Super Series User Manual
Contents
1. 8 5 Editing Super Series configuration in CLI 8 5 1 Configuration file save load mechanism 1 While booting the Super Series uncompresses cnf cnf tar gz to tmp cnf and unmounts cnf 2 When changing the configuration the Super Series changes the contents of the files in 102 tmp cnf 3 When the user saves the configuration the Super Series mounts cnf and compresses tmp cnf to cnf cnf tar gz Web Save to flash or saveconf in CLI 8 5 2 To change configuration in CLI To change the Super Series configuration in the CLI run the menu driven configuration utility configmenu or configure manually as follows 1 Edit the configuration file manually using vi command Please see Appendix C Super Series Configuration files for detail descriptions of each parameter in the configuration files 2 Save the configuration file to flash using the savecon f utility 3 Apply all changes using applyconf utility root 192 168 0 117 configmenu root 192 168 root 192 168 root 192 168 root 192 168 cd tmp cnf tmp cnf vi redirect cnf tmp cnf saveconf tmp cnf applyconf K K DED ay d 4 8 6 Running user defined scripts Shell script usr2 rc user is automatically called when the Super Series is booting Users can modify the rc user file to run user defined script or binaries bin bash rc user Sample script file for running user programs at boot time2. Figure A 12 Hardware test menu within Bootloader Menu Program When the user selects Auto test a test of all the hardware components is performed automatically 126 Figure A 13 Hardware test screen within Bootloader Menu Program For each hardware component test the user can skip a test by pressing the lt ESC gt key Figure A 14 Skip the specific test using ESC key 127 If a failure occurs while Auto Test with looping mode is being performed the test will stop and the serial InUse LEDs blink to indicate the hardware test has failed In this case the user must press the lt ctrl c gt keys to return to the menu page A 5 5 Firmware upgrade menu By using the Firmware upgrade menu the user can upgrade the firmware of the unit Before firmware upgrade the user can check the current firmware version by selecting menu item 3 from the Main menu page The firmware upgrade menu program supports two protocols for remote firmware download BOOTP and TFTP The default protocol is BOOTP for DHCP environments If the user selects TFTP he must also set the IP address for the unit properly The default IP address for the unit is 192 168 161 5 For firmware upgrade a firmware file configured as Firmware File Name on the server configured as Server s IP address must exist Select menu Proeoco 2 BoorEl IP address assigned to Ethernet interface 192 168 161 5 Server s IP address 192 168 0 128 Firmware
3. Figure 5 3 PC LAN card configuration The user must manually select PC LAN card as the card type and set the primary and secondary DNS servers when configuring a PC LAN card All other configuration steps are the same as detailed in Section 3 1 IP Configuration Refer to Appendix B PC Card supported by Super Series to view a list of LAN PC cards supported by the Super Series 5 2 Wireless LAN Card Configuration A wireless LAN card will result in two network interfaces and two IP addresses The user can assign a valid IP address to each serial port The IP address must valid in the Super Series built in network interface or in the wireless LAN interface environment 78 PC cord configuration Currently configured PC card Card type Whreless Network Card Model Cisco Systems 350 Seres Wireless LAN Adapter Network configuration ID mode Ir address Subnet mask Dei ht gateway Primary ONS 168 126 64 1 Secondary DHS 168 126 64 2 PPPoE user name PPPoE password Confirm PPPoE password Wireless network card configuration SSID Use WEP key WEP mode WEP key length WEP key string PC card service Discover a new cand Siop card service Save to flash Save E apply Cancel Figure 5 4 PC wireless LAN card configuration The user must manually select WIRELESS LAN CARD as the card type and set the primary and secondary DNS servers when configuring a PC LAN card All other configuration steps are the s
4. PATH bin usr bin sbin usr sbin Add shell command to execute from here echo This is the welcome message defined by users exit 0 8 7 File transmission The users can use an ftp client for file transmission and use usr2 directory for data read write root 192 168 0 117 cd usr2 wor 1er ua IO2 168 2 3 Gonneere cmon LEI E 1 220 lxtoo senalab co kr FTP server Version wu 2 6 1 16 ready Name 192 168 2 3 root sena 331 Password required for sena 103 Password 230 User sena logged in Remote system type is UNIX Wisin biinemsyanodestroseranstersselese Pipe EE EE local test tgz remote test tgz 200 PORT command successful 150 Opening BINARY mode data connection for test tgz 350 bytes 226 Transfer complete 350 bytes received in 0 04 secs 9 6 kB s Lip bye In addition to a regular FTP client the user can copy files securely as encrypted using scp client program If the user wants to copy a file from the Super Series 192 168 0 120 to users PC type a command on the user s PC as shown below root localhost work scp root 192 168 0 120 usr2 rc user work Has mear tety oO Inosic VIZ MOS O U20 IA IGS sO 120 cante los esicglolasineel RIA key EE ie ile WO Gels Ae usin ele E a S15 g Clavie Are you sure you want to continue connecting yes no yes Warning bSunamentilhy saddec g2 Ioen 0 20 RGA rO ence igr OT Koci MOSE s root 192 168 0 120 s password IS E 100 Iesel 18 3 00 00
5. 3 4 SMTP Configuration The Super Series can send an email notification when the number of system log messages reaches to certain value and or when an alarm message is created due to an issue with serial port data The user must configure a valid SMTP server send these automatically generated emails The Super Series supports three SMTP server types e SMTP without authentication e SMTP with authentication e POP before SMTP These examples can be seen in Figure 3 6 Required parameters for each SMTP configuration include e SMTP server IP address e SMTP user name e SMTP user password e Device mail address The device mail address specifies the sender s email address for all log and alarm delivery emails 34 SMTP servers often check only the sender s host domain name of the email address for validity Consequently the email address set for the device can use an arbitrary username with a registered hostname i e arbitrary_user yahoo com or anybody sena com The SMTP user name and SMTP user password are required when either SMTP with authentication or POP before SMTP mode is selected SMTP configuration SMTP enable disable Enabled SMTP server name Emp FOUrCOMmpany com SMTP mode EN TP without aulhertication SMTF user name SMTP password Confirm SMTP password Device mail address ES800 yourc ompany oom _ Save to flash Save amp apply _Cancel Figure 3 5 SMTP Configurations SMTP
6. Host mode TCP listening port 1024 85535 0 for only outgoing coOnrections Telnet protocol Enabled ze Mas allowed conmection 1 32 E3 Cyclic connechon to marmota hosts ser D la disable Inachyity discommeachon timeout sec D 0 unlimibedi Remote host configuration Port IP filtering CrgpbGorap g Copf uz ahoaz Fiter apelication Serial port parameters Modem configuraben Port logging Port event handling Figure A 17 Host mode configuration Step 2 Set Cryptography configuration of serial port 1 of Super Series as follows Encryption method SSLv3 Leave all other options as factory default 131 Serial port configuration 1 Port 1 Enable isats this port Port title Apply al ports setings Kost mode configuration Remote host configuration Port IP ZES Cryptography configuration Encryption method SRL ze Enable Disable cipher suites ISSL_OHE_055_WITH_RIC4_126_ SHA Ree E Sa wi 2pES CR Su F ssL_DHE_RSA_WITH_DES_CBC_SHA las DHE San EYEORT WITH DESA CBC EHA Figure A 18 Cryptography configuration Step 3 Open Serial IP Control Panel and check the COM port you want to use to communicate with serial port 1 of Super Series by pressing Select Ports button Settings for COMA IP Sitong of Serer T DER always high 7 DCH always high T fastor Falad Connections Lk n Enable ESL Wersion 3 SL Figure A 19 Select Ports on Serial IP Control Pane
7. At worst it may cause the Super Series to be inoperable Block Type Mount point Size KB MtdblockO Bootloader None 128 Mtdblock1 Kernel None 768 Mtdblock2 CRAMFS Read only 6080 Mtdblock3 Ram disk image 4MB etc var tmp 64 Mtdblock4 EXT2 R W cnf normally unmounted 64 Mtdblock5 JFFS2 R W usr2 1024 Mtdblock6 Reserved None 64 Total 8192 101 8 3 Supported Linux Utilities 8 3 1 Shell amp shell utilities sh ash bash echo env false grep more sed which pwd 8 3 2 File and disk utils Is cp mv rm mkdir rmdir In mknod chmod touch sync gunzip gzip zcat tar dd df du find cat vi tail mkdosfs mke2fs e2fsck fsck mount umount scp 8 3 3 System utilities date free hostname sleep stty uname reset insmod rmmod Ismod modprobe kill killall ps halt shutdown poweroff reboot telinit init useradd userdel usermod whoami who passwd id su who 8 3 4 Network utilities ifconfig iptables route telnet ftp ssh ping 8 4 Accessing CLI as root or system administrator Serial console 1 Connect the console port of the Super Series with the PC serial port N Run the PC terminal emulation program Configure the PC serial port to 9600 8 N 1 No flow control PR O Press lt enter gt 5 Login with the Super Series root or admin account Telnet console 1 telnet Super Series_ip_address
8. LF specified the TCP session parameter Local Port is used instead E E0 Disable echo ATEn CRIILF E1 Enable echo H HO H1 Disconnect current TCP connection ATHn CR ILF All the data will be cleared ATOn CR LF O O0 Turn to data mode Q Q0 Response display on default ATQn CRIILF Q1 Response display off ATVn CR LF D DO ignore DTR PC signal SEN D2 default disconnect TCP session AT amp Fn CR LF F FO F1 Restore default modem settings K KO No flow control K3 RTS CTS flow control default K4 Xon Xoff if supported S SO DSR PC always high S1 DSR PC shows TCP connection V VO Response lt numeric code gt CR LF V1 default Response lt verbose code gt CR LF AT amp Kn CRIILF AT amp Sn CRIILF ATIn CRI LF L 10 display Sena Technologies Inc D display model number Others display OK Set inactivity timer to n minutes T TO inactivity timer disabled default none AT Tn CRIILF ATBn ATCn ATLn ATMn ATNn ATP ATT ATYn AT Cn AT En AT amp Bn AT amp Gn AT amp In AT amp Qn AT amp V AT Mn AT An AT Bn AT Nn ATS ATSn x AT amp Cn AT amp Wn AT amp Zn x ATFn CRI LF None None 54 ATWn AT vn If successful CONNECT CR LF If failure in connection NO CARRIER CR LF If other errors ERROR CR LF If successful OK CR LF If failure ERROR CR LF If successful OK CR LF If fai
9. Specifies the number of echo requests received or sent An echo request causes the receiving computer to send an echo reply message back to the originating computer NEchoReps OutEchoReps Specifies the number of echo replies received or sent A computer sends an echo reply in response to receiving an echo request message InTimestamps OutTimestamps Specifies the number of time stamp requests received or sent A time stamp request causes the receiving computer to send a time stamp reply back to the originating computer InTimestampReps OutTimestampReps Specifies the number of time stamp replies received or sent A computer sends a time stamp reply in response to receiving a time stamp request Routers can use time stamp requests and replies to measure the transmission speed of datagrams on a network InAddrMasks OutAddrMasks Specifies the number of address mask requests received or sent A computer sends an address mask request to determine the number of bits in the subnet mask for its local subnet InAddrMaskReps OutAddrMaskReps Specifies the number of address mask responses received or sent A computer sends an address mask response in response to an address mask request 97 ICMP statistics intisgs InErrors Inbestinreachs InTineeE cds InFarmProbs InSrcQuernchs InRedrechs InEchos InEchofeps InTimestamps inTinmsstampfeps In ddrMasks nad dM ask Rens Cuthlsgs GutErrors Ouftbestunreschs CET Web ve QutParnmPrabes Gut
10. you could easily manage the legacy serial devices over broadband Internet by using DSL or cable modem connection The built in Dynamic DNS protocol of the HelloDevice Super Series enables you to access the serial devices with their domain names The HelloDevice Super Series also provides you with full featured system management functionality of system status display firmware upgrade remote reset and system log display by using various ways such as telnet serial console port or web You could easily configure and administrate the HelloDevice Super Series with the full featured management functions of status monitor remote reset error log monitor and firmware upgrade by using Telnet and serial console port under the password protection support For critical applications of secure data communication the HelloDevice Super Series supports SSLv2 SSLv3 and TLSv1 for data encryption In addition IP address filtering function is provided for protecting unintentional data streams to be transmitted to the HelloDevice Super Series Typical application areas of the HelloDevice Super Series are Industrial automation Network management Retail Point of sale Remote metering Remote display Building automation Security Access control systems General data acquisition application Medical application The HelloDevice Super Series gives you ideal remote management capability of control monitoring diagnosis and data gatherin
11. 2 1 MIB JI System objects Confiouratton sse eee eee eee EN 3 2 2 Access Control Confiouratton scenes seeeesieseeeetaeeseneeeeneeess 32 3 2 3 Trap Receiver Configuration cccecccecceeceeneeeeceeeeeeceeeeeeaaeseeeeeceaeeecaaeseaeeseeaeeeaaeeseneeseas 32 3 2 4 Management using SNMD sees 32 3 3 Dynamic DNS Configuration sees eee eee eee eee eee eee 33 3 4 SMTP Gonfig ratio Mi i 2 ee eben 34 E IE FRONT e ais Ailes a EE 35 3 6 SYSLOG server Gonfiguration ce cece cee eee e 37 3 7 NFS server configuration sss eee eee eee eee 37 3 8 Ethernet configuration nee need 38 3 9 Web Sarvar CONTIQUIATION eine een in nn isn 39 3 10 TCP service Gonflouration sss eee eee eee 40 4 Serial Port Configuration 41 Ve e VE 41 4 2 Individual Port Configuration sss ee eee eee 44 4 2 1 Port Enable Disable 8228 82 E E a 45 E pee ee ee E E ee Pee 45 4 2 3 Apply All el e 45 4 2 4 Host Mode Configuration sss esse eee 46 4 2 5 Remote host Configuration sse eee eee ee eee 55 4 2 6 Port IP filtering Configuration ss sse eee eee eee 56 4 2 7 Cryptography configuration sseesesesekeeesentetesittestttntrtttnrnstrnnstnnnnttntnnnntnnnennnnneenn nenat 57 4 2 8 Elter application 62 4 2 9 Serial port parameters TT 63 4 2 10 Modem configuration sss sese 66 42a Porn ee tele e DEE 67 4 2 12 Port event handling configurations sss ee eee eee eee 69 2 3 All Port Config rations 2 2 2 2 22 de eines E dere 74 5
12. 61 6 Padding The padding is a standard block cipher The pad value is the total number of pad bytes in the padding 1 8 In 3DES algorithm in Super Series key and initial vector which are used in generating encrypted data packet is derived from key block And key block is generated by using user configured key string Figure 4 13 shows key derivation process Key Block 32 byte Key 24 byte IV 8 byte Figure 4 13 Key derivation The key block is defined as Key_Block MD5 KEY_STRING MD5 MD5 KEY_STRING KEY_STRING 16 bytes 16 bytes Key first 24bytes of Key Block IV Initial Vector last 8 bytes of Key block 4 2 7 3 RC4 cryptography method By setting the cryptography method as RC4 the Super Series can communicate with other Super Series device in RC4 encrypted sessions In RC4 encryption mode Super Series will encrypt decrypt all the TCP stream with the user configured key string and there is no header and no padding RC4 is faster than 3DES 4 2 8 Filter application The Super Series supports user manipulation of raw data between remote host and serial device connected serial port Filter application configuration can be used for this purpose If user makes his own filter application program he can upload it to Super Series and configure name of the program and its arguments through filter application configuration menu For more detail information about making filter application please refer to 9 4
13. 8 4 Accessing CLI as root or system administrator seessennnreeeeeeeneetittrrerreeennnrrnreeee nenene 102 8 5 Editing Super Series configuration in CL eee ee ee eee 102 8 5 1 Configuration file save load mechantsm nn nnnnennnnnnnnnnnnenen 102 8 5 2 To change configuration nl 103 8 6 Running user defined scripts eee eee 103 8 7 Flle Haer eege cke ee Bi BREI Bin hei 103 8 8 Eelere aes ec ee Eee a es 104 8 8 1 Disabling the Telnet Port of the Un eee 104 9 User customization guide 106 9 1 Introduction EE 106 9 2 Periodical program execution eee 106 9 3 User defined web pages 107 9 4 Making and running users own Code sssssssssttrttttttttttttttt ttrt tttttttttttttttttttttttnnnnnnnnnnnnn nnen 107 Appendix 1 Connections 108 ACL Ethernet Pim Ke S 1 PRRPRFPAETERPEHIEEBENPERETFIIEFELFEPLERFERGRFLEFRFSFERGEERPEFSLURTTTEESTRRLHRRERTERRURLEFREERFFLUFELTEFPERERER 108 A 1 2 Console and Serial port pin outs for GO 108 A 1 3 Console and Serial port pin outs for GSG110OIA00I900 nennen 109 A 1 4 Ethernet Wiring Diagram sss sese 109 A 1 5 Serial Wiring Diagram TTT 110 A 1 5 1 RS232 Serial Wiring Diagram for GO 110 A 1 5 2 RS232 Serial Wiring Diagram for GSG11012001900 ne 110 A 1 5 3 RS422 285 Serial Wiring Diagram for S8100 see 112 A 1 5 4 RS422 285 Serial Wiring Diagram for SS110 400 800 see 112 Appendix 2 PC card supported by Super Series 114 Appendix 3 Super Series Configuration files 116 AS TE
14. IP address are automatically configured on the DHCP server side and each DHCP client computer receives this information when the IP address is provided at its boot up Each time a computer is reset the Super Series broadcasts a DHCP request over the network The reply generated by the DHCP server contains the IP address as well as the subnet mask 28 gateway address DNS servers and the lease time The Super Series immediately places this information in its memory Once the lease expires the Super Series will request a renewal of the lease time from the DHCP server If the DHCP server approves the request for renewal the Super Series can continue to work with the current IP address If the DHCP server denies the request for renewal the Super Series will start the procedure to request a new IP address from the DHCP server Note While in DHCP mode all network related parameters for the Super Series are to be configured automatically including the DNS servers If the DNS server is not automatically configured the user may manually configure the settings by entering the primary and secondary DNS IP addresses To force an automatic configuration of the DNS address set the primary and secondary DNS IP addresses to 0 0 0 0 recommended A DHCP sever assigns IP addresses dynamically from an IP address pool which is managed by the network administrator This means that the DHCP client i e the Super Series receives a d
15. Making and running user s own code section 62 Note File uploading is supported only in console menu For more information about file uploading please refer to 6 9 User File Uploading section Serial port configuration 1 Port Tithe 1 Enable Disable thes port Part tithe Apply 4 ports settings Host mode configuration Remote host configuration Port IP filtering Crypbography configuration Filter application Filter application path dusrZdGelault liler Filter application arguments p0 Save to flash Save amp apply Cancel Serial port parameters Modem configuration Port lopang Port event handing Figure 4 14 Filter application 4 2 9 Serial port parameters To connect the serial device to the Super Series serial port the serial port parameters of the Super Series should match exactly to that of the serial device attached The serial port parameters are required to match this serial communication The parameters required for the serial communication are UART type baud rate data bits parity stop bits flow control DTR DSR behavior and inter character timeout e UART type First of all the Super Series and the serial device must agree on the serial communication type which is one of RS232 RS422 RS485 echo mode or RS485 non echo mode The Super Series serial port is configured for RS232 communication as a factory default but it can also be configured for RS422 and RS485 communication To cha
16. client and then transfer data through the TCP port If there is incoming connection request from the remote host it will accept the connection as a TCP server and then transfer data through the serial port Thus users can assume that the Super Series is always connected to the specified remote host 2 Operations Serial data transfer Whenever the serial device sends data through the serial port of the Super Series data will be accumulated on the serial port buffer of the Super Series If the buffer is full or the time gap reaches the inter character timeout See Options in section 4 4 for details on inter character timeout the Super Series connect to the registered remote host s If a TCP session has not been established yet If the Super Series succeeds in connecting to the remote host the data in 48 the serial port buffer will be transferred to the host Otherwise all the data stored in the buffer will be cleared Session disconnection The connected session will be disconnected when the remote host sends disconnection request or when no data transfer activity is found through the serial port for certain amount of time which is Inactivity timeout See Options in section 4 4 for details on nactivity timeout All the data remained in the serial port buffer will be cleared when it is disconnected Connection request from remote host All the incoming TCP connection requests will be rejected in TCP client mode 3 Parameter
17. configuration pages of the Web UI TCP mode Serial port configuration 1 Port Title 1 Ensbla Disable this port Port title apely all porta settings Host mode configuration Remote host configuration Check H st Prena remote host IP Port Secondary nemobe host JP Port P 1 192 165 14 1 60101 192 168 13 1 2001 IR Z 192 168 14 2 6002 192 168 13 2 5002 Action on remote host E Add Edt C Remove Primary host address Primary host port Secondary host address Secondary host port Save apen Cancel Port IP filtering Enrptographv configuration Fier appkestion Serial port parameters Modem configuration Port logging Port event handling Figure 4 8 Remote host configuration 4 2 6 Port IP filtering configuration The remote hosts that are allowed to access the Super Series serial ports can be specified based on the IP address filtering rules The user may allow specific hosts to access the Super Series serial ports by providing a valid IP address or network address and its subnet mask Please refer to section 3 5 P Filtering for more details 56 Serial port configuration 1 Port tithe 1 nabe Disable this port Port Dale Apply all ports settings H st mode conhiguratiar Remote host configuration Port IP filtering Allowed host IP Subnet mask to be applied Save to flash Save amp apply Cancel Cryptography configuration Filber application Serial port parameter Modem t onfigurat
18. defined on remote host configuration If the remote port is not opened the Super Series will not transfer the data 2 Parameters UDP receiving port The concept is the same as TCP listening port See TCP mode parameters in the section 4 2 4 1 for details Max allowed connection The concept is the same as that of TCP communication TCP mode parameters in the section 4 2 4 1 for details Accept UDP datagram from unlisted remote host If Accept UDP datagram from unlisted remote host function is set as No Super Series will accept only incoming UDP datagram from the remote host s configured on remote host configuration On the contrary if Accept UDP datagram from unlisted remote host function is set as Yes Super Series will accept all incoming UDP datagram regardless remote host configuration Send to recent unlisted remote host If Send to recent unlisted remote host function is set as Yes Super Series sends data to the remote host which has connected Super Series recently Recent unlisted remote host is a remote host which has accessed a corresponding serial port of Super Series but is not configured on remote host configuration Surely Super Series also send data to the hosts which are configured on remote host configuration If Send to recent unlisted remote host function is set as No Super Series sends data only to the host s which are configured on remote host configuration Super Series maintains a rec
19. make a new PPPoE connection by requesting a new connection Note While in PPPoE mode all network related parameters for the Super Series are to be configured automatically including the DNS servers If the DNS server is not automatically configured the user may manually configure the settings by entering the primary and secondary DNS IP addresses To 29 force an automatic configuration of the DNS address set the primary and secondary DNS IP addresses to 0 0 0 0 recommended 3 2 SNMP Configurations The Super Series has the SNMP Simple Network Management Protocol agent supporting SNMP v1 and v2 protocols Network managers like NMS or SNMP Browser can exchange information with Super Series as well as access required functionality SNMP protocols include GET SET GET Next and TRAPs With these functions a manager can be notified of significant events TRAPs query a device for more information GET and make changes to the device state SET SNMPv2 adds a GET Bulk function for retrieving tables of information and security functions With the SNMP configuration panel the user can configure MIB Il System objects access control settings and TRAP receiver settings The manager configured in this menu can perform both information exchange and action control Figure 3 2 shows a SNMP configuration screen via a web interface 30 _ SNMP configuration MIB system onjects SysContect administrator Ssst lt sti s
20. mode configuration Host mode TCP TCP listening port 1024 65535 0 for oniy F001 outgoing connections Telnet protorcal Disabled se Max alowed connection 1 32 Ke Ces conmecton bo remote hosts sec 0 p d sablei Inactivity disconmection bmeout sec 0 p unkmitad Cancer Remote host configuration Port IP filtering Cryptography configuration Fiber pplication Semnal port parameters Modem configuration Port logging D ro D Pork event E r Figure 4 5 Host mode configuration 4 2 4 1 TCP mode For easier understanding of TCP modes a simplified State Transition Diagram is often used And to help users understand the diagram the TCP state of the Super Series is briefly described as follows Listen It represents a waiting for a connection request from any registered remote host It is a default start up mode when it is set as TCP mode Closed It means no connection state If the data transfer between a remote host and the Super Series is completed the state is changed to this state as a result that either of the remote host or the Super Series sent a disconnection request After this the state is automatically changed to Listen mode Sync Received The state is changed from Listen to Sync Received if one of the remote hosts has sent a connection request If the Super Series accepts the request the state is changed into 47 Established Sync Sent If the Sup
21. parts settings Enable D Save bo flash Save amp apply Cancel Hast mode configuration Remote host configuration Port IP filtering Cryptography configuration Filter anplicahan Serial port parameters Modem conhguration Port logging Fort event handang Figure 4 4 Apply all port setting configuration 4 2 4 Host Mode Configuration The Super Series operating mode is called the host mode Three host modes are available TCP mode UDP mode Modem emulation mode TCP mode The Super Series works as both TCP server and client This mode works for most applications since it will transfer the data either from serial port or from TCP port If there is no connection established on a TCP port the TCP port accepts a connection request from any registered remote hosts and relays the transmitted data to the coupled serial port If there is any data from the serial port it connects to the registered remote hosts and redirects the data UDP mode The UDP mode operation is similar to that of TCP mode except that it utilizes UDP protocol Modem emulation mode Select this mode when the serial device already supports modem AT commands or users want to perform the session control by using AT commands Only TCP session is supported Figure 4 5 shows the main workspace screen for the host mode configuration 46 Serial port configuration 1 Port 1 Enable TC zable the port Port Erle Apply all ports setings Host
22. root localhost work 8 8 Examples 8 8 1 Disabling the Telnet Port of the Unit The Super Series unit does not support disabling the remote console port individually port 22 for SSH or port 23 for Telnet to the box Currently the user can only disable or enable all remote consoles together This must be done using the UI or console configuration menu The user may bypass this and disable only one Telnet or SSH remote console by modifying the script rc user Below are two examples of how this could be done Example1 Modify inetd conf Step 1 Modify etc inetd conf comment out or delete telnet service Step 2 Copy inetd conf to usr2 inetd conf Step 3 Edit usr2 rc user script as follows bin bash rc user Sample script file for running user programs at boot time PATH bin usr bin sbin usr sbin Add shell command to execute from here Add shell command to execute from here 104 The user may now disable the telnet service every time the system boots up Example 2 Run iptables rule Step 1 Modify usr2 rc user script as follows The user may now disable the telnet service every time the system boots up If the user resets the Super Series to the factory defaults usr2 rc user script file will be renamed to usr2 rc user old file and the default rc user file will be restored 105 9 User customization guide 9 1 Introduction The Super Series supports various ways of customizat
23. save the new parameter values the user must opt to Cancel All changes made will be lost and the previous values restored hae krrark IP comdlquration Tn configuration RRE cor gu at n z wu mur ENTE Ip ae feet 8 re y Subnet Mask EE 1 i T at d en eg Dilah enge dn fam Lenger Primary DNS 0 0000 for auto ian e p geg x e cha e Secondary DAS oral re Serial port PPPOE rss nama H e PE com PPPOE pSt word Sythe adds raii nn Sand PPPOE end Gries Copyright 61 BU Sera Terhrokajies ree Ab nights mperveg Figure 2 18 The Super Series web management screen 25 3 Network Configuration 3 1 IP Configuration The Super Series requires a valid IP address to operate within the user s network environment If the IP address is not readily available contact the system administrator to obtain a valid IP address for the Super Series Please note that the Super Series requires a unique IP address to connect to the user s network The users may choose one of three Internet protocols in setting up the Super Series IP address i e e Static IP e DHCP Dynamic Host Configuration Protocol e PPPOE Point to Point Protocol over Ethernet The Super Series is initially defaulted to STATIC mode with a static IP address of 192 168 161 5 Table 3 1 shows the configuration parameters for all three IP configurations Figure 3 1 shows the actual web based GUI to change the user s IP configu
24. server the NFS server must be configured as read and write allowed If there is a firewall between the Super Series and the NFS server there must be a rule that allows all outgoing and incoming packets to travel across the firewall If the NFS service is enabled and the NFS server configuration is properly set up the user may configure the storage location for the system log or port data log of the If there is a firewall between the Super Series and the SYSLOG server there must be a rule that allows all outgoing and incoming UDP packets to travel across the Super Series as the NFS server For more information about the configuration of the port system log storage location please refer to section 4 2 11 Port Logging and 6 2 System Logging 3 8 Ethernet configuration The Super Series supports several types of Ethernet modes Auto Negotiation 100 BaseT Half Duplex 100 BaseT Full Duplex 10 BaseT Half Duplex 10 BaseT Full Duplex After changing the Ethernet mode the user must reboot the system The factory default value of the Ethernet mode is Auto Negotiation With most network environments Auto Negotiation mode works fine and is recommended Invalid Ethernet mode configuration may make the Super Series not work in the network environment 38 Ethernet configuration Ethernet mode Auto Negotiation D Save to flash Save amp apply Cancel Figure 3 10 Ethernet mode configuration 3 9 Web server configurat
25. store the log data the total size of the port buffer cannot exceed 3200 Kbytes i e sum of all port buffer size of each serial port should be smaller than or equal to 3200 Kbytes The factory default setting is 4 Kbytes When using an ATA IDE fixed disk card to store log data the maximum port buffer size is dependent upon the card capacity When using an NFS server to store log data the maximum port buffer size is unlimited The user should configure the NFS server to ensure that the port logging system works properly When using the SYSLOG server to store log data the user cannot set the port log buffer size 68 Serial port configuration 1 port 1 En ble Dusa le this port Fort the Apply all ports settings Hast made conhguration Remote host configuration Fort IP filtering Cryptography configuration Filter applicator Senal port parameters Modem configuration Port logging Fort loggeng Enable D Fort log storage location Memory Port log buffer size KB 400 max ang O Seekisch Soe ang Cancel Port lag Port erent handling Figure 4 17 Port logging configuration 4 2 12 Port event handling configurations The Super Series provides a user for a means of monitoring or reacting to data from serial device attached to a serial port of it through Port event handling configuration Namely user can define keywords for each serial port that will trigger the email SNMP notification or command sent to t
26. the cooperation of the server depending on the cipher being used creates the premaster secret for the session encrypts it with the server s public key obtained from the server s certificate sent in step 2 and sends the encrypted premaster secret to the server SSL TLS differ in the way this shared master secret is created 5 If the server has requested client authentication an optional step in the handshake the client also signs another piece of data that is unique to this handshake and known by both the client and server In this case the client sends both the signed data and the client s own certificate to the server along with the encrypted premaster secret 6 Ifthe server has requested client authentication the server attempts to authenticate the client If the client cannot be authenticated the session is terminated if the client can be successfully authenticated the server uses its private key to decrypt the premaster secret then performs a series of steps which the client also performs starting from the same premaster secret to generate the master secret 7 Both the client and the server use the master secret to generate the session keys which are symmetric keys used to encrypt and decrypt information exchanged during the SSL TLS session and to verify its integrity that is to detect any changes in the data between the time it was sent and the time it is received over the SSL TLS connection 8 The client sends a message
27. when the DSR status is changed from low to high And TCP connection to remote host is disconnected when the DSR status is changed from high to low And also Super Series accepts TCP connection from the remote host only when the DSR status is high In case of UDP mode Super Series receives UDP data from the remote host only when the DSR status is high In modem emulation mode the connection to the remote host will be disconnected regardless of the current DSR input behavior option if the DSR status goes to low Note DTR DSR behavior menu will not be shown when the modem is enabled In modem emulation mode the connection to the 65 e Inter character timeout This parameter defines the interval that the Super Series fetches the overall serial data from its internal buffer If there is incoming data through the serial port the Super Series stores data into the internal buffer The Super Series transfers data stored in the buffer via TCP IP only if the internal buffer is full or if the inter character time interval reaches to the time specified as inter character timeout If inter character timeout is set as 0 then data stored in the internal buffer will be transferred immediately without any delay Optimal inter character timeout would be different according to your application but at least it must be larger than one character interval within specified baud rate For example assume that the serial port is set to 1200 bps 8 Data bits 1 s
28. 0 100 Linksys EtherFast 10 100 10 100 Mbps LAN card Integrated PC Card Integrated PC Card PCM100 PCM100 Ver 1 0 Corega Fetherll PCC TXD corega K K corega FEtherll 10 100 Mbps LAN card PCC TXD Netgear 16bit PCMCIA Notebook Adapter NETGEAR FA411 Fast 10 100 Mbps LAN card FA411 Ethernet Table A 5 Wireless Network card Manufacturer Model Name SS probed Model name Specification Cisco Systems AIR PCM340 Aironet 340 Cisco Systems 340 Series 11 Mbps Wireless LAN Wireless LAN Adapter Adapter Lucent PC24E H FC Orinoco Silver Lucent Technologies 11 Mbps Wireless LAN Technologies WaveLAN IEEE Version Adapter 01 01 Lucent PC24E H FC Orinoco Gold Lucent Technologies 11 Mbps Wireless LAN Technologies WaveLAN IEEE Version Adapter 01 01 Agere Systems Orinoco Classic Gold Lucent Technologies 11 Mbps Wireless LAN Lucent PC24E H FC Orinoco Gold WaveLAN IEEE Version Adapter Technologies 01 01 Buffalo AirStation MELCO WLI PCM L11 11 Mbps Wireless LAN WLI PCM L11GP Version 01 01 Adapter Table A 6 ATA IDE Fixed Disk Card as Weeer SS probea modeivame Speafeaton CompactFlash Storage Card TOSHIBA THNCF064MAA 64 MB Storage card CompactFlash TOSHIBA THNCF064MBA 64 MB Storage card 114 Table A 7 Serial Modem Card Manufacturer Model Name SS probed Model name Specification PCMCIA CARD Billionton FM56C series 56KFaxModem FM56C NFS Ambient Intel V 90 Systems Inc 5 4 FAX MODEM PC Card PC Card Modem 56K V
29. 000 XP System log Automatic email delivery of error lo System statistics Full featured system status displa Stored in Flash memory and upgradeable via serial console telnet or web Diagnostic LED Power Ready 10 100 Base Link Act Serial InUse SS400 800 Only Rx Tx for each port PC Card SS110 400 800 Onl Environmental Operating temperature 0 C to 50 C Storage temperature 20 C to 66 C Humidity 90 Non condensing 5VDC 0 5A 7 5VDC 1A 5VDC 1 5A 5VDC 5VDC 7 5VDC 10 Dimension 100 x 72 x 25 150 x 103 x 26 245 x 153 x 30 mm Lx Wx H mm mm mm 9 6 x 6 x 1 2 in 3 94 x 2 83 x 5 9 x 4 0 x 1 0 0 98 in Certification FCC A CE A MIC Warranty 5 year limited warrant 1 4 Terminologies and acronyms This section will define commonly used terms in this manual These terms are related to Internetworking and defined in regards to their use with Super Series e MAC address On a local area network or other network the MAC Media Access Control address is the computer s unique hardware number On an Ethernet LAN it is the same as the Ethernet address It is a unique 12 digit hardware number which is composed of 6 digit OUI Organization Unique Identifier number and 6 digit hardware identifier number The Super Series has the following MAC address template 00 01 95 xx xx xx The MAC address can be found on the bottom of the original package e Host A user s computer connec
30. 2004 01 30 O J Jung Typographical errors are corrected V1 2 0 2004 06 11 O J Jung Revision with release version 1 2 0 including description for the new SS100 mode V1 2 1 2004 08 16 O J Jung Specifications for SS110 are changed V1 2 2 2004 08 24 O J Jung Typo SS Serires corrected V1 3 0 2004 10 1 O J Jung Revision with release version 1 3 0 V1 3 1 2004 10 15 O J Jung Appendix 6 is added V1 3 2 2005 05 18 O J Jung Appendix 7 is added PC Card List is updated The description about DSR behavior is corrected V1 3 3 2005 11 08 Hunn Lee Temperature and Humidity update Contents 1 Introduction 8 ER e UE 8 1 2 Package Check List T 9 1 3 Product Specificato E 10 1 4 Terminologies and acronyms sese eee eee eee eee eee eee eee 11 2 Getting Started 14 EN ENEE 14 EAR IEN Lal 14 212799110 EINEN 15 SC Latest Kane Layout sere hiesigen Eeselen 16 2 1 4 SS800 Panel Layout zinis aan nineteen 16 2 amp 2 Connecting the HardWare ie ehe akt kn Riegel 16 2 2 1 Connecting the power 17 2 2 2 Connecting to the network sees eee 17 2 2 3 Connecting to the device sese sese eee 18 2 2 4 Accessing the System Console sees ee eee eee 20 2 2 5 Using the System console A 20 2 2 6 Using Remote Tee 23 2 3 Accessing the Web Browser Management Interface AAA 24 3 Network Configuration 26 Jlo lP Configuratio ET 26 3 1 1 Using a Static IP Address seene 27 Eu He 28 SAS USING dE 29 KT ees lee 20 3
31. 6 CONTE 27 06 46 640 GOALE J 0d 4d SA0 Come 27106146 640 Cole 27106 40 Gen CORALE 23 08 40 Comid Figure A 22 Serial IP Trace Window 134 Appendix 7 How to make a certificate for SSL encryption A 7 1 Install the OpenSSL package Step 1 Download the latest OpenSSL package http www openssl org Step 2 Install the OpenSSL package lt For Windows user gt Download OpenSSL for Windows binary file and run it http www siproweb com products Win320penSSL html lt For Linux user gt Download OpenSSL source code and compile it cd work tar xvzf openssl 0 9 7d tar gz cd openssl 0 9 7d config make make test make install A 7 2 Make root CA for Self signed Step 1 Editing openssl configuration file Default configuration file location is as follows lt Windows gt C Program Files OpenSSL bin lt Linux gt usr share ssl openssl cnf Modify req_distinguished_name section as follows count TY Name Country Name 2 letter code countryName_default KR countryName_min 2 count ryName_max 2 stateOrProvinceName State or Province Name full name stateOrProvinceName_default Some Stat localityName Locality Name eg city localityName_default Seoul 0 organizationName Organization Name eg company 0 organizationName_default Sena Technologies Inc 135 Modify req_attributes section as follows Step 2 Making self signed Root CA Certificat
32. ATA IDE Fixed Disk Card Configuration The user must configure the total data size required to use the PC ATA IDE fixed disk card to store the system and serial port log The Super Series will automatically locate the total storage size and the disk space available on the disk The user may delete all the files currently on the card by selecting Delete Form The user may select ommal to format the card The Super Series supports both EXT2 and VFAT file systems for the disk card The user may store or retrieve the Super Series configuration files to from the disk by exporting importing the Super Series configuration 80 PC card configurathon Currently configured PC card Card type ATAdUDE Feed Disk Card Model TOSHIBA THMCFGOAMbA Size Gt MB File system exte ATASIDE Fixed Desk Card configuration Total data size bo be used 0 64 MB Delete all files in ATWIDE Fixed Disk Card Format ATASIDE Fixed Disk Card PC card service Figure 5 6 PC ATA IDE fixed disk card configuration 81 6 System Administration The Super Series display the system status and the log data via a Status Display Screen This screen is to be used for management purposes System status data includes the model name serial number firmware version and the network configuration of the Super Series The Super Series can also be configured to deliver log data automatically via email to a specified recipient with the system logging feature Th
33. Errors P Shows the number of datagrams received that have header errors Datagrams Received Header Errors is the number of input datagrams discarded due to errors in their IP headers including bad checksums version number mismatch other format errors time to live exceeded errors discovered in processing their IP options etc InAddrErrors Specifies the number of datagrams received that have address errors These datagrams are discarded because the IP address in their IP header s destination field was not a valid address to be received at this entity This count includes invalid addresses for example 0 0 0 0 and addresses of unsupported Classes for example Class E ForwDatagrams Specifies the number of datagrams forwarded InUnknownProtos Specifies the number of locally addressed datagrams received successfully but discarded because of an unknown or unsupported protocol 94 InDiscard Specifies the number of input IP datagrams for which no problems were encountered to prevent their continued processing but which were discarded for example for lack of buffer space This counter does not include any datagrams discarded while awaiting reassembly InDelivers Specifies the number of received datagrams delivered OutRequests Specifies the number of outgoing datagrams that an IP is requested to transmit This number does not include forwarded datagrams OutDiscards Specifies the number of outgoin
34. File Name ss800 bin Start firmware upgrade lt ESC gt Back lt ENTER gt Refresh Gy GSS Gop ey SeleeEpEococol Gil SbOOLR ys 2a TELE Mn e2 Selece menu Rieoyeeeroil Jore IP address assigned to Ethernet interface 192 168 161 5 Server s IP address 192 168 0 128 Firmware File Name s800 bin Start firmware upgrade lt ESC gt Back lt ENTER gt Refresh Sul TSS Es Ny I Figure A 15 Firmware upgrade menu within Bootloader Menu Program If the user selects Start firmware upgrade a confirm message will be displayed on the screen If the user enters y the firmware upgrade process will start This process cannot be stopped until it is finished Select menu Le Peoroce BOOTE 2 IP address assigned to Ethernet interface 192 168 161 5 3 Server s IP address 192 168 0 128 4 Firmware File Name ss800 bin 5 Start firmware upgrade Firmware upgrade cannot be stopped until finished Aneh 0 COn keee beet AU turen akre Testor tO cerewet valvss Do you really want to start firmware upgrade y n y BOOTP broadcast 1 ARP broa
35. IDs of the Super Series SNMP agent 32 EE lalxl File Edi Wew Operations Hein Cer A De DEBS SG SBS ee Fa W Loaded MibMedulas FL pL HAB 192168410 Communit p A omg b Ka n pte Community a ramet brisins teste regi nee rerien B Sy mpri l er org de aemp mgieba ea pS P jmb Sy alm Sent gal aquastio 191 160410 18i L 2 RSE D sys Donlachiite gt administrator Suee Tre pei gal raquestic 191 168 4 30 151 L sreLocation syehame 0 HellaDevice 39100 sys8orncas 69 intortacas pot gel raquasiio 157788 4 10 181 nb Sve Locabon U s knre Hlatde Bai ent gel aquesia 197 108 3 10 181 ka yoRerdcag Da mn Le T ne n ius jeni gal request to 191 380410 ei Z ene umib er 3 Fanart is uae Cepia String PEGE IO Matus mandatary E CH piaia mabon Feference g TRAPS e E A agphaighboeLoss e ga TEXTUAL COMENTIONS 1381 311 Frosiddress A led denn of the at Thig sgug L w Kroui inchada Hg full eens snd variar Hemm at 0n of fie syeiem s haecheare ere babal iaw L S Figure 3 3 Browsing MIB II OIDs of Super Series SNMP agent using SNMP Browser AdventNet MibBrowser 3 3 Dynamic DNS Configuration When users connect the Super Series to a DSL line or use a DHCP configuration the IP address might be changed whenever it reconnects to the network It can therefore be very difficult to post all related contacts for each new IP address In addition if the administrator on
36. NTER gt Refresh Figure A 11 RTC configuration within Bootloader Menu Program A 5 4 Hardware test menu Using the Hardware test menu the user can test hardware components There are three hardware test modes One time Looping without External test in Auto test Looping with External test in Auto test If the user selects One time an auto test or each component test is performed just once In this mode the ping test to the remote host server IP address and UART test are also performed once If the user selects Looping without External test in Auto test the auto test is performed repeatedly until the user presses the lt ctrl c gt keys In this mode the ping test to the remote host server IP address and UART test are not performed If the user selects Looping with External test in Auto test auto test is performed repeatedly until the user presses the lt ctrl c gt keys And the ping test to the remote host server IP address and UART test are also performed repeatedly Note To perform the test on the Ethernet and UART properly the user must connect an Ethernet cable to the Ethernet port of the Super Series and must plug the loopback connector to all the serial ports of the Super Series There must exist a remote host with a valid IP address The default server IP address is 192 168 0 128 and it can be changed using the Firmware Upgrade menu Otherwise the 124 test may not be performed properly
37. P porti 23 C Serial Pork COWI r pema PL SI Figure 2 16 Telnet program set up example TeraTerm Pro 2 The user must log into the Super Series Type the user name and password A factory default setting of the user name and password are both root for the system root and admin for the system administrator 23 3 Upon authentication by the Super Series the CLI prompts or text menu screens are shown 2 3 Accessing the Web Browser Management Interface The Super Series supports both HTTP and HTTPS HTTP over SSL protocols The Super Series also provides has its own Web management pages To access the Super Series Web management page enter the IP address or resolvable hostname of the Super Series into the web browser s URL Location field This will direct the user to the Super Series login screen The user must authenticate themselves by logging into they system with a correct user name and password The factory default settings are Login root Password root Login admin Password admin Note Before accessing the Super Series Web management page the user must check the IP address or resolvable Hostname of the Super Series and Subnet mask settings User authentication required Login please User ID Password Moveto Configuration page Customer page Figure 2 17 Login screen of the Super Series web management Figure 2 17 shows Login screen of the Super Series web management On this screen us
38. PC Card Configuration 76 5 1 LAN Card Configuration sss sese eee eee eee 77 5 2 Wireless LAN Card Confguration nnter ttnnnnnnnernnrnnn nnmnnn 78 5 3 Serial Modem Card Configuration sss sees 80 5 4 ATA IDE Fixed Disk Card Confouratton nnen enn 80 6 System Administration 82 6 1 Eu TEE 82 6 2 System L gging 2 a2enenansannseinninennnnnstnuneien linie 82 6 3 ee ee Bei EE 84 6 4 Change Password 85 6 5 Device Name Configuration sees ee eee eee 85 6 6 Date and Time Settings ss ssccee esse v essv sees cesse eser eneon eaer ennenen 85 6 7 Configuration management eee eee ee eee tetti nnntEEEEnnntEEnntE Ennn rnnnn nnn Ennn nennen 86 6 8 Firmware Upgrades E 88 6 9 User File Uploading TT 91 7 System Statistics 93 7 1 Network Interfaces Statistics see eee 93 EUR Gen GE ELE 93 1 3 AP Statistics u 31222 nennen eat ENNEN eee 94 TA IGMP St tistics sce si Pe ett ee master wandten Henri dere 96 KE CPS StAtl StS tas eect ee a of ees eters ett fe ek Ss ae De hs OA Raat Jad 98 MONUDPSIAlSTICS dest tects eh Ee casted Bar Be tae ak dae AE ca dansk er ee 100 8 CLI guide 101 S Introduction r r Heilen ill 101 8 2 Flash partition EE 101 8 3 Supported Linux E LEE 102 8 3 1 Shell amp shell utilities 22000r200nnnenennnnennnnennnnnnnnnnnonnnnennnnnnnnonnnnenen nennen 102 8 3 2 File and disk utils sse 102 8 3 3 System utilities ENEE ENEE EENS 102 8 3 4 Network tllities rn a ame A E A 102
39. S syshame Kean 00 sysLocation mylocation SyeSeryiae ee Enablesuthentrap ves EnableLogintTrap Ho EnablaLinkiictrap Ho Access control settings WMS 1B Address Community Permission m RR ooy 9 RRR REE 77 771785 Fran Ke Raatan 9 Trap receiver settings IF Address Comrunite foa0 Oe ooo b s Save to Hash Save amp apply Cancel Figure 3 2 SNMP Configuration 3 2 1 MIB II System objects Configuration MIB II System objects configuration sets the System Contact Name Location and Authentication failure traps used by the SNMP agent of the Super Series These settings provide the values used for the MIB II sysName sysContact sysLocation sysService and enableAuthenTrap Brief descriptions of each object are as follows e sysContact Identification of the contact person for the managed system Super Series and a description of how to contact the person sysName Name used to identify the system By convention this is the fully qualified domain name of the node sysLocation The physical location of the system e g Room 384 Operations Lab etc sysService Read Only A series of values separated by commas that indicate the set of 31 services that the system provides By default Super Series only supports an Application 7 service level EnableAuthenTrap Indicates whether the SNMP agent process is permitted to generate authentication failure traps The value of this objec
40. SEI Do you want to upgrade firmware y n y Transfer firmware by zmodem using your terminal application To escape press Ctrl X SOE LE Late Figure 6 9 Firmware upgrade using remote serial console OM AIA GA b i 7 Exit and apply changes B Exit and reboot Enter Refresh Select menu Filename laaa D Dowrkcad Sene Famecre S5e00ing 2 k Device mame Profocot Change passvor E F User file uplo Jain ra RE Rece Reload factory Reload factory Firmware upgra Back Ente Do you want to upgrade firmware g m y Transfer firmware by zeoden using pour terminal application To escape press Ctrl k DDE E DOE his Figure 6 10 Transfer binary file by Zmodem HyperTerminal 90 gt 9 Do you want to upgrade firmware y n y Transfer firmware by zmodem using your terminal application To escape press Ctrl X BOfL000005b157 BOfL000005b157 BOfL 000005b157 BOfL000005b157 Firmware upgrade failed Now reboot Figure 6 11 Firmware upgrade failure message 6 9 User File Uploading User can upload his own file to the Super Series But file uploading feature is only supported in console menu File uploading menu is located under 4 System administration gt 6 User file upload of console menu as shown on Figure 6 12 To upload user file to the Super Series using console menu user must use a TELNET SSH or terminal emulation program which supports Zmodem transfer p
41. SYSIEMICHT Are Acct as en a at a a ats at ele EN EEE 116 A32Redirectent duet 485 3a nase alleine 118 Appendix 4 Well known port numbers 122 Appendix 5 Guide to the Bootloader menu program 123 6 ASAN et 123 Ch Mat getest ai ok ae nn Er Se Ge de See ee 123 A 5 3 RTC configuration EE 123 Ab Hardware test Menu ssh sec tite at eo ne Lc et ee pia aTa 124 A 5 5 Firmware upgrade menu 128 Appendix 6 Using Super Series with Serial IP 130 A6 1 Super Series vs Serial IP options AAA 120 A 6 2 Connection example Telnet and SSLV3 encryption sees ee eee eee ee 131 Appendix 7 How to make a certificate for SSL encryption 135 ACC Install the OpenSSh packages T 135 A 7 2 Make root CA for Get one 135 A7 3 Making a Certificate request sse sees eee sees sees serere neee eenn nenen 137 A 7 4 Signing a certificate request T 137 A 7 5 Making certificate for CM sees ereenn 138 1 Introduction 1 1 Overview The HelloDevice Super Series is a Universal terminal server or device server that makes your legacy serial devices manageable by industry standard Ethernet network Based on open network protocols such as TCP IP and UDP it gives you ultimate flexibility to your serial devices With PPPoE PPP over Ethernet connection feature of the HelloDevice Super Series the RS232 422 485 serial devices could be managed over DSL based broadband network With the rich broadband network connectivity protocols such as DHCP PPPoE and Dynamic DNS
42. Universal Device Servers HelloDevice Super Series User Guide Version 1 3 3 2005 11 08 Copyright Information Copyright 1998 2005 Sena Technologies Inc All rights reserved Sena Technologies reserves the right to make any changes and improvements to its product without providing prior notice Trademark Information HelloDevice is a trademark of Sena Technologies Inc Windows is a registered trademark of Microsoft Corporation Ethernet is a registered trademark of XEROX Corporation Notice to Users Proper back up systems and necessary safety devices should be utilized to protect against injury death or property damage due to system failure Such protection is the responsibility of the user This device is not approved for use as a life support or medical system Any changes or modifications made to this device without the explicit approval or consent of Sena Technologies will void Sena Technologies of any liability or responsibility of injury or loss caused by any malfunction Technical Support Sena Technologies Inc 210 Yangjae dong Seocho gu Seoul 137 130 Korea Tel 82 2 573 5422 Fax 82 2 573 7710 E Mail support sena com Website http www sena com Revision history Revision Date Name Description V1 0 0 2003 09 19 LS Um Initial Release V1 0 1 2003 10 08 O J Jung Figure 5 6 Table A 2 revised V1 1 0 2004 01 09 LS Um Revision with release version 1 1 0 V1 1 1
43. User can specify any word which he she wants to set as a keyword Email notification User can select enable or disable for the Email notification action on keyword selected SNMP trap notification User can select enable or disable for the SNMP trap notification action on keyword selected Port command User can select enable or disable for the port command action on keyword selected 72 Port command string Super Series supports direct reaction to a device attached to serial port when pre defined keyword is detected User can specify command or string which will be sent to a serial port on this menu 73 4 3 All Port Configurations If modifications are being made to all serial ports are similar or the same changes can be made to the serial port configuration for all serial ports simultaneously With the all port configuration function the configuration will be applied to all the serial ports unless an individual ports apply all port setting option is disabled Please note that SS100 110 does not have all port configuration menu All port configuration parameters can be grouped into the following groups 1 Port enable disable Port title Host mode Remote host configuration Port IP filtering oa F M Cryptography configuration Only valid and visible if host mode set to TCP or Modem Emulation mode 7 Filter application 8 Serial port parameters 9 Modem configuration Only valid and visible if host
44. al information about packets connections using an ICMP protocol Definitions and descriptions of each parameter are described below InMsgs OutMsgs Specifies the number of messages received or sent InErrors OutErrors Specifies the number of errors received or sent InDestUnreachs OutDestUnreachs Specifies the number of destination unreachable messages received or sent A destination unreachable message is sent to the originating computer when a datagram fails to reach its intended destination InTimeExcds OutTimeExcds Specifies the number of time to live TTL exceeded messages received or sent A time to live exceeded message is sent to the originating computer when a datagram is discarded because the number of routers it has passed through exceeds its time to live value InParmProbs OutParmProbs Specifies the number of parameter problem messages received or sent A parameter problem message is sent to the originating computer when a router or host detects an error in a datagram s IP header 96 InSrcQuenchs OutSrcQuenchs Specifies the number of source quench messages received or sent A source quench request is sent to a computer to request that it reduces its rate of packet transmission InRedirects OutRedirects Specifies the number of redirect messages received or sent A redirect message is sent to the originating computer when a better route is discovered for a datagram sent by that computer InEchos OutEchos
45. ame as detailed in Section 3 1 IP Configuration The Super Series supports SSID Service Set Identifier and WEP Wired Equivalent Privacy key features for the wireless LAN configuration The user may configure the SSID to specify an AP Access Point The user may also configure the WEP mode as either encrypted or shared The WEP key length must be either 40 or 128 bits The 40 bit WEP key length requires the user to enter 5 hexadecimal code sets without colons The 128 bits WEP key length requires the user to enter 13 hexadecimal code sets without colons For example to use the 128 bits WEP key length option the user must enter 13 hexadecimal code sets as follows 000F25E4C2000F25E4C2000F24 79 Refer to Appendix B PC Card supported by Super Series to view a list of wireless LAN cards supported by the Super Series 5 3 Serial Modem Card Configuration Using the extra PC card slot as a modem will allow the user on line access without tying up a serial port with an external modem Most 56Kbps PC serial modem cards are compatible with the PC card slot A complete catalog of modem cards supported by the Super Series is listed in Appendix B DC card configuration Currently configured PC card Card type Serial Modem Card Serial Modern Card Model PCMCIA CARD S6KFaxModer FMS6C NFS 5 41 PE card servic Discover a new card Save to lash Save amp apply Cancel Figure 5 5 PC serial modem card configuration 5 4
46. and symmetric key encryption Symmetric key encryption is much faster than public key encryption but public key encryption provides better authentication techniques The handshake allows the server to authenticate itself to the client using public key techniques and then allows the client and the server to cooperate in the creation of symmetric keys used for rapid encryption decryption and tamper detection during the session that follows The details of handshake process step involved can be summarized as follows 1 The client sends the server the client s SSL TLS version number cipher settings randomly generated data and other information the server needs to communicate with the client using SSL TLS 2 The server sends the client the server s SSL TLS version number cipher settings randomly generated data and other information the client needs to communicate with the server over SSL TLS The server also sends its own certificate and if the client is requesting a server resource that requires client authentication requests the client s certificate 3 The client uses some of the information sent by the server to authenticate the server If the server cannot be authenticated the user is warned of the problem and informed that an encrypted and authenticated connection cannot be established If the server can be successfully authenticated the client goes on to next step 4 Using all data generated in the handshake so far the client with
47. are via a remote console 1 Obtain the latest firmware 2 Connect the terminal emulation program using either TELENT SSH or a serial console port TELNET or SSH is recommended since the process of firmware upgrade by serial console requires extremely long time Select from the firmware upgrade menu as shown Figure 6 9 4 Follow the online directions and transfer the firmware binary file using the Zmodem protocol as shown in Figure 6 10 Once the upgrade has been completed the system will reboot to apply the changes 6 If the firmware upgrade fails the Super Series will display error messages as shown in Figure 6 11 It will also maintain the current firmware version Login admin SREDA Welcome to SS 800 configuration page Current time 07 23 2003 15 04 07 F W REV Wil O 0 Serial No SS800438349 42944 MAC address 00 01 95 04 19 5a 89 IP mode Seale Te IP address 192 168 14 7 Selecee menu 1 Network configuration Serial port configuration PC Card configuration System administration Save changes Exit without saving Exit and apply changes Exit and reboot lt Enter gt Refresh gt 4 oO JO Us WM System administration Select menu 1 System status System logging Device name SS800 Device Date and time Change password User file upload Reload factory default settings Reload factory default settings except IP settings Firmware upgrade lt ESC gt Back lt Enter gt Refresh
48. ation Configuration Connection Credentials Security Encryption Protocol Host mode Telnet Protocol Method No login Raw TCP TOP Disabled None Disable required connection No login TCP Enabled None Telnet Disable required SSLv2 or No login Raw TCP Negotiate TCP Disabled SSLv3 required connection SSLv3 TSLv1 rollback to v2 SSLv3 or No login Raw TCP TCP Disabled SSLv3 SSLv3 required connection rollback to v2 TLSv1 or No login Raw TCP TCP Disabled SSLv3 TSLv1 required connection rollback to v2 SSLv2 or l l No login Negotiate TCP Enabled SSLv3 Telnet required SSLv3 TSLv1 rollback to v2 SSLv3 or No login TCP Enabled SSLv3 f Telnet SSLv3 required rollback to v2 TLSv1 or No login TCP Enabled SSLv3 Telnet TSLv1 required rollback to v2 Please note that SSLv3 rollback to v2 option in Super series means Negotiate SSLv3 TSLv1 option in Serial IP If encryption method of Super Series is set as SSLv3 then client Serial IP cannot connect to Super Series with Negotiate SSLv3 TSLv1 option A 6 2 Connection example Telnet and SSLv3 encryption Step 1 Set host mode of serial port 1 of Super Series as follows Host mode TCP TCP listening port 7001 Telnet protocol Enabled Serial port configuration 1 Port 1 EnsbleDisable this port Port title 4poly all ports settings Host mode configuration
49. by pushing the factory default reset switch on the back panel of the Super Series Figure 6 7 shows the configuration management screen The following parameters should be properly set up to export import configurations Configuration export Location Location to export to Encrypt Yes or No File name Configuration import Location Location to import from By selecting Factory default the user may restore the factory settings Configuration selection Determines what kinds of configurations are imported Encrypt Yes or No If location is Factory default it has no effects File selection List all the exported files satisfying the encrypting option at the selected location which is one of CF card NFS server and user space Local Helps to browse the exported file at local machine if location is local machine 87 Configuration management Configuration export Location cFcard NFS server User spacef usr2 Local machine Encrypt Yes x File name syscm Export Configuration import Location cFCard NFS server User space usr2 Local machine Factory default Configuration selection T Select all I System configuration E Including IP configuration P Serial port configuration Encrypt Yes lt File selection Select file Local SOI Import Figure 6 7 Configuration management To export the current configurations follow this 1 Selec
50. cifies the number of segments transmitted This number does not include retransmitted segments RetransSegs Specifies the number of segments retransmitted RetransSegs Specifies the number of errors received OutRsts Specifies the number of segments transmitted with the reset flag set 99 TCP statistics Rtoslgoriehm Rtordin Frorla MaxConm ActiveQpens PassiveQpens ZG tonptt ails EctabResets CurrEstab Insegs Qutsegs Fetranssegs InErrs OUR SES Figure 7 5 TCP statistics 7 6 UDP Statistics The UDP Statistics screen provides statistical information about packets connections using a UDP protocol Definitions and descriptions of each parameter are described below InDatagrams Specifies the number of datagrams received NoPorts Specifies the number of received datagrams that were discarded because the specified port was invalid InErrors Specifies the number of erroneous datagrams that were received Datagrams Received Errors is the number of received UDP datagrams that could not be delivered for reasons other than the lack of an application at the destination port OutDatagrams Specifies the number of datagrams transmitted UDP statistics InDstagrams Hofors nErrors QutQatagrams Figure 7 6 UDP statistics 100 8 CLI guide 8 1 Introduction The Super Series root or System Administrator only admin account is added for this group user by factory default can access the Linux conso
51. configuration SMTP enable disable Enabled lt SMTP server name emp yourcompany com SMTP made SMTP without suthertication SMTP user name ab aN WV Se SMTP password SMTP authentication L Confirm SMTP password D se mail address ES UR OmMpany com ennen _Conce Figure 3 6 SMTP mode selection in SMTP configuration 3 5 IP Filtering The Super Series prevents unauthorized access using either an IP address based filtering method or through the management web page of the Super Series The users can allow one of the following scenarios by changing the parameter settings Only one host of a specific IP address can access the Super Series Hosts on a specific subnet can access the Super Series 35 Any host can access the Super Series The IP filtering feature for access to Telnet console SSH console or Web server may be enabled or disabled The factory default of the filtering feature is Enabled The user may allow a host or a group of hosts to access the Super Series for configuration The user must then enter the IP address and subnet of access Any user on a remote host must stay in the specified subnet boundary to have the configuration access To allow only a specific host to have configuration access to the Super Series enter the IP address of the specific host and just give 255 255 255 255 for the subnet To allow any hosts to have access to the Super Series give 0 0 0 0 for both of th
52. configuration Port IP fiering Cryptography configuraban Filter aeplieabean aenal Port parameters Modem configuration Ena le Citabla modem Disable Modem init string H DCD behavior Automati release modem connechon Save to Hash Save E apply Cancel Part logging Port event handling Figure 4 16 Modem configuration 4 2 11 Port Logging With the port logging feature the data sent through the serial port is stored to MEMORY an ATA IDE 67 fixed disk card a SYSLOG server or a mounting point on an NFS server Enable disable port logging This parameter defines whether to enable or disable the port logging feature The factory default setting is disabled Port log storage location The port log data can be stored to the Super Series internal memory an ATA IDE fixed disk card inserted in PCMCIA slot the mounting point on an NFS server or the SYSLOG server If the internal memory is used to store port log data the port log data will be cleared when the Super Series is turned off To preserve the serial port log data set the storage location to be the ATA IDE fixed disk card SYSLOG server or NFS server To do this the user must configure the corresponding media in advance Unless the media is properly set up the user will not be able to select a storage location from the interface Port log buffer size This parameter defines the maximum amount of port log data to be logged When using internal memory to
53. dcast 1 TFTP from server 192 168 0 128 our IP address is 192 168 161 5 Filename ss800 bin Load address 0x100000 Loading F F F F F j j j j j j j j j f j j j j j j j j j j j j f f j j j f j j j j j j j j j j j j j Ht j j f H f j j j j j f j j j j j j j H j j j j j j f j Ht j j j j j j Ht j j j j f j j j j j gd j j j j j j j Ht f j j j j j Ht j j j j j j Ht j j j j j j j gd j j done Bytes transferred 5838194 591572 hex Erase Flash Sectors 9 20 in Bank 1 BOCK enen gen Jeer leet Erase Flash Sectors 21 115 in Bank 1 BOCK ene con let scone Erase Flash Sectors 116 116 in Bank 1 L ene COD Vee On eelst leste BLOCK 4 Erase Flash Sectors 117 117 in Bank 1 Baliga RIR STE Seer aS EHET RS dT ST RTE SSR ily Select menu ME EnOtC OCON KEE 2 IP address assigned to Ethernet interface 192 168 161 5 3 Server s IP address 192 168 0 128 4 Firmware File Name ss800 bin 5 Start firmware upgrade lt ESC gt Back lt ENTER gt Refresh Figure A 16 Firmware upgrade process After finishing the firmware upgrade process the program will display the menu again along with a success message 129 Appendix 6 Using Super Series with Serial IP A 6 1 Super Series vs Serial IP options Table A 9 Super Series vs Serial IP option compatibility matrix table Serial Port Configuration of Super Series Serial IP Configuration l l Cryptography Host mode Configur
54. e Device name Device name Save to Hash Save E apply Cancel Figure 6 5 Device name configuration Please note that user cannot set space character as one of device name And If user sets blank as Device name then hostname is set as IP address of Super Series automatically And also the device name is utilized for management program HelloDevice Manager 6 6 Date and Time Settings The Super Series maintains current date and time information The SS110 400 800 s clock and calendar settings are backed up by internal battery power Please note that SS100 does not have a battery for internal clock Current date and time setting will not be retained after system rebooting So it is recommended to use NTP server to maintain correct 85 date and time in SS100 model The user can change the current date and time as shown in Figure 6 6 There are two date and time settings The first is to use the NTP server to maintain the date and time settings If the NTP feature is enabled the Super Series will obtain the date and time information from the NTP server at each reboot If the NTP server is set to 0 0 0 0 the Super Series will use the default NTP servers In this case the Super Series should be connected from the network to the Internet The user may also need to set the time offset from UTC depending on the users location The second method is to set date and time manually without using the NTP server This will allo
55. e encryption option local port number and serial port parameters are configured at a time In this page the meaning of string on Host mode column is as follows Description Host mode E S S Mode Encryption Telnet TCP TCP Disabled Disabled TCPs TCP Enabled Disabled TEL TCP Disabled Enabled TELs TCP Enabled Enabled UDP UDP E i Modem Modem Emulation Emulation To select and configure a serial port individually click the port number or title To configure all of the serial ports at once click All or Port Title located below the All port configuration label Serial port configuration Alle nigu aton Title Host mode Local port Serial sektings Pidi FS 232 9600 N 8 1 No ndividis port configuration Porte Tithe Hest mode Local port Oprial settings TCP 7001 BS23Z 9600 N 6 1L NG TOPS Foo As232 MON N 5 1 Ho TEL 7003 PS232 95 00 M B 1 No UDP 7004 RS232 9600 N E 1 No kader emulstion 7005 RS2232 M00 M B 1L No TEF MOOG PE292 S600 N 8 1 No TCP Foo PS 232 9600 N 6 1 No TELS 008 RE232 MON N E 1 No a Bi F w e A te hh K Figure 4 1 Serial port configuration main screen 7 See section 4 2 4 Host Mode Configuration See section 4 2 7 Cryptography configuration 7 See section 4 2 4 1 TCP mode 8 Not support 43 4 2 Individual Port Configuration The Super Series allows serial ports to be configured either individually or all at once The parameters fo
56. e Authority lt Windows gt cd work openssl 0 9 7d lt Linux gt cd work openssl 0 9 7d mkdir CA cd CA sh usr local ssl misc CA sh newca 136 2 3 Check whether CA key file demoCA private cakey pem and CA certificate demoCA cacert pem is generated Is demoCA cacert pem certs crl index txt newcerts private serial Is demoCA private cakey pem A 7 3 Making a certificate request To make new certificates you should make a certificate request first cd work openssl 0 9 7c CA Run following commands openssl genrsa out key pem 1024 openssl req new key key pem out reg Dem It is assumed that you are using sample configuration file openssl conf sena Using configuration from usr share ssl openssl cnf Zeng era Se TO Je ASkeC tO HD EITE Arer Onell cine goll ge wicorooratrecl ATA your eerwitieeare TeCGUESE What you are about to enter is what is called a Distinguished Name or a DN There are quite a few fields but you can leave some blank Bow Some icles toele willl be a cderaull value f you enter the field will be left blank Country Name 2 letter code US Enter State or Province Name full name Minnesota Enter Locality Name eg city Minneapolis Enter Organization Name eg company Digi International Enter Organizational Unit Name eg section Enter Common Name eg your name or your server s hostname Sena VTS Email Addres
57. e IP address and subnet Refer to Table 3 2 for more details The device s default settings for allowed remote hosts for configuration is Any IP filtering elnet IF fitenng C nfigurabon via telnet Enabled Allowed base host IF D 0 0 0 Subnet mask to be applied 0 GOLD SSH IP Altening Configuration via ssh Enabled Allowed base host IP a Gubriek mask to be aoned HG0 Web IP filtering Configurabon via web Enabled Allowed base host JP W nn 0000 Subnet mask to be applied H Save to flash Save amp apply Cancel Figure 3 7 IP filtering Configuration Table 3 2 Input examples of allowed remote hosts 36 192 168 1 129 192 168 1 254 192 168 1 128 255 255 255 128 Web access also uses the IP filtering function which can be enabled or disabled The factory default setting is Enabled When enabled the user can specify a web host or hosts allowed to access the Super Series for configuration 3 6 SYSLOG server configuration The Super Series supports a remote message logging service SYSLOG service for the system and port data logging To use the remote SYSLOG service the user must specify the SYSLOG server s IP address and the facility to be used Figure 3 8 shows the SYSLOG server configuration page of the supplied Web interface S7SLOG server configuration Disabled SYSLOG service SYSLOG server IP address i SYSLOG facility Sav
58. e RJ45 DB9 female adapter For SS100 Push the Data Console switch to the Console side 3 Connect the other end of the cable to the serial port of the user s computer 4 Run a terminal emulator program i e HyperTerminal Set up the serial configuration parameters of the terminal emulation program as follows 21 9600 Baud rate Data bits 8 Parity None Stop bits 1 No flow control 5 Press the ENTER key 6 Enter your user name and password to log into the Super Series The factory default user settings are as follows Login root Password root Login admin Password admin 192 168 101 5 Iheygjaling veer Passwords ter root 192 168 161 5 7 Upon authentication the CLI are initially provided for configuration For details on the CLI refer to the chapter 8 CLI guide 8 es edit command will allow you to enter the text menu driven interface and the menu screen in Figure 2 15 is displayed root 192 168 161 5 ss edit Welcome to SS 800 configuration page CuUrrEenes tame ERS 221 A 00 Smee 5 21316 F W REV v0 4 0 Serial No SS800438349 42944 MAC address 00 01 95 04 19 5a IP mode DHCP EE address 92 166 14037 Select menuts 1 Network configuration 2 Serial port Comi ergeet on 3o PIC eege engen len 4 System administration 5 Save changes 6 Exit without saving 7 Exit and apply changes Sia Malie ene TENGE lt Enter gt Refresh Figure 2 15 The main menu screen SS800 From the main men
59. e to flash Save amp apply Cancel Figure 3 8 SYSLOG server configuration To receive log messages from the Super Series the SYSLOG server must be configured as remote reception allowed If there is a firewall between the Super Series and the SYSLOG server there must be a rule that allows all outgoing and incoming UDP packets to travel across the firewall The Super Series supports SYSLOG facilities from local0 to local7 The user can employ these facilities to save messages from the Super Series separately in the SYSLOG server If the SYSLOG service is enabled and the SYSLOG server configuration is properly set up the user may configure the storage location for the system log or port data log of the Super Series as SYSLOG server For more information about the configuration of port system log storage location please refer to section 4 2 17 Port Logging and 6 2 System Logging 3 7 NFS server configuration The Super Series supports NFS Network File System service for system or port data logging functions To use this service the user must specify the IP address of a NFS server and the mounting path on the NFS server Figure 3 9 shows the web based NFS server configuration page 37 NTR server configuration NFS service Disabled sl HFS server IF address Mounbmg path on MES server Save to flash Save apply Cancel Figure 3 9 NFS server configuration To store the Super Series log data to the NFS
60. e users can configure the Super Series s device name date and time settings and reload factory default settings in this menu group The users can also upgrade the firmware of the Super Series using the web interface remote consoles or serial console 6 1 System Status System status System information Model No Serial No F W Rey MAC address Current time System logging Send system log by email PC card type PC card model IP information IP mode IP expiration IP address Subnetmask Gateway Receive Transmit errors Primary DNS Secondary DNS S600 Device 800 030799999 v0 4 0 00 01 95 04 19 5a 07 23 2003 13 40 42 Enabled Disabled NONE NONE STATIC N A 192 168 14 7 255 255 0 0 192 168 1 1 N A 168 126 63 1 168 126 63 2 Figure 6 1 System status display 6 2 System Logging The Super Series provides both the system logging feature and the system log status display The user may configure the Super Series to enable or disable the system logging process the system log buffer size as well as select the log storage location 82 System log storage location The system log can be stored in the Super Series internal memory the ATA IDE fixed disk card inserted in PCMCIA slot the mounting point on an NFS server or the SYSLOG server If the internal memory is used to store system log data the log data will be cleared when the Super Series is turned off To pres
61. e web address i e www yahoo com and is usually easier to remember The DNS server is the host that can translate such text based domain names into the numeric IP addresses for a TCP IP connection The IP address of the DNS server must be able to access the host site with the provided domain name The Super Series provides the ability to configure the required IP addresses of both the Primary and Secondary DNS servers addresses The secondary DNS server is specified for use when the primary DNS server is unavailable 3 1 2 Using DHCP Dynamic Host Configuration Protocol DHCP is a communications protocol that lets network administrators manage and automate the assignment of IP addresses centrally in an organization s network DHCP allows the network administrator the ability to supervise and distribute IP addresses from a central point and automatically send a new IP address when a computer is plugged into a different network location When in static IP mode the IP address must be entered manually at each computer If a computer is moved to another network location a new IP address must be assigned DHCP allows all the parameters including the IP address subnet mask gateway and DNS servers to be automatically configured when the IP address is assigned DHCP uses a lease concept in assigning IP addresses to a computer It limits the amount of time a given IP address will be valid for a computer All the parameters required to assign an
62. ed to Max allowed connection remote host s connected already For example if user set Max allowed connection as 32 and if there are 3 connections from Super Series to remote hosts which are configured in the remote host list then maximum number of connection from external hosts to a serial port will be reduced to 29 32 3 For more detail information for remote host list configuration please refer to 4 2 5 remote host list configuration section 49 Cyclic Connection If Cyclic Connection function is enabled the Super Series will make an attempt to connect to the user defined remote host s at a given interval even if there s no incoming serial data from the device connected to that serial port If there is data on the remote host s to be sent to serial device it can be transferred to the serial device via Super Series s serial port after the connection is established Eventually users can monitor the serial device periodically by making the remote host send the serial command to the Super Series whenever it is connected to the remote host This option is useful when users need to gather the device information periodically even if the serial device does not send its data periodically Figure 4 6 shows the State Transition Diagram of the session operations in TCP mode 50 TCP connection request rejected Or internal TCP time out In coming TCP Close request TCP connection request accepted Inactivity time o
63. eiver ID bo 164 14 1 SMMD trap commurty F ublic SNMP trap version Vl E Status ewent edit Status event Email Hoti SNMP trap Meth Part command Poet command string Device conmection F E Device disconnection F TOP connection TCF disconnechon Chew keyword Key word Reaction Port command seing F 1 best EmallfshMPAlommand reboot Keyword list edit Action on ker word E add edt Remove Keyword string Email Wot SAMF trap Mot Port command Port command string r F P Figure 4 18 Port event handling configurations 71 SNMP trap receiver IP This parameter set IP address of SNMP trap receiver that will receive SNMP trap notification when pre defined keyword is detected SNMP trap community This parameter set a community that will be included in SNMP trap message when pre defined keyword is detected SNMP trap version This parameter set a version of SNMP trap which will be sent when pre defined keyword is detected Status event edit Device connection disconnection Fill in the check boxes of the preferred actions that are to be taken on the event of serial device connection or disconnection TCP connection disconnection Fill in the check boxes of the preferred actions that are to be taken on the event of TCP connection or disconnection from remote hosts Keyword list edit Action on key word User can select Add or Remove for the action on keyword selected Keyword string
64. em initialization string to the serial port whenever rising edge of DTR pin is detected or parameter related with serial port configuration is changed e DCD behavior 66 If DCD behavior is set as Allow TCP connection only by HIGH Super Series permits a connection from the remote host only when the DCD status of serial port is high This feature is useful when user want to use a Serial port only for dial in modem mode In this case if there is no connection through modem already Super Series dose not permit TCP side connection e Automatic release modem connection If Automatic release modem connection is set as Enable modem connection will be closed by Super Series if all TCP connections are closed once at least one TCP connection is opened If this option is set as Disable modem connection will not be closed by Super Series even if all TCP connections are closed Please note that actual phone line connection will be closed if one of modems closes connection regardless of this option That is this option can be used for Super Series to disconnect modem connection by itself when all TCP connections are closed If user want to use dial out function he should set DCD behavior as None because he must be able to access modem connected to a serial port to send dial out command to the modem first Serial port configuration 1 Port 1 Enable Dusabie this port Port De Apply all ports setongs Hest mode corieguratioan Remote host
65. ent unlisted remote host during the Inactivity Timeout Inactivity Timeout In UDP mode Inactivity Timeout is used in maintaining recent unlisted remote host If there is no 52 data transmission between unlisted remote host and serial port of Super Series during Inactivity Timeout Super Series will not send data from a serial port to the recent unlisted remote host again Namely Inactivity Timeout in UDP mode is the time maintained recent unlisted remote host list by Super Series If user set nactivity Timeout as 0 in UDP mode Super Series does not send any data from serial port to unlisted remote host 4 2 4 3 Modem emulation mode In modem emulation mode the serial port process acts as if it is a modem attached to the serial device It accepts AT modem commands and answers to them as modems would do It also handles the modem signals correctly Modem emulation mode is useful in the following cases There already exists a modem attached to the users serial device If users serial device already has a modem for phone line connection it can be just replaced by the Super Series for Ethernet connection What users need to do is to use an IP address or domain name instead of phone number as a parameter of ATA ATDT commands It is required to send serial data to the multiple remote hosts If the serial device should send data to the multiple hosts modem emulation mode is required For example the first data from the seria
66. er Series has sent a connection request to a remote host the state is changed from Closed to Sync Sent This state is maintained until the remote host accepts the connection request Established It represents an open connection If one of the hosts the remote host or the Super Series accepts a connection request from the other the connection is opened and state is changed into Established Data When it is in Established state data from a host will be transferred to the other one For easier understanding of the TCP session operation we called the state as Data state when actual data transfer is performed Actually the Data mode is a part of Established state as is described in the RFC 793 Transmission Control Protocol This is a normal state for the data transfer phase of the connection The Super Series works as either TCP server or client according to the situation This will be the typical mode for most applications since it will transfer the data either from serial port or from TCP port The default TCP state is Listen which is the same as that of TCP server mode 1 Typical State Transition Listen gt Sync Received gt Established gt Data gt Closed gt Listen Or Listen gt Sync Sent gt Established gt Data gt Closed gt Listen The initial state is Listen If there are data coming from the serial port it will connect to the remote host as a TCP
67. er can select initial page where he want to move to after login If user selects Configuration page he can see the configuration homepage of the Super Series Web management interface shown Figure 2 18 If user select Customer page he can see the default Customer homepage of the Super Series Web management interface or his own homepage For more detail information about user customization of Web UI please refer to 9 User customization guide section Figure 2 18 shows the configuration homepage of the Super Series Web management interface A menu bar is provided on the left side of the screen The menu bar includes the uppermost configuration menu groups Selecting an item on the menu bar opens a tree view of all the submenus available under each grouping Selecting a submenu item will allow the user to modify parameter settings for that item Every page will allow the user to Save to flash Save amp apply or Cancel their actions After changing the configuration parameter values the users must select Save to flash to save the changed parameter values to the non volatile memory To apply all changes made the user must select Apply Changes This option is available on the bottom of the menu bar Only when the 24 user selects Apply changes will the new parameter values be applied to the Super Series configuration The user also can select Save amp apply to save parameters and apply changes in one step If the user does not want to
68. erve the system log data set the storage location to be the ATA IDE fixed disk card SYSLOG server or NFS server To do this the user must configure the corresponding media in advance Unless the media is properly set up the user will not be able to select a storage location from the interface System log buffer size This parameter defines the maximum amount of system log data that can be logged When using internal memory to store data the total size of the system log cannot exceed 300 Kbytes When using an ATA IDE fixed disk card to store log data the maximum buffer size is dependent upon the card capacity When using an NFS server to store logs data the maximum buffer size is unlimited The user should configure the NFS server to ensure that the port logging system works properly When using the SYSLOG server to store log data the user cannot set the buffer size The Super Series can also be configured to send log data automatically if the number of logs unsent reaches a pre defined number If enabled the user must set parameters to initiate the creation of a email These parameters would include the number of logs required to trigger an email the recipient email address etc Figure 6 2 shows the configuration and system log view screen 83 System logging System logging Enabled zl System Ing storage locaton Memory System log buffer sze KB 300 max D Send system log by Email Eisabied D Humber of log message
69. esponding cipher suite Verify client server mode only If user selects Verify client option as Yes Super Series will request the client s certificate while in SSL handshaking process Step 2 On the contrary if user selects Verify client option as No Super Series does not request the client s certificate while in SSL handshaking process Step 2 Verify certificate chain depth A certificate chain is a sequence of certificates where each certificate in the chain is signed by the subsequent certificate The purpose of certificate chain is to establish a chain of trust from a its own peer certificate to a trusted CA certificate The CA vouches for the identity in the peer certificate by signing it If the CA is one that user trusts indicated by the presence of a copy of the CA certificate in user s root certificate directory this implies user can trust the signed peer certificate as well In Super Series user can restrict number of certificate chain depth so that Super Series does not search a trusted CA certificate infinitely in a certificate chain Check the certificate CN If user selects Check the certificate CN option as Yes Super Series will check whether the host name is matched with Common Name CN in the certificate and if they do not matched Super Series will close connection request to the remote host On the contrary if user selects Check the certificate CN option as No Super Series does not check whether the host name i
70. fault is 3 times e TCP keep alive intervals This represents the waiting period until a keep alive packet is retransmitted due to no acknowledgement by the original Chinatown The default value is 5 seconds By default the Super Series will send the keep alive packets 3 times with 5 seconds interval after 15 seconds have elapsed since the time when there s no data transmitted back and forth TCP service configuration TSF keepalive mei eer TEP keepaliv proses Dries Save to flash Save E apply Cancel Figure 3 12 TCP keep alive configuration 40 4 Serial Port Configuration 4 1 Overview The serial port configuration capability allows the user to configure the host mode of each port serial communication parameters cryptography port logging parameters and other related parameters The serial ports host mode can be set as any of the following e TCP The Super Series operates as a TCP server and client If the connection is not established it accepts all incoming connections from any registered remote hosts and connects to the registered remote hosts if there is any data from the serial devices Otherwise it will send data back and forth In summary the Super Series will work as if it is virtually connected to the remote host e UDP The UDP mode operation is similar to that of TCP mode except that it is based on UDP protocol e Modem emulation Select this mode when the serial device already
71. g datagrams discarded OutNoRoutes Specifies the number of datagrams for which no route could be found to transmit them to the destination IP address These datagrams were discarded This counter includes any packets counted in Datagrams Forwarded that meet this no route criterion ReasmTimeout Specifies the amount of time allowed for all pieces of a fragmented datagram to arrive If all pieces do not arrive within this time the datagram is discarded ReasmReads Specifies the number of datagrams that require reassembly ReasmOKs Specifies the number of datagrams that were successfully reassembled ReasmFails Specifies the number of datagrams that cannot be reassembled FragOKs Specifies the number of datagrams that were fragmented successfully FragFails Specifies the number of datagrams that need to be fragmented but couldn t be because the IP header specifies no fragmentation For example if the datagrams Don t Fragment flag was set the datagram would not be fragmented These datagrams are discarded FragCreates Specifies the number of fragments created 95 IP statistics Forwarding Det auf Inkecenes InHdrErr rs InAddrEriorg Foto Latar ams ri rokepepr rotos Indes card Indelivers OutRequests SutDiscands SuthoRoubes Reasnnimedt Pesanhegds Reasm oks Reasmrails Frag ks Fragrails Fraglreates Figure 7 3 IP statistics 7 4 ICMP Statistics The ICMP Statistics screen provides statistic
72. g over RS232 422 485 serial devices Please note that this manual assumes user knowledge of Internetworking protocols and serial communications 1 2 Package Check List SS100 110 400 800 external box External 110V or 230V power supply Serial data cable for SS100 CAT5 cable for SS110 400 800 Console cable kit for SS110 400 800 Quick Start Guide CD ROM including the Serial IP Com Port Redirector HelloDevice IDE HelloDevice Manager and manuals 1 3 Product Specification PT y sso sen ssaoo SS800 Serial Interface l Serial speeds 75bps to 230Kbps Flow Control Hardware RTS CTS Software Xon Xoff RJ45 connector Signals RS232 Rx Tx RTS CTS DTR DSR DCD GND RS422 Rx Rx Tx Tx RS485 Data Data Modem controls DTR DSR and RTS CTS Network Interface 10 100 Base Tx Ethernet with RJ45 Ethernet connector Supports static and dynamic IP address Protocols ARP IP ICMP TCP UDP Telnet SSH v1 amp v2 SSL v2 amp v3 TLS v1 DNS Dynamic DNS HTTP HTTPS SMTP with without Authentication pop before SMTP DHCP client NTP PPPoE SNMP v1 amp v2 PCMCIA Supports one of the following PC cards ATA flash memory card 802 11b Wireless LAN card 10 100 Base TX LAN Card Modem card Security User ID amp Password SCP Modem emulation Full support for AT commands Management Web Telnet or Serial console port or HelloDevice Manager O S support Windows 98 ME NT 2
73. he lt ESC gt key within 3 seconds after the Super Series unit is powered up he will enter the bootloader menu program From this menu program the user can set various system parameters test system hardware and perform firmware upgrades A 5 2 Main menu After entering the bootloader menu program the user will see following main menu page Bootloader 1 1 0 May 23 2003 22 48 25 OPU XPC855xxZPnnD4 50 MHz DRAM 5 64 MB FLASH 2 8 MB Pe CARD Nou card EEPROM A Type exist Ethernet AUTO NEGOTIATION Autoboot Start D Select mene gt JRE eegene ZE Leet Isl KL ZOOS tis OOs26 Hardware test Firmware upgrade S W Version v1 0 0 IRI E Blaue lowers EET ie eas Exit and reboot lt ESC gt Back lt ENTER gt Refresh Sul e Com b I Figure A 10 Main Menu Page of Bootloader Menu A 5 3 RTC configuration menu Using the RTC configuration menu the user can set the system time of the Super Series Select menu 1 Date mm dd yy 02 14 03 2 Timelbhsmnsesh 2 13227712 lt ESC gt Back lt ENTER gt Refresh 123 Enter Current Date mm dd yy 02 15 03 press Tre HINER kay TO EE Tnte Select menu 1 Date mm dd yy 02 15 03 oe Timelhbioemmess S 13321220 lt ESC gt Back lt ENTER gt Refresh 2 Enter Current Time hh mm ss 13 25 00 press the ENTER key to continue Select menu 1 Date mm dd yy 02 15 03 oe ame Cari snmes sf 1232501 lt ESC gt Back lt E
74. he serial port directly on Port event handling configuration And this will enable the user to monitor the data from the attached device or to manage control a device attached serial port directly when pre defined keywords are detected At the same time the status of the connection between the Super Series and the serial device and the status of the TCP connection between the Super Series and remote hosts could be monitored and managed in the same way of the port keywords as well Each reaction can be configured individually upon each event Reaction can be an email delivery SNMP trap sending command sending or either combination of all reactions 69 Port event handling If the user wants to enable port event handling feature set Port event handling as enable This is a global parameter so if this feature is disabled the Super Series does not take any actions on port events Notification interval To prevent Super Series from being trapped in handling port event there is a Notification interval parameter Super Series will send notification email or SNMP trap every Notification interval even it detect predefined keyword within Notification interval The smaller value of this parameter will result in immediate response for predefined keyword and heavy usage of system resources The largest value accepted by user is recommended to prevent system resource usage minimization Email notification This parameter enables or disables Email not
75. ics and serial ports statistics display statistical usage of the link layer lo eth and serial ports IP ICMP TCP and UDP statistics display usages of four primary components in the TCP IP protocol suite 7 1 Network Interfaces Statistics Network interfaces statistics display basic network interfaces usage of the Super Series lo and eth0 lo is a local loop back interface and ethO is a default network interface of Super Series Network Interfaces statistics Bytes Packets Errors Drop FIFO Frame Compressed Multicast Transmit Bytes Zb 94 Packets 2991 Errors Drop FIF Frame Compressed Multicast Figure 7 1 Network interfaces statistics 7 2 Serial Ports Statistics Serial ports statistics display the usage history of 32 serial ports baud rate configurations and each port s pin status on A om 93 Serial ports statistics if a LI IF A A A A A A A A 0000 0006 Se be fe ke Ge fe be fe coco 0006 0006 0006 Figure 7 2 Serial ports status 7 3 IP Statistics The IP Statistics screen provides statistical information about packets connections using an protocol Definitions and descriptions of each parameter are described below Forwarding Specifies whether IP forwarding is enabled or disabled DefaultTTL Specifies the default initial time to live TTL for datagrams originating on a particular computer InReceives Shows the number of datagrams received InHdr
76. ifferent IP address each time it boots up The IP address should be reserved on the DHCP server side to assure that the user always knows the newly assigned Super Series address In order to reserve the IP address in the DHCP network the administrator needs the MAC address of the Super Series found on the label sticker at the bottom of the Super Series 3 1 3 Using PPPoE PPPoE Point to Point Protocol over Ethernet is a specification for connecting multiple computer users on an Ethernet LAN local area network to a remote site through a modem or similar device PPPoE can be used to multiple users the ability to share ADSL cable modem or wireless connection to the Internet To use the Super Series in PPPoE mode users require a PPPoE account and the necessary equipment for PPPoE access i e an ADSL modem Since the Super Series provides a PPPoE protocol it can access the remote host on the Internet over an ADSL connection The user will have to set up the user name and password of the PPPoE account for the Super Series The Super Series negotiates the PPPoE connection with the PPPoE server whenever it boots up During the negotiation the Super Series receives the information required for an Internet connection such as the IP address gateway subnet mask and DNS servers If the connection is established the Super Series will maintain the connection for as long as possible If the connection is terminated the Super Series will attempt to
77. ification feature of Super Series When Super Series sends Email notification it used SMTP server configured in SMTP server configuration If the SMTP server is not configured correctly or disabled Email feature gets disabled also For details of SMTP server configurations and descriptions please refer to section 3 4 SMTP Configuration Title of Email This parameter set Title of Email that will be sent by Super Series when pre defined keyword is detected Recipient s Email address This parameter set mail recipient who will receive notification mail when pre defined keyword is detected SNMP notification This parameter enables or disables SNMP notification feature of Super Series Title of SNMP trap This parameter set Title of SNMP trap that will be sent by Super Series when pre defined keyword is detected 70 Serial port configuration 1 Port tithe 1 one io Enable Disable this port Port tie Apply all ports settengs Host mode configuration Remote hast ropbheapgon Port IP filtering Cryptography configuration Filter appbrston Serial port parameters Modem configuration Port loggireg Port event handling Port event handling Enable Notification interval 30 3600 sec En Email motitecatear Enable Tite of Email For event notification mal Recipient s Email address fadmin my company com SNMP notification sabe Title of SNMP Gap Pom event notification SZ irap SMMD trap rec
78. igure 2 9 Connecting a equipment to the SS100 Equipment Figure 2 10 Connecting a equipment to the SS110 19 X K ae er gite Eokerem Figure 2 11 Connecting a equipment to the SS400 Left SS800 Right 2 2 4 Accessing the System Console There are several ways to access the Super Series These methods are dependent on whether the user is located at a local site or a remote site or whether s he requires a menu driven interface graphic menu system or CLI Command Line Interface e System console Local users can connect directly to the system console port of the Super Series using the console Ethernet cable with the corresponding adapter e Remote console Remote users who require a menu driven interface can utilize Telnet port 23 connections to the Super Series using terminal emulator e Web Remote users who want to use a web browser to configure the Super Series can connect to the Super Series using conventional web browsers such as Internet Explorer or Netscape Navigator The above methods require the user authentication by the Super Series system 2 2 5 Using the System console 1 Connect one end of the console Ethernet cable to the console port on the Super Series 20 Figure 2 12 Connecting a system console cable to the SS100 Figure 2 13 Connecting a system console cable to the SS110 Figure 2 14 Connecting a system console cable to the SS400 800 2 Connect to the user s computer with th
79. iking V 90 K56flex 021 A MODEM PC Card CIRRUS LOGIC KINGMAX KIT PCMCIA 56K 56K MODEM CL MD56XX v 90 FAX MODEM PC Card Fax Modem Card 5 41 TDK DH6400 TDK DH6400 1 0 64Kbps NTT F NTT DoCoMo Mobile Mobile Card Triplex N Card Triplex N 64Kbps 115 Appendix 3 Super Series Configuration files A 3 1 System cnf 116 A 3 2 Redirect cnf 121 Appendix 4 Well known port numbers Port numbers are divided into three ranges Well Known Ports Registered Ports and Dynamic and or Private Ports Well Known Ports are those from 0 through 1023 Registered Ports are those from 1024 through 49151 Dynamic and or Private Ports are those from 49152 through 65535 Well Known Ports are assigned by IANA and on most systems can only be used by system processes or by programs executed by privileged users Table A 8 shows some of the well known port numbers For more details please visit the IANA website http www iana org assignments port numbers Table A 8 Well known port numbers FTP File Transfer Protocol TCP SSH Secure SHell SMTP Simple Mail Transfer Protocol RLP Resource Location Protocol H H TH ECH f O OP CH IUT NNTP Network News Transfer Protocol 122 Appendix 5 Guide to the Bootloader menu program A 5 1 Overview The bootloader menu provides a way to recover the Super Series unit using BOOTP TFTP as a disaster recovery option and to diagnose the system hardware If the user presses t
80. ion The Web server supports both HTTP and HTTPS HTTP over SSL services simultaneously The user can opt to enable or disable each individually Figure 3 11 shows the Web server configuration page Web server configuration HTTP service Enabled B HTTPS service Enabled DI Web page refresh rate for statistics data fo setonds d e display 0 1800 0 for no refreshi Default web page Configuration page D Customer web start page E HTML findes bei CGI cgi bindefault Customer page authentication Dissbled B Save to flash Save amp apply Cancel Figure 3 11 Web server configurations The Web page refresh rate can be also adjusted in this configuration page The refresh rate is only applicable to the system statistics pages such as network interfaces serial ports IP ICMP TCP and UDP Other pages in the Web interface are not refreshed automatically For more information about the system statistics please refer to section 7 System Statistics On this configuration menu page users can select default web page that will pop up after user logs in to the Web UI Factory default is Configuration page and user can changes this to Customer page After selecting Default web page as Customer page user can set Customer web start page as one of HTML index html or CGI default which are located under usr2 directory User can change or modify these files for his own purpose For anonymous access to the customer page
81. ion Port logging Port evant handing Figure 4 9 Port IP filtering for serial ports 4 2 7 Cryptography configuration The Super Series supports encrypted sessions for only TCP mode including modem emulation mode not UDP mode 4 2 7 1 Secure Sockets Layer SSL and Transport Layer Security TLS cryptography method By setting the cryptography method as one of SSLv2 SSLv3 SSLv3 rollback to v2 or TLSv1 the Super Series can communicate with other device supporting SSL TLS cryptography method in encrypted sessions SSL was developed by Netscape for use between clients and servers SSL layers on top of any transport protocol and can run under application protocols such as HTTP SSL aims to be secure fast and adaptable to other Web protocols SSL provides data security for applications that communicate across networks SSL is a transport layer security protocol layered between application protocols and TCPIIP TLS is an updated version of SSL The protocol is specified in an Internet RFC developed under the auspices of the Internet Engineering Task Force IETF TLS is an evolution of SSL and it specifies a mechanism for falling back to SSL if either client or server does not support the newer protocol so a transition to TLS is relatively painless To initiate SSL TLS sessions exchange of messages called the SSL handshake is required 57 between two devices Server and Client The SSL TLS protocol uses a combination of public key
82. ion so that user can fit Super Series for his own purpose The Super Series provides following types of user customization methods Periodical program execution User defined web pages Making and running user s own code 9 2 Periodical program execution User can use crontab to execute a specific program periodically To enable periodical jobs using crontab please complete following steps Step 1 Create a crontab file on usr2 directory Following sample crontab file generates current_date file under tmp directory and revise its contents every 2 minutes SHELL bin bash Sample crontab job Run every two minutes echo date gt tmp current_date Step 2 Register crontab file using following command root SS800_Device usr2 crontab samplecrontab_file Step 3 To make cron job permanent for every system reboot please use rc user script as follows bin bash rc user Sample script file for running user programs at boot time PATH bin usr bin sbin usr sbin AGG shell command To execuLle from here crontab usr samplecrontab_file exit 0 Please note that e option editing current crontab using editor is not supported in SS So user must user vi editor to change contents in crontab file For more information about the format of crontab file please refer to Linux crontab manual man 5 106 crontab 9 3 User defined web pages Super Series supports user defined web page
83. l 132 Step 4 Enter IP address of Server IP address of Super Series and Port number port number of serial port 1 correctly And then select other parameters as follows Credentials No Login Required Connection Protocol Telnet Security SSL Version 3 SSLv3 _ erally Contoal Panel 42 3 Settings for COME IP den of Server IESENE Conigurstion Aizad Credentials e Ho Login Required Use Windows Credentials Prompt on COM Dog Open Prompt at Login Use Gredenliate Below Pe anne chon Pros E Telnet weh CE Fsdiing Aay TCP Connection Port Humber TS Select Pons Poet Mondinr Licensing Advanced COM Par Options IT OTA i modem escape M DSR always high T DCD always high Aastore Faled Connections Security Enable SSL Vorsion 3 3L Hei About Figure A 20 Set parameters on Serial IP Control Panel Step 5 Open the terminal emulation program and select the corresponding COM port Then user can use the serial port of Super series using his local terminal emulation program as if it is one of COM ports on his PC 133 mmi E s d lte Krop Ei Kees seen Figure A 21 Connect to serial port of Super series via Serial IP Step 6 User can monitor or trace the connection status using Serial IP Port Monitor or Trace window 23 06 46 140 COME 23 06 46 140 Cie 23 06146 140 Cond 23 06 46 171 COME 23 D8 40 840 Come F706 4
84. l device can be sent to the first data acquisition server and the second to the second server What user device has to do is to change the IP address or domain name parameter whenever the device sends ATD T XXX command By using the modem emulation mode of the Super Series users can have their serial device connected to the Ethernet network easily which is cheaper than using phone line modem Table 4 2 is a summarized AT command table which is supported by the Super Series Figure 4 7 shows the typical case of the serial port command flow when ATDA command is used to connect to the Ethernet network Table 4 2 AT commands supported in the Super Series Command Internal Operation Response Verbose Code Return to command input mode 9 If Echo mode is enabled the command will be sent back first And then corresponding response will be sent If disabled only response will be sent 53 Set TCP mode as TCP client mode And then try to connect ATD T to the specified remote host remote IP or domain name remote port CR LF e g atdt192 168 1 9 1002 Connect to IP address 192 168 1 9 port 1002 e g atdt Connect to the remote host using the parameters specified AT or ATZ CR LF Initialize TCP socket and serial port ATA CR LF Repeat last command Set TCP mode as TCP server mode And then set TCP state ATA as Listen Local port number If the command parameter Local port number is not CR
85. le command line interface CLI of the Super Series via the serial console or TELENT SSH In the CLI the authorized user can perform standard Linux commands to view the status of the Super Series edit the configuration apply configuration changes define user scripts and transmit files between the Super Series and remote hosts The Super Series provides 1024 KB user space mounted in usr2 for read write capabilities in its internal flash memory Using the user space the user can create his own scripts or executable binaries to customize the Super Series A root user will always have access to the CLI through the serial console on the Super Series back panel or by using a Telnet client from their workstation A System Administrator cannot have access to the CLI He can only access console configuration menu or Web UI 8 2 Flash partition The Super Series internal flash is partitioned as shown in the table below The users can freely access the Mtdblock5 which is mounted on usr2 for their own needs The user can also access files at etc var and temp at their own risk Simply accessing these files will not affect the Super Series after rebooting However if the user invokes the command saveconf the changes in the configuration file will be committed to the internal flash memory area of the Super Series This will result in the changes being kept after the reboot sequence Invalid configuration changes can affect the Super Series behavior
86. ls to discover the PC card the following error message will be displayed on the menu screen 76 Microsoft Internet Explorer Figure 5 2 Failure to detect error message Refer to Appendix B PC Card supported by Super Series to view a list of PC cards support by the Super Series To stop or remove the PC card user must complete the following steps Step 1 Select Ban show the actual button Stop card service Step 2 Save the configuration changes by selecting Save to flash Step 3 Apply changes by selecting Apply changes from the menu Step 4 Remove the PC card from the PC card slot Note Removing the PC card from the slot without following the above instructions may cause a system malfunction 5 1 LAN Card Configuration A LAN card will create two network interfaces and two IP addresses The users can assign a valid IP address to each serial port The IP address must be valid in the Super Series built in network interface or the environment of Super Series PC card LAN interface environment 77 PC card configuration Currently configured PC card Card pe Network Card Medal Linksys Etherfast 10 100 Integrated PC Card ge IPCM100 ver 1 0 are congu anar IP mode IP address Subnet mask Default gateway Dnrr are OMS Secondary GAS PPPOE user name PPPOE password Contre PPPoE password DC card service Discover a new card Sop card service Save to fash Save amp apply Cancel
87. lure ERROR CR LF OK CRIILF OK CRIILF If n 1 OK CR LF If others ERROR CR LF If n 0 OK CR LF If others ERROR CR LF Table 4 3 AT commands Response Code Verbose Code Numeric Code Description After ATV1 command executed After ATVO command executed OK CR oea HelloDevice Serial SS100 Device Command mode TCP connection gewusst pa TCP connection Established CONNECT ATA DATA TCP mode Request TCP disconnection lt q a TE a RE TCP 2 l Command mode disconnection NO CARRIER Figure 4 7 Typical case of command data flow of modem emulation mode 4 2 5 Remote host configuration Remote host configuration is the list of hosts that will receive data from serial port of Super Series when there is data transmission from a serial port of Super Series In TCP mode user can also configure secondary remote host that will receive data from serial port if Super Series fails to connect to primary remote host But if connection to primary remote host can be made Super Series dose not send data to secondary remote host until connection to primary remote host failed And the maximum possible number of primary remote host is limited up to 16 In UDP mode user can configure only primary remote host because there is no way for Super Series to check status of primary remote host so secondary remote host is meaningless 55 Figure 4 8 shows Remote host
88. ly has access through the remote console there is no way to know if an IP address has changed or what the new IP address is A Dynamic DNS service is provided by various ISPs or organizations to deal with the above issue By using the Dynamic DNS service users can access the Super Series through the hostname registered in the Dynamic DNS Server regardless of any IP address change By default the Super Series only supports Dynamic DNS service offered at Dynamic DNS Network Services LLC www dyndns org Contact Sena technical support for issues regarding other Dynamic DNS service providers To use the Dynamic DNS service provided by Dynamic DNS Network Services the user must set 33 up an account in their Members NIC Network Information Center http members dyndns org The user may then add a new Dynamic DNS Host link after logging in to their Dynamic DNS Network Services Members NIC After enabling the Dynamic DNS service in the Dynamic DNS Configuration menu the user must enter the registered Domain Name User Name and Password After applying the configuration change users can access the Super Series using only the Domain Name Figure 3 4 shows the Dynamic DNS configuration web interface Dynamic ONS configuration Dynamic DNS Enabled Domain Marne 55300 dyndns b z User Mame ssE00 user Password lese Conhirm password lee Save to lash Save amp apply Cancel Figure 3 4 Dynamic DNS Configuration
89. mode set to TCP mode 10 Port logging 11 Port event handling Serial port configuration All ports Port title Mave to Enable Disable this port EnableDisable this port Enable D Save to lash Save E apply Cancel Port DUS Host mode configuration Remote host configuration Port IP filter ng Crypbagranhy canhqurater Filter applicabon Serial port parameters Modem configuration Port logging Port event Panz Figure 4 19 All port configuration e Port enable disable This parameter enables or disables port function 74 Port title If this parameter is set with a certain string the port title of each serial port will be set with a combination of this string and the port number For example if the port title is set with my server the port title of port 1 will be set with my server 1 the port title of port 2 will be my server 2 and so on Host mode If the host mode is set to TCP or UDP mode the listening port number of each serial port will be set with the following equation listening port number serial port number 1 Other parameters of each serial port will be set as the same value set in as all port configuration Remote host configuration Port IP filtering Cryptography configuration Filter application Serial port parameters Modem configuration Port logging Port event handling For the parameters of the groups above the values set in an all port config
90. nge the serial communication type set up the mode in the Type menu See Appendix B for serial port connections due to the Type setup The Super Series supports two types of RS485 communication echo mode and non echo mode which are both two wire mode In RS485 echo mode all data received from the serial port 63 are automatically sent back to the serial port while there is no action of sending back in non echo mode For more information about pin out of serial port and wiring diagram please refer to Appendix 1 Connections section Baud rate The valid baud rate for the Super Series is as follows 75 150 200 300 600 1200 2400 4800 9600 14400 19200 38400 57600 115200 and 230400 The factory default setting is 9600 Data bits Data bits can be between 7 bits and 8 bits The factory default setting is 8 bits Gerial port configuration 1 Port 1 Enable Disable this port Port ttle Apply all ports settings Host mode configuration Remote host conhguratian Port IF filtering Cryptography configuration Filter application Serial port parameters Type Baud rate Data bets Parity one Shop bits bi Flew pontroal Mone DTS Behawiar Awsys High DSR behawer Hone Inter character tene out 0 1L0000 msec fi LD Save to flash Save E apply Cancel Modem conhiguratian Port logging Port event handling Figure 4 15 UART configuration Parity 64 Parity can be none e
91. or SS110 400 800 The SS 110 400 800 uses an RJ45 connector for console and serial ports The pin assignment of the RJ45 connector for console and serial ports is summarized in Table A 3 Each pin has a function according to the serial communication type configuration Table A 3 Pin assignment of RJ45 connector for console and serial ports RS232 RS485 RS422 console and serial ports only serial ports only serial ports fe Ze ee EEN E Rx A 1 4 Ethernet Wiring Diagram HelloDevice Remote Host Rx 1 Rx 1 Rx 2 Rx 2 Tx 3 Tx 3 Tx 6 Tx 6 Figure A 3 Ethernet direct connection using crossover Ethernet cable HelloDevice Hub Rx 1 Rx 2 Tx 3 Tx 6 Rx 1 Rx 2 Tx 3 Tx 6 Figure A 4 Ethernet connection using straight through Ethernet cable 109 A 1 5 Serial Wiring Diagram A 1 5 1 RS232 Serial Wiring Diagram for SS100 HelloDevice Serial Device Tx 3 Rx Rx 2 Tx RTS 7 CTS CTS 8 RTS DTR 4 DSR DSR 6 DTR GND 5 GND RS232 Figure A 5 RS232 wiring diagram for SS100 A 1 5 2 RS232 Serial Wiring Diagram for SS110 400 800 RJ45 DB9 female adapter Using RJ45 to DB9 Female Cross over Cable Description RJ45 Description DB9 co Bue TS ose range eo RxD Black st eno Red rH CD Green 5 k XD Yellow 6 t gt RxD gt oei DR Brom 7 4 rts whi s e gt s cs 110 RJ45 DB25 female adapter Using RJ45 to DB25 Female C
92. oss development environment user can make his own program on his own Linux PC And then he can upload his own program to Super Series To run this program in Super Series user can use user script file and or crontab program If the purpose of user program is manipulating of serial data he can use filter application menu For more information about configuring filter application please refer to 4 2 8 Filter application section 107 Appendix 1 Connections A 1 1 Ethernet Pin outs The Super Series uses the standard Ethernet connector that is shielded connector compliant with AT amp T258 specifications Table A 1 shows the pin assignment and wire color 1 4 Figure A 1 Pin layout of the RJ45 connector Table A 1 Pin assignment of the RJ45 connector for Ethernet Orange White with blue White with brown Brown A 1 2 Console and Serial port pin outs for SS100 The pin assignment of the SS100 DB9 connector is summarized in Table A 2 Each pin has a function according to the serial communication type configuration 123 45 00000 0000 6789 Figure A 2 Pin layout of the DB 9 connector of SS100 Table A 2 Pin assignment of DB 9 connector for console and serial port of SS100 Pin RS232 See G ss BS EE Dala RECH R L 3J Be Re HT 4 DR Re J L5 eno o do o 108 6e SDS E E z RTS J ll o el 8e etss J o Lol aie Daar A 1 3 Console and Serial port pin outs f
93. ote host Dee Allowed host IP Port IP filtering Subnet mask to be applied Encryption method None SSLv2 SSLv3 SSLv3 rollback to v2 TLSv1 3DES RC4 Cryptography Cipher suite selection Verify client server mode only Verify certificate chain depth Check the certificate CN Filter application Elter application path Filter application arguments Type Baud rate Data bits Parity Stop bits Flow control DTR behavior DSR behavior Inter character timeout ms Enable Disable modem we Modem init string DCD behavior Enable Disable Port logging e Port log storage location Port log buffer size Display port log Port event handling Enable Disable port event handling Notification interval Enable Disable Email notification Title of Email Recipient s Email address Enable Disable SNMP notification Title of SNMP trap SNMP trap receiver s IP address SNMP trap community SNMP trap version Remote host Serial Port Parameters Email notification SNMP notification 1 TCP UDP mode only 7 A secondary remote host is available for connection fail backup in TCP mode 3 TCP UDP mode only 4 TCP mode only 42 Add Edit a keyword Keyword string Email notification SNMP trap notification Port command Remove a keyword Figure 4 1 shows the web based serial port configuration screen This serial port configuration main screen summarizes port information In this summary page user can find how host mod
94. port Rx Tx Blink whenever there is any incoming or outgoing data stream through the serial port of the SS100 100Base Turned on to GREEN if connected to 100 Base Ethernet network Turned on to GREEN if connected to 10 or 100 Base Ethernet network Blink whenever there is any activities such as incoming or outgoing packets through the SS100 Ethernet port 14 Figure 2 1 The panel layout of the SS100 2 1 2 SS110 Panel Layout The SS 110 400 800 has three groups of LED indicator lamps to display the status as shown in Figure 2 2 and Figure 2 3 i e System Ethernet and Serial ports The first three lamps on the left side indicate Power Ready and PC Card interface The next three lamps are for Ethernet 100Mbps Link and Act Next lamp indicate Receive and Transmit of the serial port Table 2 2 describes the function of each LED indicator lamp Figure 2 2 The panel layout of the SS110 15 Table 2 2 LED indicator lamps of the SS 110 400 800 Lamps OoOO O System Power 2 Turned on if power is supplied W Turned on if system is ready to run Turned on if a PCMCIA device is running Turned on if 100Base TX connection is detected LINK Turned on if connected to Ethernet network Ga Blink whenever there is any activities such as incoming or outgoing packets through the Super Series Ethernet port Serial port Poe Turned on if the serial port is in use SS400 800 only Port buffering enabled or port access in use Rx T
95. r both individual and all port configurations are similar Individual Port Configurations are classified into nine 9 groups 1 NO a o bh 9 10 11 12 Port enable disable Port title Apply all port settings Host mode Remote host Available only when the host mode is set to TCP or UDP mode Port IP filtering Available only when the host mode is set to TCP or UDP mode Cryptography Available only when the host mode is set to TCP mode and Modem Emulation mode Filter application Serial port parameters Modem configuration Port logging Port event handling Available only when the port logging feature of the port is enabled Users can switch to another serial port configuration screen conveniently using the Move to list box at the right upper side of the individual port configuration screen Serial port configuration 1 Port title 1 Enable Disable this port Enable Desable this port Enable Save to flash Save E apply Cancel Reset this port set this port as factory default Art De ee y all ports setting Host mode configuration Remote host configuration Port IP fitbarirey Li Fe DOr ap hy contigurabon T peice Modem conf LT SCH Port lagging Port gv ent handling Figure 4 2 Serial port enable disable 44 4 2 1 Port Enable Disable Each serial port can be enabled or disabled If a serial port is disabled users cannot access the serial port Figu
96. ration Table 3 1 IP configuration Parameters DHCP Primary DNS Secondary DNS Optional PPPoE PPPoE Username PPPoE Password Primary DNS Secondary DNS Optional 26 IF configuration IP mode Siete IP address VE t C CS Subnet mask EA Del aul gateway AL T Y Primare ONS 0 0 0 0 for auto i Be 126 651 Secondary DHS optional i be 126 ba 2 PRROE user name PPPOE password Confirm PPPoE password Save bo fash Save E apply Cancel Figure 3 1 IP Configuration 3 1 1 Using a Static IP Address When using a Static IP address the user must manually specify all the configuration parameters associated with the IP address of the Super Series These include the IP address the network subnet mask the gateway computer and the domain name server computers This section will look at each of these in more detail Note The Super Series will attempt to locate all this information every time it is turned on e IP address A Static IP address acts as a static or permanent identification number This number is assigned to a computer to act as its location address on the network Computers use these IP addresses to identify and talk to each other on a network Therefore it is imperative that the selected IP address be both unique and valid in a network environment Note 192 168 1 x will never be assigned by and ISP Internet Service Provider IP addresses using this fo
97. re 4 2 shows the serial port enable disable screen By clicking on the Reset button users can reset a stuck or deadlocked serial port Click on the Set button to set the port as factory default 4 2 2 Port Title Users can enter descriptive information for each port based on the device attached to it This can include the device type vendor and or location The port title is helpful in the configuration process Serial port configuration 1 Port title 1 Enable Disable thes port Port title Port title Port title SI Save to flash Save amp apply Cancel Apply all ports settings Host mode configuration Remote host C onfigu ration Port IF filtering Cryptography configuration Filter 42qplicahan e nal port parameters Modem contiguraton Part erent handang Figure 4 3 Port title configuration 4 2 3 Apply All Port Settings To prevent the possibility of the user inadvertently selecting to change all port settings at the same time the Super Series provides the ability to enable or disable this function at an individual serial port level Changes made when using the change all port parameters at once function will not be applied to an individual serial port if the function has been disabled See Figure 4 4 This shows the apply all port setting configuration screen 45 Serial port configuration 1 Port tithe 1 Enable Disable thas port Det tree Apply all ports settings Apply all
98. rm are considered private Actual applications of the Super Series may require access to public network such as the Internet If so a valid public IP address must be assigned to the user s computer A public IP address is usually purchased or leased from a local ISP e Subnet mask A subnet represents all the network hosts in one geographic location such as a building or local area network LAN The Super Series will use the subnet mask setting to verify the origin of all packets If the desired TCP IP host specified in the packet is in the same geographic location on the local 27 network segment as defined by the subnet mask the Super Series will establish a direct connection If the desired TCP IP host specified in the packet is not identified as belonging on the local network segment a connection is established through the given default gateway e Default gateway A gateway is a network point that acts as a portal to another network This point is usually the computer or computers that control traffic within a network or a local ISP Internet service provider The Super Series uses the IP address of the default gateway computer to communicate with hosts outside the local network environment Refer to the network administrator for a valid gateway IP address e Primary and Secondary DNS The DNS Domain Name System server is used to locate and translate the correct IP address for a requested web site address A domain name is th
99. ross over Cable Description RJ45 1 Internal Cable Color aa Pin No T Pin No DB25 EIS O Blue R Orange DSR Black GND Bei TXD Yellow RS write RJ45 DB25 male adapter Using RJ45 to DB25 Male Cross over Cable DB25 Pin No Description DB25 Bue ee e e gt o oR Ro Back gt w end Red gt 7 8 Bob Dr reien gt Re gt 6a oR gt 5 cs RJ45 DB25 male adapter Using RJ45 to DB25 Male Straight Cable BEE gt 2 ep oR bom 7 gt 20 DR k rats White s e 4 Rs 111 A 1 5 3 RS422 285 Serial Wiring Diagram for SS100 Data 1 RS485 Data Device HelloDevice 120 Q 1200 N max 31 Data 9 Data Figure A 6 RS485 wiring diagram for SS100 Tx 9 Devicey HelloDevice N max31 Rx Rx Tx Tx Devicey Figure A 7 RS422 wiring diagram for SS100 A 1 5 4 RS422 285 Serial Wiring Diagram for SS110 400 800 112 Data Device y seri s Nema JT RSd22 Device y N max3T Pye Rut Tx Tei Re Ay Tx TYT Device Device 44 Figure A 9 RS422 wiring diagram for SS110 400 800 113 Appendix 2 PC card supported by Super Series The following PC cards are supported by the Super Series series Table A 4 Network card Manufacturer Model Name SS probed Model name Specification 3COM 3CXE589ET AP 3Com Megahertz 589E 10 Mbps LAN card TP BNC LAN PC Card Linksys Linksys EtherFast 1
100. rotocol Uploading procedure is similar to firmware upgrade using console menu as follows Prepare user file to be uploaded 2 Connect the terminal emulation program using either TELNET SSH or a serial console port TELNET or SSH is recommended since the process of firmware upgrade by serial console Using a serial console port may take a long time Select from the user file upload menu as shown Figure 6 12 4 Follow the online directions and transfer the user file using the Zmodem protocol as shown in Figure 6 10 5 Once the upload has been completed the system will display success messages as shown in Figure 6 12 6 Ifthe upload fails the Super Series will display error messages as shown in Figure 6 13 Note User file uploading is permitted only under user space usr2 directory For more information about file system inside Super Series please refer to 8 2 Flash partition section Welcome to SS 800 configuration page Cinrenta eime 08 14 2003 aie sos ils F W REV 3 Wl 050 Serial No S SS800438349 42944 MAC address 00 01 95 04 d3 03 IP mode 3 DHCP iP acddvess 1922169222208 SELSCE MERVE 91 Figure 6 12 User file upload menu and success messages Figure 6 13 User file upload fail messages 7 System Statistics The Super Series Web interface provides system statistics menus The user can use the menus to access statistical data and tables stored in the Super Series memory Network interfaces statist
101. s Enter Please enter the following extra attributes tTO be gent wien yonr Cerc E E SHE EC enee A challenge password Press Enter Do not enter any other characters An optional company name Press Enter Do not enter any other characters A 7 4 Signing a certificate request 4 1 Signing a certificate request cd work openssl 0 9 7c CA cp req pem newreq pem sh usr local ssl misc CA sh sign Using configuration from usr share ssl openssl cnf 137 4 2 Check whether signed certificate newcert pem is generated Is A 7 5 Making certificate for SS 5 1 Removing headings in newcert pem file cd work openssl 0 9 7c CA Cp newcert pem server pem vi server pem 138 5 2 Concatenating key pem file to server pem cat key pem gt gt server pem 139
102. s TCP listening port This is the TCP port number through which remote host can connect a TCP session and send and receive data Incoming connection request to the ports other than TCP Listening Port will be rejected The Super Series does restrict the port number from 1024 to 65535 and if it is set as 0 only outgoing connection is permitted TCP server mode Telnet protocol In TCP mode Super Series support Telnet Com Port Control Option RFC2217 compliant so that user can control serial parameters like baud rate data bits and flow control option using his local RFC2217 compliant Telnet client program Please refer to section 4 2 9 Serial port parameters for more detail information about serial parameters Usually this option is used with the RFC2217 compliant COM port redirector so that user can control parameters of serial ports of Super Series using his serial port application program For this purpose SENA OEM version of Serial IP from Tactical Software LLC is bundled with Super Series Please refer to documentations of Serial IP for more detail information about using the COM port redirector Please refer to section Appendix 6 Using Super Series with Serial IP for more detail information Max allowed connection The Super Series supports multiple connections from external host s to a serial port up to 32 But if there are remote host connections by the remote host list configuration already possible number of connection is reduc
103. s User can set user defined page as a first page which will be popped up after user login to Web UI For more information about changing default web page please refer to 3 9 Web server configuration section Once default web page is changed to Customer page Customer page will be popped up after user logs in to Web UI To change contents of Customer page user must modify index html or default CGI program These two files are located under usr2 directory of Super Series To change contents of index html file it is sufficient to change contents of index html file But to change contents of CGI program user should compile source code of CGI program after modifying original source code To compile source code of CGI program user need cross development environment or SDK Software Development Kit for Super Series Please contact Sena Technical Support to get SDK for Super Series or more information about cross development environment 9 4 Making and running user s own code To make user s own application code cross development environment or SDK Software Development Kit for Super Series is needed Super Series SDK is provided in the form of PC CF card Please contact Sena Technical Support to get SDK for Super Series or more information about cross development environment With Super Series SDK user can make his own program in the CLI of Super Series For more detail information please refer to Super Series customization guide With cr
104. s bo send a mad i1 E 100 S System log reagient s mail address adrienne ouroompany com System lag 07 23 2003 11 26 71 Boot wp System Start 07 23 2003 11 26 21 gt Start with Static IP by 192 168 14 7 67 23 2003 11 28 21 Start with PPPOE by 197 16514 7 Figure 6 2 System log configuration and view 6 3 User Logged on List This function allows a user to view current and historical user activity on the shell of Super Series Users logged on list Lsername Terminal Login Gabe and Time root console Jul 23 11 27 Figure 6 3 User logged on list The list displays the following information for users who have logged into the system User name Terminal type for the session Time connected IP address of the remote host Note Users access via the web will not appear on the list Connections are not always made using HTTP HTTPS protocol 84 6 4 Change Password The password for the administrative users of Super Series can be changed change passvrord Lurment username admin Enter current pswwsord Enter new password Lonfirm new password Figure 6 4 Changing the password 6 5 Device Name Configuration The Super Series has its own name for administrative purposes Figure 6 5 shows the device name configuration screen When user changes Device name hostname of Super Series shall be changed and then prompt on CLI also shall be changed to the corresponding one as follows root SS800_Devic
105. s matched with Common Name CN in the certificate Super Series checks Common Name CN only if it acts as SSL TLS client 60 Serial port configuration 1 Port tithe 1 Enable Disable thas port Port othe Apply al ports settings Hast mode configuraton Remote host configuration Port IF filtering Cryptography configuration Engrrpbon method SEL E able Disable nber suites FF SSL_CK_RC4_120_WITH_MOS SSL CK _RC4 126 _ExXPORT40_WITH_MDS5 B ss CK RC 128 CBC WITH MOS F S5__CK_RC _126_CBC_EXPORT40_ ITH_MDS SSL Cr IEA 138 WITH MDS Ree CK DES GA CBC wWITH MDS Ra Cr DES 192 EE CBC wm MDS Verte cient tink serrer mode on Verify certificate chain depth Check the certficabe CH Save to lash Save amp apply Cancel Filter application Serial port parameters Modem configuration Dort logging Fort avant handling Figure 4 11 Cryptography configuration 4 2 7 2 3DES cryptography method By setting the cryptography method as 3DES the Super Series can communicate with other Super Series device or HelloDevice Pro Series in 3DES 168 bits encrypted sessions Figure 4 12 shows record format of 3DES packet where meanings of each field are as follows Length Data Padding Figure 4 12 Record Format of 3DES packet 6 Length The length is 8 bits number The length is the length of content data and padding 3DES is a 64 bit block cipher algorithm and then the length must be a multiple of 8 64 8
106. srcOuenchs Guthediracts utEchos utEchofeps QutTime skanps OSutTimestampReps GubSddrlasks GubeddrMaskReps Figure 7 4 ICMP statistics 7 5 TCP Statistics The TCP Statistics screen provides statistical information about packets connections using a TCP protocol Definitions and descriptions of each parameter are described below RtoAlgorithm Specifies the retransmission time out RTO algorithm in use The Retransmission Algorithm can have one of the following values 0 CONSTANT Constant Time out 1 RSRE MIL STD 1778 Appendix B 2 VANJ Van Jacobson s Algorithm 3 OTHER Other RtoMin Specifies the minimum retransmission time out value in milliseconds RtoMax Specifies the maximum retransmission time out value in milliseconds 98 MaxConn Specifies the maximum number of connections If is the maximum number is set to 1 the maximum number of connections are dynamic ActiveOpens Specifies the number of active opens In an active open the client is initiating a connection with the server PassiveOpens Specifies the number of passive opens In a passive open the server is listening for a connection request from a client AttemptFails Specifies the number of failed connection attempts EstabResets Specifies the number of established connections that have been reset CurrEstab Specifies the number of currently established connections InSegs Specifies the number of segments received OutSegs Spe
107. st Super Series acts as a SSL TLS client during the SSL handshake process When user uses SSL TLS cryptography method user can configure following parameters e Enable Disable cipher suites A cipher suite is an object that specifies the asymmetric symmetric and hash algorithms that are used to secure an SSL TLS connection The asymmetric algorithm is used to verify the identity of 59 the server and optionally that of the client and to securely exchange secret key information The symmetric algorithm is used to encrypt the bulk of data transmitted across the SSL TLS connection The hash algorithm is used to protect transmitted data against modification during transmission The length of the keys used in both the symmetric and asymmetric algorithms must also be specified When a client makes an SSL TLS connection to a server it sends a list of the cipher suites that it is capable of and willing to use The server compares this list with its own supported cipher suites and chooses the first cipher suite proposed by the client that it is capable of and willing to use Both the client and server then use this cipher suite to secure the connection Choice of cipher suite s depends on environment and security requirements The RSA based cipher suites are the most widely used and may also give some advantages in terms of speed The Super Series support various cipher suites and user can select each cipher suite by enabling or disabling corr
108. supports modem AT commands or users want to perform the session control by using AT commands Only TCP session is supported e Virtual COM This feature will be added later With the port logging feature while in console server mode the data sent through the serial port is transferred to MEMORY SYSLOG server NFS server s storage or an ATA IDE fixed disk card using a PC Card slot The user can also define keywords for each serial port that will trigger an email or SNMP trap notification This will enable the user to monitor the data from the attached device Using MEMORY to store data will result in loss of all information when the Super Series is turned off Use the NFS server or ATA IDE fixed disk card to preserve the serial port log data The serial ports can be configured individually or all at once Table 4 1 summarizes the configuration parameters related to the serial port configuration Table 4 1 Serial port configuration parameters All serial Port Enable Disable ports Port title setting Apply all port settings Individual serial port setting only E Host mode TCP Individual serial nort 41 serial port l Inactivity timeout 0 for unlimited setting UDP listening port 1 8 1 4 Max allowed connection Accept UDP datagram from unlisted remote host or not Inactivity timeout 0 for unlimited Add or Edit a remote host Primary host address Primary host port Secondary host address Secondary host port Remove a rem
109. t overrides any configuration information as such it provides a means whereby all authentication failure traps may be disabled EnableLinkUpTraps Indicates whether the SNMP agent process is permitted to generate Ethernet link traps EnableLoginTrap Indicates whether the SNMP agent process is permitted to generate system login traps If users need support for adding or modifying MIBs please contact Sena technical support For more information about the MIBs and SNMP see the RFCs 1066 1067 1098 1317 1318 and 1213 3 2 2 Access Control Configuration Access Control defines accessibility of managers to the Super Series SNMP agent Only the manager set in this menu can access Super Series SNMP agent to exchange information and control actions If there is no specified IP address all IP address are defaulted to 0 0 0 0 a manager from any host can access the Super Series SNMP agent 3 2 3 Trap Receiver Configuration The Trap receiver defines managers which can be notified of significant events TRAP from the Super Series SNMP agent 3 2 4 Management using SNMP The Super Series can be managed through the SNMP protocol using NMS Network Management System or SNMP Browser Before using the NMS or SNMP Browser the user must set the access control configuration properly so that the Super Series permits host access where the NMS or SNMP Browser is executed Figure 3 3 shows a screen shot of a typical SNMP browser with MIB II O
110. t the location to export to 2 Select the encrypting option 3 Type the file name 4 Click the Export button To import the exported configurations follow this 1 Select the location to import from 2 Select the configurations to import 3 Select the encrypting option 4 Select the file to import from the file selection list box if location is not local machine nor factory default EA Select the file to import by clicking browse button if location is local machine 6 Click the Import button 6 8 Firmware Upgrade Firmware upgrades are available via serial remote console or web interface The latest upgrades are available on the Sena web site at http www sena com support downloads 88 Figure 6 8 shows the firmware upgrade web interface To upgrade firmware via the web 1 Select the latest firmware binary by clicking browse button 2 Select and upload the selected version 3 Once the upgrade has been completed the system will reboot to apply the changes Firmware upgrade Select Ehe now rra a p binary be Trus will take 5 menutes mas mum OO SHEL Upgrade Reset Figure 6 8 Firmware upgrade To use either a remote or serial console to upgrade your firmware the TELENT SSH or terminal emulation program must support Zmodem transfer protocol After the firmware upgrade the previous settings will be reset to the factory default settings except the IP configuration settings To upgrade firmw
111. ted to the network Internet protocol specifications define host as any computer that has full two way access to other computers on the Internet A host will have a specific local or host number that together with the network number forms its unique IP address e Session A series of interactions between two communication end points that occur during the span of a single connection Typically one end point requests a connection with another specified end point If that end point replies agreeing to the connection the end points take turns exchanging commands and data talking to each other The session begins when the connection is established at both ends and terminates when the connection is ended e Client Server Client server describes the relationship between two computer programs in which one program the client makes a service request from another program the server which fulfills the request 11 A server is a computer program that provides services to other computer programs on one or many computers The client is the requesting program or user in a client server relationship For example the user of a Web browser is effectively making client requests for pages from servers all over the Web The browser itself is a client in its relationship with the computer that is getting and returning the requested HTML file The computer handling the request and sending back the HTML file is a server 12 Table 1 1 Acron
112. ting to the network Plug one end of the Ethernet cable to the Super Series Ethernet port The other end of the Ethernet cable should be connected to a network port If the cable is properly connected the Super Series will have a valid connection to the Ethernet network This will be indicated by The Link lamp will light up green The Act lamp will blink to indicate incoming outgoing Ethernet packets The 100Mbps lamp will light up green if the Super Series is connected to 100Base TX network The 100Mbps lamp will not turn on if the current network connection is 10Base T 17 Figure 2 6 Connecting a network cable to the SS100 N Figure 2 7 Connecting a network cable to the SS110 Figure 2 8 Connecting a network cable to the SS400 800 2 2 3 Connecting to the device 18 Connect the console cable to the Super Series serial port To connect to the console port of the device the user needs to consider the type of console port provided by the device itself In the Super Series cable kit package plug in adapters are provided for the easier connectivity to the user s devices Please refer to the Appendix 1 Connections for details Note If the configuration of the SS100 through the serial console is required connect the serial cable to the serial port of user s computer first And push the Data Console switch to the Console side Configuration of the SS100 is discussed on Section 2 2 5 Serial Device F
113. to the server informing it that future messages from the client will 58 be encrypted with the session key It then sends a separate encrypted message indicating that the client portion of the handshake is finished 9 The server sends a message to the client informing it that future messages from the server will be encrypted with the session key It then sends a separate encrypted message indicating that the server portion of the handshake is finished 10 The SSL TLS handshake is now complete and the SSL TLS session has begun The client and the server use the session keys to encrypt and decrypt the data they send to each other and to validate its integrity Client Server Client Hello gt Server Hello Certificate ServerKeyExchange Plain CertificateRequest Text L ServerHelloDone Certificate ClientKeyExchange CertificateVerify gt ChangeCiperSpec ChangeCiperSpec Handshake manan Finished Cipher 1 icati Application Data Text Application Data PP Figure 4 10 Typical SSL TLS Handshake Process The Super Series can act as a SSL TLS server or as a SSL TLS client depending on status of TCP mode If TCP connection with SSL TLS is initiated from remote host first Super Series acts as a SSL TLS server during the SSL handshake process On the contrary if TCP connection with SSL TLS is initiated from serial port of Super Series fir
114. top bit and no parity In this case the total number of bits to send a character is 10 bits and the time required to transfer one character is 10 bits 1200 bits s 1000 ms s 8 3 ms Therefore you have to set inter character timeout to be larger than 8 3 ms The inter character timeout is specified in milliseconds If users want to send the series of characters into a packet serial device attached to the Super Series should send characters without time delay larger than inter character timeout between characters and the total length of data must be smaller than or equal to the Super Series internal buffer size The serial communication buffer size of Super Series is 256 bytes 4 2 10 Modem configuration The Super Series supports direct modem connection to the serial port of it When user wants to connect modem to a serial port he must configure Modem init string and DCD behavior on modem configuration page The Super Series supports modem connection only when host mode is set as TCP mode e Enable Disable modem By enabling this menu user can attach a modem directly to the serial port of Super Series If this parameter is enabled Super Series considers this port will be used for modem use exclusively e Modem init string User can specify modem initialization string for his modem in Modem init string parameter When a serial port is set as modem mode by setting Enable Disable modem parameter as Enabled Super Series sends mod
115. u screen the user may select the menu item for the configuration of the Super Series parameters by typing the menu number and pressing the ENTER key In the submenu screen users can configure the required parameters guided by online comments All the parameters are stored into the non volatile memory space of the Super Series and it will not be stored until users 22 select menu 5 Save changes All the configuration change will be effective after selecting the menu 7 Exit and apply changes or 8 Exit and reboot 2 2 6 Using Remote console The IP address of the Super Series must be known before users can access the Super Series using the Remote console see chapter 3 Network Configuration for details The default IP address of Super Series is 192 168 161 5 The Remote console access function can be disabled in the remote host access option 3 5 P Filtering for details The following instructions will assist in setting up the Remote Console functionality 1 Run either a Telnet program or a program that supports Telnet functions i e TeraTerm Pro or HyperTerminal The target IP address and the port number must match the Super Series If required specify the port number as 23 Type the following command in the command line interface of user s computer telnet 192 168 161 5 Or run a Telnet program with the following parameters Gi Tara Tomm Ddisconneehad MI Ain lec up T 10 iE F Tolna TC
116. uration will be set identically for all of the serial ports 75 5 PC Card Configuration The Super Series has one extra PC card slot for increased expandability It supports four types of PC cards Wireless LAN card Modem card ATASIDE fixed disk card But please note that SS100 does not have PC card configuration menu The user can allow access via another network connection with either a LAN or wireless LAN card The ATA IDE fixed disk card allows the user the ability to store and carry system and serial port log data Using the card slot for a modem card allows the user out of band access to the Super Series without a serial port to connect to an external modem PC card configuration Currently configured PC card Card type PC card Service Discover a new card Save to flash Save amp apply Cancel Figure 5 1 Initial PC card configuration menu screen To use the PC card slot the users must complete the following steps Step 1 Insert the PC card into the PC card slot Step 2 Select Dees S ney cen on the PC card configuration menu Step 3 The Super Series will use its plug and play functionality to discover the card type It will then display the configuration menu screens The user can now set card s operation parameters Step 4 Save the configuration settings by selecting ae Ba Step 5 Select Apply changes from the menu to apply the newly configured settings If Super Series fai
117. ut Incoming data via serial port Established lt gt Incoming data from remote host Accept Incoming TCP connection request Incoming data via serial port Figure 4 6 State Transition Diagram of TCP mode Inactivity Timeout When Inactivity Timeout function is enabled connection between remote host s and Super Series will be closed automatically if there is no data transmission during the value which is set in Inactivity Timeout configuration 4 2 4 2 UDP mode The UDP mode operation is similar to that of TCP mode except that it is based on UDP protocol and only one pre defined remote host is able to communicate with the Super Series Users do not have to 51 configure cyclic connection since UDP is a connectionless protocol 1 Operations If a remote host sends a UDP datagram to the one of UDP Local port of the Super Series Super Series first checks whether it is from one of the hosts configured on remote host configuration If the remote host is one of the hosts configured on remote host configuration then Super Series transfers the data through the serial port Otherwise the Super Series discards the incoming UDP datagram But user can force Super Series accept all incoming UDP datagram regardless remote host configuration by setting Accept UDP datagram from unlisted remote host parameter as Yes If there is any incoming data from the serial port the Super Series transfers the data to the remote host
118. ven or odd The factory default setting is none Stop bits Stop bits can be between 1 bit and 2 bits The factory default setting is 1 bit Flow control The factory default setting of the flow control is None Software Flow Control using XON XOFF and hardware flow control using RTS CTS are supported by the Super Series Software flow control method controls data communication flow by sending special characters XON XOFF 0x11 0x13 between two connected devices And hardware flow control method controls data communication flow by sending signals back and forth between two connected devices Note Flow control is supported only in RS232 mode RS422 and RS485 mode do not support any kind of flow control method in hardware or software DTR DSR behavior The purpose of the DTR DSR pin is to emulate modem signal control or to control TCP connection state by using serial port signal The DTR is a write only output signal whereas the DSR is a read only input signal in the Super Series side The DTR output behavior can be set to one of three types always high always low or high when open If the DTR behavior is set to high when open the state of the DTR pin will be maintained high if the TCP connection is established The DSR input behavior can be set to one of two types none or allow TCP connection only by high If user sets the DSR input behavior as Allow TCP connection only by HIGH TCP connection to remote host from Super Series is made only
119. w the date and time information to be kept maintained by the internal battery backup The users may also need to set the timezone and the time offset from UTC depending on the users location to set system date and time exactly If the user uses daylight saving time the user may need to set the daylight saving time properties such as the daylight saving timezone the time offset from UTC start data and time end date and time It allows the Super Series to calculate the exact system time Date and time Use NTF Disabled NTP server 0 0 0 0 for Auto 132 168 200 100 Date mmidd rror 01 09 2004 Te hh mm ss fi TEN Standard time Timezone UTC Time offset from UTC UTC x eJhours joo Daylight saving tine Ensble Disable daylight saving tinme Eisabied Dayleght saving timezone Te aset tram UTC TC a jhourg Start date mmydd Etat time hh mm ss End date rm od End bene Lh mrm ss Save a hash Save Kapp Cancel Figure 6 6 Date and time configuration 6 7 Configuration management The user may export the current configurations to a file at such locations as CF card NFS server user 86 space or local machine and import the exported configurations as current configurations from CF card NFS server user space or local machine The user may restore the factory default settings at any time by selecting Factory default at location property at the import part or
120. without user ID and password disable the customer page authentication feature For more information about customizing user web page please refer to 9 3 User defined web pages section 39 3 10 TCP service configuration If a TCP session is established between two hosts it should be closed normally or abnormally by either of the hosts to prevent the lock up of the corresponding TCP port To prevent this type of lock up situation the Super Series provides a TCP keep alive feature The Super Series will send packets back and forth through the network periodically to confirm that the network is still alive The corresponding TCP session is closed automatically if there s no response from the remote host To use the TCP keep alive feature with the Super Series the users should configure three parameters as follows e TCP keep alive time This represents the time interval between the last data transmission and keep alive packet submissions by the Super Series These keep alive messages are sent to the remote host to confirm that the session is still open The default time value is 15 sec e TCP keep alive probes This represents how many keep alive probes will be sent to the remote host until it decides that the connection is dead Multiplied with the TCP keep alive intervals this gives the time that a link is forced to close after a keep alive packet has been sent for the first time The de
121. x Blink whenever there is any incoming or outgoing data stream through the serial port of the Super Series 2 1 3 SS400 Panel Layout The SS400 has three groups of LED indicator lamps to display the status as shown in Figure 2 3 i e System Ethernet and Serial ports The first three lamps on the left side indicate Power Ready and PCMCIA interface The next three lamps are for Ethernet 100Mbps Link and Act Next lamps indicate InUse Receive and Transmit of the serial ports Table 2 2 describes the function of each LED indicator lamp The rear panel shows the serial ports with RJ45 connector Ethernet port the SS400 console port and the power socket KZ an em ET LZ T Figure 2 3 The panel layout of the SS400 2 1 4 SS800 Panel Layout The front panel of the SS800 is nearly identical to the SS400 The SS800 has 8 serial port indicators while the SS400 has 4 For further information refer to the chapter 2 1 3 SS400 Panel Layout 2 2 Connecting the Hardware 16 This section describes how to connect the Super Series to the equipment for initial testing Connect a power source to the Super Series Connect the Super Series to an Ethernet hub or switch Connect the device 2 2 1 Connecting the power Connect the power cable to the Super Series If the power is properly supplied the Power lamp will light up green SS 400 800 or red SS 100 110 Figure 2 5 Connecting the power to the SS400 800 2 2 2 Connec
122. ym Table 13 2 Getting Started This chapter describes how to set up and configure the Super Series 2 1 Panel Layout explains the layout of the panel and LED indicators 2 2 Connecting the Hardware describes how to connect the power the network and the equipment to the Super Series 2 3 Accessing the Web Browser Management Interface describes how to access the console port using a serial console or a Telnet or Web menu from remote location The following items are required to get started One power cable included in the package Console and Ethernet cables included in the package Cable kit included in the package One PC with Network Interface Card hereafter NIC and or one RS232 serial port 2 1 Panel Layout 2 1 1 SS100 Panel Layout The SS100 has six LED indicator lamps for status display Uppermost lamp indicates the system power on status Next lamp indicates the system running status Third lamp indicates status of receive and transmit of the serial port for data communication Next three lamps indicate 100 Base T Ethernet connection 10 100 Base Ethernet Link and Ethernet Activity respectively Table 2 1 LED indicator lamps of the SS 100 Lamps Function s O O Turned on to RED if power is supplied Ready Turned on to YELLOW if system is ready to run or running Blinking when an error is occurred Check the log to identify the source of error The log display is discussed on Section 6 2 Serial
Download Pdf Manuals
Related Search