AMX NI-3100
Contents
1. TQ 79 E TIRITETE 80 IGNOREEXTERNALCLOCKCOMMANDS eere eene eene eene eene nenne ss sss sa san nu nnn nnne 80 Master IP Local Port SEND COMMANDS sssccssccssccssccesceesccssccesseesseessescees 81 UDPSENDTO WEE 81 LED Disable Enable SEND_COMMANDG cscccsescsscccsccsescceccescecsccesccesceesseesees 82 zipper R R 82 LED EN e HSRQ 82 RS232 422 485 Ports e EE 82 RS 232 422 485 SEND COMMANDS REENEN EEN 82 BOMOEPF P POM 82 BOMON 9 M 83 CHARD e C X O9 A 83 CHARDM n 83 eiu TEE 83 CTSPSH Ro H O R 83 GET BAUD ET 83 aie e 84 lie eeE ET 84 DX UN quu 84 elle TATUM TIER 84 RXON WE 84 SET BAUD TRE 84 E E e EE 85 pe2. M 117 Security Options Menu sesssesseeeeeeeeeee nenne eene eene nne nates sess EEES Eees EEN Te s enin 118 Edit User Men EES 119 nacenume 119 Access Huc 120 Adding a Group mr M M 120 Edit Group Menu Add Directory Association cccccccsssssssssssssssseccecesessssssesensneeeees 120 Default Security Configuration eeeeeeeeeeee eee serenan nene nnn ioko ennt nnne 121 Telnet Diagnostics Commands iieri ce tane orte born ta na cha pene nena uev nM EE Cp uer Ee aun 122 REBOOT HEAP WATCH Ip Ee 122 SPY GE 122 SPY STOP c M 122 PHYSICAL STATUS coe cetero arn tedsascaiacescdestuausessebeseavaueasdgsesdnsccsderstcessesasadtecdseceses 122 Eng NEE 122 Logging Out of a Terminal Session sc ciccsesscsncsscccieessnscsssercssncacdetensssdesseacososontossewess 122 Notes on Specific Telnet Terminal Clients ssssscsssssscecsessssssssssssceeeeeeseseess 122 Windows Client Programs e eeeee ete iron eere neuen eio oe soot itn sienten ae ea sone esee ed 122 Linux Telnet Client e K SE 123 Appendix A IPSec Configuration File 1 1 taret hatten aan nob a rane 125 IPSec Config Tile Mem
3. 68 Viewing Physical Device Properties eene eene 69 Manage Devices Manage Polled Ports eene 70 Editing Polled Port Settings eiie rere tee ne v epe Pre te enn re se vrbe Ue UE eee 70 Manage Devices Network SettingS ccccsscssssssssssssssssecessssssssssssssseeceeeeessessees 71 ZeroConfig Networking 2 1 dece erit eei euis t aenea sr eye neta nk en oet o La eai nira 72 NDP Beacon nere tete ria tonis ENNER ENER KENE AERE ERR ERR Ra ERE SE NRN TERN ERAS NEA 72 IP PI3u NPIEs dee 72 UR Manage Devices URL List ceni poteet eegen EN a eeP oup pU x EH x FEE Urn CR URN REP e RR Eege 72 Adding a URL To The Master s List Of Devices ENEE 72 Manage Devices Device Number eese eene nnne nnne 73 Manage Devices Control Emulate erect enne ne inet nne eh ana n aen nose In ae hse 74 Manage Devices MT 75 Manage Devices Diagnostics eese eene eene enne nnne nennen nenne 76 NetLinx Prog amming 41 arte rk ae orn pERS ER ERE REPRE pago eR EE LE vanae o Eso ERa ERE HERE EMEN PR AR eEde 79 ecl Fe 79 Port Assigniments By NI Model 1 rebate et oth reiten to EFE UE PER RE EEN ects 79 Master SEND COMMANDS ccccscscoscsccsccsceccsceccsceccscesceccsceccsceccscestecescescscesesces 79 sKes du
4. System Device Port to Control Emulate Channel Code System Number fi O bel Input Channel Status Device Number P of Output Channel Status Port Number Push Feedback Channel Status T Push button only displayed if Emulate is selected Command Level Code Level gt Send Sena Current Value Desired Value GE String Send j Eccc C FIG 36 Manage System Control Emulate The System Number Device Number and Port Number fields are read only Instead of specifying these values for a System Device select a device via the Device Tree to populate these fields with that device s information Controlling or Emulating a System Device 1 Select the device that you want to Control or Emulate via the Device Tree 8 Click the Show Device Tree option to show the Device Tree window if it is not already enabled b In the Device Tree click on the Information i icon for the device that you want to control or emulate This opens a Network Settings page showing network configuration details for the selected device See the Device Network Settings Pages section on page 23 for details C Click on the Control Emulate link This opens a Control Emulate Options page for the selected device FIG 37 Dat System Number 1 z a Welcome quest LE OO000 NI Master v REFRESH A uz P a Master Configuration Manager WebControl Security ystem Click on Control Emulate from within the device s Netwo
5. eese eene nnne nnn nnn nnn nnn 146 CLKMGR SET START DAYLIGHTSAVINGS RULE CONSTANT CHAR RECORDJ 147 CLKMGR GET END DAYLIGHTSAVINGS RULEY sssssssscssesscesseeceeseseeeeeeeeeeseeeeeeenes 147 CLKMGR SET END DAYLIGHTSAVINGS RULE CONSTANT CHAR RECORDII 148 Overview NetLinx Integrated Controllers NetLinx Integrated Controllers Masters can be programmed to control RS 232 422 485 Relay IR Serial and Input Output devices using the NetLinx Studio application version 2 4 or higher NetLinx Integrated Controllers Name Description FG A NXC ME260 64 NetLinx Master Ethernet Card FG2010 64 NI 700 NetLinx Integrated Controller FG2105 03 NI 900 NetLinx Integrated Controller FG2105 09 NI 2100 NetLinx Integrated Controller FG2105 04 NI 2100 ICS NI 2100 Controller with ICSNet FG2105 14 NI 3100 NetLinx Integrated Controller 64MB FG2105 05 NI 3100 256 NetLinx Integrated Controller 256MB FG2105 25 NI 3100 ICS NI 3100 Controller with ICSNet 64MB FG2105 15 NI 3100 256 ICS NI 3100 256 Controller with ICSNet 256MB FG2105 35 NI 3101 SIG Signature Series NetLinx Integrated Controller FG2105 08 NI 4100 NetLinx Integrated Controller 64MB FG2105 06 NI 4100 256 NetLinx Integrated Controller 256MB FG2105 26 These NI Controllers feature an on board Web Console which allows you to connect to the NI Controller via a web browser and make v
6. 108 cia ize dp 108 SET THRESHOLD we 108 izle E 109 SET TIMELINE LOOPONT csssssssesssssccsessssseessssseceeeeesecesscsceeessnsceeeeseesessssseseseesseesaeesens 109 SET UDP BC eR 109 TU i E db gt E E E 109 SHOW AUDIT e CT 110 SHOW BUFFERS ccccccccscsesssssssssssseseccsssssceseeessesceeeesessesessseceeesseseeesesesseseeseeseeaseseesesseees 110 SHOW COMBINE ccccccscccsssssssssssseseccesssseecesesssseeeeesessssessesesnsseeeeeesesseseeseeseenseesoeseseeens 111 SHOW DEVICE E KN 111 SHOW LOG WEE 112 SHOW MAX BUFFERS ccccccsssssceesecssecsesesessssssceeeessscssesseseensseeeeeeesesseseeseeeesnsseoeseseeens 113 SHOW OTTEN 113 SHOW NOTIFY dE 113 pM Eve 0le LL 113 SHOW a etc P 114 SHOW START LOG START ccccccsssssccecccccccceeeeeceeecesssssssssssscscsseesscececseseeseeeeeeecsssssees 114 SHOW SYSTEM lt S gt e 114 AP iAEecr eeljp e 114 pre LC RE 114 ESC Pass E 115 SE EE ege EE 115 EEESC E 115 EES D EE 115 E ESC IFT WEE 115 HR 115 SAM KE pH EE 115 ZEROCONF ENABLEIDISABLEISTATUS eeeeeeeeeeeeeee nennen nennen eene nnne n nnne NEEN 115 Accessing the Security Configuration Options eese 116 Setup Sec rity upper
7. Controller RS 232 422 485 IR Serial IR RX Relays 1 0 NI 700 Ports 1 2 Port 3 Port 5 Port 4 NI 900 Port 1 Ports 2 4 Port 6 Port 5 NI 2000 Ports 1 3 Ports 5 8 Port 4 Port 9 NI 3000 Ports 1 7 Ports 9 16 Port 8 Port 17 NI 4000 Ports 1 7 Ports 9 16 Port 8 Port 17 NI 2100 Ports 1 3 Ports 5 8 Port 4 Port 9 NI 3100 Ports 1 7 Ports 9 16 Port 8 Port 17 NI 4100 Ports 1 7 Ports 9 16 Port 8 Port 17 NI 3101 SIG Ports 1 6 Ports 9 16 Port 8 Port 17 DVX 2100HD Ports 1 3 Ports 5 8 Port 4 Port 9 Master SEND COMMANDs These commands are specific to the Master and not the Controller These commands are sent to the DPS 0 1 0 the Master you are connected to A device lt DEV gt must first be defined in the NetLinx programming language with values for the Device Port System D P S Master SEND COMMANDs Command Description CLOCK The date and time settings are propagated over the local bus Set the date and time on the Syntax Master SEND COMMAND lt DEV gt CLOCK mm dd yyyy hh mm ss Variables mm dd yyyy Month day and year Month and day have 2 significant digits Year has 4 significant digits hh mm ss Hour minute and seconds Each using only 2 significant digits Example SEND COMMAND 0 CLOCK 04 12 2005 09 45 31 Sets the Master s date to April 12 2005 with a time of 9 45 am Master SEND_COMMANDs Cont Command Description G4WC Add G4
8. CLKMGR_GET_DAYLIGHTSAVINGS_OFFSET CLKMGR_TIMEOFFSET_STRUCT T Populates the TIMEOFFSET structure with the current Daylight Savings Offset configured The function returns a negative SLONG value if it encounters an error NetLinx axi Library Calls Cont CLKMGR_SET_DAYLIGHTSAVINGS_OFFSET CONSTANT CLKMGR_TIMEOFFSET_STRUCT T Sets the Daylight Savings Offset to the specified value CLKMGR_GET_ACTIVE_TIMESERVER CLKMGR_TIMESERVER_STRUCT T Populates the TIMESERVER structure with the cur rently active time server s data The function returns a negative SLONG value if it encounters an error CLKMGR_SET_ACTIVE_TIMESERVER CONSTANT CHAR IP Sets the time server entry that has the matching IP ADDRESS to the IP parameter as the active time server entry CLKMGR GET TIMESERVERS CLKMGR TIMESERVER STRUCT T Populates the currently configured time server entries from the Clock Manager into the specified TIMESERVER array The function returns a negative SLONG value if it encounters an error otherwise the return value is set to the number of records populated into the CLKMGR TIMESERVER STRUCT array CLKMGR ADD USERDEFINED TIMESERVER CONSTANT CHAR IP CONSTANT CHAR URLI CONSTANT CHAR LOCATION Adds a user defined time server entry CLKMGR DELETE USERDEFINED TIMESERVER CONSTANT CHAR IP Deletes the user defined entry that has its IP ADDRESS matching the parameter
9. Target Progress ZO T Dee ete Pott a Gus xm id file 2105 03 works v3 01 320 tsk Firmware download status Comm SE File 2 of 3 Please Wait Device and System Number must match the Device and System values listed in the Workspace window FIG 14 Send to NetLinx Device dialog showing on board NI Master firmware update via IP C The Kit file for the NI 2100 3100 4100 Masters begins with 2105 04 NI X100 Master LI The Kit file for the NI 700 900 Masters begins with 2105 03 NI X000 Master NOTE Do not use the 2105 03 NI Master Kit file on anything other than an NI 700 900 since each Master Kit file is specifically configured to function on a specific NI unit 9 Enter the System number associated with the target Master listed in the OnLine Tree tab of the Workspace window and verify the Device number value The Port field is disabled 10 Click the Reboot Device checkbox to reboot the NI unit after the firmware update process is complete 11 Click Send to begin the transfer The file transfer progress is indicated on the bottom right of the dialog FIG 14 Only upon the initial installation of a new Kit file to an on board Master will there C be a error message displayed indicating a failure of the last component to successfully download NOTE This is part of the NI Master update procedure and requires that the firmware be reloaded after a reboot of the unit This consecutive proces
10. ICSP Connectivity If selected a valid username and password is required to communicate with the NetLinx Master via an ICSP connection TCP IP UDP IP and RS 232 This feature allows communication amongst various AMX hardware and software components This feature works in tandem with the Require Encryption option see below to require that any application or hardware communicating with the Master must provide a valid username and password In a Master to Master system the Master which accepts the IP connection initiates the authentication process This configuration provides compatibility with existing implementations and provides more flexibility for the implementation of other devices Note The ICSP Connectivity option is required to allow authenticated and or secure communication between the Master and other AMX hardware software To establish an authenticated ICSP connection where the external AMX hardware software has to provide a valid username and password this option must be enabled Encrypt ICSP If selected this option requires that any data being transmitted or received via an ICSP Connection connection among the various AMX products be encrypted and that any application or hardware communicating with the Master over ICSP must provide a valid username and password Note When enabled this option requires more processor cycles to maintain Viewing Group Security Settings Details Click on any G
11. System Number 2 v PST Master Configuration Manager WebControl Security Manage Device Bindings View Modify the bindings for attached devices Gavio Optons ee User Demed Devices Select the binding you wish to modify delete 41001 1 0 Copyright 2006 AMX C Show Device Tree FIG 55 Manage Device Bindings page showing the NetLinx code relation This code gives the Master a heads up notification to look for those devices meeting the criteria outlined within the code lebConsole amp Programming Guide FMv ed Controll 64 NetLinx Integ NOTE NOTE Application Devices and Association Status There are two types of application devices Static Bound application devices and Dynamic application devices Static Bound application devices specify both a Duet virtual device and its associated Device SDK class type as well as a NetLinx physical device port to which the application device is always associated i e statically bound Dynamic application devices specify both the Duet virtual device and its associated Device SDK with no association to a physical port Binding of an application device to a physical device port occurs at run time either via auto binding or manual binding Application devices that have a bound physical device display their physical device ID within the Physical Device column If an associated Duet module has been started to communicate with the de
12. cese eae dese Ee d e dd Yeh a oe e dre eee dates dech era eese dea rosas otov ba Evae Ue 98 GET ETHERNET MODE o veoeee e eeu eene EENEG Edge 98 GET IP AD YO ONERE 98 HELP SECURITY sss ccsscctsccecscsvsasevessncossssssceecevasvaccssasdecsacnedssaassecuabesctsadedessasessocabacesasaacerdedsaseasman 98 ICSPMON ENABLEDIDISABLED PORT eese nennen nnne nennen nnne tenta aser 98 IP STATS seess creed steaeseuscaatsseessaecsccaasenstenasevastevesvenasucetavesessstevedesnsascossbascetacevassdasusesnene 99 IPSEC ONIOFFISTATUS e 99 MEM cie ees end 99 MSG ONIOEF e M 99 MSG EH EE 99 OFF D P S or NAME CHAN ccccsccssssssssessessssssessccseeesscsseescessscseessssessessessssessesseeseeeenseees 99 ON D P S or NAME CHAN eene eene nnne nennt nnn ennnnn nasse n nnns iss se tenis asse neni nissan 99 PASS D P S or NAME E 100 PHYSICAL STATUS E 100 PING ADDRESS EE 100 PROGRAM INFO EE 100 PULSE D P S or NAME CHAN c scccsssccsscssssscssssssssessscsseeeessseseesessecseseesssesesseseseseaaeanes 100 PWD zcuisotidiemtei opa Oi eh tess ex REO E A E E T ua DINE NE ERE TE CER TRAE 100 REBOOT lt DiPiS 101 RENEW DHCP sesccccssacscscccsastecssssoseasacecesiseassvesaseentiases coanaddeassasecanandaac s sscnessvessveonsiiesecssiseosbees 101
13. Amplifier x Name Value GUID Make Model Revision 1 0 0 FIG 58 User Defined Devices Add User Defined Device 2 Fill in the device information fields as described in the following table User Defined Device Information Fields Address Enter the address of the physical device in the Address field This information can be either the NetLinx Master port value D P S or an IP Address Category Use the drop down list to select the control method associated with the physical target device IR IP Serial Relay Other SDK Class Use the drop down list to select the closest Device SDK class type match for the physical target device The SDK Class Types table below provides a listing of the available choices GUID Enter the manufacturer specified device s GUID Global Unique Identification information Either the GUID or Make Model must be specified in this field Make Enter the name of the manufacturer for the device being used ex Sony ONKYO etc Up to 55 alpha numeric characters Either the GUID or Make Model must be specified within this field Spaces in the name will be converted to underscores Model Enter the model number of the device being used ex Mega Tuner 1000 Up to 255 alpha numeric characters Either the GUID or Make Model must be specified within this field Revision Enter the firmware version used by the target device T
14. CLKMGR GET START DAYLIGHTSAVINGS RULE Gets a string representation of when Daylight Savings is supposed to START The Fixed Date rules have the form fixed DAY MONTH HH MM SS with all fields as numeric except for the word fixed The Occurrence Of Day rules have the form occurence OCCURENCE DAY OF WEEK MONTH HH MM SS with all fields as numeric except for the word occurence OCCURANCE range 1 5 5 indicates the LAST occurrence of a particular day of the month DAY OF WEEK translates as 1 Sunday 2 Monday 3 Tuesday 4 Wednsday 5 Thursday 6 Friday 7 Saturday Examples fixed 5 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM NetLinx axi Library Calls Cont CLKMGR_SET_START_DAYLIGHTSAVINGS_RULE CONSTANT CHAR RECORD Sets the START Daylight Savings rule to the specified string which must be in either the Fixed Date format or the Occurence Of Day format The function returns a negative SLONG value if it encounters an error The Fixed Date rules have the form fixed DAY MONTH HH MM SS with all fields as numeric except for the word fixed The Occurrence Of Day rules have the form occurence OCCURENCE DAY OF WEEK MONTH HH MM SS with all fields as numeric except for the word occurence OCCURANCE range 1 5 5 indicates the LAST occurrence of a particular day of the month DAY OF WEEK translates as 1 Sunday 2
15. Manage License The Manage License tab displays current as well as pending license keys FIG 50 System Number 2 Tea i DOOD eZ Weicome guest Sie System Number 2 Bd ee ap BR Master Configuration Manager WebControf Security System Manage System Manage NetLinx Manage Devices License Details Modify Add License s for the Master t Add New License ProductName Max Count Use Count Key Product ID 1234567890 123 0 SEN 12345678 123 12 123456 123 cece cccc dddd dddd FIG 50 System Manage License tab with one example entry The Add New License button allows for the addition of new license keys associated with currently used modules products Adding new License Keys requires the entry of both a Product ID and a Serial Key example i Voting The Master confirms this registration information before running the module or product Adding A New License 1 Click the Add New License button to access the Add a License page FIG 51 System Number 2 a AA baag WESGIN welcome guest wis System Number 2 v EET us ANM k EBC C fra ITE f ste Master Configuration Manager W WebControf Security System Manage NetLinx Manage Devices Adda License Enter a Product ID and License Key for the Master Product ID FIG 51 Manage License Add a License page 2 Enter the Product ID certificate number provided with the product
16. Master Communication Settings from the menu bar to open the Master Communication Settings dialog box 3 Click the Communications Settings button to open the Communications Settings dialog 4 Click the NetLinx Master radio button from the Platform Selection section to indicate you are working with a NetLinx Master 5 Click the Serial radio button from the Transport Connection Option section to indicate you are connecting to the Master via a COM port 6 Click the Edit Settings button on the Communications Settings dialog to open the Serial Settings dialog and set the COM port parameters used to communicate to the NetLinx Master 7T Click OK to close all dialogs and return to the main application 8 Right click the Online Tree tab entry and select Refresh System the Controller should appear in the Device Tree If not verify that the Serial cable is connected properly and that the Baud Rate settings on the Controller set via the Program Port DIP Switch match the settings in NetLinx Studio Once Serial communication has been established use NetLinx Studio to configure the Controller for LAN Communication as described below NOTE Configuring the NI Controller for LAN Communication Before continuing complete the COM port steps above 1 Use an LAN cable to connect the Controller to the LAN to which the PC running NetLinx Studio is connected The NI x100 Controllers feature an Auto MDI MDI X LAN port This provides
17. The following table describes the SSL Certificate entries presented in the Create SSL Certificate window FIG 44 SSL Certificate Entries Entry Description Bit Length Provides a drop down selection with three public key lengths 512 1024 2048 A longer key length results in more secure certificates Longer key lengths result in increased certificate processing times Common Name The Common Name of the certificate must match the URL Domain Name used for the Master Example If the address used is www amxuser com that must be the Common name and format used The Common Name can not be an IP Address If the server is internal the Common Name must be Netbios For every website using SSL that has a distinct DNS name there must be a certificate installed Each website for SSL must also have a distinct IP Address This domain name must be associated to a resolvable URL Address when creating a request for a purchased certificate The address does not need to be resolvable when obtaining a free certificate Action Provides a drop down selection with a listing of certificate actions Display Certificate Populates the Server Certificate fields with the information from the certificate currently installed on the Master This action is used only to display the information contained in the certificate on the target Master Create Request Takes the information entered into these fields and formats the ce
18. ah gl transport ah sha ah md5 Attributes DHGROUP G1 ENCAP TRANSPORT HARDLIFETIME 1800 SOFTLIFETIME 1500 ah g2 transport ah sha ah md5 Attributes DHGROUP G2 ENCAP TRANSPORT HARDLIFETIME 1800 SOFTLIFETIME 1500 ah gl tunnel ah sha ah md5 Attributes DHGROUP G1 ENCAP TUNNEL HARDLIFETIME 1800 SOFTLIFETIME 1500 ah_g2_tunnel ah_sha ah_md5 Attributes DHGROUP G2 ENCAP TUNNEL HARDLIFETIME 1800 SOFTLIFETIME 1500 esp gl transport esp 3des sha esp 3des md5 esp 3des esp des sha esp des md5 esp des esp null sha esp null md5 Attributes DHGROUP G1 ENCAP TRANSPORT HARDLIFETIME 1800 SOFTLIFETIME 1500 SpdSetProp Cont Pre defined esp g2 transport esp 3des sha esp 3des md5 esp 3des esp des sha esp des md5 proposal esp des esp null sha esp null md5 Attributes names Cont bicioup co ENCAP TRANSPORT HARDLIFETIME 1800 SOFTLIFETIME 1500 esp gl tunnel esp 3des sha esp 3des md5 esp 3des esp des sha esp des md5 esp des esp null sha esp null md5 Attributes DHGROUP G1 ENCAP TUNNEL HARDLIFETIME 1800 SOFTLIFETIME 1500 esp g2 tunnel esp 3des sha esp 3des md5 esp 3des esp des sha esp des md5 esp des esp null sha esp null md5 Attributes DHGROUP G2 ENCAP TUNNEL HARDLIFETIME 1800 OFTLIFETIME 1500 Pre defined H Transforms Phase II h_sha AH_SHA transform h_sha2_384 AH_SHA2 384 names h_sha2_512 AH_SHA2 512 h_md5 AH_MD5 h_ripemd AH_RIPEMD ah aes xcbc mac AH AES
19. al BR WebConsole amp Programming Guide NetLinx Integrated Controllers Firmware version 3 0 or higher NXC ME260 64 NI 700 900 NI 2000 3000 4000 NI 2100 3100 4100 NI 3101 SIG DVX 2100HD System m Number 2 i system Number2 v ELLE Server Options Port Settings Enabled PortNumber Default Port Telnet e 23 ICSP vj 1319 HTTP C2 80 HTTPS SSL a 443 SSH Ei 22 FTP Ei SSL Certificate Options Create SSL Certificate NetLinx Integrated Controllers Last Revised 5 25 2012 AMX Limited Warranty and Disclaimer This Limited Warranty and Disclaimer extends only to products purchased directly from AMX or an AMX Authorized Partner which include AMX Dealers Distributors VIP s or other AMX authorized entity AMX warrants its products to be free of defects in material and workmanship under normal use for three 3 years from the date of purchase with the following exceptions Electroluminescent and LCD Control Panels are warranted for three 3 years except for the display and touch overlay compo nents are warranted for a period of one 1 year Disk drive mechanisms pan tilt heads power supplies and MX Series products are warranted for a period of one 1 year AMX lighting products are guaranteed to switch on and off any load that is properly connected to our lighting products as long as the AMX lighting products are under warranty AMX also guarantees the control of dimmable loads that are properly
20. set the transform ID and key for an outbound AH SA SYNOPSIS mkmSetOutboundAH cptr value string DESCRIPTION This rule sets the transform ID and key for an outbound AH SA Rule Value Rule Value cptr value string A string formatted as follows saNumber spi ahTransformID key where saNumber is a unique unsigned integer specified by the user spi is the decValue for the security parameter index an unsigned long SPI gt 255 and SPI SPI BOUNDARY which is defined as 2048 ahTransformID is MD5 SHA HMAC MD5 HMAC SHA HMAC SHA2 256 HMAC SHA2 384 HMAC SHA2 512 HMAC RIPEMD AES XCBC MAC Note that MD5 deprecated is equivalent to HMAC MD5 SHA deprecated is equivalent to HMAC SHA key is the authentication algorithm key in hexadecimal It must be 32 characters for MD5 40 characters for SHA 64 characters for SHA2 256 96 characters for SHA2 384 128 charac ters for SHA2 512 and 40 characters for RIPEMD The traffic selectors for the transport or tunnel SA should be added before attempting to set the transform and keys for the same Security Association identified by SA Number EXAMPLES mkmSet OutboundAH 0 258 HMAC MD5 12345678 9ABCDEF OFEDCBA987654321 Contig String saNumber spi ahTransformID ke Format RE I mkmSetOutboundESP mkmSetOutboundESP NAME mkmSetOutboundESP set the transform ID and key for an outbound ESP SA SYNOPSIS mkmSetOutboundESP configuration string DESCRIPTION This
21. If OUT it applies to traffic going out of the current host A mirrored policy will automatically be created for the opposite traffic flow tunnelEndpointlPAddress is the identity of the remote gateway for example 10 9 9 180 for the IPv4 address networkInterfaceAddress is the IP address of the network interface to which the inbound SA is bound EXAMPLES IPv4 mkmAddTunnel 6 17 ANY ANY 100 100 100 0 24 100 100 200 4 0UT 100 100 100 4 100 100 99 1 mkmAddTunnel 7 ANY 10 8 30 30 0 0 0 0 0 IN 100 100 100 4 100 100 99 1 IPv6 mkmAddTunnel 6 17 ANY ANY 3ffe 2 64 3ffe 3 1 OUT 3ffe 2 2 3ffe 1 2 mkmAddTunnel 7 ANY 3ffe 3 1 0 IN 3ffe 2 2 3ffe 1 2 Config String saNumber protocolSelector destinationPort sourcePort Format destinationAddressSelector sourceAddressSelector directionality tunnelEndpointIPAddress networkInterfaceAddress mkmSetlnboundAH mkmSetinboundAH NAME mkmSetInboundAH set the transform ID and key for an inbound AH SA SYNOPSIS mkmSetInboundAH cptr value string DESCRIPTION This rule sets the transform ID and key for an inbound AH SA Rule Value Rule Value cptr value string A string formatted as follows saNumber spi ahTransformID key where saNumber is a unique unsigned integer specified by the user spi is the decValue for the security parameter index an unsigned long SPI gt 255 and SPI SPI BOUNDARY which is defined as 2048 ahTransformID is MD5 S
22. If the IR port fails to turn the device OFF a PUSH and RELEASE is made on channel 254 to indicate a power failure error You can only use the PON and POF commands when an IR device has a linked I O channel Channel 255 changes are disabled after receipt of this command You can only use the PON and POF commands when an IR device has a linked I O channel Syntax SEND COMMAND DEV POF Example SEND COMMAND IR 1 POF Sends power down IR commands 28 if present or 9 to the IR 1 device IR Serial SEND_COMMANDs Cont Command Description PON If at any time the IR sensor input reads that the device is OFF such as if one Turn On a device connected turned it off manually at the front panel IR function 27 if available or IR to an IR port based on the function 9 is automatically generated in an attempt to turn the device back ON status of the corresponding _ f three attempts fail the IR port will continue executing commands in the buffer UO Link input and trying to turn the device On If there are no commands in the buffer the IR port will continue trying to turn the device ON until a POF or POD command is received If the IR port fails to turn the device ON a PUSH and RELEASE is made on channel 254 to indicate a power failure error You can only use the PON and POF commands when an IR device has a linked I O channel Channel 255 changes are disabled after receipt of this command Syntax SEND
23. Normal Set SEND_COMMAND D P S or Sends a specified command to a device The device can be on any sys NAME COMMAND tem that the Master you are connected to can reach You can specify the device number port and system or the name of the device that is defined in the DEFINE_DEVICE section of the Program The data of the string is entered with the following NetLinx string syntax SEND_COMMAND 1 1 1 This is a test 13 10 SEND_COMMAND RS232_1 This is a test 13 10 SEND LEVEL lt D P S gt Allows the user to set a level on a device via the Master s Telnet LEVEL ID2 LEVEL VALUE gt program port interface SEND STRING D P S or Sends a string to a specified device The device can be on any system NAME STRING that the Master you are connected to can reach You can specify the device number port and system or the name of the device defined in the DEFINE DEVICE section of the Program The data of the string is entered with NetLinx string syntax Terminal Commands Cont Command Description SET DATE Prompts you to enter the new date for the Master When the date is set on the Master the new date will be reflected on all devices in the system that have clocks i e touch panels By the same token if you set the date on any system device the new date will be reflected on the system s Master and on all connected devices Note This command will not update clocks on devices connected to anothe
24. The following commands enable or disable the LEDs on the Integrated Controller In the examples lt DEV gt Port 1 of the device Sending to port 1 of the NI 700 affects all ports LED SEND_COMMANDs Command Description LED DIS Disable all LEDs on 32 LED hardware for a port Regardless of whether or not the port is active the LED will not be lit Issue this command to port 1 to disable all the LEDs on the Controller When activity occurs on a port s or Controller the LEDs will not illuminate Syntax SEND_COMMAND lt DEV gt LED DIS Example SEND COMMAND Port 1 LED DIS Disables all the LEDs on Port 1 of the Controller LED EN Enable the LED on 32 LED hardware for a port When the port is active the LED is lit When the port is not active the LED is not lit Issue the command to port 1 to enable the LEDs on the Controller default setting When activity occurs on a port s or Controller the LEDs illuminate Syntax SEND COMMAND DEV LED EN Example SEND COMMAND System 1 LED EN Enables the System 1 Controller s LEDs RS232 422 485 Ports Channels RS232 422 485 ports are Ports 1 2 NI 700 and Port 1 NI 900 RS232 422 485 Ports Channels 255 CTS push channel Reflects the state of the CTS input if a CTSPSH command was sent to the port RS 232 422 485 SEND COMMANDs RS 232 422 485 SEND COMMANDs Command Description B9MOFF Set the p
25. baud N 9 1 Example SEND_COMMAND RS232_1 TSET BAUD 115200 N 8 1 485 ENABLE Sets the RS232_1 port s communication parameters to 115 200 baud no parity 8 data bits 1 stop bit and enables RS 485 mode TXCLR Stop and clear all characters waiting in the transmit out buffer and stops transmis sion Syntax SEND COMMAND DEV TXCLR Example SEND COMMAND RS232 1 TXCLR Clears and stops all characters waiting in the RS232 1 device s transmit buffer XOFF Disable software handshaking default Syntax SEND COMMAND DEV XOFF Example SEND COMMAND RS232 1 XOFF Disables software handshaking on the RS232 1 device XON Enable software handshaking Syntax SEND COMMAND DEV XON Example SEND COMMAND RS232 1 XON Enables software handshaking on the RS232 1 device RS 232 422 485 SEND_STRING Escape Sequences This device also has some special SEND_STRING escape sequences If any of the 3 character combinations below are found anywhere within a SEND_STRING program instruction they will be treated as a command and not the literal characters In these examples lt DEV gt device RS 232 422 485 SEND_STRING Escape Sequences Command Description 27 17 lt time gt Syntax Send a break character for a SEND_STRING lt DEV gt 27 17 lt time gt specified duration to a Variable specific device time 1 255 Measured in 100 microsecond in
26. modifying or deleting a group s rights and also allows for the definition of the files directories accessible by a particular group Adding a New Group 1 Select the Group Level tab in the Security section to open the Group Security Details page 2 Click the Add New Group button see FIG 27 to access the Add a group and modify settings page FIG 28 MEM CU Security aac Group Security Details Add a group and modify settings Configuration Group Name Access L Admin Change Password Access CT Terminal RS232 Access L FTP Access CL HTTP Access L TelnevSSHISFTP Access Li LI ICSP Connectivity Encrypt ICSP Connection FIG 28 Group Level Security Settings Page Add a group and modify settings page 3 Inthe Group Name field enter a unique name for the new group The name must be a valid character string consisting of 4 20 alpha numeric characters The string is case sensitive and must be unique The word administrator cannot be used for a new group name since it already exists by default 4 Enable the security access rights you want to provide to the group By default all of these options are disabled See the Group and User Security Access Options on page 31 for details 5 Click the Accept button to save your changes to the target Master If there are no errors within any of the page parameters a Group added successfully is displayed at the top of the page WW Security chang
27. read only and allow you to change the system number see FIG 35 Changing the System Number On the Master 1 Enter the new numeric value into the New System Number field 2 Click the Accept button to save this new value to the system on the target Master The message System number changed to X Master must be rebooted for the change to take effect reminds you that the Master must be rebooted before the new settings take effect 3 Click Reboot to reboot the target Master The Device Tree then reads Rebooting After a few seconds the Device Tree refreshes with the current system information including the updated system number assignment Ifthe Device Tree does not refresh within a few minutes press the Refresh button and reconnect to the Master I ee NOTE Using Multiple NetLinx Masters When using more than one Master each unit must be assigned to a separate System value A Master s System value can be changed but it s device Address must always be set to zero 00000 The Device Addressing dialog will not allow you to alter the NetLinx Master address value Example Using an NI 2000 and NI 4100 The NI 2000 could be assigned to System 1 with an Address of 00000 The NI 4100 could be assigned to System 2 with an Address of 00000 Resetting the Master Controller to the Factory Defaults Configuration Click the Reset To Factory Defaults button This resets the Master to its factory default s
28. reboot and retain the newly obtained DHCP Address The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation Wait until the STATUS LED is the only LED to blink 11 Press Done once until the Master Reboot Status field reads Reboot of System Complete Verify that these IP values are also entered into the related fields within either the IP Settings section of the System Connection page on the touch panel or within the Adaress field on the web browser 12 Complete the communication process by continuing on to the Communicating Via an IP Address section on page 10 Communicating Via an IP Address Whether the on board Master s IP Address was Static Set via the Set IP Info command or Dynamically obtained via the Get IP Info command use the IP Address information from the Network Addresses dialog to establish communication via the LAN connected Master 1 Use NetLinx Studio to obtain the IP Address of the NI Controller from your System Administrator If you do not have an IP Address Follow the steps outlined in either the Obtaining the NI Controller s IP Address using DHCP section on page 8 orthe Assigning a Static IP to the NI Controller section on page 9 2 Select Settings gt Master Communication Settings from the Main menu to open the Master Communication Settings dialog FIG 9 Fr moomo 00 S Available System s Configuration Settings lt No Active System
29. settings SNMP Enabled Y or N N y Enter System Description NetLinx VxWorks SNMPv1 v2c Agent Enter System Contact AMX LLC Enter System Location Richardson TX USA Enter Read community string public Enter Write community string private You have entered Description NetLinx VxWorks SNMPv1 v2c Agent Contact AMX LLC Location Richardson TX USA Read Community public Write Community private Is this correct Type Y or N and Enter gt Note The System Description System Contact and System Location are the values that will be published for the Master via SNMP The system must be rebooted once the new values are entered Terminal Commands Cont Command Description SET SSH PORT Sets the Master s IP port listened to for SSH connections Note The Master must be rebooted to enable new settings Example gt SET SSH PORT Current SSH port number 22 Enter new SSH port number Usually 22 0 disable SSH Once you enter a value and press the ENTER key you get the following message Setting SSH port number to 22 New SSH port number set reboot the Master for the change to take affect SET TELNET PORT Sets the Master s IP port listened to for Telnet connections Note The Master must be rebooted to enable new settings Example gt SET TELNET PORT Current telnet port number 23 Enter new telnet port number Usually 23 0 disable Telnet Once you enter a value and press the ENTER key
30. sis 125 Internet Key Exchange IKE 2 besetue e csisesscdesstencasdepacsetecedcinsdtessscesedssneetsacoeedeasbceere 125 Cr Oh Ig ig 125 IKES OEP FOP me 126 ikeSetPropAEtrib EE 127 Security Policy Database SPD i eeee reor ep t tarte senten er een EE S ub h eua san Ebbe 127 spdAddTransport EE 127 Kisses ggpnrlge RE 128 SpdAddBypas5s sei M 129 SpdAddDiscard E 129 Walid ee a a ele EE EE 130 SpdSetPropAttrb m M 133 spdSetSA 134 Manual Key Manager MKM eese eene eene enn nennen enne nennen nnne 135 MKMACABy Pass ae L 135 lt Te WEE 136 MKMAACTANS En E 137 mkmaAddTunnel EE 138 mkmSetinbo nd AH e 139 mkmSetlnboundESP E 140 mkmsSetOutboundAMH WEE 141 mkmSetO tboundESP 6 cscs ces cesssesevssesssctssessossosssdescesdeosenccscasasncdowessvenssossseresetseceiiesest 142 Sample IPSec Configuration File sc ccccscccicssecensesessoscevsesececsossssenestecenpeesessecestseseunse 143 IPSec Web Configuration Interface ccs ic cssiccneskesesostencscssidsssaassanecnsubsesspsbenesensepessnce 143 Appendix B Clock Manager NetLinx Programming API esee 145 Types Constants Mr 145 Library Calls me es 145 CLKMG
31. x x lt enter gt SEND COMMAND IR 1 XCH 3 Transmits the IR code as 0 0 3 enter SEND COMMAND IR 1 XCH 34 Transmits the IR code as 0 3 4 enter SEND COMMAND IR 1 XCH 343 Transmits the IR code as 3 4 3 enter Mode 2 Example x x x SEND COMMAND IR 1 XCH 3 Transmits the IR code as 0 0 3 SEND COMMAND IR 1 XCH 34 Transmits the IR code as 0 3 4 SEND COMMAND IR 1 XCH 343 Transmits the IR code as 3 4 3 Mode 3 Example 100 100 x x SEND COMMAND IR 1 XCH 3 Transmits the IR code as 0 3 SEND COMMAND IR 1 XCH 34 Transmits the IR code as 3 4 SEND COMMAND IR 1 XCH 343 Transmits the IR code as 100 100 100 4 3 Mode 4 Mode 4 sends the same sequences as the CH command Only use Mode 4 with channels 0 199 IR Serial SEND_COMMANDs Cont XCHM Cont Mode 5 Example lt x gt lt x gt lt x gt lt x gt lt enter gt SEND_COMMAND IR_1 XCH 3 Transmits the IR code as 0 0 0 3 enter SEND_COMMAND IR_1 XCH 34 Transmits the IR code as 0 0 3 4 enter SEND_COMMAND IR_1 XCH 343 Transmits the IR code as 0 3 4 3 enter SEND_COMMAND IR_1 XCH 1343 Transmits the IR code as 1 3 4 3 enter Mode 6 Example lt x gt lt x gt lt x gt lt x gt SEND COMMAND IR 1 XCH 3 Transmits the IR code as 0 0 0 3 SEND COMMAND IR 1 XCH 34 Transmits the IR code as 0 0 3 4 SEND COMMAND IR 1 XCH 343 Transmits the IR code as 0 3 4 3 SEND COMMAND IR 1 XCH
32. 04 NI X100 NE2100 On board Master Kit file 2105 04 NI X100 Master Integrated Controller Kit file 2105 04 NI X100 NI 700 On board Master Kit file 2105 03 NI X000 Master Integrated Controller Kit file 2105 03 NI X00 DES On board Master Kit file 2105 03 NI X000 Master Integrated Controller Kit file 2105 09 NI X00 Only Master firmware Kit files use the word Master in the Kit file name Follow the procedures outlined within the Communicating Via an IP Address section on page 10 to connect to the target NI device via the web After NetLinx Studio has established a connection to the target Master click the OnLine Tree tab of the Workspace window to view the devices on the System The default System value is one 1 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The communication method is highlighted in green on the bottom of the NetLinx Studio window After the Communication Verification dialog window verifies active communication between the PC and the Master verify the NetLinx Master 00000 NI Master appears in the OnLine Tree tab of the Workspace window The default NI Master value is zero 00000 First upgrade of the on board Master using the Master s Kit file The Integrated Controller can later be upgraded using the Controller s Kit file BOTH Kits should be used when upgrading any firmware associ
33. 32 CHAR LOCATION_STRING 32 Added v1 28 Clock Manager INTEGER CLKMGR_MODE_NETWORK INTEGER CLKMGR_MODE_STANDALONE Library Calls 01 02 TRUE FALSE TRUE FALSE Allow enough room for IPv6 in the future Example time organization net Example Boulder Colorado US Used to enable Clock Manager Functionality Use a free running clock legacy behavior The NetLinx axi file that ships with NetLinx Studio includes the following Clock Manager specific library calls NetLinx axi Library Calls CLKMGR IS NETWORK SOURCED Returns FALSE 0 or TRUE 1 default FALSE O CLKMGR SET CLK SOURCE CONSTANT INTEGER MODE Can be set to CLKMGR MODE NETWORK or CLKMGR MODE STANDALONE CLKMGR IS DAYLIGHTSAVINGS ON Returns FALSE 0 or TRUE 1 default FALSE O CLKMGR SET DAYLIGHTSAVINGS MODE CONSTANT INTEGER ONOFF Can be set to ON TRUE or OFF FALSE CLKMGR GET TIMEZONE Returns Timezone as a string in the format UTC JHH MM CLKMGR_SET_TIMEZONE Input string must have the correct format CONSTANT CHAR TIMEZONE UTC HH MM CLKMGR GET RESYNC PERIOD Returns the Clock Manager s re sync period in minutes default 60 This setting has no effect if the Clock Manager mode is set to STANDALONE CLKMGR_SET_RESYNC_PERIOD CONSTANT INTEGER PERIOD Sets the re sync period to the specified minute value The upper bound is 480 minutes i e 8 hours
34. A sets the display to ASCII mode Any ASCII characters received by the device will be displayed by their ASCII symbol Any non ASCII characters will be displayed with a followed by two hex characters to indicate the characters hex value ESCD Decimal Display Mode Typing a plus shift followed by another plus followed by an ESC the escape key followed by a D sets the display to decimal mode Any characters received by the device will be displayed with a followed by numeric characters to indicate the characters decimal value ESCH Hex Display Mode Typing a plus shift followed by another plus followed by an ESC the escape key followed by an H sets the display to hexadecimal mode Any characters received by the device will be displayed with a followed by two hex characters to indicate the characters hex value Q NOTE NOTE NOTE Accessing the Security Configuration Options Security configuration options are only available to Program Port connections see the Overview section on page 95 Refer to the SET SECURITY PROFILE section on page 105 for information on setting Security Profiles 1 In the Terminal session type help security to view the available security commands Here is a listing of the security help These commands apply to the Security Manager and Database logout Logout and close secure session setup security Access the security setup menus The hel
35. COMMAND DEV PON Example SEND COMMAND IR 1 PON Sends power up IR commands 27 or 9 to the IR 1 port PTOF This time increment is stored in permanent memory This command also sets Set the time duration the delay between pulses generated by the PON or POF send commands in between power pulses in tenths of seconds It also sets the delay required after a power ON command 10 second increments before a new IR function can be generated This gives the device time to power up and get ready for future IR commands Syntax SEND COMMAND DEV PTOF time Variable time 0 255 Given in 1 10ths of a second Default is 15 1 5 seconds Example SEND COMMAND IR 1 PTOF 15 Sets the time between power pulses to 1 5 seconds for the IR 1 device PTON This time increment is stored in permanent memory This command also sets Set the time duration of the the pulse length for each pulse generated by the PON or POF send power pulses in commands in tenths of seconds 10 second increments Syntax SEND COMMAND lt DEV gt PTON lt time gt Variable time 0 255 Given in 1 10ths of a second Default is 5 0 5 seconds Example SEND COMMAND IR 1 PTON 15 Sets the duration of the power pulse to 1 5 seconds for the IR 1 device IR Serial SEND_COMMANDs Cont communication parameters Command Description SET BAUD Only valid if the port is in Data Mode see SET MODE command Set the I
36. Default Settings gt System EI Terminal Settings New System E New Project d New System Configuration bs FIG 9 NetLinx Studio Master Communication Settings dialog 3 Click the Communications Settings button to open the Communications Settings dialog FIG 10 Current Platform Transport Selected Platform Selection NetLinx Master Axcess Master List of Addresses fF pi Communication Settings a x Transport Connection Option TCP IP D Serial D Virtual NetLinx Master TCPI IP LIRL Description 192 168 220 143 192 168 220 148 192 168 220 40 192 168 220 71 192 168 220 83 192 168 223 220 192 168 220 54 Port 1319 1319 1319 1319 1319 1319 1319 Ping Host UserID Password TRUE TRUE TRUE TRUE TRUE TRUE TRUE FIG 10 NetLinx Studio Communication Settings dialog a Select NetLinx Master under Platform Selection to indicate you are working with a NetLinx Master b Select TCP IP under Transport Connection Option to indicate you are connecting to the Master via an IP Address 4 Click New to open the New TCP IP Setting dialog where you can enter both a previously obtained DHCP or Static IP Address and an associated Description for the connection into their respective fields FIG 11 ICP IP Address 192 168 220 54 Description User Name Password wore i ES Port
37. HMAC RIPEMD esp aes ctr aes ESP AES CTR AES XCBC MAC esp aes ctr hmac md5 ESP AES CTR HMAC MD5 esp aes ctr md5 ESP AES CTR MD5 esp aes ctr 192 sha ESP AES CTR KEY LENGTH 192 SHA esp aes ctr 192 hmac sha ESP AES CTR KEY LENGTH 192 HMAC SHA esp aes ctr 192 hmac sha2 256 ESP AES CTR KEY LENGTH 192 HMAC SHA2 256 esp aes ctr 192 hmac sha2 384 ESP AES CTR KEY LENGTH 192 HMAC SHA2 384 esp aes ctr 192 hmac sha2 512 ESP AES CTR KEY LENGTH 192 HMAC SHA2 512 esp aes ctr 192 hmac ripemd ESP AES CTR KEY LENGTH 192 HMAC RIPEMD esp aes ctr 192 aes ESP AES CTR KEY LENGTH 192 AES XCBC MAC esp aes ctr 192 hmac md5 ESP AES CTR KEY LENGTH 192 HMAC MD5 esp aes ctr 192 md5 ESP AES CTR KEY LENGTH 192 MD5 esp aes ctr 256 sha ESP AES CTR KEY LENGTH 256 SHA esp aes ctr 256 hmac sha ESP AES CTR KEY LENGTH 256 HMAC SHA esp aes ctr 256 hmac sha2 256 ESP AES CTR KEY LENGTH 256 HMAC SHA2 256 esp aes ctr 256 hmac sha2 384 ESP AES CTR KEY LENGTH 256 HMAC SHA2 384 esp aes ctr 256 hmac sha2 512 ESP AES CTR KEY LENGTH 256 HMAC SHA2 512 esp aes ctr 256 hmac ripemd ESP AES CTR KEY LENGTH 256 HMAC RIPEMD esp aes ctr 256 aes ESP AES CTR KEY LENGTH 256 AES XCBC MAC esp aes ctr 256 hmac md5 ESP AES CTR KEY LENGTH 256 HMAC MD5 esp aes ctr 256 md5 ESP AES CTR KEY LENGTH 256 MD5 esp null sha ESP NULL SHA esp null hmac sha ESP NULL HMAC SHA esp null hmac sha2 256 ESP NULL HM
38. LLAAR Ie NOTE NOTE NOTE 10 Click Reboot from the Tools gt Reboot the Master Controller dialog and wait for the System Master to reboot and retain the newly obtained DHCP Address The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation Wait until the STATUS LED is the only LED to blink 11 Press Done once until the Master Reboot Status field reads Reboot of System Complete Verify that these IP values are also entered into the related fields within either the IP Settings section of the System Connection page on the touch panel or within the Address field on the web browser 12 Complete the communication process by continuing on to the Communicating Via an IP Address section on page 10 Assigning a Static IP to the NI Controller Verify there is an active LAN connection on the LAN port of the Master before beginning these procedures 1 In NetLinx Studio select Diagnostics gt Network Addresses from the Main menu to access the Network Addresses dialog FIG 8 g o O EE System 9 Perice 0 Reboot Device IP Address DNS Address Host Name Shane31 Domain Suffix System Address reflects the value Use DHCP set in the Device ER Addressing tab IP Address Subnet Mask Gateway 192 255 220 DNS IP 1 DNS IP 2 DNS IP 3 Used to retain an IP Address Set IP Information Set De
39. List for Devices Network Settings URL List Device Number Control Emulate Log Diagnostics Add URL Remove All I Refresh List Status URL Port IPAddress Username FIG 64 System Manage Devices URL List Adding a URL To The Master s List Of Devices In the Manage Devices URL List page click the Add URL button to open the Add a URL page FIG 65 Add a URL Add a URL to the List for Devices Network Settings URL List Device Number Control Emulate Log Diagnostics URL Port has Secure Connection Username l Password Confirm Password Pearce ccc FIG 65 Add a URL page aa cL E Fill in the fields and click Accept to save the changes and add this information to the URL List Manage Devices Device Number With the NetLinx Controller selected in the Device drop down menu click the Device Number link in the Manage Devices tab to access the Change Device Number page FIG 66 The options on this page allow you to change the device number on the NetLinx Master Controller System Number 1 I P A PEGGING Welcome guest KSE 00000 NI Master v Mais E Master Configuration Manager WebControl Security System Change Device Number Modify Device Number for Device Network Settings URL List ControvEmulate Log Diagnostics Current Device Number 0 New Device Number aca Accent FIG 66 System Manage Devices Device Number Defaul
40. Master in one step 4 Click Create SSL Certificate to save the new encrypted certificate information to the Master Click Close to exit without making changes to the Master Regenerating an SSL Server Certificate Request This action allows you to is used to modify or recreate a certificate already on the Master For example if the company has moved from Dallas to Houston all of the information is reentered exactly except for the City 1 Click the Create SSL Certificate link in the Server Options page to open the Create SSL Certificate window 2 Modify the certificate information as needed see the SSL Certificate Entries section on page 52 3 Click the down arrow next to Action and choose Regenerate Certificate 4 Click Create SSL Certificate to save the newly modified certificate information to the Master Click Close to exit without making changes to the Master Only use the Regenerate Certificate option when you have self generated your own certificate Do not regenerate an external CA generated certificate CAUTION Exporting an SSL Certificate Request 1 First follow the procedures outlined in the Creating a Request for an SSL Certificate section on page 53 to create a session specific Master certificate 2 Click the Export SSL Certificate link to display the certificate text file in the Export SSL Certificate window FIG 45 Export SSL Certificate Close Verify the following Certificate Request Information Bit L
41. Menu Cont Command Description 13 Make changes permanent by saving to flash When changes are made to the security settings of the Master they are initially only changed in RAM and are not automatically saved permanently into flash This selection saved the current security settings into flash Also if you attempt to exit the Main Security Menu and the security settings have changed but not made permanent you will be prompted to save the settings at that time 14 Reset Database administrator only function If a user has been given administrator rights this additional menu option is displayed This selection will reset the security database to its Default Security Configuration settings erasing all users and groups that were added This is a permanent change and you will be asked to verify this before the database is reset This function is only visible to administrators 15 Display Database administrator only function If a user has been given administrator rights this additional menu option is displayed This selection will display the current security settings to the terminal excluding user passwords It also displays all users minus passwords their group assignment if any and their rights as well as all groups and their rights This function is only visible to administrators Security Options Menu Select Set system security from the Setup Security Menu to access the Security
42. Monday 3 Tuesday 4 Wednsday 5 Thursday 6 Friday 7 Saturday Examples fixed 5 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM CLKMGR_GET_END_DAYLIGHTSAVINGS_RULE Gets a string representation of when Daylight Savings is supposed to END The Fixed Date rules have the form fixed DAY MONTH HH MM SS with all fields as numeric except for the word fixed The Occurrence Of Day rules have the form occurence OCCURENCE DAY OF WEEK MONTH HH MM SS with all fields as numeric except for the word occurence OCCURANCE range 1 5 5 indicates the LAST occurrence of a particular day of the month DAY OF WEEK translates as 1 Sunday 2 Monday 3 Tuesday 4 Wednsday 5 Thursday 6 Friday 7 Saturday Examples fixed 5 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM NetLinx axi Library Calls Cont CLKMGR_SET_END_DAYLIGHTSAVINGS_RULE CONSTANT CHAR RECORD Sets the END Daylight Savings rule to the specified string which MUST be in either the Fixed Date format or the Occurence Of Day format The function returns a negative SLONG value if it encounters an error The Fixed Date rules have the form fixed DAY MONTH HH MM SS with all fields as numeric except for the word fixed The Occurrence Of Day rules have the form occurence OCCURENCE DAY OF WEEK MONTH HH MM SS with a
43. Profiles 2 NOTE Default Security Configuration By default the NetLinx Master creates the following accounts access rights directory associations and security options Default Security Configuration Account 1 Account 2 Group 1 Username administrator Username NetLinx Password password Password password Group administrator Group none Group administrator Rights All Rights FTP Access Rights All Directory Association Directory Association none Directory Association Note The administrator User Note The NetLinx User Note The administrator Group account cannot be deleted or account is compatible with account cannot be deleted or modified with the exception of its previous NetLinx Master modified password Only a user with both firmware versions This account Configuration access and is initially created by default and administrator rights can alter the can later be deleted or modified administrator s password FTP Security is always enabled on the Masters The Admin Change Password Security option in the Group and User Level Security Details pages is enabled by default Allother security options are disabled by default Login Rules There is no limit to the number of concurrent logins allowed for a single user This allows for the creation of a single User that is provided to multiple ICSP devices touch panels for example using the same login to obtain
44. Refresh Interval seconds 2 Port 1 Online Offiine Y Incoming Messages Configuration Y Status Y Channel Changes Input wi Output Y Feedback Y Level changes from Y Level changes to Y Strings from r4 Strings to Y Commands from r4 Commands to Y Custom Events from Y g sf Diagnostic Options table P Accept FIG 69 Diagnostics Options Page with diagnostic messages enabled This page can also be accessed via the Manage System options as described in the Manage System Diagnostics Options section on page 44 See the Enabling Diagnostics On a Selected System Device section on page 44 for details WebConsole System Options NetLinx Integrated Controllers WebConsole amp Programming Guide FMv3 77 WebConsole System Options 78 NetLinx Integrated Controllers WebConsole amp Programming Guide FMv3 NetLinx Programming Overview This section describes the Send_Commands Send_Strings and Channel commands you can use to program the Integrated Controller The examples in this section require a declaration in the DEFINE_DEVICE section of your program to work correctly Refer to the NetLinx Programming Language instruction manual for specifics about declarations and DEFINE_DEVICE information C NetLinx programming information for the DVX 2100HD is included in the DVX 2100HD Operation Reference Guide Port Assignments By NI Model Port Assignments By Controller
45. Static IP to the on board Master Once the IP information is determined rework the parameters for Master Communication in order to connect to the on board Master via the LAN and not the Program port Update the On board Master and Controller Firmware Before using your new NI unit you must first update your NetLinx Studio to the most recent release Upgrade the on board Master firmware through an IP Address via the LAN connector Upgrading the On board Master Firmware via an IP section on page 14 IP recommended Upgrade the Integrated Controller firmware through an IP Address via the LAN connector Upgrading the NI Controller Firmware Via IP section on page 16 IP recommended Configure NetLinx Security on the NI Controller Setup and finalize your NetLinx Security Protocols WebConsole Security Options section on page 25 Program your NI Controller NetLinx Programming section on page 79 Eh Using Zero Configuration NetLinx Controllers with firmware versions of v3 41 or higher support using zero configuration client software to quickly install multiple devices on the network Bonjour Zero Configuration Client You can use a zero configuration client to determine the IP address of the Controllers There are many zero configuration clients available However for the purposes of this document we will refer to Bonjour for Windows It is free and widely available for download If you don t alrea
46. V Automatically Ping the Master Controller to ensure availability FIG 11 NetLinx Studio New TCP IP Setting dialog Verify that the Automatically Ping the Master Controller to ensure availability option is selected to make sure the Master is initially responding online before establishing full communication Ifthe authentication is required for connecting to the Master at this address enter a User Name and Password in the text fields provided 5 Click OK to close the New TCP IP Settings dialog and return to the Communication Settings dialog FIG 12 NOTE 6 Current Platform Transport Selected List of Addresses Transport Connection Option Platform Selection NetLinx Master a TCP IP Axcess Master Serial Virtual NetLinx Master TCPI IP LIRL Description Port Ping Host User ID Password 192 168 220 143 1319 TRUE New 192 168 220 148 1319 TRUE 192 168 220 40 1319 TRUE Select 132 168 220 71 1318 TRUE 192 168 220 83 1319 TRUE Edit 192 168 223 221 1319 TRUE 192 168 220 5 Eaa TAE BE 192 168 222 11 1319 TRUE Listen Delete Delete All FIG 9 10 11 12 NetLinx Studio Communication Settings dialog 8 Click on the new IP Address entry in the List of Addresses window b Click Select to use the selected IP Address as the current IP Address Click OK to save your newly entered information and close the Communication Se
47. cmd in the Open field and click OK to open an instance of the Windows command interpreter Cmd exe 3 In the CMD command type telnet followed by a space and the Master s IP Address info Example gt telnet XXX XXX XXX XXX 4 Press Enter Unless Telnet security is enabled a session will begin with a welcome banner Welcome to NetLinx vX XX XXX Copyright AMX Corp 1999 2006 gt If Telnet security is enabled type in the word login to be prompted for a Username and Password before gaining access to the Master 5 Enter your username to be prompted for a password Ifthe password is correct you will see the welcome banner Ifthe password is incorrect the following will be displayed Login Userl Password Login not authorized Please try again After a delay another login prompt will be displayed to allow you to try again If after 5 prompts the login information is not entered correctly the following message will be displayed and the connection closed Login not allowed Goodbye a a a To restrict access to the Master via terminal connection enable Configuration Security on the Master via the CONFIGURATION SECURITY option in the Security Options menu see the Security Options Menu section on page 118 for details With Configuration Security enabled a valid user with Configuration Security access will have to login before being able to execute Telnet commands If security is not enabled these commands a
48. con nected to our lighting products The dimming performance or quality there of is not guaranteed impart due to the random combi nations of dimmers lamps and ballasts or transformers AMX software is warranted for a period of ninety 90 days Batteries and incandescent lamps are not covered under the warranty AMX AutoPatch Epica Modula Modula Series4 Modula CatPro Series and 8Y 3000 product models will be free of defects in materials and manufacture at the time of sale and will remain in good working order for a period of three 3 years following the date of the original sales invoice from AMX The three year warranty period will be extended to the life of the product Limited Lifetime Warranty if the warranty card is filled out by the dealer and or end user and returned to AMX so that AMX receives it within thirty 30 days of the installation of equipment but no later than six 6 months from original AMX sales invoice date The life of the product extends until five 5 years after AMX ceases manufacturing the product model The Limited Lifetime Warranty applies to products in their original installation only If a product is moved to a different installation the Limited Lifetime Warranty will no longer apply and the product warranty will instead be the three 3 year Limited Warranty All products returned to AMX require a Return Material Authorization RMA number The RMA number is obtained from the AMX RMA Department The RMA nu
49. dei NEE 92 Input Output SEND COMMANDS tensor aao ero eo ta ea eorr da eue aae oa npe aaa Ee gnus 93 GET DBT er 93 SET DBT m 93 c gl RE 94 SET INPUT Um 94 Terminal Program Port Telnet Commands eese 95 ela E RE TRENT DLE 95 Establishing a Terminal Connection Via the Program Port eere 95 PC COM Port Communication Settings eeeeeeeeeeeeeeeeeeeeee eene eene nennen tens nnne 96 NetLinx Integrated Controllers Port Assignments ssssssssssssseeseeeseeeeeeeeeeeeeeoes 96 Establishing a Terminal Connection Via Telnet ssssscsccscscesssssssssssssseeeeeeseseess 96 Terminal Commands cesi tese seen crea vae ea soe ga Capa roug Po dV E eb AN Deka EDU RR USER HUE Tiao 97 Hel SR D EK KE TE 97 GLEAR AUDIT EOG eeegteseeudeeteg Zeg teg 97 KR VT EC 97 pup CN 97 DEVICE HOLDOEFF ONIOFF ssisscseccciivcccssaccocsecccddschensvckeasessceeasetcslocsecbesssecceesszcsousadesssepeouesuseuss 97 DEVICE STATUS lt D sPiS gt E 97 DIPSWITCH E 97 DISK FREE ege sca ENN ed dE TEE 97 DNS LIST lt D GE 98 ECHO ONIOFF de 98 GET DEVICE HOLDOFF EE 98 GET DUET MEMORY
50. entered prior to gaining access to the configuration options System Number 1 Le UTOGIN welcome guest Device System Number 1 MEETS i mr 7 3 Master Configuration Manager WebControl System System Security Details Modify system security settings for the Master Group Lever User Level System Security Settings IPSec Security Settings Enabled Access Terminal RS232 Access HTTP Access Telnet Access Configuration ICSP Connectivity EncryptICSP Connection Re FIG 25 System Security Settings Page These are global options that enable or disable the login requirement for both users and groups Access Options Check the Enabled option on the left side of this page to make the Access options available for selection The Access options are described in the following table System Security Access Options Option Description Enabled This option enables the Access options described below Note If the Master Security checkbox is not enabled all subordinate options are greyed out and not selectable meaning that the Master is completely unsecured and can be altered by any user regardless of their rights Terminal RS232 If selected a valid username and password is required for Terminal communication via Access the Master s RS232 Program port HTTP Access If selected a valid username and password is required for communication over HTTP or HTTPS P
51. identified ID Mode no longer active The previous Device and System numbers of the NI Controller are displayed below the red field Example Previous D S 5001 1 where 5001 represents the previous device value of the NI Controller D and 1 represents the NI Controller s System value S Obtaining the NI Controller s IP Address using DHCP C Verify there is an active LAN connection on the NI Controller s LAN port before A beginning these procedures NOTE 1 In NetLinx Studio select Diagnostics gt Network Addresses from the Main menu to access the Network Addresses dialog FIG 7 Network Addresses System Device Reboot Master IP Address DNS Address Host Name Domain Suffix System Address reflects the value set in the Device Addressing tab IP Address DNs iP Subnet Mask DNS IP 2 Gateway DNS IP 3 Used to obtain a et IP Ir stion Get DNS Information DN natior Dynamic DHCP 5 IP Address Set Default Communication Settings with this IF FIG 7 NetLinx Studio Network Addresses dialog for a DHCP IP Address 2 Verify that both the System number corresponds to the System value previously assigned within the Device Addressing tab and that zero 0 is entered into the Device field The system value must correspond to the Device Address entered in the Device C Addressing dialog Refer to the Manage System System Number section on _ page 39 for more detailed ins
52. need to reboot Setup Security Menu The Setup Security menu is described below Setup Security Menu Command Description 1 Set system security This selection will bring up the Security Options Menu that allows opta pis for Net lane Master you to change the security options for the NetLinx Master See the Security Options Menu section These are global options that enable rights given to users and on page 118 for descriptions of each groups menu item S For instance if you want to disable Telnet security for all users you would simply go to this menu and disable Telnet security for the entire Master This would allow any user whether they have the rights to Telnet or not These options can be thought of as options to turn on security for different features of the NetLinx Master 2 Display system security This selection will display the current security options for the options for NetLinx Master NetLinx Master 3 Add user This selection will prompt you for a name for the User you are add ing The User name must be a unique alpha numeric string 4 20 characters Note User and Group names are case sensitive After the User is added you will be taken to the Edit User menu to setup the new User s right see page 119 4 Edit user This selection will prompt you select a User to edit properties for Once you have selected the User you want to edit it will take you to the Edit User menu so you can edit
53. none 1 secure 2 DOD Once you enter a value and press Enter the system responds with New security profile set reboot the Master for change to fully take effect The three Security Profiles are described below None default No security is enabled and all Master interface ports are available including HTTP HTTPS Telnet SSH FTP and terminal access Logins are not required on the Master s Web Telnet and terminal interfaces This is the default out of the box configuration Terminal Commands Cont Command Description SET SECURITY PROFILE Cont Secure Unsecured interface ports are disabled including HTTP Telnet and FTP Only HTTPS and SSH and terminal user ports are available All user access requires a username password login including HTTPS SSH and terminal NetLinx ICSP security is enabled requiring all NetLinx devices connecting with the Master to provide username password authentication and encryption Passwords must conform to a stricter set of requirements They must be at least 8 characters long and contain at least one upper and one lower case alpha one numeric and one special character excluding the blankspace Passwords cannot contain back to back duplicate characters To ensure all account passwords conform to the new standard all existing user accounts are deleted and the built in administrator and netlinx account passwords are set to the secure d
54. not escaped rather they are embedded within single quotes String expressions may contain string literals decimal numbers ASCII characters and hexadecimal numbers pre pended with a and are comma delimited String Literals start and end with single quotes To escape a single quote use three single quotes t NOTE Manage System Diagnostics Options Click the Diagnostics link in the Manage System tab to access the Diagnostics Options page FIG 38 The options on this page allow authorized users to enable and monitor various diagnostic messages coming from and going to System Devices System Number 2 Ga A Bar ea T come quest Kos System Number 2 REFRESH ap P Master Configuration Manager WebControl Manage System KAES a a a a a Diagnostic Options System Number Control Emulate Server Clock Manager Modify diagnostic options for the Master System Number 2 Device 5001 2 Refresh Interval 5 seconds e Port 1 Messages Online Offline Y R Incoming Messages eech L 09 13 2006 16 40 44 717 PUSH Status Y 09 13 2006 16 40 44 717 PUSH Channel Changes 09 13 2006 16 40 44 815 RELEF 09 13 2006 16 40 44 815 RELEF Input Y Output Y Feedback Y Device Options Level changes from Y Level changes to Y Strings to Y Strings from Y Commands to Y Commands from Y Custom Events from Y en en en en en en en een o gt FIG 3
55. physical device s D P S assignment This information has to be pre coded into the NetLinx file currently on the Master Configuring Application Defined Devices Elements such as DUET DEV TYPE DISC DEVICE and DUET DEV POLLED are defined within the NetLinx axi file The NetLinx axi file contains both the new API definitions as well as the pre defined constants that are used as some of the API arguments ex DUET DEV TYPE DISC DEVICE Physical device names are typically prefixed with dv and Virtual device names are typically prefixed with vdv Example Code PROGRAM NAME DDD DEFINE DEVICE COMI 5001 1 0 COM2 5001 2 0 dvRECEIVER1 41000 1 0 dvDiscDevice 41001 1 0 DEFINE CONSTANT DEFINE TYPE DEFINE VARIABLE DEFINE START STATIC PORT BINDING dvDiscDevice COMI DUET DEV TYPE DISC DEVICE My DVD DUET DEV POLLED DYNAMIC POLLED PORT COM2 DYNAMIC APPLICATION DEVICE dvRECEIVERI DUET DEM TYPE RECEIVER My Receiver WebConsole System Options IA THE EVENTS GO BELOW y IEN DEFINE EVENT DATA EVENT dvRECEIVER1 Duet Virtual device data events go here j Sample code can be found within the DEFINE START section as shown in FIG 55 STATIC_PORT_BINDING dvDis ce cow DUET DEV TYPE DISC DEVICE My DvD DUET DEV POLLED err eon Aner DYNAMIC POLLED PORT com DYNAMIC APPLICATION DEVICE dvPICETY DUET DE My Receiver
56. the Interpreter or Java threads will show that they re using all of the CPU PHYSICAL STATUS This command reports the current state of the Master s Status Output and Input LEDs in order to troubleshoot a remote Master For example if PHYSICAL STATUS indicates that the Input LED always shows 1 or ON it could indicate that the Master is being hammered by incoming events MSG STATS This command collects messages statistics for the Interpreter over a 10 second period by calculating the number of event messages that have been processed This can be useful as a debugging diagnostics tool to determine if the NetLinx Inter preter is running and how many messages it s processing Logging Out of a Terminal Session It is very important to execute the logout command prior to disconnecting from a Master Simply removing the RS 232 connector from the Program Port maintains your logged in status until you either return to logout via a new session or reboot the target Master Notes on Specific Telnet Terminal Clients Telnet and terminal clients will have different behaviors in some situations This section states some of the known anomalies Windows Client Programs Anomalies occur when using a Windows client if you are not typing standard ASCII characters i e using the keypad and the ALT key to enter decimal codes Most programs will allow you to enter specific decimal codes by holding ALT and using ke
57. the Master does not have security enabled and must be communicated with using http in the Adaress field The default port value is 80 Note One method of adding security to HTTP communication is to change the Port value If the port value is changed any consecutive session to the target Master has to add the port value at the end of the adaress within the Adaress field An example is if the port were changed to 99 the new address information would be http 192 192 192 192 99 HTTPS SSL The port value used by web browser to securely communicate between the web server UI and the target Master This port is also used to simultaneously encrypt this data using the SSL certif icate information on the Master as a key This port is used not only used to communicate securely between the browser using the web server Ul and the Master using HTTPS but also provide a port for use by the SSL encryption key embedded into the certificate Whereas SSL creates a secure connection between a client and a server over which any amount of data can be sent securely HTTPS is designed to trans mit individual messages securely Therefore both HTTPS and SSL can be seen as complemen tary and are configured to communicate over the same port on the Master These two methods of security and encryption are occurring simultaneously over this port as data is being trans ferred The default port value is 443 Note Another method of adding security to HTT
58. unauthorized network client It is recommended that you make initial configurations as well as subsequent changes via the WebConsole Refer to the Onboard WebConsole User Interface section on page 21 Refer to the Terminal Commands section on page 97 for a listing of all commands available in a terminal session Note that all commands in the table are available for both Program Port and Telnet sessions with two exceptions Help Security and Resetadminpassword These commands are only available via a Program Port connection Establishing a Terminal Connection Via the Program Port To establish a terminal session via the Program Port the PC COM RS232 port on your PC must be physically connected to the Program port on the NetLinx Master You will also need to know the current baud rate setting for the Master so that you can verify that it matches the settings on your PC 1 In Windows go to Start gt Programs gt Accessories gt Communications to launch the HyperTerminal application to open the Connection Description dialog 2 Enter any text into the Name field and click OK This action invokes the Connect to dialog 3 Click the down arrow From the Connect Using field and select the PC COM port being used for communication by the target Master and click OK when done 4 From the Bits per second field click the down arrow and select the baud rate being used by the target Master 5 Configure the remaining communication p
59. window A device value of 00003 is the same as a value of 3 Click the Reboot Device checkbox to reboot the NI unit after the firmware update process is complete and then re detect the new NXC card firmware Click Send to begin the transfer The file transfer progress is indicated on the bottom right of the dialog FIG 18 Click Close once the download process is complete Click Reboot from the Tools gt Reboot the Master Controller dialog and wait for the System Master to reboot The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation Wait until the STATUS LED is the only LED to blink Press Done once until the Master Reboot Status field reads Reboot of System Complete Cycle power to the Master unplug and reconnect power to the unit This process of cycling power acts to reset the updated NetLinx Control Card and detect its new firmware update It also serves to allow the Integrated Controller to detect and reflect the new firmware on the card to the NetLinx Studio display on the Wo 17 18 rkspace window After Studio has establish a connection to target Master click the OnLine Tree tab of the Workspace window to view the devices on the System The default System value is one 1 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The communication method is
60. you get the following message Setting telnet port number to 23 New telnet port number set reboot the Master for the change to take affect SET THRESHOLD Sets the Master s internal message thresholds This command will set the thresholds of when particular tasks are pended The threshold is the number of messages queued before a task is pended Use extreme caution when adjusting these values Note The Master must be rebooted to enable new settings Example gt SET THRESHOLD This will set the thresholds of when particular tasks are pended The threshold is the number of messages queued before a task is pended Use extreme caution when adjusting these values Current Interpreter Threshold 2000 Enter new Interpreter Threshold Between 1 and 2000 Default 10 Once you enter a value and press the ENTER key you get the following message Current Lontalk Threshold 50 Enter new Lontalk Threshold Between 1 and 2000 Default 50 50 Current IP Threshold 600 Enter new IP Threshold Between 1 and 2000 Default 200 600 Setting Thresholds to Interpreter 2000 Lontalk 50 IP 600 New thresholds set reboot the Master for the changes to take affect Terminal Commands Cont Command Description SET TIME Sets the current time When the time is set on the Master the new time will be reflected on all devices in the system that have clocks i e touch panels By the same token if y
61. 1 to access the Add Modify User page FIG 32 NOTE User Level u System Level Group Level User Level User Security Details Add a user and modify their settings User name Group none v Password Confirm Password Access C Admin Change Password Access xX L Terminal RS232 Access x C FTP Access x CL HTTP Access x L Telnet SSH SFTP Access x L Configuration x L ICSP Connectivity x Encrypt ICSP Connection x FIG 32 User Security Settings Page Add Modify User page 3 Inthe User Name field enter a unique name for the new group The name must be a unique alpha numeric character string 4 20 characters and is case sensitive The words administrator and NetLinx cannot be used since they already exist by default 4 Inthe Group drop down list choose from a list of pre configured Groups and associate these rights to the new user 5 Enter a user password in both the Password and Password Confirm fields The password must be a unique alpha numeric character string 4 20 characters and is case sensitive 6 Enable the security access rights you want to provide to the user See the Group and User Security Access Options on page 31 for details 7 Click the Accept button to save your changes to the Master Any security changes made to the Master from within the web browser are instantly reflected within a Terminal session without the need to reboot Viewi
62. 1343 Transmits the IR code as 1 3 4 3 Input Output SEND COMMANDs The following SEND COMMANDs program the I O ports on the Integrated Controller VO ports Port 4 NI 700 Channels 1 8 I O channels NOTE 1 0 SEND COMMANDs Command Description GET DBT Syntax Get Debounce Time GET DBT n Variable n the channel number of the I O input port SET DBT Syntax Set Debounce Time SET DBT lt n gt lt v gt Variables n the channel number of the I O input port v Value 1 50 which sets the debounce time in increments of 50ms Example SEND COMMAND 5001 17 0 SET DBT 1 10 Sets channel 1 on the UO port to 50ms Debounce time 1 0 SEND_COMMANDs Cont Command Description GET INPUT An active state can be high logic high or low logic low or contact closure Channel changes Pushes and Releases generate reports based on their active state The port responds with either HIGH or LOW Syntax SEND COMMAND lt DEV gt GET INPUT lt channel gt Get the active state for the selected channels Variable channel Input channel 1 8 Example SEND COMMAND IO GET INPUT 1 Gets the I O port s active state The system could respond with INPUT1 ACTIVE HIGH SET INPUT An active state can be high logic high or low logic low or contact closure Channel changes Pushes and Releases generate reports based on their active state Setting an input to ACTIVE HIGH wil
63. 17185 0 0 OUT NOTMIRRORED Config String saNumber protocolSelector destinationPort sourcePort Format destinationAddressSelector sourceAddressSelector directionality mirroring mkmAddDiscard mkmAddDiscard NAME mkmAddDiscard add a discard Security Association SYNOPSIS mkmAddDiscard cptr_mkm_sa DESCRIPTION This rule adds a discard Security Association SA After adding an SA mkmCommit must be called to commit the SA to the Security Association Database SADB Rule Value cptr_mkm_sa A string formatted as follows saNumber protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality mirroring where saNumber is a decValue a unique number to be assigned to the SA protocolSelector is the IANA IP protocol number decValue ANY Use 6 for TCP or 17 for UDP destinationPort and sourcePort are decValue ANY destinationAddressSelector and sourceAddressSelector are ipAddressl ipAddress2 ipMaskPrefix directionality is IN OUT If IN then this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host A mirrored policy will automatically be created for the opposite traffic flow mirroring is NOTMIRRORED MIRRORED NOTMIRRORED will create a policy only in the specified direction MIRRORED will create two policies one in each direction EXAMPLES IPv4 mkmAddDiscard 9 17
64. 2 hmac sha ESP AES CBC KEY LENGTH 192 HMAC SHA esp aes cbc 192 hmac sha2 256 ESP AES CBC KEY LENGTH 192 HMAC SHA2 256 names Cont esp aes cbc 192 mae sha2 384 ESP AES CBC KEY LENGTH 192 HMAC SHA2 384 esp aes cbc 192 hmac sha2 512 ESP AES CBC KEY LENGTH 192 HMAC SHA2 512 esp aes cbc 192 hmac ripemd ESP AES CBC KEY LENGTH 192 HMAC RIPEMD esp aes cbc 192 aes ESP AES CBC KEY LENGTH 192 AES XCBC MAC esp aes cbc 192 hmac md5 ESP AES CBC KEY LENGTH 192 HMAC MD5 esp aes cbc 192 ESP AES CBC KEY LENGTH 192 esp aes cbc 256 sha ESP AES CBC KEY LENGTH 256 SHA esp aes cbc 256 md5 ESP AES CBC KEY LENGTH 256 MD5 esp aes cbc 256 hmac sha ESP AES CBC KEY LENGTH 256 HMAC SHA esp aes cbc 256 hmac sha2 256 ESP AES CBC KEY LENGTH 256 HMAC SHA2 256 esp aes cbc 256 hmac sha2 384 ESP AES CBC KEY LENGTH 256 HMAC SHA2 384 esp aes cbc 256 hmac sha2 512 ESP AES CBC KEY LENGTH 256 HMAC SHA2 512 esp aes cbc 256 hmac ripemd ESP AES CBC KEY LENGTH 256 HMAC RIPEMD esp aes cbc 256 aes ESP AES CBC KEY LENGTH 256 AES XCBC MAC esp aes cbc 256 hmac md5 ESP AES CBC KEY LENGTH 256 HMAC MD5 esp aes cbc 256 ESP AES CBC KEY LENGTH 256 esp aes ctr sha ESP AES CTR SHA esp aes ctrl hmac sha ESP AES CTR HMAC SHA esp aes ctr hmac sha2 256 ESP AES CTR HMAC SHA2 256 esp aes ctr hmac sha2 384 ESP AES CTR HMAC SHA2 384 esp aes ctr hmac sha2 512 ESP AES CTR HMAC SHA2 512 esp aes ctr hmac ripemd ESP AES CTR
65. 5 DES MD5 names Cont mm aes sha AES SHA 1 mm aes sha2 256 AES SHA2 256 mm aes sha2 384 AES SHA2 384 mm aes sha2 512 AES SHA2 512 mm aes md5 AES MD5 ikeSetPropAttrib ikeSetPropAttrib NAME ikeSetPropAttrib set attributes of an IKE Phase 1 proposal SYNOPSIS ikeSetPropAttrib configString DESCRIPTION This rule sets the attributes for a previously defined IKE Phase 1 proposal Rule Value Rule Value configString A string formatted as follows proposalName attributeType attributeValue attributeType attributeValue proposalName is the name of an existing Phase 1 proposal Valid attribute Type value pairs are shown in the following table Attribute Type Attribute Value DHGROUP G1 for DH Group 1 or G2 for DH Group 2 UNITOFTIME SECS MINS or HRS for seconds minutes or hours default is minutes LIFETIME Default is 28800 seconds If the lifetime is greater than 0 and less than PHASE1 MIN LIFE IN SECS then it defaults to PHASE1 MIN LIFE IN SECS which is defined in ike h SOFTLIFETIME Default is 75 of the LIFETIME If the soft lifetime is greater than 0 and less than PHASE1 MIN LIFE IN SECS then it defaults to PHASE1 MIN LIFE IN SECS which is defined in ike h EXAMPLES ikeSetPropAttrib mm_group2 DHGROUP G2 ikeSetPropAttrib mm_group2 LIFETIME 28880 UNITOFTIME SECS Config String f proposalName attributeType attributeValue attributeType attributeVal
66. 8 Diagnostics Options Page with diagnostic messages enabled The System Number Device Number and Port Number value fields are read only disabled Instead of specifying these values for a System Device select a device via the Device Tree to populate these fields with that device s values as described below Enabling Diagnostics On a Selected System Device 1 Select the device that you want to Control or Emulate via the Device Tree a Click the Show Device Tree option to show the Device Tree window if it is not already enabled b In the Device Tree click on the Information i icon for the device for which you want to enable or modify Diagnostics options This opens a Network Settings page showing detailed information on the selected device including network configuration details An example Network Settings page is shown in FIG 39 C Click on the Diagnostics link This opens a Diagnostics Options page for the selected device FIG 39 NOTE System Number 1 f y e ques IN 00000 NI Master w REFRESH Ai Iro Ile ie System Network Settings Modify Network Settings for Devices Device Information NI Master AMX r Device Name Device Number Port Count Master Configuration Manager WebControf Security FID 380 OID 1 works Imag
67. 860032 0 0 amx Me260 201064w0382657 0 0 AMX ME260 201064w0861671 0 0 gt AMX ME260 0 0 0 0 0 0 0 0 0 0 0 Metreau petesboard Metreau Sam Metreau ScottTomasNum2 Nateboard2 pv4 PN Temp Pve_syeda Use Compression Use low color Roger s Test Gateway Virtualkeypad Java and all Java based trademarks and logos are trademarks or registered trademarks of Sun Microsystems Inc in the U S and other countries Copyright 2006 AMX Show Device Tree ava Internet 100 FIG 3 Internet Explorer with BonJour plug in 3 Double click on the desired NetLinx Controller to access the Web Console of the selected device This requires valid login information the browser will prompt you for User ID and Password before displaying the configuration pages for the selected device Notice that the serial number is appended to the name of the device At this point the device can be configured changing IP settings NetLinx settings User settings etc via the pages in the Web Console see the Onboard WebConsole User Interface section on page 21 Initial Configuration and Firmware Upgrade b WARNING Overview This section describes using the NetLinx Studio software application to perform the initial configuration of the Master as well as upgrading the firmware for various Master components NetLinx Studio is used to setup a System number obtain assign
68. ABLED Enables or disables ICSP monitoring out the specified IP port PORT By enabling icspmon on an IP port an external application could connect to that port and listen on the ICSP traffic Terminal Commands Cont Command Description IP STATUS Provides information about the current NetLinx IP Connections Example gt IP STATUS NetLinx IP Connections No active IP connections IPSEC ON OFF STATUS Enables Disables IPSec security or displays current setting MEM Displays the largest free block of the Master s memory Example gt MEM The largest free block of memory is 11442776 bytes MSG ON OFF Enables Disables extended diagnostic messages e MSG On error warning info debug sets the terminal program to display log messages generated by the Master The level of log printed to the terminal window depends both on the level used when sending the message and the output level selected with msg on For example if log output is enabled via msg on warning then logs produced at levels AMX_ERROR and AMX_WARNING will be displayed but not logs produced at levels AMX_INFO or AMX_DEBUG The order of severity from highest to lowest is ERROR WARNING INFO DEBUG If no severity is supplied with msg on the default setting is WARNING MSG OFF disables the display Example gt MSG ON Extended diagnostic information messages turned on gt MSG OFF Extended diagnostic informat
69. AC SHA2 256 esp null hmac sha2 384 ESP NULL HMAC SHA2 384 esp null hmac sha2 512 ESP NULL HMAC SHA2 512 esp null hmac ripemd ESP NULL HMAC RIPEMD esp null aes ESP NULL AES XCBC MAC esp null hmac md5 ESP NULL HMAC MD5 esp null md5 ESP NULL MD5 SpdSetPropAttrib SpdSetPropAttrib NAME spdSetPropAttrib set attributes of an IKE Phase 2 proposal SYNOPSIS spdSetPropAttrib pConfStr DESCRIPTION This rule sets or modifies the attributes of an existing IKE Phase 2 proposal Rule Value Rule Value pConfStr A stringValue specifier formatted as follows proposalName attributeType attributeValue attributeType attributeValue proposalName is the name of an existing Phase 2 proposal attributeType is an attribute type from the table below attributeValue is an attribute value from the table below Attribute Type Attribute Value ANTIREPLAY DISABLED or ENABLED default DHGROUP NONE default for no PFS G1 for D H Group 1 G2 for D H Group 2 ENCAP TUNNEL or TRANSPORT UNITOFTIME SECS default MINS or HRS HARDLIFETIME Default is 28800 seconds attributeValue is converted to seconds If attributeValue gt 0 and attributeValue lt PHASE2 MIN HARD LIFE IN SECS then it defaults to PHASE2 MIN HARD LIFE IN SECS which is defined to be 120 seconds Behavior is undefined if attributeValue 0 SOFTLIFETIME Default is 75 of HARDLIFET
70. ANY 17185 0 0 0 0 0 0 0 0 0 0 IN NOTMIRRORED IPv6 mkmAddDiscard 9 17 ANY 17185 0 0 IN NOTMIRRORED Config String saNumber protocolSelector destinationPort sourcePort Format destinationAddressSelector sourceAddressSelector directionality mirroring mkmAddTransport mkmAddTransport NAME mkmAddTransport add a transport mode Security Association SYNOPSIS mkmAddTransport cptr_mkm_sa DESCRIPTION This rule adds a transport mode Security Association SA After adding an SA and setting the associated transform ID and keys mkmCommit must be called to commit the SA to the Security Association Database SADB Rule Value cptr_mkm_sa A string formatted as follows saNumber protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality networkInterfaceAddress where saNumber is a decValue a unique number to be assigned to the SA protocolSelector is the IANA IP protocol number decValue ANY Use 6 for TCP or 17 for UDP destinationPort and sourcePort are decValue ANY destinationAddressSelector and sourceAddressSelector are ipAddressl ipAddress2 ipMaskPrefix directionality is IN OUT If IN then this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host A mirrored policy will automatically be created for the opposite traffic flow networkInterfaceAddre
71. Control Connections Manage devices attached to the Master G Conf 1 Touch Panel Ouse Compression C use tow color Select this option to show hide the Online Device Tree showing all devices currently connected to this Master Copyright 2006 AMX C Show Device Tree jE ta FIG 19 Master Configuration Manager Web Control Page initial view The webconsole is divided into three primary sections indicated by three control buttons across the top of the main page FIG 20 WebContro um Security System FIG 20 WebConsole Control Buttons Web Control This is the option that is pre selected when the WebConsole is accessed Use the options in the Manage Web Control Connections page to manage G4Web Control connections see the WebConsole Web Control Options section on page 37 Security Click to access the System Security page The options in this page allow you to configure various aspects of NetLinx System and Security on the Master see the WebConsole Security Options section on page 25 System Click to access the System Details page The options on this page allow you to view and configure various aspects of the NetLinx System see the WebConsole System Options section on page 39 EE Accessing the WebConsole From any PC that has access to the LAN that the target Master resides on 1 Open a web browser and type the IP Address of the target Master in the Address Bar 2 Press
72. Device Options link in the Manage Devices tab to access the Details for Additional Devices page FIG 53 The options on this page display various details specific to additional non NetLinx System Devices Configuring Device Binding Options 1 Use the Configure Binding Options options to specify how the Master will manage Bound Devices Binding Options Option Description Enable Auto Bind This selection allows you to toggle the state of the automatic binding for DDD On Off When auto binding is enabled the Master automatically attempts to connect any newly discovered device with an associated application device defined in the running NetLinx application Auto binding can only be accomplished if the Master s firmware determines a one to one correlation between the newly discovered device and a single entry within the list of defined application devices accessed via the Binding link at the top of this page For example if the application only has one VCR defined and a VCR is detected in the system auto binding can then be accomplished If there were two VCRs defined within the application auto binding could not be completed due to the lack of a clearly defined one to one correspondence When this option is not selected no auto binding activity takes place and all binding of the newly discovered devices must be accomplished manually via the Web control interface EH Binding Options Cont Option Descripti
73. E 85 old m 85 XON 85 RS 232 422 485 SEND STRING Escape Sequences eee 86 rESTDPLdM n 86 ed M HE 86 XP H 86 YEAST E HE 86 yam M 86 rA ETE OI III 86 IR Serial Ports Chanhels s eesesieceso re pA tin ben eE IEEE ERE FRAU pM EMEN eS n nissens eeens suisse hii 87 IRRX Port Channels me Q 87 CARO de H 87 saepe RE 87 je 88 je de 88 jure Ir M 88 ICTION 88 GET BAUD epo K 89 GET MODE EE 89 SE EE 89 POD EE 89 BCE T A E E E E E E E E e E EN OE 89 PON E 90 je E 90 PION EE 90 iz IN 91 SETIO LINK eee ege Reeg e 91 SET el ER 91 EE 91 MGH NEE 92
74. EEN AE 34 Viewing and Editing User Security Settings ccscscccccsscsssssssssssssssseceesesssssseseeeees 36 PIRATES deeg EES ed deg 36 WebConsole Web Control Options cississicsssssssuesicsssusncssssscssnsciesssivassueusousisecens 37 Manage Web Control Connections eene eene nnne nennen ennt 37 Compression Options sssssscescesessesseeeeeeceesaceeseeeeeeeccescesseseeeseesseesesesseeseeeeeseaes 37 WebCotsole System Options 11 eet eme theta EAR REPXEEE DERE DRE FUE EFE ER ERE C 39 System OVervie 39 System Manage System T H 39 Manage System System Number eese eene nennen ennt 39 Changing the System Number On the Master eese nennen 39 Using Multiple NetLinx Masters cesses eene eene eene nennen nennen ennt nnne nnne n nennen 40 Resetting the Master Controller to the Factory Defaults Configuration 40 Manage System Control Emulate Options eee eene 41 Controlling or Emulating a System Device eeeeeeeeeeeeeeeeeeeee nennen eene nennen 41 Manage System Diagnostics Options eee eene 44 Enabling Diagnostics On a Selected System Device eee 44 Diagnostics Options Definitions eeeeeseeeeeeeeeee eene nennen nennen nennen nnn nnne nenn nnne 47 Disabling all D
75. ES ESP DES ESP 3DES ESPAES ESP AES ESPAES CTR ESP AES CTR ESPNULL ESP NULL Note that ESP transform names of the form ESPxxx are deprecated the preferred names are of the form ESP xxx and the deprecated forms will be removed in the future Attribute types and values are shown in the following table Attribute Type Attribute Value DECKEY Decryption key in hexadecimal format must be 16 characters for DES 48 characters for 3DES and 32 characters for AES AUTHALG MD5 SHA HMAC MD5 HMAC SHA HMAC SHA2 256 HMAC SHA2 384 HMAC SHA2 512 HMAC RIPEMD AES XCBC MAC AUTHKEY Authentication key in hexadecimal format must be 32 characters for MD5 40 characters for SHA 64 characters for SHA2 256 96 characters for SHA2 384 128 characters for SHA2 512 and 40 characters for RIPEMD The traffic selectors for the transport or tunnel SA should be added before attempting to set the transform and keys for the same Security Association identified by SA Number Note that MD5 deprecated is equivalent to HMAC MD5 SHA deprecated is equivalent to HMAC SHA EXAMPLES mkmSet InboundESP 00 258 ESP_DES DECKEY 2134657812435687 AUTHALG HMAC MD5 AUTHKEY 12345678 9ABCDEF OFEDCBA9876543210 Config String Format saNumber spi espTransformID attributeType attributeValue attributeType attributeValue mkmSetOutboundAH mkmSetOutboundAH NAME mkmSetOutboundAH
76. Enter for permanent or T for temporary gt URL Added successfully Terminal Commands Cont Command Description SHOW AUDIT LOG Displays the User Account Access Audit Log Example SHOW AUDIT LOG 08 24 2009 06 54 04 lt TERMINAL gt administrator TERMINAL LOGIN_SUCCESS 08 24 2009 07 05 30 lt TERMINAL gt administrator TERMINAL LOGIN_SUCCESS 09 04 2009 09 21 09 lt TERMINAL gt administrator TERMINAL LOGIN_SUCCESS 09 04 2009 09 25 49 192 168 220 171 administrator HTTPS LOGIN_SUCCESS 09 04 2009 09 35 55 192 168 220 171 administrator HTTPS LOGOUT 09 08 2009 06 07 46 192 168 220 171 administrator SSH LOGIN_SUCCESS 09 08 2009 06 07 55 192 168 220 171 administrator SSH LOGOUT 09 08 2009 07 44 29 192 168 220 171 administrator HTTPS LOGIN_FAIL 09 08 2009 07 44 44 192 168 220 171 administrator HTTPS LOGIN_SUCCESS 09 08 2009 07 45 25 192 168 220 171 administrator HTTPS LOGOUT Each record displays Date and time of access Connection source consisting of either lt TERMINAL gt or the IP address of the user Account username Access transport mechanism TERMINAL HTTP HTTPS TELNET SSH Activity LOGIN SUCCESS LOGIN FAIL LOGOUT Note Records older than 90 days will be automatically purged The entire database of audit records can be purged manually from Telnet SSH terminal session using the ULEAR AUDIT LOG command see page 97 SHOW BUFFERS Displays a list of various message queues and the
77. Enter to access WebConsole for that Master The initial view is the Web Control page FIG 19 Device Tree Click the Show Device Tree checkbox to show hide the online device tree which indicates all devices currently connected to this Master Use the plus and minus symbols to the left of each item in the Device Tree to expand the view to include System devices ports and individual Port settings At the Port view you can use the Device Tree to make specific port assignments including Channel and Level assignments FIG 21 Device Tree all Collapsed Device Tree amp System Number 2 GALE Ha Bg 00000 NI Master 05001 Ni 700 D System devices expanded 10001 CV15 Video Touch Panel amp 41002 Virtual Ed Device Tree amp System Number 2 BALL GA amp 00000 NI Master E 05001 NI 700 Port 1 iH Pont amp Port3 NI 700 ports expanded Port4 H Port5 amp 10001 CV15 Video Touch Panel amp 41002 Virtual Eg Device Tree amp System Number 2 RS Ra amp 00000 NI Master Commands Strings f NI 700 Port 1 expanded Channels 1 255 v Levels 8 to Opens the Network Settings page for this device FIG 24 Online Device Tree Device Network Settings Pages Click on the blue Information 7 icon next to any device listed in the Device Tree to access the Network Settings page for the selected device FIG 22 System Number 1 Ww v A m PL FR V e gue DET 00000
78. Event OnLine 5001 16 50 33 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 5001 15 50 4 01 2001 THU 14 05 51 Interpreter To display only the startup log use the SHOW START LOG command see page 114 Terminal Commands Cont Command Description SHOW MAX BUFFERS Displays a list of various message queues and the maximum number of message buffers that were ever present on the queue Example show max buffers Thread TX RX Axlink 1 UDP 1 IPCon Mgr 0 Total for TCP Connections TX 0 Con Manager 8 Interpreter 17 Device Mgr 8 Diag Mgr 1 Msg Dispatch 0 Cfg Mgr 0 Route Mgr 0 Notify Mgr 0 Total 2 34 GrandTotal 36 See the SHOW BUFFERS section on page 110 SHOW MEM Displays the memory usage for all memory types SHOW NOTIFY Displays the Notify Device List Master Master This is a list of devices up to 1000 that other systems have requested input from and the types of information needed Note The local system number is 1061 Example gt SHOW NOTIFY Device Notification List of devices requested by other Systems Device Port System Needs 00128 00001 00108 Channels Commands Strings Levels 33000 00001 00108 Channels Commands SHOW REMOTE Displays the Remote Device List Master Master This is a list of the devices this system requires input from and the types of information needed If when a NetLinx Master connects to another NetLinx Master the newly connecting system has a device th
79. F Disable hardware handshaking default Syntax SEND COMMAND DEV HSOFF Example SEND COMMAND RS232 1 HSOFF Disables hardware handshaking on the RS232_1 device HSON Enable RTS ready to send and CTS clear to send hardware handshaking Syntax SEND COMMAND DEV HSON Example SEND COMMAND RS232 1 HSON Enables hardware handshaking on the RS232 1 device RXCLR Clear all characters in the receive buffer waiting to be sent to the Master RXOFF Disable the transmission of incoming received characters to the Master Syntax SEND COMMAND DEV RXCLR Example SEND COMMAND RS232 1 RXCLR Clears all characters in the RS232 1 device s receive buffer waiting to be sent to the Master Syntax SEND COMMAND DEV RXOFF Example SEND COMMAND RS232 1 RXOFF Stops the RS232 1 device from transmitting received characters to the Master RXON Start transmitting received characters to the Master default Enables sending incoming received characters to the Master This command is automatically sent by the Master when a CREATE BUFFER program instruction is executed Syntax SEND COMMAND DEV RXON Example SEND COMMAND RS232 1 RXON Sets the RS232 1 device to transmit received characters to the Master SET BAUD Set the RS 232 422 485 port s communication parameters Syntax SEND COMMAND lt DEV gt SET BAUD baud p
80. HA HMAC MD5 HMAC SHA HMAC SHA2 256 HMAC SHA2 384 HMAC SHA2 512 HMAC RIPEMD AES XCBC MAC Note that MD5 deprecated is equivalent to HMAC MD5 SHA deprecated is equivalent to HMAC SHA key is the authentication algorithm key in hexadecimal It must be 32 characters for MD5 40 characters for SHA 64 characters for SHA2 256 96 characters for SHA2 384 128 characters for SHA2 512 and 40 characters for RIPEMD The traffic selectors for the transport or tunnel SA should be added before attempting to set the transform and keys for the same Security Association identified by SA Number EXAMPLES mkmSet InboundAH 0 258 HMAC MD5 12345678 9ABCDEFOFEDCBA987654321 ET saNumber spi ahTransformID key mkmSetlnboundESP mkmSetInboundESP NAME mkmSetInboundESP set the transform ID and key for an inbound ESP SA SYNOPSIS mkmSet InboundESP configuration_string DESCRIPTION This rule sets the transform ID and key for an inbound Encapsulating Security Payload ESP Security Association SA Rule Value Rule Value configuration_string A string formatted as follows saNumber spi espTransformID attributeType attributeValue attributeType attributeValue where saNumber is a unique unsigned integer specified by the user spi is the decValue for the security parameter index an unsigned long spi gt 255 and spi SPI BOUNDARY which is defined as 2048 espTransformID is ESPDES ESP3D
81. IME attributeValue is converted to seconds If attributeValue gt 0 and attributeValue lt PHASE2 MIN SOFT LIFE IN SECS then it defaults to PHASE2 MIN SOFT LIFE IN SECS which is defined to be 90 seconds Behavior is undefined if attributeValue 0 HARDLIFESIZE Default is 4608000 KB If attributeValue gt 0 and attributeValue lt PHASE2 MIN HARD LIFE IN KB then it defaults to PHASE2 MIN HARD LIFE IN KB which is defined to be 2560 KB Behavior is undefined if attributeValue 0 SOFTLIFESIZE 0 for no lifesize default is 75 of HARDLIFESIZE If attributeValue gt 0 and attributeValue lt PHASE2 MIN SOFT LIFE IN KB then it defaults to PHASE2 MIN SOFT LIFE IN KB which is defined to be 1920 KB Behavior is undefined if attributeValue 0 PSKEEPALIVE DISABLED ENABLED or GLOBAL default Sets the keep alive flag for protection suites created using this proposal If you choose ENABLED all protection suites derived from this proposal will renew when their soft lifetimes expire If you choose GLOBAL the global keep alive flag will be consulted when soft lifetimes expire EXAMPLES spdSetPropAttrib ah_default DHGROUP G2 spdSetPropAttrib ah_default ENCAP TUNNEL HARDLIFESIZE 4608000 spdSetPropAttrib proposal_foo DHGROUP Gl ENCAP TRANSPORT HARDLIFETIME 140 SOFTLIFETIME 120 Config String Format proposalName attributeType attributeValue attributeType attributeValue spdSetSA spdSetSA NAME s
82. Java MicroEdition JavaME platform Duet simplifies the programming of a system that includes the NI 900 and other third party devices by standardizing device and function definitions defaulting touch panel button assignments and controlling feedback methods Dynamic Device Discovery makes integration even easier by automatically identifying and communicating with devices which support this beaconing technology Refer to the Manage Devices Device Options section on page 61 for more detailed information on the use of Dynamic Device Discovery DDD DVX 2100HD Enova Total Environment Controller The DVX 2100HD Enova Total Environment Controller utilizes an NI 2100 Controller therefore all controller related information that applies to the NI 2100 is fully applicable to the DVX 2100HD As a Total Environment Controller the DVX 2100HD features many functions that do not apply to NetLinx Integrated Controllers most of which relate directly to the Audio Video capabilities of the DVX 2100HD Environment Controllers DVX 2100HD FG1905 01 DVX 2100HD FIG 2 DVX 2100HD Enova Total Environment Controller Refer to the DVX 2100HD Operation Reference Guide for information specific to the DVX 2100HD About This Document This document describes using the on board Web Console as well as NetLinx send commands and terminal communications to configure the NI Controllers Each major section of the Web Console is described in a separate sectio
83. L Checking All are selected then at least one certificate must be present in the CRL Certificates directory on the Master The Upload Configuration File section provides the capability to upload the IPSec Config file onto a Master Simply browse to the file s location on a PC select the file and select Submit The file will be uploaded to its proper location on the Master There is no delete capability for the Config file New uploads overwrite the existing Config file Eh The Certificates CA Certificates and CRL Certificates sub pages provide the ability to upload certificates certificate authority certificates and certificate revocation list certificates respectively onto the Master Simply browse to the location of the certificate data on the PC select the file and select Submit The selected file will be uploaded to the appropriate directory on the Master To delete a certificate file simply select the desired file and select Delete This will cause the file to be removed from the Master Types Constants Appendix B Clock Manager NetLinx Programming API The NetLinx axi file that ships with NetLinx Studio includes the following types constants STRUCTURE CLKMGR TIMEOFFSET STRUCT INTEGER HOURS INTEGER MINUTES INTEGER SECONDS STRUCTURE CLKMGR_TIMESERVER_STRUCT CHAR IS_SELECTED CHAR IS_USER_DEFINED CHAR IP_ADDRESS_STRING 48 CHAR URL_STRING
84. MAND IR 1 SET MODE IR Sets the IR 1 port to IR mode for IR control Note The maximum baud rate for ports using DATA mode is 19200 Also DATA mode works best when using a short cable length 10 feet SP Generate a single IR pulse Use the CTON to set pulse lengths and the CTOF for time Off between pulses Syntax SEND COMMAND lt DEV gt SP lt code gt Variable code IR code value 1 252 253 255 reserved Example SEND COMMAND IR 1 SP 25 Pulses IR code 25 on IR 1 device IR Serial SEND_COMMANDs Cont Command Description XCH Syntax Transmit the selected SEND COMMAND lt DEV gt XCH channel channel IR codes in the Variable format pattern set by the S IER XCHM send command BEE Example For detailed usage examples refer to the XCHM command Note This command supports 4 digit channels XCHM Changes the IR output pat tern for the XCH send command Syntax SEND COMMAND lt DEV gt XCHM extended channel mode gt Variable extended channel mode 0 4 Example SEND COMMAND IR 1 XCHM 3 Sets the IR 1 device s extended channel command to mode 3 Mode 0 Example default x x lt x gt lt enter gt SEND COMMAND IR 1 XCH 3 Transmits the IR code as 3 enter SEND COMMAND IR 1 XCH 34 Transmits the IR code as 3 4 enter SEND COMMAND IR 1 XCH 343 Transmits the IR code as 3 4 3 enter Mode 1 Example x
85. MaskPrefix directionality is IN for inbound or OUT for outbound If IN this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host mirroring is NOTMIRRORED or MIRRORED NOTMIRRORED creates a policy only in the specified direction MIRRORED creates two policies one in each direction SpdAddDiscard Cont EXAMPLES IPv4 spdAddDiscard 17 17185 0 0 0 0 0 0 0 0 0 0 0 IN NOTMIRRORED IPv6 spdAddDiscard 17 17185 0 0 0 IN NOTMIRRORED Config String Format protocolSelector destinationPort sorucePort destinationAddressSelector sourceAddressSelector directionality mirroring SpdSetProp SpdSetProp NAME spdSetProp add Phase 2 transforms to a Phase 2 proposal SYNOPSIS spdSetProp pConfStr DESCRIPTION This rule adds one or more existing Phase 2 transforms to a Phase 2 proposal Rule Value Rule Value pConfStr A stringValue specifier formatted as follows proposalName transformName transformName where proposalName is a unique Phase 2 proposal name transformName is the name of an existing Phase 2 transform You can specify up to eight transform names EXAMPLES spdSetProp proposal foo ah xform Config String Format proposalName transformName transformName Pre defined The following are Phase II proposal names already defined inside the AMX Firmware and proposal available for use names
86. Master All NI Controllers contain both an on board NI Master and an Integrated Controller If you are using an NI 4000 or NI 4100 with installed NXC cards these will also show up within the Online Tree tab The on board Master shows up within the Online Tree as 00000 NI Master The Integrated Controller of the NI shows up as OXXXX NI XXXX ex 050001 NI 700 Each of these components has its own corresponding firmware shown in parenthesis 1 After Studio has established a connection with the target Master click on the OnLine Tree tab in the Workspace window to view the devices on the System The default System value is one 1 2 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The communication method is highlighted in green on the bottom of the NetLinx Studio window C p The current installed firmware version of the on board NI Master is displayed to the right of the device within the Online Tree tab as 00000 NI Master NOTE 3 After the Communication Verification dialog indicates active communication between the PC and the Master verify the NetLinx Master 00000 NI Master appears within the OnLine Tree tab of the Workspace window FIG 13 The default NI Master value is zero 00000 and cannot be changed INS NetLinx Studio File Edit View Project Build Diagnostics Debug Tools Settings Window H
87. NI Master MESZ i i DE System Master Configuration Manager WebControl Security System Network Settings Modify Network Settings for Devices Network Settings URL List Device Number Control Emulate Log Diagnostics Device Name NI Master Manufacturer AMX LLC Device Number 0 Version v3 60 453 Port Count 1 FWID 380 OID 1 vxWorks Image v3 60 453 OID 2 BootROM v3 60 453 OID 3 AXLink HE uController v1 30 8 IP Address HostName Shane31 Gucp Specify IP Address IP Address 192 168 Long 255 255 Subnet Mask 252 0 Gateway 192 Y 168 220 3 _DNS Address Domain Suffix amx_internal DNS IP 4 192 168 20 6 DNS IP 2 192 168 20 5 DNS IP 3 on of NDP Beacon on of IP Device Discovery Q9 on ot FIG 22 Example Network Settings page Use the options on this page to view edit the device s network settings Referto the Manage Devices Network Settings section on page 71 for details ZeroConfig Networking Use these radio buttons to enable disable the new Zero Configuration zeroconf client in the Master By default zeroconf is enabled On option selected With zeroconf enabled the Master s web interface will be registered via zeroconf and can be viewed through a zeroconf browser plug in such as Bonjour for IE WebConsole Security Options Security Overview The Security System Details page is acc
88. Network Time or Stand Alone e Daylight Savings The Daylight Savings Manager in this tab allows you to specify how and when to implement Daylight Savings rules on the clock NIST Servers The NIST Server Manager in this tab allows you to connect to a specific NIST Internet Time Service Server Setting the Mode for the Clock Manager 1 In the Mode Settings tab FIG 47 select a Time Synch option Network Time This option allows the Master to manage it s clock by connecting to a NIST Internet Time Service Server When this option is selected the Master will connect to the default NIST Server to get date and time information You can select a different NIST Server or specify the IP Address of a known NIST Server in the NIST Servers tab see the Selecting a Custom NIST Server section on page 57 Stand Alone This option lets the Master use its own internal clock When this option is selected two additional fields are available on this tab e Date Enter the current date in these fields mm dd yyyy e Time Enter the current time in these fields hh mm ss 2 Click Accept to save these settings to the Master NOTE Setting Daylight Savings Rules 1 In the Daylight Savings tab FIG 48 enable Daylight Savings mode by clicking the On button System Number 2 K E LOGIN Welcome guest boom System Number 2 v REFRESH as n nfiguration Manager MEET Security System Manage System KAES DATA SAEUL EL
89. Options menu described below Security Options Menu Command Description 1 Terminal RS232 Security This selection enables disables Terminal Security on the Program Enabled Disabled RS232 Port If Terminal Security is enabled a user must have sufficient access rights to login to a Program Port terminal session 2 HTTP Security This selection enables disables HTTP Web Server Security Enabled pisableg It HTTP Security is enabled a user must have sufficient access rights to access the Master s WebConsole via a web browser 3 Telnet Security This selection enables disables Telnet Security Enabled Disabled If Telnet Security is enabled a user must have sufficient access rights to login to a Telnet terminal session 4 Enab Configuration Security ed Disabled This selection enables disables configuration access rights for the Master If Configuration Security is enabled a user must have sufficient access rights to access the Setup Security menu see page 117 and make changes to the Master s security parameters 5 ICSP Security Enabled Disabled This selection enables disables security of ICSP data being transmitted between the target Master and external AMX components software and hardware such as TPD4 and a Modero Touch Panel 6 ICSP Encryption Required Enabled Disabled This selection enables disables the need to require encryption of the ICSP commun
90. PS communication would be to change the port value If the port value is changed any consecutive session to the target Master has to add the port value at the end of the adaress within the Adaress field An example is if the port were changed to 99 the new address information would be http 192 192 192 192 99 SSH The port value used for secure Telnet communication A separate secure SSH Client would handle communication over this port When using a secure SSH login the entire login session including the transmission of passwords is encrypted therefore it is secure method of preventing an external user from collecting passwords SSH version 2 is supported The default port value is 22 Note If this port s value is changed make sure to use it within the Adaress field of the SSH Cli ent application FTP The default port value used for FTP communication 21 Note This port can be disabled enabled but the value can not be changed Once any of the server port settings have been modified press the Accept button to save these changes to the Master Once these changes are saved the following message appears Unit must be rebooted for the change to take effect Click the Reboot button from the top of the page to remotely reboot the target Master No dialog appears while using this button The Device Tree then reads Rebooting After a few seconds the Device Tree refreshes with the current system informat
91. R IS NETWORK SOURCEDY eese eene n nnne nennen enne esesss snas nn nununnnnnu 145 CLKMGR SET CLK SOURCE CONSTANT INTEGER MODE cene 145 CLKMGR IS DAYLIGHTSAVINGS ON eese nnne nnne enne eene e esses sensa sana nun 145 CLKMGR SET DAYLIGHTSAVINGS MODE CONSTANT INTEGER ONDOFF use 145 CLKMGR GET TIMEZONVEY 00sssssssssssssccssessceeceecccsssceesseeeeecccsssssssssssscsssssssssecseeseeeeeeeaes 145 CLKMGR SET TIMEZONE CONSTANT CHAR TIMEZONE eere eene 145 CLKMGR GET RESYNC PERIODY ccsccssssccceececeecceeseeeeeeessssssssssssssessssscsesecseeseseasaoees 145 CLKMGR SET RESYNC PERIOD CONSTANT INTEGER PERIOD eene 145 CLKMGR GET DAYLIGHTSAVINGS OFFSET CLKMGR TIMEOFFSET STRUCT T 145 CLKMGR SET DAYLIGHTSAVINGS OFFSET CONSTANT CLKMGR TIMEOFFSET STRUCT T eese eene eene eene eene tenens nsns sannnnu 146 CLKMGR GET ACTIVE TIMESERVER CLKMGR TIMESERVER STRUCT T 146 CLKMGR SET ACTIVE TIMESERVER CONSTANT CHAR IP eere enne 146 CLKMGR GET TIMESERVERS CLKMGR TIMESERVER STRUCT T e eeeeeeeeee 146 CLKMGR ADD USERDEFINED TIMESERVER CONSTANT CHAR IPTI CONSTANT CHAR URL CONSTANT CHAR LOCATIONT eeeeee eee 146 CLKMGR DELETE USERDEFINED TIMESERVER CONSTANT CHAR IP eeee 146 CLKMGR GET START DAYLIGHTSAVINGS RULEY
92. R port s DATA mode Syntax SEND COMMAND DEV SET BAUD baud parity data stop Variables baud baud rates are 19200 9600 4800 2400 and 1200 parity N none O odd E even M mark S space data 7 or 8 data bits stop 1 and 2 stop bits Example SEND COMMAND IR 1 SET BAUD 9600 N 8 1 Sets the IR 1 port s communication parameters to 9600 baud no parity 8 data bits and 1 stop bit Note The maximum baud rate for ports using DATA mode is 19200 Also DATA mode works best when using a short cable length 10 feet SET IO LINK Link an IR or Serial port to a selected UO channel for use with the D I POD PON and POF commands The I O status is automatically reported on channel 255 on the IR port The I O channel is used for power sensing via a PCS or VSS A channel of zero disables the UO link Syntax SEND COMMAND lt DEV gt SET IO LINK I O number Variable UO number 1 8 Setting the UO channel to 0 disables the I O link Example SEND COMMAND IR 1 SET IO LINK 1 Sets the IR 1 port link to UO channel 1 The IR port uses the specified I O input as power status for processing PON and POF commands SET MODE Set the IR Serial ports for IR or Serial controlled devices Sets an IR port to either IR Serial or Data mode Syntax SEND COMMAND lt DEV gt SET MODE lt mode gt Variable mode IR SERIAL or DATA Example SEND COM
93. RESETADMINPASSWORRD cccccsscscsccesessssssecescsccsessessesesesccseeesssessesesesecesnsseeeeesessesseeseeeens 101 RESET FAGTORY EE 101 ROUTE MODE DIRECTINORMAAL eese eene enne nnne nn nnen nenne sss ee nnn nasse en enn natans 101 SEND COMMAND D P S or NAME COMMAND eene eene nnn nnne nnne nnnnnnnn nnne 101 SEND LEVEL lt D P S gt lt LEVEL ID LEVEL VALUE ccccsessssseseeeseeeesceseeeeeeseeeeeseees 101 SEND STRING D P S or NAME STRING eese eee nennen nnnnnn anna 101 SET DATE T 102 SET DNS lt D PiS 102 SET DUET MEMORY cccccccsssssssscrseecscsceeessesssscsccceeesessecessesessssseceeessessssesseeeeensesoeeesesens 102 SET ETHERNET MODE lt CMD gt sesser tosrsserrsekeseasei teorier caserie nnne nene nennt nnns ases e esee tenete nnnnenn 103 dxguiduehgg e M 103 SET HTTP PORT ec TEE 103 SET HTTPS PORT e 103 SET ICSP PORT RE 103 SET ICSP TCP TIMEOUT p 104 GET ID A E E E TETEE E IT 104 SET LOG e ell EE 104 SET QUEUE SIZE ge M 105 SET SECURITY PROFILE ccccssssssssseccescsseesessscnseceeesessesseseeseensceeeeesesesssseeeseensaseeeesseesens 105 ize lue M 107 Ee Bd gg
94. Release CHON and CHOFF for the specified lt D P S gt The Channel number range is 1 65535 Select the On or Off buttons to Emulate Channel ON CHON and Channel OFF CHOFF messages for the specified lt D P S gt 4 Select the Push button to Emulate a push release on the specified channel not displayed if the Control option is selected Click and hold the Push button to observe how the device Master responds to the push message 5 In the Level Code section enter a valid Level number and Level data value for the specified lt D P S gt and press the Send button to transmit the level data The Level number range is 1 65535 The table below lists the valid Level data types and their ranges Level Data Type Minimum Value Maximum Value CHAR 0 255 INTEGER 0 65535 SINTEGER 32768 32767 LONG 0 429497295 SLONG 2147483648 2147483647 FLOAT 3 402823466e 38 3 402823466e 38 6 In the Command and String fields enter any character strings that can be sent as either a String or Command and press Send to transmit to the Master When entering a Send Command do not include the send c or SEND_COMMAND in the statement only type what would normally occur within the quotes but don t include the quotes either For example to send the CALIBRATE send command type CALIBRATE no quotes rather than SEND COMMAND dev CALIBRATE String Expressions start and end with double quotes OT Double quotes are
95. S 0 1 0 the Master A device must first be defined in the NetLinx programming language with values for the Device Port System In these programming examples lt DEV gt Device The term lt D P S gt Device Port System Master IP Local Port SEND COMMANDs Command Description UDPSENDTO Set the IP and port number of the UDP local ports destination for sending future packets This is only available for Type 2 and Type 3 Local Ports Type 2 and Type 3 are referring to the protocol type that is part of the IP CLIENT OPEN call 4th parameter Type 1 is TCP Type 2 is UDP standard Type 3 is UDP 2 way The NetLinx axi defines constants for the protocol types CHAR IP TCP 1 CHAR IP UDP 2 CHAR IP UDP 2WAY 3 Syntax SEND COMMAND lt D P S gt UDPSENDTO lt IP or URL gt lt UDP Port Number gt Variables IP or URL A string containing the IP Address or URL of the desired destination UDP Port Number A String containing the UDP port number of the desired destination Example 1 SEND_COMMAND 0 3 0 UDPSENDTO 192 168 0 1 10000 Any subsequent SEND_STRING to 0 3 0 are sent to the IP Address 192 168 0 1 port 10000 Example 2 SEND COMMAND 0 3 0 UDPSENDTO myUrl com 15000 Any subsequent SEND STRING to 0 3 0 are sent to the URL myURL com port 15000 NOTE LED Disable Enable SEND COMMANDs The following sections only apply to the integrated controller component of the Nis
96. S and 3DES and 32 characters for AES The traffic selectors for the transport or tunnel SA should be added before attempting to set the transform and keys for the same Security Association identified by SA Number Note that MD5 deprecated is equivalent to HMAC MD5 SHA deprecated is equivalent to HMAC SHA EXAMPLES mkmSet OutboundESP 00 258 ESP_DES ENCKEY 2134657812435687 IV 1001100110011001 AUTHALG HMAC MD5 AUTHKEY 12345678 9ABCDEF OFEDCBA9876543210 Config String Format saNumber spi espTransformID attributeType attributeValue attributeType attributeValue Sample IPSec Configuration File The following is a sample IPSec configuration file ikeAddPeerAuth 192 168 220 57 sLOCAL_ADDR mm_g2 RSA new key Gem AMXCA new cert pem ikeAddPeerAuth 192 168 220 37 sLOCAL_ADDR mm_g2 PSK password spdAddTransport ANY 192 168 220 57 sLOCAL_ADDR OUT PACKET IKE qm_sa_g2_transport spdAddTransport ANY 192 168 220 37 sLOCAL_ADDR OUT PACKET IKE qm_sa_g2_transport ES add bypass for IKE TCP port 500 pdAddBypass 17 500 500 192 168 220 57 LOCAL ADDR OUT MIRRORED spdAddBypass 17 500 500 192 168 220 37 9 LOCAL ADDR OUT MIRRORED oo o add bypass for IPSEC ESP protocol pdAddBypass 50 192 168 220 57 sLOCAL_ADDR OUT MIRRORED spdAddBypass 50 192 168 220 37 sLOCAL_ADDR OUT MIRRORED o add bypass for IPSEC AH protocol pdAddBypass 51 192 168 220 57 sLOCAL_ADDR O
97. SET int should call REBOOT following a set Terminal Commands Cont Command Description SET ETHERNET MODE CMD _ This command sets the current LAN configuration lt CMD gt auto or speed duplex where speed 10 100 and duplex full half Examples Set Ethernet mode auto Set Ethernet mode 100 full Set Ethernet mode 10 half When new mode is set unit will respond with Ethernet mode set Change takes effect after reboot Note See the GET ETHERNET MODE section on page 98 SET FTP PORT Enables Disables the Master s IP port listened to for FTP connections Note The Master must be rebooted to enable new settings Example gt SET FTP PORT FIP is enabled Do you want to enable e or disable d FTP enter e or d FIP enabled reboot the Master for the change to take affect SET HTTP PORT Sets the Master s IP port listened to for HTTP connections Note The Master must be rebooted to enable new settings Example gt SET HTTP PORT Current HTTP port number 80 Enter new HTTP port number Usually 80 0 disable HTTP Setting HTTP port number to New HTTP port number set reboot the Master for the change to take affect SET HTTPS PORT Sets the Master s IP port listened to for HTTPS connections Note The Master must be rebooted to enable new settings Example gt SET HTTPS PORT Current HTTPS port number 443 Enter new HTTPS port number Usually 443 0 disab
98. T lat Clock Manager Options Modify Clock Manager options for the Master System Number Control Emulate Diagnostics Server Clock Manager i T R ti Daylight Savings On ke opm Daylight Savings eas Ke Ofset 01 i 00 i nn mm Starts Ends OFixed by Occurance nes OFied by Occurance Week ofthe Month 3 Week ofthe Month 3 e Day ofthe Week Sun Day ofthe Week Sun v Month Mar Month O9 Starts 02 v 00 hh mm Starts 02 ze 100 zl hh mm Eccc cca FIG 48 Clock Manager Options Daylight Savings tab 2 Use the Offset drop down menus to adjust the amount of time hours and minutes to offset Daylight Savings By default the offset is set to 1 hour Although most places that support Daylight Savings usually adjust the local time by one hour this doesn t cover all locations To provide flexibility for such locations it is possible to configure a different daylight savings time offset 3 Use the Starts fields to specify when Daylight Savings should start The Starts rules include Select Fixed to specify the calendar date when the rule applies as a specific date March 21 When Fixed is selected use the Day Month and Starts fields to specify the date and time hh mm to start Daylight Savings time e Select by Occurrence to specify the calendar date when the rule applies as a heuristic the 3rd Sunday in March When by Occurrence is selected use the Week of the Mo
99. This system may be monitored for all lawful purposes All information including personal information placed on or sent over this system may be monitored Use of this DOD computer system authorized or unauthorized constitutes consent to monitoring of this system Unauthorized use may subject you to criminal prosecution and penalties The default Web login banner text can be overridden by providing a banner txt file in the user directory The SSH and terminal interface will display the following banner after a successful login DOD use only Subject to monitoring reporting prosecution and penalties Secure and DoD profile configuration can be tailored with more or less security features by manually altering the Master s configuration following the secure profile selection For example the Master can be put into secure profile and then the HTTP and Telnet interfaces can be manually re enabled via their existing configuration mechanism This would enable all of the new secu rity features provided by the secure profile but still allow Master access via HTTP and Telnet Note When transitioning from secure or DoD profile to the non profile user accounts are NOT wiped and the administrator and netlinx accounts will retain their secure passwords SET SNMP Sets SNMP read and write community strings This command invokes the SET SNMP sub menu gt SET SNMP Enter New Values or just hit Enter to keep current
100. UT MIRRORED spdAddBypass 51 192 168 220 37 sLOCAL_ADDR OUT MIRRORED IPSec Web Configuration Interface Once the IPSec Config file for a system has been created on a PC the configuration of IPSec on a Master is accomplished via its Web interface The following is a screen shot of the IPSec Security Settings page and descriptions of each field FIG 70 All setting and file modifications require a system reboot to take effect o System Humb barg ome M System Number 3 v IR A P ec b Master Configurati Manager WebControl System Group Level User Level IPSec Security Details Modify IPSec security settings for the Master SE EE Configure IPSec Settings Manage Certificate Files Enabled Certificates CA Certificates CRL Certificates Select a file to delete e A Nenk AERE certi demoCA3subCAT1 key pem CRL Checking certi demoCA3subCAl certpem CRL Checking All new cert pem Delete File Update Settings new key pem Upload Configuration File Upload Certificate File FIG 70 IPSec Security Settings page The Enabled checkbox turns on and off the entire IPSec feature The CRL radio buttons indicate the level of Certificate Revocation List checking that is performed for IPSec connections CRL Checking checks the sources certificate while CRL Checking All checks all of the certificates in a sources certificate chain If either CRL Checking or CR
101. Web Control devices to Web control list displayed by the Web server in a browser The internal GAWC Send command to Master 0 1 0 has been revised to add G4Web Control devices to Web control list displayed in the browser Syntax SEND COMMAND lt D P S gt G4WC Name Description IP Address URL IP Port Enabled Variables Name Description A string enclosed in double quotes that is the description of the G4 Web Control instance It is displayed in the browser IP Address URL A string containing the IP Address of the G4 Web Control server or a URL to the G4 Web Control server IP Port A string containing the IP Port of the G4 Web Control Server Enabled 1 or 0 If itis a 1 then the link is displayed If it is a 0 then the link is disabled The combination of Name Description IP Address URL and IP Port are used to determine each unique listing Example SEND COMMAND 0 1 0 G4WC Bedroom 192 168 1 2 5900 1 Adds the BEDROOM control device using the IP Address of 192 168 1 2 IGNOREEXTERNAL CLOCKCOMMANDS Set the Master so that it cannot have it s time set by another device which generates a CLOCK command Syntax SEND COMMAND lt D P S gt IGNOREEXTERNALCLOCKCOMMANDS Example SEND COMMAND 0 1 0 IGNOREEXTERNALCLOCKCOMMANDS Master IP Local Port SEND COMMANDs These commands are specific to the Master and not the Controller These commands are sent to the DP
102. XCBC MAC S A a ah_sha2_256 AH_SHA2 256 a a a a ESP Transforms esp_3des_sha ESP_3DES SHA esp_3des_md5 ESP_3DES MD5 esp 3des hmac sha ESP 3DES HMAC SHA esp 3des hmac sha2 256 ESP 3DES HMAC SHA2 256 esp 3des hmac sha2 384 ESP 3DES HMAC SHA2 384 esp 3des hmac sha2 512 ESP 3DES HMAC SHA2 512 esp 3des hmac ripemd ESP 3DES HMAC RIPEMD esp 3des aes ESP 3DES AES XCBC MAC esp 3des hmac md5 ESP 3DES HMAC MD5 esp 3des ESP 3DES esp des sha ESP DES SHA esp des md5 ESP DES MD5 esp des hmac sha ESP DES HMAC SHA esp des hmac sha2 256 ESP DES HMAC SHA2 256 esp des hmac sha2 384 ESP DES HMAC SHA2 384 esp des hmac sha2 512 ESP DES HMAC SHA2 512 esp des hmac ripemd ESP DES HMAC RIPEMD esp des aes ESP DES AES XCBC MAC esp des hmac md5 ESP DES HMAC MD5 esp des ESP DES esp aes cbc sha ESP AES CBC SHA esp aes cbc md5 ESP AES CBC MD5 esp aes cbc hmac sha ESP AES CBC HMAC SHA esp aes cbc hmac sha2 256 ESP AES CBC HMAC SHA2 256 esp aes cbc hmac sha2 384 ESP AES CBC HMAC SHA2 384 esp aes cbc hmac sha2 512 ESP AES CBC HMAC SHA2 512 esp aes cbc hmac ripemd ESP AES CBC HMAC RIPEMD esp aes cbc aes ESP AES CBC AES XCBC MAC esp aes cbc hmac md5 ESP AES CBC HMAC MD5 esp aes cbc ESP AES CBC SpdSetProp Cont Pre defined esp aes cbc 192 sha ESP AES CBC KEY LENGTH 192 SHA Phase II esp aes cbc 192 md5 ESP AES CBC KEY LENGTH 192 MD5 transform esp aes cbc 19
103. access to the Master For example if you had 50 devices connected to a Master you would not have to create 50 individual user accounts one for each device Instead you only need to create one which all 50 devices use for access The first layer of security for the Master is to prompt a user to enter a valid username and password before gaining access to a secured feature on the target Master Depending on the Security configuration Users may be prompted to enter a valid username and password before gaining access to various features of the WebConsole User access is specified by the administrator in the Group and User Level pages of the Security section This username and password information is also used by both G4 touch panels within the System Connection firmware page and AMX software applications such as NetLinx Studio v 2 4 to communicate securely with a Master using encrypted communication User Name and Password Rules Case sensitive Must be between 4 and 20 characters Allowed Special Characters The following special characters are allowed for use in User Name and Password entries I45 96 amp 4 lt gt Q9 N C Also allowed are any printable ASCII characters including space A Z a z 0 9 System Security System Level System Level Security options provide authorized users the ability to alter the current security options of the entire system assigned to the Master The options provided on this tab
104. age Log For Device page FIG 68 This page displays message logs for the NetLinx Master Controller System Number 1 L dle UTOGIN Welcome quest KEEN 00000 NI Master REFRESH t LF aN i d i System Master Configuration Manager wencana Sees i Manage Devices Message Log for Device e View Log for Device Network Settings URL List Device Number Controvemulate Log Diagnostics S Refresh List No Date Time Object Text 1 09072011 MON weree CipEvent OffLine 32001 1 1 15 41 10 x ae Hosene ICSPTCPRXx0 CloseSocket Closing Socket 1 NUN ACSBTCR CICSPTCP Rx connection to 192 168 220 171 has been closed locally or by peer 4 P NDN ConnectionManager Memory Available 32445592 lt 42544 gt 5 03 07 20 jonManager Memory Available v11 MON 14 34 48 Configura 19505x13a0013 03 07 2011 MON d 159 14 34 49 ConfigurationManager System 1 160 PEN ConfigurationManager LoadConfiguration Complete 27253 14 34 49 FIG 68 Manage System Message Log For Device Control Guid Manage Devices Diagnostics With the NetLinx Controller selected in the Device drop down menu click the Diagnostics link in the Manage Devices tab to access the Diagnostics Options page FIG 69 System Num baag Toain Welcome guest Bs E39 Master Configuration Manager em Manage Devices Do D e Master Network Settings URL List Device Number Control Emulate Log Diagnostics Number 1 Device 0
105. alCertificate The filename where the local peer s certificate is stored peerCertificate The filename where the remote peer s certificate is locally stored If PEER CERT is specified any certificate payload s received from the remote IKE peer during IKE phase 1 negotiation will be ignored and the certificate specified in peerCertificate will be used to authenticate the remote peer All keys and certificates are stored on the local file system in the directory set by the project facility parameter IKE CERT PATH EXAMPLES Using a pre shared key for IPv4 ikeAddPeerAuth 100 100 100 4 100 100 100 1 mm grp2 NOPFS PSK thisisatest Using a pre shared key for IPv6 ikeAddPeerAuth 3ffe 2 2 3ffe 1 2 mm_grp2 NOPFS PSK thisisatest Using certificates for IPv4 ikeAddPeerAuth 192 168 1 36 192 168 1 35 ph1l oi 1 NOPFS RSA local key key mypassword local cert crt PEER CERT peer cert crt ikeAddPeerAuth 192 168 1 36 192 168 1 35 ph1 oi 1 NOPFS RSA local key key mypassword local cert crt ikeAddPeerAuth 192 168 1 36 192 168 1 35 ph1 oi 1 NOPFS RSA local key key NOPASS local cert crt Config String peerlIpAddress interfaceIpAddress proposalName authenticationMethod Format authenticationInfo Pre defined The following are proposal names already defined inside the AMX Firmware and available for proposal use in the ikeAddPeerAuth configuration names mm g2 mm 3des sha mm 3des md5 mm des sha mm des md5 A
106. all Active Devices S 2 Device Options Bindings User Defined Devices Active Devices Polled Ports Check devices for compatible Duet Modules E Select the device to search for all compatible Duet modules Physical Device Binding Module Available Search 192 168 200 10 N A unknown Search 5001 1 0 MyDVD yes Search FIG 59 System Manage Devices Active Devices Searching For All Compatible Duet Modules for a Selected Device 1 Click the Search button for the device that you want to find a Duet Module for This action initiates a search for compatible modules based on the following options Unless the Disable Module Search via the Internet option was selected in the Manage Devices page see the Manage Devices Device Options section on page 61 the search includes a query of the AMX online database as well as any manufacturer specified URLs that match the IP Address of the physical device for a compatible module Ifthe device specified a URL in its DDD beacon the file is retrieved from the URL either over the Internet or from the physical device itself provided the device has an inboard HTTP or FTP server NOTE e If Module Search via Internet is NOT enabled the search does NOT query the AMX online database nor will it pull any manufacturer specified URLs that do not match the IP Address of the physical device itself Modules that are retrieved from either the Internet or from the manufacturer s device are then placed i
107. ame is an SA proposal name EXAMPLES IPv4 spdAddTransport ANY 30 0 0 1 30 0 30 1 0UT PACKET IKE qm sa default IPv6 spdAddTransport ANY 3ffe 1 2 3ffe 2 2 0UT PACKET IKE qm sa default Config String Format protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality useSelector keyManager saProposalName SpdAddTunnel SpdAddTunnel NAME spdAddTunnel create a tunnel mode policy in the SPD SYNOPSIS DESCRIPTION spdAddTunnel pConfStr This rule creates a tunnel mode policy in the SPD Rule Value Rule Value pConfStr A stringValue specifier formatted as follows protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality useSelectors keyManager saProposalName tunnelEndpointAddress where protocolSelector is a decValue IANA protocol number or ANY 6 for TCP or 17 for UDP destinationPort is a decValue port number or ANY sourcePort is a decValue port number or ANY destinationAddressSelector is an address in the format ipAddressl ipAddress2 sourceAddressSelector is an address in the format ipAddressl ipAddress2 directionality is IN for inbound or OUT for outbound If IN this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host A mirrored policy is automatically created for the opposite traffic flow useSe
108. arameters as follows Data Bits 8 Parity None Stop bits 1 Flow control None EZ Click OK to complete the communication parameters and open a new Terminal window 7 Type echo on to view the characters while entering commands If that does not work press Enter key on your keyboard NOTE It is very important to execute the logout command prior to disconnecting from a Master Simply removing the RS 232 connector from the Program Port maintains your logged in status until you either return to logout via a new session or reboot the target Master PC COM Port Communication Settings Be sure that your PC s COM port and terminal program s communication settings match those in the table below PC COM Port Communication Settings Baud 38400 default Parity None Data Bits 8 Stop Bits 1 Flow Control None NetLinx Integrated Controllers Port Assignments Each of the NetLinx Integrated Controllers has specific port assignments NI 700 Port Assignments NI 900 Port Assignments Port ICSP Port Port ICSP Port Serial Port 1 1 Serial Port 1 1 Serial Port 2 2 IR Serial Port 1 2 IR Serial Port 3 IR Serial Port 2 3 O Port 4 IR Serial Port 3 4 IR RX Port 5 I O Port 5 IR RX Port 6 Establishing a Terminal Connection Via Telnet 1 In your Windows taskbar go to Start gt Run to open the Run dialog 2 Type
109. arious configuration and security settings The Web Console is described in this document starting with the Onboard WebConsole User Interface section on page 21 These NI Controllers are Duet compatible and can be upgraded via firmware Duet is a dual interpreter firmware platform from AMX which combines the proven reliability and power of NetLinx with the extensive capabilities of the Java MicroEdition JavaME platform Duet simplifies the programming of a system that includes the NI 900 and other third party devices by standardizing device and function definitions defaulting touch panel button assignments and controlling feedback methods Dynamic Device Discovery makes integration even easier by automatically identifying and communicating with devices which support this beaconing technology NXC ME260 64 er ee NI 2100 ICS NI 4100 NI 700 NI 3100 ICS NI 3101 a NI 900 FIG 1 NetLinx Integrated Controllers These NI Controllers feature an on board Web Console which allows you to connect to the NI Controller via a web browser and make various configuration and security settings NOTE The Web Console is described in this document starting with the Onboard WebConsole User Interface section on page 21 These NI Controllers are Duet compatible and can be upgraded via firmware Duet is a dual interpreter firmware platform from AMX which combines the proven reliability and power of NetLinx with the extensive capabilities of the
110. arity data stop 485 Enable Disable Variables baud baud rates are 115200 76800 57600 38400 19200 9600 4800 2400 1200 600 300 150 parity N none O odd E even M mark S space data 8 data bits stop 1 and 2 stop bits 485 Disable Disables RS 485 mode and enables RS 422 485 Enable Enables RS 485 mode and disables RS 422 Note The only valid 9 bit combination is baud N 9 1 Example SEND_COMMAND RS232_1 SET BAUD 115200 N 8 1 485 ENABLE Sets the RS232_1 port s communication parameters to 115 200 baud no parity 8 data bits 1 stop bit and enables RS 485 mode RS 232 422 485 SEND_COMMANDs Cont Command Description TSET BAUD Temporarily set the RS 232 422 485 port s communication parameters for a device TSET BAUD works the same as SET BAUD except that the changes are not permanent and the previous values will be restored if the power is cycled on the device Syntax SEND_COMMAND lt DEV gt TSET BAUD baud lt parity gt lt data gt lt stop gt 485 lt Enable Disable gt Variables baud baud rates are 115200 57600 38400 19200 9600 4800 2400 1200 600 300 parity N none O odd E even M mark S space data 8 or 9 data bits stop 1 or 2 stop bits 485 Disable Disables RS 485 mode and enables RS 422 485 Enable Enables RS 485 mode and disables RS 422 Note The only valid 9 bit combination is
111. at the local system desires input from the new system is told what information is desired from what device Note The local system number is 1062 Example gt SHOW REMOTE Device List of Remote Devices requested by this System Device Port System Needs 00001 00001 00001 Channels Commands 00002 00001 00001 Channels Commands 33000 00001 00001 Channels Commands 00128 00001 00108 Channels Commands Strings Levels 33000 00001 00108 Channels Commands Terminal Commands Cont Command Description SHOW ROUTE Displays information about how this NetLinx Master is connected to other NetLinx Masters routing information Example gt SHOW ROUTE Route Data System Route Metric PhyAddress 50 50 0 AxLink SHOW START LOG START Displays the startup log see START LOG below lt START gt specifies the message to begin the display ALL will display all startup log messages Note This command is identical in implementation to the SHOW LOG command see page 112 except that it executes the startup log SHOW SYSTEM lt S gt Displays a list of all devices in all systems currently on line The systems lists are either directly connected to this Master i e 1 hop away or are referenced in the DEFINE DEVICE section of the NetLinx program Optionally you may provide the desired system number as a parameter to display only that system s information e g SHOW SYSTEM 2001 The systems lis
112. ated with the Integrated Controllers 5 If the on board Master firmware being used is not current download the latest Kit file by first logging in to www amx com and then navigating to Tech Center Firmware Files where you can locate the desired file from within the NetLinx section of the web page Click on the desired Kit file link and after you ve accepted the Licensing Agreement verify you have downloaded the correct NI Master firmware Kit file to a known location In NetLinx Studio select Tools Firmware Transfers Send to NetLinx Device to open the Send to NetLinx Device dialog FIG 14 Verify the target s System number matches the value listed within the active System folder in the OnLine Tree tab of the Workspace The Device number is always 0 for the NI Master Select the NI Master s Kit file from the Files section FIG 14 Selected Master firmware file Send to NetLinx Device r Location i U Master firmwares NI 7005 r Files File Name Date Time 2105 03_NI_X00_v1 00 124 kit 09 6 2004 03 2105 03_NI X00 Master 3 D 320kt 09 06 2005 02 IMPORTANT NOTE PLEASE READ If you currently have a firmware build le ss than 300 the upgrade requires the following proc ess VA Description field for 1 Download kit with build 316 Downlad of last c selected Kit file 2 Reboot master 3 Wait until you have connectivity to tae master o AXLink status LED This may take a couple of m lt lt gt
113. ation of other devices Note The ICSP Connectivity option is required to allow authenticated and or secure communication between the Master and other AMX hardware software To establish an authenticated ICSP connection where the external AMX hardware software has to pro vide a valid username and password this option must be enabled Encrypt ICSP If selected this option requires that any data being transmitted or received via an ICSP Connection connection among the various AMX products be encrypted and that any application or hardware communicating with the Master over ICSP must provide a valid username and password Note When enabled this option requires more processor cycles to maintain ICSP uses a proprietary encryption based on RC4 and also requires CHAP type authentication including username and password CHAP Challenge Handshake Authentication Protocol authentication is an access control protocol for dialing into a network that provides a moderate degree of security When the client logs onto the network the network access server NAS sends the client a random value the challenge The client encrypts the random value with its password which acts as an encryption key It then sends the encrypted value to the NAS which forwards it along with the challenge and username to the authentication server Encrypt ICSP The CHAP server encrypts the challenge with the password stored in its database for Connection
114. aximum message queue sizes for several threads Use caution when adjusting these values Set Queue Size Menu 1 Interpreter factory default 2000 currently 600 Notification Manager factory default 2000 currently 200 Connection Manager factory default 2000 currently 500 Route Manager factory default 400 currently 200 Device Manager factory default 500 currently 500 Diagnostic Manager factory default 500 currently 500 TCP Transmit Threads factory default 600 currently 200 IP Connection Manager factory default 800 currently 500 Message Dispatcher factory default 1000 currently 500 10 Axlink Transmit factory default 800 currently 200 11 PhastLink Transmit factory default 500 currently 500 12 ICSNet Transmit factory default 500 currently 500 13 ICSP 232 Transmit factory default 500 currently 500 14 UDP Transmit factory default 500 currently 500 15 NI Device factory default 500 currently 500 Enter choice or press ESC SET SECURITY PROFILE Sets a pre defined Security Profile a grouped set of security settings The Security Profile can be set to none default setting Secure or DOD see below Note The Security Profile can only be configured via the terminal interface of the Master s Program port Example OANDAARWNDY set security profile When you press Enter the system responds with Current Security Profile 0 none Enter new security profile 0
115. can locate the desired file from within the NI Series Device Integrated Controller section of the web page 6 Click on the desired Kit file link and after you ve accepted the Licensing Agreement verify you have downloaded the Integrated Controller firmware Kit file to a known location 7 From within Studio select Tools gt Firmware Transfers gt Send to NetLinx Device from the Main menu to open the Send to NetLinx Device dialog FIG 16 Verify the target s System number matches the value listed within the active System folder in the OnLine Tree tab of the Workspace The Device must match the entry for the on board Integrated Controller ex N J 4100 or NI 700 device NOTE NOTE r Selected on board Integrated Controller firmware file I NetLinx Studio Ele Edt View Project Build Diagnostics Debug Tools Settings Window Help Died cud 5 ven clBgBBwe ccme E e System 1 Devices 192 168 168 66 60 60 97 60 1a 6e E amp m 00000 NI Master AMX Corp v3 01 320 SEET EN p 10505 CAT2 Age Touch Panel AMX Cor Location amp p 32001 NSX Applicatigp AMX Corp 2 40 EL 32002 NSX Application S i Em Unbound Devices BR 10008 NXD CV7 v2 56 84ir in ir in 342 p Files Nd Contents Master s Devices Ports Firmware NI X00 HCS12 Firmware 1 124 Ng 7 s EA Ge Workspace T online Tree E H Firmware download 1 status Device and System Number must mat
116. cate and it becomes nonfunctional if you try to use it Once you have received the returned CA certificate follow the procedures outlined in the following section to import the returned certificate over a secure connection to the target Master Importing an SSL Certificate Click the Import SSL Certificate link to import a CA server certificate Before importing an SSL Certificate you must First have a self generated certificate installed onto your target Master Second enable the HTTPS SSL feature from the Server Options page FIG 43 to establish a secure connection to the Master prior to importing the encrypted CA certificate 1 Copy the returned certificate signed by the CA to your clipboard 2 Click the Import SSL Certificate link to open the Import SSL Certificate window FIG 46 Import SSL Certificate atest certificate request from this device gt Import SSL Certificate FIG 46 Import SSL Certificate window 3 Place the cursor inside the text box and paste the returned certificate text in its entirety 4 Click Import SSL Certificate to save the new certificate information to the Master Once a certificate has been received from an external CA and installed on a Master do not regenerate the certificate or alter its properties Regenerating a previously installed certificate invalidates the certificate 5 Click the Display Certificate link to confirm the new certificate was imported pr
117. ch the Device and System values listed in the Workspace window FIG 16 Send to NetLinx Device dialog showing on board Integrated Controller firmware update via IP The Kit file for the Integrated Controller on the NI 2100 8100 4100 begins with 2105 04 NI X100 The Kit file for the NI 700 900 Series begins with 2105 03 NI X000 Do not use the 2105 03 NI X00 Kit file on anything other than an NI 700 900 since each Kit file is specifically configured to function on a specific NI unit 8 Select the Integrated Controller s X00 from the Files section FIG 16 9 Enter the System and Device numbers associated with the target Master listed in the Workspace window The Port field is greyed out 10 Click the Reboot Device checkbox to reboot the NI unit after the firmware update process is complete 11 Click Send to begin the transfer The file transfer progress is indicated on the bottom right of the dialog FIG 16 12 Click Close once the download process is complete The OUTPUT and INPUT LEDs alternately blink to indicate the unit is incorporating the new firmware Allow the unit 20 30 seconds to reboot and fully restart 13 Right click the System number and select Refresh System This establishes a new connection to the System and populates the list with the current devices and their firmware versions on your system If The Connection Fails If the connection fails to establish a Connection Failed dialog appears Try selectin
118. communication access The Enabled Disabled account has sufficient access rights to initiate ICSP data communication 6 ICSP Encryption Required This selection enables disables the need to require encryption of the Enabled Disabled ICSP communicated data If enabled All communicating AMX components must authenticate with a valid username and password before beginning communication with the Master All communication must be encrypted Adding a Group 1 Type 7 and Enter at the Security Setup prompt at the bottom of the Main Security Menu to add a group account sample session response is The following groups are currently enrolled administrator Enter name of new group 2 Enter a name for the group A group name is a valid character string 4 20 alpha numeric characters defining the group This string is case sensitive and each group name must be unique 3 Press Enter to display the Edit Group menu Edit Group Menu Add Directory Association 1 Atthe Edit Group prompt type 1 to add a new directory association A Directory Association is a path that defines the directories and or files that a particular user or group can access via the HTTP Web Server on the NetLinx Master This character string can range from 1 to 128 alpha numeric characters This string is case sensitive This is the path to the file or directory you want to grant access Access is limited to the user i e doc user directo
119. crements Syntax SEND COMMAND DEV CHARDM time Variable time 0 255 Measured in 1 millisecond increments Example SEND COMMAND RS232 1 CHARDM 10 Sets a 10 millisecond delay between all transmitted characters CTSPSH Enable Pushes Releases and Status information to be reported via channel 255 using the CTS hardware handshake input This command turns On enables channel tracking of the handshaking pins If Clear To Send CTS is set high then channel 255 is On Syntax SEND COMMAND lt DEV gt CTSPSH Example SEND COMMAND RS232 1 CTSPSH Sets the RS232 1 port to detect changes on the CTS input CTSPSH OFF Disable Pushes Releases and Status information to be reported via channel 255 This command disables tracking Turns CTSPSH Off Syntax SEND COMMAND lt DEV gt CTSPSH OFF Example SEND COMMAND RS232 1 CTSPSH OFF Turns off CTSPSH for the specified device GET BAUD Get the RS 232 422 485 port s current communication parameters The port sends the parameters to the device that requested the information The port responds with port gt lt baud gt lt parity gt lt data gt lt stop gt 485 ENABLED DISABLED gt Syntax SEND COMMAND DEV GET BAUD Example SEND COMMAND RS232 1 GET BAUD System response example Device 1 38400 N 8 1 485 DISABLED RS 232 422 485 SEND_COMMANDs Cont Command Description HSOF
120. crements Example SEND_STRING RS232_1 27 17 10 Sends a break character of 1 millisecond to the RS232_1 device 27 18 0 Used in conjunction with the B9MON command Clear the ninth data bit by Syntax setting it to O on all character SEND STRING lt DEV gt 27 18 0 transmissions Example SEND STRING RS232 1 27 18 0 Sets the RS232 1 device s ninth data bit to 0 on all character transmissions 27 18 1 Used in conjunction with the B9MON command Set the ninth data bit to 1 for Syntax all subsequent characters to SEND STRING lt DEV gt 27 18 1 be transmitted Example SEND STRING RS232 1 27 18 1 Sets the RS232 1 device s ninth data bit to 1 on all character transmissions 27 19 lt time gt Syntax Insert a time delay before SEND STRING lt DEV gt 27 19 lt time gt transmitting the next Variable character time 1 255 Measured in 1 millisecond increments Example SEND STRING RS232 1 27 19 10 Inserts a 10 millisecond delay before transmitting characters to the RS232 1 device 27 20 0 Syntax Set the RTS hardware SEND STRING DEV 27 20 0 handshake s output to high Example rs SEND STRING RS232_1 27 20 0 Sets the RTS hardware handshake s output to high on the RS232 1 device 27 20 1 Syntax Set the RTS hardware SEND STRING lt DEV gt 27 20 1 handshake s output to Example low inactiv V ow inactive lt 3V SEND_STRING RS232_1 27 20 1 Sets the RTS hardware ha
121. d The current directory is doc Terminal Commands Cont Command Description REBOOT lt D P S gt Reboots the Master or specified device Example gt REBOOT 0 1 0 Rebooting RENEW DHCP Renews Releases the current DHCP lease for the Master Note The Master must be rebooted to acquire a new DHCP lease Example gt RENEW DHCP RESETADMINPASSWORD This command resets the administrator password back to password Note This command is only available to Program Port terminal sessions It is not available to Telnet sessions see the Overview section on page 95 RESET FACTORY Resets the Master to factory default state including removal of all security settings removal of all user files resetting to DHCP and loading an empty NetLinx program The Master will be effectively in an out of box state ROUTE MODE DIRECT NORMAL Sets the Master to Master route mode Normal mode allows a Master to communicate with any Master accessible via the routing tables shown with the SHOW ROUTE command see page 114 This includes a directly connected Master route metric 1 and indirectly connected Masters route metric greater than 1 but less than 16 Direct mode allows communication only with Masters that are directly connected route metric 1 Indirectly connected Masters cannot be communicated within this mode Examples gt ROUTE MODE DIRECT Route Mode Direct Set gt ROUTE MODE NORMAL Route Mode
122. d whenever you select Change Access Rights option 6 from the Edit User menu or Change Access Rights from the Edit Group menu The options in this menu is described below Command Description 1 Terminal RS232 Access Enables disables Terminal RS232 Program port Access The Enable Disable account has sufficient access rights to login to a Terminal session if this option is enabled 2 Admin Change Password Access Enables disables Administrator Change Password Access The Enable Disable account has sufficient access rights to change the administrator pass word if this option is enabled 3 FTP Access Enables disables FTP Access The account has sufficient access Enable Disable rights to access the NetLinx Master s FTP Server if this option is enabled 4 HTTP Access This selection enables disables HTTP Web Server Access The Enable Disable account has sufficient access rights to browse to the NetLinx Master with a Web Browser if this option is enabled 5 Telnet Access This selection enables disables Telnet Access The account has suffi Enable Disable Cient access rights to login to a Telnet session if this option is enabled 6 Configuration Access This selection enables disables Configuration Access rights for the Enable Disable target Master The account has sufficient access rights to access the Main Security Menu if this option is enabled 5 ICSP Security This selection enables disables ICSP
123. de Masters and devices on this system but Masters and devices on other systems as well By default the target Master always appears in the list Due to system delays message collisions and multicast routing not all devices may respond immediately Clear List Click this button causes the entries to be temporarily deleted from the page either until you refresh the list using the Refresh List button or until the Master begins to detect any multi cast transmissions from System Devices System Manage Devices The Manage Devices tab FIG 53 contains links to several different device related pages as described in the following subsections System Number 2 ER Welcome guest boy System Number2 v EEr Details for Additional Devices amp ser De d Active Devices Pi View the details of additional attached devices Device Options Bindings User Defined Devices Active Devices Polled Ports Configure Binding Options Manage Device Modules o Enable Auto Bind Select a module to archive delete Marant_DV9500_Comm jar v Enable Auto Shutdown Denon AVR 5803 Comm jar C Enable Subnet Match _ Archive Module C Purge Bound Modules on Reset Delete Module Select a module to upload Browse Submit Disable Module Search via Internet Device Configuration Pages Device Configuration Links FIG 53 System Manage Devices Details for Additional Devices Manage Devices Device Options Click the
124. depend on the firmware version currently loaded on the Master If your Master is currently running a firmware version that pre dates v4 x x then there are two System Level Security pages available accessible via the System Security Settings and IPSec Security Settings links in the System Level Tab FIG 24 On NetLinx Masters with firmware that pre dates v4 x x these links provide access to two System Level Security settings pages System Security Settings amp IPSec Security Settings ES en REFRESH NetLinx Masters with firmware version 4 x x or higher do not provide these options Instead the System Security Settings are provided on this page 7 system System Level r Group Level User Leve System Security Details Modify system security settings for the Master I System Security Settings IPSec Security Settings FIG 24 System Security Details Page System Security Settings and PSec Security Settings page links By default the System Security Settings page is displayed If your Master is currently running firmware version 4 x x or higher these options are not provided In this case the System Security Settings page is the only view System Level Security System Security Settings Click the System Security Settings link to access the System Security Details page FIG 25 The options in this page allow you to establish wether the Master will require a valid username and password be
125. dy have it installed on your PC download and install Bonjour for Windows before you begin Connecting to a Network with a DHCP Server By using the Controllers s zeroconf feature and the Bonjour for Windows plug in utility multiple devices can be installed and configured on the network without the need to pre configure each device before installation The dealer only needs to match the serial number printed on the backside of the device or from the label on the box to the serial number that is displayed in the Bonjour browser pane 1 Launch Internet Explorer with the Bonjour plug in 2 Once power is applied to the device the Bonjour plug in displays the device in the list of devices as shown in FIG 3 WebControl Windows Internet Explorer Gc j hitpiffam device S localjwebjrootjwebContral xml A 7 slk File Edit View Favorites Tools Help amp Snagit PI Links Customize Links d d autc CERS O OOH 3 Bogffour About Bonjour Date System Humber 2 c AMK Wolverine SNi revaproto2 Dein vers 7 AMX 20 0 AMX 2100 210504x2560233 0 0 AMx 3000 21050203030651 0 0 g AMX 3100 210505x1570069 0 0 7 AMX 3101 210508pd0380001 0 z Che Manage WebControl Connections AMX 4000 2105x0960096 0 0 0 0 g p Jot gt AMX 4100 210506x2460053 0 0 gt AMX 700 210503x3670233 0 0 7 AMX 700 210503x3860711 0 0 amx 700 210503x4940063 0 0 gt amx 900 210509x0460208 0 0 amx s00 210509x2
126. e TCP IP connections Example gt TCP LIST The following TCP connections exist ed 1 IP 192 168 21 56 1042 Socket 0 Dead 2 IP 192 168 21 56 1420 Socket 0 Dead Terminal Commands Cont Command Description TIME Displays the current time on the Master Example gt TIME 13 42 04 URL LIST D P S Displays the list of URL addresses programmed in the Master or another system if specified Example gt URL LIST The following URLs exist in the URL connection list Entry 0 192 168 13 65 1319 IP 192 168 13 65 State Connected Entry 1 192 168 13 200 1319 IP 192 168 13 200 State Issue Connect ZEROCONF Enable disable or view the new zeroconf client in the Master ENABLE DISABLE STATUS When zeroconf is enabled default the Master s web interface will be reg istered via zeroconf and can be viewed through a zeroconf browser plug in such as Bonjour for IE ESC Pass Codes There are escape codes in the pass mode These codes can switch the display mode or exit pass mode The following escape codes are defined Escape Pass Codes Command Description ESC ESC Exit Pass Mode Typing a plus shift followed by another plus followed by an ESC the escape key followed by another escape exits the pass mode The Telnet session returns to normal ESCA ASCII Display Mode Typing a plus shift followed by another plus followed by an ESC the escape key followed by an
127. e v3 41 404 i i eet ite hel a Network Settings URL List Device Number ControvEmulate Log Diagnostics OID 2 BootROM v3 41 404 3 s System OID 3 AXLink VF uController v1 13 9 See Device p DI Port Refresh Interval 5 seconds v IP Address Messages SSES Incoming Messages HostName master ees dee Status puce O specity IP Address Channel Changes Input IP Address 7492 168 220 74 Output Feedback Subnet Mask 255 255 252 0 Device pt ns Level changes from Gateway 192 168 220 2 Keesen Strings to Strings from DNS Address Commands to Commands from Domain Suffix amx internal Custom Events from eat ea ca em em ean em em x DNS IP 1 192 168 20 onsiz raz wee 20 s ECL UII ENSE z ido bd Show Device Tree ZeroConfig Networking GO o O os aL GL MEL FIG 39 Select Diagnostics from within a selected Device s Network Settings page The currently selected device is also indicated in the Device field at the top of the page 2 By default all diagnostics are disabled see FIG 39 To enable diagnostic messages from this device click on one of the Edit buttons along the bottom of the Diagnostics Options table This opens the Edit Options window FIG 40 where you can select which Diagnostics messages to enable or disable for this device Click to delete this device from the Diagnostics page disables all diagnostics on this device r Click to app
128. ect that associates a public key and an The display is separated into three tabs click to view the selected type of Certificate Files Certificates This tab displays all Identity certificates on the Master CA Certificates This tab displays all Certificate Authority CA certificates on the Master CRL Certificates This tab displays all Certificate Revocation List CRL certificates on the Master To delete a Certificate from the Master select a Certificate in any of the three tabs and click Delete File AMX IPSec Configuration file Refer to the Appendix A IPSec Configuration File on page 125 for a listing and description of the configuration lines supported by the AMX IPSec Configuration file System Security Group Level C A Group represents a logical collection of individual users Any properties possessed LJ by a group are inherited by all members of that group NOTE Select the Group Level tab of the Security Page to access the Group Security Details page FIG 27 System Number 2 A CFOGIN Welcome guest uU System Number 2 v KS WebControl Group Security Details m Select to open and modify a group to minimize G Add New Group administrator User Group 1 Oto Qoeee User Group 2 Edt Delete User Group 3 Qs Qoeee FIG 27 Group Security Details page a LR I The options in this page allow authorized users to assign and alter group properties such as creating
129. eeps the most recent messages The log contains Entries starting with first specified or most recent Date Day and Time message was logged Which object originated the message The text of the message SHOW LOG start end SHOW LOG ALL start specifies message to begin the display If start is not entered the most recent message will be first If end is not entered the last 20 messages will be shown If ALL is entered all stored messages will be shown starting with the most recent Example gt SHOW LOG Message Log for System 50 Version v2 10 75 Entry Date Time Object Text 1i 01 2001 THU 14 14 49 ConnectionManager Memory Available 11436804 26572 Des 01 2001 THU 14 12 14 ConnectionManager Memory Available 11463376 lt 65544 gt 3 01 2001 THU 14 10 21 ConnectionManager Memory Available 11528920 lt 11512 gt 4 01 2001 THU 14 10 21 TelnetSvr Accepted Telnet connection socket 14 addr 192 168 16 110 port 2979 5 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 10002 1 50 6 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 128 1 50 T3 01 2001 THU 14 05 51 Interpreter CIpEvent OffLine 128 1 50 8 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 96 1 50 9 01 2001 THU 14 05 51 Interpreter CIpEvent OffLine 96 1 50 0 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 128 1 50 Is 01 2001 THU 14 05 51 Interpreter CIpEvent OnLine 96 1 50 2 01 2001 THU 14 05 51 Interpreter CIp
130. efault of Amx1234 Failed login attempts will force a 4 second delay before a subsequent login attempt can occur Three consecutive login failures from any location will cause a 15 minute lockout for the specified user account Ifa banner txt file is present in the Master s user directory the text from the banner txt file will be included on the Master s Web login prompt All user account access will be timed out after at most 15 minutes of inactivity by the user Any activity after the timeout will cause the login prompt to be displayed and login will be required to regain access The inactivity timer on an SSH and terminal session will be disabled if msg on logging is active All account access including successful and failed logins and logouts will be recorded in persistent storage Audit records will be retained for 90 days The current audit logs can be viewed via SSH or terminal sessions using the show audit log command The audit log can be manually cleared from SSH or terminal session using the clear audit log command Terminal Commands Cont Command Description SET SECURITY PROFILE Cont DoD DoD security profile has all of the security specifications of secure pro file along with the following additional features The default Web login banner text consists of the following This is a Department of Defense DOD computer system provided only for authorized U S Government use
131. elf generated insures that the target Master is utilizing a secure connection during the process of importing a CA server certificate over the web A certificate consists of two different Keys The Master Key is generated by the Master and is incorporated into the text string sent to the CA during a certificate request It is unique to a particular request made on a specific Master Note that regenerating a previously requested and installed certificate invalidates that certificate because the Master Key has been changed The Public Key is part of the text string that is returned from the CA as part of an approved SSL Server Certificate This public key is based off the submitted Master key from the original request 1 Click the Create SSL Certificate link under SSL Certificate Options to access the Create SSL Certificate window FIG 44 Create SSL Certificate Close Bit Length 1024 v Common Name sslexample amx com Action Display Certificate EI Organization Name AMX Corporation gt Create SSL Certificate Organization Unit Engineering Nihil neation Dinhardannl Gates leen nnen Galart ana m FIG 44 Create SSL Certificate window 2 Fill out the information in this window according to the descriptions in the SSL Certificate Entries section below 3 Click Create SSL Certificate to update the Master with the information entered on this page This process can take several minutes SSL Certificate Entries
132. elp D os n g s Tel e G wer S System 1 Devices 192 168 168 66 60 60 9f 60 1a 6e S 00000 NI Master AMX Corp v3 01 320 On board NI Master Control cards NI 4x00 ONLY 05001 NI 4000 AMX Corp v1 01 124 NetLinx Integrated Controller zs Jl 10505 CA12 Active Touch Panel AMX Corp 2 55 78 p 32001 NSX Application AMX Corp 2 40 NetLinx Studio version m Unbound Devices B 10009 NXD CV v2 55 84ir in irin TP4 Unbound Dynamic Device Masters Devices Ports 1 7 J 22 Display Cy Workspace TS OnLine Tree FIG 13 Sample NetLinx Workspace window showing OnLine Tree tab 4 If either the on board NI Master or Integrated Controller is not the latest firmware version follow the procedures outlined in the following sections to obtain these Kit files from www amx com and then transfer the new firmware Kit files to the device NOTE Upgrading the On board Master Firmware via an IP The on board Master firmware Kit file is not the same as the Integrated Controller Kit file Below is a table outlining the current sets of on board Master and Integrated Controller Kit files used by the NI Series of products Firmware Kit File usage for NI Controllers NI 4100 On board Master Kit file 2105 04 NI X100 Master Integrated Controller Kit file 2105 04 NI X100 On board Master Kit file 2105 04 NI X100 Master TERM Integrated Controller Kit file 2105
133. ength 1024 Common Name sslexample amx com Organization Name Organization Unit AMX Corporation City Location Richardson State Province Texas Country US FIG 45 Export SSL Certificate window 3 Place your cursor within the certificate text field The certificate text begins with the line that reads BEGIN CERTIFICATE REQUEST scroll down to view the certificate text 4 Select all Ctrl 4 A of the certificate text You must copy all of the text within this field including the BEGIN CERTIFICATE REQUEST and the END CERTIFICATE REQUEST portions Without this text included in the CA submission you will not receive a CA approved certificate lm eee DP WARNING CAUTION 2 NOTE g Copy Ctrl C the text to the clipboard Paste Ctrl V this text into the Submit Request field on the CA Retrieve Certificate web page 7T Choose to view the certificate response in raw DER format 9 Note the Authorization Code and Reference Number for use in the e mail submission of the request e Submit the request 9 Paste the copied text into your e mail document and send it to the CA with its accompanying certificate application When a certificate request is generated you are creating a private key on the Master You can not request another certificate until the previous request has been fulfilled Doing so voids any information received from the previously requested certifi
134. erence Guide NI 2000 NI 3000 NI 4000 NXI x100 NetLinx Integrated Controllers Hardware Reference Guide NI 2100 NI 3100 NI 4100 NI 3101 SIG Signature Series NetLinx Integrated Controller Operation Reference Guide NXC ME260 64 NetLinx Master LAN Card Module Hardware Reference Guide NetLinx CardFrame Control Cards and NetModules Instruction Manual NetLinx Studio Operation Reference Guide NetLinx Programming Language Reference Guide All product documentation is available to view or download from www amx com NOTE Quick Setup and Configuration Overview Installation Procedures The general steps involved with most common installations of this device include Unpack and confirm the contents of box see the Specifications tables in the Hardware Reference Guide for each Controller Connect all rear panel components and supply power to the NI Controller from the external power supply Configuration and Communication The general steps involved with setting up and communicating with the NI Controllers on board Master In the initial communication process Set the communication speed on the front Configuration DIP switch default 38400 Connect and communicate with the on board Master via the Program port Set the System Value being used with the on board Master Re assign any Device values You can then either get a DHCP Address for the on board Master or assign a
135. es made from within the web browser are applied instantly without the need to reboot NOTE Group and User Security Access Options Group and User Security Access Options Option Description Admin Change This selection enables or disables the Administrator right to change Group and User pass Password Access words Terminal RS232 If selected a valid username and password is required for Terminal communication via the Access Master s RS232 Program port HTTP Access If selected a valid username and password is required for communication over HTTP or HTTPS Ports including accessing the WebConsole I eee Group and User Security Access Options Cont Option Description Telnet SSH SFTP If selected a valid username and password is required for Telnet Access Telnet access Access allows communication over either the Telnet and or SSH Ports and Secure FTP access Note SSH version 2 only is supported To establish a secure Telnet connection an administrator can decide to disable the Telnet Port and then enable the SSH Port Refer to the Manage System Server Options on page 49 Configuration If selected a valid username and password is required before allowing a group user to alter the current Master s security and communication settings via NetLinx Studio This includes such things as IP configuration Reset URL list settings Master communication settings and security parameters
136. essed by clicking on the Security button This page allows you to view configure and modify the Master s security settings at three levels e System Level changes made at this level affect the system globally See the System Security System Level on page 27 for details Group Level changes made at this level affect specific User Groups See the System Security Group Level on page 30 for details User Level changes made at this level affect individual Users See the System Security User Level on page 34 for details The default view for the option is System Level Security System Security Settings FIG 23 These tabs provide access to the three levels of security configuration provided default view System Level REFRESH T r j Master Configuration Manager Gee Security MGE Group Lever PP User Level System Security Details Modify system security settings for the Master ele Enabled Access Terminal RS232 Access HTTP Access Telnet Access Configuration ICSP Connectivity Encrypt ICSP Connection FIG 23 System Security Details Page System Security Settings By default all System level security options are disabled NOTE Additional security configuration options are available via Terminal Telnet Commands See the Accessing the Security Configuration Options on page 116 Refer to SET SECURITY PROFILE on page 105 for information on setting Security
137. evice and its current firmware ver sion Example N Master v3 01 323 File Name Displays the program name and or file resident on the device Status Indicates the Master or device state This Master Indicates its the target Master currently being used and being browsed to Its this Master s web pages which are currently being viewed Orphan Indicates that the device is currently not yet bound or assigned to communicate with a particular Master This state shows an adjacent Bind button which is used to bind the device to the Master whose web pages are currently being viewed Searching Indicates that the device is trying to establish communication with it s associated Master Bound Indicates that the device has established communication with it s associated Master This state shows an adjacent Unbind button which is used to release disassociate the device from communicating with its current Master Lost Indicates that the device has tried to establish communication with it s associated or bound Master but was after a period of time unable to establish communication Refresh List Click this button to regenerate the device listing by looking for broadcasting devices This causes the Master to send out a message asking devices to resend their NDP device announcements The list is then updated as those devices send back their announcements to the Master The information displayed can not only inclu
138. evicesdk DiscDevice Config Name Marantz Config Config URL http www marantz com Device UUID 5001 1 0 Device Model DV9500 Duet Device 41002 1 0 Duet Module Ibound Marantz DV9500 Comm t FIG 56 Manage Device Bindings Device Properties pop up Manage Devices User Defined Devices Click the User Defined Devices link in the Manage Devices tab to access the User Defined Devices page FIG 57 This page provides a listing with all of the dynamic devices that have been discovered in the system and allows you to add and delete User Defined Devices Nur A bans FUTGOGIN Welcome guest System Number 2 v KN an Rm Master Configuration Manager WODEORUO SONIY User Defined Devices Device Options Bindings User Defined Devices Active Devices Polled Ports View and or create addtional system devices L Add Device erm paene T S nca Ae 19216820010 ip AudioConferencer Sony DSC W7 Copyright SCH AN L Show Device Tree FIG 57 System Manage Devices User Defined Devices Adding a User Defined Device 1 Click the Add Device button in the User Defined Devices page to access the Add User Defined Device page FIG 58 System Number 2 A ILE System Number2 v ESTER User Defined Devices iR x Device Options Bindings User Defined Devices Active Devices Polled Ports View and or create additional system devices cC ea Address 1 H DEF Sorst amp ss nud SDK Class
139. ext is required within this field The version must be in the format major minor micro where major minor and micro are numbers An example is 1 0 0 revision 1 0 0 of the device firmware SDK Class Types Amplifier HVAC SlideProjector AudioConferencer lODevice Switcher AudioMixer Keypad Text Keypad AudioProcessor Light TV AudioTape Monitor UPS AudioTunerDevice Motor Utility Camera MultiWindow VCR Digital Media Decoder PoolSpa VideoConferencer Digital Media Encoder PreAmpSurroundSoundProcessor VideoProcessor Digital Media Server RelayDevice VideoProjector Digital Satellite System Receiver VideoWall Digital Video Recorder Security System VolumeController Disc Device Sensor Device Weather DocumentCamera SettopBox 3 Once you are done creating the profile for the new device click the Add Property button to access the Name and Value fields property information for association with the new User Defined Device 4 Click the Accept button The new device is indicated in the list of discovered physical devices in the User Defined Devices page Manage Devices Active Devices Click the Active Devices link in the Manage Devices tab to access the View All Active Devices page FIG 59 The options on this page allow you to check devices for compatible Duet Modules System Number 2 gu cwm BE System Number 2 v itis WebControl Security System Se View
140. faut Communication Settings wih this IP_ Get DNS Information Set DNS Information FIG 8 Network Addresses dialog for a pre obtained Static IP Address 2 Verify that both the System number corresponds to the System value previously assigned within the Device Addressing tab and that zero 0 is entered into the Device field The system value must correspond to the Device Address previously entered in the Device Addressing tab Refer to the Manage System System Number section on page 39 for more detailed instructions on setting a system value 3 Click the Get IP Information button to temporarily configure the on board Master for DHCP usage and then read the IP Address obtained from the DHCP Server 4 Click the Specify IP Address radio button from the IP Address section With this action all IP fields become editable 5 Verify that NetLinx appears in the Host Name field if not then enter it in at this time 6 Enter the IP Address Subnet Mask and Gateway information into their respective fields 7 Click the Set IP Information button to cause the on board Master to retain this new IP Address pre obtained from the System Administrator 8 Click OK to accept the change to the new IP DNS information Eh NOTE 9 Click the Reboot Master button and select Yes to close the Network Addresses dialog 10 Click Reboot from the Tools gt Reboot the Master Controller dialog and wait for the System Master to
141. g disabling the checkboxes See the Group and User Security Access Options on page 31 for details 4 Click the Accept button to save your changes to the Master If there are no errors with the modification of any of this page s parameters a Group updated successfully is displayed at the top of the page The administrator group account cannot be modified or deleted Any properties possessed by groups ex access rights update rights directory associations etc are inherited by users assigned to that particular group Unchecking a security option which is available within the associated group does not remove that right from the user The only way to remove a group s available security right from a target user is either to not associate a group to a user or to alter the security rights of the group being associated Deleting a Group 1 Select the Group Level tab in the Security section to open the Group Security Details page 2 Press the Delete button to remove the selected group and refresh the page The system will prompt you to verify this action click OK to proceed If you are not logged into the Master you receive a reminder message You must login before Security Settings can be changed In this case log into the Master and repeat the previous steps Ifthe group is associated with several users you might get an error while trying to delete the group If this happens change the group association of those specif
142. g a different IP Address if communication fails Press the Retry button to reconnect using the same communication parameters Press the Change button to alter your communication parameters and repeat steps 2 thru 11 NOTE 2 NOTE Upgrading NXC Card Firmware Via IP This section applies to the NI 4000 and NI 4100 Only Before beginning with this section verify that both the on board Master and on board Integrated Controller have been updated with the latest firmware and that the NetLinx cards are securely inserted into the NI 4100 1 Follow the procedures outlined within the Communicating Via an IP Address section on page 10 to connect to the target NI device via the web 2 After NetLinx Studio has established a connection to the target Master click the OnLine Tree tab of the Workspace window to view the devices on the System The default System value is one 1 3 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The communication method is highlighted in green on the bottom of the NetLinx Studio window 4 After the Communication Verification dialog window verifies active communication between the PC and the NI unit verify the NetLinx NXC Control Cards appear in the OnLine Tree tab of the Workspace window FIG 17 INS NetLinx Studio File Edit View Project Build Diagnostic
143. ge System section on page 39 for details e Manage License Options in this tab allow you to add device licenses Product ID and License Key to the Master See the System Manage License section on page 58 for details e Manage NetLinx Options in this tab allow you to view a detailed list of NetLinx devices connected to the Master See the System Manage NetLinx section on page 59 for details e Manage Devices Options in this tab allow you to view the details of additional attached devices including module supported third party devices See the System Manage Devices section on page 61 for details The default view for the System option is Manage System System Number FIG 35 These tabs provide access to the various System Management features default view Manage System Master Configuration Manager WebControl Security Manage System Manage License Manage NetLinx Manage Devices Control Emulate Diagnostics Server Clock Manager System Number Modify the system number for the Master Current System Number 1 Currently selected page L Reset to Factory Defaults TT FIG 35 Manage System System Number System Manage System The Manage System tab contains links to several different System related configuration pages as described in the following subsections Manage System System Number The options on this page display the current System Number assigned to the target Master
144. he List nennen 57 Clock Manager NetLinx Programming API essent 58 System Manage Lieerse oie oe pta hono n eran ERE N NE ER CENERE EE KR TRRE x EYRATE RUNE ege ERR 58 DORIIDCENIBGUAECIIC 58 Removing a License 59 System Manage Wett nccccisedscssticcndussccdaceionccstatcaananoeneutacesecuesaaceendnecestetccsnnensauaees 59 System Manage Devices ccccsccscsccccsecssncscocesscecesecscscascescsstcnsecassesscsacnsecsusaseseasseossoes 61 Manage Devices Device Options eee nennen eene nennen nnn 61 Configuring Device Binding Options eese eene eene eene nnne nnne nnne enn nnne 61 Managing Device Modules sssssccccssscssscssssssssssssccesessssscsssssssssseescesesssssessessseeeees 62 Manage Devices Bindings ieeeeeee eroe treten een Seen e eere oa bia bae ae aaron ure rstas stirenn 63 Configuring Application Defined Devices eere eene eene 63 Application Devices and Association Status ccccccccscssssssssssssssccccessssessssssessnsseeees 65 Viewing Physical Device Properties eene eene nennen nnne nnn 66 Manage Devices User Defined Devices eene 66 Adding a User Defined Device 1 nie eie REENEN e ense aea artes rase ENEeg 67 Manage Devices Active Devices esee eene eene eene nnne nnne nens 68 Searching For All Compatible Duet Modules for a Selected Device
145. highlighted in green on the bottom of the NetLinx Studio window NOTE Resetting the Factory Default System and Device Values 1 In NetLinx Studio access the Device Addressing dialog FIG 4 on page 6 by either one of these two methods e Right click on any system device listed in the Workspace and select Device Addressing Select Diagnostics Device Addressing from the Main menu Click the Set Device System to Factory Default button This resets both the system value and device addresses for definable devices to their factory default settings The system information in the OnLine Tree tab of the Workspace window refreshes and then displays the new information By setting the system to its default value 1 Modero panels that were set to connect to the Master on another System value will not appear in the OnLine Tree tab of the Workspace window For example A Modero touch panel was previously set to System 42 The system is then reset to its default setting of System 1 and then refreshed from within the Workspace window The panel will not reappear until the system is changed from within the System Connection page on the Modero to match the new value and both the Master and panel are rebooted 3 4 Click Done to close the Device Addressing dialog Click Reboot from the Tools Reboot the Master Controller dialog and wait for the System Master to reboot The STATUS and OUTPUT LEDs should begin to alternate
146. iagnostic Options For a Device eene n nnne 48 Creating and Recalling Diagnostics Presets cccccccccscscessssssssssssccceesesesssessesensseeees 48 pM Manage System Server Options cisicsissicsccccsceccssasssesssncccsecvensedcecsdctasanesucquocasiesssense 49 elen dl EE 49 Server Port End ET 49 SSL Certificate el 51 Creating an SSL Server Certificate iccciccscctessecccacdeedsvseticcosstvssicecestasenneccedaucetsdacseseuitereees 51 SSL Certificate Entries i 0c 50 c cessssniepsenseuteniieensececensuvsecccssesvedsnoosedsnusucesvedsouubecesevecasbenes 52 Displaying SSL Server Certificate Information eese eene eene 52 Creating a Request for an SSL Certificate eee eene eene 53 Self Generating an SSL Certificate cccccsssseccscsssseeceescsssseccescesseeceesesssseecesssssseeeess 53 Regenerating an SSL Server Certificate Request eese eene 53 Exporting an SSL Certificate Request eese eene nannten nnne 53 Importing an SSL Certificate terere rebote iret eb ip nts no EP ERR sense etr KRKE etp rue ha 54 Manage System Clock Manager Options eene eene 55 Setting the Mode for the Clock Manager eese eene 55 Setting Daylight Savings Rules erret ttn deter e d n o neeos 56 Selecting a Custom NIST Seryver eee rere toto etre sno n ER ipee a e EEN 57 Adding a Custom NIST Server To t
147. ialog displays the Waiting Press Cancel to Quit message indicating that Identify Mode is currently active NetLinx Studio is waiting to detect a device FIG 5 m Device System Change of Address Options r Device to Change Device o New Device E Change Device r System to Change System s New System E Change System Change Device System Number Set Device System to Factory Default Reboot Master r ID Mode Destination System o Change to Device Device o System o Cancel Identify Mode FIG 5 Device Addressing dialog Identify Mode active Identify Mode is currently active 5 Press the NI Controller s ID button to assign the new Device System values entered in step 3 to the Controller At this point the Successful Identification Made message is displayed FIG 6 Device Addressing m Device System Change of Address Options r Device to Change Device o New Device E Change Device r System to Change System fi New System E I Change System Change Device system Number Set Device System to Factory Default Reboot Master d r ID Mode Destination System o Change to Device Device o System o Start Identify Mode Previous D S 5001 1 Done FIG 6 Device Addressing dialog Successful Identification Made Device
148. ic users utilizing the old group and either give them a new group or assign them none as a group When you return to delete the desired group you receive a message saying Group deleted successfully 3 Click the Accept button to save your changes to the Master NOTE System Security User Level Select the User Level tab of the Security Page to access the User Security Details page FIG 31 The options on this page allow authorized users to add delete User accounts and configure User s Access rights System Number 2 mT E as UTOGIN welcome guest DE System Number 2 v Er S a P 4 NX Master Configuration Manager WebControl User Security Details Select to open and modify 8 user to minimize Click to add a new User administrator d emm emm ni Netlinx e f m Gro Qoeee Omne Gro Ooeete foup administrator e Admin Change Password Access wi Terminal RS232 Access v FTP Access HTTP Access e Telne SSH SFTP Access v Configuration X ICSP Connectivity w Encrypt ICSP Connection FIG 31 User Security Settings Page A User represents a single client of the Master while a Group represents a collection of Users Any properties possessed by a Group are inherited by all of the Users in the group Adding a New User 1 Select the User Level tab in the Security section to open the User Security Details page 2 Click the Add New User button see FIG 3
149. icated data If enabled All communicating AMX components must authenticate with a valid username and password before beginning communication with the Master All communication must be encrypted Edit User Menu The Edit User Menu is accessed whenever you enter the Add user or Edit user selections from the Setup Security menu The Edit User Menu options are described in the following table Edit User Menu Command Description 1 Change User Password This selection prompts you to enter the new password twice for the user Once the new password is entered the user must use the new password from that point forward Change Inherits From Group This selection will display the current group the user is assigned to if any It will then display a list of current groups and prompts you to select the new group Add Directory Association This selection will display any current directory associations assigned to the user and then will prompt you for a path for the new directory association Delete Directory Association This selection will display any current directory associations assigned to the user and then will prompt you to select the directory association you want to delete List Directory Associations This selection will display any current Directory Associations assigned to the user Change Access Rights This selection will display access the Access Rights menu which allow
150. ics indicated with a green checkmark FIG 41 Each device is identified here by it s System Number Device and Port assignments Click to select a different Refresh Rate TER o default 5 seconds Device sms Port Refresh interval seconds Messages Online Offline Ce eT manaman S 09 13 2006 16 40 44 717 PUSH Status Y 09 13 2006 16 40 44 717 PUSH Channel Changes 09 13 2006 16 40 44 815 RELEZ 7 09 13 2006 16 40 44 815 RELEZ Output Y Feedback Y Device Options Level changes from Pa Level changes to Y Strings to Y Strings from Y Commands to Y Click to modify the diagnostics settings Commands fiom for this device or to remove this device SEN from the Diagnostics Options list Le len on emn eon ca em em o ER FIG 41 Edit Options window All returned messages are displayed in the Incoming Messages window By default all messages are refreshed every 5 seconds as indicated by the Refresh Interval field Use the Refresh Interval drop down to specify how often your messages are updated available values 2 seconds 5 seconds or 10 seconds KE The default setting is 5 seconds 4 To add more devices to the Diagnostics Options page Repeat steps 1 3 Alternatively you can click one of the Edit buttons to open the Edit Options window and specify a System Number Device and Port for a known System Device Select the Diagnostics messages that you want to enable for this device and clic
151. ing Settings 1 Check the Enabled option to enable Security and make the following CRL Checking options available click the radio buttons to toggle on off No CRL Checking No CRL Certificate Revocation List checking will be done CRL Checking Only the certificate in question will be checked against the CRL CRL Checking All Each certificate in an entire chain of certificates should be checked against the CRL 2 Click the Update Settings button to save all changes to the Master Uploading an Configuration File 1 Click the Browse button next to the Upload Configuration File text box to locate and select a NetLinx compatible configuration file from your PC or LAN The configuration file name can use any suffix but it will be re suffixed to cfg by the Master NOTE 2 Click the Submit button to transfer the selected configuration file to the Master Refer to Appendix A IPSec Configuration File on page 125 for additional details Managing Certificate Files The Managing Certificate Files section of the page provides a display box that lists all of the existing Certificate Files resident on the Master identity Certificates also include other information in extensions such as permissions and comments NOTE CA is short for Certification Authority an trusted third party or internal entity that issues signs revokes and manages these digital certificates A certificate is a cryptographically signed obj
152. into the Product ID fields Contact the AMX Sales department with both the product serial number or certificate number and the serial number of target Master to register your product and in turn receive the necessary Key information typically 32 to 36 digits in length which is then entered into the Key fields on this page 3 Enter the Product Key into the Key fields The Product Key is Master specific and is typically provided by AMX upon registration Example AMX Meeting Manager and i Voting applications are examples of products that require both a Product serial number and a Master specific key prior to usage 4 Press the Accept button to save the information If there are no errors with the information on this page a Key successfully added for Product ID XXXX is displayed at the top of the page Removing a License 1 Click the Remove x icon to the left of the license that you want to remove 2 The system will prompt you to verify this action before the license is removed from the Master Click OK to proceed 3 Press the Accept button to save the information System Manage NetLinx The Manage NetLinx tab displays a list of NetLinx devices connected to the Master and indicates device status for each FIG 52 System Numt A m AA LOGIN Welcome guest IE System Number2 v REISE a FN Master Confi ration Manager WebControl Security l Manage System Manage License NetLinx Details View List
153. io to establish a NetLinx Device ID for the device The steps described and the dialogs shown in this section are in the NetLinx Studio application NetLinx Studio is available to download from www amx com Referto the NetLinx Studio on line help for information on using NetLinx Studio 1 Access the Device Addressing dialog FIG 4 by selecting Diagnostics Device Addressing Device Addressing x r Device System Change of Address Options r ID Mode r Device to Change SE kr Device D New Device DRUCKEN I Change Device r Change to Device Device o r System to Change System s New System E System o Change System Start Identify Mode Change Devic n Number Fila Set Device System to Factory Default Reboot Master Done FIG 4 Device Addressing dialog 2 Enter the system number in the Destination System field 3 Enter the desired device number in the Change to Device box Device field and again enter the system number in the System field NOTE 4 Click the Start Identify Mode button This action activates Identify Mode on the named System Identify Mode means that the system is put on hold while it waits for an event from any NetLinx device in the named system for example pushing the ID button on a NetLinx device The device that generates the first event is the device that gets identified The Device Addressing d
154. ion indicating updated port numbers L NOTE 2 bd NOTE If the Device Tree contents do not refresh within a few minutes press the browser s Refresh button and reconnect to the Master SSL Certificate Options There are three SSL Certificate options presented as links along the bottom of this page SSL Certificate Options Create SSL Certificate Opens the Create SSL Certificate window where you can create a self generated SSL certificate Note A self generated certificate has lower security than an external CA officially issued generated certificate Export SSL Certificate Request Takes the user to the Server Certificate page where they can view a previously created certificate An authorized user can also copy the raw text from a generated Certificate request into their clipboard and then send it to the CA Import SSL Certificate Takes the user to the Import Certificate page where they can import and paste the raw text from a CA issued Certificate Creating an SSL Server Certificate Initially a NetLinx Master is not equipped with any installed certificates In order to prepare a Master for later use with CA officially issued server certificates it is necessary to First create a self generated certificate which is automatically installed onto the Master Secondly enable the SSL feature from the Enable Security page Enabling SSL security after the certificate has been s
155. ion messages turned off MSG STATS Calculates incoming and outgoing messages over a time interval OFF D P S or NAME CHAN Turns off a specified channel on a device The device can be on any sys tem that the Master you are connected to is able to reach You can specify the device number port and system or the name of the device that is defined in the DEFINE_DEVICE section of the program Syntax OFF name channel Or OFF D P S channel Example gt OFF 5001 7 4 Sending Off 5001 7 4 ON D P S or NAME CHAN Turns on a specified channel on a device The device can be on any system that the Master you are connected to is able to reach You can specify the device number port and system or the name of the device that is defined in the DEFINE_DEVICE section of the program Syntax ON name channel or ON D P S channel Example gt ON 5001 7 4 Sending On 5001 7 4 Terminal Commands Cont Command Description PASS D P S or NAME Sets up a pass through mode to a device In pass through mode any string received by the device is displayed on the screen and anything typed is sent as a string to the device The device can be on any system that the Master you are connected to is able to reach You can specify the device number port and system or the name of the device that is defined in the DEFINE_DEVICE section of the program Mode is exited by ESC ESC Display Format i
156. ious steps 3 Reboot the Master via the Reboot button on the Manage System Page select the System control button to access WebConsole Web Control Options Manage Web Control Connections The Web Control page is accessed by clicking on the Web Control button FIG 34 This page allows you to view all touch panels running the G4Web Control application Each G4Web Control equipped touch panel connected to this Master is indicated by a link Click on any of the links to open a new G4Web Control window displaying the selected panel using the native resolution of the target panel For example a CA15 panel link opens a new G4Web Control window at 800 x 600 resolution System COGIN Welcome guest bodes System Number 2 Em an P al d System Master Configuration Manager WebControl WU Manage WebControl Connections Manage devices attached to the Master S n i Click on any link listed here to open a new G4Web Control window to view the indicated panel Compression options Cluse Compression luse low color Java and sil Java based trademarks and logos trademarks of Sun Microsystems Inc in the Copyright 2006 AMX O Show Device Tree gt ta D FIG 34 Manage Web Control Connections page populated with 1 compatible G4 touch panel To establish a secure connection between the touch panel and the target Master the panel must be using a valid username and password that can be matched t
157. k Update The device will appear in the Diagnostics Options window in the next available column to the right of the last device added see FIG 42 System Number 2 2 2 2 Device 5001 0 10001 41002 z SCH Sep 7 j Refresh Interval 5 seconds v Messages Online Offline x s s Y Incoming Messages Configuration Y eg Y x mt Status Mr we cw X 80 44 815 Channel Changes 80 44 815 B0 44 717 Input S SSES ai amp 0 44 717 Output Se px Tw 80 44 815 Feedback ME we WX 80 44 815 80 44 717 Device Options 80 44 717 Level changes from x Y Y x 80 44 815 B0 44 815 Level changes to SI w pw x im 20 44 717 Strings to mE Se 8 80 44 717 Strings from x Y Y x 80 44 815 80 44 815 Commands to act Ege IA Tx 20 44 717 Commands from x Y Y x 80 44 717 80 44 815 Custom Events from x NIE x 0 44 615 Edit Edit Edit Edit Ed Ear j Edit EM lt FIG 42 Edit Options window indicating four devices with Diagnostics enabled You can monitor diagnostics for up to eight System Devices in this page VK NOTE Diagnostics Options Definitions The following table describes each of diagnostics options that can be enabled via the Edit Options window Diagnostic Options Diagnostic Option Description All Notifications Enables every notification field System Number Use these fields to enter a device port system D P S combination for the device for Device which you want to enable
158. l disable the ability to use that channel as an output Syntax SEND COMMAND lt DEV gt SET INPUT channel state Set the input channel s active state Variable channel Input channel 1 8 state Active state HIGH or LOW default Example SEND COMMAND IO SET INPUT 1 HIGH Sets the UO channel to detect a high state change and disables output on the channel Terminal Program Port Telnet Commands NOTE Overview There are two types of terminal communications available on NetLinx Integrated Controllers Program Port The Program port is a RS232 port located on the rear panel of the Master that allows terminal communication with the Master This type of terminal communication requires that you are physically connected to the Master to access the configuration options and commands supported Since this method of terminal communication requires physical proximity as well as a physical connection to the Master it is the most secure form of terminal communication For this reason all Security Configuration options are only available via the Program port and cannot be accessed via Telnet Telnet This type of terminal communication can be accessed remotely via TCP IP It is a less secure form of terminal communication since it does not require a physical connection to the Master to connect Further the Telnet interface exposes information to the network which could be intercepted by an
159. le HTTPS Once you enter a value and press the ENTER key you get the following message Setting HTTPS port number to New HTTPS port number set reboot the Master for the change to take affect SET ICSP PORT Sets the Master s IP port listened to for ICSP connections Note The Master must be rebooted to enable new settings Example gt SET ICSP PORT Current ICSP port number 1319 Enter new ICSP port number Usually 1319 0 disable ICSP Once you enter a value and press the ENTER key you get the following message Setting ICSP port number to New ICSP port number set reboot the Master for the change to take affect Terminal Commands Cont Command Description SET ICSP TCP TIMEOUT Sets the timeout period for ICSP and i Web Control TCP connections Note The new timeout value is immediately no reboot required Example gt SET ICSP TCP TIMEOUT This will set the timeout for TCP connections for both ICSP and i Web Control When no communication has been detected for the specified number of seconds the socket connection is closed ICSP and i Web Control have built in timeouts and reducing the TCP timeout below these will cause undesirable results The default value is 45 seconds The current ICSP TCP timeout is 45 seconds Enter new timeout in seconds Once you enter a value and press the ENTER key you get the following message New timeout value set in affect immediately SET IP l
160. lectors is PACKET use packet selectors or POLICY use policy selectors keyManager is MANUAL manual negotiation or IKE key negotiation saProposalName is an SA proposal name tunnelEndpointAddress is the remote gateway You must specify a single valid IPv4 or IPv6 host address You cannot specify multiple endpoints ipMaskPrefix ipMaskPrefix EXAMPLES IPv4 spdAddTunnel ANY 0 0 0 0 0 10 8 30 30 0UT POLICY MANUAL qm sa default 10 9 9 180 IPv6 spdAddTunnel ANY 0 3ffe 4 1 0UT POLICY MANUAL qm sa default 3ffe 1 2 Config String Format protocolSelector destinationPort sorucePort destinationAddressSelector sourceAddressSelector directionality useSelector keyManager saProposalName tunnelEndpointAddress SpdAddBypass SpdAddBypass NAME spdAddBypass create a bypass policy in the SPD SYNOPSIS spdAddBypass pConfStr DESCRIPTION This rule creates a bypass policy in the SPD Rule Value pConfStr A stringValue specifier formatted as follows protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality mirroring where protocolSelector is a decValue IANA protocol number or ANY 6 for TCP or 17 for UDP destinationPort is a decValue port number or ANY sourcePort is a decValue port number or ANY destinationAddressSelector is an address in the format ipAddressl ipAddress2 ipMaskPrefix sourceAddressSelecto
161. ll fields as numeric except for the word occurence OCCURANCE range 1 5 5 indicates the LAST occurrence of a particular day of the month DAY OF WEEK translates as 1 Sunday 2 Monday 3 Tuesday 4 Wednsday 5 Thursday 6 Friday 7 Saturday Examples fixed 5 10 16 00 00 October 5 at 4 00PM occurence 5 1 10 02 00 00 last Sunday in October at 2 00AM Appendix D Clock Manager NetLinx Programming API NetLinx Integrated Controllers WebConsole amp Programming Guide 149 Bang a AA Increase Your Revenue UNI VERSI TY through education knowledge In the ever changing AV industry continual education is key to success AMX University is dedicated to ensuring that you have the opportunity to gather the information and experience you need to deliver strong AMX solutions Plus AMX courses also help you earn CEDIA NSCA InfoComm and AMX continuing education units CEUs Visit AMX University online for 24 7 365 access to Schedules and registration for any AMX University course Travel and hotel information Your individual certification requirements and progress 3000 RESEARCH DRIVE RICHARDSON TX 75082 USA e 800 222 0193 e 469 624 8000 e 469 624 7153 fax e 800 932 6993 technical support e www amx com 5 12 2012 AMX All rights reserved AMX and the AMX logo are registered trademarks of AMX AMX reserves the right to alter specifications without notice at any time
162. ly blink during the incorporation Wait until the STATUS LED is the only LED to blink Press Done once until the Master Reboot Status field reads Reboot of System Complete Click the OnLine Tree tab in the Workspace window to view the devices on the System The default System value is one 1 Right click the associated System number or anywhere within the tab itself and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system Use Ctrl S to save these changes to your NetLinx Project Onboard WebConsole User Interface WebConsole UI Overview NetLinx Masters have a built in WebConsole that allows you to make various configuration settings via a web browser on any PC that has access to the Master The webconsole consists of a series of web pages that are collectively called the Master Configuration Manager FIG 19 System Device info System read only indicates the name of the System currently connected Device click the down arrow to select from a list of all devices connected to this Master Refresh Click to refresh the Device list Click to Login only required if Master Security and HTTP Access security options are enabled on the target Master Weicome guest Y AMK Com Master Configuration Manager Sech Geck Click to access the three main sections of the WebConsole initial view Web Control Manage Web
163. ly changes Edit Options close 4 Click to close the Edit Options window without disabling diagnostics Click to select from Presets presets Y saved sets of enabled Diagnostic messages 0 All Devices All Notifications vj Store Recall d Click to Store and Recall Presets To set Diagnostic Options for a different System Device enter the device s System Device and Port information in these fields and press Update to add the specified device diagnostics options to the Diagnostics page All Notifications Online Offline Messages Input Channel Changes Ha Click the checkboxes to enable disable specific diagnostic messages Scroll down to see the entire list al All Notifications enables all messages Output Channel Changes 1 0 o Configuration Messages Be o O O Feedback Channel Changes Level From Device Level To Device M x FIG 40 Edit Options window Once you have selected the diagnostics messages to enable click Update to apply your changes close the Edit Options window and return to the Diagnostics page Refer to the Diagnostics Options Definitions section on page 47 for definitions of each Diagnostic option 3 The device that you just enabled diagnostics for appears in the Diagnostics Options page identified by its Number Device and Port assignments at the top of the Diagnostics Option list with the currently enabled diagnost
164. mber must be clearly marked on the outside of each box The RMA is valid for a 30 day period After the 30 day period the RMA will be cancelled Any shipments received not consistent with the RMA or after the RMA is cancelled will be refused AMX is not responsible for products returned without a valid RMA number AMX is not liable for any damages caused by its products or for the failure of its products to perform This includes any lost profits lost savings incidental damages or consequential damages AMX is not liable for any claim made by a third party or by an AMX Autho rized Partner for a third party This Limited Warranty does not apply to a any AMX product that has been modified altered or repaired by an unauthorized agent or improperly transported stored installed used or maintained b damage caused by acts of nature including flood erosion or earth quake c damage caused by a sustained low or high voltage situation or by a low or high voltage disturbance including brownouts sags spikes or power outages or d damage caused by war vandalism theft depletion or obsolescence This limitation of liability applies whether damages are sought or a claim is made under this warranty or as a tort claim including negligence and strict product liability a contract claim or any other claim This limitation of liability cannot be waived or amended by any person This limitation of liability will be effective even if AMX or an a
165. n location 7 Verify you have downloaded the latest NetLinx Control Card firmware Kit file to a known location 8 Select Tools gt Firmware Transfers gt Send to NetLinx Device from the Main menu to open the Send to NetLinx Device dialog FIG 18 Verify the target s Device and System numbers matches the value listed within the System folder in the Workspace window P NOTE Send to NetLinx Device r Location FIG 10 11 12 13 14 15 16 r Selected Control Card Description field for selected Kit file Firmware file LU NI Controllers DaterTine SE 2023 KIT v4 00 13i 09 23 2005 03 Description NXC VOL4 Volume 4 Kit for Version 1 0 2022v1 00 10 kit v 09 23 2005 03 2024 v1 O00 09kit 09 23 2005 03 2105 NI X000 Master v3 01 2200 09 06 2005 12 Firmware NXC VOL Download Firmware Version v1 00 08 09 Target MC68332 Firmware NAXC VOL First Firmware Version v1 00 01 00 lt Contents Firmware download Progress Ready o send status I Reboot Device System Number and Device Number must match the System and Device values listed in the Workspace window 18 Select Control Card firmware file for download page via IP Select the Control Card s Kit file from the Files section FIG 18 in our above example we chose to update the NXC VOLA card Enter the System and Device numbers associated with the desired Master listed in the Workspace
166. n of this document Refer to e the Onboard WebConsole User Interface section on page 21 e the WebConsole Web Control Options section on page 37 e the WebConsole Security Options section on page 25 and e the WebConsole System Options section on page 39 The Initial Configuration and Firmware Upgrade section on page 5 describes upgrading the firmware on NI Controllers The NetLinx Programming section on page 79 lists and defines the NetLinx send commands that are supported by the NI Controllers The Terminal Program Port Telnet Commands section on page 95 describes the commands and options available via either a Program Port RS232 or Telnet terminal session with the NI Controller Some of the features described in this document are available only to NetLinx Masters with firmware version 4 0 or greater For firmware versions prior to version 4 0 refer to the previous version of this document available to download from the v3 x firmware pages on www amx com Related Documents For detailed descriptions of NI Controller hardware including specifications port assignments installation procedures connection and wiring information refer to the Hardware Reference Guide for your Master Related Documents Title DVX 2100HD Enova Total Environment Controller Operation Reference Guide NXI 700 900 NetLinx Integrated Controllers Hardware Reference Guide NXI x000 NetLinx Integrated Controllers Hardware Ref
167. ndshake s output to low on the RS232_1 device NOTE IR Serial Ports Channels IR Serial Ports Channels CHANNELS Description 00001 00229 IR commands 00229 00253 May be used for system call feedback 00254 Power Fail Used w PON and POF commands 00255 Power status Shadows UO Link channel status 00256 65000 IR commands 65000 65534 Future use The NI series of NetLinx Masters support Serial control via the IR RX port when using firmware version 300 or greater IR RX Port Channels IR Serial Ports Channels 00001 00255 PUSH and RELEASE channels for the received IR code IR Serial SEND COMMANDs The following IR and IR Serial Send Commands generate control signals for external equipment In these examples lt DEV gt device IR Serial SEND_COMMANDs Command Description CAROFF Syntax Disable the IR carrier signal SEND COMMAND lt DEV gt CAROFF until a CARON command is Example received SEND COMMAND IR 1 CAROFF Stops transmitting IR carrier signals to the IR 1 port CARON Syntax Enable the IR carrier signals SEND COMMAND DEV CARON default Example SEND COMMAND IR 1 CARON Starts transmitting IR carrier signals to the IR 1 port IR Serial SEND_COMMANDs Cont Command Description CH Send IR pulses for the selected channel All channels below 100 are transmitted as t
168. nectivity the AMX License Agreement is displayed The License Agreement must be accepted for Internet Module search feature to be enabled When this feature is enabled the Master queries either AMX s Online database of device Modules and or pulls Modules from a separate site specified by the manufacturer s device You can later disable this feature by toggling this button 2 Press the Accept button to save your changes Managing Device Modules Use the Manage Device Modules set of options to archive or delete modules from the Master All modules currently present on the Master are indicated in the Module list To archive a module 1 Select a module and click the Archive Module button 2 This action copies the selected module JAR file to your PC 3 The system will prompt you to specify a target directory to save the module file to To delete a module Select a module and click the Delete Module button This action deletes the selected module from the unbound directory modules must be deleted via the Purge Bound Modules on Reset selection described Any corresponding module within the bound directory will not be deleted Bound within the Configure Device Bindings section NOTE To browse for a Module file and then upload it to the Master 1 Click the Browse button next to the Select a module to upload text field to browse for Duet Modules on your PC Network 2 Selectthe JAR file that you want to upload to
169. new module driver should then be bound The administrator user can then select one of the available physical devices to bind with the associated application device When the Save button is selected the binding is created and a process begins within the target Master to find the appropriate Duet Module driver Once a driver is found the Duet Module is then started and associated with the specified application device Duet virtual device If the Cancel button is selected the binding activity is then aborted If the manufacturer device does not support Dynamic Device Discovery DDD beaconing you must use the Add New Device page to both create and manage those values necessary to add a dynamic physical device This process is described in detail within the following section INSOle Viewing Physical Device Properties Hold the mouse cursor over the Physical Device Device entry in the table to display detailed device properties for that device in a pop up window FIG 56 WIEL ak Manage Devices Manage Device Bindings device optons Bndnos User Detned Devices Acwve Hold the mouse cursor over the Device D P S assignment to open the Device Properties pop up Select the binding you wish to modify delete My DVD 41002 1 0 DiscDevice My Receiver 41001 1 0 Receiver Device Properties Device Revision 1 0 0 Device Category serial Device Make Marantz Mi ee Physical Device 5001 1 0 Device SDKClass com amx duet d
170. ng and Editing User Security Settings Click on any User listed in the User Security Details page to view and edit security settings for the selected User FIG 33 System Number 2 BS aF a LOGIN Welcome guest Lom System Number 2 DA REFRESH A as EM Master Go guration Manager WebControf L Security System User Security Details Select to open and modify a user to minimize ch Add New User 5 administrator i NetLinx Chane roup administrator Delete E Ser Click to edit Access settings for this U Access y Admin Change Password w Terminal RS232 Access Click to delete this User vy FTP Access w HTTP Access e TelneUSSH SFTP Access w Configuration w ICSP Connectivity w Encrypt ICSP Connection FIG 33 User Level Security Settings Page Viewing User Security Settings Details Click the Edit button to edit the Security Access options for the selected User Click Delete to delete the selected User from the Master Deleting a User 1 Select the User Level tab in the Security section to open the User Security Details page 2 Press the Delete button to remove the selected User and refresh the page The system will prompt you to verify this action click OK to proceed If you are not logged into the Master you receive a reminder message You must login before Security Settings can be changed In this case log into the Master and repeat the prev
171. notifications Port A value of 0 for any option gives you all of the systems devices or ports This dialog also allows you to store recall presets Messages Online Offline Generates a message when there is a change in the target device s online offline status Configuration Generates a message when there is a change in the target device s configuration Status Generates a message when there is a change in the target device s status Channel Changes Input Generates a message when there is an input channel change i e Push Release in the target device Output Generates a message when there is an output channel change i e CHON CHOFF in the target device Eech NOTE Diagnostic Options Cont Diagnostic Option Description Channel Changes Cont Feedback Generates a message when there is a feedback channel change in the target device Device Options Level Changes From Generates a message when there is a level channel change from the target device Level Changes To Generates a message when there is a level channel change to the target device Strings To Generates a message when there is a string sent to the target device Strings From Generates a message when there is a string from the target device Commands To Generates a message when there is a command to the target device Commands From Generates a message when there is a c
172. nth Day of the Week Month and Starts fields to specify the occurrence to start Daylight Savings time The range is 1 through Last where Last indicates the last occurrence of a particular day of the month This is to accommodate months that include four weeks as well as those that include five 4 Use the Ends fields to specify when Daylight Savings should end The Ends rules match the Start rules and follow the same logic Select Fixed or by Occurrence and specify the End date time information accordingly 5 Click Accept to save these settings to the Master NOTE NOTE Selecting a Custom NIST Server System Number 2 LOGIN Welcome guest jud System Number 2 v LED A an P a Master Configuration Manager WebControf Security Systen Manage System JACE e i LLL ELE ak ELE aea Clock Manager Options Modify Clock Manager options for the Master System Number Control Emulate Diagnostics Server Clock Manager NIST Server Manager Mode Settings Dayligh CsT servers Select URL IP Location Remove time atimefreq bldrdoc gov 132 163 4 101 NIST Boulder Colorado fei time b timefreg bldrdoc gov 132 163 4 102 NIST Boulder Colorado o time ctimefreq bldrdoc gov 132 163 4 103 NIST Boulder Colorado o I o L f Peano CIN FIG 49 Clock Manager Options NIST Servers tab 1 In the NIST Servers tab FIG 49 use the radio buttons to select one of the NIST Servers in the list 2 Click Accept to save these
173. nto the unbound directory and automatically overwrite any existing module of the same name 2 Once a list of all compatible modules is compiled the Available Modules list is displayed on this page Each module is listed with its calculated match value The greater the match value the better the match between the Duet Module s properties and the physical device s properties 3 Select a module and click the Accept button to associate the selected Duet module with the physical device This action will not affect any currently running Duet module associated with the physical device The module is associated with the device upon reboot Viewing Physical Device Properties Hold the mouse cursor over the Device entry in the table to display detailed device properties for that device in a pop up window FIG 60 Manage System Manage License MWanage Wetlinx Manage Devices E es Device Options Bindings User Defined Devices Active Devices Polled Ports Hold the mouse cursor over the Physical Device IP Address to open ust modules the Device Properties pop up Device Properties Birra Device Revision 1 0 0 IP Address 192 168 200 10 Device Category ip Device Make Sony Physica Device 192 168 200 10 TT Show Device Tree Device SDKClass com amx duet devicesdk AudioConferencer Dynamic Type local Device UUID 192 168 200 10 Device Model DSC W7 IP Address 192 168 200 10 Duet Module dynamic FIG 60 Vie
174. number of buffers in each queue Example show buffers Thread TX RX Queued UDP 0 IPCon Mgr 0 0 Sent NO Waiting NO Con Manager Interpreter Device Mgr Diag Mgr Msg Dispatch Cfg Mgr Route Mgr Notify Mgr 0 Total 0 0 0 GrandTotal 0 Note See the SHOW MAX BUFFERS section on page 113 oo coco oc amp Terminal Commands Cont Command Description SHOW COMBINE Displays a list of devices levels and channels that are currently combined Example gt SHOW COMBINE Combines Combined Device 33096 1 1 96 1 1 Combined Level 33096 1 1 1 128 1 1 1 10128 1 1 1 Combined Device 33128 1 1 128 1 1 10128 1 1 SHOW DEVICE lt D P S gt Displays a list of devices present on the bus with their device attributes Example gt SHOW DEVICE 0 1 0 Local devices for system 1 This System Device ID Model ID Mfg FWID Version 00000 00256 NXC ME260 64M 00001 AMX Corp 00336 v3 00 312 PID 0 0ID 0 Serial 0 0 0 0 0 0 0 0 0 0 0 0 Physical Address NeuronID 000531589201 00256 vxWorks Image 00001 00337 v3 00 312 PID 0 0ID 1 Serial N A 00256 Boot ROM 00001 00338 v3 00 312 PID20 0ID 2 Serial N A 00256 AXlink I F uContr 00001 00270 v1 03 14 PID 0 0ID 3 Serial 0000000000000000 Terminal Commands Cont Command Description SHOW LOG Displays the log of messages stored in the Master s memory The Master logs all internal messages and k
175. o a previously configured user on the target Master and the ICSP Connectivity option must be enabled within the System Level Security page Compression Options The checkboxes at the bottom of this page allow you to choose from two compression options Use compression to decrease response delay when viewing G4Web Control windows over a bandwidth restricted network or over the Internet By default both compression options are disabled Use Compression allows you to specify that the transmitted data packets be compressed This speeds up the visual responses from the panel by minimizing the size of the information relayed through the web and onto the screen Use Low Color allows you to specify the number of colors used to display the image from the panel be reduced By reducing the numbers of colors the size of the information is reduced and the response delay is decreased WebConsole Web Control Options 38 NetLinx Integrated Controllers WebConsole amp Programming Guide FMv3 WebConsole System Options System Overview The Manage System page is accessed by clicking on the System button This page allows you to view and configure various aspects of the NetLinx System separated by four tabs Manage System Options in this tab allow you to view change the Master s System Number Control Emulate system devices perform Diagnostics configure Server settings and set the time date via the Clock Manager See the System Mana
176. of NetLinx Devices LS Refresh List Clear List 1 0 Ni Master v3 13 339 Untitled MAX Untitled MAX axs 1 0 NXC ME260 64M v3 11 323 AliXAmenitiesMain AMXAmenttiesMain axs 1 0 NiMaster v3 11 323 Defect 40573 Defect 40573 axs 1 0 Ni Master v2 11 223 iis Zion IR Test Apoc IRS and Zion IR 1 D Ni Master v3 13 339 MAX AMX_MAX_Main axs 1 0 NI Master v3 11 323 Coby Coby axs 1 0 NI Master v3 13 339 Test Temp Test Temp axs 1 D NI Master v3 12 332 System 1 System 1 axs 1 0 NI Master v3 12 335 AMXAmenitiesMain AMXAmenitiesMain axs 1 D NI Master vPROTO BLANK 1 0 NiMaster v3 12 335 BLANK 1 D NI Master vPROTO No Program Running 2 0 NI Master vPROTO Empty Empty axs ri 2 0 NI Master vPROTO No Program Running 2 0 NiMaster v3 12 332 AWMXAmenitiesMain AMXAmenitiesMain axs 3 D NI Master v3 12 332 Test Test axs 3 0 NI Master vPROTO TheSonyDaTest TheSonyDaTest axs 3 0 NI Master vPROTO Empty 25 0 NI Master v3 12 332 No Program Running FIG 52 System Manage NetLinx tab The table on this page consists of five columns NetLinx Device Details Column Description System Displays the System value being used by the listed NetLinx Master Device Displays the assigned device value of the listed unit This Device entry applies to both the Master and those NDP capable devices currently connected to that Master Device Type Displays a description of the target Master or connected d
177. ommand from the target device Custom Events From Generates a message there is a custom event occurring from the target device Disabling all Diagnostic Options For a Device There are two ways to disable all diagnostics for a device Inthe Edit Options window select Delete to remove the device from the Diagnostics Options page and disable all diagnostics Inthe Edit Options window deselect all selected diagnostics options and click Update This disables all diagnostics for this device but leaves the device on the Diagnostics Options page Creating and Recalling Diagnostics Presets The Store and Recall options in the Edit Options window allow you to save and recall preset diagnostics configurations Presets are saved via cookies so they do not persist across multiple browsers computers 1 Click the Presets down arrow to open a list of previously stored Presets By default the only preset is called 0 All Devices All Notifications This default Preset cannot be modified 2 Select an empty Preset for example 1 3 Select the desired diagnostic options and click Store 4 lt A popup window prompts you to name this Preset Enter a name and click OK To recall an existing Preset select it from the drop down list and click on Recall A Preset MUST be Recalled before clicking the Update button If you do not press this button none of the fields or checkboxes are modified or selected In essence all op
178. on Enable Auto Shutdown Auto Shutdown forces the termination of modules that have lost communication with their respective physical device This capability is needed for plug and play support By default Auto Shutdown is enabled If automatic termination of modules when they have lost communication is not desired this selection should be disabled Enable Subnet Match This selection allows you to specify whether or not IP devices should only be detected discovered if they are on the same IP Subnet as the Master Purge Bound Modules This selection indicates that all modules should be deleted from the bound on Reset directory upon the next reboot During the binding process the associated Duet modules for a device are copied from the unbound directory into a protected bound area Due to the dynamic nature of Java class loading it is not safe to delete a running JAR file Therefore this selection provides the administrator the capability of removing existing modules upon reboot by forcing a re acquisition of the module at bind time This selection is a one time occurrence upon the next reboot the selection is cleared Disable Module Search This option toggles the capability of searching the Internet either AMX s site or a via Internet device specified site for a device s compatible Duet modules This capability is automatically disabled if the Master does not have Internet connectivity Upon enabling Internet con
179. operly to the target Master A CA certificate can only be imported to a target Master only after both a self generated certificate has been created and the SSL Enable feature has been selected on the Master These actions configure the Master the secure communication necessary during the importing of the CA certificate Manage System Clock Manager Options Click the Clock Manager link in the Manage System tab to access the Clock Manager Options page FIG 47 The options on this page allow you to enable disable using a network time source and provide access to Daylight Saving configuration and which NIST servers to use as a reference System Number 2 a LOGIN Welcome quest bom System Number 2 v IET t T a e r 7 sn Master Configuration Manager WebControl Security Clock Manager Options Modify Clock Manager options for the Master SES JEE Pers server Mode Manager Mode Settings i NISTSe Network J mee mme C CB Re Sync Period 2hours Timezone GMT 00 00 Greenwich Mean Time Dublin Edinburgh Lisbon London ze pate 09 14 jj 2006 mmiaywy Date and Time are only available lt 4 if Stand Alone is selected as the Time Synch option Time 15 33 20 _ hh mm ss FIG 47 Clock Manager Options Mode Settings tab The Clock Manager Options are separated into three tabs e Mode Settings The Mode Manager in this tab allows you to set the Clock Manager Mode
180. ored in non volatile memory This command sets the delay time between pulses generated by the CH or XCH send commands in tenths of seconds Syntax SEND COMMAND DEV CTOF time Variable time 0 255 Given in 1 10ths of a second Default is 5 0 5 seconds Example SEND COMMAND IR 1 CTOF 10 Sets the off time between each IR pulse to 1 second CTON Set the total time of IR pulses transmitted and is stored in non volatile memory This command sets the pulse length for each pulse generated by the CH or XCH send commands in tenths of seconds Syntax SEND COMMAND DEV CTON time Variable time 0 255 Given in 1 10ths of a second Default is 5 0 5 seconds Example SEND COMMAND IR 1 CTON 20 Sets the IR pulse duration to 2 seconds IR Serial SEND_COMMANDs Cont Command Description GET BAUD Get the IR port s current DATA mode communication parameters The port sends the parameters to the device that requested the information Only valid if the port is in Data Mode see SET MODE command The port responds with lt port gt lt baud gt lt parity gt lt data bits gt lt stop bits gt Syntax SEND COMMAND lt DEV gt GET BAUD Example SEND COMMAND IR 1 GET BAUD System response example PORT 9 IR CARRIER IO LINK 0 GET MODE Poll the IR Serial port s configuration parameters and report the active mode settings to the device re
181. ork Settings ZeroConfig Networking Use these radio buttons to enable disable the Zero Configuration ZeroConfig client in the Master By default ZeroConfig Networking is enabled On option selected With ZeroConfig enabled the Master s web interface will be registered via ZeroConfig and can be viewed through a ZeroConfig browser plug in such as Bonjour for IE NDP Beacon Use these radio buttons to enable disable the NetLinx Discovery Protocol NDP beacons client in the Master By default NDP Beacon is enabled On option selected With NDP Beacon enabled the Master will transmit NDP beacons for AMX s proprietary device discovery IP Device Discovery Use these radio buttons to enable disable the detection of third party multicast IP based Device Discovery beacons By default IP Device Discovery is enabled On option selected With IP Device Discovery enabled the Master will detect third party multicast IP based Device Discovery beacons Manage Devices URL List With the NetLinx Controller selected in the Device drop down menu click the URL List link in the Manage Devices tab to access the URL List page FIG 64 The options on this page allow you to view and edit the URL List of devices for the NetLinx Master Controller System Number 1 Ga A k TOGIN Welcome guest yes 00000 NI Master e REFRESH i i ml System Master Configuration Manager WebControl Security System URL List Modify URL
182. ort s communication parameters for stop and data bits according to the software settings on the RS 232 port default Disables 9 bit in 232 422 455 mode By default this returns the communication settings on the serial port to the last programmed parameters This command works in conjunction with the B9MON command Syntax SEND COMMAND DEV B9MOFF Example SEND COMMAND RS232 1 B9MOFF Sets the RS 232 port settings to match the port s configuration settings RS 232 422 485 SEND_COMMANDs Cont Command Description B9MON Override and set the current communication settings and parameters on the RS 232 serial port to 9 data bits with one stop bit Enables 9 bit in 232 422 455 mode This command works in conjunction with the B9MOFF command Syntax SEND COMMAND DEV B9MON Example SEND COMMAND RS232 1 B9MON Resets the RS 232 port s communication parameters to nine data bits one Stop bit and locks in the baud rate CHARD Set the delay time between all transmitted characters to the value specified in 100 Microsecond increments Syntax SEND COMMAND DEV CHARD time Variable time 0 255 Measured in 100 microsecond increments Example SEND COMMAND RS232 1 CHARD 10 Sets a 1 millisecond delay between all transmitted characters CHARDM Set the delay time between all transmitted characters to the value specified in 1 Millisecond in
183. orts including accessing the WebConsole Telnet SSH SFTP If selected a valid username and password is required for Telnet Access Telnet access Access allows communication over either the Telnet and or SSH Ports and Secure FTP access Note SSH version 2 only is supported To establish a secure Telnet connection an administrator can decide to disable the Telnet Port and then enable the SSH Port Refer to the Port Settings on page 49 for details Configuration If selected a valid username and password is required before allowing a group user to alter the current Master s security and communication settings via NetLinx Studio This includes such things as IP configuration Reset URL list settings Master communication settings and security parameters ICSP Connectivity If selected a valid username and password is required to communicate with the NetLinx Master via an ICSP connection TCP IP UDP IP and RS 232 This feature allows communication amongst various AMX hardware and software components This feature works in tandem with the Require Encryption option see below to require that any application or hardware communicating with the Master must provide a valid username and password In a Master to Master system the Master which accepts the IP connection initiates the authentication process This configuration provides compatibility with existing implementations and provides more flexibility for the implement
184. ou set the time on any system device the new time will be reflected on the system s Master and on all connected devices Note This will not update clocks on devices connected to another Master in Master to Master systems Example gt SET TIME Enter Date hh mm ss gt SET TIMELINE LOOPCNT Sets the Master s timeline event max loopcount SET UDP BC RATE Sets the UDP broadcast rate A broadcast message is sent by the Master to allow devices to discover the Master This command allows the broadcast frequency to be changed or eliminate the broadcast message Example gt SET UPD BC RATE Current broadcast message rate is 5 seconds between messages Enter broadcast message rate in seconds between messages off 0 default 5 valid values 0 300 Once you enter a value and press the ENTER key you get the following message Setting broadcast message rate to 300 seconds between messages New broadcast message rate set SET URL lt D P S gt Sets the initiated connection list URLs of a device Enter the URL address and port number of another Master or device that will be added to the URL list Enter Y yes to approve store the new addresses in the Master Enter N no to cancel the operation Example gt SET URL 0 1 0 No URLs in the URL connection list Type A and Enter to Add a URL or Enter to exit gt a Enter URL gt 192 168 21 200 Enter Port or hit Enter to accept default 1319 Enter Type
185. own menus to modify the Port settings Click Reset to Default Settings to return this port to its default configuration Default Port Settings Baud Rate 9600 Data Bits 8 Parity None Stop Bits 1 Flow Control None 485 Disabled EE Manage Devices Network Settings With the NetLinx Controller selected in the Device drop down menu click the Network Settings link in the Manage Devices tab to access the Network Settings page FIG 63 Use the options on this page to view edit the Controller s network settings System Number 1 f amp UTOGIN welcome quest p 00000 NI Master v MEET m A a If i i system Master Configuration Manager WebContro T Secunty Systen ge Devices Network Settings e Modify Network Settings for Devices Network Settings URL List Device Number Control Emulate Log Diagnostics Device Name NI Master Manufacturer AMX LLC Device Number 0 Version v3 60 453 Port Count 5 FWID 380 OID 1 vxWorks Image v3 60 453 OID 2 BootROM v3 60 453 OID 3 AXLink I F uController v1 30 4 IP Address Host Name Bhane31 puce C specify IP Address IP Address 122 ise Subnet Mask Bes Pe PS Gateway f 92 fies DNS Address Domain Sufix famxintemal pnsipt fez fes onsiz 9 fes pmerz ZeroConfig Networking GC on C or NDP Beacon on of IP Device Discovery G on C on FIG 63 System Manage Devices Netw
186. p security and setup security functions are only available via a direct RS232 Program Port connection They are not available to Telnet sessions 2 Type setup security to access the Setup Security menu shown below gt setup security These commands apply to the Security Manager and Database 1 Set system security options for NetLinx Master 2 Display system security options for NetLinx Master 3 Add user 4 Edit user 5 Delete user 6 Show the list of authorized users 7 Add group 8 Edit group 9 Delete group 10 Show list of authorized groups 11 Set Telnet Timeout in seconds 12 Display Telnet Timeout in seconds 13 Make changes permanent by saving to flash 14 Reset Database 15 Display Database Or ENTER to return to previous menu Security Setup gt 3 The Setup Security menu shows a list of choices and a prompt To select one of the listed choices simply enter the number of the choice 1 17 at the prompt and press lt Enter gt Each option in the Setup Security menu displays a submenu specific to that option The following subsections describe using each of the Setup Security menu options Changes made to the target Master from within the Terminal window are not reflected within the web browser until the Master is rebooted and the web browser connection is refreshed Any changes made to the Master from within the web browser are instantly reflected within the Terminal session without the
187. pdSetSA create an SA proposal in the SPD create an SA proposal in the SPD SYNOPSIS spdSetSA pConfStr DESCRIPTION This rule creates an SA proposal in the SPD An SA proposal is a list of proposals IKE sends the list to the peer during negotiation Rule Value Rule Value pConfStr A stringValue specifier formatted as follows saName proposalName proposalNumber proposalName proposalNumber where saName is unique Phase 2 SA name proposalName is the name of an existing proposal with its attributes already set You can specify up to four proposal names proposalNumber is the proposal number which determines the ordering and combination of proposals in the SA proposal When combining ESP and AH transforms you may configure an ESP tunnel policy with an AH tunnel policy or an ESP transport policy with an AH transport policy by using the same proposal number for both policies EXAMPLES spdSetSA qm sa default esp tunnel 1 ah tunnel 1 esp tunnel A 2 esP tunnel B 3 spdSetSA qm sa default esp transport 1 ah transport 1 SpdSetSA qm sa default esp tunnel 1 ah tunnel 2 Config String Format saName proposalName proposalNumber proposalName proposalNumber Pre defined The following are Phase II SA proposal names already defined inside the AMX Firmware and Security available for use Association SA proposal names qm sa gl transport esp gl transport 1 ah gl transport 2 qm sa g2 transport esp g2 transport l ah g2 trans
188. port 2 qm sa gl tunnel esp gl tunnel 1 ah gl tunnel 2 qm sa g2 tunnel esp g2 tunnel 1 ah g2 tunnel 2 Manual Key Manager MKM mkmAddBypass mkmAddBypass NAME mkmAddBypass add a bypass Security Association SYNOPSIS mkmAddBypass cptr mkm sa DESCRIPTION This rule adds a bypass Security Association SA After adding an SA mkmCommit must be called to commit the SA to the Security Association Database SADB Rule Value cptr mkm sa A string formatted as follows saNumber protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality mirroring where saNumber is a decValue a unique number to be assigned to the SA protocolSelector is the IANA IP protocol number decValue ANY Use 6 for TCP or 17 for UDP destinationPort and sourcePort are decValue ANY destinationAddressSelector and sourceAddressSelector are ipAddressl ipAddress2 ipMaskPrefix directionality is IN OUT If IN then this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host A mirrored policy will automatically be created for the opposite traffic flow mirroring is NOTMIRRORED MIRRORED NOTMIRRORED will create a policy only in the specified direction MIRRORED will create two policies one in each direction EXAMPLES IPv4 mkmAddBypass 8 17 ANY 17185 0 0 0 0 0 0 0 0 0 0 OUT NOTMIRRORED IPv6 mkmAddBypass 8 17 ANY
189. prevents incoming messages being lost in the Master upon startup When DEVICE HOLDOFF is ON you must use ONLINE events to trigger device startup SEND COMMANDS By default DEVICE HOLDOFF is OFF to maintain compatibility with Axcess systems where devices are initialized in DEFINE START Note This command sets the state of the device holdoff The GET DEVICE HOLDOFF command reveals whether the state is On or Off Example gt Device Holdoff ON Device Holdoff Set DEVICE STATUS lt D P S gt Displays a list of all active on channels for the specified D P S If you enter DEVICE STATUS without the D P S variable the Master dis plays ports channels and version information DIPSWITCH Displays the current state of the Master controller s hardware dipswitches DISK FREE Displays the total bytes of free space available on the Master Example gt DISK FREE The disk has 2441216 bytes of free space Terminal Commands Cont Command Description DNS LIST lt D P S gt Displays the DNS configuration of a specific device including Domain suffix Configured DNS IP Information Example DNS LIST 0 1 0 Domain suffix amx com The following DNS IPs are configured Entry 1 192 168 20 5 Entry 2 12 18 110 8 Entry 3 12 18 110 7 ECHO ON OFF Enables Disables echo display of typed characters GET DEVICE HOLDOFF Displays the state of the Master s device holdoff setting Note This command reveal
190. questing the information IROFF Halt and Clear all active or buffered IR commands being output on the designated port The port responds with port gt lt mode gt lt carrier gt lt io link channel Syntax SEND COMMAND lt DEV gt GET MODE Example SEND COMMAND IR 1 GET MODE The system could respond with PORT 4 IR CARRIER IO LINK 0 Syntax SEND COMMAND DEV IROFF Example SEND COMMAND IR 1 IROFF Immediately halts and clears all IR output signals on the IR 1 port POD Disable previously active PON power on or POF power off command settings Channel 255 changes are enabled This command is used in conjunction with the I O Link command Syntax SEND COMMAND DEV POD Turn Off a device connected to an IR port based on the status of the corresponding I O Link input Example SEND COMMAND IR 1 POD Disables the PON and POF command settings on the IR 1 device POF If at any time the IR sensor input reads that the device is ON such as if someone turned it on manually at the front panel IR function 28 if available or IR function 9 is automatically generated in an attempt to turn the device back OFF If three attempts fail the IR port will continue executing commands in the buffer If there are no commands in the buffer the IR port will continue executing commands in the buffer and trying to turn the device OFF until a PON or POD command is received
191. r Master in Master to Master systems Example gt SET DATE Enter Date mm dd yyyy gt SET DNS lt D P S gt Sets up the DNS configuration of a device This command prompts you to enter a Domain Name DNS IP 1 DNS IP 2 and DNS IP 3 Then enter Y yes to approve store the information in the Master Entering N no cancels the operation Note The device must be rebooted to enable new settings Example gt SET DNS 0 1 0 Enter New Values or just hit Enter to keep current settings Enter Domain Suffix amx com Enter DNS Entry 1 192 168 20 5 Enter DNS Entry 2 12 18 110 8 Enter DNS Entry 3 12 18 110 7 You have entered Domain Name amx com DNS Entry 1 192 168 20 5 DNS Entry 2 12 18 110 8 DNS Entry 3 12 18 110 7 Is this correct Type Y or N and Enter gt Y Settings written Device must be rebooted to enable new settings SET DUET MEMORY Set the amount of memory allocated for Duet Java pool This is the cur rent Java memory heap size as measured in Megabytes This feature is used so that if a NetLinx program requires a certain size of memory be allotted for its currently used Duet Modules it can be reserved on the target Master Valid values are 2 8 for 32MB systems 2 36 for 64MB systems This setting does not take effect until the next reboot Note If you are trying to accomplish this setting of the Duet Memory size via a NetLinx program the program command DUET MEM SIZE
192. r is an address in the format ipAddressl ipAddress2 ipMaskPrefix directionality is IN for inbound or OUT for outbound If IN this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host mirroring is NOTMIRRORED or MIRRORED NOTMIRRORED creates a policy only in the specified direction MIRRORED creates two policies one in each direction EXAMPLES IPv4 spdAddBypass 17 0 17185 0 0 0 0 0 0 0 0 0 0 OUT NOTMIRRORED IPv6 spdAddBypass 17 0 17185 0 0 0UT NOTMIRRORED Config String protocolSelector destinationPort sorucePort destinationAddressSelector Format sourceAddressSelector directionality mirroring SpdAddDiscard SpdAddDiscard NAME spdAddDiscard create a discard policy in the SPD SYNOPSIS spdAddDiscard pConfStr DESCRIPTION This rule creates a discard policy in the SPD Rule Value pConfStr A stringValue specifier formatted as follows protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality mirroring where protocolSelector is a decValue IANA protocol number or ANY 6 for TCP or 17 for UDP destinationPort is a decValue port number or ANY sourcePort is a decValue port number or ANY destinationAddressSelector is an address in the format ipAddressl ipAddress2 ipMaskPrefix sourceAddressSelector is an address in the format ipAddressl ipAddress2 ip
193. rd secrecy when negotiating with the peer unless a DHGROUP is also specified in the Phase 2 attributes set via spdSetPropAttrib Rule Value Rule Value configString A string formatted as follows peerlpAddress interfaceIpAddress proposalName PFS authenticationMethod authenticationInfo where peerlpAdaress is the address of the IKE peer interfacelpAdaress is the local IP address that is to communicate with the peer proposalName is an existing Phase 1 proposal name defined via ikeSetProp authenticationMethod is PSK pre shared key or RSA certificate support authenticationInfo depends on authenticationMethod See below When authenticationMethod is PSK authenticationInfo is the pre shared key represented as printable ASCII When authenticationMethod is RSA authenticationInfo is a string formatted as follows localKey localKeyPassword localCertificate PEER CERT peerCertificate localKey The filename where the local peer s key is stored localKeyPassword The password for the local peer s key Specify NOPASS if there is no password Note that the maximum password length is MAX PRIVATE KEY PASSWORD LENGTH localKey The filename where the local peer s key is stored Esch ikeAddPeerAuth Cont Rule Value Cont localKeyPassword The password for the local peer s key Specify NOPASS if there is no password Note that the maximum password length is MAX PRIVATE KEY PASSWORD LENGTH loc
194. re available to all Ifa connection is opened but a valid a username password combination is not entered i e just sitting at a login prompt the connection will be closed after one minute Terminal Commands The Terminal commands listed in the following table can be sent directly to the Master via either a Program Port or a Telnet terminal session with the exception of the Help Security and Resetadminpassword commands which are only available to a Program Port RS232 connection In your terminal program type Help or a question mark and Enter to access the Help Menu and display the Program port commands described below Terminal Commands Command Description Sie Help lt D P S gt Extended diag messages are OFF lt D P S gt Device Port System If omitted assumes Master or Help Displays this list of commands CLEAR AUDIT LOG Purges the entire database of audit records See the SHOW AUDIT LOG section on page 110 CPU USAGE Diagnostic tool to calculate a running average of the current CPU usage of the Master DATE Displays the current date and day of the week Example gt DATE 10 31 2004 Wed DEVICE HOLDOFF ON OFF Sets the Master to holdoff devices i e does not allow them to report ONLINE until all objects in the NetLinx program have completed executing the DEFINE START section If set to ON any messages to devices in DEFINE START will be lost how ever this
195. rk Settings page Network Settings to Control Emulate that device ber Modify Network Settings for Devices Control Emulate Log Diagnostics Device Information Device Name NI Master N Port Count 1 Master Configuration Manager Gah Gaam System FWID 380 OID 1 works Image Y S Control Emulate Options Network Settings URL List Device Number Contro Emulate Log Diagnostics OID 2 BootROM v3 41 Modify controVemulate options for the Master OID 3 AXLink I F uCont Control or Emulate IP Address System Device Port to Control Emulate Channel Code Host Name Waser System Number 2 le Kogi Input Channel Status r sen or Output Channel Status ouce O specity Deuce urne 1000 Feedback Channel Status Port Number 1 IP Address 92 168 3 A SubnetMask 255 288 Command Levei code A 8 fre er Level EE Gateway 192 168 a LE Seel gt Send Current Value Desired Value d String DNS Address P Send Domain Suffix amx internal DNS IP 2 192 188 n Copyright SCH ANX C Show Device Tree DNS IP 3 java ZeroConfig Networking GO o O os FIG 37 Select Control Emulate from within a selected Device s Network Settings page 2 Select either the Control or Emulate option 3 Inthe Channel Code section enter a valid Channel number to emulate Channel messages i e Push
196. roup listed in the Group Security Details page to expand the view to show details for the selected user Group FIG 29 Group Level rr SY Jete Level i f Group Leg UserLever d Group Security Details R Select ds open E fy a group to minimize Click to add a new Group administrator User Group 1 Q eat Q Delete User Group 2 Cru Qoette user Group 3 O Edt Q Delete w Admin Change Password Access Terminal RS232 Access FTP Access HTTP Access Telnet SSH SFTP Access Configuration ICSP Connectivity sw EncrjptICSP Connection FIG 29 Group Security Details Page NOTE Click the Edit button to edit the Security Access options for the selected user group Click Delete to delete the selected User Group from the Master Modifying the Properties of an Existing Group 1 Select the Group Level tab in the Security section to open the Group Security Details page 2 Click the Edit button to open the Group Security Details page for the selected group FIG 30 System Level Group Security Details t to open and modify a group to minimize User Group 3 Delete Admin Change Password Access v Terminal RS232 Access C FTP Access v HTTP Access Telnet SSH SFTP Access C Configuration ICSP Connectivity Encrypt ICSP Connection FIG 30 Group Security Details Page Edit Group Security Details 3 Modify the previously configured access rights by enablin
197. rt Settings Feature Description Telnet The port value used for Telnet communication to the target Master Enabling this feature allows future communication with the Master via a separate Telnet application such as HyperTermi nal The default port value is 23 Refer to the NetLinx Security with a Terminal Connection section for more information on the related procedures I e Server Port Settings Cont Feature Description ICSP The port value used for ICSP data communication among the different AMX software and hard ware products This type of communication is used by the various AMX product for communica tion amongst themselves Some examples would be NetLinx Studio communicating with a Master for firmware or file information updates and TPDesign4 communicating with a touch panel for panel page and firmware updates The default port value is 1319 Note To further ensure a secure connection within this type of communication a user can enable the Require Encryption option which requires additional processor cycles Enabling of the encryption feature is determined by the user HTTP The port value used for unsecure HTTP Internet communication between the web browser s UI and the target Master By disabling this port the administrator or other authorized user can require that any consecutive sessions between the UI and the target Master are done over a more secure HTTPS connection By default
198. rtificate so it can be exported to the external Certificate Authority CA for later receipt of an SSL Certificate This action is used to request a certificate from an external source Self Generate Certificate Takes the information entered into the previous fields and generates its own SSL Certificate This action is used when no previous certificate has been installed on the target Master or a self signed certificate is desired Regenerate Certificate Takes the information entered into the previous fields and regenerates an SSL Certificate This action changes the Master Key This method of certificate generation is used to modify or recreate a previously existing certificate already on the Master Organization Name Name of your business or organization This is an alpha numeric string 1 50 characters in length Organization Unit Name of the department using the certificate This is an alpha numeric string 1 50 characters in length City Location Name of the city where the certificate is used This is an alpha numeric string 1 50 characters in length State Province Name of the state or province where the certificate is used alpha numeric string 1 50 characters in length Note The state province name must be fully spelled out Country Name Provides a drop down selection with a listing of currently selectable countries Displaying SSL Server Certificate Information Click
199. rule sets the transform ID and key for an outbound Encapsulating Security Payload ESP Security Association SA Rule Value Rule Value configuration string A string formatted as follows saNumber spi espTransformID attributeType attributeValue attributeType attributeValue where saNumber is a unique unsigned integer specified by the user spi is the decValue for the security parameter index an unsigned long SPI 2255 and SPI SPI BOUNDARY which is defined as 2048 espTransformID is ESPDES ESP3DES ESP DES ESP 3DES ESPAES ESP AES ESPAES CTR ESP AES CTR ESPNULL ESP NULL Note that ESP transform names of the form ESPxxx are deprecated the preferred names are of the form ESP xxx and the deprecated forms will be removed in the future Attribute types and values are shown in the following table Attribute Type Attribute Value ENCKEY Decryption key in hexadecimal format must be 16 characters for DES 48 characters for 3DES and 32 characters for AES AUTHALG MD5 SHA HMAC MD5 HMAC SHA HMAC SHA2 256 HMAC SHA2 384 HMAC SHA2 512 HMAC RIPEMD AES XCBC MAC AUTHKEY Authentication key in hexadecimal format must be 32 characters for MD5 40 characters for SHA 64 characters for SHA2 256 96 characters for SHA2 384 128 characters for SHA2 512 and 40 characters for RIPEMD IV Initialization Vector for encryption must be 16 characters for DE
200. ry of the Master All subdirectories of the user directory can be granted access A single is sufficient to grant access to all files and directories in the user directory and it s sub directory The wildcard can also be added to enable access to all files All entries should start with a LE R i S A aE Here are some examples of valid entries Path user userl Room results txt iWeb ControlPages Notes Enables access to the user directory and all files and subdirectories in the user directory Enables access to the user directory and all files and subdirectories in the user directory If user1 is a file in the user directory only the file is granted access If user1 is a subdirectory of the user directory all files in the user1 and its sub directories are granted access user1 is a subdirectory of the user directory All files in the user1 and its sub directories are granted access Room1 iWeb ControlPages is a subdirectory and all files and its subdirectories are granted access results txt is a file in the user directory and access is granted to that file By default all accounts that enable HTTP Access are given a Directory Association if no other Directory Association has been assigned to the account When you are prompted to enter the path for a Directory Association the NetLinx Master will attempt to validate the path If the directo
201. ry or file is not valid i e it does not exist at the time you entered the path the NetLinx Master will ask you whether you were intending to grant access to a file or directory From the answer it will enter the appropriate Directory Association The NetLinx Master will not create the path if it is not valid That must be done via another means most commonly by using an FTP client and connecting to the FTP server on the NetLinx Master Default Security Configuration By default the NetLinx Master will create the following accounts access rights directory associations and security options Account 1 Password Group Rights Account 2 Password Group Rights Group 1 Rights Security Options Directory Association Directory Association Directory Association User Name administrator password administrator All User Name NetLinx password none FTP Access none Group administrator All FTP Security Enabled Admin Change Password Security Enabled All other options disabled The administrator user account cannot be deleted or modified with the exception of its password Only a user with Change Admin Password Access rights can change the administrator password The NetLinx user account is created to be compatible with previous firmware versions The administrator group account cannot be deleted or modified The FTP Security and Admin Change Password Security are alway
202. s DOCUOPASDE egene etra tip rura ve suens consseontansveannsas EKE ioke nian SIUE CIEN MINE 2 Related DOoCUImbli ue geheegt gege ee EE EDS USPIAM FM NEA 3 Quick Setup and Configuration Overview ccccccccssscssssssssseeceseeseseesscsssssseeeees 3 Installation Procedu res irre ect ret rere neret aenor esaa Siaa 3 Configuration and Communication eese esee eene rse s asri n nennen nannte eenn nennen 3 Update the On board Master and Controller Firmware eene 3 Configure NetLinx Security on the NI Controller eene eene eene 3 EK deterrere 4 Bonjour Zero Configuration Client eeeeeeeeeeeeee eee eene nnne nennt 4 Connecting to a Network with a DHCP Servet cccccccsscssssssssssessssecesesessseseesessseeeees 4 Initial Configuration and Firmware Upgrade eere 5 e ll sq 5 Before You Start See 5 Preparing the NI Controller for Serial Communication eee 5 Configuring the NI Controller for LAN Communication ek 6 Using the ID Button to Change the Master Device Value eese 6 Obtaining the NI Controller s IP Address using DHCP eese 8 Assigning a Static IP to the NI Controller eeeeeeeeeeeeeee ener 9 Comm
203. s Debug Tools Settings Window Help Dled ana s On board NI Master e System 1 Devices 192 168 168 66 60 60 9f 60 1a 6e 00000 NI Master AMX Corp v3 01 320 EL 90003 NXC VOL4 Download AMX Corp v1 00 08 p 00004 NXC VAI4 Download Panja Inc 1 00 03 E 05001 NI 4000 AMX Corp v1 01 124 a ER 10505 CA12 Active Touch Panel AMX Corp v2 55 78 E 32001 NSX Application AMX Corp 2 40 gm Unbound Devices 10009 NXD CV7 v2 56 84ir in ir in TP4 Control cards NI 4x00 ONLY NetLinx Integrated Controller NetLinx Studio version Masters Devices Ports 1 7 J 22 Display Ci Workspace TE OnLine Tree FIG 17 Sample NetLinx Workspace window showing OnLine Tree tab If the control card firmware is not up to date download the latest firmware file from www amx com gt Tech Center gt Downloadable Files gt Firmware Files gt NXC XXX In this example the NXC VOL card contains out of date firmware and requires build 1 00 09 5 Ifthe NXC card firmware being used is not current download the firmware file by first logging in to www amx com and then navigate to Tech Center gt Firmware Files and from within the NetLinx section of the web page locate the NXC card entries 6 Click on the desired Kit file link and after you ve accepted the Licensing Agreement verify you have downloaded the NetLinx NXC card firmware Kit file to a know
204. s enabled and cannot be disabled NOTE 0 CAUTION Refer to the SET SECURITY PROFILE section on page 105 for information on setting Security Profiles Telnet Diagnostics Commands The following Telnet Diagnostics Commands provide visibility to remote Masters in order to determine the current state of operations and are provided as diagnostic troubleshooting tools While these commands are available for any user to execute their output is interpretable primarily by an AMX Technical Support Engineer Telnet Diagnostics Commands Command Description REBOOT HEAP WATCH This command causes the Master to reboot into a Heap Watch mode where every memory allocation is tracked back to a task running in the Master This option may be useful in cases where a remote Master is indicating a continu ous loss of memory With Heap Watch enabled AMX Technical Support may be able to track exactly which task is losing the memory SPY The SPY and SPY STOP interfaces are provided by VxWorks AMX has made it SPY STOP available to the user SPY lists out all of the tasks running in the Master and their CPU usage refreshing every 10sec SPY is very similar to a Windows Task Manager output This option may be useful in cases where a remote Master seems to be running but very slowly Enabling SPY might indicate if a specific task is using up the CPU SPY can also be useful in detecting infinite loops in NetLinx or Duet Java code since
205. s establishes a new connection to the specified System and populates the list with devices on that system The communication method is highlighted in green on the bottom of the NetLinx Studio window 4 After the Communication Verification dialog window verifies active communication between the PC and the NI unit verify the Integrated Controller appears in the OnLine Tree tab FIG 15 of the Workspace window ex NI 4000 or NI 700 This entry is different than the NI Master which uses a device value of 00000 see below INS NetLinx Studio File Edit view Project Build Diagnostics Debug Tools Settings Blec amp uas el gt elken amp System 1 Devices 192 168 168 66 60 60 9f 91 60 6e On board NI Master wm 00000 NI Master AMX Corp v3 01 320 NI X000 Master Device 0 p 05001 NI 700 AMX Corp v1 01 124 On board Integrated Controller NI X000 p 10505 CA12 Active Touch Panel AMX Corp 2 55 78 32001 NSX Application A orp 2 40 NetLinx Studio version gm Unbound Devices g 10009 NXD CV7 v2 56 84ir in ir in TP4 Unbound Dynamic Device Masters Devices Ports 1 5 8 Display Cy Workspace OnLine Tree FIG 15 Sample NetLinx Workspace window showing separate NI Master and Controller 5 Ifthe NI Controller firmware being used is not current download the latest Kit file by first logging in to www amx com and then navigating to Tech Center Firmware Files where you
206. s installs the final component of the new Kit file 12 After the last components fails to install click Done 13 Click Reboot from the Tools gt Reboot the Master Controller dialog and wait for the System Master to reboot The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation Wait until the STATUS LED is the only LED to blink 14 Press Done once until the Master Reboot Status field reads Reboot of System Complete 15 Repeat steps 5 9 again the last component will now successfully be installed 16 Click Close once the download process is complete pace ee NOTE The OUTPUT and INPUT LEDs alternately blink to indicate the on board Master is incorporating the new firmware Allow the Master 20 30 seconds to reboot and fully restart 17 Right click the System number and select Refresh System This establishes a new connection to the System and populates the list with the current devices and their firmware versions on your system Upgrading the NI Controller Firmware Via IP 1 Follow the procedures outlined within the Communicating Via an IP Address section on page 10 to connect to the target NI device via the web 2 After Studio has established a connection to the target Master click the OnLine Tree tab of the Workspace window to view the devices on the System The default System value is one 1 3 Right click the associated System number and select Refresh System Thi
207. s set by ESC n Where n A format ASCII D format Decimal H Hex Note Refer to the ESC Pass Codes section on page 115 for detailed descriptions of the supported pass codes Example pass 5001 7 4 Entering pass mode PHYSICAL STATUS Retrieve the current LED states PING ADDRESS Pings an address IP or URL to test network connectivity to and confirms the presence of another networked device The syntax is just like the PING application in Windows or Linux Example ping 192 168 29 209 192 168 29 209 is alive PROGRAM INFO Displays a list of program files and modules residing on the Master Example gt PROGRAM INFO Program Name Info Module Count 1 4 Name is i PCLinkPowerPointTest File Names 2 1 C Program Files AMX Applications i PCLinkPowerPoint 2 C Program Files Common Files AMXShare AXIs NetLinx axi 2 Name is MDLPP File Names 2 1 C AppDev i PCLink PowerPoint i PCLinkPowerPointMod axs 2 C Program files Common Files AMXShare AXIs NetLinx axi PULSE D P S or NAME CHAN Pulses a specified channel on a device on and off The device can be on any system the Master you are connected to can reach You can specify the device number port and system or the name of the device that is defined in the DEFINE_DEVICE section of the program Example PULSE 50001 8 50 1 Sending Pulse 50001 8 50 1 PWD Displays the name of the current directory Example pw
208. s the state of the device holdoff set using the DEVICE HOLDOFF ON OFF command Example gt GET DEVICE HOLDOFF Device Holdoff is off GET DUET MEMORY Display the amount of memory allocated for Duet Java pool This is the current Java memory heap size as measured in Megabytes An example is a value of 5 5 MB GET ETHERNET MODE Displays the current LAN configuration setting Settings are either auto in which the LAN driver will discover it s settings based on the network it is connected to OR speed and duplex where speed is either 10 or 100 and duplex is either full or half Example gt GET ETHERNET MODE Ethernet mode is auto Note See SET ETHERNET MODE GET IP lt D P S gt Displays the IP configuration of a device If you enter GET IP without the D P S variable the Master displays it s D P S Host Name Type DHCP or Static IP Address Subnet Mask Gateway IP and MAC Address Example GET IP 0 1 50 IP Settings for 0 1 50 HostName MLK INSTRUCTOR Type DHCP IP Address 192 168 21 101 Subnet Mask 255 255 255 0 Gateway IP 192 168 21 2 MAC Address 00 60 9f 90 0d 39 HELP SECURITY Displays security related commands Note This command is only available to Program Port terminal sessions It is not available to Telnet sessions see the Overview section on page 95 Example gt HELP SECURITY gt logout Logout and close secure session gt setup security Access the security setup menus ICSPMON ENABLED DIS
209. s you to set the rights assigned to the user Note See the Access Rights Menu section below for descriptions of each menu item Display User Record Contents This selection will display the group the user is assigned to and the current Access Rights assigned to the user Edit Group Menu The Edit Group Menu is accessed whenever you enter the Add group or Edit group selections from the Setup Security menu The Edit Group Menu options are described in the following table Edit Group Menu Command Description 3 Add Directory Association This selection will display any current directory associations assigned to the group and then will prompt you for a path for the new directory association Delete Directory Association This selection will display any current directory associations assigned to the group and then will prompt you to select the directory association you want to delete List Directory Associations This selection will display any current Directory Associations assigned to the group Change Access Rights This selection will display access the Access Rights menu which allows you to set the rights assigned to the group Note See the Access Rights Menu section below for descriptions of each menu item Display Access Rights This selection will display the current Access Rights assigned to the group Access Rights Menu The Access Rights Menu is accesse
210. settings to the Master Adding a Custom NIST Server To the List 1 Click on the radio button next to the last blank entry in the NIST Server Manager list 2 Inthe URL field enter the URL of the NIST Server The URL is used only to help you manage entries and is not verified or used internally by the clock manager 3 Enter the NIST Server s IP Address in the IP field This is used internally and must be a valid IP address The strings entered into the URL and Location fields are not used to connect to NIST Servers The IP Adaress entered into the IP field specifies the NIST Server s that will be used As stated above the address entered into the IP field must be must be a valid IP address not a URL 4 Enter the NIST Server s location in the Location field This is used only to help the user manage entries and it is not verified or used internally by the clock manager 5 Click Accept to save these settings to the Master Removing an NIST Server From the List 1 Click on the Remove x button to the right of a user added NIST Server in the NIST Server Manager list 2 Click Accept to save these settings to the Master The built in entries cannot be removed Clock Manager NetLinx Programming API Refer to Appendix C Clock Manager NetLinx Programming API section on page 145 for a listing and description of the Types Constants and Library Calls that are included in the NetLinx AXI to support Clock Manager functions System
211. ss is the IP address of the network interface to which the inbound SA is bound EXAMPLES IPv4 mkmAddTransport 5 6 2001 ANY 100 100 100 4 100 100 99 1 007 100 100 99 1 IPv6 mkmAddTransport 5 6 2001 ANY 3ffe 2 2 3 6 1 2 0UT 3 fe 1 2 Config String saNumber protocolSelector destinationPort sourcePort Format destinationAddressSelector sourceAddressSelector directionality networkInterfaceAddress mkmAddTunnel mkmAddTunnel NAME mkmAddTunnel add a tunnel mode Security Association SYNOPSIS mkmAddTunnel cptr mkm sa DESCRIPTION This rule adds a tunnel mode Security Association SA After adding an SA and setting the associated transform ID and keys mkmCommit must be called to commit the SA to the Secu rity Association Database SADB Rule Value Rule Value cptr mkm sa A string formatted as follows saNumber protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality tunnelEndpointIPAddress networkInterfaceAddress where saNumber is a decValue a unique number to be assigned to the SA protocolSelector is the IANA IP protocol number decValue ANY Use 6 for TCP or 17 for UDP destinationPort and sourcePort are decValue ANY destinationAddressSelector and sourceAddressSelector are ipAddressl ipAddress2 ipMaskPrefix directionality is IN OUT If IN then this policy applies to traffic coming into the current host
212. ssesestebecescerescnsesesovssevecossecdereneves 26 Allowed Special Characters oc ecceccecccsseeusvsssessceceseessc esecysvssseseveccacecdersentecsdssene 26 System Security System Level siee ee eto nao entere Reip ER RERNR IA M UEM E t PR EMPRU RE 27 System Level Security System Security Settings ccce 27 ACCESS OPO M L 28 Accepting Changes isseire 29 System Level Security IPSec Security Settings sseeeeesesoseseseeeeeeeeseressssseeeeeeereeeneneses 29 Config ring Settings TE 29 Uploading an Configuration File cease eene eene eee nenn nnne 30 Managing Certificate Files eee 1 ertet Ioco en ene etos epe aee Leere EXPE ce aaepe ege ENEE 30 AMX IPS c Configuration file 1002 1 retenue eto deeg gege 30 System Security Group Level eoe en ires nep ene ak cause sees Ie a Rate x sees en ta SE duas P E antes 30 Adding a New Group ME EN Group and User Security Access Options eeeeeeeeeeeeeeeeee nennen nennen nennen 31 Viewing Group Security Settings Details eene nennen 32 Modifying the Properties of an Existing Group eese eene enne 33 Deleting at Group t 33 System Security User Level scoicscecennssaccusedecctessnensensenensbacevesepaeniasecaseonsentestanassianaaiees 34 T
213. t 0 zero Note that in most cases the Device Number for Master Controllers should remain set to zero Manage Devices Control Emulate With the NetLinx Controller selected in the Device drop down menu click the Control Emulate link in the Manage Devices tab to access the Control Emulate Options page FIG 67 System Number 1 f BD ek TOGIN Welcome guest fy 00000 NI Master e RT WebControl d Security System Master Configuration Manager Control Emulate Options Modify options for the Master and attached devices Network Settings URL List Device Number Log Diagnostics System Device Port to Control Emulate _ Channel Code System Number fi LS Input Channel Status Device Number P oF output Channel Status Port Number Feedback Channel Status Push button only displayed if Emulate is selected Level Code Level Ze 5s GC gt Send urrent Value Desired Value LE F i E d Command String SCHEER FIG 67 Manage System Control Emulate Options This page can also be accessed via the Manage System options as described in the Manage System Control Emulate Options section on page 41 See the Controlling or Emulating a System Device section on page 41 for details Console System Options Manage Devices Log With the NetLinx Controller selected in the Device drop down menu click the Log link in the Manage Devices tab to access the Mess
214. t D P S gt Sets the IP configuration of a specified device Enter a Host Name Type DHCP or Fixed IP Address Subnet Mask and Gateway IP Address Note For NetLinx Central Controllers the Host Name can only consist of alphanumeric characters Enter Y yes to approve store the information into the Master Enter N no to cancel the operation Note The Device must be rebooted to enable new settings Example gt SET IP 0 1 0 Enter New Values or just hit Enter to keep current settings Enter Host Name MLK INSTRUCTOR Enter IP type Type D for DHCP or S for Static IP and then Enter DHCP Enter Gateway IP 192 168 21 2 You have entered Host Name MLK INSTRUCTOR Type DHCP Gateway IP 192 168 21 2 Is this correct Type Y or N and Enter gt y Settings written Device must be rebooted to enable new settings SET LOG COUNT Sets the number of entries allowed in the message log Note The Master must be rebooted to enable new settings Example gt SET LOG COUNT Current log count 1000 Enter new log count between 50 10000 Once you enter a value and press the ENTER key you get the following message Setting log count to New log count set reboot the Master for the change to take affect Terminal Commands Cont Command Description SET QUEUE SIZE Provides the capability to modify maximum message queue sizes for vari ous threads Example set queue size This will set the m
215. tate This includes Removal of all security settings Removal of all user files Resetting to DHCP Loading an empty NetLinx program Once reset the Master will be effectively in an out of box state It may be necessary to refresh the browser window after the master has finished booting click Refresh NOTE Manage System Control Emulate Options Click the Control Emulate link in the Manage System tab to access the Control Emulate Options page FIG 36 The options on this page allow you to Control or Emulate a device connected to this Master Device Control Emulation is accomplished by manipulating a target device s channels levels and sending both send commands and strings to the device To Control a device means that the program generates messages which appear to a specified device to have come from the Master To Emulate a device means that the program generates messages which appear to the Master to have come from a specified device physical or virtual When Emulate is selected a Push button is added to the Channel Code section see FIG 36 System Number 1 TT A ek TOGIN Welcome guest pi System Number 1 MESZ m KETTE System Master Configuration Manager PR en Pet gt Manage System JEE le EE E ale Ee e Control Emulate Options Sys Serv kM Modify options for the Master and attached devices ii ControlEmulate Diagnostics erver Clock Manager Control or Emulate K Contrai Ce Emulate
216. ted are in numerical order Example gt SHOW SYSTEM Local devices for system 50 This System Device ID Model ID Mfg FWID Version 00000 00256 Master 00001 AMX Corp 00256 v2 10 75 PID 0 0ID 0 Serial 2010 12090 0 0 0 0 0 0 Physical Address NeuronID 000239712501 00256 vxWorks Image 00001 00257 v2 00 77 PID 0 0ID 1 Serial N A 00256 Boot ROM 00001 00258 v2 00 76 PID 0 0ID 2 Serial N A 00256 AXlink I F uContr 00001 00270 v1 02 PID 0 0ID 3 Serial 0000000000000000 00096 00192 VOLUME 3 CONTROL BO 00001 AMX Corp 00000 v2 10 PID 0 0ID 0 Serial 0000000000000000 Physical Address Axlink 00128 00188 COLOR LCD TOUCH PAN 00001 AMX Corp 32778 v5 01d PID 0 0ID 0 Serial 0000000000000000 Physical Address Axlink 05001 00257 NXI Download 00001 AMX Corp 00260 v1 00 20 PID 0 0ID 0 Serial 0 0 0 0 0 0 0 0 0 0 0 0 Physical Address NeuronID 000189145801 00257 NXI NXI 1000 Boot 00001 00261 v1 00 00 PID 0 O0ID 1 Serial 0 0 0 0 0 0 0 0 0 0 0 0 10002 00003 PHAST PLK IMS 00001 Phast Corp 0003 v3 12 PID 0 0ID 0 Serial 0000000000000000 Physical Address NeuronID 0100417BD800 START LOG ON OFF Enables and disables the collection of startup log messages Once enabled the first x number of logs will be retained at startup for sub sequent review via the show start log command Use SET LOG COUNT page 104 to set the number of log message that are retained TCP LIST Displays a list of activ
217. the option of using either a standard straight through or a crossover LAN cable to communicate with a PC both cable types will work 2 Select Diagnostics Network Address from the menu bar and enter the System Device 0 for a Master and Host Name information 3 To configure the Address Use a DHCP Address by selecting the Use DHCP radio button then click the GET IP button to obtain a DHCP Address from the DHCP Server click the SET IP Information button to retain the new address and then finish the process by clicking the Reboot Master OK buttons Use a Static IP Address by selecting the Specify IP Address radio button enter the IP parameters into the available fields then click the SET IP Information button to retain the pre reserved IP Address to the Master and then click the Reboot Master OK buttons to finish the process 4 Repeat steps 1 5 from the previous section but rather than selecting the Serial option choose TCP IP and edit the settings to match the IP Address you are using Static or IP 5 Click on the Authentication Required radio box if the Master is secured and press the User Name and Password button to enter a valid username and password being used by the secured Master 6 Click the OK to close all dialogs and return to the main application Using the ID Button to Change the Master Device Value Use the ID Button on the rear panel in conjunction with ID Mode function in NetLinx Stud
218. the Create SSL Certificate link in the Server Options page to open the Create SSL Certificate window By default the Display Certificate Action is selected and the fields in this window are populated with information from the certificate installed on the Master Ifthe Master does not have a previously installed certificate these fields are blank Creating a Request for an SSL Certificate 1 Click the Create SSL Certificate link in the Server Options page to open the Create SSL Certificate window 2 Fill out the fields according to the descriptions in the SSL Certificate Entries section on page 52 e Click the down arrow next to the Action field and choose Create Request from the drop down list 4 Click the Create SSL Certificate button to accept the information entered into the above fields and generate a certificate file Click Close to exit without making changes to the Master This refreshes the Server Certificate page and if the certificate request was successful displays a Certified request generated message Self Generating an SSL Certificate 1 Click the Create SSL Certificate link in the Server Options page to open the Create SSL Certificate window 2 Fill out the fields according to the descriptions in the SSL Certificate Entries section on page 52 3 Click the down arrow next to Action and choose Self Generate Certificate When this request is submitted the certificate is generated and installed into the
219. the IP URL for the connected NI Controller and transfer firmware Kit files to the Master NetLinx Studio is available to download free of charge from www amx com Before commencing verify you are using the latest firmware Kit file this file contains both the NI Integrated Controller and on board Master firmware The NI 4100 3100 2100 Kit file begins with 2105 04 X100 The NI 700 900 Kit file begins with 2105 03 NI X00 and 2105 09 NI X00 respectively Before You Start 1 Verify you have the latest version of NetLinx Studio on your PC Use the Web Update option in NetLinx Studio s Help menu to obtain the latest version Alternatively go to www amx com and login as a Dealer to download the latest version 2 Verify that an LAN ICSNet cable is connected from the NI Controller to the LAN Hub 3 Connect an programming cable RS 232 from the Program Port on the NI Controller to a COM port on the PC being used for programming 4 Verify that any control cards NI 4000 and NI 4100 only are inserted and their respective connectors are attached to the rear of the NI Controller before continuing 5 Verify that the NI Controller is powered On Preparing the NI Controller for Serial Communication To establish serial communication with the Controller via the PROGRAM DB39 port 1 Launch NetLinx Studio 2 x default location is Start gt Programs gt AMX Control Disc gt NetLinx Studio 2 NetLinx Studio 2 2 Select Settings
220. the Master 3 Click the Submit button to upload a copy of the selected JAR file to the target Master s unbound directory Ifa file of the same specified name already exists within the unbound directory the system will prompt you to confirm overwriting the existing file Only JAR file types are allowed for Upload to the target Master KE NOTE Manage Devices Bindings Click the Bindings link in the Manage Devices tab to access the Manage Device Bindings page FIG 54 Use the options on this page to configure application defined Duet virtual devices with discovered physical devices System Number 2 PS Ed Baar ES Weicome quest KE System Number2 v EH uz BR Master Configuration Manager WeDEontrol Security System Manage System Wnage License Manage Netlinx Manage Devices Manage Device Bindings v ser levi Activ P View Modify the bindings for attached devices Device Options Bindings User Defined Devices Active Devices Polled Ports Select the binding you wish to modify delete Friendly lame Device SDK Class Device My DVD 41002 1 0 DiscDevice 5001 1 0 Release My Receiver 41001 1 0 Receiver Bind FIG 54 System Manage Devices Manage Device Bindings The table on this page displays a list of all application defined devices including each device s Friendly Name the Duet virtual device s D P S assignment the associated Duet Device SDK class indicating the type of the device and the
221. the User s rights see page 119 5 Delete user This selection will prompt you select a user to delete 6 Show the list of This selection displays a list of users authorized users 7 Add group This selection will prompt you for a name for the Group you are add ing The Group name must be a unique alpha numeric string 4 20 characters Note User and Group names are case sensitive After the Group is added you will be taken to the Edit Group menu to setup the new users right see page 119 8 Edit group This selection will prompt you select a Group to edit properties for Once you have selected the Group you want to edit it will take you to the Edit Group Menu so you can edit the group s rights see page 119 9 Delete group This selection will prompt you select a group to delete A group can only be deleted if there are no users assigned to that group 10 Show list of authorized This selection displays a list of groups groups 11 Set Telnet Timeout This selection allows you to set the time a telnet session waits for a in seconds user to login When a Telnet client connects to the NetLinx Master it is prompted for a username If the client does not enter a users name for the length of time set in this selection the session will be closed by the NetLinx Master 12 Display Telnet Timeout This selection displays the time a telnet session waits for a user to in seconds login Setup Security
222. the user and matches its results with the response from the client If they match it indicates the client has the correct password but the password itself never left the client s machine Accepting Changes Click the Accept button to save changes on this page Accepting changes is instantaneous and does not require a reboot System Level Security IPSec Security Settings The IPSec Security Settings link is not provided in firmware versions 4 x x or higher Click the IPSec Security Settings link to access the PSec Security Details page FIG 26 The options in this page allow you configure IPSec specific security options on the Master at the System level System Number 2 Ls LOGIN Welcome quest eos System Number 2 v Ee an P a Master Configuration Manager WebControl Security System Userlevel e Group Level IPSec Security Details Modify IPSec security settings for the Master System Security Settings IPSec Security Settings Configure IPSec Settings Manage Certificate Files No CRL Checking Select a file to delete CRL Checking CRL Checking All Delete File Update Settings Uplosd Configurstion File Upload Certificate File pos Submit Browse Submit FIG 26 IPSec Security Settings Page The IPSec Security Settings option is only available on the NI 700 900 and NI X100 series Masters with firmware that pre dates v4 x x NOTE Configur
223. tions become disabled Manage System Server Options Click the Server link in the Manage System tab to access the Server Options page FIG 43 The options on this page allow you to Change the port numbers used by the Master for various Web services Configure the SSL settings used on the Master Manage existing and pending license keys manage the active NetLinx system communication parameters Configure modify the SSL certificates on the target Master System Number 2 Tea TOSIN Weicome quest Kata System Number2 v Meigs A ap Rm EE the Master System Number Control Emulate Diagnostics Garver cock Manager Port Settings Enabled PortNumber Default Port Telnet v ps 23 Cep v 1319 1319 HTP 8 80 HTTPS SSL V Wu 443 sau E Ia 22 FIF v 2 21 SSL Certificate Options Create SSL Certificate Export SSL Certificate Import SSL Certificate FIG 43 Server Options page The options on this page are described below Port Settings Allows a user to modify the server settings specifically those port assignments associated with individual services e All items can be either enabled disabled via the Enabled checkboxes The port number values except the FTP port can be modified in this page The default port for each service is listed to the right Server Port Settings The following table describes each of the Port Settings presented on this page Server Po
224. tructions on setting a system value NOTE 3 Click the Get IP Information button to configure the on board Master for DHCP usage and then read the IP Address obtained from the DHCP Server C DO NOT enter ANY IP information at this time this step only gets the System Master LI to recognize that it should begin using an obtained DHCP Address EE NOTE 4 Note the obtained IP Address read only This information is later entered into the Master Communication Settings dialog and used by NetLinx Studio v 2 x to communicate to the NI Controller via an IP This address is reserved by the DHCP server and then given to the Master If the IP Adaress field is empty give the Master a few minutes to negotiate a DHCP C Adaress with the DHCP Server and try again The DHCP Server can take anywhere from a few seconds to a few minutes to provide the Master with an IP Address NOTE 5 Verify that NetLinx appears in the Host Name field if not then enter it in at this time 6 Click the Use DHCP radio button from the ZP Address section 7 Click the Set IP Information button to retain the IP Address from the DHCP server and assign it to the on board Master A popup window then appears to notify you that Setting the IP information was successful and it is recommended that the Master be rebooted 8 Click OK to accept the change to the new IP DNS information 9 Click the Reboot Master button and select Yes to close the Network Addresses dialog
225. ttings dialog In the Master Communication Settings dialog click OK to begin the communication process to your Master and close the dialog If you are currently connected to a Master a popup asks whether you would want to stop communication to the current Master and apply the new settings Click Yes to interrupt the current communication from the Master and apply the new settings Click Reboot from the Tools Reboot the Master Controller dialog and wait for the Master to reboot The STATUS and OUTPUT LEDs should begin to alternately blink during the incorporation Wait until the STATUS LED is the only LED to blink Press Done once until the Master Reboot Status field reads Reboot of System Complete Click the OnLine Tree tab in the Workspace window to view the devices on the System The default System value is one 1 Right click the associated System number and select Refresh System This establishes a new connection to the specified System and populates the list with devices on that system The communication method is then highlighted in green on the bottom of the NetLinx Studio window If the connection fails to establish a Connection Failed dialog appears Try selecting a different IP Address if communication fails Press the Retry button to reconnect using the same communication parameters Press the Change button to alter your communication parameters and repeat the steps above Verifying the Firmware Version On the
226. ttributes DHGROUP G2 LIFETIME 28800 sec mm gl mm 3des sha mm 3des md5 mm des sha mm des md5 n Attributes DHGROUP G1 LIFETIME 28800 sec mm prop mm des md5 Attributes DHGROUP G2 LIFETIME 300 sec mm propi mm des md5 Attributes DHGROUP G2 LIFETIME 3600 sec Additional IKE proposals and attributes can be created with the next two API s ikeSetProp ikeSetProp NAME ikeSetProp create a Phase 1 proposal SYNOPSIS ikeSetProp configString DESCRIPTION This rule creates a Phase 1 proposal with previously defined Phase 1 transform names Rule Value Rule Value configString A string formatted as follows proposalName transformName transformName transformName where proposalName is a unique name for a Phase 1 proposal transformName is an existing Phase 1 transform name defined via ikeSetXform EXAMPLES ikeSetProp mm group2 mm 3des sha mm 3des md5 mm des sha mm des md5 ELM proposalName transformName transformName transformName Pre defined A transform consists of an encryption algorithm and a hash algorithm The first value is the proposal encryption the second the hash names mm 3des sha 3DES SHA 1 mm 3des sha2 256 3DES SHA2 256 mm 3des sha2 384 3DES SHA2 384 mm 3des sha2 512 3DES SHA2 512 mm 3des md5 3DES MD5 ikeSetProp Cont Pre defined mm des sha DES SHA 1 proposal mm des sha2 256 DES SHA2 256 mm des sha2 384 DES SHA2 384 mm des sha2 512 DES SHA2 512 mm des md
227. ue Format Security Policy Database SPD spdAddTransport spdAddtTransport NAME spdAddTransport add a transport mode policy SYNOPSIS spdAddTransport pConfStr DESCRIPTION This rule adds a transport mode policy Rule Value Rule Value pConfStr A stringValue specifier formatted as follows protocolSelector destinationPort sourcePort destinationAddressSelector sourceAddressSelector directionality useSelectors keyManager saProposalName where protocolSelector is a decValue IANA protocol number or ANY 6 for TCP or 17 for UDP destinationPort is a decValue port number or ANY sourcePort is a decValue port number or ANY destinationAddressSelector is an address in the format ipAddressl ipAddress2 ipMaskPrefix sourceAdaressSelector is an address in the format ipAddressl ipAddress2 ipMaskPrefix pace Eee re spdAddTransport Cont Rule Value sourceAddressSelector is an address in the format Cont ipAddress1 ipAddress2 ipMaskPrefix directionality is IN for inbound or OUT for outbound If IN this policy applies to traffic coming into the current host If OUT it applies to traffic going out of the current host A mir rored policy is automatically created for the opposite traffic flow useSelectors is PACKET use packet selectors or POLICY use policy selectors keyManager is MANUAL manual negotiation or IKE key negotiation saProposalN
228. unicating Via an IP Address eror etienne tenete erret ba thee S na eee toe tH Ee bhs 10 Verifying the Firmware Version On the Master sscscccssessscsssssssssseceeesesseseees 13 Upgrading the On board Master Firmware via an IP ees EEEER ENNEN 14 Upgrading the NI Controller Firmware Via IP eere 16 If The Connection Fails eorr tn ege noon ae ena EN aene swa Fo ae gane asta EE 17 Upgrading NXC Card Firmware Via IP s ccccecssscs cscssasscossetsossaseesasannsansasncassnesensvaens 18 Resetting the Factory Default System and Device Values ss 20 Onboard WebConsole User Interface ssscccssseesstesssssssssssssssssssssssssssssseoees 21 WebConsole Ee ET 21 ER EA e 22 BIU NRI IT 22 Device Network Settings Pages 1 erronea nene nee eu nen unes una tenes o eren rra n eu eve 23 ZeroConfig Networkihg etre eet rettet eno ep oe ERE uoa ota e E ERES En ena h e Eye dores rpU uaa opa ae 24 WebConsole Security Options 4 ies bbri ei did kd Fd CHE Ap TEMPI DEPpEP IAM ERE MM PRM e e pA RA 25 Kil gp OVEIVIGW T 25 E sch Default Security Configuration civccvecc ccesccseetecesessccceecesessecneereesssaccederevesbecestedsesessvevesdtenees 26 Login R lES I EKIS 26 User Name and Password Rules s secccsoccoeesssecetese
229. uthorized representative of AMX has been advised of the possibility of any such damages This limitation of liability however will not apply to claims for personal injury Some states do not allow a limitation of how long an implied warranty last Some states do not allow the limitation or exclusion of inci dental or consequential damages for consumer products In such states the limitation or exclusion of the Limited Warranty may not apply This Limited Warranty gives the owner specific legal rights The owner may also have other rights that vary from state to state The owner is advised to consult applicable state laws for full determination of rights EXCEPT AS EXPRESSLY SET FORTH IN THIS WARRANTY AMX MAKES NO OTHER WARRANTIES EXPRESSED OR IMPLIED INCLUDING ANY IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE AMX EXPRESSLY DISCLAIMS ALL WARRANTIES NOT STATED IN THIS LIMITED WARRANTY ANY IMPLIED WARRANTIES THAT MAY BE IMPOSED BY LAW ARE LIMITED TO THE TERMS OF THIS LIMITED WARRANTY EXCEPT AS OTHERWISE LIMITED BY APPLICABLE LAW AMX RESERVES THE RIGHT TO MODIFY OR DISCONTINUE DESIGNS SPECIFICATIONS WARRAN TIES PRICES AND POLICIES WITHOUT NOTICE Table of Contents n T A Ra 1 NetLinx Integrated Controllers erret oerte teh retenue e oen eroe tte esa eae uaSe 1 DVX 2100HD Enova Total Environment Controller ceccceeeesese 2 About Thi
230. vice its associated property information is displayed in a mouse over popup dialog when the cursor hovers over the physical device ID see FIG 56 on page 66 Each entry in the table has one of four buttons to the right of the Physical Device D P S assignment Static Bound application devices will either be blank or display a Release button e Static Bound application devices that have not yet detected a physical device attached to their associated port have a blank button e Once a physical device is detected and its associated Duet module has been started a Release button is then displayed Click Release to force the associated Duet module to be destroyed and the firmware then returns to detecting any physical devices attached to the port Dynamic application devices either display a Bind or Unbind button e Dynamic application devices that have been bound display an Unbind button When the user selects Unbind any associated Duet module is then destroyed and the link between the application device and the physical device is then broken e Dynamic application devices that have not been bound to a physical device display a Bind button When this button is selected a secondary display appears with a listing of all available unbound physical devices that match the application device s Device SDK class type If a currently bound device needs to be replaced or a Duet Module needs to be swapped out the device should be unbound and the
231. w All Active Devices Device Properties pop up d NOTE Manage Devices Manage Polled Ports Click the Polled Ports link in the Manage Devices tab to access the Manage Polled Ports page FIG 61 The options on this page allow you to view modify settings for all polled ports in the System System Number 2 Fa EH System Number2 v REH r COGIN Welcome guest et ESS Manage Polled Ports View Modify all Polled Ports for Devices Device Options Bindings User Defined Devices Active Devices Polled Ports Select the port to edit poll settings Click to open the Edit Port Settings page Physical Port Status ele 5001 1 0 Polling Gar 5001 2 0 Polling Edi FIG 61 System Manage Devices Manage Polled Ports j Polled Ports must be specified in the Master s code in order for this page to be populated Editing Polled Port Settings Click the Edit button for a port in the Physical Port list to access the Edit Port Settings page FIG 62 ana ge NetLinx Edit Port Settings s ser v ve Devices Polled Ports Modify Settings for Selected Port Device Options Bindings User Defined Devices Active Devices Polled Ports Port 5001 1 0 Baud Rate 38400 v Data Bits 8 e Parit None Reset to Default Settings Stop Bits 1 v Flow Control None 485 Disabled v Cance f P FIG 62 Manage Polled Ports Edit Port Settings Use the drop d
232. w the format lt config action gt lt config string gt All characters of a configuration line both the action and the string are case sensitive and white space is relevant Lines beginning with a symbol are considered comments and are subsequently ignored during the loading process All references to the Master s IP address in configuration lines can be substituted by 7LOCAL_ADDR in order to provide flexibility and reuse of an IPSec Config file At boot all occurrences of LOCAL ADDR 46 will be replaced by the actual IP address of the Master In this way a single IPSec configuration file can be uploaded to multiple Masters that are to be configured with the same IPSec configuration without having to specify the Master s local IP Address directly The IPSec Configuration file is loaded onto the Master via the Master s Web interface under Security gt IPSec Security Settings The following are the list of configuration lines supported by the AMX IPSec Configuration file Internet Key Exchange IKE ikeAddPeerAuth ikeAddPeerAuth NAME ikeAddPeerAuth add a peer s authentication information SYNOPSIS ikeAddPeerAuth configString DESCRIPTION This rule is used to specify IKE authentication information between the host and a peer This rule may be called multiple times to define a set of peers with which the host will conduct IKE negotiations NOTE Specifying KEYPFS to this function will not enable perfect forwa
233. wo digits If the IR code for ENTER function 21 is loaded an Enter will follow the number If the channel is greater than or equal to gt 100 then IR function 127 or 20 whichever exists is generated for the one hundred digit Uses CTON and CTOF times for pulse times Syntax SEND COMMAND lt DEV gt CH lt channel number gt Variable channel number 0 199 Example SEND COMMAND IR 1 CH 18 This device performs the following Transmits IR signals for 1 IR code 11 The transmit time is set with the CTON command Waits until the time set with the CTOF command elapses Transmits IR signals for 8 IR code 18 Waits for the time set with the CTOF command elapses If the IR code for Enter IR code 21 is programmed the Controller performs the following steps 1 Transmits IR signals for Enter IR code 21 2 Waits for the time set with the CTOF command elapses CP Halt and Clear all active or buffered IR commands and then send a single IR pulse You can set the Pulse and Wait times with the CTON and CTOF commands Syntax SEND COMMAND lt DEV gt CP lt code gt Variable code IR port s channel value 0 252 253 255 reserved Example SEND COMMAND IR 1 CP 2 Clears the active buffered commands and pulses IR 1 port s channel 2 CTOF Set the duration of the Off time no signal between IR pulses for channel and IR function transmissions Off time settings are st
234. ypad numbers For example hold ALT hit the keypad 1 then hit keypad 0 then release ALT The standard line feed code is entered decimal 10 Windows will perform an ANSI to OEM conversion on some codes entered this way because of the way Windows handles languages and code pages The following codes are known to be altered but others may be affected depending on the computer s setup Characters 15 21 22 and any characters above 127 This affects both Windows Telnet and Terminal programs Linux Telnet Client The Linux Telnet client has three anomalies that are known at this time A null 00 character is sent after a carriage return Ifan ALT 255 is entered two 255 characters are sent per the Telnet RAFT Ifthe code to go back to command mode is entered ALT 29 which is the character is not sent but Telnet command mode is entered Terminal Program Port Telnet Commands 124 NetLinx Integrated Controllers WebConsole amp Programming Guide FMv3 Appendix A IPSec Configuration File IPSec Config file The IPSec Configuration file contains user specified IPSec rule definitions to be applied to the running IPSec database The IPSec Configuration file is read at boot up and the individual lines are applied to the IPSec database Configuration lines are applied to the database in the order that they appear in the configuration file Each line of the configuration file represents an individual rule All lines follo
Download Pdf Manuals
Related Search