) the Port is set to None or matches the port the modem is on.
Page 259: Dial-On-Demand
10: Device Ports using either negotiated IP addresses or specific IP addresses (determined by the Negotiate IP Address setting). Dial-on-demand The EMG unit automatically dial outs and establishes a PPP connection when IP traffic destined for a remote network needs to be sent. It will remain connected until no data packets have been sent to the peer for a specified amount of time.
Page 260: Dial-Back & Dial-On-Demand
10: Device Ports Dial-back & Dial-on-demand A modem is configured to be in two modes: answering incoming calls to initiate a dial-back, and automatically dialing out to establish a PPP connection when IP traffic destined for a remote network needs to be sent. When either event occurs (an incoming call or IP traffic destined for the remote network), the other mode will be disabled.
Page 261: Cbcp Client
10: Device Ports The EMG waits for a client to call the EMG unit, establishes a PPP connection, authenticates the user, and negotiates a dial-back number with the client using CBCP. If the EMG is able to determine a dial-back number to use, it hangs up and calls the dial-back number. When a call is received, a PPP connection is established, and the user will be authenticated via PAP or CHAP (configured with the Authentication setting).
Page 262 10: Device Ports The default values for the various key sequences (Escape Sequence, Break Sequence, View Port Log Sequence, Power Menu Sequence) are set to different key sequences, and it is recommended that they always be set to different key sequences so that the EMG can properly handle each of the functions accessed by the key sequence while connected to a device.
Page 263: 11: Power Management
11: Power Management Integrated PDU Management The console manager supports a single integrated external PDU to manage power for devices that may (or may not be) connected to the console manager via a serial port. This feature allows the administrator to view outlet status, turn outlets on or off, reboot outlets, view outlet current, set outlet wake (power on) state, and view PDU status.
Page 264 11: Power Management 2. The following page displays: EMG™ Edge Management Gateway User Guide...
Page 265 11: Power Management 3. Configure the following fields: PDU Model Select the model of the integrated PDU. The console manager will automatically determine what PDU features are available to the administrator based on the selected model. Supported models are SP-1004A and SP-1004B. PDU Port Select the RJ45 or USB Device Port or USB Port (U1, or U2 on console managers that have 2 USB ports) which is connected to the console port of the PDU.
Page 266: Power Commands
11: Power Management Power State Select whether the power should be on or off. Note that a Power State change and Reboot cannot be performed at the same time. If the PDU Model is changed from None to a supported model, the default Power State will be set to reflect the default state for the selected model.
Page 267: Figure 11-1 Devices > Rpms
11: Power Management Figure 11-1 Devices > RPMs 2. In the RPMs table, select the RPM by clicking on the radio button in the far right column. The options that are available for that RPM will be displayed as active links above the RPMs table.
Page 268: Figure 11-2 Rpm Shutdown Order
11: Power Management Beeper: Enable, Mute, If the RPM has a beeper than can be controlled, these options allow Disable the administrator to Enable, Mute, or Disable the beeper. If you try to use Mute to silence a beeper and the beeper continues to sound, the UPS most likely does not support mute, and the Disable option will be the only way to silence the beeper.
Page 269: Figure 11-4 Rpm Raw Data Log
11: Power Management Figure 11-4 RPM Raw Data Log EMG™ Edge Management Gateway User Guide...
Page 270: Rpms - Add Device
11: Power Management Figure 11-5 RPM Logs Figure 11-6 RPM Environmental Log RPMs - Add Device The Add Device page assists the administrator with adding a new managed RPM to the EMG configuration. With over 140 different vendors and nearly 1000 different models that are supported, the key to ensuring the EMG can properly manage a PDU or UPS is selecting the right model (with its associated driver) and any required driver options, especially for USB managed devices.
Page 271: Figure 11-7 Devices > Rpms - Add Device
11: Power Management Note: Devices > RPMs - Add Device page with the same functionality can also be accessed through the Device Ports > Settings (1 of 2) page by selecting RPM in the Connected dropdown menu. Figure 11-7 Devices > RPMs - Add Device EMG™...
Page 272 11: Power Management 3. Enter the following: Vendor Select the correct vendor from the drop-down menu. Model Select the Model in the drop-down menu. The drop-down menu will be populated with models supported for the selected vendor. To the left of each model name is one or two letters in parentheses that indicate the type of control available for the selected model: P - SNMP, S - serial port, U - USB port, N - network.
Page 273: Rpms - Manage Device
11: Power Management Critical SNMP Traps If enabled, under critical conditions (UPS goes onto battery power, UPS battery is low, UPS forced shutdown in progress, UPS on line power, UPS battery needs to be replaced, RPM is unavailable, communications with RPM lost, communications with RPM established), a EMGEventRPMAction trap will be sent to the NMS configured in the...
Page 274 11: Power Management Figure 11-8 RPMs - Manage Device 3. Enter the following: RPM Id (view only) The unique number associated with the RPM. Name Specify the unique name of the RPM (up to 20 characters). Status (view only) The current status of the RPM. Any error status will be shown here. Vendor (view only) The manufacturer of the RPM.
Page 275 11: Power Management Current (view only) The total current value for the RPM in Amperes, if this information is provided by the RPM. If the RPM consists of two separate towers or units, each with its own current value, both current values will be displayed, separated by a slash. Input Voltage (view The input voltage for the RPM in Volts, if this information is provided by the RPM.
Page 276 11: Power Management Log Status Indicates if the status of the RPM is periodically logged. Select Yes, minutes to log the status periodically and enter a value between 1 and 60 minutes. The logs can be viewed by viewing the RPMs web page and clicking on "Logs". Critical SNMP Traps If enabled, under critical conditions (UPS goes onto battery power, UPS battery is low, UPS forced shutdown in progress, UPS on line power, UPS battery needs to be replaced, RPM is unavailable, communications with RPM lost, communications with...
Page 277: Rpms - Outlets
11: Power Management RPMs - Outlets The Outlets page allows the administrator to view the current status of each individual outlet on an RPM, and change the state of the outlets. Not all RPMs support individual outlet status and control. To control and view status for RPM outlets: 1.
Page 278 11: Power Management continue to run until its battery fails completely, to shutdown just the UPS with the low battery, or to shutdown one or more UPSes. UPS-type RPMs can report the following states: OL - On line power  OB - On battery power ...
Page 279: Optimizing And Troubleshooting Rpm Behavior
11: Power Management will still be shutdown if another UPS reaches the low battery state and has its Low Battery Action set to Shutdown all UPSes. Shutdown Both EMG UPSes - This setting should only be used on dual-power EMG units ...
Page 280: Rpm Commands
11: Power Management Driver Debug Mode - The driver can be run in debug mode at the CLI and the output  examined to determine why the driver is not starting or is unable to communicate with the RPM. The CLI command set rpm driver <RPM Id or Name> action debug [level <1|2|3>] will stop any currently running driver and restart the driver in debug mode with output sent to a local file.
Page 281: 12: Scripts
12: Scripts This chapter describes how to use Scripts to automate tasks performed on the EMG CLI or on device ports. EMG supports the following types of scripts: Interface Scripts which use a subset of the Expect/Tcl scripting language to perform pattern ...
Page 282: Figure 12-2 Adding Or Editing New Scripts
12: Scripts 2. Click the Add Script button. The page for editing script attributes displays. Figure 12-2 Adding or Editing New Scripts 3. Enter the following script details: Script Name A unique identifier for the script. Type Select Interface for a script that utilizes Expect/Tcl to perform pattern detection ...
Page 283 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., EMG or SLC devices) on Network the local subnet. Date/Time Right to set the date and time.
Page 284: Figure 12-3 Scripts > Custom Scripts - Scheduler
12: Scripts To view or update a script: 1. In the Scripts table, select the script and click the Edit Script button. The page for editing script attributes displays (see Figure 12-2). 2. Update the script attributes (see To add a script: above).
Page 285 12: Scripts with one schedule): Device Type The device - either the CLI or a Device Port - that the script is connected to. State The state of the script’s schedule. A script must be Enabled in order for the script scheduler to begin running the schedule.
Page 286: Script Commands
12: Scripts To delete the completed operations (runs) for a custom script: 1. In the Scripts table, select the script to view operations for, and click Script Operations. 2. The Custom Scripts - Operations page displays, with a list of any results that have been generated for a script, in reverse date/time order.
Page 287: Batch Script Syntax
12: Scripts Batch Script Syntax The syntax for Batch Scripts is exactly the same as the commands that can be typed at the CLI, with the additions described in this section. The sleep command suspends execution of the script (puts it to 'sleep') for the specified number of seconds.
Page 288: Interface Script Syntax
12: Scripts Interface Script Syntax This section describes the abbreviated scripting syntax for Interface Scripts. This limited syntax was created to prevent the creation of scripts containing potentially harmful commands. Script commands are divided into three groups: Primary, Secondary and Control Flow. Primary commands provide the basic functionality of a script and are generally the first element on a line of a script, as in: send_user "Password:"...
Page 289: Primary Commands
12: Scripts Primary Commands These are stand-alone commands which provide the primary functionality in a script. These commands may rely on one or more of the Secondary Commands to provide values for some parameters. The preprocessor will require that these commands appear only as the first element of a command line.
Page 290: Secondary Commands
12: Scripts Command Description expect, expect_user, command waits for input and attempts to match it against one or expect expect_before, more patterns. If one of the patterns matches the input the corresponding expect_after, (optional) command is executed. All commands have the same syntax: expect expect_background expect {<string 1>...
Page 291: Table 12-6 Secondary Commands
12: Scripts Table 12-6 Secondary Commands Command Description string command provides a series of string manipulation operations. The string command will only be used with the to generate a value string set command for a variable. There are nine operations provided by the command.
Page 292: Control Flow Commands
12: Scripts Command Description timestamp This command returns the current time of day as determined by the EMG. The command will only be used in combination with the timestamp set command to produce the value for a variable. Syntax: timestamp <format> where is a quoted string.
Page 293 12: Scripts Command Description if, elseif and else command executes an associated block of commands if its Boolean expression evaluates to TRUE. Each command within the block must be a Primary command. Syntax: if {<Boolean expression>} { command 1 command 2 command n command is used in association with an command - it must...
Page 294: Custom Script Syntax
12: Scripts Custom Script Syntax This section describes the scripting syntax for Custom Scripts. The syntax is more flexible than Interactive Script syntax, but still has restrictions to prevent the creation of scripts containing potentially harmful commands. In addition, Custom Scripts can be configured to use command line parameters.
Page 295 12: Scripts termination. 5. The script cannot contain commands which spawn or fork other commands, read or write files on the EMG filesystem, or interrogate the EMG filesystem. The list of commands that are not allowed for Expect scripts includes "fork", "open", "exp_open", "exec", "system", "log_file", "pwd".
Page 296: Example Scripts
12: Scripts Example Scripts Interface Script—Monitor Port on page 296  Batch Script—EMG CLI on page 299  Expect Custom Script - EMG CLI Session on page 301  Expect Custom Script - EMG Device Port Session on page 303 ...
Page 297 The following is the screen output: emg247]> conn script ex4 deviceport 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Lantronix Edge Management Gateway Model Number: EMG851101 For a list of commands, type 'help'. [EMG251]> show network port 1...
Page 298 12: Scripts Device Port: 7 Seconds since zeroed: 1453634 Bytes input: 0 Bytes output: 0 Framing errors: 0 Flow control errors: 0 Overrun errors: 0 Parity errors: 0 [ EMG251]> Port Counter Monitor Script Ending..________________________________________________________________________ Login Out..logout Returning to command line [emg247]>...
Page 299 [emg247]> connect script monport deviceport 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Lantronix Edge Management Gateway Model Number: EMG851101 For a list of commands, type 'help'. [EMG251]> show network port 1 host show network port 1 host...
Page 300 12: Scripts Device Port: 7 Seconds since zeroed: 1454120 Bytes input: 0 Bytes output: 0 Framing errors: 0 Flow control errors: 0 Overrun errors: 0 Parity errors: 0 [EMG251]> [Current Time:21:25:20] show portcounter deviceport 7 show portcounter deviceport 7 Device Port: 7 Seconds since zeroed: 1454136 Bytes input: 0 Bytes output: 0 Framing errors: 0 Flow...
Page 301 12: Scripts Expect Custom Script - EMG CLI Session An example of an Expect Custom Script that interacts with an EMG CLI session: #! expect # script to get the current internal temperature of the EMG # accepts one optional command line parameter for location set emgPrompt ">"...
Page 302 12: Scripts expect { timeout {myprint "Timeout waiting to login"; abortSession 3} "Need to specify username" {myprint "Need to specify -U "; abortSession 4} "*> " {set loggedIn true} exp_send "\n" expect { timeout {myprint "Timeout waiting for CLI prompt"; abortSession 3} -re "\n\r(\\\[\[^\r]*]>)"...
Page 303 12: Scripts Expect Custom Script - EMG Device Port Session An example of an Expect Custom Script that interacts with a EMG Device Port (in this example a ServerTech PDU is connected to a Device Port): #! expect # Script to get the load of a ServerTech PDU outlet set pduPrompt ">"...
Page 304 12: Scripts # Wait for the first prompt set loggedIn false while {! $loggedIn} { expect { timeout {myprint "Timeout waiting to login"; abortSession 3} "*CDU: " {set loggedIn true} # Detect the prompt exp_send "\n" expect "are:\r\n" expect "LOGIN\r\n" expect "REMOVE\r\n"...
Page 305 12: Scripts Expect Custom Script - EMG Device Port Session An example of an Expect Custom Script that interacts with a EMG Device Port (in this example a Cisco server is connected to a Device Port): #! expect # Save a copy of the running config of a Cisco server to a TFTP server # The Cisco server is connected to an EMG device port proc myprint {str} { send_user -- "$str\n"...
Page 306 12: Scripts set passwordPrompt false set cnt 1 while {! $loggedIn || ! $execMode} { if {$cnt == 5} { myprint "Timeout waiting for > or # prompt" abortSession 4 if {! $passwordPrompt} { send "\r" expect { "*assword: " { send "$enablePassword\r" } ">"...
Page 307 12: Scripts Python Custom Script - EMG CLI Session An example of a Python Custom Script that interacts with a CLI session: #! python # Script to set the RADIUS authentication settings of the EMG # Sets the first RADIUS server and secret, and enables RADIUS # Note: passing secret as a command line parameter is a security vulnerability # Usage:...
Page 308 12: Scripts while True: output_str = proc.stdout.readline() if b'RADIUS settings successfully updated' in output_str: break elif b'set radius' not in output_str: # RADIUS command returned an error s1 = str(output_str) s2 = s1.split("\\r")[1] print("RADIUS command returned: " + s2.split("\\n")[0]) proc.stdin.close() proc.terminate() proc.wait() sys.exit(1)
Page 309 12: Scripts Python Custom Script - EMG CLI Session An example of a Python Custom Script that uses the Pexpect module to interact with the CLI session and the device ports to detect the prompt on any devices connected to the EMG, and set the device port name to be the same as the device prompt: #! python # Script to detect the prompt on a device connected to an EMG device...
Page 310 12: Scripts loggedIn = True slcPrompt = p.match.group(1).decode('utf-8') if numPorts == 0: print("Cannot determine number of device ports.") p.terminate(True) sys.exit(1) print("Number of device ports:", numPorts) # Terminate the CLI session p.sendline("logout") time.sleep(.500) p.wait() skipPorts = False devicePort = 1 pList = [] if numPorts == 24 or numPorts == 40: # Adjust port numbering for SLC8024 and SLC8040 skipPorts = True...
Page 311 12: Scripts print("portsession on DP ", devicePort, "unexpectedly terminated.") break elif i == 2: # login prompt p.sendline("sysadmin") p.expect("Password:") p.sendline("PASS") emgDevice = True gotPrompt = True elif i == 3: # error from portsession print(p.match.group(1).decode('utf-8')) p.terminate(True) p.wait() break elif i == 4: # prompt gotPrompt = True # end if while not gotPrompt:...
Page 312 12: Scripts # Connect to the EMG CLI and set the device port names p=pexpect.spawn('clisession -U sysadmin') loggedIn = False while not loggedIn: i = p.expect([pexpect.TIMEOUT, pexpect.EOF, 'Model Number: SLC80(\d*)\r\n', 'Model Number: SLB882\r\n', '(\[.*>)'], timeout=10) if i == 0: # Timeout print("Timeout waiting to login.") p.terminate(True) sys.exit(1)
Page 313 12: Scripts Tcl Custom Script - EMG CLI Session An example of a Tcl Custom Script that interacts with a CLI session: #! tcl # Script to get the current internal temperature of the EMG # Accepts one optional command line parameter for location set emgTemp "unknown"...
Page 314 12: Scripts set gotTemp true puts "Temperature: $emgTemp" puts $io "logout" flush $io exit 0 EMG™ Edge Management Gateway User Guide...
Page 315: 13: Connections
13: Connections described how to configure and interact with an EMG port connected to Chapter 10: Device Ports an external device. This chapter describes how to use the page to connect Devices > Connections external devices and outbound network connections (such as Telnet or SSH) in various configurations.
Page 316: Remote Access Server
13: Connections Remote Access Server In this setup, the EMG is connected to one or more modems by its device ports. Configure the device ports on the web page by selecting the Dial-in option in the Device Ports > Settings (1 of 2) Modem Settings section.
Page 317: Multiport Device Server
A PC can use the device ports on the EMG unit as virtual serial ports, enabling the ports to act as if they are local ports to the PC. To use the EMG in this setup, the PC requires special software, for example, Com Port Redirector (available on www.lantronix.com) or similar software. Figure 13-4 Multiport Device Server...
Page 318: Connection Configuration
13: Connections Figure 13-5 Console Server Connection Configuration Note: These are advanced connection settings for specific applications. If the EMG is being used as a console or device server it is unlikely that you will need any of the Connection settings described below. To create a connection: 1.
Page 319: Figure 13-6 Devices > Connections
13: Connections Figure 13-6 Devices > Connections 2. For a device port, enter the following: Outgoing Select to turn on or turn off the connection timeout: Connection No for no timeout  Timeout Yes for a timeout. Specify the number of seconds in the seconds field. ...
Page 320: Connection Commands
13: Connections Port If the to field is set to Device Port or Modem on Device Port, enter the number of the device port. For all other options, this is the TCP/UDP port number, which is optional for Telnet out and SSH out, but required for TCP Port and UDP Port. Note: If you select Device Port, it must not have command line interface logins enabled or be running a loopback test.
Page 321: 14: User Authentication
14: User Authentication Users who attempt to log in by means of Telnet, SSH, the console port, or one of the device ports are granted access by one or more authentication methods. The User Authentication page provides a submenu of methods (Local Users, NIS, LDAP, RADIUS, Kerberos, and TACACS+) for authenticating users attempting to log in.
Page 322: Figure 14-1 User Authentication > Auth Methods
14: User Authentication To enable, disable, and set the precedence of authentication methods: 1. From the main menu, select User Authentication. The following page displays: Figure 14-1 User Authentication > Auth Methods 2. To enable a method currently in the Disabled methods list, select the method and press the left arrow to the left of the list.
Page 323: Authentication Commands
14: User Authentication Kerberos Kerberos is a network authentication protocol that enables two parties to exchange private information across an unprotected network. It works by assigning a unique electronic credential, called a ticket, to each user who logs on to the network. The ticket is embedded in messages to identify the sender.
Page 324: User Rights
Device Port Configuration Reboot/Shutdown Ethernet Switch Firmware/Configuration Diagnostics and Reports Secure Lantronix Network Web Access Internal Modem RPMs SD Card You cannot deny a user rights defined for the group, but you can add or remove all other rights at any time.
Page 325: Local And Remote User Settings
14: User Authentication Local and Remote User Settings The system administrator can configure the EMG to use local accounts and remote accounts to authenticate users. 1. Click the User Authentication tab and select the Local/Remote Users option. The following page displays. Figure 14-3 User Authentication >...
Page 326: Sysadmin Account Default Login Values
14: User Authentication Authenticate only Select the check box to authenticate users listed in the Remote Users list in the remote users who are lower part of the page. Disabled by default. in the remote users list Deny access to remote Select the check box to authenticate remote users whose LDAP group or users assigned to TACACS+ priv_lvl map to an EMG custom group, allow EMG access if matched.
Page 327: Adding, Editing Or Deleting A User
14: User Authentication result:Admin Password Unique to Device: enabled (or disabled). If that string is absent from the result or the result is set to “disabled”, it indicates that the device doesn’t support the device-unique sysadmin password. Note: It is recommended that you change the default password on initial setup. The password should be recorded and stored in a secure place accessible by at least two authorized system administrators.
Page 328: Figure 14-4 User Authentication > Local/Remote User Settings
14: User Authentication To add a user: 1. On the Users, click the Add/Edit User button. The User Authentication > Local/Remote User page displays. Authentication > Local/Remote User Settings Figure 14-4 User Authentication > Local/Remote User Settings 2. Enter the following information for the user: Login User ID of selected user.
Page 329 14: User Authentication Clear Port Buffers The device port buffers the users may clear using the set locallog command. Enter the port numbers or the range of port numbers. clear Enable for Dial-back Select to grant a local user dial-back access. Users with dial-back access can dial into the EMG unit and enter their login and password.
Page 330 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 331: Shortcut
14: User Authentication Shortcut To add a user based on an existing user: 1. Display the existing user on the page. The fields in User Authentication > Local/Remote Users the top part of the page display the current values for the user. 2.
Page 332: Nis
14: User Authentication The system administrator can configure the EMG to use NIS to authenticate users attempting to log in to the EMG unit through the Web, SSH, Telnet, or the console port. If NIS does not provide port permissions, you can use this page to grant device port access to users who are authenticated through NIS.
Page 333 14: User Authentication 2. Enter the following: Enable NIS Displays selected if you enabled this method on the Authentication Methods page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable NIS here or on the first User Authentication page. If you enable NIS here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 334: Nis Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 335: Ldap
14: User Authentication LDAP The system administrator can configure the EMG to use LDAP to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. LDAP allows EMG unit users to authenticate using a wide variety of LDAP servers, such as OpenLDAP and Microsoft Active Directory.
Page 336: Figure 14-6 User Authentication > Ldap
14: User Authentication Figure 14-6 User Authentication > LDAP EMG™ Edge Management Gateway User Guide...
Page 337 Attribute use to search for a name (ie, "msmith") or a Distinguished Name (ie, "uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as appropriate for the LDAP server. If nothing is specified for the group membership attribute, the EMG unit will use "memberUID" for name and "uniqueMember" for DN.
Page 338 14: User Authentication Encrypt Messages Select Start TLS or SSL to encrypt messages between the EMG unit and the LDAP server. If Start TLS is selected, the port will automatically be set to 389 and the StartTLS extension will be used to initiate a secure connection; if SSL is selected, the port will automatically be set to 636 and a SSL tunnel will be used for LDAP communication.
Page 339: Ldap Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., EMG, or SLC devices) on Network the local subnet. Date/Time Right to set the date and time.
Page 340: Radius
14: User Authentication RADIUS The system administrator can configure the EMG to use RADIUS to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. Users who are authenticated through RADIUS are granted device port access through the port permissions on this page.
Page 341 14: User Authentication 2. Enter the following: Enable RADIUS Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable RADIUS here or on the first User Authentication page. If you enable RADIUS here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 342 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 343: Radius Commands
14: User Authentication Right to enter modem settings for USB devices and control USB storage devices. SD Card Right to enter settings for SD card. Right to manage and control remote power managers. 5. Click the Apply button. RADIUS Commands Go to to view CLI commands which correspond to the web page entries RADIUS Commands...
Page 344 VENDOR Lantronix 244 BEGIN-VENDOR Lantronix ATTRIBUTE Lantronix-User-Attributes 1 string END-VENDOR Lantronix Once this is complete, the users file can be updated to include the Lantronix VSA for any user: myuser Auth-Type := Local, User-Password == "myuser_pwd" Reply-Message = "Hello, %u", Lantronix-User-Attributes = "data 1-4 listen 1-6 clear 1-4...
Page 345: Kerberos
14: User Authentication Kerberos Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography. The system administrator can configure the EMG to use Kerberos to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. Users who are authenticated through Kerberos are granted device port access through the port permissions on this page.
Page 346 14: User Authentication 2. Enter the following: Enable Kerberos Check box displays as checked if this method is enabled on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable Kerberos here or on the first User Authentication page.
Page 347: Kerberos Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g.,EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 348: Tacacs
14: User Authentication TACACS+ Similar to RADIUS, the main function of TACACS+ is to perform authentication for remote access. The EMG supports the TACACS+ protocol (not the older TACACS or XTACACS protocols). The system administrator can configure the EMG unit to use TACACS+ to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port.
Page 349: Figure 14-9 User Authentication > Tacacs
14: User Authentication To configure the EMG unit to use TACACS+ to authenticate users: 1. Click the TACACS+ tab and select TACACS+. The following page displays. Figure 14-9 User Authentication > TACACS+ EMG™ Edge Management Gateway User Guide...
Page 350 14: User Authentication 2. Enter the following: Enable TACACS+ Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. You can enable TACACS+ here or on the first User Authentication page. If you enable TACACS+ here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 351 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 352: Tacacs+ Commands
14: User Authentication Web Access Right to access Web-Manager. Diagnostics & Right to obtain diagnostic information and reports about the unit. Reports Ethernet Switch Right to view and enter settings for the managed Ethernet Switch. Firmware & Right to upgrade the firmware on the unit and save or restore a configuration (all Configuration settings).
Page 353: Groups
14: User Authentication Groups The EMG has 3 pre-defined groups: Administrators, Power Users, and Default Users. Custom groups can also be created; each custom group is a set of user attributes and permissions. Local Users and Remote Users defined on the EMG unit can be assigned to one of the pre-defined groups or a custom group.
Page 354: Figure 14-10 User Authentication > Groups
14: User Authentication Figure 14-10 User Authentication > Groups 2. Enter the following: Group Name Enter a name for the group. Listen Ports The ports users are able to monitor using the connect listen command. Data Ports The ports users are able to monitor and interact with using the connect direct command.
Page 355 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage Secure Lantronix units (e.g., EMG, or SLC units) on the Network local subnet. Date/Time Right to set the date and time.
Page 356: Group Commands
14: User Authentication To view or update a group: 1. In the Groups table, select the group and click the View Group button. The group attributes and permissions will be displayed in the lower section of the page. 2. Modify the group attributes and permissions and click the Edit Group button. To delete a group: 1.
Page 357: Ssh Keys
14: User Authentication SSH Keys Overview The EMG can import and export SSH keys to facilitate shared key authentication for all incoming and outgoing SSH connections. By using a public/private key pair, a user can access multiple hosts with a single passphrase, or, if a passphrase is not used, a user can access multiple hosts without entering a password.
Page 358 14: User Authentication The key's randomart image is: +---[RSA 3072]----+ ..++.o. o. .. oo o o+ooo |.+o.o.*oo o . |.oo= = .S= |. + = o . | o o + o |+ * ..E |+= *o .. +----[SHA256]-----+ It is recommended to use secure bit sizes (-b); for example, at least 2048 bits for RSA keys. The passphrase is optional, and will be used to encrypt the key.
Page 359: Figure 14-11 User Authentication > Ssh Keys
14: User Authentication To configure the EMG unit to use SSH keys to authenticate users: 1. From the main menu, select User Authentication - SSH Keys. The following page displays. Figure 14-11 User Authentication > SSH Keys EMG™ Edge Management Gateway User Guide...
Page 360: Imported Keys (Ssh In)
14: User Authentication 2. Enter the following information: Imported Keys (SSH In) Host & User Associated with Key These entries are required in the following cases: The imported key file does not contain the host that the user will be making an SSH ...
Page 361: Ssh Server/Host Keys
14: User Authentication Key Type Select either the RSA or the DSA encryption standard. RSA is the default. Number of Bits Select the number of bits in the key (1024, 2048, 3072, or 4096). The default is 2048. Passphrase / Retype Optionally, enter a passphrase associated with the key.
Page 362: Figure 14-12 Current Host Keys
14: User Authentication Figure 14-12 Current Host Keys 2. View or enter the following: Reset to Default Host Select the All Keys checkbox to reset all default key(s), or select one or more checkboxes to reset defaults for RSA, ECDSA, or ED25519 keys. All checkboxes are unselected by default.
Page 363: Ssh Commands
14: User Authentication From the drop-down list, select the type of host key to import. The default is Type RSA. Import via From the drop-down list, select the method of importing the host key (SCP or SFTP). The default is SCP. Public Key Filename Filename of the public host key.
Page 364: Custom Menus
14: User Authentication Custom Menus Users can have custom user menus as their command line interface, rather than the standard CLI command set. Each custom user menu can contain up to 50 commands ('logout' is always the last command). Instead of typing each command, the user enters the number associated with the command.
Page 365 14: User Authentication Note: To clear fields in the lower part of the page, click the Clear Custom Menu button. Menu Name Enter a name for the custom menu. Title Enter an optional title which will be displayed about the menu at the CLI. Nicknames Select to enable nicknames to be displayed in the menu instead of the commands.
Page 366: Custom User Menu Commands
14: User Authentication To view or update a custom menu: 1. In the Custom Menus table, select the custom menu and click the View Custom Menu button. The custom menu attributes appear in the lower part of the page. 2. Update the menu attributes following the instructions for adding a menu above. 3.
Page 367: 15: Maintenance
15: Maintenance The system administrator performs maintenance activities and operates the EMG using the options for the Maintenance tab and additional commands on the command line interface. Firmware & Configurations The Firmware & Configuration page allows the system administrator to: Configure the FTP, SFTP, or TFTP server that will be used to provide firmware updates and ...
Page 368: Creating A Certificate
15: Maintenance b. Option TFTP Server IP/150 and Boot Filename/67 - if both of these are received, they will be used, and all other DHCP options will be ignored. c. Option TFTP Server IP or Name/66 and Boot Filename/67 - if both of these are received, they will be used.
Page 369 15: Maintenance cd /root mkdir ztp-cert cd ztp-cert mkdir newcerts cp /etc/ssl/openssl.cnf . export OPENSSL_CONF=/root/ztp-cert/openssl.cnf b. Under the CA_default section in openssl.cnf, change the directory where everything is kept to ".": [ CA_default ] dir = . # Where everything is kept c.
Page 370: Https Push Configuration Restore
15: Maintenance openssl ca -days 365 -in server.csr -out server.crt -keyfile ca.key -policy policy_anything -batch -notext d. The server.key file and server.crt file output in these steps can be installed in the web server that will provide the ZTP configuration file. The certificate can be verified (e.g. view the root CA, algorithms, validity date and CN, etc) at anytime with the command: openssl x509 -noout -text -in server.crt 4.
Page 371: Factory Reset With External Storage Device
15: Maintenance #!/bin/bash url="https://myemg.company.com/ cfgupdate.htm?login=sysadmin&password=PASS&config=all&comment=Update myemg.company.com with default configuration" curl --insecure --request POST --form "file=@/home/users/admin/current- emgcfg.tgz" "$( echo $url | sed 's/ /%20/g' )" If an HTTPS Push Config command is accepted and initiated by the EMG, the EMG will respond with "Configuration restore initiated;...
Page 372: Figure 15-1 Maintenance > Firmware & Configurations
15: Maintenance To configure settings: 1. Click the Maintenance tab. The following page displays. Figure 15-1 Maintenance > Firmware & Configurations EMG™ Edge Management Gateway User Guide...
Page 373: Internal Temperature
Local Disk location with the name “before_MMDDYY_HHMM”. Firmware Filename The name of the firmware update file downloaded from the Lantronix web site. A key for validating the firmware file. The key is provided with the firmware file (32 hex characters).
Page 374: Boot Banks And Bootloader Settings
15: Maintenance From the drop-down list, select the method of loading the firmware. Options are Load Firmware Via FTP, SFTP, TFTP, HTTPS, NFS, USB, and SD Card. FTP is the default. If you select HTTPS, the Upload File link becomes active. Select the link to ...
Page 375: Load Firmware Via Options
15: Maintenance Load Firmware Via Options Note: Prior to firmware update, the current configuration is saved to the Local Disk location with the name "before_MMDDYY_HHMM". HTTPS Click Upload File to update the EMG firmware. NFS Mounted Dir Select the NFS mounted directory from the drop-down menu. USB Port Click to select USB port.
Page 376 15: Maintenance Configuration Name to If you selected to save or restore a configuration, enter a name for the Save to or Restore From configuration file (up to 12 characters). Location for Save, If you selected to save or restore a configuration, select one of the following Restore, or Manage options: Manage: This link allows you to view and delete all configurations saved to...
Page 377: Manage Files
15: Maintenance Figure 15-2 Network > Firmware/Config > Manage Manage Files The Manage Files web page allows you to view the firmware and configuration files saved to the selected location and rename, download or delete any of the files. This feature is available for the Local Disk, NFS Mounts, CIFS Share, USB, and SD card locations.
Page 378: System Logs
15: Maintenance System Logs page allows you to view various system logs. (See Maintenance > System Logs Chapter 8: Services for more information about system logs.) You can also clear logs on this page. To view system logs: 1. Click the Maintenance tab and select the System Logs option. The following page displays: Figure 15-3 Maintenance >...
Page 379: System Log Commands
All and the level Error, the EMG unit displays a log similar to this: Figure 15-4 View System Logs From a queried system log (e.g., Figure 15-4), you may email this information to a specific individual or to Lantronix Technical Support. See Emailing Logs and Reports. To clear system logs: 1. From the page, select Maintenance - System Logs.
Page 380: Audit Log
15: Maintenance Audit Log page displays a log of all actions that have changed the Maintenance > Audit Log configuration of the EMG. The audit log is disabled by default. Use the Services > SSH/Telnet/ page (Chapter 8: Services) to enable the audit log and to configure its maximum size. Logging Each entry in the log file contains a date/time stamp, user login, and the action performed by the user.
Page 381: Email Log
15: Maintenance Email Log page displays a log of all attempted emails. The log file can be Maintenance > Email Log cleared from here. The email log is saved through EMG reboots. 1. Click the Maintenance tab and select the Email Log option. The Email Log page appears. Figure 15-6 Maintenance >...
Page 382: Diagnostics
15: Maintenance Diagnostics page provides methods for diagnosing problems such as network Maintenance > Diagnostics connectivity and device port input/output problems. You can use equivalent commands on the command line interface. 1. Click the Maintenance tab and select the Diagnostics option. The following page displays: Figure 15-7 Maintenance >...
Page 383 15: Maintenance All to run them all): IPv4 ARP Table The IPv4 Address Resolution Protocol (ARP) table used to view the IP address-to- hardware address mapping. IPv6 Neighbor The IPv6 Neighbor table is used to view a list of neighbor's IPv6 addresses on the same Table network, and their corresponding MAC addresses.
Page 384 15: Maintenance iPerf Select to start an iPerf3 server or client to measure network throughput. The server will run in “one-off” mode. This means that it will handle one client connection and then terminate. The server will wait indefinitely for the client to connect. The client will time out if a connection is not made to a server within 15 seconds.
Page 385: Diagnostic Commands
15: Maintenance Figure 15-8 Diagnostics Output 4. To view a report, click the link for that report. 5. To email this report, follow the instructions in Emailing Logs and Reports. Diagnostic Commands Go to to view CLI commands which correspond to the web page entries Diagnostic Commands described above.
Page 386: View Report
15: Maintenance Figure 15-9 Maintenance > Status/Reports The top half of the page displays the status of each port, power supply, and the internal modem: Green indicates that the port connection or power supply is active and functioning correctly. Red indicates an error or failure or that the device is off. 2.
Page 387: Status Commands
15: Maintenance Figure 15-10 Generated Status/Reports 4. To email these report(s), follow the instructions in Emailing Logs and Reports. Status Commands Go to to view CLI commands which correspond to the web page entries Status Commands described above. EMG™ Edge Management Gateway User Guide...
Page 388: Emailing Logs And Reports
15: Maintenance Emailing Logs and Reports The following logs and reports can be directly emailed to a specific individual or to Lantronix Technical Support directly from the log page: System Log (Figure 15-4)  Audit Log (Figure 15-5)  Email Log...
Page 389: Figure 15-12 About Emg
15: Maintenance Figure 15-12 About EMG EMG™ Edge Management Gateway User Guide...
Page 390: Events
15: Maintenance Events On this page, you can define what action you want to take for events that Maintenance > Events may occur in the EMG unit. 1. Click the Maintenance tab and select the Events option. The following page displays: Figure 15-13 Maintenance >...
Page 391 15: Maintenance Outlet When the trigger is set to RPM Load over Threshold, select the outlet that will be monitored for a current that exceeds a defined threshold. The RPM needs to support providing a current level for the selected outlet as part of its status information.
Page 392: Events Commands
15: Maintenance Events Commands Go to to view CLI commands which correspond to the web page entries Events Commands described above. Banners page allows the system administrator to customize text messages Maintenance > Banners that display to users. To configure banner settings: 1.
Page 393: Administrative Banner Commands
The System Info page allows you to generate a ZIP file containing a comprehensive set of data that can analyzed or sent to Lantronix Tech Support. The ZIP file contains network information, current configuration, logs, port information, and internal diagnostic information.
Page 394 15: Maintenance Comment An optional comment describing the system info file being generated. Up to 80 characters can be entered. Password to encrypt An optional password that can be used to encrypt the ZIP file, and will be required ZIP file/ Retype to unpack the ZIP file.
Page 395: 16: Application Examples
16: Application Examples Each EMG has multiple serial ports and two network ports. Each serial port can be connected to the console port of an IT device. Using a network port (in-band) or a modem (out-of-band) for dial- up connection, an administrator can remotely access any of the connected IT devices using Telnet or SSH.
Page 396: Telnet/Ssh To A Remote Device
16: Application Examples Telnet/SSH to a Remote Device The following figure shows a Sun server connected to port 2 of the EMG. Figure 16-2 Remote User Connected to a SUN Server via the Console Manager In this example, the sysadmin would: 1.
Page 397 16: Application Examples NFS File Logging: disabled Directory to log to: <none> Max number of files: 10 Max size of files: 2048 2. Change the baud to 57600 and disable flow control: [EMG]> set deviceport port 2 baud 57600 flowcontrol none Device Port settings successfully updated.
Page 398: Dial-In (Text Mode) To A Remote Device
16: Application Examples Dial-in (Text Mode) to a Remote Device This example shows a phone line connection to the internal modem of the EMG, and a Sun server connected to a device port. You can configure the modem for text mode dial-in, so a remote user can dial into the modem using a terminal emulation program and access the Sun server.
Page 399 16: Application Examples 5. Connect to the SUN Unix server using the direct command. [EMG]> connect direct deviceport 2 SunOS 5.7 login: frank Password: Last login: Wed Jul 14 16:07:49 from computer Sun Microsystems Inc.SunOS 5.7Generic October 1998 SunOS computer 5.7 Generic_123485-05 sun4m sparc SUNW,SPARCstation-20 6.
Page 400: Local Serial Connection To Network Device Via Telnet
16: Application Examples Local Serial Connection to Network Device via Telnet This example shows a terminal device connected to an EMG device port, and a Sun server connected over the network to the EMG device. When a connection is established between the device port and an outbound Telnet session, users can access the Sun server as though they were directly connected to it.
Page 401 16: Application Examples Max number of files: 10 Max size of files: 2048 2. Change the serial settings to match the serial settings for the vt100 terminal - changes baud to 57600 and disables flow control: [EMG]> set deviceport port 2 baud 57600 flowcontrol none Device Port settings successfully updated.
Page 402: 17: Command Reference
17: Command Reference After an introduction to using commands, this chapter lists and describes all of the commands available on the EMG command line interface accessed through Telnet, SSH, or a serial connection. The commands are in alphabetical order by category. Introduction to Commands Following is some information about command syntax, command line help, and tips for using commands.
Page 403: Command Line Help
17: Command Reference Action Category connect bidirection|direct|forward|global|listen|restart|script| terminate|unidirection diag arp|arp6|internals|iperf|lookup|loopback|netstat|nettrace| perfstat|ping|ping6|sendpacket|speedtest|top|traceroute| traceroute6|usb|wlan banner|chip|clear|config|eeprom|events|feature|firmware|ftp admin |memory|quicksetup|reboot|shutdown|site|version|web Terminates CLI session. logout Command Line Help For general Help and to display the commands to which you have rights, type: help For general command line Help, type: help command line For release notes for the current firmware release, type: help release...
Page 404: Administrative Commands
17: Command Reference When the number of lines displayed by a command exceeds the size of the window (the  default is 25), the command output is halted until the user is ready to continue. To display the next line, press Enter, and to display the page, press the space bar. You can override the number of lines (or disable the feature altogether) with the set cli command.
Page 405 17: Command Reference Description Displays the welcome, SSH, login, and logout banners. admin banner ssh Syntax admin banner ssh <Banner Text> Description Configures the banner that displays prior to SSH authorization. admin banner welcome Syntax admin banner welcome <Banner Text> Description Configures the banner displayed before the user logs in.
Page 406 17: Command Reference admin config rename|delete Syntax admin config rename|delete <Config Name> location <local|nfs|cifs|usb|sdcard|intsd> [nfsdir <NFS Mounted Directory>] [usbport <U1>] Description Deletes or renames a configuration. admin config factorydefaults Syntax admin config factorydefaults [savesshkeys <enable|disable>] [savesslcert <enable|disable>][savescripts <enable|disable>] [preserveconfig <Config Params to Preserve>] <Config Params to Preserve>...
Page 407 17: Command Reference <Config Params to Preserve> is a comma-separated list of current configuration parameters to retain after the config restore or factorydefaults: Networking Services Date/Time Local Users Remote Authentication Device Ports USB Port/SD Card Power Outlet Description Restores a saved configuration to the EMG. admin config save Syntax admin config save <Config Name>...
Page 408 "01WFA" for WiFi FRU "01DMA" for DialUp Modem FRU Description Commands for EEPROM IDs. These commands should only be used under the direction of Lantronix Technical Support. Show/Update EEPROM ID of the attached FRU. EMG™ Edge Management Gateway User Guide...
Page 409 17: Command Reference Not all EMG models will have all slots. admin firmware bootbank Syntax admin firmware bootbank <1|2> Description Sets the boot bank to be used at the next EMG reboot. admin firmware bootcount Syntax admin firmware bootcount <0|1> Description Configures bootcount parameter that control how many times the EMG has failed to boot.
Page 410 17: Command Reference admin firmware highrestimers Syntax admin firmware highrestimers <enable|disable> Description Enables high resolution timers required for Performance Monitoring or disables high resolution timers (the default). Changing this setting requires a reboot in order for the change to take effect. admin firmware watchdog Syntax admin firmware watchdog <disable|180-1800 seconds>...
Page 411 17: Command Reference Description Updates EMG firmware to a new revision. You should be able to access the firmware file using the settings admin ftp show displays if FTP, TFTP or SFTP are used to load the firmware file. The EMG automatically reboots after successful update.
Page 412 17: Command Reference admin ftp show Syntax admin ftp show Description Displays FTP settings. admin memory show Syntax admin memory show Description Displays information about EMG memory usage. admin memory swap add Syntax admin memory swap add <Size of Swap in MB> usbport <U1> Description Creates a swap space from an external storage device.
Page 413: Admin Reboot
17: Command Reference admin reboot Syntax admin reboot Description Immediately terminates all connections and reboots the EMG. admin shutdown Syntax admin shutdown Description Prepares the EMG to be powered off. admin site Syntax admin site row <Data Center Rack Row Number> admin site cluster <Data Center Rack Group Number>...
Page 414 17: Command Reference ___Batch Script 'auto_sysinfo'________________ Group/Perms: Adm/ad,nt,sv,dt,lu,ra,um,dp,ub,rs,fc,dr,sn,wb,sk,do,sd, md,rp,di set cnt 5 while { $cnt >= 1 } { admin sysinfo save EMGsysinfo location usb auto enable sleep 60 set cnt [expr $cnt - 1] admin version Syntax admin version Description Displays current hardware and firmware information.
Page 415 17: Command Reference admin web certificate show Syntax admin web certificate show Description Displays the web server SSL certificate. admin web group Syntax admin web group <Local or Remote Group Name> Description Configures the group that can access the web. admin web server Syntax admin web server <enable|disable>...
Page 416 17: Command Reference admin web terminate Syntax admin web terminate <Session ID> Description Terminates a web session. admin web show Syntax admin web show [viewcipherlist <enable|disable>] [viewslmsessions <enable|disable>] Description Displays the current sessions, with optional extra sessions or current ciphers. admin web banner Syntax admin web banner...
Page 417 Enables or disables TLS v1.2. admin web restart Syntax admin web restart Description Restarts the web server. Warning: The following admin chip commands should only be used under the direction of Lantronix Technical Support. EMG™ Edge Management Gateway User Guide...
Page 418: Audit Log Commands
17: Command Reference admin chip resetmodem Description Resets the internal modem chip in key system chips. Syntax admin chip resetmodem admin chip reseti2cmux Description Resets the I2C Mux chip in key system chips. Syntax admin chip reseti2cmux admin chip resetsfp ethport <1|2> Description Resets the SFP chip in key system chips.
Page 419: Authentication Commands
17: Command Reference show auditlog clear Syntax show auditlog clear Description Clears the auditlogs Authentication Commands set auth Syntax set auth <one or more parameters> Parameters authusenextmethod <enable|disable> kerberos <1-6> ldap <1-6> localusers <1-6> nis <1-6> radius <1-6> tacacs+ <1-6> Description Sets ordering of authentication methods.
Page 420: Kerberos Commands
17: Command Reference Description Displays attributes of the currently logged in user. Kerberos Commands set kerberos Syntax set kerberos <one or more parameters> Parameters allowdialback <enable|disable> clearports <Port List> custommenu <Menu Name> dataports <Port List> dialbacknumber <Phone Number> breakseq <1-10 Chars> escapeseq <1-10 Chars>...
Page 421: Ldap Commands
17: Command Reference LDAP Commands set ldap Syntax set ldap <one or more parameters> Parameters state <enable|disable> server1 <IP Address or Name> server2 <IP Address or Name> port <TCP Port> base <LDAP Base> bindname <Bind Name> bindwithlogin <enable|disable> useldapschema <enable|disable> adsupport <enable|disable>...
Page 422: Local Users Commands
17: Command Reference set ldap certificate import Description To upload X.509/PEM certificate for Start TLS encrypted connections: Syntax set ldap certificate import via <sftp|scp> rootfile <Cert Auth File> certfile <Certificate File> keyfile <Key File> host <IP Address or Name> login <User Login> [path <Path to Files>] set ldap certificate delete Description To delete an LDAP certificate.
Page 423 17: Command Reference Parameters allowdialback <enable|disable> breakseq <1-10 Chars> changenextlogin <enable|disable> changepassword <enable|disable> clearports <Port List> dataports <Port List> dialbacknumber <Phone Number> displaymenu <enable|disable> escapeseq <1-10 Chars> listenports <Port List> custommenu <Menu Name> uid <User Identifier> group <default|power|admin|Custom Group Name> passwordexpires <enable|disable>...
Page 424 17: Command Reference Description Deletes a local user. set localusers lifetime Syntax set localusers lifetime <Number of Days> Description Sets the number of days the login password may be used. The default is 90 days. set localusers maxloginattempts Syntax set localusers maxloginattempts <Number of Logins> Description Sets the maximum number of login attempts before the account is locked.
Page 425 17: Command Reference Description Sets the number of days the system warns the user that the password will be expiring. The default is 7 days. set localusers reusehistory Syntax set localusers reusehistory <Number of Passwords> Description Sets the number of passwords the user must use before reusing an old password. The default is 4. set localusers multipleadminlogins Syntax set localusers multipleadminlogins <enable|disable>...
Page 426: Nis Commands
17: Command Reference Description Displays local users. NIS Commands set nis Syntax set nis <one or more parameters> Parameters allowdialback <enable|disable> broadcast <enable|disable> clearports <Port List> custommenu <Menu Name> dialbacknumber <Phone Number> dataports <Port List> domain <NIS Domain Name> breakseq <1-10 Chars> escapeseq <1-10 Chars>...
Page 427: Radius Commands
17: Command Reference RADIUS Commands set radius Syntax set radius <one or more parameters> Parameters state <enable|disable> allowdialback <enable|disable> clearports <Port List> custommenu <Menu Name> dataports <Port List> dialbacknumber <Phone Number> breakseq <1-10 Chars> escapeseq <1-10 Chars> group <default|power|admin> listenports <Port List> permissions <Permission List>...
Page 428: Show Radius
17: Command Reference show radius Syntax show radius Description Displays RADIUS settings. TACACS+ Commands set tacacs+ Syntax set tacacs+ <one or more parameters> Parameters state <enable|disable> server1 <IP Address or Name> server2 <IP Address or Name> server3 <IP Address or Name> port <TCP Port>...
Page 429 17: Command Reference set tacacs+ secret Syntax set tacacs+ secret Description Set the TACACS+ secret (any extra parameters will be ignored). show tacacs+ Syntax show tacacs+ Description Displays TACACS+ settings. EMG™ Edge Management Gateway User Guide...
Page 430: User Permissions Commands
17: Command Reference User Permissions Commands Syntax help user permissions Synopsis User Permissions Each user is a member of a group (Default Users, Power Users, Administrators), and has a set of user rights associated with the group. Additional user rights which are not defined by their group may also be granted to them using the 'permissions' parameter.
Page 431: Set Permissions
17: Command Reference set localusers lock Syntax set localusers lock <User Login> Description Blocks (locks) a user's ability to login. set localusers unlock Syntax set local users unlock <User Login> Description Allows (unlocks) a user's ability to login. set localusers permissions Syntax set localusers add|edit <user>...
Page 432: Remote User Commands
17: Command Reference Description Displays the rights of the currently logged-in user. Remote User Commands set remoteusers add|edit Syntax set remoteusers add|edit <User Login> [<parameters>] Parameters dataports <Port List> breakseq <1-10 Chars> escapeseq <1-10 Chars> listenports <Port List> clearports <Port List> custommenu <Menu Name>...
Page 433: Set Group
17: Command Reference set remoteusers denyaccessnocustomgroup Syntax set remoteusers denyaccessnocustomgroup <enable|disable> Description Access to authenticated remote users whose LDAP group or TACACS+ priv_lvl map to a EMG custom group. set remoteusers lock|unlock Syntax set remoteusers lock|unlock <User Login> Description Allow (unlock) or block (lock) a user's ability to login. set remoteusers delete Syntax set remoteusers delete <User Login>...
Page 434: Access List Commands
17: Command Reference Access List Commands set accesslist add/edit Syntax set accesslist add|edit <Access List Name> [<parameters>] Parameters name <New Access List Name> response <hangup|ignore> Description Configure an access list of phone numbers to be granted access for modem dial-in connections.
Page 435: Cellular Modem Commands
17: Command Reference Cellular Modem Commands set cellular Syntax set cellular <parameters> set cellular simpin set cellular factoryreset set cellular reboot set cellular cellpass set cellular atcmd <AT Command> Parameters state <dhcp|disable> apn <APN of Mobile Carrier> apnauto <enable|disable> preferrednet <AUTO|4G|3G> roam <enable|disable>...
Page 436: Percepxion Commands
17: Command Reference set cellular fota Syntax set cellular fota <enable|disable> Description Enable FOTA (Firmware Over The Air) mode on the EMG. It is recommended to limit other activity on the EMG while the firmware update is performed. To enable FOTA mode on the EMG, run the 'set cellular fota enable' command.
Page 437 17: Command Reference set px statusinterval Syntax set px statusinterval <1-60 minutes> fwconfiginterval <1-72 hours> Description Set interval between status updates, and firmware and configuration checks. set px fwupdate Syntax set px fwupdate <enable|disable> configupdate <enable|disable> Description Enable or disable firmware and configuration updates via Percepxion. set px rebootafterupdate Syntax set px rebootafterupdate <enable|disable>...
Page 438 17: Command Reference set px connection Syntax set px connection <cloud|onpremise> [<one or more parameters>] Parameters host <IP Address or Name> port <TCP Port> secureport <enable|disable> validatecerts <enable|disable> mqttstate <enable|disable> Description Configure Percepxion Cloud or On-Premise settings. set px devicename Syntax set px devicename <Device Name>...
Page 439 17: Command Reference set px id Syntax set px id Description Set the device ID. set px key Syntax set px key Description Set the Percepxion key set px useproxy Syntax set px useproxy <enable|disable> [<one or more parameters>] Parameters proxytype <socks5|http>...
Page 440: Cli Commands
17: Command Reference Description Clear the Firmware/Config update log. show px Syntax show px show px status show px perfmon show px scripts show px probes Description Show Percepxion settings show px connecttest Syntax show px connecttest Description Test connection to Percepxion server (with proxy settings if configured). CLI Commands set cli scscommands Syntax...
Page 441 17: Command Reference set cli terminallines Syntax set cli terminallines <enable|disable> Description Sets the number of lines in the terminal emulation (screen) for paging through text one screenful at a time, if the EMG cannot detect the size of the terminal automatically. set cli allusers Syntax set cli allusers <enable|disable>...
Page 442: Set History
17: Command Reference Description Displays attributes of the currently logged in user. set history Syntax set history clear Description Clears the commands that have been entered during the command line interface session. show history Syntax show history Description Displays the last 100 commands entered during the session. Connection Commands connect bidirection Syntax...
Page 443 17: Command Reference If the trigger is datetime (establish connection at a specified date/time), enter the date parameter. If the trigger is chars (establish connection on receipt of a specified number or characters or a character sequence), enter the charxfer parameter and either the charcount or the charseq parameter.
Page 444 17: Command Reference connect global outgoingtimeout Syntax connect global outgoingtimeout <disable|1-9999 seconds> Description Sets the amount of time the EMG will wait for a response (sign of life) from an SSH/Telnet server that it is trying to connect to. Note: This is not a TCP timeout.
Page 445: Show Connections
17: Command Reference connect unidirection Syntax connect unidirection <Device Port # or Name> dataflow <toendpointfromendpoint> <endpoint> <one or more parameters> <endpoint> is one of: deviceport <Port # or Name> telnet <IP Address or Name> [port <TCP Port] ssh <IP Address or Name> [port <TCP Port][<SSH flags>] tcp <IP Address>...
Page 446: Console Port Commands
17: Command Reference show connections connid Syntax show connections connid <Connection ID> [email <Email Address>] Description Displays details for a single connection. You can optionally email the displayed information. Console Port Commands set consoleport Syntax set consoleport <one or more parameters> Parameters access <enable|disable>...
Page 447 17: Command Reference Maximum of 50 commands per custom user menu (logout is always the last command).  Maximum of 15 characters for menu names.  Maximum of five nested menus can be called.  No syntax checking. (Enter each command correctly.) ...
Page 448: Email Commands
17: Command Reference Description Deletes a custom user menu or one command within a custom user menu. set <nis|ldap|radius|kerberos|tacacs+> custommenu Syntax set <nis|ldap|radius|kerberos|tacacs> custommenu <Menu Name> Description Assigns a custom menu to users who authenticate via NIS, LDAP, Radius, Kerberos, or TACACS+.
Page 449: Date And Time Commands
17: Command Reference show emaillog clear Syntax show emaillog clear Description Clears the email log. show emaillog smtplog Syntax show emaillog smtplog Description Displays the SMTP log along with SMTP protocol details. show emaillog smtplog clear Syntax show emaillog smtplog clear Description Clears the SMTP log.
Page 450: Show Datetime
17: Command Reference show datetime Syntax show datetime Description Displays the local date, time, and time zone. set ntp Syntax set ntp <one or more parameters> Parameters state <enable|disable> sync <broadcast|poll> poll <local|public> localserver1 <IP Address or Hostname> localserver2 <IP Address or Hostname> localserver3 <IP Address or Hostname>...
Page 451: Device Commands
17: Command Reference Device Commands set command Syntax set command <Device Port # or Name or List> <one or more parameters> Parameters sensorsoft lowtemp <Low Temperature> Sets the lowest temperature permitted for the port. sensorsoft hightemp <High Temperature> Sets the hightest temperature permitted for the port. sensorsoft lowhumidity <Low Humidity %>...
Page 452: Device Port Commands
17: Command Reference Device Port Commands set deviceport global Syntax set deviceport global <one or more parameters> Parameters sshport <TCP Port> telnetport <TCP Port> tcpport <TCP Port> autorefreshcounters <enable|disable> Description Configures settings for all or a group of device ports. set deviceport port Description Sets the dialout password.
Page 453 17: Command Reference detecttokens <Name Detection Tokens> dialbackdelay <PPP Dial-back Delay> dialbacknumber <usernumber|Phone Number> dialbackretries <1-10> dialinlist <Host List for Dial-in> dialoutlogin <Remote User Login> dialoutnumber <Phone Number> dodauth <pap|chap> dodchaphost <CHAP Host or User Name> dtrcontrol <none|toggledtr|autodtr> emailsubj <Email Subject> emailto <Email Address>...
Page 454 17: Command Reference sshdatadir <netin|netout|both> sshin <enable|disable> sshport <TCP Port> sshtimeout <disable|1-3600 seconds> stopbits <1|2> sysloglogging <enable|disable> tcpauth <enable|disable> tcpdatadir <netin|netout|both> tcpin <enable|disable> tcpport <TCP Port> tcptimeout <disable|1-3600 seconds> telnetauth <enable|disable> telnetdatadir <netin|netout|both> telnetin <enable|disable> telnetport <TCP Port> telnetsoftiac <enable|disable> telnettimeout <disable|1-3600 sec>...
Page 455: Show Portcounters
17: Command Reference prepended with 'AT' and include 'E1 V1 x4 Q0' so that the EMG may properly control the modem. show deviceport global Syntax show deviceport global Description Displays global settings for device ports. show deviceport names Syntax show deviceport names Description Displays a list of all device port names.
Page 456: Show Portstatus
17: Command Reference Description Displays device port statistics and errors for all ports, or for a single port, or a list of ports. Note: The output can optionally be emailed. A comma-separated Device Port lists (or ‘All’) can be used to specify a group of Device Ports (i.e., ‘1-4,8’). show portcounters zerocounters Syntax show portcounters zerocounters <Device Port List or Name>...
Page 457: Dio Commands
17: Command Reference relayserverip2 <DHCP Server IP Address> Description Configure the DHCP settings for the Ethernet Switch. show dhcp Syntax show dhcp Description Displays DHCP settings for the Ethernet switch show dhcp display clients Syntax show dhcp display clients Description Displays DHCP active client list DIO Commands Digital Input/Output Port Command Synopsis...
Page 458: Diagnostic Commands
17: Command Reference Parameters name <DIO Port Name> wakeup <on|off> state <on|off> normalstate <on|off> latch <enable|disable> Description Configure the DIO relay/output port on the front of the EMG: show dio Diagnostic Commands diag arp Syntax diag arp|arp6 [email <Email Address>] Description Displays the Address Resolution Protocol table (for IPv4) or the Neighbor table (for IPv6) for mapping IP Addresses to hardware addresses.
Page 459 17: Command Reference Options iPerf Options (enclose all options in quotes): Set server port to listen on/connect to (default 5201): -p, --port n Format to report: -f, --format [kmgtKMGT] Pause n seconds between reports: -i, --interval n Bind to a host, an interface or multicast address -B, --bind <host>...
Page 460 17: Command Reference Parameters test <internal|external> xferdatasize <Size In Kbytes to Transfer> Defaults: test=external, xferdatasize=1K Description Tests a device port by transmitting data out the port and verifying that it is received correctly.A special loopback cable comes with the EMG to test a device port..Plug the cable into the device port and run this command.
Page 461 17: Command Reference Description Display performance statistics for an Ethernet Port or Device Port, averaged over the last 5 seconds. Must specify an Ethernet Port or Device Port. diag ping|ping6 Syntax diag ping|ping6 <IP Address or Name> [<parameters>] Parameters count <Number Of Times To Ping> packetsize <Size In Bytes>...
Page 462 17: Command Reference Description Runs a network performance test over the default gateway to speedtest.net and outputs the results (speedtest.net must be reachable in order to perform the test). This tool is useful for testing performance of various network configurations, including performance of a cellular connection. diag top Syntax diag top [parameters]...
Page 463 17: Command Reference Parameters treedisplay <enable|disable> mapdevice <enable|disable> email <Email Address> Defaults: treedisplay=enable Description To display information about USB buses and the devices connected to them, including the mapping between a USB device and the EMG port. For "mapdevice enable", the port numbers will displayed at the end of the line in square brackets.
Page 464: Events Commands
17: Command Reference Events Commands admin events add Syntax admin events add <trigger> <response> <trigger> is one of: dpdatadrop, humidlimit, nomodemdial, pingfails, receivetrap, dioportchange, dioportabnormal, rpmload, or templimit. <response> is one of: action syslog action emailalert emailaddress <destination email address> action snmptrap nms <SNMP NMS>...
Page 465: Groups Commands
17: Command Reference Description Edits event definitions. admin events show Syntax admin events show Description Displays event definitions. Groups Commands set groups add|edit <Group Name> [<parameters>] Syntax set groups add|edit <Group Name> [<parameters>] Parameters dataports <Port List> listenports <Port List> clearports <Port List>...
Page 466: Host List Commands
17: Command Reference Host List Commands set hostlist add|edit <Host List Name> Syntax set hostlist add|edit <Host List Name> [<parameters>] Parameters name <Host List Name> (edit only) retrycount <1-10> Default: retrycount=3, auth=enable. auth <enable|disable> Description Configures a prioritized list of hosts to be used for modem dial-in connections. set hostlist add|edit <Host List Name>...
Page 467: Internal Modem Commands
17: Command Reference set hostlist delete Syntax set hostlist delete <Host List> [entry <Host Number>] Description Deletes a host list, or a single host entry from a host list. show hostlist Syntax show hostlist <all|names|Host List Name> Description Displays the members of a host list. Internal Modem Commands Configure the internal modem: set intmodem <parameters>...
Page 468: Ip Filter Commands
17: Command Reference Display settings for the internal modem: show intmodem IP Filter Commands set ipfilter state Syntax set ipfilter state <enable|disable> [testtimer <disable|1-120 minutes>] Description Enables or disables IP filtering for incoming network traffic. set ipfilter mapping Syntax set ipfilter mapping <parameters> Parameters ethernet <1|2|cell|wlan|ap|bond0>...
Page 469: Show Ipfilter
17: Command Reference insert <Rule Number> replace <Rule Number> delete <Rule Number> Description Sets IP filter rules. A maximum of 256 rules can be created for each ruleset. set ipfilter delete Syntax set ipfilter delete all Description Deletes all rulesets and mappings. show ipfilter Syntax show ipfilter...
Page 470 17: Command Reference nfslogging <enable|disable> nfsmaxfiles <Max # of Files> nfsmaxsize <Size in Bytes> poweraction <on|off|cycle> powersupply <Managed Power Supply Name> sendstring <String to Send|QUOTEDSTRING> tokenaction <List of none,log,trap,email,string,power> tokendatadetect <enable|disable> tokenstring <Regex String> tokentrigger <bytecnt|charstr> usblogging <enable|disable> usbmaxfiles <Max # of Files> usbmaxsize <Size in Bytes>...
Page 471 17: Command Reference The locallog commands can only be executed for a device port if local logging is enabled for the port. The set locallog clear command can only be executed if the user has permission to clear port buffers (see Chapter 14: User Authentication).
Page 472: Network Commands
17: Command Reference Parameters display <head|tail> numlines <Number of Lines> bytes <Bytes to Display> startbyte <Byte Index> logfile <NFS, USB or SD card Log File> Defaults: bytes=1000, startbyte=1, numlines=40 Description View the log for local, NFS, USB, or SD Card logging (NFS and USB/SD Card use the current logging settings for the Device Port).
Page 473 17: Command Reference Description Configure Ethernet bonding. set network dns Syntax set network dns <1-10> ipaddr <IP Address> Description Configures up to 10 DNS servers. set network dnsipv4prec Syntax set network dnsipv4prec <enable|disable> set network dnssrcipaddr <none|veth1|veth2> Description Configures IPv4/IPv6 lookup precedence. set network dnssrcipaddr Syntax set network dnssrcipaddr <none|eth1|eth2|veth1|veth2>...
Page 474 17: Command Reference Parameters default <IP Address> ipv6default <IPv6 Address> precedence <dhcp|default|wlan> failover <IP Address> pingip <IP Address> ethport <1|2> failoverport <eth2|cell|cell|wlan|intmodem> pingdelay <1-250 seconds> failedpings <1-250> faildevice <none|hspa|sierra> faildevapn <Fail-over Device: APN of Mobile Carrier> faildevlockpin <enable|disable> faildevlogin <Fail-over Device: Admin Login(Default HSPA+:admin, Sierra:user)>...
Page 475 17: Command Reference Description Reboot the fail-over device, or set the fail-over device SIM Card PIN #, SIM Personal Unblocking Key or Admin Password (any extra parameters are ignored). set network host Syntax set network host <Hostname> [domain <Domain Name>] Description Sets the EMG host name and domain name.
Page 476 17: Command Reference Description Displays DNS settings. show network gateway Syntax show network gateway Description Displays gateway settings. show network host Syntax show network host Description Displays the network host name of the EMG. show network port Syntax show network port <1|2> Description Displays Ethernet port settings and counters.
Page 477: Nfs And Smb/Cifs Commands
17: Command Reference show network ipv6 Syntax show network ipv6 Description Displays all ipv6 settings. show network sfp Syntax show network sfp Description Displays network port 1 and port 2 SFP diagnostics. show network all Syntax show network all Description Displays all network settings.
Page 478 17: Command Reference set nfs unmount Syntax set nfs unmount <1|2|3> Description Unmounts a remote NFS share. set cifs Syntax set cifs <one or more parameters> Parameters eth1 <enable|disable> eth2 <enable|disable> state <enable|disable> workgroup <Windows workgroup> Description Configures the SMB/CIFS share, which contains the system and device port logs. The admin config command saves EMG configurations on the SMB/CIFS share.
Page 479: Performance Monitoring Commands
17: Command Reference Description Displays NFS share settings. Performance Monitoring Commands show perfmon Syntax show perfmon [probe <all|Probe Id or Name>] Description Display global settings and all probes, or a selected probe. show perfmon status Syntax show perfmon status [probe <Probe Id or Name>] Description Display the running status of all probes or a selected probe.
Page 480 17: Command Reference show perfmon accumulated Syntax show perfmon accumulated <Probe Id or Name> [set <Operation Set Number>] [email <Email Address>] Description Display accumulated statistics for last completed operation set or selected set, and optionally email the statistics. set perfmon repo Syntax set perfmon repo <local|usb|sdcard>...
Page 481 17: Command Reference set perfmon tcpconnectresp Syntax set perfmon tcpconnectresp <TCP Port Number|disable> Description Enable responders for TCP connect. set perfmon add Syntax set perfmon add <Probe Name> type <dns|http|icmp|tcpconnect|udpecho|udpjitter|udpjittervoip> Parameters name <Probe Name> starttime <now|HH:MM[:SS][MMDD]|afterHH:MM:SS> operations <Number of Operations to Perform> frequency <Seconds between Operations>...
Page 482: Power Commands
17: Command Reference packets <Number of Packets to Send> interval <Milliseconds between Packets> timeout <Milliseconds to Wait for Response> host <Destination IP Address or Name> port <Destination Port> precision <milli|micro> datasize <Payload Data Size in Bytes> verifydata <enable|disable> codec <g729a|g711alaw|g711mulaw> tos <none|Type of Service>...
Page 483: Routing Commands
17: Command Reference description <Outlet Description> state <on|off> wakeup <on|off|laststate> reboot Description Configure and control power outlets on an integrated PDU. show power Syntax show power [outlet <Outlet # or Name>] [pduinfo <devicestatus|networkstatus|inletstatus| userlogs|eventlogs>] Description Show power settings Routing Commands set routing Syntax set routing [parameters]...
Page 484: Rpm Commands
17: Command Reference Description Sets the routing table to display IP addresses (disable) or the corresponding host names (enable). You can optionally email the displayed information. RPM Commands set rpm add Syntax set rpm add <RPM Name> Description Adds an RPM to be managed (prompts will guide selection of RPM vendor and model). set RPM command Syntax set rpm command <RPM Id or Name>...
Page 485 17: Command Reference Description Deletes an RPM. set rpm driver Syntax set rpm driver <RPM Id or Name> action restart set rpm driver <RPM Id or Name> action debug [level <1|2|3>] set rpm driver <RPM Id or Name> action show set rpm driver <RPM Id or Name>...
Page 486: Script Commands
17: Command Reference set rpm password Syntax set rpm password <RPM Id or Name> Description Set RPM administrative password. show RPM Syntax show rpm [type <ups|pdu>] [config <sdorder|notify>] [device <RPM Name or Id> [data <raw|logs|envmon>]] Note: The show rpm envmon command for RPM-configured ServerTech Serial/Network Mode is not supported by NUT/Powerman.
Page 487 17: Command Reference set script update Syntax set script update <interface|batch|custom> name <Script Name> [group <default|power|admin>] [permissions <Permission List>] Note: See 'help user permissions' for information on groups and user rights. Description Update a script. set script rename Syntax set script rename <interface|batch|custom> name <Script Name> newname <New Script Name>...
Page 488: Show Script
17: Command Reference connect script Syntax connect script <Script Name> deviceport <Device Port # or Name> [parameters <Command Line Parameters>] [debug <enable|disable>] Description Connect an interface or custom script to a Device Port and run it one time (script output will be displayed in the current terminal;...
Page 489: Sd Card Commands
17: Command Reference Description Display list of completed results for a custom script. show script results show script results <Script Name> [set <all|Operation Set Number>] [display <head|tail>] [numlines <Number of Lines>] [email <Email Address>] Description Display the results for the last completed custom script operation or a selected operation, and optionally email the results.
Page 490: Services Commands
17: Command Reference Services Commands set services Syntax set services <one or more services parameters> Parameters netlog <off|error|warning|info|debug> ssh <enable|disable> servlog <off|error|warning|info|debug> webssh <enable|disable> authlog <off|error|warning|info|debug> timeoutssh <disable|1-30 minutes> devlog <off|error|warning|info|debug> sshdatadir <netin|netout|both> diaglog <off|error|warning|info|debug> portssh <TCP Port> genlog <off|error|warning|info|debug> sha2 <enable|disable>...
Page 491: Show Services
17: Command Reference Description Sets SMTP password. set services testemail Syntax set services testemail <Email Address> [comment <Comment>] Description Allows you to validate the SMTP server configuration by proving a test email. show services Syntax show services Description Displays current service settings. Syntax show services [viewcipherlist <enable|disable>] Description...
Page 492: Slc Network Commands
17: Command Reference enable 'usesites'. Sites can be used with the following modem states: dialin, dialback, cbcpserver, dialondemand, dialin+ondemand, and dialback+ondemand. set site add|edit Syntax set site add|edit <Site Name> [<parameters>] Parameters name <Site Name> (edit only) deviceport <Device Port # or Name or none> dialoutnumber <Phone Number> usbport <U1>...
Page 493: Snmp Commands
17: Command Reference show slcnetwork Syntax show slcnetwork [ipaddrlist <all|IP Address Mask>][format <csv|nopad>] Description Detects and displays all EMG or user defined IP addresses on the local network. Without the ipaddrlist parameter, the command searches the local network. With the ipaddrlist parameter, the command displays a sorted list of all IP addresses or displays the IP addresses that match the mask (for example, 172.19.255.255 would display all IP addresses that start with 172.19).
Page 494 17: Command Reference set snmp v3password Syntax set snmp v3password|v3phrase|v3rwpassword|v3rwphrase|v3trappassword| v3trapphrase Description Set SNMP v3 read-only, read-write and trap password/passphrase: set snmp trapenable Syntax set snmp trapenable <prompt|Comma Separated List of Trap Numbers> Description Defines the set of SNMP traps that are sent by the EMG (see online help or SNMP web page for supported traps).
Page 495: Ssh Key Commands
17: Command Reference set snmp certificate attributes Syntax set snmp certificate attributes fingerprint <Client Certificate SHA1 or SHA256 Fingerprint> mapfield <username|email|fqdn|ipaddr|commonname|any> token <Field String> Description Sets SNMP certificate attributes. set snmp certificate show Syntax set snmp certificate show Description Displays SNMP certificate. show snmp Syntax show snmp...
Page 496 17: Command Reference Note: the key file may contain multiple keys; in this case the keyuser and keyhost will be ignored. set sshkey export Syntax set sshkey export <ftp|sftp|scp|copypaste> keyuser <SSH Key User> keyname <SSH Key Name> [bits <1024|2048|3072|4096>] [host <IP Address or Name>] [login <User Login>] [path <Path to Copy Key>] [format <openssh|secsh>] Description Create and export an sshkey.
Page 497 17: Command Reference Parameters [keyhost <SSH Key IP Address or Name>] [keyuser <SSH Key User>] [viewkey <enable|disable>] Description Displays all keys that have been imported or keys for a specific user, IP address, or name. show sshkey export Syntax show sshkey export <one or more parameters> Parameters [keyname <SSH Key Name>] [keyuser <SSH Key User>]...
Page 498: Status Commands
17: Command Reference set sshkey server remove Syntax set sshkey server remove Description Remove all host keys; they will be regenerated after EMG reboot. show sshkey server Syntax show sshkey server [type <all|rsa|ecdsa|ed25519>] Description Displays host keys (public key only). Status Commands show connections Syntax...
Page 499: Switch Commands
17: Command Reference show portcounters Syntax show portcounters [deviceport <Device Port List or Name>] [email <Email Address>] Description Generates a device port statistics report for one or more ports. Optionally emails the displayed information. show portstatus Syntax show portstatus [deviceport <Device Port List or Name>] [email <Email Address>] Description Displays device port modes and states for one or more ports.
Page 500 17: Command Reference Parameters name <Switch or Port name> state <enable|disable> mode <auto|10mbit-half|100mbit-half|10mbit-full| 100mbit-full|1000mbit-full> mdix <auto|manualmdi|manualmdix> Description Configure ports on the Ethernet switch. set switch internal Syntax set switch internal <enable|disable> Description Enable or disable the internal Ethernet port. Note: To set the switch IP address and netmask, see the ‘set dhcp’...
Page 501: Show Switch
17: Command Reference Description Display status of the Ethernet switch VLANs show switch Syntax show switch [port <Port # or Name>] [display <status|statistics|all>] Description Display status of the Ethernet switch or individual ports show switch ipaddr Syntax show switch ipaddr Description Display (scan for) IP addresses accessible via the Ethernet switch show switch macaddr...
Page 502: System Log Commands
17: Command Reference System Log Commands show syslog Syntax show syslog [<parameters>] Parameters log <all|netlog|servlog|authlog|devlog|diaglog|genlog> level <error|warning|info|debug> display <head|tail> [numlines <Number of Lines>] starttime <MMDDYYhhmm[ss]> endtime <MMDDYYhhmm[ss]> email <Email Address> Defaults: log=all, level=error, numlines=40 Description Displays the system logs containing information and error messages. Note: The level, display, and time parameters cannot be used simultaneously.
Page 503: Usb Device Commands
17: Command Reference USB Device Commands show usb devices Syntax show usb devices Description Displays all usb devices with the port each device is connected to. diag usb Syntax diag usb [<parameters>] Parameters treedisplay <enable|disable> mapdevice <enable|disable> email <Email Address> Defaults: treedisplay=enable Description Displays information about USB buses and the devices connected to them, including the mapping...
Page 504: Usb Storage Commands
17: Command Reference tcpport <TCP Port> tcpauth <enable|disable> Note: the maximum number of simultaneous connections to a USB device is Description Configures a serial device connected to a USB port. show usb serial Syntax show usb serial Description Display product information and settings for any USB serial device. USB Storage Commands set usb storage dir Syntax...
Page 505 17: Command Reference set usb storage mount Syntax set usb storage mount <U1> Description Mounts a USB flash drive in the EMG for use as a storage device. The USB flash drive must be formatted with an ext2 or FAT file system before you mount it. set usb storage unmount Syntax set usb storage unmount <U1>...
Page 506: Usb Modem Commands
17: Command Reference show usb storage Description Display product information and settings for any USB thumb drive. Syntax show usb storage show usb Description Display currently attached USB devices with product information and settings. Syntax show usb show usb modem Description Display product information and settings for any USB modem: Syntax...
Page 507 17: Command Reference calleridlogging <enable|disable> cbcpnocallback <enable|disable> cbcptype <admin|user> chapauth <chaphost|localusers> chaphost <CHAP Host or User Name> checkdialtone <disable|5-600 minutes> databits <7|8> dialbackdelay <PPP Dialback Delay> dialbacknumber <usernumber|Phone Number> dialbackretries <1-10> dialinlist <Host List for Dial-in> dialoutlogin <Remote User Login> dialoutnumber <Phone Number>...
Page 508: Virtual Interface Commands
17: Command Reference show usb modem Syntax show usb modem Description Display product information and settings for any USB modem. Virtual Interface Commands set virtual Syntax set virtual port <1|2> <parameters> Parameters state <enable|disable> ipaddr <IP Address> mask <Mask> ipv6addr <IPv6 Address/Prefix> Note: It is highly recommended that an IP address/subnet for VEth1 and VEth2 be different than the IP address/subnet for Eth1 and Eth2.
Page 509: Vpn Commands
17: Command Reference VPN Commands set vpn Syntax set vpn <parameters> Description Configures setting for an IPsec VPN tunnel. Parameters tunnel <enable|disable> name <VPN Tunnel Name> auth <rsa|psk|x509> remotehost <Remote Host IP Address or Name> remoteid <Authentication Name> remotehop <IP Address> remotesubnet <one or more subnets in CIDR notation>...
Page 510 17: Command Reference Configure X.509 certificate for remote peer or local peer. set vpn certificate local via <sftp|scp> rootfile <Cert Authority File> certfile <Certificate File> keyfile <Private Key File> host <IP Address or Name> login <User Login> [path <Path to Files> set vpn certificate remote via <sftp|scp>...
Page 511: Wlan Commands
17: Command Reference show vpn viewlog [numlines <Number of Lines] [email <Email Address>] Display X.509 certificate for local peer (EMG) and remote peer: show vpn certificate Display RSA public key of the local peer (EMG) and remote peer: show vpn rsakey Display the uploaded or auto-generated IPSec conf file: show vpn vpnconf WLAN Commands...
Page 512 17: Command Reference [wpa802ttlsauth <eap-mschapv2|mschapv2|mschap|chap|pap|eap-md5>] [wpa802peapauth <eap-mschapv2|eap-md5|eap-tls>] [wpa802fastauth <mschapv2|md5|gtc>] [wpa802fastprovision <unauth|auth|both>] [wpa802validatecert <enable|disable>] Configure certificate files for a WPA-WPA2 802.1X profile: set wlan profile edit <Profile Name> certificate import via <sftp|scp> host <IP Address or Name> login <User Login> [path <Path to Files>] [certfile <Certificate File>...
Page 513: Temperature Commands
17: Command Reference Warning: Each time the region is changed it is programmed into the radio, which can be done a maximum of ~10 times; use care when changing the region. Update the wireless firmware: set wlan update <scp|sftp|ftp|usb|sdcard> fwfile <Firmware File> dbfile <.db File>...
Page 514 17: Command Reference Description Shows the temperature. EMG™ Edge Management Gateway User Guide...
Page 515: Xmodem Commands
17: Command Reference Xmodem Commands set xmodem repo Syntax set xmodem repo import <Xmodem File> via <ftp|sftp|scp> host <IP Address or Name> login <User Login> [path <Path to Xmodem File>] set xmodem repo rename <Xmodem File> newfile <New Filename> set xmodem repo delete <Xmodem File> Description Manages a repository of files that can be sent to or received from a device port with Xmodem, Ymodem, or Zmodem.
Page 516: Appendix A: Security Considerations
By default, the console manager is configured with the web UI enabled via HTTPS port 443, SSH enabled via port 22, and the Discovery Server enabled (supports the Lantronix Discovery Protocol for discovering other Lantronix devices on the local subnet on UDP port 30718).
Page 517 See Access Lists. LDP (Lantronix Discovery Protocol) - this protocol (and open UDP port 30718) can be  disabled with the Discovery Server setting. See SSH/Telnet/Logging. Saving Device Configurations - configurations saved via the Maintenance web page (tarball ...
Page 518: Appendix B: Safety Information
 or removing the cover may expose you to dangerous voltage that could cause fire or electric shock. Refer all servicing to Lantronix.  Power Plug Connect the power plug in the following order: 1) Connect the DC plug to the EMG first. 2) ...
Page 519: Input Supply
Appendix B: Safety Information Input Supply Warning: Disconnect all power supply sources before servicing to avoid electric shock. Check nameplate ratings to assure there is no overloading of supply circuits that could affect  over current protection and supply wiring. Grounding 1.
Page 520 Only connect the network port to an Ethernet network that supports 10/100/1000 BASE-T.  Only connect device ports to equipment with serial ports that support EIA-232 (formerly RS-  232C). Only connect the console port to equipment with serial ports that support EIA-232 (formerly ...
Page 521: Appendix C: Adapters And Pinouts
Category 5 fully pinned network cables for all connections when used with Lantronix adapters. The cables are available in various lengths. In most cases, you will need an adapter for your serial devices. Lantronix offers a variety of RJ45- to-serial connector adapters for many devices. These adapters convert the RJ45 connection on the EMG unit to a 9-pin or 25-pin serial connector found on other manufacturers' serial devices or re-route the serial signals for connections to other devices that use RJ45 serial connectors.
Page 522: Figure C-2 Rj45 Receptacle To Db25F Dce Adapter For The Emg Unit (Pn 200.2067A)
Appendix C: Adapters and Pinouts Figure C-2 RJ45 Receptacle to DB25F DCE Adapter for the EMG Unit (PN 200.2067A) Figure C-3 RJ45 Receptacle to DB9M DCE Adapter for the EMG Unit (PN 200.2069A) EMG™ Edge Management Gateway User Guide...
Page 523: Figure C-4 Rj45 Receptacle To Db9F Dce Adapter For The Emg Unit (Pn 200.2070A)
Appendix C: Adapters and Pinouts Figure C-4 RJ45 Receptacle to DB9F DCE Adapter for the EMG Unit (PN 200.2070A) Use PN 200.2070A adapter with a PC's serial port. Figure C-5 RJ45 Receptacle to DB25M DTE Adapter (PN 200.2073) EMG™ Edge Management Gateway User Guide...
Page 524: Appendix D: Protocol Glossary
Appendix D: Protocol Glossary BOOTP (Bootstrap Protocol) Similar to DHCP, but for smaller networks. Automatically assigns the IP address for a specific duration of time. CHAP (Challenge Handshake Authentication Protocol) A secure protocol for connecting to a system; it is more secure than the PAP. DHCP (Dynamic Host Configuration Protocol) Internet protocol for automating the configuration of computers that use TCP/IP.
Page 525 Appendix D: Protocol Glossary IPsec A protocol suite for securing Internet Protocol (IP) communications by authenticating and encrypting each IP packet of a communication session. Kerberos A network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography. LAN (Local Area Network) Any collection of independent computers that exchange information with each other over a shared communication medium.
Page 526 PAP (Password Authentication Protocol) A method of user authentication in which the username and password are transmitted over a network and compared to a table of name-password pairs. PEAP (Protected EAP) An authentication protocol that uses server-side public key certificates to authenticate the console manager with a RADIUS server.
Page 527 A protocol that provides authentication and encryption services between a web server and a web browser. SSH (Secure Shell) A secure transport protocol based on public-key cryptography. TACACS+ (Terminal Access Controller Access Control System) A method of authentication used in UNIX networks. It allows a remote access server to communicate with an authentication server to determine whether the user has access to the network.
Page 528: Appendix E: Compliance Information
Appendix E: Compliance Information Manufacturer’s Name & Address Lantronix Inc., 48 Discovery, Suite 250, Irvine, CA 92618 USA Declares that the following product: Product Name(s): EMG 8500 and EMG 7500 Conforms to the following standards or other normative documents: Table E-1 Regional Certifications...
Page 529: Table E-3 Cellular Bands For Us And Eu
Appendix E: Compliance Information Table E-3 Cellular Bands for US and EU Cellular/Bands 2/4/5 1/3/8 2/4/5/7/12/13/25/26/41 1/3/7/8/20 EMG™ Edge Management Gateway User Guide...
Page 530: Federal Communication Commission Interference Statement
Federal Communication Commission Interference Statement This device complies with Part 15 of the FCC Rules. Operation is subject to the following two conditions: (1) This device may not cause harmful interference, and (2) this device must accept any interference received, including interference that may cause undesired operation. This equipment has been tested and found to comply with the limits for a Class A digital device, pursuant to Part 15 of the FCC Rules.
Page 531 Radiation Exposure Statement: This equipment complies with IC radiation exposure limits set forth for an uncontrolled environment. This equipment should be installed and operated with minimum distance 20cm between the radiator & your body. Déclaration d'exposition aux radiations: Cet équipement est conforme aux limites d'exposition aux rayonnements IC établies pour un environnement non contrôlé.
Page 532: Figure E-4 Emg 8500, Eu Declaration Of Conformity
Figure E-4 EMG 8500, EU Declaration of Conformity EMG™ Edge Management Gateway User Guide...
Page 533: Figure E-5 Emg 8500 Eu Declaration Of Conformity, Continued
Figure E-5 EMG 8500 EU Declaration of Conformity, continued EMG™ Edge Management Gateway User Guide...
Page 534: Figure E-6 Emg 7500 Eu Declaration Of Conformity
Figure E-6 EMG 7500 EU Declaration of Conformity EU DECLARATION OF CONFORMITY Manufacturer’s Name: LANTRONIX INC. Manufacturer’s Address: 7535 Irvine Center Drive, Suite 100 Irvine, CA. 92618. USA Product Type: Edge Management Gateway Product Family: EMG 7500 Rated: 9-30VDC Intended use: Commercial installations, indoor use Manufacturer’s Quality System:...
Page 535: Table E-7 Eu Statements
ограничено само за вътрешна употреба. Може да не се работи на открито. Česky [Czech] Lantronix, Inc. tímto prohlašuje, že tento EMG 8500, EMG 7500 je ve shodě se základními požadavky a dalšími příslušnými ustanoveními směrnice 2014/53/EU. Úplné znění ES prohlášení o shodě je k dispozici na této internetové...
Page 536 EL-i teade kasutuspiirangute kohta: seda seadet saab kasutada ainult siseruumides. Seda ei tohi õues kasutada. English Hereby, Lantronix, Inc., declares that this EMG 8500, EMG 7500 is in compliance with the essential requirements and other relevant provisions of Directive 2014/53/EU.
Page 537 Il ne doit pas être utilisé à l'extérieur. Icelandic Hér með lýsir Lantronix, Inc. því yfir að EMG 8500, EMG 7500 sé í samræmi við grunnkröfur og önnur viðeigandi ákvæði tilskipunar 2014/ 53 / ESB. Í heildartexta ESB-samræmisyfirlýsingarinnar er að finna á eftirfarandi https://www.lantronix.com/products/lantronix-emg/...
Page 538 Code Language Statement Lietuvių [Lithuanian] Šiuo Lantronix, Inc. deklaruoja, kad šis EMG 8500, EMG 7500 atitinka esminius reikalavimus ir kitas 2014/53/EU Direktyvos nuostatas. Visą ES atitikties deklaracijos tekstą galite rasti šiuo interneto adresu: https://www.lantronix.com/products/lantronix-emg/#tab-docs- downloads ES pranešimas apie naudojimo apribojimus: Šis prietaisas skirtas naudoti tik patalpose.
Page 539 Code Language Statement Norwegian Lantronix, Inc. erklærer herved at denne EMG 8500, EMG 7500 er i samsvar med de grunnleggende kravene og andre relevante bestemmelser i direktiv 2014/53 / EU. Den fullstendige teksten til EU-samsvarserklæringen er tilgjengelig på https://www.lantronix.com/products/ følgende internettadresse:...
Page 540 ограничен само на унутрашњу употребу. Можда се не користи на отвореном. Slovensko [Slovenian] Lantronix, Inc. izjavlja, da je ta EMG 8500, EMG 7500 v skladu z bistvenimi zahtevami in ostalimi relevantnimi določili direktive 2014/53/ Celotno besedilo izjave EU o skladnosti je na voljo na naslednjem https://www.lantronix.com/products/lantronix-...
Page 541: Safety And Hazards
Near medical equipment, life support equipment, or any equipment which may be susceptible  to any form of radio interference. In such areas, the EMG 8500 and EMG 7500 / EMG 7500W MUST BE POWERED OFF. Otherwise, the EMG 8500 and EMG 7500 / EMG 7500W can transmit signals that could interfere with this equipment.
Page 542: Table E-9 Emg 7500W Conducted Transmit Power Specifications
Technology Band TX Frequency range Conducted TX power 1850 – 1915 Mhz +23 dBm +/- 1 dB 814 – 849 Mhz +23 dBm +/- 1 dB 2500 – 2570 Mhz +22 dBm +/- 1 dB 2496 - 2690 Mhz +22 dBm +/- 1 dB UMTS 1920 –...
Page 543: Table E-10 Emg 7500W Wi-Fi Specifications
Table E-10 EMG 7500W Wi-Fi Specifications Feature Description 2.4 GHz Frequency ETSI: 2.4 GHz to 2.483 GHz Bands FCC: 2.4 GHz to 2.473 GHz ETSI: 5 GHz Frequency Bands 5.15 GHz to 5.35 GHz (Ch 36/40/44/48/52/56/60/64) 5.47 GHz to 5.725 GHz (Ch 100/104/108/112/116/120/124/128/132/136/ 140/144) FCC: 5.15 GHz to 5.35 GHz (Ch 36/40/44/48/52/56/60/64)
Page 544: Figure E-11 Ul Declaration Of Conformity
Figure E-11 UL Declaration of Conformity EMG™ Edge Management Gateway User Guide...
Page 545: Figure E-12 Ul Declaration Of Conformity, Continued
Figure E-12 UL Declaration of Conformity, continued EMG™ Edge Management Gateway User Guide...
Page 546: Rohs, Reach, And Weee Compliance Statement
RoHS, REACH, and WEEE Compliance Statement Please visit http://www.lantronix.com/legal/rohs/ for Lantronix’s statements about RoHS, REACH, and WEEE compliance. EMG™ Edge Management Gateway User Guide...
Page 547: Appendix F: Ansible Interoperability
Appendix F: Ansible Interoperability Ansible is a tool that can be used to automate IT tasks. This page shows an example of an Ansible playbook that queries and configures an EMG console manager. For more information on Ansible see the Ansible documentation suite.
Page 548: Ansible Setup
Appendix F: Ansible Interoperability Ansible Setup Create a subdirectory to hold the Ansible config and playbook files: a configuration file, a public/ private SSH key, an inventory (target hosts) file, and a sample YAML playbook: (ansible_test) sh-5.0$ ls -l total 60 -rw-rw-r-- 1 ansy ansy 89 Dec 5 15:34 ansible.cfg...
Page 549 - debug: var=command_output.stdout_lines - name: Run 'set network dns' command ansible.netcommon.cli_command: command: set network dns 1 ipadd 192.168.10.254 register: command_output - debug: var=command_output.stdout_lines - name: Run 'show network dns' command ansible.netcommon.cli_command: command: show network dns register: command_output - debug: var=command_output.stdout_lines This setup contains the IP addresses of 2 hosts - a SLC and EMG, each running different firmware versions.
Page 550: Pinging Hosts And Running Playbooks
Pinging Hosts and Running Playbooks The hosts can be checked for reachability using either SSH (the default) or paramiko: (ansible_test) sh-5.0$ ansible allhosts -m ping -i inventory.ini -c ssh 10.0.1.156 | SUCCESS => { "changed": false, "ping": "pong" 10.0.1.91 | SUCCESS => { "changed": false, "ping": "pong"...
Page 551 "Flash Size: 512 MB", "Power Supply: AC, 2 power supplies", "Number of External USB Ports: 2", "Ethernet Switch: Installed", "Internal Modem: Installed", "Eth1 HW Address: 00:80:a3:8b:fc:31", "Eth2 HW Address: 00:80:a3:8b:fc:32", "Ethernet Switch HW Address: 00:80:a3:8b:fe:f3", "Main Board Revision: unknown", "NIC Board Type: SFP", "NIC Board Revision: 02FPA", "NIC Board Eth1 SFP: 1000BASE-T (Vendor: FiberStore PN: SFP-GB- GE-T Rev: B)",...
Page 552 "Firmware Updated: Thu Apr 18 19:55:34 2024", "OS Version: IT Management Gateway OS 7.0", "Bootloader Version: 2.0.0.0R10", "S/N: 0080A3FA0C80", "Device ID: 00204ACSKMXENQH72KVF4VYK5X5E426F", "Memory: 1024 MB", "Flash Size: 1024 MB", "Power Supply: external DC", "Number of External USB Ports: 1", "Cellular Modem: Installed", "Cellular Firmware Version: 02.24.05.06", "Cellular Carrier: VERIZON", "Cellular USBNet Driver Version: 2020-08-17/SWI_2.64",...
Page 553 " Number of Ports: 8", " Model Number: 120", " Product Name: EMG", " Options: 00000000000000000000000000ffff01", " Features: 0xffff" TASK [Run 'show network dns' command] ******************************** ok: [10.0.1.156] ok: [10.0.1.91] TASK [debug] ********************************************************* ok: [10.0.1.91] => { "command_output.stdout_lines": [ "___Current DNS Settings________________________________________________________", "10 of the listed DNS servers are used.", "Static DNS Server #1: 11.80.103.7",...
Page 554 ok: [10.0.1.91] => { "command_output.stdout_lines": [ "DNS settings successfully updated." ok: [10.0.1.156] => { "command_output.stdout_lines": [ "DNS settings successfully updated." TASK [Run 'show network dns' command] ******************************** ok: [10.0.1.156] ok: [10.0.1.91] TASK [debug] ********************************************************* ok: [10.0.1.91] => { "command_output.stdout_lines": [ "___Current DNS Settings________________________________________________________", "10 of the listed DNS servers are used.",...
Page 555 10.0.1.156 : ok=9 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 10.0.1.91 : ok=9 changed=0 unreachable=0 failed=0 skipped=0 rescued=0 ignored=0 EMG™ Edge Management Gateway User Guide...

This manual is also suitable for:

Emg 7500 Emg 7500w Emg851000s Emg851010s Emg851020s Emg851110s ... Show all