This device is not approved for use as a life-support or medical system. Any changes or modifications made to this device without the explicit approval or consent of Sena Technologies will void Sena Technologies of any liability or responsibility of injury or loss caused by any malfunction.
Revision history Revision Date Name Description V1.0.2 2003-12-3 O.J. Jung Initial Release V1.1.0 2004-01-12 O.J. Jung Revision with release of version 1.1.0 V1.1.1 2004-01-30 O.J. Jung Typographical errors are fixed V1.2.0 2004-06-11 O.J. Jung Revision with release of version 1.2.0 V1.3.0 2004-10-11 O.J.
Page 5
4.1. Overview ..........................36 4.2. Individual Port Configuration ....................39 4.2.1. Port Enable/Disable ......................40 4.2.2. Port Title ......................... 40 4.2.3. Apply All Port Settings..................... 40 4.2.4. Host Mode Configuration ....................41 4.2.5. Remote host configuration ....................49 4.2.6. Port IP filtering configuration ................... 50 4.2.7.
Page 6
A 5.5. Firmware upgrade menu ....................114 Appendix 6. Using STS Series with Serial/IP A 6.1. STS Series vs. Serial/IP options..................116 A 6.2. Connection example - Telnet and SSLv3 encryption ............117 Appendix 7. How to make a certificate for SSL encryption A 7.1.
1. Introduction 1.1. Overview The STS Series is a secure terminal server (or device server) that makes your legacy serial devices manageable by industry-standard Ethernet network. Based on open network protocols such as TCP/IP and UDP, it gives you ultimate flexibility to your serial devices. With PPPoE (PPP-over-Ethernet) connection feature of the STS Series, the RS232 serial devices could be managed over DSL-based broadband network.
1.2. Package Check List - STS Series external box - External 110V or 230V power supply or power cord - CAT5 cable - Console cable kit - Quick Start Guide - CD-ROM, including the Serial/IP Com Port Redirector, HelloDevice-IDE, HelloDevice Manager...
It is a unique 12-digit hardware number, which is composed of 6-digit OUI (Organization Unique Identifier) number and 6-digit hardware identifier number. The STS Series has the following MAC address template: 00-01-95-xx-xx-xx. The MAC address can be found on the bottom of the original package.
Page 11
Table 1-1 Acronym Table Internet Service Provider Personal Computer Network Interface Card Media Access Control Local Area Network Unshielded Twisted Pair ADSL Asymmetric Digital Subscriber Line Address Resolution Protocol Internet Protocol ICMP Internet Control Message Protocol User Datagram Protocol Transmission Control Protocol DHCP Dynamic Host Configuration Protocol SMTP...
2. Getting Started This chapter describes how to set up and configure the STS Series. - 2.1 Panel Layout explains the layout of the panel and LED indicators. - 2.2 Connecting the Hardware describes how to connect the power, the network, and the equipment to the STS Series.
- Connect the STS Series to an Ethernet hub or switch - Connect the device 2.2.1. Connecting the power Connect the power cable to the STS Series. If the power is properly supplied, the [Power] lamp will light up green.
2.2.2. Connecting to the network Plug one end of the Ethernet cable to the STS Series Ethernet port. The other end of the Ethernet cable should be connected to a network port. If the cable is properly connected, the STS Series will have a valid connection to the Ethernet network.
2.2.3. Connecting to the device Connect the console cable to the STS Series serial port. To connect to the console port of the device, the user needs to consider the type of console port provided by the device itself. In the STS Series cable kit package, plug-in adapters are provided for the easier connectivity to the user’s devices.
STS Series using terminal emulator. Web: Remote users who want to use a web browser to configure the STS Series can connect to the STS Series using conventional web browsers, such as Internet Explorer or Netscape Navigator. The above methods require the user authentication by the STS Series system.
All the parameters are stored into the non-volatile memory space of the STS Series, and it will not be stored until users select menu ”5.Save changes”. All the configuration change will be effective after selecting the menu “7. Exit and apply changes”...
Figure 2-9 Telnet program set up example (TeraTerm Pro) The user must log into the STS Series. Type the user name and password. A factory default setting of the user name and password are both root for the system root and admin for the system administrator.
Page 19
This will direct the user to the STS Series login screen. The user must authenticate themselves by logging into they system with a correct user name and password. The factory default settings are: Login: root Password: root Login: admin...
Page 20
Figure 2-11 The STS Series web management screen...
The STS Series requires a valid IP address to operate within the user’s network environment. If the IP address is not readily available, contact the system administrator to obtain a valid IP address for the STS Series. Please note that the STS Series requires a unique IP address to connect to the user’s network.
A subnet represents all the network hosts in one geographic location, such as a building or local area network (LAN). The STS Series will use the subnet mask setting to verify the origin of all packets. If the desired TCP/IP host specified in the packet is in the same geographic location (on the local...
STS Series will establish a direct connection. If the desired TCP/IP host specified in the packet is not identified as belonging on the local network segment, a connection is established through the given default gateway.
DNS servers and the “lease” time. The STS Series immediately places this information in its memory. Once the “lease” expires, the STS Series will request a renewal of the “lease” time from the DHCP server. If the DHCP server approves the request for renewal, the STS Series can continue to work with the current IP address.
0.0.0.0 (recommended). 3.2. SNMP Configurations The STS Series has the SNMP (Simple Network Management Protocol) agent supporting SNMP v1 and v2 protocols. Network managers like NMS or SNMP Browser can exchange information with STS Series, as well as access required functionality.
3.2.1. MIB-II System objects Configuration MIB–II System objects configuration sets the System Contact, Name, Location, and Authentication- failure traps used by the SNMP agent of the STS Series. These settings provide the values used for the MIB-II sysName, sysContact, sysLocation, sysService and enableAuthenTrap.
Access Control defines accessibility of managers to the STS Series SNMP agent. Only the manager set in this menu can access STS Series SNMP agent to exchange information and control actions. If there is no specified IP address (all IP address are defaulted to 0.0.0.0), a manager from any host can access the STS Series SNMP agent.
3.3. Dynamic DNS Configuration When users connect the STS Series to a DSL line or use a DHCP configuration, the IP address might be changed whenever it reconnects to the network. It can therefore be very difficult to post all related contacts for each new IP address.
Figure 3-4 Dynamic DNS Configuration 3.4. SMTP Configuration The STS Series can send an email notification when the number of system log messages reaches to certain value and/or when an alarm message is created due to an issue with serial port data. The user must configure a valid SMTP server send these automatically generated emails.
3.5. IP Filtering The STS Series prevents unauthorized access using either an IP address based filtering method or through the management web page of the STS Series. The users can allow one of the following scenarios by changing the parameter settings:...
Page 31
255.255.255.255 for the subnet To allow any hosts to have access to the STS Series, give 0.0.0.0 for both of the IP address and subnet. Refer to Table 3-2 for more details. The device’s default settings for allowed remote hosts for configuration is “Any”.
If the SYSLOG service is enabled and the SYSLOG server configuration is properly set up, the user may configure the storage location for the system log or port data log of the STS Series as SYSLOG server. For more information about the configuration of port/system log storage location, please refer to section, 4.2.10 Port Logging and 6.2 System Logging.
Figure 3-9 NFS server configuration To store the STS Series log data to the NFS server, the NFS server must be configured as “read and write allowed”. If there is a firewall between the STS Series and the NFS server, there must be a rule that allows all outgoing and incoming packets to travel across the firewall.
TCP port. To prevent this type of lock- up situation, the STS Series provides a TCP “keep-alive” feature. The STS Series will send packets back and forth through the network periodically to confirm that the network is still alive. The corresponding TCP session is closed automatically if there’s no response from the remote host.
Page 35
Chinatown. The default value is 5 seconds. By default, the STS Series will send the keep-alive packets 3 times with 5 seconds interval after 15 seconds have elapsed since the time when there’s no data transmitted back and forth.
Otherwise, it will send data back and forth. In summary, the STS Series will work as if it is virtually connected to the remote host. UDP : The UDP mode operation is similar to that of TCP mode except that it is based on UDP protocol.
Page 37
serial port Inactivity timeout (0 for unlimited) setting UDP listening port #1~#8(1/4) Max allowed connection Accept UDP datagram from unlisted remote host or not Send to recent unlisted remote host or not Inactivity timeout (0 for unlimited) Modem emulation Add or Edit a remote host Primary host address Primary host port Remote host...
Page 38
Add/Edit a keyword Keyword string Email notification SNMP trap notification Port command Remove a keyword Figure 4-1 shows the web-based serial port configuration screen. This serial port configuration main screen summarizes port information. In this summary page, user can find how host mode, encryption option, local port number and serial port parameters are configured at a time.
4.2. Individual Port Configuration The STS Series allows serial ports to be configured either individually or all at once. The parameters for both individual and all port configurations are similar. Individual Port Configurations are classified into nine (9) groups: 1. Port enable/disable 2.
To prevent the possibility of the user inadvertently selecting to change all port settings at the same time, the STS Series provides the ability to enable or disable this function at an individual serial port level. Changes made when using the “change all port parameters at once” function will not be applied to an individual serial port if the function has been disabled (See Figure 4-4.
Figure 4-4 Apply all port setting configuration. 4.2.4. Host Mode Configuration The STS Series operating mode is called the “host mode.” Three host modes are available: TCP mode, UDP mode, Modem emulation mode. TCP mode The STS Series works as both TCP server and client. This mode works for most applications, since it will transfer the data either from serial port or from TCP port.
Page 42
- [Closed] It means “no connection state”. If the data transfer between a remote host and the STS Series is completed, the state is changed to this state as a result that either of the remote host or the STS Series sent a disconnection request.
Page 43
Whenever the serial device sends data through the serial port of the STS Series, data will be accumulated on the serial port buffer of the STS Series. If the buffer is full or the time gap reaches the inter-character timeout (See Options in section 4.4 for details on inter-character timeout), the STS Series connect to the registered remote host(s).
Page 44
Incoming connection request to the ports other than TCP Listening Port will be rejected. The STS Series does restrict the port number from 1024 to 65535 and if it is set as 0 only outgoing connection is permitted. (TCP server mode)
Page 45
If there is data on the remote host(s) to be sent to serial device, it can be transferred to the serial device via STS Series’s serial port after the connection is established. Eventually, users can monitor the serial device periodically by making the remote host send the serial command to the STS Series whenever it is connected to the remote host.
Page 46
1) Operations If a remote host sends a UDP datagram to the one of UDP Local port of the STS Series, STS Series first checks whether it is from one of the hosts configured on remote host configuration. If the remote host is one of the hosts configured on remote host configuration, then STS Series transfers the data through the serial port.
Page 47
Namely, Inactivity Timeout in UDP mode is the time maintained recent unlisted remote host list by STS Series. If user set Inactivity Timeout as 0 in UDP mode, STS Series does not send any data from serial port to unlisted remote host.
Page 48
Table 4-2 AT commands supported in the STS Series Command Internal Operation Response (Verbose Code) Return to command input mode None Set TCP mode as TCP client mode. And then, try to connect If successful, to the specified remote host.
Figure 4-7 Typical case of command/data flow of modem emulation mode 4.2.5. Remote host configuration Remote host configuration is the list of hosts that will receive data from serial port of STS Series when there is data transmission from a serial port of STS Series.
In TCP mode, user can also configure secondary remote host that will receive data from serial port if STS Series fails to connect to primary remote host. But if connection to primary remote host can be made, STS Series dose not send data to secondary remote host until connection to primary remote host failed.
Figure 4-9 Port IP filtering for serial ports 4.2.7. Cryptography configuration The STS Series supports encrypted sessions for only TCP mode including modem emulation mode (not UDP mode). 4.2.7.1. Secure Sockets Layer(SSL) and Transport Layer Security(TLS) cryptography method By setting the cryptography method as one of SSLv2, SSLv3, SSLv3 rollback to v2 or TLSv1, the STS Series can communicate with other device supporting SSL/TLS cryptography method in encrypted sessions.
Page 52
symmetric key encryption. Symmetric key encryption is much faster than public-key encryption, but public-key encryption provides better authentication techniques. The handshake allows the server to authenticate itself to the client using public-key techniques, and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption, decryption, and tamper detection during the session that follows.
Page 53
Figure 4-10 Typical SSL/TLS Handshake Process The STS Series can act as a SSL/TLS server or as a SSL/TLS client depending on status of TCP mode. If TCP connection with SSL/TLS is initiated from remote host first, STS Series acts as a SSL/TLS server during the SSL handshake process.
Page 54
Verify client (server mode only) If user selects Verify client option as Yes, STS Series will request the client's certificate while in SSL handshaking process (Step 2). On the contrary, if user selects Verify client option as No, STS Series does not request the client's certificate while in SSL handshaking process (Step 2).
Page 55
Figure 4-11 Cryptography configuration 4.2.7.2. 3DES cryptography method By setting the cryptography method as 3DES, the STS Series can communicate with other STS Series device or HelloDevice Pro Series in 3DES(168 bits) encrypted sessions. Figure 4.12 shows record format of 3DES packet where meanings of each field are as follows,...
4.2.8. Serial port parameters To connect the serial device to the STS Series serial port, the serial port parameters of the STS Series should match exactly to that of the serial device attached. The serial port parameters are required to match this serial communication.
Page 57
RS232 mode. For more information about pin out of serial port and wiring diagram, please refer to Appendix 1 Connections section. Baud rate The valid baud rate for the STS Series is as follows: 75, 150, 200, 300, 600, 1200, 2400, 4800, 9600, 14400, 19200, 38400, 57600, 115200, and 230400 The factory default setting is 9600.
Page 58
If user sets the DSR input behavior as Allow TCP connection only by HIGH, TCP connection to remote host from STS Series is made only when the DSR status is changed from low to high. And TCP connection to remote host is disconnected when the DSR status is changed from high to low.
The STS Series supports modem connection only when host mode is set as TCP mode. Enable/Disable modem By enabling this menu, user can attach a modem directly to the serial port of STS Series. If this parameter is enabled, STS Series considers this port will be used for modem use exclusively. Modem init-string User can specify modem initialization string for his modem in Modem init-string parameter.
If Automatic release modem connection is set as Enable, modem connection will be closed by STS Series if all TCP connections are closed once at least one TCP connection is opened. If this option is set as Disable, modem connection will not be closed by STS series even if all TCP connections are closed.
Page 61
[disabled]. Port log storage location The port log data can be stored to the STS Series internal memory, an ATA/IDE fixed disk card inserted in PCMCIA slot, the mounting point on an NFS server or the SYSLOG server. If the internal memory is used to store port log data, the port log data will be cleared when the STS Series is turned off.
Figure 4-16 Port logging configuration 4.2.11. Port event handling configurations The STS Series provides a user for a means of monitoring or reacting to data from serial device attached to a serial port of it through Port event handling configuration. Namely, user can define keywords for each serial port that will trigger the email/SNMP notification or command sent to the serial port directly on Port event handling configuration.
Page 63
If the user wants to enable port event handling feature, set Port event handling as enable. . This is a global parameter so if this feature is disabled, the STS Series does not take any actions on port events. Notification interval To prevent STS Series from being trapped in handling port event, there is a Notification interval parameter.
Page 64
Figure 4-17 Port event handling configurations SNMP trap community This parameter set a community that will be included in SNMP trap message when pre-defined keyword is detected.
Page 65
User can select enable or disable for the port command action on keyword selected. Port command string STS Series supports direct reaction to a device attached to serial port when pre-defined keyword is detected. User can specify command or string, which will be sent to a serial port on this menu.
4.3. All Port Configurations If modifications are being made to all serial ports are similar or the same, changes can be made to the serial port configuration for all serial ports simultaneously. With the all port configuration function, the configuration will be applied to all the serial ports; unless an individual ports “apply all port setting” option is disabled.
Page 67
combination of this string and the port number. For example, if the port title is set with “my server”, the port title of port 1 will be set with “my server #1”, the port title of port#2 will be “my server #2”, and so on.
Step 2. Select on the PC card configuration menu. Step 3. The STS Series will use its plug and play functionality to discover the card type. It will then display the configuration menu screens. The user can now set card’s operation parameters.
Figure 5-2 Failure to detect error message Refer to Appendix B.PC Card supported by STS Series to view a list of PC cards support by the STS Series. To stop or remove the PC card, user must complete the following steps.
PC LAN card. All other configuration steps are the same as detailed in Section 3.1 IP Configuration. Refer to Appendix B.PC Card supported by STS Series to view a list of LAN PC cards supported by the STS Series.
Page 71
DNS servers when configuring a PC LAN card. All other configuration steps are the same as detailed in Section 3.1 IP Configuration. The STS Series supports SSID(Service Set Identifier) and WEP(Wired Equivalent Privacy) key features for the wireless LAN configuration. The user may configure the SSID to specify an AP (Access Point).
Refer to Appendix B.PC Card supported by STS Series to view a list of wireless LAN cards supported by the STS Series. 5.3. Serial Modem Card Configuration Using the extra PC card slot as a modem will allow the user on-line access without tying up a serial port with an external modem.
Page 73
Figure 5-6 PC ATA/IDE fixed disk card configuration...
6. System Administration The STS Series display the system status and the log data via a Status Display Screen. This screen is to be used for management purposes. System status data includes the model name, serial number, firmware version and the network configuration of the STS Series. The STS Series can also be configured to deliver log data automatically via email to a specified recipient with the system-logging feature.
Page 75
System log storage location The system log can be stored in the STS Series internal memory, the ATA/IDE fixed disk card inserted in PCMCIA slot, the mounting point on an NFS server or the SYSLOG server. If the internal memory is used to store system log data, the log data will be cleared when the STS Series is turned off.
Figure 6-2 System log configuration and view 6.3. User Logged on List This function allows a user to view current and historical user activity on the shell of STS Series. Figure 6-3 User logged on list The list displays the following information for users who have logged into the system:...
Figure 6-4 Changing the password 6.5. Device Name Configuration The STS Series has its own name for administrative purposes. Figure 6-5 shows the device name configuration screen. When user changes Device name, hostname of STS series shall be changed and then prompt on CLI also shall be changed to the corresponding one as follows,...
If the NTP feature is enabled, the STS Series will obtain the date and time information from the NTP server at each reboot. If the NTP server is set to 0.0.0.0, the STS Series will use the default NTP servers. In this case, the STS Series should be connected from the network to the Internet.
Page 79
STS Series. Figure 6-7 shows the configuration management screen. The following parameters should be properly set up to export / import configurations: Configuration export Location : Location to export to.
1. Select the location to export to. 2. Select the encrypting option 3. Type the file name. 4. Click the [Export] button. To import the exported configurations, follow this: 1. Select the location to import from. 2. Select the configurations to import. 3.
Page 81
5. Once the upgrade has been completed, the system will reboot to apply the changes 6. If the firmware upgrade fails, the STS Series will display error messages as shown in Figure 6-11. It will also maintain the current firmware version.
Page 82
Figure 6-10 Transfer binary file by Zmodem (HyperTerminal) --->9 Do you want to upgrade firmware? (y/n): y Transfer firmware by zmodem using your terminal application. To escape, press Ctrl+X **B0ff000005b157 **B0ff000005b157 **B0ff000005b157 **B0ff000005b157 Firmware upgrade failed ! Now reboot ... Figure 6-11 Firmware upgrade failure message...
6.9. User File Uploading User can upload his own file to the STS Series. But file uploading feature is only supported in console menu. File uploading menu is located under “4. System administration --> 6. User file upload” of console menu as shown on Figure 6-12.
Page 84
Select menu: 1. System status 2. System logging 3. Device name: STS800 Device 4. Date and time 5. Change password 6. User file upload 7. Reload factory default settings 8. Reload factory default settings except IP settings 9. Firmware upgrade <ESC>...
7. System Statistics The STS Series Web interface provides system statistics menus. The user can use the menus to access statistical data and tables stored in the STS Series memory. Network interfaces statistics and serial ports statistics display statistical usage of the link layer, lo, eth and serial ports. IP, ICMP, TCP and UDP statistics display usages of four primary components in the TCP/IP protocol suite.
Figure 7-2 Serial ports status 7.3. IP Statistics The IP Statistics screen provides statistical information about packets/connections using an IP protocol. Definitions and descriptions of each parameter are described below: Forwarding : Specifies whether IP forwarding is enabled or disabled. DefaultTTL : Specifies the default initial time to live (TTL) for datagrams originating on a particular computer.
Page 87
InDiscard : Specifies the number of input IP datagrams for which no problems were encountered to prevent their continued processing, but which were discarded (for example, for lack of buffer space). This counter does not include any datagrams discarded while awaiting reassembly. InDelivers : Specifies the number of received datagrams delivered.
Figure 7-3 IP statistics 7.4. ICMP Statistics The ICMP Statistics screen provides statistical information about packets/connections using an ICMP protocol. Definitions and descriptions of each parameter are described below: InMsgs, OutMsgs : Specifies the number of messages received or sent. InErrors, OutErrors : Specifies the number of errors received or sent.
Page 89
InSrcQuenchs, OutSrcQuenchs : Specifies the number of source quench messages received or sent. A source quench request is sent to a computer to request that it reduces its rate of packet transmission. InRedirects, OutRedirects : Specifies the number of redirect messages received or sent. A redirect message is sent to the originating computer when a better route is discovered for a datagram sent by that computer.
Figure 7-4 ICMP statistics 7.5. TCP Statistics The TCP Statistics screen provides statistical information about packets/connections using a TCP protocol. Definitions and descriptions of each parameter are described below: RtoAlgorithm : Specifies the retransmission time-out (RTO) algorithm in use. The Retransmission Algorithm can have one of the following values.
Page 91
MaxConn : Specifies the maximum number of connections. If is the maximum number is set to -1, the maximum number of connections are dynamic. ActiveOpens : Specifies the number of active opens. In an active open, the client is initiating a connection with the server.
Figure 7-5 TCP statistics 7.6. UDP Statistics The UDP Statistics screen provides statistical information about packets/connections using a UDP protocol. Definitions and descriptions of each parameter are described below: InDatagrams : Specifies the number of datagrams received. NoPorts : Specifies the number of received datagrams that were discarded because the specified port was invalid.
Using the user space, the user can create his own scripts or executable binaries to customize the STS Series. A root user will always have access to the CLI through the serial console on the STS Series back panel or by using a Telnet client from their workstation.
8.5. Examples 8.5.1. Disabling the Telnet Port of the Unit The STS Series unit does not support disabling the remote console port individually (port 22 for SSH or port 23 for Telnet to the box) Currently, the user can only disable or enable all remote consoles together. This must be done...
Page 95
using the UI or console configuration menu. The user may bypass this and disable only one (Telnet or SSH) remote console by modifying the script 'rc.user'. Below are two examples of how this could be done. Example1. Modify 'inetd.conf' Step 1 Modify /etc/inetd.conf (comment out or delete telnet service) Step 2 Copy inetd.conf to /usr2/inetd.conf Step 3 Edit usr2/rc.user script as follows: #!/bin/bash...
The user may now disable the telnet service every time the system boots up. If the user resets the STS Series to the factory defaults, /usr2/rc.user script file will be renamed to /usr2/rc.user.old# file, and the default rc.user file will be restored.
A 1.2. Console and Serial port pin-outs The STS Series uses an RJ45 connector for console and serial ports. The pin assignment of the RJ45 connector for console and serial ports is summarized in Table A-2. Each pin has a function according to the serial communication type configuration.
Page 99
RJ45-DB25 female adapter Using RJ45 to DB25(Female) Cross-over Cable Description (RJ45) Internal Cable Color RJ45 Pin No. DB25 Pin No. Description (DB25) Blue Orange Black Green Yellow Brown White RJ45-DB25 male adapter Using RJ45 to DB25(Male) Cross-over Cable Description (RJ45) Internal Cable Color RJ45 Pin No.
Appendix 2. PC card supported by STS The following PC cards are supported by the STS Series series: Table A-3 Network card Manufacturer Model/Name STS probed Model name Specification 3COM 3CXE589ET-AP 3Com Megahertz 589E 10 Mbps LAN card TP/BNC LAN PC Card...
Page 101
Table A-6 Serial Modem Card Manufacturer Model/Name STS probed Model name Specification PCMCIA CARD Billionton Ambient (Intel) V.90 FM56C series 56KFaxModem FM56C-NFS Systems Inc. FAX/MODEM PC Card 5.41 Viking PC Card Modem 56K Viking V.90 K56flex 021 A MODEM PC Card CIRRUS LOGIC KIT PCMCIA 56K KINGMAX...
Appendix 3. STS Configuration files A 3.1. System.cnf # system.cnf system configuration which exist only one place on this file. # kind of IP configuration mode # 1 - static ip , 2 - dhcp , 3 - pppoe ipmode = 1 # system ip addres ipaddr = 192.168.161.5 # system subnet mask...
Page 103
# Similarly by setting 'bweb' to 1, you can use remote console. # 0 means that protect any access. # 'enable_ip', 'enable_netmask' pair is a source rule specification for remote console filtering. # 'enable_webip', 'enable_webnetmask' pair is for web filtering. btelnet = 1 bweb = 1 enable_ip = 0.0.0.0...
web_refresh_rate = 10 # TCP configuration # 'keepalive_time' is a time before keep alive takes place. # 'keepalive_probes' is the number of allowed keep alive probes. # 'keepalive_intvl' is a time interval between keep alive probes. keepalive_time = 15 keepalive_probes = 3 keepalive_intvl = 5 # Ethernet configuration # 'ethernet_mode' is a ethernet mode.
Page 105
# If you want to change the port data by changing all port configuration, set to port = 0 benable = 0 bmanset = 0 port = 1 benable = 0 bmanset = 0 port = 2 benable = 0 bmanset = 0 port = 3 benable = 0...
Page 106
# 'remotehost' is a remote host list (Primary IP address:port Secondary IP address:port) remotehost = 192.168.0.135:7000 192.168.0.135:7001 # 'cyclictime ' is a cyclic connection time in seconds cyclictime = 10 # 'inactivitytimeout' is a inactivity timeout in seconds. inactivitytimeout = 100 # Cryptography Options # 'encryptionmode' is encryption mode # 0 = None, 1 = SSLv2, 2 = SSLv3, 3 = SSLV3 rollback v2, 4 = TLSv1...
Page 107
# 'snmp_trap_receiver_version' is SNMP trap version # 0 = v1, 1 = v2c event_enable = 1 notification_interval = 0 bmail_handle = 1 mail_title = jungoj@sena.com mail_address = jung@sss.com bsnmp_handle = 1 snmp_title = khfgj snmp_trap_receiver_ip = 192.168.0.8 snmp_trap_receiver_community = public snmp_trap_receiver_version = 0 # Event Keyword option # 'keyword_index' is a index of keyword event...
Appendix 4. Well-known port numbers Port numbers are divided into three ranges: Well Known Ports, Registered Ports, and Dynamic and/or Private Ports. Well Known Ports are those from 0 through 1023. Registered Ports are those from 1024 through 49151. Dynamic and/or Private Ports are those from 49152 through 65535. Well Known Ports are assigned by IANA, and on most systems, can only be used by system processes or by programs executed by privileged users.
Appendix 5. Guide to the Bootloader menu program A 5.1. Overview The bootloader menu provides a way to recover the STS Series unit using BOOTP/TFTP as a disaster recovery option and to diagnose the system hardware. If the user presses the <ESC> key within 3 seconds after the STS Series unit is powered up, he will enter the bootloader menu program.
To perform the test on the Ethernet and UART properly, the user must connect an Ethernet cable to the Ethernet port of the STS Series and must plug the loopback connector to all the serial ports of the STS Series. There must exist a remote host with a valid IP address. The default server IP address is...
Page 111
not be performed properly. ----------------------------------------------------------------------------- Hardware Test ----------------------------------------------------------------------------- Select menu 0. Test Mode - One time 1. Auto test 2. DRAM test 3. FLASH test 4. LED test 5. EEPROM test 6. UART test 7. PC card test 8. Ethernet test <ESC>...
Page 112
-----> Figure A-6 Hardware test menu within Bootloader Menu Program When the user selects [Auto test], a test of all the hardware components is performed automatically. ----------------------------------------------------------------------------- Hardware Test ----------------------------------------------------------------------------- Select menu 0. Test Mode - One time 1. Auto test 2.
Page 113
Port # 8 test in progressing(Read/Write)----------[SUCCESS] (RTS/CTS)-------------[SUCCESS] (DTR/DSR)-------------[SUCCESS] [PCMCIA] 5V CARD 5.0V card found: Lucent Technologies WaveLAN/IEEE Version 01.01 Network Adapter Card [Ethernet] Ethernet chip test--------------------------------------------[SUCCESS] PING 192.168.0.135 from 192.168.161.5 : 64 bytes of ethernet packet. 64 bytes from 192.168.0.135 : seq=0 ttl=255 timestamp=11172879 (ms) 64 bytes from 192.168.0.135 : seq=1 ttl=255 timestamp=11173874 (ms) 64 bytes from 192.168.0.135 : seq=2 ttl=255 timestamp=11174875 (ms) 64 bytes from 192.168.0.135 : seq=3 ttl=255 timestamp=11175876 (ms)
If a failure occurs while Auto Test with looping mode is being performed, the test will stop and the serial InUse LEDs blink to indicate the hardware test has failed. In this case, the user must press the <ctrl-c> keys to return to the menu page. A 5.5.
Page 115
Select menu 1. Protocol [BOOTP] 2. IP address assigned to Ethernet interface [192.168.161.5] 3. Server's IP address [192.168.0.128] 4. Firmware File Name [sts800.bin] 5. Start firmware upgrade -----> 5 Firmware upgrade cannot be stopped until finished. And all configuration parameters are restored to default values. Do you really want to start firmware upgrade(y/n)?y BOOTP broadcast 1 ARP broadcast 1...
Telnet TSLv1 required rollback to v2” Please note that “SSLv3 rollback to v2” option in STS series means “Negotiate SSLv3/TSLv1” option in Serial/IP. If encryption method of STS Series is set as “SSLv3”, then client (Serial/IP) cannot connect to STS...
Series with “Negotiate SSLv3/TSLv1” option. A 6.2. Connection example - Telnet and SSLv3 encryption Step 1. Set host mode of serial port #1 of STS Series as follows, Host mode = TCP, TCP listening port = 7001, Telnet protocol = Enabled Figure A-11 Host mode configuration Step 2.
Page 118
Figure A-12 Cryptography configuration Step 3. Open Serial/IP Control Panel and check the COM port you want to use to communicate with serial port #1 of STS Series by pressing “Select Ports” button. Figure A-13 Select Ports on Serial/IP Control Panel...
Page 119
Step 4. Enter IP address of Server(IP address of STS Series) and Port number (port number of serial port #1) correctly. And then select other parameters as follows. Credentials = No Login Required, Connection Protocol = Telnet, Security = SSL Version 3 (SSLv3) Figure A-14 Set parameters on Serial/IP Control Panel Step 5.
Page 120
Figure A-15 Connect to serial port of STS series via Serial/IP Step 6. User can monitor or trace the connection status using Serial/IP Port Monitor or Trace window. Figure A-16 Serial/IP Trace Window...
= Country Name (2 letter code) countryName_default = KR countryName_min countryName_max stateOrProvinceName = State or Province Name (full name) #stateOrProvinceName_default = Some-State localityName = Locality Name(eg, city) localityName_default = Seoul 0.organizationName = Organization Name (eg, company) 0.organizationName_default = Sena Technologies Inc.
Page 122
Country Name (2 letter code) [AU]: KR State or Province Name (full name) [Some-State](Enter) Locality Name (eg, city) []:Seoul Organization Name (eg, company) [Internet Widgits Pty Ltd]: Sena Technologies Organizational Unit Name (eg, section) [](Enter) Common Name (eg, YOUR name) []:Sena Technologies...
2-3. Check whether CA key file(demoCA/private/cakey.pem) and CA certificate (demoCA/cacert.pem) is generated # ls demoCA/ cacert.pem certs crl index.txt newcerts private serial # ls demoCA/private cakey.pem A 7.3. Making a certificate request To make new certificates, you should make a certificate request first. # cd /work/openssl-0.9.7c/CA Run following commands, # openssl genrsa -out key.pem 1024...