Manuals / Brands / Computer Equipment / Network Card / AMX / Computer Equipment / Network Card

AMX NI-2000/3000/4000, NI-2100/3100/4100, NXC-ME260/64 mkmSetOutboundAH

1 154

Download 154 pages, 4.1 Mb

Appendix A: IPSec Configuration File

136 NI Series WebConsole & Programming Guide

mkmSetOutboundAH

mkmSetOutboundAH

NAME mkmSetOutboundAH – set the transform ID and key for an outbound AH SA

SYNOPSIS mkmSetOutboundAH=cptr_value_string

DESCRIPTION This rule sets the transform ID and key for an outbound AH SA.

Rule Value:

cptr_value_string

A string formatted as follows:

saNumber,spi,ahTransformID,key

where

- saNumber is a unique unsigned integer specified by the user.

- spi is the decValue for the security parameter index, an unsigned long. SPI >255 and

SPI < SPI_BOUNDARY, which is defined as 2048.

- ahTransformID is:

MD5 | SHA | HMAC-MD5 | HMAC-SHA | HMAC-SHA2-256 | HMAC-SHA2-384 |

HMAC-SHA2-512 | HMAC-RIPEMD | AES-XCBC-MAC

Note that MD5 (deprecated) is equivalent to HMAC-MD5; SHA (deprecated) is equivalent to

HMAC-SHA.

- key is the authentication algorithm key in hexadecimal. It must be 32 characters for MD5; 40

characters for SHA; 64 characters for SHA2-256; 96 characters for SHA2-384; 128 charac-

ters for SHA2-512; and 40 characters for RIPEMD.

The traffic selectors for the transport or tunnel SA should be added before attempting to set

the transform and keys for the same Security Association (identified by SA Number).

EXAMPLES mkmSetOutboundAH=0,258,HMAC-MD5,123456789ABCDEF0FEDCBA987654321

Config String

Format saNumber.spi,ahTransformID,key

Contents

Main AMX Limited Warranty and Disclaimer Table of Contents Initial Configuration and Firmware Upgrade ...................................................... 5 Onboard WebConsole User Interface ...............................................................21 WebConsole - WebControl Options ................................................................. 25 Page Page Terminal (Program Port/Telnet) Commands .....................................................91 Appendix B: Clock Manager NetLinx Programming API ................................141 Page Overview NetLinx Integrated Controllers About This Document Related Documents Quick Setup and Configuration Overview Installation Procedures Configuration and Communication Update the On-board Master and Controller Firmware Configure NetLinx Security on the NI Controller Page Initial Configuration and Firmware Upgrade Before You Start 1. 2. 3. 4. Obtaining the NI Controllers IP Address (using DHCP) 1. 2. 3. Page Assigning a Static IP to the NI Controller 12. Communicating Via an IP 1. 2. 3. 4. 5. Page Verifying the Firmware Version On the Master 1. 2. 3. 4. Upgrading the On-board Master Firmware via an IP 1. 2. 3. 4. 7. 8. 9. 10. 11. Upgrading the NI Controller Firmware Via IP 5. 6. 7. 8. 9. 10. 11. 12. 13. If The Connection Fails Upgrading NXC Card Firmware Via IP 1. 2. 3. 4. Page Resetting the Factory Default System and Device Values Page Onboard WebConsole User Interface WebConsole UI Overview Accessing the WebConsole 1. 2. Device Tree Device Network Settings Pages Page WebConsole - WebControl Options Manage WebControl Connections Compression Options Page WebConsole - Security Options Security Overview Default Security Configuration Login Rules User Name and Password Rules System Security - System Level System Level Security - System Security Settings System Security Access Options System Security Access Options WebConsole - Security Options 31 Accepting Changes FIG. 19 System Level Security - IPSec Security Settings FIG. 18 Configuring Settings 1. 2. Uploading an Configuration File 1. 2. Managing Certificate Files AMX IPSec Configuration file System Security - Group Level 6. Group and User Security Access Options Group and User Security Access Options (Cont.) Page Deleting a Group 1. 2. 3. System Security - User Level Page 3. WebConsole - System Options System Overview System - Manage System Manage System - System Number Changing the System Number On the Master 1. 2. 3. Using Multiple Netlinx Masters Manage System - Control/Emulate Options Page 4. 5. 6. Manage System - Diagnostics Options c. 2. 3. 4. Diagnostics Options Definitions Disabling all Diagnostic Options For a Device Creating and Recalling Diagnostics Presets 1. 2. 3. 4. Manage System - Server Options Port Settings Server Port Settings The following table describes each of the Port Settings presented on this page: Server Port Settings SSL Certificate Options Creating an SSL Server Certificate 1. Certificate window (FIG.37). 2. section below. 3. Page Page Page Manage System - Clock Manager Options Setting the Mode for the Clock Manager 1. Page Page System - Manage License Page System - Manage NetLinx Page System - Manage Devices Manage Devices - Device Options Configuring Device Binding Options 1. 2. Managing Device Modules 1. 2. 3. Binding Options (Cont.) 1. 2. 3. Manage Devices - Bindings Configuring Application-Defined Devices Sample code can be found within the DEFINE_START section, as shown in FIG.48: Application Devices and Association Status Viewing Physical Device Properties Manage Devices - User-Defined Devices Adding a User-Defined Device 1. 2. User-Defined Device Information Fields 3. 4. Manage Devices - View All Active Devices Searching For All Compatible Duet Modules for a Selected Device 1. 2. 3. Viewing Physical Device Properties Manage Devices - Manage Polled Ports Editing Polled Port Settings Page Programming Overview Master Send_Commands Master Send_Commands Master IP Local Port Send_Commands Master Send_Commands (Cont.) Master IP Local Port Send_Commands LED Disable/Enable Send_Commands RS232/422/485 ports are Ports 1-2 (NI-700) and Port 1 (NI-900). Port Assignments By NI Model RS232/422/485 Ports Channels Port Assignments By NI Model RS-232/422/485 Send_Commands RS-232/422/485 Send_Commands Page Page RS-232/422/485 Send_String Escape Sequences RS-232/422/485 Send_String Escape Sequences IR / Serial Ports Channels IR RX Port Channels IR/Serial Send_Commands RS-232/422/485 Send_String Escape Sequences (Cont.) IR / Serial Ports Channels Page Page Page Page Page Input/Output Send_Commands The following Send_Commands program the I/O ports on the Integrated Controller. I/O ports: Port 4 (NI-700). Channels: 1 - 8 I/O channels. I/O Send Commands Terminal (Program Port/Telnet) Commands Overview 5. Establishing a Terminal Connection Via the Program Port 1. Establishing a Terminal Connection Via Telnet 1. 2. 3. 4. 5. Terminal Commands Terminal Commands Page Page Page Page Page Page Page Page Page Page Page Page ESC Pass Codes Escape Pass Codes Accessing the Security Configuration Options 1. 2. 3. Setup Security Menu The Setup Security menu is described below: Setup Security Menu Security Options Menu Setup Security Menu (Cont.) Security Options Menu Edit User Menu Edit Group Menu Edit User Menu Edit Group Menu Access Rights Menu 3. Adding a Group 1. a group account. A sample session response is: 2. Edit Group Menu: Add Directory Association 1. Default Security Configuration Logging Out of a Terminal Session Notes on Specific Telnet/Terminal Clients WindowsTM Client Programs Linux Telnet Client Appendix A: IPSec Configuration File IPSec Config file Internet Key Exchange (IKE) ikeAddPeerAuth ikeAddPeerAuth ikeAddPeerAuth (Cont.) ikeSetProp ikeSetProp ikeSetPropAttrib ikeSetPropAttrib Security Policy Database (SPD) spdAddTransport spdAddTransport SpdAddTunnel SpdAddTunnel SpdAddBypass SpdAddBypass SpdAddDiscard SpdAddDiscard SpdSetProp SpdSetProp 125 Pre-defined Phase II transform names 126 NI Series WebConsole & Programming Guide Page SpdSetPropAttrib SpdSetPropAttrib spdSetSA SpdSetPropAttrib (Cont.) spdSetSA Manual Key Manager (MKM) mkmAddBypass mkmAddBypass mkmAddDiscard mkmAddDiscard mkmAddTransport mkmAddTransport mkmAddTunnel mkmAddTunnel mkmSetInboundAH mkmSetInboundAH mkmSetInboundESP mkmSetInboundESP mkmSetOutboundAH mkmSetOutboundAH mkmSetOutboundESP mkmSetOutboundESP Sample IPSec Configuration File The following is a sample IPSec configuration file: IPSec Web Configuration Interface Page Appendix B: Clock Manager NetLinx Programming API 141 Appendix B: Clock Manager NetLinx Programming API behavior. *) Types/Constants The NetLinx.axi file that will ship with NetLinx Studio includes the following types/constants: Library Calls NetLinx.axi - Library Calls Page NetLinx.axi - Library Calls (Cont.)