1102 Secure Device Servers
1102 Secure Device Servers
FCC and IC RFI Statements
Normas Oficiales Mexicanas NOM Electrical Safety Statement
Trademarks Used in this Manual
Table of Contents
SMS Alerts Snmp Alerts
Local Authentication Tacacs Authentication
Add a New Alert
107
106
108
110
PowerMan Tool
Installing the Key and Certificate
Pmpower Tool
Fingerprinting
Specifications
Specifications
Manual Organization
Overview 2.1 Introduction
Types of Users
Management Console
Overview
Hardware Description 2.5.1 LES1101A Front Panel
2 LES1101A Back Panel
Number Component Description DB9 connector
Ethernet Connectivity LED
RJ-45 Ethernet Activity
LED left side of connector Ethernet Connectivity LED
Number Component Description Barrel connector Power
LED right side of connector Ethernet Activity LED
3 LES1102A Front Panel
1 LES1101A
What’s Included
2 LES1102A
Installation
Installation
Power Connection
Network Connection
Non RS-232 Serial Port Pinouts- LES1102A
+3V
Non RS-232 Serial Port Pinouts- LES1101A
RX+ TX+ +VIN
TX +
Connected PC/Workstation Setup
System Configuration
Management Console Connection
Browser connection
System Configuration
Administrator Password
Network IP Address
IPv6 configuration
System Services
System Services screen
SDT connector SSH encrypted
SDT Connector
Communications Software
Forwarded to
SSHTerm
PuTTY
Configure Serial Ports
Serial Port, Host, Device, and User Configuration
Common Settings
Serial Port, Host, Device, and User Configuration
Console Server Mode
Serial Port, Host, Device, and User Configuration
1102 Secure Device Servers
SDT Mode
Terminal Server Mode
Device RPC, UPS, EMD Mode
Serial Bridging Mode
Local Ethernet LAN LES1102A COM port
Syslog
Add/ Edit Users
Serial Port, Host, Device, and User Configuration
Network Hosts
Authentication
Serial Port Redirection
Trusted Networks
LES1102A Retail data systems
Managed Devices
Serial Port, Host, Device, and User Configuration
Secure Local
Secure SSH Tunneling and SDT Connector
LES1102A Serial Connected
Configuring for SSH Tunneling to Hosts
Secure SSH Tunneling and SDT Connector
SDT Connector Client Configuration
SDT Connector installation
1102 Secure Device Servers
Secure SSH Tunneling and SDT Connector
Make an SDT Connection through the Gateway to a Host
Manually Adding Hosts to the SDT Connector Gateway
10. Clients
Manually Adding New Services to the New Hosts
1102 Secure Device Servers
Adding a Client Program to be Started for the New Service
16. Telnet client Click OK
17. Edit SDT host screen
SDT Connector to Management Console
1102 Secure Device Servers
Secure SSH Tunneling and SDT Connector
Importing and Exporting Preferences
SDT Connector Public Key Authentication
Setting up SDT for Remote Desktop Access
23. Remote Desktop Users dialog box
Configure the Remote Desktop Connection Client
Computer, enter the appropriate IP Address and Port Number
Use -p to receive password prompt
Geometry width x height or 70% screen percentage
SDT SSH Tunnel for VNC
For Linux servers and clients
Install, Configure, and Connect the VNC Viewer
30. VNC authentication
1102 Secure Device Servers
33. Incoming TCP/IP properties
Set up SDT Serial Ports on Console Server
Address of port01. Then select the RDP Service check box
SSH Tunneling Using other SSH Clients for example, PuTTY
1102 Secure Device Servers
Secure SSH Tunneling and SDT Connector
1102 Secure Device Servers
Alerts and Logging
Configure SMTP/SMS/SNMP/Nagios Alert Service
Alerts and Logging
Email Alerts
Snmp Alerts
SMS Alerts
Select Alerts & Logging Snmp
Activate Alert Events and Notifications
Nagios Alerts
Add a New Alert
Configuring General Alert Types
Serial port signal alert
This alert type monitors UPSes, RPCs, and power devices
Configuring Power Alert Type
Serial Port Logging
Remote Log Storage
Network TCP or UDP Port Logging
1102 Secure Device Servers
Power Management
Power Management
Remote Power Control RPC
RPC Connection
1102 Secure Device Servers
User Power Management
RPC Access Privileges and Alerts
RPC Status
Uninterruptible Power Supply Control UPS
Turn on Turn OFF Cycle Status
Serial, USB, or Network Connections Managed
Managed UPS Connections
Click Add Managed UPS
As Device Type UPS and clicking Apply
Power Management
Remote UPS Management
UPS Alerts
Controlling UPS Powered Computers
UPS Status
12. Log table
Overview of Network UPS Tools NUT
Refer to
1102 Secure Device Servers
Authentication Configuration
Authentication
Local Authentication
Tacacs Authentication
Enter the Server Password
Radius Authentication
RADIUS/TACACS User Configuration
Ldap Authentication
Pamtacplus
PAM Pluggable Authentication Modules
Pamldap
Radius Example
SSL certificates screen
SSL Certificate
Confirm Challenge Password
Challenge Password
Common name
Organizational Unit
Upload button
Nagios Integration
LES1102A Network Managed hosts Services
Nagios Overview
Nagios Integration
Central Management and Setting Up SDT for Nagios
Distributed console servers Black Box console servers
Setup Distributed Console Servers
Setup Central Nagios Server
Description enter Administrator connection
Enable Nagios on the Console Server
Configuring Nagios Distributed Monitoring
Select Users & Groups from the Serial & Network menu
Enable Nsca Monitoring
Enable Nrpe Monitoring
LES1102A Serial Check Nagios
Tunneled SSH LES1102A Sendncsa Program/script Nagios
Configure Selected Network Hosts for Nagios Monitoring
Configure Selected Serial Ports for Nagios Monitoring
Configure the Upstream Nagios Monitoring Host
Commandname checkserialstatus Commandline
Commandname checknrpedaemon Commandline
Define service
Hostname Server Use Generic-service
Server Use Generic-service
Define service Servicedescription port-log-server
Activechecksenabled Passivechecksenabled
Checkportlog
Number of Supported Devices
Basic Nagios Plug-Ins
Distributed Monitoring Usage Scenarios
Using Nagios in a local office Remote site
Remote site with restrictive firewall
System Management
System Administration and Reset
System Management
Upgrade Firmware
Configuration Backup
Configure Date and Time
109
Select the Status Port Access
Port Access and Active Users
Status Reports
Statistics
Support Reports
Status Reports
Select Status Syslog
Dashboard
Configure dashboard screen
Configuring the Dashboard
Echo table
Creating Custom Widgets for the Dashboard
Management
Management
Device Management
Port and Host Logs
Select Manage Terminal
Serial Port Terminal Connection
Select Manage Power
Accessing config from the Command Line
Configuration from the Command Line
Config tool
Configuration from the Command Line
# config -g config.users.user1.description
# config -g config
Serial Port Configuration
SDT mode
Device Mode
Serial bridge mode
Terminal server mode
Syslog settings
Adding and Removing Users
# config -r users
# ./delete-node config.users.user2
# config -a
# config -g config.groups.total
Adding and Removing User Groups
# rmuser Group7
# config -r auth
List of remote authentiction and authorization servers
# config -g config.sdt.hosts.total
# config -s config.sdt.hosts.total=4
# config -g config.devices.total
Log level for services
# config -hosts
# config -g config.portaccess.total
# config -r cascade
# config -s config.cascade.slaves.total=1
Cascaded Ports
UPS Connections
# config -d config.ups.monitors.monitor1
# config -s config.ups.monitors.total=1
RPC Connections
Remote UPSes
To configure serial/network port logging
# config -d config.devices.device8
Port Log
To delete the above managed device
Signal Alert
General settings for all alerts
Alerts
Connection Alert
Power Sensor Alert
UPS Power Status Alert
# config -r alerts
Smtp and SMS
IP Settings
Administration
Snmp
Date and Time Settings
# config -r time
Services
Dhcp Server
Prefer Nrpe over Nsca Disabled defaults to Disabled
Enable SDT for Nagios ext Enabled SDT gateway address
To configure Nrpe with following settings Nrpe port
Nagios
!
Advanced Configuration
Bin/sh /etc/scripts/alert-email $suffix
# ./delete-node config.users.user3
Echo Warning $TOTALNODE greater than number of items
NEWTOTAL=$ $TOTAL
Add the following line to rc.local
# loop indefinitely While true do
Etc/config/scripts/config-post
# config
Usage /etc/scripts/backup-usb Command File
# /etc/scripts/backup-usb check-magic
Etc/config/pmshell-start.sh #!/bin/sh PORT=$1 USER=$2
Config --set config.system.snmp.trapport2=162
Config --set config.system.snmp.address2=w.x.y.z
To set the Manager Address field
To set the Community field Snmp version 1 and 2c only
$&$
$& !
$&% !
#$!
Chown fred /etc/config/users/fred/.ssh/authorizedkeys
#$
$ mkdir keys $ ssh-keygen -t rsa
Http//openssh.org/portable.html
Http//www openbsd.org/cgi-bin/man.cgi?query=sshd
!
OpenSSH Windows http//sshwindows.sourceforge.net/download
# ssh remhost
Ab7e33bd85505a430be0bd433f1ca5f8
Offending key in /.ssh/knownhosts1
Client Keys
Uploading Keys
Authorized Keys
!$ %
+- !
!!
#$
#$!
#%
#%
Target Specification
Powerstrip
Powerstrip IdName or ID of the device support/id
Pport
Ppassword
Targetaddress
Username
#
#%&
Appendix A. Linux Commands and Source Code
Appendix a Linux Commands and Source Code
Add a group or add an user to a group Add an user
GNU Bourne-Again Shell
Reboot
Login
Ip6tables
Iptables-save
Sleep
Vconfig
Smbmnt
Smbmount
164