Page 1
Secure Lantronix Management (SLM) Virtual Secure Lantronix Management (vSLM) Appliance User Guide Part Number 900-386 Revision I October 2012...
The user is cautioned that changes and modifications made to the equipment without approval of the manufacturer could void the user's authority to operate this equipment. Changes or modifications to this device not explicitly approved by Lantronix will void the user's authority to operate this device.
Page 4
SNMP settings for SLPs in bulk; connect directly to the port of an SLC or SLB; apply power to multiple ports on an SLP; view port logs, make a web channel connection to an SLC; update SLM and SLP firmware; read SLC information to the SLM database; create banners for the CLI.
Firmware ________________________________________________________________29 Protocols Supported _______________________________________________________ 29 SLM Hardware ___________________________________________________________30 Product Information Label ___________________________________________________ 30 SLM-01 and SLM-02 Package Contents ________________________________________ 31 3: Quick Setup Installing the SLM _________________________________________________________ 32 Connecting a Terminal to the Console Port __________________________________ 32 Connecting to a Network Port _____________________________________________ 33...
Page 6
Step 4: Auto-Detect Devices ________________________________________________ 58 Step 5: Associate Account Groups with Ethernet and Managed Devices ______________ 58 Step 6: Manage Devices ___________________________________________________ 58 Step 7: Maintain the SLM ___________________________________________________ 58 7: Network and Modem Settings IP Address and Other Required Information _____________________________________ 60...
Page 7
Updating or Deleting an Account Group ____________________________________ 119 Setting Password Requirements for User Accounts ___________________________ 119 Assigning Account Group Device Rights ___________________________________ 121 Viewing Currently Logged-In Accounts ________________________________________ 123 Account Group Commands _________________________________________________ 124 Accounts _______________________________________________________________125 Viewing Accounts _____________________________________________________ 126 SLM User Guide...
Page 8
Properties (Ethernet Device Menu Tree) ___________________________________ 162 Port Access _________________________________________________________ 163 Updating Passwords in Bulk _____________________________________________ 167 Changing SNMP Settings for SLC, SLB and SLPs in Bulk ______________________ 169 SLM Proxy __________________________________________________________ 170 Ethernet Device Commands ________________________________________________ 171 Persistent Connection Commands ___________________________________________ 174 Trap Commands _________________________________________________________176...
Page 9
Ethernet Devices - Connection Methods ___________________________________ 224 Managed Devices - Connection Methods ___________________________________ 225 Browsing to an Ethernet or Managed Device's Web Page _________________________225 Making a Secure Channel Connection to an SLC, SLM, or SLB _________________ 226 SLM User Guide...
Page 10
Maintenance Commands __________________________________________________ 243 Date and Time ___________________________________________________________ 245 Date and Time Commands _________________________________________________ 246 SNMP & Syslog __________________________________________________________247 Device Firmware Updates __________________________________________________ 249 SLM Firmware _______________________________________________________249 SLC/SLB Firmware ____________________________________________________ 251 SLP Firmware ________________________________________________________ 253 Spider Firmware ______________________________________________________ 254 WiBox Firmware ______________________________________________________ 255...
Page 11
Setting up NFS _______________________________________________________ 278 Setting up CIFS ______________________________________________________ 279 Setting up Log Properties _______________________________________________ 281 Logging Commands ______________________________________________________ 283 12: Using SLM on a Mobile Browser Requirements ___________________________________________________________ 288 Using the SLM Mobile Browser ______________________________________________288 Logging in to the SLM __________________________________________________ 288...
Page 12
Factors Affecting Security __________________________________________________ 360 Available Services and Port Numbers _________________________________________ 360 Appendix C: Safety Information Safety Precautions _______________________________________________________ 362 Cover ______________________________________________________________362 Power Plug __________________________________________________________ 362 Input Supply _________________________________________________________ 362 Grounding ___________________________________________________________362 Rack _______________________________________________________________ 362 Port Connections _____________________________________________________363 SLM User Guide...
About This Guide Purpose and Audience This guide provides the information needed to install, configure, and use the Secure Lantronix Management Appliance (SLM) which includes the SLM-01, SLM-02 and the vSLM. The SLM enables IT professionals to remotely and securely configure and administer multiple Lantronix and non-Lantronix devices.
SLM Online Help for the Command commands. Line Interface SLM Online Help for the Web Interface Provides online Help for configuring and operating the SLM using the web interface. Provides online Help for the utility that enables you to change an Detector Online Help automatically assigned IP address to a static IP address quickly.
Terminology In this User Guide, we use the following terms: Term Definition A Lantronix or non-Lantronix device that the SLM discovers on the network. Ethernet Device Ethernet devices include: Secure Lantronix Management Devices: Members of the Secure Lantronix Management IT family of products: the Secure Lantronix Console (SLC)
With an SLC, the user logs in only once, to the SLM, and then any subsequent device logins are automatic. The SLM can also use LDAP, RADIUS, NIS, Kerberos, TACACS+, and SSH public key to authenticate users connecting remotely to the command line interface.
2: Introduction IT Management Application The following diagram shows how a user can perform management activities through the SLM. Figure 2-1 SLM Overview Figure 2-2 vSLM Overview SLM User Guide...
SNMP trap target Mobile phone WAP browser access Protocols Supported In addition to supporting the TCP/IP network protocol, the SLM supports: SSH for connections in and out of the SLM SMTP for mail transfer SNMP for remote monitoring and management ...
2: Introduction SLM Hardware The hardware included with the SLM-01 and SLM-02 have the following features: 1U rack mountable Two network ports for conventional Ethernet network; uses standard RJ45-terminated Category 5 cables: SLM-01: One 10/100Base-T and one 10/100/1000Base-T connection ...
Power cord Rack slide kit Verify and inspect the contents of the SLM package using the enclosed packing slip or the list above. If any item is missing or damaged, contact your place of purchase immediately. SLM User Guide...
Connecting a Terminal to the Console Port The serial console port is for local access to the SLM. You can attach a dumb terminal or a computer with terminal emulation to the console port using a null-modem serial cable with DB9 on the SLM side.
AC power input (North American cord provided). Monitoring the LEDs The SLM has five LEDs on the front panel to signal information during boot-up and while the SLM is running. Figure 3-2 LEDs on Front of SLM...
If you assign an IP address manually, it must be within a valid range and unique to your network. Required Information To set up the SLM quickly so you can use it on your network, you must first enter some basic information about one network port and the network. IP address (if not already assigned): ______.
2. From the Timeout drop-down menu (in the toolbar), select the number of milliseconds before the search stops. The default is 500. 3. Click the Search icon. A list of Lantronix Ethernet devices on the network displays. SLM User Guide...
Figure 3-5 Detector Device List Window 4. If the SLM has an automatically assigned IP address and you want to change it, select the SLM and click the Network Settings icon. The Enter Network Settings window displays. Figure 3-6 Network Settings Window The Device Type and MAC Address (Ethernet Address) fields identify the unit.
Using Quick Setup on the Command Line Interface If the SLM does not have an IP address, connect a dumb terminal or a PC running a terminal emulation program (VT100) to access the command line interface. If the unit already has an IP address, you can use SSH to connect to the command line interface and add or change the IP address or other network-related information.
IP address of the router for this network. Gateway IP Address The default host name is SLM. The host name can be a short host name or Hostname a fully qualified domain name. For example, we might add lantronix.com to the factory default name of SLM to get SLM.lantronix.com.
Once the SLM has an IP address, you can use the web interface to configure required network parameters that determine how the SLM interacts with the attached network. The unit might have a DHCP-assigned IP address or one assigned manually using Detector or a serial connection to the command line interface.
3: Quick Setup 2. In the URL field, type https:// followed by the IP address of your SLM. 3. Log in using sysadmin as the user name and PASS as the password. The SLM Configuration page opens. Figure 3-11 SLM Home Page...
Note: Enter all IP addresses in dot quad notation. If specifying an IP address, enter the network segment on which the SLM resides. Subnet Mask There is no default. 3. To save your entries, click Apply. Clicking Apply commits these changes immediately.
Settings. To set the local date, time, and time zone: You can specify the current date, time, and time zone at the SLM's location (default), or the SLM can use NTP to synchronize with an NTP server on your network.
From the drop-down lists, select the current hour and minute. Time From the drop-down list, select the appropriate time zone. Time Zone Indicates how long the SLM has been up and running. SLM Up Time 3. To save, click Update. To change the administrator password: The default sysadmin password is PASS.
Displays the quick setup script on the CLI; only the sysadmin account can use this command. Next Steps After quickly getting the SLM up and running, you can complete the configuration on the web pages. To learn more about the interfaces, go to Chapter 5: Web and Command Line Interfaces.
VMware. vSLM can be downloaded from the Lantronix website and launched on a desktop or server, and used to administer Secure Lantronix Mangement devices like the SLM hardware version. This chapter describes the differences between the SLM and vSLM.
4: Virtual SLM Deployment 5. Start the VM. To deploy the OVF version: 1. Download the vslm-<firmware version>.OVF.zip distribution from the Lantronix website. 2. Unpack vslm-3.4b.OVF.zip for distribution: vslm-3.4b.OVF/ vslm-3.4b.OVF/vslm-3.4b-disk1.vmdk vslm-3.4b.OVF/vslm-3.4b.mf vslm-3.4b.OVF/vslm-3.4b.ovf vslm-3.4b.OVF/vslm-OVF-README.txt 3. Launch your virtualization manager and open or import the unpacked .zip files ...
Page 47
4: Virtual SLM Deployment To obtain a permanent vSLM license, contact Lantronix Sales at 800-422-7055. You will need to provide the unique signature for your vSLM: [sysadmin@SLMB1DC]> admin signature show Signature: 6f32deb993d767081dada4ff9a2b27c2 SLM User Guide...
1. Open a web browser (Internet Explorer 6.0. and later or Firefox 1.5 and later with JavaScript enabled). 2. In the URL field, type https:// followed by the IP address of your SLM. 3. To configure the SLM, use sysadmin as the user name and PASS as the password. (These are the default values.) Notes: The administrator may have changed the password using the method described in the ...
Tabs: Display a series of pages related to a particular entity (e.g., account group, network settings, and Ethernet devices). Home Button: Displays the Lantronix web site home page. Reload Button: Use to refresh the tree structure after auto-detect, or if some other process (another logged-in user) makes changes that affect the database.
To delete a saved note, click in the box, press CTRL+A, press Delete, and then click the Update button. To save a new note, click the Update button. A confirmation message displays. The next time you open the page, it displays the note and the date and time of the update. SLM User Guide...
1. Click the Search button. A search field displays. 2. Enter the word(s) you want to search for and press Enter. Note: You can also enter the word in the search field to the left of the Lantronix logo and press Enter. SLM User Guide...
Figure 5-5 Logout on the Page Header Command Line Interface (CLI) A command line interface is available for entering the commands for the SLM. You can access the CLI using SSH or a serial terminal connection. In this User Guide, after each section of instructions for using the web interface, you will find related CLI commands.
5: Web and Command Line Interfaces b. Enter your SLM password and press Enter. Note: When SecurID is enabled, the user must enter the number on the RSA token. Depending on the state of the user, the login page may require a PIN number, passcode, or new token code.
Enter. You can override the number of lines (or disable the feature altogether) with the set cli command. To clear an IP address, type 0.0.0.0. Logging Out of the CLI To log out of the SLM command line interface: 1. Type logout and press Enter. SLM User Guide...
Description Displays the terminal lines settings. show history Syntax show history Description Displays the 100 most recent CLI commands. Session Commands connect terminate Syntax connect terminate <connect ID> <one or more parameters> Parameters outbound <outbound ID> SLM User Guide...
Page 56
Use show connection to view the current connections and their ID. Examples connect terminate 3 connect terminate 3 outbound 1 Description Terminates a user connection to the SLM session. Use show connection to view the current connections and IDs. show connection Syntax show connection Description Displays active user connections and connection IDs.
Configuration and Operation Overview To best use the SLM, review the setup and configuration process outlined below before undertaking the tasks detailed in Chapters 6-10. Note: Throughout this user guide, the term "administrator" means the person using the sysadmin user name and those members of the Administrators Account Group permitted to perform the task.
The administrator uses auto-detection methods to find Lantronix devices and other devices on the network and to add them to the SLM database for the SLM to manage. There is no need to add a device manually, although that option is available. Currently, auto-detect supports Lantronix Discovery Protocol (LDP) for SLCs and other Lantronix devices, the Lantronix SCS05/20 device discovery protocol, and SNMP for SLPs, SLKs, and all other Ethernet devices.
Page 59
6: Configuration and Operation Overview Auto-Save: The administrator saves the configuration of one SLM on another SLM. If there is a need, the second SLM can "become" the first SLM. Configuration Save and Restore: The administrator saves and restores system configurations, providing rapid recovery of inadvertent configuration changes.
Network and Modem Settings This chapter is primarily for the administrator. It explains how to enter the network configuration, IPv4 filters, and modem settings for the SLM using the SLM web interface or the CLI. If you used a procedure in...
2. In the URL field, type https:// followed by the IP address of your SLM. 3. Log in using sysadmin as the user name and PASS as the password. The SLM Configuration page opens. Figure 7-1 SLM Configuration Page (SLM-01 and SLM-02)
7: Network and Modem Settings Network Port(s) Notes: On the SLM-02, both Network Ports 1 and 2 are 10/100/1000Base-T. Previous versions of the SLM have one 10/100Base-T and one 10/100/1000Base-T network port. One possible use for the two Ethernet ports is to have one port on a private, secure network, ...
Page 63
Network Port 1. All network traffic that matches the Network Port 2 IP address and subnet mask goes out Network Port 2. If you set a default gateway, the SLM sends any network traffic that does not match Network Port 1 or Network Port 2 to the default gateway for routing.
Select one of the following: Active Backup: Only one of the two Ethernet interfaces will be active (involved in transmitting and receiving data) at any one time. If the SLM detects that the Ethernet interface has lost network connectivity, the system makes the secondary interface the new active one after a few seconds (~3.5 - 4) of delay.
7: Network and Modem Settings Table 7-6 Hostname Hostname Setting Description The default hostname is SLM. You can specify a fully qualified domain name (for Hostname example, SLM.lantronix.com). There is a 64-character limit (contiguous characters, no spaces). Note: The hostname becomes the prompt in the command line interface.
Network Port 1. All network traffic that matches the Network Port 2 IP address and subnet mask goes out Network Port 2. If you set a default gateway, the SLM sends any network traffic that does not match Network Port 1 or Network Port 2 to the default gateway for routing.
Users logged in locally (not using remote authentication) may change passwords at any time, unless the administrator has disabled this option. To change your password: 1. On the menu, click Configuration. The Configuration Home page opens. 2. Click the Password tab. The following page opens: SLM User Guide...
<1|2|3> ipaddr <IP Address> Description Configures up to three DNS servers. set network gateway Syntax set network gateway <parameters> Parameters default <IP Address> precedence <dhcp|default> alternate <IP Address> pingip <IP Address> ethport <1 or 2> pingdelay <1-250 seconds> failedpings <1-250> SLM User Guide...
Page 69
7: Network and Modem Settings Description Sets the default gateway. set network host Syntax set network host <Hostname> Description Sets the SLM hostname. set network port Syntax set network port <1|2> <parameters> Parameters state <dhcp|bootp|static|disable> [ipaddr <IP Address> mask <Mask>] mode <auto|10mbit-half|100mbit-half|10mbit-full|100mbit-full>...
Warning: IPv4 filters configuration is a feature for advanced users. Adding and enabling IPv4 filter sets incorrectly can disable your SLM. IPv4 Filters act as a firewall to allow or deny individual or a range of IP addresses, ports, and protocols.
Allow permits the packet through the filter. Name that identifies a filter. The name may be composed of letters, numbers and Filter Name hyphens only. (The name cannot start with a hyphen.) Example: FILTER-2 SLM User Guide...
Updating or Deleting an IPv4 Filter The administrator can update or delete IPv4 filters. To update or delete an IPv4 filter: 1. On the List tab, click the Edit icon to the left of the filter. The Configure tab displays. SLM User Guide...
Click IPv4 Filters on the menu tree. The deleted filter is no longer on the menu tree or listed on the List tab. 3. To update an IPv4 filter: a. Edit the information as desired. b. Click the Update button. A confirmation message displays. SLM User Guide...
To view an individual IPv4 filter set: 1. On the menu, click the individual filter set name. The IPv4 Filter page for the filter set displays. 2. Click the Show tab. Figure 7-18 IPv4 Filter - Show Tab SLM User Guide...
Note: There may be times when a complex IPv4 filter set may accidentally lock all users out of the SLM. To allow testing of new filter sets, the administrator can enable and test the filter sets for a specified period.
Page 77
Syntax set ipfilter test <number of minutes> Description Enables or disables IPv4 filter test mode. show ipfilter Note: Type show ipfilter to display index. Syntax show ipfilter <parameters> Parameters [name <Filter Name>] [index <number>] SLM User Guide...
Description Displays all IP filtering rules for all chains. IPsec Management Internet Protocol Security (IPsec) for the SLM includes IKE policy for internet key exchanges and Virtual Private Network connections. Internet Key Exchange (IKE) Policies The administrator can view, add, and update one or more IKE policies.
Mode during the security association phase of the key exchange. Exchange Type Note: Aggressive mode will be available in a future release. Local SLM identification type: Local Peer ID Type IPv4: Internet Protocol version 4 IPv6: Internet Protocol version 6...
RSA Signature: Uses a private and public key that together comprise a digital signature. Note: This feature will be available in a future SLM release. Select the mode during the security association phase of the key exchange: Exchange Type Main Mode: (default) Note: Aggressive mode will be supported in a future release.
Page 81
IPv6: Internet Protocol version 6 FQDN: Fully Qualified Domain Name User Email: Email address of the local user Enter the local SLM identification value. This value depends on the Local Peer ID Local Peer ID Value Type setting. Select the method of filtering outgoing data:...
Click IKE Policies on the menu bar. 3. To update a policy: a. Edit the information as desired. b. Click the Update button. A confirmation message displays. 4. To save your entries, click the Save button. SLM User Guide...
Network port on the SLM that connects to the VPN. Network Port IP protocol selected to protect data traffic. Local Protocol Method selected to protect data traffic on the TCP port of the SLM. Local Port Subnet prefix length for Subnet type clients. Subnet Prefix Algorithm for verifying data integrity.
Address Type Single: The single host that is the destination of the IPsec traffic. Remote Peer IP Start Starting IP address in a range of remote IP addresses. Prefix of the subnet for Subnet Type peers. Subnet Prefix SLM User Guide...
Click VPN Connections on the menu bar. 3. To update a policy: a. Edit the information as desired. b. Click the Update button. A confirmation message displays. 4. To save your entries, click the Save button. SLM User Guide...
The administrator can configure dial-in and dial-out from either the web interface or the CLI. A user dialing in from a remote computer in text mode can access the CLI on the SLM. A user dialing in from a remote computer in PPP mode can access the CLI and the web ...
Name that identifies the modem. Name Identifies the type of modem (e.g., PCI or USB). Modem Type Communication speed between the SLM and a modem. Baud Number of data bits used to transmit a character. Data Bits Type of parity checking. Parity checking detects simple, single-bit errors.
Note: We recommend that the modem initialization script always be preceded with AT and include E1 V1 x4 Q0 so that the SLM can properly control the modem. Communication speed between the SLM and the modem. From the drop-down list, Baud select the baud rate.
3. To save, click the Submit button. A confirmation message displays. Viewing a List of Profiles The administrator can view a list of modem connections. 1. On the menu, click Configuration > Network Settings > Modem Management > Modem Profiles. The following page opens: SLM User Guide...
The format in which the data flows back and forth: Modem Mode Text: In this mode, the SLM assumes that the modem is for remotely logging into the CLI. Text mode is only for dialing in. PPP: This mode establishes an IP-based link over the modem. Dial-out mode uses PPP connections (e.g., the SLM connects to an external network).
SLC hangs up and calls the user back. The SLM then logs in again. This feature is currently available in text mode only. If you select the check box, when the SLM attempts to connect to an SLC via a text Auto Login mode connection, it automatically uses the Login and Password specified on the SLC Device page.
PPP Mode Setting Description Negotiate IP Address For the remote device or PC to specify the local (SLM) IP and remote addresses, select Yes. Defaults to Yes. For the SLM to assign the local (SLM) IP and remote IP addresses, select No, and enter the local IP (IP address of the SLM) and remote IP (IP address of the remote device or PC).
Discovering a USB Modem The system administrator can attach a USB modem to an SLM and configure it into the system without rebooting the SLM. For the vSLM, a USB modem must first be connected to the vSLM VM SLM User Guide...
Syntax show modem <parameters> Parameters [name <Modem Name>] [index <number>] Description Displays modem settings. show modem status Syntax show modem status Description Displays the status of the modem. Dial Account Commands set dialaccount add Syntax SLM User Guide...
Page 96
<disable|enable> (apply only text mode) dialbacknumber <dial-back number|CLEAR> (apply only text mode) CLEAR removes the dial-back number. userprofile <disable|enable> (apply only text mode) Uses local user-defined dial-back configuration. timeout <disable|1-30 minutes> Description Modifies a dial account's settings. set manageddevice config SLM User Guide...
Page 97
Note: Type show dialaccount to display index. Syntax show dialaccount <parameters> Parameters [name <Dial Account Name>] [index <number>] Examples show dialaccount show dialaccount name ppp-pap show dialaccount index 2 Description Displays dial account settings. show dialaccount mapping SLM User Guide...
Page 98
7: Network and Modem Settings Syntax show dialaccount mapping Description Shows dial account used by dial-in and dial-out. SLM User Guide...
By default, local authentication is enabled and is the first method the SLM uses to authenticate users. The administrator can select additional authentication methods, such as NIS, LDAP, RADIUS, SecurID, and SSH public key or CLI login.
Table 8-2 User Authentication - Configure Tab User Description Authentication Setting The SLM authenticates users in the local database by user name and password. If Local this method is enabled, it always responds. A network naming and administration system developed by Sun Microsystems for NIS (Network smaller networks.
3. To disable a method currently in the Enabled methods list, select the method and click the right arrow between the lists. 4. To set the order in which the SLM will authenticate users, click the up and down arrows to the left of the Enabled methods list.
The IP addresses or hostnames of up to five slave servers. Server #1 - 5 Broadcast for Server Select the check box for the SLM to send a broadcast datagram to find the NIS Server on the local network. Enabled Displays selected if you previously enabled this method on the User Authentication page or on this page.
If the dsmith LDAP acccount is a member of more than one group starting with "SLM_" the first one found will be used. If later, the LDAP account dsmith is assigned to a different "SLM_xxxxx" group, then at the next login, the dsmith account on the SLM will be moved to the new account group.
A-Z, and 0-9. Retype Password The maximum length is 127 characters. Number of the TCP port on the LDAP server to which the SLM talks. The default Port setting is 389. Select to enable. Active Directory is a directory service from Microsoft that is a part of Active Directory Windows 2000 and later versions of Windows.
8: User Management RADIUS The administrator can configure the SLM to use RADIUS to authenticate users attempting to log in to the SLM through the web interface, SSH public key, Telnet, or the console port. Note: For a user to log in remotely using RADIUS, the user's account must have remote access (Remote Only or Local &...
Older RADIUS servers may use 1645 as the default port. Check your RADIUS server configuration. Text that serves as a shared secret between a RADIUS client and the server (SLM). Server #1 Secret The shared secret is used to encrypt a password sent between the client and the server.
8: User Management To configure the SLM to use Kerberos to authenticate users: 1. On the menu, select Configuration > Authentication > Kerberos. The following page opens. Figure 8-9 Kerberos Authentication Page - Configure Tab 2. Enter the following: Table 8-10 Kerberos Authentication Settings...
The SLM supports the TACACS+ protocol (not the older TACACS or XTACACS protocols). The administrator can configure the SLM to use TACACS+ to authenticate users attempting to log in to the SLM through the web interface, SSH, Telnet, or the console port.
Upon the first successful authentication, the SecurID server places a shared node Clear Node Secret secret key on the SLM. There may be times when this file needs to be cleared by both sides, so this option is available. SLM User Guide...
SSH key for authentication. Exported Keys The SLM can generate SSH keys for SSH connections out of the SLM for any SLM user. The SLM retains both the private and public key on the SLM, and makes the public key available for export through SCP, FTP, or copy and paste.
The imported key file does not contain the host from which the user will be making an SSH connection. The SLM local user login for the connection is different from the user name from which the key was generated or is not included in the imported key file.
To add or view export SLC keys: You can enable the SLM to retrieve all the public keys (each with a specific user and host name) from a particular SLC and store them in the SLM database. Then you can push those public keys to other SLCs, allowing those particular users to access the other SLCs from those particular hosts.
TTf+YWzHCr1mX/+yRUyA+I9VXb9cI2r9uqIlMk/GVTgpI/8YERnAsQ9AeRfy/20MXOSGg895 tdBW6piLKWoJ5P6NRcXsFJScmowGXNU4snUpk2cvVNyGiVMe9jb454fb080+/lphmMrJMUPY X3uG22Qsm0KZGosnLFKtYzimDaOoRQ2QI9my19i/baFX9RiH2yda+vLmBsTchaEx30Dp7Pw baHi7gf8Rb9Q== 5. To delete one or more keys: a. Select the check box for each key to be deleted and click the Delete button. b. In response to the request for confirmation, click OK. SLM User Guide...
8: User Management Copy Keys If your SLM is set up with dual booting, you can move SSH keys from one boot partition to another. To copy a key: 1. On the menu, select Configuration > Authentication > SSH Keys, and then click the Copy Keys tab.
Page 115
<Bind Password> adsupport <enable|disable> encrypt <enable|disable> Description Configures the SLM to use LDAP to authenticate users who log in to the SLM via SSH, Telnet, the web, or the console port. set nis Syntax set nis <one or more parameters>...
Page 116
<IP Address or Name> port2 <TCP Port> secret2 <Secret> Description Configures the SLM to use RADIUS to authenticate users who login to the SLM via SSH, Telnet, the web, or the console port. set sshkey delete Syntax set sshkey delete keyuser <SSH Key User> keyhost <SSH Key Host>...
There are four types of account groups: Administrators, Ethernet Device, Managed Device, and Menu Only. Administrators Account Group: Has rights and permissions to configure the SLM and to add, edit, and delete account groups within the Ethernet Device, Managed Device, and Menu Only categories.
Figure 8-23 Account Groups Page - Members Tab Adding an Account Group 1. On the Account Groups page, click the Group tab. The following page opens: Figure 8-24 Account Group Page - Group Tab Enter the following: SLM User Guide...
Edit the name as desired. b. Click the Update icon. A confirmation message displays. c. Click Accounts on the menu tree. The updated group is on the menu tree and listed on the Members tab. Setting Password Requirements for User Accounts SLM User Guide...
(minutes) Note: The SLM ships with a default maximum of 25 concurrent user sessions (or "seats"). If you require more than 25 concurrent user sessions, please contact your sales associate to order them. When all seats are in use, the sysadmin can still log in one more time, from the CLI interface only, and terminate other connections.
Ethernet devices. All members of the group inherit these permissions. 1. Select the account group from the menu. The following page opens. Figure 8-29 Ethernet Device Account Group - Accounts Tab 2. Click the Assign tab. The following page opens: SLM User Guide...
All members of the group inherit these permissions. 1. Select the account group from the menu. The following page opens: Figure 8-31 Managed Device Account Group - Accounts Tab 2. Click the Assign tab. SLM User Guide...
Viewing Currently Logged-In Accounts Administrators can see which users are currently logged into the SLM and whether they are connected to any managed devices. The page also displays the maximum number of concurrent users for which this SLM is licensed.
Type of interface (web or command line) the user is logged in to. U.I. IP address of the client. Location Date and time the user last accessed the SLM. Last Access Number of minutes since the user last took an action in the session. Minutes Idle...
To assign unique permissions to an individual account, create the account as the sole member of an account group. The sysadmin account always has all permissions enabled. SLM User Guide...
Table 8-37 Account Groups - Accounts Tab Account Groups Description Setting The user name for logging in to the SLM. Name User's email address; may be used for event notification. Email Address Indicates whether the user has permission to open the Network Settings page and Config Network configure network settings.
The sysadmin account can add other administrators to the Administrators Group, assigning a user name and email address for each user. The name is for logging in over the web interface or the command line interface. The SLM uses the email address to send emails to users based on configured alarm settings.
Table 8-41 Add New Account to Group - Configure Tab Setting Description User ID for logging into the SLM. Must be alphanumeric, start with an alpha Name character, and may include an underscore ( _ ). User's password for logging in to the SLM.
Administrators assign a user name and email address for each user. The name is for logging in over the web interface or the command line interface. The SLM uses the email address to send emails to users based on configured alarm settings.
Table 8-44 Add New Account to Group - Configure Tab Account Setting Description User ID for logging into the SLM. Must be alphanumeric, start with an alpha, and Name may include an underscore ( _ ). User's password for logging in to the SLM.
page for SLP password synchronization to work. Rebooting the SLM for any reason causes it to ignore user account password changes made but not yet pushed. Once the SLM authenticates them, users with dial-back access can dial into the Enable Dial-Back SLM and enter their login and password.
To verify the deletion, click the account group in the menu. The user is no longer listed. Account Commands Use the following commands to configure local accounts (including sysadmin) to authenticate users who login to the SLM by means of SSH, Telnet, the web, or the console port. set account add Syntax set account add <User Name>...
Page 133
Note: Administrators with permission to change passwords must enter the username. Other users may not enter a username (they are changing their own password). Description Configures a user account's password for the SLM. show account Syntax show account <User Name>...
Page 134
Displays accounts by index number. show account search Syntax Note: All searches are case insensitive. show account search name <name> show account search email <email address> Examples show account search name sys Description Searches for accounts by name or email address. SLM User Guide...
Auto-detect enables the SLM to search for and register Ethernet devices automatically. When the SLM detects an Ethernet device, it also scans the device for ports and port information. You only need to define search protocols and parameters once; they are saved for use in any future searches.
Starting IP Address: The IP address at the beginning of the range in which the SLM is to detect devices. Ending IP Address: The IP address at the end of the range in which the SLM is to detect devices.
Starting IP Address: The IP address at the beginning of the range in which the SLM is to detect devices. Ending IP Address: The IP address at the end of the range in which the SLM is to detect devices.
Page 138
IP range: 192.168.0.1-192.168.0.155 timeout 1500 timeout: default is 1000 ms; range is 1000-60000 ms Description Sets Lantronix discovery protocol search filters. The ending IP address is optional. admin autodetect filter scs Syntax admin autodetect filter scs <IP range> [timeout <number of milliseconds>]...
Administrator and Ethernet Device Account groups add devices manually, edit device settings, and delete devices. Listing Devices You can view a list of all devices in the SLM database. The list may include other Lantronix-built devices and even non-Lantronix devices. Note: The examples in this section show SLCs.
To list all Ethernet devices of a specific type: To list all SLCs managed by the SLM, click Ethernet Devices > SLC on the menu tree. The following page opens: Figure 9-4 Manage Group Page - List Tab To list devices in any other device group (e.g., SLK, SLP, or Other Lantronix), click Ethernet...
9: Ethernet Device Management Adding a Device Manually If you know there is a new device on the network, or for some reason, the SLM does not auto- detect a device, the administrator can manually add it. To add a device: Note: Ethernet device pages may differ slightly, depending on the type of device.
Link Status (view device. only) Login (not on SLM) User name for logging into any Ethernet device that can be logged into using http or https. Password for logging into any Ethernet device that can be logged into using http or Password and https.
The Administrator and Ethernet Device Account groups can edit settings for Secure Lantronix Management devices (SLCs, SLBs, SLKs, SLPs, SLBs, Spiders, and other SLMs) and other Ethernet devices. They can also delete a device from the SLM database so that the SLM will no longer manage it.
Description If desired, create a managed device from the Ethernet device. For more information, Managed Device Creating Individual Managed Devices (on page 197). Note: This field is unavailable if no Managed Device Groups exist in the system. SLM User Guide...
SLM. Device Locator takes advantage of the SLM device management to assign a specific Row, Cluster and Rack Position to any device in the SLM database. Once the physical location of the device has been entered into the device record (or determined during the discovery...
Note that if a rack is removed from the end of a cluster, then the other racks are "enlarged" to physically fill out the cluster. If a rack is removed from the middle of a cluster, then a "hole" is shown in the cluster to indicate an available space. SLM User Guide...
Available Devices list one or more at a time by using Ctrl-click or Shift-click to select multiple devices. Also note that devices may be "removed" from a rack and placed back in the "Available Devices" pool by use of the right pointing arrow. Repeat this action to populate more racks. SLM User Guide...
Some users may have read-only access and may only view all traffic on the connection. Other users may have read/write access and can type into the connection from the SLM side. Should a persistent connection fail (e.g., inadvertently closed by user or a network problem), the SLM will detect this condition and attempt to reestablish the connection.
To view a specific persistent connection to a device: 1. On a specific device page, click the PerCons tab (see Figure 9-18). 2. click the Edit icon to the left of the connection. The PerCons page opens. SLM User Guide...
Secure Channel: SLC, SLB, Spider, and SLM only Telnet TN3270: A special Telnet program that connects to mainframes. It is only available if the Ethernet Device is of type Non-Lantronix. No Lantronix devices use this protocol. Select to enable the SLM to log the persistent connection.
Page 154
Connection Enabled Clear this box to define the persistent connection, but not to initiate it. Later, when you want to activate the connection, return and select this box. If specified, this is the account the SLM will use for logins when establishing the Login persistent connection.
On the menu tree, click the name of the desired connection (at the end of the list of ports for a device). The PersCon page displays. 2. Click the Delete button. SLM User Guide...
Ethernet Device Description Setting Select to have the SLM poll Ethernet devices on the network at regular intervals. Periodically poll Disabled by default. If you select this option, then any Ethernet device that has its "poll" flag set but fails to respond to Auto Connection Fail Count consecutive polling attempts displays with a vertical red stripe in its icon on the menu tree.
Enter the number of consecutive times the system must fail to reach the SLC before the SLM will connect through a modem. Enter 0 (zero) to disable this feature. Once the connection is established, it will remain connected until after either a successful Ethernet poll or a manual disconnect of the modem by an SLM user.
The Modem tab allows you to define modem connectivity between the SLM and the Ethernet device. This can included a PPP profile definition for the SLM to use to communicate with the device if the Ethernet connection should become severed, or a text profile to be used in call back mode, where the SLM calls the SLC/SLB, the SLC/SLB hangs up and then calls the SLM back (this for security purposes).
The Modem Connect button establishes a PPP connection between the SLM and the remote Ethernet device. It is used when there is a network interruption and the SLM needs to contact the Ethernet device. Click this button to establish the connection manually.
Traps are notifications of events sent from one device to another. The traps listed below are those sent by other devices (SLMs, SLCs, SLPs, and SLKs) and received by the SLM. This feature is applicable when you select Enable Traps Reception on the SNMP Agent page. Examples of traps...
Trap Community Name of the device sending the trap; it is derived by associating the sender's IP Device address to a device name in the SLM database. Message text in the trap. Description The entire contents of the SNMP trap.
Premier Wave, Other Lantronix, and Non Lantronix folders. Don't Detect: Prevents devices of this type from being auto detected. 3. To remove all devices of a type currently in the SLM database, select its checkbox. Note: Check boxes are active only if you change the display mode to Don't Detect.
2. Click the Port Access tab. A list of all SLBs and their IP addresses displays, along with all of their ports and the power load of each port. Note: Hovering over a port reveals the port name. SLM User Guide...
1. On the menu, click Ethernet Devices > SLP. The Manage SLP Group page displays: 2. Click the Port Access tab. A list of all SLPs displays, along with all of their ports and the power load of each port. Note: Hovering over a port reveals the port name. SLM User Guide...
1. On the menu, click Ethernet Devices > Spider. The Manage Spider Group page displays. 2. Click the Port Access tab. All Spiders in the system display as boxes with IP addresses. Some boxes may display the current view of the device the Spider is controlling. SLM User Guide...
1. On the menu, click Ethernet Devices > UDS/SDS. The Manage UDS/SDS Group page opens. 2. Click the Port Access tab. A list of all current UDS and SDS port connections displays, along with drop down lists of the unmanaged UDS/SDS ports. SLM User Guide...
Updating Passwords in Bulk The administrator and Ethernet device users can perform bulk password updates on multiple devices in the local database. These changes can also be pushed to remote SLM, SLC, SLP, and SCS05/20 devices. The user has access to the device.
SDS, EDS, EDS-MD, XPort, Premier Wave, Other Lantronix, Non Lantronix Select the checkbox when you want to push the password change to remote SLM, Push Passwords to SLC, SLP, and SCS05/20 devices. Devices 3. Click the Update button. A confirmation message displays.
Select this check box to upload these SNMP settings to all devices of the same type Push to all devices (SLC, SLP, pr SLB) in the 3. Click the Update button. A confirmation message displays. Note: To clear all values before saving, click the Reset button. SLM User Guide...
To use the SLM as a proxy server: 1. On the menu, click Ethernet Devices. The All Ethernet Devices page displays. 2. Click the SLM Proxy tab. The tab displays a list of all the Ethernet Devices with a column for each method of connection.
Parameters [name <Device Name>] [ipaddr <IP Address>] [location <Location>] [login <Loginname>] [model <Model>] [sshport <TCP Port for SSH>] [version <Version>] Description Finds Ethernet devices by device name or IP address and modifies device parameters. set ethernetdevice port SLM User Guide...
Page 172
<device name> Description Searches for and displays Ethernet or managed devices by device name. show device all Syntax show device all show device Description Displays all Ethernet and managed devices. show ethernetdevice account Syntax show ethernetdevice account <accountName> SLM User Guide...
Page 173
Displays firmware versions of all Ethernet devices managed by the SLM. show ethernetdevice group Syntax show ethernetdevice group <Group Name> [firmware] group name: SLM, SLC, SLK, SLP, SCS, SCSX, SLB, SPDR, WiBox, UDS, EDS, EDSMD, Xport, PWave, other, non Note: Ethernet device group names are not case sensitive.
4 Description Displays all devices that match the criteria entered. For example, if you specify name slc, the SLM searches for all devices whose name starts with slc. Persistent Connection Commands set persistent add Syntax set persistent add <persistentConnectionName>...
Page 175
Syntax show persistent [[name] <persistentConnectionName>][device <devname|IP>][all] Notes: The device parameter is necessary only to discriminate between two or more persistent connections that are visible to the current user and are using the same name. SLM User Guide...
<Device Name or IP address> [index <number>] Description Displays the current trap log information for an Ethernet device using device name, IP address, or index number. show traplog group show traplog group Note: Type show traplog group to display the index. SLM User Guide...
Page 177
9: Ethernet Device Management Syntax show traplog group <Device Group Name> [index <number>] Group name: SLM, SLC, SLK, SLP, SCS, SCSX, SLB, SPDR, WiBox, UDS, EDS, EDSMD, Xport, PWave, other, non Description Displays the current trap log information for an Ethernet device group by index number.
Managed Device users can only interact with managed devices (which may manage one or more ports, and/or a local Ethernet device) that they have permissions Note: Port pages may differ slightly, depending on the type of Ethernet device. The procedures below note these differences. SLM User Guide...
Table 9-46 Device - Ports Tab Port Setting Description Name of the Ethernet device port. Name Number of the Ethernet device port (e.g., a number between 1 and 48 for the SLC Port Number 48). Name of the parent Ethernet device. Console SLM User Guide...
SLM. For example, a threshold preset at 128 characters means that as soon as the SLC receives 128 bytes of data on this particular device port, it captures log data and sends it to the SLM. The minimum byte threshold is 1, and the default is 1024.
Device (view only) Name of the port (e.g., name of the device to which it is attached). Name Ethernet device type (e.g., SLC, SLM, SLK). Parent Device Type (view only) Indicates whether logging is enabled on the port. Disabled by default.
SLC receives 128 bytes of data on this particular device port, it captures log data and sends the received data regarding this device port to the SLM. The minimum byte threshold is 1, and the default is 1024.
Automatically assigned Telnet, SSH, and TCP port numbers. You may override this Port value, if desired. If selected, the SLM requires user authentication before granting access to the port. Authenticate Value to use when creating a terminal window (by Java applet) to that port.
(which is 23); otherwise use the entered value. (SCS and SLP) 2. Click the Update button. When the update is complete, a confirmation message displays. Note: Port configuration fields differ depending on the parent device type. SLM User Guide...
1. On the Manage SLC Group Page, click the Port Access tab. The following page displays: Figure 9-54 Manage SLC Group Page - Port Access Page 2. Click the desired port on the specific SLC. The following page displays: Figure 9-55 Connection to Selected SLC Port SLM User Guide...
You can power on, power off, or cycle power on multiple ports on an SLP. To manage power on multiple ports of an SLP: 1. On the SLP's Device page, click the Ports tab. The following page opens: SLM User Guide...
To view logs: 1. On the Port page, click the Logs tab. The following page displays: Figure 9-58 Port Page - Logs Tab 2. To view a log, select the log from the appropriate drop-down list: SLM User Guide...
Select the log of this particular SLC or SLB device port. SLC/SLB Portlog SLC/SLB Port Active Select the log of a currently active SLM user session to the port. Select a session log of a saved SLM user session to the port.
Page 189
Searches Ethernet ports by port name and displays port information. show port all Syntax show port all show port Displays all Ethernet ports. show port index Note: Type show port all to display index. Syntax show port index <number> Description Displays Ethernet ports by index. SLM User Guide...
10: Managed Devices The SLM can treat any device connected to a port or connected to the local network as a managed device. Furthermore, multiple managed device objects in the system may be fused into a single managed device to streamline managed device operations and access.
View the following information about each managed device: Table 10-3 Managed Device Groups - Devices Tab Managed Device Description Setting Name of the managed device. Name Name of an SLC or SCS serial port that is connected to this managed device. Serial Port SLM User Guide...
Figure 10-4 Managed Device Groups Page - List Tab To view a list of devices belonging to a Managed Device Group: 1. On the menu tree, click the name of the device group. The following page opens: SLM User Guide...
Updating or Deleting a Managed Device Group The administrator can update or delete a Managed Device Group. To update or delete a Managed Device Group: 1. On the menu, click the Managed Device Group and then the Configure tab. The following page opens: SLM User Guide...
Configuring Polling Settings The system administrator or permitted user can specify polling settings for the Managed Device Group. The SLM polls the Managed Device Group's connections according to these settings. To configure polling settings: 1. On the menu, click Managed Devices, and then click the Polling tab. The following page...
(if interval a on which the SLM should poll the connections. Default is Sunday. multiple of 7) Enter the time of day at which the SLM should poll the connections. Default is Poll Hour 11:00p. 3. To save the settings, click the Update button.
Figure 10-10 Managed Device Page -- Connect Tab An icon bar contains a series of icons representing the types of connections the SLM can make to managed devices. Buttons above or below the icons enable you to connect directly to the managed device.
Power connection: Enables the SLM to control power on the managed device through an SLP port. Two power connections are available. If the SLM detects that the power is on, then only the Power Off Note: and Cycle Power buttons display. If the SLM detects that the power is off, only the Power On button displays.
10: Managed Devices From a Port You can create a managed device from a port on a Lantronix device server such as an SLC, SLK, SLP, SCS05/20, or SCSxx00. The managed device represents the physical device connected to the port.
You can create one or more managed devices from an Ethernet device's ports list. In this example, we show ports on an SLC. To create one or more managed devices on the Ports page: 1. On the Device page, click the Ports tab. The following page opens: SLM User Guide...
6. Ine response to the confirmation request, click OK. The menu tree displays the new managed device(s) in the assigned Managed Device Group. 7. If desired, repeat through above to create managed devices and assign them to step 2 step 6 other Managed Device Groups. SLM User Guide...
5. To view the Connect tab for the managed device, click the name of the managed device on the menu. Above the network icon are buttons for connecting to the device through the network. Note: For more information about connection methods, see Connecting to Ethernet and Managed Devices (on page 224). SLM User Guide...
10: Managed Devices Fusing Managed Devices While the SLM can communicate with a device connected to a port of a Lantronix device server (e.g., an SLC, SLK, or SCS05/2) individually, it is often more convenient to communicate from a single web page to a virtual managed device composed of more than one connection to the device.
Fusing an Ethernet Device with an Existing Managed Device The physical device to which a Lantronix device server or a modem is connected may be fused with an existing managed device. To fuse a device with an existing managed device: 1.
This page that opens displays a table listing all the managed devices within the group. Figure 10-21 Managed Device Group - List Tab 2. Select the check box for each managed device you want to fuse. 3. Click the Fuse button. SLM User Guide...
You can change the name of the virtual managed device, identify the device type if a local device is a component of the virtual device, and change the Managed Device Group to which the virtual managed device belongs. SLM User Guide...
Configuring a Modem Connection to a Managed Device It is useful to enable the SLM to connect over the telephone should a network connection fail. This is possible if, for example, the SLM has an internal or a physically connected modem, and a managed device such as a UNIX server on the network is connected to a modem .You can...
SLK or Spider. Indicates whether the managed device is connected to a power port on an SLP or Power Point 1 and 2 SLB. 4. To save any changes, click the Update button. SLM User Guide...
<ethernetDevice|IP> [port <portName|portNumber>] Description Create a new managed device from the specified Ethernet device or port. set manageddevice assign Syntax set manageddevice assign <managedDeviceName> group <managedDeviceGroup> [write|remove] Description Assigns or removes permissions for a managed device. SLM User Guide...
Page 209
Defuses an Ethernet device or port from an existing managed device. set manageddevice fuse Syntax set manageddevice fuse <managedDeviceName> ethernetdevice <ethernetDevice|IP> [port <portName|portNumber>] Description Fuses an Ethernet device or port to an existing managed device. set manageddevice index Note: Type show manageddevice all to display index. SLM User Guide...
Page 210
Description Defuses an Ethernet device or port from an existing managed device. set mgroup add <newManagedGroupName> Syntax set mgroup add <newManagedGroupName> Description Creates a new managed device group. set mgroup delete <existingManagedGroupName> Syntax set mgroup delete <existingManagedGroupName> SLM User Guide...
Page 211
Entries are not case sensitive. Description Searches for and displays Ethernet or managed devices by device name. For example, if you specify name slc, the SLM searches for all Ethernet and managed devices whose name starts with slc. show device all...
Powers managed device on or off. Examples set ma config port-1 name waimea-port-1 Specifies a managed device name (port-1) and renames it to waimea-port-1. set ma config slp-sunset-port1 state off Specifies a managed device name (slp-sunset-port1) and turns the power off. SLM User Guide...
Page 213
<number> disconnect modem Note: Type show manageddevice all to display index. Syntax set manageddevice index <number> disconnect modem Example set ma index 2 disconnect modem Description Finds a managed device by index number and disconnects modem. SLM User Guide...
Depending on permissions, the typical user employs SLM to: Search for SLCs and other Ethernet devices, ports, and managed devices. Connect by browser, SSH, or secure channel to Secure Lantronix Management devices and to the managed devices connected to their ports.
Thus, Irv returns all devices with locations starting with Irv, for example, Irvine. Case insensitive. Model: Model name of the device(s) (e.g., SLC16, SLM 2.0). Firmware: Version of the device's firmware (e.g., 4.0).
The Channel Key does not indicate whether or not there is an active secure channel communication session, but instead indicates whether or not a secure channel was established to the device in the past, enabling the SLM to connect to the device without using a password.
Number: Number of the port for which you are searching. 3. Click the Search button. The Search Results - Ports page opens, listing all ports that meet the search criteria that you have permission to see. SLM User Guide...
For SLC v4.0 and later: The maximum time frame in seconds before the SLC sends data to the SLM. The default setting is 30 seconds. Maximum size of each log file in kilobytes. Once it is reached, a new log file is Max Log Size (KB) created.
Available access to this persistent connection. Indicates whether the SLM is enabled to log the persistent connection. Logging Enabled Indicates whether the connection has been enabled and ready to activate.
Search for Users To search for users, administrators with account rights can search using two criteria. To search for users on the network: 1. From the Table drop-down list at the top of any page, select User. SLM User Guide...
The following information (if available) displays for each user retrieved by the search. Table 11-14 Search Results - Users User Setting Description The user name for logging in to the SLM. Name User's email address; may be used for event notification. Email Address...
SLM will update that new password on all SLMs, SLCs, SCSxx05/20s, and SLPs. Date and time the user last logged into the SLM, or the date and time of account Last Access creation if the user has never logged in.
Page 223
4 Description Displays all devices that match the criteria entered. For example, if you specify name slc, the SLM searches for all devices whose name starts with slc. show ethernetdevice search port Syntax show ethernetdevice search port <one or more parameters>...
Connecting to Ethernet and Managed Devices Connections Overview From the SLM, you can connect to Secure Lantronix Management and other Ethernet devices just as you would if you logged into the device directly. You can also connect to Managed Devices.
If the Login and Password fields in the device record have been completed, the SLM uses them for an automatic login when you browse to secure devices. However, if you use Microsoft Internet Explorer on the client machine, you must change the registry to use this feature.
SLM or an SLC and its ports and managed devices. Secure channel is actually a special form of SSH connection. If you use the secure channel, you need only supply the password when logging into the SLM. If you use SSH, you have to supply the password every time.
Making an SSH Connection to an Ethernet or Managed Device Users can use SSH from the web page of a Java-enabled web browser to connect to the command line interface of any Secure Lantronix Management or other discovered Ethernet device.
The web channel feature uses the existing secure channel key to the SLC to authenticate through the web interface. This enables an SLM user to connect to the web interface on an SLC without having to enter a username and password. The web connection to the SLC filters through the SLM.
1. Click the Telnet button. A Java applet runs, and then the Telnet command line interface displays. Figure 11-22 Telnet Connection 2. Configure or manage the device as directed by the device's User Guide or online Help. SLM User Guide...
SLC48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the SLM dials out to the managed device in PPP, and then connects it via SSH. With modemtelnet option, the SLM dials out to the managed device in PPP, and then connects it via Telnet.
<Device Name> [<secure|ssh|telnet|serial|modem|modemssh|modemtelnet| modemcallback>][port <port>] Specify secure to connect through a secure channel. Secure channel is the default method of connection for SLC/SLB, SLC ports, and SLM, and SSH is the default for other devices. SLM User Guide...
SLC48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the SLM dials out to the managed device in PPP, and then connects it via SSH. With modemtelnet option, the SLM dials out to the managed device in PPP, and then connects it via Telnet.
Enable SSH Logins Enabled by default. If selected, enables the SLM to allow users to access the CLI using SSH version Enable SSH v1 Logins Allows you to change the SSH TCP port to a value in the range of 1 - 65535. The SSH Port default is 22.
1. On the Services page, click the Banners tab. The following page displays: Figure 11-25 Services Page - Banners Tab 2. Enter the following information: Table 11-26 SLM Services - Banners SLM Service Setting Description Enter the text to display at CLI connection.
11: Operation and Maintenance The SLM has a default Secure Socket Layer (SSL) certificate. The SSL tab enables administrators to view and update SSL certificate information. The SSL certificate, consisting of a public/private key pair used to encrypt HTTP data, is associated with the web server. You can import a site- specific SSL certificate, if desired.
Password & Retype Password 3. Click the Submit button. Note: You must reboot the SLM for the update to take effect. Status Administrators can view the system status on the Status tab, and if they desire, email it to another person.
2. To email the status, enter the recipient's email address and click the Send Report button. Services Commands set service auditlog Syntax set service auditlog <enable|disable> Description Enables or disables audit logging. set service telnet Syntax set service telnet <enable|disable> SLM User Guide...
Save a snapshot of all database settings (configuration, configured users, and discovered devices) on the SLM or the user's client machine. Restore the configuration, either to a previously saved configuration or to the factory defaults. Update user passwords on selected SLMs/SLCs/SLBs/SLPs and SCS05/20s (password ...
Description Setting Select this option to terminate all connections and reboot the SLM immediately. Reboot Select this option to terminate all connections, shut down the SLM immediately, and Shutdown turn off the power. Note: It is recommended that virtual SLMs be shutdown or restarted using the vSLM reboot and shutdown commands available via the web or CLI, rather than using the virtualization manager to shutdown or restart the vSLM.
Returns the SLM settings to a previously saved configuration. If you select this Restore option, the SLM reboots after you apply the update. If you select this option, the Configuration from Browse button becomes available. Browse to the saved configuration.
SLM. to Client The SLM sends the file containing the state of the system to the client machine for storage. The default file name is configsave.slm, but you may save it using any name. This is the file uploaded to the SLM upon system restore.
Page 244
11: Operation and Maintenance admin locallog clear traplog group <group name> group name: SLM, SLC, SLK, SLP, SCS, SCSx, SLB, SPDR, WiBox, UDS, EDS, EDSMD, Xport, PWave, LTRX, or other Description Clears all of the entries in the auditlog, syslog, or traplog.
Displays general system information. Date and Time You can specify the current date, time, and time zone at the SLM's location, or the SLM can use NTP to synchronize with an NTP server on your network. To set the local date, time, and time zone: 1.
Broadcast from NTP Server: Enables the SLM to accept time information periodically transmitted by the NTP server. This is the default if you enable NTP. Poll NTP Server: Enables the SLM to query the NTP Server for the correct time. If you select this option, complete one of the following: Public: Select this option if you want to use a public NTP server, and select the ...
1. On the menu, click Configuration > Services > SNMP & Syslog. The following page opens: Figure 11-38 SNMP & Syslog Page 2. Enter the following information: Table 11-39 SNMP & Syslog - Configure Setting Description Enables read-only access into the SLM. Disabled by default. SNMP Agent SLM User Guide...
Page 248
IP address of your network's Simple Mail Transfer Protocol (SMTP) relay server. SMTP Server Remote Syslog Server Select to indicate that the SLM will act as a remote syslog server to receive syslogs from other Ethernet devices (devices that have the SLM's IP Address specified as that device's syslog server).
FTP, SFTP, and Local File. FTP is the default. Note: The Local File option is active only when at least one file exists in the SLM FW Upgrade Files directory. The name of the firmware update file downloaded from the Lantronix web site.
Enter or browse to the file where the update is stored. Client File If you have an active Lantronix service plan for your SLM, you can download Check Lantronix update files directly from the Lantronix server onto your SLM. If you select this...
SLC/SLB to download the SLC/SLB firmware file directly from a server to the SLC/SLB. FTP on SLM and SFTP on SLM: The SLM first checks to see whether the SLM firmware file already exists on the SLM local hard disk. If not, the SLM downloads it using FTP or SFTP.
If the user selects the firmware file from the SLC/SLB FW Upgrade Files directory, no entry is required. Otherwise, enter a key for validating the firmware file. Lantronix provides the key with the firmware file (32 hex characters). From the drop-down list, select the firmware update (from the Files > SLC/SLB FW Local File Upgrade Files directory.)
SLP directly from a server. Select FTP on SLM or SFTP on SLM for the SLM to first check to see whether the SLP firmware file already exists on the SLM local hard disk. If not, the SLM downloads it using FTP or SFTP.
Description If the user selects the firmware file from the SLP FW Upgrade Files directory, no entry is required. Otherwise, enter a key for validating the firmware file. Lantronix provides the key with the firmware file (32 hex characters). From the drop-down list, select the firmware update (from the Files > SLP Upgrade Local File Files directory.)
Enter or browse to the file where the update is stored. Client File 3. In the Spider Devices to Update area, select one or more of the Spiders the SLM is managing. (Use Ctrl+click for multiple selections.) 4. To update the Spiders, click the Update button. When the update is complete, a confirmation message displays.
Not all WiBox units share the same code. See the User Guide for your WiBox to find the correct code. 3. In the WiBox Devices to Update area, select one or more of the WiBoxes the SLM is managing. (Use Ctrl+click for multiple selections.) 4.
Not all UDS/SDS units share the same code. See the User Guide for your UDS/SDS to find the correct code. 3. In the UDS/SDS Devices to Update area, select one or more of the UDS/SDS units the SLM is managing. (Use Ctrl+click for multiple selections.) 4.
11: Operation and Maintenance Managing Alternate SLMs When Auto save configuration to other SLMs is enabled, the SLM immediately saves its own configuration to up to eight remote SLMs. After that, every time the SLM configuration has changed, it waits 60 minutes to make sure there are no more changes before saving another configuration to the remote SLMs.
3. To perform an action on all of the listed SLCs, select the check box in the column header, To perform an action on multiple SLCs, select the check box for each desired SLC. Before performing an action on another group of devices, access the SLM auditlog or SLM syslog file.
Getting a Log File Use the Actions tab to get a syslog or audit log file from one or more SLCs. Notes: The SLM stores files in the Files directories. You can display a file from the appropriate Files directory.
SLM or another PC), this SLC allows that particular user to access the SLC from that particular host. When you enable Get SSH keys from an SLC, the SLM retrieves all the imported public keys from that particular SLC and stores them in the SLM database. Then you can push those public keys retrieved from one SLC to other SLCs, allowing those particular users to access other SLCs from those particular hosts.
To send an applet file to one or more UDS devices: 1. Select the applet file from the drop down list. This file is found in the SLM folder "UDS Applet Files" under Configuration in the Files area. This applet file must be previously placed in this folder.
The following commands will not work because the SLC CLI does not send status "settings successfully updated", which lets the SLM know that the command was successful: show [anything] Examples of commands that do work are:...
Name of the task. Name Informational text. Status Percentage of the task that is complete. Progress 3. To view details of the last device action status of the SLMs/SLCs/SLPs/SCS, click the Dev. Status tab. The following page opens: SLM User Guide...
SNMP trap, a system event like network failure, or a text string match in a certain log. There are several types of logs in the SLM system: data logs (device port buffering), syslogs, event logs, access logs (user access), and audit logs. The alarm could send an email to a user, send an SNMP trap, or write to a log file (local syslog or remote syslog).
SNMP community name should be the SNMP community of the device 172.19.100.123. Otherwise the device will not receive the trap. 3. Click the Define Alarm button. The alarm displays in the Alarm list on the right. 4. Enter the following information: SLM User Guide...
If you specify the device's IP Address with this trigger type, the SLM sets the trigger should polling fail on this device. If you do not specify the device's IP Address, the SLM sets the trigger on all the devices on which polling failed.
Page 268
Ethernet port that is down (for example, 2). %: Defined percentage of the SLC port log file's capacity. For detailed instructions on completing the OID for a trap, see the Lantronix web site www.lantronix.com/support). 5. In the Alarms list to the right, select the alarm(s) to be associated with the selected trigger.
1. Select the alarm from the Current Alarms list and click the Remove Alarm button. A confirmation message displays. 2. Click OK. The alarm is no longer in the Alarms list or in any events that use that alarm. SLM User Guide...
To retrieve files from the SLC, use the Manage SLC Group Actions tab. File Types You can view and store the following files in the SLM database. You can also import or export them by means of an NFS or CICS mount.
Page 272
Lantronix web site (www.lantronix.com) or by using anonymous FTP (ftp.lantronix.com). Configuration Files SLM Configuration Files: Contain all of the SLM's settings that have been saved to file. They can be backed up to a location that is not on the SLM.
For edge device based logging, the filename is made up of only three of these fields: <hostname>_<host_mac_address>-<device_port_number>.log Viewing, Deleting, and Renaming Files In this section, we show how to view, delete, and rename files. In our example, we use an SLM syslog file. To view a file: 1.
11: Operation and Maintenance Figure 11-69 SLM Syslog Files Page - Files Tab The available files (of the selected type) display in the list box. 2. Select View and then the file you want to view. 3. Click the Submit button. The Display tab opens and shows the contents of the selected file.
4. Click the Submit button. A confirmation message displays. Exporting, Uploading, and Downloading Files Administrators can export (copy), upload, and download files. To open the Files page: On the menu, click Files and then the file type you want to export. The following page opens: SLM User Guide...
3. Click the Browse button and locate the file on your client machine to upload. 4. If this is an SLM FW Upgrade or SLC FW Upgrade (which also handles SLB), enter the md5sum value for this file in the Key field.
Table 11-73 File Management - Copy Tab Setting Description From the drop-down list, select the type file to copy. The default setting is SLM FW File type to copy Upgrade. Select the type of server from which to copy. The default setting is SFTP.
2. Enter the following information for importing a file: Note: The first three lines are for mounting remote NFS directories (the SLM functions as an NFS client). Once the directory is mounted, the SLM can import files from that share point. SLM User Guide...
The local directory on the SLM on which to mount the remote directory. The SLM Local directory creates the local directory automatically. Select the check box to enable the SLM to import the file by means of the NFS Mount server. Disabled by default.
Password required to authenticate the user on the remote CIFS server. Password and Retype Select the check box to enable the SLM to import the file from the CIFS server. Mount Disabled by default. If enabled, indicates that the user can read and write to the imported directory.
Setting up Log Properties The administrator specifies the properties of log files. To set up log properties: 1. On the menu, click Files and then the Logging tab. The following page opens. Figure 11-81 File Management Page -- Logging Tab SLM User Guide...
2. Enter the following: Table 11-82 File Management - Logging Tab - Port Logs Setting Description Maximum space used for all session log files in gigabytes. It is 30 GB for SLM-01 Maximum log space and 60 GB for SLM-02. (30 GB available)
<Device Name or IP Address> admin locallog clear traplog group <group name> group name: SLM, SLC, SLK, SLP, SCS, SLB, SPDR, WiBox, LTRX, or other Description Clears all of the entries in the auditlog, syslog, or traplog.
Page 284
Displays part of portlog by index from the top. Index is the number specified by lastminutes and date. show portlog index <number> <parameters> Parameters [top <number of lines>] Displays the part of portlog by index from the top. [tail <number of lines>] SLM User Guide...
Page 285
Displays the contents of the portlog file by index. Note: Index is the number specified by parameters lastminutes and date. If you specify 0 as number of lines, all lines display. If you specify both date and time, the SLM ignores the date option. Examples show portlog index 3 Displays the specified portlog from top.
Page 286
To get this index, type show sessionlog type slcportsaved date 0205. show sessionlog type device index 3 date 0205-0209 Displays device session log by the index '3'. To get this index, type show sessionlog type device date 0205-0209. SLM User Guide...
Page 287
Type show traplog to display the index. Syntax show traplog group <Device Group Name> [index <number>] Group name: SLM, SLC, SLK, SLP, SCS, LTRX, or other Description Displays the current trap log information for an Ethernet device group by index number.
Your phone's web browser must be XHTML Mobile 1.0-compliant, which most mobile browsers are. If you want to access the SLM WAP site via SSL (https), your phone browser must support SSL. An example of such a browser is Opera Mini.
12: Using SLM on a Mobile Browser The SLM main menu (Home page) displays a list of options: Using Links to Select Options To select an option: 1. Click the link (blue). For example, click Log on the Home page to display a menu of logs.
12: Using SLM on a Mobile Browser For example, towards the bottom of the Portlog Details page, the + symbol displays. If you select the +, further details display. If you select the -, the previous page of details displays.
12: Using SLM on a Mobile Browser Select on the browser page Tap on the keypad Back (bottom of page) Back or its equivalent on your Return to the previous page phone Name of menu (if at bottom of Return to a menu...
12: Using SLM on a Mobile Browser Status Menu The SLM Status menu has three options: System Information, Connections, and Routes. System Information To view the status of the system: 1. On the Status Menu, select System Information or tap the 1 key. The system configuration displays.
12: Using SLM on a Mobile Browser Connections To view information about the SLM's connections: 1. On the Status Menu, select Connections or tap the 2 key. The Connections menu displays. 2. To view individual connections, click the blue link on the Connections menu or tap the key number displayed to the left of the option.
Device Menu The Device Menu provides access to Ethernet devices, unreachable Ethernet devices, and Managed Devices. To view information about the devices the SLM is managing: 1. On the Main menu, select Devices. The Devices menu displays. SLM User Guide...
12: Using SLM on a Mobile Browser Ethernet Devices To view information about an Ethernet device: 1. From the Devices menu, select Ethernet Devices. The green icon to the right of a device indicates that the device is reachable; the red indicates that the device is unreachable.
12: Using SLM on a Mobile Browser Ethernet Unreachable Devices To view Ethernet devices to which the SLM has not been able to connect: 1. On the Devices menu, select Ethernet Unreachable Devices. The Ethernet Unreachable Devices page displays a list of unreachable devices.
12: Using SLM on a Mobile Browser Managed Devices To obtain information about managed devices: 1. Select Managed Devices on the Devices menu. The Managed Devices page displays a list of managed devices. 2. Select a managed device to view its details.
12: Using SLM on a Mobile Browser Log Menu Filtering Logs The Log filter page enables you to view logs matching specified criteria (number of lines and date/ time). The settings are for the current session only. Once you save the filter, it applies for all log commands and is available as long as you are on the system (until logout or timeout).
To view audit, trap, system, or port logs: 1. Select Log on the Main menu. The SLM Log menu displays. 2. Select the type of log you want to see (e.g., tap 2 to see the SLM's audit logs). SLM User Guide...
Page 300
12: Using SLM on a Mobile Browser 3. Select the log to view details. 4. Select the + button to see more details. 5. Select the + to scroll to see more lines of details. Note: You can set the number of lines you see at a time on the Log filter page.
After an introduction to using commands, this chapter lists and describes all of the commands available on the SLM command line interface accessed through SSH, secure channel (SLC only), Telnet, or a serial connection. The commands are in alphabetical order by category.
20), the "--Type 'm'(more) to see the next page-" message displays. To display the next page, type more and press Enter. You can override the number of lines (or disable the feature altogether) with the set cli command. To clear an IP address, type 0.0.0.0. SLM User Guide...
<Bind Password> adsupport <enable|disable> encrypt <enable|disable> Description Configures the SLM to use LDAP to authenticate users who log in to the SLM via SSH, Telnet, the web, or the console port. set nis Syntax set nis <one or more parameters>...
Page 304
<IP Address or Name> slave4 <IP Address or Name> slave5 <IP Address or Name> Description Configures the SLM to use NIS to authenticate users who log in to the SLM via SSH, Telnet, the web, or the console port. set radius Syntax set radius <one or more parameters>...
Page 305
Description Displays all RADIUS information. show sshkey import Syntax show sshkey import <one or more parameters> Parameters [keyuser <SSH Key User>] [keyhost <SSH Key IP Address or Name>] [viewkey <enable|disable>] Description Displays imported SSH keys. show sysinfo SLM User Guide...
Display health status of HP iLO remote device. Account Commands Use the following commands to configure local accounts (including sysadmin) to authenticate users who login to the SLM by means of SSH, Telnet, the web, or the console port. set account add Syntax set account add <User Name>...
Page 307
Note: Administrators with permission to change passwords must enter the username. Other users may not enter a username (they are changing their own password). Description Configures a user account's password for the SLM. show account Syntax show account <User Name>...
[menu <Menu Name|CLEAR>] Description Modifies an account group. Group type is Administrators, Ethernet User, Managed User, or Menu User. CLEAR removes the current menu assignment. show accountgroup Syntax show accountgroup <Group Name> show accountgroup name <Group Name> SLM User Guide...
Deletes one of the current auto-detect search filters. The command displays an index of current filters. Type the index number of the filter you want to delete and press Enter. admin autodetect filter ltrx <IP subnet> Sets Lantronix discovery protocol search filters. admin autodetect filter scs <IP range> [timeout <number of milliseconds>] Sets SCS discovery protocol search filters.
Page 310
Displays the banner configuration. admin copybank Syntax admin copybank Description Copies the SLM firmware running in the current bank to the other bank. admin config Syntax admin config factorydefaults Description Restores the SLM configuration and device database settings to factory defaults.
Page 311
Appendix A: Command Reference Syntax admin config rebuilddatabase Description Removes and rebuilds the SLM configuration and database from scratch, in case of database corruption that cannot be fixed by the factory default. admin locallog Syntax admin locallog clear auditlog admin locallog clear syslog admin locallog clear traplog device <Device Name or IP Address>...
Page 312
Description Display license options. admin shutdown Syntax admin shutdown Description Terminates all connections, shuts down the SLM, and turns off the power. admin switch bank Syntax admin swithchbank bank [1|2] Description Switches the SLM to the next boot bank. admin signature restore...
<device name> Description Searches for and displays Ethernet or managed devices by device name. For example, if you specify name slc, the SLM searches for all Ethernet and managed devices whose name starts with slc. show device all...
IP range: 192.168.0.1-192.168.0.155 timeout 1500 timeout: default is 1000 ms; range is 1000-60000 ms Description Sets Lantronix discovery protocol search filters. The ending IP address is optional. admin autodetect filter scs Syntax admin autodetect filter scs <IP range> [timeout <number of milliseconds>]...
Page 315
Attempts secure channel using password mypass. Detects only Lantronix devices and removes existing non-Lantronix devices. Description Starts the SLM auto-detect device process, using the protocol and filters configured. show progress Syntax show progress Description Shows the progress of background tasks.
Specify secure to connect through a secure channel. Secure channel is the default method of connection for SLC/SLB, SLC ports, and SLM, and SSH is the default for other devices. Port is the number of a physical port on the SLC.
Page 317
SLC48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the SLM dials out to the managed device in PPP, and then connects it via SSH. With modemtelnet option, the SLM dials out to the managed device in PPP, and then connects it via Telnet.
SLC48 has ports 1 to 48. Modem connection is available for managed devices only. With the modemssh option, the SLM dials out to the managed device in PPP, and then connects it via SSH. With modemtelnet option, the SLM dials out to the managed device in PPP, and then connects it via Telnet.
Page 319
SLM database. connect wakeonlan Syntax connect wakeonlan Parameters Device <Device Name or IP Address> [password <Password>] Description Send a Wake On LAN packet to an Ethernet device. The specified device must exist in the SLM database. SLM User Guide...
Displays output IP routing table, and optionally, network connections and statistics. diag nettrace Syntax diag nettrace <one or more parameters> Parameters [ethport <1|2>] [protocol <tcp|udp|icmp>] [host <IP Address or Name>] [numpackets <number of packets>] [snaplen <capture bytes>] [verbose <0|1|2|3>] SLM User Guide...
Page 321
<Number of Times to Ping> Default is 5. packetsize <Size in Bytes> Default is 64. Description Verifies that the SLM can reach a host over the network. diag ping6 Syntax diag ping6 <IP Address or Name> <one or more parameters> Parameters interface <interface name>...
Appendix A: Command Reference Description Displays information on the internal memory, storage and processes of the SLM. Dial Account Commands set dialaccount add Syntax set dialaccount add <Dial Account Name> <parameters> Parameters modemmode <text|ppp> Note: If you select text, all other parameters except timeout are ignored.
Page 323
Syntax set modem edit <Modem Name> dialin <Dial Account Name|CLEAR|disable|enable> Description Modifies a dial-in account name. show dialaccount Note: Type show dialaccount to display index. Syntax show dialaccount <parameters> Parameters [name <Dial Account Name>] [index <number>] SLM User Guide...
[login <Loginname>] [model <Model>] [readinfo] [sshport <TCP Port for SSH>] [tnport < TCP Port for Telnet> [tn3270lu <Logical Unit> [version <Version>] Description Finds Ethernet devices by device name or IP address and modifies device parameters. set ethernetdevice delete SLM User Guide...
Page 325
Finds a port by device name or IP address with the port number and modifies port parameters. set ethernetdevice sync Syntax set ethernetdevice sync <Device Name or IP Address> action <read|write> Description Finds an Ethernet device-by-device name or IP address and synchronizes device information. show device Note: Entries are not case sensitive. SLM User Guide...
Page 326
<Device Name or IP Address> Description Finds an Ethernet device-by-device name or IP address and displays device information. show ethernetdevice firmware Syntax show ethernetdevice firmware Description Displays firmware versions of all Ethernet devices managed by the SLM. show ethernetdevice group SLM User Guide...
Page 327
Appendix A: Command Reference Syntax show ethernetdevice group <Group Name> [firmware] group name: SLM, SLC, SLK, SLP, SCS, SLB, SPDR, WiBox, UDS, EDS, EDSMD, XPORT, PWAVE, LTRX, or other Note: Ethernet device group names are not case sensitive. Description Displays Ethernet devices by device group.
Appendix A: Command Reference Description Displays all devices that match the criteria entered. For example, if you specify name slc, the SLM searches for all devices whose name starts with slc. show ethernetdevice unreachablelist Syntax show ethernetdevice unreachablelist Description Displays unreachable Ethernet devices in short form.
Page 329
Type show ipfilter to display index. Syntax show ipfilter <parameters> Parameters [name <Filter Name>] [index <number>] Examples show ipfilter show ipfilter name MyFilter show ipfilter index 2 Description Displays IPv4 filter information. show iptables Syntax show iptables SLM User Guide...
<Device Name or IP Address> admin locallog clear traplog group <group name> group name: SLM, SLC, SLK, SLP, SCS, LTRX, SLB, SPDR, WiBox, or other Description Clears all of the entries in the auditlog, syslog, or traplog.
Page 331
[lastminutes <minutes>] [date <MMDD>] [date <MMDD-MMDD>] [loglastminutes <minutes>] [logdate <MMDD>] [logdate <MMDD-MMDD>] If you specify both the date and time, the SLM ignores the date. Description Displays the specified part of the auditlog by index. Examples show auditlog Lists auditlog files.
Lists portlog files modified in last 5 minutes. show portlog date 0205 Lists portlog files last modified on 0205. show portlog date 0205-0209 Lists portlog files last modified between 0205 and 0209. show portlog file Note: Type show portlog to display index. SLM User Guide...
Page 333
Displays the contents of the portlog file by index. Note: Index is the number specified by parameters lastminutes and date. If you specify 0 as number of lines, all lines display. If you specify both date and time, the SLM ignores the date option. Examples show portlog index 3 Displays the specified portlog from top.
Syntax show sessionlog type <sessiontype> <parameters> sessiontype: <slcportactive|slcportsaved|scsport|device> Parameters [lastminutes <minutes>] [date <MMDD>] [date <MMDD-MMDD>] Description Lists session log files. Note: edge device log files do not use the date as part of the filename makeup. SLM User Guide...
Displays the first 10 lines of device session log by the index '3'. To get this index, type show sessionlog type device lastminutes 5. System Log show syslog Syntax show syslog <parameters> Parameters [tail] (default) [top] [lastminutes <minutes>] [date <MMDD>] [date <MMDD-MMDD>] SLM User Guide...
Page 336
[lastminutes <minutes>] [date <MMDD>] [date <MMDD-MMDD>] [loglastminutes <minutes>] [logdate <MMDD>] [logdate <MMDD-MMDD>] If you specify both the date and time, the SLM ignores the date. Description Displays the specified part of the syslog by index. Examples show syslog Lists syslog files.
Displays the part of syslog in index 3 time stamped, on 0205. Trap Log show traplog Syntax show traplog <parameters> Parameters [tail] (default) [top] [lastminutes <minutes>] [date <MMDD>] [date <MMDD-MMDD>] Description Lists traplog files. show traplog group Note: Type show traplog group to display the index. SLM User Guide...
Page 338
Appendix A: Command Reference Syntax show traplog group <Device Group Name> [index <number>] Group name: SLM, SLC, SLK, SLP, SCS, SLB, SPDR, WiBox, LTRX, or other Description Displays the current trap log information for an Ethernet device group by index number.
Restores the SLM configuration and device database settings to factory defaults. admin config rebuilddatabase Syntax admin config rebuilddatabase Description Removes and rebuilds the SLM configuration and database from scratch, in case of database corruption that cannot be fixed by the factory default option. admin config showfiles Syntax admin config showfiles...
Page 340
<Device Name or IP Address> admin locallog clear traplog group <group name> group name: SLM, SLC, SLK, SLP, SCS, LTRX, SLB, SPDR, WiBox, or other Description Clears all of the entries in the auditlog, syslog, or traplog.
Appendix A: Command Reference Description Terminates all connections, shuts down the SLM, and turns off the power. admin version Syntax admin version Description Displays current application version information. show progress Syntax show progress Description Shows the progress of background tasks.
Page 342
Fuses an Ethernet device or port to an existing managed device. set manageddevice index Note: Type show manageddevice all to display index. Syntax set manageddevice index <number> <one or more parameters> Parameters assign group <managedDeviceGroup> [write|remove] Assigns or removes permissions. SLM User Guide...
Page 343
Creates a new managed device group. set mgroup delete <existingManagedGroupName> Syntax set mgroup delete <existingManagedGroupName> Description Deletes an existing managed device group. The group must be empty. show device Syntax show device <device name> Note: Entries are not case sensitive. SLM User Guide...
Page 344
Appendix A: Command Reference Description Searches for and displays Ethernet or managed devices by device name. For example, if you specify name slc, the SLM searches for all Ethernet and managed devices whose name starts with slc. show device all...
Specifies a managed device name (slp-sunset-port1) and turns the power off. Description Finds a managed device-by-device name and modifies device parameters. set manageddevice index Note: Type show manageddevice all to display index. Syntax set manageddevice index <number> <one or more parameters> SLM User Guide...
Syntax set menu add <Menu Name> [command <command number>] Description Creates a new custom user menu or adds a command to an existing custom user menu. set menu delete SLM User Guide...
(3 minutes) before you use this command when: You dial out via PPP and encounter no dial tone. You dial out via PPP and encounter a busy signal. Syntax reset modem connection SLM User Guide...
Page 348
<Dial Account Name|CLEAR|disable|enable> CLEAR removes the dial account assignment. disable disables dial-in. enable enables dial-in ipfilter <IPv4 Filter Name|CLEAR> ipfilter CLEAR removes the ipfilter assignment. Description Configures a currently loaded modem. show modem Syntax show modem SLM User Guide...
Syntax admin quicksetup Description Displays the quick setup script on the CLI; only the sysadmin account can use this command. set network bonding Syntax set network bonding <disabled|active-backup|802.3ad-2|802.3ad- 34|adaptive-balancing> Description Configures Ethernet bonding. set network dns SLM User Guide...
Page 350
<1-250 seconds> failedpings <1-250> Description Sets the default gateway. set network host Syntax set network host <Hostname> Description Sets the SLM hostname. set network port Syntax set network port <1|2> <parameters> Parameters state <dhcp|bootp|static|disable> [ipaddr <IP Address> mask <Mask>] mode <auto|10mbit-half|100mbit-half|10mbit-full|100mbit-full>...
[active <enable|disable>] (default enable) [parentlogin <enable|disable>] (default disable) [login <loginAccount>] [password <loginPassword>] [prompt <promptString>] [application <applicationName>] [escapesequence <escapeString>] (default is '\x1BC') [reconnectdelay <1-999>] (default is 1) [eoltranslation <lf | cr>] Description Creates a new persistent connection set persistent edit SLM User Guide...
Page 352
The <devname> following device may be the name of an Ethernet device or the name of a managed device. Persistent connections automatically belong to managed devices that have an Ethernet device component that has persistent connections defined. SLM User Guide...
Finds a port by device name or IP address with the port number and modifies port parameters. show ethernetdevice port Syntax show ethernetdevice port <Device Name or IP Address> all show ethernetdevice port <Device Name or IP Address> portnumber <Port Number> SLM User Guide...
Page 354
Searches Ethernet ports by port name and displays port information. show port all Syntax show port all show port Displays all Ethernet ports. show port index Syntax show port index <number> Description Displays Ethernet ports by index. SLM User Guide...
4 Description Displays all devices that match the criteria entered. For example, if you specify name slc, the SLM searches for all devices whose name starts with slc. show ethernetdevice search port Syntax show ethernetdevice search port <one or more parameters>...
Services Commands set service auditlog Syntax set service auditlog <enable|disable> Description Enables or disables audit logging. set service https Syntax set service https <enable|disable> Description Enable or disables HTTPS. set service telnet Syntax set service telnet <enable|disable> SLM User Guide...
Appendix A: Command Reference Description Enables or disables Telnet logging to the SLM. set service sessionlog Syntax set service sessionlog <enable|disable> Description Enables or disables session logging. set service ssh Syntax set service ssh <enable|disable> version <1|2> Description Enables or disables SSH logging to the SLM.
Appendix A: Command Reference Description Terminates a user connection to the SLM session. Use show connection to view the current connections and IDs. show connection Syntax show connection Description Displays active user connections and connection IDs. SSH Key Commands set sshkey delete Syntax set sshkey delete keyuser <SSH Key User>...
Page 359
Description Shows the progress of background tasks. SLM User Guide...
CAT 5 wiring is to tapping. Factors Affecting Security External factors affect the security provided by the SLM, for example: A terminal to the SLM may be secure, but the path from the SLM to the end device may not be secure.
Appendix C: Safety Information Safety Precautions Please follow the safety precautions described below when installing and operating the SLM. Cover Do not remove the cover of the chassis. There are no user-serviceable parts inside. Opening or removing the cover may expose you to dangerous voltage that could cause fire or electric shock.
The ambient temperature inside the rack may be greater than the room ambient temperature. Make sure to install the SLM in an environment with an ambient temperature less than the maximum operating temperature of the SLM. (See Appendix D: Technical Specifications.)
Appendix D: Technical Specifications You can install the SLM either in an EIA-standard 19-inch rack (1U tall) or as desktop unit. Following are specifications for the SLM hardware, which applies to the SLM-01 and SLM-02. Table D-1 Technical Specifications SLM-01...
SLM-01 (according to ISO/IEC Guide 22 and EN 45014) Manufacturer's Name & Address: Lantronix Inc., 167 Technology Drive, Irvine, CA 92618 USA Declares that the following product: Product Name(s): Secure Lantronix Management Appliance (SLM-01) Conform to the following standards or other normative documents:...
SLM-02 (according to ISO/IEC Guide 22 and EN 45014) Manufacturer's Name & Address: Lantronix Inc., 167 Technology Drive, Irvine, CA 92618 USA Declares that the following product: Product Name(s): Secure Lantronix Management Appliance (SLM-02) Conform to the following standards or other normative documents:...
Page 367
This product carries the CE mark since it has been tested and found compliant with the following standards: Safety: EN 60950 Emissions: EN 55022 Class B Immunity: EN 55024 Manufacturer's Contact: Lantronix,Inc. 167 Technology Drive, Irvine, CA 92618 USA Tel: 949-453-3990 Fax: 949-450-7249 SLM User Guide...
An Internet standard that enables a LAN to use one set of IP addresses for internal traffic and a second set of addresses for external traffic. This enables a company to shield internal addresses from the public Internet. SLM User Guide...
Page 369
A company stores user profiles in a central database that all remote servers can share. Secure Channel The name that Lantronix gave to encrypted password-less connections on the SLM. These connections use public key encryption for authentication over SSH. SecurID SecurID is a two-factor authentication method based on the user's SecurID token and pin number.
Page 370
A method of authentication used in UNIX networks. It allows a remote access server to communicate with an authentication server to determine whether the user has access to the network. WAP (Wireless Application Protocol) WAP is a technical standard for accessing information over a mobile wireless network. SLM User Guide...
Need help?
Do you have a question about the SLM and is the answer not in the manual?
Questions and answers