Page 1 100-120 VAC 200-240 VAC Branch Office Manager ™ User Guide Part Number 900-671-R Revision K April 2019...
Page 2: Intellectual Property
Suite 100 Irvine, CA 92618, USA Phone: 949-453-3990 Fax: 949-453-3995 Technical Support Online: www.lantronix.com/support Sales Offices For a current list of our domestic and international sales offices, go to the Lantronix web site at www.lantronix.com/about/contact. SLB™ Branch Office Manager User Guide...
Page 3: Disclaimer & Revisions
Lantronix shall have no liability whatsoever to any user for any damages, losses and causes of action (whether in contract or in tort or otherwise) in connection with the user’s access or usage of any of the information or content contained herein.
Page 4 March 2019 Updated to firmware revision 6.7.0.0RC12, which includes: Support for custom Expect scripts that can be connected to the SLB CLI  or a device port Web and SSH support for SHA2 and higher  ConsoleFlow access timeout settings ...
Page 5: Table Of Contents
Features ________________________________________________________________ 20 Console Management __________________________________________________ 20 Power Management Outlets for Power Connectivity ___________________________20 Power Inlets __________________________________________________________20 Integration with Other Secure Lantronix Products _____________________________ 20 Internal Temperature Sensor _____________________________________________21 Designed for Branch Offices and Similar Environments _________________________ 21 Typical Equipment _____________________________________________________22...
Page 6 3: Installation What's in the Box _________________________________________________________ 31 Product Information Label _______________________________________________ 32 Technical Specifications ____________________________________________________32 Safety Precautions ________________________________________________________ 33 Cover _______________________________________________________________ 33 Power Plug ___________________________________________________________33 Input Supply __________________________________________________________34 Grounding ____________________________________________________________ 34 Fuses _______________________________________________________________ 34 Rack ________________________________________________________________ 34 Port Connections ______________________________________________________ 35 Physical Installation ________________________________________________________ 35 Connecting to a Device Port ______________________________________________36 Connecting to Network Ports _____________________________________________36...
Page 7 Web Page Help _______________________________________________________ 54 Command Line Interface ____________________________________________________54 Logging In ____________________________________________________________ 54 Logging Out __________________________________________________________55 Command Syntax ______________________________________________________ 55 Command Line Help ____________________________________________________56 Tips _________________________________________________________________56 General CLI Commands _________________________________________________ 57 6: Basic Parameters Requirements ____________________________________________________________ 58 Eth1 and Eth2 Settings __________________________________________________ 60 Hostname &...
Page 8 NFS and SMB/CIFS Commands __________________________________________ 92 Secure Lantronix Network ___________________________________________________ 92 Troubleshooting Browser Issues ______________________________________________96 Web SSH/Telnet Copy and Paste _________________________________________ 98 Secure Lantronix Network Commands ______________________________________ 98 Date and Time ____________________________________________________________ 99 Date and Time Commands ______________________________________________100 Web Server _____________________________________________________________ 100...
Page 9 IP Settings __________________________________________________________115 Data Settings ________________________________________________________ 116 Hardware Signal Triggers _______________________________________________ 117 Modem Settings ______________________________________________________ 117 Modem Settings: Text Mode _____________________________________________118 Modem Settings: PPP Mode ____________________________________________118 Port Status and Counters _______________________________________________ 120 Device Ports - SLP Units _______________________________________________ 120 Status/Info __________________________________________________________121 Commands __________________________________________________________122 Device Port - Sensorsoft Device __________________________________________ 122 Device Port Commands ________________________________________________ 123...
Page 10 Dial-Out ____________________________________________________________ 168 Dial-Back ___________________________________________________________168 Dial-On-Demand ______________________________________________________ 169 Dial-In & Dial-On-Demand ______________________________________________169 Dial-Back & Dial-On-Demand ____________________________________________169 Dial-In/Host List ______________________________________________________ 170 CBCP Server and CBCP Client __________________________________________ 170 CBCP Server ________________________________________________________ 170 CBCP Client _________________________________________________________171 9: USB Port Set Up of USB Storage ____________________________________________________172 Data Settings ________________________________________________________ 175 GSM/GPRS Settings __________________________________________________ 175 Modem Settings ______________________________________________________ 175...
Page 11 RADIUS Commands ___________________________________________________205 User Attributes & Permissions from LDAP Schema or RADIUS VSA _____________205 Kerberos _______________________________________________________________ 207 Kerberos Commands __________________________________________________ 209 TACACS+ ______________________________________________________________ 210 TACACS+ Groups ____________________________________________________210 TACACS+ Commands _________________________________________________ 213 Groups ________________________________________________________________214 SSH Keys ______________________________________________________________ 217 Imported Keys _______________________________________________________ 217 Exported Keys _______________________________________________________ 217 Imported Keys (SSH In) ________________________________________________ 219 Host &...
Page 12 Banners ________________________________________________________________246 Banner Commands ____________________________________________________247 13: Application Examples Telnet/SSH to a Remote Device _____________________________________________248 Dial-in (Text Mode) to a Remote Device _______________________________________250 Local Serial Connection to Network Device via Telnet ____________________________ 251 14: Command Reference Introduction to Commands _________________________________________________ 253 Command Syntax _____________________________________________________253 Command Line Help ___________________________________________________254 Tips ________________________________________________________________254...
Page 13 Power Commands ________________________________________________________ 316 Routing Commands ______________________________________________________ 318 Script Commands ________________________________________________________ 318 Services Commands ______________________________________________________ 321 Site Commands __________________________________________________________323 Secure Lantronix Network Commands ________________________________________324 SSH Key Commands ____________________________________________________325 Status Commands ________________________________________________________ 328 System Log Commands ___________________________________________________329 USB Storage Commands __________________________________________________ 330...
Page 14: List Of Figures
Figure 3-6 CAT 5 Cable Connection __________________________________________________ 36 Figure 3-7 AC Power Input _________________________________________________________ 38 Figure 3-8 100-120 VAC SLB - Branch Office Manager Power Outlets _______________________ 38 Figure 3-9 200-240 VAC SLB - Branch Office Manager Power Outlets _______________________ 39...
Page 15 Figure 7-7 Disabled Port Number Popup Window _______________________________________95 Figure 7-8 Services > Secure Lantronix Network > Search Options__________________________96 Figure 7-9 Services > Date & Time __________________________________________________ 99 Figure 7-10 Services > Web Server ________________________________________________ 101 Figure 7-11 Web Sessions ________________________________________________________ 103 Figure 7-12 SSL Certificate________________________________________________________ 104 Figure 7-13 Services >...
Page 16 Figure 11-6 User Authentication > RADIUS ___________________________________________ 202 Figure 11-7 User Authentication > Kerberos___________________________________________ 207 Figure 11-8 User Authentication > TACACS+__________________________________________ 211 Figure 11-9 User Authentication > Group _____________________________________________215 Figure 11-10 User Authentication > SSH Keys_________________________________________ 218 Figure 11-11 Current Host Keys ____________________________________________________221 Figure 11-12 User Authentication >...
Page 17: List Of Tables
List of Tables Table 2-2 SLB Models ____________________________________________________________ 23 Table 3-1 Part Numbers and Descriptions for Adapters and Cables _________________________ 31 Table 3-2 Part Numbers and Descriptions for Power Cords _______________________________ 31 Table 3-3 SLB Technical Specifications _______________________________________________ 32 Table 3-4 Max Current per Power Cord Used __________________________________________ 33 Table 4-1 Methods of Assigning an IP Address _________________________________________ 41 Table 4-3 LCD Arrow Keypad Actions ________________________________________________ 43 Table 4-4 Front Panel Setup Options with Associated Parameters __________________________43...
Page 18: 1: About This Guide
About this Guide Purpose and Audience This guide provides the information needed to install, configure, and use the Lantronix® SLB™ branch office manager. The SLB device is for IT professionals who must remotely and securely configure and administer servers, routers, switches, telephone equipment, or other devices equipped with a serial port for facilities that are typically remote branch offices or “distributed”...
Page 19: Additional Documentation
Glossary Appendix E: Compliance Provides information about the SLB device’s compliance with industry Information standards. Additional Documentation Visit the Lantronix Web site at www.lantronix.com/support/documentation for the latest documentation and the following additional documentation. Document Description SLB Branch Office Manager Quick Start Describes the steps for getting the SLB unit up and running.
Page 20: 2: Introduction
Provides automatic power switch-over when both primary and secondary power inlet sources  are used Integration with Other Secure Lantronix Products Can integrate seamlessly with the ConsoleFlow™ or vSLM™ management appliance  software for a complete end-to-end Out-of-Band (OOB) management solution.
Page 21: Internal Temperature Sensor
2: Introduction Internal Temperature Sensor System administrators can be alerted if temperature goes out of range.  Figure 2-1 Branch to Enterprise Integration Concept Designed for Branch Offices and Similar Environments Designed to meet the specific needs of the remote branch offices and environments alike, the SLB branch office manager conserves rack space and reduces costs by enabling system administrators at a main corporate facility to manage the IT equipment distributed among branch offices simply and cost-effectively.
Page 22: Typical Equipment
Eliminating the need for a physical presence, the Lantronix SLB unit provides remote access to the equipment from anywhere there is a network or modem connection.
Page 23: Models
2: Introduction Models The SLB branch office manager has the following hardware components: The 100-120 VAC SLB model is available in 100-120 VAC (50-60 Hz) NEMA 5-20R type  outlets. This model also includes a USB port. The 200-240 VAC SLB model is available in 200-240 VAC (50-60 Hz) IEC C13 type outlets.
Page 24: System Features
2: Introduction Figure 2-4 200-240 VAC SLB Unit System Features The SLB firmware has the following basic capabilities: Connects up to eight RS-232 serial consoles  Controls power (on/off/reboot) of up to eight attached devices  Per port current consumption monitoring ...
Page 25: Access Control
2: Introduction SNMP with custom traps for remote monitoring and management  FTP and SFTP for file transfers and firmware upgrades  TFTP and HTTPS for firmware upgrades  DHCP and BOOTP for IP address assignment  HTTPS (SSL) for secure browser-based configuration ...
Page 26: Application Example
2: Introduction Application Example The figure below is an example deployment. An SLB unit is deployed in each branch office and an (optional) vSLM management appliance at the main office. The branch offices are interconnected (always on) by VPN routers overlaid on the Internet, and also interconnected (on demand) through the analog phone system.
Page 27: Hardware Features
2: Introduction Figure 2-5 Example Deployment A system administrator, upon losing IP connectivity to a server, takes the following steps: 1. Views the server's Ethernet interface state information provided by the SLB branch office manager. 2. If the Ethernet interface is faulty, connects to the server's console port by means of the SLB web page or CLI (optionally via the vSLM management appliance) and checks the server's system parameters.
Page 28: Serial Connections
Adapters and Pinouts on page 338.) Note: RJ45 to DB9/DB25 adapters are available from Lantronix. Device ports and the console port support the following baud-rate options: 300, 600, 1200, 2400, 4800, 9600, 19200, 38400, 57600, 115200, and 230400 baud. SLB™ Branch Office Manager User Guide...
Page 29: Network Connections
One possible use for the two Ethernet ports is to have one port on a private, secure network and the other on a public, unsecured network. Figure 2-8 Network Connection USB Interface The SLB unit has a USB port. Lantronix qualifies USB devices continuously. Figure 2-9 USB Interface SLB™ Branch Office Manager User Guide...
Page 30: Modem Interface
2: Introduction Modem Interface The SLB branch office manager has one v92 modem RJ11 interface to allow configuration and control of the unit via dialing into the unit. Caution: To reduce the risk of fire, use only No. 26 AWG or larger (e.g., 24 AWG) UL Listed or CSA Certified Telecommunication Line Cord.
Page 31: 3: Installation
Adapter: RJ45 rolled serial, Cisco, and Sun Netra Note: The following optional adapters are available from Lantronix: 200.2073 Adapter: DB25M (DTE) to RJ45, external modems. 200.2071 Adapter: DB9M (DTE) to convert the RJ45 serial connector to a PC style D-sub serial port Cables: 200.0063...
Page 32: Product Information Label
Speed software selectable (300 to 230,400 baud) Serial Interface (Console) (1) RJ45-type 8-pin connector (DTE) Speed software selectable (300 to 230,400 baud) Power Input 100-120 VAC SLB Model (2) IEC-60320/C20 inlet, 100-120 VAC, 50/60Hz  (20A Branch Circuit) 16A max input current ...
Page 33: Safety Precautions
 or removing the cover may expose you to dangerous voltage that could cause fire or electric shock. Refer all servicing to Lantronix.  Power Plug When disconnecting the power cable from the socket, pull on the plug, not the cord.
Page 34: Input Supply
3: Installation Always connect the unit with the proper polarity at the inlet connector. See Figure 3-5. Failure  to do so may cause downstream hazards on connected devices. Figure 3-5 Inlet Pin Assignment Neutral Line Ground To help protect the product from sudden, transient increases and decreases in electrical ...
Page 35: Port Connections
3: Installation Do not install the SLB unit in a rack in such a way that a hazardous stability condition results  because of uneven loading. A drop or fall could cause injury. The ambient temperature (Tma) inside the rack may be greater than the room ambient ...
Page 36: Connecting To A Device Port
To connect to a device port: 1. Connect one end of the Cat 5 cable to a device port on the SLB unit front panel. 2. Connect the other end of the Cat 5 cable to a Lantronix serial console adapter. Note: To connect a device port to a Lantronix SLP™...
Page 37: Connecting Terminals
The SLB branch office manager has a universal auto-switching dual AC inlet power supply. The power supply for the 100-120 VAC SLB controller accepts AC input voltage between 100 and 120 VAC with a frequency of 50 or 60 Hz. The power supply for the 200-240 VAC SLB controller accepts AC input voltage between 200 and 240 VAC with a frequency of 50 or 60 Hz.
Page 38: Connecting Devices To Power Outlets
1. Keep the device's on/off switch in the off position until after it is plugged into the outlet, or log in to the SLB branch office manager and turn the outlets off before connecting the devices. 2. Connect devices to the outlets. Figure 3-8 100-120 VAC SLB - Branch Office Manager Power Outlets SLB™ Branch Office Manager User Guide...
Page 39: Typical Installations
This setup enables the SLB branch office manager to manage the devices and provide power to the devices. In addition, the SLB unit includes a built-in modem for out-of-band dial-up access. Figure 3-10 100-120 VAC SLB Installation Diagram SLB™ Branch Office Manager User Guide...
Page 40: Figure 3-11 200-240 Vac Slb Installation Diagram
3: Installation Figure 3-11 200-240 VAC SLB Installation Diagram The SLB device controls up to eight serial devices and provides power to them. The devices use a separate user supplied Ethernet switch to connect to the network. SLB™ Branch Office Manager User Guide...
Page 41: 4: Quick Setup
DHCP. If you have connected Eth1 to the network, and Eth1 is able to acquire an IP address, you can view this IP address on the LCD or by running the Lantronix® DeviceInstaller™ utility. If Eth1 cannot acquire an IP address, you cannot use Telnet, SSH, or the web interface to run Quick Setup.
Page 42: Method #1 Using The Front Panel Display
4: Quick Setup Method (continued) Description Serial port login to You assign an IP address and configure the SLB branch office manager using command line interface a terminal or a PC running a terminal emulation program to the SLB unit’s serial console port connection.
Page 43: Navigating
4: Quick Setup Navigating The front panel keypad has one Enter button (in the center) and four arrow buttons (up, left, right, and down). Press the arrow buttons to navigate from one option to another, or to increment or decrement a numerical entry of the selected option. Use the Enter button to select an option to change or to save your settings.
Page 44: Entering The Settings
4: Quick Setup Note: The individual screens listed from left to right in Table 4-4 can be enabled or disabled for display on the SLB LCD screen. The order of appearance of the screens, if enabled, along with the elected “Home Page” may vary on the LCD monitor according to configuration.
Page 45: Restoring Factory Defaults
4: Quick Setup Note: If the prompt does not display, make sure you are no longer in edit mode. 11. Use the left/right arrow buttons to select Yes, and press the Enter button. 12. To review the saved settings, press the up or down arrows to step through the current settings. When you are done, the front panel returns to the clock display.
Page 46: Method #2 Quick Setup On The Web Page
4: Quick Setup To use DHCP to restore a configuration to a factory defaulted SLB: Utilize the Zero Touch Provisioning Configuration Restore feature, to acquire a default configuration from a DHCP server and TFTP server when it is booted. 1. At boot time, before the normal startup process, a unit will attempt to acquire network parameters and a configuration file, first over Eth1.
Page 47: Figure 4-5 Quick Setup
4: Quick Setup Figure 4-5 Quick Setup 4. To accept the defaults, select the Accept default Quick Setup settings checkbox in the top portion of the page and click the Apply button at the bottom of the page. Otherwise, continue with step 5.
Page 48: Network Settings
Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLB unit. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLB branch office manager attempts to resolve abcd.mydomain.com for the SMTP server.
Page 49: Method #3 Quick Setup On The Command Line Interface
4: Quick Setup Method #3 Quick Setup on the Command Line Interface If the SLB branch office manager does not have an IP address, you can connect a dumb terminal or a PC running a terminal emulation program (VT100) to access the command line interface. (See Connecting Terminals on page 37.) If the unit has an IP address, you can use SSH or Telnet to connect to the SLB.
Page 50: Figure 4-7 Completed Quick Setup
The host name becomes the prompt in the command line interface. Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLB. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLB branch office manager attempts to resolve abcd.mydomain.com for the SMTP server.
Page 51: Next Step
4: Quick Setup Enter gateway IP Address: [none] ____Hostname____________________________________________________________ The current hostname is 'slb882/8824', and the current domain is '<undefined>'. The hostname will be shown in the CLI prompt. Specify a hostname: [slb882/8824] Specify a domain: [<undefined>] ____Time Zone___________________________________________________________ The current time zone is 'UTC'. Enter time zone: [UTC] ____Date/Time___________________________________________________________ The current time is Mon April 30 02:33:17 2018...
Page 52: 5: Web And Command Line Interfaces
Web and Command Line Interfaces The SLB branch office manager offers three interfaces for configuring the SLB command line interface (CLI), a web interface, and an LCD with keypads on the front panel. This chapter discusses the web and command line interfaces. (Chapter 4: Quick Setup on page 41 includes instructions for using the LCD to configure basic network settings.)
Page 53: Logging In
Icons: The icon bar above the Main Menu has icons that display the following:  Home page. Information about the SLB unit and Lantronix contact information. Configuration site map. Status of the SLB device. Help Button: Provides online Help for the specific web page.
Page 54: Logging Out
The Lantronix SLB Quick Setup page displays automatically the first time you log in. Subsequently, the Lantronix SLB Home page displays. (If you want to display the Quick Setup page again, click Quick Setup on the main menu.) Logging Out To log off the SLB web interface: 1.
Page 55: Logging Out
5: Web and Command Line Interfaces If the SLB branch office manager already has an IP address (assigned previously or  assigned by DHCP), Telnet (if Telnet has been enabled) or SSH to xx.xx.xx.xx (the IP address in dot quad notation) and press Enter. The login prompt displays. 2.
Page 56: Command Line Help
5: Web and Command Line Interfaces Action Category show auth|auditlog|cflow|cifs|cli|connections|consoleport|datetime |deviceport|emaillog|groups|history|hostlist|ipfilter| kerberos|ldap|localusers|log|menu|network|nfs|nis|ntp| perfmon|portcounters|portstatus|power|radius|remoteusers| routing|script|services|site|slcnetwork|sshkey|sysconfig| syslog|sysstatus|tacacs+|temperature|usb|user|vpn connect bidirection|direct|global|listen|restart|script|terminate |unidirection diag arp|internals|lookup|loopback|netstat|nettrace|perfstat|ping| ping6|sendpacket|traceroute admin banner|clear|config|events|firmware|ftp|keypad|lcd|memory |quicksetup|reboot|shutdown|site|version|web Terminates CLI session. logout Command Line Help For general Help and to display the commands to which you have rights, type: help ...
Page 57: General Cli Commands
5: Web and Command Line Interfaces General CLI Commands The following commands relate to the CLI itself. To configure the current command line session: set cli scscommands <enable|disable> Allows you to use SCS-compatible commands as shortcuts for executing commands: Note: Settings are retained between CLI sessions for local users and users listed in the remote users list.
Page 58: 6: Basic Parameters
Basic Parameters This chapter explains how to set the following basic configuration settings for the SLB branch office manager using the SLB web interface or the CLI: Network parameters that determine how the SLB branch office manager interacts with the ...
Page 59: Figure 6-1 Network > Network Settings (Top Of Page)
6: Basic Parameters To enter settings for one or both network ports: 1. Click the Network tab and select the Network Settings option. The following page displays: Figure 6-1 Network > Network Settings (top of page) SLB™ Branch Office Manager User Guide...
Page 60: Eth1 And Eth2 Settings
6: Basic Parameters Figure 6-2 Network > Network Settings (bottom of page) 2. Enter the following information: Eth1 and Eth2 Settings Note: Configurations with the same IP subnet on multiple interfaces (Ethernet or PPP) are not currently supported. Eth1 Settings Disabled: If selected, disables the network port.
Page 61: Hostname & Name Servers
Domain If desired, specify a domain name (for example, support.lantronix.com). The domain name is used for host name resolution within the SLB. For example, if abcd is specified for the SMTP server, and mydomain.com is specified for the domain, if abcd cannot be resolved, the SLB branch office manager attempts to resolve abcd.mydomain.com for the SMTP server.
Page 62: Dhcp-Acquired Dns Servers
6: Basic Parameters DHCP-Acquired DNS Servers #1 - #3 Displays the IP address of the name servers if automatically assigned by DHCP. GPRS-Acquired DNS Servers #1 - #3 Displays the IP address of the name servers if automatically assigned by General Packet Radio Service (GPRS).
Page 63: Fail-Over Cellular Gateway Configuration
6: Basic Parameters Ethernet Port to Ping Ethernet port to use for the ping. Delay between Pings Number of seconds between pings. Number of Failed Number of pings that fail before the SLB branch office manager uses the fail-over Pings gateway.
Page 64: Advanced Cellular Gateway Configuration
6: Basic Parameters Advanced Cellular Gateway Configuration PIN Lock (check box) For the Sierra gateways, enable a lock so that the SIM card used by the gateway cannot be used by anyone who does not have the PIN. Pin # for SIM Card/ For the Sierra gateways, the PIN number for the SIM card used by the gateway.
Page 65: Ip Filter
6: Basic Parameters IP Filter IP filters (also called a rule set) act as a firewall to allow or deny individual or a range of IP addresses, ports, and protocols. When a network connection is configured to use an IP filter, all network traffic through that connection is compared, in order, to the rules of that filter.
Page 66: Configuring Ip Filters
6: Basic Parameters To enable IP filters: 1. Enter the following: Enable IP Filter Select the Enable IP Filter checkbox to enable all filters, or clear the checkbox to disable all filters. Disabled by default. Packets Dropped Displays the number of data packets that the filter ignored (did not respond to). View only.
Page 67: Rule Parameters
6: Basic Parameters Figure 6-4 Network > IP Filter Ruleset (Adding/Editing Rulesets) Rulesets can be added or updated on this page. 2. Enter the following: Ruleset Name Name that identifies a filter; may be composed of letters, numbers, and hyphens only.
Page 68 6: Basic Parameters Port Range Enter a range of destination TCP or UDP port numbers to be tested. An entry is required for TCP, TCP New, TCP Established, and UDP, and is not allowed for other protocols. Separate multiple ports with commas. Separate ranges of ports by colons.
Page 69: Updating An Ip Filter
6: Basic Parameters Updating an IP Filter To update an IP filter rule set: 1. From the Network > IP Filter page, the administrator selects the IP filter ruleset to be edited and clicks the Edit Ruleset button to return to the Network >...
Page 70: Dynamic Routing
6: Basic Parameters Figure 6-5 Network > Routing 2. Enter the following: Dynamic Routing Enable RIP Select to enable Dynamic Routing Information Protocol (RIP) to assign routes automatically. Disabled by default. RIP Version Select the RIP version. The default is 2. Static Routing Enable Static Select to assign the routes manually.
Page 71: Vpn
6: Basic Parameters This page can be used to create a Virtual Private Network (VPN) tunnel to the SLB branch office manager for secure communication between the SLB device and a remote host or gateway. The SLB unit supports IPSec tunnels using Encapsulated Security Payload (ESP). The SLB branch office manager supports host-to-host, net-to-net, host-to-net, and roaming user tunnels.
Page 72 6: Basic Parameters 2. Enter the following: Enable VPN Tunnel Select to create a tunnel. Name The name assigned to the tunnel. Required to create a tunnel. Ethernet Port Select ethernet port 1 or 2. Remote Host The IP address of the remote host's public network interface. The special value of any can be entered if the remote host is a roaming user who may not have the same IP address each time a tunnel is created.
Page 73 6: Basic Parameters DH Group (Ike) The Diffie-Hellman Group, 2 or 5, used for the key exchange for data sent through the tunnel. Any can be selected if the two sides can negotiate which Diffie-Hellman Group to use. Authentication The type of authentication used by the host on each side of the VPN tunnel to verify the identity of the other host.
Page 74: Performance Monitoring
6: Basic Parameters Performance Monitoring The SLB supports Performance Monitoring probes for analyzing network performance. Probes for DNS Lookup, HTTP Get, ICMP Echo, TCP Connect, UDP Jitter and UDP Jitter VoIP are supported. Up to 15 different probes can be configured. Each probe will run a series of operations, each of which sends a series of packets to a destination host.
Page 75: Figure 6-7 Network > Perf Monitoring
6: Basic Parameters To manage or view status for a Performance Monitoring probe: 1. Click the Network tab and select the Perf Monitoring option. The following page displays. Figure 6-7 Network > Perf Monitoring 2. In the upper section of the page, modify the global Performance Monitoring settings: Number of operations Specifies the number of operation set files to keep for each probe.
Page 76 6: Basic Parameters TCP Connect Starts the TCP Connect responder on the port configured in TCP Port to reply to Responder TCP connect requests. The SLB TCP Connect responder supports one TCP connect sender. When the TCP Connect responder is enabled, the SLB will verify that the responder TCP port is not being used by any other SLB processes.
Page 77: Performance Monitoring - Add/Edit Probe
6: Basic Parameters Performance Monitoring - Add/Edit Probe Performance Monitoring - Add/Edit Probe web page allows a user to add a new Performance Monitoring probe or edit an existing Performance Monitoring probe. To add a new probe or edit an existing probe: 1.
Page 78 6: Basic Parameters 3. Modify the probe settings: Probe Type Select from one of the available probe types: DNS Lookup - Performs a DNS lookup on the hostname specified in the  Destination Host using the Name Server. By default port 53 is always used as the Destination Port.
Page 79: Performance Monitoring - Results
6: Basic Parameters Data Size The size in bytes to use for the payload portion of the packet - this size is in addition to the IPv4 header and the TCP, UDP or ICMP header. Any additional space in the packet that is not used by the protocol will be padded with random data that can be used for data verification (see below).
Page 80 6: Basic Parameters Round Trip Times The results for each packet in an operation can be displayed with the RTT Results link. Each packet will be displayed with the packet start time and any error that resulted from sending the packet.
Page 81: Table 6-9 Error Conditions
6: Basic Parameters For jitter probes, positive (increasing latency) and negative (decreasing latency) statistics are shown, as well as the number of positive or negative jitter samples in each direction, and the sum and (and sum squared) of the positive or negative jitter times. These numbers give a summary of how much variation there was in latency times and if the variation was small or large.
Page 82: Figure 6-10 Performance Monitoring - Operations
6: Basic Parameters Error Condition Description Not Connected A packet could not be sent because the connection to the destination host could not be established, or because the attempt to send the packet failed. Sequence Error A packet response was received with an unexpected sequence number. Possible reasons are: a duplicate packet was received, a response was received after it timed out, a corrupted packet was received and was not detected.
Page 83: Performance Monitoring Commands
6: Basic Parameters the far right in the operation's row. The options that are available for that operation will be ungreyed. Select one of the following options: Refresh Refreshes the information on the Performance Monitoring - Operations page. RTT Results Displays the round trip time (RTT) results for the selected operation in a separate window.
Page 84: 7: Services
Enable or disable SSH and Telnet logins.  Configure an audit log.  View the status of and manage the SLB units on the secure Lantronix network.  Set the date and time.  SLB™ Branch Office Manager User Guide...
Page 85: Ssh/Telnet/Logging
7: Services SSH/Telnet/Logging To configure SSH, Telnet, and Logging settings: 1. Click the Services tab and select the SSH/Telnet/Logging option. The following page displays. Figure 7-1 Services > SSH/Telnet/Logging 2. Enter the following settings: System Logging Alert Levels Select one of the following alert levels from the drop-down list for each message category: Off: Disables this type of logging.
Page 86: Audit Log
7: Services Network Level Messages concerning the network activity, for example about Ethernet and routing. Services Messages concerning services such as SNMP and SMTP. Authentication Messages concerning user authentication. Device Ports Messages concerning device ports and connections. Diagnostics Messages concerning system status and problems. General Any message not in the categories above.
Page 87: Telnet
7: Services DSA Keys Enables or disables support for DSA keys for incoming and outgoing connections for the StLB unit. Any imported or exported DSA keys will be retained but will not be visible on the web or the CLI. Enabled by default. Use only SHA2 Enables or disables support for only SHA2 and higher ciphers for incoming connections and Higher...
Page 88: Snmp
7: Services SNMP Simple Network Management Protocol (SNMP) is a set of protocols for managing complex networks. 1. Click the Services tab and select the SNMP option. The following page displays: Figure 7-2 Services > SNMP SLB™ Branch Office Manager User Guide...
Page 89: Communities
7: Services 2. Enter the following: Enable Agent Enables or disables SNMP agent, which allows read-only access to the system. Disabled by default. Enable Traps Traps are notifications of certain critical events. Disabled by default. This feature is applicable when SNMP is enabled. Traps that the SLB unit sends include: coldStart (generic trap 0, OID 1.3.6.1.6.3.1.1.5.1) ...
Page 90: Version 3
7: Services Enable v1 If checked, SNMP version 1 (which uses the Read-Only and Read-Write Communities) is enabled. The default is disabled. Enable v2c If checked, SNMP version 2c (which uses the Read-Only and Read-Write Communities) is enabled. The default is enabled. Alarm Delay Number of seconds delay between outgoing SNMP traps.
Page 91: Nfs And Smb/Cifs
7: Services NFS and SMB/CIFS Use the Services > NFS/CIFS page if you want to save configuration and logging data onto a remote NFS server, or export configuration by means of an exported CIFS share. Mounting an NFS shared directory on a remote network server onto a local SLB directory enables the SLB branch office manager to store device port logging data on that network server.
Page 92: Smb/Cifs Share
To access Lantronix console servers, branch office managers and Spider devices on the local network: 1. Click the Services tab and select the Secure Lantronix Network option. The following page displays with an entry for each device discovered on the network. If Web SSH is enabled, device ports that have SSH In enabled are shown in a bright green.
Page 93: Figure 7-4 Services > Secure Lantronix Network
1. Make sure Web Telnet and Web SSH is enabled for the specific device or device port. 2. Click the IP address of a specific secure Lantronix device to open a new browser page with the web interface for the selected secure Lantronix device.
Page 94: Figure 7-5 Ip Address Login Page
7: Services Figure 7-5 IP Address Login Page To directly access the CLI interface for a device: 1. Make sure Web Telnet and/or Web SSH is enabled for the specific device or device port you wish to access. 2. Click the SSH or Telnet link in the SSH/Telnet to CLI column directly beside the port you would like to access.
Page 95: Figure 7-7 Disabled Port Number Popup Window
2. Click OK and login to the CLI interface which appears. See Figure 7-6. To configure how secure Lantronix devices are searched for on the network: 1. Click the Search Options link on the top right of the Services > Secure Lantronix Network page.
Page 96: Troubleshooting Browser Issues
5. To delete an IP address from the IP Address List, select the address and click the Delete IP Address button. 6. Click the Apply button. When the confirmation message displays, click Secure Lantronix Network on the main menu. The Services >...
Page 97 "slbXYZ.lantronix.com", and the unit website is being accessed in a browser with "https:// slbXYZ.lantronix.com", the unit needs to be configured with a name server that will allow the unit to perform a reverse lookup on the IP address associated with slbXYZ.lantronix.com. Failure to perform a reverse lookup on a name may result in name mismatch errors in the browser when it attempts to open the Web SSH or Web Telnet window.
Page 98: Web Ssh/Telnet Copy And Paste
Web SSH or Web Telnet window. Secure Lantronix Network Commands Go to Secure Lantronix Network Commands (on page 324) to view CLI commands which correspond to the web page entries described above. SLB™ Branch Office Manager User Guide...
Page 99: Date And Time
7: Services Date and Time You can specify the current date, time, and time zone at the SLB's location (default), or the SLB branch office manager can use NTP to synchronize with other NTP devices on your network. To set the local date, time, and time zone: 1.
Page 100: Date And Time Commands
7: Services Synchronize via Select one of the following: Broadcast from NTP Server: Enables the SLB branch office manager to  accept time information periodically transmitted by the NTP server. This is the default if you enable NTP. Poll NTP Server: Enables the SLB unit to query the NTP Server for the ...
Page 101: Figure 7-10 Services > Web Server
7: Services Figure 7-10 Services > Web Server 2. Enter the following fields: Timeout Select No to disable Timeout.  Select Yes to enable timeout.  Enter the number of minutes (must be between 5 and 120 minutes) after which the SLB web session times out. The default is 5. Note: If a session times out, refresh the browser page and login to a new web session.
Page 102: Administrative Commands
7: Services Use only SHA2 and By default, the web supports SHA1 as well as SHA2 and higher ciphers. Check Higher Ciphers this option to support only SHA2 and higher ciphers. Changing this option requires a reboot or restarting the web server with the CLI command "admin web restart"...
Page 103: Services - Ssl Certificate
7: Services Figure 7-11 Web Sessions 2. To terminate, select the check box for the session and click Terminate. 3. To return to the Services > Web Server page, click the Back to Web Server link. Services - SSL Certificate Services >...
Page 104: Figure 7-12 Ssl Certificate
7: Services Figure 7-12 SSL Certificate 2. If desired, enter the following: Reset to Default To reset to the default certificate, select the checkbox to reset to the default Certificate certificate. Unselected by default. Import SSL Certificate To import your own SSL Certificate, select the checkbox. Unselected by default. Import via From the drop-down list, select the method of importing the certificate (SCP or SFTP).
Page 105: Ssl Certificate Commands
The locality or city for the custom certificate, e.g. "Los Angeles". Must be at least 2 characters long. Organization Name The organization or company name for the custom certificate, e.g. "Lantronix". Must be at least 2 characters long. Organization Unit The unit name for the custom certificate, e.g.
Page 106: Consoleflow
An SLB device requires a unique Device ID to communicate with the ConsoleFlow portal. The ID is viewable in the ConsoleFlow settings. If a device is not already pre-configured with the ID, the ID must be provisioned using Lantronix Provisioning Manager (LPM). See the Provisioning Manager User Guide at https://www.lantronix.com/resources/product-index/.
Page 107: Figure 7-13 Services > Consoleflow
7: Services 4. Firmware and Configuration Updates The client checks for firmware and configuration updates at the interval defined by Interval between FW and Config Checks. When the client checks for firmware or configuration updates, Status of Client will display Checked for Content with the date and time the check was performed.
Page 108 Long description that is displayed in the ConsoleFlow server UI. Device ID The unique device identifier. The ID is 32 alphanumeric characters. The ID may be provisioned using Lantronix Provisioning Manager (LPM). Contact Lantronix Tech Support for more information on LPM. Displays the serial number.
Page 109: Consoleflow Commands
7: Services Messaging Host Messaging Services If enabled, messaging services are used for status updates and commands. Enabled by default. Messaging Host Hostname of the server used for messaging services. The hostname should start with mqtt. Messaging Port The TCP port on the Messaging Host. Defaults to 443. Messaging Services If enabled, TLS is used for messaging.
Page 110: 8: Device Ports
Device Ports This chapter describes how to configure and use an SLB device port connected to an external device, such as a server or a modem. The next chapter, Chapter 10: Connections describes how to use the web page to connect external devices and outbound network Devices >...
Page 111: Device Status
8: Device Ports The administrator and users with local user rights may assign individual port permissions to local users. The administrator and users with remote authentication rights assign port access to users authenticated by NIS, RADIUS, LDAP, Kerberos and TACACS+. Device Status Devices >...
Page 112: Telnet/Ssh/Tcp In Port Numbers
8: Device Ports Figure 8-2 Devices > Device Ports Current port numbering schemes for Telnet, SSH, and TCP ports display on the left. The list of ports 1-8 on the right includes the individual ports and their current mode. Note: For units with more ports, click the buttons above the table to view additional ports.
Page 113: Global Commands
8: Device Ports Starting TCP Port Each port is assigned a number for connecting through a raw TCP connection. Enter a number (1025-65528) that represents the first port. The default is 4000 plus the port number. For example, if you enter 4001, subsequent ports are automatically numbered 4002, 4003, and so on.
Page 114: Figure 8-4 Device Ports > Settings
8: Device Ports Figure 8-4 Device Ports > Settings SLB™ Branch Office Manager User Guide...
Page 115: Device Port Settings
Connected to The type of device connected to the device port. Presently, the SLB branch office manager supports Lantronix SLP power managers (SLP8 and SLP16 units) and Sensorsoft devices. If the type of device is not listed, select undefined. If you select anything other than undefined, click Device Commands. The appropriate web page displays.
Page 116: Data Settings
8: Device Ports TCP in Enables access to this port through a raw TCP connection. Disabled by default: Note: When using raw TCP connections to transmit binary data, or where the break command (escape sequence) is not required, set the Break Sequence of the respective device port to null (clear it).
Page 117: Hardware Signal Triggers
8: Device Ports Max Direct Connects Enter the maximum number (1-10) of simultaneous connections for the device port. The default is 1. Show Lines on If enabled, when the user either does a connect direct from the CLI or connects Connecting directly to the port using Telnet or SSH, the SLB outputs up to 24 lines of buffered data as soon as the serial port is connected.
Page 118: Modem Settings: Text Mode
8: Device Ports Initialization Script Commands sent to configure the modem may have up to 100 characters. Consult your modem’s documentation for recommended initialization options. If you do not specify an initialization script, the SLB branch office manager uses a default initialization string of AT S7=45 SO=0...
Page 119 8: Device Ports Authentication Enables PAP or CHAP authentication for modem logins. PAP is the default. With PAP, users are authenticated by means of the Local Users and any of the remote authentication methods that are enabled. With CHAP, the CHAP Handshake fields authenticate the user.
Page 120: Port Status And Counters
8: Device Ports Note: It may take a few minutes for the system to apply the settings to multiple ports. Port Status and Counters Port Counters describe the status of signals and interfaces. SLB branch office manager updates and increments the port counters as signals change and data flows in and out of the system. These counters help troubleshoot connections or diagnose problems because they give the user an overview of the state of various parameters.
Page 121: Status/Info
8: Device Ports Figure 8-6 Device Ports > SLP To enter SLP commands: 1. Enter the following: Number of Outlets Enter the number of outlets for a ServerTech CDU. This setting is not applicable for an SLP unit. Number of Expansion Enter the number of outlets for a ServerTech CDU expansion unit.
Page 122: Commands
8: Device Ports Infeed Status Click the link to view the status of the data the SLP unit is receiving. System Info Click the link to see system information pertaining to the SLP power manager. Commands Restart SLP To restart the SLP power manager, select the checkbox. Control Outlet For Tower A or Tower B, select All Outlets or Single Outlet and the number of the outlet to be controlled (1-8 for the SLP8 or 1-16 for the SLP16 devices)
Page 123: Device Port Commands
8: Device Ports High Humidity Enter the highest relative acceptable humidity permitted on the device above which the sensor sends a trap to the SLB branch office manager. Traps Select to indicate the SLB unit should send a trap or configured Event Alert when the sensor detects an out-of-range configured threshold.
Page 124: Device Ports - Logging
8: Device Ports Setting up a user with an escape sequence is optional. For any NIS, LDAP, RADIUS, Kerberos, or TACACS+ user, or any local user who does not have an escape sequence defined, the default escape sequence is Esc+A. Device Ports - Logging The SLB products support port buffering of the data on the system's device ports as well as notification of receiving data on a device port.
Page 125: Email/Snmp Notification
8: Device Ports 02_Port-2_2.log 02_Port-2_3.log 02_Port-2_4.log 02_Port-2_5.log Email/SNMP Notification The system administrator can configure the SLB branch office manager to send an email alert message indicating a particular condition detected in the device port log to the appropriate parties or an SNMP trap to the designated NMS (see Chapter 7: Services on page 84).
Page 126: Local Logging
8: Device Ports Figure 8-8 Devices > Device Ports - Logging 2. Enter the following: Local Logging Local Logging If you enable local logging, each device port stores 256 Kbytes (approximately 400 screens) of I/O data in a true FIFO buffer. Disabled by default. Clear Local Log Select the checkbox to clear the local log.
Page 127: Log Viewing Attributes
8: Device Ports Send If you enabled email and SNMP logging, select what type of notification log to send: Email (default)  SNMP Trap  Both  Trigger on Select the method of triggering a notification: Byte Count: A specific number of bytes of data. This is the default. ...
Page 128: Nfs File Logging
8: Device Ports NFS File Logging NFS Log to View Select the checkbox to log all data sent to the device port to one or more files on an external NFS server. Disabled by default. Directory to Log to The path of the directory where the log files will be stored. Note: This directory must be a directory exported from an NFS server mounted on the SLB.
Page 129: Figure 8-9 Devices > Console Port
8: Device Ports 1. Click the Devices tab and select Console Port. The following page displays: Figure 8-9 Devices > Console Port 2. Change the following as desired: Baud The speed with which the device port exchanges data with the attached serial device.
Page 130: Console Port Commands
8: Device Ports Group Access If undefined, any group can access the console port. If one or more groups are specified (groups are delimited by the characters ' ' (space), ',' (comma), or ';' (semicolon)), then any user who logs into the console port must be a member of one of the specified groups, otherwise access will be denied.
Page 131: Figure 8-10 Devices > Power Outlets
8: Device Ports Figure 8-10 Devices > Power Outlets SLB™ Branch Office Manager User Guide...
Page 132: Power Commands
8: Device Ports 2. Enter the following: Switching Delay Number of milliseconds the SLB branch office manager between subsequent switching. The range is 1000-2500 msec. The default is 2000 msec (2 sec). Over Current Alarm If SNMP traps are enabled (see 84), a trap (alarm) is Chapter 7: Services on page sent if the total current for all outlets exceeds a threshold.
Page 133: Figure 8-11 Devices > Host Lists
8: Device Ports Figure 8-11 Devices > Host Lists 2. Select a host list and click the View Host List button. The list of hosts display in the Hosts box along with the settings for the selected host list (Figure 8-11).
Page 134: Host List Commands
8: Device Ports Authentication Select to require authentication when the SLB device connects to a host. Host Name or IP address of the host. Protocol Protocol for connecting to the host (TCP, SSH, or Telnet). Port Port on the host to connect to. Escape Sequence The escape character used to get the attention of the SSH or Telnet client.
Page 135: Figure 8-12 Devices > Scripts
8: Device Ports reached and new result files are generated, the oldest result files will automatically be deleted to accommodate the new result files. A user can create scripts at the web, view scripts at the web and the CLI, and use (run) scripts at the CLI.
Page 136: Scripts
8: Device Ports 2. Click the Add Script button. The page for editing script attributes displays. Figure 8-13 Adding or Editing New Scripts 3. Enter the following: Scripts Script Name A unique identifier for the script. Type Select Interface for a script that utilizes Expect/Tcl to perform pattern detection ...
Page 137: User Rights
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider, SLC and SLB Network units) on the local subnet. Date/Time Right to set the date and time.
Page 138: Figure 8-14 Devices > Scripts - Scheduler
8: Device Ports To view or update a script: 1. In the Scripts table, select the script and click the Edit Script button. The page for editing script attributes displays (see Figure 8-13). 2. Update the script attributes (see To add a script: above).
Page 139 8: Device Ports with one schedule): Device Type The device - either the CLI or a Device Port - that the script is connected to. State The state of the script’s schedule. A script must be Enabled in order for the script scheduler to begin running the schedule.
Page 140: Figure 8-15 Custom Scripts - Operations
8: Device Ports 2. The Custom Scripts - Operations page displays, with a list of any results that have been generated for a script, in reverse date/time order. Figure 8-15 Custom Scripts - Operations 3. Any of the results can be viewed by selecting the operation and clicking Script Results. SLB™...
Page 141: Figure 8-16 View Custom Script Results
8: Device Ports To view the latest results from a completed operation (run) of a custom script: 1. Click the Devices tab and select the Scripts option. The Scripts page displays. 2. In the Scripts table, select the script to view results for, and click Latest Results. The results are displayed in a popup window.
Page 142: Batch Script Syntax
8: Device Ports command. This action requires that a SLB user running the runcli command belong to a group that is the same or greater than the group assigned to the script (e.g., if the script is assigned to the Power group, the user running the runcli command must belong to the Power or Admin group).
Page 143: Table 8-17 Definitions
8: Device Ports Table 8-17 Definitions Term Definition Word A contiguous group of characters delimited on either side by spaces. Not enclosed by double quotes. Primary Command One of the primary commands listed in this section. Secondary Command One of the secondary commands defined in this section. Quoted String A group of characters enclosed by double quote (") characters.
Page 144: Table 8-18 Primary Commands
8: Device Ports Table 8-18 Primary Commands Command Description command assigns a value to a variable. Syntax: set <variable> <value> where <variable> is a word, and <value> can be defined in one of the following ways: A quoted string  A word ...
Page 145: Table 8-19 Secondary Commands
8: Device Ports Secondary Commands These are commands which provide data or other support to the Primary commands. These commands are never used by themselves in a script. The preprocessor will require that these commands always follow a left square bracket ('[') character and be followed on a single line by a right bracket (']').
Page 146: Table 8-20 Control Flow Commands
8: Device Ports Command Description This command evaluates an arithmetic expression and returns the result. The expr expr command will only be used in combination with the command to generate a value for a variable. Syntax: expr <value> <operation> <value> Each will be either a word or a variable reference, and <operation>...
Page 147: Custom Script Syntax
8: Device Ports Command Description command executes an associated block of commands if its Boolean if, elseif and expression evaluates to TRUE. Each command within the block must be a Primary else command. Syntax: if {<Boolean expression>} { command 1 command 2 command n command is used in association with an...
Page 148 8: Device Ports Note: For CLI sessions, a local user name should be given  For Device Port sessions, the $devicePort variable will be used by the SLB to connect  the script to the appropriate Device Port. The -noecho flag may be passed to spawn command.
Page 149: Example Scripts
8: Device Ports Example Scripts Interface Script—Monitor Port The Monitor Port (Monport) script connects directly to a device port by logging into the SLB port, gets the device hostname, loops a couple of times to get port interface statistics, and logs out. The following is the script: set monPort 7 set monTime 5...
Page 150 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Secure Lantronix Branch Office Manager Model Number: SLB 48 For a list of commands, type 'help'. [slb251glenn]> show network port 1 host show network port 1 host...
Page 151 [slb247glenn]> connect script monport deviceport 7 login: Logging in..sysadmin sysadmin Password: PASS Welcome to the Secure Lantronix Branch Office Manager Model Number: slb 48 For a list of commands, type 'help'. [slb251glenn]> show network port 1 host show network port 1 host...
Page 152 8: Device Ports [slb251glenn]> show portcounter deviceport 7 Device Port: 7 Seconds since zeroed: 1454120 Bytes input: 0 Bytes output: 0 Framing errors: 0 Flow control errors: 0 Overrun errors: 0 Parity errors: 0 [slb251glenn]> [Current Time:21:25:20] show portcounter deviceport 7 show portcounter deviceport 7 Device Port: 7 Seconds since zeroed: 1454136 Bytes input: 0 Bytes output: 0...
Page 153 8: Device Ports set date [clock format $now -format {%D %R}] if {$argc > 0} { myprint "Internal temperature of the $location SLB at $date" } else { myprint "Internal temperature of the SLB at $date" # spawn the CLI session if {[catch {spawn -noecho clisession -U sysadmin} result]} { abortSession 1 set sessionId $spawn_id...
Page 154 8: Device Ports exit 0 This script can be run manually at the CLI: [slb431d] set script runcli cliExample parameters "East Data Center" Internal temperature of the East Data Center SLB at 01/27/2019 02:07 Temperature: 48C (118F) Expect Custom Script - SLB Device Port Session An example of an Expect Custom Script that interacts with a SLB Device Port (in this example a ServerTech PDU is connected to a Device Port): #! expect...
Page 155 8: Device Ports send "\n" expect { "Username:" { send "admn\n" } "Error:*\r\n" { send_user $expect_out(0,string); abortSession 2 } expect "Password:" send "admn\n" # Wait for the first prompt set loggedIn false while {! $loggedIn} { expect { timeout {myprint "Timeout waiting to login"; abortSession 3} "*CDU: "...
Page 156 8: Device Ports Expect Custom Script - SLB Device Port Session An example of an Expect Custom Script that interacts with a SLC or SLB Device Port (in this example a Cisco server is connected to a Device Port): #! expect # Save a copy of the running config of a Cisco server to a TFTP server # The Cisco server is connected to a SLC/B device port proc myprint {str} {...
Page 157 8: Device Ports set passwordPrompt false set cnt 1 while {! $loggedIn || ! $execMode} { if {$cnt == 5} { myprint "Timeout waiting for > or # prompt" abortSession 4 if {! $passwordPrompt} { send "\r" expect { "*assword: " { send "$enablePassword\r" } ">"...
Page 158 8: Device Ports Python Custom Script - SLB CLI Session An example of a Python Custom Script that interacts with a CLI session: #! python # Script to set the RADIUS authentication settings of the SLB # Sets the first RADIUS server and secret, and enables RADIUS # Note: passing secret as a command line parameter is a security vulnerability # Usage:...
Page 159 8: Device Ports while True: output_str = proc.stdout.readline() if b'RADIUS settings successfully updated' in output_str: break elif b'set radius' not in output_str: # RADIUS command returned an error s1 = str(output_str) s2 = s1.split("\\r")[1] print("RADIUS command returned: " + s2.split("\\n")[0]) proc.stdin.close() proc.terminate() proc.wait()
Page 160 8: Device Ports import pexpect import datetime import time import sys import re now = datetime.datetime.now() print("Detecting devices on SLC at ", end="") print(now.strftime("%Y-%m-%d %H:%M")) # start the CLI session to get number of device ports p=pexpect.spawn('clisession -U sysadmin') slcPrompt = "" numPorts = 0 loggedIn = False while not loggedIn:...
Page 161 8: Device Ports pList = [] if numPorts == 24 or numPorts == 40: # Adjust port numbering for SLC8024 and SLC8040 skipPorts = True numPorts = numPorts + 8 # Loop through device ports, connect and try to detect the prompt while devicePort <= numPorts: if skipPorts and devicePort >= 9 and devicePort <= 16: devicePort = devicePort + 1...
Page 162 8: Device Ports if not gotPrompt: devicePort = devicePort + 1 pList.append('') continue # Detect the prompt devPrompt = "" p.send("\n") i = p.expect([pexpect.TIMEOUT, pexpect.EOF, '\r\n(.*)>'], timeout=10) if i == 0 or i == 1: # Timeout or EOF print("Timeout waiting for the prompt on DP", devicePort, ".") p.terminate(True) p.wait() devicePort = devicePort + 1...
Page 163 8: Device Ports elif i == 4: # prompt loggedIn = True devicePort = 1 while devicePort <= numPorts: if skipPorts and devicePort >= 9 and devicePort <= 16: devicePort = devicePort + 1 continue if len(pList[devicePort - 1]) > 0: # Detected a prompt;...
Page 164 8: Device Ports set io [open "| clisession -U sysadmin" r+] set loggedIn false while {! $loggedIn} { set len [gets $io line] if {[string first "Invalid local user" $line] != -1} { puts "Invalid local user passed to clisession" break if {[string first "For a list of commands"...
Page 165: Sites
8: Device Ports Sites A site is a group of site-oriented modem parameters that can be activated by various modem- related events (authentication on dial-in, outbound network traffic for a dial-on-demand connection, etc.). The site parameters will override parameters that are configured for a modem. To use sites with a modem, create one or more sites (described below), then enable Use Sites for the modem.
Page 166 8: Device Ports Port Select the Device Port or the USB Port the site is assigned to. For dial-on-demand sites, a port must be selected. For any other sites, the port selection can be set to None. See Modem Dialing States on page 167.
Page 167: Site Commands
8: Device Ports Dial-back Retries For dial-back and CBCP Server, the number of times the SLB unit will retry the dial- out portion of the dialing sequence if the first attempt to dial-out fails. Modem Timeout Timeout for dial-in and dial-on-demand PPP connections. Select Yes (default) for the SLB device to terminate the connection if no traffic is received during the configured idle time.
Page 168: Dial-Out
CLI session, or (if Timeout Logins is enabled) the CLI session is terminated if it has been idle. Special SLM (Secure Lantronix Management Appliance) Text Dial-back support. When the  SLM unit is configured for SLB unit callback support, the SLM device dials the SLB. The SLM will provide the callback number in a text string (DIALBACK #) to the modem that the SLM it is currently using.
Page 169: Dial-On-Demand
8: Device Ports Dial-back Delay seconds before initiating the dial-back. The SLB unit will dial, and if the remote peer requests PAP or CHAP authentication, provide the Remote/Dial-out Login and Remote/Dial-out Password as authentication tokens. Once authenticated, a PPP session will be established using either negotiated IP addresses or specific IP addresses (determined by the Negotiate IP Address setting).
Page 170: Dial-In/Host List
8: Device Ports For Dial-back, the user will be authenticated via PAP or CHAP (configured with the  Authentication setting). For PAP, the Local/Remote list will be used to authenticate the login and password sent by the PPP peer. For CHAP, the CHAP Handshake Host/User Name and Secret/User Password will be used to authenticate the CHAP Challenge response sent by the PPP peer.
Page 171: Cbcp Client
8: Device Ports Challenge response sent by the PPP peer. If the remote peer requests PAP or CHAP authentication from the SLB unit , the Remote/Dial-out Login and Remote/Dial-out Password will be provided as authentication tokens. Once authenticated, the CBCP handshake with the client determines the number to use for dial-back.
Page 172: 9: Usb Port
USB Port This chapter describes how to configure storage by using the Devices > USB page and CLI. This page can be used to configure the thumb drive and modems. The thumb drive is useful for saving and restoring configurations and for Device Port Logging. See Device Port Settings (on page 115).
Page 173: Figure 9-2 Devices > Usb > Configure
9: USB Port 2. Click Configure. Figure 9-2 shows the page that displays if a USB storage device is inserted in the selected port. Figure 9-2 Devices > USB > Configure 3. Enter the following fields. Mount Enables the first partition of the USB device (if not currently mounted). Once mounted, a device is used for device port logging and saving/ restoring configurations.
Page 174: Figure 9-3 Devices > Usb > Modem
9: USB Port Figure 9-3 Devices > USB > Modem SLB™ Branch Office Manager User Guide...
Page 175: Data Settings
9: USB Port 3. Enter the following fields. Data Settings Note: Check the modem’s equipment settings and documentation for the proper settings. The attached modem must have the same settings. Baud The speed with which the device port exchanges data with the attached serial device.
Page 176 9: USB Port Mode The format in which the data flows back and forth: Text: In this mode, the SLB unit assumes that the modem will be used for  remotely logging into the command line. Text mode can only be used for dialing in or dialing back.
Page 177: Text Mode
9: USB Port Dial-back Retries Specify the number of times to retry dialing back. Check Dial Tone If enabled, the SLB branch office manager will periodically check the modem for a dial tone while waiting for a dial in (ie, if the Modem State is set to Dial-in, or if the Modem State is set to Dial-back and the SLB unit is in the Dial-in portion of the sequence).
Page 178: Ip Settings
9: USB Port Enable NAT Select to enable Network Address Translation (NAT) for dial-in and dial-out PPP connections on a per modem (device port or USB port) basis. Users dialing into the SLB unit access the network connected to Eth1 and/or Eth2. Note: IP forwarding must be enabled on the Network >...
Page 179: Manage Firmware And Configuration Files
9: USB Port Manage Firmware and Configuration Files To manage any firmware and configuration files stored on a USB thumb drive, perform the following steps. 1. Click the Manage Files on the Thumb Drive link on the Devices > USB > Configure page.
Page 180: 10: Connections
10: Connections Chapter 8: Device Ports described how to configure and interact with an SLB device port connected to an external device. This chapter describes how to use the Devices > Connections page to connect external devices and outbound network connections (such as Telnet or SSH) in various configurations.
Page 181: Remote Access Server
10: Connections Figure 10-1 Terminal Server SLB Branch Office Manager Server Telnet Sessions (via Network connection) Serial Connections VT100 Terminals Remote Access Server In this setup, the SLB unit is connected to one or more modems by its device ports. Configure the device ports on the Device Ports >...
Page 182: Multiport Device Server
A PC can use the device ports on the SLB branch office manager as virtual serial ports, enabling the ports to act as if they are local ports to the PC. To use the SLB unit in this setup, the PC requires special software, for example, Com Port Redirector (available on www.lantronix.com) or similar software).
Page 183: Connection Configuration
10: Connections Connection Configuration To create a connection: 1. Click the Devices tab and select the Connections option. The following page displays: Figure 10-5 Devices > Connections For a device port, enter the following: Outgoing Select to turn on or turn off the connection timeout: Connection No for no timeout ...
Page 184: Figure 10-6 Current Connections
10: Connections From the drop-down list, select a destination for the connection: a device port connected to a serial device, a device port connected to a modem, or an outbound network connection (Telnet, SSH, TCP Port, or UDP Port). Note: To see the current settings for a selected device port, click the Settings link.
Page 185: Connection Commands
10: Connections 5. To reestablish a connection that hasa been suspended, select the connection and click the Restart button. 6. To view information about Web connections, click the here link in the text above the table. The Maintenance > Firmware & Configurations page displays.
Page 186: 11: User Authentication
11: User Authentication Users who attempt to log in to the SLB branch office manager by means of Telnet, SSH, the console port, or one of the device ports are granted access by one or more authentication methods. The User Authentication page provides a submenu of methods (Local Users, NIS, LDAP, RADIUS, Kerberos, and TACACS+) for authenticating users attempting to log in.
Page 187: Figure 11-1 User Authentication > Authentication Methods
11: User Authentication To enable, disable, and set the precedence of authentication methods: 1. From the main menu, select User Authentication. The following page displays: Figure 11-1 User Authentication > Authentication Methods 2. To enable a method currently in the Disabled methods list, select the method and press the left arrow to the left of the list.
Page 188: Authentication Commands
11: User Authentication Kerberos Kerberos is a network authentication protocol that enables two parties to exchange private information across an unprotected network. It works by assigning a unique electronic credential, called a ticket, to each user who logs on to the network. The ticket is embedded in messages to identify the sender.
Page 189: Local And Remote User Settings
11: User Authentication Local and Remote User Settings The system administrator can configure the SLB branch office manager to use local accounts and remote accounts to authenticate users. 1. Click the User Authentication tab and select the Local/Remote Users option. The following page displays.
Page 190 11: User Authentication Authenticate only Select the check box to authenticate users listed in the Remote Users list in the remote users who are lower part of the page. Disabled by default. in the remote users list 3. Continue to set Local User Passwords Complex Passwords Select to enable the SLB unit to enforce rules concerning the password structure (e.g., alphanumeric requirements, number of characters, punctuation marks).
Page 191: Adding, Editing Or Deleting A User
11: User Authentication Adding, Editing or Deleting a User Through this User Authentication > Local/Remote Users page, you can delete a user listed in the table or open a page for adding or editing a user. To add a user: Users, click the Add/Edit User button.
Page 192 11: User Authentication A unique numeric identifier the system administrator assigns to each user. Valid UIDs are 101-4294967295. Note: The UID must be unique. If it is not, SLB branch office manager automatically increments it. Starting at 101, the SLB device finds the next unused UID.
Page 193 Right to enable and disable system and audit logging, SSH and Telnet logins, SNMP, and SMTP. Includes NFS and CIFS. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider or SLB Network units) on the local subnet.
Page 194: Shortcut
11: User Authentication Shortcut To add a user based on an existing user: 1. Display the existing user on the Local/Remote Users Settings page. The fields in the top part of the page display the current values for the user. 2.
Page 195: Figure 11-4 User Authentication > Nis
11: User Authentication To configure the SLB device to use NIS to authenticate users: 1. Click the User Authentication tab and select the NIS option. Figure 11-4 User Authentication > NIS 2. Enter the following: Enable NIS Displays selected if you enabled this method on the Authentication Methods page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 196 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider, SLC and SLB Network units) on the local subnet. Date/Time Right to set the date and time.
Page 197: Nis Commands
11: User Authentication Remote Right to assign a remote user to a user group and assign a set of rights to the user. Authentication SSH Keys Right to set SSH keys for authenticating users. User Menus Right to create a custom user menu for the CLI for NIS users. Web Access Right to access Web-Manager.
Page 198: Figure 11-5 User Authentication > Ldap
11: User Authentication To configure the SLB unit to use LDAP to authenticate users: 1. Click the User Authentication tab and select LDAP. The following page displays. Figure 11-5 User Authentication > LDAP 2. Enter the following: Enable LDAP Displays selected if you enabled this method on the first User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 199 Attribute use to search for a name (ie, "msmith") or a Distinguished Name (ie, "uid=msmith,ou=People,dc=lantronix,dc=com"). Select either Name or DN as appropriate for the LDAP server. If nothing is specified for the group membership attribute, the SLB branch office manager will use "memberUID" for name and "uniqueMember"...
Page 200 11: User Authentication Encrypt Messages Select Start TLS or SSL to encrypt messages between the SLB unit and the LDAP server. If Start TLS is selected, the port will automatically be set to 389 and the StartTLS extension will be used to initiate a secure connection; if SSL is selected, the port will automatically be set to 636 and a SSL tunnel will be used for LDAP communication.
Page 201: Ldap Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider and SLB units) Network on the local subnet. Date/Time Right to set the date and time.
Page 202: Radius
11: User Authentication RADIUS The system administrator can configure the SLB device to use RADIUS to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. Users who are authenticated through RADIUS are granted device port access through the port permissions on this page.
Page 203 11: User Authentication Enable RADIUS Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable RADIUS here or on the first User Authentication page. If you enable RADIUS here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 204 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider and SLB units) Network on the local subnet. Date/Time Right to set the date and time.
Page 205: Radius Commands
FreeRADIUS server, the dictionary will need be updated with the Lantronix definition by including the contents below in a file named dictionary.lantronix, and including it in the RADIUS server dictionary definitions by adding the appropriate $INCLUDE directive to the main dictionary file.
Page 206 11: User Authentication BEGIN-VENDOR Lantronix ATTRIBUTE Lantronix-User-Attributes 1 string END-VENDOR Lantronix Once this is complete, the users file can be updated to include the Lantronix VSA for any user: myuser Auth-Type := Local, User-Password == "myuser_pwd" Reply-Message = "Hello, %u", Lantronix-User-Attributes = "data 1-4 listen 1-6 clear 1-4...
Page 207: Kerberos
11: User Authentication Kerberos Kerberos is a network authentication protocol that provides strong authentication for client/server applications by using secret-key cryptography. The system administrator can configure the SLB branch office manager to use Kerberos to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port. Users who are authenticated through Kerberos are granted device port access through the port permissions on this page.
Page 208 11: User Authentication 2. Enter the following: Enable Kerberos Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox. Note: You can enable Kerberos here or on the first User Authentication page. If you enable Kerberos here, it automatically displays at the end of the order of precedence on the User Authentication page.
Page 209: Kerberos Commands
Right to enable and disable system logging, SSH and Telnet logins, SNMP, and Services SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider and SLB Network units) on the local subnet. Right to set the date and time.
Page 210: Tacacs
11: User Authentication TACACS+ Similar to RADIUS, the main function of TACACS+ is to perform authentication for remote access. The SLB branch office manager supports the TACACS+ protocol (not the older TACACS or XTACACS protocols). The system administrator can configure the SLB branch office manager to use TACACS+ to authenticate users attempting to log in using the Web, Telnet, SSH, or the console port.
Page 211: Figure 11-8 User Authentication > Tacacs
11: User Authentication To configure the SLB unit to use TACACS+ to authenticate users: 1. Click the TACACS+ tab and select TACACS+. The following page displays. Figure 11-8 User Authentication > TACACS+ 2. Enter the following: Enable TACACS+ Displays selected if you enabled this method on the User Authentication page. If you want to set up this authentication method but not enable it immediately, clear the checkbox.
Page 212 11: User Authentication Authentication The type of service used to pass the authentication tokens (e.g., login and Service password) between the SLB and the TACACS+ server. Options are: ASCII Login (login and password are transmitted in clear, unencrypted text), PPP/PAP (login and password are transmitted in clear, unencrypted text via a PAP protocol packet), and PPP/CHAP (the TACACS+ server sends a challenge that consists of a session ID and an arbitrary challenge string, and the user name and password...
Page 213: Tacacs+ Commands
Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider and SLB Network units) on the local subnet. Date/Time Right to set the date and time.
Page 214: Groups
11: User Authentication Groups The SLB branch office manager has 3 pre-defined groups: Administrators, Power Users, and Default Users. Custom groups can also be created; each custom group is a set of user attributes and permissions. Local Users and Remote Users defined on the SLB unit can be assigned to one of the pre-defined groups or a custom group.
Page 215: Figure 11-9 User Authentication > Group
11: User Authentication Figure 11-9 User Authentication > Group 2. Enter the following: Group Name Enter a name for the group. Listen Ports The ports users are able to monitor using the connect listen command. Data Ports The ports users are able to monitor and interact with using the command.
Page 216 Services Right to enable and disable system logging, SSH and Telnet logins, SNMP, and SMTP. Secure Lantronix Right to view and manage secure Lantronix units (e.g., SLP, Spider, and Network SLB units) on the local subnet. Date/Time Right to set the date and time.
Page 217: Ssh Keys
11: User Authentication To delete a group: 1. Select the group in the Groups table. 2. Click the Delete Group button. SSH Keys The SLB branch office manager can import and export SSH keys to facilitate shared key authentication for all incoming and outgoing SSH connections. By using a public/private key pair, a user can access multiple hosts with a single passphrase, or, if a passphrase is not used, a user can access multiple hosts without entering a password.
Page 218: Figure 11-10 User Authentication > Ssh Keys
11: User Authentication To configure the SLB unit to use SSH keys to authenticate users: 1. From the main menu, select User Authentication - SSH Keys. The following page displays. Figure 11-10 User Authentication > SSH Keys 2. Enter the following: SLB™...
Page 219: Imported Keys (Ssh In)
11: User Authentication Imported Keys (SSH In) Host & User Associated with Key These entries are required in the following cases: The imported key file does not contain the host that the user will be making an SSH  connection from, or The SLB local user login for the connection is different from the user name the key was ...
Page 220: Host And Login For Export
11: User Authentication Host and Login for Export Export via Select the method (SCP, FTP, HTTPS or Copy/Paste) of exporting the key to the remote server. Copy/Paste, the default, requires no other parameters for export. Host IP address of the remote server to which the SLB unit will SCP or FTP the public key file.
Page 221: Figure 11-11 Current Host Keys
11: User Authentication Figure 11-11 Current Host Keys 2. View or enter the following: Select the All Keys checkbox to reset all default key(s), or select one or more Reset to Default Host checkboxes to reset defaults for RSA1, RSA, or DSA keys. All checkboxes are unselected by default.
Page 222: Ssh Key Commands
11: User Authentication Private Key Filename Filename of the private host key. Host name or IPaddress of the host from which to import the key. Host Path Path of the directory where the host key will be stored. User ID to use to SCP or SFTP the file. Login Password to use to SCP or SFTP the file.
Page 223: Custom Menus
11: User Authentication Custom Menus Users can have custom user menus as their command line interface, rather than the standard CLI command set. Each custom user menu can contain up to 50 commands ('logout' is always the last command). Instead of typing each command, the user enters the number associated with the command.
Page 224 11: User Authentication Title Enter an optional title which will be displayed about the menu at the CLI. Nicknames Select to enable nicknames to be displayed in the menu instead of the commands. If the custom menu will have nicknames, this should also be selected prior to entering the commands in the web page, as this will facilitate entry of the nicknames.
Page 225: Custom User Menu Commands
11: User Authentication 3. Click the Edit Custom Menu button. To delete a custom menu: 1. Select the custom menu in the Custom Menus table. 2. Click the Delete Custom Menu button. To create a new custom menu from an existing custom menu: 1.
Page 226: 12: Maintenance
12: Maintenance The system administrator performs maintenance activities and operates the SLB branch office manager using the options for the Maintenance tab and additional commands on the command line interface. SLB Maintenance page allows the system administrator to: Maintenance > Firmware & Configurations Configure the FTP, SFTP, or TFTP server that will be used to provide firmware updates and ...
Page 227: Figure 12-1 Maintenance > Firmware & Configurations
12: Maintenance Figure 12-1 Maintenance > Firmware & Configurations SLB™ Branch Office Manager User Guide...
Page 228: Internal Temperature
Local Disk location with the name "before_MMDDYY_HHMM". The name of the firmware update file downloaded from the Lantronix web site. Firmware Filename A key for validating the firmware file. The key is provided with the firmware file (32 hex characters).
Page 229: Boot Banks
12: Maintenance Load Firmware via From the drop-down list, select the method of loading the firmware. Options are FTP, TFTP, HTTPS, NFS, USB, and SFTP (Secure FTP). TFTP is the default. If you select HTTPS, the Upload File link becomes active. Select the link to open a popup window that allows you to browse to a firmware update file to upload.
Page 230: Configuration Management
12: Maintenance Configuration Management Configuration From the option list, select one of the following: Management No Save/Restore: Does not save or restore a configuration.  Restore Factory Defaults: Restores factory defaults. If you select this  option, the SLB unit reboots after you apply the update. Select the SSH Keys checkbox to save any imported or exported SSH keys.
Page 231: Zero Touch Provisioning Configuration Restore
12: Maintenance Note: If you selected an option that forces a reboot (restore configuration, update firmware, or reset factory defaults), the SLB unit automatically reboots at the end of the process. Zero Touch Provisioning Configuration Restore The Zero Touch Provisioning feature allows a factory defaulted SLB to acquire a default configuration from a DHCP server and TFTP server when it is booted.
Page 232: Administrative Commands
12: Maintenance 2. To delete files, select one or more files and click the Delete File button. 3. To download a new firmware file, click the Download File button. 4. To rename a listed file, select the file, type the new file name into the New File Name field, and click the Rename File button.
Page 233 12: Maintenance 2. Enter the following to define the parameters of the log you would like to view: Select the type(s) of log you want to view:  Network  Services  Authentication  Device Ports  Diagnostics  General ...
Page 234: System Log Commands
Figure 12-4 System Logs From a queried system log (i.e., Figure 12-4), you may email this information to a specific individual or to Lantronix Technical Support. See Emailing Logs and Reports (on page 241). To clear system logs: 1. From the page, select SLB Maintenance - System Logs.
Page 235: Email Log
12: Maintenance 1. Click the Maintenance tab and select the Audit Log option. The following page displays: Figure 12-5 Maintenance > Audit Log 2. To select a sort option, click the appropriate button: To sort by date and time, click the Date/Time button (this is the default) to sort by Date/ ...
Page 236: Diagnostics
12: Maintenance Figure 12-6 Maintenance > Email Log 2. To email this log, follow the instructions in Emailing Logs and Reports (on page 241). 3. To clear the log, click the Clear Log button. Diagnostics SLB™ Branch Office Manager User Guide...
Page 237: Figure 12-7 Maintenance > Diagnostics
12: Maintenance Maintenance > Diagnostics page provides methods for diagnosing problems such as network connectivity and device port input/output problems. You can use equivalent commands on the command line interface. An additional diagnostic, loopback, is only available as a command. 1.
Page 238: Diagnostic Commands
12: Maintenance Send Packet This option sends an Ethernet packet out one of the Ethernet ports, mainly as a network connectivity test. For UDP, the number of times the string is sent is equal to the number of packets sent. For TCP, the number of times the string is sent may (or may not) be equal to the number of packets sent, because TCP controls how data is packetized and sent out.
Page 239: View Report
12: Maintenance On this page, you can view the status of the SLB ports and power supplies and generate a selection of reports. Note: Status and statistics shown on the web interface represent a snapshot in time. To see the most recent data, you must reload the web page. 1.
Page 240: Figure 12-10 Generated Status/Reports
12: Maintenance Port Status Displays the status of each device port: mode, user, any related connections, and serial port settings. Port Counters Displays statistics related to the flow of data through each device port. IP Routes Displays the routing table. Connections Displays all active connections for the SLB: Telnet, SSH, TCP, UDP, device port, and modem.
Page 241: Status Commands
CLI commands which correspond to the web page entries described above. Emailing Logs and Reports The following logs and reports can be directly emailed to a specific individual or to Lantronix Technical Support directly from the log page: System Log (i.e.,...
Page 242: Events
12: Maintenance Figure 12-11 Emailed Log or Report Events On this Maintenance > Events page, you can define what action you want to take for events that may occur in the SLB. 1. Click the Maintenance tab and select the Events option. The following page displays: SLB™...
Page 243: Figure 12-12 Maintenance > Events
12: Maintenance Figure 12-12 Maintenance > Events 2. Enter the following: Event Trigger From the drop-down list, select the type of incident that triggers an event. Currently, the options are: Receive Trap  Temperature Over/Under Limit (for Sensorsoft devices)  Humidity Over/Under Limit (for Sensorsoft devices) ...
Page 244: Events Commands
12: Maintenance SNMP Trap OID Enter a unique identifier for an SNMP object. (An SNMP object is anything that can hold a value and can be read using an SNMP "get" action.) The OID consists of a string of numbers separated by periods (for example, 1.1.3.2.1). Each number is part of a group represented by the number on its left.
Page 245: Figure 12-13 Maintenance > Lcd/Keypad
12: Maintenance Figure 12-13 Maintenance > LCD/Keypad To configure the LCD through the SLB user interface: The screens that are currently enabled are displayed in order in the left Enabled screens list. Note: Front Panel LCD Display and Keypads (on page 42) to set up the basic parameters using the SLB device.
Page 246: Lcd/Keypad Commands
12: Maintenance To configure the Keypad: 1. Enter the following fields. Keypad Locked Select this to lock out any input to the keypad. The default is for the keypad to be unlocked. Restore FactoryDefaults Password / Enter the 6 digit key sequence entered at the keypad to restore Retype Password the SLB unit to factory defaults.
Page 247: Banner Commands
12: Maintenance Login Banner The text to display on the command line interface after the user logs in. May contain up to 1024 characters. Single quote and double quote characters are not supported. Default is blank. Note: To create more lines, use the \n character sequence. Logout Banner The text to display on the command line interface after the user logs out.
Page 248: 13: Application Examples
13: Application Examples Each SLB branch office manager has multiple serial ports and two network ports. Each serial port can be connected to the console port of an IT device. Using a network port (in-band) or a modem (out-of-band) for dial-up connection, an administrator can remotely access any of the connected IT devices using Telnet or SSH.
Page 249 13: Application Examples 1. Display the current settings for device port 2: [SLB]> show deviceport port 2 ___Current Device Port Settings________________________________________________ Number: 2 Name: Port-2 Modem Settings-------------Data Settings----------IP Settings------- Modem State: disabled Baud Rate: 9600 Telnet: disabled Modem Mode: text Data Bits: 8 Telnet Port: 2002 Timeout Logins: disabled...
Page 250: Dial-In (Text Mode) To A Remote Device
13: Application Examples 5. Reboot the SUN server: Reboot <shutdown messages from SUN> 6. Use the escape sequence to escape from direct mode back to the command line interface. Dial-in (Text Mode) to a Remote Device This example shows a modem connected to an SLB device port, and a Sun server connected to another SLB device port.
Page 251: Local Serial Connection To Network Device Via Telnet
13: Application Examples Welcome to the Secure Lantronix Branch Office Manager Model Number: SLB882 For a list of commands, type 'help'. [SLB]> 5. Connect to the SUN Unix server using the direct command. [SLB]> connect direct deviceport 2 SunOS 5.7...
Page 252 13: Application Examples Dial-back Number: usernumber Initialization Script: <none> Logging Settings---------------------------------------------------- Local Logging: disabled USB Logging: disabled Email Logging: disabled Log to: upper slot Byte Threshold: 100 Max number of files: 10 Email Delay: 60 seconds Max size of files: 2048 Restart Delay: 60 seconds Email To: <none>...
Page 253: 14: Command Reference
14: Command Reference After an introduction to using commands, this chapter lists and describes all of the commands available on the SLB command line interface accessed through Telnet, SSH, or a serial connection. The commands are in alphabetical order by category. Introduction to Commands Following is some information about command syntax, command line help, and tips for using commands.
Page 254: Command Line Help
14: Command Reference Action Category diag arp|internals|lookup|loopback|netstat|nettrace|perfstat|ping| ping6|sendpacket|traceroute admin banner|clear|config|events|firmware|ftp|keypad|lcd|memory |quicksetup|reboot|shutdown|site|version|web Terminates CLI session. logout Command Line Help For general Help and to display the commands to which you have rights, type: help For general command line Help, type: help command line For more information about a specific command, type help followed by the command, for example: help set network or help admin firmware...
Page 255: Administrative Commands
14: Command Reference Keyboard Shortcuts:  Control-a: move to the start of the line Control-e: move to the end of the line Control-b: move back to the start of the current word Control-f: move forward to the end of the next word Control-u: erase from cursor to the beginning of the line Control-k: erase from cursor to end of the line Administrative Commands...
Page 256 14: Command Reference admin banner welcome Syntax admin banner welcome <Banner Text> Description Configures the banner displayed before the user logs in. Note: To go to the next line, type \n and press Enter. admin clear Syntax admin clear tmpdir Description Clears the directory holding temporary files.
Page 257 14: Command Reference <Config Params to Preserve> is a comma-separated list of current configuration parameters to retain after the config restore or factorydefaults: Networking Services Date/Time Power Outlets Local Users Device Ports USB Port Description Restores the SLB branch office manager to factory default settings. admin config restore Syntax admin config restore <Config Name>...
Page 258 14: Command Reference admin config show Syntax admin config show <default|ftp|sftp|nfs|cifs|usb> [nfsdir <NFS Mounted Dir>] [usbport <u1>] Description Lists the configurations saved to a location. admin firmware bootbank Syntax admin firmware bootbank <1|2> Description Sets the boot bank to be used at the next SLB reboot. admin firmware copybank Syntax admin firmware copybank...
Page 259 14: Command Reference Description Lists the current firmware revision, the boot bank status (for dual-boot SLBs), and optionally displays the log containing details about firmware updates. admin firmware update Syntax admin firmware update <ftp|tftp|sftp|> file <Firmware File> key <Checksum Key> Description Updates SLB firmware to a new revision.
Page 260 14: Command Reference admin ftp show Syntax admin ftp show Description Displays FTP settings. admin keypad Syntax admin keypad <lock|unlock> Description Locks or unlocks the LCD keypad. If the keypad is locked, you can scroll through settings but not change them. admin keypad password Syntax admin keypad password <Password>...
Page 261 14: Command Reference Description Restarts the program that controls the LCD. admin memory show Syntax admin memory show Description Displays information about SLB memory usage. admin memory swap add <Size of Swap in MB> usbport <u1> Syntax admin memory swap add <Size of Swap in MB> usbport <u1> Description Creates a swap space from the SLB disk or an external storage device.
Page 262 14: Command Reference admin reboot Syntax admin reboot Description Reboots the SLB. The front panel LCD displays the “Rebooting the SLB” message, and the normal boot sequence occurs. admin shutdown Syntax admin shutdown Description Prepares the SLB branch office manager to be powered off. When you use this command to shut down the SLB, the LCD front panel displays the “Shutting down the SLB”...
Page 263 14: Command Reference Description Displays current hardware and firmware information. admin web certificate Syntax admin web certificate import via <sftp|scp> certfile <Certificate File> privfile <Private Key File> host <IP Address or Name> login <User Login> [path <Path to Files>] Description Imports an SSL certificate.
Page 264 14: Command Reference admin web group Syntax admin web group <Local or Remote Group Name> Description Configures the group that can access the web.admin web tlsv10 Syntax admin web tlsv10 <enable|disable> Description Enables or disables TLS v1.0. admin web tlsv11 Syntax admin web tlsv11 <enable|disable>...
Page 265 14: Command Reference admin web show Syntax admin web show [viewcipherlist <enable|disable>] [viewslmsessions <enable|disable>] Description Displays current settings, with optional extra sessions or current ciphers. admin web banner Syntax admin web banner Description Configures the banner displayed on the web home page.admin web iface <none,eth1,eth2,ppp> Syntax admin web iface <none,eth1,eth2,ppp>...
Page 266: Audit Log Commands
14: Command Reference admin web sha2 Syntax admin web sha2 <enable|disable> Description Enable using only SHA2 or higher ciphers admin web server Enables or disables running the web server (TCP ports 80 and 443): admin web server <enable|disable> admin web restart Restart the web server: admin web restart The following list includes options which accept the CLEAR command:...
Page 267: Authentication Commands
14: Command Reference Authentication Commands set auth Syntax set auth <one or more parameters> Parameters authusenextmethod <enable|disable> kerberos <1-6> ldap <1-6> localusers <1-6> nis <1-6> radius <1-6> tacacs+ <1-6> Description Sets ordering of authentication methods. Local Users authentication is always the first method used. Any methods omitted from the command are disabled.
Page 268: Consoleflow Commands
14: Command Reference ConsoleFlow Commands Configure interaction with ConsoleFlow management server. The communication with the server is enabled by default, and can be disabled: set cflow client <enable|disable> Set interval between status updates, and firmware and configuration checks: set cflow statusinterval <1-60 minutes> fwconfiginterval <1-72 hours> Enable or disable firmware and configuration updates via ConsoleFlow: set cflow fwupdate <enable|disable>...
Page 269: Kerberos Commands
14: Command Reference Display settings and status: show cflow show cflow status show cflow perform show cflow scripts show cflow probes Kerberos Commands set kerberos Syntax set kerberos <one or more parameters> Parameters accessoutlets <Outlet List> clearports <Port List> custommenu <Menu Name> dataports <Port List>...
Page 270: Ldap Commands
14: Command Reference show kerberos Syntax show kerberos Description Displays Kerberos settings. LDAP Commands set ldap Syntax set ldap <one or more parameters> Set the LDAP bind password (any extra parameters will be ignored): set ldap bindpassword Parameters state <enable|disable> server <IP Address or Name>...
Page 271: Local Users Commands
14: Command Reference Note: User Permissions Commands (on page 278) for information on groups and user rights. Description Configures the SLB branch office manager to use LDAP to authenticate users who log in via the Web, SSH, Telnet, or the console port. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps.
Page 272 14: Command Reference group <default|power|admin|Custom Group Name> passwordexpires <enable|disable> permissions <Permission List> Note: User Permissions Commands (on page 278) for information on groups and user rights. Description Configures local accounts (including sysadmin) who log in to the SLB unit by means of the Web, SSH, Telnet, or the console port.
Page 273 14: Command Reference set localusers delete Syntax set localusers delete <User Login> Description Deletes a local user. set localusers lifetime Syntax set localusers lifetime <Number of Days> Description Sets the number of days the login password may be used. The default is 90 days. set localusers maxloginattempts Syntax set localusers maxloginattempts <Number of Logins>...
Page 274 14: Command Reference Description Sets the number of minutes after a lockout before the user can try to log in again. Disabled by default. set localusers periodwarning Syntax set localusers periodwarning <Number of Days> Description Sets the number of days the system warns the user that the password will be expiring. The default is 7 days.
Page 275: Nis Commands
14: Command Reference NIS Commands set nis Syntax set nis <one or more parameters> Parameters accessoutlets <Outlet List> broadcast <enable|disable> clearports <Port List> custommenu <Menu Name> dataports <Port List> domain <NIS Domain Name> breakseq <1-10 Chars> escapeseq <1-10 Chars> group <default|power|admin> listenports <Port List>...
Page 276: Radius Commands
14: Command Reference Description Displays NIS settings. RADIUS Commands set radius Syntax set radius <one or more parameters> Parameters: accessoutlets <Outlet List> state <enable|disable> clearports <Port List> custommenu <Menu Name> dataports <Port List> breakseq <1-10 Chars> escapeseq <1-10 Chars> group <default|power|admin> listenports <Port List>...
Page 277: Tacacs+ Commands
14: Command Reference Note: The default port is 1812. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps. set radius custommenu, escapeseq, breakseq, dialbacknumber, secret, accessoutlets, listenports, dataports, clearports show radius Syntax show radius Description Displays RADIUS settings.
Page 278: User Permissions Commands
14: Command Reference Note: User Permissions Commands (on page 278) for information on groups and user rights. Set the TACACS+ secret (any extra parameters will be ignored): set tacacs+ secret show tacacs+ Description Configures the SLB unit to use TACACS+ to authenticate users who log in via the Web, SSH, Telnet, or the console port.
Page 279 14: Command Reference Description Blocks (locks) a user's ability to login. set localusers unlock Syntax set localusers unlock <User Login> Description Allows (unlocks) a user's ability to login. set localusers permissions Syntax set localusers add|edit <user> permissions <Permission List> where <Permission List>...
Page 280 14: Command Reference To remove a permission, type a minus sign before the two-letter abbreviation for a user right. Description Sets attributes for users who log in by a remote authentication method. set remoteusers listonlyauth Syntax set remoteusers listonlyauth <enable|disable> Description Sets whether remote users who are not part of the remote user list will be authenticated.
Page 281: Cli Commands
14: Command Reference Description Sets a permission group for remotely authorized users. set <nis|ldap|radius|kerberos|tacacs+> permissions Syntax set <nis|ldap|radius|kerberos|tacacs> permissions <Permission List> where <Permission List> is one or more of nt, sv, dt, lu, ra, sk, um, dp, do, ub, rs, rc, dr, wb, sn, ad, po Description Sets permissions not already defined by the assigned permissions group.
Page 282 14: Command Reference set cli terminallines Syntax set cli terminallines <disable|Number of lines> Description Sets the number of lines in the terminal emulation (screen) for paging through text one screenful at a time, if the SLB device cannot detect the size of the terminal automatically. Note: Settings are retained between CLI sessions for local users and users listed in the remote users list.
Page 283: Connection Commands
14: Command Reference Description Displays attributes of the currently logged in user. set history Syntax set history clear Description Clears the commands that have been entered during the command line interface session. show history Syntax show history Description Displays the last 100 commands entered during the session. Connection Commands connect bidirection Syntax...
Page 284 14: Command Reference telnet <IP Address or Name> [port <TCP Port>] trigger <now|datetime|chars> If the trigger is datetime (establish connection at a specified date/time), enter the date parameter. If the trigger is chars (establish connection on receipt of a specified number or characters or a character sequence), enter the charxfer parameter and either the charcount or the charseq parameter.
Page 285 14: Command Reference connect listen deviceport Syntax connect listen deviceport <Device Port # or Name> Description Monitors a device port. connect terminate Syntax connect terminate <Connection ID> Description Terminates a bidirectional or unidirectional connection. connect unidirection Syntax connect unidirection <Device Port # or Name> dataflow <toendpointfromendpoint>...
Page 286: Console Port Commands
14: Command Reference Description Connects a device port to another device port or an outbound network connection (data flows in one direction). show connections Syntax show connections [email <Email Address>] Description Displays connections and their IDs. You can optionally email the displayed information. The connection IDs are in the left column of the resulting table.
Page 287: Custom User Menu Commands
14: Command Reference Description Configures console port settings. show consoleport Syntax show consoleport Description Displays console port settings. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps. console port group Custom User Menu Commands When creating a custom user menu, note the following limitations: Maximum of 20 custom user menus.
Page 288 14: Command Reference Description Creates a new custom user menu or adds a command to an existing custom user menu. set menu edit Syntax set menu edit <Menu Name> <parameter> Parameters command <Command Number> nickname <Command Number> redisplaymenu <enable|disable> shownicknames <enable|disable> title <Menu Title>...
Page 289: Date And Time Commands
14: Command Reference Description Sets a default custom menu for remotely authorized users. show menu Syntax show menu <all|Menu Name> Description Displays a list of all menu names or all commands for a specific menu. Date and Time Commands set datetime Syntax set datetime <one date/time parameter>...
Page 290: Device Commands
14: Command Reference set ntp Syntax set ntp <one or more ntp parameters> Parameters localserver1 <IP Address or Hostname> localserver2 <IP Address or Hostname> localserver3 <IP Address or Hostname> poll <local|public> publicserver <IP Address or Hostname> state <enable|disable> sync <broadcast|poll> Description Synchronizes the SLB branch office manager with a remote time server using NTP.
Page 291: Device Port Commands
14: Command Reference Outlet # is 1-8 for SLP8 and 1-16 for SLP16 units. The outletcontrol parameters control individual outlets. slp outletstate [outlet <Outlet #>] The outletstate parameter shows the state of all outlets or a single outlet. slp envmon Displays the environmental status (e.g., temperature and humidity) of the SLP power manager.
Page 292 14: Command Reference Example set deviceport port 2-5,6,12,15-16 baud 2400 locallogging enable Parameters auth <pap|chap> banner <Banner Text> baud <300-230400> breakseq <1-10 Chars> calleridcmd <Modem Command String> calleridlogging <enable|disable> cbcpnocallback <enable|disable> cbcptype <admin|user> chapauth <chaphost|localusers> chaphost <CHAP Host or User Name> The user defines the secret.
Page 293 14: Command Reference modemmode <text|ppp> modemstate <disable|dialout|dialin|dialback|dialondemand| dialin+dialondemand|dialinhostlist> modemtimeout <disable|1-9999 seconds> name <Device Port Name> nat <enable|disable> nfsdir <Logging Directory> nfslogging <enable|disable> nfsmaxfiles <Max # of Files> nfsmaxsize <Size in Bytes> parity <none|odd|even> portlogseq <1-10 Chars> remoteipaddr <negotiate|IP Address> restartdelay <PPP Restart Delay> showlines <enable|disable>...
Page 294 14: Command Reference Parameters sshport <TCP Port> telnetport <TCP Port> tcpport <TCP Port> maxdirect <1-10> Description Configures settings for all or a group of device ports. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps. set deviceport dialinlist, nfsdir, nfsdir, breakseq, banner, group, portlogseq, chaphost, chapsecret,...
Page 295: Diagnostic Commands
14: Command Reference show portcounters Syntax show portcounters [deviceport <Device Port List or Name>] [email <Email Address>] Description Displays device port statistics and errors for one or more ports. You can optionally email the displayed information. show portcounters zerocounters Syntax show portcounters zerocounters <Device Port List or Name>...
Page 296 14: Command Reference diag internals Syntax diag internals Description Displays information on the internal memory, storage and processes of the SLB Note: This command is available in the CLI but not the web. diag netstat Syntax diag netstat [protocol <all|tcp|udp>] [email <Email Address>] Description To display a report of network connections.
Page 297: Top Command Synopsis
14: Command Reference Description Resolves a host name into an IP address. You can optionally email the displayed information. diag loopback Syntax diag loopback <Device Port Number or Name>[<parameters>] Parameters test <internal|external> xferdatasize <Size In Kbytes to Transfer> Default is 1 Kbyte. Description Tests a device port by transmitting data out the port and verifying that it is received correctly.
Page 298: End Device Commands
14: Command Reference diag traceroute Syntax diag traceroute <IP Address or Hostname> Description Displays the route that packets take to get to a network host. End Device Commands set command Syntax set command <Device Port # or Name or List> <one or more parameters> Parameters slp auth login <User Login>...
Page 299: Events Commands
14: Command Reference Events Commands admin events add Syntax admin events add <trigger> <response> <trigger> is one of: receivetrap, templimit, humidlimit, overcurrent, inletstatus, nomodemdial, or dpdatadrop. <response> is one of: action <fwdalltrapseth|fwdseltrapeth> ethport <1|2> nms <SNMP NMS> community <SNMP Community> [oid <SNMP OID>] action <fwdalltrapsmodem|fwdseltrapmodem>...
Page 300: Global Commands
14: Command Reference oid <SNMP Trap OID> usbport <u1> Description Edits event definitions. admin events show Syntax admin events show Description Displays event definitions. Global Commands set deviceport global Syntax set deviceport global <one or more parameters> Parameters sshport <TCP Port> tcpport <TCP Port>...
Page 301: Group Commands
14: Command Reference Group Commands set groups Syntax set groups add|edit <Group Name> [<parameters>] Parameters dataports <Port List> listenports <Port List> clearports <Port List> accessoutlets <Outlet List> escapeseq <1-10 Chars> breakseq <1-10 Chars> custommenu <Menu Name> displaymenu <enable|disable> allowdialback <enable|disable> dialbacknumber <Phone Number>...
Page 302: Host List Commands
14: Command Reference Host List Commands set hostlist add|edit <Host List Name> Syntax set hostlist add|edit <Host List Name> [<parameters>] Parameters name <Host List Name> (edit only) retrycount <1-10> Default is 3. auth <enable|disable> Description Configures a prioritized list of hosts to be used for modem dial-in connections. set hostlist add|edit <Host List Name>...
Page 303: Ip Filter Commands
14: Command Reference set hostlist delete Syntax set hostlist delete <Host List> [entry <Host Number>] Description Deletes a host list, or a single host entry from a host list. show hostlist Syntax show hostlist <all|names|Host List Name> Description Displays the members of a host list. IP Filter Commands set ipfilter state Syntax...
Page 304: Logging Commands
14: Command Reference Description Maps an IP filter to an interface. set ip filter rules Syntax set ipfilter rules <parameters> Parameters add <Ruleset Name> delete <Ruleset Name> edit <Ruleset Name> <Edit Parameters> Edit Parameters: append insert <Rule Number> replace <Rule Number> delete <Rule Number>...
Page 305 14: Command Reference filemaxsize <Max Size of Files> locallogging <enable|disable> name <Device Port Name> nfsdir <Logging Directory> nfslogging <enable|disable> nfsmaxfiles <Max # of Files> nfsmaxsize <Size in Bytes> usblogging <enable|disable> usbmaxfiles <Max # of Files> usbmaxsize <Size in Bytes> usbport <u1> sysloglogging <enable|disable>...
Page 306 14: Command Reference set log clear modem Syntax set log clear modem Description Clear the modem log (the modem log is automatically pruned when it reaches 50K). set log modem ppplog Syntax set log modem ppplog <enable|disable> Description Enables PPP activity messages in the modem log. set log modem pppdebug Syntax set log modem pppdebug <enable|disable>...
Page 307: Network Commands
14: Command Reference numlines <Number of Lines> bytes <Bytes to Display> startbyte <Byte Index> logfile <NFS or USB Log File> Defaults: bytes=1000, startbyte=1, numlines=40 Description View the log for local, NFS or USB logging (NFS and USB use the current logging settings for the Device Port).
Page 308 14: Command Reference Description Configures up to three DNS servers. set network gateway Syntax set network gateway <parameters> Parameters default <IP Address> precedence <dhcp|gprs|default> failover <IP Address> pingip <IP Address> ethport <1|2> pingdelay <1-250 seconds> failedpings <1-250> faildevice <none|hspa|sierra> faildevapn <Fail-over Device: APN of Mobile Carrier> faildevlockpin <enable|disable>...
Page 309 14: Command Reference Description Sets the SLB host name and domain name. set network port Syntax set network port <1|2> <parameters> Parameters mode <auto|10mbit-half|100mbit-half|10mbit-full|100mbit-full> state <dhcp|bootp|static|disable> [ipaddr <IP Address> mask <Mask>] [ipv6addr <IP v6 Address/Prefix>] Description Configures Ethernet port 1 or 2. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps.
Page 310: Nfs And Smb/Cifs Commands
14: Command Reference show network host Syntax show network host Description Displays the network host name of the SLB. show network port Syntax show network port <1|2> Description Displays Ethernet port settings and counters. show network all Syntax show network all Description Displays all network settings.
Page 311 14: Command Reference Description Mounts a remote NFS share. The remdir and locdir parameters are required, but if they have been specified previously, you do not need to provide them again. set nfs unmount Syntax set nfs unmount <1|2|3> Description Unmounts a remote NFS share.
Page 312: Performance Monitoring Commands
14: Command Reference Enables or disables authentication of local users. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps. set cifs workgroup show cifs Syntax show cifs Description Displays SMB/CIFS settings. show nfs Syntax show nfs Description...
Page 313 14: Command Reference show perfmon status Syntax show perfmon status Parameters show perfmon status [probe <Probe Id or Name>] Description Display the running status of all probes or a selected probe. show perfmon operations Syntax show perfmon operations Parameters show perfmon operations <Probe Id or Name> Description Display list of completed operation sets for a probe.
Page 314 14: Command Reference Parameters show perfmon accumulated <Probe Id or Name> [set <Operation Set Number>] [email <Email Address>] Description Display accumulated statistics for last completed operation set or selected set, and optionally email the statistics. set perfmon repo Syntax set perfmon repo <local|usb> [usbport U1] Description Set repository where probe operations are stored.
Page 315 14: Command Reference set perfmon tcpconnectresp Syntax set perfmon tcpconnectresp <TCP Port Number|disable> Description Enable responders for TCP connect. set perfmon add Syntax set perfmon add <Probe Name> type <dns|http|icmp|tcpconnect|udpecho|udpjitter|udpjittervoip> Parameters name <Probe Name> starttime <now|HH:MM[:SS][MMDD]|afterHH:MM:SS> operations <Number of Operations to Perform> frequency <Seconds between Operations>...
Page 316: Power Commands
14: Command Reference packets <Number of Packets to Send> interval <Milliseconds between Packets> timeout <Milliseconds to Wait for Response> host <Destination IP Address or Name> port <Destination Port> precision <milli|micro> datasize <Payload Data Size in Bytes> verifydata <enable|disable> codec <g729a|g711alaw|g711mulaw> tos <none|Type of Service>...
Page 317 14: Command Reference Description Number of amps (measured in tenths of an amp) above which the SLB branch office manager sends a trap. The maximum is 180. Note: If the alarm goes off, a warning message displays on the CLI. set power outlet Syntax set power outlet <Outlet # or List or Name>...
Page 318: Routing Commands
14: Command Reference waiting for the reboot interval to expire (default is 20 seconds.) The switching delay and the reboot interval are completely independent of each other. Routing Commands set routing Syntax set routing [parameters] Parameters rip <enable|disable> route <1-64> ipaddr <IP Address> mask <Netmask> gateway <IP Address> static <enable|disable>...
Page 319 14: Command Reference Note: Interface scripts will be given default/do user rights; Batch and Custom scripts will be given admin/ad user rights. The name of the script will be the same as the file name (if it is a valid script name), otherwise a script name must be specified for import. Description Import a script.
Page 320 14: Command Reference connect script Syntax connect script <Script Name> deviceport <Device Port # or Name> [parameters <Command Line Parameters>] debug <enable|disable>] Description Connect an interface or custom script to a Device Port and run it one time (script output will be displayed in the current terminal;...
Page 321: Services Commands
14: Command Reference show script operations Syntax show script operations <Script Name> Description Display list of completed results for a custom script. show script results Syntax show script results <Script Name> [set <all|Operation Set Number>] [display <head|tail>] [numlines <Number of Lines>] [email <Email Address>] Description Display the results for the last completed custom script operation or a selected operation, and...
Page 322 14: Command Reference outgoingtelnet <enable|disable> phonehome <enable|disable> phoneip <IP Address> portssh <TCP Port> rocommunity <Read-Only Community> rwcommunity <Read-Write Community> Sets a password for an SNMP manager to access the read-only data the SLB SNMP agent provides and to modify data where permitted. servlog <off|error|warning|info|debug>...
Page 323: Site Commands
14: Command Reference show services Syntax show services Description Displays current services. show services trapenable Syntax show services trap enable Description Defines the set of SNMP traps that are sent by the SLB. Site Commands set site Syntax Create or edit a site: set site add|edit <Site Name>...
Page 324: Secure Lantronix Network Commands
Set the site password and CHAP secret (any extra parameters will be ignored): set site dialoutpassword <Site Name> set site chapsecret <Site Name> Deletes a site: set site delete <Site Name> show site <all|names|Site Name> Secure Lantronix Network Commands set slcnetwork Syntax set slcnetwork <one or more parameters> Parameters add <IP Address>...
Page 325: Ssh Key Commands
14: Command Reference Without the ipaddrlist parameter, the command searches the SLB network. With the ipaddrlist parameter, the command displays a sorted list of all IP addresses or displays the IP addresses that match the mask (for example, 172.19.255.255 would display all IP addresses that start with 172.19).
Page 326 14: Command Reference [path <Path to Copy Key>] bits <512|1024|2048> keyname <SSH Key Name> keyuser <SSH Key User> type <rsa|dsa> Description Exports an sshkey. set sshkey import set sshkey import <ftp|scp|copypaste> <one or more parameters> Parameters [keyhost <SSH Key IP Address or Name>] [keyuser <SSH Key User>] [path <Path to Public Key File>] file <Public Key File>...
Page 327 14: Command Reference show sshkey export Syntax show sshkey export <one or more parameters> Parameters [keyhost <SSH Key IP Address or Name>] [keyuser <SSH Key User>] [viewkey <enable|disable>] Description Displays all exported keys or keys for a specific user, IP address, or name. show sshkey import Syntax show sshkey import <one or more parameters>]...
Page 328: Status Commands
14: Command Reference Status Commands show connections Syntax show connections [email <Email Address>] Description Displays a list of current connections. Optionally emails the displayed information. The connection IDs are in the left column of the resulting table. The connection ID associated with a particular connection may change if the connection times out and is restarted.
Page 329: System Log Commands
14: Command Reference show sysconfig Syntax show sysconfig [display <basic|auth|devices>] [email <Email Address] Description Displays a snapshot of all configurable parameters. Optionally emails the displayed information. show sysstatus Syntax show sysstatus [email <Email Address>] Description To display the overall status of all SLB devices. Optionally emails the displayed information. System Log Commands show syslog Syntax...
Page 330: Usb Storage Commands
14: Command Reference Description Clears one or all of the system logs. USB Storage Commands set usb storage dir Syntax set usb storage dir <u1> Description Views a directory listing of a Compact Flash card. set usb storage format Syntax set usb storage fsck Description Views a directory listing of a file system check.
Page 331: Usb Modem Commands
14: Command Reference set usb storage unmount Syntax set usb storage unmount <u1> Description Unmounts a USB flash card. Enter this command before ejecting the card. USB Modem Commands set usb modem Syntax set usb modem <u1|u2> <parameters> Parameters auth <pap|chap> baud <300-115200>...
Page 332 14: Command Reference sshport <TCP Port> stopbits <1|2> tcpauth <enable|disable> tcpport <TCP Port> telnetauth <enable|disable> telnetport <TCP Port> timeoutlogins <disable|1-30 minutes> usesites <enable|disable> Set the modem password and CHAP secrets (any extra parameters will be ignored): set usb modem <U1|U2> dialoutpassword set usb modem <U1|U2>...
Page 333 14: Command Reference Description Configures a currently loaded USB Modem. The following list includes options which accept the CLEAR command: Note: CLEAR must be in all caps. set usb modem dialinlist, chaphost, chapsecret, dodchaphost, dodchapsecret, initscript, dialoutlogin, dialoutpassword, dialbacknumber, group set vpn Syntax set vpn...
Page 334 14: Command Reference show temperature Syntax show temperature Description Shows the temperature. SLB™ Branch Office Manager User Guide...
Page 335: Appendix A: Bootloader
To access the bootloader command line interface (CLI): 1. Power on the SLB. 2. Type x15 within 10 seconds of power up. The bootloader halts the boot procedure and displays a Lantronix command prompt. Bootload Commands Table A-1 User Commands...
Page 336: Table A-2 Administrator Commands
Table A-2 Administrator Commands In addition to the commands that the user can issue, the administrator can issue the following: Command Description Copies an image of the drive from the lower PCMCIA device to the internal CF card. Imagecopy Provides a new password for user admin. The default password for user admin is Passwd admin.
Page 337: Appendix B: Security Considerations
Appendix B: Security Considerations The SLB branch office manager provides data path security by means of SSH or Web/SSL. Even with the use of SSH/SSL, however, do not assume you have complete security. Securing the data path is only one measure needed to ensure security. This appendix briefly discusses some important security considerations.
Page 338: Appendix C: Adapters And Pinouts
Lantronix adapters. The cables are available in various lengths. In most cases, you will need an adapter for your serial devices. Lantronix offers a variety of RJ45- to-serial connector adapters for many devices. These adapters convert the RJ45 connection on the SLB unit to a 9-pin or 25-pin serial connector found on other manufacturers' serial devices or re-route the serial signals for connections to other devices that use RJ45 serial connectors.
Page 339: Figure C-2 Rj45 Receptacle To Db25F Dce Adapter For The Slb (Pn 200.2067A)
Appendix C: Adapters and Pinouts Figure C-2 RJ45 Receptacle to DB25F DCE Adapter for the SLB (PN 200.2067A) Figure C-3 RJ45 Receptacle to DB9M DCE Adapter for the SLB (PN 200.2069A) SLB™ Branch Office Manager User Guide...
Page 340: Figure C-4 Rj45 Receptacle To Db9F Dce Adapter For The Slb (Pn 200.2070A)
Appendix C: Adapters and Pinouts Figure C-4 RJ45 Receptacle to DB9F DCE Adapter for the SLB (PN 200.2070A) Use PN 200.2070A adapter with a PC's serial port. Figure C-5 RJ45 to RJ45 Adapter for Netra/Sun/Cisco and SLP (PNs 200.2225 and ADP010104-01) Note: The cable ends of the ADP010104-01 are an RJ45 socket on one end and a RJ45 plug on the other instead of RJ45 sockets on both ends.
Page 341: Appendix D: Protocol Glossary
Appendix D: Protocol Glossary BOOTP (Bootstrap Protocol) Similar to DHCP, but for smaller networks. Automatically assigns the IP address for a specific duration of time. CHAP (Challenge Handshake Authentication Protocol) A secure protocol for connecting to a system; it is more secure than the PAP. DHCP (Dynamic Host Configuration Protocol) Internet protocol for automating the configuration of computers that use TCP/IP.
Page 342 Appendix D: Protocol Glossary NTP (Network Time Protocol) A protocol used to synchronize time on networked computers and equipment. PAP (Password Authentication Protocol) A method of user authentication in which the username and password are transmitted over a network and compared to a table of name-password pairs. PPP (Point-to-Point Protocol) A protocol for creating and running IP and other network protocols over a serial link.
Page 343: Appendix E: Compliance Information
Appendix E: Compliance Information Manufacturer’s Name & Address Lantronix, Inc. 7535 Irvine Center Drive Suite 100 Irvine, CA 92618, USA Declares that the following product: Product Name(s): Lantronix® SLB™ Branch Office Manager Conforms to the following standards or other normative documents:...
Page 344   CCC*  Note: *Only applies to 200-240 VAC SLB (specifically P/Ns SLB8824KIT-AP and SLB8824KIT-WW). RoHS, REACH and WEEE Compliance Statement Please visit http://www.lantronix.com/legal/rohs/ for Lantronix’s statement about RoHS, REACH and WEEE compliance. SLB™ Branch Office Manager User Guide...

This manual is also suitable for:

200-240 vac slb

Lantronix 100-120 VAC SLB User Manual

1 : about this Guide

2 : Introduction

3 : Installation

4 : Quick Setup

5 : Web and Command Line Interfaces

6 : Basic Parameters

7 : Services

8 : Device Ports

9 : USB Port

Quick Links

Need help?

Questions and answers

Related Manuals for Lantronix 100-120 VAC SLB

Summary of Contents for Lantronix 100-120 VAC SLB