myUTN User Manual Linux
Contents
1. 69 5 7 How to Get Information about the USB Port and USB Device 72 5 8 How to Manage Selection Lists for Several Participants 73 6 SGCUIILY sini cesiesdd es isieutevteieeuse ge ieeeesesvee esse 78 6 1 How to Define the Encryption Level for SSL TLS Connections 79 6 2 How to Control the Access to the myUTN Control Center 81 6 3 How to Control Access to the UTN Server TCP Port Access Control cece cece cece cence ence een eneees 82 6 4 How to Control Access to USB Devices only myUTN 80 and later 84 6 5 How to Block USB Device Types eee c ence cece en eeeee ens 87 6 6 How to Use Certificates Correctly 0 cc cece cece eee eee enee 88 6 7 How to Use Authentication Methods cece cence eee eee 96 6 8 How to Encrypt Data Transfer cece cece ence e nee e eens 103 7 Maintenance tii8 te awcces Coa tate es cell bow debi scouts 105 7 1 How to Secure UTN Parameters Backup 0cee cence eee 105 7 2 How to Reset the UTN Parameters to their Default Values 108 7 3 How to Perform an Update ccc cece cece nen e eee en ees 112 7 4 How to Restart the UTN Server ccc c cece cece eee ee ences 113 BADDENGIN sss ieee tee ctaseneredSivekebe deve dade save 114 8 1 Glossa a2 22c5 0565i4cbreteeitie egatieoiten spies bane E 115 8 2 Parameter LISts 12 cctouecureeet occa stcek eee denennseaacoesouees se 118 8 3 LED Display secisscoksa2. 3 3 How to Configure the DNS DNS is a service that translates domain names into IP addresses Using DNS names can be assigned to IP addresses and vice versa If a DNS server is available in your network you can use DNS for your UTN server If you use a domain name during the configuration process you must first enable and configure DNS DNS is used for the configura tion of the time server for example Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK DNS 3 Configure the DNS parameters siehe Tabelle 4 239 4 Click Save amp Restart to confirm The settings are saved 38 SNMPv1 SNMPv3 myUTN User Manual Linux Network Settings Tabelle 4 DNS Parameters Parameters Description DNS Enables disables the name resolution via a DNS server Primary DNS server Defines the IP address of the primary DNS server Secondary DNS server Defines the IP address of the secondary DNS server The secondary DNS server is used if the first one is not available Domain name suffix Defines the domain name of an existing DNS server 3 4 How to Configure SNMP SNMP Simple Network Management Protocol has become the standard protocol for the administration and monitoring of network elements The protocol controls communication between the moni tored devices and the monitoring station SNMP allows you to read and edit management information pro vided by the network elements e g UTN server
3. Table of Contents 1 General Information cece cece cece cece ee eeees 6 A RIN eaa rapes vaeaenearage rahe EE EEN 6 1 2 DOMIMENAUON se uusortesseiecasecsiwctiiseaunedimotuesemeeeniseas 8 1 3 Support and Service scx cucadecavawasd dendend eeneed be dalevcameneeun 11 TAY OUL Satay unii a o E Ea 12 ES First StepSeersrreinai s enia wees EEEE ANE ARE ERRE EE 13 1 6 Saving the IP Address in the UTN Server c eee e cece eee eee 14 2 Administration Methods cccceeecccceeeees 18 2 1 Administration via myUTN Control Center e eee eee ee 19 2 2 Administration via the SEH UTN Managel 0ceeeeeeeeee 21 2 3 Administration via E Mail only myUTN 80 and later 30 2 4 Administration via the Reset Button of the Device 33 3 Network Settings ccc cece cece cece eee ee eeeees 34 3 1 How to Configure IPv4 Parameters cece eee e cence eee eees 34 3 2 How to Configure IPv6 Parameters cece eee e cence nee eees 36 3 3 How to Configure the DNS ccc ccc cece ence eee neeeeaee 38 3 4 How to Configure SNMP c cece cece e cece eee e eee eneeeeaee 39 3 5 How to Configure Bonjour cece cece cee e eee e ence een enes 40 3 6 How to Configure POP3 and SMTP only myUTN 80 and later 41 3 7 How to Configure WLAN myUTN 54 only e cece eee eee 45 4 Device Settings lt 2 a5 ested ewteetessvenetwt cadet esta
4. Configuring Messages MI The SEH UTN Manager complete version is installed on the client see 2821 MI The USB port is shown in the selection list see gt E164 Proceed as follows 1 Start the SEH UTN Manager 2 Select the port from the selection list 3 Select Port Settings from the menu bar The Port Settings dialog appears 4 Tick the option under Messages 5 Click OK 72 What are Selection Lists Benefits and Purpose myUTN User Manual Linux Working with the SEH UTN Manager The setting will be saved As soon as a network participant disables the connection to the USB port and the connected USB device desktop alert will be generated 5 8 Howto Manage Selection Lists for Several Participants The selection list is a central element of the SEH UTN Manager It displays all embedded UTN servers as well as the connected USB devices and shows their status These USB devices can be connected to the client via the port connection and can then be used The selection list can be edited and configured according to your needs by adding and deleting the required UTN servers By means of the type and distribution of the selection list in combi nation with the user management the administrator can control the access to the UTN servers that are available in the network All users will at first use the same global selection list As an alterna tive the administrator can provide users with user s
5. Tabelle 6 Bonjour Parameters Parameters Description Bonjour Enables disables Bonjour Bonjour name Defines the Bonjour name of the UTN server The UTN server uses this name for its Bonjour services If no Bonjour name is entered the default name will be used device name ICxxxxxx 3 6 Howto Configure POP3 and SMTP only myUTN 80 and later You must configure the protocols POP3 and SMTP on the UTN server so that the notification service 254 and the remote mainte nance via email 9830 will work POP3 Post Office Protocol Version 3 is a transfer protocol that a client can use to fetch emails from a mail server POP3 is required in the UTN server to administer the UTN server via email 41 Network Settings SMTP SMTP Simple Mail Transfer Protocol is a protocol that controls the sending of emails in networks SMTP is required in the UTN server to administer the UTN server via email and to run the notification ser vice What Do You Want O Configuring POP3 gt 242 Tomo O Configuring SMTP gt 43 Configuring POP3 Requirements MM The UTN server is set up as user with its own email address on a POP3 server Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK Email 3 Configure the POP3 parameters siehe Tabelle 7 gt 242 4 Click Save amp Restart to confirm The settings are saved Tabelle 7 POP3 Parameters Parameters Description POP3 Enables disabl
6. The following commands are supported Command Description c command string Runs a command The command is specified in greater detail by the command string The following command or strings can be used activate UTN server port number command command Activates the connection to a USB port and the string connected USB device e deactivate UTN server port number Deactivates the connection to a USB port and the connected USB device The command string eject will be used when a USB mass storage device is connected to the USB port The command string plugout will be used for all other USB devices plugin UTN server port number Activates the connection to a USB port and the connected USB device plugout UTIN server port number Deactivates the connection to a USB port and the connected USB device Corresponds to the plugging out of the device Note The command string deactivate is to be preferred e eject UTN server port number for USB mass storage devices Ejects the USB device connected to the USB port The port connection will only be deactivated if the communication has been terminated properly Note The command string deactivate is to be preferred 7 Ber SMEOCOMINESE triel telse WIN server port number Automatically activates the port connection if the USB device is connected to the USB port but not in use getlist UIN server Shows an overview of the USB d
7. What is IEEE 802 1X What is EAP What is RADIUS What Do You Want To Do myUTN User Manual Linux Security 6 7 How to Use Authentication Methods By means of an authentication a network can be protected against unauthorized access The UTN server can participate in various authentication procedures This section describes which procedures are supported and how these procedures are configured on the UTN server The IEEE 802 1X standard provides a basic structure for various authentication and key management protocols IEEE 802 1X allows you to control the access to networks Before users gain access to a network via a network device they must authenticate themselves in the network After the authentication was successful the access to the network will be freed The standard IEEE 802 1X is based upon the EAP Extensible Authen tication Protocol EAP is a universal protocol for many authentica tion procedures EAP allows for a standardized authentication procedure between the network device and an authentication server RADIUS First you must define the authentication procedure TLS PEAP TTLS etc to be used and configure it on all network devices involved RADIUS Remote Authentication Dial In User Service is an authen tication and account management system that validates user login information and grants access to the desired resources The UTN server supports various EAP authentication methods in order to aut
8. e SEH UTN Manager Function Overview gt 2139 e Troubleshooting 2141 e Additional Tool utnm gt e Abbildungsverzeichnis gt e Index 92156 me 145 155 mg myUTN User Manual Linux 114 What Information Do You Need myUTN Control Center SEH UTN Manager Hardware Address myUTN User Manual Linux Appendix Glossary 8 1 Glossary The glossary contains information about manufacturer specific software solutions and terms from the world of network technology Manufacturer Specific Software Solutions e myUTN Control Center 92115 e SEH UTN Manager gt 2 115 Network Technology e Hardware Address gt 115 e IP Address gt 116 e Host name gt B116 e Gateway 9116 e Subnet Mask 9 2116 e Default Name 9125116 Miscellaneous e Compound USB Device 8117 The UTN server can be configured and monitored via the myUTN Control Center The myUTN Control Center is stored in the UTN server and can be displayed by means of a browser software z B Mozilla Firefox The software tool SEH UTN Manager handles the access of the USB devices The software is installed on all clients that are meant to access a USB device in the network The SEH UTN Manager shows the availability of all UTN servers in the network and establishes a connection between the client and the USB port including the con nected
9. Mi The USB port is shown in the selection list see gt 64 MI The USB port is connected to your client Proceed as follows 1 Start the SEH UTN Manager 2 Select the port from the selection list 3 Select Port Deactivate from the menu bar The connection will be deactivated Cutting the Device Connection via the myUTN Control Center E Proceed as follows 1 Start the myUTN Control Center 2 Select START 3 Choose the active connection from the Attached devices ist and click the amp icon 67 Working with the SEH UTN Manager 4 Confirm the security query The connection will be deactivated 5 5 How to Request an Occupied Device You can request a USB device that is being actively used by another user To this purpose send a release request for the USB port to which the USB device is connected The other user will be informed about your request via a popup win dow The user can then terminate the connection to the USB port When the USB port is shared the connection between the USB port and your client will be established automatically Requirements MM The SEH UTN Manager complete version is installed on the client see gt 221 MI The SEH UTN Manager complete version is installed on the client of the user who uses the USB device see gt E21 MI The SEH UTN Manager complete version is executed on both clients M The USB port is shown in the selection list see gt 16
10. Quick Installation Guide Using the reset button you can reset the UTN server s parameter val ues to their default setting There are two procedures 1 myUTN 50a to myUTN 250 2 myUTN 800 The two procedures are each described in the following The illustra tions may differ slightly from your UTN server model The reset process can be divided into two phases e During phase 1 the device is forced into the reset mode During the reset mode the parameters are reset e The second describes the restart of the device IMPORTANT The reset mode is indicated by the synchronous blinking of the activity LED yellow and the status LED green and last for about five intervals You must release the reset button within this time frame other wise the device switches to the BIOS mode If this happens try the reset again The phases are described in the following 109 Maintenance Phase 1 Reset Phase 2 Restart Switch off the UTN server interrupt the power supply Press and hold the reset button Switch on the UTN server status LED blink synchronously The reset mode has been activated Release the reset button for about 2 seconds e The LEDs bli j EA e s blink alternatingly Press and hold the reset button again The LEDs blink synchronously activity LED will blink Release the reset button myUTN User Manual Linux establish the power supply Wait until the activity
11. The UTN server sup ports versions 1 and 3 of SNMP The SNMP community is a basic form of access protection A large number of SNMP managers are grouped together in the community The community is then assigned read write access rights The gen eral community string is public The community string for SNMPv1 is transferred in plain text and does not provide sufficient protection SNMPv3 is a continuation of the SNMP standard which provides improved applications and a user based security model Distinguish ing features of SNMPv3 include its simplicity and security concept Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK SNMP 39 myUTN User Manual Linux Network Settings 3 Configure the SNMP parameters siehe Tabelle 5 gt 240 4 Click Save amp Restart to confirm The settings are saved Tabelle 5 SNMP parameters Parameters Description SNMPv1 Enables disables SNMPv1 Read only Enables disables the write protection for the community Community SNMP community name The SNMP community is a basic form of access protection in which several participants with the same access rights are grouped together SNMPv3 Enables disables SNMPv3 User name Defines the name of the SNMP user Password Defines the password of the SNMP user Hash Defines the hash algorithm Access rights Defines the access rights of the SNMP user Encryption Defines the encryption method 3 5
12. cipher suite that is supported by both parties no SSL TLS connection will be established The communicating parties of the UTN server e g browser must support the cipher suites of the selected encryption level in order to successfully establish a connection When problems occur select a different level or reset the parameters of the UTN server see gt E108 79 Security The following encryption levels can be selected e Compatible Cipher suites with an encryption of 40 to 256 bit are used e Low Only cipher suites with a low encryption of 56 bit are used Fast connection e Medium Only cipher suites with an encryption of 128 bit are used e High Only cipher suites with a strong encryption of 128 to 256 bit are used Slow connection Do not use the encryption level Low if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY SSL connections 3 Select the desired encryption level from the Encryption area 4 Click Save amp Restart to confirm The setting will be saved Detailed information about the individual SSL TLS connection status e g cipher suites can be found on the Details page at SSL connec tion status Details myUTN User Manual Linux 80 Security What Do You Want To Do Types of Connection HTTP HTTPS myUTN User Manual Linux 6 2 Howto Contro
13. interface of the SEH UTN Manager minimal version of the SEH UTN Manager gt 22 Frequently recurring command sequences e g a port activation can be automated by means of scripts The execution of scripts can be done automatically e g by means of login scripts O Using the Console gt 2145 O Creating Scripts 12146 Using the Console MI The SEH UTN Manager is installed on the client see gt 21 M The IP address or host name of a UTN server is known Proceed as follows 1 Open the console Terminal 2 Enter the sequence of commands see Syntax and Commands 28146 3 Confirm your entries The sequence of commands will be run 145 Appendix Additional Tool utnm Creating Scripts Requirements M The SEH UTN Manager is installed on the client see gt 21 M The IP address or host name of a UTN server is known Proceed as follows 1 Open a text editor 2 Enter the sequence of commands see Syntax and Commands 28146 3 Save the file as executable script for more information refer to the documentation of your operating system The script is saved Information on how to use the script can be found in the documentation of your operating system Syntaxand Note the following syntax Commands utnm c command string lt command gt The executable file utnm can be found in usr bin myUTN User Manual Linux 146 Appendix Additional Tool utnm
14. which is reserved for ZeroConf can be overwritten by means of the arp and ping commands The arp command is used for editing the ARP table The ping com mand transfers a data packet containing the IP address to the hard ware address of the UTN server If the data packet has been successfully sent and received the UTN server permanently saves the IP address The implementation of the arp and ping command depends on the system used Read the documentation for your operating system MI The ARP PING parameter has been enabled see gt 35 Edit the ARP table Syntax arp s lt IP address gt lt hardware address gt Example arp s 192 168 0 123 00 c0 eb 00 01 ff Assign a new IP address to the UTN server Syntax ping lt IP address gt Example ping 192 168 0 123 Administration Methods 2 Administration Methods You will get information on when to use these methods and which functions these methods support What Information e Administration via myUTN Control Center gt 19 DoYouNeed administration via the SEH UTN Manager 2821 e Administration via E Mail only myUTN 80 and later gt 30 e Administration via the Reset Button of the Device 933 myUTN User Manual Linux 18 Administration Methods 2 1 Administration via myUTN Control Center Which Functions Are The myUTN Control Center includes all features for the administra Supported tion and monitor
15. 2126 Proceed as follows 1 2 3 4 a Open the console Terminal Install the desired SEH UTN Manager packages sudo dpkg i lt full package name gt Add all users that are to administrate the SEH UTN Manager on the client to the user group utnusers sudo usermod aG utnusers lt user name gt Logout and login again so that the group changes take effect The SEH UTN Manager is installed on your client Installing theSEH UTN Manager via the Oracle Terminal M Mi l Oracle Linux 6 5 64 bit with Linux kernel 2 6 32 or higher glibc 2 11 1 or higher and OpenSSL 1 0 1 or higher DKMS Dynamic Kernel Module Support is installed on the client see gt 26 The user used can gain root privileges via the command sudo Proceed as follows 1 2 3 A Open the console Terminal Install the desired SEH UTN Manager packages sudo rpm i lt full package name gt Add all users that are to administrate the SEH UTN Manager on the client to the user group utnusers sudo usermod aG utnusers lt user name gt Logout and login again so that the group changes take effect The SEH UTN Manager is installed on your client 25 System Requirements myUTN User Manual Linux Administration Methods Installing Dynamic Kernel Module Support DKMS In order to install the SEH UTN Manager Dynamic Kernel Module Support DKMS must be installed on the system Some distributions like Oracl
16. DKMS is installed on the client Programm Start Ubuntu To start the SEH UTN Managers in the launcher call UTN Manager via Dash search or type utnmanager in the command line interface Terminal Oracle The SEH can be started in several ways e Under Applications System Tools select UTN Manager B e Inthe console Terminal run the command utnmanager e Using Alt F2 call the dialog Run Application In the box enter utnmanager and click Run Changing Versions If the minimal oder complete version of the SEH UTN Manager is already installed on your system and you want to change to the other version you must first uninstall the existing version Update You can get information about the update status of the SEH UTN Manager If an update is available the installation file can be copied to the computer and the program can be installed In the case of 27 myUTN User Manual Linux Administration Methods updates the default settings are modified according to the existing version Program Structure After the program start you will see the main dialog with the fol lowing elements The dialog may vary depending on which elements you have chosen to be shown or hidden Buttons for editing the selection list Menu bar Selection List Administratur SEH UTN anager Program Selection List UTN er Port Help A Server Device v Status A e 192 168 0 140 bo Flash Drive Flash Drive Port 1 Av
17. Howto Configure Bonjour Bonjour allows the automatic recognition of computers devices and network services in TCP IP based networks The UTN server uses the following Bonjour functions e Checking the IP address assigned via ZeroConf e Assignment of host names to IP addresses e Location of server services without knowledge of the device s host name or IP address When checking the IP address assigned via ZeroConf see ZeroConf gt B15 the UTN server sends a query to the network If the IP address has already been assigned elsewhere in the network the UTN server will receive a message The UTN server then sends 40 POP3 myUTN User Manual Linux Network Settings another query with a different IP address If the IP address Is avail able it is saved in the UTN server The domain name service is used for additional Bonjour features Since there is no central DNS server in Bonjour networks each device and application has its own small DNS server This integrated DNS server mDNS collects and administers the information of all participants in the net In addition to the features of a classical DNS server the mDNS server also saves the IP address the service name and the offered services of each participant Proceed as follows Start the myUTN Control Center Select NETWORK Bonjour Configure the Bonjour parameters siehe Tabelle 6 47 Click Save amp Restart to confirm The settings are saved EFRWN DS
18. Layer Security serves to encrypt the transmission between the UTN server and the SMTP server smtp_auth on off off Enables disables the SMTP Login authentication for the login smtp_sign on off off Enables disables the Security encryption and signing of S MIME emails via S MIME smtp_attpkey on off on Enables disables the Attach public key attachment of a public key to an email smtp_encrypt on off off Defines the signing and Full encryption encryption of emails Signing of off signing emails on encrypt 130 myUTN User Manual Linux Appendix Parameter List Tabelle 33 Parameter List Notification only myUTN 80 and later Parameters trapto_1 trapto_2 Address trapcommu_1 trapcommu_2 Community trapdev Send trap if USB devices are connected or disconnected trappup Send trap if UTN server is restarted trapact Send trap if USB ports are activated or deactivated trap_pwr Send trap if power supply is interrupted or established trap_sdinout Send trap if SD card is connected or disconnected trap_sdunusable Send trap if SD card cannot be used mailto_1 mailto_2 Email address Value valid IP address max 64 characters a z A Z 0 9 on off on off on off on off on off on off valid email address max 64 characters Default 0 0 0 0 public off off off off off off blank Description Defines the SN
19. SMTP Attach public key Sends the public key together with the email Many email clients require the public key to be attached in order to view the emails myUTN User Manual Linux 44 Network Settings 3 7 Howto Configure WLAN myUTN 54 only The UTN server model myUTN 54 can handle WLAN This allows you to wirelessly operate the UTN server in the network Whatis WLAN WLAN is a radio technology that allows you to establish wireless connections between network components The WLAN technology is defined as a standard of the IEEE 802 11 family The myUTN 54 sup ports the standards IEEE 802 116 802 11g and IEEE 802 11n To make use of the radio technology the myUTN 54 has additional parameters gt 248 You can view the current WLAN settings in the myUTN Control Center under the menu item NETWORK WLAN Connection Status The following icons in the myUTN Control Center indicate the cur rent connection status UTN server in the wireless network P lt UTN server in the wired network WLAN Security Make sure that no unauthorized user logs on to the Wireless LAN and that no one has access to the Internet or network resources Your UTN server offers several security mechanisms Default Mechanism Encryption Authentication WEP WEP Open System Shared Key WEP EAP WEP Open System 802 1X EAP WPA Personal Mode TKIP MIC PSK WPA2 Personal Mode AES CCMP PSK WPA Enterprise Mode TKIP MIC 802 1X EAP WPA2 Enterprise
20. USB device The UTN server is addressable by means of its world wide unique hardware address This address is commonly referred to as the MAC or Ethernet address The manufacturer has defined this address in the hardware of the device The address consists of 12 hexadecimal 115 Appendix Glossary numbers The first six numbers represent the manufacturer while the last six numbers identify the individual device Hardware address A L 00 c0 eb 00 01 ff V JN Y J Manufactu Device rer number The hardware address can be found on the housing or in the SEH UTN Manager The use of separators within the hardware address depends on the platform In Linux werden are used IP Address The IP address is the unique address of each node in a network i e an IP address may occur only once on a local network The system administrator usually assigns the IP address The address must be saved in the UTN server to make sure that it can be addressed within the network Hostname The host name is an alias for an IP address The host name uniquely identifies the UTN server in the network and makes it easier to remember Gateway Using a gateway you can address IP addresses from external net works If you want to use a gateway you can configure the relevant parameter in the UTN server via the myUTN Control Center Subnet Mask With the help of the subnet mask large networks can be split up into subnetworks In this case the use
21. UTN server set parameters Sends parameters to the UTN server The syntax and values can be obtained from the parameter list see gt 8121 Parameter and value must be entered into the email body update utn Carries out an automatic update using the software that is attached to the mail help Sends a page containing information about the remote maintenance lt comment gt Freely definable text for descriptions The following applies for the instructions e not case sensitive e one or more space characters are allowed e max length is 128 byte e only the ASCII format can be read You will need a TAN for updates or parameter changes on the UTN server You will get a current TAN from the UTN server via email e g when receiving a status page Enter the TAN into the first line of the email body A space character must follow Parameter changes are integrated into the email body with the fol lowing syntax lt parameter gt lt value gt The syntax and values can be obtained from the parameter list see gt 2121 31 Administration Methods Example 1 This email causes the UTN server to send the parameter list to the sender of the email Email address of the UTN server as configured on the POP3 server myutn company com Subject cma get parameters j TO Command Abb 4 Administration via Email Example 1 Example2 This email configures the parameter Description
22. Value Default Description http_pwd max 64 characters blank Defines the password for the Password a z A Z 0 9 administrative access to the myUTN Control Center http_allowed on off on Defines the permitted type of Permitted connection HTTP HTTPS to connection the myUTN Control Center If HTTPS is exclusively cho sen as the connection type http_allowed off the administrative access to the myUTN Control Center is pro tected via SSL TLS Tabelle 20 Parameter List USB device type blocking Parameters Value Default Description utn_hid on off on De activates the blocking of Disable input input devices HID human devices HID interface devices class on no blocking off blocking myUTN User Manual Linux 122 myUTN User Manual Linux Tabelle 21 Parameter List TCP port access Parameters protection Port access control protection_test Test mode protection_level Security level ip_filter_on_1 ip_filter_on_8 IP address ip_filter_1 ip_filter_8 IP address hw_filter_on_1 hw_filter_on_8 MAC address hw_filter_1 hw_filter_8 MAC address Value on off on off protec_utn protec_tcp protec_all on off valid IP address on off valid hardware address Default off on protec_ utn off blank off 00 00 00 00 00 00 Appendix Parameter List Description Enables disables the locking of the selected ports Enables disables the t
23. address from the address range 169 254 0 0 16 which is reserved for ZeroConf Once the UTN server has automatically received an IP address via a boot protocol you can save a freely definable IP address in the UTN server The UTN server s assigned IP address can be determined and changed using the software tool SEH UTN Manager see gt 2118 Different methods for the assignment of the IP address are described in the following e ZeroConf gt 215 e BOOTP 9815 e DHCP gt 15 e Auto Configuration IPv6 Standard gt 16 e SEH UTN Manager gt B16 e myUTN Control Center gt 16 e ARP PING 2817 Requirements Requirements myUTN User Manual Linux General Information ZeroConf If no IP address can be assigned via boot protocols the UTN server assigns itself an IP address via ZeroConf For this purpose the UTN server picks an IP address at random from the address range 169 254 0 0 16 which is reserved for ZeroConf EE LT You can use the domain name service of Bonjour for the name reso lution of the IP address see gt 40 BOOTP The UTN server supports BOOTP which means that the IP address of the UTN server can be assigned via a BOOTP server MI The BOOTP parameter has been enabled see gt 34 Mi A BOOTP server is available in the network If the UTN server is connected it asks the BOOTP host for the IP address and the host name The BOOTP host answers
24. and syntax utnm c activate UTN server port number Results in utnm c activate 10 168 1 167 3 myUTN User Manual Linux 149 myUTN User Manual Linux Appendix List of Figures 8 8 List of Figures UTN Server in the Network 2 22 c2t cteandeudseiae ed nwawns tak 7 myUTN Control Center START 0 0 cee eee eens 20 SEH UTN Manager Main Dialog 222 20 0 eee 28 Administration via Email Example 1 0 eee eee eee 32 Administration via Email Example 2 0 002s eee 32 Display panel myUTN 800 0 000 cee eee eee eee 51 USB port based assignment of VLANs 022222000 59 SEH UTN Manager Edit Selection List 0 64 SEH UTN Manager Activating the Device 66 Global Selection List csonssdaesesesgeSidweedssdenaceeeeseds 74 User Specific Selection List nannu nunana nenna 74 myUTN Control Center Certificates 0 000 anaana 89 UTN Server SSL TLS Connection in the Network 103 SEH UTN Manager Encryption 22 2 2 lt lt 2ses5s004s eens bes 104 Reset button myUTN 800 0 eee eee 111 150 myUTN User Manual Linux 8 9 Index A Acoustic Signals 57 Address Hardware address 115 IP address 116 MAC address 115 Ad Hoc mode 48 ARP PING 17 Authentication 45 46 96 Auto Backup 105 Auto Connect 21 69 Auto Disconnect 22 70 Automatisms 21 69 Auto Connect 21 69 Auto Dis
25. establishes a con nection between the network participants The boot protocols DHCP and BOOTP belong to the TCP IP protocol family You can define various IPv4 parameters for an ideal integra tion of the UTN server into a TCP IP network For further informa tion about the assignment of IP addresses see gt 14 O Configuring IPv4 Parameters via the myUTN Control Center gt 234 O Configuring IPv4 Parameters via the SEH UTN Manager gt 35 Configuring IPv4 Parameters via the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 34 Requirements myUTN User Manual Linux Network Settings 2 Select NETWORK IPv4 3 Configure the IPv4 parameters siehe Tabelle 2 25835 4 Click Save amp Restart to confirm The settings are saved Tabelle 2 IPv4 Parameters Parameters Description DHCP Enables or disables the protocols DHCP BOOTP and BOOTP ARP PING ARP PING Protocols offer various possibilities to save the IP address in the UTN server See Saving the IP Address in the UTN Server 274 We recommend disabling these options once an IP address has been assigned to the UTN server IP Address IP address of the UTN server Subnet mask Subnet mask of the UTN server Gateway Gateway address of the UTN server Configuring IPv4 Parameters via the SEH UTN Manager MI The SEH UTN Manager complete version is installed on the client see 29821 M The UTN server
26. is shown in the selection list see gt B64 Proceed as follows 1 Start the SEH UTN Manager 2 Select the UTN server from the selection list 3 Select UTN Server Set IP Address from the menu bar The Set IP Address dialog appears 4 Enter the relevant TCP IP parameters Click OK The settings are saved Sa 35 What are the Advantages of IPv6 What is the Structure of an IPv6 Address myUTN User Manual Linux Network Settings 3 2 How to Configure IPv6 Parameters You can integrate the UTN server into an IPv6 network IPv6 Internet Protocol version 6 is the successor of the more com monlPv4 Both protocols are standards for the network layer of the OSI model and regulate the addressing and routing of data packets via a network The introduction of IPv6 has many benefits e Pv6 increases the IP address space from 2 IPv4 to 2 28 IPv6 IP addresses e Auto Configuration and Renumbering e Efficiency increase during routing due to reduced header information e Integrated services such as IPSec QoS Multicast e Mobile IP An IPv6 address consists of 128 bits The normal format of an IPv6 address is eight fields Each field contains four hexadecimal digits representing 16 bits Each field is separated by a colon Example fe80 0000 0000 0000 0000 10 1000 1a4 Leading zeros in a field can be omitted Example fe80 0 0 0 O 10 1000 1a4 An IPv6 address may be entered
27. key control an appropriate key must be entered on the client via the SEH UTN Manager Proceed as follows 1 2 3 Start the SEH UTN Manager Select the UTN server from the selection list Select the command Set USB Port Keys from the UTN server menu bar The Set USB Port Keys dialog appears Enter the key for the relevant USB port Click OK The access to the USB port is shared The USB port and the connected USB device are shown in the selection list and can be operated 85 myUTN User Manual Linux Security Specifying the Device Assignment on the USB Port To prevent manipulations by switching the USB devices on the UTN server you can permanently assign USB devices to the USB ports Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY USB port access 3 Select the entry Device assignment from the Method list of the relevant USB port 4 Click Reallocate device The USB device box shows the vendor and product ID of the USB device 5 Click Save to confirm The settings are saved Only the assigned USB device can be operated on the USB port If the USB port is to create an assignment with a newly connected USB device click Reallocate device again and save your settings Disabling the USB Port Access Control You can disable the access control to the USB ports as well as the connected USB devices Proceed as follows 1 Start the myUTN Control Center 2 SelectSE
28. names for Host name Description and Contact person 4 Click Save amp Restart to confirm myUTN User Manual Linux 50 Device Settings amp The data is saved Ene DEE To assign names to USB ports see gt 53 4 2 Howto Assign an Identifier Shown in the Display Panel myUTN 800 only The Dongleserver myUTN 800 can be mounted in a 19 server rack In order to identify a certain myUTN 800 if several are mounted in a rack an identifier is shown in the display panel on the front side of the Dongleserver By default the identifier DS is displayed You can assign a freely definable identifier Do not assign an identifier to the UTN server that might be confused with an error code gt 4143 E Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Description 3 Enter a freely definable description into the Identifier display panel box max 2 characters A Z 0 9 Click Save amp Restart to confirm amp The data is saved L Status Activity A Abb 6 Display panel myUTN 800 myUTN User Manual Linux 51 UTC Time Zone Requirements UTN Port myUTN User Manual Linux Device Settings 4 3 Howto Configure the Device Time You can control the device time of the UTN server via a time server SNTP server in the network A timeserver is a computer networking device that reads the actual time from a reference clock and distrib utes this information to it
29. of an Instruction myUTN User Manual Linux Administration Methods 2 3 Administration via E Mail only myUTN 80 and later You can administer the UTN server via email and thus via any com puter with Internet access An email allows you to e send UTN server status information e define UTN server parameters or e perform an update on the UTN server MI A DNS server has been configured on the UTN server see gt 2138 MI In order to receive emails the UTN server must be set up as user with its own email address on a POP3 server MI POP3 and SMTP parameters have been configured on the UTN server see 91141 If you want to administer the UTN server you must enter the rele vant Instructions into the subject line of your email Proceed as follows 1 Open an email program 2 Write a new email 3 Enter the UTN server address as recipient 4 Enter an instruction into the subject line see Syntax and Format of an Instruction 9830 5 Send the email The UTN server receives the email and carries out the instruction Note the following syntax for instructions in the subject line cmd lt command gt lt comment gt 30 Administration Methods Security with TAN Parameter Changes myUTN User Manual Linux The following commands are supported Commands 07o ioli Description lt command gt get status Sends the status page of the UTN server get parameters Sends the parameter list of the
30. of the individual parameters e Parameter List IPv4 12119 e Parameter List IPv4 VLAN only myUTN 80 and later gt 1119 mg e Parameterliste IPv6 8120 e Parameter List Bonjour gt B121 Parameter List SSL Connections gt 122 e Parameter List Web access gt B122 e Parameter List USB device type blocking gt 122 e Parameter List TCP port access 9121123 e Parameter List UTN port gt B e Parameter List Encryption gt 124 B124 e Parameter List USB port access only myUTN 80 and later B124 e Parameter List USB port gt 125 e Parameter List DNS 92125 e Parameter List SNMP 58126 e Parameter List Date Time gt mg 127 e Parameter List Description gt B127 e Parameter List Authentication gt B128 e Parameter List POP3 only myUTN 80 and later gt B129 e Parameter List SMTP only myUTN 80 and later gt B130 e Parameter List Notification only myUTN 80 and later 8131 e Parameter List WLAN myUTN 54 To view the Parameterwerte anzeigen gt 8108 only gt 133 e Parameter List Display panel myUTN 800 only gt e Parameter list SD card myUTN 800 only gt 8136 B135 current parameter values of your UTN server see 118 Tabelle 14 Parameter List IPv4
31. port The port number 9443 is preset In order to use an encrypted connection you must enable the port encryp tion see gt 8103 Bails I This UTN port or the UTN SSL port must not be blocked by a firewall If required you can change the port number on the UTN server MI In order that the SEH UTN Managers installed on the clients receive the current port number the SNMPv1 parameter must be activated see 1239 Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE UTN port 3 Enter the port number into the UTN port or UTN SSL port box 4 Click Save amp Restart to confirm The settings are saved 4 5 How to Assign a Name to a USB Port You can assign any name to the USB port This port name will be dis played in the myUTN Control Center and the SEH UTN Manager If no port name is defined the name of the USB device connected will be displayed Some USB devices have cryptic or ambiguous names Assign a clear description e g the name of a corresponding software to the USB port and thus the USB device This gives you a better overview of the USB devices available in the network Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE USB port 3 Enter the preferred name into the Port name field 4 Click Save amp Restart to confirm 53 Benefits and Purpose myUTN User Manual Linux Device Settings The settings are saved 4 6 Howto D
32. selection list Select Port Settings from the menu bar The Port Settings dialog appears 4 Tick Activates the device automatically after the SEH UTN Manager program start Auto Connect 5 Click OK 69 Requirements myUTN User Manual Linux Working with the SEH UTN Manager The setting will be saved Automatically Disconnect the Port Connection after the Time Defined Auto Disconnect This function allows you to automatically disconnect the connection to a USB port after the time defined A one off prolongation of the connection by the duration of the defined time can be optionally activated The settings apply to all USB ports on a UTN server Two minutes before the expiration of the defined time the user will receive a message telling them to close the connection to the USB port and the connected USB device in order to avoid data loss and error conditions If the prolongation is enabled the note with the possibility to accept or reject the prolongation will appear lt gt You have the option of being informed about the availability of the port after the automatic disconnection For this purpose set up a notification if the USB port is available see gt 72 Auto Disconnect allows a large number of network participants to access a small amount of USB ports including the connected USB devices and avoids idle times MI The SEH UTN Manager complete version is installed on the client see 29821 M
33. the action A square marks procedures and options that you can choose Eye catchers mark lists This sign indicates the summary of a chapter The arrow marks a reference to a page within this document In the PDF file you can jump to this page by clicking the symbol Established terms of buttons or menu items for example are set in bold Command lines are set in Courier font Proper names are put in inverted commas 10 General Information 1 3 Support and Service Support If questions remain please contact our hotline SEH Computertech nik GmbH offers extensive support Monday through Thursday from 8 00 a m to 4 45 p m Friday and from 8 00 a m to 3 15 p m CET 49 0 521 94226 44 support seh de Current Services The following services can be found on the homepage of SEH Com putertechnik GmbH http www seh de e current firmware software e current tools e current documentation current product information e product data sheets e and much more myUTN User Manual Linux 11 Intended Use Improper Use Safety Regulations Warnings myUTN User Manual Linux General Information 1 4 Your Safety Read and observe all safety regulations and warnings found in the documentation on the device and on the packaging This will avoid potential misuse and prevent damages to people and devices SEH Computertechnik GmbH will not accept any liability for per sonal injuries property d
34. the client When connecting certain USB devices to a USB port of the UTN server the selection list displays several USB devices on this port These are so called compound USB devices They consist of a hub and one or more USB devices that are all integrated into a single housing If the connection is established to a port with a connected com pound USB device all USB devices shown will be connected to the user s client In this case each integrated USB device occupies a vir tual USB port of the UTN server The number of these virtual USB ports is limited depending on the UTN server model If the limit is reached no further USB devices can be used on this UTN server Tabelle 12 Virtual USB ports Number of virtual Number of virtual UTN server USB ports UTN server USB ports myUTN 50a 6 myUTN 250 12 myUTN 54 8 myUTN 800 40 myUTN 80 16 MI The SEH UTN Manager complete version is installed on the client see 29821 MI The USB port is shown in the selection list see E164 M All provisions driver installation etc necessary to operate the USB device locally i e connected directly to the client should have been met on the client Ideally the USB device has been connected and operated on the client locally according to the instructions of the manufacturer 65 myUTN User Manual Linux Working with the SEH UTN Manager Mi The USB port is not connected to another client Proceed as follows 1 Start the SEH U
35. 0 VLAN ipv4vlan_addr_1 valid IP address ipv4vilan_addr_20 IP address ipv4vian_mask_1 valid IP address ipv4vlan_mask_20 Subnet mask ipv4vlan_id_1 0 4096 1 4 characters 0 9 ipv4vlan_id_20 VLAN ID Tabelle 16 Parameterliste IPv6 Parameters Value ipv6 on off IPv6 ipv6_addr n n n n n n n n IPv6 address Default on off 192 168 0 0 255 255 255 0 Default on Appendix Parameter List Description Enables disables the administrative access to the UTN server via IPv4 packets without tag If this option is disabled the UTN server can only be administrated via VLANs Enables disables the forwarding of IPv4 client VLAN data Specifies the IP address of the UTN server within the IPv4 client VLAN Specifies the subnet mask of the UTN server within the IPv4 client VLAN Specifies the ID for the identification of the IPv4 client VLAN Description Enables disables the IPv6 functionality of the UTN server Defines a UTN server IPv6 unicast address assigned manually in the format n n n n n n n n Every n represents the hexa decimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields con tain all zeros 0 In this case two colons are used 120 myUTN User Manual Linux Parameters ipv6_gate Router ipv6_plen Prefix length ipv6_aut
36. 4 M The USB port is connected to another client Proceed as follows 1 Select the port from the selection list 2 Select Port Request from the menu bar The release request will be sent myUTN User Manual Linux 68 What Do You Want To Do Requirements myUTN User Manual Linux Working with the SEH UTN Manager 5 6 Howto Automate Port Connections and Program Starts You can automate the connections to USB ports including con nected USB devices and program starts in many ways This is done by various automatisms O Permanent Port Connection after Operating System Boot Auto Connect gt B69 O Automatically Disconnect the Port Connection after the Time Defined Auto Disconnect 370 O Using the Additional Tool utnm gt 2150 Permanent Port Connection after Operating System Boot Auto Connect The feature automatically establishes a permanent connection to a USB port and the connected USB device without the need for a user to log on to the client The connection will be e activated upon the operating system startup and terminated when the system shuts down e automatically reestablished when the system restarts MI The SEH UTN Manager complete version is installed on the client see 921 The USB port is shown in the selection list see gt E64 You are logged on to the system as administrator Proceed as follows Start the SEH UTN Manager Select the port from the
37. A SER USB Device Server myUTN 50a Dongleserver myUTN 80 myUTN 54 myUTN 250 Dongleserver myUTN 800 User Manual Linux Manufacturer SEH Computertechnik GmbH Suedring m Scan this QR code meCard 33647 Bielefeld using your smart phone Germany Phone 49 0 521 94226 29 Fax 49 0 521 94226 99 Document Support 49 0 521 94226 44 Type User Manual Linux Email info seh de Title USB Device Server Web http www seh de Version 3 3 Online Links to Important Websites Free Guarantee Extension http www seh technology com guarantee Support Contacts amp Information http www seh technology com support Sales Contacts amp Information http www seh technology com sales Downloads http www seh de services downloads myutn html nterCon is a registered trademark of SEH Computertechnik GmbH SEH Computertechnik GmbH has endeavored to ensure that the information in this documentation is correct If you detect any inaccuracies please inform us at the address indicated above SEH Computertechnik GmbH will not accept any liability for any error or omission The information in this manual is subject to change without notification All rights are reserved Copying other reproduction or translation without the prior written consent from SEH Computertechnik GmbH is prohibited 2015 SEH Computertechnik GmbH All trademarks registered trademarks logos and product names are property of their respective owners
38. AST PLABELO authentication for the EAP Options PEAPLABELO authentication methods TTLS PEAP i PLABEL1 and FAST PEAPLABEL1 PVERO PEAPVERO PVER1 PEAPVER1 FPROV1 FAST PROV1 myUTN User Manual Linux 128 myUTN User Manual Linux Parameters Value auth_ano_name max 64 characters Anonymous a z A Z 0 9 name auth_wpa_addon max 255 characters WPA add on a z A Z 0 9 Default blank blank Appendix Parameter List Description Defines the anonymous name for the unencrypted part of the EAP authentication methods TTLS PEAP and FAST Specifies an optional WPA expansion Tabelle 31 Parameter List POP3 only myUTN 80 and later Parameters Value pop3 on off POP3 pop3_srv max 128 characters Server name pop3_poll 1 10080 Check mail 1 5 characters 0 9 every pop3_port 1 65535 Server port 1 5 characters 0 9 pop3_usr max 128 characters User name pop3_pwd max 128 characters Password pop3_sec 0 no security Security 1 APOP 2 SSL TLS pop3_limit 0 4096 Ignore mail 1 4 characters 0 9 exceeding 0 unlimited Default off blank 110 blank blank 4096 Description Enables disables the POP3 functionality Defines the POP3 server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand Defines the time interval in minutes for retri
39. CURITY USB port access 3 Select the entry from the Method list of the relevant USB port 4 Click Save to confirm The USB port access control will be disabled The connected USB devices can be operated 86 myUTN User Manual Linux Security 6 5 Howto Block USB Device Types USB devices are grouped into classes according to their function For example input devices such as keyboards belong to the group Human Interface Device HID USB devices may present themselves as HID class USB devices but actually are used for abuse known as BadUSB In order to protect the UTN server you can block input devices which belong to the HID class Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Device access 3 Tick clear Disable input devices HID class in the USB devices area 4 Click Save amp Restart to confirm 5 The setting will be saved 87 What are Certificates Benefits and Purpose Which Certificates are Available myUTN User Manual Linux Security 6 6 Howto Use Certificates Correctly The UTN server has its own certificate management This section explains how certificates are used and when the use of certificates is recommended Certificates can be used in TCP IP based networks to encrypt data and to authenticate communication partners Certificates are elec tronic messages containing a key public key and a signature The use of certificates al
40. Center restart the device see gt 4113 9 Clear Test mode 10 Click Save amp Restart to confirm The settings are saved The port access control is active Access to the ports is restricted 83 USB Port Key Control USB Port Device Assignment myUTN User Manual Linux Security 6 4 How to Control Access to USB Devices only myUTN 80 and later Via the USB ports you can control the access to the USB devices that are connected to the UTN server Two security methods are available for each USB port Both security methods can also be used in combi nation In the course of the key control a key is specified for the USB port via the myUTN Control Center By setting the key the USB device that is connected to the USB port is protected against unwanted access Neither the USB port nor the connected USB device will be displayed in the SEH UTN Manager This means that a user will not be able to make changes to the port or to establish a connection between the client and the USB port To make the USB port and the connected USB device available the user must enter the key for the USB port on the client This is done via the SEH UTN Manager By changing the key in the myUTN Con trol Center the user can once again lose its permission to access the USB device Device assignment means that a USB device is permanently assigned to each USB port via the myUTN Control Center A USB device can then only be operated together wit
41. Click Save to confirm The settings are saved A Tabelle 10 IPv4 management VLAN parameters Parameters Description IPv4 management VLAN Enables disables the forwarding of IPv4 management VLAN data VLAN ID ID for the identification of the IPv4 management VLAN 0 4096 IP Address IP address of the UTN server gt 235 Subnet mask Subnet mask of the UTN server gt 235 Access from any VLAN Enables disables the administrative access web SNMP to the UTN server via IPv4 client VLANs If this option is enabled the UTN server can be administrated via all VLANs The change in the SNMP access only becomes effective after a restart of the UTN server Access via LAN untagged Enables disables the administrative access to the UTN server via IPv4 packets without tag If this option is disabled the UTN server can only be administrated via VLANs Entering IPv4 client VLANs Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK IPv4 VLAN 60 myUTN User Manual Linux Device Settings 3 Configure the IPv4 VLAN parameters siehe Tabelle 11 gt 2 67 4 Click Save to confirm The settings are saved Tabelle 11 IPv4 client VLAN parameters Parameters Description VLAN Enables disables the forwarding of IPv4 client VLAN data IP Address IP address of the UTN server within the IPv4 client VLAN Subnet mask Subnet mask of the UTN server within the IPv4 client VLAN VLAN ID ID for the ide
42. Encryption method see WLAN Security gt 345 Authentication method see Authentication gt 46 Connecting the UTN Server to the Wired Network To establish a connection to a wired network connect the network cable RJ 45 to the UTN server The UTN server automatically switches to the wired network N myUTN User Manual Linux 49 Device Settings 4 Device Settings What Information How to Determine a Description gt 50 Do You Need e How to Assign an Identifier Shown in the Display Panel myUTN 800 only 251 e How to Configure the Device Time gt 85 e How to Configure the UTN SSL Port 1252 e How to Assign a Name to a USB Port gt 253 e How to Deactivate a USB Port only myUTN 80 and later gt E54 e H S N mg mg w to Use the Notification Service only myUTN 80 and later 54 e How to Get Error Messages via the Display Panel myUTN 800 only gt 256 e How to Configure Acoustic Signals myUTN 800 only gt 57 e How to Use the UTN Server in VLAN environments only myUTN 80 and later gt 59 e mg Il 4 1 How to Determine a Description You can assign freely definable descriptions to the UTN server This gives you a better overview of the devices available in the network Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Description 3 Enter freely definable
43. Integ rity Protocol and AES Advanced Encryption Standard are available for the encryption of data You can check the identity of a device or user by means of an authentication method before they gain access to resources in the network The UTN server offers different variants of EAP Extensible Authentication Protocol as authentication method For further information see How to Use Authentication Methods gt E96 O Using the UTN Server myUTN 54 in a Wireless Network gt 46 O Connecting the UTN Server to the Wired Network gt 49 Using the UTN Server myUTN 54 in a Wireless Network To operate the UTN server in a wireless network the WLAN and security settings of the UTN server must match those of the wireless network 46 Requirements myUTN User Manual Linux Network Settings In order to configure the UTN server you must first establish a con nection to a wired network by means of the network connector RJ 45 see Quick Installation Guide Mi The UTN server is connected to the network and the mains voltage M The UTN server is known to the wired network via its IP address see D2814 Proceed as follows Start the myUTN Control Center Select NETWORK WLAN The available WLANs are shown in the network list Decide in which WLAN you want to operate the UTN server 3 Configure the WLAN parameters in such a way that they match the parameters of the WLAN to be used siehe Tabe
44. LED and After a few seconds only the Switch off the UTN server interrupt the power supply Switch on the UTN server establish the power supply 110 myUTN 800 myUTN User Manual Linux Maintenance Remove the SD card from the UTN server before resetting the parameters Otherwise the UTN server will load the parameter values stored on it automatic backup gt 2107 Proceed as follows 1 Press the reset button for 5 seconds You will hear a beep The UTN server restarts The parameters are reset o 2 R Abb 15 Reset button myUTN 800 111 Maintenance 7 3 Howto Perform an Update You can carry out software and firmware updates on the UTN server Updates allow you to benefit from currently developed features What Happens In the course of an update the old firmware software will be over During an Update written and replaced by the new firmware software The parameter default settings of the device remain unchanged When Isan Update An update should be undertaken if functions do not work properly Recommended and if a new software or firmware version with new functions or bug fixes has been released by SEH Computertechnik GmbH Check the installed software and firmware version on the UTN server You will find the version number on the myUTN Control Cen ter Where Do Find the Current firmware and software files can be downloaded from the Update Files homepage of SEH Computertechnik GmbH
45. MP trap address of the recipient Defines the SNMP trap community of the recipient Enables disables the sending of SNMP traps after a USB device was connected to removed from the UTN server Enables disables the sending of SNMP traps when the UTN server is restarted Enables disables the sending of SNMP traps after a USB port was activated deactivated Enables disables the sending of SNMP traps when one of the power supplies of the UTN server is interrupted or estab lished myUTN 800 only Enables disables the sending of SNMP traps after an SD card was connected to removed from the UTN server myUTN 800 only Enables disables the sending of SNMP traps if the SD card is unusable myUTN 800 only Defines the email address of the recipient for notifications 131 Appendix Parameter List Parameters ELT Default Description noti_dev_1 on off off Enables disables the sending noti_dev_2 of emails after a USB device Send email if was connected to removed USB devices are from the UTN server connected or disconnected noti_act_1 on off off Enables disables the sending noti_act_2 of emails after a USB port was Send email if activated deactivated USB port is activated or deactivated noti_pwr_1 on off off Enables disables the sending noti_pwr_2 of emails when one of the Send email if power supplies of the UTN power supply is server is interrupted or estab interrupted or lished myUTN 800 only establish
46. Mode AES CCMP 802 1X EAP WEP WEP Wired Equivalent Privacy is an encryption method according to IEEE 802 11 on the basis of the RC4 encryption algorithm WEP offers myUTN User Manual Linux 45 WPA WPA2 Authentication What Do You Want To Do myUTN User Manual Linux Network Settings mechanisms for data encryption and authentication WEP uses a key to encrypt the entire communication As for encrypted access points the same WEP key must be used for the access point and the UTN server gt Bails _ S i a hr Some access points convert WEP keys that are entered as ASCII text into arbitrary hexadecimal values In this case the WEP keys for the access point and the UTN server do not match It is therefore recom mended to use hexadecimal WEP keys In contrast to WEP WPA Wi Fi Protected Access offers enhanced mechanisms for exchanging keys The exchange key is only used at the beginning of a session Afterwards a session key is used The key is regenerated periodically The WPA mechanism requires an authen tication at the beginning of a connection In the Personal Mode authentication is done via the Pre Shared Key PSK The PSK is a password with 8 63 alphanumerical characters The Enterprise Mode uses the EAP authentication method An individual 128 bit key is used for data encryption after the authentication The encryption methods TKIP Temporal Key
47. NTP server from port locking they must be defined as exceptions To do so the IP addresses or MAC addresses hardware addresses of the net 82 Test Mode myUTN User Manual Linux Security work elements with access rights must be entered in the Exceptions area Please note e MAC addresses are not delivered through routers e The use of wildcards allows you to define subnetworks The test mode allows you to check the configured access protec tion If the test mode is activated access protection remains active until the UTN server is rebooted After restarting the protection is no longer effective The test mode option is activated by default After a successful test you must deactivate the test mode so that access protection remains permanently active Proceed as follows 1 Start the myUTN Control Center SelectSECURITY TCP port access Tick Port access control Select the desired protection in the Security level area In the Exceptions area define the network elements which are excluded from port locking Enter the IP or MAC addresses and tick the options Make sure that the test mode is enabled 7 Click Save amp Restart to confirm The settings are saved The port access control is activated until the device is restarted 8 Check the port access and configurability of the UTN server AMYN gt a If the UTN server can no longer be reached using the myUTN Control
48. Parameters AEL ip_addr valid IP address IP address ip_mask valid IP address Subnet mask ip_gate valid IP address Gateway ip_dhcp on off DHCP ip_bootp on off BOOTP ip_auto on off ARP PING Default 169 254 0 0 16 255 255 0 0 0 0 0 0 Appendix Parameter List Description Specifies the IP address of the UTN server Specifies the subnet mask of the UTN server Specifies the gateway address of the UTN server Enables disables the DHCP protocol Enables disables the BOOTP protocol Enables disables the IP address assignment via ARP PING Tabelle 15 Parameter List IPv4 VLAN only myUTN 80 and later Parameters Value ip4vlan_mgmt on off IPv4 management VLAN ip4vlan_mgmt_id 0 4096 VLAN ID 1 4 characters 0 9 ip4vian_mgmt_any on off Access from any VLAN myUTN User Manual Linux Default off Description Enables disables the forward ing of IPv4 management VLAN data ID for the identification of the IPv4 management VLAN 0 4096 Enables disables the administrative access web SNMP to the UTN server via IPv4 client VLANs If this option is enabled the UTN server can be administrated via all VLANs The change in the SNMP access only becomes effective after a restart of the UTN server 119 myUTN User Manual Linux Parameters AEL ip4vlan_mgmt_un on off tag Access via LAN untagged ipv4vlan_on_1 on off ipv4vlan_on_2
49. SID in order to clearly identify the wireless network Defines the encryption method to be used to protect the access to the WLAN Defines the WEP key to be used Defines the WEP keys Four WEP keys are available You can enter the following characters Hexadecimal 0 9 a f A F ASCII 0 9 a z A Z Defines the Pre Shared Key PSK for Wi Fi Protected Access WPA 134 myUTN User Manual Linux Parameters Value Default wifi_roaming on off off Roaming wifi_dbmroam 0 100 0 Roaming level 1 3 characters 0 9 Appendix Parameter List Description Enables disables the use of roaming Roaming refers to the moving of one radio cell to the next The UTN server will use the access point that has the stron gest signal If the UTN server moves towards the sphere of another access point the UTN server switches automatically and without loss of connection to the next radio cell Defines the transmission power in dBm of the UTN server Tabelle 35 Parameter List Display panel myUTN 800 only Parameters Value Default dis_def 1 2 characters SD Identifier display A Z 0 9 panel dis_pwr on off on Display error if only one power supply provides power disp_sdc on off on Display SD card errors Description Defines the identifier shown in the display panel on the front side of the Dongleserver Enables disables the display of error messages in the display panel
50. Selection List Automatic Refresh v x v x x Port Settings dialog Automatic device connection z X P Auto Connect Messages v v v v v v active r read only x inactive grayed out rw read and write INI ini file gt 73 140 Appendix Troubleshooting Problem Possible Cause 8 6 Troubleshooting This chapter describes some problems and their solutions e The UTN server signalizes the BIOS mode 92141 e Some functions in the SEH UTN Manager are hidden enabled or appear dimmed 92142 e USB devices are not shown in the SEH UTN Manager gt B142 e The SEH UTN Manager displays several USB devices at one USB port gt 8142 e A connection to the UTN server cannot be established gt E1143 e A connection to the USB port cannot be established 915143 e A connection to the myUIN Control Center cannot be established gt 2143 e The password is no longer available gt 2144 The UTN server signalizes the BIOS mode The UTN server switches to the BIOS mode if the firmware functions well but the software is faulty This may happen in the case of an incorrect software update for example The UTN server signalizes the BIOS mode if e the activity LED yellow blinks periodically and e the status LED green is not active The UTN server is not operational in the BIOS mode In this case please contact the SEH support team see Support und Ser
51. TN Manager 2 Select the port from the selection list 3 Select Port Activate from the menu bar The connection will be established Administrator SEH UTN Manager Program Selection List UTN server g Help UTN Mana Refresh Edit Activate Deactivate UTN Server Devit nS e 192 168 0 140 Flash Drive Port 1 Activates the selected port S Available SEH Port number Port status Flash Drive zl Available Flash Drive Abb 9 SEH UTN Manager Activating the Device 66 What Do You Want To Do Requirements myUTN User Manual Linux Working with the SEH UTN Manager 5 4 Howto Cut the Connection between the USB Port including USB Device and the Client Close the connection to the USB port and the connected USB device when the USB device is no longer needed This allows other network participants to access the USB port and the connected USB device Usually the connection is cut by the user via the SEH UTN Manager The administrator can also cut the connection via the myUTN Con trol Center In addition the connection for some automatisms can be automatically disconnected 69 O Cutting the Device Connection via the SEH UTN Manager gt E67 O c D ting the Device Connection via the myUTN Control Center 67 H S Cutting the Device Connection via the SEH UTN Manager M The SEH UTN Manager complete version is installed on the client see 2821
52. TN Manager the program must be installed on a computer with a Linux operating system The installation file of the SEH UTN Manager can be found on the SEH Computertechnik GmbH homepage http www seh technology com services downloads myutn html For Linux systems 64 bit the installation packages are available as deb and rpm files There are four packages respectively 1 driver 2 service SEH UTN service daemon 3 clitool command line interface tool 4 manager graphical user interface tgz installation packages for other Linux systems 32 and 64 bit are also available Minimum requirements Linux kernel 2 6 32 and glibe 2 11 1 Due to the multitude of Linux varieties a successful installation can however not be guaranteed The number of installed packages determines the version of the SEH UTN Manager e package 1 3 minimal version e package 1 4 complete version gt Install the packages in the order given above to comply with their dependencies The installation of the files depends on the distribution For more information refer to the documentation of your operating system Some installation procedures are described exemplarily e Installting the SEH UTN Manager via the Ubuntu Software Center 913 24 23 Administration Methods Installing the SEH UTN Manager via Ubuntu terminal gt 25 Installing theSEH UTN Manager via the Oracle Terminal gt 25 Installing Dynami
53. TN server etc that is intended to have access to the wireless network must be configured using the same SSID Roaming Enables disables the use of roaming Roaming refers to the moving of one radio cell to the next The UTN server will use the access point that has the strongest signal If the UTN server moves towards the sphere of another access point the UTN server switches automatically and without loss of connection to the next radio cell The parameter Roaming can only be configured in the Infra structure mode Roaming level Defines the transmission power in dBm of the UTN server The value 65 dbm is preset The parameter Roaming Level can only be configured in the Infrastruc ture mode Channel Defines the channel frequency range on which the Frequency range entire data communication will be transmitted The prod uct uses the 2 4 GHz ISM band A channel has a band width of 22 MHz The distance between two neighboring channels is 5 MHz Channel 3 is preset The parameter Channel can only be configured in the Ad Hoc mode Neighboring channels overlap which can lead to interfer ences If several WLANs are operated in a small radius a distance of at least five channels should exist between two channels Keep yourself informed about national provisions regarding the use of WLAN products and only use authorized channels myUTN User Manual Linux 48 Network Settings Parameters Description
54. TTLS see gt 98 an encrypted TLS Transport Layer Security channel is established between the UTN server and the RADIUS server Only the RADIUS server authenti cates itself using a certificate that was signed by a CA The TLS channel is then used to establish another connection that can be protected by means of additional EAP authentication meth ods e g MSCHAPv2 The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed PEAP uses the advan tages of TLS and supports various authentication methods including user passwords and one time passwords MI The UTN server is defined as user with user name and password on a RADIUS server E Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Authentication 3 Select PEAP from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server 5 Select the settings intended to secure the communication in the TLS channel 6 To make the connection more secure you can also install the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server 2894 Afterwards select the root CA certificate from the list EAP root certificate 100 Benefits and Purpose Mode of Operation myUTN Us
55. The UTN server is displayed in the Automatic Device Disconnect area see 2864 MI You are logged on to the system as administrator mg O Proceed as follows 1 Start the SEH UTN Manager 2 Select Program Options from the menu bar The Options dialog appears 3 Select the Automatisms tab 4 In the Auto Disconnect area tick Status for the relevant UTN server 5 Define the desired time range 10 525 minutes 70 Working with the SEH UTN Manager 6 Optionally tick Prolongation 7 Click OK The setting will be saved myUTN User Manual Linux 71 What Do You Want To Do Requirements Requirements myUTN User Manual Linux Working with the SEH UTN Manager 5 7 Howto Get Information about the USB Port and USB Device You can view the status information of the USB port and the USB device You can also configure automatic messages You will be noti fied when a USB port and the connected USB device become avail able after they have been in use O Displaying Status Information 1272 O Configuring Messages gt 72 Displaying Status Information MI The SEH UTN Manager complete version is installed on the client see gt E21 Mi The USB port is shown in the selection list see gt E164 Proceed as follows 1 Start the SEH UTN Manager 2 Select the USB port from the selection list The status information is displayed in the Properties area
56. ailable 1 Available Flash Drive Buttons for managing the port Display area for the connection properties Abb 3 SEH UTN Manager Main Dialog Functions The SEH UTN Manager offers the following features Adding UTN Servers to the Selection List gt B64 Connecting the USB Port to the Client 265 Disconnecting the USB Port from the Client gt 67 Requesting Occupied USB Ports gt 2168 Automating Port Connections and Program Starts gt 269 Assigning an IPv4 Address to UTN Servers gt 235 28 myUTN User Manual Linux Administration Methods e Starting the myUTN Control Center gt 19 e Granting Access to Locked USB Ports gt 285 e Managing Selection Lists for Several Participants gt 73 Detailed information on how to use the SEH UTN Manager can be found in the Online Help To start the Online Help select Help Online Help from the menu bar Functions in the SEH UTN Manager can be shown as inactive or not shown at all This depends on e the embedded UTN server model e the type and location of the selection list e the user s rights and the group memberships on the client e the settings of the product specific security mechanisms e the operating system of the client nA For further information see SEH UTN Manager Funktions ber sicht 92144 29 Functionalities Requirements Sending Instructions via Email Syntax and Format
57. amages and consequential damages result ing from the non observance of the mentioned safety regulations and warnings SEH Computertechnik GmbH will not accept any lia bility for loss of data property damages and consequential damages resulting from the non observance of the mentioned safety regula tions and warnings The UTN serveris used in TCP IP networks myUTN allows you to access non network ready USB devices in the network The UTN server has been designed for use in office environments All uses of the device that do not comply with the myUTN function alities described in the documentation are regarded as improper uses It is not allowed to make modifications to the hardware and software or to try to repair the device Before starting the initial operation procedure of the UTN server please note the safety regulations in the Quick Installation Guide The Quick Installation Guide is enclosed in the packaging Read and observe all warnings mentioned in this document Warn ings are found before any instructions known to be dangerous They are presented as follows Warning myUTN User Manual Linux General Information 1 5 First Steps This section provides all the information that you need for a fast operational readiness Proceed as follows 1 2 Read and observe the security regulations in order to avoid damages to people and devices see 9812 Carry out the hardware installation The hardware instal
58. and sends a data packet containing the IP address The IP address is saved in the UTN server DHCP The UTN server supports DHCP which means that the IP address of the UTN server can be assigned dynamically via a DHCP server MI The DHCP parameter has been enabled see 1334 Mi A DHCP server is available in the network After the hardware installation the UTN server asks a DHCP server for an IP address by means of a broadcast query The DHCP server identifies the UTN server on the basis of its hardware address and sends a data packet to the UTN server This data packet contains among others the IP address of the UTN server the default gateway and the IP address of the DNS server The data is saved in the UTN server General Information Auto Configuration IPv6 Standard The UTN server can have an IPv4 address and several IPv6 addresses at the same time The IPv6 standard is used to automatically assign IP addresses in IPv6 networks When connected to an IPv6 network the UTN server will automatically obtain an additional link local IP address from the IPv6 address range The UTN server uses the link local IP address to search for a router The UTN server sends so called router solicitations RS to the spe cial multicast address FFO2 2 The available router will then return a Router Advertisement RA containing the required information With a prefix from the range of the global unicast addres
59. and the message types Proceed as follows Start the myUTN Control Center Select Device Notification Enter the recipient into the Email address box Tick the options with the desired message types Click Save amp Restart to confirm The settings are saved EARWN gt S Configuring event notifications via SNMP traps For the notification service you can specify up to two SNMP trap recipients and the message types Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 Inthe SNMP traps area specify the recipients via the IP address and the community 4 Tick the options with the desired message types 5 Click Save amp Restart to confirm The settings are saved 4 8 Howto Get Error Messages via the Display Panel myUTN 800 only You can have error states be shown in the panel display on the front side of the Dongleserver myUTN 800 The following message types are possible 56 myUTN User Manual Linux Device Settings e only one power supply works e SD card errors read and write errors no SD card Errors are displayed in codes The meaning of the codes you will find in chapter Informationen im Anzeigefeld nur myUTN 800 gt 143 Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 In the Display panel area tick the options with the desired message types The settings are saved gt fe If there is no er
60. arameters to their Default Values It is possible to reset the UTN Server s parameters to the default val ues factory settings All previously configured parameter values will be deleted in this process Installed certificates will not be deleted a B 7 If you reset the parameters the IP address of the UTN server may change and the connection to the myUTN Control Center may be terminated You must reset the parameters for example if you have changed the location of the UTN server and if you want to use the UTN server in a different network Before this change of location you should reset the parameters to the default settings to install the UTN server in another network O Resetting the Parameters via the myUTN Control Center gt 108 O Resetting the Parameters via the Reset Button gt 5109 a By means of the reset button of the device you can reset the param eters without entering the password Resetting the Parameters via the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Default settings 3 Click Default settings A security query appears Confirm the security query The parameters are reset A 108 myUTN 50a to myUTN 250 myUTN User Manual Linux Maintenance Resetting the Parameters via the Reset Button LEDs the reset button and various ports can be found on the UTN server These components are described in the
61. are installed on the UTN server Up to 32 CA certificates can be installed Thus multi level public key infrastructures PKIs are supported Example The UTN server offers a number of authentication methods to verify its identity in a network If you use the authentication method EAP TLS gt 97 you must install the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server M The certificate must be in base64 format Proceed as follows 1 Start the myUTN Control Center Select SECURITY Certificates Click CA certificate Click Browse Specify the CA certificate Click Install The CA certificate will be saved in the UTN server EAAAWN 94 Requirements myUTN User Manual Linux Security Deleting Certificates Do not delete the certificate CA self signed PKCS 12 if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center If the corresponding certifi cate is deleted the myUTN Control Center can no longer be reached In this case you have to reset the parameters of the UTN server see gt E108 M A certificate is installed on the UTN server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Select the certificate to be deleted via the icon Q The certificate is displayed Click Delete The certificate is deleted A 95
62. c Kernel Module Support DKMS Installting the SEH UTN Manager via the Ubuntu Software Center System Requirements MI Ubuntu 12 4 x LTS 64 bit Ubuntu 14 04 x LTS 64 bit with Linux kernel 2 6 32 or higher glibc 2 11 1 or higher and OpenSSL 1 0 1 or higher M The user used can gain root privileges via the command sudo Proceed as follows 1 2 gt myUTN User Manual Linux Start the installation package no 1 The Ubuntu Software Center appears Click Install A password prompt appears Authenticate yourself with your password The package will be installed on your client Repeat steps 1 through 3 with the remaining packages Add all users that are to administrate the SEH UTN Manager on the client to the user group utnusers To do this open the console Terminal and enter the command sudo usermod aG utnusers lt user name gt Logout and login again so that the group changes take effect The SEH UTN Manager is installed on your client 24 System Requirements System Requirements myUTN User Manual Linux Administration Methods Installing the SEH UTN Manager via Ubuntu terminal m M M Ubuntu 12 04 x LTS 64 bit Ubuntu 14 04 x LTS 64 bit with Linux kernel 2 6 32 or higher glibc 2 11 1 or higher and OpenSSL 1 0 1 or higher The user used can gain root privileges via the command sudo DKMS Dynamic Kernel Module Support is installed on the client see gt
63. cate in the UTN Server gt 292 O Installing the PKCS 12 Certificate in the UTN Server gt 93 O Saving S MIME Certificates in the UTN Server only myUTN 80 and later gt 593 O Installing the CA Certificate in the UTN Server gt 294 O Deleting Certificates gt 295 O mg Displaying Certificates Certificates installed on the UTN server and certificate requests can be displayed and viewed M A certificate is installed on the UTN server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Select the certificate via the icon Q The certificate is displayed Creating a Self Signed Certificate gt If a self signed certificate has already been created on the UTN server you must first delete the certificate see gt 95 Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Click Self signed certificate an 4 Enter the relevant parameters siehe Tabelle 13 5891 90 Security 5 Click Create Install The certificate will be created and installed This may take a few minutes Tabelle 13 Parameters for the Creation of Certificates Parameters Description Common name Is used to clearly identify the certificate It is advisable to use the IP address or the host name of the UTN server to allow a clear assignment of the certificate to the UTN server You can enter a maxim
64. connect 70 Auto Disonnect 22 utnm 22 145 Backup 105 Backup copy 105 BIOS Mode 141 Bonjour 40 BOOTP 15 Button Reset 33 108 Restart 33 113 C CA certificate 89 Certificate 88 Create 90 Display 90 Installation 92 Certificate request 92 Certificates Delete 95 Anhang Index Channel 48 Cipher Suite 79 Communication mode 48 Complete version 22 Compound USB device 65 117 Connection Types Define 81 Connection types 81 Console 145 D Default certificate 88 Default name 116 Default settings 108 Descriptions 50 Device number 116 DHCP 15 Display panel 51 56 138 DKMS Dynamic Kernel Module Support 26 DNS Domain Name Service 38 Documentation 8 E EAP 96 EAP FAST 101 EAP MD5 97 EAP TLS 97 EAP ITLS 98 Email 30 55 Encryption 103 Encryption Level 79 Error states 56 138 F File lt default name_parameter txt gt 105 Frequency range 48 151 myUTN User Manual Linux G Gateway 116 Global Selection List 74 H Hardware address 115 Host name 116 Hotline 11 HTTP HTTPS 81 Identifier 51 IEEE 802 1X 96 Improper Use 12 Infrastructure mode 48 Installation Hardware 13 SEH UTN Manager 23 Intended Use 12 Interferences 133 IP Address 116 IP address save 14 IPv4 34 IPv4 client VLAN 60 IPv4 management VLAN 60 IPv6 36 L LEDs 137 Lock access 81 M MAC address 115 Maintenance 105 Minimal version 22 Mode 48 Multicast Search 62 Anhang Index myUTN 6 m
65. crypted connection means that client and UTN server number communicate via the UTN SSL port If a non default UTN SSL port has been be defined 252 this command is to be used t seconds or Specifies a timeout for the command strings activate timeout seconds deactivate plugin plugout and eject v or Shows version information about utnm version The following applies for the commands UTN server IP address or host name of a UTN server Elements in square brackets are optional not case sensitive only the ASCII format can be read 148 Appendix Additional Tool utnm Return Values Example Return Value Description 0 The USB port including the connected USB device is free for use 20 The plugin of the USB device connected to the USB port failed PAL The plugout of the USB device connected to the USB port failed 22 The ejection of the USB device connected to the USB port failed 23 The USB device connected to the USB port is already plugged in 24 The USB device connected to the USB port is already plugged out 25 The USB port including the connected USB device is connected to another user 26 The USB port including the connected USB device is unreachable 27 The USB device state is unknown 100 Unknown command TOn UTN server not found Either the UTN server does not exist or the DNS resolution failed 103 The port key is too long A USB device is to be activated Commands
66. cted The software is installed on all clients that are meant to access a USB device in the network Mode of Operation After the SEH UTN Manager is started the network will be scanned for connected UTN servers The network range to be scanned is freely definable After the network scan all UTN servers found together with the connected USB devices will be shown in the network list The required UTN servers will be selected and added to the selection list The devices in the selection list can be configured or connected to the client What Information e Automatisms gt 21 Do vouliecs SEH UTN Manager Versions gt 22 e Installation gt 23 e Programm Start gt 27 e Changing Versions gt 27 e Update gt 27 e Program Structure gt 28 e Functions gt 28 Automatisms The SEH UTN Manager supports among other things the following automatisms e Auto Connect This function enables the automatic activation of a permanent connection to a port and the connected USB device when you start the operating system myUTN User Manual Linux 21 What Are the Differences Between the Versions myUTN User Manual Linux Administration Methods e Auto Disconnect This functionality allows for the automatic deactivation of a USB port and the connected USB device after a time defined e Additional Tool utnm This tool is used for the activation and deactivation of p
67. cters blank Defines the password of the Password a z A Z 0 9 SNMP user group 1 any_rights None readonly Defines the access rights of Access rights readonly the SNMP user group 1 readwrite any_hash md5 md5 Specifies the hash algorithm Hash sha of the SNMP user group 1 any_cipher None Defines the encryption Encryption aes method of the SNMP user des group 1 126 Appendix Parameter List Parameters Value Default Description admin_name max 64 characters admin Defines the name of the User name a z A Z 0 9 SNMP user group 2 admin_pwd 8 64 characters adminis Defines the password of the Password a z A Z 0 9 trator SNMP user group 2 admin_rights None readwrite Defines the access rights of Access rights readonly the SNMP user group 2 readwrite admin_hash md5 md5 Specifies the hash algorithm Hash sha of the SNMP user group 2 admin_cipher None Defines the encryption Encryption aes method of the SNMP user des group 2 Tabelle 28 Parameter List Date Time Parameters Value Default Description ntp on off on Enables disables the use of a Date Time time server SNTP ntp_server max 64 characters pool ntp Defines a time server via the Time server a z A Z 0 9 org IP address or the host name The host name can only be used if a DNS server was configured beforehand ntp_tzone UTC GMT EST CET CE The time zone is used to Time zone EDT CST CDT ST EU equali
68. d can be found in the respective Quick Installation Guide myUTN User Manual Linux 7 Scope and Content Structure of the Documentation Document Features myUTN User Manual Linux General Information 1 2 Documentation This documentation describes several versions of the USB Device server as well as the Dongleservers This means that functions will be described that may not be applicable to your product Some illustra tions may differ from your device Refer to the data sheet of your UTN server model for information about the functional range of your product Please note the follow ing names of the product categories in this documentation e USB Deviceserver gt UTN server e Dongleserver gt UTN server e dongle gt USB device The myUTN documentation consists of the following documents User Manual Detailed description of the myUTN configuration and L administration System specific instructions for the R following systems ji Windows Mac Linux Quick Installation Guide Pe Information about security hardware installation and the et 2 initial operation procedure aama Online Help myUTN Control Center i RY The Online Help contains detailed information about how aaa A to use the myUTN Control Center x Online Help SEH UTN Manager V The Online Help contains detailed information about how x to use the software tool SEH UTN Manager This documentation has been design
69. displayed or will be displayed as inac tive This depends on the embedded UTN server model the settings of the product specific security mechanisms myUTN User Manual Linux 139 myUTN User Manual Linux Appendix SEH UTN Manager Function Overview Tabelle 38 SEH UTN Manager Function Overview Linux Global User Specific Selection List Selection List Adminis Adminis trative trative rights rights User User l utn utn rw r users User users INI INI Selection List Edit Selection List Export Selection List Refresh UTN server Configure UTN server Set IP Address UTN server Set USB Port Keys UTN server Add UTN server Remove UTN server Refresh Port Activate Port Deactivate Port Request Port Remove Port Settings EAE NARA NN SN S a a S SS a Nn Nek amp amp nN i amp amp amp x SES AIRS sy 1 SSI i Selection List Refresh Selection List Edit Port Activate Port Deactivate Program Options dialog JN lt JN lt o E lt J x x s Network Scan Multicast Search v x v x x Network Scan IP Range Search v x v x x Program Program Messages v x v x x Program Program Update v x v x x Automatisms Auto Disconnect v x v x x Selection List Selection List Mode v x v x K
70. e client see 29821 MI The UTN server was recognized during the network scan and is displayed in the network list Proceed as follows 1 2 a Start the SEH UTN Manager Select Selection List Edit from the menu bar The Edit Selection List dialog appears Select the UTN server to be used from the network list Click Add Repeat steps 2 and 3 if necessary Click OK The UTN servers and the connected USB devices are displayed in the selection list Edit Selection List Put together a selection list with your preferred devices Network List v Selection List SA Flash Drive Port 1 Flash Drive Port 1 e 10 168 0 247 Dongle Port 3 Dongle Port 5 Options Add gt Remove OK Cancel Abb 8 SEH UTN Manager Edit Selection List e To directly add a UTN server with a known IP address to the selection list select UTN Server Add from the menu bar myUTN User Manual Linux 64 Working with the SEH UTN Manager Special Case Compound USB Device Requirements myUTN User Manual Linux 5 3 Howto Connect a USB Port including USB Device to a Client A USB device that is connected to the UTN server can be connected to the client To this purpose the user establishes a connection between the client and the USB port of the UTN server to which the USB device is connected The USB device can then be used by the client as if the USB device was directly connected to
71. e Export to dialog appears 8 Save the file SEH UTN Manager ini using the following path SHOME config SEH Computertechnik GmbH SEH UTN Manager ini See User Specific Selection List gt 74 Each user has access to their own predefined selection list n Protecting the user specific selection list When using predefined user specific selection lists we recommend protecting the selection list against modifications by the user The selection list of a user is stored as SEH UTN Manager ini file in the following location SHOME config SEH Computertechnik GmbH SEH UTN Man ager ini See User Specific Selection List gt 74 Use the control panel of the operating system to turn ini files into read only files To do this you need administrative rights on the cli ent If an SEH UTN Manager ini file becomes read only all functions of the SEH UTN Manager that relate to the selection list will be dis abled 77 Security 6 Security The following security mechanisms can be configured and activated according to your demands What Information How to Define the Encryption Level for SSL TLS Connections Do You Need gt 879 e How to Control the Access to the myUTN Control Center gt 881 e How to Control Access to the UTN Server TCP Port Access Control gt 282 e How to Control Access to USB Devices only myUTN 80 and later gt 84 e How to Block USB Dev
72. e Linux 6 5 do not contain DKMS by default As an example the installation procedure in Oracle Linux 6 5 is described M The user used can gain root privileges via the command sudo Proceed as follows 1 Open the console Terminal 2 Run the command sudo wget http pkgs repoforge org rpm forge release rpm forge release 0 5 3 1l el5 rf x86 64 rpm 3 Run the command udo rpm import ttp apt sw be RPM GPG KEY dag txt un the command udo rpm K rpmforge release 0 5 3 l el5 rf rpm un the command udo rpm i rpmforge release 0 5 3 l el5 rf rpm 6 Install DKMS sudo yum install dkms 7 Run the command sudo yum install chrpath tkcvs rpm build rpmlint php php mysql A security query appears 8 Confirm the security query y 9 Determine the current kernel and note down the result uname 10 Run the command gpk application A security query appears 11 Confirm the security query by clicking Continue anyway The Add Remove Software dialog appears A uyu y vu 26 myUTN User Manual Linux Administration Methods 12 Enter building kernel in the search box 13 Click Find The search results are displayed 14 In the list look for Development package for building kernel modules to match the kernel for the previously determined kernel 15 Check if the Development package for building kernel modules to match the kernel for your kernel is installed If not install the package
73. e of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server gt 294 e Enable the authentication method EAP ILS on the UTN server E Proceed as follows Start the myUTN Control Center Select SECURITY Authentication Select TLS from the Authentication method ist Select the root CA certificate from the list EAP root certificate Click Save amp Restart to confirm The settings are saved EAKRWNs Configuring EAP TTLS EAP TTLS Tunneled Transport Layer Security validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the EAP TTLS network authentica 98 Mode of Operation Requirements myUTN User Manual Linux Security tion This ensures that the UTN server gets access to protected net works EAP TTLS consists of two phases In phase 1 a TLS encrypted channel between the UTN server and the RADIUS server will be established Only the RADIUS server authenticates itself using a certificate that was signed by a CA This process is also referred to as outer authentication In phase 2 an additional authentication method is used for the communication within the TLS channel EAP defined methods and older methods CHAP PAP MS CHAP and MS CHAPv2 are supported This process is also referred to as inner authenticatio
74. eactivate a USB Port only myUTN 80 and later You can enable or disable a USB port This is done by interrupting and re establishing the power supply The power supply for the USB ports is enabled by default Disable unused USB ports in order to ensure that unwanted USB devices cannot be connected to the network This function also allows you to turn a USB device off and on again without having to manually remove or reconnect it USB devices that are in an undefined state can be restarted by interrupting and re establishing the power supply of the USB port Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE USB port 3 Tick clear the option in front of the USB port 4 Click Save amp Restart to confirm The power supply of the USB port is established or interrupted 4 7 Howto Use the Notification Service only myUTN 80 and later You can get notifications in the form of emails or SNMP traps from the UTN server By means of these notifications up to four recipients can be informed about various events irrespective of time and loca tion The following message types are possible e The status email periodically informs the recipient about the status of the UTN server and the connected USB devices 54 What Do You Want To Do Requirements myUTN User Manual Linux Device Settings e The event notification informs you about a specific event on the UTN server via email or SNMP trap The e
75. ed 81 TCP Port Access Control Security Levels Exceptions myUTN User Manual Linux Security Protecting the web access via password To protect the myUIN Control Center against unauthorized web access you can use a passwort If a password is set only the start page of the myUTN Control Center can be visited and displayed If you select a menu item you will be asked to enter a password You will also be asked to enter a non definable user name Leave this field blank at the password prompt Proceed as follows Start the myUTN Control Center Select SECURITY Device access In the web area enter a password into the Password box Repeat the password Click Save amp Restart to confirm The setting will be saved EARWN gt 6 3 Howto Control Access to the UTN Server TCP Port Access Control You can control the access to the UTN server To do so various TCP port types on the UTN server can be locked Network elements that have permission to access the UTN server can be defined as excep tions and excluded from locking The UTN server only accepts data packets from network elements defined as exceptions The port types to be blocked must be defined in the Security level area The following categorization can be selected e Lock UTN access locks UTN ports e Lock TCP access locks TCP ports HITP HTTPS UTN e Lock all locks IP ports In order to exclude network elements e g clients DNS server S
76. ed noti_sdinout_1 on off off Enables disables the sending noti_sdinout_2 of emails after an SD card Send email if SD was connected to removed card is connected from the UTN server only or disconnected myUTN 800 noti_sdunusable_1 on off off Enables disables the sending noti_sdunusable_2 of emails if the SD card is Send email if SD unusable myUTN 800 only card cannot be used noti_stat_1 on off off Enables disables the noti_stat_2 periodical sending of a status Status email email to recipient 1 or 2 noti_pup_1 on off off Enables disables the sending noti_pup_2 of emails when the UTN Send email if server is restarted UTN server is restarted notistat_d al daily al Specifies the interval at which Interval su Sunday a status email is sent mo Monday tu Tuesday we Wednesday th Thursday fr Friday sa Saturday myUTN User Manual Linux 132 Parameters Value notistat_h 1 1 hour hh 2 2 hour 3 3 hour etc notistat_tm 0 00 min mm 1 10 min 2 20 min 3 30 min 4 40 min 5 50 min 6 00 min Default 0 Appendix Parameter List Description Specifies the time at which a status email is sent Specifies the time at which a status email is sent Tabelle 34 Parameter List WLAN myUTN 54 only Parameters Value wifi on off WLAN wifi_mode adhoc Mode infra wifi_channel 1 14 Channel country specific myUTN User Manual Linux Default on adhoc Descriptio
77. ed as an electronic document for screen use Many programs e g Adobe Reader offer a book Terminology Used in this Document myUTN User Manual Linux General Information mark navigation feature that allows you to view the entire docu ment structure This document contains hyperlinks to the associated information units If you want to print this documentation we recommend using the printer setting Duplex or Booklet The explanation of technical terms used in this document is summa rized in a glossary The glossary provides a quick overview of techni cal matters and background information see gt 118 Symbols and Conventions myUTN User Manual Linux General Information A variety of symbols are used within this document Their meaning is listed in the following table Tabelle 1 Conventions within the documentation Symbol Convention A __ Warning Note Proceed as follows 1 Mark Confirmation M Requirements O Option DE Bold Courier Proper names Description A warning contains important information that must be heeded Non observance may lead to malfunctions A notice contains information that should be heeded The hand symbol marks the beginning of instructions Individual instructions are set in italics The arrow confirms the consequence of an action Hooks mark requirements that must be met before you can begin
78. ed to save private keys and their respective certificates and to protect them by means of a password gt If a PKCS 12 certificate has already been installed on the UTN server you must first delete it see 95 M The certificate must be in base64 format Proceed as follows Start the myUTN Control Center Select SECURITY Certificates Click PKCS 12 certificate Click Browse Enter the PKCS 12 certificate Enter the password Click Install The PKCS 12 certificate is saved in the UTN server ENMARWNS Saving S MIME Certificates in the UTN Server only myUTN 80 and later S MIME certificates pem file are used to sign and encrypt the emails that are sent by the UTN server a 1 ee If a S MIME certificate has already been installed on the UTN server you must first delete it see gt I595 93 Requirements myUTN User Manual Linux Security Proceed as follows Start the myUTN Control Center Select SECURITY Certificates Click S MIME certificate Click Browse Specify the S MIME certificate Click Install The S MIME certificate is saved in the UTN server EFEAAA WN DP Installing the CA Certificate in the UTN Server In order to check the identity of the communicating parties of the UTN server it is necessary to validate their certificates For this the root CA certificates of the certification authorities that have issued the certificates of said communicating parties
79. er Manual Linux Security 7 Click Save amp Restart to confirm The settings are saved Configuring EAP FAST EAP FAST Flexible Authentication via Secure Tunneling validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the EAP FAST net work authentication This ensures that the UTN server gets access to protected networks EAP FAST uses as in the case of EAP TTLS see gt 98 a channel in order to protect the data transfer The main difference is that EAP FAST does not require certificates for authentication purposes The use of certificates is optional PACs Protected Access Credentials are used to build the channel PACs are credentials that comprise up to three components e A shared secret key that contains the preshared key between the UTN server and the RADIUS server e An opaque part that is provided to the UTN server and presented to the RADIUS server when the UTN server wishes to obtain access to network resources e Other information that may be useful to the client Optional EAP FAST uses two methods to generate PACs e The manual delivery mechanism can be every mechanism that the administrator configures and considers to be safe for the network e In the case of the automatic delivery an encrypted channel is established in order to protect the UTN server authentication as well as the delivery of the PACs 101 Requirement
80. es a connection between the client and the USB port including the con nected USB device myUTN has been designed for the use in TCP IP based networks The SEH UTN Manager has been designed for the use in the following systems General Information e Windows XP or later e OSX 10 8 x or later e Ubuntu 12 04 x LTS 64 bit Ubuntu 14 04 x LTS 64 bit or Oracle 64 bit Linux 6 5 with Linux kernel 2 6 32 or higher glibc 2 11 1 or higher and OpenSSL 1 0 1 or higher m This document describes the usage in Linux environments Informa tion about the usage in other environments can be found in the rel evant system specific User Manual For further information see Documentation gt B8 Procedure and Basic After the SEH UTN Manager is started the network will be scanned Functions for connected UTN servers The network range to be scanned is freely definable All UTN servers found will be shown in the network list together with the connected USB devices The required UTN servers will be selected and added to the selection list The UTN servers listed in the selection list can then be used by the user To use a USB device the user establishes a connection between the client and the USB port of the UTN server to which the USB device is connected IT devices industrial devices A entertainment gua devices UTN server a Abb 1 UTN Server in the Network ay Types and number of the USB devices to be connecte
81. es the POP3 functionality POP3 Server name Defines the POP3 server via the IP address or the host name The host name can only be used if a DNS server was configured beforehand POPS Server port Defines the port used by the UTN server for receiving emails The port number 110 is preset When using SSL TLS enter 995 as port number POP3 Security Defines the authentication method to be used APOP SSL TLS When using SSL TLS the cipher strength is defined via the encryption level gt 79 POP3 Check mail every Defines the time interval in minutes for retrieving emails from the POP3 server myUTN User Manual Linux 42 Requirements myUTN User Manual Linux Network Settings Parameters Description POP3 Ignore mail Defines the maximum email size in Kbyte to be exceeding accepted by the UTN server 0 unlimited POP3 User name Defines the user name used by the UTN server to log on to the POP3 server POP3 Password Defines the password used by the UTN server to log on to the POP3 server Configuring SMTP M The UTN server is set up as user with its own email address on a SMTP server Proceed as follows Start the myUTN Control Center Select NETWORK Email Configure the SMTP parameters siehe Tabelle 8 243 Click Save amp Restart to confirm The settings are saved FrwWh gt Tabelle 8 SMTP Parameters Parameters Description SMTP Server name Defines the SMTP server via the IP addre
82. est mode The test mode allows you to test the parameters set using the access control If the test mode is activated the access protection remains active until the UTN server is rebooted Specifies the port types to be locked UTN ports TCP ports all ports IP ports Enables disables an excep tion from the port locking Defines elements that are excluded from port locking using the IP address Enables disables an excep tion from the port locking Defines elements that are excluded from port locking using the hardware address 123 myUTN User Manual Linux Tabelle 22 Parameter List UTN port Parameters Value Default utn_port 1 9200 9200 UTN port 1 4 characters 0 9 utn_sslport 1 9443 9443 UTN SSL port 1 4 characters 0 9 Tabelle 23 Parameter List Encryption Parameters Value Default utn_sec_1 on off off utn_sec_20 USB port Appendix Parameter List Description Defines the number of the UTN port Defines the number of the UTN SSL port Description Enables disables the SSL TLS encryption of the USB port If the encryption is enabled the payload between the cli ents and the USB devices that are connected to the USB ports will be transferred in an encrypted way Tabelle 24 Parameter List USB port access only myUTN 80 and later Parameters Value Default utn_heartbeat 1 1800 180 1 4 characters 0 9 utn_accctrt_1 ids utn_accctr
83. est can be cre ated in the UTN server The request must be sent to the certification authority which creates an certificate on the basis of this request The certificate must be in base64 format If a certificate request has already been created you must first delete it see gt B95 E Proceed as follows 1 Start the myUTN Control Center Select SECURITY Certificates Click Certificate request Enter the required parameters siehe Tabelle 13 97 Click Create a request The creation of the certificate request is in progress This may take a few minutes 6 Select Upload and save the requests in a text file 7 Click OK 8 Send the text file as certificate request to a certification authority When the requested certificate has been received it must be installed in the UTN server see gt 92 aR WN Installing the Requested Certificate in the UTN Server M A certificate request has been created at an earlier date see gt 92 M The certificate must be in base64 format Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Certificates 3 Click Requested certificate 92 Requirements myUTN User Manual Linux Security 4 Click Browse 5 Specify the requested certificate 6 Click Install The requested certificate will be installed in the UTN server Installing the PKCS 12 Certificate in the UTN Server Certificates with the PKCS 12 format are us
84. evices including port number vendor ID product ID manufacturer name product name device class and status that are connected to the UTN server state UTN server port number Displays the status of the USB device connected to the USB port hor Shows the help page helip myUTN User Manual Linux 147 myUTN User Manual Linux Appendix Additional Tool utnm Command Description k USB port key Specifies a USB port key or In the course of the port key control a key is specified for key USB port key the USB port via the myUTN Control Center so that the USB device that is connected to the USB port is protected against unwanted access gt 86 In order to gain access to this USB device the appropriate key must be entered Note The key cannot be configured via this command Entering the key allows access to the USB device The key must be entered each time the connection is activated mr or Separates the output of the command string getlist with machine readable tabulators nw or Suppresses warning messages nO wWerninos o or Shows the output in the command line Oe Oita p port number or Uses an alternative UTN port port port number Client and UTN server communicate via the UTN port If a non default UTN port has been be defined 252 this command is to be used q or Suppresses the output quiet sp port number or Uses an alternative UTN port with SSL encryption SSl pore parE En
85. eving emails from the POP3 server Defines the port of the POP3 server used by the UTN server for receiving emails When using SSL TLS enter 995 as port number Defines the name used by the UTN server to log on to the POP3 server Defines the password used by the UTN server to log on to the POP3 server Defines an authentication method Defines the maximum email size in Kbyte to be accepted by the UTN server 129 myUTN User Manual Linux Appendix Parameter List Tabelle 32 Parameter List SMTP only myUTN 80 and later Parameters ELT Default Description smtp_srv max 128 characters blank Defines the SMTP server via Server name the IP address or the host name The host name can only be used if a DNS server was configured beforehand smtp_port 1 65535 25 Defines the port number used Server port 1 5 characters 0 9 by the UTN server to send emails to the SMTP server smtp_usr max 128 characters blank Defines the user name used User name by the UTN server to log on to the SMTP server smtp_pwd max 128 characters blank Defines the password used by Password the UTN server to log on to the SMTP server smtp_sender max 128 characters blank Defines the email address Sender name used by the UTN server to send emails Note Very often the name of the sender and the user name are identical smtp_ssl on off off Enables disables TLS TLS The security protocol TLS Transport
86. firm The data between the clients and the USB device will be transferred in an encrypted way EANN gt 103 myUTN User Manual Linux Security The encrypted connection will be displayed client side in the SEH UTN Manager under Properties UTN Server Device v Status Properties E 192 168 0 140 Port name Flash Drive Flash Drive Port 1 EVEN EL Port number T Port status Available Auto Connect off Devices connected H Name Flash Drive Abb 14 SEH UTN Manager Encryption 104 What Information Do You Need Automatic Backup myUTN 800 Only myUTN User Manual Linux Maintenance 7 Maintenance e How to Secure UTN Parameters Backup gt 2105 How to Reset the UTN Parameters to their Default Values gt E108 e How to Perform an Update 9 2112 How to Restart the UTN Server gt 2113 7 1 Howto Secure UTN Parameters Backup All parameter values of the UTN server exception passwords are saved in the gt default name gt _parameters txt file You can save the parameters file as backup copy on your local client This allows you to get back to a stable configuration status at any time You can edit the parameter values of the copied file using a text edi tor Afterwards the configured file can be downloaded to one or more UTN servers The parameter values included in the file will be taken over by the device The Dongleserver myUTN 800 additional
87. h its assigned USB port The device assignment makes sure that the security settings of the USB port and the USB device are not bypassed If a device other than the assigned USB device is connected to the USB port it can not be operated a If you want to control the access to the USB devices it is advisable to protect the administrative access to the myUTN Control Center by a password so that the settings cannot be changed by unauthorized persons see gt 2 82 84 What Do You Want To Do myUTN User Manual Linux O O O O Security Blocking access to USB devices gt 2185 Unblocking access to USB devices 91285 Specifying the Device Assignment on the USB Port gt 86 Disabling the USB Port Access Control gt 86 Blocking access to USB devices If you want to control the access to a USB device you must specify a key for the USB port via the myUTN Control Center Proceed as follows 1 2 3 4 5 Start the myUTN Control Center Select SECURITY USB port access Select the entry Port key control from the Method list of the relevant USB port Click Generate key or enter a freely definable key into the Key box a maximum of 64 ASCII characters Click Save to confirm The settings are saved Access to the USB device is protected Unblocking access to USB devices In order for a user to gain access to a USB device that is protected by means of the USB port
88. henticate itself in a protected network O Configuring EAP MD5 gt 297 O Configuring EAP TLS gt 297 O Configuring EAP TTLS gt 98 O O Configuring PEAP 8100 Configuring EAP FAST gt 2101 96 Security Benefits and Purpose Mode of Operation Requirements Benefits and Purpose Mode of Operation myUTN User Manual Linux Configuring EAP MD5 EAP MD5 validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the EAP MD5 network authentication This ensures that the UTN server gets access to protected networks EAP MD5 describes a user based authentication method via a RADIUS server The UTN server must be defined as user with user name and password on a RADIUS server The authentication method EAP MD5 must then be enabled on the UTN server and the user name and password need to be entered MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Authentication 3 Select MD5 from the Authentication method ist 4 Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server 5 Click Save amp Restart to confirm The settings are saved Configuring EAP TLS EAP TLS Transport Layer Security validates the identity of devices or users befo
89. http www seh technology com services downloads myutn html Every update file has its own readme file Take note of the informa tion contained in the readme file Proceed as follows Start the myUTN Control Center Select MAINTENANCE Update Click Browse Select the update file Click Install The update is executed The UTN server will be restarted ENANS myUTN User Manual Linux 112 Maintenance 7 4 Howto Restart the UTN Server The UTN server will automatically restart after changes to the parameters or after an update If the UTN server is in an undefined state it can also be manually restarted What Do You Want Restarting the UTN Server via the myUTN Control Center To Do gt E113 O Restarting the UTN server via the restart button only myUTN 800 gt 2113 Restarting the UTN Server via the myUTN Control Center Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Restart 3 Click Restart The UTN server will be restarted Restarting the UTN server via the restart button only myUTN 800 Proceed as follows 1 Press the restart button of the device for a short time The UTN server will be restarted myUTN User Manual Linux 113 Appendix 8 Appendix What Information Glossary gt 2115 Eo eniveee Parameter List 21118 e LED Display 15137 e Information shown in the display panel myUTN 800 only gt E138
90. ice Types gt 87 e How to Use Certificates Correctly gt 88 e How to Use Authentication Methods gt 96 e How to Encrypt Data Transfer gt B103 myUTN User Manual Linux 78 Encryption Level Cipher Suite Establishing Connections myUTN User Manual Linux Security 6 1 How to Define the Encryption Level for SSL TLS Connections The following connections on the UTN server can be encrypted via SSL TLS e Email POP3 gt 241 e Email SMTP gt 241 e Web access to the myUTN Control Center HTTPS gt 81 e Data transfer between the clients and the UTN server and the connected USB devices USB port 2103 The encryption strength and thus the safety of the connection is defined via the encryption level Each encryption level is a collection of so called cipher suites A cipher suite is a standardized sequence of four cryptographic algo rithms that are used to establish a secure connection Depending on their cipher strength in bit cipher suites are grouped to form an encryption level Which cipher suites are supported by the UTN server i e are part of an encryption level depends on the SSL TLS protocol used When establishing a secure connection a list of supported cipher suites is sent to the communicating party A cipher suite is agreed upon that will be used later on The strongest cipher suite that is supported by both parties will be used by default If there is no
91. ided that no security mechanisms have been specified via the myUTN Control Center e The selection lists of the users will be saved as ini files in the following location SHOME config SEH Computertechnik GmbH SEH UTN Manager ini SHOME is an environment variable by Linux for the user folder By means of the command line the path for the current user can be determined as follows echo SHOME Example Ubuntu 14 04 01 LTS echo HOME returns home User name config SEH Computertechnik GmbH SEH UTN Manager ini Complete path to the ini file nome User name config SEH Computertechnik GmbH SEH UTN Manager ini mg 75 O Providing the Global Selection List to All Users gt O Providing User Specific Selection Lists gt I76 O O Providing Users with a Predefined Selection List gt 76 Protecting the user specific selection list S377 Providing the Global Selection List to All Users MI The SEH UTN Manager complete version is installed on the client see E21 MI You are logged on to the system as administrator Proceed as follows 1 Start the SEH UTN Manager 75 Requirements Requirements myUTN User Manual Linux bo EONS Working with the SEH UTN Manager Compose the selection list see How to Add UTN Servers USB Devices to the Selection List 3564 Select Program Options from the menu bar The Options dialog appears Select the Selection Li
92. if the UTN server only is supplied by one power supply Errors are displayed in codes see 92138 Enables disables the display of error messages in the display panel if no SD card is inserted into the UTN server or if the SD card cannot be used Errors are displayed in codes see 92138 135 myUTN User Manual Linux Appendix Parameter List Tabelle 36 Parameter List Acoustic signal only myUTN 800 Parameters Value Default Description beepPwr on off off Enables disables the acoustic Only one power signal that sounds if the UTN supply provides server only is supplied by one power power supply beepSDc on off off Enables disables the acoustic SD card error signal that sounds if no SD card is inserted into the UTN server or if the SD card cannot be used Tabelle 37 Parameter list SD card myUTN 800 only Parameters Value Default Description autoSync on off on Enables disables the Parameter backup automatic parameter backup to a connected SD card 136 Appendix LED Display 8 3 LED Display The UTN server has LEDs The LEDs of the UTN server provide infor mation about its status ay During the activation procedure the behavior of the LEDs differs from this description LED Action Color Description Link permanently on green There is a connection to the network permanently off There is no connection to the network Activity blinks at yellow Indicates the exchange of network data irreg
93. ing of the UTN server The myUTN Control Center is stored in the UTN server and can be displayed by means of a browser software e g Mozilla Firefox Requirements M The UTN server is connected to the network and the mains voltage M The UTN server has a valid IP address Proceed as follows StartingthemyUTN 7 Open your browser Control Center 2 Enter the IP address of the UTN server as the URL The myUTN Control Center appears gt If the myUTN Control Center is not displayed check the proxy set tings of your browser You can also start the myUTN Control Center via the software tool SEH UTN Manager Mark the UTN server in the selection list and select UTN server Configure from the menu bar myUTN User Manual Linux 19 Structure of the myUTN Control Center myUTN User Manual Linux Administration Methods myUTN Control Center Mozilla Firefox sth MyUTN Control Center x 192 168 0 140 7 B Qra t ff myu tn ControlCenter SEH START NETWORK DEVICE SECURITY MAINTENANCE iis myUTN 80 UTN server Network ICOD1FOB 3S Engish pees ICOD1F0B IP address 192 168 0 140 Serial number 25020100800001 Subnet mask 255 255 254 0 EE Deutsch Host name Gateway 192 168 0 4 ILE Francais Software 14 22 UTN port 9200 BE Espa ol Firmware 332 21 Description LE karano fortes parson E Portugues Date Time 2015 02 05 16 49 28 le aga BE te Attached devices 0 16 H snt Port Name Status VLAN Lei az
94. ingle housing When the connection to the port is established all displayed USB devices will be connected to the user s client and can be used 142 Possible Cause Possible Cause myUTN User Manual Linux Appendix Troubleshooting A connection to the UTN server cannot be established A common port will be used for the data transfer between the UTN server and the SEH UTN Manager that is installed on the client gt B52 O The port numbers are not identical The current port number cannot be transferred to the SEH UTN Managers that are installed on the clients The SNMPv1 parameter has been disabled see gt 39 O The communication is blocked by a firewall A connection to the USB port cannot be established O The access control for USB devices is enabled gt B86 O No driver software for the USB device is installed on the client O The USB port is already connected to another client A connection to the myUTN Control Center cannot be established Eliminate possible error sources First of all check the cabling connections the IP address of the UTN server gt 14 as well as the proxy settings of your browser If you still cannot establish any connection the following safety mechanisms might be the cause O The access is protected via SSL TLS HTTPS gt 282 O The access is protected via SSL TLS HTTPS and you deleted the certificate CA self signed PKCS 12 Reset the parameter values of
95. l the Access to the myUTN Control Center You can protect the administrative access to the myUIN Control Center by user profiles O Specifying the Permitted Web Connection Type gt 81 O Protecting the web access via password gt 82 a C The myUTN Control Center can also be protected by the SNMP secu rity concept For further information see e How to Configure SNMP gt B39 e How to Use the UTN Server in VLAN environments only myUTN 80 and later gt 59 Specifying the Permitted Web Connection Type The web access to the myUIN Control Center can be secured by selecting the permitted types of connection HTTP HTTPS If HTTPS is exclusively chosen as the connection type the adminis trative web access to the myUIN Control Center is protected by SSL TLS The cipher strength is defined via the encryption level 29879 and must not be Low SSL TLS also requires a certificate 88 to check the identity of the UTN server During a so called handshake the client asks for the certificate via a browser This certificate must be accepted by the browser Please refer to the documentation of your browser soft ware URLs that require an SSL TLS connection start with https Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY Device access 3 In the Web area tick HTTP HTTPS or HTTPS only 4 Click Save amp Restart to confirm The setting will be sav
96. lation comprises the connection of the UTN server to the network the USB device and the power supply see Quick Installation Guide Make sure that an IP address is stored in the UTN server see 29614 Install and start the software tool SEH UTN Manager on your Windows client see 27 Add the UTN servers that you want to use to the selection list see 2864 Activate the connection between your client and the USB port to which the USB device is connected see 2865 The connection will be established The USB device can be used by the client Why IP Addresses How Does the UTN Server Obtain IP Addresses Automatic Methods of IP Address Assignments Manual Methods of IP Address Assignments myUTN User Manual Linux General Information 1 6 Saving the IP Address in the UTN Server An IP address is used to address network devices in an IP network TCP IP network protocols require the storing of the IP address in the UTN server so that the device can be addressed within the network The UTN server is able to assign itself an IP address during the initial installation Boot protocols are used to assign an IP address auto matically to the UTN server Upon delivery the boot protocols BOOTP and DHCP are enabled Once the UTN server is connected to the network it checks whether an IP address can be obtained from the boot protocols BOOTP or DHCP If this is not the case the UTN server assigns itself an IP
97. lle 9 248 4 Tick WLAN to enable the WLAN module in the UTN server 5 Click Save amp Restart to confirm The settings are saved 6 Remove the network cable RJ 45 from the UTN server The connection to the wired network will be deactivated The UTN server automatically switches to the WLAN mode The connection to the WLAN will be established If the UTN server gets a new IP address in the course of the network change the connection to the myUTN Control Center will be inter rupted 47 Network Settings Tabelle 9 WLAN Parameters Parameters Description Mode Defines the communication mode The communication Communication mode mode defines the network structure in which the UTN server will be installed Two modes are available In the Ad Hoc mode the UTN server communicates directly with another WLAN client peer to peer The infrastructure mode is suitable for setting up large wireless networks with several devices in different rooms Communication between the devices is done via an access point which is connected to the network The access point can be protected by encryption or authenti cation Network name Defines the SSID The ID of a wireless network is SSID referred to as SSID Service Set Identifier or network name Each wireless LAN has a configurable SSID in order to clearly identify the wireless network The SSID is configured in the access point of a Wireless LAN Each device PC U
98. lows for various security mechanisms Use certificates in your UTN server e to check the identity of the UTN server in the network see Configuring EAP TLS gt 97 e to authenticate the UTN server if the email communication is protected POP3 SMIP via SSL TLS gt 541 e to authenticate the UTN server client if the data transfer between the clients and the UTN server is encrypted via SSL TLS gt 8103 e to authenticate the UTN server client if the administrative access to the myUTN Control Center is protected via HTTPS SSL TLS lt gt If you use certificates it is advisable to protect the administrative access to the myUTN Control Center by a password so that the cer tificate on the UTN server cannot be deleted by unauthorized per sons see gt E82 Both self signed and externally signed certificates can be used with the UTN server The following certificates can be distinguished e Upon delivery a self signed certificate the so called default certificate is stored in the UTN server It is recommended that you replace the default certificate by a self signed certificate or requested certificate as soon as possible e Self signed certificates have a digital signature that has been created by the UTN server 88 Security e A requested certificate is created by a certification authority CA for the UTN server on the basis of a certificate request CA certificates are certificates that have bee
99. ly has an automatic backup feature It saves the parameter values exception passwords and certificates installed on the UTN server automatically to a con nected SD card After a parameter or certificate change the backup will be updated automatically If the SD card is lost or stolen your environment becomes vulner able certificates passwords Therefore you have to take all nec essary precautions for protecting the myUTN 800 if you use the automatic backup 105 What Do You Want To Do myUTN User Manual Linux Maintenance Upon delivery the SD card is already inserted into the SD card reader and ready for use installation or formatting are not required By means of the backup the whole configuration can be quickly and easily loaded to other UTN servers e g when exchanging a UTN server Parameter values passwords and certificates will be loaded automatically from the SD card to a Dongleserver myUTN 800 after a cold start of the UTN server Displaying Parameter Values gt 2106 Saving the Parameter File gt 3106 Loading the Parameter file onto the UTN Server 8107 Automatic backup myUTN 800 only 2107 E O O O Displaying Parameter Values Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Parameter backup 3 Click the icon Q The current parameter values are displayed ay 3 A detailed description of the parameters can be found i
100. n The advantage of this procedure is that only the RADIUS server needs a certificate Therefore no PKI is needed Moreover TTLS sup ports most authentication protocols MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 7 Start the myUTN Control Center Select SECURITY Authentication Select TTLS from the Authentication method ist Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server Select the settings intended to secure the communication in the TLS channel To make the connection more secure you can also install the root CA certificate of the certification authority that has issued the certificate of the authentication server RADIUS on the UTN server see Installing the CA Certificate in the UTN Server 26594 Afterwards select the root CA certificate from the list EAP root certificate Click Save amp Restart to confirm The settings are saved 99 Benefits and Purpose Mode of Operation Requirements myUTN User Manual Linux Security Configuring PEAP PEAP Protected Extensible Authentication Protocol validates the identity of devices or users before they gain access to network resources You can configure the UTN server for the PEAP network authentication This ensures that the UTN server gets access to pro tected networks In the case of PEAP compare EAP
101. n Enables disables the WLAN module of the UTN server Defines the communication mode The communication mode defines the network structure in which the UTN server will be installed Two modes are avail able Ad Hoc Infrastructure Defines the channel fre quency range on which the entire data communication will be transmitted The channel should be changed if interferences emerge Keep yourself informed about national provisions regarding the use of WLAN products and only use authorized channels 133 Parameters wifi_name Network name SSID wifi_encrypt Encryption method wifi_keyid Use WEP key wifi_wepkey1 wifi_wepkey2 wifi_wepkey3 wifi_wepkey4 Key 1 4 wifi_psk PSK myUTN User Manual Linux Value max 64 characters a z A Z 0 9 _ None WepOpen WEP Open System WepShared WEP Shared Key TKIP WPA TKIP AES WPA AES TKIP2 WPA2 TKIP AES2 WPA2 AES AESTKIP WPA AES TKIP AESTKIP2 WPA2 AES TKIP Auto WPA Auto 1 key 1 2 key 2 3 key 3 4 key4 The max number of characters depends on the selected key type 64 ASCII 5 64 HEX 10 128 ASCII 13 128 HEX 26 8 63 characters Default SEH blank blank Appendix Parameter List Description Defines the SSID The ID of a wireless network is referred to as SSID Service Set Identifier or network name Each wireless LAN has a configurable S
102. n issued for a certi fication authority CA They are used for verifying certificates that have been issued by the respective certification authority S MIME certificates pem file are used to sign and encrypt the emails that are sent by the UTN server The corresponding private key must be installed as an own certificate in the PKCS 12 format as p12 file in the intended email program Mozilla Thunderbird etc Only then can the emails be verified and displayed in the case of encryption only myUTN 80 and later The following certificates can be installed at the same time in the UTN server 1 self signed certificate 1 client certificate i e 1 requested certificate OR 1 PKCS 12 certificate 1 32 CA certifcates 1 S MIME certificate only myUTN 80 and later All certificates can be deleted separately myUTN User Manual Linux Client certificates status Self signed certificate Installed Q B Client certificate Not installed Certificate request Not generated S MIME certificate Not installed CA certificates status Owner Issuer EAP Common name Hash Common name Hash Root Abb 12 myUTN Control Center Certificates 89 What Do You Want To Do Requirements myUTN User Manual Linux Security O Displaying Certificates gt 290 Creating a Self Signed Certificate gt 90 O Creating a Certificate Request for a Requested Certificate gt H92 O Installing the Requested Certifi
103. n the Parameterliste gt 2121 Saving the Parameter File Proceed as follows 1 Start the myUTN Control Center 2 Select MAINTENANCE Parameter backup 106 Requirements myUTN User Manual Linux Maintenance 3 Click the icon amp The current parameter values are displayed 4 Save the lt default name gt _parameters txt file on a local system with the help of your browser The parameter file is copied and secured Loading the Parameter file onto the UTN Server Proceed as follows Start the myUTN Control Center Select MAINTENANCE Parameter backup Click Browse Specify the lt default name gt _parameter txt file Click Import The parameter values in the file are applied to the UTN server EFaARWN DS myUTN 800 If you want to load the parameter values and certifi cates from an automatic backup on an SD card perform a cold start of the UTN server interrupt and re establish the power supply Automatic backup myUTN 800 only M An SD card is connected to the UTN server M The SD card has the file system FAT12 FAT16 or FAT32 MI 1 MB of free space is available on the SD card Proceed as follows Start the myUTN Control Center Select MAINTENANCE SD card Tick Parameter backup Click Save amp Restart The settings are saved 107 When is Resetting Recommended What Do You Want To Do myUTN User Manual Linux Maintenance 7 2 Howto Reset the UTN P
104. ntification of the IPv4 client VLAN 0 4096 Auto fill All VLAN IP address and Subnet mask fields will be filled with the values from line 1 The VLAN ID will be counted up by 1 Allocating an IPv4 client VLAN to a USB port Proceed as follows 1 Start the myUTN Control Center 2 Select SECURITY USB port access 3 Allocate a VLAN to the USB port via the Allocate VLAN list 4 Click Save to confirm The settings are saved 61 What Information Do You Need What Do You Want To Do myUTN User Manual Linux Working with the SEH UTN Manager 5 Working with the SEH UTN Manager e How to Find UTN Servers USB Devices in the Network gt 62 e How to Add UTN Servers USB Devices to the Selection List gt E64 e H gt jo w to Connect a USB Port including USB Device to a Client 65 e How to Cut the Connection between the USB Port including USB Device and the Client gt 67 e How to Request an Occupied Device gt 68 mg e How to Automate Port Connections and Program Starts gt 69 e How to Get Information about the USB Port and USB Device gt B72 e How to Manage Selection Lists for Several Participants gt 73 5 1 Howto Find UTN Servers USB Devices in the Network In order to display the existing UTN servers and their connected USB devices in the network list the network needs to be scanned The network can be scanned via multicas
105. o Automatic configuration Tabelle 17 Parameter List Bonjour Parameters bonjour Bonjour bonjour_name Bonjour name Value nininininininin 0 64 1 2 characters 0 9 on off Value on off max 64 characters a z A Z 0 9 Default 64 on Default on Default name Appendix Parameter List Description Defines the IPv6 unicast address of the router The UTN server sends its Router Solicitations RS to this router Defines the length of the sub net prefix for the IPv6 address Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The deci mal number is separated by Te Enables disables the auto matic assignment of the IPv6 address for the UTN server Description Enables disables the Bonjour service Defines the Bonjour name of the UTN server 121 Appendix Parameter List Tabelle 18 Parameter List SSL Connections Parameters Value Default Description security 1 4 2 Defines the encryption level to Encryption 1 characters be used for SSL TLS connec tions 1 low 56 bit 2 medium 128 bit 3 high 128 256 bit 4 compatible 40 256 bit Do not use the encryption level Low if only HTTPS is defined as the permitted connection type for the web access to the myUTN Control Center Tabelle 19 Parameter List Web access Parameters
106. o 1 No device connected 2 No device connected No device connected No device connected No device connected 3 4 5 No device connected 6 ie c No device connected 8 E No device connected wo e GE o a O Copyright 2015 SEH Computertechnik GmbH Abb 2 myUTN Control Center START The available menu items are located in the navigation bar top After selecting a menu item simple mouse click the available sub menu items are displayed at the left After selecting a submenu item the corresponding page with its content is displayed at the right You can set the language via the menu item START Simply select the relevant flag The manufacturer s contact details and additional information regarding the product are displayed under Product amp Company The Sitemap provides an overview of and direct access to all pages of the myUTN Control Center All other menu items refer to the UTN server s configuration They are described in the Online Help of the myUTN Control Center To start the Online Help click the 2 icon 20 Administration Methods 2 2 Administration via the SEH UTN Manager Area of Application The software tool SEH UTN Manager handles the access of the USB devices The SEH UTN Manager shows the availability of all UTN servers and USB devices that exist in the network and establishes a connection between the client and the USB port of the UTN server to which the USB device is conne
107. off This parameter can only be used after consultation with utn_prereset_20 the SEH support team Tabelle 26 Parameter List DNS Parameters Value Default Description dns on off on Enables disables the name DNS resolution via a DNS server myUTN User Manual Linux 125 myUTN User Manual Linux Appendix Parameter List Parameters Value Default Description dns_domain max 255 characters blank Defines the domain name of Domain name a z A Z 0 9 an existing DNS server dns_primary valid IP address 0 0 0 0 Defines the IP address of the Primary DNS primary DNS server server dns_secondary valid IP address 0 0 0 0 Defines the IP address of the Secondary DNS secondary DNS server server The secondary DNS server is used if the primary DNS server is not available Tabelle 27 Parameter List SNMP Parameters Value Default Description snmpv1 on off on Enables disables SNMPv1 SNMPv1 snmpv1_ronly on off off Enables disables the write Read only protection for the community snmpvi_community max 64 characters public Defines the name of the Community a z A Z 0 9 SNMP community The SNMP community is a basic form of access protec tion in which several partici pants with the same access rights are grouped together snmpv3 on off on Enables disables SNMPv3 SNMPv3 any_name max 64 characters anony Defines the name of the User name a z A Z 0 9 mous SNMP user group 1 any_pwd max 64 chara
108. on the UTN server Email address of the UTN 7 server as configured on the To myutn company com POP3 server f 7 Subject cmd set parameters Command TAN nUn47ir79Ajs7 QKE AN Parameter and parameter value Abb 5 Administration via Email Example 2 myUTN User Manual Linux 32 myUTN User Manual Linux Administration Methods 2 4 Administration via the Reset Button of the Device LEDs the reset button and various ports can be found on the UTN server These components are described in the Quick Installation Guide Using the reset button you can reset the UTN server s parameter val ues to their default setting see gt 8109 The Dongleserver myUTN 800 also has a restart button for rebooting the UTN server see 9151113 33 What Information Do You Need What Do You Want To Do myUTN User Manual Linux Network Settings 3 Network Settings mg 34 36 e How to Configure IPv4 Parameters gt mg e How to Configure IPv6 Parameters gt e How to Configure the DNS gt 38 e How to Configure SNMP gt 39 e How to Configure Bonjour gt 40 e How to Configure POP3 and SMTP only myUTN 80 and later gt 84 e How to Configure WLAN myUTN 54 only gt B45 3 1 How to Configure IPv4 Parameters TCP IP Transmission Control Protocol over Internet Protocol for wards data packets across several connections and
109. or displayed using a shortened ver sion when successive fields contain all zeros 0 In this case two colons are used However the use of two colons can be used only once in an address Example fe80 10 1000 1a4 As a URL in a Web browser an IPv6 address must be enclosed in brackets This prevents port numbers from being mistakenly regarded as part of an IPv6 address Example http 2001 608 af 1 100 443 The URL will only be accepted by browsers that support IPv6 36 Which Types of IPv6 Addresses are available myUTN User Manual Linux Network Settings There are different types of IPv6 addresses The prefixes of the IPv6 addresses provide information about the IPv6 address types Unicast addresses can be routed globally These addresses are unique and therefore unambiguous A packet that is sent to a unicast address will only arrive to the interface that is assigned to this address Unicast addresses have the prefixes 2 or 3 Anycast addresses are assigned to more than one interface This means that a data packet that is sent to this address will arrive at various devices The syntax of anycast addresses is the same as the one of unicast addresses The difference is that anycast addresses choose one interface out of many A packet that is dedicated to an anycast address arrives at the nearest interface in line with the router metrics Anycast addresses are only used by routers Multicast add
110. ort connections To this purpose commands are entered and run in the command line interface of the operating system As an alternative a script will be written SEH UTN Manager Versions The SEH UTN Manager is available in two versions e Complete version e Minimal version without graphical user interface The decisive difference in the complete version is the graphical user interface It shows you the program in form of graphic images and offers additional features searching for and administrating UTN servers simplified use of USB devices and much more The minimal version of the SEH UTN Manager can only be used via the command line interface The minimal version can for example be used to automate the activation deactivation of port connections with scripts see Zusatztool utnm gt 150 Ee n o l The complete version is recommended for general use The minimal version is to be used by experts only In both versions the service SEH UTN Service Daemon works in the background and becomes active after the system start Additionally the following user groups are distinguished e users with administrative rights administrator e users without administrative rights standard user The functions Auto Connect and Auto Disconnect can only be con figured by users with administrative rights 22 What Do You Want To Do myUTN User Manual Linux Administration Methods Installation In order to use the SEH U
111. pecific selection lists by means of an ini file The access can be controlled by placing predefined selection lists into user specific directories Revoking write rights to the ini file will limit and control the access to functions of the SEH UTN Man ager for individual users In the following the selection list types will be described in greater detail 73 Working with the SEH UTN Manager SPE Global Selection List Abb 10 Global Selection List Global Selection List Properties of the global selection list e All users of a client use the same selection list e The users can only access the devices listed in the selection list e Unauthorized persons will not be able to access devices that are not listed in the selection list e The selection list can only be edited by administrators om User Specific Selection List Admin specific Selection List User specit ic Selection List saved as ini files in the user specific directories Abb 11 User Specific Selection List Properties of the user specific selection list e Each user has their own selection list All administrators have the same selection list myUTN User Manual Linux 74 What Do You Want To Do Requirements myUTN User Manual Linux Working with the SEH UTN Manager e The selection list can be edited by the administrator or by users with write access e The users can access all devices listed in the selection list Pro v
112. r IDs of the IP addresses are assigned to the various subnetworks The UTN server is configured not to use subnetworks by default If you want to use a subnet mask you can configure the relevant parameter in the UTN server via the myUTN Control Center Default Name The default name of the UTN server is made up of the two letters IC and the device number The device number consists of the last six numbers of its hardware address myUTN User Manual Linux 116 Compound USB Device myUTN User Manual Linux Appendix Glossary Default name pa IC0001ff Device number The default name can be found in the myUTN Control Center A compound USB device consists of a hub and one or more USB devices that are all integrated into a single housing Dongles are often compound USB devices If a compound USB device is connected to a USB port of the UTN server in the myUTN Control Center and the selection list of the SEH UTN Manager all integrated USB devices will be displayed on the USB port When the port connection is activated all displayed USB devices will be connected to the user s client It is not possible to activate a port connection to only one of the USB devices 117 What Information Do You Need myUTN User Manual Linux 8 2 Parameter List Appendix Parameter List This chapter gives an overview of all available parameters of the UTN server The parameter list gives details about the functions and val ues
113. re they gain access to network resources You can con figure the UTN server for the EAP TLS network authentication This ensures that the UTN server gets access to protected networks EAP TLS describes a certificate based authentication method via a RADIUS server For this purpose certificates are exchanged between the UTN server and the RADIUS server An encrypted TLS connection between the UTN server and the RADIUS server is established in this process Both RADIUS server and UTN server need a valid digital cer tificate signed by a CA The RADIUS server and the UTN server must 97 Procedure Benefits and Purpose myUTN User Manual Linux Security validate the certificate After the mutual authentication was suc cessful the access to the network will be freed Since each device needs a certificate a PKI Public Key Infrastruc ture must be available User passwords are not necessary If you want to use the EAP TLS authentication you must observe the instructions below in the indicated order If this procedure is not adhered to the UTN server in the network may not be addressable In this case you have to reset the parameters of the UTN server see gt 108 e Create a certificate request on the UTN server see gt 92 e Create a certificate using the certificate request and the authentication server e Install the requested certificate on the UTN server see gt 92 e Install the root CA certificat
114. resses allow you to send data packets to different interfaces at the same time without a proportional increase of the bandwidth A multicast address can be recognized by the prefix ff Proceed as follows FAUN Start the myUTN Control Center Select NETWORK IPv6 Configure the IPv6 parameters siehe Tabelle 3 gt 837 Click Save amp Restart to confirm The settings are saved Tabelle 3 IPv6 Parameters Parameters Description IPv6 Enables disables the IPv6 functionality of the UTN server Automatic configuration Enables disables the automatic assignment of the IPv6 address for the UTN server 37 Network Settings myUTN User Manual Linux Parameters Description IPv6 address Defines a UTN server IPv6 unicast address assigned manually in the format n n n n n n n n Every n represents the hexadecimal value of one of the eight 16 bit elements of the address An IPv6 address may be entered or displayed using a shortened version when successive fields contain all zeros 0 In this case two colons are used Router Defines the IPv6 unicast address of the router The UTN server sends its Router Solicitations RS to this router Prefix length Defines the length of the subnet prefix for the IPv6 address The value 64 is preset Address ranges are indicated by prefixes The prefix length number of bits used is added to the IPv6 address and specified as a decimal number The decimal number is separated by
115. ror state i e the UTN server is operational the iden tifier is displayed gt 251 507 B oyo The optional acoustic signals ideally complement the error messages in the display panel For further information see gt 59 4 9 How to Configure Acoustic Signals myUTN 800 only The myUTN 800 Dongleserver gives acoustic feedback when e a USB dongle is connected to the UTN server e the UTN server restarts e the parameters are reset These acoustic signals cannot be turned off Optionally further acoustic signals can be configured for when e only one power supply works e an SD card error exists read and write errors no SD card 57 myUTN User Manual Linux Device Settings lt gt These optional acoustic signals ideally complement the error mes sages in the display panel gt 56 Proceed as follows 1 Start the myUTN Control Center 2 Select Device Notification 3 In the Acoustic signal area tick the options with the desired message types The settings are saved 58 Benefits and Purpose What Do You Want To Do myUTN User Manual Linux Device Settings 4 10 How to Use the UTN Server in VLAN environ ments only myUTN 80 and later The UTN server supports the use of VLAN Virtual Local Area Net works It is useful to divide a physical network into VLANs for per formance and security reasons If a VLAN spans multiple switches you can u
116. s myUTN User Manual Linux Security MI The UTN server is defined as user with user name and password on a RADIUS server Proceed as follows 1 2 3 4 D Start the myUTN Control Center Select SECURITY Authentication Select FAST from the Authentication method list Enter the user name and the password that are used for the configuration of the UTN server on the RADIUS server Select the settings intended to secure the communication in the channel Click Save amp Restart to confirm The settings are saved 102 myUTN User Manual Linux Security 6 8 Howto Encrypt Data Transfer You can encrypt the data transfer between the clients and the UTN server and the connected USB devices gt Only payload will be encrypted Control and log data will be trans mitted without encryption Encrypted connection means that client and UTN server communi cate via the UTN SSL port The port number 9443 is preset To change the port number see gt 52 UTN port UTN SSL port lt UTN server H Me Re Se SSL TLS connection ee KoB par Abb 13 UTN Server SSL TLS Connection in the Network To use an SSL TLS connection you must enable the encryption at the relevant USB port The cipher strength is defined via the encryption level gt 79 Proceed as follows Start the myUTN Control Center Select SECURITY Encryption Enable the encryption at the USB port Click Save to con
117. s 50 4 1 How to Determine a Description cece cece eee eee ee eaes 50 4 2 How to Assign an Identifier Shown in the Display Panel myUTN 800 only s sesssssreseresererssseseseseseresessereses 51 4 3 How to Configure the Device Time cece cece cence een ees 52 4 4 How to Configure the UTN SSL Port cc cece eee eee eee 52 4 5 How to Assign a Name to a USB Port cece cece eee eee eee 53 4 6 How to Deactivate a USB Port only myUTN 80 and later 54 4 7 How to Use the Notification Service only myUTN 80 and later 54 4 8 How to Get Error Messages via the Display Panel myUTN 800 only cosccic cdiasesicuscsaeicede te dence vicetersdeass 56 4 9 How to Configure Acoustic Signals myUTN 800 only 57 myUTN User Manual Linux 3 4 10 How to Use the UTN Server in VLAN environments only MyUTN 80 and later ccc cece cece eee e nce e eee rren 59 5 Working with the SEH UTN Manager eeeee 62 5 1 How to Find UTN Servers USB Devices in the Network 62 5 2 How to Add UTN Servers USB Devices to the Selection List 64 5 3 How to Connect a USB Port including USB Device to a Client 65 5 4 How to Cut the Connection between the USB Port including USB Device and the Client cece cece eee e cece eee eee ens 67 5 5 How to Request an Occupied Device cece ccc cee eens 68 5 6 How to Automate Port Connections and Program Starts
118. s clients In the UTN server the time server is defined via the IP address or the host name The UTN server uses UTC Universal Time Coordinated as a basis UTC is a reference time and used as a time standard The time received by the time server does not necessarily correspond to your local time zone Deviations from your location and the resulting time difference including country specific particularities such as Daylight Saving Time can be handled by means of the Time zone parameter M A time server is integrated into the network Proceed as follows 1 Start the myUTN Control Center 2 Select DEVICE Date Time an 3 Tick Date Time 4 Enter the IP address or the host name of the time server into the Time server box The host name can only be used if a DNS server was configured beforehand 5 Select the code for your local time zone from the Time zone list 6 Click Save amp Restart to confirm The settings are saved 4 4 Howto Configure the UTN SSL Port A common port will be used for the data transfer between the UTN server and the client Depending on the type of connection two port variants are available Unencrypted connection means that client and UTN server commu nicate via the UTN port The port number 9200 is preset 52 UTN SSL Port Requirements Tip myUTN User Manual Linux Device Settings Encrypted connection means that client and UTN server communi cate via the UTN SSL
119. se so called VLAN trunks VLT A VLT is used to forward data from different VLANs via a single connection Both individual ports and bundled ports can be used The UTN server supports the forwarding of VLAN data via its USB ports To do this the VLANs must be known to the UTN server After this the USB ports used for the forwarding of the data must be linked to the specified VLANs The VLANs can be used to control the access to dongle protected software myUTN 80 myUTN 800 or USB devices myUTN 250 This way a specified group of network participants can be provided with a certain amount of dongle protected software licenses or USB devices Example 6 engineers have access to 3 dongle protected CAD software licenses 3 accountants have access to one dongle protected account ing software The access by a participant to software that is not intended for this participant is excluded Note A USB port can be con nected with only one participant at a time Abb 7 USB port based assignment of VLANs O Entering IPv4 Management VLANs gt 260 O Entering IPv4 client VLANs gt 260 O Allocating an IPv4 client VLAN to a USB port gt 61 59 myUTN User Manual Linux Device Settings Entering IPv4 Management VLANs Proceed as follows 1 Start the myUTN Control Center 2 Select NETWORK IPv4 VLAN 3 Configure the Pv4 management VLAN parameters siehe Tabelle 11 67
120. ses the UTN server can compose its own address It simply replaces the first 64 bits prefix FE80 with the prefix that was sent in the RA Requirements M The IPv6 parameter has been activated MI The Automatic configuration parameter has been activated o To configure the assignment of IPv6 addresses see gt 36 SEH UTN Manager You can manually enter the desired IPv4 address and save it in the UTN server using the SEH UTN Manager To configure an IPv4 address via the SEH UTN Manager see gt 35 myUTN Control Center You can manually enter the desired IP address and save it in the UTN server using the myUTN Control Center e To configure an IPv4 address via the myUTN Control Center see D834 e To configure an IPv6 address via the myUTN Control Center see gt E 36 mg mg myUTN User Manual Linux 16 Requirements myUTN User Manual Linux General Information ARP PING The assignment of the IP address to the hardware address can be done via the ARP table The ARP table is an internal system file in which the assignment is temporarily saved about 15 min This table is administered by the ARP protocol By means of the arp and ping commands you can save the IP address in the UTN server If the UTN server already has an IP address the arp and ping commands cannot be used to save a new IP address However an IP address from the address range 169 254 0 0 16
121. srkdntucvesearseeavsderseatnenstacieessarsd 137 8 4 Information shown in the display panel myUTN 800 only 138 8 5 SEH UTN Manager Function Overview cce cece eee e neces 139 myUTN User Manual Linux 4 8 6 Troubleshooting mace mode taco E E E EEE tee E meee eae 141 8 7 Additional Tool Utnm 0 c cece ccc cece eee eeeeees 145 8 8 LStOlFIGUICS caiecncuesaane seeing iededeweueiuelpeeceewaredersaes 150 8 9 ING OXiskcccetede ates a dd ei iad boneless 151 myUTN User Manual Linux What Information Do You Need Purpose System Requirements myUTN User Manual Linux General Information 1 General Information ll e myUTN gt B6 e Documentation gt B8 e Support and Service gt 11 e Your Safety gt B12 e First Steps gt 13 e Saving the IP Address in the UTN Server S14 mig 1 1 myUTN myUTN myUSB to Network allows you to access non net work ready USB devices e g hard disks printers etc in the net work The USB devices will be connected to the USB port of the UTN server gt The Dongleservers myUTN 80 and myUTN 800 are exclusively designed for the deployment of USB dongles The software tool SEH UTN Manager handles the access of the USB devices The software is installed on all clients that are meant to access a USB device in the network The SEH UTN Manager shows the availability of all UTN servers in the network and establish
122. ss or the host name The host name can only be used if a DNS server was configured beforehand SMTP Server port Defines the port number used by the UTN server to send emails to the SMTP server The port number 25 is preset SMTP TLS Enables disables TLS The security protocol TLS Transport Layer Security serves to encrypt the transmission between the UTN server and the SMTP server The cipher strength is defined via the encryption level gt 79 43 Network Settings Parameters Description SMTP Sender name Defines the email address used by the UTN server to send emails Note Very often the name of the sender and the user name are identical SMTP Login Enables disables the SMTP authentication for the login SMTP User name Defines the user name used by the UTN server to log on to the SMTP server SMTP Password Defines the password used by the UTN server to log on to the SMTP server SMTP Security S MIME Enables disables the encryption and signing of emails via S MIME SMTP Signing emails Defines the signing of emails A signature created by the sender allows the recipient to verify the identity of the sender and to make sure that the email was not modified An S MIME certificate is required for the signing of emails gt 288 SMTP Full encryption Defines the encryption of emails Only the recipient can open and read the encrypted email An S MIME certificate is required for the encryption gt 288
123. st tab Tick Global selection list Click OK The setting will be saved All users of a client use the same selection list Providing User Specific Selection Lists MI The SEH UTN Manager complete version is installed on the client see gt E21 MI You are logged on to the system as administrator Proceed as follows 1 2 ENAN Start the SEH UTN Manager Select Program Options from the menu bar The Options dialog appears Select the Selection List tab Tick User selection list Click OK The setting will be saved Each user uses their own selection list The selection lists of the users will be saved as ini files in user specific directories see User Specific Selection List 874 gt The administrators share one selection list Providing Users with a Predefined Selection List MI The SEH UTN Manager complete version is installed on the client see 2821 76 myUTN User Manual Linux Working with the SEH UTN Manager MI You are logged on to the system as administrator E Proceed as follows 1 Start the SEH UTN Manager 2 Compose the selection list for the user see How to Add UTN Servers USB Devices to the Selection List 3564 3 Select Program Options from the menu bar The Options dialog appears 4 Select the Selection List tab Tick User selection list 6 Click OK The setting will be saved 7 Select Selection List Export from the menu bar Th
124. supply The SD card is formatted with an unsupported file system respectively cannot be read and be written to The SD card is read only No SD card is available in the card reader One or both network connections have no link and voltage source Format the SD card in the file format FAT32 FAT16 or FAT12 Check if the SD card functions properly Remove the write protection from the SD card Insert an SD card into the SD card reader Type SD or SDHC File system FAT32 FAT16 or FAT12 Check the cabling connections and your network 138 Appendix SEH UTN Manager Function Overview 8 5 SEH UTN Manager Function Overview Functions in the SEH UTN Manager can be shown as inactive grayed out or not shown at all This depends on the following factors e Settings of the selection list mode global list user list e User Groups Users that have administrative rights or are members of the group utnusers Users that do not have administrative rights or that do not belong to the group utnusers Users with write access to the ini file selection list Users without write access to the ini file selection list The administrator can use these factors to provide users with indi vidual functions The following table gives an overview siehe Tabelle 38 gt I5140 Z The table shows the features that are basically available In addition individual features will not be
125. t and or freely definable ranges The default setting is multicast search in the local network segment O Defining Search Parameters gt 263 O Scanning the Network gt 263 62 Working with the SEH UTN Manager Defining Search Parameters Requirements M The SEH UTN Manager complete version is installed on the client see E21 Proceed as follows 1 2 FNA D Start the SEH UTN Manager Select Program Options from the menu bar The Options dialog appears Select the Network Scan tab Tick IP Range Search and define one or more network ranges Click OK The settings are saved Scanning the Network Requirements M The SEH UTN Manager complete version is installed on the client see 29821 Proceed as follows 1 2 3 myUTN User Manual Linux Start the SEH UTN Manager Select Selection List Edit from the menu bar The Edit Selection List dialog appears Click Sean The network is scanned The UTN servers and USB devices found are displayed in the network list 63 Working with the SEH UTN Manager 5 2 Howto Add UTN Servers USB Devices to the Selection List The UTN servers found during the network scan will be displayed in the network list To use the connected USB devices they must be assigned to the selection list in the SEH UTN Manager together with the UTN server Requirements The SEH UTN Manager complete version is installed on th
126. t_20 key Method keyids max 64 characters blank utn_keyval_1 a z A Z 0 9 utn_keyval_20 Key Description This parameter can only be used after consultation with the SEH support team Specifies methods for limiting the access and use of the USB port and the connected USB device no protection ids device assignment key port key control keyids device assignment and key control Specifies the key used to protect the access to the connected USB device 124 Appendix Parameter List Parameters Value Default Description utn_vendprodIDs Shows the VID Vendor ID 1 and PID Product ID of the USB device that is assigned utn_vendprodIDs to the USB port via the device _20 assignment USB device utn_2vlan_1 0 9 0 Allocates a VLAN to the USB 1 character port utn_2vlan_20 see 119 0 every Allocate VLAN 1 VLAN 1 2 VLAN 2 etc 9 none Tabelle 25 Parameter List USB port Parameters Value Default Description utn_tag_1 max 32 characters blank Freely definable description of a z A Z 0 9 the USB port utn_tag_20 Port name utn_poff_1 on off off Disables enables the power supply for the USB port i e utn_poff_20 the USB device connected to Port the port off power on on power off utn_poffdura_1 0 100 0 This parameter can only be 1 3 characters 0 9 used after consultation with utn_poffdura_20 the SEH support team utn_prereset_1 on off
127. the UTN server to their default settings to get access 8111 Previous settings will be deleted O The TCP port access control is enabled gt 83 mp 143 Appendix Troubleshooting O The password protection is enabled gt 83 O The cipher suites of the encryption level are not supported by the browser gt 80 The password is no longer available The access to the myUTN Control Center can be protected by a pass word If the password is no longer available you can reset the parameter values of the UTN server to their default settings to get access gt 111 Previous settings will be deleted myUTN User Manual Linux 144 utnm Use Benefits and Purpose What Do You Want To Do Requirements myUTN User Manual Linux Appendix Additional Tool utnm 8 7 Additional Tool utnm The additional tool utnm has been developed for the myUTN prod ucts of SEH Computertechnik GmbH It is used for the activation and deactivation of USB ports including connected USB devices In order to activate or deactivate a USB port with utnm commands are entered and run in a special syntax in the console of the operat ing system As an alternative a script will be written for the USB port The script contains commands in a special syntax When it is run the com mands will be executed automatically step by step by the com mand line interpreter When using utnm it is not necessary to open and or install the
128. ular packets intervals Status permanently off There is no connection to a USB port and the connected USB device CAUTION If the activity LED blinks periodically at the same time the BIOS mode is signalized The UTN server is not operational in the BIOS mode see 912141 permanently on green There is a connection to at least one USB port and the connected USB device blinks 3 times green Indicates the assignment of a ZeroConf IP address NOTE We recommend using an IP address from outside the ZeroConf range blinks 2 times green Indicates the assignment of an IP address that does not correspond to 0 0 0 0 or that comes from outside the ZeroConf range ay The UTN servers myUTN 80 myUTN 250 and myUTN 800 have different LEDs Refer to the relevant Quick Installation Guide for a description of those LEDs myUTN User Manual Linux 137 Appendix Information shown in the display panel myUTN 800 only 8 4 Information shown in the display panel myUTN 800 only The Dongleserver myUTN 800 has a display panel at its front side It provides status information error states Text Description Troubleshooting DS The Dongleserver is operational identifier gt 251 E1 One of the two power supplies is Check the cabling connections E2 E3 E4 E5 myUTN User Manual Linux not working Which connection is not working is indicated by a glowing dot left dot left power supply right dot right power
129. um of 64 characters Email address Specifies an email address You can enter a maximum of 40 characters Optional entry Organization name Specifies the company that uses the UTN server You can enter a maximum of 64 characters Organizational unit Specifies the department or subsection of a company You can enter a maximum of 64 characters Optional entry Location Specifies the locality where the company is based You can enter a maximum of 64 characters State name Specifies the state in which the company is based You can enter a maximum of 64 characters Optional entry Domain component Allows you to enter additional attributes Optional entry Country Specifies the country in which the company is based Enter the two digit country code according to ISO 3166 Examples DE Germany GB Great Britain US USA Issued on Specifies the date from which on the certificate is valid Expires on Specifies the date from which on the certificate becomes invalid RSA key length Defines the length of the RSA key used 512 bit fast encryption and decryption 768 bit 1024 bit standard encryption and decryption 2048 bit slow encryption and decryption myUTN User Manual Linux 91 Requirements myUTN User Manual Linux Security Creating a Certificate Request for a Requested Certificate As preparation for using a certificate which is issued by a certifica tion authority for the UTN server a certificate requ
130. vent can be 0 6 0 6 0 C The restart of the UTN server The connection disconnection of a USB device to from the UTN server The activation deactivation of a USB port The interruption or establishment of power supply myUTN 800 only The connection disconnection of a SD card to from the UTN server myUTN 800 only The unusability of an SD card myUTN 800 only onfiguring the sending of status emails gt 55 onfiguring event notifications via email 2156 onfiguring event notifications via SNMP traps gt E156 Configuring the sending of status emails Mi SMTP parameters have been configured on the UTN server see S MA B41 DNS server has been configured on the UTN server see gt 238 For the notification service you can specify up to two email recipi ents Proceed as follows EAMARWN Th Start the myUTN Control Center Select Device Notification Enter the recipient into the Email address box Tick the desired recipient in the Status email area Specify the interval Click Save amp Restart to confirm e settings are saved 55 Requirements myUTN User Manual Linux Device Settings Configuring event notifications via email MI SMTP parameters have been configured on the UTN server see gt 841 MI A DNS server has been configured on the UTN server see gt B38 For the notification service you can specify up to two email recipi ents
131. vice gt 511 myUTN User Manual Linux 141 Possible Cause Possible Cause Possible Cause myUTN User Manual Linux Appendix Troubleshooting Some functions in the SEH UTN Manager are hidden enabled or appear dimmed O Your user account does not have the required administrative rights This leads to restricted user rights in the SEH UTN Manager see SEH UTN Manager Function Overview gt B139 O A function is not supported by the connected USB device Start the SEH UTN Manager as administrator For more information refer to the documentation of your operating system USB devices are not shown in the SEH UTN Manager Eliminate possible error sources Check first if the USB device is con nected to the UTN server O The SEH UTN Manager and the firmware software on the UTN server are incompatible Update the SEH UTN Manager gt 28 and the firmware software 98115 O Several compound USB devices 117 are connected to the UTN server Each integrated USB device occupies a virtual USB port of the UTN server The number of these virtual USB ports is limited depending on the UTN server model If the limit is reached no further USB devices can be used on this UTN server gt 2165 The SEH UTN Manager displays several USB devices at one USB port O The connected USB device is a so called compound USB device It consists of a hub and one or more USB devices that are all integrated into a s
132. wer supply 54 Status information 72 USB port device assignment 84 USB port key control 84 User Specific Selection List 74 UTC 52 UTN port 52 UTN SSL port 53 103 utnm 22 145 V Version number 112 Virtual USB ports 65 153 myUTN User Manual Linux VLAN 59 IPv4 client VLAN 60 IPv4 management VLAN 60 w WEP Wired Equivalent Privacy 45 WPA WPA2 46 Z ZeroConf 15 Anhang Index 154
133. yUTN Control Center 19 Language 20 Start 19 Structure 20 Network List 62 Network settings 34 Notification service 54 55 Email 56 SNMP trap 56 Notifications 54 P Parameter file 105 Parameter list 118 Parameters Default setting 108 Display 106 Load 107 Reset 108 Save 106 Password 82 PEAP 100 PKCS 12 93 POP3 41 Port connection Activate 65 Automate 69 Deactivate 67 Port deactivation 54 Port name 53 Protection 78 Protocol BOOTP 15 DHCP 15 IPv4 34 IPv6 36 POP3 41 152 myUTN User Manual Linux SMTP 42 SNMP 39 SNTP 52 SSL TLS 79 Purpose 6 R RADIUS 96 Release request 68 Remote maintenance 30 Reset 108 Restart 113 Roaming 48 Roaming level 48 S S MIME certificate 89 Script 145 SD card 105 Security 78 Security level 82 SEH UTN Manager Changing versions 27 Function overview 139 Installation 23 Start 27 Structure 28 Update 27 Versions 22 Selection List 64 73 Self signed certificate 88 Service 11 SMTP 42 SNMP trap 55 SNMPv1 39 SNMPv3 39 SSID Service Set Identifier 48 SSL TLS connection 79 103 Subnet mask 116 Support 11 Anhang Index System Requirements 6 T TCP port access control 82 TCP IP 34 Test Mode 83 Time of the device 52 Time server 52 Time zone 52 Types of connection 80 95 U Update 112 USB devices Add 64 Connect 65 Disconnect 67 Request 68 Status information 72 USB Port Activate 65 Request 68 USB port Deactivate 54 67 Messages 72 Name 53 Po
134. ze the difference MST MDT PST between the time received PDT etc over the time server and the local time Tabelle 29 Parameter List Description Parameters Value Default Description sys_name max 64 characters blank Defines the host name of the Host name a z A Z 0 9 UTN server sys_descr max 64 characters blank Freely definable description Description a z A Z 0 9 myUTN User Manual Linux 127 Appendix Parameter List Parameters Value Default Description sys_contact max 64 characters blank Freely definable description Contact person a z A Z 0 9 of the contact person Tabelle 30 Parameter List Authentication Parameters Value Default Description auth_typ None Defines the authentication Authentication MD5 method that is used to identify method TLS devices or users in the net TTLS work PEAP FAST auth_name max 64 characters blank Defines the name of the UTN User name a z A Z 0 9 server as saved in the authen tication server RADIUS auth_pwd max 64 characters blank Defines the password of the Password a z A Z 0 9 UTN server as saved in the authentication server RADIUS auth_intern none Defines the kind of inner Inner PAP PAP authentication for the EAP authentication z authentication methods TTLS CHAP CHAP PEAP and FAST MSCHAP2 MS CHAPv2 EMD5 EAP MD5 ETLS EAP TLS auth_extern none Defines the kind of external PEAP EAP F
Download Pdf Manuals
Related Search