Digi PortServer TS 8 Setup guide

PortServer TS 8/16
Configuration and Administration
Guide
92000307_B
The Digi logo is a trademark of Digi International.
All other brand and product names are trademarks of their respective holders.
© Digi International Inc., 1998, 2000, 2001, 2002. All Rights Reserved
http://www.digi.com
Information in this document is subject to change without notice and does not represent a
commitment on the part of Digi International.
Digi provides this document “as is”, without warranty of any kind, either expressed or implied,
including, but not limited to, the implied warranties of fitness or merchantability for a particular
purpose. Digi may make improvements and/or changes in this manual or in the product(s) and/or the
program(s) described in this manual at any time.
This product could include technical inaccuracies or typographical errors. Changes are periodically
made to the information herein; these changes may be incorporated in new editions of the
publication.
Contents
Chapter 1 Introduction
Setup Overview.................................................................................................... 1-2
About This Guide................................................................................................. 1-3
About Entering Commands on the Command Line............................................. 1-3
Supported Devices ............................................................................................... 1-3
Other Documents in the Library .......................................................................... 1-4
About Configuration Methods ............................................................................. 1-5
Configuration Prerequisites.................................................................................. 1-6
Chapter 2 Configuring the IP Address
Options for Configuring the IP Address and Mask.............................................. 2-2
Configuring the Ethernet Interface with DPA Remote ........................................ 2-3
Configuring the IP Address Using Ping-ARP...................................................... 2-4
Configuring the Ethernet Interface from the Command Line .............................. 2-5
Configuring an IP Address using DHCP and RARP ........................................... 2-5
Chapter 3 Configuring Ports for RealPort
About RealPort..................................................................................................... 3-2
Configuring Ports: Web Interface ........................................................................ 3-3
Configuring Ports for RealPort: Command Line ................................................. 3-4
Chapter 4 Configuring Ports for Printers
Configuration Considerations .............................................................................. 4-2
Configuring Ports for Printers: Web Interface..................................................... 4-3
Configuring Printer Connections: Command Line .............................................. 4-3
Configuring a Port for Direct-Access Printing .................................................... 4-5
Chapter 5 Configuring Ports for Terminals and Computers
Configuring Ports for Terminals: Web Interface ................................................. 5-2
Configuring Ports for Terminals: Command Line............................................... 5-2
About Computer Connections.............................................................................. 5-3
i
Chapter 6 Configuring Ports for Modems
Tips on Configuring A Modem............................................................................ 6-2
Configuring Ports for Modems: Web Interface ................................................... 6-3
Configuring Ports for Incoming Modem Connections: Command Line ............. 6-3
Configuring Ports for Outgoing/Bi-Directional Connections: Command Line... 6-4
Chapter 7 Configuring PPP
Configuring PPP Connections: Web Interface..................................................... 7-2
Configuring Inbound PPP Connections: Command Line .................................... 7-3
Configuring Outbound PPP Connections: Command Line ................................. 7-5
Chapter 8 Configuring IP Routing
Introduction to Routing ........................................................................................ 8-2
About RIP Routing Updates ................................................................................ 8-3
Configuring Static Routes .................................................................................... 8-5
Configuring Dynamic Routes Using RIP............................................................. 8-6
Configuring Proxy ARP....................................................................................... 8-7
Chapter 9 Configuring Autoconnection
About Autoconnection ......................................................................................... 9-2
Configuring a Port for Autoconnection: Web Interface....................................... 9-2
Configuring Autoconnection By Port: Command Line ....................................... 9-2
Configuring a User for Autoconnection: Web Interface...................................... 9-3
Configuring a User for Autoconnection: Command Line ................................... 9-3
Chapter 10 Configuring Console Management
About Console Management.............................................................................. 10-2
Configuring Console Management: Web Interface ........................................... 10-2
Configuring Console Management: Command Line ......................................... 10-2
Chapter 11 Configuring Security Features
Controlling Access to the PortServer TS 8/16 Configuration............................ 11-2
Controlling Access to Inbound Ports ................................................................. 11-2
Controlling Access to Outbound Ports............................................................... 11-3
Controlling Access to the PortServer TS 8/16 Command Line ......................... 11-3
Using RADIUS to Authenticate Users............................................................... 11-4
Issuing User Passwords...................................................................................... 11-7
Configuring SSH Version 2 for Secure Communication................................... 11-8
Chapter 12 Configuring DNS
About the Domain Name System....................................................................... 12-2
Configuration Procedures .................................................................................. 12-3
Chapter 13 Configuring SNMP
About SNMP and the PortServer TS 8/16 Agent .............................................. 13-2
Configuration Procedure: Web Interface ........................................................... 13-3
Configuration Procedure: Command Line......................................................... 13-3
Chapter 14 Managing the OS and Configuration
Upgrading the OS (Firmware): Web Interface .................................................. 14-2
Upgrading the OS (Firmware): Command Line ................................................ 14-3
Configuring PortServer TS 8/16 from a Remote Host....................................... 14-4
ii
Resetting the Configuration to Defaults............................................................. 14-6
Chapter 15 Configuring Users
About Configuring Users ................................................................................... 15-2
Common User Features...................................................................................... 15-2
Configuring a User: Web Interface .................................................................... 15-3
Configuring a User: Command Line Examples................................................. 15-4
Chapter 16 Configuration Examples
Terminal Server Configuration Without RealPort ............................................. 16-2
Terminal Server Configuration Using Autoconnection..................................... 16-3
Terminal Server Configuration Using RealPort................................................. 16-4
Dial-In PPP Connection Using RADIUS........................................................... 16-5
Chapter 17 PortServer TS 8/16 Troubleshooting
Symptom: PortServer TS 8/16 Does Not Boot .................................................. 17-2
Symptom: Cannot Telnet to the PortServer TS 8/16 ......................................... 17-3
Symptom: Trouble Accessing a Port ................................................................. 17-4
Running PortServer TS 8/16 Hardware Diagnostics ......................................... 17-4
Running PortServer TS 8/16 POST ................................................................... 17-5
Verifying TFTP on a UNIX System .................................................................. 17-6
Troubleshooting TFTP Problems....................................................................... 17-6
Resetting PortServer TS 8/16 Configuration to Defaults................................... 17-7
Verifying the PortServer TS 8/16 IP Address.................................................... 17-8
Checking for Duplicate IP Addresses .............................................................. 17-10
Pinging an IP Address...................................................................................... 17-11
Verifying the Network Cabling........................................................................ 17-12
Verifying the RealPort Process ........................................................................ 17-13
Checking and Changing Port Configuration.................................................... 17-15
Digi Contact Information................................................................................. 17-16
iii
iv
Introduction
Chapter 1
In This Chapter
This chapter provides a brief introduction on setting up your Digi device. It discusses the following
topics:
Introduction
•
Setup Overview . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-2
•
About This Guide . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
•
About Entering Commands on the Command Line . . . . . . . . . . . . . . . . . . . . . . 1-3
•
Supported Devices . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-3
•
Other Documents in the Library . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-4
•
About Configuration Methods . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-5
•
Configuration Prerequisites . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1-6
1-1
Setup Overview
This section provides an overview of the setup process.
Step A: Plan
Before beginning setup, consider the following:
• How to assign an IP address to the Digi device’s Ethernet interface, which can be accomplished
in a number of ways. See "Configuring the IP Address" on page 2-1.
• How to configure serial ports. A key consideration is whether to use RealPort. Other considerations include the type of peripheral that will connect to the port and the peripheral’s cabling
requirements. See "Configuring Ports for RealPort" on page 3-1 and the online RealPort driver
documentation and Cable Guide, both of which are on the Access Resource CD.
• The various ways that your Digi device can be configured. See "About Configuration Methods"
on page 1-5 and "Configuration Prerequisites" on page 1-6 for more information.
Step B: Set Up the Hardware
1. Connect the device to power and to the network.
2. Connect peripherals to serial ports. See the Cable Guide on the Access Resource CD.
Step C: Install and Setup DPA-Remote
DPA-Remote is a utility that provides one of the ways to configure an IP address and also provides
port monitoring. See the Digi Port Authority Remote Device Monitor Setup Guide, which is on the
Access Resource CD.
Step D: Configure an IP Address
There are a number of ways to configure an IP address. See "Configuring the IP Address" on page 21 for more information.
Step E: Configure Ports
See the following for more information:
• "Configuring Ports for RealPort" on page 3-1
• "Configuring Ports for Printers" on page 4-1
• "Configuring Ports for Terminals and Computers" on page 6-1
• "Configuring Ports for Modems" on page 5-1
Step F: Configure Other Features as Required
See the following for information on setting up other features:
• "Configuring PPP" on page 8-1
• "Configuring IP Routing" on page 9-1
• "Configuring Autoconnection" on page 7-1
• "Configuring Console Management" on page 10-1
• "Configuring Security Features" on page 12-1
• "Configuring DNS" on page 13-1
Step G: Troubleshoot Setup Problems
Troubleshoot problems as required. See "PortServer TS 8/16 Troubleshooting" on page 17-1. .
1-2
Setup Overview
About This Guide
Purpose
This guide provides the following:
• Configuration and administration procedures
• Configuration examples
Audience
This manual is intended for the person responsible for configuring and administering PortServer TS
8/16. It assumes that this person has experience configuring network devices and is familiar with
networking concepts.
Scope
This manual provides step-by-step instructions for configuring and administering PortServer TS
8/16’s main features. It does not address how to configure every option, provide complete
information on commands, or discuss hardware installation. These topics are covered in other
documents in the PortServer TS 8/16 library.
About Command Line Examples
In this manual, many command examples are broken up and placed on two lines of the manual. This
is done to control where the line breaks, making it as easy to read as possible. When this is done, the
second line of the command will be indented slightly, as shown below.
set menu range=6 t1="Console Management Menu" name="Console Management
Menu" m3="Connect to System 1" c3="connect 1" m4="Connect to System 2"
c4="connect 2"
About Entering Commands on the Command Line
On the PortServer TS 8/16 command line, do not force a line break (by pressing Enter or Return).
This will commit the command before you finish adding all command fields. If your terminal does
not support wrapping to the next line and long commands scroll out of sight, the easiest way to enter
long commands is by breaking the command into multiple commands as shown below. If you use
this method, however, you must let the PortServer TS 8/16 know that you are configuring the same
entity, such as the same port, menu, or line. This is done by repeating the range or name field in each
command.
set menu t1="Console Management Menu" range=6
set menu range=6 name="Console Management Menu" m3="Connect to System 1"
set menu range=6 c3="connect 1" m4="Connect to System 2"
set menu range=6 c4="connect 2"
Supported Devices
This manual provides information on the following Digi devices:
• PortServer TS 8
• PortServer TS 16
Introduction
1-3
Other Documents in the Library
Here is a list of the other documents in the library:
Access Resource CD Card
This card provides information on the contents of the Access Resource CD. It includes the CD
mounting instructions required to access the CD on many Unix systems.
PortServer TS 8/16 Setup Card
This card, which comes in the PortServer TS 8/16 package, provides a brief overview on the setup
process.
Digi One/PortServer TS Command Reference
This online manual, available on the Access Resource CD, provides complete information on
commands.
RealPort Setup Guides
These online manuals provide information on setting up servers for RealPort software.
Digi Port Authority - Remote Device Monitor Setup Guide
This online manual provides information on installing and using Digi Port Authority - Remote
software.
1-4
Other Documents in the Library
About Configuration Methods
Use this section to learn about configuration methods.
Configuring the PortServer TS 8/16 from an Attached Terminal
With this method, you cable a terminal or PC running terminal emulation software to a PortServer
TS 8/16 port and then use the command line to enter commands. This method allows you to
configure all features. It requires, however, that you and the PortServer TS 8/16 be in the same
location. Some users find it advantageous to configure the PortServer TS 8/16 IP address this way
and then use one of the other methods for the rest of the configuration.
Configuring the PortServer TS 8/16 from a Telnet Session
With this method, you Telnet to the PortServer TS 8/16 and use the command line to complete configuration tasks. The only disadvantage to this method is that you have to configure the PortServer
TS 8/16 with an IP address before you can Telnet to it.
Configuring the PortServer TS 8/16 from the Web Interface
The great advantage to this method is ease of use. This method does, however, require that you
configure the IP address before you can access the configuration from the web interface, and some
features cannot be configured this way.
Downloading a Configuration File
With this method, you configure a Digi device and then do the following:
1. Download an existing configuration file to a host system.
2. Edit the file with specific configuration using a text editor.
3. Upload the file to the the Digi PortServer TS 8/16.
This an excellent method for maintaining highly similar configuration files for multiple Digi
devices. The disadvantage is that the PortServer TS 8/16 requires some configuration steps, such as
the IP address, to be completed before it can be used.
Introduction
1-5
Configuration Prerequisites
Accessing the Command Line from a Locally-Connected Terminal
Use this procedure to access the command line and the configuration from a terminal connected to
one of the PortServer TS 8/16’s serial ports.
1. Connect a terminal or PC to a serial port on the PortServer TS 8/16.
•
For a terminal, use the cable that came with your package.
•
For a Windows Hyperterminal connection, use the cable that came in the package, a straightthrough DB25-to-DB9 modem cable, and gender changers as required.
2. Configure the parameters of the terminal or terminal emulation software to work with the Digi
serial port. The default port settings are:
•
VT 100 emulation
•
9600 baud
•
8-bit character
•
1 stop bit
•
No parity
3. Log in as the root user. The default password is dbps.
Logging On As Root from the Command Line
1. At the login prompt, enter the following: root
2. At the password prompt, supply the root password. The default is dbps.
Accessing the Command Line from a Telnet Session
Use this procedure to access the command line and the configuration from a Telnet session. This
procedure assumes that you have configure the Digi device with an IP address already. See
"Configuring the IP Address" on page 2-1.
1. To Telnet to the PortServer TS 8/16, enter the following command from a command prompt on
another networked device, such as a server:
telnet ip-address
where ip-address is the PortServer TS 8/16’s IP address
Example: telnet 192.3.23.5
2. Log in as the root user. The default password is dbps.
Accessing the Configuration from the Web Interface
Use this procedure to access the configuration from the web interface. This procedure assumes that
you have configured the Digi device with an IP address already. See "Configuring the IP Address"
on page 2-1.
1. Access the PortServer TS 8/16 from a web browser by specifying the PortServer TS 8/16’s IP
address in the URL window.
2. Log on as root. The default password is dbps.
1-6
Configuration Prerequisites
Configuring the IP Address
Chapter 2
In This Chapter
This chapter discusses how to configure PortServer TS 8/16’s IP address and other features
associated with its Ethernet interface. It discusses the following topics:
•
Options for Configuring the IP Address and Mask . . . . . . . . . . . . . . . . . . . . . . 2-2
•
Configuring the Ethernet Interface with DPA-Remote . . . . . . . . . . . . . . . . . . . 2-3
•
Configuring the IP Address Using Ping-ARP . . . . . . . . . . . . . . . . . . . . . . . . . . 2-4
•
Configuring the Ethernet Interface from the Command Line . . . . . . . . . . . . . . 2-5
•
Configuring an IP Address using DHCP and RARP. . . . . . . . . . . . . . . . . . . . . 2-5
Configuring the IP Address
2-1
Options for Configuring the IP Address and Mask
Options
The PortServer TS 8/16 IP address can be configured using the following methods:
• With Digi Port Authority-Remote, a Digi utility
• By updating the ARP table on a server and then pinging the Digi device (called Ping-ARP)
• From the command line using the set config command
• Using a RARP server
• Using a DHCP server
The IP address and mask can also be changed using the web interface. This method, however, does
not work for the initial IP address configuration.
Devices That Support DPA-Remote and Ping-ARP for IP Address Configuration
Not all Digi devices can use DPA-Remote and Ping-ARP for IP address configuration. To determine
if you can use these features, find the hardware label on your Digi device and then use the table
below to determine whether this feature is available:
Device
PortServer TS 8
2-2
Part Number
50001208-01
Revision Required
B or higher
PortServer TS 16 (desktop)
50001207-01
E or higher
PortServer TS 16 (rack-mounted)
50001185-01
C or higher
Options for Configuring the IP Address and Mask
Configuring the Ethernet Interface with DPA-Remote
Use this section to configure an initial IP address, subnet mask, and default gateway using DPARemote. This procedure cannot be used to change the IP address, but only to assign the initial IP
address. It also cannot be used if a DHCP server is active.
Starting Point
This procedure assumes the following:
• That your Digi device supports this feature. See "Devices That Support DPA-Remote and PingARP for IP Address Configuration" on page 2-2.
• That your Digi device is connected to the Ethernet network
• That the Digi device has DHCP client turned on. This is the default setting, so it will be on
unless it was turned off.
• That you do not have a DHCP server to serve IP address. If you do, use the DHCP procedure.
See "Configuring an IP Address using DHCP and RARP" on page 2-5.
• That you have installed DPA-Remote version 2.01.11or later. For information on installing DPARemote, see the Digi Port Authority Remote Device Monitor Setup Guide, which is on the
Access Resource CD.
Procedure
1. Run DPA-Remote.
2. If DPA-Remote is not set for ADDP, choose ADDP as the Discovery Protocol.
3. Choose Discover.
A list of Digi devices appears. Systems with IP addresses of 0.0.0.0 need IP addresses.
4. Select a device from the list and then choose Configure.
5. Supply an IP address, subnet mask and default gateway and then choose OK.
DPA-Remote configures the IP address, subnet mask and default gateway.
Configuring the IP Address
2-3
Configuring the IP Address Using Ping-ARP
Use this section to configure an IP address by manually updating a server’s ARP table and then
pinging the Digi device.
Starting Point
This procedure assumes the following:
• That your Digi device supports this feature. See "Devices That Support DPA-Remote and PingARP for IP Address Configuration" on page 2-2.
• That your Digi device is connected to the Ethernet network
Procedure
1. Record the MAC address of the Digi device. It’s on the back of the unit.
2. Access a server on the same subnet as the Digi device.
3. Manually update the server’s ARP table using the Digi device’s MAC address and the IP address
you want assigned to the Digi device. The following is an example of how this is done on a Windows NT 4.0 system:
arp -s 143.191.2.1 00-40-9d-22-23-60
4. Ping the Digi device using the IP address just assigned. The following is an example:
ping 143.191.2.1
The ping will probably time out before there is a response from the Digi device.
5. Wait a few seconds and then ping the Digi device again.
The Digi device replies to the ping, indicating that the IP address has been configured.
2-4
Configuring the IP Address Using Ping-ARP
Configuring the Ethernet Interface from the Command Line
This section discusses how use the command line to configure an IP address, mask, and default
gateway for PortServer TS 8/16’s Ethernet interface.
Manual Configuration Procedure
1. To configure an IP address for the Ethernet interface, enter the following command:
set config ip=ip-address
where ip-address is the IP address for the Ethernet interface
Example: set config ip=191.143.2.154
2. To configure a subnetmask, enter the following command:
set config submask=mask
where mask is the subnet mask for this subnetwork
Example: set config submask=255.255.255.0
3. To ensure that this address is permanent, turn DHCP off by entering the following command:
set config dhcp=off
4. To configure a default gateway, enter the following command:
set config gateway= ip-address
where ip-address is the IP address of the default gateway
Example set config gateway=191.143.2.46
5. Reboot the Digi device at the prompt using the following command:
boot action=reset
Manual Configuration Example
In this example set config commands configure the Ethernet interface and the boot command reboot
the Digi device, which is required for the address change to take affect.
set config ip=192.150.150.10 submask=255.255.255.0 dhcp=off
set config gateway=192.150.150.11
boot action=reset
Configuring an IP Address using DHCP and RARP
About DHCP and RARP
When the PortServer TS 8/16 boots, it transmits a DHCP request and a RARP request. This
continues until an address is assigned.
Procedure
To use RARP or DHCP follow these steps:
1. Set up an entry for an address on a DHCP or RARP server. If you intend to use RealPort, do the
following:
•
Reserve a permanent IP address.
•
Record the IP address. You will need it when you configure the RealPort driver.
2. Power on the PortServer TS 8/16.
The DHCP or RARP server assigns the PortServer TS 8/16 an IP address.
Configuring the IP Address
2-5
2-6
Configuring an IP Address using DHCP and RARP
Configuring Ports for RealPort
Chapter 3
In This Chapter
This chapter describes how to configure PortServer TS 8/16 for RealPort connections. It discusses
the following topics:
•
About RealPort. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-2
•
Configuring Ports: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-3
•
Configuring Ports for RealPort: Command Line . . . . . . . . . . . . . . . . . . . . . . . . 3-4
•
Example . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 3-4
Configuring Ports for RealPort
3-1
About RealPort
This section provides a brief introduction to RealPort.
What is RealPort?
RealPort is a feature that allows network-based host systems to use the ports of the PortServer TS
8/16 as though they were the host system’s own ports, appearing and behaving as local ports to the
network-based host.
RealPort Advantages
RealPort provides the following advantages:
• It expands the number of ports available to the host system.
• It enables PortServer TS 8/16 ports to be treated as if they were directly connected to the host,
which means they use all standard operating system interfaces that control baud rate, parity, stop
bits, and flow control.
• It enables host administrators to do most of the required configuration on the host, the system
with which the administrator is most familiar.
• It dramatically reduces host CPU overhead because multiple terminal or printer sessions are
multiplexed over the same TCP/IP connection.
Configuring the RealPort Software
You must install and configure RealPort software on each host that will use RealPort ports. See the
RealPort documentation for more information.
Configuration Options
You can configure PortServer TS 8/16 for RealPort from the command line or using the web
interface. For information on using the web interface, see "Configuring Ports: Web Interface" on
page 3-3.
3-2
About RealPort
Configuring Ports: Web Interface
Use this procedure to configure a port from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, select Configure > RealPort.
A screen similar to the following appears.
4. To complete configuration, choose Next and then follow the prompts.
5. To return to the main Ports menu, choose Ports from the Menu again.
6. To complete RealPort setup, install and configure the RealPort driver. See the appropriate
RealPort setup guide on the Access Resource CD.
Configuring Ports for RealPort
3-3
Configuring Ports for RealPort: Command Line
This section describes how to configure RealPort ports from the command line.
Procedure
Use this procedure to use the command line to configure PortServer TS 8/16 for RealPort.
This procedure assumes that you have signed on as root and have or will
• Install RealPort software on each RealPort host. See the appropriate RealPort documentation for
more information.
• Properly cabled PortServer TS 8/16 ports and devices.
• Set up the devices connected to PortServer TS 8/16 ports
1. Configure the RealPort TCP port by entering the following command:
set tcp realport=771
2. Configure PortServer TS 8/16 ports by entering the following command:
set ports range=range dev=rp
where range is the range of ports to which this command applies
Example: set ports range=2 dev=rp
Example
In this example, all ports are configured for RealPort.
set tcp realport=771
set ports range=* dev=rp
3-4
Configuring Ports for RealPort: Command Line
Configuring Ports for Printers
Chapter 4
In This Chapter
This chapter describes how to configure PortServer TS 8/16 ports for printer connections. It
discusses the following topics:
•
Configuration Considerations . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4-2
•
Configuring Ports for Printers: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 4-3
•
Configuring Printer Connections: Command Line . . . . . . . . . . . . . . . . . . . . . . 4-3
•
Configuring a Port for Direct-Access Printing. . . . . . . . . . . . . . . . . . . . . . . . . . 4-5
Configuring Ports for Printers
4-1
Configuration Considerations
You should be aware of the following considerations if you intend to configure PortServer TS 8/16
to handle printers.
Using RealPort
RealPort, a feature that allows network-based host systems to use the ports of the PortServer TS
8/16 as though they were the host system’s own ports, is an easy and efficient way for printers to use
PortServer TS 8/16 ports. For information on this option, see "Configuring Ports for RealPort" on
page 3-1.
Determining Your Printer’s Flow Control Requirements
If you set the PortServer TS 8/16 flow control parameters incorrectly, the printer may not print all
data sent to it. Consequently, before you configure a PortServer TS 8/16 port for a printer, check the
printer’s documentation to determine if it uses hardware flow control, software flow control, or no
flow control at all.
Flow Control Tips
Here are some tips to ensure that your printer performs as expected:
• If flow control is necessary, ensure that the printer and PortServer TS 8/16 use the same flow
control scheme.
• Most printers that use hardware flow control issue the DTR (data terminal ready) signal when
they are ready for data. If so, the DTR pin on the cable from the printer must be wired to an input
on the PortServer TS 8/16 port (usually CTS or DCD) that can be used for flow control.
Printing with AIX Systems
Digi does not recommend using lpd to print multiple jobs to a PortServer TS 8/16-attached printer
from an AIX print spooler because this may cause the print job to time out.
Using the lpd Protocol
Here are some tips for configuring the print spooler on your UNIX system when you intend to print
using the lpd protocol to a printer attached to PortServer TS 8/16:
1. The number of copies option with lpr is not supported.
2. Banner pages are not supported.
3. Give the PortServer TS 8/16’s DNS name or IP address as the remote system’s name.
4. Specify a queue name that conforms to the following conventions:
•
Begin the queue name with one of the following character strings: (a) Use ascii if you want
PortServer TS 8/16 to substitute carriage return and line feed characters for each line feed the
system sends. (b) Use raw if no substitution should be performed.
•
After the queue name, insert an underscore character and the number of the PortServer TS
8/16 port to which the printer is attached.
•
If you want to use either of the following options, specify an additional underscore and then
the letter that identifies the option: (a) Use f to append a form feed character to the end of
each file in a print job (b) Use d to add a Ctrl-d to the end of each file in a print job. (This is
often required by PostScript printers.)
Examples
String
4-2
Result
ascii_1
Prints to port 1 and translates CR to CR/LF.
ascii_8_f
Prints to port 8, translates CR to CR/LF and prints a form feed at the end
of the job.
raw_1_d
Prints to port 1 with no translation and appends a Ctrl-d to the end of the
print job.
Configuration Considerations
Tips for telnet and rsh Printing
Here are some tips for handling telnet and rsh printing:
• If line feed and carriage return problems occur, try supplying a set line command that specifies
onlcr=on. This converts carriage returns to carriage return/line feeds.
• If you want tab characters (ASCII character 9) converted to 8 spaces, use a set line command
that specifies otab=on.
Configuring Ports for Printers: Web Interface
Use this procedure to configure a port from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, choose Configure > Ports.
4. To configure a port, do the following:
a. Choose the port from the port column.
b. Ensure that the Device Type is Printer.
c. Make other changes to the configuration as required. Use the online help for information.
d. If you want to apply this configuration to multiple ports, choose Clone, select the ports for
this configuration, and then choose Continue.
e. Choose Submit.
5. To return to the main Ports menu, choose Ports from the menu again.
Configuring Printer Connections: Command Line
This section describes how to configure PortServer TS 8/16 for printer connections.
Related Information
See the set ports, set line, and set flow commands in the Digi One/PortServer TS Command
Reference.
Procedure
This procedure assumes the following:
• That you are logged in as root
• That you know printer attributes, such as baud rate and parity
1. Configure the port for a printer by supplying the following command:
set ports dev=prn range=range
where range is a range of ports
Example: set ports dev=prn range=1-2
2. Configure line attributes with a set line command. The attributes you configure depend on
printer requirements. See the set line command in the Digi One/PortServer TS Command Reference to determine which set line command fields you require.
3. Configure flow control attributes with the set flow command. The attributes you configure
depend on printer requirements. See the set flow command in the Digi One/PortServer TS Command Reference for more information.
Example
In this example, port 2 is configured for a printer that uses hardware flow control.
set ports range=2 dev=prn
Configuring Ports for Printers
4-3
set line range=2 baud=9600 csize=8 stopb=1 parity=n
set flow range=2 cts=on ixon=off ixoff=off
4-4
Configuring Printer Connections: Command Line
Configuring a Port for Direct-Access Printing
Direct access printing allows Telnet users on the LAN to access a port and to issue print commands
directly to the printer. This section describes the two ways users can access a printer directly and
explains how to configure the port to support each method.
Method 1: Specifying Port Numbers in the Telnet Command
This method allows users to issue telnet commands that identify the correct port by using TCP port
numbers. Users identify the type of connection and port number by specifying one of the following:
For this connection type...
Telnet
Identify the port by specifying...
2000 plus the number of the port.
Example: 2002 for port 2.
Raw
2100 plus the number of the port.
Example: 2102 for port 2.
User Command Example 1
In this example, a user specifies a standard telnet connection on port 2 of a PortServer TS 8/16 using
IP address 199.250.38.15.
cat myfile | telnet 199.250.38.15 2002
User Command Example 2
In this example, a user specifies a raw telnet connection on port 2 of a PortServer TS 8/16 using IP
address 199.250.38.15.
cat myfile | telnet 199.250.38.15 2102
Note: To specify a hunt group in the command instead of an individual port, use the group number
specified on the group field of the set ports command that configured the port.
Method 1 Configuration
There is no special configuration required to set up a port for this type of direct access. Simply
configure the port for a printer. See "Configuring Printer Connections: Command Line" on page 4-3
for more information.
Method 2: Using Alternate IP Addresses
This method provides similar functions to method 1, except alternate IP addresses allow users to
identify a specific port by simply specifying an IP address.
Method 2 Configuration
To configure an alternate IP address, do the following:
• Configure the port for a printer. See Configuring Printer Connections: Command Line on page
4-3 for more information.
• Supply a set altip command that specifies the following:
set altip group=port-number ip=ip-address
where
— port-number is the number of a PortServer TS 8/16 port
— ip-address is the IP address of the PortServer TS 8/16
Command Line Example
set ports range=2 dev=prn
set line range=2 baud=9600 csize=8 stopb=1 parity=n
set flow range=2 cts=on rts=on ixon=off ixoff=off
set altip group=2 ip=199.250.38.17
Configuring Ports for Printers
4-5
4-6
Configuring a Port for Direct-Access Printing
Configuring Ports for Terminals
and Computers
Chapter 6
In This Chapter
This chapter describes how to configure PortServer TS 8/16 ports for terminal and computer
connections. It discusses the following topics:
•
Configuring Ports for Terminals: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . 6-2
•
Configuring Ports for Terminals: Command Line . . . . . . . . . . . . . . . . . . . . . . . 6-2
•
About Computer Connections . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6-3
Configuring Ports for Terminals and Computers
6-1
Configuring Ports for Terminals: Web Interface
Use this procedure to configure a port from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, choose Configure > Ports.
4. To configure a port, do the following:
a. Choose the port from the port column.
b. Ensure that the Device type is set to Terminal.
c. Make changes to the configuration as required. Use the online help for information.
d. If you want to apply this configuration to multiple ports, choose Clone, select the ports for
this configuration, and then choose Continue.
e. Choose Submit.
5. To return to the main Ports menu, choose Ports from the Menu again.
Configuring Ports for Terminals: Command Line
This section describes how to configure PortServer TS 8/16 ports for terminal connections.
Port Defaults
Here is the default configuration for PortServer TS 8/16 ports:
• VT-100 emulation
• 9600 baud
• 8-bit characters
• 1 stop bit
• No parity
• Software flow control
Related Information
•
•
For information on the set line, set ports, and set flow commands, see the Digi One/PortServer
TS Command Reference.
For information on configuring terminal ports for autoconnections, see, "Configuring Autoconnection" on page 7-1.
Procedure
This procedure assumes the following:
• That you are logged in as root
• That you know the attributes, such as baud rate and parity, of the terminal that will be connected
to this port
1. Supply a set ports command that specifies the following:
set ports range=range dev=term sess=num-of-sess
where range is a port or range of ports and num-of-sess is the number of simultaneous sessions
the port user can maintain
2. Supply a set line command that specifies the following:
set line range=range baud=bps csize=characters parity=parity
stopb=num-bits
where
•
6-2
range is a port or range of ports
Configuring Ports for Terminals: Web Interface
•
bps is the line speed
•
characters is the character size
•
parity is the parity scheme to use on this line
•
num-bits is the number of stop bits to use
3. If your terminal uses hardware flow control, supply a set flow command that specifies the following (software flow control is the default, so a set flow command is not required in that case):
set flow range=range ixoff=off ixon=off cts=on rts=on
where range is a port or range of ports
Note:
You may need to use additional set flow command fields, depending on the flow control scheme required by your terminal. See the set flow command in the Digi
One/PortServer TS Command Reference for more information.
Example
In this example, port 1 and 2 are configured for connection to terminals using hardware flow control.
The connection uses default for character size (8 bits), parity (no parity), and stop bits (1).
set ports range=1-2 sess=3 dev=term termtype=wy60
set line range=1-2 baud=19200
set flow range=1-2 ixon=off ixoff=off rts=on cts=on
About Computer Connections
Configuring computer connections is very similar to configuring terminal connections, which is
discussed on page 6-2. Consequently, this section simply discusses the differences between these
connection types.
Starting Point
This section assumes that
• You are logged in as root
• You know the attributes, such as baud rate and parity, of the PC that will be connected to this
port
Configuring Typical PC Connections
To configure a port for a directly-connected PC, where the PC always initiates the connection,
configure the connection as you would a terminal connection, except on the set ports command do
the following:
• Specify dev=min if you have a 10-pin null modem cable to support this type of connection.
• Specify dev=term if you do not have a 10-pin null modem cable
Consider defining the serial connection as a PPP link. See "Configuring PPP" on page 8-1 for more
information.
Command Line Example
In this example, ports 1-2 are set up for a BBS host.
set ports range=1-2 dev=prn group=70
set line range=1-2 baud=19200
set flow range=1-2 ixon=off ixoff=of f rts=on cts=on
set altip group=70 ip=199.179.23.10
Configuring Ports for Terminals and Computers
6-3
6-4
About Computer Connections
Configuring Ports for Modems
Chapter 5
In This Chapter
This chapter describes how to configure PortServer TS 8/16 ports for modem connections. It
discusses the following topics:
•
Tips on Configuring A Modem . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5-2
•
Configuring Ports for Modems: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . 5-3
•
Configuring Ports for Incoming Modem Connections: Command Line . . . . . . 5-3
•
Configuring Ports for Outgoing/Bi-Directional Connections: Command Line 5-4
Configuring Ports for Modems
5-1
Tips on Configuring A Modem
Here are some tips on configuring modems to work with PortServer TS 8/16:
• Configure the modem so that DCD goes high when it receives an incoming connection request.
• Configure the modem to answer an incoming call only when DTR is high, and to drop the line
when DTR goes low.
• For bidirectional connections, it is advisable to configure the non-volatile parameters in the
modem for incoming calls. Also configure the modem to reset to these parameters when DTR is
dropped.
• Configure the modem to lock the serial line speed at the highest baud rate the modem will accept
for reliable data transfer because PortServer TS 8/16 cannot switch the baud rate of the serial line
on a per call basis without reconfiguration.
Note:
5-2
You may want to consider connecting modems using RealPort, a feature that allows
network-based host systems to use the ports of the PortServer TS 8/16 as though they
were the host system’s own ports. It is an easy and efficient way for modems to use
PortServer TS 8/16 ports. For information on this option, see "Configuring Ports for
RealPort" on page 3-1.
Tips on Configuring A Modem
Configuring Ports for Modems: Web Interface
Use this procedure to configure a port for a modem from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, choose Configure > Ports.
4. To configure a port, do the following:
a. Choose the port from the port column.
b. Configure the correct device type. Choose Modem in for inbound modem connections,
Modem out for outbound connections, and Modem for bidirectional connections.
c. Make other changes to the configuration as required. Use the online help for information.
d. If you want to apply this configuration to multiple ports, choose Clone, select the ports for
this configuration, and then choose Continue.
e. Choose Submit.
5. To return to the main Ports menu, choose Ports from the menu again.
Configuring Ports for Incoming Modem Connections: Command Line
This section describes how to configure incoming-only modem connections, that is, connections that
are initiated by a device across the telephone network.
Related Information
•
•
•
•
If you intend to run PPP traffic over this modem connection, see "Configuring PPP" on page 81.
For more information on setting the port’s flow control attributes see the set flow command in
the Digi One/PortServer TS Command Reference.
For information on setting up the port for autoconnection, see "Configuring Autoconnection" on
page 7-1 of this manual and the set ports command in the Digi One/PortServer TS Command
Reference.
For information on setting serial line operating parameters such as character size, the number of
stop bits, and parity, see the set line command in the Digi One/PortServer TS Command Reference.
Procedure
This procedure assumes that you
• Know the operating parameters required by the modem. If you do not, see the modem documentation.
• Have or will correctly cable the connection between the PortServer TS 8/16 serial ports and
modems. See the Digi One/PortServer Cable Guide for more information.
• Have logged in as root
1. Supply a set ports command that specifies the following:
set ports range=range dev=min
where range is a PortServer TS 8/16 port or range of ports.
Example: set ports range=2 dev=min
2. Supply a set line command that specifies the following:
set line range=range baud=bps
where range is a port or range of ports and bps is the line speed for this port.
Example: set line range=2 baud=115200
3. Supply a set flow command that defines the flow control scheme required by the modem.
Configuring Ports for Modems
5-3
Example
In this example, ports 1 and 2 are set up for incoming modem connections using RTS/CTS flow
control.
set ports range=1-2 dev=min
set line range=1-2 baud=115200
set flow range=1-2 ixon=off ixoff=off cts=on rts=on
Configuring Ports for Outgoing/Bi-Directional Connections: Command Line
This section describes how to configure outgoing and bidirectional modem connections from the
command line.
Related Information
•
•
•
For more information on setting the port’s flow control attributes see the set flow command in
the Digi One/PortServer TS Command Reference.
For information on setting serial line operating parameters such as character size, the number of
stop bits, and parity, see the set line command in the Digi One/PortServer TS Command Reference.
For more information on configuring dialer and login scripts, see the set script command in the
Digi One/PortServer TS Command Reference.
Before You Begin
This procedure assumes that you
• Know the operating parameters required by the modem. If you do not, see the modem documentation.
• Have or will correctly cable the connection between the PortServer TS 8/16 serial ports and
modems. See the Digi One/PortServer Cable Guide for more information.
• Logged in as root
Procedure
1. Supply a set ports command that specifies the following:
set ports range=range dev=dev
where range is a serial port or range of serial ports and dev is one of the following:
•
dev=mout for outgoing-only connections
•
dev=mio for bidirectional connections
Note:
Use a group number (on the group field), if you intend to create a hunt group of ports
that can access a pool of modems. Make sure this group number is greater than 65.
Example: set ports range=2 dev=mio
2. Supply a set line command that specifies the following:
set line range=range baud=bps
where range is a serial port or range of ports and bps is the line speed of the connection
Example: set line range=2 baud=115200
3. Supply a set flow command that defines the flow control scheme required by the modem.
Example
In this example, ports 1 and 2 are configured for bidirectional modems.
set ports range=1-2 dev=mio
set line range=1-2 baud=115200
set flow range=1-2 ixon=off ixoff=off rts=on cts=on
5-4
Configuring Ports for Outgoing/Bi-Directional Connec-
Configuring PPP
Chapter 8
In This Chapter
This chapter discusses how to configure PPP connections. It covers the following topics:
•
Configuring PPP
Configuring PPP Connections: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . 8-2
•
Configuring Inbound PPP Connections: Command Line . . . . . . . . . . . . . . . . . 8-3
•
Configuring Outbound PPP Connections: Command Line . . . . . . . . . . . . . . . . 8-5
8-1
Configuring PPP Connections: Web Interface
Use this procedure to configure PPP connections from the web interface.
1. Access the web interface by placing the IP address of the Digi device in the URL window of a
browser.
2. Log in as the root user. The default password is dbps.
3. Navigate to the PPP configuration screen, by choosing PPP from the Configure menu.
A screen similar to the following appears.
4. Use the web interface and the online help to complete configuration tasks.
8-2
Configuring PPP Connections: Web Interface
Configuring Inbound PPP Connections: Command Line
Use this section to configure simple inbound PPP connections from the command line. F or
information on fine-tuning PPP connections, see the set user command in the Digi One/PortServer
TS Command Reference.
Note:
CHAP authentication works between two Digi devices. CHAP will be negotiated to
PAP for all other connections
Procedure
1. To configure the port for a modem, enter the following command:
set ports range=range dev=device
where range is the port or ports and device is one of the following:
•
min for inbound only modem connections
•
mio for bidirectional modem connections.
See the set ports command in the Digi One/PortServer TS Command Reference for more information.
Example: set ports range=3 device=min
2. To configure flow control for the ports, enter the following command:
set flow range=range flow-control=scheme
where range is the port or ports and flow-control=scheme is the flow control required for this
connection. Typically, for modem connections RTS and CTS are on.
Example: set flow range=3 ixon=off ixoff=off rts=on cts=on
See the set flow command in the Digi One/PortServer TS Command Reference for more information.
3. To configure the baud rate for this connection, enter the following command:
set line range=range baud=bps
where range is the port or ports to configure and bps is the line speed in bits-per-second. Typically, you can set this to 115000 bps for modem connections.
Example: set line range=3 baud=115000
4. To create an inbound PPP user, enter the following command:
set user name=name protocol=ppp netservice=on defaultaccess=netservice
where name is a name to assign the PPP user
Example:
set user name=pppin protocol=ppp netservice=on defaultaccess=netservice
5. To configure an IP address for the remote PPP user, enter the following command:
set user name=name ipaddr=ip-address
where
•
name is the user’s name
•
ip-address is one of the following: (a) A standard IP address in dotted decimal format. (b)
0.0.0.0, which means the remote user will supply the IP address. (c) ippool, which means that
the user will be assigned an IP address from an IP address pool. See the set ippool command
in the Digi One/PortServer TS Command Reference.
E x a m p le : set user name=pppin ipaddr=ippool
6. If you used the IP address pool option in the previous step, specify the following subnetwork
mask using the following command: (a mask of 255.255.255.255 is required)
set user ipmask=255.255.255.255
Configuring PPP
8-3
7. To configure an IP address for the local end of the PPP connection, enter the following command:
set user name=name localipaddr=ip-address
where name is the user’s name and ip-address is the IP address to assign to the local end of the
PPP connection. This address must be unique. That is, no other user can be assigned this address
and it cannot be the IP address for the Ethernet interface.
Example: set user name=pppin localipadr=199.1.1.2
Configuring Inbound PPP Connections: Example
This example shows a very simple PPP inbound configuration. Here are some points on this
configuration:
• The port is set up for inbound connections (dev=min).
• RTS and CTS are used for flow control.
• The baud rate has been set to 115000 bps.
• The user has been configured to use an IP address pool
set ports range=3 device=min
set flow range=3 ixon=off ixoff=off rts=on cts=on
set line range=3 baud=115000
set user name=pppin protocol=ppp netservice=on defaultaccess=netservice
set user name=pppin ipaddr=ippool
set user name=pppin localipadr=199.1.1.2
8-4
Configuring Inbound PPP Connections: Command Line
Configuring Outbound PPP Connections: Command Line
This section describes how to configure outbound PPP connections. Use it to configure outbound
only connections or to configure the outbound portion of bidirectional connections.
Note:
CHAP authentication works between two Digi devices. CHAP will be negotiated to
PAP for all other connections
Procedure
1. To configure the port for a modem, enter the following command:
set ports range=range dev=device
where range is the port or ports and device is one of the following:
•
mout for outbound only modem connections
•
mio for bidirectional modem connections.
See the set ports command in the Digi One/PortServer TS Command Reference for more information.
Example: set ports range=3 device=mout
2. To configure flow control for the ports, enter the following command:
set flow range=range flow-control=scheme
where range is the port or ports and flow-control=scheme is the flow control required for this
connection. Typically, for modem connections RTS and CTS are on.
Example: set flow range=3 ixon=off ixoff=off rts=on cts=on
See the set flow command in the Digi One/PortServer TS Command Reference for more information.
3. To configure baud rate for this connection to the modem, enter the following command:
set line range=range baud=bps
where range is the port or ports to configure and bps is the line speed in bits-per-second. Typically, you can set this to 115000 bps for modem connections.
Example: set line range=3 baud=115000
4. If you do not want to use the Digi-supplied dialer script (genmdm) and login script (loginscript),
which work for most applications, use the set script command to create your own scripts.
See the set script command in the Digi One/PortServer TS Command Reference for more information.
5. If you do not want to use the Digi-supplied outbound device (gendialer), which works for most
applications, enter the following command:
set device name=name ports=ports dialer=name
where
•
name=name is the name for this device
•
ports are the ports to associate with this device
•
dialer=name is the name of a dialer script, either the Digi-supplied script or a user-created
one
6. To create a PPP user, enter the following command:
set user name=name protocol=ppp
where name is the name of the PPP user
E x a m p le
set user name=pppout protocol=ppp
7. To configure this user for outbound connections, enter the following command:
Configuring PPP
8-5
set user name=name outgoing=on device=device
where device is either the Digi-supplied device or the outbound device created earlier in this procedure
Example:
set user name=pppout outgoing=on device=gendialer
8. To configure an IP address for the local end of the PPP connection, enter the following command:
set user name=name localipaddr=ip-address
where name is the user’s name and ip-address is one of the following:
•
0.0.0.0. , which means that the user will request an IP address from the remote server.
•
A specific IP address, which means that the Digi device will attempt to use this IP address.
The remote server must agree to this request.
Example: set user name=pppout localipadr=0.0.0.0
9. To configure a telephone number to dial to reach the outbound user, enter the following command:
set user name=name n1=telephone-number
where name is the user’s name and telephone-number is the number to dial to reach the user.
You can enter this number as digits only, with dashes (-) separating digits, or with commas.
Example: set user name=pppout n1=4452624
Example
This example shows a very simple outbound PPP configuration. Here are some points on this
configuration:
• The port is set up for outbound connections (dev=mout).
• Hardware flow control is used.
• Default device and scripts are used
set ports range=3 device=mout
set flow range=3 ixon=off ixoff=off rts=on cts=on
set line range=3 baud=115000
set user name=pppout protocol=ppp
set user name=pppout dialout=on outgoing=on device=gendialer
set user name=pppout localipadr=0.0.0.0
set user name=pppout n1=4452624
8-6
Configuring Outbound PPP Connections: Command Line
Configuring IP Routing
Chapter 9
In This Chapter
This chapter describes how to configure IP routing. It discusses the following topics:
•
Introduction to Routing . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-2
•
About RIP Routing Updates. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-3
•
Configuring Static Routes . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-5
•
Configuring Dynamic Routes Using RIP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-6
•
Configuring Proxy ARP. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9-7
Configuring IP Routing
9-1
Introduction to Routing
This section provides some introductory information on routing.
What is Routing
Routing is the method, employed by IP software, of choosing a path over which to send packets
between systems on different physical networks. When PortServer TS 8/16 is configured as a router,
it performs this service.
Types of Routing
PortServer TS 8/16 can be configured to perform the following types of routing:
• Static routing. When you use static routing, you manually configure routes to other networks for
PortServer TS 8/16. Static routing works fine for small, stable networks. Maintaining static
routes is difficult on larger networks and on networks that experience a lot of changes.
• Dynamic routing. When you use dynamic routing, routes are not manually configured but are
automatically established and maintained using information provided by routing information
protocol (RIP). Route maintenance is obviously easier using RIP, but RIP has some shortcomings that are discussed later in this chapter. PortServer TS 8/16 supports the RIP 1 standard.
• Proxy ARP, which is a technique in which a router answers ARP requests intended for another
system. Typically, you use proxy ARP to move packets between physical networks that use the
same IP network address. By pretending to be the other system, the PortServer TS 8/16 accepts
responsibility for forwarding packets to that system. Proxy ARP makes routing decisions based
on either static routes or on routing information provided by RIP.
9-2
Introduction to Routing
About RIP Routing Updates
Introduction
RIP defines a method for propagating routing information among routers. It provides IP software
with the information needed to make intelligent routing decisions.
The information, passed in RIP updates packets from router-to-router, consists of two items, a
network ID and a hop count. A hop count is the number of routers through which a packet must pass
on its way from a source to a destination network.
RIP Example
In the example that follows, Router R1 “advertises” (using RIP) that it can reach Net 1 in one hop.
When Router R2 receives this advertisement, it then knows that since it is on a common network
with R1 that it can reach Net 1 in two hops. It advertises this fact to other routers in the network,
who use this information to calculate their own routes to Net 1.
Net 1
R1
Net 2
R2
Net 3
R3
Net 4
Problem with RIP: Sending Updates Across a WAN
RIP can be an expensive way to handle routing if RIP updates are regularly sent across lines that
charge by traffic volume or usage time. Neither of these, of course, applies to LANs or leased lines.
Because of these cost considerations, PortServer TS 8/16 lets you turn RIP off on some or all serial
links.
Problem with RIP: Slow Convergence
Slow convergence is a problem that can arise from the method RIP uses to disseminate routing
information. In the preceding figure,
1. R1 advertises that it can reach Net 1 in one hop.
2. R2 then advertises that it can reach Net 1 in two hops
3. R3 then advertises that it can reach Net 1 in three hops.
What happens if R1’s link to Net 1 goes down? First it realizes that its one-hop route to Net 1 is no
longer available. But it hears that R2 can reach Net 1 in two hops, so it updates its routing table to
say it can reach Net 1 in three hops, the one hop to R2 and the two hops R2 says it needs to reach Net
1.
R1 then advertises that it can reach Net 1 in three hops. R2 hears the advertisement and realizes that
if R1 needs three hops to get to Net 1 then it needs to update its own routing tables to reflect that
fact, because it knows that its route to Net 1 is always one more hop than R1 requires. Consequently,
it updates its routing tables to say that it can reach Net 1 in four hops. This can go on until the hop
count to Net 1 reaches 16, which RIP defines as an unreachable destination.
Combatting RIP’s Slow Convergence Problem
There are two methods to combat RIP’s slow convergence problem, both of which PortServer TS
8/16 implements.
The first is called “split horizon,” which stipulates that learned routes are not propagated from the
interface on which they are learned. Had split horizon been used in the preceding example, R2
would not have advertised to R1 that it could reach Net 1. Consequently, R1 would never have
Configuring IP Routing
9-3
regarded R2 as an alternate path to Net 1.
The second is called “poison reverse,” which stipulates that routes are advertised as unreachable on
the interface on which the route is learned. Had poison reverse been used in the preceding example,
R2 would have advertised Net 1 as unreachable in its RIP updates to R1. Again R1 would never
have regarded R2 as an alternate path to Net 1.
PortServer TS 8/16 Participation in RIP Updates
PortServer TS 8/16’ s participation in the exchange of RIP updates can be configured on the set
forwarding command. This command allows you to configure PortServer TS 8/16
• To neither receive nor propagate RIP updates (state=off), which means it must be configured for
static routes (set route command) if it is to do any routing at all.
• To receive RIP updates but not advertise its own routes using RIP (state=passive)
• To both receive and pass RIP updates (state=active)
9-4
About RIP Routing Updates
Configuring Static Routes
This section describes how to configure PortServer TS 8/16 for static routes.
Related Information
See the set route command in the Digi One/PortServer TS Command Reference.
Procedure
To configure a static route over a PPP link, enter the following command:
set route net= addr mask=mask metric=hops wanname=interface gateway=gateway
where
• addr is either the IP address of a system to be reached over this route or the network address of
the subnet that is to be reached on this route
• mask is the mask to use for interpreting the IP address.
• metric is the number of hop to the destination
• interface is either ether if this route is over the Ethernet interface or the name of a user if the
route is over a PPP link
• gateway is the IP address of the device that is the next hop to the destination
Example: Route Using the Ethernet Interface
In this example, a route to a subnet is created over the Ethernet interface. Key features include the
following:
• The address on the net field is a subnetwork address, not the IP address of a specific device
• The wannane=ether, indicating that this route is over the Ethernet interface
• The metric field indicates that packets to this subnet will pass through two routers
• The gateway field indicates that all packets using this route are to be forwarded to the device at
IP address 191.21.21.2.
set route net=199.21.33.0 mask=255.255.255.0 metric=2 wannname=ether gateway=199.21.21.2
Example: Route Using a PPP Link
In this example, a route to a subnet is created over the Ethernet interface. Key features include the
following:
• The address on the net field is IP address of a specific device, not a subnetwork address
• The wannane is the name of a PPP user.
• The metric field indicates that packets to this subnet will pass through two routers
• The gateway field indicates that all packets using this route are to be forwarded to the device at
IP address 191.21.21.2.
set route net=199.21.33.44 mask=255.255.255.255 metric=2 wannname=ppp1 gateway=199.21.21.2
Configuring IP Routing
9-5
Configuring Dynamic Routes Using RIP
This section describes how to configure PortServer TS 8/16 for dynamic routing.
Related Information
See the set forwarding command in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you have sign on as root and have or will configure modems, modem
scripts, devices, and filters for routes that use serial lines.
Procedure
1. Configure the links over which routed packets and RIP updates will be sent.
•
To enable routing over the LAN to which PortServer TS 8/16 is attached, no routing-specific
configuration is required.
•
To enable routing over PPP, links be sure to use the netrouting field on the set user command
to configure how PortServer TS 8/16 handles RIP updates. You can configure the link so that
PortServer TS 8/16 does any of the following with RIP updates:
— Both sends and receives them (netrouting=both)
— Sends them only (netrouting=send)
— Receives them only (netrouting=receive)
— Neither sends nor receives them (netrouting=off)
2. Configure the PortServer TS 8/16 for dynamic routing with a set forwarding command that specifies state=active.
You may also want to turn on the poisonreverse and splithorizon fields to prevent the RIP slow
convergence problem discussed on page 9-3. See the discussion on the set forwarding command
provided in the Digi One/PortServer TS Command Reference for more information.
Example: Dynamic Routes
In this example, which shows only those commands and command fields pertinent to routing,
PortServer TS 8/16 is configured for dynamic routing using RIP. But to prevent RIP updates from
being sent across the PPP link, the set user command that defines the link specifies netrouting=off.
192.150.75.0
Router
187.100.46.9
Digi Device
PPP
set forwarding state=active poisonreverse=on splithorizon=on
set user name=link1...netrouting=off
9-6
Configuring Dynamic Routes Using RIP
Configuring Proxy ARP
This section describes how to configure PortServer TS 8/16 for Proxy ARP.
Related Information
See the set forwarding command in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you have signed on as root and have or will configure modems, modem
scripts, devices, and filters for routes that use serial lines.
Procedure
1. Configure the links over which packets will be routed using a set user command. This command
must specify (on the ipaddr field) a specific IP address for the remote system using the Proxy
ARP service.
2. Configure PortServer TS 8/16 for Proxy ARP by supplying a set forwarding command that specifies the following:
•
state=passive
•
proxyarp=on
Example
In this example, PortServer TS 8/16 provides Proxy ARP services to a remote host.
187.155.24.0
Digi Device
PPP
187.155.24.11
set user name=link1...ipaddr=187.155.24.11
set forwarding state=passive proxyarp=on
Configuring IP Routing
9-7
9-8
Configuring Proxy ARP
Configuring Autoconnection
Chapter 7
In This Chapter
This Chapter discusses how to configure the autoconnection feature. It covers the following topics:
•
About Autoconnection . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7-2
•
Configuring a Port for Autoconnection: Web Interface. . . . . . . . . . . . . . . . . . . 7-2
•
Configuring Autoconnection By Port: Command Line . . . . . . . . . . . . . . . . . . . 7-2
•
Configuring a User for Autoconnection: Web Interface . . . . . . . . . . . . . . . . . . 7-3
•
Configuring a User for Autoconnection: Command Line . . . . . . . . . . . . . . . . . 7-3
Configuring Autoconnection
7-1
About Autoconnection
The autoconnection feature allows you to configure a user to access the PortServer TS 8/16 and then
be automatically connected to a host on the LAN. You can implement autoconnection in the
following ways:
• By port. In this case, all port users are automatically connected to the same host. The PortServer
TS 8/16 is completely transparent to them.
• By user. In this case, a user is required to login and may be required to supply a password, but
once the user is authenticated, an automatic connection to a host is made.
Configuring a Port for Autoconnection: Web Interface
This section describes how to configure a port for autoconnection from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. Select Configure and then Autoconnect from the menu.
4. Configure the port as required. Use the online help for more information.
5. To return to the main Ports menu, choose Ports from the Menu again.
Configuring Autoconnection By Port: Command Line
This section describes how to configure a port for autoconnection from the command line.
Procedure
This procedure describes how to set up a port for autoconnection only. It assumes that you have or
will configure the port appropriately for a modem connection (see Chapter 5) or terminal connection
(see Chapter 6).
To configure a port to provide automatic connections for all port users, supply a set ports command
that specifies the following:
set ports range= range auto=on dest=ip-address dport=tcp=port
where
• range is a port or range of ports
• ip-address is the IP address of the host to which the autoconnection should be made
• tcp-port is a TCP port to use for this connection
Example
In this example, port 2 is configured for automatic Telnet connections to a host.
set ports range=2 auto=on dest=199.125.123.10 dev=min dport=23
7-2
About Autoconnection
Configuring a User for Autoconnection: Web Interface
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. Select Configure and then Users from the menu.
4. To add an autoconnect user, do the following:
a. Choose Add User.
b. Enter a name and then choose Submit
c. Choose the new user from the Name column.
d. Configure the user. Be sure to specify the following: (1) Default Access: Autoconnect (2)
Enable Autoconnect (3) The IP address that will be the destination for the autoconnect user
(4) A Destination TCP port number, which determines the type of connection for this user
(such as 23 for Telnet).
e. Choose Submit.
5. To return to the main User menu, choose User from the Menu again.
Configuring a User for Autoconnection: Command Line
This section describes how to configure a user for autoconnection.
Procedure
This procedure deals with autoconnection features only. It assumes that you have or will configure
• The port for modem connections (see Chapter 5) or terminal connections (see Chapter 6)
• Other user attributes (see the set user command in the Digi One/PortServer TS Command Reference)
To configure a user to automatically connect to a host, supply a set user command that specifies the
following:
set user name= user-name ports=ports autoconnect=on autohost=ip-address
autoport=tcp-port defaultaccess=autoconnect
where
• user-name is the name of the user
• ports is the ports this user can use
• ip-address is the IP address of the host to which the user will be connected
• tcp-port is the TCP port to use for connections
Example
In this example, a user is configured for autoconnection using telnet to the host specified. Because
the password field is not specified, the default (password=on) requires that the user supply a
password before the connection is made.
set user name=user4 autoconnect=on autohost=199.193.150.10 autoport=2 3
defaultaccess=autoconnect
Configuring Autoconnection
7-3
7-4
Configuring a User for Autoconnection: Command Line
Configuring Console Management
Chapter 10
In This Chapter
•
About Console Management . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10-2
•
Configuring Console Management: Web Interface . . . . . . . . . . . . . . . . . . . . . 10-2
•
Configuring Console Management: Command Line . . . . . . . . . . . . . . . . . . . . 10-2
Configuring Console Management
10-1
About Console Management
PortServer TS 8/16 can be configured to remotely manage network devices, such as routers,
switches, and servers, which usually provide EIA-232 serial ports for management. Using the
PortServer TS 8/16 and TCP/IP utilities like reverse Telnet and SSH2, network administrators can
access consoled serial ports from a single station over the LAN.
Configuring Console Management: Web Interface
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. Select Configure and then Console Management from the menu.
4. Follow the prompts to complete configuration.
Configuring Console Management: Command Line
This procedure describes how to configure PortServer TS 8/16 to handle console management.
Procedure
1. For each port connected to a device that will be managed, specify the following:
set ports dev=prn range=range
where range is the port or range of ports to be set up for console management
2. Ensure that the port and the device to be managed are using the same flow control scheme.
•
See the device's documentation for information on flow control requirements.
•
To check the PortServer TS 8/16 current settings and to change them, see description of the
set flow command in the Digi One/PortServer TS Command Reference.
3. Ensure that the port and the device are using the same baud rate.
•
See the device's documentation for information on baud rate requirements.
•
To check the PortServer TS 8/16 current settings and to change them, see set line description
in the Digi One/PortServer TS Command Reference.
4. If you want to simplify access to the ports, do one of the following:
•
If the administrator will access the port from a station on the LAN, you can assign IP
addresses to each port that will be connected to a managed device, which will allow the
administrator to Telnet directly to the port without specifying a port number. See set altip
command in the Digi One/PortServer TS Command Reference for more information.
•
If you want to use a menu to simplify access, see the examples that follow and the set menu
command in the Digi One/PortServer TS Command Reference for more information.
5. If you want to use SSH2 connections and use a password to validate the user, supply the following commands:
set user name=name
newpass name=name
where name is the user’s name
6. If you want to use SSH2 connections and use a public key for authentication, enter the following
command
set user name=name loadkey=host:key
where
10-2
•
name is the name of a user
•
host is either an IP address or DNS name of a host running TFTP that holds
About Console Management
•
key is the name of a file that contains the DSA public key. If your host’s implementation
requires a complete path to the file, specify the path here as well.
Example: set user name=secure loadkey=143.191.2.34:ssh-file
Example: SSH2 and Menu Access
In this example, a Digi device is configured to use an SSH2 public key, and it presents a menu to the
administrator, from which he or she will select a device to manage.
Key aspects of this configuration include the following:
• Two ports to which the managed devices are connected specify dev=prn, a device type that does
not spawn a login from the Digi device.
• A menu specifies connect commands, which when selected provide connections to ports 1 and 2
and the managed systems. The menu also specifies a menu table index number of 6 (on the range
parameter), which is then linked to a user with the set user command
set ports dev=prn range=1-2
set line baud=19200 range=1-2
set menu name=menu1 t1="Console Management Menu" range=6
set menu name=menu1 range=6 name="Console Management Menu" m1="Connect to
System 1"
set menu name=menu1 range=6 c1="connect 1" m2="Connect to System 2"
set menu name=menu1 range=6 c2="connect 2"
set user name=admin1 defaultaccess=menu menu=6 password=on
outgoing=on
set user name=admin1 loadkey=142.191.2.34:ssh-file1
Example: Alternate IP Addresses
Configuration
In this example, the PortServer TS 8/16 is configured with
• Alternate IP addresses using set altip commands, which assign IP addresses to ports 1 and 2.
This enables direct access to one of these ports with a Telnet command that specifies one of the
IP addresses.
• Password protection on ports 1 and 2. This is done with the set auth command.
set ports dev=prn range=1-2
set line baud=19200 range=1-2
set auth login=1-2 range=2
set altip group=1 ip=119.180.33.50
set altip group=2 ip=119.180.33.51
User Command
In this example, a user Telnets to port 1 using an IP address. He/she will be required to log in before
access to the port is granted.
telnet 119.180.33.50
Configuring Console Management
10-3
10-4
Configuring Console Management: Command Line
Configuring Security Features
Chapter 12
In This Chapter
This chapter describes PortServer TS 8/16 security features and discusses how to configure them. It
presents the following topics:
•
Controlling Access to the Digi One/PortServer TS 2/4 Configuration . . . . . . 12-2
•
Controlling Access to Inbound Ports . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-2
•
Controlling Access to Outbound Ports. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-3
•
Controlling Access to the Digi One/PortServer TS 2/4 Command Line . . . . . 12-3
•
Using RADIUS to Authenticate Users. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11-4
•
Issuing User Passwords . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12-4
•
Configuring SSH Version 2 for Secure Communication . . . . . . . . . . . . . . . . . 12-5
Configuring Security Features
12-1
Controlling Access to the PortServer TS 8/16 Configuration
PortServer TS 8/16 restricts access to the configuration by defining the following types of users:
• The root user, who has unlimited access to PortServer TS 8/16 commands. He or she can view
any configuration table and change any configuration parameter. The root is identified by the
user name root and must supply a password to be authenticated. The default root password is
dbps. You should change this password immediately.
• Regular users, who have much more restricted access to PortServer TS 8/16 commands. Regular
users can view some configuration tables and can change some configuration parameters related
to their own sessions and passwords. See the Digi One/PortServer TS Command Reference for
information on the limitations placed on regular users for each command.
Controlling Access to Inbound Ports
This section describes methods of controlling access to inbound serial ports. An inbound port is one
defined on the dev field of the set ports command for one of the following device types:
• term (used to define terminal connections)
• min (used to define incoming modem connections)
• mio (used to define bi-directional modem connections)
• hdial, hio (used to define computer connections)
Default Access Restrictions
The default configuration for inbound ports is that a login and password are required to access them.
Options for Removing Access Restriction
The login and password requirement for inbound ports can be changed by configuring
• The port so that it does not require a login and password. In this case, no one is required to supply a login or password.
• Specific users so that they do not require a password. In this case, some users do not supply passwords, and others are required to.
Procedure for Changing a Port’s Access Requirements
To configure a port so that no one has to login or specify a password, supply a set logins command
that specifies the following:
set logins range= range login=off passwd=off
Example: set logins range=1-2 login=off passwd=off
Procedure for Changing a User’s Access Requirements
To configure a user so that he or she does not have to specify a password when accessing an inbound
port, supply a set user command that specifies the following:
set user name= name password=off
where name is a name to identify the user
Example: set user name=user1 password=off
12-2
Controlling Access to the PortServer TS 8/16 Configura-
Controlling Access to Outbound Ports
This section describes methods for controlling access to outbound serial ports. An outbound port is
one defined on the dev field of the set ports command for one of the following device types:
• prn (used to define printer connections)
• mout (used to define outbound modem connections
• mio (used to define bi-directional modem connections)
• host (used to define host connections)
• modbus
Default Access
The default for outbound ports is unlimited access.
Restricting Access to Outbound Ports
Use the set auth command to restrict access to outbound ports. See the description of the set auth
command in the Digi One/PortServer TS Command Reference for more information.
Controlling Access to the PortServer TS 8/16 Command Line
This section describes how to restrict access to the PortServer TS 8/16 command line.
Method 1 Autoconnection
The autoconnection feature allows you to configure a user to access the PortServer TS 8/16 but then
be automatically connected to a host on the LAN.
You can implement autoconnection in the following ways:
• By port. In this case, all port users are automatically connected to the same host. The PortServer
TS 8/16 is completely transparent to them.
• By user. In this case, a user is required to login and may be required to supply a password, but
once the user is authenticated, an automatic connection to a hosts made.
For information on configuring autoconnection, see "Configuring Autoconnection" on page 7-1.
Method 2: Menus
Menus select destination systems without having to access the PortServer TS 8/16 command line.
For information on configuring menus, see the description of the set menu command in theDigi
One/PortServer TS Command Reference.
Configuring Security Features
12-3
Using RADIUS to Authenticate Users
This section provides a description of RADIUS and explains how to configure PortServer TS 8/16
to use RADIUS.
What is RADIUS?
RADIUS (remote authentication dial-in user service) is a method of maintaining a database of
profiles of dial-in users. These profiles can include login and password information, as well as other
user attributes.
RADIUS Components
RADIUS requires two components, an authentication host server and client protocols. The
PortServer TS 8/16 implements the client protocol. A host must implement the authentication server
application.
RADIUS Table Key
The numbers in the following tables have the following meaning:
#
Meaning
0
This attribute must not be present.
0+
Zero or more instances of this attribute may be
present.
0-1
Zero or one instance of this attribute may be
present.
1
Exactly one instance of this attribute must be
present.
RADIUS Attributes (RFC 2138) Supported
The following attributes are supported in the Digi PortServer TS 8/16 RADIUS client
implementation.
Request
12-4
Accept
Reject
Challenge
#
Attribute
1
0
0
0
1
User-Name
0-1
0
0
0
2
User-Password
0-1
0
0
0
3
CHAP-Password
0-1
0
0
0
4
NAS-IP-Address
0-1
0
0
0
5
NAS-Port
0-1
0-1
0
0
6
Service-Type
0-1
0-1
0
0
7
Framed-Protocol
0-1
0-1
0
0
8
Framed-IP-Address
0-1
0-1
0
0
9
Framed-IP-Netmask
0
0-1
0
0
10
Framed-Routing
0
0+
0
0
11
Filter-Id
0
0-1
0
0
12
Framed-MTU
0+
0+
0
0
13
Framed Compression
0+
0+
0
0
14
Login-IP-Host
0
0-1
0
0
15
Login-Service
0
0-1
0
0
16
Login-TCP-Port
0
0-1
0
0-1
27
Session-Timeout
0
0-1
0
0-1
28
Idle-Timeout
Using RADIUS to Authenticate Users
RADIUS Accounting Attributes (RFC 2139)
The following RADIUS accounting attributes are supported in the Digi PortServer TS 8/16.
#
Attribute
#
Attribute
0-1
User-Name
0-1
Login-TCP-Port
0
User-Password
0-1
Session-Timeout
0
CHAP-Password
0-1
Idle-Timeout
0-1
NAS-IP-Address
1
Acct-Status-Type
0-1
NAS-Port
0-1
Acct-Delay-Time
0-1
Service-Type
0-1
Acct-Input-Octets
0-1
Framed-Protocol
0-1
Acct-Output-Octets
0-1
Framed-IP-Address
1
Acct-Session-Id
0-1
Framed-IP-Netmask
0-1
Acct-Authentic
0-1
Framed-Routing
0-1
Acct-Session-Time
0+
Filter-Id
0-1
Acct-Input-Packets
0-1
Framed-MTU
0-1
Acct-Output-Packets
0+
Framed-Compression
0-1
Acct-Terminate-Cause
0+
Login-IP-Host
0-1
Port-Limit
0-1
Login Service
How RADIUS Works
Here is how authentication works when PortServer TS 8/16 is configured for RADIUS:
1. A user logs into PortServer TS 8/16.
2. PortServer TS 8/16 collects login information and then checks to see if the user is in the local
database of users.
3. If the user is in the local database, PortServer TS 8/16 handles authentication.
4. If the user is not in the local database, PortServer TS 8/16 submits an authentication request to
the RADIUS server.
5. The RADUIS server does one of the following:
•
If the user is validated, it passes this information to other devices and the user is permitted
access.
•
If the user is not validated, the RADIUS server returns an access reject message to PortServer TS 8/16, which then denies access to the user.
Configuring RADIUS: Web Interface
Use this section for information on configuring PortServer TS 8/16 as a RADIUS client from the
web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, choose Configure > RADUIS.
4. Configure the RADIUS client as required. Use the online help for information on configuration
fields.
5. When you complete configuration, choose Submit.
Configuring Security Features
12-5
Configuring RADIUS: Command Line
To configure PortServer TS 8/16 to function as a RADIUS client, supply a set radius command
that specifies the following:
• run=on
• The IP address of the primary RADIUS server (on the primary field). The primary server is the
first server to which authentication requests are sent.
• A password (on the secret field)
Note
To use a secondary RADIUS server, supply a second set radius command that specifies run=on,
the IP address of the secondary server (on the secondary field) and another password for the
secondary server (on the secret field).
RADIUS Command Line Configuration Example
set radius run=on primary=199.123.15.129 secret=J9CxegpP
12-6
Using RADIUS to Authenticate Users
Issuing User Passwords
This section discusses how to issue user passwords.
Related Information
See the newpass and set user commands in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you have signed on as root and already configured the user to whom
you will be issuing a password.
Procedure
1. Issue a newpass command that identifies the user (on the name field) to whom this password will
be issued.
2. When the system prompts you for a new password, type in the password and then press Enter.
3. When the system prompts you to enter the new password again, type it in and then press Enter.
Example
In this example, the newpass command initiates a dialog with PortServer TS 8/16 that results in the
user being assigned a password.
newpass name=edm1001
Configuring Security Features
12-7
Configuring SSH Version 2 for Secure Communication
This section discusses how to configure a user to use SSH version 2 encryption.
Password Protection
To configure simple password authentication for an SSH user, no SSH-specific configuration is
required. Simply configure a user by entering the following commands:
set user name= name password=on
newpass name=name
where name is a user name
Example
set user name=ssh-user1
newpass name=ssh-user1
Using a Public Key
To enable public key authentication and to associate a public key with a user, enter the following
command:
set user name= name loadkey=host:key
where
• name is the name of a user
• host is either an IP address or DNS name of a host running TFTP that holds
• key is the name of a file that contains the DSA public key. If your host’s implementation requires
a complete path to the file, specify the path here as well.
Example: set user name=secure loadkey=143.191.2.34:ssh-file
12-8
Configuring SSH Version 2 for Secure Communication
Configuring DNS
Chapter 13
In This Chapter
This chapter discusses how to configure PortServer TS 8/16 to use DNS. Topics discussed include
the following:
Configuring DNS
•
About the Domain Name System. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-2
•
Configuration Procedures. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 13-3
13-1
About the Domain Name System
This section discusses key concepts of the domain name system.
Purpose of DNS
The domain name system maps domain names to information associated with these names, such as
IP addresses.
DNS Components
DNS components include:
• A distributed database consisting of domain names and associated information
• A hierarchical system of domain name servers that maintain the database and use it to respond to
requests for information about a particular domain name, such as its IP address
• Domain name resolvers that
— Accept requests from users
— Satisfy information requests by building and submitting properly formulated queries to one
or more name servers or by retrieving information from a local host file
— Return information to users
— Cache information for future use
Types of Name Servers
There are two types of name servers in the domain name system:
• Local servers maintain information for resources within a local zone. It is up to individual network administrators to determine the scope of a local zone.
• Root servers maintain information in higher-level domains than do local servers.
Typically, when a user requires information about a domain name, the resolver queries a local server.
If local servers cannot provide the information, root servers are queried next.
Naming Conventions
Each node in the domain name system has a globally unique domain name that consists of its own
name, which is called a label, and the labels of all superior nodes.
DNS Name Example
Here is an example of a domain name. Note that labels are separated by periods:
mn07.amalgamated.com
In this example, mn07 is part of the higher-level domain called amalgamated.com.
13-2
About the Domain Name System
Configuration Procedures
Procedure for Using a Name Server
To configure a DNS server, enter the following command:
set config domain= domain myname=name dns=ip-address
where
• domain is the domain in which the PortServer TS 8/16 will reside
• name is a DNS name for PortServer TS 8/16
• ip-address is the IP address of a name server
Example: set config domain=digi.com myname=poe dns=204.221.1.4
Procedure for Using a Host File
Use this section to configure the host table, which maps IP addresses to host names.
Enter the following command
set host name= name ip=ip-address
where
• name is the name the host
• ip-address is the IP address of the host
Example
In this example, three IP address-to-name mappings are configured
set host name=poe ip=204.221.110.200
set host name=gary ip=204.221.110.202
set host name=toni ip=204.221.110.203
Configuring DNS
13-3
13-4
Configuration Procedures
Configuring SNMP
Chapter 14
In This Chapter
This chapter describes how to configure the PortServer TS 8/16 SNMP agent. It discusses the
following topics:
Configuring SNMP
•
About SNMP and the Digi One/PortServer TS 2/4 Agent. . . . . . . . . . . . . . . . 14-2
•
Configuration Procedure: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3
•
Configuration Procedure: Command Line . . . . . . . . . . . . . . . . . . . . . . . . . . . . 14-3
14-1
About SNMP and the PortServer TS 8/16 Agent
This section introduces SNMP and network management in TCP/IP networks, and it describes the
PortServer TS 8/16 agent. It discusses the following:
• Network management components
• The SNMP agent
• SNMP traps
• The PortServer TS 8/16 agent’s MIB support
• The PortServer TS 8/16 agent’s supported traps
Network Management Components
The TCP/IP network management architecture contains the following components:
• Managed nodes such as host systems, routers, terminal and communications servers (such as
PortServer TS 8/16) and other network devices
• One or more network managers (also called network management stations), which are the points
from which the network is managed
• Agents that reside on managed nodes and retrieve management information and communicate
this information to network managers
• The network management protocol, SNMP, which governs the exchange of information between
the nodes and stations
• Management information, which is the database of information about managed objects. This
database is called the management information base (MIB).
SNMP Management Agent
Each managed node contains at least one agent—a component that responds to requests from the
network manager—that retrieves network management information from its node and notifies the
manager when significant events occur.
SNMP Traps
A mechanism defined by SNMP is called a trap, which is a report or “alarm” from a managed node
to an SNMP manager that a significant event has occurred.
MIB Support
The agent supports the following MIBs:
• Read-write for MIB II (RFC 1213), which is an Internet-standard MIB, consisting of managed
objects from the systems, interfaces, IP, ICMP, TCP, UDP, transmission, and SNMP group
• Read-write for the character-stream devices using SMIv2 MIB (RFC 1658)
• Read-write for the RS-232-like hardware devices MIB (RFC 1659)
• Read-write for the PortServer TS 8/16 IP Network Control Protocol of the Point-to-Point Protocol MIB (RFC 1473)
Message Support
The SNMP agent supports the Set, Get, GetNext, and Trap messages as defined in RFC 1157. These
messages are used as follows:
• Set, which means set the value of a specific object from one of the supported MIBs
• Get, which means retrieve the value of a specific object form one of the supported MIBs
• GetNext, which means retrieve the value of the next object in the MIB
• Trap, which means send traps to the manager when a particular type of significant event occurs
Supported Traps
The agent can send traps when any of the following occur:
• Cold starts (PortServer TS 8/16 initializes)
• Authentication failures
14-2
About SNMP and the PortServer TS 8/16 Agent
Configuration Procedure: Web Interface
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps, which should be changed. See the newpass command in the Digi
One/PortServer TS Command Reference for information on changing passwords.
3. Select Configure and then SNMP from the menu.
4. Fill in the configuration fields and then press Submit.
Configuration Procedure: Command Line
This section describes how to configure PortServer’s SNMP agent.
Related Information
See the set snmp command in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you have gathered the following information:
• The IP address of the manager to which traps are sent
• The name and location of the SNMP contact person
• The SNMP name of the PortServer you are configuring
Procedure
Issue a set snmp command to configure PortServer TS 8/16’s SNMP agent. Specify the
following:
• The ip address of an SNMP management station to which traps are to be sent on the trap_dest
field
• A name for this PortServer TS 8/16 on the name field
• A description of where PortServer TS 8/16 is located on the location field. If there are spaces in
this entry, enclose it in quotation marks.
• The name of an SNMP contact person on the contact field. If there are spaces in this entry,
enclose it in quotation marks.
• Whether authentication traps are generated when an authentication error occurs on the auth_trap
field
• Whether the SNMP agent should run immediately on the run field
Configuration Example
set snmp auth_trap=on trap_dest=190.174.150.10 location=”Digi Minnesota”
name=blaze contact=”bill jones” run=on
Configuring SNMP
14-3
14-4
Configuration Procedure: Command Line
Managing the OS and Configuration
Chapter 16
In This Chapter
This chapter provides information on updating the operating system (OS) and managing the
configuration. Topics include the following:
•
Upgrading the OS (Firmware): Web Interface. . . . . . . . . . . . . . . . . . . . . . . . . 16-2
•
Upgrading the OS (Firmware): Command Line . . . . . . . . . . . . . . . . . . . . . . . 16-3
•
Configuring PortServer TS 8/16 from a Remote Host. . . . . . . . . . . . . . . . . . . 16-4
•
Resetting the Configuration to Defaults. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16-6
Managing the OS and Configuration
16-1
Upgrading the OS (Firmware): Web Interface
Use this section to upgrade the firmware using the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. From the main menu, choose Admin and then either HTTP upgrade or TFTP upgrade.
4. Follow the prompts to complete the upgrade.
16-2
Upgrading the OS (Firmware): Web Interface
Upgrading the OS (Firmware): Command Line
This section describes how to upgrade the PortServer TS 8/16 operating system (OS). The OS is
stored in flash ROM and can be upgraded without changing the ROM or other hardware.
Related Information
See the boot and set config commands in the Digi One/PortServer TS Command Reference.
Prerequisite Task
Note: When upgrading from a firmware release prior to 82000684_B, the boot code must be
upgraded first. To determine your current firmware release, issue the set config command. If you
need to upgrade the boot code first, here is how you do it:
1. Download the boot code from the Digi web site to a server running TFTP.
2. To load the new boot code, issue the following command:
boot load-boot=tftp-server-ip:filename
where tftp-server-ip is the IP address of the TFTP server and filename is the boot file.
Example: boot load-boot=143.21.10.5:82000679_c1
3. Reboot the Digi device.
When the Digi device reboots, it is ready for new firmware.
Procedure
This procedure assumes that you have logged in as root.
1. Download a copy of the latest PortServer TS 8/16 firmware from the Digi International web site,
digi.com, and copy it to a host running TFTP.
2. Load the new OS into flash ROM by entering the following command:
boot load=ip-address:filename
where
•
ip-address is the IP address of the TFTP host
•
filename is the name of the firmware file.
The following message should appear:
The image in flash now appears valid.
3. If this message does not appear, do not reboot PortServer TS 8/16. The unit may become inoperative if you do; call technical support for instruction on what to do next.
4. If you want to confirm this operation, reboot from the OS in flash ROM by entering the following command:
boot action=reset
Managing the OS and Configuration
16-3
Configuring PortServer TS 8/16 from a Remote Host
This section discusses remote configuration, that is, configuring PortServer TS 8/16 from a remote
host and then downloading the configuration file to PortServer TS 8/16.
When To Use Remote Configuration
Typically, you use remote configuration when you have several PortServer TS 8/16s with similar
configurations and want to keep a master configuration on a remote host, from which you can easily
create variations for downloading to individual PortServer TS 8/16s.
Rules for Editing a Configuration file
Here are some rules for editing a configuration file on a remote host:
• Edit the file with any text editor.
• Each line of the file must start with a set command, such as set user or set line. In other words, do
not let commands wrap to the next line if your editor supports this function.
Copying the Configuration File to a Host
This section describes how to copy the PortServer TS 8/16 configuration file to a remote host for
editing.
Related Information
See the cpconf command in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you
• Have an existing configuration on the PortServer TS 8/16 that you want to copy to a remote host
for editing
• Are logged in to PortServer TS 8/16 as root, which is a requirement for using the cpconf command to copy the configuration file to a host
Procedure
1. Create a file with appropriate write permissions on the remote host.
2. Ensure that TFTP is running on the remote host.
3. Supply a cpconf command with a tohost field that specifies the following:
•
The IP address of the target host
•
The name of the file that will hold the configuration.
Example
cpconf tohost=199.250.121.12:cnfg-fle
16-4
Configuring PortServer TS 8/16 from a Remote Host
Copying a Configuration File from a Host to PortServer TS 8/16
This section describes how to copy the configuration file from a host to PortServer TS 8/16 after the
file has been edited on the host.
Related Information
See the cpconf command in the Digi One/PortServer TS Command Reference.
Starting Point
This procedure assumes that you
• Have edited a configuration file on a host and now want to copy it to PortServer TS 8/16 for use
• Are logged in to PortServer TS 8/16 as root, which is a requirement for using the cpconf command to copy the configuration file to a host
Supply a cpconf command with a fromhost field that specifies the following:
• The IP address of the source host
• The name of the configuration file on the host
Example
cpconf fromhost=199.250.121.12:cnfg-fle
Managing the OS and Configuration
16-5
Resetting the Configuration to Defaults
Use this section to learn how to use the revert command to reset the all or some of the configuration
factory or to the latest configuration stored in NVRAM.
Note:
You can also use the range field on this command to define a range of ports with the
serial, port, line, flow, keys and login options.
To Reset the ...
16-6
To factory defaults specify ...
To the latest version in NVRAM
specify...
Entire configuration
revert all=factory
revert all=nvram
altip configuration
revert altip=factory
revert altip=nvram
arp configuration
revert arp=factory
revert arp=nvram
auth configuration
revert auth=factory
revert auth=nvram
set config configuration
revert config=factory
revert config=nvram
set flow configuration
revert flow=factory
revert flow=nvram
set host configuration
revert host=factory
revert host=nvram
set keysconfiguration
revert keys=factory
revert keys=nvram
set line configuration
revert line=factory
revert line=nvram
set logins configuration
revert login=factory
revert login=nvram
menu configuration
revert menu=factory
revert menu=nvram
altip, arp, host, route,
snmp, tcpip, and telnetip
revert network=factory
revert network=nvram
set ports
revert port=factory
revert port=nvram
RADIUS
revert radius=factory
revert radius=nvram
Routing
revert routed=factory
revert routed=nvram
set auth, set logins, and
set radius
revert security=factory
revert security=nvram
set flow, set line, set
ports
revert serial=factory
revert serial=nvram
set service
revert service=factory
revert service=nvram
SNMP configuration
revert snmp=factory
revert snmp=nvram
set config, set keys, set
menu, set service, set
terms, set trace, and set
user
revert system=factory
revert system=nvram
set tcpip
revert tcpip=factory
revert tcpip=nvram
set telnetip
revert telnetip=factory
revert telnetip=nvram
set terms
revert terms=factory
revert terms=nvram
Trace settings
revert trace=factory
revert trace=nvram
set user
revert users=factory
revert users=nvram
Resetting the Configuration to Defaults
Configuring Users
Chapter 15
In This Chapter
This chapter discusses how to configure users. It covers the following topics:
Configuring Users
•
About Configuring Users . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2
•
Common User Features . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-2
•
Configuring a User: Web Interface . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 15-3
•
Configuring a User: Command Line Examples . . . . . . . . . . . . . . . . . . . . . . . . 15-4
15-1
About Configuring Users
Although it is not required, the PortServer TS 8/16 is often configured to accommodate the
requirements of particular users. Typical configurable user attributes include the following:
• Whether the user is required to supply a password
• Autoconnection attributes, such as the system to which the user should be automatically connected at login
• The interface the device presents the user, such as a menu or command line
• Whether the user has access to outbound ports
Note:
For information on configuring PPP users, see "Configuring PPP" on page 8-1.
Configuration Methods
You can configure users in the following ways:
• With the set user command. See the set user command in the Digi One/PortServer TS Command
Reference.
• With the web interface.
• With a RADIUS server. See the set radius command in the PortServer TS 8/16 Command Reference.
Common User Features
This section discusses common user-related features. For a complete list, see the set user command
in the Digi One/PortServer TS Command Reference.
Feature
accesstime
autoconnect
Default access
type
Menu access
Port access
15-2
Description
set user Field
Determines the times and days the user can access the PortServer
TS 8/16.
This feature is not configurable from the web interface.
Automatically connects the user to the host specified on the autohost field using the service (TCP port) defined on the autoport or
autoservice fields.
Autoconnection can also be implemented by port instead of by
user.
This feature is configurable from the web interface.
Defines the type of access the user is restricted to. Menu, command
line, autoconnect, and outgoing and netserviceare the types.
This feature is configurable from the web interface.
Defines the menu that is to be presented to a user with menu access.
This feature is configurable from the web interface.
Defines the number of outbound ports a user connected over the
LAN can access at one time.
This feature is not configurable from the web interface.
accesstime
autoconnect
autohost
autoport
autoservice
defaultaccess
menu
maxsessions
PPP
Defines PPP-related parameters for the user.
There are too
many fields to
list here. See the
set user command for more
information.
Routing updates
Defines whether RIP routing updates are forwarded over the link to
this user.
netrouting
About Configuring Users
Configuring a User: Web Interface
Use this section to configure users with from the web interface.
1. Access the web interface by entering the PortServer TS 8/16 IP address in a browser’s URL window.
2. Log in to the PortServer TS 8/16 as root.
The default password is dbps.
3. Select Configure and then Users from the menu.
4. To add a user, do the following:
a. Choose Add User.
b. Enter a name and then choose Submit
c. Choose the new user from the Name column.
d. Configure the user as required.
e. Choose Submit.
5. To return to the main User menu, choose User from the Menu again.
Configuring Users
15-3
Configuring a User: Command Line Examples
This section consists of a set of examples that tell you how to use the set user command to configure
various user attributes.
Configuring a User for a Password
In this example, the set user command configures a new user. The newpass command then initiates a
dialog with the PortServer TS 8/16 to assign a password to the new user.
set user name=jsmith
newpass name=jsmith
Configuring a User for a Menu
In this example, the user is configured to use a menu, which is identified by a menu-table index
number. If the menu has not been configured, the PortServer TS 8/16 will generate a warning
message, but the user will be configured to use the menu, which can then be created later.
set user name=jsmith defaultaccess=menu menu=4
Limiting a User’s Access to the PortServer TS 8/16
In this example, the user is configured for access to the PortServer TS 8/16 from 9:00 in the morning
until 5:00 at night.
set user name=jsmith accesstime=wk9:00-17:00
Configuring a User for Autoconnect
In this example, the user is configured to do the following
• Automatically connect to the host identified on the autohost field
• Connect using Telnet
set user name=jsmith autoconnect=on defaultaccess=autoconnect
autohost=191.143.2.17 autoservice=telnet
Displaying an Entry in the User Table
This example assumes that the user named jsmith has already been created, in which case attributes
for jsmith are displayed. If the user did not already exist, this command would create a new user
named jsmith that uses all default attributes.
set user name=jsmith
Removing a User from the User Table
In this example, a user is removed from the user table.
remove user name=martymertz
15-4
Configuring a User: Command Line Examples
Configuration Examples
Chapter 17
This chapter provides several simple, but complete, configuration examples. If you find that the
examples implement exactly the features needed for your network, simply copy them, making
appropriate substitutions for site-specific information such as IP addresses. Quite likely, however,
you will be able to use the examples as a starting point only and will need the information provided
in other chapters in this manual and in the Digi One/PortServer TS Command Reference to complete
your configuration.
In This Chapter
This chapter provides the following discussions:
•
Terminal Server Configuration Without RealPort . . . . . . . . . . . . . . . . . . . . . . 17-2
•
Terminal Server Configuration Using Autoconnection . . . . . . . . . . . . . . . . . . 17-3
•
Terminal Server Configuration Using RealPort. . . . . . . . . . . . . . . . . . . . . . . . 17-4
Configuration Examples
17-1
Terminal Server Configuration Without RealPort
In this configuration, PortServer TS 8/16 functions as a terminal server, providing Telnet and Rlogin
access to hosts. This configuration enables the following:
• Telnet or Rlogin access to the LAN-based hosts, both from locally-connected terminals and from
devices accessing the LAN from the telephone network.
• Access for the LAN-based hosts to PortServer TS 8/16 ports (sometimes called reverse Telnet)
Related Information
For more information on configuring
• The Ethernet interface, see "Configuring the IP Address" on page 2-1.
• Terminal connections, see "Configuring Ports for Terminals and Computers" on page 6-1.
• Modem connections, see "Configuring Ports for Modems" on page 5-1.
Illustration
Host
Host
192.250.150.9
192.250.150.17
192.250.150.10
Digi Device
Terminals
Modems
Configuration
set config ip=19 2.250.150.10 submask=255.255.255.0
(1)
set ports range=1-2 dev=term
set line range=1-2 baud=9600
set flow range=1-2 ixon=on ixoff=on
(2)
set ports range=3-4 dev=mio
set line range=3-4 baud=115200
set flow range=3-4 ixon=off ixoff=off rts=on cts=on
(3)
set user name=user1
(4)
Configuration Notes
1. The set config command configures the IP address and mask for the PortServer TS 8/16 Ethernet
interface.
2. The first set ports, set line, and set flow commands configure ports 1 and 2 for terminal connections.
3. The next set ports, set line and set flow commands configure the ports for bidirectional modems.
Software flow control (the default) is explicitly shut off and hardware flow control turned on
using the set flow command.
4. The set user command defines a user, which assigns a user name for login purposes. All PortServer TS 8/16 users can login with this name.
17-2
Terminal Server Configuration Without RealPort
Terminal Server Configuration Using Autoconnection
This example shows a PortServer TS 8/16 functioning as a terminal server implementing
autoconnection.
• The terminals are connected to autoconnect ports. Consequently, when a user presses a terminal
key, an automatic connection to a host is made.
• The modem ports are not configured for autoconnection, but a port user is, which means that as
soon as this particular user supplies a login, an automatic connection to a host is made.
Related Information
For more information on configuring
• The Ethernet interface, see "Configuring the IP Address" on page 2-1.
• Terminal connections, see "Configuring Ports for Terminals and Computers" on page 6-1.
• Modem connections, see "Configuring Ports for Modems" on page 5-1.
Illustration
Host
192.250.150.9
Digi Device
192.250.150.10
Terminals
Modems
Configuration
set config ip=192.250.150.10 submask=255.255.255.0
set ports range=1-2 dev=term auto=on dest=192.250.150.9 dport=23
set line range=1-2 baud=9600
set flow range=1-2 ixon=on ixoff=on
(1)
set ports range=3-4 dev=min
set line range=3-4 baud=115200
set flow range=3-4 ixon=off ixoff=off rts=on cts=on
(2)
set user name=user1 autoconnect=on defaultaccess=autoconnect
autohost=192.250.150.9 autoport=23 password=off
(3)
Configuration Notes
1. The first set of set ports, set line and set flow commands configure ports 1 and 2 for terminals,
autoconnection, Telnet (dport=23), and software flow control.
2. The second set ports, set line, and set flow commands set up ports 3 and 4 for incoming modem
connections and RTS/CTS flow control.
3. The set user command configures the user for automatic connection to the host specified on the
autohost field using Telnet (autoport=23).
Configuration Examples
17-3
Terminal Server Configuration Using RealPort
In this example, the PortServer TS 8/16 is simply providing ports for the LAN-based host using
RealPort. The configuration is exceedingly simple because port attributes are configured on the host
itself.
Related Information
For more information on configuring:
• The Ethernet interface, see "Configuring the IP Address" on page 2-1
• RealPort, see "Configuring Ports for RealPort" on page 3-1
Illustration
192.250.150.11
Modem
Terminal
Printer
Configuration
set config ip=192.250.150.11 submask=255.255.255.0
(1)
set ports range=2-4 dev=rp
(2)
Configuration Notes
1. The set config command configures the internet address and mask for PortServer TS 8/16 Ethernet interface.
2. The set ports command configures ports 2, 3, and 4 for Realport. This command specifies
dev=rp, which is an appropriate device type for RealPort.
17-4
Terminal Server Configuration Using RealPort
Dial-In PPP Connection Using RADIUS
In this configuration, PortServer TS 8/16 uses a RADIUS server to provide a dial-in PPP
connection. The attributes of the PPP connection, which can also be specified with set user
commands, are specified on the RADIUS server.
Related Information
For more information on configuring
• Modem connections, see "Configuring Ports for Modems" on page 6-1.
• Modem scripts, see the set scripts command in the PortServer TS 8/16 Command Reference.
• RADIUS, see "Using RADIUS to Authenticate Users" on page 11-4.
RADIUS Host
190.250.150.11
190.250.150.10
Digi Device
Modem
PPP
Configuration
set config ip=190.250.150.10
submask=255.255.255.0
set ports range=9 dev=min
set line range=9 baud=115200
set flow range=9 ixon=off ixoff=off
rts=on cts=on
(1)
set radius primary=190.250.150.11 run=on
secret=sammy1
(2)
Configuration Notes
1. The set ports, set line and set flow commands configure port 9 for incoming modem connections
using RTS/CTS flow control.
2. The set radius command configures PortServer TS 8/16 to use a RADIUS server.
Configuration Examples
17-5
17-6
Dial-In PPP Connection Using RADIUS
PortServer TS 8/16 Troubleshooting
Chapter 17
In This Chapter
•
Symptom: PortServer TS 8/16 Does Not Boot . . . . . . . . . . . . . . . . . . . . . . . . 17-2
•
Symptom: Cannot Telnet to the PortServer TS 8/16 . . . . . . . . . . . . . . . . . . . . 17-3
•
Symptom: Trouble Accessing a Port . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-4
•
Running PortServer TS 8/16 Hardware Diagnostics . . . . . . . . . . . . . . . . . . . . 17-4
•
Running PortServer TS 8/16 POST . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-5
•
Verifying TFTP on a UNIX System . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-6
•
Troubleshooting TFTP Problems . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-6
•
Resetting PortServer TS 8/16 Configuration to Defaults. . . . . . . . . . . . . . . . . 17-7
•
Verifying the PortServer TS 8/16 IP Address . . . . . . . . . . . . . . . . . . . . . . . . . 17-8
•
Checking for Duplicate IP Addresses . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-10
•
Pinging an IP Address . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-11
•
Verifying the Network Cabling . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-12
•
Verifying the RealPort Process. . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-13
•
Checking and Changing Port Configuration . . . . . . . . . . . . . . . . . . . . . . . . . 17-15
•
Digi Contact Information . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 17-16
PortServer TS 8/16 Troubleshooting
17-1
Symptom: PortServer TS 8/16 Does Not Boot
Introduction
Use the information provided in this discussion when PortServer TS 8/16 will not complete the boot
cycle.
Procedures
Things to Try
See ...
•
Check for hardware problems.
Check for TFTP problems if PortServer TS 8/16 is booting from a
TFTP host.
17-2
•
•
•
"Running PortServer TS 8/16 Hardware
Diagnostics" on page 17-4
"Running PortServer TS 8/16 POST" on
page 17-5
"Verifying TFTP on a UNIX System" on
page 17-6
"Troubleshooting TFTP Problems" on
page 17-6
Resetting the device to configuration defaults.
"Resetting PortServer TS 8/16 Configuration
to Defaults" on page 17-7
If you cannot resolve the problem,
contact Digi.
"Digi Contact Information" on page 17-16
Symptom: PortServer TS 8/16 Does Not Boot
Symptom: Cannot Telnet to the PortServer TS 8/16
Introduction
Use the information provided in this discussion to troubleshoot network problems.
Assumptions
This discussion assumes that the PortServer TS 8/16 itself is working, that is, that it completes the
boot cycle.
Procedures
Things to Try
See ...
Verify the IP address.
This procedure ensures that you
are using the right IP address to
Telnet to the PortServer TS 8/16.
"Verifying the PortServer TS 8/16 IP Address"
on page 17-8
Check for duplicate IP address.
This procedure ensures that two
devices are not using the same IP
address.
"Checking for Duplicate IP Addresses" on
page 17-10
See if you can ping the IP address.
If you can ping the address, but
cannot Telnet to it, you probably
have a firewall problem. See the
Firewall documentation for more
information.
"Pinging an IP Address" on page 17-11
Verify the network cabling.
"Verifying the Network Cabling" on page 1712
If you cannot resolve the problem,
contact Digi.
"Digi Contact Information" on page 17-16
PortServer TS 8/16 Troubleshooting
17-3
Symptom: Trouble Accessing a Port
Introduction
Use this procedure if you are having trouble accessing a PortServer TS 8/16 port. The specific
problem might be that you cannot logon from a terminal or the printer or modem is not working
properly.
Assumptions
This discussion assumes the following:
• That the PortServer TS 8/16 itself is working, that is, that it completes the boot cycle. If it is not,
see "Symptom: PortServer TS 8/16 Does Not Boot" on page 17-2.
• That the network is working. This is only pertinent if all ports are not working and the malfunctioning ports are RealPort ports. The discussion in "Symptom: Cannot Telnet to the PortServer
TS 8/16" on page 17-3 goes through the steps of validating the network connection.
Procedures
Things to Try
See ...
If this is a RealPort port and all
ports are not working, ensure that
the RealPort process is running.
"Verifying the RealPort Process" on page 1713
Verify PortServer TS 8/16 port settings.
"Checking and Changing Port Configuration"
on page 17-15
Verify the cabling to the peripheral
See the Digi One/PortServer Cable Guide for
information.
Running PortServer TS 8/16 Hardware Diagnostics
Use this topic to run hardware diagnostic procedures to validate the PortServer TS 8/16.
1. Connect a terminal to a PortServer TS 8/16 port.
2. If the port is still using the default configuration, configure the terminal to use the following settings (Otherwise, configure the terminal to match the port configuration):
•
VT-100 emulation
•
9600 baud
•
8-bit characters
•
1 stop bit
•
No parity
3. Reboot the PortServer TS 8/16.
4. When the LED begins blinking continuously, press the x key.
5. When the Hardware Diagnostics Menu appears, select a test to perform.
17-4
Symptom: Trouble Accessing a Port
Running PortServer TS 8/16 POST
Use these topics to run PortServer TS 8/16 power on self test to validate the PortServer TS 8/16
hardware.
Procedure: Running the POST Using the LEDs
1. Power on the PortServer TS 8/16.
2. Use the following table to interpret the output from the LEDs.
If ...
Then...
The power LED blinks immediately
after POST
A DHCP error has occurred and the
PortServer TS 8/16 was not assigned an
IP address.
Any of the other four LEDs blink
immediately after POST,
A hardware component failed.
Procedure: Running the POST from a Terminal
1. Connect a terminal to the first serial port on the PortServer 8/16.
2. If the port configuration was changed, configure the terminal to match the port settings. If the
port is still using the default configuration, configure the terminal to use the following settings:
•
VT-100 emulation
•
9600 baud
•
8-bit characters
•
1 stop bit
•
No parity
3. Reboot the PortServer TS 8/16 and press v when the LEDs begin to blink.
POST output appears on the terminal screen.
PortServer TS 8/16 Troubleshooting
17-5
Verifying TFTP on a UNIX System
Use this procedure to verify that TFTP is working correctly on your UNIX host.
Note:
This procedure, which uses a TFTP transfer of the Digi Device's boot image between
two UNIX hosts, enables you to compare the size of the boot image before and after it
is transferred, enabling you to determine if TFTP is working properly.
Procedure
1. Access a root prompt on the UNIX host.
2. Make sure that you are not in the /tftpboot directory.
3. Enter this command:
tftp ipaddress
where ipaddress is the IP address of the UNIX host.
A TFTP prompt appears.
4. At the prompt, enter the following command:
binary
5. Enter this command at the TFTP prompt:
tftp > get tftp_file_name
where tftp_file_name is the name of the Digi Device's boot image in the /tftpboot directory.
6. Enter this command at the TFTP prompt to exit TFTP:
tftp quit
7. Compare the size of the original file against the transferred file using this command:
ls -l tftp_file_name /tftpboot/tftp_file_name
If the file sizes match, TFTP is working properly.
Troubleshooting TFTP Problems
Here are some things to check if you encounter TFTP problems.
• Verify that the /tftpboot directory exists and has read, write and execute (777) permissions with
this command:
ls -l /tftpboot
If necessary, use this command to create the directory:
•
•
mkdir /tftpboot
If necessary, use this command to change permissions of the directory to read, write and execute:
chmod 777 /tftpboot
Verify that the file /tftpboot/ftp_file_name exists and has read and execute permissions with this
command:
ls -l /tftpboot/ftp_file_name
where ftp_file_name is the name of the firmware boot image specified by the Digi Device.
If necessary, use this command to change permissions of the file to read and execute:
•
chmod 666 /tftpboot/ftp_file_name
Verify that the inetd.conf file is properly configured for tftp by displaying the file /etc/inetd.conf.
An entry similar to this should be uncommented:
tftp dgram udp something
where something will vary with each operating system.
17-6
Verifying TFTP on a UNIX System
•
For controlled TFTP access, make sure that the file /etc/tftpaccess.ctl exists and verify that it
only allows access to public directories. If this file is not present, tftp will allow full access. A
sample file is located in the directory /usr/lpp/tcpip/samples.
Restart the inetd process with these two commands:
ps -ef | grep inetd
This will report back the inetd process number.
Kill -1 inetd_PID
Where inetd_PID is the process number for the inetd process reported by the previous command.
Resetting PortServer TS 8/16 Configuration to Defaults
Use this topic to reset the PortServer TS 8/16 configuration to defaults.
Note:
This procedure causes the PortServer TS 8/16 to lose all configuration changes. If you
have a complex configuration, see the cpconf command in the Digi One/PortServer TS
Command Reference for information on backing up your configuration.
Command Line Procedure
1. Log on to the PortServer TS 8/16 as root.
2. Issue the following command:
boot action=factory
Front Panel Procedure
1. Power on the PortServer TS 8/16
2. While the PortServer TS 8/16 is still booting, press and hold (for about 10 seconds) the white
button on the front panel.
PortServer TS 8/16 Troubleshooting
17-7
Verifying the PortServer TS 8/16 IP Address
Use this procedure to check the IP address on the PortServer TS 8/16.
1. Connect a terminal to a PortServer TS 8/16 port.
2. If the port is still using the default configuration, configure the terminal to use the following settings (Otherwise, configure the terminal to match the port configuration):
•
VT-100 emulation
•
9600 baud
•
8-bit characters
•
1 stop bit
•
No parity
3. Press Enter to get a logon prompt from the PortServer TS 8/16.
4. Log on to the PortServer TS 8/16.
5. Use the set config command to verify the PortServer TS 8/16 IP address.
17-8
Verifying the PortServer TS 8/16 IP Address
PortServer TS 8/16 Troubleshooting
17-9
Checking for Duplicate IP Addresses
Use this procedure to ensure that the PortServer TS 8/16 and another device are not using the same
IP address.
Procedure
1. From another system on the network, use the ping command to determine if the IP address is in
use. The following is the command syntax:
ping ip-address
2. Do one of the following:
•
If there is no response to the ping, exit this procedure and return to the symptoms section of
this section. Two devices using the same IP address is probably not a problem.
•
If there is a response, continue with this procedure.
3. Turn the PortServer TS 8/16 off and then ping again.
4. Do one of the following:
17-10
•
If there is a response to the ping, there is another device using that IP address, so assign one
of the devices a new IP address.
•
If there is no response, turn the PortServer TS 8/16. Another device is not using the IP
address assigned PortServer TS 8/16.
Checking for Duplicate IP Addresses
Pinging an IP Address
Use this procedure to deterrmine if a system can be reached from across a network.
Procedure
Attempt to ping the PortServer TS 8/16 from another system on the network. Here is the format of
the command:
ping ip-address
PortServer TS 8/16 Troubleshooting
17-11
Verifying the Network Cabling
Use this procedure to troubleshoot network cabling problems.
1. Check the Ethernet cable. Verify the following:
•
The Ethernet cable is connected securely at both ends.
•
The Ethernet cable is pinned correctly.
•
The quality of the cable is sufficient for the cable length and the cable environment. Common Category 5 Unshielded Twisted Pair cabling can generally be run 300 meters at a speed
of 10 Mbps and 150 meters at higher speeds. Consult an Ethernet cable manufacturer for a
recommended cable for your configuration.
2. Verify your Ethernet hub. See your Ethernet hub manual.
17-12
Verifying the Network Cabling
Verifying the RealPort Process
Use one of these procedures to verify the RealPort process:
AIX: Verifying the RealPort Process
Use this topic to verify that the RealPort daemon (process) is running on the AIX system.
1. Type the following:
lsdev -Cc nts
2. If the sa devices are not in an available state, type the following from the AIX prompt:
mkdev -1 sa#
cfgmgr
where # is the number of the Digi Device.
HP-UX: Verifying the RealPort Process
1. Verify that RealPort is running on the HP-UX operating system by entering:
ps ef| grep drp
If you see an entry for each Digi Device similar to the following, the RealPort process is running.
root 2254 1 0 Dec 13 ? 0:03/sbin/drpd 1 199.86.0.1 root 2049 1 0
Dec 13 ? 0:01/sbin/drpd 1 199.86.5.1
2. If the daemon is not running, enter this command at a root prompt:
/usr/sbin/drpadmin
3. Answer the prompts as appropriate.
Linux: Verifying the RealPort Process
The RealPort daemon (process) controls communication between the RealPort driver module and
your Digi Devices across the network. One daemon must remain in the background for each Digi
Device, maintaining the communication link. You should not need to start the daemon by hand. The
dgrp_cfg_node program does this automatically.
However, to determine whether any RealPort daemons are currently running on your system, as well
as to determine which Digi Device each daemon is communicating with, you can execute the
following command:
ps ax | grep drpd
For more information about the RealPort daemon, see the drpd man page that is installed with the
driver package.
SCO: Verifying the RealPort Daemon
Use this topic to verify that the RealPort daemon is running on a SCO Unix or SCO OpenServer
operating system.
1. At the root prompt, enter the following command:
ps ef| grep ncxd
If the RealPort Daemon is running, you should see an entry for each Digi Device similar to the
following?
root 2254 1 0 Dec 13 ? 0:03/etc/nexd -d /dev/cts0 -n
root 2049 1 0 Dec 13 ? 0:01/etc/nexd -d /dev/cts0 -n
2. If you do not see this information, restart the daemon by doing the following:
a. Modify the /etc/rc2.d/S86ncxa file with the appropriate IP addresses.
b. Reboot the server.
PortServer TS 8/16 Troubleshooting
17-13
Solaris: Verifying the RealPort Process
Use this topic for information on verifying that the RealPort process is running on a Solaris system.
1. Type the following command:
ps -ef|grep ncxd
2. If the information that appears is not correct, do the following:
a. Modify the /etc/rc2.d/S26realport file with the appropriate IP addresses.
b. Reboot the UNIX server.
Windows NT: Verifying the RealPort Service
Use this procedure to verify the RealPort service on Microsoft Windows NT.
1. From the Start menu, choose Settings > Control Panel > Devices > Digi RealPort.
2. If the RealPort service has not been started, choose Start.
Windows 2000: Verifying the RealPort Service
Use this procedure to verify the RealPort service (process) on Microsoft Windows 2000.
1. Right-click on My Computer, choose Properties > Hardware tab > Device Manager.
2. Expand the Multi-port Serial Adapters list if necessary and select Digi PortServer.
3. If the RealPort Service (process) is not enabled, right-click and choose Enable.
17-14
Verifying the RealPort Process
Checking and Changing Port Configuration
Use this topic to ensure that PortServer TS 8/16 serial port configuration is correct. You can display
and change port configuration from either the command line or the web interface. This topic
addresses the command line only. For information regarding the web interface, access the port from
the web interface and then use the online help.
RealPort
• Specify set ports dev=rp to define a device type.
• Configure serial line attributes on the RealPort host.
• Configure flow control on the RealPort host.
Printer
• For most printers, specify set ports dev=prn.
• Use the set line command to configure serial line attributes that are consistent with peripheral
requirements.
• Use the set flow command to configure flow control attributes that are consistent with peripheral
requirements.
Incoming Modem
• For most incoming modem connections, specify set ports dev=min
• Use the set line command to configure serial line attributes that are consistent with peripheral
requirements.
• Use the set flow command to configure flow control attributes that are consistent with peripheral
requirements.
Outgoing Modem
• For most outgoing modem connections, specify set ports dev=mout.
• Use the set line command to configure serial line attributes that are consistent with peripheral
requirements.
• Use the set flow command to configure flow control attributes that are consistent with peripheral
requirements.
Two-way Modem
• For both incoming and outgoing modem connections, specify set ports dev=mio.
• Use the set line command to configure serial line attributes that are consistent with peripheral
requirements.
• Use the set flow command to configure flow control attributes that are consistent with peripheral
requirements.
Terminal
• For most terminal connections, specify set ports dev=term. Also, if you have configured
the port for autoconnection, ensure that the destination IP address and TCP port (dport) are correct.
• Use the set line command to configure serial line attributes that are consistent with peripheral
requirements.
• Use the set flow command to configure flow control attributes that are consistent with peripheral
requirements.
PortServer TS 8/16 Troubleshooting
17-15
Digi Contact Information
Digi International
11001 Bren Road East
Minnetonka, MN 55343
U.S.A
Customer Service and Support
17-16
World Wide Web:
http://support.digi.com
email
support@digi.com
Telephone (U.S.)
1-800-344-4273
Telephone (other locations
(+011) 952-912-3444
Digi Contact Information