Authentication, Primary, Method | Perle Systems 5500161-40 guide

Authentication

Authentication

In the Authentication window, you can select up to two methods of authentication made up of external authentication options and/or the local user database.

Configure the following parameters:

Primary	The first authentication method that the IOLAN attempts.
Authentication	Data Options: Local, RADIUS, Kerberos, LDAP, TACACS+, SecurID, NIS
Method	Default: Local
	Default: Local
Secondary	If the Primary Authentication Method fails, the next authentication method
Authentication	that the IOLAN attempts. You can choose to use authentication methods in
Method	combination. For example, you can specify the Primary Authentication
	Method as Local and the Secondary Authentication Method as RADIUS.
	Therefore, some users can be defined in the IOLAN (Local) others in RADIUS.
	Data Options: None, Local, RADIUS, Kerberos, LDAP, TACACS+, SecurID,
	NIS
	Default: None
Settings Button	Click this button to configure the authentication method.

Only use as backup The secondary authentication method will be tried only when the IOLAN cannot communicate with the primary authentication host.

Default: Disabled

Only authenticate When enabled, the IOLAN will only authenticate the admin user in the local admin user in the user database, regardless of any external authentication methods configured.

local database When disabled, a user called admin must exist when only external authentication methods are configured, or you will not be able to access the IOLAN as the admin user, except through the console port.

Default: Enabled

214	IOLAN SDS/SCS/STS/MDC User’s Guide, Version 4.0

Image 214

Perle Systems 5500161-40 manual Authentication, Primary, Method Default Local Secondary

Contents

Iolan SDS/SCS/STS/MDC EN 55022 1998, Class A, Note Table of Contents Power Supply Specifications Getting to Know Your Iolan Easy Config Wizard DeviceManager Powering Up the IolanIntroduction Configuration Methods Overview WebManager Menu Command Line InterfaceIOLAN+ Interface Using WebManager to Connect to the Iolan Setting Up the Serial Ports Setting Up UsersUsing DeviceManager to Connect to the Iolan Configuration Files Managing the Iolan Introduction IP SettingsAdvanced Introduction 113 Serial Ports Serial Port Profiles 116 UDP Sockets Profile 142 Control Signal I/O Profile 169 Port Buffering Advanced 197 Introduction 201 User Settings 202Adding/Editing Users 203 223 Introduction 213 Authentication226 231 Services 240Introduction 245 Settings 246 Keys and Certificates 242 Channels Modbus Slave TruePort I/O 283 Modbus I/O Access 278Accessing I/O Data Via TruePort 285 Snmp Traps 289 Introduction 299 Alerts Introduction 295 Option Card Settings296 Management 302 Introduction 313 RPS Control Serial Port Power Control 315Introduction 319 Managing Configuration Files Channels 316 327 323326 329 Configuring a Virtual Private Network 340 Configuring Modbus 333Configuring PPP Dial On Demand 337 Setting Up Printers 338 Introduction 347 361 EIA-232 Cabling Diagrams 371Introduction 359 Valid SSL/TLS Ciphers Serial Pinouts 363 Wiring I/O Diagrams 385 Introduction 391 TruePort Host Problems 411 API I/O Access Over TruePort 392Communication Issues 410 Decoder 393 415 Models 415 IPv6 Issues 416 Contacting Technical Support 417Index Intended Audience PrefaceAbout This Book Documentation Typeface Conventions Online Help About the Iolan IntroductionIolan Family Models Iolan Features Hardware Software Security Ldap Iolan Components ConnectivityIntroduction What’s Included Power Over Ethernet PoE Models Power Supply SpecificationsAvailable Accessories Desktop Models Medical Unit Models Rack Mount Models except Electric Utility modelsElectric Utility models Getting to Know Your Iolan Overview Port Iolan Model LED Label Green light Port Top View End View Console Port/LED View Rack MountSerial/Ethernet View Medical Unit Power/Ethernet ViewSerial View Back Serial/Ethernet/power View Front LED/Console portView Console Mode Console/Serial SwitchSerial Mode Dedicated Console Port Powering Up the IolanDesktop/Rack Mount Models excluding Electric Utility models Models Left VDC + Right Primary Supply DC Power Models excluding Electric Utility modelsEarthing Wire Secondary back-up Supply Disconnecting 48V Power Supplies from the Iolan Wiring Grounding Wiring up an HV unit Terminal # Description Usage Wiring up a DHV unit Wiring up a the Fail-Safe Relay Powering Up the Iolan Configuration Methods Chapter Configures an IP Address Configuration Methods OverviewRequires a Configured IP Address Easy Config Wizard Connecting to the Iolan Using DeviceManager Access PlatformsFeatures DeviceManager DeviceManager Using DeviceManager Navigating the Options Downloading the Configuration WebManager Connecting to the Iolan Using WebManager Iolan Using WebManager Connecting to the Iolan Using the CLI Command Line InterfaceThrough the Network Menu Using the CLIConnecting to the Iolan Using the Menu Through the Serial Port Using the Menu Connecting to the Iolan Using DHCP/BOOTP Using DHCP/BOOTP DHCP/BOOTP Parameters TACACS+ Securid Connecting to the Iolan Using Snmp Snmp Using the Snmp MIB Using the IOLAN+ Interface Connecting to the Iolan to Use the IOLAN+ InterfaceIOLAN+ Interface REMOTE-ADMIN Changes to the IOLAN+ Interface Opt HEX Rlogin/Telnet Remote Access Systems Screen Name Wchiewsds2 Debug mode IP address IOLAN+ Interface Getting Started Easy Configuration Wizard Setting Up the Network Using a Direct Serial Connection to Specify an IP Address Using a Direct Serial Connection to Enable BOOTP/DHCP Using ARP-Ping For an IPv6 Network Setting Up the Serial Ports Setting Up the Serial Ports Setting Up Users Setting Up Users Using DeviceManager WebManager Navigating DeviceManager/WebManager DeviceManager WebManager EasyPort Web Using DeviceManager to Connect to the Iolan Starting a New Session Assigning a Temporary IP Address to a New Iolan Adding/Deleting IOLANs Manually Logging in to the Iolan Creating a New Iolan Configuration in DeviceManager Using WebManager to Connect to the IolanConfiguration Files Logging into the Iolan Importing an Existing Configuration File Opening an Existing Configuration FileManaging the Iolan Network Settings Overview IP SettingsIPv4 Settings Field Descriptions IPv6 Settings Field Format IPv6 address DSN Server Field Format IPv6 address Prefix Bits Range Default Adding/Editing a Custom IPv6 Address Advanced Server Name.Domain Prefix.Domain Name Default Disabled Advertise DHCPv6 Default 100 msDefault 200 ms Configuration Functionality AdvancedHost Table IP Filtering Data Options Fully Qualified Adding/Editing a HostHost Name Domain Name Route List Type Default DefaultAdding/Editing Routes IPv4 Subnet Mask DNS/WINS RIP Editing/Adding DNS/WINS Servers Authentication Ethernet ModeDefault None Password End Time Dynamic DNSOverview Functionality Key User Name Account SettingsDefault Dynamic System Type Cipher Suite Field Descriptions Adding/Editing a Cipher Suite Validation Criteria Field Descriptions IPv6 Tunnels Common Name Name Default ManualAdding/Editing an IPv6 Tunnel Mode 112 Iolan SDS/SCS/STS/MDC User’s Guide, Version Serial Ports Functionality Editing a Serial Port Copying a Serial Port Serial Port Profiles Resetting a Serial PortCommon Tabs Hardware Tab Field Descriptions Enable Inbound Default FullDefault Auto Flow Control Flow Control Default Enabled Enable Outbound Email Alert Tab Field Descriptions Packet Forwarding Tab Field Descriptions Packet Definition Enable Trigger1Enable Trigger2 Packet Size EOF2 Character Default TriggerEOF1 Character Trigger SSL/TLS Settings Tab Field Descriptions Default Client 124 Iolan SDS/SCS/STS/MDC User’s Guide, Version 125 126 Iolan SDS/SCS/STS/MDC User’s Guide, Version General Tab Field Descriptions Default TelnetConsole Management Profile Protocol Advanced Tab Field Descriptions Support Default Disabled Multisessions Enable MicrosoftAdministrator Idle Timeout Modem TruePort ProfilePhone Connect to System Default Enabled Host NameConnect to remote Multiple Hosts Adding/Editing Additional TruePort Hosts Adding/Editing a Multihost Entry 133 Day Motd Default Disabled Enable TCP Signals highWhen Session Timeout Enable DataLogging Connection Workstation/Server on the network Default Enabled TCP Sockets Profile Initiate Connection Received on the serial port Adding/Editing Additional Hosts 139 Day Motd Default Disabled Enable Data 141 UDP Sockets Profile UDP port Direction Default 0 zeroTerminal Profile Start IP Address 145 TVI925 Default DumbVT100 VT320 specifically supporting VT320-7 Default Disabled Protocol Is received Data Range 149 User Service Settings Login Settings Quit Telnet SettingsInterrupt Erase User is only prompted for a password Rlogin SettingsEscape SSH Settings Authentication for the SSH session Slip SettingsRSA authentication for the SSH session Arcfour Routing VJ Compression PPP Settings IPv6 Remote Default ChapNone Remote User Timeout Remote PasswordConfigure Req Default 3 seconds Challenge Interval Default 1 minuteRoaming Callback Address/Control Printer Profile Serial Serial Tunneling ProfileSerial Server Tunnel Client Iolan Tunnel Client Default Disabled Host Name Act As Tunnel Virtual Modem Profile 165 DCD AT Command DTR Signal Acts as RTS Signal Always On RTS Signal Acts asResponse Delay Phone Number to Host Mapping Phone Number Control Signal I/O ProfileVModem Phone Number Entry Host IP Address Description Input Signal Field DescriptionsInvert Signal Latch Manual Clear Auto Clear ModeMode Default Disabled Syslog Output Signal Field Descriptions Failsafe Action Modbus Gateway Profile IP Mappings Settings Button UID RangeDestination Slave Advanced Slave Default 1000 ms Default 30 msAdvanced Field Descriptions Modbus Slave IP Settings Field Descriptions UID Start Adding/Editing Modbus Slave IP SettingsDefault Host UID End Range Default 50 ms Modbus Slave Advanced Settings Field DescriptionsDefault TCP Data Options TCP or UDP Power Management Profile RPS Name Editing Power Management Plug Settings Field DescriptionsDefault RSP820 RPS Model Default Off Remote Access PPP ProfileDefault State Data Options On, Off Negotiate IP Dynamic DNS IPv6 Global Authentication Tab Field Descriptions 185 Account Settings Enable DynamicDNS for this Serial Default Disabled Port Host Dynamic DNS Field Descriptions 187 Enable VJ Configure RequestCompression Default Enabled Enable Protocol Enable Magic MS Direct Host Dial In/OutMS Direct Guest Remote Access Slip Profile 191 192 Iolan SDS/SCS/STS/MDC User’s Guide, Version Custom Application Profile General Tab Field Description Local Port Buffering Port BufferingKeyboard Buttons Hot Keys Direction Field Definitions Remote Port Buffers NFS Host Enable PortData Default Disabled Enable Key Stroke NFS Directory Process Break Advanced Serial Settings TabSignals Deny Multiple String Default ~menuSerial Port Menu Session Escape Adding/Editing a Modem Modems TabName Name of the modem TruePort Baud Rate Tab Field Definitions Configuring Users User Settings Adding/Editing Users General Tab Default Normal Default DSPrompt Services TabService Host IP IPv6 Interface Indentifier Advanced Tab Default English Sessions Tab Session 1, 2, 3 Connect Allow Access to Serial Port Access TabSerial Port Access Clustered Ports 212 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring Security Authentication Primary AuthenticationMethod Default Local Secondary Method Local Radius General Field Descriptions Attributes Field Descriptions Authenticator response Default Enabled RetryAddress Default Enabled NAS-Identifier KDC Domain KerberosRealm KDC Port Base Enable TLSTLS Port Authorization Port Default Authentication Authentication Authorization Primary Host Secondary HostDefault None Authentication Primary Host Default None SecurID NIS Lynn Users Logging into the Iolan Using SSHDevice Server Tracy Lynn Sales Server Users Passing Through the Iolan Using SSH Dir/SilHR Server Field Descriptions Protocol Default DisabledInteractive Default Enabled Password Allow SSH-1 Output Default Disabled Enable VerboseBreak String Button For a valid SSL/TLS connection 228 Iolan SDS/SCS/STS/MDC User’s Guide, Version Adding/Editing a Cipher 230 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN Authentication Algorithms-MD5, SHA1, SHA2 IKE Phase 1 ProposalsESP Phase 2 Proposals IPsec Adding/Editing the IPsec Tunnel Validation Criteria Default LeftSecret/Remote Local Device Shared Secret Field Description Remote Validation Criteria Field Descriptions L2TP/IPsec Allow L2TP/IPsec Exceptions Adding/Editing a VPN Exception Field Description TruePort Full ServicesTelnet Server Syslog Client SSH Server DeviceManagerWebManager Sntp Client Keys and Certificates Key Type 244 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring I/O InterfacesChapter Settings Access Functionality Advanced Slave Modbus Settings Request Queuing Default 30 seconds Failsafe Timer FunctionalityFailsafe Action is triggered Broadcast of I/O Default Disabled Status Enable UDPUDP Functionality UDP Settings UDP Entry Temperature Functionality Default Celsius Monitoring Application A4D2 ChannelsAnalog Analog I/O Analog Default Current Alarm Settings Monitoring Application Digital InputDigital I/O Input Mode 257 Digital Output Default Sink Output ModeOutput Delay Pulse ModeInactive Signal Width Active Signal Width Pulse Count Monitoring Application A4D2Relay RelayRelay I/O Inactive Signal Width Front Door Active SignalDigital I/O Extension Warehouse Perle Iolan Reception Message type 1 Byte Current Alarm State 1 Byte z 0 = Not in alarmInput number 1 Byte Extension Enable I/OInput TCP Port Hosts Local connection Simultaneously Communicate to the Host Temperature Temperature I/O Industrial Freezers Default RTD Alarm Settings Basic Analog Alarm Settings Clear Mode Advanced Analog Alarm SettingsTrigger Type Clear UDP Unicast Format UDP Broadcast Packet Analog Section Length EnabledSection Channel Length Channel Serial Pin Signal SectionDigital/Relay Section Length Pin Modbus Serial Application Connected to the Serial Port Modbus SlaveUDP Unicast Example Modbus Serial Application Connected to the Network Function Codes Modbus I/O AccessModbus TCP Application PC running a Modbus RTU or Ascii Application UID Coil/Register Descriptions Data Model A1/T1 A2/T2 A3/T3 A4/T4 Holding Registers Serial Port Coil/Register DescriptionsA4/T4 Registers Input Registers A4D2/A4R2 Registers Data Model D1/R1 D2/R2 Coils Data Model D3/R1 D4/R2 Coils Serial Pin SignalsD4/D2R2 Registers Data Model Pin Coils TruePort/Modbus Combination Modbus Serial Application TruePort Power Digital OutputTruePort I/O PC running a API Over TruePort Only PC running Custom Application API TruePort Setup Accessing I/O Data Via TruePortIntroduction Command Format Format of API CommandsGet Commands Response Format Set Commands Example 1 Turn on the first relay on a D2R2 unit Successful Response FormatUnsuccessful Response Format Example 2 Turn on the first and second relay on a D2R2 unit Error Codes Snmp Traps 290 Iolan SDS/SCS/STS/MDC User’s Guide, Version Clustering Slave List Configuring Clustering ChapterAdvanced Button Adding Clustering Slaves Advanced Clustering Slave Options Editing Clustering Slave SettingsPort Name Slave TCP Port Master TCP Port Option Card Settings Configuring the Option CardConfiguring the Iolan Modem Card Overview Field Descriptions Configuring a Wireless WAN CardCard APN 298 Iolan SDS/SCS/STS/MDC User’s Guide, Version Alerts Configuring the System ChapterEmail Alerts Alerts Syslog Location ManagementContact Community Default DES Auth Algorithm Data Options MD5, SHA Default MD5Auth Password Privacy Password Confirm Password Trap Algorithm Data Options MD5, SHA Default MD5Privacy Algorithm Data Options DES, AES Default DES Time Network Time Tab Field Descriptions Sntp ModeSntp Version Time Zone/Summer Time Tab Field Descriptions Custom App/Plugin Login Tab Field Descriptions Bootup Files Tab Field Descriptions Filename Message of the Day Motd Tab Field DescriptionsTftp Host Display Motd WebManager EasyPort Web Console Port Tab Field Descriptions Default Flow ControlTftp Tab Field Descriptions Baud Rate 312 Iolan SDS/SCS/STS/MDC User’s Guide, Version Controlling the RPS, I/O Channels, and IPsec Tunnels State Button Management profile settingsRPS Control Plug Control OK Button Closes the window Power Plug Status Serial Port Power ControlButton Serial port Deactivate Output Manually deactivates the channel output IPsec Tunnel Control 318 Iolan SDS/SCS/STS/MDC User’s Guide, Version Managing Configuration Files System Administration ChapterSaving Configuration Files Downloading Configuration Files Downloading Configuration Files to Multiple IOLANs Reboot Server Uploading Configuration Files Specifying a Custom Factory Default Configuration Calibrating I/O Resetting the Iolan to the Default ConfigurationDownloading Iolan Firmware Calibrating Analog Input Calibrating Current Calibrating Temperature InputCalibrating Voltage Calibrating Thermocouple Resetting Calibration Data Calibrating Analog Channels Rebooting the Iolan Setting the IOLAN’s Date and TimeResetting the Iolan to Factory Defaults Language Support Resetting the SecurID Node SecretLoading a Supplied Language Software Upgrades and Language Files Translation Guidance Downloading Terminal Definitions Creating Terminal Definition Files Resetting Configuration Parameters For example Lost Admin Password 332 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring a Slave Gateway Configuring ModbusConfiguring a Master Gateway Applications Modbus Master Gateway Modbus Gateway SettingsModbus Slave Gateway Modbus Slave UID Modbus Serial Port SettingsModbus Master Settings Master Gateway Serial EIA-232 Modbus Master Slave Gateway Modbus Slave SettingsSerial Port EIA-422/485 Modbus Master Modbus Slave UID Configuring PPP Dial On Demand 172.16.0.0 Setting Up Printers Remote Printing Using LPD Remote Printing Using RCP Remote Printing Using Host-Based Print Handling Software Configuring a Virtual Private Network IOLAN-to-Host/Network Or just Network-to-Network 172.16.45.84 192.168.45.87 192.168.45.12 Gateway Router Host-to-HostLeft External IP Address Right 172.16.45.99 344 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN Client-to-Network VPN Client Initiate Communication Router Broadband Right 346 Iolan SDS/SCS/STS/MDC User’s Guide, Version Radius and TACACS+ Appendix a Supported Radius Parameters PPP User level. See Perle Radius Dictionary Example Accounting Message Mapped Radius Parameters to Iolan Parameters Radius Parameter Iolan Parameter Perle Radius Dictionary Example Value Accessing the Iolan Through a Serial Port Users TACACS+ Name Values Description Slip Accessing the Iolan from the Network Users Accessing the Iolan from the Network User Example Settings SSL/TLS Ciphers Valid SSL/TLS Ciphers DES-CBC-MD5 Commands Virtual Modem Initialization Commands AT&Rn AT&SnAT&Cn Serial Pinouts Pinouts and Cabling DiagramsDB25 Male DB25 Female Number Iolan model Pins See RJ45 RJ45 for desktop and rack mount models Pinout EIA-232 Admin Port Serial Ports RJ45 for SCS48C/SCS32C/SCS16C/SCS8C models RJ45 for SDS32C/SDS16C/SDS8C Electric Utility models EIA-485 Pin# EIA-232 EIA-422 Full Duplex Half Duplex DB9 Male Serial Only RJ45 for medical unit models Power Over Ethernet Pinouts DB9 Male I/O DB25 Male EIA-232 Cabling DiagramsTerminal DB25 Connector DB25 Female RJ45 10-pin Pin DB9 Male Modem DB25 Connector Iolan RJ45 DCE RxD TxD DTR 20 DTR GND 376 Iolan SDS/SCS/STS/MDC User’s Guide, Version Setting Jumpers Port Iolan DB25 Male/Female Port Iolan RJ45 P Power Over Ethernet Port Iolan RJ45 Port Iolan DB9 Port Iolan SDS1M Modem Port Iolan Port Desktop Iolan Port/Line # Line Termination 5V Output Input Volt Output Digital I/O Module Analog Input Module 384 Iolan SDS/SCS/STS/MDC User’s Guide, Version Digital Input Wet Contact Wiring I/O DiagramsDigital I/O Digital Input Dry Contact Digital Output Sink Digital Output Source Current Analog InputVoltage RTD 3-Wire Temperature InputRTD 2-Wire Thermocouple Normally Open Contact RTD 4-WireRelay Output Normally Closed Contact 390 Iolan SDS/SCS/STS/MDC User’s Guide, Version Utilities TruePort API Request Format API I/O Access Over TruePortAPI Response Format Error Codes Decoder 394 Iolan SDS/SCS/STS/MDC User’s Guide, Version Accessories Installing a Perle PCI Card Installing a Perle PCI Card Accessories Starter Kit Adapters/Cable RJ45F to DB25M DTE Crossover Adapter RJ45F to DB25M DCE Modem Adapter RJ45F to DB25F DTE Crossover Adapter RJ45F DB25F RJ45F to DB9M DTE Crossover Adapter Sun/Cisco RJ45M Connector Cable for Rack Mount Models RJ45F to DB9F DTE Crossover Adapter SCS48C/SCS32C/SCS16C/SCS8C Starter Kit Adapters/Cable GND DTR 20 DTR DSR RJ45F to DB25F DTE Crossover Adapter 406 Iolan SDS/SCS/STS/MDC User’s Guide, Version Sun/Cisco Roll-Over Adapter for Rack Mount Models RJ45F 408 Iolan SDS/SCS/STS/MDC User’s Guide, Version Troubleshooting Hardware Troubleshooting Power/Ready LED Labels Communication IssuesDeviceManager Problems General communication checks and practices are as follows Host Problems Radius Authentication Problems Login Problems Problems with Terminals Language Problems DHCP/BOOTP ProblemsCallback Problems You observe Tftp errors when the Iolan boots, for example Printing Problems Modem ProblemsPPP Problems Long Reboot Cycle Could not obtain peers certificate Certificate did not match configurationModels An A4R2 model is starting/stopping IPv6 Issues Contacting Technical Support Making a Technical Support Query Repair Procedure Feedback on this Manual Glossary Authentication Dial Users Services Reverse Connection PAP PasswordAuthentication Protocol Radius Remote RIP Routing Index API Ldap Radius