Manuals / Black Box / Computer Equipment / Network Card

Black Box 24 port, 16 port manual Security, Setting up the line on your Console Server

Models: 24 port 16 port

1 263

Download 263 pages 32.36 Kb

Page 70

Security

The Console Server has a number of security features built in that can be enabled or disabled depending on the security level required.

These features include:

•Telnet access - Login and password required.

See set line on page 166 in Appendix B The CLI commands.

•SSH access - Makes ports only accesible via SSH connections.

See Accessing devices via SSH on page 118 in Chapter 4 Using your Console Server.

•Radius authentication - Allows user names and passwords to be authenticated by an external Radius server.

See About user accounts and RADIUS on page 96 in Chapter 3 System administration.

•Disable Daemons - Allows unused Daemons to be disabled to prevent unauthorised access by hackers.

See set server on page 173 in Appendix B The CLI commands.

•Trusted host filtering - Prevents the unit from being seen on the network by non- authorised systems

See set server on page 173 in Appendix B The CLI commands.

Setting up the line on your Console Server

The default use of the Console Server is as a Console server. Therefore all lines are set with a service of “Reverse Telnet”. This allows a user on the LAN to be able to telnet into the ports and access the attached devices.

Each port also requires a TCP socket number in order to work. By default, the unit is set to use numbers 10001 to 10024. You can change these to any other socket number as long as there is no conflict on the network.

For an explanation of other line services see Appendix E Summary of Line Service Types.

Black Box Console Server user guide

70

Image 70

Black Box 24 port, 16 port manual Security, Setting up the line on your Console Server

Contents

24 port Console Servers User Guide MAY LS50116 LS50116-AE LS50124 LS50124-AEInstrucciones DE Seguridad Black Box Console Server user guide Black Box Console Server user guide Purpose of this manual Who this manual is forFast Contents Contents Introduction Installation Configuring Break Pass Through 110 115 144 Set ethernet interface AUI 204 236 Black Box Console Server user guide A p t e r 1 I n t r o d u c t i o n About the Console Server Black Box Console Server user guide Typical applications summary Managing devices without accessing the LAN/WANManagement and diagnostics Managing devices over the LAN/WANConsole Server front view Console Server front and rear viewsConsole Server rear panel Black Box Console Server user guide A p t e r 2 Installation General installation procedure Rack mounting your Console Server Console ServerBlack Box Console Server user guide Desk mounting your Console Server Multiple stacking your Console Server Power and network LEDs LED guideConsole Server During normal operations Black Box Console Server user guide Selecting AUI or 10/100 Base T interface 10/100Base-TSetting up an IP address automatically using Dhcp Setting up an IP addressSet up procedure Black Box Console Server user guide About Dhcp Dhcp request and responseBlack Box Console Server user guide Black Box Console Server user guide Manually setting up an IP address Set up procedure Black Box Console Server user guide Tip Are valid, should not need recourse to a Radius hostServer form field descriptions Parameter DescriptionDhcp Gui access Accessing the Console Server configuration software Logging onto your Console ServerSetting up the host table Setting up your network parametersAdding a Host Black Box Console Server user guide Changing a Host Deleting a host Cli syntax set user password Changing the Admin PasswordFactory default password is superuser Radius configuration Black Box Console Server user guide Accept the form you will be returned to the menu Radius parameters description Radius host Accounting flag State of Radius Result Specified0a000006 DNS configuration Cli syntax add DNS Delete DNSWins configuration Add WinsConfiguring network gateways Active and passive gatewaysAdding a gateway Delete From the Network Configuration menu, select ‘Gateway’Deleting a Gateway GatewayVerifying your network installation Ping hostnameSaving configuration changes Saving to non-volatile memorySaving to a file Setting date and time Performing a soft reboot Resetting to factory defaults using software Restoring factory default settingsResetting to factory defaults using reset switch Black Box Console Server user guide Black Box Console Server user guide A p t e r 3 S y s t e m a d m i n i s t r a t i o n Setting up the line on your Console Server SecurityLines set to reverse Telnet by default Viewing and editing your line settingsTypical Reverse Telnet Configuratio n Black Box Console Server user guide Lost password Introduction to Slip and PPP connections Configuring a dial in lineDeciding whether to use Slip or PPP Setting up the line Show lineService option Option DescriptionService option Description Router use onlyConfiguring Slip OptionDescriptionInteractive OptionDescription PPP configuration procedure Configuring PPPShow PPP Line Now select a line PPP form field descriptions Black Box Console Server user guide Black Box Console Server user guide Black Box Console Server user guide Be set ppp li 1 user kevinc8 Password IP address negotiation Black Box Console Server user guide Roaming Callback Black Box Console Server user guide Add modem Configuring a modemCli syntax Set modemConfiguring users Black Box Console Server user guide About user accounts and Radius When Radius authenticates usersOverview Black Box Console Server user guide Example Radius user file telnet service Adding a user account Choose your user from the list of names now displayed Configuring a user accountConfiguration procedure ValuesUser form field descriptions 100Particular port to ‘cslogin’ see Setting up the line on Particular line to ‘cslogin’ see Setting up the line on101 102 103 Callback for a user 104105 106 CLI prompts About user levels107 Deleting a user account Changing a user’s password108 Configuring Break Pass Through 109Resetting the line to default 110Saving settings to a file Saving your settingsSaving settings to non-volatile memory 111112 113 114 A p t e r 4 U s i n g y o u r C o n s o l e S e r v e r 115Introduction 116Information required Accessing devices via Telnet from the LANAccess procedure 117SSH Setup Procedure Accessing devices via SSH118 119 Required Information 120121 Accessing devices via modems using PPP 122Accessing devices via modems using a dumb device 123124 This appendix includes the following sections Server console server125 Circuit Direction Function Pin locations RJ45 connectorsRJ45 RS232 serial ports 126Pin numbering in the RJ45 connectors 127AUI port Pin Signal128 RJ45 10/100BaseT port Pin Signal Function129 Admin Port 130Example direct connections Direct 11 Connections131 Sun Microsystem servers 132133 Black Box Series router console port Cisco RJ45 console ports with software flow controlBlack Box 833AS 134IBM RS6000 135PC, example connections Connection from the 25-pin Admin Port to a PCPC serial port 136137 Terminals Terminals slow speed or using software flow control138 Connection from the 25-pin Admin Port to a Terminal 139Direct connections Modems140 P e n d i x B T h e C L I c o m m a n d s 141Add DNS CLI commandsAdd community InetaddressMenu Network Configuration DNS Add DNS Equivalent See also 143Add host Add gateway144 145 Add radius Where Host typeAdd modem 146Add Wins Add trapAdd user 147Delete ARP AdminDebug Delete communityDelete host Delete DNSDelete gateway 149Delete radius Menu Network Configuration Host Table Equivalent See alsoDelete modem 150Delete Wins Delete trapDelete user 151Syntax heap Heap152 Logout HelpKill line 153Where Netload154 Software When you reboot the unit. See reboot on 155Netsave 156157 Packetsize Ping158 159 Reset line RebootReset factory 160Resume Reset userRestart Menu None available Equivalent See also162 Save RloginMenu Sessions Start telnet/rlogin Equivalent See also Also use this argument to log in as someone elseSet date ScreenSet contact 164Set gateway Set ethernet interface RJ45Set ethernet interface AUI SyntaxNormal Set hostSet line 166Nouser Line service can be used to dedicate the line to a specificEnter their login name just their password 167168 Set to None off, send, listen or send & listen Set locationRouting 169Parameter syntax Parameter name Set ppp line170 171 Set radius 172Subnet Unit afterwards use the command ‘reboot’Set server 173174 Gui-status Programme is controlled by passwordOr OFF. The default is OFF JETsetLogin prompt uses OEM1 string 176Send Break Option 177178 Sshbreakstring Menu equivalents See alsoBreak 179Set slip line 180Set telnet Syntax Command telnet181 For example set time Set timeSet user 182183 184 Show date User levels admin, normal Syntax Menu equivalent See alsoShow ARP 185Show hardware Admin, is normal SyntaxShow gateways Menu Main Menu Hardware Equivalent See alsoNormal Syntax Show hostsShow interfaces 187Show line 188189 190 This will show for example Admin Normal SyntaxShow modems 191Normal line Show ppp line192 193 Menu There is no menu equivalent Equivalent Show radiusShow routes 194195 Show server Menu Server configuration Equivalent See also196 Show slip line 197Show snmp Menu Network configuration snmp Equivalent See also198 Show time User levels admin, normalShow telnet 199Show user Syntax Target login directory, you will be logged straightWhere n is the predefined session that you want to start StartSet telnet or show telnet can be saved permanently TelnetMenu Sessions Start Predefined Session Equivalent See also Inetaddress TermtypeNormal Syntax version Version202 P e n d i x C S N M P 203Overview 204Community Configuring Snmp supportAdd Delete Community206 Summary of objects in the private MIB 207208 Private MIB definitions 209210 211 212 Editing RFC1213 Network management213 Routing information Editing214 P e n d i x D U p g r a d i n g y o u r f i r m w a r e 215Using a Bootp server see Using Bootp from a boothost on 216Using Tftp from a host Saving your existing ConfigurationExample of saving a configuration file Cli syntax netload softwareTftp configuration 218Writing to Flash memory 219Using Bootp from a boothost 220Disable BOOTP/DHCP Upgrade using JETset, the web browser interfaceEnabling BOOTP/DHCP after upgrading software 221222 223 List of line service types Silent Line Service Description/UsesExample Type225 226 P e n d i x F B O O T P 227228 Bootp request and response How Bootp works229 230 Bootptab file entry for a single unit How to setup BootpBootptab file entry 231232 233 Bootfile Bootfile234 Parameter Value Brief Meaning Fuller explanation 235Disabling the Bootp reply Bootp messages output to screen236 # ht=1\ # ha=0080ba000057\ # gw=192.101.35.254\ 237Bootptab file entry for multiple units Booting multiple units238 239 Example of Bootp Multiple Bootp servers240 Bootptab file 241242 Server JETset utility You need to243 JETsethome Introduction to JETset244 To access JETset 245Netscape Navigator configuratio n Using JETsetUsing JETset 246Internet Explorer configuratio n 247248 JETset program summary 249250 P e n d i x H Troubleshooting 251General communication matters 252Host problems 253JETset problems 254Login problems 255You have lost or dont know your password as ‘admin’ user 256Problems with terminals 257Problems with framed Routing Emergency recovery258 Index 259260 261 262 Copyright 2001. Black Box Corporation. All rights reserved