NetLinx Security and Web Server | AMX NI-3000, NI-4000, NI-2000

NetLinx Security and Web Server

4.Enter the name of the server being used (this is the Master).

The server name is the name as it shows up in the URL of the Master you are securing with this server certificate. For example, if the URL of the Master will be https://www.myNetLinxMaster.com/, then enter the server name as www.myNetLinx Master.com.

5.Send the CA the text created by your certificate request through the Master. Refer to

the Creating a Request for a SSL Server Certificate section on page 83 for the procedures necessary to generate the certificate text file.

6.Place your cursor within the certificate text field of the Export Certificate window of the Security tab.

7.Press the Ctrl + A keys simultaneously on your keyboard (this selects all the text within the field).

YOU MUST COPY ALL OF THE TEXT within this field, including the -----BEGIN

CERTIFICATE REQUEST----- and the -----END CERTIFICATE REQUEST-----.

Without this text included in the CA submission, you will not receive CA approved certificate.

8.Press the Ctrl + C keys simultaneously on your keyboard (this takes the blue selected text within the field and copies it to your temporary memory/clipboard).

9.Paste (using Ctrl + V) this text into the Submit Request field on the CA’s Retrieve Certificate web page.

10.Choose to view the certificate response in raw DER format.

11.Note the Authorization Code and Reference Number (for use in the e-mail submission of the request).

12.Submit the request.

13.Paste this certificate text field (copied from steps 7 & 8 above) into your e-mail document and then send that information to a CA with its accompanying certificate application.

14.Complete the certificate installation procedures outlined in the Creating a Request for a SSL Server Certificate section on page 83.

NetLinx Integrated Controllers	87

Image 93

AMX NI-3000, NI-4000, NI-2000 instruction manual NetLinx Security and Web Server

Contents

NetLinx Integrated Controllers AMX Limited Warranty and Disclaimer Table of Contents Installation and Upgrading NetLinx Security with a Terminal Connection Troubleshooting 125 NetLinx Integrated Master Controller Features NI-2000 Specifications NI-2000 Specifications Rear Panel Components Front Panel Components D notation is used to explicitly represent a device number NI-3000 Specifications Included AccessoriesOptional Accessories ICSNet AXLink LED RS-232/422/485 Ports ICSHub Out GreenRelays IR/Serial Ports Ethernet AXLink Program NI-3000 Specifications Power requirementsCompact Flash Rear Panel Components Turns Off when the speed is 10 Mbps Whether to use half duplex or full duplex modeOne 10-pin 3.5 mm mini-Phoenix female I/O connector Two 8-pin 3.5 mm mini-Phoenix female Relay connector NI-4000 NetLinx Integrated Controller front view NI-4000 Specifications NI-4000 Specifications Rear Panel Components D notation is used to explicitly represent a device number Two CC-NIRC IR Emitters FG10-000-11 Pin Black Male Phoenix Connector 3.5mmRemovable rack ears. Allows for tabletop, under-counter, Front/rear rack mounting Configuration and Communication Installation Procedures Program NetLinx Security into the On-Board Master Update the Controller and Control Card FirmwareStudio to the most recent release IP recommended Baud rate settings Setting the Configuration DIP Switch for the Program PortBaud Rate Settings on the Configuration DIP Switch Program Run Disable PRD mode Using the Configuration DIP switch Wiring GuidelinesModes and Front Panel LED Blink Patterns Modes and LED Blink Patterns Wiring length guidelines Preparing captive wiresWiring Guidelines NI-4000 & NI-3000@ 900 mA Wiring Guidelines NI-2000 @ 700 mA AXlink/PWR connector Using the 4-pin mini-Phoenix connector for data and powerAXlink/PWR connector PWR + GND Top view Local +12 VDC power supply coming from the PSN power supply Program Port Connections and Wiring RS-232/422/485 Device Port Wiring SpecificationsProgram Port, Pinouts, and Signals RS-232/422/485 Device Port Wiring Specifications ICSNet RJ-45 Connections/WiringICSNet RJ-45 Signals RJ-45 Pinout Information EIA/TIA 568 B ICSHub OUT Pinouts and Signals Ethernet 10/100 Base-T RJ-45 Connections/WiringEthernet RJ-45 Pinouts and Signals ICSHub OUT port Ethernet LEDs Relay Connections and WiringEthernet ports used by the Integrated Controllers Ethernet Ports Used by the NetLinx Integrated Controllers Relay connections Input/Output I/O Connections and Wiring Port Wiring Specifications NI-4000 and NI-3000 IR/Serial Connections and WiringPort Wiring Specifications NI-2000 IR/Serial Connector Wiring Specifications NetLinx Control Card 20-pin connector NetLinx Control Card Slot Connector NI-4000 unit only Connections and Wiring Installing NetLinx Control Cards NI-4000 Only Thumbscrews NXC Card Slot faceplateCard slots Sample NXC cards Internal Guide slots DevicePortSystem DPS Setting the NetLinx Control Card Addresses NI-4000 OnlyStructure DEV 192 384 768 1536 Optional Compact Flash Upgrades Compact Flash UpgradesCarefully Detach ALL Connectors from the rear of the unit Removing NetLinx Control Cards NI-4000 Only Installation of Compact Flash upgrades Removing the Compact Flash card Closing and Securing the Integrated Controller Install screws Bracket Rack Mounting Holes Installing the Integrated Controller into an Equipment Rack Installation and Upgrading Installation and Upgrading Before beginning Communicating with the Master via the Program Port Setting the System Value Select Diagnostics Device Addressing from the Main menuDefault setting for these units is Using multiple NetLinx Masters Device Addressing dialog changing the device value Changing the Device Address on a NetLinx Device Resetting the Factory Default System and Device Values Recommended NetLinx Device numbersAxcess Devices use Axcess standards Used to assign an IP Address Used to obtain an Obtaining the Master’s IP Address using Dhcp Select Diagnostics Network Addresses from the Main menu Assigning a Static IP to the NetLinx MasterUsed to assign an IP Address Communicating with the On-board Master via an IP Assigning Communication Settings and TCP/IP Settings Upgrading the On-board Master Firmware via an IP Verifying the current version of NetLinx Master Firmware Selected on-board Master Firmware file Firmware download statusDevice and System Number Upgrading the NI Controller Firmware via an IP Sample NetLinx Workspace window Upgrading the new NI Controller firmware via an IP Firmware file NIX000 Firmware download status Selected Integrated Controller Upgrading the Control Card Firmware via an IP Firmware file Firmware download status Selected Control Card Supported Browser and Feature Compatibility NetLinx Security web browser and feature supportOS Platform Safari Yes New Master Firmware Security Features NetLinx Security TermsNetLinx Security Terms WebControl Tab Accessing the NetLinx Master via its IP Address Default Security Configuration WebControl Tab FeaturesDefault Security Configuration Feature Description System section Security Tab FeaturesSecurity Tab Groups section Security System Features Security tab Enable Security Default password can no longer be used to gain access Administrator’s user passwordsSecurity tab Add Group Add Group Entries Modify Group Entries Security tab Modify Group Security tab Group Directory Associations Valid Directory Association Entries Group Directory Association EntriesPath Description Security tab Add User Security Config AccessAdd User Entries Sensitive and must be unique Modify User Entries Security tab Modify User Must be unique Security tab User Directory Associations User Directory Association Entries Enables access to the user directory and all filesSubdirectories in that user directory New user is selected Security tab SSL Server Certificate Server Certificate EntriesCommon Name can not be an IP Address Is an alpha-numeric string 1 50 characters in length Information from the certificate currently installed onCreate Request Takes the information entered into Previous fields and generates its own SSL Certificate Security tab Import Certificate Security tab Export Certificate Request System Tab Show Devices TabNetwork Tab Security tab showing NetLinx Master security options Master Security Setup Procedures Security tab showing the Add Group fields Adding a Group and assigning their access rights Security tab showing the Modify Group access rights fields Modifying an existing Group’s access rights Deleting an existing Group Showing a list of authorized Groups Security tab showing the Group Directory Associations fields Adding a Group directory association Confirming the new directory association Click the Directory Associations linkDeleting a directory association NetLinx cannot be used since they already exist Adding a User and configuring their access rights Security tab showing the Modify User Configurations fields Modifying an existing User’s access rights Deleting a User Showing a list of authorized Users Security tab showing the User Directory Associations fields Adding a User directory association SSL Certificate Procedures City/province name must be fully spelled out Self-Generating a SSL Server Certificate Request State/province name must be fully spelled out Creating a Request for a SSL Server Certificate YOU can not Request Another Certificate Until the Previous Before importing a CA server certificate, you must Regenerating an SSL Server Certificate Request Display SSL Server Certificate Information Before exiting the Master and beginning another session Common Steps for Requesting a Certificate from a CA NetLinx Security and Web Server Security Alert and Certificate popups Accessing an SSL-Enabled Master via an IP Address Click Next to proceed with the certificate storage process G3 panel G4 panel Using your NetLinx Master to control the G4 panel WebControl VNC installation and Password entry screens Using your NetLinx Master to control the G3 panel What to do when a Certificate Expires Initial Setup via a Terminal Connection NetLinx Security FeaturesNetLinx Security Features Establishing a Terminal connection Stop bits1, and Flow control None default is Hardware Accessing the Security configuration options Terminal Security Options Menu Command DescriptionOption 2 Display system security options for NetLinx Master Option 3 Add user Edit User Menu Option 4 Edit User Edit User Menu Option 5 Delete user Access Rights MenuOption 6 Show the list of authorized users Option 7 Add Group Path Subdirectories in the user directoryGranted to that file Edit Group menu Delete directory association Option 9 Delete Group Option 8 Edit Group Option 12 Display Telnet Timeout in seconds Option 11 Set Telnet Timeout in secondsOption 10 Show List of Authorized Groups Option 13 Make changes permanent by saving to flash Main Security Menu Main Security Menu Command Help Menu Options Help menu Logging Into a Session Setup Security LogoutHelp Security Using the ID Button Converting Axcess Code to NetLinx CodeDevicePortSystem DPS Program Port Commands PC COM Port Communication SettingsProgram Port Commands Sendcommand Reboot DPSGET IP DPS MEM SET Time SET IP DPSSET URL DPS Show Device DPS Escape Pass Codes ESC Pass CodesWindowsTM client programs + + ESC ESC RS-232/422/485 SendCommands LED Disable/Enable SendCommandsRS232/422/485 Ports Channels Linux Telnet client Sendcommand RS2321,B9MON Sendcommand DEV,B9MONSendcommand RS2321,CHARD10 Sendcommand RS2321,CHARDM10 Sendcommand RS2321,HSON Sendcommand DEV,HSONSendcommand DEV,RXCLR Sendcommand RS2321,RXCLR RS-232/422/485 SendString Escape Sequences RS-232/422/485 SendString Escape Sequences IR/Serial SendCommands IR/Serial SendCommandsIR / Serial Ports Channels IR RX Port Channels Sendcommand IR1,CP,2 Sendcommand IR1, CH,18Sendcommand IR1,CTOF,10 Sendcommand IR1,CTON,20 Sendcommand IR1,GET Mode Sendcommand DEV, GET ModeSendcommand DEV,IROFF Sendcommand IR1,IROFF Sendcommand IR1, PTON,15 Sendcommand IR1, PTOF,15Sendcommand IR1, SET IO Link Sendcommand IR1, SET Mode IR Sendcommand IR1, XCH Sendcommand IR1,XCHM Sendcommand DEV,GET Input Chan Input/Output SendCommandsSendcommand IO,GET Input Sendcommand IO,SET Input 1 High Programming 124 Troubleshooting Information SET Ethernet Mode 10 Full SET Ethernet Mode 10 HalfSET Ethernet Mode 100 Half SET Ethernet Mode 100 Full Install the last component Symptom Solution During the firmware upgradeIP section on page 46 for detailed procedures Process, NetLinx Studio failed to RevisionLast12/10/04