Adding/Editing a Cipher, Encryption | Perle Systems 5500161-40

SSL/TLS

Adding/Editing a Cipher

See Appendix B, SSL/TLS Ciphers on page 359 for a list of valid SSL/TLS ciphers.

Configure the following parameters:

Encryption	Select the type of encryption that will be used for the SSL connection.
	Data Options:
	z Any—Will use the first encryption format that can be negotiated.
	z	AES
	z	3DES
	z	DES
	z	ARCFOUR
	z	ARCTWO
	Default: Any
Min Key Size	The minimum key size value that will be used for the specified encryption
	type.
	Data Options: 40, 56, 64, 128, 168, 256
	Default: 40
Max Key Size	The maximum key size value that will be used for the specified encryption
	type.
	Data Options: 40, 56, 64, 128, 168, 256
	Default: 256
Key Exchange	The type of key to exchange for the encryption format.
	Data Options:

z Any—Any key exchange that is valid is used (this does not, however, include ADH keys).

z RSA—This is an RSA key exchange using an RSA key and certificate.

z EDH-RSA—This is an EDH key exchange using an RSA key and certificate.

z EDH-DSS—This is an EDH key exchange using a DSA key and certificate.

z ADH—This is an anonymous key exchange which does not require a private key or certificate. Choose this key if you do not want to authenticate the peer device, but you want the data encrypted on the SSL/TLS connection.

Default: Any

229

Image 229

Perle Systems 5500161-40 manual Adding/Editing a Cipher, Encryption

Contents

Iolan SDS/SCS/STS/MDC EN 55022 1998, Class A, Note Table of Contents Getting to Know Your Iolan Power Supply Specifications Introduction Configuration Methods Overview Powering Up the IolanEasy Config Wizard DeviceManager WebManager Menu Command Line InterfaceIOLAN+ Interface Using DeviceManager to Connect to the Iolan Setting Up the Serial Ports Setting Up UsersUsing WebManager to Connect to the Iolan Configuration Files Managing the Iolan Introduction IP SettingsAdvanced Serial Port Profiles 116 Introduction 113 Serial Ports UDP Sockets Profile 142 Port Buffering Control Signal I/O Profile 169 Advanced 197 Introduction 201 User Settings 202Adding/Editing Users 203 223 Introduction 213 Authentication226 Introduction 245 Settings 246 Services 240231 Keys and Certificates 242 Modbus Slave Channels Accessing I/O Data Via TruePort 285 Modbus I/O Access 278TruePort I/O 283 Snmp Traps 289 296 Introduction 295 Option Card SettingsIntroduction 299 Alerts Management 302 Introduction 319 Managing Configuration Files Serial Port Power Control 315Introduction 313 RPS Control Channels 316 326 323327 329 Configuring PPP Dial On Demand 337 Setting Up Printers 338 Configuring Modbus 333Configuring a Virtual Private Network 340 Introduction 347 Introduction 359 Valid SSL/TLS Ciphers EIA-232 Cabling Diagrams 371361 Serial Pinouts 363 Introduction 391 TruePort Wiring I/O Diagrams 385 Communication Issues 410 API I/O Access Over TruePort 392Host Problems 411 Decoder 393 415 Models 415 IPv6 Issues 416 Contacting Technical Support 417Index About This Book PrefaceIntended Audience Documentation Online Help Typeface Conventions About the Iolan IntroductionIolan Family Models Hardware Iolan Features Software Ldap Security Introduction ConnectivityIolan Components What’s Included Available Accessories Power Supply SpecificationsPower Over Ethernet PoE Models Desktop Models Medical Unit Models Rack Mount Models except Electric Utility modelsElectric Utility models Overview Getting to Know Your Iolan Iolan Model LED Label Green light Port Port End View Top View Console Port/LED View Rack MountSerial/Ethernet View Medical Unit Power/Ethernet ViewSerial View Front LED/Console portView Back Serial/Ethernet/power View Console Mode Console/Serial SwitchSerial Mode Dedicated Console Port Powering Up the IolanDesktop/Rack Mount Models excluding Electric Utility models Left VDC + Right Models Earthing Wire DC Power Models excluding Electric Utility modelsPrimary Supply Secondary back-up Supply Disconnecting 48V Power Supplies from the Iolan Grounding Wiring Terminal # Description Usage Wiring up an HV unit Wiring up a DHV unit Wiring up a the Fail-Safe Relay Powering Up the Iolan Configuration Methods Chapter Configures an IP Address Configuration Methods OverviewRequires a Configured IP Address Easy Config Wizard Features Access PlatformsConnecting to the Iolan Using DeviceManager DeviceManager DeviceManager Navigating the Options Using DeviceManager WebManager Downloading the Configuration Iolan Connecting to the Iolan Using WebManager Using WebManager Connecting to the Iolan Using the CLI Command Line InterfaceThrough the Network Connecting to the Iolan Using the Menu Using the CLIMenu Through the Serial Port Using the Menu Using DHCP/BOOTP Connecting to the Iolan Using DHCP/BOOTP TACACS+ Securid DHCP/BOOTP Parameters Snmp Connecting to the Iolan Using Snmp Using the Snmp MIB Using the IOLAN+ Interface Connecting to the Iolan to Use the IOLAN+ InterfaceIOLAN+ Interface Changes to the IOLAN+ Interface REMOTE-ADMIN Opt HEX Rlogin/Telnet Remote Access Systems Screen Name Wchiewsds2 Debug mode IP address IOLAN+ Interface Getting Started Easy Configuration Wizard Setting Up the Network Using a Direct Serial Connection to Specify an IP Address Using a Direct Serial Connection to Enable BOOTP/DHCP For an IPv6 Network Using ARP-Ping Setting Up the Serial Ports Setting Up the Serial Ports Setting Up Users Setting Up Users Using DeviceManager WebManager DeviceManager Navigating DeviceManager/WebManager EasyPort Web WebManager Starting a New Session Using DeviceManager to Connect to the Iolan Assigning a Temporary IP Address to a New Iolan Logging in to the Iolan Adding/Deleting IOLANs Manually Configuration Files Using WebManager to Connect to the IolanCreating a New Iolan Configuration in DeviceManager Logging into the Iolan Importing an Existing Configuration File Opening an Existing Configuration FileManaging the Iolan Network Settings IPv4 Settings IP SettingsOverview Field Descriptions IPv6 Settings Field Format IPv6 address Field Format IPv6 address DSN Server Adding/Editing a Custom IPv6 Address Prefix Bits Range Default Server Name.Domain Prefix.Domain Name Advanced Default 200 ms Default 100 msDefault Disabled Advertise DHCPv6 Configuration Host Table AdvancedFunctionality IP Filtering Data Options Host Name Adding/Editing a HostFully Qualified Domain Name Route List Adding/Editing Routes Default DefaultType IPv4 Subnet Mask DNS/WINS Editing/Adding DNS/WINS Servers RIP Default None Ethernet ModeAuthentication Password Overview Functionality Dynamic DNSEnd Time Key Default Dynamic Account SettingsUser Name System Type Cipher Suite Field Descriptions Adding/Editing a Cipher Suite Validation Criteria Field Descriptions Common Name IPv6 Tunnels Adding/Editing an IPv6 Tunnel Default ManualName Mode 112 Iolan SDS/SCS/STS/MDC User’s Guide, Version Functionality Serial Ports Editing a Serial Port Copying a Serial Port Serial Port Profiles Resetting a Serial PortCommon Tabs Hardware Tab Field Descriptions Default Auto Flow Control Default FullEnable Inbound Flow Control Default Enabled Enable Outbound Email Alert Tab Field Descriptions Packet Forwarding Tab Field Descriptions Enable Trigger2 Enable Trigger1Packet Definition Packet Size EOF1 Character Default TriggerEOF2 Character Trigger Default Client SSL/TLS Settings Tab Field Descriptions 124 Iolan SDS/SCS/STS/MDC User’s Guide, Version 125 126 Iolan SDS/SCS/STS/MDC User’s Guide, Version Console Management Profile Default TelnetGeneral Tab Field Descriptions Protocol Advanced Tab Field Descriptions Administrator Enable MicrosoftSupport Default Disabled Multisessions Idle Timeout Modem TruePort ProfilePhone Connect to remote System Default Enabled Host NameConnect to Multiple Hosts Adding/Editing a Multihost Entry Adding/Editing Additional TruePort Hosts 133 Day Motd Default Disabled Enable TCP Signals highWhen Session Timeout Enable DataLogging TCP Sockets Profile Connection Workstation/Server on the network Default Enabled Received on the serial port Initiate Connection Adding/Editing Additional Hosts 139 Day Motd Default Disabled Enable Data 141 UDP Sockets Profile UDP port Terminal Profile Default 0 zeroDirection Start IP Address 145 VT100 Default DumbTVI925 VT320 specifically supporting VT320-7 Is received Default Disabled Protocol Data Range 149 Login Settings User Service Settings Interrupt Telnet SettingsQuit Erase User is only prompted for a password Rlogin SettingsEscape SSH Settings RSA authentication for the SSH session Slip SettingsAuthentication for the SSH session Arcfour VJ Compression Routing PPP Settings IPv6 Remote Default ChapNone Remote User Configure Req Remote PasswordTimeout Default 3 seconds Roaming Callback Default 1 minuteChallenge Interval Address/Control Printer Profile Serial Server Tunnel Serial Tunneling ProfileSerial Client Iolan Tunnel Act As Tunnel Client Default Disabled Host Name Virtual Modem Profile 165 DCD AT Command DTR Signal Acts as RTS Signal Always On RTS Signal Acts asResponse Delay Phone Number to Host Mapping VModem Phone Number Entry Control Signal I/O ProfilePhone Number Host IP Address Invert Signal Input Signal Field DescriptionsDescription Latch Mode Default Disabled Auto Clear ModeManual Clear Syslog Failsafe Action Output Signal Field Descriptions Modbus Gateway Profile Destination Slave Settings Button UID RangeIP Mappings Advanced Slave Default 1000 ms Default 30 msAdvanced Field Descriptions Modbus Slave IP Settings Field Descriptions Default Host Adding/Editing Modbus Slave IP SettingsUID Start UID End Default TCP Modbus Slave Advanced Settings Field DescriptionsRange Default 50 ms Data Options TCP or UDP Power Management Profile Default RSP820 Editing Power Management Plug Settings Field DescriptionsRPS Name RPS Model Default State Remote Access PPP ProfileDefault Off Data Options On, Off Dynamic DNS Negotiate IP IPv6 Global Authentication Tab Field Descriptions 185 DNS for this Serial Default Disabled Port Host Enable DynamicAccount Settings Dynamic DNS Field Descriptions 187 Compression Default Enabled Enable Protocol Configure RequestEnable VJ Enable Magic MS Direct Host Dial In/OutMS Direct Guest Remote Access Slip Profile 191 192 Iolan SDS/SCS/STS/MDC User’s Guide, Version General Tab Field Description Custom Application Profile Local Port Buffering Port BufferingKeyboard Buttons Hot Keys Direction Remote Port Buffers Field Definitions Data Default Disabled Enable Key Stroke Enable PortNFS Host NFS Directory Signals Advanced Serial Settings TabProcess Break Deny Multiple Serial Port Menu Default ~menuString Session Escape Adding/Editing a Modem Modems TabName Name of the modem Field Definitions TruePort Baud Rate Tab Configuring Users User Settings General Tab Adding/Editing Users Default Normal Service Services TabDefault DSPrompt Host IP Indentifier IPv6 Interface Advanced Tab Default English Sessions Tab Connect Session 1, 2, 3 Serial Port Access Serial Port Access TabAllow Access to Clustered Ports 212 Iolan SDS/SCS/STS/MDC User’s Guide, Version Authentication Configuring Security Method Default Local Secondary AuthenticationPrimary Method Local General Field Descriptions Radius Address Default Enabled Authenticator response Default Enabled RetryAttributes Field Descriptions NAS-Identifier Realm KerberosKDC Domain KDC Port Base Enable TLSTLS Port Default None Authentication Authentication Authorization Primary Host Secondary HostAuthorization Port Default Authentication Primary Host Default None SecurID NIS Device Server Users Logging into the Iolan Using SSHLynn Tracy Lynn Sales Server Users Passing Through the Iolan Using SSH Dir/SilHR Server Interactive Default Enabled Password Protocol Default DisabledField Descriptions Allow SSH-1 Output Default Disabled Enable VerboseBreak String Button For a valid SSL/TLS connection 228 Iolan SDS/SCS/STS/MDC User’s Guide, Version Adding/Editing a Cipher 230 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN ESP Phase 2 Proposals IKE Phase 1 ProposalsAuthentication Algorithms-MD5, SHA1, SHA2 IPsec Adding/Editing the IPsec Tunnel Secret/Remote Default LeftValidation Criteria Local Device Shared Secret Field Description Remote Validation Criteria Field Descriptions Allow L2TP/IPsec L2TP/IPsec Exceptions Field Description Adding/Editing a VPN Exception Telnet Server ServicesTruePort Full Syslog Client WebManager DeviceManagerSSH Server Sntp Client Keys and Certificates Key Type 244 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring I/O InterfacesChapter Access Functionality Settings Advanced Slave Modbus Settings Request Queuing Default 30 seconds Failsafe Timer FunctionalityFailsafe Action is triggered Broadcast of I/O Default Disabled Status Enable UDPUDP Functionality UDP Entry UDP Settings Default Celsius Temperature Functionality Analog ChannelsMonitoring Application A4D2 Analog I/O Analog Alarm Settings Default Current Monitoring Application Digital InputDigital I/O Input Mode 257 Digital Output Default Sink Output ModeOutput Inactive Signal Width Active Signal Width Pulse ModeDelay Pulse Count Monitoring Application A4D2Relay RelayRelay I/O Width Inactive Signal Digital I/O Extension Active SignalFront Door Warehouse Perle Iolan Reception Message type 1 Byte Current Alarm State 1 Byte z 0 = Not in alarmInput number 1 Byte Extension Enable I/OInput TCP Port Local connection Hosts Simultaneously Communicate to the Host Temperature I/O Industrial Freezers Temperature Default RTD Basic Analog Alarm Settings Alarm Settings Clear Mode Advanced Analog Alarm SettingsTrigger Type Clear UDP Broadcast Packet UDP Unicast Format Analog Section Length EnabledSection Channel Digital/Relay Section Serial Pin Signal SectionLength Channel Length Pin UDP Unicast Example Modbus SlaveModbus Serial Application Connected to the Serial Port Modbus Serial Application Connected to the Network Modbus TCP Application Modbus I/O AccessFunction Codes PC running a Modbus RTU or Ascii Application UID Coil/Register Descriptions A4/T4 Registers Serial Port Coil/Register DescriptionsData Model A1/T1 A2/T2 A3/T3 A4/T4 Holding Registers Input Registers Data Model D1/R1 D2/R2 Coils A4D2/A4R2 Registers D4/D2R2 Registers Serial Pin SignalsData Model D3/R1 D4/R2 Coils Data Model Pin Coils TruePort I/O Modbus Serial Application TruePort Power Digital OutputTruePort/Modbus Combination PC running a PC running Custom Application API TruePort API Over TruePort Only Setup Accessing I/O Data Via TruePortIntroduction Get Commands Format of API CommandsCommand Format Response Format Set Commands Unsuccessful Response Format Successful Response FormatExample 1 Turn on the first relay on a D2R2 unit Example 2 Turn on the first and second relay on a D2R2 unit Snmp Traps Error Codes 290 Iolan SDS/SCS/STS/MDC User’s Guide, Version Clustering Slave List Configuring Clustering ChapterAdvanced Button Adding Clustering Slaves Advanced Clustering Slave Options Editing Clustering Slave SettingsPort Name Master TCP Port Slave TCP Port Option Card Settings Configuring the Option CardConfiguring the Iolan Modem Card Overview Field Descriptions Configuring a Wireless WAN CardCard APN 298 Iolan SDS/SCS/STS/MDC User’s Guide, Version Alerts Configuring the System ChapterEmail Alerts Alerts Syslog Contact ManagementLocation Community Auth Password Auth Algorithm Data Options MD5, SHA Default MD5Default DES Privacy Password Privacy Algorithm Data Options DES, AES Default DES Algorithm Data Options MD5, SHA Default MD5Confirm Password Trap Time Network Time Tab Field Descriptions Sntp ModeSntp Version Time Zone/Summer Time Tab Field Descriptions Custom App/Plugin Login Tab Field Descriptions Bootup Files Tab Field Descriptions Tftp Host Message of the Day Motd Tab Field DescriptionsFilename Display Motd WebManager EasyPort Web Tftp Tab Field Descriptions Default Flow ControlConsole Port Tab Field Descriptions Baud Rate 312 Iolan SDS/SCS/STS/MDC User’s Guide, Version Controlling the RPS, I/O Channels, and IPsec Tunnels State Button Management profile settingsRPS Control OK Button Closes the window Plug Control Power Plug Status Serial Port Power ControlButton Serial port Deactivate Output Manually deactivates the channel output IPsec Tunnel Control 318 Iolan SDS/SCS/STS/MDC User’s Guide, Version Managing Configuration Files System Administration ChapterSaving Configuration Files Downloading Configuration Files Reboot Server Downloading Configuration Files to Multiple IOLANs Specifying a Custom Factory Default Configuration Uploading Configuration Files Downloading Iolan Firmware Resetting the Iolan to the Default ConfigurationCalibrating I/O Calibrating Analog Input Calibrating Voltage Calibrating Temperature InputCalibrating Current Calibrating Thermocouple Calibrating Analog Channels Resetting Calibration Data Rebooting the Iolan Setting the IOLAN’s Date and TimeResetting the Iolan to Factory Defaults Language Support Resetting the SecurID Node SecretLoading a Supplied Language Translation Guidance Software Upgrades and Language Files Creating Terminal Definition Files Downloading Terminal Definitions For example Resetting Configuration Parameters Lost Admin Password 332 Iolan SDS/SCS/STS/MDC User’s Guide, Version Configuring a Master Gateway Configuring ModbusConfiguring a Slave Gateway Applications Modbus Master Gateway Modbus Gateway SettingsModbus Slave Gateway Modbus Master Settings Modbus Serial Port SettingsModbus Slave UID Master Gateway Serial EIA-232 Modbus Master Slave Gateway Modbus Slave SettingsSerial Port EIA-422/485 Modbus Master Modbus Slave UID 172.16.0.0 Configuring PPP Dial On Demand Remote Printing Using LPD Setting Up Printers Remote Printing Using Host-Based Print Handling Software Remote Printing Using RCP IOLAN-to-Host/Network Configuring a Virtual Private Network Or just 172.16.45.84 192.168.45.87 192.168.45.12 Network-to-Network Left External IP Address Right Host-to-HostGateway Router 172.16.45.99 344 Iolan SDS/SCS/STS/MDC User’s Guide, Version VPN Client Initiate Communication Router Broadband Right VPN Client-to-Network 346 Iolan SDS/SCS/STS/MDC User’s Guide, Version Supported Radius Parameters Radius and TACACS+ Appendix a PPP User level. See Perle Radius Dictionary Example Accounting Message Radius Parameter Iolan Parameter Mapped Radius Parameters to Iolan Parameters Perle Radius Dictionary Example Value TACACS+ Accessing the Iolan Through a Serial Port Users Name Values Description Slip Accessing the Iolan from the Network Users Accessing the Iolan from the Network User Example Settings Valid SSL/TLS Ciphers SSL/TLS Ciphers DES-CBC-MD5 Virtual Modem Initialization Commands Commands AT&Rn AT&SnAT&Cn Serial Pinouts Pinouts and Cabling DiagramsDB25 Male DB25 Female RJ45 Number Iolan model Pins See RJ45 for desktop and rack mount models RJ45 for SCS48C/SCS32C/SCS16C/SCS8C models Pinout EIA-232 Admin Port Serial Ports EIA-485 Pin# EIA-232 EIA-422 Full Duplex Half Duplex RJ45 for SDS32C/SDS16C/SDS8C Electric Utility models RJ45 for medical unit models DB9 Male Serial Only DB9 Male I/O Power Over Ethernet Pinouts Terminal DB25 Connector EIA-232 Cabling DiagramsDB25 Male DB25 Female 10-pin Pin RJ45 DB9 Male Iolan RJ45 DCE Modem DB25 Connector RxD TxD DTR 20 DTR GND 376 Iolan SDS/SCS/STS/MDC User’s Guide, Version Port Iolan DB25 Male/Female Setting Jumpers Port Iolan RJ45 Port Iolan RJ45 P Power Over Ethernet Port Iolan SDS1M Modem Port Iolan DB9 Port Iolan Port/Line # Line Termination 5V Output Input Volt Output Port Desktop Iolan Digital I/O Module Analog Input Module 384 Iolan SDS/SCS/STS/MDC User’s Guide, Version Digital I/O Wiring I/O DiagramsDigital Input Wet Contact Digital Input Dry Contact Digital Output Source Digital Output Sink Current Analog InputVoltage RTD 2-Wire Temperature InputRTD 3-Wire Thermocouple Relay Output RTD 4-WireNormally Open Contact Normally Closed Contact 390 Iolan SDS/SCS/STS/MDC User’s Guide, Version TruePort Utilities API Request Format API I/O Access Over TruePortAPI Response Format Decoder Error Codes 394 Iolan SDS/SCS/STS/MDC User’s Guide, Version Installing a Perle PCI Card Accessories Installing a Perle PCI Card Accessories RJ45F to DB25M DTE Crossover Adapter Starter Kit Adapters/Cable RJ45F to DB25M DCE Modem Adapter RJ45F DB25F RJ45F to DB25F DTE Crossover Adapter RJ45F to DB9M DTE Crossover Adapter RJ45F to DB9F DTE Crossover Adapter Sun/Cisco RJ45M Connector Cable for Rack Mount Models SCS48C/SCS32C/SCS16C/SCS8C Starter Kit Adapters/Cable GND DTR 20 DTR DSR RJ45F to DB25F DTE Crossover Adapter 406 Iolan SDS/SCS/STS/MDC User’s Guide, Version RJ45F Sun/Cisco Roll-Over Adapter for Rack Mount Models 408 Iolan SDS/SCS/STS/MDC User’s Guide, Version Hardware Troubleshooting Troubleshooting DeviceManager Problems Communication IssuesPower/Ready LED Labels General communication checks and practices are as follows Radius Authentication Problems Host Problems Problems with Terminals Login Problems Callback Problems DHCP/BOOTP ProblemsLanguage Problems You observe Tftp errors when the Iolan boots, for example PPP Problems Modem ProblemsPrinting Problems Long Reboot Cycle Models Certificate did not match configurationCould not obtain peers certificate An A4R2 model is starting/stopping IPv6 Issues Making a Technical Support Query Contacting Technical Support Feedback on this Manual Repair Procedure Glossary Authentication Protocol Radius Remote PAP PasswordAuthentication Dial Users Services Reverse Connection RIP Routing API Index Ldap Radius