Digi W N f i g u r i n g S e c u r i t y F e a t u r e s, Controlling Access to the Configuration

Page 57

Chapter 12

C o n f i g u r i n g S e c u r i t y F e a t u r e s

Controlling Access to the Configuration

Controlling access of device server restricts access to the configuration by defining the following types of users:

•The root user, who has unlimited access to device server com- mands. He or she can view any configuration table and change any configuration parameter. The root is identified by the user name root and must supply a password to be authenticated. The default root password is dbps. You should change this password immedi- ately.

•Regular users, who have much more restricted access to device server commands. Regular users can view some configuration tables and can change some configuration parameters related to their own sessions and passwords. See the Digi One/PortServer TS Command Reference for information on the limitations placed on regular users for each command.

Controlling Access to Inbound Ports

This section describes methods of controlling access to inbound serial ports. An inbound port is one defined on the dev field of the set ports command for one of the following device types:

•term (used to define terminal connections)

•min (used to define incoming modem connections)

•mio (used to define bi-directional modem connections)

•hdial, hio (used to define computer connections)

Default Access Restrictions

The default configuration for inbound ports is that a login and password are required to access them.

Options for Removing Access Restriction

The login and password requirement for inbound ports can be changed by configuring

•The port so that it does not require a login and password. In this case, no one is required to supply a login or password.

•Specific users so that they do not require a password. In this case, some users do not supply passwords and others are required.

Procedure for Changing a Port’s Access Requirements

To configure a port so that no one has to login or specify a password, supply a set logins command that specifies the following:

set logins range=range login=off passwd=off

Chapter 12 Configuring Security Features

57

Image 57

Contents Digi TS W Family 9000329B Configuring the IP Address Chapter Configuring WirelessN t e n t s Chapter IntroductionConfiguring the Serial Ports Setting Up RealPortChapter Configuring PPP Chapter Configuring AutoconnectionConfiguring Security Features Configuring IP RoutingConfiguring DNS Configuring the Digi Device for IAIndustrial AutomationConfiguring Snmp Configuring UsersReference and Certifications Configuring Power Over the Serial PortsContents T r o d u c t i o n Setup OverviewSupported Devices About Entering Commands on the Command LineAbout This Guide Other Documents in the LibraryAbout Configuration Methods Configuration Prerequisites N f i g u r i n g W i r e l e s s Configuration ConsiderationsSelect Discover Digi Device from the CD Configuring Wireless Configuring Wireless Configuring Wireless Configuring Wireless N f i g u r i n g t h e I P a d d r e s s Options for Configuring the IP Address and MaskConfiguring the IP Address Using ARP-Ping Configuring the Ethernet Interface from the Command Line Configuring an IP Address using Dhcp and Rarp About RealPort T t i n g U p R e a l P o r tSetting Up RealPort Configuring the Serial Port Settings with the Web Interface Options for Configuring the Serial PortsConfiguring the Serial Port Settings from the Command Line N f i g u r i n g P P P Configuring Inbound PPP ConnectionsConfiguring Outbound PPP Connections Command Line Configuring Inbound PPP Connections ExampleProcedure Sample Use the following table for additional configurations Configuring PPP D e m E m u l a t i o n Modem Emulation Digi One TS and PortServer TS 2/4 MEI onlyCommon User Scenarios Serial Device Digi Device Server Modem Emulation Cable SignalsApplication AT Com Digi Device Server Response Mand Originating, Answering, and Disconnecting CallsServer. P represents a one second pause Code Modem Emulation AT Command Set Function ResultATP Function ResultATXn Accepted but ignored There is no Nvram support currently AT+MS Ascii Registers Function Range Units Saved DefaultRegister Function Range Units Saved Default Register Function Range Units Saved Default 17 11h =XON/XOFF &K4 Result Codes Short Long Form Modem Emulation Commands for Configuring Autoconnection by Port or by User Configuring a Port for Autoconnection Web InterfaceConfiguring a User for Autoconnection Web Interface N f i g u r i n g a u t o c o n n e c t i o nConfiguring UDP Multicast Configuring TCP Socket CommunicationClick Serial Ports Click Change ProfileClick Change Profile and select UDP Socket Configuring Autoconnection N f i g u r i n g I P R o u t i n g Configuring Static RoutesConfiguring Dynamic Routes Using RIP Configuring Proxy ARP Configuring IP Routing Controlling Access to the Configuration Controlling Access to Inbound PortsN f i g u r i n g S e c u r i t y F e a t u r e s Controlling Access to the Command Line Controlling Access to Outbound PortsIssuing User Passwords Configuring SSH Version 2 for Secure CommunicationDevice Required Hardware Firmware Http Controlling Access to ServicesSnmp SSH Configuring Security Features Configuring the User-Defined Protocol Configuring ModbusConfiguring the Digi Device for IA Industrial Automation About the Domain Name System N f i g u r i n g D N SConfiguration Procedures About Snmp and the Device Server Agent N f i g u r i n g S N M PMIB Configuration Procedure Web InterfaceCommon User Features About Configuring UsersFeature Description Set user Field N f i g u r i n g U s e r sConfiguring a User Web Interface Commands for Configuring a UserClick New User Upgrading the Firmware Copying the Configuration to and from a Remote HostResetting Device Server Configuration to Defaults Commands for Resetting the Configuration to Defaults Managing the OS and Configuration Configuring RI Power Serial Power FeatureConfiguring DTR Power DTR on DTR OFF Serial Power TableConfiguring Power Over the Serial Ports F e r e n c e a n d C e r t i f i c a t i o n s Interpreting the LEDsColor State Indicates RJ-45 Pinouts EIA-232 EIA-422/485 EIA-485 Half Full-Duplex Environmental CertificationsDigi Contact Information Digi Contacts Reference and Certifications