Manuals / AMX / Computer Equipment / Network Card

AMX NI-3101-SIG manual Accessing an Unsecured Master via an Http Address

Models: NI-3101-SIG

1 176

Download 176 pages 6.4 Kb

Page 49

NetLinx Security within the Web Server

Accessing an Unsecured Master via an HTTP Address

Refer to theUpgrading the On-board Master Firmware via an IP section on page 35 for more detailed information on how to download the latest firmware from www.amx.com. This firmware build enables SSL certificate identification and encryption, HTTPS communication, ICSP data encryption, and disables the ability to alter the Master security properties via a TELNET session.

Although Telnet security configuration access can no longer be used on a Master with this firmware, a Terminal connection (using HyperTerminal) can still be established using the Master’s USB low-speed connection (if the Telnet Port is enabled via the Manage System > Server page).

Once the Master’s IP Address has been set through NetLinx Studio version 2.4 or higher:

1.Launch your web browser.

2.Enter the IP Address of the target Master (ex: http://198.198.99.99) into the web browser’s Address field.

3.Press the Enter key on your keyboard to begin the communication process between the target Master and your computer.

Initially, the Master Security option is disabled (from within the System Security page) and no username and password is required for access or configuration.

Both HTTP and HTTPS Ports are enabled by default (via the Manage System > Server page).

4.The first active page displayed within your open browser page is Manage WebControl Connections.

Once HTTP Access is enabled for a Master; certificate verification and username and password verification must occur. Refer to theAccessing an SSL-Enabled Master via an IP Address section on page 111 for more information.

NI-3101-SIG Signature Series NetLinx Integrated Controller	43

Image 49

AMX NI-3101-SIG manual Accessing an Unsecured Master via an Http Address

Contents

NI-3101-SIG AMX Limited Warranty and Disclaimer Introduction NetLinx Security within the Web Server NetLinx Security with a Terminal Connection 117 Troubleshooting 167 NI-3101-SIG FG2105-08 NetLinx Integrated Master Controller FeaturesNI-3101-SIG Specifications NI-3101-SIG SpecificationsBlue LED bar lights when powered up MB FlashRS-232/422/485 Ports 1 Distances IR ports support data mode at limited baud rates and wiringD notation is used to represent a device number NI-3101-SIG Specifications Page Where DevicePortSystem DPSStructure DEV NumberportsystemInstallation into an Equipment Rack Working with the Configuration DIP switch Program Run Disable PRD modePRD Mode Settings PRD ModeMode Description Blue White Configuration Port Connections and WiringModes and Front Panel LED Blink Patterns Modes and LED Blink PatternsPort Assignments and Functionality Off No power, or the controller is not functioning properlyAXlink Port and LED Rear Port Assignments are as followsWiring length guidelines Wiring GuidelinesPreparing captive wires Wiring Guidelines NI-3101 @ 900 mAUsing the 4-pin mini-Phoenix connector for data and power Wiring a power connectionGND AXP/TX AXM/RX Relay Port Connections and Wiring DB9 Device Port Connections and WiringRS-232/422/485 Device Port Wiring Specifications PinRelay connections Input/Output I/O Port Connections and WiringPort +12V 6 5 4 3 2 Port Wiring Specifications NI-3101-SIG IR/Serial Port Connections and WiringIR/Serial Connector Wiring Specifications per Port Signal FunctionEthernet RJ-45 Pinouts and Signals Ethernet/RJ-45 Port Connections and WiringSignals Connection Pairing Color Ethernet Ports Used by the NetLinx Integrated Controllers Ethernet ports used by the Integrated ControllersPort type Description Standard Port On-board Master has a built-in FTP server 21/20 TCPReplacing the Timekeeper Battery Configuration and Firmware Update Communicating with the Master via the Program Port Master Communication Settings dialog boxCOM1 Setting the System ValueUsing multiple NetLinx Masters Device Addressing dialog changing the device value Changing the Device Address of a NetLinx DeviceRecommended NetLinx Device numbers Using the ID Button to Change the Controller’s Device ValueAxcess Devices use Axcess standards 301Resetting the Factory Default System and Device Values Network Addresses dialog for a Dhcp IP Address Obtaining the Master’s IP Address using DhcpConfiguration and Firmware Update Assigning a Static IP to the NetLinx Master Communicating with the NI Device via an IP Communications Settings dialog boxTCP/IP Settings dialog box Master Controller User Name and Password dialog box Sample NetLinx Workspace window showing OnLine Tree tab Verifying the current version of NetLinx Master FirmwareFirmware Kit File usage for NI Controllers Upgrading the On-board Master Firmware via an IPSelect the NI Master’s Kit file from the Files section FIG After the last component fails to install, click DoneUpgrading the NI Controller Firmware via IP Configuration and Firmware Update Configuration and Firmware Update Page Username and profile NetLinx Security within the Web ServerNetLinx Security Terms NetLinx Security TermsCase sensitive Accessing an Unsecured Master via an Http Address Browser Application Frames Default Security ConfigurationAccount Group Default Security Configuration case-sensitiveTelnet Security Master Firmware Security Access ParametersManaging WebControl Connections Web ControlManage WebControl Connection Page Features Security FeaturesFeature Description Compatible Devices Field InternetFeature Description System Level Security FeaturesSecurity System Level Security Group LevelSystem Level Security Communication settings, and security parameters Configuration/Reset, URL list settings, MasterMaster must provide a valid username and password And/or SSH Ports. SSH version 2 is only supportedSection on page 49 for more detailed field descriptions Setting the system security options for a NetLinx MasterAdministrator group account cannot be deleted or modified You are logged in as a user with Configuration Access Icsp AuthenticationSecurity Group Level Security Manage GroupIP configuration/Reset, URL list settings, Master Configure Group PropertiesCommunication settings, and file transfers Modifying the properties of an existing Group Adding a new GroupDeleting an existing Group Security User Level Security Feature Description Manage UsersManage Users Feature Description Configure User Properties Configure User PropertiesTo this User Security DetailsFeature Description User Security Details Configure Users PropertiesAdding a new User Sensitive and must be uniqueModifying the properties of an existing User Click the Back button to return to the Manage UserDeleting an existing User System SettingsFeature Description Online Tree menu System Settings Manage SystemManage System Page Components Online TreeSystem menu buttons Feature Description Management menu optionsThis button is available from within all Management MenusPort menu buttons Feature Description Device menu buttonsSystem Menu Modifying the Date/Time Manage System System Menu ButtonsSystem Menu Changing the System Number System Menu Rebooting the MasterSystem Menu Controlling/Emulating Devices on the Master Control/Emulate dialog Select either the Control or Emulate optionMinimum Value Maximum Value Valid Level Data Types and RangesDiagnostics dialog showing modify popup Manage System DiagnosticsDiagnostic Configuration Dialog Setting up and removing a Diagnostic FilterFeature Update Remove Description New Preset. Refer to of this section for more information Feature Description PresetsSystem/Device/Port NetLinx Security within the Web Server Default port for each service is listed to the right Setting the Master’s Port ConfigurationsManage System Server Server Submenu OptionsFTP SSHServer Port Settings Modifying the Server Port SettingsIs determined by the user Enabled but the value can not be changed FeatureDescriptionSSH Port Address field of the SSH Client applicationCertificate consists of two different Keys SSL Server Certificate Creation ProceduresContained in the certificate on the target Master Server Certificate EntriesFrom an external source DesiredServer Creating a self-generated SSL Certificate Server Display SSL Server Certificate InformationServer Creating a Request for an SSL Certificate Server Regenerating an SSL Server Certificate RequestState/province name must be fully spelled out Communicating with the CA Common Steps for Requesting a Certificate from a CAExport SSL Certificate dialog Server Exporting an SSL Certificate RequestBefore importing a CA server certificate Server Importing a CA created SSL CertificateManage System Device Menu Buttons Device Menu Configuring the Network SettingsFeature Description IP Address Network Settings DialogDNS Address Click the Back button to return to the main URL List dialog Device Menu Developing a URL ListURL List dialog with entries Device Menu Changing the Device NumberDevice Menu Controlling or Emulating a device Device Menu Running a Diagnostic FilterMaster section on page 67 for more information Device Menu Viewing the LogAdding a new license System Settings Manage LicenseRemoving a license Feature Clear List Refresh List Description System Settings Manage NetLinx DevicesManage NetLinx Devices After a period of time, unable to establish communication Feature Description Device ListingsClick the icon to collapse the particular Master’s listing Manage NetLinx Devices Displaying NDP-capable devicesManage NetLinx Devices Binding/Unbinding Explained MAC Address of the Master in FIG Manage NetLinx Devices Obtaining NetLinx Device informationSystem Settings Manage Other Devices Configure Binding Options Feature Description Dynamic Device Discovery linksManage Other Devices Must always be User-Defined devicesThis selection is a one-time occurrence. Upon the next Reboot, the selection is clearedDeleted via the Purge Bound Modules on Reset selection Dynamic Device Discovery Concepts What is Dynamic Device Discovery?Manage Other Devices Manage Device Bindings What are Application Devices and their association status? Configuring application-defined devicesPROGRAMNAME=DDD Defineconstant Definetype DefinevariableManage Device Bindings NetLinx Security within the Web Server View Discovered Devices Manage Other Devices Menu Viewing Discovered DevicesModule Properties displayed via a mouse-over popup dialog SDK-Class Types SwitcherAmplifier DocumentCamera SlideProjector AudioConferencer How do I write a program that uses Dynamic Device Discovery To configure a Static application interfaceHow do I configure a Run-time installation Accessing an SSL-Enabled Master via an IP Address Security Alert and Certificate popups Certificate Import Wizard Using your NetLinx Master to control the G4 panel WebControl VNC installation and Password entry screens Connection Details dialog What to do when a Certificate ExpiresNetLinx Security Features NetLinx Security FeaturesUser has access to the Icsp communication functionality Accessing the Security configuration options Initial Setup via a Terminal ConnectionSetup security Access Logout CloseNetLinx Security with a Terminal Connection Select to change current security option EnabledOr Enter to return to previous menu Security Options Items in the Security Options Menu are described below CommandOption 2 Display system security options for NetLinx Master Option 3 Add userEdit User Menu Option 4 Edit UserPassword from that point forward Command DescriptionSelect to change current access right Edit User MenuOption 5 Delete user Access Rights MenuOption 7 Add Group Option 6 Show the list of authorized usersPress Enter to display the following Edit Group menu Path Press Enter to return to the Edit Group menuUser1 Results.txtOption 8 Edit Group Select from the following list Administrator GroupOr Enter to return to previous menu Set Rights Specify Telnet Timeout in seconds Option 11 Set Telnet Timeout in secondsOption 9 Delete Group Option 10 Show List of Authorized GroupsTelnet Timeout is 10 seconds Option 12 Display Telnet Timeout in secondsOption 13 Make changes permanent by saving to flash Main Security menu is described below Main Security MenuMain Security Menu Set system security options forAdministrator only function Reset DatabaseGroup Group administrator Rights All Security Options FTP Security EnabledHelp Menu Options Help menuSET Icsp TCP Timeout NAME,COMMANDNAME,STRING SET Date SET DNS DPSLogging Into a Session Logout Setup SecurityHelp Security Page Master SendCommands Master SendCommandsConverting Axcess Code to NetLinx Code ClockSendcommand 010,~IGNOREEXTERNALCLOCKCOMMANDS ClockcommandsG4WC Used to determine each unique listingUsing the ID Button Master IP Local Port SendCommandsMaster IP Local Port SendCommands UdpsendtoPC COM Port Communication Settings Configuration Port CommandsDevicePortSystem DPS NI-2x00 Port AssignmentsDate Configuration Port CommandsEcho OFF Echo onPort GET Ethernet ModeMSG on or MSG OFF Chan OFF DPS, or NameOn DPS, NAME, Chan Ping IP AddressPulse DPS, or Name Name,CommandPWD Name,StringPrompts you to enter the new date for the Master Entering N no cancels the operationMaster-to-Master systems Rent Java memory heap size as measured in Megabytes. ThisEnter Y yes to approve/store the information into the Master Subnet Mask, and Gateway IP AddressSET Queue Size Use caution when adjusting these valuesSet queue size Set Queue Size MenuSET UPD BC Rate Each queue Example Show BuffersDisplays a list of any combined devices Example Displays a list of all devices present on the bus ExampleDisplays the log of messages stored in the Masters memory Show LOGMaster logs all internal messages and keeps the most recent If end is not entered, the last 20 messages will be shownShow MAX Buffers Systems listed are in numerical order Example Show SystemLists all active TCP/IP connections Example Displays the current time on the Master ExampleWindowsTM client programs ESC Pass CodesLinux Telnet client Escape Pass CodesLED SendCommands LED Disable/Enable SendCommandsRS232/422/485 Ports Channels RS232/422/485 ports are PortsRS-232/422/485 SendCommands RS-232/422/485 SendCommandsThese examples DEV = device Hsoff GET BaudHson RxclrTset Baud SET BaudTxclr XoffRS-232/422/485 SendString Escape Sequences RS-232/422/485 SendString Escape SequencesXON IR / Serial Ports Channels Command Description 27,20,1IR / Serial Ports Channels Sendstring DEV,27,20,1IR/Serial SendCommands IR/Serial SendCommandsCaroff CaronCtof GET ModeCton IroffPOF PODPON Pton PtofMeters for the IR Ports SET IO LinkSendcommand IR1,SET Mode IR SET ModeSendcommand IR1, SP,25 Short cable length 10 feetSendcommand IR1,XCHM Sendcommand DEV,XCHM extended channel modeSendcommand IR1,XCH XchmSendCommands Input/Output SendCommandsGET Input SET InputTroubleshooting Information TCP/IP Page It’s Your World Take Control