Manuals / Brands / Computer Equipment / Network Card / AMX / Computer Equipment / Network Card

AMX NI-2000/3000/4000, NI-2100/3100/4100, NXC-ME260/64 SpdAddDiscard

1 154

Download 154 pages, 4.1 Mb

Appendix A: IPSec Configuration File

123

NI Series WebConsole & Programming Guide

SpdAddDiscard

SpdAddDiscard

NAME spdAddDiscard – create a discard policy in the SPD

SYNOPSIS spdAddDiscard=pConfStr

DESCRIPTION This rule creates a discard policy in the SPD.

Rule Value:

pConfStr

A stringValue specifier formatted as follows:

protocolSelector[/destinationPort/sourcePort],

destinationAddressSelector, sourceAddressSelector,

directionality,mirroring

where

- protocolSelector is a decValue IANA protocol number or ANY (6 for TCP or 17 for UDP).

- destinationPort is a decValue port number or ANY.

- sourcePort is a decValue port number or ANY.

- destinationAddressSelector is an address in the format:

ipAddress1[-ipAddress2 | /ipMaskPrefix].

- sourceAddressSelector is an address in the format:

ipAddress1[-ipAddress2 | /ipMaskPrefix].

- directionality is IN (for inbound) or OUT (for outbound). If IN, this policy applies to traffic

coming into the current host. If OUT, it applies to traffic going out of the current host.

- mirroring is NOTMIRRORED or MIRRORED. NOTMIRRORED creates a policy only in the

specified direction. MIRRORED creates two policies, one in each direction.

EXAMPLES IPv4:

spdAddDiscard=17/17185/0,0.0.0.0/0,0.0.0.0/0,IN,NOTMIRRORED

IPv6:

spdAddDiscard=17/17185/0,::/0,::/0,IN,NOTMIRRORED

Config String

Format

protocolSelector[/destinationPort/sorucePort],

destinationAddressSelector,sourceAddressSelector,directionality,

mirroring

Contents

Main AMX Limited Warranty and Disclaimer Table of Contents Initial Configuration and Firmware Upgrade ...................................................... 5 Onboard WebConsole User Interface ...............................................................21 WebConsole - WebControl Options ................................................................. 25 Page Page Terminal (Program Port/Telnet) Commands .....................................................91 Appendix B: Clock Manager NetLinx Programming API ................................141 Page Overview NetLinx Integrated Controllers About This Document Related Documents Quick Setup and Configuration Overview Installation Procedures Configuration and Communication Update the On-board Master and Controller Firmware Configure NetLinx Security on the NI Controller Page Initial Configuration and Firmware Upgrade Before You Start 1. 2. 3. 4. Obtaining the NI Controllers IP Address (using DHCP) 1. 2. 3. Page Assigning a Static IP to the NI Controller 12. Communicating Via an IP 1. 2. 3. 4. 5. Page Verifying the Firmware Version On the Master 1. 2. 3. 4. Upgrading the On-board Master Firmware via an IP 1. 2. 3. 4. 7. 8. 9. 10. 11. Upgrading the NI Controller Firmware Via IP 5. 6. 7. 8. 9. 10. 11. 12. 13. If The Connection Fails Upgrading NXC Card Firmware Via IP 1. 2. 3. 4. Page Resetting the Factory Default System and Device Values Page Onboard WebConsole User Interface WebConsole UI Overview Accessing the WebConsole 1. 2. Device Tree Device Network Settings Pages Page WebConsole - WebControl Options Manage WebControl Connections Compression Options Page WebConsole - Security Options Security Overview Default Security Configuration Login Rules User Name and Password Rules System Security - System Level System Level Security - System Security Settings System Security Access Options System Security Access Options WebConsole - Security Options 31 Accepting Changes FIG. 19 System Level Security - IPSec Security Settings FIG. 18 Configuring Settings 1. 2. Uploading an Configuration File 1. 2. Managing Certificate Files AMX IPSec Configuration file System Security - Group Level 6. Group and User Security Access Options Group and User Security Access Options (Cont.) Page Deleting a Group 1. 2. 3. System Security - User Level Page 3. WebConsole - System Options System Overview System - Manage System Manage System - System Number Changing the System Number On the Master 1. 2. 3. Using Multiple Netlinx Masters Manage System - Control/Emulate Options Page 4. 5. 6. Manage System - Diagnostics Options c. 2. 3. 4. Diagnostics Options Definitions Disabling all Diagnostic Options For a Device Creating and Recalling Diagnostics Presets 1. 2. 3. 4. Manage System - Server Options Port Settings Server Port Settings The following table describes each of the Port Settings presented on this page: Server Port Settings SSL Certificate Options Creating an SSL Server Certificate 1. Certificate window (FIG.37). 2. section below. 3. Page Page Page Manage System - Clock Manager Options Setting the Mode for the Clock Manager 1. Page Page System - Manage License Page System - Manage NetLinx Page System - Manage Devices Manage Devices - Device Options Configuring Device Binding Options 1. 2. Managing Device Modules 1. 2. 3. Binding Options (Cont.) 1. 2. 3. Manage Devices - Bindings Configuring Application-Defined Devices Sample code can be found within the DEFINE_START section, as shown in FIG.48: Application Devices and Association Status Viewing Physical Device Properties Manage Devices - User-Defined Devices Adding a User-Defined Device 1. 2. User-Defined Device Information Fields 3. 4. Manage Devices - View All Active Devices Searching For All Compatible Duet Modules for a Selected Device 1. 2. 3. Viewing Physical Device Properties Manage Devices - Manage Polled Ports Editing Polled Port Settings Page Programming Overview Master Send_Commands Master Send_Commands Master IP Local Port Send_Commands Master Send_Commands (Cont.) Master IP Local Port Send_Commands LED Disable/Enable Send_Commands RS232/422/485 ports are Ports 1-2 (NI-700) and Port 1 (NI-900). Port Assignments By NI Model RS232/422/485 Ports Channels Port Assignments By NI Model RS-232/422/485 Send_Commands RS-232/422/485 Send_Commands Page Page RS-232/422/485 Send_String Escape Sequences RS-232/422/485 Send_String Escape Sequences IR / Serial Ports Channels IR RX Port Channels IR/Serial Send_Commands RS-232/422/485 Send_String Escape Sequences (Cont.) IR / Serial Ports Channels Page Page Page Page Page Input/Output Send_Commands The following Send_Commands program the I/O ports on the Integrated Controller. I/O ports: Port 4 (NI-700). Channels: 1 - 8 I/O channels. I/O Send Commands Terminal (Program Port/Telnet) Commands Overview 5. Establishing a Terminal Connection Via the Program Port 1. Establishing a Terminal Connection Via Telnet 1. 2. 3. 4. 5. Terminal Commands Terminal Commands Page Page Page Page Page Page Page Page Page Page Page Page ESC Pass Codes Escape Pass Codes Accessing the Security Configuration Options 1. 2. 3. Setup Security Menu The Setup Security menu is described below: Setup Security Menu Security Options Menu Setup Security Menu (Cont.) Security Options Menu Edit User Menu Edit Group Menu Edit User Menu Edit Group Menu Access Rights Menu 3. Adding a Group 1. a group account. A sample session response is: 2. Edit Group Menu: Add Directory Association 1. Default Security Configuration Logging Out of a Terminal Session Notes on Specific Telnet/Terminal Clients WindowsTM Client Programs Linux Telnet Client Appendix A: IPSec Configuration File IPSec Config file Internet Key Exchange (IKE) ikeAddPeerAuth ikeAddPeerAuth ikeAddPeerAuth (Cont.) ikeSetProp ikeSetProp ikeSetPropAttrib ikeSetPropAttrib Security Policy Database (SPD) spdAddTransport spdAddTransport SpdAddTunnel SpdAddTunnel SpdAddBypass SpdAddBypass SpdAddDiscard SpdAddDiscard SpdSetProp SpdSetProp 125 Pre-defined Phase II transform names 126 NI Series WebConsole & Programming Guide Page SpdSetPropAttrib SpdSetPropAttrib spdSetSA SpdSetPropAttrib (Cont.) spdSetSA Manual Key Manager (MKM) mkmAddBypass mkmAddBypass mkmAddDiscard mkmAddDiscard mkmAddTransport mkmAddTransport mkmAddTunnel mkmAddTunnel mkmSetInboundAH mkmSetInboundAH mkmSetInboundESP mkmSetInboundESP mkmSetOutboundAH mkmSetOutboundAH mkmSetOutboundESP mkmSetOutboundESP Sample IPSec Configuration File The following is a sample IPSec configuration file: IPSec Web Configuration Interface Page Appendix B: Clock Manager NetLinx Programming API 141 Appendix B: Clock Manager NetLinx Programming API behavior. *) Types/Constants The NetLinx.axi file that will ship with NetLinx Studio includes the following types/constants: Library Calls NetLinx.axi - Library Calls Page NetLinx.axi - Library Calls (Cont.)