Shared Secret Field Description | Perle Systems SCS, STS manual

VPN

Remote Next Hop	The IP address of the router/gateway that will forward data packets to the
	IOLAN (if required). The router/gateway must reside on the same subnet at the
	remote VPN.
	Field Format: IPv4 or IPv6 address
Remote	The IP address of a specific host or the network address that the IOLAN will
Host/Network	provide a VPN connection to. If the IPsec tunnel is listening for connections
Address	(Boot Action set to Add), and the field value is left at 0.0.0.0, any VPN peer
	with a private remote network/host that conforms to RFC 1918 (10.0.0.0/8,
	172.16.0.0./12, 192.168.0.0/16) will be allowed to use this tunnel if it
	successfully authenticates.
	Field Format: IPv4 or IPv6 address
Remote IPv4	The subnet mask of the remote IPv4 network. Keep the default value when you
Subnet Mask	are configuring a host-to-host VPN connection.
	Default: 255.255.255.255

Remote IPv6 Prefix The prefix bits of the remote IPv6 network. Keep the default value when you

Bits	are configuring a host-to-host VPN connection.
	Default: 0
Boot Action	Determines the state of the VPN network when the IOLAN is booted.
	Data Options:
	z Start—Starts the VPN network, initiating communication to the remote
	VPN.
	z Add—Adds the VPN network, but doesn’t initiate a connection to the
	remote VPN.
	z Ignore—Maintains the VPN network configuration, but the VPN network
	is not started and cannot be started through the IPsec command option.
	When defining peer VPN gateways, one side should be defined as Start
	(initiate) and the other as Add (listen). It is invalid to define both gateways as
	Add. VPN connection time can take longer when both gateways are set to
	Start, as both sides will attempt to initiate the same VPN connection.
	Default: Start

Shared Secret Field Description

When the Authentication Method is set to Shared Secret, you can enter a secret that applies to all VPN tunnels (both the IPsec and L2TP/IPsec protocols) to successfully authenticate and create a valid connection.

Configure the following parameter:

Secret	When the Authentication Method is set to Shared Secret, enter the
	case-sensitive secret word.This applies to all VPN tunnels (IPsec and
	L2TP/IPsec).
	Field Format: Maximum of 16 characters, spaces not allowed

225

Image 225

Perle Systems SCS, STS manual Shared Secret Field Description

Contents

Iolan SDS/SCS/STS EN 55022 1998, Class A, Note Table of Contents Configuration Methods DHCP/BOOTP Getting Started Network Settings Configuring Serial Ports UDP Sockets Profile 132 Remote Access Slip Profile 179 Configuring Users Configuring Security Configuring I/O Interfaces Channels UDP Configuring Clustering Controlling the RPS, I/O Channels, System Administration Applications Appendix B SSL/TLS Ciphers Appendix E Setting Jumpers 361 Appendix G Utilities Appendix I Troubleshooting Index Glossary About This Book PrefaceIntended Audience Documentation Online Help Typeface Conventions Introduction About the IolanIolan Family Models Hardware Iolan Features Software Ldap Security Introduction ConnectivityIolan Components What’s Included Available Accessories Power Supply SpecificationsPower Over Ethernet PoE Models Desktop Models AC Power Requirements DC Power RequirementsGetting to Know Your Iolan Rack Mount Models Serial Activity Port Port End View Top View Rack Mount Console Port/LED ViewSerial/Ethernet View Console Mode Console/Serial SwitchSerial Mode Dedicated Console Port Rack Mount Models Powering Up the Iolan Desktop/Rack Mount ModelsModels Earthing Wire DC Power ModelsPrimary Supply Secondary back-up Supply Disconnecting 48V Power Supplies from the Iolan Powering Up the Iolan Configuration Methods Chapter Configuration Methods Overview Configures an IP AddressRequires a Configured IP Address Easy Config Wizard Unique Features Access PlatformsConnecting to the Iolan Using DeviceManager DeviceManager DeviceManager Using DeviceManager WebManager Iolan Connecting to the Iolan Using WebManager Using WebManager Command Line Interface Connecting to the Iolan Using the CLIThrough the Network Connecting to the Iolan Using the Menu Using the CLIMenu Through the Serial Port Using the Menu Using DHCP/BOOTP Connecting to the Iolan Using DHCP/BOOTP TACACS+ Securid DHCP/BOOTP Parameters Snmp Connecting to the Iolan Using Snmp Using the Snmp MIB Connecting to the Iolan to Use the IOLAN+ Interface Using the IOLAN+ InterfaceIOLAN+ Interface Changes to the IOLAN+ Interface REMOTE-ADMIN Opt HEX Rlogin/Telnet Remote Access Systems Screen Name Wchiewsds2 Debug mode IP address IOLAN+ Interface Getting Started Easy Configuration Wizard Setting Up the Network Using a Direct Serial Connection to Specify an IP Address Using a Direct Serial Connection to Enable BOOTP/DHCP For an IPv6 Network Using ARP-Ping Setting Up the Serial Ports Setting Up the Serial Ports Setting Up Users Using DeviceManager WebManager DeviceManager Navigating DeviceManager/WebManager EasyPort Web WebManager Starting a New Session Using DeviceManager to Connect to the Iolan Assigning a Temporary IP Address to a New Iolan Logging in to the Iolan Adding/Deleting Manual IOLANs Configuration Files Using WebManager to Connect to the IolanCreating a New Iolan Configuration in DeviceManager Logging into the Iolan Opening an Existing Configuration File Importing an Existing Configuration FileManaging the Iolan Network Settings IPv4 Settings IP SettingsOverview Field Descriptions IPv6 Settings IPv6 AutoconfigurationDHCPv6 Custom IPv6 Adding/Editing a Custom IPv6 Address Prefix Bits Range Default Server Name.Domain Prefix.Domain Name Advanced Default 200 ms Default 100 msDefault Disabled Advertise DHCPv6 Configuration Host Table AdvancedFunctionality IP Filtering Data Options Host Name Adding/Editing a HostFully Qualified Domain Name Route List Adding/Editing Routes Default DefaultType IPv4 Subnet Mask DNS/WINS Editing/Adding DNS/WINS Servers RIP Default None Ethernet ModeAuthentication Password Overview Functionality Dynamic DNSEnd Time Key Default Dynamic Account SettingsUser Name System Type Cipher Suite Field Descriptions Adding/Editing a Cipher Suite Validation Criteria Field Descriptions Common Name IPv6 Tunnels Adding/Editing an IPv6 Tunnel Default ManualName Mode 102 Iolan SDS/SCS/STS User’s Guide, Version Functionality Serial Ports Editing a Serial Port Copying a Serial Port Resetting a Serial Port Serial Port ProfilesCommon Tabs Hardware Tab Field Descriptions Default Auto Flow Control Default FullEnable Inbound Flow Control Default Enabled Enable Outbound Email Alert Tab Field Descriptions Packet Forwarding Tab Field Descriptions Enable Trigger2 Enable Trigger1Packet Definition Packet Size EOF1 Character Default TriggerEOF2 Character Trigger Default Client SSL/TLS Settings Tab Field Descriptions 114 Iolan SDS/SCS/STS User’s Guide, Version 115 116 Iolan SDS/SCS/STS User’s Guide, Version Console Management Profile Default TelnetGeneral Tab Field Descriptions Protocol Advanced Tab Field Descriptions Administrator Enable MicrosoftSupport Default Disabled Multisessions Idle Timeout TruePort Profile ModemPhone Connect to remote System Default Enabled Host NameConnect to Multiple Hosts Adding/Editing Additional TruePort Hosts Host and backupHosts to connect to Define a primary Backup Host Adding/Editing a Multihost EntryPrimary Host Signals high Day Motd Default Disabled Enable TCPWhen Enable Data Session TimeoutLogging TCP Sockets Profile Connection Workstation/Server on the network Default Enabled Received on the serial port Initiate Connection Adding/Editing Additional Hosts 129 Day Motd Default Disabled Enable Data 131 UDP Sockets Profile UDP port Direction Start IP AddressEnd IP Address Default 0 zero Terminal ProfileUDP Port VT100 Default DumbTVI925 VT320 specifically supporting VT320-7 Is received Default Disabled Protocol Data Range 138 Iolan SDS/SCS/STS User’s Guide, Version Login Settings User Service Settings Interrupt Telnet SettingsQuit Erase Rlogin Settings User is only prompted for a passwordEscape SSH Settings RSA authentication for the SSH session Slip SettingsAuthentication for the SSH session Arcfour VJ Compression Routing PPP Settings Default Chap IPv6 RemoteNone Remote User Configure Req Remote PasswordTimeout Default 3 seconds Roaming Callback Default 1 minuteChallenge Interval Address/Control Printer Profile Serial Server Tunnel Serial Tunneling ProfileSerial Client Iolan Tunnel Act As Tunnel Client Default Disabled Host Name Virtual Modem Profile 154 Iolan SDS/SCS/STS User’s Guide, Version DCD DTR Signal Acts as RTS Signal Always On RTS Signal Acts as AT CommandResponse Delay Phone Number to Host Mapping VModem Phone Number Entry Control Signal I/O ProfilePhone Number Host IP Address Invert Signal Input Signal Field DescriptionsDescription Latch Mode Default Disabled Auto Clear ModeManual Clear Syslog Failsafe Action Output Signal Field Descriptions Modbus Gateway Profile Destination Slave Settings Button UID RangeIP Mappings Advanced Slave Default 30 ms Default 1000 msAdvanced Field Descriptions Modbus Slave IP Settings Field Descriptions Default Host Adding/Editing Modbus Slave IP SettingsUID Start UID End Default TCP Modbus Slave Advanced Settings Field DescriptionsRange Default 50 ms Data Options TCP or UDP Power Management Profile Default RSP820 Editing Power Management Plug Settings Field DescriptionsRPS Name RPS Model Default State Remote Access PPP ProfileDefault Off Data Options On, Off Negotiate IP IPv6 Global Authentication Tab Field Descriptions 174 Iolan SDS/SCS/STS User’s Guide, Version DNS for this Serial Default Disabled Port Host Enable DynamicAccount Settings Dynamic DNS Field Descriptions 176 Iolan SDS/SCS/STS User’s Guide, Version Compression Default Enabled Enable Protocol Configure RequestEnable VJ Enable Magic Dial In/Out MS Direct HostMS Direct Guest Remote Access Slip Profile 180 Iolan SDS/SCS/STS User’s Guide, Version 181 General Tab Field Description Custom Application Profile Port Buffering Local Port BufferingKeyboard Buttons Hot Keys Direction Remote Port Buffers Field Definitions Data Default Disabled Enable Key Stroke Enable PortNFS Host NFS Directory Signals Advanced Serial Settings TabProcess Break Deny Multiple Serial Port Menu Default ~menuString Session Escape Modems Tab Adding/Editing a ModemName Name of the modem Field Definitions TruePort Baud Rate Tab 190 Iolan SDS/SCS/STS User’s Guide, Version Configuring Users User Settings General Tab Adding/Editing Users Default Normal Service Services TabDefault DSPrompt Host IP Indentifier IPv6 Interface Advanced Tab Default English Sessions Tab Connect Session 1, 2, 3 Serial Port Access Serial Port Access TabAllow Access to Clustered Ports 202 Iolan SDS/SCS/STS User’s Guide, Version Authentication Configuring Security Method Default Local Secondary AuthenticationPrimary Method Local General Field Descriptions Radius NAS-IP-Address Default Enabled Authenticator response Default Enabled RetryAttributes Field Descriptions NAS-Identifier Realm KerberosKDC Domain KDC Port Enable TLS BaseTLS Port Default None Authentication Authentication Authorization Primary Host Secondary HostAuthorization Port Default Authentication Primary Host Default None SecurID NIS Device Server Users Logging into the Iolan Using SSHLynn Tracy Users Passing Through the Iolan Using SSH Dir/Sil Lynn Sales ServerHR Server Field Descriptions Interactive Default Enabled PasswordAllow SSH-1 Keyboard Enable Verbose Output Default DisabledBreak String Button For a valid SSL/TLS connection 218 Iolan SDS/SCS/STS User’s Guide, Version Adding/Editing a Cipher 220 Iolan SDS/SCS/STS User’s Guide, Version VPN ESP Phase 2 Proposals IKE Phase 1 ProposalsAuthentication Algorithms-MD5, SHA1, SHA2 IPsec Adding/Editing the IPsec Tunnel Secret/Remote Default LeftValidation Criteria Local Device Shared Secret Field Description Remote Validation Criteria Field Descriptions Allow L2TP/IPsec L2TP/IPsec Exceptions Field Description Adding/Editing a VPN Exception Telnet Server ServicesTruePort Full Syslog Client WebManager DeviceManagerSSH Server Sntp Client Keys and Certificates Key Type 234 Iolan SDS/SCS/STS User’s Guide, Version Configuring I/O InterfacesChapter Access Functionality Settings Advanced Slave Modbus Settings Request Queuing Failsafe Timer Functionality Default 30 secondsFailsafe Action is triggered Enable UDP Broadcast of I/O Default Disabled StatusUDP Functionality UDP Entry UDP Settings Default Celsius Temperature Functionality Analog ChannelsMonitoring Application A4D2 Analog I/O Analog Alarm Settings Default Current Digital Input Monitoring ApplicationDigital I/O Input Mode 247 Digital Output Output Mode Default SinkOutput Inactive Signal Width Active Signal Width Pulse ModeDelay Pulse Count Relay Monitoring Application A4D2RelayRelay I/O Width Inactive Signal Digital I/O Extension Active SignalFront Door Warehouse Perle Iolan Reception Current Alarm State 1 Byte z 0 = Not in alarm Message type 1 ByteInput number 1 Byte Enable I/O ExtensionInput TCP Port Local connection Hosts Simultaneously Communicate to the Primary Host Temperature I/O Industrial Freezers Temperature Default RTD Basic Analog Alarm Settings Alarm Settings Advanced Analog Alarm Settings Clear ModeTrigger Type Clear UDP Broadcast Packet UDP Unicast Format Length Enabled Analog SectionSection Channel Digital/Relay Section Serial Pin Signal SectionLength Channel Length Pin UDP Unicast Example Modbus SlaveModbus Serial Application Connected to the Serial Port Modbus Serial Application Connected to the Network Modbus RTU Or Ascii Application Power Digital Output Modbus I/O AccessModbus TCP Application Function Codes Coil/Register Descriptions A4/T4 Registers Serial Port Coil/Register DescriptionsData Model A1/T1 A2/T2 A3/T3 A4/T4 Holding Registers Input Registers Data Model D1/R1 D2/R2 Coils A4D2/A4R2 Registers D4/D2R2 Registers Serial Pin SignalsData Model D3/R1 D4/R2 Coils Data Model Pin Coils Modbus Serial Application TruePort Power Digital Output TruePort I/OTruePort/Modbus Combination PC running Custom Application API TruePort API Over TruePort Only Accessing I/O Data Via TruePort SetupIntroduction Get Commands Format of API CommandsCommand Format Response Format Set Commands Unsuccessful Response Format Successful Response FormatExample 1 Turn on the first relay on a D2R2 unit Example 2 Turn on the first and second relay on a D2R2 unit Snmp Traps Error Codes 280 Iolan SDS/SCS/STS User’s Guide, Version Configuring Clustering Chapter Clustering Slave ListAdvanced Button Adding Clustering Slaves Editing Clustering Slave Settings Advanced Clustering Slave OptionsPort Name Master TCP Port Slave TCP Port Configuring the Option Card Option Card SettingsConfiguring the Iolan Modem Card Configuring a Wireless WAN Card Overview Field DescriptionsCard APN 288 Iolan SDS/SCS/STS User’s Guide, Version Configuring the System Chapter AlertsEmail Alerts Alerts Syslog Contact ManagementLocation Community Auth Password Auth Algorithm Data Options MD5, SHA Default MD5Default DES Privacy Password Privacy Algorithm Data Options DES, AES Default DES Algorithm Data Options MD5, SHA Default MD5Confirm Password Trap Time Sntp Mode Network Time Tab Field DescriptionsSntp Version Time Zone/Summer Time Tab Field Descriptions Custom App/Plugin Login Tab Field Descriptions Bootup Files Tab Field Descriptions Tftp Host Message of the Day Motd Tab Field DescriptionsFilename Display Motd WebManager/Easy Port Web Tftp Tab Field Descriptions Default Flow ControlConsole Port Tab Field Descriptions Baud Rate 302 Iolan SDS/SCS/STS User’s Guide, Version State Button Management profile settings Controlling the RPS, I/O Channels, and IPsec TunnelsRPS Control OK Button Closes the window Plug Control Serial Port Power Control Power Plug StatusButton Serial port Deactivate Output Manually deactivates the channel output IPsec Tunnel Control 308 Iolan SDS/SCS/STS User’s Guide, Version Managing Configuration Files System Administration ChapterSaving Configuration Files Downloading Configuration Files Reboot Server Downloading Configuration Files to Multiple IOLANs Uploading Configuration Files Specifying a Custom Factory Default ConfigurationLess than 3 seconds-Reboots the Iolan Calibrating I/O Downloading Iolan FirmwareCalibrating Analog Input Calibrating Voltage Calibrating Analog Channels Calibrating Temperature InputCalibrating Thermocouple Calibrating RTD Resetting Calibration Data Setting the IOLAN’s Date and Time Rebooting the IolanResetting the Iolan to Factory Defaults Resetting the SecurID Node Secret Language SupportLoading a Supplied Language Translation Guidance Software Upgrades and Language Files Creating Terminal Definition Files Downloading Terminal Definitions For example Resetting Configuration Parameters Lost Admin Password Configuring a Master Gateway Configuring ModbusConfiguring a Slave Gateway Applications Modbus Gateway Settings Modbus Master GatewayModbus Slave Gateway Modbus Master Settings Modbus Serial Port SettingsModbus Slave UID Master Gateway Serial EIA-232 Modbus Slave Settings Modbus Master Slave GatewaySerial Port EIA-422/485 Modbus Master Modbus Slave UID 172.16.0.0 Configuring PPP Dial On Demand Remote Printing Using LPD Setting Up Printers Remote Printing Using Host-Based Print Handling Software Remote Printing Using RCP IOLAN-to-Host/Network Configuring a Virtual Private Network Or just 172.16.45.84 192.168.45.87 192.168.45.12 Network-to-Network Left External IP Address Right Host-to-HostGateway Router 172.16.45.99 332 Iolan Device Server User’s Guide, Version VPN Client Initiate Communication Router Broadband Right VPN Client-to-Network 334 Iolan Device Server User’s Guide, Version Supported Radius Parameters Radius and TACACS+ Appendix a PPP User level. See Perle Radius Dictionary Example Accounting Message Radius Parameter Iolan Parameter Mapped Radius Parameters to Iolan Parameters Perle Radius Dictionary Example Value TACACS+ Accessing the Iolan Through a Serial Port Users Name Values Description Slip Accessing the Iolan from the Network Users Accessing the Iolan from the Network User Example Settings Valid SSL/TLS Ciphers SSL/TLS Ciphers DES-CBC-MD5 Virtual Modem Initialization Commands Commands AT&Sn AT&RnAT&Cn Pinouts and Cabling Diagrams Serial PinoutsDB25 Male DB25 Female RJ45 DB9 Male Serial Only RJ45 SCS48C/SCS32C/SCS16C/SCS8C DB9 Male I/O Power Over Ethernet Pinouts Terminal DB25 Connector EIA-232 Cabling DiagramsDB25 Male DB25 Female RJ45 DB9 Male10-pin Pin Iolan RJ45 DCE Modem DB25 Connector RxD TxD DTR 20 DTR GND 360 Iolan SDS/SCS/STS User’s Guide, Version Port Iolan DB25 Male/Female Setting Jumpers Port Iolan RJ45 Port Iolan RJ45 P Power Over Ethernet Port Iolan SDS1M Modem Port Iolan DB9 Port Iolan Port/Line # Line Termination 5V Output Input Volt Output Port Desktop Iolan Digital I/O Module Analog Input Module 368 Iolan SDS/SCS/STS User’s Guide, Version Digital I/O Wiring I/O DiagramsDigital Input Wet Contact Digital Input Dry Contact Digital Output Source Digital Output Sink Analog Input CurrentVoltage RTD 2-Wire Temperature InputRTD 3-Wire Thermocouple Relay Output RTD 4-WireNormally Open Contact Normally Closed Contact 374 Iolan SDS/SCS/STS User’s Guide, Version TruePort Utilities API I/O Access Over TruePort API Request FormatAPI Response Format Decoder Error Codes 378 Iolan SDS/SCS/STS User’s Guide, Version Installing a Perle PCI Card Accessories Installing a Perle PCI Card Accessories RJ45F to DB25M DTE Crossover Adapter Starter Kit Adapters/Cable RJ45F to DB25M DCE Modem Adapter RJ45F DB25F RJ45F to DB25F DTE Crossover Adapter RJ45F to DB9M DTE Crossover Adapter RJ45F to DB9F DTE Crossover Adapter Sun/Cisco RJ45M Connector Cable for Rack Mount Models SCS48C/SCS32C/SCS16C/SCS8C Starter Kit Adapters/Cable GND DTR 20 DTR DSR RJ45F to DB25F DTE Crossover Adapter 390 Iolan SDS/SCS/STS User’s Guide, Version RJ45F Sun/Cisco Roll-Over Adapter for Rack Mount Models 392 Iolan SDS/SCS/STS User’s Guide, Version Hardware Troubleshooting TroubleshootingPower/Ready LED stays red after a boot Power/Ready LED on a rack mount model flashes red Communication Issues DeviceManager ProblemsGeneral communication checks and practices are as follows Radius Authentication Problems Host Problems Problems with Terminals Login Problems Callback Problems DHCP/BOOTP ProblemsLanguage Problems You observe Tftp errors when the Iolan boots, for example PPP Problems Modem ProblemsPrinting Problems Long Reboot Cycle Models Certificate did not match configurationCould not obtain peers certificate An A4R2 model is starting/stopping IPv6 Issues Making a Technical Support Query Contacting Technical Support Feedback on this Manual Repair Procedure Glossary Authentication Protocol Radius Remote PAP PasswordAuthentication Dial Users Services Reverse Connection RIP Routing API Index Ldap Radius Index W