Base, Enable TLS, TLS Port | Perle Systems 5500161-40 guide

Authentication

LDAP

Overview

If you are using LDAP with TLS, you need to download a CA list to the IOLAN that includes the certificate authority (CA) that signed the LDAP certificate on the LDAP host by selecting Tools, Advanced, Keys and Certificates. See Keys and Certificates on page 242 for more information on the LDAP certificate.

Field Descriptions

Configure the following parameters:

Host Name	The name or IP address of the LDAP host. If you use a host name, that host
	must either have been defined in the IOLAN’s Host Table before the last
	reboot or be resolved by DNS. If you are using TLS, you must enter the same
	string you used to create the LDAP certificate that resides on your LDAP
	server.
Port	The port that the LDAP host listens to for authentication requests.
	Default: 389
Base	The domain component (dc) that is the starting point for the search for user
	authentication.
Enable TLS	Enables/disables the Transport Layer Security (TLS) with the LDAP host.
	Default: Disabled
TLS Port	Specify the port number that LDAP will use for TLS.
	Default: 636

219

Image 219

Perle Systems 5500161-40 manual Base, Enable TLS, TLS Port

Contents

Iolan SDS/SCS/STS/MDC EN 55022 1998, Class A, Note Table of Contents Getting to Know Your Iolan Power Supply Specifications WebManager Powering Up the IolanIntroduction Configuration Methods Overview Easy Config Wizard DeviceManager Command Line Interface MenuIOLAN+ Interface Configuration Files Setting Up the Serial Ports Setting Up UsersUsing DeviceManager to Connect to the Iolan Using WebManager to Connect to the Iolan Introduction IP Settings Managing the IolanAdvanced Serial Port Profiles 116 Introduction 113 Serial Ports UDP Sockets Profile 142 Port Buffering Control Signal I/O Profile 169 Introduction 201 User Settings 202 Advanced 197Adding/Editing Users 203 Introduction 213 Authentication 223226 Keys and Certificates 242 Services 240Introduction 245 Settings 246 231 Modbus Slave Channels Snmp Traps 289 Modbus I/O Access 278Accessing I/O Data Via TruePort 285 TruePort I/O 283 Management 302 Introduction 295 Option Card Settings296 Introduction 299 Alerts Channels 316 Serial Port Power Control 315Introduction 319 Managing Configuration Files Introduction 313 RPS Control 329 323326 327 Introduction 347 Configuring Modbus 333Configuring PPP Dial On Demand 337 Setting Up Printers 338 Configuring a Virtual Private Network 340 Serial Pinouts 363 EIA-232 Cabling Diagrams 371Introduction 359 Valid SSL/TLS Ciphers 361 Introduction 391 TruePort Wiring I/O Diagrams 385 Decoder 393 API I/O Access Over TruePort 392Communication Issues 410 Host Problems 411 Models 415 IPv6 Issues 416 Contacting Technical Support 417 415Index Documentation PrefaceAbout This Book Intended Audience Online Help Typeface Conventions Introduction About the IolanIolan Family Models Hardware Iolan Features Software Ldap Security What’s Included ConnectivityIntroduction Iolan Components Desktop Models Power Supply SpecificationsAvailable Accessories Power Over Ethernet PoE Models Rack Mount Models except Electric Utility models Medical Unit ModelsElectric Utility models Overview Getting to Know Your Iolan Iolan Model LED Label Green light Port Port End View Top View Rack Mount Console Port/LED ViewSerial/Ethernet View Power/Ethernet View Medical UnitSerial View Front LED/Console portView Back Serial/Ethernet/power View Console/Serial Switch Console ModeSerial Mode Powering Up the Iolan Dedicated Console PortDesktop/Rack Mount Models excluding Electric Utility models Left VDC + Right Models Secondary back-up Supply DC Power Models excluding Electric Utility modelsEarthing Wire Primary Supply Disconnecting 48V Power Supplies from the Iolan Grounding Wiring Terminal # Description Usage Wiring up an HV unit Wiring up a DHV unit Wiring up a the Fail-Safe Relay Powering Up the Iolan Configuration Methods Chapter Configuration Methods Overview Configures an IP AddressRequires a Configured IP Address Easy Config Wizard DeviceManager Access PlatformsFeatures Connecting to the Iolan Using DeviceManager DeviceManager Navigating the Options Using DeviceManager WebManager Downloading the Configuration Iolan Connecting to the Iolan Using WebManager Using WebManager Command Line Interface Connecting to the Iolan Using the CLIThrough the Network Through the Serial Port Using the CLIConnecting to the Iolan Using the Menu Menu Using the Menu Using DHCP/BOOTP Connecting to the Iolan Using DHCP/BOOTP TACACS+ Securid DHCP/BOOTP Parameters Snmp Connecting to the Iolan Using Snmp Using the Snmp MIB Connecting to the Iolan to Use the IOLAN+ Interface Using the IOLAN+ InterfaceIOLAN+ Interface Changes to the IOLAN+ Interface REMOTE-ADMIN Opt HEX Rlogin/Telnet Remote Access Systems Screen Name Wchiewsds2 Debug mode IP address IOLAN+ Interface Getting Started Easy Configuration Wizard Setting Up the Network Using a Direct Serial Connection to Specify an IP Address Using a Direct Serial Connection to Enable BOOTP/DHCP For an IPv6 Network Using ARP-Ping Setting Up the Serial Ports Setting Up the Serial Ports Setting Up Users Setting Up Users Using DeviceManager WebManager DeviceManager Navigating DeviceManager/WebManager EasyPort Web WebManager Starting a New Session Using DeviceManager to Connect to the Iolan Assigning a Temporary IP Address to a New Iolan Logging in to the Iolan Adding/Deleting IOLANs Manually Logging into the Iolan Using WebManager to Connect to the IolanConfiguration Files Creating a New Iolan Configuration in DeviceManager Opening an Existing Configuration File Importing an Existing Configuration FileManaging the Iolan Network Settings Field Descriptions IP SettingsIPv4 Settings Overview IPv6 Settings Field Format IPv6 address Field Format IPv6 address DSN Server Adding/Editing a Custom IPv6 Address Prefix Bits Range Default Server Name.Domain Prefix.Domain Name Advanced Configuration Default 100 msDefault 200 ms Default Disabled Advertise DHCPv6 IP Filtering Data Options AdvancedHost Table Functionality Domain Name Adding/Editing a HostHost Name Fully Qualified Route List IPv4 Subnet Mask Default DefaultAdding/Editing Routes Type DNS/WINS Editing/Adding DNS/WINS Servers RIP Password Ethernet ModeDefault None Authentication Key Dynamic DNSOverview Functionality End Time System Type Account SettingsDefault Dynamic User Name Cipher Suite Field Descriptions Adding/Editing a Cipher Suite Validation Criteria Field Descriptions Common Name IPv6 Tunnels Mode Default ManualAdding/Editing an IPv6 Tunnel Name 112 Iolan SDS/SCS/STS/MDC User’s Guide, Version Functionality Serial Ports Editing a Serial Port Copying a Serial Port Resetting a Serial Port Serial Port ProfilesCommon Tabs Hardware Tab Field Descriptions Flow Control Default Enabled Enable Outbound Default FullDefault Auto Flow Control Enable Inbound Email Alert Tab Field Descriptions Packet Forwarding Tab Field Descriptions Packet Size Enable Trigger1Enable Trigger2 Packet Definition Trigger Default TriggerEOF1 Character EOF2 Character Default Client SSL/TLS Settings Tab Field Descriptions 124 Iolan SDS/SCS/STS/MDC User’s Guide, Version 125 126 Iolan SDS/SCS/STS/MDC User’s Guide, Version Protocol Default TelnetConsole Management Profile General Tab Field Descriptions Advanced Tab Field Descriptions Idle Timeout Enable MicrosoftAdministrator Support Default Disabled Multisessions TruePort Profile ModemPhone Multiple Hosts System Default Enabled Host NameConnect to remote Connect to Adding/Editing a Multihost Entry Adding/Editing Additional TruePort Hosts 133 Signals high Day Motd Default Disabled Enable TCPWhen Enable Data Session TimeoutLogging TCP Sockets Profile Connection Workstation/Server on the network Default Enabled Received on the serial port Initiate Connection Adding/Editing Additional Hosts 139 Day Motd Default Disabled Enable Data 141 UDP Sockets Profile UDP port Start IP Address Default 0 zeroTerminal Profile Direction 145 VT320 specifically supporting VT320-7 Default DumbVT100 TVI925 Is received Default Disabled Protocol Data Range 149 Login Settings User Service Settings Erase Telnet SettingsInterrupt Quit Rlogin Settings User is only prompted for a passwordEscape SSH Settings Arcfour Slip SettingsRSA authentication for the SSH session Authentication for the SSH session VJ Compression Routing PPP Settings Default Chap IPv6 RemoteNone Remote User Default 3 seconds Remote PasswordConfigure Req Timeout Address/Control Default 1 minuteRoaming Callback Challenge Interval Printer Profile Client Iolan Tunnel Serial Tunneling ProfileSerial Server Tunnel Serial Act As Tunnel Client Default Disabled Host Name Virtual Modem Profile 165 DCD DTR Signal Acts as RTS Signal Always On RTS Signal Acts as AT CommandResponse Delay Phone Number to Host Mapping Host IP Address Control Signal I/O ProfileVModem Phone Number Entry Phone Number Latch Input Signal Field DescriptionsInvert Signal Description Syslog Auto Clear ModeMode Default Disabled Manual Clear Failsafe Action Output Signal Field Descriptions Modbus Gateway Profile Advanced Slave Settings Button UID RangeDestination Slave IP Mappings Default 30 ms Default 1000 msAdvanced Field Descriptions Modbus Slave IP Settings Field Descriptions UID End Adding/Editing Modbus Slave IP SettingsDefault Host UID Start Data Options TCP or UDP Modbus Slave Advanced Settings Field DescriptionsDefault TCP Range Default 50 ms Power Management Profile RPS Model Editing Power Management Plug Settings Field DescriptionsDefault RSP820 RPS Name Data Options On, Off Remote Access PPP ProfileDefault State Default Off Dynamic DNS Negotiate IP IPv6 Global Authentication Tab Field Descriptions 185 Dynamic DNS Field Descriptions Enable DynamicDNS for this Serial Default Disabled Port Host Account Settings 187 Enable Magic Configure RequestCompression Default Enabled Enable Protocol Enable VJ Dial In/Out MS Direct HostMS Direct Guest Remote Access Slip Profile 191 192 Iolan SDS/SCS/STS/MDC User’s Guide, Version General Tab Field Description Custom Application Profile Port Buffering Local Port BufferingKeyboard Buttons Hot Keys Direction Remote Port Buffers Field Definitions NFS Directory Enable PortData Default Disabled Enable Key Stroke NFS Host Deny Multiple Advanced Serial Settings TabSignals Process Break Session Escape Default ~menuSerial Port Menu String Modems Tab Adding/Editing a ModemName Name of the modem Field Definitions TruePort Baud Rate Tab Configuring Users User Settings General Tab Adding/Editing Users Default Normal Host IP Services TabService Default DSPrompt Indentifier IPv6 Interface Advanced Tab Default English Sessions Tab Connect Session 1, 2, 3 Clustered Ports Serial Port Access TabSerial Port Access Allow Access to 212 Iolan SDS/SCS/STS/MDC User’s Guide, Version Authentication Configuring Security Method AuthenticationMethod Default Local Secondary Primary Local General Field Descriptions Radius NAS-Identifier Authenticator response Default Enabled RetryAddress Default Enabled Attributes Field Descriptions KDC Port KerberosRealm KDC Domain Enable TLS BaseTLS Port Primary Host Default None Authentication Authorization Primary Host Secondary HostDefault None Authentication Authorization Port Default Authentication SecurID NIS Tracy Users Logging into the Iolan Using SSHDevice Server Lynn Users Passing Through the Iolan Using SSH Dir/Sil Lynn Sales ServerHR Server Allow SSH-1 Protocol Default DisabledInteractive Default Enabled Password Field Descriptions Enable Verbose Output Default DisabledBreak String Button For a valid SSL/TLS connection 228 Iolan SDS/SCS/STS/MDC User’s Guide, Version Adding/Editing a Cipher 230 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN IPsec IKE Phase 1 ProposalsESP Phase 2 Proposals Authentication Algorithms-MD5, SHA1, SHA2 Adding/Editing the IPsec Tunnel Local Device Default LeftSecret/Remote Validation Criteria Shared Secret Field Description Remote Validation Criteria Field Descriptions Allow L2TP/IPsec L2TP/IPsec Exceptions Field Description Adding/Editing a VPN Exception Syslog Client ServicesTelnet Server TruePort Full Sntp Client DeviceManagerWebManager SSH Server Keys and Certificates Key Type 244 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring I/O InterfacesChapter Access Functionality Settings Advanced Slave Modbus Settings Request Queuing Failsafe Timer Functionality Default 30 secondsFailsafe Action is triggered Enable UDP Broadcast of I/O Default Disabled StatusUDP Functionality UDP Entry UDP Settings Default Celsius Temperature Functionality Analog I/O Analog ChannelsAnalog Monitoring Application A4D2 Alarm Settings Default Current Digital Input Monitoring ApplicationDigital I/O Input Mode 257 Digital Output Output Mode Default SinkOutput Pulse Count Pulse ModeInactive Signal Width Active Signal Width Delay Relay Monitoring Application A4D2RelayRelay I/O Width Inactive Signal Warehouse Perle Iolan Reception Active SignalDigital I/O Extension Front Door Current Alarm State 1 Byte z 0 = Not in alarm Message type 1 ByteInput number 1 Byte Enable I/O ExtensionInput TCP Port Local connection Hosts Simultaneously Communicate to the Host Temperature I/O Industrial Freezers Temperature Default RTD Basic Analog Alarm Settings Alarm Settings Advanced Analog Alarm Settings Clear ModeTrigger Type Clear UDP Broadcast Packet UDP Unicast Format Length Enabled Analog SectionSection Channel Length Pin Serial Pin Signal SectionDigital/Relay Section Length Channel Modbus Serial Application Connected to the Network Modbus SlaveUDP Unicast Example Modbus Serial Application Connected to the Serial Port PC running a Modbus RTU or Ascii Application UID Modbus I/O AccessModbus TCP Application Function Codes Coil/Register Descriptions Input Registers Serial Port Coil/Register DescriptionsA4/T4 Registers Data Model A1/T1 A2/T2 A3/T3 A4/T4 Holding Registers Data Model D1/R1 D2/R2 Coils A4D2/A4R2 Registers Data Model Pin Coils Serial Pin SignalsD4/D2R2 Registers Data Model D3/R1 D4/R2 Coils PC running a Modbus Serial Application TruePort Power Digital OutputTruePort I/O TruePort/Modbus Combination PC running Custom Application API TruePort API Over TruePort Only Accessing I/O Data Via TruePort SetupIntroduction Response Format Format of API CommandsGet Commands Command Format Set Commands Example 2 Turn on the first and second relay on a D2R2 unit Successful Response FormatUnsuccessful Response Format Example 1 Turn on the first relay on a D2R2 unit Snmp Traps Error Codes 290 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring Clustering Chapter Clustering Slave ListAdvanced Button Adding Clustering Slaves Editing Clustering Slave Settings Advanced Clustering Slave OptionsPort Name Master TCP Port Slave TCP Port Configuring the Option Card Option Card SettingsConfiguring the Iolan Modem Card Configuring a Wireless WAN Card Overview Field DescriptionsCard APN 298 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring the System Chapter AlertsEmail Alerts Alerts Syslog Community ManagementContact Location Privacy Password Auth Algorithm Data Options MD5, SHA Default MD5Auth Password Default DES Time Algorithm Data Options MD5, SHA Default MD5Privacy Algorithm Data Options DES, AES Default DES Confirm Password Trap Sntp Mode Network Time Tab Field DescriptionsSntp Version Time Zone/Summer Time Tab Field Descriptions Custom App/Plugin Login Tab Field Descriptions Bootup Files Tab Field Descriptions Display Motd WebManager EasyPort Web Message of the Day Motd Tab Field DescriptionsTftp Host Filename Baud Rate Default Flow ControlTftp Tab Field Descriptions Console Port Tab Field Descriptions 312 Iolan SDS/SCS/STS/MDC User’s Guide, Version State Button Management profile settings Controlling the RPS, I/O Channels, and IPsec TunnelsRPS Control OK Button Closes the window Plug Control Serial Port Power Control Power Plug StatusButton Serial port Deactivate Output Manually deactivates the channel output IPsec Tunnel Control 318 Iolan SDS/SCS/STS/MDC User’s Guide, Version System Administration Chapter Managing Configuration FilesSaving Configuration Files Downloading Configuration Files Reboot Server Downloading Configuration Files to Multiple IOLANs Specifying a Custom Factory Default Configuration Uploading Configuration Files Calibrating Analog Input Resetting the Iolan to the Default ConfigurationDownloading Iolan Firmware Calibrating I/O Calibrating Thermocouple Calibrating Temperature InputCalibrating Voltage Calibrating Current Calibrating Analog Channels Resetting Calibration Data Setting the IOLAN’s Date and Time Rebooting the IolanResetting the Iolan to Factory Defaults Resetting the SecurID Node Secret Language SupportLoading a Supplied Language Translation Guidance Software Upgrades and Language Files Creating Terminal Definition Files Downloading Terminal Definitions For example Resetting Configuration Parameters Lost Admin Password 332 Iolan SDS/SCS/STS/MDC User’s Guide, Version Applications Configuring ModbusConfiguring a Master Gateway Configuring a Slave Gateway Modbus Gateway Settings Modbus Master GatewayModbus Slave Gateway Master Gateway Serial EIA-232 Modbus Serial Port SettingsModbus Master Settings Modbus Slave UID Modbus Slave Settings Modbus Master Slave GatewaySerial Port EIA-422/485 Modbus Master Modbus Slave UID 172.16.0.0 Configuring PPP Dial On Demand Remote Printing Using LPD Setting Up Printers Remote Printing Using Host-Based Print Handling Software Remote Printing Using RCP IOLAN-to-Host/Network Configuring a Virtual Private Network Or just 172.16.45.84 192.168.45.87 192.168.45.12 Network-to-Network 172.16.45.99 Host-to-HostLeft External IP Address Right Gateway Router 344 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN Client Initiate Communication Router Broadband Right VPN Client-to-Network 346 Iolan SDS/SCS/STS/MDC User’s Guide, Version Supported Radius Parameters Radius and TACACS+ Appendix a PPP User level. See Perle Radius Dictionary Example Accounting Message Radius Parameter Iolan Parameter Mapped Radius Parameters to Iolan Parameters Perle Radius Dictionary Example Value TACACS+ Accessing the Iolan Through a Serial Port Users Name Values Description Slip Accessing the Iolan from the Network Users Accessing the Iolan from the Network User Example Settings Valid SSL/TLS Ciphers SSL/TLS Ciphers DES-CBC-MD5 Virtual Modem Initialization Commands Commands AT&Sn AT&RnAT&Cn Pinouts and Cabling Diagrams Serial PinoutsDB25 Male DB25 Female RJ45 Number Iolan model Pins See RJ45 for desktop and rack mount models RJ45 for SCS48C/SCS32C/SCS16C/SCS8C models Pinout EIA-232 Admin Port Serial Ports EIA-485 Pin# EIA-232 EIA-422 Full Duplex Half Duplex RJ45 for SDS32C/SDS16C/SDS8C Electric Utility models RJ45 for medical unit models DB9 Male Serial Only DB9 Male I/O Power Over Ethernet Pinouts DB25 Female EIA-232 Cabling DiagramsTerminal DB25 Connector DB25 Male 10-pin Pin RJ45 DB9 Male Iolan RJ45 DCE Modem DB25 Connector RxD TxD DTR 20 DTR GND 376 Iolan SDS/SCS/STS/MDC User’s Guide, Version Port Iolan DB25 Male/Female Setting Jumpers Port Iolan RJ45 Port Iolan RJ45 P Power Over Ethernet Port Iolan SDS1M Modem Port Iolan DB9 Port Iolan Port/Line # Line Termination 5V Output Input Volt Output Port Desktop Iolan Digital I/O Module Analog Input Module 384 Iolan SDS/SCS/STS/MDC User’s Guide, Version Digital Input Dry Contact Wiring I/O DiagramsDigital I/O Digital Input Wet Contact Digital Output Source Digital Output Sink Analog Input CurrentVoltage Thermocouple Temperature InputRTD 2-Wire RTD 3-Wire Normally Closed Contact RTD 4-WireRelay Output Normally Open Contact 390 Iolan SDS/SCS/STS/MDC User’s Guide, Version TruePort Utilities API I/O Access Over TruePort API Request FormatAPI Response Format Decoder Error Codes 394 Iolan SDS/SCS/STS/MDC User’s Guide, Version Installing a Perle PCI Card Accessories Installing a Perle PCI Card Accessories RJ45F to DB25M DTE Crossover Adapter Starter Kit Adapters/Cable RJ45F to DB25M DCE Modem Adapter RJ45F DB25F RJ45F to DB25F DTE Crossover Adapter RJ45F to DB9M DTE Crossover Adapter RJ45F to DB9F DTE Crossover Adapter Sun/Cisco RJ45M Connector Cable for Rack Mount Models SCS48C/SCS32C/SCS16C/SCS8C Starter Kit Adapters/Cable GND DTR 20 DTR DSR RJ45F to DB25F DTE Crossover Adapter 406 Iolan SDS/SCS/STS/MDC User’s Guide, Version RJ45F Sun/Cisco Roll-Over Adapter for Rack Mount Models 408 Iolan SDS/SCS/STS/MDC User’s Guide, Version Hardware Troubleshooting Troubleshooting General communication checks and practices are as follows Communication IssuesDeviceManager Problems Power/Ready LED Labels Radius Authentication Problems Host Problems Problems with Terminals Login Problems You observe Tftp errors when the Iolan boots, for example DHCP/BOOTP ProblemsCallback Problems Language Problems Long Reboot Cycle Modem ProblemsPPP Problems Printing Problems An A4R2 model is starting/stopping Certificate did not match configurationModels Could not obtain peers certificate IPv6 Issues Making a Technical Support Query Contacting Technical Support Feedback on this Manual Repair Procedure Glossary RIP Routing PAP PasswordAuthentication Protocol Radius Remote Authentication Dial Users Services Reverse Connection API Index Ldap Radius