Manuals / AMX / Computer Equipment / Network Card

AMX NI-4000, NI-3000, NI-2000 instruction manual Accessing an SSL-Enabled Master via an IP Address

Models: NI-2000 NI-4000 NI-3000

1 134

Download 134 pages 57.78 Kb

Page 94

Accessing an SSL-Enabled Master via an IP Address

NetLinx Security and Web Server

Accessing an SSL-Enabled Master via an IP Address

1.Enter the IP Address of the target Master (example: 198.198.99.99) into the web browser Address field.

2.Press the Enter key on your keyboard to begin the communication process between the target Master and your computer.

3.The user is then presented with a Security Alert popup window and Certificate information (FIG. 56).

FIG. 56 Security Alert and Certificate popups

The above alert will only appear if an SSL Server Certificate has been installed on the target Master, the SSL Enable options has been enabled, from within the Enable Security window of the Security tab, and there is a problem with the site’s certificate.

Problems with the certificate can result from:

A self generated and self-signed certificate that hasn’t been approved by a CA.

The self-generated certificate is not part of that computer’s web browser list of trusted sites. This changes after the certificate is installed into the user’s browser list of trusted sites.

The date period given to the certificate has expired. CA-approved certificates typically come with a 2 year window of validity. Self generated certificates come defaulted with a 30 year window of validity (see FIG. 56).

The name on the security certificate site information doesn’t match the domain name of the target Master.

4.Click the View Certificate button on the Security Alert popup to view more detailed information about the certificate. A secondary Certificate popup window is then displayed.

5.Review the information presented within the certificate and if you trust that both the site and certificate information are correct, click the Install Certificate button to begin installing the certificate into the computer’s web browser list of trusted sites.

	88	NetLinx Integrated Controllers

Image 94

AMX NI-4000, NI-3000, NI-2000 instruction manual Accessing an SSL-Enabled Master via an IP Address

Contents

NI-2000, NI-3000, and NI-4000 NetLinx Integrated Controllersinstruction manual NetLinx Central Controllers and CardsAMX Limited Warranty and Disclaimer Connections and Wiring Table of ContentsQuick Setup and Configuration Overview IntroductionConfiguration and Firmware Update Installation and UpgradingNetLinx Security and Web Server NetLinx Security with a Terminal Connection Troubleshooting ProgrammingIntroduction NI-2000 SpecificationsNetLinx Integrated Master Controller Features Weight NI-2000 SpecificationsDimensions HWD IntroductionRear Panel Components NI-2000 Specifications ContFront Panel Components NetLinx Integrated ControllersIntroduction NI-2000 Specifications ContThe D notation is used to explicitly represent a device number Included Accessories NI-3000 SpecificationsNI-2000 Specifications Cont Optional AccessoriesFront switchIntroduction RearPower requirements NI-3000 Specifications ContDimensions HWD WeightIntroduction NI-3000 Specifications ContRear Panel Components Introduction NI-3000 Specifications ContIncluded Accessories The D notation is used to explicitly represent a device numberNI-4000 Specifications NI-3000 Specifications ContPower requirements NI-4000 SpecificationsDimensions HWD WeightIntroduction NI-4000 Specifications ContRear Panel Components The D notation is used to explicitly represent a device number NI-4000 Specifications ContIntroduction NetLinx Integrated ControllersOptional Accessories NI-4000 Specifications ContIncluded Accessories IntroductionInstallation Procedures Quick Setup and Configuration OverviewConfiguration and Communication Studio to the most recent release Update the Controller and Control Card FirmwareProgram NetLinx Security into the On-Board Master IP recommendedBaud rate settings Connections and WiringSetting the Configuration DIP Switch for the Program Port Baud Rate Settings on the Configuration DIP SwitchUsing the Configuration DIP switch Wiring GuidelinesModes and Front Panel LED Blink Patterns Modes and LED Blink PatternsWiring Guidelines - NI-4000 & NI-3000@ 900 mA Preparing captive wiresWiring length guidelines Wiring Guidelines - NI-2000 @ 700 mAUsing the 4-pin mini-Phoenix connector for data and power Using the 4-pin mini-Phoenix connector for data with external powerRS-232/422/485 Device Port Wiring Specifications Program Port Connections and WiringProgram Port, Pinouts, and Signals ICSNet RJ-45 Signals ICSNet RJ-45 Connections/WiringRS-232/422/485 Device Port Wiring Specifications Connections and WiringEthernet RJ-45 Pinouts and Signals Ethernet 10/100 Base-T RJ-45 Connections/WiringICSHub OUT Pinouts and Signals ICSHub OUT portEthernet ports used by the Integrated Controllers Relay Connections and WiringEthernet LEDs Ethernet Ports Used by the NetLinx Integrated ControllersInput/Output I/O Connections and Wiring Relay connectionsI/O Port Wiring Specifications NI-2000 IR/Serial Connections and WiringI/O Port Wiring Specifications NI-4000 and NI-3000 IR/Serial Connector Wiring SpecificationsFIG. 17 NetLinx Control Card 20-pin connector NetLinx Control Card Slot Connector NI-4000 unit onlyConnections and Wiring NetLinx Integrated ControllersConnections and Wiring NetLinx Integrated ControllersInstallation and Upgrading Installing NetLinx Control Cards NI-4000 OnlySetting the NetLinx Control Card Addresses NI-4000 Only DevicePortSystem DPSOptional Compact Flash Upgrades Compact Flash UpgradesRemoving NetLinx Control Cards NI-4000 Only Accessing the internal components on an Integrated ControllerInstallation of Compact Flash upgrades Closing and Securing the Integrated Controller Install screws Bracket Rack Mounting Holes Installing the Integrated Controller into an Equipment RackFIG. 22 Mounting Integrated Controller into an equipment rack 10. Apply power to the unit by using an active PSN power supply Installation and Upgrading NetLinx Integrated ControllersCommunicating with the Master via the Program Port Configuration and Firmware UpdateBefore beginning Setting the System Value Select Diagnostics Device Addressing from the Main menuUsing multiple NetLinx Masters Select Diagnostics Device Addressing from the Main menu Changing the Device Address on a NetLinx Devicethere is a problem, use a system value of zero 0 on the Master Select Diagnostics Device Addressing from the Main menu Resetting the Factory Default System and Device ValuesRecommended NetLinx Device numbers Obtaining the Master’s IP Address using DHCP Assigning a Static IP to the NetLinx Master 1. Select Diagnostics Network Addresses from the Main menuCommunicating with the On-board Master via an IP FIG. 28 Assigning Communication Settings and TCP/IP Settings Verifying the current version of NetLinx Master Firmware Upgrading the On-board Master Firmware via an IP6. Select the NI Master’s KIT file from the Files section FIG Upgrading the NI Controller Firmware via an IP FIG. 31 Assigning Communication Settings and TCP/IP SettingsUpgrading the new NI Controller firmware via an IP Configuration and Firmware UpdateNetLinx Integrated Controllers 6. Enter the Device number of the target NetLinx Integrated Controller Upgrading the Control Card Firmware via an IP 13. Right-click the associated System number and select Refresh System. This establishes a new connection to the specified System and populates the list with devices on that system. The communication method is then highlighted in green on the bottom of the NetLinx Studio window NetLinx Security web browser and feature support NetLinx Security and Web ServerSupported Browser and Feature Compatibility Master Security Telnet Security Terminal RS232 Program port security New Master Firmware Security FeaturesNetLinx Security Terms HTTP Web Server Security FTP SecurityWebControl Tab Accessing the NetLinx Master via its IP AddressNetLinx Security Terms Cont Default Security Configuration Default Security ConfigurationWebControl Tab Features Security Options FTP Security - EnabledSecurity Tab Features Security TabSecurity link is selected Security System Features Security Tab Features ContSecurity tab - Enable Security page FeatureSecurity tab - Add Group page Security System Features ContAdd Group Entries Security tab - Modify Group page Add Group Entries ContModify Group Entries Modify Group Entries Cont Security tab - Group Directory Associations pageGroup Directory Association Entries FeatureValid Directory Association Entries NetLinx Security and Web ServerAdd User Entries FeatureSecurity tab - Add User page NetLinx Security and Web ServerSecurity tab - Modify User page Modify User EntriesModify User Entries Cont Security tab - User Directory Associations pageValid Directory Association Entries User Directory Association EntriesSecurity tab - SSL Server Certificate page Server Certificate EntriesServer Certificate Entries Cont certificate because the Master Key has been changedFIG. 44 Security Tab - Export Certificate Request field Security tab - Export Certificate Request pageSecurity tab - Import Certificate page FIG. 45 Security Tab - Import Certificate fieldShow Devices Tab System TabNetwork Tab Master Security Setup Procedures FIG. 48 Security tab - showing NetLinx Master security optionsAdding a Group and assigning their access rights The administrator group account cannot be deleted or modifiedModifying an existing Group’s access rights FIG. 50 Security tab - showing the Modify Group access rights fieldsShowing a list of authorized Groups Deleting an existing GroupAdding a Group directory association Valid Directory Association Entries2. Click the Directory Associations link The administrator user account cannot be deleted or modifiedConfirming the new directory association Deleting a directory associationAdding a User and configuring their access rights NetLinx cannot be used since they already existModifying an existing User’s access rights Showing a list of authorized Users Deleting a UserAdding a User directory association 2. Click the Directory Associations link SSL Certificate ProceduresConfirming the new directory association Deleting a directory associationself-generating a certificate Self-Generating a SSL Server Certificate RequestThis domain name does not need to be a resolvable URL Address when The city/province name must be fully spelled outCreating a Request for a SSL Server Certificate The state/province name must be fully spelled outImporting a CA certificate to the Master over a secure SSL connection Before importing a CA server certificate, you mustDisplay SSL Server Certificate Information Regenerating an SSL Server Certificate RequestCommon Steps for Requesting a Certificate from a CA 7. Before exiting the Master and beginning another session4. Enter the name of the server being used this is the Master Accessing an SSL-Enabled Master via an IP Address 7. Click Next to proceed with the certificate storage process Using your NetLinx Master to control the G4 panel Using your NetLinx Master to control the G3 panel FIG. 60 WebControl VNC installation and Password entry screensWhat to do when a Certificate Expires a new certificate from your current CANetLinx Security with a Terminal Connection NetLinx Security FeaturesInitial Setup via a Terminal Connection NetLinx Security FeaturesAccessing the Security configuration options If NetLinx Master security is not enabled, you will see the following Option 2 - Display system security options for NetLinx Master Security Options MenuOption 3 - Add user Option 4 - Edit User Edit User MenuEdit User Menu Access Rights MenuCommand NetLinx Security with a Terminal ConnectionOption 6 - Show the list of authorized users Access Rights MenuOption 5 - Delete user Option 7 - Add GroupEdit Group Menu Edit Group Menu Add directory associationEdit Group menu Delete directory association Edit Group menu Change Access RightsEdit Group menu List directory associations Option 8 - Edit Group Edit Group menu Display Access RightsOption 9 - Delete Group Option 10 - Show List of Authorized Groups Option 11 - Set Telnet Timeout in secondsOption 12 - Display Telnet Timeout in seconds Option 13 - Make changes permanent by saving to flashMain Security Menu Main Security MenuCommand NetLinx Security with a Terminal ConnectionMain Security Menu Cont Default Security ConfigurationDescription Help Menu Options CommandHelp menu NetLinx Security with a Terminal ConnectionLogging Into a Session Help Menu Options ContSetup Security LogoutHelp Security Converting Axcess Code to NetLinx Code Using the ID ButtonProgramming DevicePortSystem DPSPC COM Port Communication Settings Program Port CommandsProgram Port Commands Program Port Commands Cont Program Port Commands Cont SET IP DPSEscape Pass Codes ESC Pass CodesNotes on Specific Telnet/Terminal Clients WindowsTM client programsRS232/422/485 Ports Channels LED Disable/Enable SendCommandsRS-232/422/485 SendCommands LED SendCommandsRS-232/422/485 SendCommands Cont RXCLR RS-232/422/485 SendCommands ContHSON RXOFFRS-232/422/485 SendCommands Cont RS-232/422/485 SendString Escape SequencesRS-232/422/485 SendString Escape Sequences IR RX Port Channels IR/Serial SendCommandsIR / Serial Ports Channels IR/Serial SendCommandsCTOF IR/Serial SendCommands ContProgramming CTONIR/Serial SendCommands Cont SENDCOMMAND DEV, GET MODEIR/Serial SendCommands Cont Sets the time between power SENDCOMMAND DEV, PTOF,TimeIR/Serial SendCommands Cont Programming Input/Output SendCommandsI/O SENDCOMMANDS GET INPUTProgramming NetLinx Integrated ControllersTroubleshooting TroubleshootingTroubleshooting Information SymptomSymptom Troubleshooting Information ContTroubleshooting SolutionSolution Troubleshooting Information ContSymptom During the firmware upgradeRevisionLast12/10/04